Update README with recent reorg

This commit is contained in:
Davide De Rosa 2021-11-11 21:42:14 +01:00
parent 9e14f33235
commit 4a47eec041
1 changed files with 22 additions and 25 deletions

View File

@ -1,11 +1,10 @@
![iOS 12+](https://img.shields.io/badge/ios-12+-green.svg) ![iOS 12+](https://img.shields.io/badge/ios-12+-green.svg)
![macOS 10.15+](https://img.shields.io/badge/macos-10.15+-green.svg) ![macOS 10.15+](https://img.shields.io/badge/macos-10.15+-green.svg)
[![OpenSSL 1.1.1l](https://img.shields.io/badge/openssl-1.1.1l-d69c68.svg)](https://www.openssl.org/news/openssl-1.1.1-notes.html)
[![License GPLv3](https://img.shields.io/badge/license-GPLv3-lightgray.svg)](LICENSE) [![License GPLv3](https://img.shields.io/badge/license-GPLv3-lightgray.svg)](LICENSE)
# TunnelKit # TunnelKit
This library provides a generic framework for VPN development and a simplified Swift/Obj-C implementation of the OpenVPN® protocol for the Apple platforms. The crypto layer is built on top of [OpenSSL 1.1.1][dep-openssl], which in turn enables support for a certain range of encryption and digest algorithms. This library provides a generic framework for VPN development and a simplified Swift/Obj-C implementation of the OpenVPN® protocol for the Apple platforms. The crypto layer is built on top of [BoringSSL][dep-boringssl] (as seen in [SwiftNIO SSL][dep-swiftniossl]), which in turn enables support for a certain range of encryption and digest algorithms.
## Getting started ## Getting started
@ -71,10 +70,9 @@ Many other flags are ignored too but it's normally not an issue.
### Requirements ### Requirements
- iOS 12.0+ / macOS 10.15+ - iOS 13.0+ / macOS 10.15+
- SwiftPM 5 - SwiftPM 5.3
- Git (preinstalled with Xcode Command Line Tools) - Git (preinstalled with Xcode Command Line Tools)
- [jazzy][dep-jazzy] (optional, for documentation)
It's highly recommended to use the Git package provided by [Homebrew][dep-brew]. It's highly recommended to use the Git package provided by [Homebrew][dep-brew].
@ -84,7 +82,6 @@ Download the library codebase locally:
$ git clone https://github.com/passepartoutvpn/tunnelkit.git $ git clone https://github.com/passepartoutvpn/tunnelkit.git
There are demo targets containing a simple app for testing the tunnel, called `BasicTunnel`. Open `Demo/TunnelKit.xcodeproject` in Xcode and run it on both iOS and macOS. There are demo targets containing a simple app for testing the tunnel, called `BasicTunnel`. Open `Demo/TunnelKit.xcodeproject` in Xcode and run it on both iOS and macOS.
For the VPN to work properly, the `BasicTunnel` demo requires: For the VPN to work properly, the `BasicTunnel` demo requires:
@ -115,15 +112,7 @@ Remember that the App Group on macOS requires a team ID prefix.
The library is split into several modules, in order to decouple the low-level protocol implementation from the platform-specific bridging, namely the [NetworkExtension][ne-home] VPN framework. The library is split into several modules, in order to decouple the low-level protocol implementation from the platform-specific bridging, namely the [NetworkExtension][ne-home] VPN framework.
Full documentation of the public interface is available and can be generated with [jazzy][dep-jazzy]. After installing the jazzy Ruby gem with: Full documentation of the public interface is available and can be generated by opening the package in Xcode and running "Build Documentation" (Xcode 13).
$ gem install jazzy
enter the root directory of the repository and run:
$ jazzy
The generated output is stored into the `docs` directory in HTML format.
### TunnelKitCore ### TunnelKitCore
@ -134,31 +123,39 @@ Contains the building blocks of a VPN protocol. Eventually, a consumer would imp
There are no physical network implementations (e.g. UDP or TCP) in this module. There are no physical network implementations (e.g. UDP or TCP) in this module.
### TunnelKitAppExtension
Provides a layer on top of the NetworkExtension framework. Most importantly, bridges native [NWUDPSession][ne-udp] and [NWTCPConnection][ne-tcp] to an abstract `GenericSocket` interface, thus making a multi-protocol VPN dramatically easier to manage.
### TunnelKitManager ### TunnelKitManager
This component includes convenient classes to control the VPN tunnel from your app without the NetworkExtension headaches. Have a look at `VPNProvider` implementations: This component includes convenient classes to control the VPN tunnel from your app without the NetworkExtension headaches. Have a look at `VPNProvider` implementations:
- `MockVPNProvider` (default, useful to test on simulator) - `MockVPNProvider` (default, useful to test on simulator)
- `NetworkExtensionVPNProvider` (for IPSec/IKEv2) - `NetworkExtensionVPNProvider` (anything based on NetworkExtension)
### TunnelKitAppExtension
Provides a layer on top of the NetworkExtension framework. Most importantly, bridges native [NWUDPSession][ne-udp] and [NWTCPConnection][ne-tcp] to an abstract `GenericSocket` interface, thus making a multi-protocol VPN dramatically easier to manage.
### TunnelKitIKE ### TunnelKitIKE
Here you find `NativeProvider`, a generic way to manage a VPN profile based on the native IPSec/IKEv2 protocols. Just wrap a `NEVPNProtocolIPSec` or `NEVPNProtocolIKEv2` object in a `NetworkExtensionVPNConfiguration` and use it to install or connect to the VPN. Here you find `NativeProvider`, a generic way to manage a VPN profile based on the native IPSec/IKEv2 protocols. Just wrap a `NEVPNProtocolIPSec` or `NEVPNProtocolIKEv2` object in a `NetworkExtensionVPNConfiguration` and use it to install or connect to the VPN.
### TunnelKitOpenVPN ### TunnelKitOpenVPN*
Here are the low-level entities on top of which an OpenVPN connection is established. Code is mixed Swift and Obj-C, most of it is not exposed to consumers. The module depends on OpenSSL. #### Protocol
Here are the low-level entities on top of which an OpenVPN connection is established. Code is mixed Swift and Obj-C, most of it is not exposed to consumers. The protocol implementation in particular depends on BoringSSL.
The entry point is the `OpenVPNSession` class. The networking layer is fully abstract and delegated externally with the use of opaque `IOInterface` (`LinkInterface` and `TunnelInterface`) and `OpenVPNSessionDelegate` protocols. The entry point is the `OpenVPNSession` class. The networking layer is fully abstract and delegated externally with the use of opaque `IOInterface` (`LinkInterface` and `TunnelInterface`) and `OpenVPNSessionDelegate` protocols.
Another goal of this module is packaging up a black box implementation of a [NEPacketTunnelProvider][ne-ptp], which is the essential part of a Packet Tunnel Provider app extension. You will find the main implementation in the `OpenVPNTunnelProvider` class. On the client side, you manage the VPN profile with the `OpenVPNProvider` class, which is a specific implementation of `NetworkExtensionVPNProvider`. #### AppExtension
Another goal of this area is packaging up a black box implementation of a [NEPacketTunnelProvider][ne-ptp], which is the essential part of a Packet Tunnel Provider app extension. You will find the main implementation in the `OpenVPNTunnelProvider` class.
A debug log snapshot is optionally maintained and shared by the tunnel provider to host apps via the App Group container. A debug log snapshot is optionally maintained and shared by the tunnel provider to host apps via the App Group container.
#### Manager
On the client side, you manage the VPN profile with the `OpenVPNProvider` class, which is a specific implementation of `NetworkExtensionVPNProvider`.
### TunnelKitLZO ### TunnelKitLZO
Due to the restrictive license (GPLv2), LZO support is provided as an optional component. Due to the restrictive license (GPLv2), LZO support is provided as an optional component.
@ -207,9 +204,9 @@ Website: [passepartoutvpn.app][about-website]
[openvpn]: https://openvpn.net/index.php/open-source/overview.html [openvpn]: https://openvpn.net/index.php/open-source/overview.html
[dep-jazzy]: https://github.com/realm/jazzy
[dep-brew]: https://brew.sh/ [dep-brew]: https://brew.sh/
[dep-openssl]: https://www.openssl.org/ [dep-boringssl]: https://boringssl.googlesource.com/boringssl/
[dep-swiftniossl]: https://github.com/apple/swift-nio-ssl
[ne-home]: https://developer.apple.com/documentation/networkextension [ne-home]: https://developer.apple.com/documentation/networkextension
[ne-ptp]: https://developer.apple.com/documentation/networkextension/nepackettunnelprovider [ne-ptp]: https://developer.apple.com/documentation/networkextension/nepackettunnelprovider