LegacyConfig: Remove and support plaintext for .mobileconfig
This commit is contained in:
parent
0407d41005
commit
30576a1fe6
|
@ -1,205 +0,0 @@
|
|||
// SPDX-License-Identifier: MIT
|
||||
// Copyright © 2018-2019 WireGuard LLC. All Rights Reserved.
|
||||
|
||||
import Foundation
|
||||
import Network
|
||||
import NetworkExtension
|
||||
|
||||
protocol LegacyModel: Decodable {
|
||||
associatedtype Model
|
||||
|
||||
var migrated: Model { get }
|
||||
}
|
||||
|
||||
struct LegacyDNSServer: LegacyModel {
|
||||
let address: IPAddress
|
||||
|
||||
var migrated: DNSServer {
|
||||
return DNSServer(address: address)
|
||||
}
|
||||
|
||||
init(from decoder: Decoder) throws {
|
||||
let container = try decoder.singleValueContainer()
|
||||
var data = try container.decode(Data.self)
|
||||
let ipAddressFromData: IPAddress? = {
|
||||
switch data.count {
|
||||
case 4: return IPv4Address(data)
|
||||
case 16: return IPv6Address(data)
|
||||
default: return nil
|
||||
}
|
||||
}()
|
||||
guard let ipAddress = ipAddressFromData else {
|
||||
throw DecodingError.invalidData
|
||||
}
|
||||
address = ipAddress
|
||||
}
|
||||
|
||||
enum DecodingError: Error {
|
||||
case invalidData
|
||||
}
|
||||
}
|
||||
|
||||
extension Array where Element == LegacyDNSServer {
|
||||
var migrated: [DNSServer] {
|
||||
return map { $0.migrated }
|
||||
}
|
||||
}
|
||||
|
||||
struct LegacyEndpoint: LegacyModel {
|
||||
let host: Network.NWEndpoint.Host
|
||||
let port: Network.NWEndpoint.Port
|
||||
|
||||
var migrated: Endpoint {
|
||||
return Endpoint(host: host, port: port)
|
||||
}
|
||||
|
||||
public init(from decoder: Decoder) throws {
|
||||
let container = try decoder.singleValueContainer()
|
||||
let endpointString = try container.decode(String.self)
|
||||
guard !endpointString.isEmpty else { throw DecodingError.invalidData }
|
||||
let startOfPort: String.Index
|
||||
let hostString: String
|
||||
if endpointString.first! == "[" {
|
||||
// Look for IPv6-style endpoint, like [::1]:80
|
||||
let startOfHost = endpointString.index(after: endpointString.startIndex)
|
||||
guard let endOfHost = endpointString.dropFirst().firstIndex(of: "]") else { throw DecodingError.invalidData }
|
||||
let afterEndOfHost = endpointString.index(after: endOfHost)
|
||||
guard endpointString[afterEndOfHost] == ":" else { throw DecodingError.invalidData }
|
||||
startOfPort = endpointString.index(after: afterEndOfHost)
|
||||
hostString = String(endpointString[startOfHost ..< endOfHost])
|
||||
} else {
|
||||
// Look for an IPv4-style endpoint, like 127.0.0.1:80
|
||||
guard let endOfHost = endpointString.firstIndex(of: ":") else { throw DecodingError.invalidData }
|
||||
startOfPort = endpointString.index(after: endOfHost)
|
||||
hostString = String(endpointString[endpointString.startIndex ..< endOfHost])
|
||||
}
|
||||
guard let endpointPort = NWEndpoint.Port(String(endpointString[startOfPort ..< endpointString.endIndex])) else { throw DecodingError.invalidData }
|
||||
let invalidCharacterIndex = hostString.unicodeScalars.firstIndex { char in
|
||||
return !CharacterSet.urlHostAllowed.contains(char)
|
||||
}
|
||||
guard invalidCharacterIndex == nil else { throw DecodingError.invalidData }
|
||||
host = NWEndpoint.Host(hostString)
|
||||
port = endpointPort
|
||||
}
|
||||
|
||||
enum DecodingError: Error {
|
||||
case invalidData
|
||||
}
|
||||
}
|
||||
|
||||
struct LegacyInterfaceConfiguration: LegacyModel {
|
||||
let name: String
|
||||
let privateKey: Data
|
||||
let addresses: [LegacyIPAddressRange]
|
||||
let listenPort: UInt16?
|
||||
let mtu: UInt16?
|
||||
let dns: [LegacyDNSServer]
|
||||
|
||||
var migrated: InterfaceConfiguration {
|
||||
var interface = InterfaceConfiguration(privateKey: privateKey)
|
||||
interface.addresses = addresses.migrated
|
||||
interface.listenPort = listenPort
|
||||
interface.mtu = mtu
|
||||
interface.dns = dns.migrated
|
||||
return interface
|
||||
}
|
||||
}
|
||||
|
||||
struct LegacyIPAddressRange: LegacyModel {
|
||||
let address: IPAddress
|
||||
let networkPrefixLength: UInt8
|
||||
|
||||
var migrated: IPAddressRange {
|
||||
return IPAddressRange(address: address, networkPrefixLength: networkPrefixLength)
|
||||
}
|
||||
|
||||
public init(from decoder: Decoder) throws {
|
||||
let container = try decoder.singleValueContainer()
|
||||
var data = try container.decode(Data.self)
|
||||
networkPrefixLength = data.removeLast()
|
||||
let ipAddressFromData: IPAddress? = {
|
||||
switch data.count {
|
||||
case 4: return IPv4Address(data)
|
||||
case 16: return IPv6Address(data)
|
||||
default: return nil
|
||||
}
|
||||
}()
|
||||
guard let ipAddress = ipAddressFromData else { throw DecodingError.invalidData }
|
||||
address = ipAddress
|
||||
}
|
||||
|
||||
enum DecodingError: Error {
|
||||
case invalidData
|
||||
}
|
||||
}
|
||||
|
||||
extension Array where Element == LegacyIPAddressRange {
|
||||
var migrated: [IPAddressRange] {
|
||||
return map { $0.migrated }
|
||||
}
|
||||
}
|
||||
|
||||
struct LegacyPeerConfiguration: LegacyModel {
|
||||
let publicKey: Data
|
||||
let preSharedKey: Data?
|
||||
let allowedIPs: [LegacyIPAddressRange]
|
||||
let endpoint: LegacyEndpoint?
|
||||
let persistentKeepAlive: UInt16?
|
||||
|
||||
var migrated: PeerConfiguration {
|
||||
var configuration = PeerConfiguration(publicKey: publicKey)
|
||||
configuration.preSharedKey = preSharedKey
|
||||
configuration.allowedIPs = allowedIPs.migrated
|
||||
configuration.endpoint = endpoint?.migrated
|
||||
configuration.persistentKeepAlive = persistentKeepAlive
|
||||
return configuration
|
||||
}
|
||||
}
|
||||
|
||||
extension Array where Element == LegacyPeerConfiguration {
|
||||
var migrated: [PeerConfiguration] {
|
||||
return map { $0.migrated }
|
||||
}
|
||||
}
|
||||
|
||||
final class LegacyTunnelConfiguration: LegacyModel {
|
||||
let interface: LegacyInterfaceConfiguration
|
||||
let peers: [LegacyPeerConfiguration]
|
||||
|
||||
var migrated: TunnelConfiguration {
|
||||
return TunnelConfiguration(name: interface.name, interface: interface.migrated, peers: peers.migrated)
|
||||
}
|
||||
}
|
||||
|
||||
extension NETunnelProviderProtocol {
|
||||
|
||||
@discardableResult
|
||||
func migrateConfigurationIfNeeded(called name: String) -> Bool {
|
||||
var ret = false
|
||||
if migrateFromConfigurationV1() {
|
||||
ret = true
|
||||
}
|
||||
if migrateFromConfigurationV2(called: name) {
|
||||
ret = true
|
||||
}
|
||||
return ret
|
||||
}
|
||||
|
||||
private func migrateFromConfigurationV1() -> Bool {
|
||||
guard let configurationVersion = providerConfiguration?["tunnelConfigurationVersion"] as? Int else { return false }
|
||||
guard configurationVersion == 1 else { return false }
|
||||
guard let serializedTunnelConfiguration = providerConfiguration?["tunnelConfiguration"] as? Data else { return false }
|
||||
guard let configuration = try? JSONDecoder().decode(LegacyTunnelConfiguration.self, from: serializedTunnelConfiguration) else { return false }
|
||||
providerConfiguration = ["WgQuickConfig": configuration.migrated.asWgQuickConfig()]
|
||||
return true
|
||||
}
|
||||
|
||||
private func migrateFromConfigurationV2(called name: String) -> Bool {
|
||||
guard let oldConfig = providerConfiguration?["WgQuickConfig"] as? String else { return false }
|
||||
providerConfiguration = nil
|
||||
guard passwordReference == nil else { return true }
|
||||
passwordReference = Keychain.makeReference(containing: oldConfig, called: name)
|
||||
return true
|
||||
}
|
||||
|
||||
}
|
|
@ -56,4 +56,17 @@ extension NETunnelProviderProtocol {
|
|||
guard let ref = passwordReference else { return nil }
|
||||
return Keychain.verifyReference(called: ref) ? ref : nil
|
||||
}
|
||||
|
||||
@discardableResult
|
||||
func migrateConfigurationIfNeeded(called name: String) -> Bool {
|
||||
/* This is how we did things before we switched to putting items
|
||||
* in the keychain. But it's still useful to keep the migration
|
||||
* around so that .mobileconfig files are easier.
|
||||
*/
|
||||
guard let oldConfig = providerConfiguration?["WgQuickConfig"] as? String else { return false }
|
||||
providerConfiguration = nil
|
||||
guard passwordReference == nil else { return true }
|
||||
passwordReference = Keychain.makeReference(containing: oldConfig, called: name)
|
||||
return true
|
||||
}
|
||||
}
|
||||
|
|
|
@ -21,8 +21,6 @@
|
|||
5F52D0BD21E3785C00283CEA /* ConfTextStorage.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5F52D0BC21E3785C00283CEA /* ConfTextStorage.swift */; };
|
||||
5F52D0BF21E3788900283CEA /* NSColor+Hex.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5F52D0BE21E3788900283CEA /* NSColor+Hex.swift */; };
|
||||
5F52D0C221E378C000283CEA /* highlighter.c in Sources */ = {isa = PBXBuildFile; fileRef = 5F52D0C121E378C000283CEA /* highlighter.c */; };
|
||||
5F9696AA21CD6AE6008063FE /* LegacyConfigMigration.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5F9696A921CD6AE6008063FE /* LegacyConfigMigration.swift */; };
|
||||
5F9696AB21CD6AE6008063FE /* LegacyConfigMigration.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5F9696A921CD6AE6008063FE /* LegacyConfigMigration.swift */; };
|
||||
5F9696AE21CD6F72008063FE /* String+ArrayConversion.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5F4541B121CBFAEE00994C13 /* String+ArrayConversion.swift */; };
|
||||
5F9696B021CD7128008063FE /* TunnelConfiguration+WgQuickConfig.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5F9696AF21CD7128008063FE /* TunnelConfiguration+WgQuickConfig.swift */; };
|
||||
5F9696B121CD7128008063FE /* TunnelConfiguration+WgQuickConfig.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5F9696AF21CD7128008063FE /* TunnelConfiguration+WgQuickConfig.swift */; };
|
||||
|
@ -78,7 +76,6 @@
|
|||
6FB1BDA521D4F53300A991BF /* TunnelConfiguration+WgQuickConfig.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5F9696AF21CD7128008063FE /* TunnelConfiguration+WgQuickConfig.swift */; };
|
||||
6FB1BDA621D4F53300A991BF /* NETunnelProviderProtocol+Extension.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FFA5D942194454A0001E2F7 /* NETunnelProviderProtocol+Extension.swift */; };
|
||||
6FB1BDA721D4F53300A991BF /* String+ArrayConversion.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5F4541B121CBFAEE00994C13 /* String+ArrayConversion.swift */; };
|
||||
6FB1BDA821D4F53300A991BF /* LegacyConfigMigration.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5F9696A921CD6AE6008063FE /* LegacyConfigMigration.swift */; };
|
||||
6FB1BDA921D4F53300A991BF /* TunnelConfiguration.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F7774E72172020C006A79B3 /* TunnelConfiguration.swift */; };
|
||||
6FB1BDAA21D4F53300A991BF /* IPAddressRange.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F7774E9217229DB006A79B3 /* IPAddressRange.swift */; };
|
||||
6FB1BDAB21D4F53300A991BF /* Endpoint.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F693A552179E556008551C1 /* Endpoint.swift */; };
|
||||
|
@ -98,7 +95,6 @@
|
|||
6FB1BDBF21D50F0200A991BF /* TunnelConfiguration+WgQuickConfig.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5F9696AF21CD7128008063FE /* TunnelConfiguration+WgQuickConfig.swift */; };
|
||||
6FB1BDC021D50F0200A991BF /* NETunnelProviderProtocol+Extension.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FFA5D942194454A0001E2F7 /* NETunnelProviderProtocol+Extension.swift */; };
|
||||
6FB1BDC121D50F0200A991BF /* String+ArrayConversion.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5F4541B121CBFAEE00994C13 /* String+ArrayConversion.swift */; };
|
||||
6FB1BDC221D50F0300A991BF /* LegacyConfigMigration.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5F9696A921CD6AE6008063FE /* LegacyConfigMigration.swift */; };
|
||||
6FB1BDC321D50F0300A991BF /* TunnelConfiguration.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F7774E72172020C006A79B3 /* TunnelConfiguration.swift */; };
|
||||
6FB1BDC421D50F0300A991BF /* IPAddressRange.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F7774E9217229DB006A79B3 /* IPAddressRange.swift */; };
|
||||
6FB1BDC521D50F0300A991BF /* Endpoint.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F693A552179E556008551C1 /* Endpoint.swift */; };
|
||||
|
@ -238,7 +234,6 @@
|
|||
5F52D0BE21E3788900283CEA /* NSColor+Hex.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "NSColor+Hex.swift"; sourceTree = "<group>"; };
|
||||
5F52D0C021E378C000283CEA /* highlighter.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = highlighter.h; sourceTree = "<group>"; };
|
||||
5F52D0C121E378C000283CEA /* highlighter.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; path = highlighter.c; sourceTree = "<group>"; };
|
||||
5F9696A921CD6AE6008063FE /* LegacyConfigMigration.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = LegacyConfigMigration.swift; sourceTree = "<group>"; };
|
||||
5F9696AF21CD7128008063FE /* TunnelConfiguration+WgQuickConfig.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "TunnelConfiguration+WgQuickConfig.swift"; sourceTree = "<group>"; };
|
||||
5FF7B96121CC95DE00A7DD74 /* InterfaceConfiguration.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = InterfaceConfiguration.swift; sourceTree = "<group>"; };
|
||||
5FF7B96421CC95FA00A7DD74 /* PeerConfiguration.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PeerConfiguration.swift; sourceTree = "<group>"; };
|
||||
|
@ -481,7 +476,6 @@
|
|||
5F9696AF21CD7128008063FE /* TunnelConfiguration+WgQuickConfig.swift */,
|
||||
6FFA5D942194454A0001E2F7 /* NETunnelProviderProtocol+Extension.swift */,
|
||||
5F4541B121CBFAEE00994C13 /* String+ArrayConversion.swift */,
|
||||
5F9696A921CD6AE6008063FE /* LegacyConfigMigration.swift */,
|
||||
6F7774E72172020C006A79B3 /* TunnelConfiguration.swift */,
|
||||
6F7774E9217229DB006A79B3 /* IPAddressRange.swift */,
|
||||
6F693A552179E556008551C1 /* Endpoint.swift */,
|
||||
|
@ -1091,7 +1085,6 @@
|
|||
5FF7B96321CC95DE00A7DD74 /* InterfaceConfiguration.swift in Sources */,
|
||||
6FFA5D9321943BC90001E2F7 /* DNSResolver.swift in Sources */,
|
||||
6FFA5D912194370D0001E2F7 /* DNSServer.swift in Sources */,
|
||||
5F9696AB21CD6AE6008063FE /* LegacyConfigMigration.swift in Sources */,
|
||||
6FFA5D8921942F320001E2F7 /* PacketTunnelSettingsGenerator.swift in Sources */,
|
||||
6F5D0C1D218352EF000F85AD /* PacketTunnelProvider.swift in Sources */,
|
||||
);
|
||||
|
@ -1146,7 +1139,6 @@
|
|||
6F613D9B21DE33B8004B217A /* KeyValueRow.swift in Sources */,
|
||||
6FB1BDC121D50F0200A991BF /* String+ArrayConversion.swift in Sources */,
|
||||
5F52D0BB21E3781B00283CEA /* ConfTextView.swift in Sources */,
|
||||
6FB1BDC221D50F0300A991BF /* LegacyConfigMigration.swift in Sources */,
|
||||
6FBA104021D6B7040051C35F /* ErrorPresenterProtocol.swift in Sources */,
|
||||
6FCD99AA21E0E14700BA4C82 /* NoTunnelsDetailViewController.swift in Sources */,
|
||||
6FB1BDC321D50F0300A991BF /* TunnelConfiguration.swift in Sources */,
|
||||
|
@ -1175,7 +1167,6 @@
|
|||
6FB1BDA521D4F53300A991BF /* TunnelConfiguration+WgQuickConfig.swift in Sources */,
|
||||
6FB1BDA621D4F53300A991BF /* NETunnelProviderProtocol+Extension.swift in Sources */,
|
||||
6FB1BDA721D4F53300A991BF /* String+ArrayConversion.swift in Sources */,
|
||||
6FB1BDA821D4F53300A991BF /* LegacyConfigMigration.swift in Sources */,
|
||||
6FB1BDA921D4F53300A991BF /* TunnelConfiguration.swift in Sources */,
|
||||
6FB1BDAA21D4F53300A991BF /* IPAddressRange.swift in Sources */,
|
||||
6FB1BDAB21D4F53300A991BF /* Endpoint.swift in Sources */,
|
||||
|
@ -1216,7 +1207,6 @@
|
|||
5F45419821C2D60500994C13 /* KeyValueCell.swift in Sources */,
|
||||
6FBA103E21D6B6D70051C35F /* TunnelImporter.swift in Sources */,
|
||||
6F919EC3218A2AE90023B400 /* ErrorPresenter.swift in Sources */,
|
||||
5F9696AA21CD6AE6008063FE /* LegacyConfigMigration.swift in Sources */,
|
||||
6F5A2B4821AFF49A0081EDD8 /* FileManager+Extension.swift in Sources */,
|
||||
5F45418C21C2D48200994C13 /* TunnelEditKeyValueCell.swift in Sources */,
|
||||
6FE254FB219C10800028284D /* ZipImporter.swift in Sources */,
|
||||
|
|
Loading…
Reference in New Issue