passepartoutvpn
/
tunnelkit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Increase components granularity 

Minimize target dependency on OpenSSL (easier to drop later).

Outside of OpenVPN tunnel extension, OpenSSL is only used to
decrypt encrypted private keys in CryptoContainer (found in
TunnelKitOpenVPNCore, therefore "temporarily" dependent on
CTunnelKitOpenVPNAppExtension for TLSBox/CryptoBox).
This commit is contained in:
Davide De Rosa 2021-11-07 21:54:05 +01:00
parent d1f70171cb
commit 50064fc3d0
101 changed files with 472 additions and 327 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Demo/Demo/Configuration.swift
View File

@ -169,7 +169,7 @@ M69t86apMrAxkUxVJAWLRBd9fbYyzJgTW61tFqXWTZpiz6bhuWApSEzaHcL3/f5l
-----END PRIVATE KEY-----
""")
static func make(hostname: String, port: UInt16, socketType: SocketType) -> OpenVPNTunnelProvider.Configuration {
static func make(hostname: String, port: UInt16, socketType: SocketType) -> OpenVPNProvider.Configuration {
var sessionBuilder = OpenVPN.ConfigurationBuilder()
sessionBuilder.ca = ca
sessionBuilder.cipher = .aes128cbc
@ -181,7 +181,7 @@ M69t86apMrAxkUxVJAWLRBd9fbYyzJgTW61tFqXWTZpiz6bhuWApSEzaHcL3/f5l
sessionBuilder.clientCertificate = clientCertificate
sessionBuilder.clientKey = clientKey
sessionBuilder.mtu = 1350
var builder = OpenVPNTunnelProvider.ConfigurationBuilder(sessionConfiguration: sessionBuilder.build())
var builder = OpenVPNProvider.ConfigurationBuilder(sessionConfiguration: sessionBuilder.build())
builder.shouldDebug = true
builder.masksPrivateData = false
return builder.build()

2
Demo/Demo/PacketTunnelProvider.swift
View File

@ -23,7 +23,7 @@
// along with TunnelKit. If not, see <http://www.gnu.org/licenses/>.
//
import TunnelKitOpenVPN
import TunnelKitOpenVPNAppExtension
class PacketTunnelProvider: OpenVPNTunnelProvider {
}

28
Demo/TunnelKit.xcodeproj/project.pbxproj
View File

@ -29,10 +29,10 @@
0E1108B11F77B9F900A92462 /* Main.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = 0E1108AF1F77B9F900A92462 /* Main.storyboard */; };
0E1108B31F77B9F900A92462 /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 0E1108B21F77B9F900A92462 /* Assets.xcassets */; };
0E1108B61F77B9F900A92462 /* LaunchScreen.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = 0E1108B41F77B9F900A92462 /* LaunchScreen.storyboard */; };
0E80FA5127396F5F000F5A45 /* TunnelKitOpenVPNAppExtension in Frameworks */ = {isa = PBXBuildFile; productRef = 0E80FA5027396F5F000F5A45 /* TunnelKitOpenVPNAppExtension */; };
0E80FA5327396F66000F5A45 /* TunnelKitOpenVPNAppExtension in Frameworks */ = {isa = PBXBuildFile; productRef = 0E80FA5227396F66000F5A45 /* TunnelKitOpenVPNAppExtension */; };
0EFD5B312727250500C7D5FD /* TunnelKitOpenVPN in Frameworks */ = {isa = PBXBuildFile; productRef = 0EFD5B302727250500C7D5FD /* TunnelKitOpenVPN */; };
0EFD5B332727250B00C7D5FD /* TunnelKitOpenVPN in Frameworks */ = {isa = PBXBuildFile; productRef = 0EFD5B322727250B00C7D5FD /* TunnelKitOpenVPN */; };
0EFD5B352727250E00C7D5FD /* TunnelKitOpenVPN in Frameworks */ = {isa = PBXBuildFile; productRef = 0EFD5B342727250E00C7D5FD /* TunnelKitOpenVPN */; };
0EFD5B372727251200C7D5FD /* TunnelKitOpenVPN in Frameworks */ = {isa = PBXBuildFile; productRef = 0EFD5B362727251200C7D5FD /* TunnelKitOpenVPN */; };
/* End PBXBuildFile section */
/* Begin PBXContainerItemProxy section */
@ -166,8 +166,8 @@
isa = PBXFrameworksBuildPhase;
buildActionMask = 2147483647;
files = (
0EFD5B352727250E00C7D5FD /* TunnelKitOpenVPN in Frameworks */,
0E0541A125A2343500EFC5FF /* NetworkExtension.framework in Frameworks */,
0E80FA5127396F5F000F5A45 /* TunnelKitOpenVPNAppExtension in Frameworks */,
);
runOnlyForDeploymentPostprocessing = 0;
};
@ -183,7 +183,7 @@
isa = PBXFrameworksBuildPhase;
buildActionMask = 2147483647;
files = (
0EFD5B372727251200C7D5FD /* TunnelKitOpenVPN in Frameworks */,
0E80FA5327396F66000F5A45 /* TunnelKitOpenVPNAppExtension in Frameworks */,
0E05427825A239C600EFC5FF /* NetworkExtension.framework in Frameworks */,
);
runOnlyForDeploymentPostprocessing = 0;
@ -343,7 +343,7 @@
);
name = "TunnelKitDemoTunnel-iOS";
packageProductDependencies = (
0EFD5B342727250E00C7D5FD /* TunnelKitOpenVPN */,
0E80FA5027396F5F000F5A45 /* TunnelKitOpenVPNAppExtension */,
);
productName = Tunnel;
productReference = 0E05419F25A2343500EFC5FF /* TunnelKitDemoTunnel-iOS.appex */;
@ -386,7 +386,7 @@
);
name = "TunnelKitDemoTunnel-macOS";
packageProductDependencies = (
0EFD5B362727251200C7D5FD /* TunnelKitOpenVPN */,
0E80FA5227396F66000F5A45 /* TunnelKitOpenVPNAppExtension */,
);
productName = Tunnel;
productReference = 0E05427725A239C600EFC5FF /* TunnelKitDemoTunnel-macOS.appex */;
@ -1032,6 +1032,14 @@
/* End XCConfigurationList section */
/* Begin XCSwiftPackageProductDependency section */
0E80FA5027396F5F000F5A45 /* TunnelKitOpenVPNAppExtension */ = {
isa = XCSwiftPackageProductDependency;
productName = TunnelKitOpenVPNAppExtension;
};
0E80FA5227396F66000F5A45 /* TunnelKitOpenVPNAppExtension */ = {
isa = XCSwiftPackageProductDependency;
productName = TunnelKitOpenVPNAppExtension;
};
0EFD5B302727250500C7D5FD /* TunnelKitOpenVPN */ = {
isa = XCSwiftPackageProductDependency;
productName = TunnelKitOpenVPN;
@ -1040,14 +1048,6 @@
isa = XCSwiftPackageProductDependency;
productName = TunnelKitOpenVPN;
};
0EFD5B342727250E00C7D5FD /* TunnelKitOpenVPN */ = {
isa = XCSwiftPackageProductDependency;
productName = TunnelKitOpenVPN;
};
0EFD5B362727251200C7D5FD /* TunnelKitOpenVPN */ = {
isa = XCSwiftPackageProductDependency;
productName = TunnelKitOpenVPN;
};
/* End XCSwiftPackageProductDependency section */
};
rootObject = 0E17D7F01F730D9F009EE129 /* Project object */;

2
Package.resolved
View File

@ -6,7 +6,7 @@
"repositoryURL": "https://github.com/keeshux/openssl-apple",
"state": {
"branch": null,
"revision": "1889136399ba40e4fc358cfe7fafef7170aac3f7",
"revision": "37043e7c92c9fb348d1d668b0402148c9fa9873c",
"version": "1.1.112"
}
},

96
Package.swift
View File

@ -12,11 +12,7 @@ let package = Package(
// Products define the executables and libraries a package produces, and make them visible to other packages.
.library(
name: "TunnelKit",
targets: [
"TunnelKitCore",
"TunnelKitAppExtension",
"TunnelKitManager"
]
targets: ["TunnelKit"]
),
.library(
name: "TunnelKitIKE",
@ -26,6 +22,10 @@ let package = Package(
name: "TunnelKitOpenVPN",
targets: ["TunnelKitOpenVPN"]
),
.library(
name: "TunnelKitOpenVPNAppExtension",
targets: ["TunnelKitOpenVPNAppExtension"]
),
.library(
name: "TunnelKitLZO",
targets: ["TunnelKitLZO"]
@ -40,41 +40,71 @@ let package = Package(
targets: [
// Targets are the basic building blocks of a package. A target can define a module or a test suite.
// Targets can depend on other targets in this package, and on products in packages this package depends on.
.target(
name: "TunnelKit",
dependencies: [
"TunnelKitCore",
"TunnelKitManager"
]
),
.target(
name: "TunnelKitCore",
dependencies: [
"_TunnelKitUtils",
"_TunnelKitCoreObjC",
"SwiftyBeaver"]),
"__TunnelKitUtils",
"CTunnelKitCore",
"SwiftyBeaver"
]),
.target(
name: "_TunnelKitCoreObjC",
dependencies: []),
name: "TunnelKitManager",
dependencies: [
"TunnelKitCore"
]),
.target(
name: "TunnelKitAppExtension",
dependencies: [
"TunnelKitCore",
"SwiftyBeaver"]),
.target(
name: "TunnelKitManager",
dependencies: [
"TunnelKitCore"]),
"SwiftyBeaver"
]),
.target(
name: "TunnelKitIKE",
dependencies: [
"TunnelKitCore",
"TunnelKitManager"]),
"TunnelKitManager"
]),
.target(
name: "TunnelKitOpenVPN",
dependencies: [
"TunnelKitCore",
"_TunnelKitOpenVPNObjC",
"TunnelKitAppExtension",
"TunnelKitManager"]),
"TunnelKitOpenVPNCore",
"TunnelKitOpenVPNManager"
]),
//
.target(
name: "_TunnelKitOpenVPNObjC",
name: "TunnelKitOpenVPNCore",
dependencies: [
"openssl-apple",
"_TunnelKitCoreObjC"]),
"TunnelKitCore",
"CTunnelKitOpenVPNCore",
"CTunnelKitOpenVPNProtocol" // FIXME: remove dependency on TLSBox
]),
.target(
name: "TunnelKitOpenVPNManager",
dependencies: [
"TunnelKitManager",
"TunnelKitOpenVPNCore"
]),
.target(
name: "TunnelKitOpenVPNProtocol",
dependencies: [
"TunnelKitOpenVPNCore",
"CTunnelKitOpenVPNProtocol"
]),
.target(
name: "TunnelKitOpenVPNAppExtension",
dependencies: [
"TunnelKitAppExtension",
"TunnelKitOpenVPNCore",
"TunnelKitOpenVPNManager",
"TunnelKitOpenVPNProtocol"
]),
.target(
name: "TunnelKitLZO",
dependencies: [],
@ -84,9 +114,24 @@ let package = Package(
"lib/README.LZO",
"lib/testmini.c"
]),
//
.target(
name: "_TunnelKitUtils",
name: "CTunnelKitCore",
dependencies: []),
.target(
name: "CTunnelKitOpenVPNCore",
dependencies: []),
.target(
name: "CTunnelKitOpenVPNProtocol",
dependencies: [
"CTunnelKitCore",
"CTunnelKitOpenVPNCore",
"openssl-apple"
]),
.target(
name: "__TunnelKitUtils",
dependencies: []),
//
.testTarget(
name: "TunnelKitCoreTests",
dependencies: [
@ -95,7 +140,8 @@ let package = Package(
.testTarget(
name: "TunnelKitOpenVPNTests",
dependencies: [
"TunnelKitOpenVPN",
"TunnelKitOpenVPNCore",
"TunnelKitOpenVPNAppExtension",
"TunnelKitLZO"
],
resources: [

0
Sources/_TunnelKitCoreObjC/Allocation.m → Sources/CTunnelKitCore/Allocation.m
View File

0
Sources/_TunnelKitCoreObjC/Errors.m → Sources/CTunnelKitCore/Errors.m
View File

0
Sources/_TunnelKitCoreObjC/LZOFactory.m → Sources/CTunnelKitCore/LZOFactory.m
View File

0
Sources/_TunnelKitCoreObjC/RoutingTable.m → Sources/CTunnelKitCore/RoutingTable.m
View File

0
Sources/_TunnelKitCoreObjC/RoutingTableEntry.m → Sources/CTunnelKitCore/RoutingTableEntry.m
View File

0
Sources/_TunnelKitCoreObjC/ZeroingData.m → Sources/CTunnelKitCore/ZeroingData.m
View File

0
Sources/_TunnelKitCoreObjC/include/Allocation.h → Sources/CTunnelKitCore/include/Allocation.h
View File

0
Sources/_TunnelKitCoreObjC/include/CompressionProvider.h → Sources/CTunnelKitCore/include/CompressionProvider.h
View File

0
Sources/_TunnelKitCoreObjC/include/Errors.h → Sources/CTunnelKitCore/include/Errors.h
View File

0
Sources/_TunnelKitCoreObjC/include/LZOFactory.h → Sources/CTunnelKitCore/include/LZOFactory.h
View File

0
Sources/_TunnelKitCoreObjC/include/RoutingTable.h → Sources/CTunnelKitCore/include/RoutingTable.h
View File

0
Sources/_TunnelKitCoreObjC/include/RoutingTableEntry.h → Sources/CTunnelKitCore/include/RoutingTableEntry.h
View File

0
Sources/_TunnelKitCoreObjC/include/ZeroingData.h → Sources/CTunnelKitCore/include/ZeroingData.h
View File

0
Sources/_TunnelKitCoreObjC/include/route.h → Sources/CTunnelKitCore/include/route.h
View File

1
Sources/CTunnelKitOpenVPNCore/Dummy.m Normal file
View File

@ -0,0 +1 @@

0
Sources/_TunnelKitOpenVPNObjC/include/CompressionAlgorithmNative.h → Sources/CTunnelKitOpenVPNCore/include/CompressionAlgorithmNative.h
View File

0
Sources/_TunnelKitOpenVPNObjC/include/CompressionFramingNative.h → Sources/CTunnelKitOpenVPNCore/include/CompressionFramingNative.h
View File

0
Sources/_TunnelKitOpenVPNObjC/ControlPacket.m → Sources/CTunnelKitOpenVPNProtocol/ControlPacket.m
View File

0
Sources/_TunnelKitOpenVPNObjC/CryptoAEAD.m → Sources/CTunnelKitOpenVPNProtocol/CryptoAEAD.m
View File

0
Sources/_TunnelKitOpenVPNObjC/CryptoBox.m → Sources/CTunnelKitOpenVPNProtocol/CryptoBox.m
View File

0
Sources/_TunnelKitOpenVPNObjC/CryptoCBC.m → Sources/CTunnelKitOpenVPNProtocol/CryptoCBC.m
View File

0
Sources/_TunnelKitOpenVPNObjC/CryptoCTR.m → Sources/CTunnelKitOpenVPNProtocol/CryptoCTR.m
View File

0
Sources/_TunnelKitOpenVPNObjC/DataPath.m → Sources/CTunnelKitOpenVPNProtocol/DataPath.m
View File

0
Sources/_TunnelKitOpenVPNObjC/MSS.m → Sources/CTunnelKitOpenVPNProtocol/MSS.m
View File

0
Sources/_TunnelKitOpenVPNObjC/PacketMacros.m → Sources/CTunnelKitOpenVPNProtocol/PacketMacros.m
View File

0
Sources/_TunnelKitOpenVPNObjC/PacketStream.m → Sources/CTunnelKitOpenVPNProtocol/PacketStream.m
View File

0
Sources/_TunnelKitOpenVPNObjC/ReplayProtector.m → Sources/CTunnelKitOpenVPNProtocol/ReplayProtector.m
View File

0
Sources/_TunnelKitOpenVPNObjC/TLSBox.m → Sources/CTunnelKitOpenVPNProtocol/TLSBox.m
View File

0
Sources/_TunnelKitOpenVPNObjC/include/ControlPacket.h → Sources/CTunnelKitOpenVPNProtocol/include/ControlPacket.h
View File

0
Sources/_TunnelKitOpenVPNObjC/include/Crypto.h → Sources/CTunnelKitOpenVPNProtocol/include/Crypto.h
View File

0
Sources/_TunnelKitOpenVPNObjC/include/CryptoAEAD.h → Sources/CTunnelKitOpenVPNProtocol/include/CryptoAEAD.h
View File

0
Sources/_TunnelKitOpenVPNObjC/include/CryptoBox.h → Sources/CTunnelKitOpenVPNProtocol/include/CryptoBox.h
View File

0
Sources/_TunnelKitOpenVPNObjC/include/CryptoCBC.h → Sources/CTunnelKitOpenVPNProtocol/include/CryptoCBC.h
View File

0
Sources/_TunnelKitOpenVPNObjC/include/CryptoCTR.h → Sources/CTunnelKitOpenVPNProtocol/include/CryptoCTR.h
View File

0
Sources/_TunnelKitOpenVPNObjC/include/CryptoMacros.h → Sources/CTunnelKitOpenVPNProtocol/include/CryptoMacros.h
View File

3
Sources/_TunnelKitOpenVPNObjC/include/DataPath.h → Sources/CTunnelKitOpenVPNProtocol/include/DataPath.h
View File

@ -36,8 +36,7 @@
#import <Foundation/Foundation.h>
#import "CompressionFramingNative.h"
#import "CompressionAlgorithmNative.h"
@import CTunnelKitOpenVPNCore;
NS_ASSUME_NONNULL_BEGIN

0
Sources/_TunnelKitOpenVPNObjC/include/DataPathCrypto.h → Sources/CTunnelKitOpenVPNProtocol/include/DataPathCrypto.h
View File

0
Sources/_TunnelKitOpenVPNObjC/include/MSS.h → Sources/CTunnelKitOpenVPNProtocol/include/MSS.h
View File

0
Sources/_TunnelKitOpenVPNObjC/include/PacketMacros.h → Sources/CTunnelKitOpenVPNProtocol/include/PacketMacros.h
View File

0
Sources/_TunnelKitOpenVPNObjC/include/PacketStream.h → Sources/CTunnelKitOpenVPNProtocol/include/PacketStream.h
View File

0
Sources/_TunnelKitOpenVPNObjC/include/ReplayProtector.h → Sources/CTunnelKitOpenVPNProtocol/include/ReplayProtector.h
View File

0
Sources/_TunnelKitOpenVPNObjC/include/TLSBox.h → Sources/CTunnelKitOpenVPNProtocol/include/TLSBox.h
View File

2
Sources/TunnelKit/Exports.swift Normal file
View File

@ -0,0 +1,2 @@
@_exported import TunnelKitCore
@_exported import TunnelKitManager

2
Sources/TunnelKitCore/Errors.swift
View File

@ -24,7 +24,7 @@
//
import Foundation
import _TunnelKitCoreObjC
import CTunnelKitCore
extension Error {
public func isTunnelKitError() -> Bool {

4
Sources/TunnelKitCore/SecureRandom.swift
View File

@ -36,8 +36,8 @@
import Foundation
import Security.SecRandom
import _TunnelKitCoreObjC
import _TunnelKitUtils
import CTunnelKitCore
import __TunnelKitUtils
/// :nodoc:
public enum SecureRandomError: Error {

2
Sources/TunnelKitCore/ZeroingData.swift
View File

@ -35,7 +35,7 @@
//
import Foundation
import _TunnelKitCoreObjC
import CTunnelKitCore
public func Z() -> ZeroingData {
return ZeroingData()

2
Sources/TunnelKitLZO/include/Errors.h
View File

@ -1 +1 @@
../../_TunnelKitCoreObjC/include/Errors.h
../../CTunnelKitCore/include/Errors.h

0
Sources/TunnelKitAppExtension/Keychain.swift → Sources/TunnelKitManager/Keychain.swift
View File

151
Sources/TunnelKitOpenVPN/AppExtension/OpenVPNTunnelProvider+Interaction.swift
View File

@ -1,151 +0,0 @@
//
// OpenVPNTunnelProvider+Interaction.swift
// TunnelKit
//
// Created by Davide De Rosa on 9/24/17.
// Copyright (c) 2021 Davide De Rosa. All rights reserved.
//
// https://github.com/passepartoutvpn
//
// This file is part of TunnelKit.
//
// TunnelKit is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// TunnelKit is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with TunnelKit. If not, see <http://www.gnu.org/licenses/>.
//
// This file incorporates work covered by the following copyright and
// permission notice:
//
// Copyright (c) 2018-Present Private Internet Access
//
// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
import Foundation
extension OpenVPNTunnelProvider {
// MARK: Interaction
/// The messages accepted by `OpenVPNTunnelProvider`.
public class Message: Equatable {
/// Requests a snapshot of the latest debug log. Returns the log data decoded from UTF-8.
public static let requestLog = Message(0xff)
/// Requests the current bytes count from data channel (if connected).
///
/// Data is 16 bytes: low 8 = received, high 8 = sent.
public static let dataCount = Message(0xfe)
/// Requests the configuration pulled from the server (if connected and available).
///
/// Data is JSON (Decodable).
public static let serverConfiguration = Message(0xfd)
/// The underlying raw message `Data` to forward to the tunnel via IPC.
public let data: Data
private init(_ byte: UInt8) {
data = Data([byte])
}
init(_ data: Data) {
self.data = data
}
// MARK: Equatable
/// :nodoc:
public static func ==(lhs: Message, rhs: Message) -> Bool {
return (lhs.data == rhs.data)
}
}
// mostly programming errors by host app
enum ProviderConfigurationError: Error {
/// A field in the `OpenVPNTunnelProvider.Configuration` provided is incorrect or incomplete.
case parameter(name: String)
/// Credentials are missing or inaccessible.
case credentials(details: String)
/// The pseudo-random number generator could not be initialized.
case prngInitialization
/// The TLS certificate could not be serialized.
case certificateSerialization
}
/// The errors causing a tunnel disconnection.
public enum ProviderError: String, Error {
/// Socket endpoint could not be resolved.
case dnsFailure
/// No more protocols available to try.
case exhaustedProtocols
/// Socket failed to reach active state.
case socketActivity
/// Credentials authentication failed.
case authentication
/// TLS could not be initialized (e.g. malformed CA or client PEMs).
case tlsInitialization
/// TLS server verification failed.
case tlsServerVerification
/// TLS handshake failed.
case tlsHandshake
/// The encryption logic could not be initialized (e.g. PRNG, algorithms).
case encryptionInitialization
/// Data encryption/decryption failed.
case encryptionData
/// The LZO engine failed.
case lzo
/// Server uses an unsupported compression algorithm.
case serverCompression
/// Tunnel timed out.
case timeout
/// An error occurred at the link level.
case linkError
/// Network routing information is missing or incomplete.
case routing
/// The current network changed (e.g. switched from WiFi to data connection).
case networkChanged
/// Default gateway could not be attained.
case gatewayUnattainable
/// Remove server has shut down.
case serverShutdown
/// The server replied in an unexpected way.
case unexpectedReply
}
}

2
Sources/TunnelKitOpenVPN/Exports.swift Normal file
View File

@ -0,0 +1,2 @@
@_exported import TunnelKitOpenVPNCore
@_exported import TunnelKitOpenVPNManager

7
Sources/TunnelKitOpenVPN/AppExtension/ConnectionStrategy.swift → Sources/TunnelKitOpenVPNAppExtension/ConnectionStrategy.swift
View File

@ -39,6 +39,7 @@ import NetworkExtension
import SwiftyBeaver
import TunnelKitCore
import TunnelKitAppExtension
import TunnelKitOpenVPNManager
private let log = SwiftyBeaver.self
@ -73,7 +74,7 @@ class ConnectionStrategy {
private let resolvedAddresses: [String]
init(configuration: OpenVPNTunnelProvider.Configuration) {
init(configuration: OpenVPNProvider.Configuration) {
hostname = configuration.sessionConfiguration.hostname
guard var endpointProtocols = configuration.sessionConfiguration.endpointProtocols else {
fatalError("No endpoints provided")
@ -170,7 +171,7 @@ class ConnectionStrategy {
guard let hostname = hostname else {
log.error("DNS resolution unavailable: no hostname provided!")
completionHandler(nil, OpenVPNTunnelProvider.ProviderError.dnsFailure)
completionHandler(nil, OpenVPNProviderError.dnsFailure)
return
}
log.debug("DNS resolve hostname: \(hostname.maskedDescription)")
@ -187,7 +188,7 @@ class ConnectionStrategy {
guard self.hasEndpoint() else {
log.error("No endpoints available")
completionHandler(nil, OpenVPNTunnelProvider.ProviderError.dnsFailure)
completionHandler(nil, OpenVPNProviderError.dnsFailure)
return
}

2
Sources/TunnelKitOpenVPN/AppExtension/NETCPLink.swift → Sources/TunnelKitOpenVPNAppExtension/NETCPLink.swift
View File

@ -27,7 +27,7 @@ import Foundation
import NetworkExtension
import TunnelKitCore
import TunnelKitAppExtension
import _TunnelKitOpenVPNObjC
import CTunnelKitOpenVPNProtocol
class NETCPLink: LinkInterface {
private let impl: NWTCPConnection

0
Sources/TunnelKitOpenVPN/AppExtension/NEUDPLink.swift → Sources/TunnelKitOpenVPNAppExtension/NEUDPLink.swift
View File

44
Sources/TunnelKitOpenVPN/AppExtension/OpenVPNTunnelProvider.swift → Sources/TunnelKitOpenVPNAppExtension/OpenVPNTunnelProvider.swift
View File

@ -42,8 +42,12 @@ import SystemConfiguration.CaptiveNetwork
import CoreWLAN
#endif
import TunnelKitCore
import _TunnelKitCoreObjC
import TunnelKitOpenVPNCore
import TunnelKitManager
import TunnelKitOpenVPNManager
import TunnelKitOpenVPNProtocol
import TunnelKitAppExtension
import CTunnelKitCore
private let log = SwiftyBeaver.self
@ -117,7 +121,7 @@ open class OpenVPNTunnelProvider: NEPacketTunnelProvider {
private lazy var defaults = UserDefaults(suiteName: appGroup)
private var cfg: Configuration!
private var cfg: OpenVPNProvider.Configuration!
private var strategy: ConnectionStrategy!
@ -150,16 +154,16 @@ open class OpenVPNTunnelProvider: NEPacketTunnelProvider {
// required configuration
do {
guard let tunnelProtocol = protocolConfiguration as? NETunnelProviderProtocol else {
throw ProviderConfigurationError.parameter(name: "protocolConfiguration")
throw OpenVPNProviderConfigurationError.parameter(name: "protocolConfiguration")
}
guard let serverAddress = tunnelProtocol.serverAddress else {
throw ProviderConfigurationError.parameter(name: "protocolConfiguration.serverAddress")
throw OpenVPNProviderConfigurationError.parameter(name: "protocolConfiguration.serverAddress")
}
guard let providerConfiguration = tunnelProtocol.providerConfiguration else {
throw ProviderConfigurationError.parameter(name: "protocolConfiguration.providerConfiguration")
throw OpenVPNProviderConfigurationError.parameter(name: "protocolConfiguration.providerConfiguration")
}
try appGroup = Configuration.appGroup(from: providerConfiguration)
try cfg = Configuration.parsed(from: providerConfiguration)
try appGroup = OpenVPNProvider.Configuration.appGroup(from: providerConfiguration)
try cfg = OpenVPNProvider.Configuration.parsed(from: providerConfiguration)
// inject serverAddress into sessionConfiguration.hostname
if !serverAddress.isEmpty {
@ -171,7 +175,7 @@ open class OpenVPNTunnelProvider: NEPacketTunnelProvider {
}
} catch let e {
var message: String?
if let te = e as? ProviderConfigurationError {
if let te = e as? OpenVPNProviderConfigurationError {
switch te {
case .parameter(let name):
message = "Tunnel configuration incomplete: \(name)"
@ -217,7 +221,7 @@ open class OpenVPNTunnelProvider: NEPacketTunnelProvider {
if let username = protocolConfiguration.username, let passwordReference = protocolConfiguration.passwordReference {
let keychain = Keychain(group: appGroup)
guard let password = try? keychain.password(for: username, reference: passwordReference) else {
completionHandler(ProviderConfigurationError.credentials(details: "keychain.password(for:, reference:)"))
completionHandler(OpenVPNProviderConfigurationError.credentials(details: "keychain.password(for:, reference:)"))
return
}
credentials = OpenVPN.Credentials(username, password)
@ -229,7 +233,7 @@ open class OpenVPNTunnelProvider: NEPacketTunnelProvider {
cfg.clearLastError(in: appGroup)
guard OpenVPN.prepareRandomNumberGenerator(seedLength: prngSeedLength) else {
completionHandler(ProviderConfigurationError.prngInitialization)
completionHandler(OpenVPNProviderConfigurationError.prngInitialization)
return
}
@ -292,7 +296,7 @@ open class OpenVPNTunnelProvider: NEPacketTunnelProvider {
/// :nodoc:
open override func handleAppMessage(_ messageData: Data, completionHandler: ((Data?) -> Void)? = nil) {
var response: Data?
switch Message(messageData) {
switch OpenVPNProvider.Message(messageData) {
case .requestLog:
response = memoryLog.description.data(using: .utf8)
@ -398,7 +402,7 @@ open class OpenVPNTunnelProvider: NEPacketTunnelProvider {
// from stopTunnel(), in which case we don't need to feed an error parameter to
// the stop completion handler
//
pendingStartHandler?(error ?? ProviderError.socketActivity)
pendingStartHandler?(error ?? OpenVPNProviderError.socketActivity)
pendingStartHandler = nil
}
// stopped intentionally
@ -476,7 +480,7 @@ extension OpenVPNTunnelProvider: GenericSocketDelegate {
// look for error causing shutdown
shutdownError = session.stopError
if failure && (shutdownError == nil) {
shutdownError = ProviderError.linkError
shutdownError = OpenVPNProviderError.linkError
}
didTimeoutNegotiation = (shutdownError as? OpenVPNError == .negotiationTimeout)
@ -522,7 +526,7 @@ extension OpenVPNTunnelProvider: GenericSocketDelegate {
public func socketHasBetterPath(_ socket: GenericSocket) {
log.debug("Stopping tunnel due to a new better path")
logCurrentSSID()
session?.reconnect(error: ProviderError.networkChanged)
session?.reconnect(error: OpenVPNProviderError.networkChanged)
}
}
@ -683,7 +687,7 @@ extension OpenVPNTunnelProvider: OpenVPNSessionDelegate {
hasGateway = true
}
guard !isGateway || hasGateway else {
session?.shutdown(error: ProviderError.gatewayUnattainable)
session?.shutdown(error: OpenVPNProviderError.gatewayUnattainable)
return
}
@ -704,7 +708,7 @@ extension OpenVPNTunnelProvider: OpenVPNSessionDelegate {
case .tls:
guard let dnsServers = cfg.sessionConfiguration.dnsServers else {
session?.shutdown(error: ProviderError.dnsFailure)
session?.shutdown(error: OpenVPNProviderError.dnsFailure)
return
}
guard let serverName = cfg.sessionConfiguration.dnsTLSServerName else {
@ -848,7 +852,7 @@ extension OpenVPNTunnelProvider: OpenVPNSessionDelegate {
extension OpenVPNTunnelProvider {
private func tryNextEndpoint() -> Bool {
guard strategy.tryNextEndpoint() else {
disposeTunnel(error: ProviderError.exhaustedProtocols)
disposeTunnel(error: OpenVPNProviderError.exhaustedProtocols)
return false
}
return true
@ -900,10 +904,10 @@ extension OpenVPNTunnelProvider {
// MARK: Errors
private func setErrorStatus(with error: Error) {
defaults?.set(unifiedError(from: error).rawValue, forKey: Configuration.lastErrorKey)
defaults?.set(unifiedError(from: error).rawValue, forKey: OpenVPNProvider.Configuration.lastErrorKey)
}
private func unifiedError(from error: Error) -> ProviderError {
private func unifiedError(from error: Error) -> OpenVPNProviderError {
if let te = error.tunnelKitErrorCode() {
switch te {
case .cryptoRandomGenerator, .cryptoAlgorithm:
@ -957,7 +961,7 @@ extension OpenVPNTunnelProvider {
return .unexpectedReply
}
}
return error as? ProviderError ?? .linkError
return error as? OpenVPNProviderError ?? .linkError
}
}

5
Sources/TunnelKitOpenVPN/CompressionAlgorithm.swift → Sources/TunnelKitOpenVPNCore/CompressionAlgorithm.swift
View File

@ -24,7 +24,7 @@
//
import Foundation
import _TunnelKitOpenVPNObjC
import CTunnelKitOpenVPNCore
extension OpenVPN {
@ -40,7 +40,8 @@ extension OpenVPN {
/// Any other compression algorithm (unsupported).
case other
var native: CompressionAlgorithmNative {
/// :nodoc:
public var native: CompressionAlgorithmNative {
guard let val = CompressionAlgorithmNative(rawValue: rawValue) else {
fatalError("Unhandled CompressionAlgorithm bridging")
}

5
Sources/TunnelKitOpenVPN/CompressionFraming.swift → Sources/TunnelKitOpenVPNCore/CompressionFraming.swift
View File

@ -24,7 +24,7 @@
//
import Foundation
import _TunnelKitOpenVPNObjC
import CTunnelKitOpenVPNCore
extension OpenVPN {
@ -43,7 +43,8 @@ extension OpenVPN {
/// Framing compatible with 2.4 `compress` (version 2, e.g. stub-v2).
case compressV2
var native: CompressionFramingNative {
/// :nodoc:
public var native: CompressionFramingNative {
guard let val = CompressionFramingNative(rawValue: rawValue) else {
fatalError("Unhandled CompressionFraming bridging")
}

4
Sources/TunnelKitOpenVPN/Configuration.swift → Sources/TunnelKitOpenVPNCore/Configuration.swift
View File

@ -561,7 +561,9 @@ extension OpenVPN.Configuration {
// MARK: Encoding
extension OpenVPN.Configuration {
func print() {
/// :nodoc:
public func print() {
guard let endpointProtocols = endpointProtocols else {
fatalError("No sessionConfiguration.endpointProtocols set")
}

10
Sources/TunnelKitOpenVPN/ConfigurationParser.swift → Sources/TunnelKitOpenVPNCore/ConfigurationParser.swift
View File

@ -26,8 +26,8 @@
import Foundation
import SwiftyBeaver
import TunnelKitCore
import _TunnelKitCoreObjC
import _TunnelKitUtils
import CTunnelKitCore
import __TunnelKitUtils
private let log = SwiftyBeaver.self
@ -38,7 +38,7 @@ extension OpenVPN {
// XXX: parsing is very optimistic
struct Regex {
public struct Regex {
// MARK: General
@ -84,7 +84,8 @@ extension OpenVPN {
// MARK: Server
static let authToken = NSRegularExpression("^auth-token +[a-zA-Z0-9/=+]+")
/// :nodoc:
public static let authToken = NSRegularExpression("^auth-token +[a-zA-Z0-9/=+]+")
static let peerId = NSRegularExpression("^peer-id +[0-9]+")
@ -679,6 +680,7 @@ extension OpenVPN {
sessionBuilder.clientCertificate = optClientCertificate
if let clientKey = optClientKey, clientKey.isEncrypted {
// FIXME: remove dependency on TLSBox
guard let passphrase = passphrase else {
throw ConfigurationError.encryptionPassphrase
}

5
Sources/TunnelKitOpenVPN/CryptoContainer.swift → Sources/TunnelKitOpenVPNCore/CryptoContainer.swift
View File

@ -35,7 +35,9 @@
//
import Foundation
import _TunnelKitOpenVPNObjC
// FIXME: remove dependency on TLSBox
import CTunnelKitOpenVPNProtocol
extension OpenVPN {
@ -65,6 +67,7 @@ extension OpenVPN {
try pem.write(to: url, atomically: true, encoding: .ascii)
}
// FIXME: remove dependency on TLSBox
func decrypted(with passphrase: String) throws -> CryptoContainer {
let decryptedPEM = try TLSBox.decryptedPrivateKey(fromPEM: pem, passphrase: passphrase)
return CryptoContainer(pem: decryptedPEM)

30
Sources/TunnelKitOpenVPNCore/OpenVPN.swift Normal file
View File

@ -0,0 +1,30 @@
//
// OpenVPN.swift
// TunnelKit
//
// Created by Davide De Rosa on 5/19/19.
// Copyright (c) 2021 Davide De Rosa. All rights reserved.
//
// https://github.com/passepartoutvpn
//
// This file is part of TunnelKit.
//
// TunnelKit is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// TunnelKit is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with TunnelKit. If not, see <http://www.gnu.org/licenses/>.
//
import Foundation
/// Container for OpenVPN classes.
public class OpenVPN {
}

0
Sources/TunnelKitOpenVPN/OpenVPNError.swift → Sources/TunnelKitOpenVPNCore/OpenVPNError.swift
View File

5
Sources/TunnelKitOpenVPN/StaticKey.swift → Sources/TunnelKitOpenVPNCore/StaticKey.swift
View File

@ -25,7 +25,7 @@
import Foundation
import TunnelKitCore
import _TunnelKitCoreObjC
import CTunnelKitCore
extension OpenVPN {
@ -61,7 +61,8 @@ extension OpenVPN {
private let secureData: ZeroingData
let direction: Direction?
/// :nodoc:
public let direction: Direction?
/// Returns the encryption key.
///

0
Sources/TunnelKitOpenVPN/TLSWrap.swift → Sources/TunnelKitOpenVPNCore/TLSWrap.swift
View File

75
Sources/TunnelKitOpenVPN/AppExtension/OpenVPNTunnelProvider+Configuration.swift → Sources/TunnelKitOpenVPNManager/OpenVPNProvider+Configuration.swift
View File

@ -1,5 +1,5 @@
//
// OpenVPNTunnelProvider+Configuration.swift
// OpenVPNProvider+Configuration.swift
// TunnelKit
//
// Created by Davide De Rosa on 10/23/17.
@ -38,20 +38,21 @@ import Foundation
import NetworkExtension
import SwiftyBeaver
import TunnelKitCore
import _TunnelKitCoreObjC
import TunnelKitAppExtension
import _TunnelKitUtils
import TunnelKitOpenVPNCore
import TunnelKitManager
import CTunnelKitCore
import __TunnelKitUtils
private let log = SwiftyBeaver.self
extension OpenVPNTunnelProvider {
extension OpenVPNProvider {
private struct ExtraKeys {
static let appGroup = "appGroup"
}
// MARK: Configuration
/// The way to create a `OpenVPNTunnelProvider.Configuration` object for the tunnel profile.
/// The way to create a `OpenVPNProvider.Configuration` object for the tunnel profile.
public struct ConfigurationBuilder {
/// :nodoc:
@ -108,9 +109,9 @@ extension OpenVPNTunnelProvider {
}
/**
Builds a `OpenVPNTunnelProvider.Configuration` object that will connect to the provided endpoint.
Builds a `OpenVPNProvider.Configuration` object that will connect to the provided endpoint.
- Returns: A `OpenVPNTunnelProvider.Configuration` object with this builder and the additional method parameters.
- Returns: A `OpenVPNProvider.Configuration` object with this builder and the additional method parameters.
*/
public func build() -> Configuration {
return Configuration(
@ -125,35 +126,36 @@ extension OpenVPNTunnelProvider {
}
}
/// Offers a bridge between the abstract `OpenVPNTunnelProvider.ConfigurationBuilder` and a concrete `NETunnelProviderProtocol` profile.
/// Offers a bridge between the abstract `OpenVPNProvider.ConfigurationBuilder` and a concrete `NETunnelProviderProtocol` profile.
public struct Configuration: Codable {
/// - Seealso: `OpenVPNTunnelProvider.ConfigurationBuilder.sessionConfiguration`
/// - Seealso: `OpenVPNProvider.ConfigurationBuilder.sessionConfiguration`
public let sessionConfiguration: OpenVPN.Configuration
/// - Seealso: `OpenVPNTunnelProvider.ConfigurationBuilder.prefersResolvedAddresses`
/// - Seealso: `OpenVPNProvider.ConfigurationBuilder.prefersResolvedAddresses`
public let prefersResolvedAddresses: Bool
/// - Seealso: `OpenVPNTunnelProvider.ConfigurationBuilder.resolvedAddresses`
/// - Seealso: `OpenVPNProvider.ConfigurationBuilder.resolvedAddresses`
public let resolvedAddresses: [String]?
/// - Seealso: `OpenVPNTunnelProvider.ConfigurationBuilder.shouldDebug`
/// - Seealso: `OpenVPNProvider.ConfigurationBuilder.shouldDebug`
public let shouldDebug: Bool
/// - Seealso: `OpenVPNTunnelProvider.ConfigurationBuilder.debugLogFormat`
/// - Seealso: `OpenVPNProvider.ConfigurationBuilder.debugLogFormat`
public let debugLogFormat: String?
/// - Seealso: `OpenVPNTunnelProvider.ConfigurationBuilder.masksPrivateData`
/// - Seealso: `OpenVPNProvider.ConfigurationBuilder.masksPrivateData`
public let masksPrivateData: Bool?
/// - Seealso: `OpenVPNTunnelProvider.ConfigurationBuilder.versionIdentifier`
/// - Seealso: `OpenVPNProvider.ConfigurationBuilder.versionIdentifier`
public let versionIdentifier: String?
// MARK: Shortcuts
static let debugLogFilename = "debug.log"
static let lastErrorKey = "TunnelKitLastError"
/// :nodoc:
public static let lastErrorKey = "TunnelKitLastError"
fileprivate static let dataCountKey = "TunnelKitDataCount"
@ -192,11 +194,11 @@ extension OpenVPNTunnelProvider {
- Parameter in: The app group where to locate the error key.
- Returns: The last tunnel error, if any.
*/
public func lastError(in appGroup: String) -> ProviderError? {
public func lastError(in appGroup: String) -> OpenVPNProviderError? {
guard let rawValue = UserDefaults(suiteName: appGroup)?.string(forKey: Configuration.lastErrorKey) else {
return nil
}
return ProviderError(rawValue: rawValue)
return OpenVPNProviderError(rawValue: rawValue)
}
/**
@ -231,26 +233,26 @@ extension OpenVPNTunnelProvider {
- Parameter from: The map to parse.
- Returns: The parsed app group.
- Throws: `ProviderError.configuration` if `providerConfiguration` does not contain an app group.
- Throws: `OpenVPNProviderError.configuration` if `providerConfiguration` does not contain an app group.
*/
public static func appGroup(from providerConfiguration: [String: Any]) throws -> String {
guard let appGroup = providerConfiguration[ExtraKeys.appGroup] as? String else {
throw ProviderConfigurationError.parameter(name: "protocolConfiguration.providerConfiguration[\(ExtraKeys.appGroup)]")
throw OpenVPNProviderConfigurationError.parameter(name: "protocolConfiguration.providerConfiguration[\(ExtraKeys.appGroup)]")
}
return appGroup
}
/**
Parses a new `OpenVPNTunnelProvider.Configuration` object from a provider configuration map.
Parses a new `OpenVPNProvider.Configuration` object from a provider configuration map.
- Parameter from: The map to parse.
- Returns: The parsed `OpenVPNTunnelProvider.Configuration` object.
- Throws: `ProviderError.configuration` if `providerConfiguration` is incomplete.
- Returns: The parsed `OpenVPNProvider.Configuration` object.
- Throws: `OpenVPNProviderError.configuration` if `providerConfiguration` is incomplete.
*/
public static func parsed(from providerConfiguration: [String: Any]) throws -> Configuration {
let cfg = try fromDictionary(OpenVPNTunnelProvider.Configuration.self, providerConfiguration)
let cfg = try fromDictionary(OpenVPNProvider.Configuration.self, providerConfiguration)
guard !cfg.prefersResolvedAddresses || !(cfg.resolvedAddresses?.isEmpty ?? true) else {
throw ProviderConfigurationError.parameter(name: "protocolConfiguration.providerConfiguration[prefersResolvedAddresses] is true but no [resolvedAddresses]")
throw OpenVPNProviderConfigurationError.parameter(name: "protocolConfiguration.providerConfiguration[prefersResolvedAddresses] is true but no [resolvedAddresses]")
}
return cfg
}
@ -280,7 +282,7 @@ extension OpenVPNTunnelProvider {
- Parameter context: The keychain context where to look for the password reference.
- Parameter username: The username to authenticate with.
- Returns: The generated `NETunnelProviderProtocol` object.
- Throws: `ProviderError.credentials` if unable to store `credentials.password` to the `appGroup` keychain.
- Throws: `OpenVPNProviderError.credentials` if unable to store `credentials.password` to the `appGroup` keychain.
*/
public func generatedTunnelProtocol(
withBundleIdentifier bundleIdentifier: String,
@ -302,7 +304,8 @@ extension OpenVPNTunnelProvider {
return protocolConfiguration
}
func print(appVersion: String?) {
/// :nodoc:
public func print(appVersion: String?) {
if let appVersion = appVersion {
log.info("App version: \(appVersion)")
}
@ -315,15 +318,15 @@ extension OpenVPNTunnelProvider {
// MARK: Modification
extension OpenVPNTunnelProvider.Configuration {
extension OpenVPNProvider.Configuration {
/**
Returns a `OpenVPNTunnelProvider.ConfigurationBuilder` to use this configuration as a starting point for a new one.
Returns a `OpenVPNProvider.ConfigurationBuilder` to use this configuration as a starting point for a new one.
- Returns: An editable `OpenVPNTunnelProvider.ConfigurationBuilder` initialized with this configuration.
- Returns: An editable `OpenVPNProvider.ConfigurationBuilder` initialized with this configuration.
*/
public func builder() -> OpenVPNTunnelProvider.ConfigurationBuilder {
var builder = OpenVPNTunnelProvider.ConfigurationBuilder(sessionConfiguration: sessionConfiguration)
public func builder() -> OpenVPNProvider.ConfigurationBuilder {
var builder = OpenVPNProvider.ConfigurationBuilder(sessionConfiguration: sessionConfiguration)
builder.prefersResolvedAddresses = prefersResolvedAddresses
builder.resolvedAddresses = resolvedAddresses
builder.shouldDebug = shouldDebug
@ -338,14 +341,14 @@ extension OpenVPNTunnelProvider.Configuration {
public extension UserDefaults {
@objc var dataCountArray: [Int]? {
get {
return array(forKey: OpenVPNTunnelProvider.Configuration.dataCountKey) as? [Int]
return array(forKey: OpenVPNProvider.Configuration.dataCountKey) as? [Int]
}
set {
set(newValue, forKey: OpenVPNTunnelProvider.Configuration.dataCountKey)
set(newValue, forKey: OpenVPNProvider.Configuration.dataCountKey)
}
}
func removeDataCountArray() {
removeObject(forKey: OpenVPNTunnelProvider.Configuration.dataCountKey)
removeObject(forKey: OpenVPNProvider.Configuration.dataCountKey)
}
}

68
Sources/TunnelKitOpenVPNManager/OpenVPNProvider+Interaction.swift Normal file
View File

@ -0,0 +1,68 @@
//
// OpenVPNProvider+Interaction.swift
// TunnelKit
//
// Created by Davide De Rosa on 9/24/17.
// Copyright (c) 2021 Davide De Rosa. All rights reserved.
//
// https://github.com/passepartoutvpn
//
// This file is part of TunnelKit.
//
// TunnelKit is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// TunnelKit is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with TunnelKit. If not, see <http://www.gnu.org/licenses/>.
//
// This file incorporates work covered by the following copyright and
// permission notice:
//
import Foundation
extension OpenVPNProvider {
/// The messages accepted by `OpenVPNProvider`.
public class Message: Equatable {
/// Requests a snapshot of the latest debug log. Returns the log data decoded from UTF-8.
public static let requestLog = Message(0xff)
/// Requests the current bytes count from data channel (if connected).
///
/// Data is 16 bytes: low 8 = received, high 8 = sent.
public static let dataCount = Message(0xfe)
/// Requests the configuration pulled from the server (if connected and available).
///
/// Data is JSON (Decodable).
public static let serverConfiguration = Message(0xfd)
/// The underlying raw message `Data` to forward to the tunnel via IPC.
public let data: Data
private init(_ byte: UInt8) {
data = Data([byte])
}
/// :nodoc:
public init(_ data: Data) {
self.data = data
}
// MARK: Equatable
/// :nodoc:
public static func ==(lhs: Message, rhs: Message) -> Bool {
return (lhs.data == rhs.data)
}
}
}

7
Sources/TunnelKitOpenVPN/OpenVPNProvider.swift → Sources/TunnelKitOpenVPNManager/OpenVPNProvider.swift
View File

@ -25,6 +25,7 @@
import Foundation
import NetworkExtension
import TunnelKitOpenVPNCore
import TunnelKitManager
/// `VPNProvider` for OpenVPN protocol.
@ -105,7 +106,7 @@ public class OpenVPNProvider: VPNProvider, VPNProviderIPC {
return
}
do {
try session.sendProviderMessage(OpenVPNTunnelProvider.Message.dataCount.data) { (data) in
try session.sendProviderMessage(Message.dataCount.data) { (data) in
guard let data = data, data.count == 16 else {
DispatchQueue.main.async {
completionHandler(nil)
@ -135,7 +136,7 @@ public class OpenVPNProvider: VPNProvider, VPNProviderIPC {
return
}
do {
try session.sendProviderMessage(OpenVPNTunnelProvider.Message.serverConfiguration.data) { (data) in
try session.sendProviderMessage(Message.serverConfiguration.data) { (data) in
guard let data = data, let cfg = try? JSONDecoder().decode(OpenVPN.Configuration.self, from: data) else {
DispatchQueue.main.async {
completionHandler(nil)
@ -168,7 +169,7 @@ public class OpenVPNProvider: VPNProvider, VPNProviderIPC {
private static func requestDebugLog(session: NETunnelProviderSession, completionHandler: @escaping (String?) -> Void) {
do {
try session.sendProviderMessage(OpenVPNTunnelProvider.Message.requestLog.data) { (data) in
try session.sendProviderMessage(Message.requestLog.data) { (data) in
guard let data = data, !data.isEmpty else {
completionHandler(nil)
return

111
Sources/TunnelKitOpenVPNManager/OpenVPNProviderError.swift Normal file
View File

@ -0,0 +1,111 @@
//
// OpenVPNProviderError.swift
// TunnelKit
//
// Created by Davide De Rosa on 11/8/21.
// Copyright (c) 2021 Davide De Rosa. All rights reserved.
//
// https://github.com/passepartoutvpn
//
// This file is part of TunnelKit.
//
// TunnelKit is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// TunnelKit is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with TunnelKit. If not, see <http://www.gnu.org/licenses/>.
//
// This file incorporates work covered by the following copyright and
// permission notice:
//
// Copyright (c) 2018-Present Private Internet Access
//
// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
import Foundation
/// Mostly programming errors by host app.
public enum OpenVPNProviderConfigurationError: Error {
/// A field in the `OpenVPNProvider.Configuration` provided is incorrect or incomplete.
case parameter(name: String)
/// Credentials are missing or inaccessible.
case credentials(details: String)
/// The pseudo-random number generator could not be initialized.
case prngInitialization
/// The TLS certificate could not be serialized.
case certificateSerialization
}
/// The errors causing a tunnel disconnection.
public enum OpenVPNProviderError: String, Error {
/// Socket endpoint could not be resolved.
case dnsFailure
/// No more protocols available to try.
case exhaustedProtocols
/// Socket failed to reach active state.
case socketActivity
/// Credentials authentication failed.
case authentication
/// TLS could not be initialized (e.g. malformed CA or client PEMs).
case tlsInitialization
/// TLS server verification failed.
case tlsServerVerification
/// TLS handshake failed.
case tlsHandshake
/// The encryption logic could not be initialized (e.g. PRNG, algorithms).
case encryptionInitialization
/// Data encryption/decryption failed.
case encryptionData
/// The LZO engine failed.
case lzo
/// Server uses an unsupported compression algorithm.
case serverCompression
/// Tunnel timed out.
case timeout
/// An error occurred at the link level.
case linkError
/// Network routing information is missing or incomplete.
case routing
/// The current network changed (e.g. switched from WiFi to data connection).
case networkChanged
/// Default gateway could not be attained.
case gatewayUnattainable
/// Remove server has shut down.
case serverShutdown
/// The server replied in an unexpected way.
case unexpectedReply
}

5
Sources/TunnelKitOpenVPN/Authenticator.swift → Sources/TunnelKitOpenVPNProtocol/Authenticator.swift
View File

@ -37,8 +37,9 @@
import Foundation
import SwiftyBeaver
import TunnelKitCore
import _TunnelKitCoreObjC
import _TunnelKitOpenVPNObjC
import TunnelKitOpenVPNCore
import CTunnelKitCore
import CTunnelKitOpenVPNProtocol
private let log = SwiftyBeaver.self

5
Sources/TunnelKitOpenVPN/ControlChannel.swift → Sources/TunnelKitOpenVPNProtocol/ControlChannel.swift
View File

@ -26,8 +26,9 @@
import Foundation
import SwiftyBeaver
import TunnelKitCore
import _TunnelKitCoreObjC
import _TunnelKitOpenVPNObjC
import TunnelKitOpenVPNCore
import CTunnelKitCore
import CTunnelKitOpenVPNProtocol
private let log = SwiftyBeaver.self

5
Sources/TunnelKitOpenVPN/ControlChannelSerializer.swift → Sources/TunnelKitOpenVPNProtocol/ControlChannelSerializer.swift
View File

@ -26,8 +26,9 @@
import Foundation
import SwiftyBeaver
import TunnelKitCore
import _TunnelKitCoreObjC
import _TunnelKitOpenVPNObjC
import TunnelKitOpenVPNCore
import CTunnelKitCore
import CTunnelKitOpenVPNProtocol
private let log = SwiftyBeaver.self

4
Sources/TunnelKitOpenVPN/CoreConfiguration+OpenVPN.swift → Sources/TunnelKitOpenVPNProtocol/CoreConfiguration+OpenVPN.swift
View File

@ -36,8 +36,8 @@
import Foundation
import TunnelKitCore
import _TunnelKitCoreObjC
import _TunnelKitOpenVPNObjC
import CTunnelKitCore
import CTunnelKitOpenVPNProtocol
extension CoreConfiguration {
struct OpenVPN {

5
Sources/TunnelKitOpenVPN/EncryptionBridge.swift → Sources/TunnelKitOpenVPNProtocol/EncryptionBridge.swift
View File

@ -36,8 +36,9 @@
import Foundation
import TunnelKitCore
import _TunnelKitCoreObjC
import _TunnelKitOpenVPNObjC
import TunnelKitOpenVPNCore
import CTunnelKitCore
import CTunnelKitOpenVPNProtocol
extension OpenVPN {
class EncryptionBridge {

13
Sources/TunnelKitOpenVPN/OpenVPN.swift → Sources/TunnelKitOpenVPNProtocol/OpenVPN+PRNG.swift
View File

@ -1,8 +1,8 @@
//
// OpenVPN.swift
// OpenVPN+PRNG.swift
// TunnelKit
//
// Created by Davide De Rosa on 5/19/19.
// Created by Davide De Rosa on 11/8/21.
// Copyright (c) 2021 Davide De Rosa. All rights reserved.
//
// https://github.com/passepartoutvpn
@ -25,11 +25,11 @@
import Foundation
import TunnelKitCore
import _TunnelKitCoreObjC
import _TunnelKitOpenVPNObjC
import TunnelKitOpenVPNCore
import CTunnelKitCore
import CTunnelKitOpenVPNProtocol
/// Container for OpenVPN classes.
public class OpenVPN {
extension OpenVPN {
/**
Initializes the PRNG. Must be issued before using `OpenVPNSession`.
@ -45,5 +45,4 @@ public class OpenVPN {
}
return CryptoBox.preparePRNG(withSeed: seed.bytes, length: seed.count)
}
}

1
Sources/TunnelKitOpenVPN/OpenVPNSession+PIA.swift → Sources/TunnelKitOpenVPNProtocol/OpenVPNSession+PIA.swift
View File

@ -36,6 +36,7 @@
import Foundation
import TunnelKitCore
import TunnelKitOpenVPNCore
extension OpenVPNSession {
struct PIAHardReset {

5
Sources/TunnelKitOpenVPN/OpenVPNSession.swift → Sources/TunnelKitOpenVPNProtocol/OpenVPNSession.swift
View File

@ -37,8 +37,9 @@
import Foundation
import SwiftyBeaver
import TunnelKitCore
import _TunnelKitCoreObjC
import _TunnelKitOpenVPNObjC
import TunnelKitOpenVPNCore
import CTunnelKitCore
import CTunnelKitOpenVPNProtocol
private let log = SwiftyBeaver.self

5
Sources/TunnelKitOpenVPN/Packet.swift → Sources/TunnelKitOpenVPNProtocol/Packet.swift
View File

@ -36,8 +36,9 @@
import Foundation
import TunnelKitCore
import _TunnelKitCoreObjC
import _TunnelKitOpenVPNObjC
import TunnelKitOpenVPNCore
import CTunnelKitCore
import CTunnelKitOpenVPNProtocol
/// :nodoc:
extension ControlPacket {

1
Sources/TunnelKitOpenVPN/ProtocolMacros.swift → Sources/TunnelKitOpenVPNProtocol/ProtocolMacros.swift
View File

@ -35,6 +35,7 @@
//
import Foundation
import TunnelKitOpenVPNCore
extension OpenVPN {
class ProtocolMacros {

1
Sources/TunnelKitOpenVPN/PushReply.swift → Sources/TunnelKitOpenVPNProtocol/PushReply.swift
View File

@ -35,6 +35,7 @@
//
import Foundation
import TunnelKitOpenVPNCore
extension OpenVPN {
struct PushReply: CustomStringConvertible {

5
Sources/TunnelKitOpenVPN/SessionKey.swift → Sources/TunnelKitOpenVPNProtocol/SessionKey.swift
View File

@ -37,8 +37,9 @@
import Foundation
import SwiftyBeaver
import TunnelKitCore
import _TunnelKitCoreObjC
import _TunnelKitOpenVPNObjC
import TunnelKitOpenVPNCore
import CTunnelKitCore
import CTunnelKitOpenVPNProtocol
private let log = SwiftyBeaver.self

0
Sources/_TunnelKitUtils/Data+Manipulation.swift → Sources/__TunnelKitUtils/Data+Manipulation.swift
View File

0
Sources/_TunnelKitUtils/NSRegularExpression+Shortcuts.swift → Sources/__TunnelKitUtils/NSRegularExpression+Shortcuts.swift
View File

0
Sources/_TunnelKitUtils/Utils.swift → Sources/__TunnelKitUtils/Utils.swift
View File

2
Tests/TunnelKitCoreTests/RoutingTests.swift
View File

@ -24,7 +24,7 @@
//
import XCTest
import _TunnelKitCoreObjC
import CTunnelKitCore
class RoutingTests: XCTestCase {

2
Tests/TunnelKitLZOTests/CompressionTests.swift
View File

@ -25,7 +25,7 @@
import XCTest
@testable import TunnelKitCore
import _TunnelKitCoreObjC
import CTunnelKitCore
import TunnelKitLZO
class CompressionTests: XCTestCase {

17
Tests/TunnelKitOpenVPNTests/AppExtensionTests.swift
View File

@ -36,9 +36,12 @@
import XCTest
import NetworkExtension
@testable import TunnelKitCore
@testable import TunnelKitOpenVPN
@testable import TunnelKitAppExtension
import TunnelKitCore
import TunnelKitOpenVPNCore
import TunnelKitAppExtension
@testable import TunnelKitOpenVPNAppExtension
import TunnelKitManager
import TunnelKitOpenVPNManager
class AppExtensionTests: XCTestCase {
@ -53,8 +56,8 @@ class AppExtensionTests: XCTestCase {
}
func testConfiguration() {
var builder: OpenVPNTunnelProvider.ConfigurationBuilder!
var cfg: OpenVPNTunnelProvider.Configuration!
var builder: OpenVPNProvider.ConfigurationBuilder!
var cfg: OpenVPNProvider.Configuration!
let identifier = "com.example.Provider"
let appGroup = "group.com.algoritmico.TunnelKit"
@ -69,7 +72,7 @@ class AppExtensionTests: XCTestCase {
sessionBuilder.hostname = hostname
sessionBuilder.endpointProtocols = []
sessionBuilder.mtu = 1230
builder = OpenVPNTunnelProvider.ConfigurationBuilder(sessionConfiguration: sessionBuilder.build())
builder = OpenVPNProvider.ConfigurationBuilder(sessionConfiguration: sessionBuilder.build())
XCTAssertNotNil(builder)
cfg = builder.build()
@ -147,7 +150,7 @@ class AppExtensionTests: XCTestCase {
EndpointProtocol(.udp, 1111),
EndpointProtocol(.udp4, 3333)
]
var builder2 = OpenVPNTunnelProvider.ConfigurationBuilder(sessionConfiguration: builder1.build())
var builder2 = OpenVPNProvider.ConfigurationBuilder(sessionConfiguration: builder1.build())
builder2.prefersResolvedAddresses = true
builder2.resolvedAddresses = [
"82.102.21.218",

2
Tests/TunnelKitOpenVPNTests/ConfigurationParserTests.swift
View File

@ -25,7 +25,7 @@
import XCTest
import TunnelKitCore
import TunnelKitOpenVPN
import TunnelKitOpenVPNCore
class ConfigurationParserTests: XCTestCase {
override func setUp() {

8
Tests/TunnelKitOpenVPNTests/ControlChannelTests.swift
View File

@ -25,9 +25,11 @@
import XCTest
@testable import TunnelKitCore
import _TunnelKitCoreObjC
@testable import TunnelKitOpenVPN
import _TunnelKitOpenVPNObjC
@testable import TunnelKitOpenVPNCore
@testable import TunnelKitOpenVPNProtocol
@testable import TunnelKitOpenVPNAppExtension
import CTunnelKitCore
import CTunnelKitOpenVPNProtocol
class ControlChannelTests: XCTestCase {
private let hex = "634a4d2d459d606c8e6abbec168fdcd1871462eaa2eaed84c8f403bdf8c7da737d81b5774cc35fe0a42b38aa053f1335fd4a22d721880433bbb20ae1f2d88315b2d186b3b377685506fa39d85d38da16c2ecc0d631bda64f9d8f5a8d073f18aab97ade23e49ea9e7de86784d1ed5fa356df5f7fa1d163e5537efa8d4ba61239dc301a9aa55de0e06e33a7545f7d0cc153405576464ba92942dafa5fb79c7a60663ff1e7da3122ae09d4561653bef3eeb312ad68b191e2f94cbcf4e21caff0b59f8be86567bd21787070c2dc10a8baf7e87ce2e07d7d7de25ead11bd6d6e6ec030c0a3fd50d2d0ca3c0378022bb642e954868d7b93e18a131ecbb12b0bbedb1ce"

4
Tests/TunnelKitOpenVPNTests/DataPathEncryptionTests.swift
View File

@ -36,8 +36,8 @@
import XCTest
@testable import TunnelKitCore
import _TunnelKitCoreObjC
import _TunnelKitOpenVPNObjC
import CTunnelKitCore
import CTunnelKitOpenVPNProtocol
class DataPathEncryptionTests: XCTestCase {
private let cipherKey = try! SecureRandom.safeData(length: 32)

6
Tests/TunnelKitOpenVPNTests/DataPathPerformanceTests.swift
View File

@ -36,8 +36,10 @@
import XCTest
@testable import TunnelKitCore
@testable import TunnelKitOpenVPN
import _TunnelKitOpenVPNObjC
@testable import TunnelKitOpenVPNCore
@testable import TunnelKitOpenVPNProtocol
@testable import TunnelKitOpenVPNAppExtension
import CTunnelKitOpenVPNProtocol
class DataPathPerformanceTests: XCTestCase {
private var dataPath: DataPath!

4
Tests/TunnelKitOpenVPNTests/EncryptionPerformanceTests.swift
View File

@ -36,8 +36,8 @@
import XCTest
@testable import TunnelKitCore
import _TunnelKitCoreObjC
import _TunnelKitOpenVPNObjC
import CTunnelKitCore
import CTunnelKitOpenVPNProtocol
class EncryptionPerformanceTests: XCTestCase {
private var cbcEncrypter: Encrypter!

6
Tests/TunnelKitOpenVPNTests/EncryptionTests.swift
View File

@ -36,9 +36,9 @@
import XCTest
@testable import TunnelKitCore
import _TunnelKitCoreObjC
import TunnelKitOpenVPN
import _TunnelKitOpenVPNObjC
@testable import TunnelKitOpenVPNCore
import CTunnelKitCore
import CTunnelKitOpenVPNProtocol
class EncryptionTests: XCTestCase {
private var cipherEncKey: ZeroingData!

2
Tests/TunnelKitOpenVPNTests/LinkTests.swift
View File

@ -36,7 +36,7 @@
import XCTest
@testable import TunnelKitCore
@testable import _TunnelKitCoreObjC
@testable import CTunnelKitCore
class LinkTests: XCTestCase {

2
Tests/TunnelKitOpenVPNTests/PacketTests.swift
View File

@ -25,7 +25,7 @@
import XCTest
@testable import TunnelKitCore
import _TunnelKitOpenVPNObjC
import CTunnelKitOpenVPNProtocol
class PacketTests: XCTestCase {

4
Tests/TunnelKitOpenVPNTests/PushTests.swift
View File

@ -25,7 +25,9 @@
import XCTest
@testable import TunnelKitCore
@testable import TunnelKitOpenVPN
@testable import TunnelKitOpenVPNCore
@testable import TunnelKitOpenVPNProtocol
@testable import TunnelKitOpenVPNAppExtension
private extension OpenVPN.PushReply {
func debug() {

2
Tests/TunnelKitOpenVPNTests/StaticKeyTests.swift
View File

@ -25,7 +25,7 @@
import XCTest
@testable import TunnelKitCore
import TunnelKitOpenVPN
import TunnelKitOpenVPNCore
class StaticKeyTests: XCTestCase {
private let content = """

Some files were not shown because too many files have changed in this diff Show More