Accept nil cipher/digest in AppExtension

Reorganize code for clarity.
2019-04-07 08:16:09 +02:00 · 2019-04-07 08:16:09 +02:00 · 9f358d6326
parent 604f76320d
commit 9f358d6326
6 changed files with 34 additions and 47 deletions
--- a/TunnelKit.podspec
+++ b/TunnelKit.podspec
@ -1,6 +1,6 @@
 Pod::Spec.new do |s|
    s.name              = "TunnelKit"
-    s.version           = "1.6.0"
+    s.version           = "1.6.1"
    s.summary           = "Non-official OpenVPN client for Apple platforms."

    s.homepage          = "https://github.com/keeshux/tunnelkit"
--- a/TunnelKit.xcodeproj/project.pbxproj
+++ b/TunnelKit.xcodeproj/project.pbxproj
@ -1470,7 +1470,7 @@
 				CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
 				CODE_SIGN_IDENTITY = "iPhone Developer";
 				COPY_PHASE_STRIP = NO;
-				CURRENT_PROJECT_VERSION = 451;
+				CURRENT_PROJECT_VERSION = 466;
 				DEBUG_INFORMATION_FORMAT = dwarf;
 				ENABLE_STRICT_OBJC_MSGSEND = YES;
 				ENABLE_TESTABILITY = YES;
@ -1534,7 +1534,7 @@
 				CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
 				CODE_SIGN_IDENTITY = "iPhone Developer";
 				COPY_PHASE_STRIP = NO;
-				CURRENT_PROJECT_VERSION = 451;
+				CURRENT_PROJECT_VERSION = 466;
 				DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym";
 				ENABLE_NS_ASSERTIONS = NO;
 				ENABLE_STRICT_OBJC_MSGSEND = YES;
@ -1567,7 +1567,7 @@
 				DEFINES_MODULE = YES;
 				DEVELOPMENT_TEAM = "";
 				DYLIB_COMPATIBILITY_VERSION = 1;
-				DYLIB_CURRENT_VERSION = 451;
+				DYLIB_CURRENT_VERSION = 466;
 				DYLIB_INSTALL_NAME_BASE = "@rpath";
 				FRAMEWORK_SEARCH_PATHS = "$(inherited)";
 				INFOPLIST_FILE = "$(SRCROOT)/TunnelKit-iOS/Info.plist";
@ -1591,7 +1591,7 @@
 				DEFINES_MODULE = YES;
 				DEVELOPMENT_TEAM = "";
 				DYLIB_COMPATIBILITY_VERSION = 1;
-				DYLIB_CURRENT_VERSION = 451;
+				DYLIB_CURRENT_VERSION = 466;
 				DYLIB_INSTALL_NAME_BASE = "@rpath";
 				FRAMEWORK_SEARCH_PATHS = "$(inherited)";
 				INFOPLIST_FILE = "$(SRCROOT)/TunnelKit-iOS/Info.plist";
@ -1615,7 +1615,7 @@
 				COMBINE_HIDPI_IMAGES = YES;
 				DEFINES_MODULE = YES;
 				DYLIB_COMPATIBILITY_VERSION = 1;
-				DYLIB_CURRENT_VERSION = 451;
+				DYLIB_CURRENT_VERSION = 466;
 				DYLIB_INSTALL_NAME_BASE = "@rpath";
 				FRAMEWORK_VERSION = A;
 				INFOPLIST_FILE = "$(SRCROOT)/TunnelKit-macOS/Info.plist";
@ -1639,7 +1639,7 @@
 				COMBINE_HIDPI_IMAGES = YES;
 				DEFINES_MODULE = YES;
 				DYLIB_COMPATIBILITY_VERSION = 1;
-				DYLIB_CURRENT_VERSION = 451;
+				DYLIB_CURRENT_VERSION = 466;
 				DYLIB_INSTALL_NAME_BASE = "@rpath";
 				FRAMEWORK_VERSION = A;
 				INFOPLIST_FILE = "$(SRCROOT)/TunnelKit-macOS/Info.plist";
--- a/TunnelKit/Sources/AppExtension/TunnelKitProvider+Configuration.swift
+++ b/TunnelKit/Sources/AppExtension/TunnelKitProvider+Configuration.swift
@ -111,38 +111,17 @@ extension TunnelKitProvider {
            
            //

-            guard let cipherAlgorithm = providerConfiguration[S.cipherAlgorithm] as? String, let cipher = SessionProxy.Cipher(rawValue: cipherAlgorithm) else {
-                throw ProviderConfigurationError.parameter(name: "protocolConfiguration.providerConfiguration[\(S.cipherAlgorithm)]")
-            }
-            guard let digestAlgorithm = providerConfiguration[S.digestAlgorithm] as? String, let digest = SessionProxy.Digest(rawValue: digestAlgorithm) else {
-                throw ProviderConfigurationError.parameter(name: "protocolConfiguration.providerConfiguration[\(S.digestAlgorithm)]")
-            }
-
-            let ca: CryptoContainer
-            let clientCertificate: CryptoContainer?
-            let clientKey: CryptoContainer?
            guard let caPEM = providerConfiguration[S.ca] as? String else {
                throw ProviderConfigurationError.parameter(name: "protocolConfiguration.providerConfiguration[\(S.ca)]")
            }
-            ca = CryptoContainer(pem: caPEM)
-            if let clientPEM = providerConfiguration[S.clientCertificate] as? String {
-                guard let keyPEM = providerConfiguration[S.clientKey] as? String else {
-                    throw ProviderConfigurationError.parameter(name: "protocolConfiguration.providerConfiguration[\(S.clientKey)]")
-                }
-
-                clientCertificate = CryptoContainer(pem: clientPEM)
-                clientKey = CryptoContainer(pem: keyPEM)
-            } else {
-                clientCertificate = nil
-                clientKey = nil
-            }

            var sessionConfigurationBuilder = SessionProxy.ConfigurationBuilder()
-            sessionConfigurationBuilder.ca = ca
-            sessionConfigurationBuilder.cipher = cipher
-            sessionConfigurationBuilder.digest = digest
-            sessionConfigurationBuilder.clientCertificate = clientCertificate
-            sessionConfigurationBuilder.clientKey = clientKey
+            if let cipherAlgorithm = providerConfiguration[S.cipherAlgorithm] as? String {
+                sessionConfigurationBuilder.cipher = SessionProxy.Cipher(rawValue: cipherAlgorithm)
+            }
+            if let digestAlgorithm = providerConfiguration[S.digestAlgorithm] as? String {
+                sessionConfigurationBuilder.digest = SessionProxy.Digest(rawValue: digestAlgorithm)
+            }
            if let compressionFramingValue = providerConfiguration[S.compressionFraming] as? Int, let compressionFraming = SessionProxy.CompressionFraming(rawValue: compressionFramingValue) {
                sessionConfigurationBuilder.compressionFraming = compressionFraming
            } else {
@ -153,6 +132,14 @@ extension TunnelKitProvider {
            } else {
                sessionConfigurationBuilder.compressionAlgorithm = ConfigurationBuilder.defaults.sessionConfiguration.compressionAlgorithm
            }
+            sessionConfigurationBuilder.ca = CryptoContainer(pem: caPEM)
+            if let clientPEM = providerConfiguration[S.clientCertificate] as? String {
+                guard let keyPEM = providerConfiguration[S.clientKey] as? String else {
+                    throw ProviderConfigurationError.parameter(name: "protocolConfiguration.providerConfiguration[\(S.clientKey)]")
+                }
+                sessionConfigurationBuilder.clientCertificate = CryptoContainer(pem: clientPEM)
+                sessionConfigurationBuilder.clientKey = CryptoContainer(pem: keyPEM)
+            }
            if let tlsWrapData = providerConfiguration[S.tlsWrap] as? Data {
                do {
                    sessionConfigurationBuilder.tlsWrap = try SessionProxy.TLSWrap.deserialized(tlsWrapData)
@ -172,10 +159,10 @@ extension TunnelKitProvider {
                return ep
            }
            sessionConfigurationBuilder.checksEKU = providerConfiguration[S.checksEKU] as? Bool ?? ConfigurationBuilder.defaults.sessionConfiguration.checksEKU
-            sessionConfigurationBuilder.dnsServers = providerConfiguration[S.dnsServers] as? [String]
-            sessionConfigurationBuilder.searchDomain = providerConfiguration[S.searchDomain] as? String
            sessionConfigurationBuilder.randomizeEndpoint = providerConfiguration[S.randomizeEndpoint] as? Bool ?? ConfigurationBuilder.defaults.sessionConfiguration.randomizeEndpoint
            sessionConfigurationBuilder.usesPIAPatches = providerConfiguration[S.usesPIAPatches] as? Bool ?? ConfigurationBuilder.defaults.sessionConfiguration.usesPIAPatches
+            sessionConfigurationBuilder.dnsServers = providerConfiguration[S.dnsServers] as? [String]
+            sessionConfigurationBuilder.searchDomain = providerConfiguration[S.searchDomain] as? String
            sessionConfiguration = sessionConfigurationBuilder.build()

            shouldDebug = providerConfiguration[S.debug] as? Bool ?? ConfigurationBuilder.defaults.shouldDebug
@ -225,16 +212,16 @@ extension TunnelKitProvider {
            
            static let digestAlgorithm = "DigestAlgorithm"
            
+            static let compressionFraming = "CompressionFraming"
+            
+            static let compressionAlgorithm = "CompressionAlgorithm"
+            
            static let ca = "CA"
            
            static let clientCertificate = "ClientCertificate"
            
            static let clientKey = "ClientKey"
            
-            static let compressionFraming = "CompressionFraming"
-            
-            static let compressionAlgorithm = "CompressionAlgorithm"
-            
            static let tlsWrap = "TLSWrap"

            static let keepAlive = "KeepAlive"
@ -245,14 +232,14 @@ extension TunnelKitProvider {
            
            static let checksEKU = "ChecksEKU"

-            static let dnsServers = "DNSServers"
-            
-            static let searchDomain = "SearchDomain"
-            
            static let randomizeEndpoint = "RandomizeEndpoint"
            
            static let usesPIAPatches = "UsesPIAPatches"
            
+            static let dnsServers = "DNSServers"
+            
+            static let searchDomain = "SearchDomain"
+            
            // MARK: Debugging
            
            static let debug = "Debug"
--- a/TunnelKitHost/Info.plist
+++ b/TunnelKitHost/Info.plist
@ -15,7 +15,7 @@
 	<key>CFBundlePackageType</key>
 	<string>APPL</string>
 	<key>CFBundleShortVersionString</key>
-	<string>1.6.0</string>
+	<string>1.6.1</string>
 	<key>CFBundleVersion</key>
 	<string>1</string>
 	<key>LSRequiresIPhoneOS</key>
--- a/TunnelKitTests-iOS/Info.plist
+++ b/TunnelKitTests-iOS/Info.plist
@ -15,7 +15,7 @@
 	<key>CFBundlePackageType</key>
 	<string>BNDL</string>
 	<key>CFBundleShortVersionString</key>
-	<string>1.6.0</string>
+	<string>1.6.1</string>
 	<key>CFBundleVersion</key>
 	<string>1</string>
 </dict>
--- a/TunnelKitTests-macOS/Info.plist
+++ b/TunnelKitTests-macOS/Info.plist
@ -15,7 +15,7 @@
 	<key>CFBundlePackageType</key>
 	<string>BNDL</string>
 	<key>CFBundleShortVersionString</key>
-	<string>1.6.0</string>
+	<string>1.6.1</string>
 	<key>CFBundleVersion</key>
 	<string>1</string>
 </dict>