diff options
Diffstat (limited to 'WireGuard/Shared/LegacyConfigMigration.swift')
-rw-r--r-- | WireGuard/Shared/LegacyConfigMigration.swift | 196 |
1 files changed, 196 insertions, 0 deletions
diff --git a/WireGuard/Shared/LegacyConfigMigration.swift b/WireGuard/Shared/LegacyConfigMigration.swift new file mode 100644 index 0000000..bd22ca4 --- /dev/null +++ b/WireGuard/Shared/LegacyConfigMigration.swift @@ -0,0 +1,196 @@ +// SPDX-License-Identifier: MIT +// Copyright © 2018 WireGuard LLC. All Rights Reserved. + +import Foundation +import Network +import NetworkExtension + +protocol LegacyModel: Decodable { + associatedtype Model + + var migrated: Model { get } +} + +struct LegacyDNSServer: LegacyModel { + let address: IPAddress + + var migrated: DNSServer { + return DNSServer(address: address) + } + + init(from decoder: Decoder) throws { + let container = try decoder.singleValueContainer() + var data = try container.decode(Data.self) + let ipAddressFromData: IPAddress? = { + switch data.count { + case 4: return IPv4Address(data) + case 16: return IPv6Address(data) + default: return nil + } + }() + guard let ipAddress = ipAddressFromData else { + throw DecodingError.invalidData + } + address = ipAddress + } + + enum DecodingError: Error { + case invalidData + } +} + +extension Array where Element == LegacyDNSServer { + var migrated: [DNSServer] { + return map { $0.migrated } + } +} + +struct LegacyEndpoint: LegacyModel { + let host: Network.NWEndpoint.Host + let port: Network.NWEndpoint.Port + + var migrated: Endpoint { + return Endpoint(host: host, port: port) + } + + public init(from decoder: Decoder) throws { + let container = try decoder.singleValueContainer() + let endpointString = try container.decode(String.self) + guard !endpointString.isEmpty else { throw DecodingError.invalidData } + let startOfPort: String.Index + let hostString: String + if endpointString.first! == "[" { + // Look for IPv6-style endpoint, like [::1]:80 + let startOfHost = endpointString.index(after: endpointString.startIndex) + guard let endOfHost = endpointString.dropFirst().firstIndex(of: "]") else { throw DecodingError.invalidData } + let afterEndOfHost = endpointString.index(after: endOfHost) + guard endpointString[afterEndOfHost] == ":" else { throw DecodingError.invalidData } + startOfPort = endpointString.index(after: afterEndOfHost) + hostString = String(endpointString[startOfHost ..< endOfHost]) + } else { + // Look for an IPv4-style endpoint, like 127.0.0.1:80 + guard let endOfHost = endpointString.firstIndex(of: ":") else { throw DecodingError.invalidData } + startOfPort = endpointString.index(after: endOfHost) + hostString = String(endpointString[endpointString.startIndex ..< endOfHost]) + } + guard let endpointPort = NWEndpoint.Port(String(endpointString[startOfPort ..< endpointString.endIndex])) else { throw DecodingError.invalidData } + let invalidCharacterIndex = hostString.unicodeScalars.firstIndex { char in + return !CharacterSet.urlHostAllowed.contains(char) + } + guard invalidCharacterIndex == nil else { throw DecodingError.invalidData } + host = NWEndpoint.Host(hostString) + port = endpointPort + } + + enum DecodingError: Error { + case invalidData + } +} + +struct LegacyInterfaceConfiguration: LegacyModel { + let name: String + let privateKey: Data + let addresses: [LegacyIPAddressRange] + let listenPort: UInt16? + let mtu: UInt16? + let dns: [LegacyDNSServer] + + var migrated: InterfaceConfiguration { + var interface = InterfaceConfiguration(name: name, privateKey: privateKey) + interface.addresses = addresses.migrated + interface.listenPort = listenPort + interface.mtu = mtu + interface.dns = dns.migrated + return interface + } +} + +struct LegacyIPAddressRange: LegacyModel { + let address: IPAddress + let networkPrefixLength: UInt8 + + var migrated: IPAddressRange { + return IPAddressRange(address: address, networkPrefixLength: networkPrefixLength) + } + + public init(from decoder: Decoder) throws { + let container = try decoder.singleValueContainer() + var data = try container.decode(Data.self) + networkPrefixLength = data.removeLast() + let ipAddressFromData: IPAddress? = { + switch data.count { + case 4: return IPv4Address(data) + case 16: return IPv6Address(data) + default: return nil + } + }() + guard let ipAddress = ipAddressFromData else { throw DecodingError.invalidData } + address = ipAddress + } + + enum DecodingError: Error { + case invalidData + } +} + +extension Array where Element == LegacyIPAddressRange { + var migrated: [IPAddressRange] { + return map { $0.migrated } + } +} + +struct LegacyPeerConfiguration: LegacyModel { + let publicKey: Data + let preSharedKey: Data? + let allowedIPs: [LegacyIPAddressRange] + let endpoint: LegacyEndpoint? + let persistentKeepAlive: UInt16? + + var migrated: PeerConfiguration { + var configuration = PeerConfiguration(publicKey: publicKey) + configuration.preSharedKey = preSharedKey + configuration.allowedIPs = allowedIPs.migrated + configuration.endpoint = endpoint?.migrated + configuration.persistentKeepAlive = persistentKeepAlive + return configuration + } +} + +extension Array where Element == LegacyPeerConfiguration { + var migrated: [PeerConfiguration] { + return map { $0.migrated } + } +} + +final class LegacyTunnelConfiguration: LegacyModel { + let interface: LegacyInterfaceConfiguration + let peers: [LegacyPeerConfiguration] + + var migrated: TunnelConfiguration { + return TunnelConfiguration(interface: interface.migrated, peers: peers.migrated) + } +} + +extension NETunnelProviderProtocol { + + @discardableResult + func migrateConfigurationIfNeeded() -> Bool { + guard let configurationVersion = providerConfiguration?["tunnelConfigurationVersion"] as? Int else { return false } + if configurationVersion == 1 { + migrateFromConfigurationV1() + } else { + fatalError("No migration from configuration version \(configurationVersion) exists.") + } + return true + } + + private func migrateFromConfigurationV1() { + guard let serializedTunnelConfiguration = providerConfiguration?["tunnelConfiguration"] as? Data else { return } + guard let configuration = try? JSONDecoder().decode(LegacyTunnelConfiguration.self, from: serializedTunnelConfiguration) else { return } + guard let tunnelConfigData = try? JSONEncoder().encode(configuration.migrated) else { return } + guard let tunnelConfigDictionary = try? JSONSerialization.jsonObject(with: tunnelConfigData, options: .allowFragments) else { return } + + providerConfiguration = [Keys.wgQuickConfig.rawValue: tunnelConfigDictionary] + } + +} |