Accept nil cipher/digest in AppExtension

Reorganize code for clarity.
This commit is contained in:
Davide De Rosa 2019-04-07 08:16:09 +02:00
parent 604f76320d
commit 9f358d6326
6 changed files with 34 additions and 47 deletions

View File

@ -1,6 +1,6 @@
Pod::Spec.new do |s|
s.name = "TunnelKit"
s.version = "1.6.0"
s.version = "1.6.1"
s.summary = "Non-official OpenVPN client for Apple platforms."
s.homepage = "https://github.com/keeshux/tunnelkit"

View File

@ -1470,7 +1470,7 @@
CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
CODE_SIGN_IDENTITY = "iPhone Developer";
COPY_PHASE_STRIP = NO;
CURRENT_PROJECT_VERSION = 451;
CURRENT_PROJECT_VERSION = 466;
DEBUG_INFORMATION_FORMAT = dwarf;
ENABLE_STRICT_OBJC_MSGSEND = YES;
ENABLE_TESTABILITY = YES;
@ -1534,7 +1534,7 @@
CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
CODE_SIGN_IDENTITY = "iPhone Developer";
COPY_PHASE_STRIP = NO;
CURRENT_PROJECT_VERSION = 451;
CURRENT_PROJECT_VERSION = 466;
DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym";
ENABLE_NS_ASSERTIONS = NO;
ENABLE_STRICT_OBJC_MSGSEND = YES;
@ -1567,7 +1567,7 @@
DEFINES_MODULE = YES;
DEVELOPMENT_TEAM = "";
DYLIB_COMPATIBILITY_VERSION = 1;
DYLIB_CURRENT_VERSION = 451;
DYLIB_CURRENT_VERSION = 466;
DYLIB_INSTALL_NAME_BASE = "@rpath";
FRAMEWORK_SEARCH_PATHS = "$(inherited)";
INFOPLIST_FILE = "$(SRCROOT)/TunnelKit-iOS/Info.plist";
@ -1591,7 +1591,7 @@
DEFINES_MODULE = YES;
DEVELOPMENT_TEAM = "";
DYLIB_COMPATIBILITY_VERSION = 1;
DYLIB_CURRENT_VERSION = 451;
DYLIB_CURRENT_VERSION = 466;
DYLIB_INSTALL_NAME_BASE = "@rpath";
FRAMEWORK_SEARCH_PATHS = "$(inherited)";
INFOPLIST_FILE = "$(SRCROOT)/TunnelKit-iOS/Info.plist";
@ -1615,7 +1615,7 @@
COMBINE_HIDPI_IMAGES = YES;
DEFINES_MODULE = YES;
DYLIB_COMPATIBILITY_VERSION = 1;
DYLIB_CURRENT_VERSION = 451;
DYLIB_CURRENT_VERSION = 466;
DYLIB_INSTALL_NAME_BASE = "@rpath";
FRAMEWORK_VERSION = A;
INFOPLIST_FILE = "$(SRCROOT)/TunnelKit-macOS/Info.plist";
@ -1639,7 +1639,7 @@
COMBINE_HIDPI_IMAGES = YES;
DEFINES_MODULE = YES;
DYLIB_COMPATIBILITY_VERSION = 1;
DYLIB_CURRENT_VERSION = 451;
DYLIB_CURRENT_VERSION = 466;
DYLIB_INSTALL_NAME_BASE = "@rpath";
FRAMEWORK_VERSION = A;
INFOPLIST_FILE = "$(SRCROOT)/TunnelKit-macOS/Info.plist";

View File

@ -111,38 +111,17 @@ extension TunnelKitProvider {
//
guard let cipherAlgorithm = providerConfiguration[S.cipherAlgorithm] as? String, let cipher = SessionProxy.Cipher(rawValue: cipherAlgorithm) else {
throw ProviderConfigurationError.parameter(name: "protocolConfiguration.providerConfiguration[\(S.cipherAlgorithm)]")
}
guard let digestAlgorithm = providerConfiguration[S.digestAlgorithm] as? String, let digest = SessionProxy.Digest(rawValue: digestAlgorithm) else {
throw ProviderConfigurationError.parameter(name: "protocolConfiguration.providerConfiguration[\(S.digestAlgorithm)]")
}
let ca: CryptoContainer
let clientCertificate: CryptoContainer?
let clientKey: CryptoContainer?
guard let caPEM = providerConfiguration[S.ca] as? String else {
throw ProviderConfigurationError.parameter(name: "protocolConfiguration.providerConfiguration[\(S.ca)]")
}
ca = CryptoContainer(pem: caPEM)
if let clientPEM = providerConfiguration[S.clientCertificate] as? String {
guard let keyPEM = providerConfiguration[S.clientKey] as? String else {
throw ProviderConfigurationError.parameter(name: "protocolConfiguration.providerConfiguration[\(S.clientKey)]")
}
clientCertificate = CryptoContainer(pem: clientPEM)
clientKey = CryptoContainer(pem: keyPEM)
} else {
clientCertificate = nil
clientKey = nil
}
var sessionConfigurationBuilder = SessionProxy.ConfigurationBuilder()
sessionConfigurationBuilder.ca = ca
sessionConfigurationBuilder.cipher = cipher
sessionConfigurationBuilder.digest = digest
sessionConfigurationBuilder.clientCertificate = clientCertificate
sessionConfigurationBuilder.clientKey = clientKey
if let cipherAlgorithm = providerConfiguration[S.cipherAlgorithm] as? String {
sessionConfigurationBuilder.cipher = SessionProxy.Cipher(rawValue: cipherAlgorithm)
}
if let digestAlgorithm = providerConfiguration[S.digestAlgorithm] as? String {
sessionConfigurationBuilder.digest = SessionProxy.Digest(rawValue: digestAlgorithm)
}
if let compressionFramingValue = providerConfiguration[S.compressionFraming] as? Int, let compressionFraming = SessionProxy.CompressionFraming(rawValue: compressionFramingValue) {
sessionConfigurationBuilder.compressionFraming = compressionFraming
} else {
@ -153,6 +132,14 @@ extension TunnelKitProvider {
} else {
sessionConfigurationBuilder.compressionAlgorithm = ConfigurationBuilder.defaults.sessionConfiguration.compressionAlgorithm
}
sessionConfigurationBuilder.ca = CryptoContainer(pem: caPEM)
if let clientPEM = providerConfiguration[S.clientCertificate] as? String {
guard let keyPEM = providerConfiguration[S.clientKey] as? String else {
throw ProviderConfigurationError.parameter(name: "protocolConfiguration.providerConfiguration[\(S.clientKey)]")
}
sessionConfigurationBuilder.clientCertificate = CryptoContainer(pem: clientPEM)
sessionConfigurationBuilder.clientKey = CryptoContainer(pem: keyPEM)
}
if let tlsWrapData = providerConfiguration[S.tlsWrap] as? Data {
do {
sessionConfigurationBuilder.tlsWrap = try SessionProxy.TLSWrap.deserialized(tlsWrapData)
@ -172,10 +159,10 @@ extension TunnelKitProvider {
return ep
}
sessionConfigurationBuilder.checksEKU = providerConfiguration[S.checksEKU] as? Bool ?? ConfigurationBuilder.defaults.sessionConfiguration.checksEKU
sessionConfigurationBuilder.dnsServers = providerConfiguration[S.dnsServers] as? [String]
sessionConfigurationBuilder.searchDomain = providerConfiguration[S.searchDomain] as? String
sessionConfigurationBuilder.randomizeEndpoint = providerConfiguration[S.randomizeEndpoint] as? Bool ?? ConfigurationBuilder.defaults.sessionConfiguration.randomizeEndpoint
sessionConfigurationBuilder.usesPIAPatches = providerConfiguration[S.usesPIAPatches] as? Bool ?? ConfigurationBuilder.defaults.sessionConfiguration.usesPIAPatches
sessionConfigurationBuilder.dnsServers = providerConfiguration[S.dnsServers] as? [String]
sessionConfigurationBuilder.searchDomain = providerConfiguration[S.searchDomain] as? String
sessionConfiguration = sessionConfigurationBuilder.build()
shouldDebug = providerConfiguration[S.debug] as? Bool ?? ConfigurationBuilder.defaults.shouldDebug
@ -225,16 +212,16 @@ extension TunnelKitProvider {
static let digestAlgorithm = "DigestAlgorithm"
static let compressionFraming = "CompressionFraming"
static let compressionAlgorithm = "CompressionAlgorithm"
static let ca = "CA"
static let clientCertificate = "ClientCertificate"
static let clientKey = "ClientKey"
static let compressionFraming = "CompressionFraming"
static let compressionAlgorithm = "CompressionAlgorithm"
static let tlsWrap = "TLSWrap"
static let keepAlive = "KeepAlive"
@ -245,14 +232,14 @@ extension TunnelKitProvider {
static let checksEKU = "ChecksEKU"
static let dnsServers = "DNSServers"
static let searchDomain = "SearchDomain"
static let randomizeEndpoint = "RandomizeEndpoint"
static let usesPIAPatches = "UsesPIAPatches"
static let dnsServers = "DNSServers"
static let searchDomain = "SearchDomain"
// MARK: Debugging
static let debug = "Debug"

View File

@ -15,7 +15,7 @@
<key>CFBundlePackageType</key>
<string>APPL</string>
<key>CFBundleShortVersionString</key>
<string>1.6.0</string>
<string>1.6.1</string>
<key>CFBundleVersion</key>
<string>1</string>
<key>LSRequiresIPhoneOS</key>

View File

@ -15,7 +15,7 @@
<key>CFBundlePackageType</key>
<string>BNDL</string>
<key>CFBundleShortVersionString</key>
<string>1.6.0</string>
<string>1.6.1</string>
<key>CFBundleVersion</key>
<string>1</string>
</dict>

View File

@ -15,7 +15,7 @@
<key>CFBundlePackageType</key>
<string>BNDL</string>
<key>CFBundleShortVersionString</key>
<string>1.6.0</string>
<string>1.6.1</string>
<key>CFBundleVersion</key>
<string>1</string>
</dict>