Use CryptoContainer in SessionConfiguration

Instead of paths.
This commit is contained in:
Davide De Rosa 2018-10-25 08:02:48 +02:00
parent ca77858bf0
commit 3fd0329736
2 changed files with 57 additions and 57 deletions

View File

@ -182,51 +182,51 @@ open class TunnelKitProvider: NEPacketTunnelProvider {
return
}
let caPath: String
let clientCertificatePath: String?
let clientKeyPath: String?
do {
let url = temporaryURL(forKey: Configuration.Keys.ca)
try cfg.ca.write(to: url)
caPath = url.path
} catch {
completionHandler(ProviderConfigurationError.certificateSerialization)
return
}
if let clientCertificate = cfg.clientCertificate {
do {
let url = temporaryURL(forKey: Configuration.Keys.clientCertificate)
try clientCertificate.write(to: url)
clientCertificatePath = url.path
} catch {
completionHandler(ProviderConfigurationError.certificateSerialization)
return
}
} else {
clientCertificatePath = nil
}
if let clientKey = cfg.clientKey {
do {
let url = temporaryURL(forKey: Configuration.Keys.clientKey)
try clientKey.write(to: url)
clientKeyPath = url.path
} catch {
completionHandler(ProviderConfigurationError.certificateSerialization)
return
}
} else {
clientKeyPath = nil
}
// let caPath: String
// let clientCertificatePath: String?
// let clientKeyPath: String?
// do {
// let url = temporaryURL(forKey: Configuration.Keys.ca)
// try cfg.ca.write(to: url)
// caPath = url.path
// } catch {
// completionHandler(ProviderConfigurationError.certificateSerialization)
// return
// }
// if let clientCertificate = cfg.clientCertificate {
// do {
// let url = temporaryURL(forKey: Configuration.Keys.clientCertificate)
// try clientCertificate.write(to: url)
// clientCertificatePath = url.path
// } catch {
// completionHandler(ProviderConfigurationError.certificateSerialization)
// return
// }
// } else {
// clientCertificatePath = nil
// }
// if let clientKey = cfg.clientKey {
// do {
// let url = temporaryURL(forKey: Configuration.Keys.clientKey)
// try clientKey.write(to: url)
// clientKeyPath = url.path
// } catch {
// completionHandler(ProviderConfigurationError.certificateSerialization)
// return
// }
// } else {
// clientKeyPath = nil
// }
cfg.print(appVersion: appVersion)
// log.info("Temporary CA is stored to: \(caPath)")
var sessionConfiguration = SessionProxy.ConfigurationBuilder(caPath: caPath)
var sessionConfiguration = SessionProxy.ConfigurationBuilder(ca: cfg.ca)
sessionConfiguration.credentials = credentials
sessionConfiguration.cipher = cfg.cipher
sessionConfiguration.digest = cfg.digest
sessionConfiguration.clientCertificatePath = clientCertificatePath
sessionConfiguration.clientKeyPath = clientKeyPath
sessionConfiguration.clientCertificate = cfg.clientCertificate
sessionConfiguration.clientKey = cfg.clientKey
sessionConfiguration.compressionFraming = cfg.compressionFraming
sessionConfiguration.tlsWrap = cfg.tlsWrap
if let keepAliveSeconds = cfg.keepAliveSeconds {

View File

@ -144,14 +144,14 @@ extension SessionProxy {
/// The digest algorithm for HMAC.
public var digest: Digest
/// The path to the CA for TLS negotiation (PEM format).
public let caPath: String
/// The CA for TLS negotiation (PEM format).
public let ca: CryptoContainer
/// The path to the optional client certificate for TLS negotiation (PEM format).
public var clientCertificatePath: String?
/// The optional client certificate for TLS negotiation (PEM format).
public var clientCertificate: CryptoContainer?
/// The path to the private key for the certificate at `clientCertificatePath` (PEM format).
public var clientKeyPath: String?
/// The private key for the certificate in `clientCertificate` (PEM format).
public var clientKey: CryptoContainer?
/// Sets compression framing, disabled by default.
public var compressionFraming: CompressionFraming
@ -169,13 +169,13 @@ extension SessionProxy {
public var usesPIAPatches: Bool
/// :nodoc:
public init(caPath: String) {
public init(ca: CryptoContainer) {
credentials = nil
cipher = .aes128cbc
digest = .sha1
self.caPath = caPath
clientCertificatePath = nil
clientKeyPath = nil
self.ca = ca
clientCertificate = nil
clientKey = nil
compressionFraming = .disabled
tlsWrap = nil
keepAliveInterval = nil
@ -193,9 +193,9 @@ extension SessionProxy {
credentials: credentials,
cipher: cipher,
digest: digest,
caPath: caPath,
clientCertificatePath: clientCertificatePath,
clientKeyPath: clientKeyPath,
ca: ca,
clientCertificate: clientCertificate,
clientKey: clientKey,
compressionFraming: compressionFraming,
tlsWrap: tlsWrap,
keepAliveInterval: keepAliveInterval,
@ -217,14 +217,14 @@ extension SessionProxy {
/// - Seealso: `SessionProxy.ConfigurationBuilder.digest`
public let digest: Digest
/// - Seealso: `SessionProxy.ConfigurationBuilder.caPath`
public let caPath: String
/// - Seealso: `SessionProxy.ConfigurationBuilder.ca`
public let ca: CryptoContainer
/// - Seealso: `SessionProxy.ConfigurationBuilder.clientCertificatePath`
public let clientCertificatePath: String?
/// - Seealso: `SessionProxy.ConfigurationBuilder.clientCertificate`
public let clientCertificate: CryptoContainer?
/// - Seealso: `SessionProxy.ConfigurationBuilder.clientKeyPath`
public let clientKeyPath: String?
/// - Seealso: `SessionProxy.ConfigurationBuilder.clientKey`
public let clientKey: CryptoContainer?
/// - Seealso: `SessionProxy.ConfigurationBuilder.compressionFraming`
public let compressionFraming: CompressionFraming