From 209889b9d264aa326d80ff5b3f2740df3f38dbaa Mon Sep 17 00:00:00 2001 From: Davide De Rosa Date: Thu, 30 Aug 2018 11:05:34 +0200 Subject: [PATCH] Make compression framing an enum option - Disabled: no framing (default) - CompLZO: NO_COMPRESS - Compress: NO_COMPRESS_SWAP --- Demo/BasicTunnel-iOS/ViewController.swift | 2 +- Demo/BasicTunnel-macOS/ViewController.swift | 2 +- TunnelKit.xcodeproj/project.pbxproj | 4 ++ .../TunnelKitProvider+Configuration.swift | 32 ++++++------ .../AppExtension/TunnelKitProvider.swift | 2 +- TunnelKit/Sources/Core/CompressionFraming.h | 35 +++++++++++++ TunnelKit/Sources/Core/CryptoAEAD.h | 2 +- TunnelKit/Sources/Core/CryptoAEAD.m | 51 ++++++++++++++---- TunnelKit/Sources/Core/CryptoCBC.h | 2 +- TunnelKit/Sources/Core/CryptoCBC.m | 52 ++++++++++++++----- TunnelKit/Sources/Core/DataPath.h | 2 +- TunnelKit/Sources/Core/DataPath.m | 10 ++-- TunnelKit/Sources/Core/DataPathEncryption.h | 6 +-- TunnelKit/Sources/Core/PacketMacros.h | 1 - TunnelKit/Sources/Core/PacketMacros.m | 1 - .../Core/SessionProxy+Configuration.swift | 16 +++--- .../Core/SessionProxy+SessionKey.swift | 4 +- TunnelKit/Sources/Core/SessionProxy.swift | 2 +- TunnelKit/Sources/Core/module.modulemap | 1 + 19 files changed, 162 insertions(+), 65 deletions(-) create mode 100644 TunnelKit/Sources/Core/CompressionFraming.h diff --git a/Demo/BasicTunnel-iOS/ViewController.swift b/Demo/BasicTunnel-iOS/ViewController.swift index c0b9ebd..bd412b2 100644 --- a/Demo/BasicTunnel-iOS/ViewController.swift +++ b/Demo/BasicTunnel-iOS/ViewController.swift @@ -36,7 +36,7 @@ extension ViewController { builder.cipher = .aes128cbc builder.digest = .sha1 builder.mtu = 1350 - builder.LZOFraming = true + builder.compressionFraming = .compLZO builder.renegotiatesAfterSeconds = nil builder.shouldDebug = true builder.debugLogKey = "Log" diff --git a/Demo/BasicTunnel-macOS/ViewController.swift b/Demo/BasicTunnel-macOS/ViewController.swift index 7f911bd..c8b6670 100644 --- a/Demo/BasicTunnel-macOS/ViewController.swift +++ b/Demo/BasicTunnel-macOS/ViewController.swift @@ -37,7 +37,7 @@ extension ViewController { builder.cipher = .aes128cbc builder.digest = .sha1 builder.mtu = 1350 - builder.LZOFraming = true + builder.compressionFraming = .compLZO builder.renegotiatesAfterSeconds = nil builder.shouldDebug = true builder.debugLogKey = "Log" diff --git a/TunnelKit.xcodeproj/project.pbxproj b/TunnelKit.xcodeproj/project.pbxproj index e4b9307..cd0704f 100644 --- a/TunnelKit.xcodeproj/project.pbxproj +++ b/TunnelKit.xcodeproj/project.pbxproj @@ -29,6 +29,7 @@ 0E1108B11F77B9F900A92462 /* Main.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = 0E1108AF1F77B9F900A92462 /* Main.storyboard */; }; 0E1108B31F77B9F900A92462 /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 0E1108B21F77B9F900A92462 /* Assets.xcassets */; }; 0E1108B61F77B9F900A92462 /* LaunchScreen.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = 0E1108B41F77B9F900A92462 /* LaunchScreen.storyboard */; }; + 0E245D6C2137F73600B012A2 /* CompressionFraming.h in Headers */ = {isa = PBXBuildFile; fileRef = 0E245D6B2137F73600B012A2 /* CompressionFraming.h */; }; 0E3E0F212108A8CC00B371C1 /* SessionProxy+PushReply.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0E3E0F202108A8CC00B371C1 /* SessionProxy+PushReply.swift */; }; 0E3E0F222108A8CC00B371C1 /* SessionProxy+PushReply.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0E3E0F202108A8CC00B371C1 /* SessionProxy+PushReply.swift */; }; 0E85A25A202CC5AF0059E9F9 /* AppExtensionTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0E85A259202CC5AE0059E9F9 /* AppExtensionTests.swift */; }; @@ -184,6 +185,7 @@ 0E1108B51F77B9F900A92462 /* Base */ = {isa = PBXFileReference; lastKnownFileType = file.storyboard; name = Base; path = Base.lproj/LaunchScreen.storyboard; sourceTree = ""; }; 0E1108B71F77B9F900A92462 /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; 0E17D7F91F730D9F009EE129 /* TunnelKit.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = TunnelKit.framework; sourceTree = BUILT_PRODUCTS_DIR; }; + 0E245D6B2137F73600B012A2 /* CompressionFraming.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CompressionFraming.h; sourceTree = ""; }; 0E3251C51F95770D00C108D9 /* TunnelKit.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = TunnelKit.framework; sourceTree = BUILT_PRODUCTS_DIR; }; 0E3E0F202108A8CC00B371C1 /* SessionProxy+PushReply.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SessionProxy+PushReply.swift"; sourceTree = ""; }; 0E6479DD212EAC96008E6888 /* Info.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; @@ -403,6 +405,7 @@ children = ( 0EFEB42E2006D3C800F81029 /* Allocation.h */, 0EFEB4462006D3C800F81029 /* Allocation.m */, + 0E245D6B2137F73600B012A2 /* CompressionFraming.h */, 0EFEB44A2006D3C800F81029 /* CoreConfiguration.swift */, 0E07597C20F0060E00F38FD8 /* CryptoAEAD.h */, 0E07597D20F0060E00F38FD8 /* CryptoAEAD.m */, @@ -505,6 +508,7 @@ 0EFEB46B2006D3C800F81029 /* CryptoBox.h in Headers */, 0EFEB4592006D3C800F81029 /* Allocation.h in Headers */, 0EFEB4582006D3C800F81029 /* MSS.h in Headers */, + 0E245D6C2137F73600B012A2 /* CompressionFraming.h in Headers */, 0EFEB4602006D3C800F81029 /* DataPath.h in Headers */, 0E07597E20F0060E00F38FD8 /* CryptoAEAD.h in Headers */, 0EFEB46C2006D3C800F81029 /* ZeroingData.h in Headers */, diff --git a/TunnelKit/Sources/AppExtension/TunnelKitProvider+Configuration.swift b/TunnelKit/Sources/AppExtension/TunnelKitProvider+Configuration.swift index 454ab8a..98656eb 100644 --- a/TunnelKit/Sources/AppExtension/TunnelKitProvider+Configuration.swift +++ b/TunnelKit/Sources/AppExtension/TunnelKitProvider+Configuration.swift @@ -38,6 +38,7 @@ import Foundation import NetworkExtension import SwiftyBeaver +import __TunnelKitNative private let log = SwiftyBeaver.self @@ -163,9 +164,8 @@ extension TunnelKitProvider { /// The MTU of the link. public var mtu: Int - /// Enables LZO framing (deprecated). -// @available(*, deprecated) - public var LZOFraming: Bool + /// Sets compression framing, disabled by default. + public var compressionFraming: CompressionFraming /// The number of seconds after which a renegotiation is started. Set to `nil` to disable renegotiation (default). public var renegotiatesAfterSeconds: Int? @@ -197,7 +197,7 @@ extension TunnelKitProvider { digest = .sha1 ca = nil mtu = 1500 - LZOFraming = false + compressionFraming = .disabled renegotiatesAfterSeconds = nil shouldDebug = false debugLogKey = nil @@ -265,7 +265,11 @@ extension TunnelKitProvider { self.clientCertificate = clientCertificate self.clientKey = clientKey mtu = providerConfiguration[S.mtu] as? Int ?? 1250 - LZOFraming = providerConfiguration[S.LZOFraming] as? Bool ?? false + if let compressionFramingValue = providerConfiguration[S.compressionFraming] as? Int, let compressionFraming = CompressionFraming(rawValue: compressionFramingValue) { + self.compressionFraming = compressionFraming + } else { + compressionFraming = .disabled + } renegotiatesAfterSeconds = providerConfiguration[S.renegotiatesAfter] as? Int shouldDebug = providerConfiguration[S.debug] as? Bool ?? false @@ -301,7 +305,7 @@ extension TunnelKitProvider { clientCertificate: clientCertificate, clientKey: clientKey, mtu: mtu, - LZOFraming: LZOFraming, + compressionFraming: compressionFraming, renegotiatesAfterSeconds: renegotiatesAfterSeconds, shouldDebug: shouldDebug, debugLogKey: shouldDebug ? debugLogKey : nil, @@ -333,7 +337,7 @@ extension TunnelKitProvider { static let mtu = "MTU" - static let LZOFraming = "LZOFraming" + static let compressionFraming = "CompressionFraming" static let renegotiatesAfter = "RenegotiatesAfter" @@ -374,8 +378,8 @@ extension TunnelKitProvider { /// - Seealso: `TunnelKitProvider.ConfigurationBuilder.mtu` public let mtu: Int - /// - Seealso: `TunnelKitProvider.ConfigurationBuilder.LZOFraming` - public let LZOFraming: Bool + /// - Seealso: `TunnelKitProvider.ConfigurationBuilder.compressionFraming` + public let compressionFraming: CompressionFraming /// - Seealso: `TunnelKitProvider.ConfigurationBuilder.renegotiatesAfterSeconds` public let renegotiatesAfterSeconds: Int? @@ -447,9 +451,7 @@ extension TunnelKitProvider { if let resolvedAddresses = resolvedAddresses { dict[S.resolvedAddresses] = resolvedAddresses } - if LZOFraming { - dict[S.LZOFraming] = LZOFraming - } + dict[S.compressionFraming] = compressionFraming.rawValue if let renegotiatesAfterSeconds = renegotiatesAfterSeconds { dict[S.renegotiatesAfter] = renegotiatesAfterSeconds } @@ -509,7 +511,7 @@ extension TunnelKitProvider { log.info("Client verification: disabled") } log.info("MTU: \(mtu)") - log.info("LZO framing: \(LZOFraming ? "enabled" : "disabled")") + log.info("Compression framing: \(compressionFraming)") if let renegotiatesAfterSeconds = renegotiatesAfterSeconds { log.info("Renegotiation: \(renegotiatesAfterSeconds) seconds") } else { @@ -538,7 +540,7 @@ extension TunnelKitProvider.Configuration: Equatable { builder.clientCertificate = clientCertificate builder.clientKey = clientKey builder.mtu = mtu - builder.LZOFraming = LZOFraming + builder.compressionFraming = compressionFraming builder.renegotiatesAfterSeconds = renegotiatesAfterSeconds builder.shouldDebug = shouldDebug builder.debugLogKey = debugLogKey @@ -555,7 +557,7 @@ extension TunnelKitProvider.Configuration: Equatable { (lhs.clientCertificate == rhs.clientCertificate) && (lhs.clientKey == rhs.clientKey) && (lhs.mtu == rhs.mtu) && - (lhs.LZOFraming == rhs.LZOFraming) && + (lhs.compressionFraming == rhs.compressionFraming) && (lhs.renegotiatesAfterSeconds == rhs.renegotiatesAfterSeconds) ) } diff --git a/TunnelKit/Sources/AppExtension/TunnelKitProvider.swift b/TunnelKit/Sources/AppExtension/TunnelKitProvider.swift index 96c1fa6..d436203 100644 --- a/TunnelKit/Sources/AppExtension/TunnelKitProvider.swift +++ b/TunnelKit/Sources/AppExtension/TunnelKitProvider.swift @@ -215,7 +215,7 @@ open class TunnelKitProvider: NEPacketTunnelProvider { sessionConfiguration.caPath = caPath sessionConfiguration.clientCertificatePath = clientCertificatePath sessionConfiguration.clientKeyPath = clientKeyPath - sessionConfiguration.LZOFraming = cfg.LZOFraming + sessionConfiguration.compressionFraming = cfg.compressionFraming if let renegotiatesAfterSeconds = cfg.renegotiatesAfterSeconds { sessionConfiguration.renegotiatesAfter = Double(renegotiatesAfterSeconds) } diff --git a/TunnelKit/Sources/Core/CompressionFraming.h b/TunnelKit/Sources/Core/CompressionFraming.h new file mode 100644 index 0000000..58a1435 --- /dev/null +++ b/TunnelKit/Sources/Core/CompressionFraming.h @@ -0,0 +1,35 @@ +// +// CompressionFraming.h +// TunnelKit +// +// Created by Davide De Rosa on 8/30/18. +// Copyright (c) 2018 Davide De Rosa. All rights reserved. +// +// https://github.com/keeshux +// +// This file is part of TunnelKit. +// +// TunnelKit is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// TunnelKit is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with TunnelKit. If not, see . +// + +#import + +typedef NS_ENUM(NSInteger, CompressionFraming) { + CompressionFramingDisabled, + CompressionFramingCompress, + CompressionFramingCompLZO __attribute__((deprecated)) +}; + +#define CompressionFramingNoCompress 0xfa +#define CompressionFramingNoCompressSwap 0xfb diff --git a/TunnelKit/Sources/Core/CryptoAEAD.h b/TunnelKit/Sources/Core/CryptoAEAD.h index 4633891..544ecee 100644 --- a/TunnelKit/Sources/Core/CryptoAEAD.h +++ b/TunnelKit/Sources/Core/CryptoAEAD.h @@ -52,7 +52,7 @@ NS_ASSUME_NONNULL_BEGIN @interface DataPathCryptoAEAD : NSObject @property (nonatomic, assign) uint32_t peerId; -@property (nonatomic, assign) BOOL LZOFraming;// DEPRECATED_ATTRIBUTE; +@property (nonatomic, assign) CompressionFraming compressionFraming; - (instancetype)initWithCrypto:(nonnull CryptoAEAD *)crypto; diff --git a/TunnelKit/Sources/Core/CryptoAEAD.m b/TunnelKit/Sources/Core/CryptoAEAD.m index 5bd715a..44c8157 100644 --- a/TunnelKit/Sources/Core/CryptoAEAD.m +++ b/TunnelKit/Sources/Core/CryptoAEAD.m @@ -292,12 +292,30 @@ const NSInteger CryptoAEADTagLength = 16; - (void)assembleDataPacketWithPacketId:(uint32_t)packetId payload:(NSData *)payload into:(uint8_t *)dest length:(NSInteger *)length { uint8_t *ptr = dest; - if (self.LZOFraming) { - *ptr = DataPacketLZONoCompress; - ptr += sizeof(uint8_t); - } memcpy(ptr, payload.bytes, payload.length); *length = (int)(ptr - dest + payload.length); + + switch (self.compressionFraming) { + case CompressionFramingDisabled: + memcpy(ptr, payload.bytes, payload.length); + break; + + case CompressionFramingCompress: + memcpy(ptr, payload.bytes, payload.length); + ptr[payload.length] = *ptr; + *ptr = CompressionFramingNoCompressSwap; + *length += sizeof(uint8_t); + break; + + case CompressionFramingCompLZO: + memcpy(ptr + sizeof(uint8_t), payload.bytes, payload.length); + *ptr = CompressionFramingNoCompress; + *length += sizeof(uint8_t); + break; + + default: + break; + } } - (NSData *)encryptedDataPacketWithKey:(uint8_t)key packetId:(uint32_t)packetId payload:(const uint8_t *)payload payloadLength:(NSInteger)payloadLength error:(NSError *__autoreleasing *)error @@ -361,15 +379,26 @@ const NSInteger CryptoAEADTagLength = 16; return YES; } -- (const uint8_t *)parsePayloadWithDataPacket:(const uint8_t *)packet packetLength:(NSInteger)packetLength length:(NSInteger *)length +- (const uint8_t *)parsePayloadWithDataPacket:(uint8_t *)packet packetLength:(NSInteger)packetLength length:(NSInteger *)length { - const uint8_t *ptr = packet; - if (self.LZOFraming) { - NSAssert(*ptr == DataPacketLZONoCompress, @"Expected LZO NO_COMPRESS"); -// *compression = *ptr; - ptr += sizeof(uint8_t); // compression byte - } + uint8_t *ptr = packet; *length = packetLength - (int)(ptr - packet); + if (self.compressionFraming != CompressionFramingDisabled) { + switch (*ptr) { + case CompressionFramingNoCompress: + ptr += sizeof(uint8_t); + break; + + case CompressionFramingNoCompressSwap: + *ptr = packet[packetLength - 1]; + break; + + default: + NSAssert(NO, @"Compression not supported (found %X)", *ptr); + break; + } + *length -= sizeof(uint8_t); + } return ptr; } diff --git a/TunnelKit/Sources/Core/CryptoCBC.h b/TunnelKit/Sources/Core/CryptoCBC.h index 564bec7..ea6fafa 100644 --- a/TunnelKit/Sources/Core/CryptoCBC.h +++ b/TunnelKit/Sources/Core/CryptoCBC.h @@ -51,7 +51,7 @@ NS_ASSUME_NONNULL_BEGIN @interface DataPathCryptoCBC : NSObject @property (nonatomic, assign) uint32_t peerId; -@property (nonatomic, assign) BOOL LZOFraming;// DEPRECATED_ATTRIBUTE; +@property (nonatomic, assign) CompressionFraming compressionFraming; - (instancetype)initWithCrypto:(nonnull CryptoCBC *)crypto; diff --git a/TunnelKit/Sources/Core/CryptoCBC.m b/TunnelKit/Sources/Core/CryptoCBC.m index bed0be1..921bffe 100644 --- a/TunnelKit/Sources/Core/CryptoCBC.m +++ b/TunnelKit/Sources/Core/CryptoCBC.m @@ -292,12 +292,29 @@ const NSInteger CryptoCBCMaxHMACLength = 100; uint8_t *ptr = dest; *(uint32_t *)ptr = htonl(packetId); ptr += sizeof(uint32_t); - if (self.LZOFraming) { - *ptr = DataPacketLZONoCompress; - ptr += sizeof(uint8_t); - } - memcpy(ptr, payload.bytes, payload.length); *length = (int)(ptr - dest + payload.length); + + switch (self.compressionFraming) { + case CompressionFramingDisabled: + memcpy(ptr, payload.bytes, payload.length); + break; + + case CompressionFramingCompress: + memcpy(ptr, payload.bytes, payload.length); + ptr[payload.length] = *ptr; + *ptr = CompressionFramingNoCompressSwap; + *length += sizeof(uint8_t); + break; + + case CompressionFramingCompLZO: + memcpy(ptr + sizeof(uint8_t), payload.bytes, payload.length); + *ptr = CompressionFramingNoCompress; + *length += sizeof(uint8_t); + break; + + default: + break; + } } - (NSData *)encryptedDataPacketWithKey:(uint8_t)key packetId:(uint32_t)packetId payload:(const uint8_t *)payload payloadLength:(NSInteger)payloadLength error:(NSError *__autoreleasing *)error @@ -348,16 +365,27 @@ const NSInteger CryptoCBCMaxHMACLength = 100; return YES; } -- (const uint8_t *)parsePayloadWithDataPacket:(const uint8_t *)packet packetLength:(NSInteger)packetLength length:(NSInteger *)length +- (const uint8_t *)parsePayloadWithDataPacket:(uint8_t *)packet packetLength:(NSInteger)packetLength length:(NSInteger *)length { - const uint8_t *ptr = packet; + uint8_t *ptr = packet; ptr += sizeof(uint32_t); // packet id - if (self.LZOFraming) { - NSAssert(*ptr == DataPacketLZONoCompress, @"Expected LZO NO_COMPRESS"); -// *compression = *ptr; - ptr += sizeof(uint8_t); // compression byte - } *length = packetLength - (int)(ptr - packet); + if (self.compressionFraming != CompressionFramingDisabled) { + switch (*ptr) { + case CompressionFramingNoCompress: + ptr += sizeof(uint8_t); + break; + + case CompressionFramingNoCompressSwap: + *ptr = packet[packetLength - 1]; + break; + + default: + NSAssert(NO, @"Compression not supported (found %X)", *ptr); + break; + } + *length -= sizeof(uint8_t); + } return ptr; } diff --git a/TunnelKit/Sources/Core/DataPath.h b/TunnelKit/Sources/Core/DataPath.h index 0875252..640f4da 100644 --- a/TunnelKit/Sources/Core/DataPath.h +++ b/TunnelKit/Sources/Core/DataPath.h @@ -51,7 +51,7 @@ usesReplayProtection:(BOOL)usesReplayProtection; - (void)setPeerId:(uint32_t)peerId; // 24-bit, discard most significant byte -- (void)setLZOFraming:(BOOL)LZOFraming;// DEPRECATED_ATTRIBUTE; +- (void)setCompressionFraming:(CompressionFraming)compressionFraming; - (NSArray *)encryptPackets:(nonnull NSArray *)packets key:(uint8_t)key error:(NSError **)error; - (NSArray *)decryptPackets:(nonnull NSArray *)packets keepAlive:(nullable bool *)keepAlive error:(NSError **)error; diff --git a/TunnelKit/Sources/Core/DataPath.m b/TunnelKit/Sources/Core/DataPath.m index 9298be8..5025532 100644 --- a/TunnelKit/Sources/Core/DataPath.m +++ b/TunnelKit/Sources/Core/DataPath.m @@ -160,13 +160,13 @@ self.decrypter.peerId = peerId; } -- (void)setLZOFraming:(BOOL)LZOFraming +- (void)setCompressionFraming:(CompressionFraming)compressionFraming { - NSAssert(self.encrypter, @"Setting LZOFraming to nil encrypter"); - NSAssert(self.decrypter, @"Setting LZOFraming to nil decrypter"); + NSAssert(self.encrypter, @"Setting compressionFraming to nil encrypter"); + NSAssert(self.decrypter, @"Setting compressionFraming to nil decrypter"); - self.encrypter.LZOFraming = LZOFraming; - self.decrypter.LZOFraming = LZOFraming; + self.encrypter.compressionFraming = compressionFraming; + self.decrypter.compressionFraming = compressionFraming; } #pragma mark DataPath diff --git a/TunnelKit/Sources/Core/DataPathEncryption.h b/TunnelKit/Sources/Core/DataPathEncryption.h index 13c6211..5ce24c4 100644 --- a/TunnelKit/Sources/Core/DataPathEncryption.h +++ b/TunnelKit/Sources/Core/DataPathEncryption.h @@ -41,8 +41,8 @@ - (int)overheadLength; - (uint32_t)peerId; - (void)setPeerId:(uint32_t)peerId; -- (BOOL)LZOFraming;// DEPRECATED_ATTRIBUTE; -- (void)setLZOFraming:(BOOL)LZOFraming;// DEPRECATED_ATTRIBUTE; +- (CompressionFraming)compressionFraming; +- (void)setCompressionFraming:(CompressionFraming)compressionFraming; @end @@ -56,6 +56,6 @@ @protocol DataPathDecrypter - (BOOL)decryptDataPacket:(nonnull NSData *)packet into:(nonnull uint8_t *)dest length:(nonnull NSInteger *)length packetId:(nonnull uint32_t *)packetId error:(NSError **)error; -- (nonnull const uint8_t *)parsePayloadWithDataPacket:(nonnull const uint8_t *)packet packetLength:(NSInteger)packetLength length:(nonnull NSInteger *)length; +- (nonnull const uint8_t *)parsePayloadWithDataPacket:(nonnull uint8_t *)packet packetLength:(NSInteger)packetLength length:(nonnull NSInteger *)length; @end diff --git a/TunnelKit/Sources/Core/PacketMacros.h b/TunnelKit/Sources/Core/PacketMacros.h index 2ab90a1..b50f0f6 100644 --- a/TunnelKit/Sources/Core/PacketMacros.h +++ b/TunnelKit/Sources/Core/PacketMacros.h @@ -51,7 +51,6 @@ typedef NS_ENUM(uint8_t, PacketCode) { PacketCodeUnknown = 0xff }; -extern const uint8_t DataPacketLZONoCompress; extern const uint8_t DataPacketPingData[16]; static inline int PacketHeaderSet(uint8_t *_Nonnull to, PacketCode code, uint8_t key) diff --git a/TunnelKit/Sources/Core/PacketMacros.m b/TunnelKit/Sources/Core/PacketMacros.m index 464becc..6438938 100644 --- a/TunnelKit/Sources/Core/PacketMacros.m +++ b/TunnelKit/Sources/Core/PacketMacros.m @@ -37,5 +37,4 @@ #import "PacketMacros.h" -const uint8_t DataPacketLZONoCompress = 0xfa; const uint8_t DataPacketPingData[] = { 0x2a, 0x18, 0x7b, 0xf3, 0x64, 0x1e, 0xb4, 0xcb, 0x07, 0xed, 0x2d, 0x0a, 0x98, 0x1f, 0xc7, 0x48 }; diff --git a/TunnelKit/Sources/Core/SessionProxy+Configuration.swift b/TunnelKit/Sources/Core/SessionProxy+Configuration.swift index 67d659f..ba50439 100644 --- a/TunnelKit/Sources/Core/SessionProxy+Configuration.swift +++ b/TunnelKit/Sources/Core/SessionProxy+Configuration.swift @@ -36,6 +36,7 @@ // import Foundation +import __TunnelKitNative extension SessionProxy { @@ -71,7 +72,7 @@ extension SessionProxy { /// The way to create a `SessionProxy.Configuration` object for a `SessionProxy`. public struct ConfigurationBuilder { - + /// An username. public let username: String @@ -87,9 +88,8 @@ extension SessionProxy { /// The path to the optional CA for TLS negotiation (PEM format). public var caPath: String? - /// Enables LZO compression framing (deprecated in OpenVPN 2.4). -// @available(*, deprecated) - public var LZOFraming: Bool + /// Sets compression framing, disabled by default. + public var compressionFraming: CompressionFraming /// The path to the optional client certificate for TLS negotiation (PEM format). public var clientCertificatePath: String? @@ -112,7 +112,7 @@ extension SessionProxy { caPath = nil clientCertificatePath = nil clientKeyPath = nil - LZOFraming = false + compressionFraming = .disabled keepAliveInterval = nil renegotiatesAfter = nil } @@ -131,7 +131,7 @@ extension SessionProxy { caPath: caPath, clientCertificatePath: clientCertificatePath, clientKeyPath: clientKeyPath, - LZOFraming: LZOFraming, + compressionFraming: compressionFraming, keepAliveInterval: keepAliveInterval, renegotiatesAfter: renegotiatesAfter ) @@ -162,8 +162,8 @@ extension SessionProxy { /// - Seealso: `SessionProxy.ConfigurationBuilder.clientKeyPath` public let clientKeyPath: String? - /// - Seealso: `SessionProxy.ConfigurationBuilder.LZOFraming` - public let LZOFraming: Bool + /// - Seealso: `SessionProxy.ConfigurationBuilder.compressionFraming` + public let compressionFraming: CompressionFraming /// - Seealso: `SessionProxy.ConfigurationBuilder.keepAliveInterval` public let keepAliveInterval: TimeInterval? diff --git a/TunnelKit/Sources/Core/SessionProxy+SessionKey.swift b/TunnelKit/Sources/Core/SessionProxy+SessionKey.swift index c566460..1921e56 100644 --- a/TunnelKit/Sources/Core/SessionProxy+SessionKey.swift +++ b/TunnelKit/Sources/Core/SessionProxy+SessionKey.swift @@ -109,9 +109,9 @@ extension SessionProxy { return isTLSConnected } - func startHandlingPackets(withPeerId peerId: UInt32? = nil, LZOFraming: Bool = false) { + func startHandlingPackets(withPeerId peerId: UInt32? = nil, compressionFraming: CompressionFraming = .disabled) { dataPath?.setPeerId(peerId ?? PacketPeerIdDisabled) - dataPath?.setLZOFraming(LZOFraming) + dataPath?.setCompressionFraming(compressionFraming) canHandlePackets = true } diff --git a/TunnelKit/Sources/Core/SessionProxy.swift b/TunnelKit/Sources/Core/SessionProxy.swift index 9f1148b..fc05fcf 100644 --- a/TunnelKit/Sources/Core/SessionProxy.swift +++ b/TunnelKit/Sources/Core/SessionProxy.swift @@ -896,7 +896,7 @@ public class SessionProxy { authenticator = nil negotiationKey.startHandlingPackets( withPeerId: peerId, - LZOFraming: configuration.LZOFraming + compressionFraming: configuration.compressionFraming ) negotiationKey.controlState = .connected connectedDate = Date() diff --git a/TunnelKit/Sources/Core/module.modulemap b/TunnelKit/Sources/Core/module.modulemap index f42f2ca..266d81d 100644 --- a/TunnelKit/Sources/Core/module.modulemap +++ b/TunnelKit/Sources/Core/module.modulemap @@ -43,6 +43,7 @@ module __TunnelKitNative { header "MSS.h" header "PacketMacros.h" header "ReplayProtector.h" + header "CompressionFraming.h" header "DataPath.h" header "DataPathEncryption.h" export *