Make compression framing an enum option
- Disabled: no framing (default) - CompLZO: NO_COMPRESS - Compress: NO_COMPRESS_SWAP
This commit is contained in:
parent
b2d4530f19
commit
209889b9d2
|
@ -36,7 +36,7 @@ extension ViewController {
|
||||||
builder.cipher = .aes128cbc
|
builder.cipher = .aes128cbc
|
||||||
builder.digest = .sha1
|
builder.digest = .sha1
|
||||||
builder.mtu = 1350
|
builder.mtu = 1350
|
||||||
builder.LZOFraming = true
|
builder.compressionFraming = .compLZO
|
||||||
builder.renegotiatesAfterSeconds = nil
|
builder.renegotiatesAfterSeconds = nil
|
||||||
builder.shouldDebug = true
|
builder.shouldDebug = true
|
||||||
builder.debugLogKey = "Log"
|
builder.debugLogKey = "Log"
|
||||||
|
|
|
@ -37,7 +37,7 @@ extension ViewController {
|
||||||
builder.cipher = .aes128cbc
|
builder.cipher = .aes128cbc
|
||||||
builder.digest = .sha1
|
builder.digest = .sha1
|
||||||
builder.mtu = 1350
|
builder.mtu = 1350
|
||||||
builder.LZOFraming = true
|
builder.compressionFraming = .compLZO
|
||||||
builder.renegotiatesAfterSeconds = nil
|
builder.renegotiatesAfterSeconds = nil
|
||||||
builder.shouldDebug = true
|
builder.shouldDebug = true
|
||||||
builder.debugLogKey = "Log"
|
builder.debugLogKey = "Log"
|
||||||
|
|
|
@ -29,6 +29,7 @@
|
||||||
0E1108B11F77B9F900A92462 /* Main.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = 0E1108AF1F77B9F900A92462 /* Main.storyboard */; };
|
0E1108B11F77B9F900A92462 /* Main.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = 0E1108AF1F77B9F900A92462 /* Main.storyboard */; };
|
||||||
0E1108B31F77B9F900A92462 /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 0E1108B21F77B9F900A92462 /* Assets.xcassets */; };
|
0E1108B31F77B9F900A92462 /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 0E1108B21F77B9F900A92462 /* Assets.xcassets */; };
|
||||||
0E1108B61F77B9F900A92462 /* LaunchScreen.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = 0E1108B41F77B9F900A92462 /* LaunchScreen.storyboard */; };
|
0E1108B61F77B9F900A92462 /* LaunchScreen.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = 0E1108B41F77B9F900A92462 /* LaunchScreen.storyboard */; };
|
||||||
|
0E245D6C2137F73600B012A2 /* CompressionFraming.h in Headers */ = {isa = PBXBuildFile; fileRef = 0E245D6B2137F73600B012A2 /* CompressionFraming.h */; };
|
||||||
0E3E0F212108A8CC00B371C1 /* SessionProxy+PushReply.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0E3E0F202108A8CC00B371C1 /* SessionProxy+PushReply.swift */; };
|
0E3E0F212108A8CC00B371C1 /* SessionProxy+PushReply.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0E3E0F202108A8CC00B371C1 /* SessionProxy+PushReply.swift */; };
|
||||||
0E3E0F222108A8CC00B371C1 /* SessionProxy+PushReply.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0E3E0F202108A8CC00B371C1 /* SessionProxy+PushReply.swift */; };
|
0E3E0F222108A8CC00B371C1 /* SessionProxy+PushReply.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0E3E0F202108A8CC00B371C1 /* SessionProxy+PushReply.swift */; };
|
||||||
0E85A25A202CC5AF0059E9F9 /* AppExtensionTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0E85A259202CC5AE0059E9F9 /* AppExtensionTests.swift */; };
|
0E85A25A202CC5AF0059E9F9 /* AppExtensionTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0E85A259202CC5AE0059E9F9 /* AppExtensionTests.swift */; };
|
||||||
|
@ -184,6 +185,7 @@
|
||||||
0E1108B51F77B9F900A92462 /* Base */ = {isa = PBXFileReference; lastKnownFileType = file.storyboard; name = Base; path = Base.lproj/LaunchScreen.storyboard; sourceTree = "<group>"; };
|
0E1108B51F77B9F900A92462 /* Base */ = {isa = PBXFileReference; lastKnownFileType = file.storyboard; name = Base; path = Base.lproj/LaunchScreen.storyboard; sourceTree = "<group>"; };
|
||||||
0E1108B71F77B9F900A92462 /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = "<group>"; };
|
0E1108B71F77B9F900A92462 /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = "<group>"; };
|
||||||
0E17D7F91F730D9F009EE129 /* TunnelKit.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = TunnelKit.framework; sourceTree = BUILT_PRODUCTS_DIR; };
|
0E17D7F91F730D9F009EE129 /* TunnelKit.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = TunnelKit.framework; sourceTree = BUILT_PRODUCTS_DIR; };
|
||||||
|
0E245D6B2137F73600B012A2 /* CompressionFraming.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CompressionFraming.h; sourceTree = "<group>"; };
|
||||||
0E3251C51F95770D00C108D9 /* TunnelKit.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = TunnelKit.framework; sourceTree = BUILT_PRODUCTS_DIR; };
|
0E3251C51F95770D00C108D9 /* TunnelKit.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = TunnelKit.framework; sourceTree = BUILT_PRODUCTS_DIR; };
|
||||||
0E3E0F202108A8CC00B371C1 /* SessionProxy+PushReply.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SessionProxy+PushReply.swift"; sourceTree = "<group>"; };
|
0E3E0F202108A8CC00B371C1 /* SessionProxy+PushReply.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SessionProxy+PushReply.swift"; sourceTree = "<group>"; };
|
||||||
0E6479DD212EAC96008E6888 /* Info.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = "<group>"; };
|
0E6479DD212EAC96008E6888 /* Info.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = "<group>"; };
|
||||||
|
@ -403,6 +405,7 @@
|
||||||
children = (
|
children = (
|
||||||
0EFEB42E2006D3C800F81029 /* Allocation.h */,
|
0EFEB42E2006D3C800F81029 /* Allocation.h */,
|
||||||
0EFEB4462006D3C800F81029 /* Allocation.m */,
|
0EFEB4462006D3C800F81029 /* Allocation.m */,
|
||||||
|
0E245D6B2137F73600B012A2 /* CompressionFraming.h */,
|
||||||
0EFEB44A2006D3C800F81029 /* CoreConfiguration.swift */,
|
0EFEB44A2006D3C800F81029 /* CoreConfiguration.swift */,
|
||||||
0E07597C20F0060E00F38FD8 /* CryptoAEAD.h */,
|
0E07597C20F0060E00F38FD8 /* CryptoAEAD.h */,
|
||||||
0E07597D20F0060E00F38FD8 /* CryptoAEAD.m */,
|
0E07597D20F0060E00F38FD8 /* CryptoAEAD.m */,
|
||||||
|
@ -505,6 +508,7 @@
|
||||||
0EFEB46B2006D3C800F81029 /* CryptoBox.h in Headers */,
|
0EFEB46B2006D3C800F81029 /* CryptoBox.h in Headers */,
|
||||||
0EFEB4592006D3C800F81029 /* Allocation.h in Headers */,
|
0EFEB4592006D3C800F81029 /* Allocation.h in Headers */,
|
||||||
0EFEB4582006D3C800F81029 /* MSS.h in Headers */,
|
0EFEB4582006D3C800F81029 /* MSS.h in Headers */,
|
||||||
|
0E245D6C2137F73600B012A2 /* CompressionFraming.h in Headers */,
|
||||||
0EFEB4602006D3C800F81029 /* DataPath.h in Headers */,
|
0EFEB4602006D3C800F81029 /* DataPath.h in Headers */,
|
||||||
0E07597E20F0060E00F38FD8 /* CryptoAEAD.h in Headers */,
|
0E07597E20F0060E00F38FD8 /* CryptoAEAD.h in Headers */,
|
||||||
0EFEB46C2006D3C800F81029 /* ZeroingData.h in Headers */,
|
0EFEB46C2006D3C800F81029 /* ZeroingData.h in Headers */,
|
||||||
|
|
|
@ -38,6 +38,7 @@
|
||||||
import Foundation
|
import Foundation
|
||||||
import NetworkExtension
|
import NetworkExtension
|
||||||
import SwiftyBeaver
|
import SwiftyBeaver
|
||||||
|
import __TunnelKitNative
|
||||||
|
|
||||||
private let log = SwiftyBeaver.self
|
private let log = SwiftyBeaver.self
|
||||||
|
|
||||||
|
@ -163,9 +164,8 @@ extension TunnelKitProvider {
|
||||||
/// The MTU of the link.
|
/// The MTU of the link.
|
||||||
public var mtu: Int
|
public var mtu: Int
|
||||||
|
|
||||||
/// Enables LZO framing (deprecated).
|
/// Sets compression framing, disabled by default.
|
||||||
// @available(*, deprecated)
|
public var compressionFraming: CompressionFraming
|
||||||
public var LZOFraming: Bool
|
|
||||||
|
|
||||||
/// The number of seconds after which a renegotiation is started. Set to `nil` to disable renegotiation (default).
|
/// The number of seconds after which a renegotiation is started. Set to `nil` to disable renegotiation (default).
|
||||||
public var renegotiatesAfterSeconds: Int?
|
public var renegotiatesAfterSeconds: Int?
|
||||||
|
@ -197,7 +197,7 @@ extension TunnelKitProvider {
|
||||||
digest = .sha1
|
digest = .sha1
|
||||||
ca = nil
|
ca = nil
|
||||||
mtu = 1500
|
mtu = 1500
|
||||||
LZOFraming = false
|
compressionFraming = .disabled
|
||||||
renegotiatesAfterSeconds = nil
|
renegotiatesAfterSeconds = nil
|
||||||
shouldDebug = false
|
shouldDebug = false
|
||||||
debugLogKey = nil
|
debugLogKey = nil
|
||||||
|
@ -265,7 +265,11 @@ extension TunnelKitProvider {
|
||||||
self.clientCertificate = clientCertificate
|
self.clientCertificate = clientCertificate
|
||||||
self.clientKey = clientKey
|
self.clientKey = clientKey
|
||||||
mtu = providerConfiguration[S.mtu] as? Int ?? 1250
|
mtu = providerConfiguration[S.mtu] as? Int ?? 1250
|
||||||
LZOFraming = providerConfiguration[S.LZOFraming] as? Bool ?? false
|
if let compressionFramingValue = providerConfiguration[S.compressionFraming] as? Int, let compressionFraming = CompressionFraming(rawValue: compressionFramingValue) {
|
||||||
|
self.compressionFraming = compressionFraming
|
||||||
|
} else {
|
||||||
|
compressionFraming = .disabled
|
||||||
|
}
|
||||||
renegotiatesAfterSeconds = providerConfiguration[S.renegotiatesAfter] as? Int
|
renegotiatesAfterSeconds = providerConfiguration[S.renegotiatesAfter] as? Int
|
||||||
|
|
||||||
shouldDebug = providerConfiguration[S.debug] as? Bool ?? false
|
shouldDebug = providerConfiguration[S.debug] as? Bool ?? false
|
||||||
|
@ -301,7 +305,7 @@ extension TunnelKitProvider {
|
||||||
clientCertificate: clientCertificate,
|
clientCertificate: clientCertificate,
|
||||||
clientKey: clientKey,
|
clientKey: clientKey,
|
||||||
mtu: mtu,
|
mtu: mtu,
|
||||||
LZOFraming: LZOFraming,
|
compressionFraming: compressionFraming,
|
||||||
renegotiatesAfterSeconds: renegotiatesAfterSeconds,
|
renegotiatesAfterSeconds: renegotiatesAfterSeconds,
|
||||||
shouldDebug: shouldDebug,
|
shouldDebug: shouldDebug,
|
||||||
debugLogKey: shouldDebug ? debugLogKey : nil,
|
debugLogKey: shouldDebug ? debugLogKey : nil,
|
||||||
|
@ -333,7 +337,7 @@ extension TunnelKitProvider {
|
||||||
|
|
||||||
static let mtu = "MTU"
|
static let mtu = "MTU"
|
||||||
|
|
||||||
static let LZOFraming = "LZOFraming"
|
static let compressionFraming = "CompressionFraming"
|
||||||
|
|
||||||
static let renegotiatesAfter = "RenegotiatesAfter"
|
static let renegotiatesAfter = "RenegotiatesAfter"
|
||||||
|
|
||||||
|
@ -374,8 +378,8 @@ extension TunnelKitProvider {
|
||||||
/// - Seealso: `TunnelKitProvider.ConfigurationBuilder.mtu`
|
/// - Seealso: `TunnelKitProvider.ConfigurationBuilder.mtu`
|
||||||
public let mtu: Int
|
public let mtu: Int
|
||||||
|
|
||||||
/// - Seealso: `TunnelKitProvider.ConfigurationBuilder.LZOFraming`
|
/// - Seealso: `TunnelKitProvider.ConfigurationBuilder.compressionFraming`
|
||||||
public let LZOFraming: Bool
|
public let compressionFraming: CompressionFraming
|
||||||
|
|
||||||
/// - Seealso: `TunnelKitProvider.ConfigurationBuilder.renegotiatesAfterSeconds`
|
/// - Seealso: `TunnelKitProvider.ConfigurationBuilder.renegotiatesAfterSeconds`
|
||||||
public let renegotiatesAfterSeconds: Int?
|
public let renegotiatesAfterSeconds: Int?
|
||||||
|
@ -447,9 +451,7 @@ extension TunnelKitProvider {
|
||||||
if let resolvedAddresses = resolvedAddresses {
|
if let resolvedAddresses = resolvedAddresses {
|
||||||
dict[S.resolvedAddresses] = resolvedAddresses
|
dict[S.resolvedAddresses] = resolvedAddresses
|
||||||
}
|
}
|
||||||
if LZOFraming {
|
dict[S.compressionFraming] = compressionFraming.rawValue
|
||||||
dict[S.LZOFraming] = LZOFraming
|
|
||||||
}
|
|
||||||
if let renegotiatesAfterSeconds = renegotiatesAfterSeconds {
|
if let renegotiatesAfterSeconds = renegotiatesAfterSeconds {
|
||||||
dict[S.renegotiatesAfter] = renegotiatesAfterSeconds
|
dict[S.renegotiatesAfter] = renegotiatesAfterSeconds
|
||||||
}
|
}
|
||||||
|
@ -509,7 +511,7 @@ extension TunnelKitProvider {
|
||||||
log.info("Client verification: disabled")
|
log.info("Client verification: disabled")
|
||||||
}
|
}
|
||||||
log.info("MTU: \(mtu)")
|
log.info("MTU: \(mtu)")
|
||||||
log.info("LZO framing: \(LZOFraming ? "enabled" : "disabled")")
|
log.info("Compression framing: \(compressionFraming)")
|
||||||
if let renegotiatesAfterSeconds = renegotiatesAfterSeconds {
|
if let renegotiatesAfterSeconds = renegotiatesAfterSeconds {
|
||||||
log.info("Renegotiation: \(renegotiatesAfterSeconds) seconds")
|
log.info("Renegotiation: \(renegotiatesAfterSeconds) seconds")
|
||||||
} else {
|
} else {
|
||||||
|
@ -538,7 +540,7 @@ extension TunnelKitProvider.Configuration: Equatable {
|
||||||
builder.clientCertificate = clientCertificate
|
builder.clientCertificate = clientCertificate
|
||||||
builder.clientKey = clientKey
|
builder.clientKey = clientKey
|
||||||
builder.mtu = mtu
|
builder.mtu = mtu
|
||||||
builder.LZOFraming = LZOFraming
|
builder.compressionFraming = compressionFraming
|
||||||
builder.renegotiatesAfterSeconds = renegotiatesAfterSeconds
|
builder.renegotiatesAfterSeconds = renegotiatesAfterSeconds
|
||||||
builder.shouldDebug = shouldDebug
|
builder.shouldDebug = shouldDebug
|
||||||
builder.debugLogKey = debugLogKey
|
builder.debugLogKey = debugLogKey
|
||||||
|
@ -555,7 +557,7 @@ extension TunnelKitProvider.Configuration: Equatable {
|
||||||
(lhs.clientCertificate == rhs.clientCertificate) &&
|
(lhs.clientCertificate == rhs.clientCertificate) &&
|
||||||
(lhs.clientKey == rhs.clientKey) &&
|
(lhs.clientKey == rhs.clientKey) &&
|
||||||
(lhs.mtu == rhs.mtu) &&
|
(lhs.mtu == rhs.mtu) &&
|
||||||
(lhs.LZOFraming == rhs.LZOFraming) &&
|
(lhs.compressionFraming == rhs.compressionFraming) &&
|
||||||
(lhs.renegotiatesAfterSeconds == rhs.renegotiatesAfterSeconds)
|
(lhs.renegotiatesAfterSeconds == rhs.renegotiatesAfterSeconds)
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
|
@ -215,7 +215,7 @@ open class TunnelKitProvider: NEPacketTunnelProvider {
|
||||||
sessionConfiguration.caPath = caPath
|
sessionConfiguration.caPath = caPath
|
||||||
sessionConfiguration.clientCertificatePath = clientCertificatePath
|
sessionConfiguration.clientCertificatePath = clientCertificatePath
|
||||||
sessionConfiguration.clientKeyPath = clientKeyPath
|
sessionConfiguration.clientKeyPath = clientKeyPath
|
||||||
sessionConfiguration.LZOFraming = cfg.LZOFraming
|
sessionConfiguration.compressionFraming = cfg.compressionFraming
|
||||||
if let renegotiatesAfterSeconds = cfg.renegotiatesAfterSeconds {
|
if let renegotiatesAfterSeconds = cfg.renegotiatesAfterSeconds {
|
||||||
sessionConfiguration.renegotiatesAfter = Double(renegotiatesAfterSeconds)
|
sessionConfiguration.renegotiatesAfter = Double(renegotiatesAfterSeconds)
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,35 @@
|
||||||
|
//
|
||||||
|
// CompressionFraming.h
|
||||||
|
// TunnelKit
|
||||||
|
//
|
||||||
|
// Created by Davide De Rosa on 8/30/18.
|
||||||
|
// Copyright (c) 2018 Davide De Rosa. All rights reserved.
|
||||||
|
//
|
||||||
|
// https://github.com/keeshux
|
||||||
|
//
|
||||||
|
// This file is part of TunnelKit.
|
||||||
|
//
|
||||||
|
// TunnelKit is free software: you can redistribute it and/or modify
|
||||||
|
// it under the terms of the GNU General Public License as published by
|
||||||
|
// the Free Software Foundation, either version 3 of the License, or
|
||||||
|
// (at your option) any later version.
|
||||||
|
//
|
||||||
|
// TunnelKit is distributed in the hope that it will be useful,
|
||||||
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
// GNU General Public License for more details.
|
||||||
|
//
|
||||||
|
// You should have received a copy of the GNU General Public License
|
||||||
|
// along with TunnelKit. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
//
|
||||||
|
|
||||||
|
#import <Foundation/Foundation.h>
|
||||||
|
|
||||||
|
typedef NS_ENUM(NSInteger, CompressionFraming) {
|
||||||
|
CompressionFramingDisabled,
|
||||||
|
CompressionFramingCompress,
|
||||||
|
CompressionFramingCompLZO __attribute__((deprecated))
|
||||||
|
};
|
||||||
|
|
||||||
|
#define CompressionFramingNoCompress 0xfa
|
||||||
|
#define CompressionFramingNoCompressSwap 0xfb
|
|
@ -52,7 +52,7 @@ NS_ASSUME_NONNULL_BEGIN
|
||||||
@interface DataPathCryptoAEAD : NSObject <DataPathEncrypter, DataPathDecrypter>
|
@interface DataPathCryptoAEAD : NSObject <DataPathEncrypter, DataPathDecrypter>
|
||||||
|
|
||||||
@property (nonatomic, assign) uint32_t peerId;
|
@property (nonatomic, assign) uint32_t peerId;
|
||||||
@property (nonatomic, assign) BOOL LZOFraming;// DEPRECATED_ATTRIBUTE;
|
@property (nonatomic, assign) CompressionFraming compressionFraming;
|
||||||
|
|
||||||
- (instancetype)initWithCrypto:(nonnull CryptoAEAD *)crypto;
|
- (instancetype)initWithCrypto:(nonnull CryptoAEAD *)crypto;
|
||||||
|
|
||||||
|
|
|
@ -292,12 +292,30 @@ const NSInteger CryptoAEADTagLength = 16;
|
||||||
- (void)assembleDataPacketWithPacketId:(uint32_t)packetId payload:(NSData *)payload into:(uint8_t *)dest length:(NSInteger *)length
|
- (void)assembleDataPacketWithPacketId:(uint32_t)packetId payload:(NSData *)payload into:(uint8_t *)dest length:(NSInteger *)length
|
||||||
{
|
{
|
||||||
uint8_t *ptr = dest;
|
uint8_t *ptr = dest;
|
||||||
if (self.LZOFraming) {
|
|
||||||
*ptr = DataPacketLZONoCompress;
|
|
||||||
ptr += sizeof(uint8_t);
|
|
||||||
}
|
|
||||||
memcpy(ptr, payload.bytes, payload.length);
|
memcpy(ptr, payload.bytes, payload.length);
|
||||||
*length = (int)(ptr - dest + payload.length);
|
*length = (int)(ptr - dest + payload.length);
|
||||||
|
|
||||||
|
switch (self.compressionFraming) {
|
||||||
|
case CompressionFramingDisabled:
|
||||||
|
memcpy(ptr, payload.bytes, payload.length);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case CompressionFramingCompress:
|
||||||
|
memcpy(ptr, payload.bytes, payload.length);
|
||||||
|
ptr[payload.length] = *ptr;
|
||||||
|
*ptr = CompressionFramingNoCompressSwap;
|
||||||
|
*length += sizeof(uint8_t);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case CompressionFramingCompLZO:
|
||||||
|
memcpy(ptr + sizeof(uint8_t), payload.bytes, payload.length);
|
||||||
|
*ptr = CompressionFramingNoCompress;
|
||||||
|
*length += sizeof(uint8_t);
|
||||||
|
break;
|
||||||
|
|
||||||
|
default:
|
||||||
|
break;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
- (NSData *)encryptedDataPacketWithKey:(uint8_t)key packetId:(uint32_t)packetId payload:(const uint8_t *)payload payloadLength:(NSInteger)payloadLength error:(NSError *__autoreleasing *)error
|
- (NSData *)encryptedDataPacketWithKey:(uint8_t)key packetId:(uint32_t)packetId payload:(const uint8_t *)payload payloadLength:(NSInteger)payloadLength error:(NSError *__autoreleasing *)error
|
||||||
|
@ -361,15 +379,26 @@ const NSInteger CryptoAEADTagLength = 16;
|
||||||
return YES;
|
return YES;
|
||||||
}
|
}
|
||||||
|
|
||||||
- (const uint8_t *)parsePayloadWithDataPacket:(const uint8_t *)packet packetLength:(NSInteger)packetLength length:(NSInteger *)length
|
- (const uint8_t *)parsePayloadWithDataPacket:(uint8_t *)packet packetLength:(NSInteger)packetLength length:(NSInteger *)length
|
||||||
{
|
{
|
||||||
const uint8_t *ptr = packet;
|
uint8_t *ptr = packet;
|
||||||
if (self.LZOFraming) {
|
|
||||||
NSAssert(*ptr == DataPacketLZONoCompress, @"Expected LZO NO_COMPRESS");
|
|
||||||
// *compression = *ptr;
|
|
||||||
ptr += sizeof(uint8_t); // compression byte
|
|
||||||
}
|
|
||||||
*length = packetLength - (int)(ptr - packet);
|
*length = packetLength - (int)(ptr - packet);
|
||||||
|
if (self.compressionFraming != CompressionFramingDisabled) {
|
||||||
|
switch (*ptr) {
|
||||||
|
case CompressionFramingNoCompress:
|
||||||
|
ptr += sizeof(uint8_t);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case CompressionFramingNoCompressSwap:
|
||||||
|
*ptr = packet[packetLength - 1];
|
||||||
|
break;
|
||||||
|
|
||||||
|
default:
|
||||||
|
NSAssert(NO, @"Compression not supported (found %X)", *ptr);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
*length -= sizeof(uint8_t);
|
||||||
|
}
|
||||||
return ptr;
|
return ptr;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -51,7 +51,7 @@ NS_ASSUME_NONNULL_BEGIN
|
||||||
@interface DataPathCryptoCBC : NSObject <DataPathEncrypter, DataPathDecrypter>
|
@interface DataPathCryptoCBC : NSObject <DataPathEncrypter, DataPathDecrypter>
|
||||||
|
|
||||||
@property (nonatomic, assign) uint32_t peerId;
|
@property (nonatomic, assign) uint32_t peerId;
|
||||||
@property (nonatomic, assign) BOOL LZOFraming;// DEPRECATED_ATTRIBUTE;
|
@property (nonatomic, assign) CompressionFraming compressionFraming;
|
||||||
|
|
||||||
- (instancetype)initWithCrypto:(nonnull CryptoCBC *)crypto;
|
- (instancetype)initWithCrypto:(nonnull CryptoCBC *)crypto;
|
||||||
|
|
||||||
|
|
|
@ -292,12 +292,29 @@ const NSInteger CryptoCBCMaxHMACLength = 100;
|
||||||
uint8_t *ptr = dest;
|
uint8_t *ptr = dest;
|
||||||
*(uint32_t *)ptr = htonl(packetId);
|
*(uint32_t *)ptr = htonl(packetId);
|
||||||
ptr += sizeof(uint32_t);
|
ptr += sizeof(uint32_t);
|
||||||
if (self.LZOFraming) {
|
|
||||||
*ptr = DataPacketLZONoCompress;
|
|
||||||
ptr += sizeof(uint8_t);
|
|
||||||
}
|
|
||||||
memcpy(ptr, payload.bytes, payload.length);
|
|
||||||
*length = (int)(ptr - dest + payload.length);
|
*length = (int)(ptr - dest + payload.length);
|
||||||
|
|
||||||
|
switch (self.compressionFraming) {
|
||||||
|
case CompressionFramingDisabled:
|
||||||
|
memcpy(ptr, payload.bytes, payload.length);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case CompressionFramingCompress:
|
||||||
|
memcpy(ptr, payload.bytes, payload.length);
|
||||||
|
ptr[payload.length] = *ptr;
|
||||||
|
*ptr = CompressionFramingNoCompressSwap;
|
||||||
|
*length += sizeof(uint8_t);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case CompressionFramingCompLZO:
|
||||||
|
memcpy(ptr + sizeof(uint8_t), payload.bytes, payload.length);
|
||||||
|
*ptr = CompressionFramingNoCompress;
|
||||||
|
*length += sizeof(uint8_t);
|
||||||
|
break;
|
||||||
|
|
||||||
|
default:
|
||||||
|
break;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
- (NSData *)encryptedDataPacketWithKey:(uint8_t)key packetId:(uint32_t)packetId payload:(const uint8_t *)payload payloadLength:(NSInteger)payloadLength error:(NSError *__autoreleasing *)error
|
- (NSData *)encryptedDataPacketWithKey:(uint8_t)key packetId:(uint32_t)packetId payload:(const uint8_t *)payload payloadLength:(NSInteger)payloadLength error:(NSError *__autoreleasing *)error
|
||||||
|
@ -348,16 +365,27 @@ const NSInteger CryptoCBCMaxHMACLength = 100;
|
||||||
return YES;
|
return YES;
|
||||||
}
|
}
|
||||||
|
|
||||||
- (const uint8_t *)parsePayloadWithDataPacket:(const uint8_t *)packet packetLength:(NSInteger)packetLength length:(NSInteger *)length
|
- (const uint8_t *)parsePayloadWithDataPacket:(uint8_t *)packet packetLength:(NSInteger)packetLength length:(NSInteger *)length
|
||||||
{
|
{
|
||||||
const uint8_t *ptr = packet;
|
uint8_t *ptr = packet;
|
||||||
ptr += sizeof(uint32_t); // packet id
|
ptr += sizeof(uint32_t); // packet id
|
||||||
if (self.LZOFraming) {
|
|
||||||
NSAssert(*ptr == DataPacketLZONoCompress, @"Expected LZO NO_COMPRESS");
|
|
||||||
// *compression = *ptr;
|
|
||||||
ptr += sizeof(uint8_t); // compression byte
|
|
||||||
}
|
|
||||||
*length = packetLength - (int)(ptr - packet);
|
*length = packetLength - (int)(ptr - packet);
|
||||||
|
if (self.compressionFraming != CompressionFramingDisabled) {
|
||||||
|
switch (*ptr) {
|
||||||
|
case CompressionFramingNoCompress:
|
||||||
|
ptr += sizeof(uint8_t);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case CompressionFramingNoCompressSwap:
|
||||||
|
*ptr = packet[packetLength - 1];
|
||||||
|
break;
|
||||||
|
|
||||||
|
default:
|
||||||
|
NSAssert(NO, @"Compression not supported (found %X)", *ptr);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
*length -= sizeof(uint8_t);
|
||||||
|
}
|
||||||
return ptr;
|
return ptr;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -51,7 +51,7 @@
|
||||||
usesReplayProtection:(BOOL)usesReplayProtection;
|
usesReplayProtection:(BOOL)usesReplayProtection;
|
||||||
|
|
||||||
- (void)setPeerId:(uint32_t)peerId; // 24-bit, discard most significant byte
|
- (void)setPeerId:(uint32_t)peerId; // 24-bit, discard most significant byte
|
||||||
- (void)setLZOFraming:(BOOL)LZOFraming;// DEPRECATED_ATTRIBUTE;
|
- (void)setCompressionFraming:(CompressionFraming)compressionFraming;
|
||||||
|
|
||||||
- (NSArray<NSData *> *)encryptPackets:(nonnull NSArray<NSData *> *)packets key:(uint8_t)key error:(NSError **)error;
|
- (NSArray<NSData *> *)encryptPackets:(nonnull NSArray<NSData *> *)packets key:(uint8_t)key error:(NSError **)error;
|
||||||
- (NSArray<NSData *> *)decryptPackets:(nonnull NSArray<NSData *> *)packets keepAlive:(nullable bool *)keepAlive error:(NSError **)error;
|
- (NSArray<NSData *> *)decryptPackets:(nonnull NSArray<NSData *> *)packets keepAlive:(nullable bool *)keepAlive error:(NSError **)error;
|
||||||
|
|
|
@ -160,13 +160,13 @@
|
||||||
self.decrypter.peerId = peerId;
|
self.decrypter.peerId = peerId;
|
||||||
}
|
}
|
||||||
|
|
||||||
- (void)setLZOFraming:(BOOL)LZOFraming
|
- (void)setCompressionFraming:(CompressionFraming)compressionFraming
|
||||||
{
|
{
|
||||||
NSAssert(self.encrypter, @"Setting LZOFraming to nil encrypter");
|
NSAssert(self.encrypter, @"Setting compressionFraming to nil encrypter");
|
||||||
NSAssert(self.decrypter, @"Setting LZOFraming to nil decrypter");
|
NSAssert(self.decrypter, @"Setting compressionFraming to nil decrypter");
|
||||||
|
|
||||||
self.encrypter.LZOFraming = LZOFraming;
|
self.encrypter.compressionFraming = compressionFraming;
|
||||||
self.decrypter.LZOFraming = LZOFraming;
|
self.decrypter.compressionFraming = compressionFraming;
|
||||||
}
|
}
|
||||||
|
|
||||||
#pragma mark DataPath
|
#pragma mark DataPath
|
||||||
|
|
|
@ -41,8 +41,8 @@
|
||||||
- (int)overheadLength;
|
- (int)overheadLength;
|
||||||
- (uint32_t)peerId;
|
- (uint32_t)peerId;
|
||||||
- (void)setPeerId:(uint32_t)peerId;
|
- (void)setPeerId:(uint32_t)peerId;
|
||||||
- (BOOL)LZOFraming;// DEPRECATED_ATTRIBUTE;
|
- (CompressionFraming)compressionFraming;
|
||||||
- (void)setLZOFraming:(BOOL)LZOFraming;// DEPRECATED_ATTRIBUTE;
|
- (void)setCompressionFraming:(CompressionFraming)compressionFraming;
|
||||||
|
|
||||||
@end
|
@end
|
||||||
|
|
||||||
|
@ -56,6 +56,6 @@
|
||||||
@protocol DataPathDecrypter <DataPathChannel>
|
@protocol DataPathDecrypter <DataPathChannel>
|
||||||
|
|
||||||
- (BOOL)decryptDataPacket:(nonnull NSData *)packet into:(nonnull uint8_t *)dest length:(nonnull NSInteger *)length packetId:(nonnull uint32_t *)packetId error:(NSError **)error;
|
- (BOOL)decryptDataPacket:(nonnull NSData *)packet into:(nonnull uint8_t *)dest length:(nonnull NSInteger *)length packetId:(nonnull uint32_t *)packetId error:(NSError **)error;
|
||||||
- (nonnull const uint8_t *)parsePayloadWithDataPacket:(nonnull const uint8_t *)packet packetLength:(NSInteger)packetLength length:(nonnull NSInteger *)length;
|
- (nonnull const uint8_t *)parsePayloadWithDataPacket:(nonnull uint8_t *)packet packetLength:(NSInteger)packetLength length:(nonnull NSInteger *)length;
|
||||||
|
|
||||||
@end
|
@end
|
||||||
|
|
|
@ -51,7 +51,6 @@ typedef NS_ENUM(uint8_t, PacketCode) {
|
||||||
PacketCodeUnknown = 0xff
|
PacketCodeUnknown = 0xff
|
||||||
};
|
};
|
||||||
|
|
||||||
extern const uint8_t DataPacketLZONoCompress;
|
|
||||||
extern const uint8_t DataPacketPingData[16];
|
extern const uint8_t DataPacketPingData[16];
|
||||||
|
|
||||||
static inline int PacketHeaderSet(uint8_t *_Nonnull to, PacketCode code, uint8_t key)
|
static inline int PacketHeaderSet(uint8_t *_Nonnull to, PacketCode code, uint8_t key)
|
||||||
|
|
|
@ -37,5 +37,4 @@
|
||||||
|
|
||||||
#import "PacketMacros.h"
|
#import "PacketMacros.h"
|
||||||
|
|
||||||
const uint8_t DataPacketLZONoCompress = 0xfa;
|
|
||||||
const uint8_t DataPacketPingData[] = { 0x2a, 0x18, 0x7b, 0xf3, 0x64, 0x1e, 0xb4, 0xcb, 0x07, 0xed, 0x2d, 0x0a, 0x98, 0x1f, 0xc7, 0x48 };
|
const uint8_t DataPacketPingData[] = { 0x2a, 0x18, 0x7b, 0xf3, 0x64, 0x1e, 0xb4, 0xcb, 0x07, 0xed, 0x2d, 0x0a, 0x98, 0x1f, 0xc7, 0x48 };
|
||||||
|
|
|
@ -36,6 +36,7 @@
|
||||||
//
|
//
|
||||||
|
|
||||||
import Foundation
|
import Foundation
|
||||||
|
import __TunnelKitNative
|
||||||
|
|
||||||
extension SessionProxy {
|
extension SessionProxy {
|
||||||
|
|
||||||
|
@ -87,9 +88,8 @@ extension SessionProxy {
|
||||||
/// The path to the optional CA for TLS negotiation (PEM format).
|
/// The path to the optional CA for TLS negotiation (PEM format).
|
||||||
public var caPath: String?
|
public var caPath: String?
|
||||||
|
|
||||||
/// Enables LZO compression framing (deprecated in OpenVPN 2.4).
|
/// Sets compression framing, disabled by default.
|
||||||
// @available(*, deprecated)
|
public var compressionFraming: CompressionFraming
|
||||||
public var LZOFraming: Bool
|
|
||||||
|
|
||||||
/// The path to the optional client certificate for TLS negotiation (PEM format).
|
/// The path to the optional client certificate for TLS negotiation (PEM format).
|
||||||
public var clientCertificatePath: String?
|
public var clientCertificatePath: String?
|
||||||
|
@ -112,7 +112,7 @@ extension SessionProxy {
|
||||||
caPath = nil
|
caPath = nil
|
||||||
clientCertificatePath = nil
|
clientCertificatePath = nil
|
||||||
clientKeyPath = nil
|
clientKeyPath = nil
|
||||||
LZOFraming = false
|
compressionFraming = .disabled
|
||||||
keepAliveInterval = nil
|
keepAliveInterval = nil
|
||||||
renegotiatesAfter = nil
|
renegotiatesAfter = nil
|
||||||
}
|
}
|
||||||
|
@ -131,7 +131,7 @@ extension SessionProxy {
|
||||||
caPath: caPath,
|
caPath: caPath,
|
||||||
clientCertificatePath: clientCertificatePath,
|
clientCertificatePath: clientCertificatePath,
|
||||||
clientKeyPath: clientKeyPath,
|
clientKeyPath: clientKeyPath,
|
||||||
LZOFraming: LZOFraming,
|
compressionFraming: compressionFraming,
|
||||||
keepAliveInterval: keepAliveInterval,
|
keepAliveInterval: keepAliveInterval,
|
||||||
renegotiatesAfter: renegotiatesAfter
|
renegotiatesAfter: renegotiatesAfter
|
||||||
)
|
)
|
||||||
|
@ -162,8 +162,8 @@ extension SessionProxy {
|
||||||
/// - Seealso: `SessionProxy.ConfigurationBuilder.clientKeyPath`
|
/// - Seealso: `SessionProxy.ConfigurationBuilder.clientKeyPath`
|
||||||
public let clientKeyPath: String?
|
public let clientKeyPath: String?
|
||||||
|
|
||||||
/// - Seealso: `SessionProxy.ConfigurationBuilder.LZOFraming`
|
/// - Seealso: `SessionProxy.ConfigurationBuilder.compressionFraming`
|
||||||
public let LZOFraming: Bool
|
public let compressionFraming: CompressionFraming
|
||||||
|
|
||||||
/// - Seealso: `SessionProxy.ConfigurationBuilder.keepAliveInterval`
|
/// - Seealso: `SessionProxy.ConfigurationBuilder.keepAliveInterval`
|
||||||
public let keepAliveInterval: TimeInterval?
|
public let keepAliveInterval: TimeInterval?
|
||||||
|
|
|
@ -109,9 +109,9 @@ extension SessionProxy {
|
||||||
return isTLSConnected
|
return isTLSConnected
|
||||||
}
|
}
|
||||||
|
|
||||||
func startHandlingPackets(withPeerId peerId: UInt32? = nil, LZOFraming: Bool = false) {
|
func startHandlingPackets(withPeerId peerId: UInt32? = nil, compressionFraming: CompressionFraming = .disabled) {
|
||||||
dataPath?.setPeerId(peerId ?? PacketPeerIdDisabled)
|
dataPath?.setPeerId(peerId ?? PacketPeerIdDisabled)
|
||||||
dataPath?.setLZOFraming(LZOFraming)
|
dataPath?.setCompressionFraming(compressionFraming)
|
||||||
canHandlePackets = true
|
canHandlePackets = true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -896,7 +896,7 @@ public class SessionProxy {
|
||||||
authenticator = nil
|
authenticator = nil
|
||||||
negotiationKey.startHandlingPackets(
|
negotiationKey.startHandlingPackets(
|
||||||
withPeerId: peerId,
|
withPeerId: peerId,
|
||||||
LZOFraming: configuration.LZOFraming
|
compressionFraming: configuration.compressionFraming
|
||||||
)
|
)
|
||||||
negotiationKey.controlState = .connected
|
negotiationKey.controlState = .connected
|
||||||
connectedDate = Date()
|
connectedDate = Date()
|
||||||
|
|
|
@ -43,6 +43,7 @@ module __TunnelKitNative {
|
||||||
header "MSS.h"
|
header "MSS.h"
|
||||||
header "PacketMacros.h"
|
header "PacketMacros.h"
|
||||||
header "ReplayProtector.h"
|
header "ReplayProtector.h"
|
||||||
|
header "CompressionFraming.h"
|
||||||
header "DataPath.h"
|
header "DataPath.h"
|
||||||
header "DataPathEncryption.h"
|
header "DataPathEncryption.h"
|
||||||
export *
|
export *
|
||||||
|
|
Loading…
Reference in New Issue