passepartoutvpn/wireguard-apple
1
0
Fork 0
mirror of https://github.com/passepartoutvpn/wireguard-apple.git synced 2025-02-01 13:32:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Move logic to extension: Refactor PacketTunnelOptionsGenerator into a PacketTunnelSettingsGenerator

Browse Source
This commit is contained in:
Roopesh Chander 2018-11-08 15:44:13 +05:30
parent 13eebb2e64
commit 80e563406b
2 changed files with 67 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
WireGuard/WireGuard.xcodeproj/project.pbxproj
View File

@ -42,7 +42,7 @@
6FDEF8082187442100D8FBF6 /* WgQuickConfigFileWriter.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FDEF8072187442100D8FBF6 /* WgQuickConfigFileWriter.swift */; }; 6FDEF8082187442100D8FBF6 /* WgQuickConfigFileWriter.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FDEF8072187442100D8FBF6 /* WgQuickConfigFileWriter.swift */; };
6FF4AC1F211EC472002C96EB /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 6FF4AC1E211EC472002C96EB /* Assets.xcassets */; }; 6FF4AC1F211EC472002C96EB /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 6FF4AC1E211EC472002C96EB /* Assets.xcassets */; };
6FF4AC22211EC472002C96EB /* LaunchScreen.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = 6FF4AC20211EC472002C96EB /* LaunchScreen.storyboard */; }; 6FF4AC22211EC472002C96EB /* LaunchScreen.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = 6FF4AC20211EC472002C96EB /* LaunchScreen.storyboard */; };
6FFA5D8921942F320001E2F7 /* PacketTunnelOptionsGenerator.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F5D0C472183C6A3000F85AD /* PacketTunnelOptionsGenerator.swift */; }; 6FFA5D8921942F320001E2F7 /* PacketTunnelSettingsGenerator.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F5D0C472183C6A3000F85AD /* PacketTunnelSettingsGenerator.swift */; };
6FFA5D8E2194370D0001E2F7 /* Configuration.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F7774E72172020C006A79B3 /* Configuration.swift */; }; 6FFA5D8E2194370D0001E2F7 /* Configuration.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F7774E72172020C006A79B3 /* Configuration.swift */; };
6FFA5D8F2194370D0001E2F7 /* IPAddressRange.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F7774E9217229DB006A79B3 /* IPAddressRange.swift */; }; 6FFA5D8F2194370D0001E2F7 /* IPAddressRange.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F7774E9217229DB006A79B3 /* IPAddressRange.swift */; };
6FFA5D902194370D0001E2F7 /* Endpoint.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F693A552179E556008551C1 /* Endpoint.swift */; }; 6FFA5D902194370D0001E2F7 /* Endpoint.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F693A552179E556008551C1 /* Endpoint.swift */; };
@ -91,7 +91,7 @@
6F5D0C1F218352EF000F85AD /* WireGuardNetworkExtension.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = WireGuardNetworkExtension.entitlements; sourceTree = "<group>"; }; 6F5D0C1F218352EF000F85AD /* WireGuardNetworkExtension.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = WireGuardNetworkExtension.entitlements; sourceTree = "<group>"; };
6F5D0C3421839E37000F85AD /* WireGuardNetworkExtension-Bridging-Header.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = "WireGuardNetworkExtension-Bridging-Header.h"; sourceTree = "<group>"; }; 6F5D0C3421839E37000F85AD /* WireGuardNetworkExtension-Bridging-Header.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = "WireGuardNetworkExtension-Bridging-Header.h"; sourceTree = "<group>"; };
6F5D0C442183BCDA000F85AD /* PacketTunnelOptionKey.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PacketTunnelOptionKey.swift; sourceTree = "<group>"; }; 6F5D0C442183BCDA000F85AD /* PacketTunnelOptionKey.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PacketTunnelOptionKey.swift; sourceTree = "<group>"; };
6F5D0C472183C6A3000F85AD /* PacketTunnelOptionsGenerator.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PacketTunnelOptionsGenerator.swift; sourceTree = "<group>"; }; 6F5D0C472183C6A3000F85AD /* PacketTunnelSettingsGenerator.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PacketTunnelSettingsGenerator.swift; sourceTree = "<group>"; };
6F628C3C217F09E9003482A3 /* TunnelViewModel.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = TunnelViewModel.swift; sourceTree = "<group>"; }; 6F628C3C217F09E9003482A3 /* TunnelViewModel.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = TunnelViewModel.swift; sourceTree = "<group>"; };
6F628C3E217F3413003482A3 /* DNSServer.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = DNSServer.swift; sourceTree = "<group>"; }; 6F628C3E217F3413003482A3 /* DNSServer.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = DNSServer.swift; sourceTree = "<group>"; };
6F628C40217F47DB003482A3 /* TunnelDetailTableViewController.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = TunnelDetailTableViewController.swift; sourceTree = "<group>"; }; 6F628C40217F47DB003482A3 /* TunnelDetailTableViewController.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = TunnelDetailTableViewController.swift; sourceTree = "<group>"; };
@ -156,7 +156,7 @@
isa = PBXGroup; isa = PBXGroup;
children = ( children = (
6F5D0C1C218352EF000F85AD /* PacketTunnelProvider.swift */, 6F5D0C1C218352EF000F85AD /* PacketTunnelProvider.swift */,
6F5D0C472183C6A3000F85AD /* PacketTunnelOptionsGenerator.swift */, 6F5D0C472183C6A3000F85AD /* PacketTunnelSettingsGenerator.swift */,
6F5D0C1421832391000F85AD /* DNSResolver.swift */, 6F5D0C1421832391000F85AD /* DNSResolver.swift */,
6F5D0C1E218352EF000F85AD /* Info.plist */, 6F5D0C1E218352EF000F85AD /* Info.plist */,
6F5D0C1F218352EF000F85AD /* WireGuardNetworkExtension.entitlements */, 6F5D0C1F218352EF000F85AD /* WireGuardNetworkExtension.entitlements */,
@ -497,7 +497,7 @@
6FFA5D9321943BC90001E2F7 /* DNSResolver.swift in Sources */, 6FFA5D9321943BC90001E2F7 /* DNSResolver.swift in Sources */,
6FFA5D912194370D0001E2F7 /* DNSServer.swift in Sources */, 6FFA5D912194370D0001E2F7 /* DNSServer.swift in Sources */,
6F5D0C462183C0B4000F85AD /* PacketTunnelOptionKey.swift in Sources */, 6F5D0C462183C0B4000F85AD /* PacketTunnelOptionKey.swift in Sources */,
6FFA5D8921942F320001E2F7 /* PacketTunnelOptionsGenerator.swift in Sources */, 6FFA5D8921942F320001E2F7 /* PacketTunnelSettingsGenerator.swift in Sources */,
6F5D0C1D218352EF000F85AD /* PacketTunnelProvider.swift in Sources */, 6F5D0C1D218352EF000F85AD /* PacketTunnelProvider.swift in Sources */,
); );
runOnlyForDeploymentPostprocessing = 0; runOnlyForDeploymentPostprocessing = 0;

101
WireGuard/WireGuardNetworkExtension/PacketTunnelOptionsGenerator.swift → WireGuard/WireGuardNetworkExtension/PacketTunnelSettingsGenerator.swift
View File

@ -3,29 +3,30 @@
import Foundation import Foundation
import Network import Network
import NetworkExtension
class PacketTunnelOptionsGenerator { class PacketTunnelSettingsGenerator {
static func generateOptions(from tc: TunnelConfiguration,
withResolvedEndpoints resolvedEndpoints: [Endpoint?]) -> [String: NSObject] {
var options: [String: NSObject] = [:]
// Interface name let tunnelConfiguration: TunnelConfiguration
let resolvedEndpoints: [Endpoint?]
options[.interfaceName] = tc.interface.name as NSObject init(tunnelConfiguration: TunnelConfiguration, resolvedEndpoints: [Endpoint?]) {
self.tunnelConfiguration = tunnelConfiguration
// WireGuard settings self.resolvedEndpoints = resolvedEndpoints
}
func generateWireGuardSettings() -> String {
var wgSettings = "" var wgSettings = ""
let privateKey = tc.interface.privateKey.hexEncodedString() let privateKey = tunnelConfiguration.interface.privateKey.hexEncodedString()
wgSettings.append("private_key=\(privateKey)\n") wgSettings.append("private_key=\(privateKey)\n")
if let listenPort = tc.interface.listenPort { if let listenPort = tunnelConfiguration.interface.listenPort {
wgSettings.append("listen_port=\(listenPort)\n") wgSettings.append("listen_port=\(listenPort)\n")
} }
if (tc.peers.count > 0) { if (tunnelConfiguration.peers.count > 0) {
wgSettings.append("replace_peers=true\n") wgSettings.append("replace_peers=true\n")
} }
assert(tc.peers.count == resolvedEndpoints.count) assert(tunnelConfiguration.peers.count == resolvedEndpoints.count)
for (i, peer) in tc.peers.enumerated() { for (i, peer) in tunnelConfiguration.peers.enumerated() {
wgSettings.append("public_key=\(peer.publicKey.hexEncodedString())\n") wgSettings.append("public_key=\(peer.publicKey.hexEncodedString())\n")
if let preSharedKey = peer.preSharedKey { if let preSharedKey = peer.preSharedKey {
wgSettings.append("preshared_key=\(preSharedKey.hexEncodedString())\n") wgSettings.append("preshared_key=\(preSharedKey.hexEncodedString())\n")
@ -43,8 +44,10 @@ class PacketTunnelOptionsGenerator {
} }
} }
} }
return wgSettings
}
options[.wireguardSettings] = wgSettings as NSObject func generateNetworkSettings() -> NEPacketTunnelNetworkSettings {
// Remote address // Remote address
@ -67,15 +70,22 @@ class PacketTunnelOptionsGenerator {
} }
} }
options[.remoteAddress] = remoteAddress as NSObject let networkSettings = NEPacketTunnelNetworkSettings(tunnelRemoteAddress: remoteAddress)
// DNS // DNS
options[.dnsServers] = tc.interface.dns.map { $0.stringRepresentation() } as NSObject let dnsServerStrings = tunnelConfiguration.interface.dns.map { $0.stringRepresentation() }
networkSettings.dnsSettings = NEDNSSettings(servers: dnsServerStrings)
// MTU // MTU
options[.mtu] = NSNumber(value: tc.interface.mtu ?? 0) // 0 implies auto-MTU let mtu = tunnelConfiguration.interface.mtu ?? 0
if (mtu == 0) {
// 0 imples automatic MTU, where we set overhead as 80 bytes, which is the worst case for WireGuard
networkSettings.tunnelOverheadBytes = 80
} else {
networkSettings.mtu = NSNumber(value: mtu)
}
// Addresses from interface addresses // Addresses from interface addresses
@ -85,22 +95,16 @@ class PacketTunnelOptionsGenerator {
var ipv6Addresses: [String] = [] var ipv6Addresses: [String] = []
var ipv6NetworkPrefixLengths: [NSNumber] = [] var ipv6NetworkPrefixLengths: [NSNumber] = []
for addressRange in tc.interface.addresses { for addressRange in tunnelConfiguration.interface.addresses {
if (addressRange.address is IPv4Address) { if (addressRange.address is IPv4Address) {
ipv4Addresses.append("\(addressRange.address)") ipv4Addresses.append("\(addressRange.address)")
ipv4SubnetMasks.append(ipv4SubnetMaskString(of: addressRange)) ipv4SubnetMasks.append(PacketTunnelSettingsGenerator.ipv4SubnetMaskString(of: addressRange))
} else if (addressRange.address is IPv6Address) { } else if (addressRange.address is IPv6Address) {
ipv6Addresses.append("\(addressRange.address)") ipv6Addresses.append("\(addressRange.address)")
ipv6NetworkPrefixLengths.append(NSNumber(value: addressRange.networkPrefixLength)) ipv6NetworkPrefixLengths.append(NSNumber(value: addressRange.networkPrefixLength))
} }
} }
options[.ipv4Addresses] = ipv4Addresses as NSObject
options[.ipv4SubnetMasks] = ipv4SubnetMasks as NSObject
options[.ipv6Addresses] = ipv6Addresses as NSObject
options[.ipv6NetworkPrefixLengths] = ipv6NetworkPrefixLengths as NSObject
// Included routes from AllowedIPs // Included routes from AllowedIPs
var ipv4IncludedRouteAddresses: [String] = [] var ipv4IncludedRouteAddresses: [String] = []
@ -109,11 +113,11 @@ class PacketTunnelOptionsGenerator {
var ipv6IncludedRouteAddresses: [String] = [] var ipv6IncludedRouteAddresses: [String] = []
var ipv6IncludedRouteNetworkPrefixLengths: [NSNumber] = [] var ipv6IncludedRouteNetworkPrefixLengths: [NSNumber] = []
for peer in tc.peers { for peer in tunnelConfiguration.peers {
for addressRange in peer.allowedIPs { for addressRange in peer.allowedIPs {
if (addressRange.address is IPv4Address) { if (addressRange.address is IPv4Address) {
ipv4IncludedRouteAddresses.append("\(addressRange.address)") ipv4IncludedRouteAddresses.append("\(addressRange.address)")
ipv4IncludedRouteSubnetMasks.append(ipv4SubnetMaskString(of: addressRange)) ipv4IncludedRouteSubnetMasks.append(PacketTunnelSettingsGenerator.ipv4SubnetMaskString(of: addressRange))
} else if (addressRange.address is IPv6Address) { } else if (addressRange.address is IPv6Address) {
ipv6IncludedRouteAddresses.append("\(addressRange.address)") ipv6IncludedRouteAddresses.append("\(addressRange.address)")
ipv6IncludedRouteNetworkPrefixLengths.append(NSNumber(value: addressRange.networkPrefixLength)) ipv6IncludedRouteNetworkPrefixLengths.append(NSNumber(value: addressRange.networkPrefixLength))
@ -121,12 +125,6 @@ class PacketTunnelOptionsGenerator {
} }
} }
options[.ipv4IncludedRouteAddresses] = ipv4IncludedRouteAddresses as NSObject
options[.ipv4IncludedRouteSubnetMasks] = ipv4IncludedRouteSubnetMasks as NSObject
options[.ipv6IncludedRouteAddresses] = ipv6IncludedRouteAddresses as NSObject
options[.ipv6IncludedRouteNetworkPrefixLengths] = ipv6IncludedRouteNetworkPrefixLengths as NSObject
// Excluded routes from endpoints // Excluded routes from endpoints
var ipv4ExcludedRouteAddresses: [String] = [] var ipv4ExcludedRouteAddresses: [String] = []
@ -149,13 +147,40 @@ class PacketTunnelOptionsGenerator {
} }
} }
options[.ipv4ExcludedRouteAddresses] = ipv4ExcludedRouteAddresses as NSObject // Apply IPv4 settings
options[.ipv4ExcludedRouteSubnetMasks] = ipv4ExcludedRouteSubnetMasks as NSObject
options[.ipv6ExcludedRouteAddresses] = ipv6ExcludedRouteAddresses as NSObject let ipv4Settings = NEIPv4Settings(addresses: ipv4Addresses, subnetMasks: ipv4SubnetMasks)
options[.ipv6ExcludedRouteNetworkPrefixLengths] = ipv6ExcludedRouteNetworkPrefixLengths as NSObject assert(ipv4IncludedRouteAddresses.count == ipv4IncludedRouteSubnetMasks.count)
ipv4Settings.includedRoutes = zip(ipv4IncludedRouteAddresses, ipv4IncludedRouteSubnetMasks).map {
NEIPv4Route(destinationAddress: $0.0, subnetMask: $0.1)
}
assert(ipv4ExcludedRouteAddresses.count == ipv4ExcludedRouteSubnetMasks.count)
ipv4Settings.excludedRoutes = zip(ipv4ExcludedRouteAddresses, ipv4ExcludedRouteSubnetMasks).map {
NEIPv4Route(destinationAddress: $0.0, subnetMask: $0.1)
}
networkSettings.ipv4Settings = ipv4Settings
return options // Apply IPv6 settings
/* Big fat ugly hack for broken iOS networking stack: the smallest prefix that will have
* any effect on iOS is a /120, so we clamp everything above to /120. This is potentially
* very bad, if various network parameters were actually relying on that subnet being
* intentionally small. TODO: talk about this with upstream iOS devs.
*/
let ipv6Settings = NEIPv6Settings(addresses: ipv6Addresses, networkPrefixLengths: ipv6NetworkPrefixLengths.map { NSNumber(value: min(120, $0.intValue)) })
assert(ipv6IncludedRouteAddresses.count == ipv6IncludedRouteNetworkPrefixLengths.count)
ipv6Settings.includedRoutes = zip(ipv6IncludedRouteAddresses, ipv6IncludedRouteNetworkPrefixLengths).map {
NEIPv6Route(destinationAddress: $0.0, networkPrefixLength: $0.1)
}
assert(ipv6ExcludedRouteAddresses.count == ipv6ExcludedRouteNetworkPrefixLengths.count)
ipv6Settings.excludedRoutes = zip(ipv6ExcludedRouteAddresses, ipv6ExcludedRouteNetworkPrefixLengths).map {
NEIPv6Route(destinationAddress: $0.0, networkPrefixLength: $0.1)
}
networkSettings.ipv6Settings = ipv6Settings
// Done
return networkSettings
} }
static func ipv4SubnetMaskString(of addressRange: IPAddressRange) -> String { static func ipv4SubnetMaskString(of addressRange: IPAddressRange) -> String {