aboutsummaryrefslogtreecommitdiffstats
path: root/WireGuard/WireGuard
diff options
context:
space:
mode:
authorEric Kuck <eric@bluelinelabs.com>2018-12-21 15:16:09 -0600
committerEric Kuck <eric@bluelinelabs.com>2018-12-21 16:32:08 -0600
commit1fecd8eb6c5c2327d4bfd5044876be12876fc7e5 (patch)
tree45c7f4c552eb01bd15c54e58615c9122acc99e83 /WireGuard/WireGuard
parentDo not require NetworkExtension to know its own name (diff)
downloadwireguard-apple-1fecd8eb6c5c2327d4bfd5044876be12876fc7e5.tar.xz
wireguard-apple-1fecd8eb6c5c2327d4bfd5044876be12876fc7e5.zip
providerConfiguration is now a WgQuickConfig
Signed-off-by: Eric Kuck <eric@bluelinelabs.com>
Diffstat (limited to 'WireGuard/WireGuard')
-rw-r--r--WireGuard/WireGuard/ConfigFile/WgQuickConfigFileParser.swift164
-rw-r--r--WireGuard/WireGuard/ConfigFile/WgQuickConfigFileWriter.swift46
-rw-r--r--WireGuard/WireGuard/Tunnel/MockTunnels.swift2
-rw-r--r--WireGuard/WireGuard/Tunnel/TunnelsManager.swift30
-rw-r--r--WireGuard/WireGuard/UI/iOS/String+ArrayConversion.swift32
-rw-r--r--WireGuard/WireGuard/UI/iOS/ViewController/QRScanViewController.swift2
-rw-r--r--WireGuard/WireGuard/UI/iOS/ViewController/TunnelsListTableViewController.swift2
-rw-r--r--WireGuard/WireGuard/ZipArchive/ZipExporter.swift4
-rw-r--r--WireGuard/WireGuard/ZipArchive/ZipImporter.swift8
9 files changed, 20 insertions, 270 deletions
diff --git a/WireGuard/WireGuard/ConfigFile/WgQuickConfigFileParser.swift b/WireGuard/WireGuard/ConfigFile/WgQuickConfigFileParser.swift
deleted file mode 100644
index f4c52c2..0000000
--- a/WireGuard/WireGuard/ConfigFile/WgQuickConfigFileParser.swift
+++ /dev/null
@@ -1,164 +0,0 @@
-// SPDX-License-Identifier: MIT
-// Copyright © 2018 WireGuard LLC. All Rights Reserved.
-
-import Foundation
-
-class WgQuickConfigFileParser {
-
- enum ParserState {
- case inInterfaceSection
- case inPeerSection
- case notInASection
- }
-
- enum ParseError: Error {
- case invalidLine(_ line: String.SubSequence)
- case noInterface
- case invalidInterface
- case multipleInterfaces
- case multiplePeersWithSamePublicKey
- case invalidPeer
- }
-
- //swiftlint:disable:next cyclomatic_complexity function_body_length
- static func parse(_ text: String, name: String) throws -> TunnelConfiguration {
- assert(!name.isEmpty)
-
- var interfaceConfiguration: InterfaceConfiguration?
- var peerConfigurations = [PeerConfiguration]()
-
- let lines = text.split(separator: "\n")
-
- var parserState = ParserState.notInASection
- var attributes = [String: String]()
-
- for (lineIndex, line) in lines.enumerated() {
- var trimmedLine: String
- if let commentRange = line.range(of: "#") {
- trimmedLine = String(line[..<commentRange.lowerBound])
- } else {
- trimmedLine = String(line)
- }
-
- trimmedLine = trimmedLine.trimmingCharacters(in: .whitespaces)
-
- guard !trimmedLine.isEmpty else { continue }
- let lowercasedLine = line.lowercased()
-
- if let equalsIndex = line.firstIndex(of: "=") {
- // Line contains an attribute
- let key = line[..<equalsIndex].trimmingCharacters(in: .whitespaces).lowercased()
- let value = line[line.index(equalsIndex, offsetBy: 1)...].trimmingCharacters(in: .whitespaces)
- let keysWithMultipleEntriesAllowed: Set<String> = ["address", "allowedips", "dns"]
- if let presentValue = attributes[key], keysWithMultipleEntriesAllowed.contains(key) {
- attributes[key] = presentValue + "," + value
- } else {
- attributes[key] = value
- }
- } else if lowercasedLine != "[interface]" && lowercasedLine != "[peer]" {
- throw ParseError.invalidLine(line)
- }
-
- let isLastLine = lineIndex == lines.count - 1
-
- if isLastLine || lowercasedLine == "[interface]" || lowercasedLine == "[peer]" {
- // Previous section has ended; process the attributes collected so far
- if parserState == .inInterfaceSection {
- guard let interface = collate(interfaceAttributes: attributes, name: name) else { throw ParseError.invalidInterface }
- guard interfaceConfiguration == nil else { throw ParseError.multipleInterfaces }
- interfaceConfiguration = interface
- } else if parserState == .inPeerSection {
- guard let peer = collate(peerAttributes: attributes) else { throw ParseError.invalidPeer }
- peerConfigurations.append(peer)
- }
- }
-
- if lowercasedLine == "[interface]" {
- parserState = .inInterfaceSection
- attributes.removeAll()
- } else if lowercasedLine == "[peer]" {
- parserState = .inPeerSection
- attributes.removeAll()
- }
- }
-
- let peerPublicKeysArray = peerConfigurations.map { $0.publicKey }
- let peerPublicKeysSet = Set<Data>(peerPublicKeysArray)
- if peerPublicKeysArray.count != peerPublicKeysSet.count {
- throw ParseError.multiplePeersWithSamePublicKey
- }
-
- if let interfaceConfiguration = interfaceConfiguration {
- let tunnelConfiguration = TunnelConfiguration(interface: interfaceConfiguration, peers: peerConfigurations)
- return tunnelConfiguration
- } else {
- throw ParseError.noInterface
- }
- }
-
- //swiftlint:disable:next cyclomatic_complexity
- private static func collate(interfaceAttributes attributes: [String: String], name: String) -> InterfaceConfiguration? {
- // required wg fields
- guard let privateKeyString = attributes["privatekey"] else { return nil }
- guard let privateKey = Data(base64Encoded: privateKeyString), privateKey.count == TunnelConfiguration.keyLength else { return nil }
- var interface = InterfaceConfiguration(name: name, privateKey: privateKey)
- // other wg fields
- if let listenPortString = attributes["listenport"] {
- guard let listenPort = UInt16(listenPortString) else { return nil }
- interface.listenPort = listenPort
- }
- // wg-quick fields
- if let addressesString = attributes["address"] {
- var addresses = [IPAddressRange]()
- for addressString in addressesString.splitToArray(trimmingCharacters: .whitespaces) {
- guard let address = IPAddressRange(from: addressString) else { return nil }
- addresses.append(address)
- }
- interface.addresses = addresses
- }
- if let dnsString = attributes["dns"] {
- var dnsServers = [DNSServer]()
- for dnsServerString in dnsString.splitToArray(trimmingCharacters: .whitespaces) {
- guard let dnsServer = DNSServer(from: dnsServerString) else { return nil }
- dnsServers.append(dnsServer)
- }
- interface.dns = dnsServers
- }
- if let mtuString = attributes["mtu"] {
- guard let mtu = UInt16(mtuString) else { return nil }
- interface.mtu = mtu
- }
- return interface
- }
-
- //swiftlint:disable:next cyclomatic_complexity
- private static func collate(peerAttributes attributes: [String: String]) -> PeerConfiguration? {
- // required wg fields
- guard let publicKeyString = attributes["publickey"] else { return nil }
- guard let publicKey = Data(base64Encoded: publicKeyString), publicKey.count == TunnelConfiguration.keyLength else { return nil }
- var peer = PeerConfiguration(publicKey: publicKey)
- // wg fields
- if let preSharedKeyString = attributes["presharedkey"] {
- guard let preSharedKey = Data(base64Encoded: preSharedKeyString), preSharedKey.count == TunnelConfiguration.keyLength else { return nil }
- peer.preSharedKey = preSharedKey
- }
- if let allowedIPsString = attributes["allowedips"] {
- var allowedIPs = [IPAddressRange]()
- for allowedIPString in allowedIPsString.splitToArray(trimmingCharacters: .whitespacesAndNewlines) {
- guard let allowedIP = IPAddressRange(from: allowedIPString) else { return nil }
- allowedIPs.append(allowedIP)
- }
- peer.allowedIPs = allowedIPs
- }
- if let endpointString = attributes["endpoint"] {
- guard let endpoint = Endpoint(from: endpointString) else { return nil }
- peer.endpoint = endpoint
- }
- if let persistentKeepAliveString = attributes["persistentkeepalive"] {
- guard let persistentKeepAlive = UInt16(persistentKeepAliveString) else { return nil }
- peer.persistentKeepAlive = persistentKeepAlive
- }
- return peer
- }
-
-}
diff --git a/WireGuard/WireGuard/ConfigFile/WgQuickConfigFileWriter.swift b/WireGuard/WireGuard/ConfigFile/WgQuickConfigFileWriter.swift
deleted file mode 100644
index 2dab266..0000000
--- a/WireGuard/WireGuard/ConfigFile/WgQuickConfigFileWriter.swift
+++ /dev/null
@@ -1,46 +0,0 @@
-// SPDX-License-Identifier: MIT
-// Copyright © 2018 WireGuard LLC. All Rights Reserved.
-
-import UIKit
-
-class WgQuickConfigFileWriter {
- static func writeConfigFile(from configuration: TunnelConfiguration) -> Data? {
- let interface = configuration.interface
- var output = "[Interface]\n"
- output.append("PrivateKey = \(interface.privateKey.base64EncodedString())\n")
- if let listenPort = interface.listenPort {
- output.append("ListenPort = \(listenPort)\n")
- }
- if !interface.addresses.isEmpty {
- let addressString = interface.addresses.map { $0.stringRepresentation }.joined(separator: ", ")
- output.append("Address = \(addressString)\n")
- }
- if !interface.dns.isEmpty {
- let dnsString = interface.dns.map { $0.stringRepresentation }.joined(separator: ", ")
- output.append("DNS = \(dnsString)\n")
- }
- if let mtu = interface.mtu {
- output.append("MTU = \(mtu)\n")
- }
-
- for peer in configuration.peers {
- output.append("\n[Peer]\n")
- output.append("PublicKey = \(peer.publicKey.base64EncodedString())\n")
- if let preSharedKey = peer.preSharedKey {
- output.append("PresharedKey = \(preSharedKey.base64EncodedString())\n")
- }
- if !peer.allowedIPs.isEmpty {
- let allowedIPsString = peer.allowedIPs.map { $0.stringRepresentation }.joined(separator: ", ")
- output.append("AllowedIPs = \(allowedIPsString)\n")
- }
- if let endpoint = peer.endpoint {
- output.append("Endpoint = \(endpoint.stringRepresentation)\n")
- }
- if let persistentKeepAlive = peer.persistentKeepAlive {
- output.append("PersistentKeepalive = \(persistentKeepAlive)\n")
- }
- }
-
- return output.data(using: .utf8)
- }
-}
diff --git a/WireGuard/WireGuard/Tunnel/MockTunnels.swift b/WireGuard/WireGuard/Tunnel/MockTunnels.swift
index 764d860..e618257 100644
--- a/WireGuard/WireGuard/Tunnel/MockTunnels.swift
+++ b/WireGuard/WireGuard/Tunnel/MockTunnels.swift
@@ -38,7 +38,7 @@ class MockTunnels {
let tunnelProviderManager = NETunnelProviderManager()
tunnelProviderManager.protocolConfiguration = NETunnelProviderProtocol(tunnelConfiguration: tunnelConfiguration)
- tunnelProviderManager.localizedDescription = tunnelName
+ tunnelProviderManager.localizedDescription = (tunnelConfiguration).interface.name
tunnelProviderManager.isEnabled = true
return tunnelProviderManager
diff --git a/WireGuard/WireGuard/Tunnel/TunnelsManager.swift b/WireGuard/WireGuard/Tunnel/TunnelsManager.swift
index 51f0d37..903dfad 100644
--- a/WireGuard/WireGuard/Tunnel/TunnelsManager.swift
+++ b/WireGuard/WireGuard/Tunnel/TunnelsManager.swift
@@ -43,9 +43,9 @@ class TunnelsManager {
}
let tunnelManagers = managers ?? []
- tunnelManagers.forEach {
- if ($0.protocolConfiguration as? NETunnelProviderProtocol)?.migrateConfigurationIfNeeded() == true {
- $0.saveToPreferences { _ in }
+ tunnelManagers.forEach { tunnelManager in
+ if (tunnelManager.protocolConfiguration as? NETunnelProviderProtocol)?.migrateConfigurationIfNeeded() == true {
+ tunnelManager.saveToPreferences { _ in }
}
}
completionHandler(.success(TunnelsManager(tunnelProviders: tunnelManagers)))
@@ -54,7 +54,7 @@ class TunnelsManager {
}
func add(tunnelConfiguration: TunnelConfiguration, activateOnDemandSetting: ActivateOnDemandSetting = ActivateOnDemandSetting.defaultSetting, completionHandler: @escaping (WireGuardResult<TunnelContainer>) -> Void) {
- let tunnelName = tunnelConfiguration.interface.name
+ let tunnelName = tunnelConfiguration.interface.name ?? ""
if tunnelName.isEmpty {
completionHandler(.failure(TunnelsManagerError.tunnelNameEmpty))
return
@@ -67,7 +67,7 @@ class TunnelsManager {
let tunnelProviderManager = NETunnelProviderManager()
tunnelProviderManager.protocolConfiguration = NETunnelProviderProtocol(tunnelConfiguration: tunnelConfiguration)
- tunnelProviderManager.localizedDescription = tunnelName
+ tunnelProviderManager.localizedDescription = (tunnelConfiguration).interface.name
tunnelProviderManager.isEnabled = true
activateOnDemandSetting.apply(on: tunnelProviderManager)
@@ -107,7 +107,7 @@ class TunnelsManager {
}
func modify(tunnel: TunnelContainer, tunnelConfiguration: TunnelConfiguration, activateOnDemandSetting: ActivateOnDemandSetting, completionHandler: @escaping (TunnelsManagerError?) -> Void) {
- let tunnelName = tunnelConfiguration.interface.name
+ let tunnelName = tunnelConfiguration.interface.name ?? ""
if tunnelName.isEmpty {
completionHandler(TunnelsManagerError.tunnelNameEmpty)
return
@@ -123,12 +123,10 @@ class TunnelsManager {
tunnel.name = tunnelName
}
- let shouldRestartIfActive = !((tunnelProviderManager.protocolConfiguration as? NETunnelProviderProtocol)?.hasTunnelConfiguration(tunnelConfiguration: tunnelConfiguration) ?? false)
-
tunnelProviderManager.protocolConfiguration = NETunnelProviderProtocol(tunnelConfiguration: tunnelConfiguration)
- tunnelProviderManager.localizedDescription = tunnelName
+ tunnelProviderManager.localizedDescription = (tunnelConfiguration).interface.name
tunnelProviderManager.isEnabled = true
-
+
let isActivatingOnDemand = !tunnelProviderManager.isOnDemandEnabled && activateOnDemandSetting.isActivateOnDemandEnabled
activateOnDemandSetting.apply(on: tunnelProviderManager)
@@ -148,12 +146,10 @@ class TunnelsManager {
}
self.tunnelsListDelegate?.tunnelModified(at: self.tunnels.firstIndex(of: tunnel)!)
- if shouldRestartIfActive {
- if tunnel.status == .active || tunnel.status == .activating || tunnel.status == .reasserting {
- // Turn off the tunnel, and then turn it back on, so the changes are made effective
- tunnel.status = .restarting
- (tunnel.tunnelProvider.connection as? NETunnelProviderSession)?.stopTunnel()
- }
+ if tunnel.status == .active || tunnel.status == .activating || tunnel.status == .reasserting {
+ // Turn off the tunnel, and then turn it back on, so the changes are made effective
+ tunnel.status = .restarting
+ (tunnel.tunnelProvider.connection as? NETunnelProviderSession)?.stopTunnel()
}
if isActivatingOnDemand {
@@ -353,7 +349,7 @@ class TunnelContainer: NSObject {
private var lastTunnelConnectionStatus: NEVPNStatus?
var tunnelConfiguration: TunnelConfiguration? {
- return (tunnelProvider.protocolConfiguration as? NETunnelProviderProtocol)?.tunnelConfiguration
+ return (tunnelProvider.protocolConfiguration as? NETunnelProviderProtocol)?.tunnelConfiguration(name: tunnelProvider.localizedDescription)
}
var activateOnDemandSetting: ActivateOnDemandSetting {
diff --git a/WireGuard/WireGuard/UI/iOS/String+ArrayConversion.swift b/WireGuard/WireGuard/UI/iOS/String+ArrayConversion.swift
deleted file mode 100644
index 9b69cf4..0000000
--- a/WireGuard/WireGuard/UI/iOS/String+ArrayConversion.swift
+++ /dev/null
@@ -1,32 +0,0 @@
-// SPDX-License-Identifier: MIT
-// Copyright © 2018 WireGuard LLC. All Rights Reserved.
-
-import Foundation
-
-extension String {
-
- func splitToArray(separator: Character = ",", trimmingCharacters: CharacterSet? = nil) -> [String] {
- return split(separator: separator)
- .map {
- if let charSet = trimmingCharacters {
- return $0.trimmingCharacters(in: charSet)
- } else {
- return String($0)
- }
- }
- }
-
-}
-
-extension Optional where Wrapped == String {
-
- func splitToArray(separator: Character = ",", trimmingCharacters: CharacterSet? = nil) -> [String] {
- switch self {
- case .none:
- return []
- case .some(let wrapped):
- return wrapped.splitToArray(separator: separator, trimmingCharacters: trimmingCharacters)
- }
- }
-
-}
diff --git a/WireGuard/WireGuard/UI/iOS/ViewController/QRScanViewController.swift b/WireGuard/WireGuard/UI/iOS/ViewController/QRScanViewController.swift
index 1fd6905..a4f7130 100644
--- a/WireGuard/WireGuard/UI/iOS/ViewController/QRScanViewController.swift
+++ b/WireGuard/WireGuard/UI/iOS/ViewController/QRScanViewController.swift
@@ -101,7 +101,7 @@ class QRScanViewController: UIViewController {
}
func scanDidComplete(withCode code: String) {
- let scannedTunnelConfiguration = try? WgQuickConfigFileParser.parse(code, name: "Scanned")
+ let scannedTunnelConfiguration = try? TunnelConfiguration(code, name: "Scanned")
guard let tunnelConfiguration = scannedTunnelConfiguration else {
scanDidEncounterError(title: tr("alertScanQRCodeInvalidQRCodeTitle"), message: tr("alertScanQRCodeInvalidQRCodeMessage"))
return
diff --git a/WireGuard/WireGuard/UI/iOS/ViewController/TunnelsListTableViewController.swift b/WireGuard/WireGuard/UI/iOS/ViewController/TunnelsListTableViewController.swift
index fff976f..6dd8e9c 100644
--- a/WireGuard/WireGuard/UI/iOS/ViewController/TunnelsListTableViewController.swift
+++ b/WireGuard/WireGuard/UI/iOS/ViewController/TunnelsListTableViewController.swift
@@ -180,7 +180,7 @@ class TunnelsListTableViewController: UIViewController {
} else /* if (url.pathExtension == "conf") -- we assume everything else is a conf */ {
let fileBaseName = url.deletingPathExtension().lastPathComponent.trimmingCharacters(in: .whitespacesAndNewlines)
if let fileContents = try? String(contentsOf: url),
- let tunnelConfiguration = try? WgQuickConfigFileParser.parse(fileContents, name: fileBaseName) {
+ let tunnelConfiguration = try? TunnelConfiguration(fileContents, name: fileBaseName) {
tunnelsManager.add(tunnelConfiguration: tunnelConfiguration) { [weak self] result in
if let error = result.error {
ErrorPresenter.showErrorAlert(error: error, from: self, onPresented: completionHandler)
diff --git a/WireGuard/WireGuard/ZipArchive/ZipExporter.swift b/WireGuard/WireGuard/ZipArchive/ZipExporter.swift
index 33d62fd..052242a 100644
--- a/WireGuard/WireGuard/ZipArchive/ZipExporter.swift
+++ b/WireGuard/WireGuard/ZipArchive/ZipExporter.swift
@@ -22,8 +22,8 @@ class ZipExporter {
var inputsToArchiver: [(fileName: String, contents: Data)] = []
var lastTunnelName: String = ""
for tunnelConfiguration in tunnelConfigurations {
- if let contents = WgQuickConfigFileWriter.writeConfigFile(from: tunnelConfiguration) {
- let name = tunnelConfiguration.interface.name
+ if let contents = tunnelConfiguration.asWgQuickConfig().data(using: .utf8) {
+ let name = tunnelConfiguration.interface.name ?? ""
if name.isEmpty || name == lastTunnelName { continue }
inputsToArchiver.append((fileName: "\(name).conf", contents: contents))
lastTunnelName = name
diff --git a/WireGuard/WireGuard/ZipArchive/ZipImporter.swift b/WireGuard/WireGuard/ZipArchive/ZipImporter.swift
index 0178ca0..a8819e2 100644
--- a/WireGuard/WireGuard/ZipArchive/ZipImporter.swift
+++ b/WireGuard/WireGuard/ZipArchive/ZipImporter.swift
@@ -43,12 +43,8 @@ class ZipImporter {
if index > 0 && file == unarchivedFiles[index - 1] {
continue
}
- guard let fileContents = String(data: file.contents, encoding: .utf8) else {
- continue
- }
- guard let tunnelConfig = try? WgQuickConfigFileParser.parse(fileContents, name: file.fileBaseName) else {
- continue
- }
+ guard let fileContents = String(data: file.contents, encoding: .utf8) else { continue }
+ guard let tunnelConfig = try? TunnelConfiguration(fileContents, name: file.fileBaseName) else { continue }
configs[index] = tunnelConfig
}
DispatchQueue.main.async { completion(.success(configs)) }
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.