Expose LZO framing option
This commit is contained in:
Davide De Rosa
parent
8836d2b175
commit
9f54e624ee
|
|
@ -128,6 +128,10 @@ extension TunnelKitProvider {
|
||||||
/// The MTU of the tunnel.
|
/// The MTU of the tunnel.
|
||||||
public var mtu: NSNumber
|
public var mtu: NSNumber
|
||||||
|
|
||||||
|
/// Enables LZO framing (deprecated).
|
||||||
|
@available(*, deprecated)
|
||||||
|
public var LZOFraming: Bool
|
||||||
|
|
||||||
/// The number of seconds after which a renegotiation is started. Set to `nil` to disable renegotiation (default).
|
/// The number of seconds after which a renegotiation is started. Set to `nil` to disable renegotiation (default).
|
||||||
public var renegotiatesAfterSeconds: Int?
|
public var renegotiatesAfterSeconds: Int?
|
||||||
|
|
||||||
|
|
@ -158,6 +162,7 @@ extension TunnelKitProvider {
|
||||||
digest = .sha1
|
digest = .sha1
|
||||||
ca = nil
|
ca = nil
|
||||||
mtu = 1500
|
mtu = 1500
|
||||||
|
LZOFraming = false
|
||||||
renegotiatesAfterSeconds = nil
|
renegotiatesAfterSeconds = nil
|
||||||
shouldDebug = false
|
shouldDebug = false
|
||||||
debugLogKey = nil
|
debugLogKey = nil
|
||||||
|
|
@ -210,6 +215,7 @@ extension TunnelKitProvider {
|
||||||
self.digest = digest
|
self.digest = digest
|
||||||
self.ca = ca
|
self.ca = ca
|
||||||
mtu = providerConfiguration[S.mtu] as? NSNumber ?? 1500
|
mtu = providerConfiguration[S.mtu] as? NSNumber ?? 1500
|
||||||
|
LZOFraming = providerConfiguration[S.LZOFraming] as? Bool ?? false
|
||||||
renegotiatesAfterSeconds = providerConfiguration[S.renegotiatesAfter] as? Int
|
renegotiatesAfterSeconds = providerConfiguration[S.renegotiatesAfter] as? Int
|
||||||
|
|
||||||
shouldDebug = providerConfiguration[S.debug] as? Bool ?? false
|
shouldDebug = providerConfiguration[S.debug] as? Bool ?? false
|
||||||
|
|
@ -243,6 +249,7 @@ extension TunnelKitProvider {
|
||||||
digest: digest,
|
digest: digest,
|
||||||
ca: ca,
|
ca: ca,
|
||||||
mtu: mtu,
|
mtu: mtu,
|
||||||
|
LZOFraming: LZOFraming,
|
||||||
renegotiatesAfterSeconds: renegotiatesAfterSeconds,
|
renegotiatesAfterSeconds: renegotiatesAfterSeconds,
|
||||||
shouldDebug: shouldDebug,
|
shouldDebug: shouldDebug,
|
||||||
debugLogKey: shouldDebug ? debugLogKey : nil,
|
debugLogKey: shouldDebug ? debugLogKey : nil,
|
||||||
|
|
@ -270,6 +277,8 @@ extension TunnelKitProvider {
|
||||||
|
|
||||||
static let mtu = "MTU"
|
static let mtu = "MTU"
|
||||||
|
|
||||||
|
static let LZOFraming = "LZOFraming"
|
||||||
|
|
||||||
static let renegotiatesAfter = "RenegotiatesAfter"
|
static let renegotiatesAfter = "RenegotiatesAfter"
|
||||||
|
|
||||||
static let debug = "Debug"
|
static let debug = "Debug"
|
||||||
|
|
@ -303,6 +312,9 @@ extension TunnelKitProvider {
|
||||||
/// - Seealso: `TunnelKitProvider.ConfigurationBuilder.mtu`
|
/// - Seealso: `TunnelKitProvider.ConfigurationBuilder.mtu`
|
||||||
public let mtu: NSNumber
|
public let mtu: NSNumber
|
||||||
|
|
||||||
|
/// - Seealso: `TunnelKitProvider.ConfigurationBuilder.LZOFraming`
|
||||||
|
public let LZOFraming: Bool
|
||||||
|
|
||||||
/// - Seealso: `TunnelKitProvider.ConfigurationBuilder.renegotiatesAfterSeconds`
|
/// - Seealso: `TunnelKitProvider.ConfigurationBuilder.renegotiatesAfterSeconds`
|
||||||
public let renegotiatesAfterSeconds: Int?
|
public let renegotiatesAfterSeconds: Int?
|
||||||
|
|
||||||
|
|
@ -367,6 +379,9 @@ extension TunnelKitProvider {
|
||||||
if let resolvedAddresses = resolvedAddresses {
|
if let resolvedAddresses = resolvedAddresses {
|
||||||
dict[S.resolvedAddresses] = resolvedAddresses
|
dict[S.resolvedAddresses] = resolvedAddresses
|
||||||
}
|
}
|
||||||
|
if LZOFraming {
|
||||||
|
dict[S.LZOFraming] = LZOFraming
|
||||||
|
}
|
||||||
if let renegotiatesAfterSeconds = renegotiatesAfterSeconds {
|
if let renegotiatesAfterSeconds = renegotiatesAfterSeconds {
|
||||||
dict[S.renegotiatesAfter] = renegotiatesAfterSeconds
|
dict[S.renegotiatesAfter] = renegotiatesAfterSeconds
|
||||||
}
|
}
|
||||||
|
|
@ -421,6 +436,7 @@ extension TunnelKitProvider {
|
||||||
log.info("CA verification: disabled")
|
log.info("CA verification: disabled")
|
||||||
}
|
}
|
||||||
log.info("MTU: \(mtu)")
|
log.info("MTU: \(mtu)")
|
||||||
|
log.info("LZO framing: \(LZOFraming ? "enabled" : "disabled")")
|
||||||
if let renegotiatesAfterSeconds = renegotiatesAfterSeconds {
|
if let renegotiatesAfterSeconds = renegotiatesAfterSeconds {
|
||||||
log.info("Renegotiation: \(renegotiatesAfterSeconds) seconds")
|
log.info("Renegotiation: \(renegotiatesAfterSeconds) seconds")
|
||||||
} else {
|
} else {
|
||||||
|
|
@ -461,6 +477,7 @@ extension TunnelKitProvider.Configuration: Equatable {
|
||||||
(lhs.digest == rhs.digest) &&
|
(lhs.digest == rhs.digest) &&
|
||||||
(lhs.ca == rhs.ca) &&
|
(lhs.ca == rhs.ca) &&
|
||||||
(lhs.mtu == rhs.mtu) &&
|
(lhs.mtu == rhs.mtu) &&
|
||||||
|
(lhs.LZOFraming == rhs.LZOFraming) &&
|
||||||
(lhs.renegotiatesAfterSeconds == rhs.renegotiatesAfterSeconds)
|
(lhs.renegotiatesAfterSeconds == rhs.renegotiatesAfterSeconds)
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -159,6 +159,7 @@ open class TunnelKitProvider: NEPacketTunnelProvider {
|
||||||
sessionConfiguration.cipher = cfg.cipher
|
sessionConfiguration.cipher = cfg.cipher
|
||||||
sessionConfiguration.digest = cfg.digest
|
sessionConfiguration.digest = cfg.digest
|
||||||
sessionConfiguration.caPath = caPath
|
sessionConfiguration.caPath = caPath
|
||||||
|
sessionConfiguration.LZOFraming = cfg.LZOFraming
|
||||||
if let renegotiatesAfterSeconds = cfg.renegotiatesAfterSeconds {
|
if let renegotiatesAfterSeconds = cfg.renegotiatesAfterSeconds {
|
||||||
sessionConfiguration.renegotiatesAfter = Double(renegotiatesAfterSeconds)
|
sessionConfiguration.renegotiatesAfter = Double(renegotiatesAfterSeconds)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -58,6 +58,10 @@ extension SessionProxy {
|
||||||
/// The path to the optional CA for TLS negotiation (PEM format).
|
/// The path to the optional CA for TLS negotiation (PEM format).
|
||||||
public var caPath: String?
|
public var caPath: String?
|
||||||
|
|
||||||
|
/// Enables LZO compression framing (deprecated in OpenVPN 2.4).
|
||||||
|
@available(*, deprecated)
|
||||||
|
public var LZOFraming: Bool
|
||||||
|
|
||||||
/// Sends periodical keep-alive packets if set.
|
/// Sends periodical keep-alive packets if set.
|
||||||
public var keepAliveInterval: TimeInterval?
|
public var keepAliveInterval: TimeInterval?
|
||||||
|
|
||||||
|
|
@ -71,6 +75,7 @@ extension SessionProxy {
|
||||||
cipher = .aes128cbc
|
cipher = .aes128cbc
|
||||||
digest = .sha1
|
digest = .sha1
|
||||||
caPath = nil
|
caPath = nil
|
||||||
|
LZOFraming = false
|
||||||
keepAliveInterval = nil
|
keepAliveInterval = nil
|
||||||
renegotiatesAfter = nil
|
renegotiatesAfter = nil
|
||||||
}
|
}
|
||||||
|
|
@ -87,6 +92,7 @@ extension SessionProxy {
|
||||||
cipher: cipher,
|
cipher: cipher,
|
||||||
digest: digest,
|
digest: digest,
|
||||||
caPath: caPath,
|
caPath: caPath,
|
||||||
|
LZOFraming: LZOFraming,
|
||||||
keepAliveInterval: keepAliveInterval,
|
keepAliveInterval: keepAliveInterval,
|
||||||
renegotiatesAfter: renegotiatesAfter
|
renegotiatesAfter: renegotiatesAfter
|
||||||
)
|
)
|
||||||
|
|
@ -111,6 +117,9 @@ extension SessionProxy {
|
||||||
/// - Seealso: `SessionProxy.ConfigurationBuilder.caPath`
|
/// - Seealso: `SessionProxy.ConfigurationBuilder.caPath`
|
||||||
public let caPath: String?
|
public let caPath: String?
|
||||||
|
|
||||||
|
/// - Seealso: `SessionProxy.ConfigurationBuilder.LZOFraming`
|
||||||
|
public let LZOFraming: Bool
|
||||||
|
|
||||||
/// - Seealso: `SessionProxy.ConfigurationBuilder.keepAliveInterval`
|
/// - Seealso: `SessionProxy.ConfigurationBuilder.keepAliveInterval`
|
||||||
public let keepAliveInterval: TimeInterval?
|
public let keepAliveInterval: TimeInterval?
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -80,8 +80,9 @@ extension SessionProxy {
|
||||||
return isTLSConnected
|
return isTLSConnected
|
||||||
}
|
}
|
||||||
|
|
||||||
func startHandlingPackets(withPeerId peerId: UInt32? = nil) {
|
func startHandlingPackets(withPeerId peerId: UInt32? = nil, LZOFraming: Bool = false) {
|
||||||
dataPath?.setPeerId(peerId ?? PacketPeerIdDisabled)
|
dataPath?.setPeerId(peerId ?? PacketPeerIdDisabled)
|
||||||
|
dataPath?.setLZOFraming(LZOFraming)
|
||||||
canHandlePackets = true
|
canHandlePackets = true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -861,7 +861,10 @@ public class SessionProxy {
|
||||||
}
|
}
|
||||||
|
|
||||||
authenticator = nil
|
authenticator = nil
|
||||||
negotiationKey.startHandlingPackets(withPeerId: peerId)
|
negotiationKey.startHandlingPackets(
|
||||||
|
withPeerId: peerId,
|
||||||
|
LZOFraming: configuration.LZOFraming
|
||||||
|
)
|
||||||
negotiationKey.controlState = .connected
|
negotiationKey.controlState = .connected
|
||||||
connectedDate = Date()
|
connectedDate = Date()
|
||||||
transitionKeys()
|
transitionKeys()
|
||||||
|
|
|
||||||
|
|
@ -52,8 +52,8 @@ class DataPathEncryptionTests: XCTestCase {
|
||||||
XCTAssertEqual(enc.peerId(), peerId & 0xffffff)
|
XCTAssertEqual(enc.peerId(), peerId & 0xffffff)
|
||||||
XCTAssertEqual(dec.peerId(), peerId & 0xffffff)
|
XCTAssertEqual(dec.peerId(), peerId & 0xffffff)
|
||||||
}
|
}
|
||||||
// enc.setDeprecatedLZOFraming(true)
|
// enc.setLZOFraming(true)
|
||||||
// dec.setDeprecatedLZOFraming(true)
|
// dec.setLZOFraming(true)
|
||||||
|
|
||||||
let payload = Data(hex: "00112233445566778899")
|
let payload = Data(hex: "00112233445566778899")
|
||||||
let packetId: UInt32 = 0x56341200
|
let packetId: UInt32 = 0x56341200
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue