Use CryptoContainer in SessionConfiguration
Instead of paths.
This commit is contained in:
parent
ca77858bf0
commit
3fd0329736
|
@ -182,51 +182,51 @@ open class TunnelKitProvider: NEPacketTunnelProvider {
|
|||
return
|
||||
}
|
||||
|
||||
let caPath: String
|
||||
let clientCertificatePath: String?
|
||||
let clientKeyPath: String?
|
||||
do {
|
||||
let url = temporaryURL(forKey: Configuration.Keys.ca)
|
||||
try cfg.ca.write(to: url)
|
||||
caPath = url.path
|
||||
} catch {
|
||||
completionHandler(ProviderConfigurationError.certificateSerialization)
|
||||
return
|
||||
}
|
||||
if let clientCertificate = cfg.clientCertificate {
|
||||
do {
|
||||
let url = temporaryURL(forKey: Configuration.Keys.clientCertificate)
|
||||
try clientCertificate.write(to: url)
|
||||
clientCertificatePath = url.path
|
||||
} catch {
|
||||
completionHandler(ProviderConfigurationError.certificateSerialization)
|
||||
return
|
||||
}
|
||||
} else {
|
||||
clientCertificatePath = nil
|
||||
}
|
||||
if let clientKey = cfg.clientKey {
|
||||
do {
|
||||
let url = temporaryURL(forKey: Configuration.Keys.clientKey)
|
||||
try clientKey.write(to: url)
|
||||
clientKeyPath = url.path
|
||||
} catch {
|
||||
completionHandler(ProviderConfigurationError.certificateSerialization)
|
||||
return
|
||||
}
|
||||
} else {
|
||||
clientKeyPath = nil
|
||||
}
|
||||
// let caPath: String
|
||||
// let clientCertificatePath: String?
|
||||
// let clientKeyPath: String?
|
||||
// do {
|
||||
// let url = temporaryURL(forKey: Configuration.Keys.ca)
|
||||
// try cfg.ca.write(to: url)
|
||||
// caPath = url.path
|
||||
// } catch {
|
||||
// completionHandler(ProviderConfigurationError.certificateSerialization)
|
||||
// return
|
||||
// }
|
||||
// if let clientCertificate = cfg.clientCertificate {
|
||||
// do {
|
||||
// let url = temporaryURL(forKey: Configuration.Keys.clientCertificate)
|
||||
// try clientCertificate.write(to: url)
|
||||
// clientCertificatePath = url.path
|
||||
// } catch {
|
||||
// completionHandler(ProviderConfigurationError.certificateSerialization)
|
||||
// return
|
||||
// }
|
||||
// } else {
|
||||
// clientCertificatePath = nil
|
||||
// }
|
||||
// if let clientKey = cfg.clientKey {
|
||||
// do {
|
||||
// let url = temporaryURL(forKey: Configuration.Keys.clientKey)
|
||||
// try clientKey.write(to: url)
|
||||
// clientKeyPath = url.path
|
||||
// } catch {
|
||||
// completionHandler(ProviderConfigurationError.certificateSerialization)
|
||||
// return
|
||||
// }
|
||||
// } else {
|
||||
// clientKeyPath = nil
|
||||
// }
|
||||
|
||||
cfg.print(appVersion: appVersion)
|
||||
|
||||
// log.info("Temporary CA is stored to: \(caPath)")
|
||||
var sessionConfiguration = SessionProxy.ConfigurationBuilder(caPath: caPath)
|
||||
var sessionConfiguration = SessionProxy.ConfigurationBuilder(ca: cfg.ca)
|
||||
sessionConfiguration.credentials = credentials
|
||||
sessionConfiguration.cipher = cfg.cipher
|
||||
sessionConfiguration.digest = cfg.digest
|
||||
sessionConfiguration.clientCertificatePath = clientCertificatePath
|
||||
sessionConfiguration.clientKeyPath = clientKeyPath
|
||||
sessionConfiguration.clientCertificate = cfg.clientCertificate
|
||||
sessionConfiguration.clientKey = cfg.clientKey
|
||||
sessionConfiguration.compressionFraming = cfg.compressionFraming
|
||||
sessionConfiguration.tlsWrap = cfg.tlsWrap
|
||||
if let keepAliveSeconds = cfg.keepAliveSeconds {
|
||||
|
|
|
@ -144,14 +144,14 @@ extension SessionProxy {
|
|||
/// The digest algorithm for HMAC.
|
||||
public var digest: Digest
|
||||
|
||||
/// The path to the CA for TLS negotiation (PEM format).
|
||||
public let caPath: String
|
||||
/// The CA for TLS negotiation (PEM format).
|
||||
public let ca: CryptoContainer
|
||||
|
||||
/// The path to the optional client certificate for TLS negotiation (PEM format).
|
||||
public var clientCertificatePath: String?
|
||||
/// The optional client certificate for TLS negotiation (PEM format).
|
||||
public var clientCertificate: CryptoContainer?
|
||||
|
||||
/// The path to the private key for the certificate at `clientCertificatePath` (PEM format).
|
||||
public var clientKeyPath: String?
|
||||
/// The private key for the certificate in `clientCertificate` (PEM format).
|
||||
public var clientKey: CryptoContainer?
|
||||
|
||||
/// Sets compression framing, disabled by default.
|
||||
public var compressionFraming: CompressionFraming
|
||||
|
@ -169,13 +169,13 @@ extension SessionProxy {
|
|||
public var usesPIAPatches: Bool
|
||||
|
||||
/// :nodoc:
|
||||
public init(caPath: String) {
|
||||
public init(ca: CryptoContainer) {
|
||||
credentials = nil
|
||||
cipher = .aes128cbc
|
||||
digest = .sha1
|
||||
self.caPath = caPath
|
||||
clientCertificatePath = nil
|
||||
clientKeyPath = nil
|
||||
self.ca = ca
|
||||
clientCertificate = nil
|
||||
clientKey = nil
|
||||
compressionFraming = .disabled
|
||||
tlsWrap = nil
|
||||
keepAliveInterval = nil
|
||||
|
@ -193,9 +193,9 @@ extension SessionProxy {
|
|||
credentials: credentials,
|
||||
cipher: cipher,
|
||||
digest: digest,
|
||||
caPath: caPath,
|
||||
clientCertificatePath: clientCertificatePath,
|
||||
clientKeyPath: clientKeyPath,
|
||||
ca: ca,
|
||||
clientCertificate: clientCertificate,
|
||||
clientKey: clientKey,
|
||||
compressionFraming: compressionFraming,
|
||||
tlsWrap: tlsWrap,
|
||||
keepAliveInterval: keepAliveInterval,
|
||||
|
@ -217,14 +217,14 @@ extension SessionProxy {
|
|||
/// - Seealso: `SessionProxy.ConfigurationBuilder.digest`
|
||||
public let digest: Digest
|
||||
|
||||
/// - Seealso: `SessionProxy.ConfigurationBuilder.caPath`
|
||||
public let caPath: String
|
||||
/// - Seealso: `SessionProxy.ConfigurationBuilder.ca`
|
||||
public let ca: CryptoContainer
|
||||
|
||||
/// - Seealso: `SessionProxy.ConfigurationBuilder.clientCertificatePath`
|
||||
public let clientCertificatePath: String?
|
||||
/// - Seealso: `SessionProxy.ConfigurationBuilder.clientCertificate`
|
||||
public let clientCertificate: CryptoContainer?
|
||||
|
||||
/// - Seealso: `SessionProxy.ConfigurationBuilder.clientKeyPath`
|
||||
public let clientKeyPath: String?
|
||||
/// - Seealso: `SessionProxy.ConfigurationBuilder.clientKey`
|
||||
public let clientKey: CryptoContainer?
|
||||
|
||||
/// - Seealso: `SessionProxy.ConfigurationBuilder.compressionFraming`
|
||||
public let compressionFraming: CompressionFraming
|
||||
|
|
Loading…
Reference in New Issue