e3team
/
trifid_mobile
forked from core/mobile_nebula
3
0
Fork 0
Code Pull Requests Activity

Compare commits

merge into: e3team:ios14
Branches Tags
e3team:master
e3team:fix-relay-migration
e3team:gh-tag-release
e3team:certs
e3team:alpha
e3team:nosleep
e3team:documentation
e3team:log-settings-tz
e3team:log-timezone
e3team:ios14
e3team:v0.3.2-2
e3team:v0.3.2-1
e3team:v0.3.1-3
e3team:v0.3.1-2
e3team:v0.3.1-1
e3team:v0.3.1
e3team:v0.3.0-5
e3team:v0.3.0-4
e3team:v0.3.0-3
e3team:v0.3.0-2
e3team:v0.3.0-1
e3team:v0.2.0-6
e3team:v0.2.0-5
e3team:v0.2.0-4
e3team:v0.2.0-3
e3team:v0.2.0-2
e3team:v0.2.0-1
e3team:v0.1.1-2
e3team:v0.1.1
e3team:v0.1.1-1
e3team:v0.1.0-3
e3team:v0.1.0
e3team:v0.1.0-2
e3team:v0.1.0-1
e3team:v0.0.41
e3team:v0.0.38
core:v0.3.2-2
core:v0.3.1-1
core:v0.3.0-5
core:v0.2.0-5
core:v0.2.0-4
core:v0.2.0-3
core:v0.2.0-2
core:v0.2.0-1
core:v0.1.1-2
core:v0.1.1-1
core:v0.1.0-3
core:v0.1.0-2
core:v0.1.0-1
core:v0.0.41
core:v0.0.38
core:v0.1.0
core:v0.1.1
core:v0.2.0-6
core:v0.3.0-1
core:v0.3.0-2
core:v0.3.0-3
core:v0.3.0-4
core:v0.3.1
core:v0.3.1-2
core:v0.3.1-3
core:v0.3.2-1
core:v0.4.0-1
core:v0.4.0-2
core:v0.4.1-1
core:v0.4.2
core:v0.4.2-1
core:v0.4.2-2
core:v0.4.2-3
core:v0.4.2-4
core:v0.4.2-5
core:v0.4.2-6
core:v0.4.2-7
core:v0.4.3-1
core:v0.4.3-2
core:v0.4.3-3
...
pull from: e3team:master
Branches Tags
e3team:master
e3team:fix-relay-migration
e3team:gh-tag-release
e3team:certs
e3team:alpha
e3team:nosleep
e3team:documentation
e3team:log-settings-tz
e3team:log-timezone
e3team:ios14
core:main
core:fix-android-build
core:debug-update-dn
core:fix-relay-migration
core:gh-tag-release
core:certs
core:alpha
core:nosleep
core:documentation
core:log-settings-tz
core:log-timezone
core:ios14
e3team:v0.3.2-2
e3team:v0.3.2-1
e3team:v0.3.1-3
e3team:v0.3.1-2
e3team:v0.3.1-1
e3team:v0.3.1
e3team:v0.3.0-5
e3team:v0.3.0-4
e3team:v0.3.0-3
e3team:v0.3.0-2
e3team:v0.3.0-1
e3team:v0.2.0-6
e3team:v0.2.0-5
e3team:v0.2.0-4
e3team:v0.2.0-3
e3team:v0.2.0-2
e3team:v0.2.0-1
e3team:v0.1.1-2
e3team:v0.1.1
e3team:v0.1.1-1
e3team:v0.1.0-3
e3team:v0.1.0
e3team:v0.1.0-2
e3team:v0.1.0-1
e3team:v0.0.41
e3team:v0.0.38
core:v0.3.2-2
core:v0.3.1-1
core:v0.3.0-5
core:v0.2.0-5
core:v0.2.0-4
core:v0.2.0-3
core:v0.2.0-2
core:v0.2.0-1
core:v0.1.1-2
core:v0.1.1-1
core:v0.1.0-3
core:v0.1.0-2
core:v0.1.0-1
core:v0.0.41
core:v0.0.38
core:v0.1.0
core:v0.1.1
core:v0.2.0-6
core:v0.3.0-1
core:v0.3.0-2
core:v0.3.0-3
core:v0.3.0-4
core:v0.3.1
core:v0.3.1-2
core:v0.3.1-3
core:v0.3.2-1
core:v0.4.0-1
core:v0.4.0-2
core:v0.4.1-1
core:v0.4.2
core:v0.4.2-1
core:v0.4.2-2
core:v0.4.2-3
core:v0.4.2-4
core:v0.4.2-5
core:v0.4.2-6
core:v0.4.2-7
core:v0.4.3-1
core:v0.4.3-2
core:v0.4.3-3

85 Commits
ios14 ... master

Author SHA1 Message Date
core 1ecaaa60ff
Add DNS resolver support 2023-12-05 10:24:19 -05:00
John Maguire ec1af2974a
Fix encryption errors after restoring to a new phone (#143) 
When a user restores to a new phone, their TPM will no longer be able to
decrypt the encrypted credentials.

We have code already in place to delete "invalid" sites, which cleans
these up by removing them.

However, when trying to save a new site, Android continues to try to use
the old keys which are no longer decryptable. So, when saving new
encrypted files, simply reset the crypto keys if we are unable to
encrypt.
 2023-12-01 15:26:21 -05:00
John Maguire fbd2759d4f
Replace 'DN' with 'Managed Nebula' (#139) 2023-10-05 14:41:40 -04:00
Nate Brown 83145f6fa4
Update nebula to 1.7.2 (#134) 2023-06-01 13:39:40 -05:00
Nate Brown 81901b5dae
Rework the ios startup flow slightly to avoid crashing on ios 16.5 (#132) 2023-05-23 17:31:07 -05:00
John Maguire dcf54b1c38
Update nebula to v1.7.1 (#130) 2023-05-18 16:05:23 -04:00
John Maguire 096bad25ee
Update nebula to v1.7.0 (#129) 2023-05-17 12:38:31 -04:00
John Maguire 693c7b6346
Hide CA expiration errors on managed sites (#128) 2023-05-17 12:10:11 -04:00
Nate Brown 69d0641874
Store the raw dn managed config to be consumed by nebula later (#127) 2023-05-16 10:25:24 -05:00
Nate Brown 450e7c714c
Unblock the UI when trying to update dn managed sites (#125) 2023-05-15 16:10:50 -05:00
John Maguire cfca253ec1
Disallow some problematic app from the VPN (#126) 2023-05-15 17:10:20 -04:00
John Maguire f7a7093879
Fix share button on iPad (#124) 2023-05-15 16:12:24 -04:00
Nate Brown 5ae4c20c70
Use go 1.20 (#122) 2023-05-12 12:42:58 -05:00
John Maguire 7f5fa57b93
Update nebula binding code for new APIs (#120) 2023-05-10 18:05:56 -04:00
John Maguire 5cc41f1129
Allow IP address entry on non-US locales (#114) 2023-05-10 16:43:27 -04:00
John Maguire 4bbd6c01ea
Clarify permissions error w/ Always On VPN (#119) 2023-05-10 16:39:32 -04:00
John Maguire ffe2db283c
Update nebula to latest commit on master (#118) 2023-05-10 16:34:26 -04:00
John Maguire b36914ef17
Update link to privacy policy (closes #108) (#115) 2023-04-14 11:14:06 -04:00
John Maguire 9947676fd0
Fix builds on Xcode 14.3 (#112) 
Xcode 14.3+ does not support targeting iOS versions below 11. This code
updates all Pods target to a minimum of iOS 11.
 2023-04-10 12:08:03 -04:00
John Maguire a435517e3e
Add app store links (#111) 2023-04-04 10:54:37 -04:00
John Maguire a5139c4335
Hide QR code scanner on devices without cameras (#101) 2022-11-22 16:50:11 -05:00
Nate Brown 6b1bbf7352 Add a defined.net indicator on manual enroll 2022-11-22 10:27:19 -06:00
Caleb Jasik 84d1256656
Fix typos in comments (#100) 2022-11-22 10:20:35 -06:00
Nate Brown 8fc3a40467
Add a manual enrollment flow to support chromeos (#99) 2022-11-22 10:12:38 -06:00
John Maguire 17cc3477b7
Make user agent consistent on iOS and Android (#98) 
Instead of Nebula/, Nebula-DEBUG/, and NebulaNetworkExtension/, ensure
that the user agent is always MobileNebula/.
 2022-11-21 16:58:02 -05:00
John Maguire 4924888879
Don't require android.hardware.camera feature (#97) 
flutter_barcode_scanner pulls in this feature but we only need it to be
optional. This should help expand support on Chromebook devices.
 2022-11-21 16:05:19 -05:00
Nate Brown bb457c7c83
Sometimes the list of remotes can be null (#96) 2022-11-21 13:31:58 -06:00
John Maguire a5ec4f5ed5
Allow deletion of managed sites on Android (#94) 2022-11-18 16:18:07 -05:00
John Maguire 974c7a4eed
Refresh Sites when a site is saved (closes #89) (#93) 
* Refresh Sites when a site is saved (closes #89)

* Update with iOS side fix
 2022-11-18 16:03:52 -05:00
Nate Brown 6108bf801b
Ignore a nil message, nebula hasn't booted yet (#90) 2022-11-18 13:37:15 -06:00
John Maguire 37758d4a01
Request VPN permissions on site start (#92) 
Previously VPN permissions were requested when the UI was loaded. If the
user denied the permissions it would have to be force stopped and
reopened to get another permission request grant.

Additionally, when requesting VPN permissions Android will kill any
other running VPN service. This avoids that behavior unless a site is
explicitly started.

Also disables the app from showing up in the "Always On" settings.
 2022-11-18 14:34:45 -05:00
John Maguire 9dd5b9cad9
Don't reload Nebula unless config is updated (#91) 2022-11-18 14:27:27 -05:00
John Maguire e4bbd0a31c
Fix majority of Android Studio warnings (#88) 2022-11-17 16:48:44 -05:00
John Maguire a5684e1978
Fix share on Android by moving to flutter share lib (#87) 
Co-authored-by: Nate Brown <nbrown.us@gmail.com>
 2022-11-17 15:46:06 -06:00
John Maguire c7a53c3905
Support DN host enrollment (#86) 
Co-authored-by: Nate Brown <nbrown.us@gmail.com>
 2022-11-17 16:43:16 -05:00
John Maguire c3f5c39d83
Update Nebula to fix Android NebulaVpnService bug (#85) 2022-11-17 16:30:03 -05:00
John Maguire 5ec6004a9f
Fix crash on Android 9 and below (#81) 2022-11-08 08:08:07 -07:00
John Maguire 552d16bce2
Improvements to NebulaVpnService (#79) 2022-10-31 12:49:38 -06:00
Nate Brown 7bf9ee553e
Also use 3.3.5 for flutter format action (#78) 2022-10-27 12:12:12 -05:00
Nate Brown 469195cdf7
Upgrade to flutter 3.3.5 to fix a build/release issues (#77) 2022-10-26 11:31:18 -05:00
Nate Brown d8e90a1b4b
Support older versions of android to include chromeos (#76) 2022-10-26 09:57:07 -05:00
Nate Brown 562e715a9a
Strip the useless build number from the tag (#73) 2022-10-03 17:45:56 -05:00
Nate Brown dabca6dd32
Globs 0 or more of any char, not 1 or more of the preceding char (#72) 2022-10-03 16:03:49 -05:00
Nate Brown b29661abff
Automated build and release (#71) 2022-10-03 15:30:39 -05:00
Nate Brown dbe67c2f81
Upgrade to flutter 3 (#70) 
Co-authored-by: John Maguire <contact@johnmaguire.me>
 2022-09-21 15:27:35 -05:00
Nate Brown e3780bda1e
Show a message on android if permissions were denied (#65) 2022-08-05 16:42:31 -05:00
Nate Brown 958b15d711
Allow import of private key, make it so key material isn't removed when navigating off the add a cert page (#64) 2022-08-05 16:42:17 -05:00
Nate Brown 457952b5ed
Rebind against nebula 1.6 for relays, modernize build (#63) 2022-08-04 19:39:46 -05:00
Nate Brown d37bdd9032
Cleanup (#58) 2022-07-27 11:38:02 -05:00
Nate Brown 64b056618c
Remove special keyboard handling for text inputs (#57) 2022-01-20 10:35:39 -06:00
Nate Brown 2831c84b57
SelectableText field now supports keyboard actions natively (#56) 2022-01-19 13:29:30 -06:00
John Maguire 3e0da2a8f0
Fix log formatting in "Rebinding UDP listener" (#55) 2022-01-18 11:59:41 -05:00
John Maguire fec77613bf
Update for Flutter 2.8.0 (#54) 2022-01-18 11:58:26 -05:00
John Maguire 145a6c9b4f
Mark VPN as unmetered (#53) 2022-01-11 12:09:51 -05:00
Nate Brown 87ce46df19
Update to current master to prepare for 1.5.2 (#50) 2021-12-17 09:53:15 -06:00
Nate Brown 6c188ff1d1
Get ready for ios 15 (#47) 2021-09-21 09:31:26 -05:00
Nate Brown a1694727aa Fix date 2021-06-09 20:31:00 -05:00
Nate Brown 69830d64cd Update changelog for 0.0.41 2021-06-09 20:28:39 -05:00
Nate Brown 93b106fd88
Add a changelog (#43) 2021-06-08 14:41:15 -05:00
Nate Brown cff26eb679 Quiet down rebind logs 2021-06-08 10:10:21 -05:00
Nate Brown de43f11ab2 Update core nebula 2021-06-07 10:26:56 -05:00
Nate Brown bde3f6fdfa
Update core to 1.4 (#41) 2021-05-11 11:03:26 -05:00
John Maguire 47865d568b
Fix DNS over mobile networks on Android (#40) 
I think this closes the loop on DNS issues I was experiencing.
Previously, after starting Nebula, DNS would work until you switched
networks (e.g. from mobile to WiFi or vice-versa). This was fixed by
removing some explicit DNS server sets in commit
a283bf8010. This casued DNS to work in
`adb shell` even after toggling networks.

However, it did not actually fix the problem for Android applications.
The new behavior is that they would work while on WiFi, but fail on a
mobile network.

To quote Android docs:

> Allows traffic from the specified address family. By default, if no
> address, route or DNS server of a specific family (IPv4 or IPv6) is
> added to this VPN, then all outgoing traffic of that family is blocked.
> If any address, route or DNS server is added, that family is allowed.
> This method allows an address family to be unblocked even without adding
> an address, route or DNS server of that family. Traffic of that family
> will then typically fall-through to the underlying network if it's
> supported. family must be either AF_INET (for IPv4) or AF_INET6 (for
> IPv6). IllegalArgumentException is thrown if it's neither.

In my case, my home network supports only IPv4 while my mobile network
uses DNS over IPv6. Since my Nebula routes are IPv4-only, IPv6 traffic
stopped working, and DNS requests failed.
 2021-05-10 16:16:21 -04:00
Nate Brown f176047510
git blame ignore that the format merge (#39) 2021-05-03 17:00:29 -05:00
Nate Brown 9934f226e3
Ran flutter format -l 120 --suppress-analytics lib (#38) 2021-05-03 16:58:04 -05:00
Nate Brown 3a37802f4d
Setup some github actions (#37) 2021-05-03 16:55:51 -05:00
John Maguire f3fab82e34
Update README.md (#36) 2021-05-03 16:25:59 -04:00
Nate Brown 0bb2a30829
Support replacing certs (#33) 2021-05-03 15:16:00 -05:00
Nate Brown a283bf8010
Remove setting dns as it seems to be unnecessary (#35) 2021-05-03 14:44:13 -05:00
John Maguire 3194028a78
Unregister network callback on stop (Android) (#34) 
Previously when `stopVpn()` was called, it was possible for the network
change callback to fire while we were in the middle of shutting down.
This commit unregisters the network change callback before telling
Nebula to shutdown.
 2021-05-03 14:58:09 -04:00
John Maguire 1d044a1e36
Fix state when connection toggle is tapped twice (#16) 
Fixes #15. When tapping the toggle in rapid succession,
`NebulaVpnService.onStartCommand` is called twice, in serial.  This
method includes logic to show an error to the user if they somehow
attempt to connect to a service while already connected.

However, this method of showing an error message (calling
`announceExit`) sends a signal to `MainActivity` telling it the service
has exited, and that it should set the UI state to "Disconnected." It
does not actually disconnect the service at this point, resulting in a
state mismatch in which you cannot actually disconnect the service.

The solution in this commit is to remove this signalling and simply
return out of `onStartCommand` to avoid processing the start request
twice if the site is already running.
 2021-05-03 14:56:21 -04:00
John Maguire 3123ce5f9a
Let Android install debug & release APKs side-by-side (#31) 2021-04-29 16:13:13 -04:00
Nate Brown a7c32f5bd4
Kotlin active site race on boot fix (#29) 2021-04-29 10:17:43 -05:00
Nathan Brown 4c28cc196e
Rework ios ipc (#28) 2021-04-27 10:29:28 -05:00
Nathan Brown 4cad646a7c
Disable sleep/wake detection on android (#27) 2021-04-23 16:54:48 -05:00
Nathan Brown 1283ce30e9
IPV6 support (#24) 2021-04-23 16:23:06 -05:00
Nathan Brown a5ca3f86af
Upgrade to flutter 2 (#26) 2021-04-23 12:33:28 -05:00
John Maguire 10d6b6bb9a
Merge pull request #25 from JohnMaguire/fix-build 
Minor tweaks for a clean build
 2021-04-22 18:56:00 -04:00
John Maguire b2c674d65a Minor tweaks for a clean build 
- Updated README with some maybe-helpful instructions for downgrading
  flutter to a version that will build the project
- Added a step to create a missing directory to the Gradle build
  (otherwise the build fails)
- Set `shrinkResources false` - otherwise you get an error that you
  can't shrink resources unless you also enable minifying
 2021-04-22 18:46:16 -04:00
micha3lbrown e844e2c195
Add logWrap to global settings 
`logWrap` is a configuration that allows for users to decide if when
viewing logs the lines should extend off screen allowing for scroll
behavior or if they should wrap at screen edge.

We also considered allowing users to toggle this setting at the Site
level but decided that since users would likely want this setting to
apply to all sites, we hoisted the configuration.

Advances #3
 2021-02-05 10:09:56 -05:00
Michael Brown dd1bc9e3f9
Update README.md and pubspec.lock 2020-12-10 13:52:54 -05:00
Michael Brown cd6a3d2ad9
Adjust sourcing of env.sh w/ relative path 2020-12-08 11:06:52 -05:00
Nate Brown 81139885c8 Add a first cut readme 2020-12-07 15:10:31 -06:00
Nate Brown 33f73b8ea0 Tweak android icon 2020-09-25 10:47:10 -05:00
Nate Brown 2ef876343e Tweak the icon 2020-09-25 10:13:00 -05:00
162 changed files with 6476 additions and 3630 deletions
Show Stats Expand all files Collapse all files

2
.git-blame-ignore-revs Normal file
View File

@ -0,0 +1,2 @@
# Big flutter format run
9934f226e3e79c3567ce07dbab9e9f6443e7afc5

10
.github/workflows/flutterfmt.sh vendored Executable file
View File

@ -0,0 +1,10 @@
#!/bin/sh
DIRS="lib test"
EXIT=0
for DIR in $DIRS; do
OUT="$(flutter format -l 120 --suppress-analytics "$DIR" | sed -e "s/^Formatted \(.*\)/::error file=$DIR\/\1::Not formatted/g")"
echo "$OUT" | grep "::error" && EXIT=1
done
exit $EXIT

27
.github/workflows/flutterfmt.yml vendored Normal file
View File

@ -0,0 +1,27 @@
name: Flutter format
on:
push:
branches:
- main
pull_request:
paths:
- '.github/workflows/flutterfmt.yml'
- '.github/workflows/flutterfmt.sh'
- '**.dart'
jobs:
gofmt:
name: Run flutter format
runs-on: ubuntu-latest
steps:
- name: Install flutter
uses: subosito/flutter-action@v2
with:
flutter-version: '3.3.5'
- name: Check out code
uses: actions/checkout@v3
- name: flutter format
run: $GITHUB_WORKSPACE/.github/workflows/flutterfmt.sh

14
.github/workflows/gofmt.sh vendored Executable file
View File

@ -0,0 +1,14 @@
#!/bin/sh
if [ -z "$1" ]; then
rm -f ./gofmterr
find . -iname '*.go' ! -name '*.pb.go' -exec "$0" {} \;
[ -f ./gofmterr ] && exit 1
exit 0
fi
OUT="$(./nebula/goimports -d "$1" | awk '{printf "%s%%0A",$0}')"
if [ -n "$OUT" ]; then
echo "::error file=$1::$OUT"
touch ./gofmterr
fi

34
.github/workflows/gofmt.yml vendored Normal file
View File

@ -0,0 +1,34 @@
name: gofmt
on:
push:
branches:
- main
pull_request:
paths:
- '.github/workflows/gofmt.yml'
- '.github/workflows/gofmt.sh'
- '**.go'
jobs:
gofmt:
name: Run gofmt
runs-on: ubuntu-latest
steps:
- name: Set up Go 1.20
uses: actions/setup-go@v4
with:
go-version: "1.20"
id: go
- name: Check out code into the Go module directory
uses: actions/checkout@v3
- name: Install goimports
working-directory: nebula
run: |
go get golang.org/x/tools/cmd/goimports
go build golang.org/x/tools/cmd/goimports
- name: gofmt
run: $GITHUB_WORKSPACE/.github/workflows/gofmt.sh

154
.github/workflows/release.yml vendored Normal file
View File

@ -0,0 +1,154 @@
name: Create release and upload to Apple and Google
on:
push:
tags:
# Only builds for tags with a meaningless build number suffix: v1.0.0-1
- 'v[0-9]+.[0-9]+.[0-9]+-*'
jobs:
build:
name: Build ios and android package
runs-on: macos-latest
steps:
- name: Set up Go 1.20
uses: actions/setup-go@v4
with:
go-version: "1.20"
- uses: actions/setup-java@v2
with:
distribution: 'zulu'
java-version: '11'
- name: Install flutter
uses: subosito/flutter-action@v2
with:
flutter-version: '3.3.5'
- uses: nttld/setup-ndk@v1
id: setup-ndk
with:
ndk-version: r21b
# r21b is 21.1.6352462, if it is not published here https://developer.android.com/ndk/downloads
# or here https://github.com/android/ndk/wiki/Unsupported-Downloads then you must download them and look at
# source.properties to determine the version
- name: Check out code
uses: actions/checkout@v3
- name: Configure git for private modules
env:
TOKEN: ${{ secrets.MACHINE_USER_PAT }}
run: git config --global url."https://defined-machine:${TOKEN}@github.com".insteadOf "https://github.com"
- name: Install the appstore connect key material
env:
AC_API_KEY_SECRET_BASE64: ${{ secrets.AC_API_KEY_SECRET_BASE64 }}
run: |
AC_API_KEY_SECRET_PATH="$RUNNER_TEMP/key.p8"
echo "APP_STORE_CONNECT_API_KEY_KEY_FILEPATH=$AC_API_KEY_SECRET_PATH" >> $GITHUB_ENV
echo -n "$AC_API_KEY_SECRET_BASE64" | base64 --decode --output "$AC_API_KEY_SECRET_PATH"
- name: Install the google play key material
env:
GOOGLE_PLAY_API_JWT_BASE64: ${{ secrets.GOOGLE_PLAY_API_JWT_BASE64 }}
GOOGLE_PLAY_KEYSTORE_BASE64: ${{ secrets.GOOGLE_PLAY_KEYSTORE_BASE64 }}
run: |
GOOGLE_PLAY_API_JWT_PATH="$RUNNER_TEMP/gp_api.json"
echo "GOOGLE_PLAY_API_JWT_PATH=$GOOGLE_PLAY_API_JWT_PATH" >> $GITHUB_ENV
echo -n "$GOOGLE_PLAY_API_JWT_BASE64" | base64 --decode --output "$GOOGLE_PLAY_API_JWT_PATH"
GOOGLE_PLAY_KEYSTORE_PATH="$RUNNER_TEMP/gp_signing.jks"
echo "GOOGLE_PLAY_KEYSTORE_PATH=$GOOGLE_PLAY_KEYSTORE_PATH" >> $GITHUB_ENV
echo -n "$GOOGLE_PLAY_KEYSTORE_BASE64" | base64 --decode --output "$GOOGLE_PLAY_KEYSTORE_PATH"
- name: Get build name and number, install dependencies
run: |
go install golang.org/x/mobile/cmd/gomobile@latest
gomobile init
flutter pub get
touch env.sh
cd android
fastlane release_build_number
echo "BUILD_NUMBER=$(cat ../release_build_number)" >> $GITHUB_ENV
BUILD_NAME="${GITHUB_REF#refs/tags/v}" # strip the front refs/tags/v off
BUILD_NAME="${BUILD_NAME%-*}" # strip the junk build number off
echo "BUILD_NAME=$BUILD_NAME" >> $GITHUB_ENV
- name: Build iOS
env:
MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }}
run: |
cd ios
pod install
fastlane build
- name: Collect iOS artifacts
uses: actions/upload-artifact@v3
with:
name: MobileNebula.ipa
path: ios/MobileNebula.ipa
retention-days: 5
- name: Build Android
env:
ANDROID_NDK_HOME: ${{ steps.setup-ndk.outputs.ndk-path }}
GOOGLE_PLAY_KEYSTORE_PASSWORD: ${{ secrets.GOOGLE_PLAY_KEYSTORE_PASSWORD }}
run: |
flutter build appbundle --build-number="$BUILD_NUMBER" --build-name="$BUILD_NAME"
- name: Collect Android artifacts
uses: actions/upload-artifact@v3
with:
name: MobileNebula.aab
path: build/app/outputs/bundle/release/app-release.aab
retention-days: 5
- name: Publish to iOS TestFlight
env:
APP_STORE_CONNECT_API_KEY_KEY_ID: ${{ secrets.AC_API_KEY_ID }}
APP_STORE_CONNECT_API_KEY_ISSUER_ID: ${{ secrets.AC_API_KEY_ISSUER_ID }}
run: |
cd ios
fastlane release
- name: Publish to Android internal track
run: |
cd android
fastlane release
- name: Create Release
id: create_release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ github.ref }}
release_name: Release ${{ github.ref }}
draft: true
prerelease: false
- name: Upload release Android app
uses: actions/upload-release-asset@v1.0.1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: build/app/outputs/bundle/release/app-release.aab
asset_name: MobileNebula.aab
asset_content_type: text/plain
- name: Upload release iOS app
uses: actions/upload-release-asset@v1.0.1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: ios/MobileNebula.ipa
asset_name: MobileNebula.ipa
asset_content_type: text/plain

6
.gitignore vendored
View File

@ -46,4 +46,8 @@ lib/generated_plugin_registrant.dart
/lib/gen.versions.dart
/lib/.gen.versions.dart
/ios/Flutter/.last_build_id
/local.properties
/local.properties
/.gradle/
*.keystore
/nebula/MobileNebula.xcframework/
/ios/MobileNebula.xcframework/

45
CHANGELOG.md Normal file
View File

@ -0,0 +1,45 @@
# Changelog
All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [Unreleased]
## [0.0.41] - 2021-06-09
### Added
- Added an option to wrap logs in the hamburger menu. (#10)
- IPv6 and better roaming support. (#24)
- Certificates can now be replaced. (#33)
### Changed
- Upgraded to Flutter 2. (#26)
- Upgraded core Nebula to 1.4.1. (#41)
### Fixed
- iOS: Reworked vpn process IPC for more reliable communication. (#28)
- Android: Detecting the active vpn site on app boot is now more reliable. (#29)
- Android: Quickly toggling site connection status no longer presents an error. (#16)
- Android: Better vpn shutdown support. (#34)
- Android: System DNS will continue to work when moving between IPv4 only and IPv6 networks. (#40)
## [0.0.38] - 2020-09-25
### Added
- Initial public release.
[0.0.38]: https://github.com/DefinedNet/mobile_nebula/releases/tag/v0.0.38
[0.0.41]: https://github.com/DefinedNet/mobile_nebula/releases/tag/v0.0.41

56
README.md Normal file
View File

@ -0,0 +1,56 @@
# Mobile Nebula
[Play Store](https://play.google.com/store/apps/details?id=net.defined.mobile_nebula&hl=en_US&gl=US) | [App Store](https://apps.apple.com/us/app/mobile-nebula/id1509587936)
## Setting up dev environment
Install all of the following things:
- [`xcode`](https://apps.apple.com/us/app/xcode/)
- [`android-studio`](https://developer.android.com/studio)
- [`flutter` 3.3.5](https://docs.flutter.dev/get-started/install)
- [`gomobile`](https://pkg.go.dev/golang.org/x/mobile/cmd/gomobile)
- [Flutter Android Studio Extension](https://docs.flutter.dev/get-started/editor?tab=androidstudio)
Ensure your path is set up correctly to execute flutter
Run `flutter doctor` and fix everything it complains before proceeding
*NOTE* on iOS, always open `Runner.xcworkspace` and NOT the `Runner.xccodeproj`
### Before first compile
- Copy `env.sh.example` and set it up for your machine
- Ensure you have run `gomobile init`
- In Android Studio, make sure you have the current ndk installed by going to Tools -> SDK Manager, go to the SDK Tools tab, check the `Show package details` box, expand the NDK section and select `21.1.6352462` version.
- Ensure you have downloaded an ndk via android studio, this is likely not the default one and you need to check the
`Show package details` box to select the correct version. The correct version comes from the error when you try and compile
- Make sure you have `gem` installed with `sudo gem install`
- If on MacOS arm, `sudo gem install ffi -- --enable-libffi-alloc`
If you are having issues with iOS pods, try blowing it all away! `cd ios && rm -rf Pods/ Podfile.lock && pod install --repo-update`
# Formatting
`flutter format` can be used to format the code in `lib` and `test` but it's default is 80 char line limit, it's 2020
Use:
```sh
flutter format lib/ test/ -l 120
```
# Release
Update `version` in `pubspec.yaml` to reflect this release, then
## Android
`flutter build appbundle`
This will create an android app bundle at `build/app/outputs/bundle/release/`
Upload the android bundle to the google play store https://play.google.com/apps/publish
## iOS
In xcode, Release -> Archive then follow the directions to upload to the app store. If you have issues, https://flutter.dev/docs/deployment/ios#create-a-build-archive

1
android/.gitignore vendored
View File

@ -6,3 +6,4 @@ gradle-wrapper.jar
/local.properties
GeneratedPluginRegistrant.java
/build/build-attribution/
/mobileNebula/mobileNebula.aar

10
android/Gemfile Normal file
View File

@ -0,0 +1,10 @@
# Autogenerated by fastlane
#
# Ensure this file is checked in to source control!
source "https://rubygems.org"
gem 'fastlane'
plugins_path = File.join(File.dirname(__FILE__), 'fastlane', 'Pluginfile')
eval_gemfile(plugins_path) if File.exist?(plugins_path)

220
android/Gemfile.lock Normal file
View File

@ -0,0 +1,220 @@
GEM
remote: https://rubygems.org/
specs:
CFPropertyList (3.0.5)
rexml
addressable (2.8.1)
public_suffix (>= 2.0.2, < 6.0)
artifactory (3.0.15)
atomos (0.1.3)
aws-eventstream (1.2.0)
aws-partitions (1.635.0)
aws-sdk-core (3.153.0)
aws-eventstream (~> 1, >= 1.0.2)
aws-partitions (~> 1, >= 1.525.0)
aws-sigv4 (~> 1.1)
jmespath (~> 1, >= 1.6.1)
aws-sdk-kms (1.58.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sigv4 (~> 1.1)
aws-sdk-s3 (1.114.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.4)
aws-sigv4 (1.5.1)
aws-eventstream (~> 1, >= 1.0.2)
babosa (1.0.4)
claide (1.1.0)
colored (1.2)
colored2 (3.1.2)
commander (4.6.0)
highline (~> 2.0.0)
declarative (0.0.20)
digest-crc (0.6.4)
rake (>= 12.0.0, < 14.0.0)
domain_name (0.5.20190701)
unf (>= 0.0.5, < 1.0.0)
dotenv (2.8.1)
emoji_regex (3.2.3)
excon (0.92.5)
faraday (1.10.2)
faraday-em_http (~> 1.0)
faraday-em_synchrony (~> 1.0)
faraday-excon (~> 1.1)
faraday-httpclient (~> 1.0)
faraday-multipart (~> 1.0)
faraday-net_http (~> 1.0)
faraday-net_http_persistent (~> 1.0)
faraday-patron (~> 1.0)
faraday-rack (~> 1.0)
faraday-retry (~> 1.0)
ruby2_keywords (>= 0.0.4)
faraday-cookie_jar (0.0.7)
faraday (>= 0.8.0)
http-cookie (~> 1.0.0)
faraday-em_http (1.0.0)
faraday-em_synchrony (1.0.0)
faraday-excon (1.1.0)
faraday-httpclient (1.0.1)
faraday-multipart (1.0.4)
multipart-post (~> 2)
faraday-net_http (1.0.1)
faraday-net_http_persistent (1.2.0)
faraday-patron (1.0.0)
faraday-rack (1.0.0)
faraday-retry (1.0.3)
faraday_middleware (1.2.0)
faraday (~> 1.0)
fastimage (2.2.6)
fastlane (2.210.1)
CFPropertyList (>= 2.3, < 4.0.0)
addressable (>= 2.8, < 3.0.0)
artifactory (~> 3.0)
aws-sdk-s3 (~> 1.0)
babosa (>= 1.0.3, < 2.0.0)
bundler (>= 1.12.0, < 3.0.0)
colored
commander (~> 4.6)
dotenv (>= 2.1.1, < 3.0.0)
emoji_regex (>= 0.1, < 4.0)
excon (>= 0.71.0, < 1.0.0)
faraday (~> 1.0)
faraday-cookie_jar (~> 0.0.6)
faraday_middleware (~> 1.0)
fastimage (>= 2.1.0, < 3.0.0)
gh_inspector (>= 1.1.2, < 2.0.0)
google-apis-androidpublisher_v3 (~> 0.3)
google-apis-playcustomapp_v1 (~> 0.1)
google-cloud-storage (~> 1.31)
highline (~> 2.0)
json (< 3.0.0)
jwt (>= 2.1.0, < 3)
mini_magick (>= 4.9.4, < 5.0.0)
multipart-post (~> 2.0.0)
naturally (~> 2.2)
optparse (~> 0.1.1)
plist (>= 3.1.0, < 4.0.0)
rubyzip (>= 2.0.0, < 3.0.0)
security (= 0.1.3)
simctl (~> 1.6.3)
terminal-notifier (>= 2.0.0, < 3.0.0)
terminal-table (>= 1.4.5, < 2.0.0)
tty-screen (>= 0.6.3, < 1.0.0)
tty-spinner (>= 0.8.0, < 1.0.0)
word_wrap (~> 1.0.0)
xcodeproj (>= 1.13.0, < 2.0.0)
xcpretty (~> 0.3.0)
xcpretty-travis-formatter (>= 0.0.3)
fastlane-plugin-match_keystore (0.2.1)
gh_inspector (1.1.3)
google-apis-androidpublisher_v3 (0.27.0)
google-apis-core (>= 0.7.2, < 2.a)
google-apis-core (0.9.0)
addressable (~> 2.5, >= 2.5.1)
googleauth (>= 0.16.2, < 2.a)
httpclient (>= 2.8.1, < 3.a)
mini_mime (~> 1.0)
representable (~> 3.0)
retriable (>= 2.0, < 4.a)
rexml
webrick
google-apis-iamcredentials_v1 (0.14.0)
google-apis-core (>= 0.7.2, < 2.a)
google-apis-playcustomapp_v1 (0.10.0)
google-apis-core (>= 0.7, < 2.a)
google-apis-storage_v1 (0.17.0)
google-apis-core (>= 0.7, < 2.a)
google-cloud-core (1.6.0)
google-cloud-env (~> 1.0)
google-cloud-errors (~> 1.0)
google-cloud-env (1.6.0)
faraday (>= 0.17.3, < 3.0)
google-cloud-errors (1.3.0)
google-cloud-storage (1.42.0)
addressable (~> 2.8)
digest-crc (~> 0.4)
google-apis-iamcredentials_v1 (~> 0.1)
google-apis-storage_v1 (~> 0.17.0)
google-cloud-core (~> 1.6)
googleauth (>= 0.16.2, < 2.a)
mini_mime (~> 1.0)
googleauth (1.2.0)
faraday (>= 0.17.3, < 3.a)
jwt (>= 1.4, < 3.0)
memoist (~> 0.16)
multi_json (~> 1.11)
os (>= 0.9, < 2.0)
signet (>= 0.16, < 2.a)
highline (2.0.3)
http-cookie (1.0.5)
domain_name (~> 0.5)
httpclient (2.8.3)
jmespath (1.6.1)
json (2.6.2)
jwt (2.5.0)
memoist (0.16.2)
mini_magick (4.11.0)
mini_mime (1.1.2)
multi_json (1.15.0)
multipart-post (2.0.0)
nanaimo (0.3.0)
naturally (2.2.1)
optparse (0.1.1)
os (1.1.4)
plist (3.6.0)
public_suffix (5.0.0)
rake (13.0.6)
representable (3.2.0)
declarative (< 0.1.0)
trailblazer-option (>= 0.1.1, < 0.2.0)
uber (< 0.2.0)
retriable (3.1.2)
rexml (3.2.5)
rouge (2.0.7)
ruby2_keywords (0.0.5)
rubyzip (2.3.2)
security (0.1.3)
signet (0.17.0)
addressable (~> 2.8)
faraday (>= 0.17.5, < 3.a)
jwt (>= 1.5, < 3.0)
multi_json (~> 1.10)
simctl (1.6.8)
CFPropertyList
naturally
terminal-notifier (2.0.0)
terminal-table (1.8.0)
unicode-display_width (~> 1.1, >= 1.1.1)
trailblazer-option (0.1.2)
tty-cursor (0.7.1)
tty-screen (0.8.1)
tty-spinner (0.9.3)
tty-cursor (~> 0.7)
uber (0.1.0)
unf (0.1.4)
unf_ext
unf_ext (0.0.8.2)
unicode-display_width (1.8.0)
webrick (1.7.0)
word_wrap (1.0.0)
xcodeproj (1.22.0)
CFPropertyList (>= 2.3.3, < 4.0)
atomos (~> 0.1.3)
claide (>= 1.0.2, < 2.0)
colored2 (~> 3.1)
nanaimo (~> 0.3.0)
rexml (~> 3.2.4)
xcpretty (0.3.0)
rouge (~> 2.0.7)
xcpretty-travis-formatter (1.0.1)
xcpretty (~> 0.2, >= 0.0.7)
PLATFORMS
arm64-darwin-21
DEPENDENCIES
fastlane
fastlane-plugin-match_keystore
BUNDLED WITH
2.3.11

75
android/app/build.gradle
View File

@ -25,50 +25,52 @@ apply plugin: 'com.android.application'
apply plugin: 'kotlin-android'
apply from: "$flutterRoot/packages/flutter_tools/gradle/flutter.gradle"
def keystoreProperties = new Properties()
def keystorePropertiesFile = rootProject.file('key.properties')
if (keystorePropertiesFile.exists()) {
keystoreProperties.load(new FileInputStream(keystorePropertiesFile))
}
android {
compileSdkVersion 28
namespace "net.defined.mobile_nebula"
compileSdkVersion 33
ndkVersion flutter.ndkVersion
compileOptions {
sourceCompatibility JavaVersion.VERSION_1_8
targetCompatibility JavaVersion.VERSION_1_8
}
kotlinOptions {
jvmTarget = '1.8'
}
sourceSets {
main.java.srcDirs += 'src/main/kotlin'
}
lintOptions {
disable 'InvalidPackage'
}
defaultConfig {
applicationId "net.defined.mobile_nebula"
minSdkVersion 25
targetSdkVersion 28
minSdkVersion 26 //flutter.minSdkVersion
targetSdkVersion 33 //flutter.targetSdkVersion
versionCode flutterVersionCode.toInteger()
versionName flutterVersionName
testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
}
signingConfigs {
release {
keyAlias keystoreProperties['keyAlias']
keyPassword keystoreProperties['password']
storeFile keystoreProperties['storeFile'] ? file(keystoreProperties['storeFile']) : null
storePassword keystoreProperties['password']
keyAlias 'key'
storeFile System.getenv('GOOGLE_PLAY_KEYSTORE_PATH') ? file(System.getenv('GOOGLE_PLAY_KEYSTORE_PATH')) : null
keyPassword System.getenv('GOOGLE_PLAY_KEYSTORE_PASSWORD')
storePassword System.getenv('GOOGLE_PLAY_KEYSTORE_PASSWORD')
}
}
buildTypes {
release {
signingConfig signingConfigs.release
// We are disabling minification and proguard because it wrecks the crypto for storing keys
// Ideally we would turn these on. We had issues with gson as well but resolved those with proguardFiles
minifyEnabled false
useProguard false
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
resValue 'string', 'app_name', '"Nebula"'
}
debug {
resValue 'string', 'app_name', '"Nebula-DEBUG"'
applicationIdSuffix '.debug'
}
}
}
@ -77,26 +79,13 @@ flutter {
source '../..'
}
repositories {
flatDir {
dirs 'src/main/libs'
}
}
dependencies {
implementation "org.jetbrains.kotlin:kotlin-stdlib-jdk7:$kotlin_version"
implementation "androidx.security:security-crypto:1.0.0-rc02"
implementation 'com.google.code.gson:gson:2.8.6'
implementation "org.jetbrains.kotlin:kotlin-stdlib-jdk7:$kotlinVersion"
implementation "androidx.security:security-crypto:1.0.0"
implementation "androidx.work:work-runtime-ktx:$workVersion"
implementation 'com.google.code.gson:gson:2.8.9'
implementation "com.google.guava:guava:31.0.1-android"
implementation project(':mobileNebula')
testImplementation 'junit:junit:4.12'
androidTestImplementation 'androidx.test:runner:1.1.1'
androidTestImplementation 'androidx.test.espresso:espresso-core:3.1.1'
implementation (name:'mobileNebula', ext:'aar') {
exec {
workingDir '../../'
environment("ANDROID_NDK_HOME", android.ndkDirectory)
environment("ANDROID_HOME", android.sdkDirectory)
commandLine './gen-artifacts.sh', 'android'
}
}
}

3
android/app/src/debug/AndroidManifest.xml
View File

@ -1,5 +1,4 @@
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="net.defined.mobile_nebula">
<manifest xmlns:android="http://schemas.android.com/apk/res/android">
<!-- Flutter needs it to communicate with the running application
to allow setting breakpoints, to provide hot reload, etc.
-->

4
android/app/src/debug/res/values/ic_launcher_background.xml Normal file
View File

@ -0,0 +1,4 @@
<?xml version="1.0" encoding="utf-8"?>
<resources>
<color name="ic_launcher_background">#f2c10d</color>
</resources>

41
android/app/src/main/AndroidManifest.xml
View File

@ -1,5 +1,5 @@
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="net.defined.mobile_nebula">
xmlns:tools="http://schemas.android.com/tools">
<!-- io.flutter.app.FlutterApplication is an android.app.Application that
calls FlutterMain.startInitialization(this); in its onCreate method.
In most cases you can leave this as-is, but you if you want to provide
@ -7,20 +7,31 @@
FlutterApplication and put your custom class here. -->
<uses-permission android:name="android.permission.INTERNET"/>
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-feature android:name="android.hardware.camera" android:required="false" />
<uses-feature android:name="android.hardware.camera" android:required="false"
tools:replace="required" />
<queries>
<intent>
<action android:name="android.intent.action.VIEW" />
<data android:scheme="mailto" />
</intent>
</queries>
<application
android:name="io.flutter.app.FlutterApplication"
android:label="Nebula"
android:name="MyApplication"
android:label="@string/app_name"
android:icon="@mipmap/ic_launcher">
<service android:name=".NebulaVpnService"
android:permission="android.permission.BIND_VPN_SERVICE"
android:exported="false"
android:process=":nebulaVpnBg">
<intent-filter>
<action android:name="android.net.VpnService"/>
</intent-filter>
<meta-data android:name="android.net.VpnService.SUPPORTS_ALWAYS_ON"
android:value="false"/>
</service>
<activity
android:name=".MainActivity"
android:exported="true"
android:launchMode="singleTop"
android:theme="@style/LaunchTheme"
android:configChanges="orientation|keyboardHidden|keyboard|screenSize|smallestScreenSize|locale|layoutDirection|fontScale|screenLayout|density|uiMode"
@ -30,8 +41,16 @@
<action android:name="android.intent.action.MAIN"/>
<category android:name="android.intent.category.LAUNCHER"/>
</intent-filter>
<!-- App linking -->
<meta-data android:name="flutter_deeplinking_enabled" android:value="true" />
<intent-filter android:autoVerify="true">
<action android:name="android.intent.action.VIEW"/>
<category android:name="android.intent.category.DEFAULT"/>
<category android:name="android.intent.category.BROWSABLE"/>
<data android:scheme="http" android:host="api.defined.net" android:pathPrefix="/v1/mobile-enrollment"/>
<data android:scheme="https"/>
</intent-filter>
</activity>
<receiver android:name=".ShareReceiver" android:exported="false"/>
<provider
android:name="androidx.core.content.FileProvider"
android:authorities="${applicationId}.provider"
@ -41,6 +60,18 @@
android:name="android.support.FILE_PROVIDER_PATHS"
android:resource="@xml/provider_paths"/>
</provider>
<provider
android:name="androidx.startup.InitializationProvider"
android:authorities="${applicationId}.androidx-startup"
android:exported="false"
tools:node="merge">
<!-- If you are using androidx.startup to initialize other components -->
<meta-data
android:name="androidx.work.WorkManagerInitializer"
android:value="androidx.startup"
tools:node="remove" />
</provider>
<!-- Don't delete the meta-data below.
This is used by the Flutter tool to generate GeneratedPluginRegistrant.java -->
<meta-data

BIN
android/app/src/main/ic_launcher-playstore.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 133 KiB

After

Width:  |  Height:  |  Size: 100 KiB

45
android/app/src/main/kotlin/net/defined/mobile_nebula/APIClient.kt Normal file
View File

@ -0,0 +1,45 @@
package net.defined.mobile_nebula
import android.content.Context
import com.google.gson.Gson
class InvalidCredentialsException: Exception("Invalid credentials")
class APIClient(context: Context) {
private val packageInfo = PackageInfo(context)
private val client = mobileNebula.MobileNebula.newAPIClient(
"MobileNebula/%s (Android %s)".format(
packageInfo.getVersion(),
packageInfo.getSystemVersion(),
))
private val gson = Gson()
fun enroll(code: String): IncomingSite {
val res = client.enroll(code)
return decodeIncomingSite(res.site)
}
fun tryUpdate(siteName: String, hostID: String, privateKey: String, counter: Long, trustedKeys: String): IncomingSite? {
val res: mobileNebula.TryUpdateResult
try {
res = client.tryUpdate(siteName, hostID, privateKey, counter, trustedKeys)
} catch (e: Exception) {
// type information from Go is not available, use string matching instead
if (e.message == "invalid credentials") {
throw InvalidCredentialsException()
}
throw e
}
if (res.fetchedUpdate) {
return decodeIncomingSite(res.site)
}
return null
}
private fun decodeIncomingSite(jsonSite: String): IncomingSite {
return gson.fromJson(jsonSite, IncomingSite::class.java)
}
}

129
android/app/src/main/kotlin/net/defined/mobile_nebula/DNUpdateWorker.kt Normal file
View File

@ -0,0 +1,129 @@
package net.defined.mobile_nebula
import android.content.Context
import android.content.Intent
import android.util.Log
import androidx.work.Worker
import androidx.work.WorkerParameters
import java.io.Closeable
import java.nio.channels.FileChannel
import java.nio.file.Paths
import java.nio.file.StandardOpenOption
class DNUpdateWorker(ctx: Context, params: WorkerParameters) : Worker(ctx, params) {
companion object {
private const val TAG = "DNUpdateWorker"
}
private val context = applicationContext
private val apiClient: APIClient = APIClient(ctx)
private val updater = DNSiteUpdater(context, apiClient)
private val sites = SiteList(context)
override fun doWork(): Result {
var failed = false
sites.getSites().values.forEach { site ->
try {
updateSite(site)
} catch (e: Exception) {
failed = true
Log.e(TAG, "Error while updating site ${site.id}: ${e.stackTraceToString()}")
return@forEach
}
}
return if (failed) Result.failure() else Result.success()
}
private fun updateSite(site: Site) {
try {
DNUpdateLock(site).use {
val res = updater.updateSite(site)
// Reload Nebula if this is the currently active site
if (res == DNSiteUpdater.Result.CONFIG_UPDATED) {
Intent().also { intent ->
intent.action = NebulaVpnService.ACTION_RELOAD
intent.putExtra("id", site.id)
context.sendBroadcast(intent)
}
}
// Update the UI on any change
if (res != DNSiteUpdater.Result.NOOP) {
Intent().also { intent ->
intent.action = MainActivity.ACTION_REFRESH_SITES
context.sendBroadcast(intent)
}
}
}
} catch (e: java.nio.channels.OverlappingFileLockException) {
Log.w(TAG, "Can't lock site ${site.name}, skipping it...")
}
}
}
class DNUpdateLock(site: Site): Closeable {
private val fileChannel = FileChannel.open(
Paths.get(site.path+"/update.lock"),
StandardOpenOption.CREATE,
StandardOpenOption.WRITE,
)
private val fileLock = fileChannel.tryLock()
override fun close() {
fileLock.close()
fileChannel.close()
}
}
class DNSiteUpdater(
private val context: Context,
private val apiClient: APIClient,
) {
enum class Result {
CONFIG_UPDATED, CREDENTIALS_UPDATED, NOOP
}
fun updateSite(site: Site): Result {
if (!site.managed) {
return Result.NOOP
}
val credentials = site.getDNCredentials(context)
val newSite: IncomingSite?
try {
newSite = apiClient.tryUpdate(
site.name,
credentials.hostID,
credentials.privateKey,
credentials.counter.toLong(),
credentials.trustedKeys,
)
} catch (e: InvalidCredentialsException) {
if (!credentials.invalid) {
site.invalidateDNCredentials(context)
Log.d(TAG, "Invalidated credentials in site ${site.name}")
return Result.CREDENTIALS_UPDATED
}
return Result.NOOP
}
if (newSite != null) {
newSite.save(context)
Log.d(TAG, "Updated site ${site.id}: ${site.name}")
return Result.CONFIG_UPDATED
}
if (credentials.invalid) {
site.validateDNCredentials(context)
Log.d(TAG, "Revalidated credentials in site ${site.id}: ${site.name}")
return Result.CREDENTIALS_UPDATED
}
return Result.NOOP
}
}

47
android/app/src/main/kotlin/net/defined/mobile_nebula/EncFile.kt
View File

@ -1,22 +1,57 @@
package net.defined.mobile_nebula
import android.content.Context
import android.util.Log
import androidx.security.crypto.EncryptedFile
import androidx.security.crypto.MasterKeys
import java.io.*
import java.security.KeyStore
class EncFile(private val context: Context) {
companion object {
// Borrowed from androidx.security.crypto.MasterKeys
private const val ANDROID_KEYSTORE = "AndroidKeyStore"
// Borrowed from androidx.security.crypto.EncryptedFile
private const val KEYSET_PREF_NAME = "__androidx_security_crypto_encrypted_file_pref__"
}
class EncFile(var context: Context) {
private val scheme = EncryptedFile.FileEncryptionScheme.AES256_GCM_HKDF_4KB
private val master: String = MasterKeys.getOrCreate(MasterKeys.AES256_GCM_SPEC)
private val spec = MasterKeys.AES256_GCM_SPEC
private var master: String = MasterKeys.getOrCreate(spec)
fun openRead(file: File): BufferedReader {
val eFile = EncryptedFile.Builder(file, context, master, scheme).build()
return eFile.openFileInput().bufferedReader()
// We may fail to decrypt the file, in which case we'll raise an exception.
// Callers should handle this exception by deleting the invalid file.
return build(file).openFileInput().bufferedReader()
}
fun openWrite(file: File): BufferedWriter {
val eFile = EncryptedFile.Builder(file, context, master, scheme).build()
return eFile.openFileOutput().bufferedWriter()
return try {
build(file).openFileOutput().bufferedWriter()
} catch (e: Exception) {
// If we fail to open the file, it's likely because the master key no longer works.
// We'll try to reset the master key and try again.
resetMasterKey()
build(file).openFileOutput().bufferedWriter()
}
}
private fun build(file: File): EncryptedFile {
return EncryptedFile.Builder(file, context, master, scheme).build()
}
fun resetMasterKey() {
// Reset the master key
KeyStore.getInstance(ANDROID_KEYSTORE).apply {
load(null)
deleteEntry(master)
}
// And reset the shared preference containing the file encryption key
context.deleteSharedPreferences(KEYSET_PREF_NAME)
// Re-create the master key now so future calls don't fail
master = MasterKeys.getOrCreate(spec)
}
}

298
android/app/src/main/kotlin/net/defined/mobile_nebula/MainActivity.kt
View File

@ -1,57 +1,76 @@
package net.defined.mobile_nebula
import android.app.Activity
import android.content.BroadcastReceiver
import android.content.ComponentName
import android.content.Context
import android.content.Intent
import android.content.IntentFilter
import android.content.ServiceConnection
import android.content.pm.PackageManager
import android.net.VpnService
import android.os.*
import androidx.annotation.NonNull
import android.util.Log
import androidx.work.*
import com.google.gson.Gson
import io.flutter.embedding.android.FlutterActivity
import io.flutter.embedding.engine.FlutterEngine
import io.flutter.plugin.common.MethodCall
import io.flutter.plugin.common.MethodChannel
import io.flutter.plugins.GeneratedPluginRegistrant
import java.io.File
import java.util.concurrent.TimeUnit
const val TAG = "nebula"
const val VPN_PERMISSIONS_CODE = 0x0F
const val VPN_START_CODE = 0x10
const val CHANNEL = "net.defined.mobileNebula/NebulaVpnService"
const val UPDATE_WORKER = "dnUpdater"
class MainActivity: FlutterActivity() {
private var sites: Sites? = null
private var permResult: MethodChannel.Result? = null
private var ui: MethodChannel? = null
private var inMessenger: Messenger? = Messenger(IncomingHandler())
private var outMessenger: Messenger? = null
private var apiClient: APIClient? = null
private var sites: Sites? = null
// When starting a site we may need to request VPN permissions. These variables help us
// maintain state while waiting for a permission result.
private var startResult: MethodChannel.Result? = null
private var startingSiteContainer: SiteContainer? = null
private var activeSiteId: String? = null
private val workManager = WorkManager.getInstance(application)
private val refreshReceiver: BroadcastReceiver = RefreshReceiver()
companion object {
const val ACTION_REFRESH_SITES = "net.defined.mobileNebula.REFRESH_SITES"
private var appContext: Context? = null
fun getContext(): Context? { return appContext }
}
override fun configureFlutterEngine(@NonNull flutterEngine: FlutterEngine) {
override fun configureFlutterEngine(flutterEngine: FlutterEngine) {
appContext = context
//TODO: Initializing in the constructor leads to a context lacking info we need, figure out the right way to do this
sites = Sites(flutterEngine)
// Bind against our service to detect which site is running on app boot
val intent = Intent(this, NebulaVpnService::class.java)
bindService(intent, connection, 0)
GeneratedPluginRegistrant.registerWith(flutterEngine);
MethodChannel(flutterEngine.dartExecutor.binaryMessenger, CHANNEL).setMethodCallHandler { call, result ->
GeneratedPluginRegistrant.registerWith(flutterEngine)
ui = MethodChannel(flutterEngine.dartExecutor.binaryMessenger, CHANNEL)
ui!!.setMethodCallHandler { call, result ->
when(call.method) {
"android.requestPermissions" -> androidPermissions(result)
"android.registerActiveSite" -> registerActiveSite(result)
"android.deviceHasCamera" -> deviceHasCamera(result)
"nebula.parseCerts" -> nebulaParseCerts(call, result)
"nebula.generateKeyPair" -> nebulaGenerateKeyPair(result)
"nebula.renderConfig" -> nebulaRenderConfig(call, result)
"nebula.verifyCertAndKey" -> nebulaVerifyCertAndKey(call, result)
"dn.enroll" -> dnEnroll(call, result)
"listSites" -> listSites(result)
"deleteSite" -> deleteSite(call, result)
@ -65,14 +84,52 @@ class MainActivity: FlutterActivity() {
"active.setRemoteForTunnel" -> activeSetRemoteForTunnel(call, result)
"active.closeTunnel" -> activeCloseTunnel(call, result)
"share" -> Share.share(call, result)
"shareFile" -> Share.shareFile(call, result)
"debug.clearKeys" -> {
EncFile(context).resetMasterKey()
}
else -> result.notImplemented()
}
}
}
override fun onCreate(savedInstanceState: Bundle?) {
super.onCreate(savedInstanceState)
apiClient = APIClient(context)
registerReceiver(refreshReceiver, IntentFilter(ACTION_REFRESH_SITES))
enqueueDNUpdater()
}
override fun onDestroy() {
super.onDestroy()
unregisterReceiver(refreshReceiver)
}
private fun enqueueDNUpdater() {
val workRequest = PeriodicWorkRequestBuilder<DNUpdateWorker>(15, TimeUnit.MINUTES).build()
workManager.enqueueUniquePeriodicWork(
UPDATE_WORKER,
ExistingPeriodicWorkPolicy.KEEP,
workRequest)
}
// This is called by the UI _after_ it has finished rendering the site list to avoid a race condition with detecting
// the current active site and attaching site specific event channels in the event the UI app was quit
private fun registerActiveSite(result: MethodChannel.Result) {
// Bind against our service to detect which site is running on app boot
val intent = Intent(this, NebulaVpnService::class.java)
bindService(intent, connection, 0)
result.success(null)
}
private fun deviceHasCamera(result: MethodChannel.Result) {
result.success(context.packageManager.hasSystemFeature(PackageManager.FEATURE_CAMERA_ANY))
}
private fun nebulaParseCerts(call: MethodCall, result: MethodChannel.Result) {
val certs = call.argument<String>("certs")
if (certs == "") {
@ -98,6 +155,47 @@ class MainActivity: FlutterActivity() {
return result.success(yaml)
}
private fun nebulaVerifyCertAndKey(call: MethodCall, result: MethodChannel.Result) {
val cert = call.argument<String>("cert")
if (cert == "") {
return result.error("required_argument", "cert is a required argument", null)
}
val key = call.argument<String>("key")
if (key == "") {
return result.error("required_argument", "key is a required argument", null)
}
return try {
val json = mobileNebula.MobileNebula.verifyCertAndKey(cert, key)
result.success(json)
} catch (err: Exception) {
result.error("unhandled_error", err.message, null)
}
}
private fun dnEnroll(call: MethodCall, result: MethodChannel.Result) {
val code = call.arguments as String
if (code == "") {
return result.error("required_argument", "code is a required argument", null)
}
val site: IncomingSite
val siteDir: File
try {
site = apiClient!!.enroll(code)
siteDir = site.save(context)
} catch (err: Exception) {
return result.error("unhandled_error", err.message, null)
}
if (!validateOrDeleteSite(siteDir)) {
return result.error("failure", "Enrollment failed due to invalid config", null)
}
result.success(null)
}
private fun listSites(result: MethodChannel.Result) {
sites!!.refreshSites(activeSiteId)
val sites = sites!!.getSites()
@ -117,68 +215,66 @@ class MainActivity: FlutterActivity() {
private fun saveSite(call: MethodCall, result: MethodChannel.Result) {
val site: IncomingSite
val siteDir: File
try {
val gson = Gson()
site = gson.fromJson(call.arguments as String, IncomingSite::class.java)
site.save(context)
siteDir = site.save(context)
} catch (err: Exception) {
//TODO: is toString the best or .message?
return result.error("failure", err.toString(), null)
}
val siteDir = context.filesDir.resolve("sites").resolve(site.id)
try {
// Try to render a full site, if this fails the config was bad somehow
Site(siteDir)
} catch (err: Exception) {
siteDir.deleteRecursively()
if (!validateOrDeleteSite(siteDir)) {
return result.error("failure", "Site config was incomplete, please review and try again", null)
}
sites?.refreshSites()
result.success(null)
}
private fun validateOrDeleteSite(siteDir: File): Boolean {
try {
// Try to render a full site, if this fails the config was bad somehow
Site(context, siteDir)
} catch(err: java.io.FileNotFoundException) {
Log.e(TAG, "Site not found at $siteDir")
return false
} catch(err: Exception) {
Log.e(TAG, "Deleting site at $siteDir due to error: $err")
siteDir.deleteRecursively()
return false
}
return true
}
private fun startSite(call: MethodCall, result: MethodChannel.Result) {
val id = call.argument<String>("id")
if (id == "") {
return result.error("required_argument", "id is a required argument", null)
}
var siteContainer: SiteContainer = sites!!.getSite(id!!) ?: return result.error("unknown_site", "No site with that id exists", null)
siteContainer.site.connected = true
siteContainer.site.status = "Initializing..."
startingSiteContainer = sites!!.getSite(id!!) ?: return result.error("unknown_site", "No site with that id exists", null)
startingSiteContainer!!.updater.setState(true, "Initializing...")
startResult = result
val intent = VpnService.prepare(this)
if (intent != null) {
//TODO: ensure this boots the correct bit, I bet it doesn't and we need to go back to the active symlink
intent.putExtra("path", siteContainer.site.path)
intent.putExtra("id", siteContainer.site.id)
startActivityForResult(intent, VPN_START_CODE)
} else {
val intent = Intent(this, NebulaVpnService::class.java)
intent.putExtra("path", siteContainer.site.path)
intent.putExtra("id", siteContainer.site.id)
onActivityResult(VPN_START_CODE, Activity.RESULT_OK, intent)
onActivityResult(VPN_START_CODE, Activity.RESULT_OK, null)
}
result.success(null)
}
private fun stopSite() {
val intent = Intent(this, NebulaVpnService::class.java)
intent.putExtra("COMMAND", "STOP")
val intent = Intent(this, NebulaVpnService::class.java).apply {
action = NebulaVpnService.ACTION_STOP
}
//This is odd but stopService goes nowhere in my tests and this is correct
// according to the official example https://android.googlesource.com/platform/development/+/master/samples/ToyVpn/src/com/example/android/toyvpn/ToyVpnClient.java#116
// We can't stopService because we have to close the fd first. The service will call stopSelf when ready.
// See the official example: https://android.googlesource.com/platform/development/+/master/samples/ToyVpn/src/com/example/android/toyvpn/ToyVpnClient.java#116
startService(intent)
//TODO: why doesn't this work!?!?
// if (serviceIntent != null) {
// Log.e(TAG, "stopping ${serviceIntent.toString()}")
// stopService(serviceIntent)
// }
}
private fun activeListHostmap(call: MethodCall, result: MethodChannel.Result) {
@ -191,9 +287,9 @@ class MainActivity: FlutterActivity() {
return result.success(null)
}
var msg = Message.obtain()
val msg = Message.obtain()
msg.what = NebulaVpnService.MSG_LIST_HOSTMAP
msg.replyTo = Messenger(object: Handler() {
msg.replyTo = Messenger(object: Handler(Looper.getMainLooper()) {
override fun handleMessage(msg: Message) {
result.success(msg.data.getString("data"))
}
@ -211,9 +307,9 @@ class MainActivity: FlutterActivity() {
return result.success(null)
}
var msg = Message.obtain()
val msg = Message.obtain()
msg.what = NebulaVpnService.MSG_LIST_PENDING_HOSTMAP
msg.replyTo = Messenger(object: Handler() {
msg.replyTo = Messenger(object: Handler(Looper.getMainLooper()) {
override fun handleMessage(msg: Message) {
result.success(msg.data.getString("data"))
}
@ -233,16 +329,16 @@ class MainActivity: FlutterActivity() {
}
val pending = call.argument<Boolean>("pending") ?: false
if (outMessenger == null || activeSiteId == null || activeSiteId != id) {
return result.success(null)
}
var msg = Message.obtain()
val msg = Message.obtain()
msg.what = NebulaVpnService.MSG_GET_HOSTINFO
msg.data.putString("vpnIp", vpnIp)
msg.data.putBoolean("pending", pending)
msg.replyTo = Messenger(object: Handler() {
msg.replyTo = Messenger(object: Handler(Looper.getMainLooper()) {
override fun handleMessage(msg: Message) {
result.success(msg.data.getString("data"))
}
@ -262,7 +358,7 @@ class MainActivity: FlutterActivity() {
}
val addr = call.argument<String>("addr")
if (vpnIp == "") {
if (addr == "") {
return result.error("required_argument", "addr is a required argument", null)
}
@ -270,18 +366,18 @@ class MainActivity: FlutterActivity() {
return result.success(null)
}
var msg = Message.obtain()
val msg = Message.obtain()
msg.what = NebulaVpnService.MSG_SET_REMOTE_FOR_TUNNEL
msg.data.putString("vpnIp", vpnIp)
msg.data.putString("addr", addr)
msg.replyTo = Messenger(object: Handler() {
msg.replyTo = Messenger(object: Handler(Looper.getMainLooper()) {
override fun handleMessage(msg: Message) {
result.success(msg.data.getString("data"))
}
})
outMessenger?.send(msg)
}
private fun activeCloseTunnel(call: MethodCall, result: MethodChannel.Result) {
val id = call.argument<String>("id")
if (id == "") {
@ -297,10 +393,10 @@ class MainActivity: FlutterActivity() {
return result.success(null)
}
var msg = Message.obtain()
val msg = Message.obtain()
msg.what = NebulaVpnService.MSG_CLOSE_TUNNEL
msg.data.putString("vpnIp", vpnIp)
msg.replyTo = Messenger(object: Handler() {
msg.replyTo = Messenger(object: Handler(Looper.getMainLooper()) {
override fun handleMessage(msg: Message) {
result.success(msg.data.getBoolean("data"))
}
@ -308,52 +404,48 @@ class MainActivity: FlutterActivity() {
outMessenger?.send(msg)
}
private fun androidPermissions(result: MethodChannel.Result) {
val intent = VpnService.prepare(this)
if (intent != null) {
permResult = result
return startActivityForResult(intent, VPN_PERMISSIONS_CODE)
}
// We already have the permission
result.success(null)
}
override fun onActivityResult(requestCode: Int, resultCode: Int, data: Intent?) {
// This is where activity results come back to us (startActivityForResult)
if (requestCode == VPN_PERMISSIONS_CODE && permResult != null) {
// We are processing a response for vpn permissions and the UI is waiting for feedback
//TODO: unlikely we ever register multiple attempts but this could be a trouble spot if we did
val result = permResult!!
permResult = null
if (resultCode == Activity.RESULT_OK) {
return result.success(null)
if (requestCode == VPN_START_CODE) {
// If we are processing a result for VPN permissions and don't get them, let the UI know
val result = startResult!!
val siteContainer = startingSiteContainer!!
startResult = null
startingSiteContainer = null
if (resultCode != Activity.RESULT_OK) {
// The user did not grant permissions
siteContainer.updater.setState(false, "Disconnected")
return result.error("permissions", "Please grant VPN permissions to the app when requested. (If another VPN is running, please disable it now.)", null)
}
return result.error("denied", "User did not grant permission", null)
} else if (requestCode == VPN_START_CODE) {
// We are processing a response for permissions while starting the VPN (or reusing code in the event we already have perms)
startService(data)
// Start the VPN service
val intent = Intent(this, NebulaVpnService::class.java).apply {
putExtra("path", siteContainer.site.path)
putExtra("id", siteContainer.site.id)
}
startService(intent)
if (outMessenger == null) {
bindService(data, connection, 0)
bindService(intent, connection, 0)
}
return
return result.success(null)
}
// The file picker needs us to super
super.onActivityResult(requestCode, resultCode, data)
}
/** Defines callbacks for service binding, passed to bindService() */
val connection = object : ServiceConnection {
private val connection = object : ServiceConnection {
override fun onServiceConnected(className: ComponentName, service: IBinder) {
outMessenger = Messenger(service)
// We want to monitor the service for as long as we are connected to it.
try {
val msg = Message.obtain(null, NebulaVpnService.MSG_REGISTER_CLIENT)
msg.replyTo = inMessenger
outMessenger?.send(msg)
outMessenger!!.send(msg)
} catch (e: RemoteException) {
// In this case the service has crashed before we could even
@ -364,7 +456,7 @@ class MainActivity: FlutterActivity() {
}
val msg = Message.obtain(null, NebulaVpnService.MSG_IS_RUNNING)
outMessenger?.send(msg)
outMessenger!!.send(msg)
}
override fun onServiceDisconnected(arg0: ComponentName) {
@ -377,12 +469,12 @@ class MainActivity: FlutterActivity() {
}
// Handle and route messages coming from the vpn service
inner class IncomingHandler: Handler() {
inner class IncomingHandler: Handler(Looper.getMainLooper()) {
override fun handleMessage(msg: Message) {
val id = msg.data.getString("id")
//TODO: If the elvis hits then we had a deleted site running, which shouldn't happen
val site = sites!!.getSite(id) ?: return
val site = sites!!.getSite(id!!) ?: return
when (msg.what) {
NebulaVpnService.MSG_IS_RUNNING -> isRunning(site, msg)
@ -394,7 +486,7 @@ class MainActivity: FlutterActivity() {
private fun isRunning(site: SiteContainer, msg: Message) {
var status = "Disconnected"
var connected = false
if (msg.arg1 == 1) {
status = "Connected"
connected = true
@ -407,6 +499,32 @@ class MainActivity: FlutterActivity() {
private fun serviceExited(site: SiteContainer, msg: Message) {
activeSiteId = null
site.updater.setState(false, "Disconnected", msg.data.getString("error"))
unbindVpnService()
}
}
private fun unbindVpnService() {
if (outMessenger != null) {
// Unregister ourselves
val msg = Message.obtain(null, NebulaVpnService.MSG_UNREGISTER_CLIENT)
msg.replyTo = inMessenger
outMessenger!!.send(msg)
// Unbind
unbindService(connection)
}
outMessenger = null
}
inner class RefreshReceiver : BroadcastReceiver() {
override fun onReceive(context: Context, intent: Intent?) {
if (intent?.action != ACTION_REFRESH_SITES) return
if (sites == null) return
Log.d(TAG, "Refreshing sites in MainActivity")
sites?.refreshSites(activeSiteId)
ui?.invokeMethod("refreshSites", null)
}
}
}

19
android/app/src/main/kotlin/net/defined/mobile_nebula/MyApplication.kt Normal file
View File

@ -0,0 +1,19 @@
package net.defined.mobile_nebula
import io.flutter.embedding.engine.loader.FlutterLoader
import android.app.Application
import androidx.work.Configuration
import androidx.work.WorkManager
class MyApplication : Application() {
override fun onCreate() {
super.onCreate()
// In order to use the WorkManager from the nebulaVpnBg process (i.e. NebulaVpnService)
// we must explicitly initialize this rather than using the default initializer.
val myConfig = Configuration.Builder().build()
WorkManager.initialize(this, myConfig)
FlutterLoader().startInitialization(applicationContext)
}
}

199
android/app/src/main/kotlin/net/defined/mobile_nebula/NebulaVpnService.kt
View File

@ -1,19 +1,28 @@
package net.defined.mobile_nebula
import android.app.Service
import android.content.BroadcastReceiver
import android.content.Context
import android.content.Intent
import android.net.ConnectivityManager
import android.net.VpnService
import android.content.IntentFilter
import android.content.pm.PackageManager
import android.net.*
import android.os.*
import android.system.OsConstants
import android.util.Log
import androidx.work.*
import mobileNebula.CIDR
import java.io.File
class NebulaVpnService : VpnService() {
companion object {
private const val TAG = "NebulaVpnService"
const val TAG = "NebulaVpnService"
const val ACTION_STOP = "net.defined.mobile_nebula.STOP"
const val ACTION_RELOAD = "net.defined.mobile_nebula.RELOAD"
const val MSG_REGISTER_CLIENT = 1
const val MSG_UNREGISTER_CLIENT = 2
const val MSG_IS_RUNNING = 3
@ -31,30 +40,45 @@ class NebulaVpnService : VpnService() {
private lateinit var messenger: Messenger
private val mClients = ArrayList<Messenger>()
private val reloadReceiver: BroadcastReceiver = ReloadReceiver()
private var workManager: WorkManager? = null
private var path: String? = null
private var running: Boolean = false
private var site: Site? = null
private var nebula: mobileNebula.Nebula? = null
private var vpnInterface: ParcelFileDescriptor? = null
private var didSleep = false
private var networkCallback: NetworkCallback = NetworkCallback()
override fun onCreate() {
workManager = WorkManager.getInstance(this)
super.onCreate()
}
//TODO: bindService seems to be how to do IPC
override fun onStartCommand(intent: Intent?, flags: Int, startId: Int): Int {
if (intent?.getStringExtra("COMMAND") == "STOP") {
if (intent?.action == ACTION_STOP) {
stopVpn()
return Service.START_NOT_STICKY
}
val path = intent?.getStringExtra("path")
val id = intent?.getStringExtra("id")
if (running) {
announceExit(id, "Trying to run nebula but it is already running")
// if the UI triggers this twice, check if we are already running the requested site. if not, return an error.
// otherwise, just ignore the request since we handled it the first time.
if (site!!.id != id) {
announceExit(id, "Trying to run nebula but it is already running")
}
//TODO: can we signal failure?
return super.onStartCommand(intent, flags, startId)
}
path = intent!!.getStringExtra("path")!!
//TODO: if we fail to start, android will attempt a restart lacking all the intent data we need.
// Link active site config in Main to avoid this
site = Site(File(path))
site = Site(this, File(path!!))
if (site!!.cert == null) {
announceExit(id, "Site is missing a certificate")
@ -62,13 +86,17 @@ class NebulaVpnService : VpnService() {
return super.onStartCommand(intent, flags, startId)
}
// Kick off a site update
val workRequest = OneTimeWorkRequestBuilder<DNUpdateWorker>().build()
workManager!!.enqueue(workRequest)
// We don't actually start here. In order to properly capture boot errors we wait until an IPC connection is made
return super.onStartCommand(intent, flags, startId)
}
private fun startVpn() {
var ipNet: CIDR
val ipNet: CIDR
try {
ipNet = mobileNebula.MobileNebula.parseCIDR(site!!.cert!!.cert.details.ips[0])
@ -81,21 +109,36 @@ class NebulaVpnService : VpnService() {
.addRoute(ipNet.network, ipNet.maskSize.toInt())
.setMtu(site!!.mtu)
.setSession(TAG)
.allowFamily(OsConstants.AF_INET)
.allowFamily(OsConstants.AF_INET6)
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.Q) {
builder.setMetered(false)
}
// Disallow some common, known-problematic apps
// TODO Make this user configurable
// Android Auto Wireless (https://github.com/DefinedNet/mobile_nebula/issues/102)
disallowApp(builder, "com.google.android.projection.gearhead")
// Chromecast (https://github.com/DefinedNet/mobile_nebula/issues/102)
disallowApp(builder, "com.google.android.apps.chromecast.app")
// RCS / Jibe
disallowApp(builder, "com.google.android.apps.messaging")
// Add our unsafe routes
site!!.unsafeRoutes.forEach { unsafeRoute ->
val ipNet = mobileNebula.MobileNebula.parseCIDR(unsafeRoute.route)
builder.addRoute(ipNet.network, ipNet.maskSize.toInt())
val unsafeIPNet = mobileNebula.MobileNebula.parseCIDR(unsafeRoute.route)
builder.addRoute(unsafeIPNet.network, unsafeIPNet.maskSize.toInt())
}
val cm = getSystemService(Context.CONNECTIVITY_SERVICE) as ConnectivityManager
cm.allNetworks.forEach { network ->
cm.getLinkProperties(network).dnsServers.forEach { builder.addDnsServer(it) }
// Add our DNS resolvers
site!!.dnsResolvers.forEach { dnsResolver ->
builder.addDnsServer(dnsResolver)
}
try {
vpnInterface = builder.establish()
nebula = mobileNebula.MobileNebula.newNebula(site!!.config, site!!.getKey(this), site!!.logFile, vpnInterface!!.fd.toLong())
nebula = mobileNebula.MobileNebula.newNebula(site!!.config, site!!.getKey(this), site!!.logFile, vpnInterface!!.detachFd().toLong())
} catch (e: Exception) {
Log.e(TAG, "Got an error $e")
@ -104,19 +147,107 @@ class NebulaVpnService : VpnService() {
return stopSelf()
}
registerNetworkCallback()
registerReloadReceiver()
//TODO: There is an open discussion around sleep killing tunnels or just changing mobile to tear down stale tunnels
//registerSleep()
nebula!!.start()
running = true
sendSimple(MSG_IS_RUNNING, if (running) 1 else 0)
sendSimple(MSG_IS_RUNNING, 1)
}
private fun disallowApp(builder: Builder, name: String) {
try {
builder.addDisallowedApplication(name)
} catch (e: PackageManager.NameNotFoundException) {
return
}
}
// Used to detect network changes (wifi -> cell or vice versa) and rebinds the udp socket/updates LH
private fun registerNetworkCallback() {
val connectivityManager = getSystemService(Context.CONNECTIVITY_SERVICE) as ConnectivityManager
val builder = NetworkRequest.Builder()
builder.addCapability(NetworkCapabilities.NET_CAPABILITY_INTERNET)
connectivityManager.registerNetworkCallback(builder.build(), networkCallback)
}
private fun unregisterNetworkCallback() {
val connectivityManager = getSystemService(Context.CONNECTIVITY_SERVICE) as ConnectivityManager
connectivityManager.unregisterNetworkCallback(networkCallback)
}
inner class NetworkCallback : ConnectivityManager.NetworkCallback () {
override fun onAvailable(network: Network) {
super.onAvailable(network)
nebula!!.rebind("network change")
}
override fun onLost(network: Network) {
super.onLost(network)
nebula!!.rebind("network change")
}
}
private fun registerSleep() {
val receiver: BroadcastReceiver = object : BroadcastReceiver() {
override fun onReceive(context: Context, intent: Intent?) {
val pm = context.getSystemService(Context.POWER_SERVICE) as PowerManager
if (pm.isDeviceIdleMode) {
if (!didSleep) {
nebula!!.sleep()
//TODO: we may want to shut off our network change listener like we do with iOS, I haven't observed any issues with it yet though
}
didSleep = true
} else {
nebula!!.rebind("android wake")
didSleep = false
}
}
}
registerReceiver(receiver, IntentFilter(PowerManager.ACTION_DEVICE_IDLE_MODE_CHANGED))
}
private fun registerReloadReceiver() {
registerReceiver(reloadReceiver, IntentFilter(ACTION_RELOAD))
}
private fun unregisterReloadReceiver() {
unregisterReceiver(reloadReceiver)
}
private fun reload() {
site = Site(this, File(path!!))
nebula?.reload(site!!.config, site!!.getKey(this))
}
private fun stopVpn() {
if (nebula == null) {
return stopSelf()
}
unregisterNetworkCallback()
unregisterReloadReceiver()
nebula?.stop()
vpnInterface?.close()
nebula = null
running = false
announceExit(site?.id, null)
stopSelf()
}
override fun onDestroy() {
override fun onRevoke() {
stopVpn()
//TODO: wait for the thread to exit
super.onRevoke()
}
override fun onDestroy() {
stopVpn()
//TODO: wait for the thread to exit
super.onDestroy()
@ -131,10 +262,22 @@ class NebulaVpnService : VpnService() {
send(msg, id)
}
inner class ReloadReceiver : BroadcastReceiver() {
override fun onReceive(context: Context, intent: Intent?) {
if (intent?.action != ACTION_RELOAD) return
if (!running) return
if (intent.getStringExtra("id") != site!!.id) return
Log.d(TAG, "Reloading Nebula")
reload()
}
}
/**
* Handler of incoming messages from clients.
*/
inner class IncomingHandler(context: Context, private val applicationContext: Context = context.applicationContext) : Handler() {
inner class IncomingHandler : Handler(Looper.getMainLooper()) {
override fun handleMessage(msg: Message) {
//TODO: how do we limit what can talk to us?
//TODO: Make sure replyTo is actually a messenger
@ -175,16 +318,16 @@ class NebulaVpnService : VpnService() {
if (protect(msg)) { return }
val res = nebula!!.listHostmap(msg.what == MSG_LIST_PENDING_HOSTMAP)
var m = Message.obtain(null, msg.what)
val m = Message.obtain(null, msg.what)
m.data.putString("data", res)
msg.replyTo.send(m)
}
private fun getHostInfo(msg: Message) {
if (protect(msg)) { return }
val res = nebula!!.getHostInfoByVpnIp(msg.data.getString("vpnIp"), msg.data.getBoolean("pending"))
var m = Message.obtain(null, msg.what)
val m = Message.obtain(null, msg.what)
m.data.putString("data", res)
msg.replyTo.send(m)
}
@ -193,16 +336,16 @@ class NebulaVpnService : VpnService() {
if (protect(msg)) { return }
val res = nebula!!.setRemoteForTunnel(msg.data.getString("vpnIp"), msg.data.getString("addr"))
var m = Message.obtain(null, msg.what)
val m = Message.obtain(null, msg.what)
m.data.putString("data", res)
msg.replyTo.send(m)
}
private fun closeTunnel(msg: Message) {
if (protect(msg)) { return }
val res = nebula!!.closeTunnel(msg.data.getString("vpnIp"))
var m = Message.obtain(null, msg.what)
val m = Message.obtain(null, msg.what)
m.data.putBoolean("data", res)
msg.replyTo.send(m)
}
@ -236,7 +379,7 @@ class NebulaVpnService : VpnService() {
return super.onBind(intent)
}
messenger = Messenger(IncomingHandler(this))
messenger = Messenger(IncomingHandler())
return messenger.binder
}
}
}

37
android/app/src/main/kotlin/net/defined/mobile_nebula/PackageInfo.kt Normal file
View File

@ -0,0 +1,37 @@
package net.defined.mobile_nebula
import android.content.Context
import android.content.pm.ApplicationInfo
import android.content.pm.PackageInfo
import android.content.pm.PackageManager
import android.os.Build
class PackageInfo(private val context: Context) {
private val pInfo: PackageInfo =
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.TIRAMISU)
context.packageManager.getPackageInfo(context.packageName, PackageManager.PackageInfoFlags.of(0))
else
@Suppress("DEPRECATION")
context.packageManager.getPackageInfo(context.packageName, 0)
private val appInfo: ApplicationInfo = context.applicationInfo
fun getVersion(): String {
val version: String = pInfo.versionName
val build: Long = if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P)
pInfo.longVersionCode
else
@Suppress("DEPRECATION")
pInfo.versionCode.toLong()
return "%s-%d".format(version, build)
}
fun getName(): String {
val stringId = appInfo.labelRes
return if (stringId == 0) appInfo.nonLocalizedLabel.toString() else context.getString(stringId)
}
fun getSystemVersion(): String {
return Build.VERSION.RELEASE
}
}

134
android/app/src/main/kotlin/net/defined/mobile_nebula/Share.kt
View File

@ -1,134 +0,0 @@
package net.defined.mobile_nebula
import android.app.PendingIntent
import android.content.*
import android.content.pm.PackageManager
import android.content.pm.ResolveInfo
import android.util.Log
import androidx.core.content.FileProvider
import io.flutter.plugin.common.MethodCall
import io.flutter.plugin.common.MethodChannel
import java.io.File
class Share {
companion object {
fun share(call: MethodCall, result: MethodChannel.Result) {
val title = call.argument<String>("title")
val text = call.argument<String>("text")
val filename = call.argument<String>("filename")
if (filename == null || filename.isEmpty()) {
return result.error("filename was not provided", null, null)
}
try {
val context = MainActivity!!.getContext()!!
val cacheDir = context.cacheDir.resolve("share")
cacheDir.deleteRecursively()
cacheDir.mkdir()
val newFile = cacheDir.resolve(filename!!)
newFile.delete()
newFile.writeText(text ?: "")
pop(title, newFile, result)
} catch (err: Exception) {
Log.println(Log.ERROR, "", "Share: Error")
result.error(err.message, null, null)
}
}
fun shareFile(call: MethodCall, result: MethodChannel.Result) {
val title = call.argument<String>("title")
val filename = call.argument<String>("filename")
val filePath = call.argument<String>("filePath")
if (filename == null || filename.isEmpty()) {
result.error("filename was not provided", null, null)
return
}
if (filePath == null || filePath.isEmpty()) {
result.error("filePath was not provided", null, null)
return
}
val file = File(filePath)
try {
val context = MainActivity!!.getContext()!!
val cacheDir = context.cacheDir.resolve("share")
cacheDir.deleteRecursively()
cacheDir.mkdir()
val newFile = cacheDir.resolve(filename!!)
newFile.delete()
file.copyTo(newFile)
pop(title, newFile, result)
} catch (err: Exception) {
Log.println(Log.ERROR, "", "Share: Error")
result.error(err.message, null, null)
}
}
private fun pop(title: String?, file: File, result: MethodChannel.Result) {
if (title == null || title.isEmpty()) {
result.error("title was not provided", null, null)
return
}
try {
val context = MainActivity!!.getContext()!!
val fileUri = FileProvider.getUriForFile(context, context.applicationContext.packageName + ".provider", file)
val intent = Intent()
intent.flags = Intent.FLAG_ACTIVITY_CLEAR_TOP
intent.flags = Intent.FLAG_ACTIVITY_NEW_TASK
intent.action = Intent.ACTION_SEND
intent.type = "text/*"
intent.putExtra(Intent.EXTRA_SUBJECT, title)
intent.putExtra(Intent.EXTRA_STREAM, fileUri)
intent.addFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION)
val receiver = Intent(context, ShareReceiver::class.java)
receiver.putExtra(Intent.EXTRA_TEXT, file)
val pendingIntent = PendingIntent.getBroadcast(context, 0, receiver, PendingIntent.FLAG_UPDATE_CURRENT)
val chooserIntent = Intent.createChooser(intent, title, pendingIntent.intentSender)
val resInfoList: List<ResolveInfo> = context.packageManager.queryIntentActivities(chooserIntent, PackageManager.MATCH_DEFAULT_ONLY)
for (resolveInfo in resInfoList) {
val packageName: String = resolveInfo.activityInfo.packageName
context.grantUriPermission(packageName, fileUri, Intent.FLAG_GRANT_READ_URI_PERMISSION)
}
context.startActivity(chooserIntent)
} catch (err: Exception) {
Log.println(Log.ERROR, "", "Share: Error")
return result.error(err.message, null, null)
}
result.success(true)
}
}
}
class ShareReceiver : BroadcastReceiver() {
override fun onReceive(context: Context?, intent: Intent?) {
if (intent == null) {
return
}
val res = intent.extras.get(Intent.EXTRA_CHOSEN_COMPONENT) as? ComponentName ?: return
when (res.className) {
"org.chromium.arc.intent_helper.SendTextToClipboardActivity" -> {
val file = intent.extras[Intent.EXTRA_TEXT] as? File ?: return
val clipboard = context?.getSystemService(Context.CLIPBOARD_SERVICE) as ClipboardManager
clipboard.primaryClip = ClipData.newPlainText("", file.readText())
}
}
}
}

221
android/app/src/main/kotlin/net/defined/mobile_nebula/Sites.kt
View File

@ -3,7 +3,6 @@ package net.defined.mobile_nebula
import android.content.Context
import android.util.Log
import com.google.gson.Gson
import com.google.gson.annotations.Expose
import com.google.gson.annotations.SerializedName
import io.flutter.embedding.engine.FlutterEngine
import io.flutter.plugin.common.EventChannel
@ -16,7 +15,7 @@ data class SiteContainer(
)
class Sites(private var engine: FlutterEngine) {
private var sites: HashMap<String, SiteContainer> = HashMap()
private var containers: HashMap<String, SiteContainer> = HashMap()
init {
refreshSites()
@ -24,64 +23,115 @@ class Sites(private var engine: FlutterEngine) {
fun refreshSites(activeSite: String? = null) {
val context = MainActivity.getContext()!!
val sitesDir = context.filesDir.resolve("sites")
if (!sitesDir.isDirectory) {
sitesDir.delete()
sitesDir.mkdir()
}
sites = HashMap()
sitesDir.listFiles().forEach { siteDir ->
try {
val site = Site(siteDir)
// Make sure we can load the private key
site.getKey(context)
val updater = SiteUpdater(site, engine)
if (site.id == activeSite) {
updater.setState(true, "Connected")
}
this.sites[site.id] = SiteContainer(site, updater)
} catch (err: Exception) {
siteDir.deleteRecursively()
Log.e(TAG, "Deleting non conforming site ${siteDir.absolutePath}", err)
val sites = SiteList(context)
val containers: HashMap<String, SiteContainer> = HashMap()
sites.getSites().values.forEach { site ->
// Don't create a new SiteUpdater or we will lose subscribers
var updater = this.containers[site.id]?.updater
if (updater != null) {
updater.setSite(site)
} else {
updater = SiteUpdater(site, engine)
}
if (site.id == activeSite) {
updater.setState(true, "Connected")
}
containers[site.id] = SiteContainer(site, updater)
}
this.containers = containers
}
fun getSites(): Map<String, Site> {
return sites.mapValues { it.value.site }
return containers.mapValues { it.value.site }
}
fun deleteSite(id: String) {
sites.remove(id)
val siteDir = MainActivity.getContext()!!.filesDir.resolve("sites").resolve(id)
val context = MainActivity.getContext()!!
val site = containers[id]!!.site
val baseDir = if(site.managed) context.noBackupFilesDir else context.filesDir
val siteDir = baseDir.resolve("sites").resolve(id)
siteDir.deleteRecursively()
refreshSites()
//TODO: make sure you stop the vpn
//TODO: make sure you relink the active site if this is the active site
}
fun getSite(id: String): SiteContainer? {
return sites[id]
return containers[id]
}
}
class SiteList(context: Context) {
private var sites: Map<String, Site>
init {
val nebulaSites = getSites(context, context.filesDir)
val dnSites = getSites(context, context.noBackupFilesDir)
// In case of a conflict, dnSites will take precedence.
sites = nebulaSites + dnSites
}
fun getSites(): Map<String, Site> {
return sites
}
companion object {
fun getSites(context: Context, directory: File): HashMap<String, Site> {
val sites = HashMap<String, Site>()
val sitesDir = directory.resolve("sites")
if (!sitesDir.isDirectory) {
sitesDir.delete()
sitesDir.mkdir()
}
sitesDir.listFiles()?.forEach { siteDir ->
try {
val site = Site(context, siteDir)
// Make sure we can load the private key
site.getKey(context)
// Make sure we can load the DN credentials if managed
if (site.managed) {
site.getDNCredentials(context)
}
sites[site.id] = site
} catch (err: Exception) {
siteDir.deleteRecursively()
Log.e(TAG, "Deleting non conforming site ${siteDir.absolutePath}", err)
}
}
return sites
}
}
}
class SiteUpdater(private var site: Site, engine: FlutterEngine): EventChannel.StreamHandler {
private val gson = Gson()
// eventSink is how we send info back up to flutter
private var eventChannel: EventChannel = EventChannel(engine.dartExecutor.binaryMessenger, "net.defined.nebula/${site.id}")
private var eventSink: EventChannel.EventSink? = null
fun setSite(site: Site) {
this.site = site
}
fun setState(connected: Boolean, status: String, err: String? = null) {
site.connected = connected
site.status = status
val d = mapOf("connected" to site.connected, "status" to site.status)
if (err != null) {
eventSink?.error("", err, d)
eventSink?.error("", err, gson.toJson(site))
} else {
eventSink?.success(d)
eventSink?.success(gson.toJson(site))
}
}
@ -129,11 +179,29 @@ data class CertificateValidity(
@SerializedName("Reason") val reason: String
)
class Site {
data class DNCredentials(
val hostID: String,
val privateKey: String,
val counter: Int,
val trustedKeys: String,
var invalid: Boolean,
) {
fun save(context: Context, siteDir: File) {
val jsonCreds = Gson().toJson(this)
val credsFile = siteDir.resolve("dnCredentials")
credsFile.delete()
EncFile(context).openWrite(credsFile).use { it.write(jsonCreds) }
}
}
class Site(context: Context, siteDir: File) {
val name: String
val id: String
val staticHostmap: HashMap<String, StaticHosts>
val unsafeRoutes: List<UnsafeRoute>
val dnsResolvers: List<String>
var cert: CertificateInfo? = null
var ca: Array<CertificateInfo>
val lhDuration: Int
@ -141,21 +209,25 @@ class Site {
val mtu: Int
val cipher: String
val sortKey: Int
var logVerbosity: String
val logVerbosity: String
var connected: Boolean?
var status: String?
val logFile: String?
var errors: ArrayList<String> = ArrayList()
val managed: Boolean
// The following fields are present when managed = true
val rawConfig: String?
val lastManagedUpdate: String?
// Path to this site on disk
@Expose(serialize = false)
@Transient
val path: String
// Strong representation of the site config
@Expose(serialize = false)
@Transient
val config: String
constructor(siteDir: File) {
init {
val gson = Gson()
config = siteDir.resolve("config.json").readText()
val incomingSite = gson.fromJson(config, IncomingSite::class.java)
@ -165,6 +237,7 @@ class Site {
id = incomingSite.id
staticHostmap = incomingSite.staticHostmap
unsafeRoutes = incomingSite.unsafeRoutes ?: ArrayList()
dnsResolvers = incomingSite.dnsResolvers ?: ArrayList()
lhDuration = incomingSite.lhDuration
port = incomingSite.port
mtu = incomingSite.mtu ?: 1300
@ -172,6 +245,9 @@ class Site {
sortKey = incomingSite.sortKey ?: 0
logFile = siteDir.resolve("log").absolutePath
logVerbosity = incomingSite.logVerbosity ?: "info"
rawConfig = incomingSite.rawConfig
managed = incomingSite.managed ?: false
lastManagedUpdate = incomingSite.lastManagedUpdate
connected = false
status = "Disconnected"
@ -201,7 +277,7 @@ class Site {
}
}
if (hasErrors) {
if (hasErrors && !managed) {
errors.add("There are issues with 1 or more ca certificates")
}
@ -210,6 +286,10 @@ class Site {
errors.add("Error while loading certificate authorities: ${err.message}")
}
if (managed && getDNCredentials(context).invalid) {
errors.add("Unable to fetch updates - please re-enroll the device")
}
if (errors.isEmpty()) {
try {
mobileNebula.MobileNebula.testConfig(config, getKey(MainActivity.getContext()!!))
@ -219,12 +299,31 @@ class Site {
}
}
fun getKey(context: Context): String? {
fun getKey(context: Context): String {
val f = EncFile(context).openRead(File(path).resolve("key"))
val k = f.readText()
f.close()
return k
}
fun getDNCredentials(context: Context): DNCredentials {
val filepath = File(path).resolve("dnCredentials")
val f = EncFile(context).openRead(filepath)
val cfg = f.use { it.readText() }
return Gson().fromJson(cfg, DNCredentials::class.java)
}
fun invalidateDNCredentials(context: Context) {
val creds = getDNCredentials(context)
creds.invalid = true
creds.save(context, File(path))
}
fun validateDNCredentials(context: Context) {
val creds = getDNCredentials(context)
creds.invalid = false
creds.save(context, File(path))
}
}
data class StaticHosts(
@ -243,6 +342,7 @@ class IncomingSite(
val id: String,
val staticHostmap: HashMap<String, StaticHosts>,
val unsafeRoutes: List<UnsafeRoute>?,
val dnsResolvers: List<String>?,
val cert: String,
val ca: String,
val lhDuration: Int,
@ -250,26 +350,37 @@ class IncomingSite(
val mtu: Int?,
val cipher: String,
val sortKey: Int?,
var logVerbosity: String?,
@Expose(serialize = false)
var key: String?
val logVerbosity: String?,
var key: String?,
val managed: Boolean?,
// The following fields are present when managed = true
val lastManagedUpdate: String?,
val rawConfig: String?,
var dnCredentials: DNCredentials?,
) {
fun save(context: Context) {
val siteDir = context.filesDir.resolve("sites").resolve(id)
fun save(context: Context): File {
// Don't allow backups of DN-managed sites
val baseDir = if(managed == true) context.noBackupFilesDir else context.filesDir
val siteDir = baseDir.resolve("sites").resolve(id)
if (!siteDir.exists()) {
siteDir.mkdir()
}
if (key != null) {
val f = EncFile(context).openWrite(siteDir.resolve("key"))
f.use { it.write(key) }
f.close()
val keyFile = siteDir.resolve("key")
keyFile.delete()
val encFile = EncFile(context).openWrite(keyFile)
encFile.use { it.write(key) }
encFile.close()
}
key = null
val gson = Gson()
dnCredentials?.save(context, siteDir)
dnCredentials = null
val confFile = siteDir.resolve("config.json")
confFile.writeText(gson.toJson(this))
confFile.writeText(Gson().toJson(this))
return siteDir
}
}

BIN
android/app/src/main/res/mipmap-hdpi/ic_launcher.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.9 KiB

After

Width:  |  Height:  |  Size: 2.4 KiB

BIN
android/app/src/main/res/mipmap-hdpi/ic_launcher_foreground.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 7.5 KiB

After

Width:  |  Height:  |  Size: 5.7 KiB

BIN
android/app/src/main/res/mipmap-hdpi/ic_launcher_round.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 5.3 KiB

After

Width:  |  Height:  |  Size: 4.6 KiB

BIN
android/app/src/main/res/mipmap-mdpi/ic_launcher.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.6 KiB

After

Width:  |  Height:  |  Size: 1.4 KiB

BIN
android/app/src/main/res/mipmap-mdpi/ic_launcher_foreground.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 3.6 KiB

After

Width:  |  Height:  |  Size: 2.9 KiB

BIN
android/app/src/main/res/mipmap-mdpi/ic_launcher_round.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.9 KiB

After

Width:  |  Height:  |  Size: 2.6 KiB

BIN
android/app/src/main/res/mipmap-xhdpi/ic_launcher.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 4.7 KiB

After

Width:  |  Height:  |  Size: 3.8 KiB

BIN
android/app/src/main/res/mipmap-xhdpi/ic_launcher_foreground.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 12 KiB

After

Width:  |  Height:  |  Size: 9.4 KiB

BIN
android/app/src/main/res/mipmap-xhdpi/ic_launcher_round.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 8.3 KiB

After

Width:  |  Height:  |  Size: 7.1 KiB

BIN
android/app/src/main/res/mipmap-xxhdpi/ic_launcher.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 9.2 KiB

After

Width:  |  Height:  |  Size: 7.3 KiB

BIN
android/app/src/main/res/mipmap-xxhdpi/ic_launcher_foreground.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 26 KiB

After

Width:  |  Height:  |  Size: 20 KiB

BIN
android/app/src/main/res/mipmap-xxhdpi/ic_launcher_round.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 16 KiB

After

Width:  |  Height:  |  Size: 13 KiB

BIN
android/app/src/main/res/mipmap-xxxhdpi/ic_launcher.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 15 KiB

After

Width:  |  Height:  |  Size: 12 KiB

BIN
android/app/src/main/res/mipmap-xxxhdpi/ic_launcher_foreground.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 45 KiB

After

Width:  |  Height:  |  Size: 34 KiB

BIN
android/app/src/main/res/mipmap-xxxhdpi/ic_launcher_round.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 26 KiB

After

Width:  |  Height:  |  Size: 21 KiB

3
android/app/src/profile/AndroidManifest.xml
View File

@ -1,5 +1,4 @@
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="net.defined.mobile_nebula">
<manifest xmlns:android="http://schemas.android.com/apk/res/android">
<!-- Flutter needs it to communicate with the running application
to allow setting breakpoints, to provide hot reload, etc.
-->

16
android/build.gradle
View File

@ -1,20 +1,24 @@
buildscript {
ext.kotlin_version = '1.3.61'
ext {
workVersion = "2.7.1"
kotlinVersion = '1.7.20'
}
repositories {
google()
jcenter()
mavenCentral()
}
dependencies {
classpath 'com.android.tools.build:gradle:4.0.0'
classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:$kotlin_version"
classpath 'com.android.tools.build:gradle:7.3.1'
classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:$kotlinVersion"
}
}
allprojects {
repositories {
google()
jcenter()
mavenCentral()
}
}
@ -26,6 +30,6 @@ subprojects {
project.evaluationDependsOn(':app')
}
task clean(type: Delete) {
tasks.register("clean", Delete) {
delete rootProject.buildDir
}

2
android/fastlane/Appfile Normal file
View File

@ -0,0 +1,2 @@
package_name("net.defined.mobile_nebula")
json_key_file(ENV['GOOGLE_PLAY_API_JWT_PATH'])

50
android/fastlane/Fastfile Normal file
View File

@ -0,0 +1,50 @@
# This file contains the fastlane.tools configuration
# You can find the documentation at https://docs.fastlane.tools
#
# For a list of all available actions, check out
#
# https://docs.fastlane.tools/actions
#
# For a list of all available plugins, check out
#
# https://docs.fastlane.tools/plugins/available-plugins
#
# Uncomment the line if you want fastlane to automatically update itself
# update_fastlane
default_platform(:android)
platform :android do
lane :release_build_number do
nextCode = sprintf("%s", latest_googleplay_version_code + 1)
File.write("../../release_build_number", nextCode)
end
desc "Deploy a new version to the Google Play"
lane :release do
upload_to_play_store(
track: 'internal',
aab: '../build/app/outputs/bundle/release/app-release.aab'
)
end
end
def latest_googleplay_version_code
productionVersionCodes = google_play_track_version_codes(track: 'production')
#NOTE: we do not have a beta track right now
#betaVersionCodes = google_play_track_version_codes(track: 'beta')
alphaVersionCodes = google_play_track_version_codes(track: 'alpha')
internalVersionCodes = google_play_track_version_codes(track: 'internal')
# puts version codes from all tracks into the same array
versionCodes = [
productionVersionCodes,
#betaVersionCodes,
alphaVersionCodes,
internalVersionCodes
].reduce([], :concat)
# returns the highest version code from array
return versionCodes.max
end

40
android/fastlane/README.md Normal file
View File

@ -0,0 +1,40 @@
fastlane documentation
----
# Installation
Make sure you have the latest version of the Xcode command line tools installed:
```sh
xcode-select --install
```
For _fastlane_ installation instructions, see [Installing _fastlane_](https://docs.fastlane.tools/#installing-fastlane)
# Available Actions
## Android
### android release_build_number
```sh
[bundle exec] fastlane android release_build_number
```
### android release
```sh
[bundle exec] fastlane android release
```
Deploy a new version to the Google Play
----
This README.md is auto-generated and will be re-generated every time [_fastlane_](https://fastlane.tools) is run.
More information about _fastlane_ can be found on [fastlane.tools](https://fastlane.tools).
The documentation of _fastlane_ can be found on [docs.fastlane.tools](https://docs.fastlane.tools).

1
android/gradle.properties
View File

@ -1,4 +1,3 @@
org.gradle.jvmargs=-Xmx1536M
android.enableR8=true
android.useAndroidX=true
android.enableJetifier=true

3
android/gradle/wrapper/gradle-wrapper.properties vendored
View File

@ -1,6 +1,5 @@
#Fri Jun 05 14:55:48 CDT 2020
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
zipStoreBase=GRADLE_USER_HOME
zipStorePath=wrapper/dists
distributionUrl=https\://services.gradle.org/distributions/gradle-6.1.1-all.zip
distributionUrl=https\://services.gradle.org/distributions/gradle-7.4-all.zip

6
android/mobileNebula/build.gradle Normal file
View File

@ -0,0 +1,6 @@
configurations.maybeCreate("default")
exec {
workingDir '../../'
commandLine './gen-artifacts.sh', 'android'
}
artifacts.add("default", file('mobileNebula.aar'))

20
android/settings.gradle
View File

@ -1,15 +1,11 @@
include ':app'
include ':app', ':mobileNebula'
def flutterProjectRoot = rootProject.projectDir.parentFile.toPath()
def localPropertiesFile = new File(rootProject.projectDir, "local.properties")
def properties = new Properties()
def plugins = new Properties()
def pluginsFile = new File(flutterProjectRoot.toFile(), '.flutter-plugins')
if (pluginsFile.exists()) {
pluginsFile.withReader('UTF-8') { reader -> plugins.load(reader) }
}
assert localPropertiesFile.exists()
localPropertiesFile.withReader("UTF-8") { reader -> properties.load(reader) }
plugins.each { name, path ->
def pluginDirectory = flutterProjectRoot.resolve(path).resolve('android').toFile()
include ":$name"
project(":$name").projectDir = pluginDirectory
}
def flutterSdkPath = properties.getProperty("flutter.sdk")
assert flutterSdkPath != null, "flutter.sdk not set in local.properties"
apply from: "$flutterSdkPath/packages/flutter_tools/gradle/app_plugin_loader.gradle"

1
android/settings_aar.gradle
View File

@ -1 +0,0 @@
include ':app'

15
gen-artifacts.sh
View File

@ -2,22 +2,23 @@
set -e
. env.sh
. ./env.sh
# Generate gomobile nebula bindings
cd nebula
if [ "$1" = "ios" ]; then
# Build for nebula for iOS
make MobileNebula.framework
rm -rf ../ios/NebulaNetworkExtension/MobileNebula.framework
cp -r MobileNebula.framework ../ios/NebulaNetworkExtension/
make MobileNebula.xcframework
rm -rf ../ios/MobileNebula.xcframework
cp -r MobileNebula.xcframework ../ios/
elif [ "$1" = "android" ]; then
# Build nebula for android
make mobileNebula.aar
rm -rf ../android/app/src/main/libs/mobileNebula.aar
cp mobileNebula.aar ../android/app/src/main/libs/mobileNebula.aar
mkdir -p ../android/mobileNebula
rm -rf ../android/mobileNebula/mobileNebula.aar
cp mobileNebula.aar ../android/mobileNebula/mobileNebula.aar
else
echo "Error: unsupported target os $1"
@ -48,4 +49,4 @@ cd ..
# Try and avoid issues with building by moving into place after we are complete
#TODO: this might be a parallel build of deps issue in kotlin, might need to solve there
mv lib/.gen.versions.dart lib/gen.versions.dart
mv lib/.gen.versions.dart lib/gen.versions.dart

4
images/dn-logo-dark.svg Normal file
View File

@ -0,0 +1,4 @@
<svg width="53" height="62" viewBox="0 0 53 62" fill="none" xmlns="http://www.w3.org/2000/svg">
<path d="M42.1128 61.2016H25.8226C30.4449 55.8553 42.14 32.9921 36.5151 23.1053C32.4774 15.9477 19.5464 12.8338 0 14.1999V0.323899C25.6196 -1.42992 41.6675 3.94663 48.6585 16.2567C57.4851 31.9077 47.3469 52.4022 42.1128 61.2016Z" fill="white"/>
<path d="M0 61.2106H13.9245V21.6453L0 14.0424V61.2106Z" fill="#6E7D91"/>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 421 B

4
images/dn-logo-light.svg Normal file
View File

@ -0,0 +1,4 @@
<svg width="53" height="62" viewBox="0 0 53 62" fill="none" xmlns="http://www.w3.org/2000/svg">
<path d="M42.1128 61.2016H25.8226C30.4449 55.8553 42.14 32.9921 36.5151 23.1053C32.4774 15.9477 19.5464 12.8338 0 14.1999V0.323899C25.6196 -1.42992 41.6675 3.94663 48.6585 16.2567C57.4851 31.9077 47.3469 52.4022 42.1128 61.2016Z" fill="#0B0D0F"/>
<path d="M0 61.2106H13.9245V21.6453L0 14.0424V61.2106Z" fill="#6E7D91"/>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 423 B

2
ios/Flutter/AppFrameworkInfo.plist
View File

@ -21,6 +21,6 @@
<key>CFBundleVersion</key>
<string>1.0</string>
<key>MinimumOSVersion</key>
<string>8.0</string>
<string>11.0</string>
</dict>
</plist>

3
ios/Gemfile Normal file
View File

@ -0,0 +1,3 @@
source "https://rubygems.org"
gem "fastlane"

218
ios/Gemfile.lock Normal file
View File

@ -0,0 +1,218 @@
GEM
remote: https://rubygems.org/
specs:
CFPropertyList (3.0.5)
rexml
addressable (2.8.1)
public_suffix (>= 2.0.2, < 6.0)
artifactory (3.0.15)
atomos (0.1.3)
aws-eventstream (1.2.0)
aws-partitions (1.634.0)
aws-sdk-core (3.152.0)
aws-eventstream (~> 1, >= 1.0.2)
aws-partitions (~> 1, >= 1.525.0)
aws-sigv4 (~> 1.1)
jmespath (~> 1, >= 1.6.1)
aws-sdk-kms (1.58.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sigv4 (~> 1.1)
aws-sdk-s3 (1.114.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.4)
aws-sigv4 (1.5.1)
aws-eventstream (~> 1, >= 1.0.2)
babosa (1.0.4)
claide (1.1.0)
colored (1.2)
colored2 (3.1.2)
commander (4.6.0)
highline (~> 2.0.0)
declarative (0.0.20)
digest-crc (0.6.4)
rake (>= 12.0.0, < 14.0.0)
domain_name (0.5.20190701)
unf (>= 0.0.5, < 1.0.0)
dotenv (2.8.1)
emoji_regex (3.2.3)
excon (0.92.5)
faraday (1.10.2)
faraday-em_http (~> 1.0)
faraday-em_synchrony (~> 1.0)
faraday-excon (~> 1.1)
faraday-httpclient (~> 1.0)
faraday-multipart (~> 1.0)
faraday-net_http (~> 1.0)
faraday-net_http_persistent (~> 1.0)
faraday-patron (~> 1.0)
faraday-rack (~> 1.0)
faraday-retry (~> 1.0)
ruby2_keywords (>= 0.0.4)
faraday-cookie_jar (0.0.7)
faraday (>= 0.8.0)
http-cookie (~> 1.0.0)
faraday-em_http (1.0.0)
faraday-em_synchrony (1.0.0)
faraday-excon (1.1.0)
faraday-httpclient (1.0.1)
faraday-multipart (1.0.4)
multipart-post (~> 2)
faraday-net_http (1.0.1)
faraday-net_http_persistent (1.2.0)
faraday-patron (1.0.0)
faraday-rack (1.0.0)
faraday-retry (1.0.3)
faraday_middleware (1.2.0)
faraday (~> 1.0)
fastimage (2.2.6)
fastlane (2.210.1)
CFPropertyList (>= 2.3, < 4.0.0)
addressable (>= 2.8, < 3.0.0)
artifactory (~> 3.0)
aws-sdk-s3 (~> 1.0)
babosa (>= 1.0.3, < 2.0.0)
bundler (>= 1.12.0, < 3.0.0)
colored
commander (~> 4.6)
dotenv (>= 2.1.1, < 3.0.0)
emoji_regex (>= 0.1, < 4.0)
excon (>= 0.71.0, < 1.0.0)
faraday (~> 1.0)
faraday-cookie_jar (~> 0.0.6)
faraday_middleware (~> 1.0)
fastimage (>= 2.1.0, < 3.0.0)
gh_inspector (>= 1.1.2, < 2.0.0)
google-apis-androidpublisher_v3 (~> 0.3)
google-apis-playcustomapp_v1 (~> 0.1)
google-cloud-storage (~> 1.31)
highline (~> 2.0)
json (< 3.0.0)
jwt (>= 2.1.0, < 3)
mini_magick (>= 4.9.4, < 5.0.0)
multipart-post (~> 2.0.0)
naturally (~> 2.2)
optparse (~> 0.1.1)
plist (>= 3.1.0, < 4.0.0)
rubyzip (>= 2.0.0, < 3.0.0)
security (= 0.1.3)
simctl (~> 1.6.3)
terminal-notifier (>= 2.0.0, < 3.0.0)
terminal-table (>= 1.4.5, < 2.0.0)
tty-screen (>= 0.6.3, < 1.0.0)
tty-spinner (>= 0.8.0, < 1.0.0)
word_wrap (~> 1.0.0)
xcodeproj (>= 1.13.0, < 2.0.0)
xcpretty (~> 0.3.0)
xcpretty-travis-formatter (>= 0.0.3)
gh_inspector (1.1.3)
google-apis-androidpublisher_v3 (0.27.0)
google-apis-core (>= 0.7.2, < 2.a)
google-apis-core (0.9.0)
addressable (~> 2.5, >= 2.5.1)
googleauth (>= 0.16.2, < 2.a)
httpclient (>= 2.8.1, < 3.a)
mini_mime (~> 1.0)
representable (~> 3.0)
retriable (>= 2.0, < 4.a)
rexml
webrick
google-apis-iamcredentials_v1 (0.14.0)
google-apis-core (>= 0.7.2, < 2.a)
google-apis-playcustomapp_v1 (0.10.0)
google-apis-core (>= 0.7, < 2.a)
google-apis-storage_v1 (0.17.0)
google-apis-core (>= 0.7, < 2.a)
google-cloud-core (1.6.0)
google-cloud-env (~> 1.0)
google-cloud-errors (~> 1.0)
google-cloud-env (1.6.0)
faraday (>= 0.17.3, < 3.0)
google-cloud-errors (1.3.0)
google-cloud-storage (1.42.0)
addressable (~> 2.8)
digest-crc (~> 0.4)
google-apis-iamcredentials_v1 (~> 0.1)
google-apis-storage_v1 (~> 0.17.0)
google-cloud-core (~> 1.6)
googleauth (>= 0.16.2, < 2.a)
mini_mime (~> 1.0)
googleauth (1.2.0)
faraday (>= 0.17.3, < 3.a)
jwt (>= 1.4, < 3.0)
memoist (~> 0.16)
multi_json (~> 1.11)
os (>= 0.9, < 2.0)
signet (>= 0.16, < 2.a)
highline (2.0.3)
http-cookie (1.0.5)
domain_name (~> 0.5)
httpclient (2.8.3)
jmespath (1.6.1)
json (2.6.2)
jwt (2.5.0)
memoist (0.16.2)
mini_magick (4.11.0)
mini_mime (1.1.2)
multi_json (1.15.0)
multipart-post (2.0.0)
nanaimo (0.3.0)
naturally (2.2.1)
optparse (0.1.1)
os (1.1.4)
plist (3.6.0)
public_suffix (5.0.0)
rake (13.0.6)
representable (3.2.0)
declarative (< 0.1.0)
trailblazer-option (>= 0.1.1, < 0.2.0)
uber (< 0.2.0)
retriable (3.1.2)
rexml (3.2.5)
rouge (2.0.7)
ruby2_keywords (0.0.5)
rubyzip (2.3.2)
security (0.1.3)
signet (0.17.0)
addressable (~> 2.8)
faraday (>= 0.17.5, < 3.a)
jwt (>= 1.5, < 3.0)
multi_json (~> 1.10)
simctl (1.6.8)
CFPropertyList
naturally
terminal-notifier (2.0.0)
terminal-table (1.8.0)
unicode-display_width (~> 1.1, >= 1.1.1)
trailblazer-option (0.1.2)
tty-cursor (0.7.1)
tty-screen (0.8.1)
tty-spinner (0.9.3)
tty-cursor (~> 0.7)
uber (0.1.0)
unf (0.1.4)
unf_ext
unf_ext (0.0.8.2)
unicode-display_width (1.8.0)
webrick (1.7.0)
word_wrap (1.0.0)
xcodeproj (1.22.0)
CFPropertyList (>= 2.3.3, < 4.0)
atomos (~> 0.1.3)
claide (>= 1.0.2, < 2.0)
colored2 (~> 3.1)
nanaimo (~> 0.3.0)
rexml (~> 3.2.4)
xcpretty (0.3.0)
rouge (~> 2.0.7)
xcpretty-travis-formatter (1.0.1)
xcpretty (~> 0.2, >= 0.0.7)
PLATFORMS
arm64-darwin-21
DEPENDENCIES
fastlane
BUNDLED WITH
2.3.11

16
ios/NebulaNetworkExtension/CtlInfo.h Normal file
View File

@ -0,0 +1,16 @@
#include <stdint.h>
/* <sys/kern_control.h> */
#define CTLIOCGINFO 0xc0644e03UL
struct ctl_info {
u_int32_t ctl_id;
char ctl_name[96];
};
struct sockaddr_ctl {
u_char sc_len;
u_char sc_family;
u_int16_t ss_sysaddr;
u_int32_t sc_id;
u_int32_t sc_unit;
u_int32_t sc_reserved[5];
};

18
ios/NebulaNetworkExtension/Keychain.swift
View File

@ -3,17 +3,21 @@ import Foundation
let groupName = "group.net.defined.mobileNebula"
class KeyChain {
class func save(key: String, data: Data) -> Bool {
let query: [String: Any] = [
class func save(key: String, data: Data, managed: Bool) -> Bool {
var query: [String: Any] = [
kSecClass as String : kSecClassGenericPassword as String,
kSecAttrAccount as String : key,
kSecValueData as String : data,
kSecAttrAccessGroup as String: groupName,
]
if (managed) {
query[kSecAttrAccessible as String] = kSecAttrAccessibleAfterFirstUnlock
}
SecItemDelete(query as CFDictionary)
let val = SecItemAdd(query as CFDictionary, nil)
return val == 0
// Attempt to delete an existing key to allow for an overwrite
_ = self.delete(key: key)
return SecItemAdd(query as CFDictionary, nil) == 0
}
class func load(key: String) -> Data? {
@ -38,10 +42,8 @@ class KeyChain {
class func delete(key: String) -> Bool {
let query: [String: Any] = [
kSecClass as String : kSecClassGenericPassword,
kSecClass as String : kSecClassGenericPassword as String,
kSecAttrAccount as String : key,
kSecReturnData as String : kCFBooleanTrue!,
kSecMatchLimit as String : kSecMatchLimitOne,
kSecAttrAccessGroup as String: groupName,
]

246
ios/NebulaNetworkExtension/PacketTunnelProvider.swift
View File

@ -1,136 +1,206 @@
import NetworkExtension
import MobileNebula
import os.log
import MMWormhole
import SwiftyJSON
class PacketTunnelProvider: NEPacketTunnelProvider {
private var networkMonitor: NWPathMonitor?
private var ifname: String?
private var site: Site?
private var _log = OSLog(subsystem: "net.defined.mobileNebula", category: "PacketTunnelProvider")
private var wormhole = MMWormhole(applicationGroupIdentifier: "group.net.defined.mobileNebula", optionalDirectory: "ipc")
private var log = Logger(subsystem: "net.defined.mobileNebula", category: "PacketTunnelProvider")
private var nebula: MobileNebulaNebula?
private func log(_ message: StaticString, _ args: CVarArg...) {
os_log(message, log: _log, args)
}
private var dnUpdater = DNUpdater()
private var didSleep = false
private var cachedRouteDescription: String?
override func startTunnel(options: [String : NSObject]?, completionHandler: @escaping (Error?) -> Void) {
NSKeyedUnarchiver.setClass(IPCRequest.classForKeyedUnarchiver(), forClassName: "Runner.IPCRequest")
// There is currently no way to get initialization errors back to the UI via completionHandler here
// `expectStart` is sent only via the UI which means we should wait for the real start command which has another completion handler the UI can intercept
if options?["expectStart"] != nil {
// The system completion handler must be called before IPC will work
completionHandler(nil)
return
}
// VPN is being booted out of band of the UI. Use the system completion handler as there will be nothing to route initialization errors to but we still need to report
// success/fail by the presence of an error or nil
start(completionHandler: completionHandler)
}
private func start(completionHandler: @escaping (Error?) -> Void) {
let proto = self.protocolConfiguration as! NETunnelProviderProtocol
var config: Data
var key: String
do {
config = proto.providerConfiguration?["config"] as! Data
site = try Site(proto: proto)
config = try site!.getConfig()
} catch {
//TODO: need a way to notify the app
log("Failed to render config from vpn object")
log.error("Failed to render config from vpn object")
return completionHandler(error)
}
let _site = site!
_log = OSLog(subsystem: "net.defined.mobileNebula:\(_site.name)", category: "PacketTunnelProvider")
do {
key = try _site.getKey()
} catch {
wormhole.passMessageObject(IPCMessage(id: _site.id, type: "error", message: error.localizedDescription), identifier: "nebula")
return completionHandler(error)
}
self.networkMonitor = NWPathMonitor()
self.networkMonitor!.pathUpdateHandler = self.pathUpdate
self.networkMonitor!.start(queue: DispatchQueue(label: "NetworkMonitor"))
let fileDescriptor = (self.packetFlow.value(forKeyPath: "socket.fileDescriptor") as? Int32) ?? -1
if fileDescriptor < 0 {
let msg = IPCMessage(id: _site.id, type: "error", message: "Starting tunnel failed: Could not determine file descriptor")
wormhole.passMessageObject(msg, identifier: "nebula")
return completionHandler(NSError())
let fileDescriptor = tunnelFileDescriptor
if fileDescriptor == nil {
return completionHandler("Unable to locate the tun file descriptor")
}
var ifnameSize = socklen_t(IFNAMSIZ)
let ifnamePtr = UnsafeMutablePointer<CChar>.allocate(capacity: Int(ifnameSize))
ifnamePtr.initialize(repeating: 0, count: Int(ifnameSize))
if getsockopt(fileDescriptor, 2 /* SYSPROTO_CONTROL */, 2 /* UTUN_OPT_IFNAME */, ifnamePtr, &ifnameSize) == 0 {
self.ifname = String(cString: ifnamePtr)
}
ifnamePtr.deallocate()
let tunFD = Int(fileDescriptor!)
// This is set to 127.0.0.1 because it has to be something..
let tunnelNetworkSettings = NEPacketTunnelNetworkSettings(tunnelRemoteAddress: "127.0.0.1")
// Make sure our ip is routed to the tun device
var err: NSError?
let ipNet = MobileNebulaParseCIDR(_site.cert!.cert.details.ips[0], &err)
if (err != nil) {
let msg = IPCMessage(id: _site.id, type: "error", message: err?.localizedDescription ?? "Unknown error from go MobileNebula.ParseCIDR - certificate")
self.wormhole.passMessageObject(msg, identifier: "nebula")
return completionHandler(err)
return completionHandler(err!)
}
tunnelNetworkSettings.ipv4Settings = NEIPv4Settings(addresses: [ipNet!.ip], subnetMasks: [ipNet!.maskCIDR])
var routes: [NEIPv4Route] = [NEIPv4Route(destinationAddress: ipNet!.network, subnetMask: ipNet!.maskCIDR)]
// Add our unsafe routes
_site.unsafeRoutes.forEach { unsafeRoute in
let ipNet = MobileNebulaParseCIDR(unsafeRoute.route, &err)
if (err != nil) {
let msg = IPCMessage(id: _site.id, type: "error", message: err?.localizedDescription ?? "Unknown error from go MobileNebula.ParseCIDR - unsafe routes")
self.wormhole.passMessageObject(msg, identifier: "nebula")
return completionHandler(err)
return completionHandler(err!)
}
routes.append(NEIPv4Route(destinationAddress: ipNet!.network, subnetMask: ipNet!.maskCIDR))
}
tunnelNetworkSettings.ipv4Settings!.includedRoutes = routes
tunnelNetworkSettings.mtu = _site.mtu as NSNumber
if !_site.dnsResolvers.isEmpty {
let dnsSettings = NEDNSSettings(servers: _site.dnsResolvers)
tunnelNetworkSettings.dnsSettings = dnsSettings
}
wormhole.listenForMessage(withIdentifier: "app", listener: self.wormholeListener)
self.setTunnelNetworkSettings(tunnelNetworkSettings, completionHandler: {(error:Error?) in
if (error != nil) {
let msg = IPCMessage(id: _site.id, type: "error", message: error?.localizedDescription ?? "Unknown setTunnelNetworkSettings error")
self.wormhole.passMessageObject(msg, identifier: "nebula")
return completionHandler(error)
return completionHandler(error!)
}
var err: NSError?
self.nebula = MobileNebulaNewNebula(String(data: config, encoding: .utf8), key, self.site!.logFile, Int(fileDescriptor), &err)
self.nebula = MobileNebulaNewNebula(String(data: config, encoding: .utf8), key, self.site!.logFile, tunFD, &err)
self.startNetworkMonitor()
if err != nil {
let msg = IPCMessage(id: _site.id, type: "error", message: err?.localizedDescription ?? "Unknown error from go MobileNebula.Main")
self.wormhole.passMessageObject(msg, identifier: "nebula")
return completionHandler(err)
self.log.error("We had an error starting up: \(err, privacy: .public)")
return completionHandler(err!)
}
self.nebula!.start()
self.dnUpdater.updateSingleLoop(site: self.site!, onUpdate: self.handleDNUpdate)
completionHandler(nil)
})
}
private func handleDNUpdate(newSite: Site) {
do {
self.site = newSite
try self.nebula?.reload(String(data: newSite.getConfig(), encoding: .utf8), key: newSite.getKey())
} catch {
self.log.error("Got an error while updating nebula \(error.localizedDescription, privacy: .public)")
}
}
//TODO: Sleep/wake get called aggressively and do nothing to help us here, we should locate why that is and make these work appropriately
// override func sleep(completionHandler: @escaping () -> Void) {
// nebula!.sleep()
// completionHandler()
// }
private func startNetworkMonitor() {
networkMonitor = NWPathMonitor()
networkMonitor!.pathUpdateHandler = self.pathUpdate
networkMonitor!.start(queue: DispatchQueue(label: "NetworkMonitor"))
}
private func stopNetworkMonitor() {
self.networkMonitor?.cancel()
networkMonitor = nil
}
override func stopTunnel(with reason: NEProviderStopReason, completionHandler: @escaping () -> Void) {
nebula?.stop()
networkMonitor?.cancel()
networkMonitor = nil
stopNetworkMonitor()
completionHandler()
}
private func pathUpdate(path: Network.NWPath) {
nebula?.rebind()
let routeDescription = collectAddresses(endpoints: path.gateways)
if routeDescription != cachedRouteDescription {
// Don't bother to rebind if we don't have any gateways
if routeDescription != "" {
nebula?.rebind("network change to: \(routeDescription); from: \(cachedRouteDescription ?? "none")")
}
cachedRouteDescription = routeDescription
}
}
private func wormholeListener(msg: Any?) {
guard let call = msg as? IPCRequest else {
log("Failed to decode IPCRequest from network extension")
private func collectAddresses(endpoints: [Network.NWEndpoint]) -> String {
var str: [String] = []
endpoints.forEach{ endpoint in
switch endpoint {
case let .hostPort(.ipv6(host), port):
str.append("[\(host)]:\(port)")
case let .hostPort(.ipv4(host), port):
str.append("\(host):\(port)")
default:
return
}
}
return str.sorted().joined(separator: ", ")
}
override func handleAppMessage(_ data: Data, completionHandler: ((Data?) -> Void)? = nil) {
guard let call = try? JSONDecoder().decode(IPCRequest.self, from: data) else {
log.error("Failed to decode IPCRequest from network extension")
return
}
var error: Error?
var data: Any?
var data: JSON?
// start command has special treatment due to needing to call two completers
if call.command == "start" {
self.start() { error in
// Notify the UI if we have a completionHandler
if completionHandler != nil {
if error == nil {
// No response data, this is expected on a clean start
completionHandler!(try? JSONEncoder().encode(IPCResponse.init(type: .success, message: nil)))
} else {
// We failed, notify and shutdown
completionHandler!(try? JSONEncoder().encode(IPCResponse.init(type: .error, message: JSON(error!.localizedDescription))))
self.cancelTunnelWithError(error)
}
}
}
return
}
if nebula == nil {
// Respond with an empty success message in the event a command comes in before we've truly started
log.warning("Received command but do not have a nebula instance")
return completionHandler!(try? JSONEncoder().encode(IPCResponse.init(type: .success, message: nil)))
}
//TODO: try catch over all this
switch call.type {
switch call.command {
case "listHostmap": (data, error) = listHostmap(pending: false)
case "listPendingHostmap": (data, error) = listHostmap(pending: true)
case "getHostInfo": (data, error) = getHostInfo(args: call.arguments!)
@ -138,37 +208,69 @@ class PacketTunnelProvider: NEPacketTunnelProvider {
case "closeTunnel": (data, error) = closeTunnel(args: call.arguments!)
default:
error = "Unknown IPC message type \(call.type)"
error = "Unknown IPC message type \(call.command)"
}
if (error != nil) {
self.wormhole.passMessageObject(IPCMessage(id: "", type: "error", message: error!.localizedDescription), identifier: call.callbackId)
completionHandler!(try? JSONEncoder().encode(IPCResponse.init(type: .error, message: JSON(error?.localizedDescription ?? "Unknown error"))))
} else {
self.wormhole.passMessageObject(IPCMessage(id: "", type: "success", message: data), identifier: call.callbackId)
completionHandler!(try? JSONEncoder().encode(IPCResponse.init(type: .success, message: data)))
}
}
private func listHostmap(pending: Bool) -> (String?, Error?) {
private func listHostmap(pending: Bool) -> (JSON?, Error?) {
var err: NSError?
let res = nebula!.listHostmap(pending, error: &err)
return (res, err)
return (JSON(res), err)
}
private func getHostInfo(args: Dictionary<String, Any>) -> (String?, Error?) {
private func getHostInfo(args: JSON) -> (JSON?, Error?) {
var err: NSError?
let res = nebula!.getHostInfo(byVpnIp: args["vpnIp"] as? String, pending: args["pending"] as! Bool, error: &err)
return (res, err)
let res = nebula!.getHostInfo(byVpnIp: args["vpnIp"].string, pending: args["pending"].boolValue, error: &err)
return (JSON(res), err)
}
private func setRemoteForTunnel(args: Dictionary<String, Any>) -> (String?, Error?) {
private func setRemoteForTunnel(args: JSON) -> (JSON?, Error?) {
var err: NSError?
let res = nebula!.setRemoteForTunnel(args["vpnIp"] as? String, addr: args["addr"] as? String, error: &err)
return (res, err)
let res = nebula!.setRemoteForTunnel(args["vpnIp"].string, addr: args["addr"].string, error: &err)
return (JSON(res), err)
}
private func closeTunnel(args: Dictionary<String, Any>) -> (Bool?, Error?) {
let res = nebula!.closeTunnel(args["vpnIp"] as? String)
return (res, nil)
private func closeTunnel(args: JSON) -> (JSON?, Error?) {
let res = nebula!.closeTunnel(args["vpnIp"].string)
return (JSON(res), nil)
}
private var tunnelFileDescriptor: Int32? {
var ctlInfo = ctl_info()
withUnsafeMutablePointer(to: &ctlInfo.ctl_name) {
$0.withMemoryRebound(to: CChar.self, capacity: MemoryLayout.size(ofValue: $0.pointee)) {
_ = strcpy($0, "com.apple.net.utun_control")
}
}
for fd: Int32 in 0...1024 {
var addr = sockaddr_ctl()
var ret: Int32 = -1
var len = socklen_t(MemoryLayout.size(ofValue: addr))
withUnsafeMutablePointer(to: &addr) {
$0.withMemoryRebound(to: sockaddr.self, capacity: 1) {
ret = getpeername(fd, $0, &len)
}
}
if ret != 0 || addr.sc_family != AF_SYSTEM {
continue
}
if ctlInfo.ctl_id == 0 {
ret = ioctl(fd, CTLIOCGINFO, &ctlInfo)
if ret != 0 {
continue
}
}
if addr.sc_id == ctlInfo.ctl_id {
return fd
}
}
return nil
}
}

369
ios/NebulaNetworkExtension/Site.swift
View File

@ -1,58 +1,36 @@
import NetworkExtension
import MobileNebula
import SwiftyJSON
extension String: Error {}
class IPCMessage: NSObject, NSCoding {
var id: String
var type: String
var message: Any?
func encode(with aCoder: NSCoder) {
aCoder.encode(id, forKey: "id")
aCoder.encode(type, forKey: "type")
aCoder.encode(message, forKey: "message")
}
enum IPCResponseType: String, Codable {
case error = "error"
case success = "success"
}
required init(coder aDecoder: NSCoder) {
id = aDecoder.decodeObject(forKey: "id") as! String
type = aDecoder.decodeObject(forKey: "type") as! String
message = aDecoder.decodeObject(forKey: "message") as Any?
}
init(id: String, type: String, message: Any) {
self.id = id
class IPCResponse: Codable {
var type: IPCResponseType
//TODO: change message to data?
var message: JSON?
init(type: IPCResponseType, message: JSON?) {
self.type = type
self.message = message
}
}
class IPCRequest: NSObject, NSCoding {
var type: String
var callbackId: String
var arguments: Dictionary<String, Any>?
func encode(with aCoder: NSCoder) {
aCoder.encode(type, forKey: "type")
aCoder.encode(arguments, forKey: "arguments")
aCoder.encode(callbackId, forKey: "callbackId")
}
required init(coder aDecoder: NSCoder) {
callbackId = aDecoder.decodeObject(forKey: "callbackId") as! String
type = aDecoder.decodeObject(forKey: "type") as! String
arguments = aDecoder.decodeObject(forKey: "arguments") as? Dictionary<String, Any>
}
init(callbackId: String, type: String, arguments: Dictionary<String, Any>?) {
self.callbackId = callbackId
self.type = type
class IPCRequest: Codable {
var command: String
var arguments: JSON?
init(command: String, arguments: JSON?) {
self.command = command
self.arguments = arguments
}
init(callbackId: String, type: String) {
self.callbackId = callbackId
self.type = type
init(command: String) {
self.command = command
}
}
@ -60,7 +38,7 @@ struct CertificateInfo: Codable {
var cert: Certificate
var rawCert: String
var validity: CertificateValidity
enum CodingKeys: String, CodingKey {
case cert = "Cert"
case rawCert = "RawCert"
@ -72,8 +50,8 @@ struct Certificate: Codable {
var fingerprint: String
var signature: String
var details: CertificateDetails
/// An empty initilizer to make error reporting easier
/// An empty initializer to make error reporting easier
init() {
fingerprint = ""
signature = ""
@ -91,8 +69,8 @@ struct CertificateDetails: Codable {
var subnets: [String]
var isCa: Bool
var issuer: String
/// An empty initilizer to make error reporting easier
/// An empty initializer to make error reporting easier
init() {
name = ""
notBefore = ""
@ -109,7 +87,7 @@ struct CertificateDetails: Codable {
struct CertificateValidity: Codable {
var valid: Bool
var reason: String
enum CodingKeys: String, CodingKey {
case valid = "Valid"
case reason = "Reason"
@ -119,7 +97,7 @@ struct CertificateValidity: Codable {
let statusMap: Dictionary<NEVPNStatus, Bool> = [
NEVPNStatus.invalid: false,
NEVPNStatus.disconnected: false,
NEVPNStatus.connecting: true,
NEVPNStatus.connecting: false,
NEVPNStatus.connected: true,
NEVPNStatus.reasserting: true,
NEVPNStatus.disconnecting: true,
@ -135,14 +113,15 @@ let statusString: Dictionary<NEVPNStatus, String> = [
]
// Represents a site that was pulled out of the system configuration
struct Site: Codable {
class Site: Codable {
// Stored in manager
var name: String
var id: String
// Stored in proto
var staticHostmap: Dictionary<String, StaticHosts>
var unsafeRoutes: [UnsafeRoute]
var dnsResolvers: [String]
var cert: CertificateInfo?
var ca: [CertificateInfo]
var lhDuration: Int
@ -151,18 +130,26 @@ struct Site: Codable {
var cipher: String
var sortKey: Int
var logVerbosity: String
var connected: Bool?
var connected: Bool? //TODO: active is a better name
var status: String?
var logFile: String?
var managed: Bool
// The following fields are present if managed = true
var lastManagedUpdate: String?
var rawConfig: String?
/// If true then this site needs to be migrated to the filesystem. Should be handled by the initiator of the site
var needsToMigrateToFS: Bool = false
// A list of error encountered when trying to rehydrate a site from config
var errors: [String]
// We initialize to avoid an error with Codable, there is probably a better way since manager must be present for a Site but is not codable
var manager: NETunnelProviderManager = NETunnelProviderManager()
// Creates a new site from a vpn manager instance
init(manager: NETunnelProviderManager) throws {
var manager: NETunnelProviderManager?
var incomingSite: IncomingSite?
/// Creates a new site from a vpn manager instance. Mainly used by the UI. A manager is required to be able to edit the system profile
convenience init(manager: NETunnelProviderManager) throws {
//TODO: Throw an error and have Sites delete the site, notify the user instead of using !
let proto = manager.protocolConfiguration as! NETunnelProviderProtocol
try self.init(proto: proto)
@ -170,33 +157,64 @@ struct Site: Codable {
self.connected = statusMap[manager.connection.status]
self.status = statusString[manager.connection.status]
}
init(proto: NETunnelProviderProtocol) throws {
convenience init(proto: NETunnelProviderProtocol) throws {
let dict = proto.providerConfiguration
let config = dict?["config"] as? Data ?? Data()
if dict?["config"] != nil {
let config = dict?["config"] as? Data ?? Data()
let decoder = JSONDecoder()
let incoming = try decoder.decode(IncomingSite.self, from: config)
self.init(incoming: incoming)
self.needsToMigrateToFS = true
return
}
let id = dict?["id"] as? String ?? nil
if id == nil {
throw("Non-conforming site \(String(describing: dict))")
}
try self.init(path: SiteList.getSiteConfigFile(id: id!, createDir: false))
}
/// Creates a new site from a path on the filesystem. Mainly ussed by the VPN process or when in simulator where we lack a NEVPNManager
convenience init(path: URL) throws {
let config = try Data(contentsOf: path)
let decoder = JSONDecoder()
let incoming = try decoder.decode(IncomingSite.self, from: config)
self.init(incoming: incoming)
}
init(incoming: IncomingSite) {
var err: NSError?
incomingSite = incoming
errors = []
name = incoming.name
id = incoming.id
staticHostmap = incoming.staticHostmap
unsafeRoutes = incoming.unsafeRoutes ?? []
dnsResolvers = incoming.dnsResolvers ?? []
lhDuration = incoming.lhDuration
port = incoming.port
cipher = incoming.cipher
sortKey = incoming.sortKey ?? 0
logVerbosity = incoming.logVerbosity ?? "info"
mtu = incoming.mtu ?? 1300
managed = incoming.managed ?? false
lastManagedUpdate = incoming.lastManagedUpdate
rawConfig = incoming.rawConfig
do {
let rawCert = incoming.cert
let rawDetails = MobileNebulaParseCerts(rawCert, &err)
if (err != nil) {
throw err!
}
var certs: [CertificateInfo]
certs = try JSONDecoder().decode([CertificateInfo].self, from: rawDetails.data(using: .utf8)!)
if (certs.count == 0) {
throw "No certificate found"
@ -205,11 +223,11 @@ struct Site: Codable {
if (!cert!.validity.valid) {
errors.append("Certificate is invalid: \(cert!.validity.reason)")
}
} catch {
errors.append("Error while loading certificate: \(error.localizedDescription)")
}
do {
let rawCa = incoming.ca
let rawCaDetails = MobileNebulaParseCerts(rawCa, &err)
@ -217,31 +235,34 @@ struct Site: Codable {
throw err!
}
ca = try JSONDecoder().decode([CertificateInfo].self, from: rawCaDetails.data(using: .utf8)!)
var hasErrors = false
ca.forEach { cert in
if (!cert.validity.valid) {
hasErrors = true
}
}
if (hasErrors) {
if (hasErrors && !managed) {
errors.append("There are issues with 1 or more ca certificates")
}
} catch {
ca = []
errors.append("Error while loading certificate authorities: \(error.localizedDescription)")
}
lhDuration = incoming.lhDuration
port = incoming.port
cipher = incoming.cipher
sortKey = incoming.sortKey ?? 0
logVerbosity = incoming.logVerbosity ?? "info"
mtu = incoming.mtu ?? 1300
logFile = FileManager.default.containerURL(forSecurityApplicationGroupIdentifier: "group.net.defined.mobileNebula")?.appendingPathComponent(id).appendingPathExtension("log").path
do {
logFile = try SiteList.getSiteLogFile(id: self.id, createDir: true).path
} catch {
logFile = nil
errors.append("Unable to create the site directory: \(error.localizedDescription)")
}
if (managed && (try? getDNCredentials())?.invalid != false) {
errors.append("Unable to fetch managed updates - please re-enroll the device")
}
if (errors.isEmpty) {
do {
let encoder = JSONEncoder()
@ -249,6 +270,7 @@ struct Site: Codable {
let key = try getKey()
let strConfig = String(data: rawConfig, encoding: .utf8)
var err: NSError?
MobileNebulaTestConfig(strConfig, key, &err)
if (err != nil) {
throw err!
@ -258,17 +280,53 @@ struct Site: Codable {
}
}
}
// Gets the private key from the keystore, we don't always need it in memory
func getKey() throws -> String {
guard let keyData = KeyChain.load(key: "\(id).key") else {
throw "failed to get key material from keychain"
throw "failed to get key from keychain"
}
//TODO: make sure this is valid on return!
return String(decoding: keyData, as: UTF8.self)
}
func getDNCredentials() throws -> DNCredentials {
if (!managed) {
throw "unmanaged site has no dn credentials"
}
let rawDNCredentials = KeyChain.load(key: "\(id).dnCredentials")
if rawDNCredentials == nil {
throw "failed to find dn credentials in keychain"
}
let decoder = JSONDecoder()
return try decoder.decode(DNCredentials.self, from: rawDNCredentials!)
}
func invalidateDNCredentials() throws {
let creds = try getDNCredentials()
creds.invalid = true
if (!(try creds.save(siteID: self.id))) {
throw "failed to store dn credentials in keychain"
}
}
func validateDNCredentials() throws {
let creds = try getDNCredentials()
creds.invalid = false
if (!(try creds.save(siteID: self.id))) {
throw "failed to store dn credentials in keychain"
}
}
func getConfig() throws -> Data {
return try self.incomingSite!.getConfig()
}
// Limits what we export to the UI
private enum CodingKeys: String, CodingKey {
case name
@ -284,9 +342,13 @@ struct Site: Codable {
case status
case logFile
case unsafeRoutes
case dnsResolvers
case logVerbosity
case errors
case mtu
case managed
case lastManagedUpdate
case rawConfig
}
}
@ -301,12 +363,41 @@ class UnsafeRoute: Codable {
var mtu: Int?
}
class DNCredentials: Codable {
var hostID: String
var privateKey: String
var counter: Int
var trustedKeys: String
var invalid: Bool {
get { return _invalid ?? false }
set { _invalid = newValue }
}
private var _invalid: Bool?
func save(siteID: String) throws -> Bool {
let encoder = JSONEncoder()
let rawDNCredentials = try encoder.encode(self)
return KeyChain.save(key: "\(siteID).dnCredentials", data: rawDNCredentials, managed: true)
}
enum CodingKeys: String, CodingKey {
case hostID
case privateKey
case counter
case trustedKeys
case _invalid = "invalid"
}
}
// This class represents a site coming in from flutter, meant only to be saved and re-loaded as a proper Site
struct IncomingSite: Codable {
var name: String
var id: String
var staticHostmap: Dictionary<String, StaticHosts>
var unsafeRoutes: [UnsafeRoute]?
vat dnsResolvers: [String]?
var cert: String
var ca: String
var lhDuration: Int
@ -316,76 +407,98 @@ struct IncomingSite: Codable {
var sortKey: Int?
var logVerbosity: String?
var key: String?
func save(manager: NETunnelProviderManager?, callback: @escaping (Error?) -> ()) {
#if targetEnvironment(simulator)
let fileManager = FileManager.default
let sitePath = fileManager.urls(for: .documentDirectory, in: .userDomainMask)[0].appendingPathComponent("sites").appendingPathComponent(self.id)
var managed: Bool?
// The following fields are present if managed = true
var dnCredentials: DNCredentials?
var lastManagedUpdate: String?
var rawConfig: String?
func getConfig() throws -> Data {
let encoder = JSONEncoder()
var config = self
config.key = nil
config.dnCredentials = nil
return try encoder.encode(config)
}
func save(manager: NETunnelProviderManager?, saveToManager: Bool = true, callback: @escaping (Error?) -> ()) {
let configPath: URL
do {
var config = self
config.key = nil
let rawConfig = try encoder.encode(config)
try rawConfig.write(to: sitePath)
configPath = try SiteList.getSiteConfigFile(id: self.id, createDir: true)
} catch {
callback(error)
return
}
print("Saving to \(configPath)")
do {
if (self.key != nil) {
let data = self.key!.data(using: .utf8)
if (!KeyChain.save(key: "\(self.id).key", data: data!, managed: self.managed ?? false)) {
return callback("failed to store key material in keychain")
}
}
do {
if ((try self.dnCredentials?.save(siteID: self.id)) == false) {
return callback("failed to store dn credentials in keychain")
}
} catch {
return callback(error)
}
try self.getConfig().write(to: configPath)
} catch {
return callback(error)
}
#if targetEnvironment(simulator)
// We are on a simulator and there is no NEVPNManager for us to interact with
callback(nil)
#else
if saveToManager {
self.saveToManager(manager: manager, callback: callback)
} else {
callback(nil)
}
#endif
}
private func saveToManager(manager: NETunnelProviderManager?, callback: @escaping (Error?) -> ()) {
if (manager != nil) {
// We need to refresh our settings to properly update config
manager?.loadFromPreferences { error in
if (error != nil) {
return callback(error)
}
return self.finish(manager: manager!, callback: callback)
return self.finishSaveToManager(manager: manager!, callback: callback)
}
return
}
return finish(manager: NETunnelProviderManager(), callback: callback)
#endif
}
private func finish(manager: NETunnelProviderManager, callback: @escaping (Error?) -> ()) {
var config = self
// Store the private key if it was provided
if (config.key != nil) {
//TODO: should we ensure the resulting data is big enough? (conversion didn't fail)
let data = config.key!.data(using: .utf8)
if (!KeyChain.save(key: "\(config.id).key", data: data!)) {
return callback("failed to store key material in keychain")
}
}
// Zero out the key so that we don't save it in the profile
config.key = nil
return finishSaveToManager(manager: NETunnelProviderManager(), callback: callback)
}
private func finishSaveToManager(manager: NETunnelProviderManager, callback: @escaping (Error?) -> ()) {
// Stuff our details in the protocol
let proto = manager.protocolConfiguration as? NETunnelProviderProtocol ?? NETunnelProviderProtocol()
let encoder = JSONEncoder()
let rawConfig: Data
// We tried using NSSecureCoder but that was obnoxious and didn't work so back to JSON
do {
rawConfig = try encoder.encode(config)
} catch {
return callback(error)
}
proto.providerConfiguration = ["config": rawConfig]
proto.providerConfiguration = ["id": self.id]
proto.serverAddress = "Nebula"
// Finish up the manager, this is what stores everything at the system level
manager.protocolConfiguration = proto
//TODO: cert name? manager.protocolConfiguration?.username
//TODO: This is what is shown on the vpn page. We should add more identifying details in
manager.localizedDescription = config.name
manager.localizedDescription = self.name
manager.isEnabled = true
manager.saveToPreferences{ error in

140
ios/NebulaNetworkExtension/SiteList.swift Normal file
View File

@ -0,0 +1,140 @@
import NetworkExtension
class SiteList {
private var sites = [String: Site]()
/// Gets the root directory that can be used to share files between the UI and VPN process. Does ensure the directory exists
static func getRootDir() throws -> URL {
let fileManager = FileManager.default
let rootDir = fileManager.containerURL(forSecurityApplicationGroupIdentifier: "group.net.defined.mobileNebula")!
if (!fileManager.fileExists(atPath: rootDir.absoluteString)) {
try fileManager.createDirectory(at: rootDir, withIntermediateDirectories: true)
}
return rootDir
}
/// Gets the directory where all sites live, $rootDir/sites. Does ensure the directory exists
static func getSitesDir() throws -> URL {
let fileManager = FileManager.default
let sitesDir = try getRootDir().appendingPathComponent("sites", isDirectory: true)
if (!fileManager.fileExists(atPath: sitesDir.absoluteString)) {
try fileManager.createDirectory(at: sitesDir, withIntermediateDirectories: true)
}
return sitesDir
}
/// Gets the directory where a single site would live, $rootDir/sites/$siteID
static func getSiteDir(id: String, create: Bool = false) throws -> URL {
let fileManager = FileManager.default
let siteDir = try getSitesDir().appendingPathComponent(id, isDirectory: true)
if (create && !fileManager.fileExists(atPath: siteDir.absoluteString)) {
try fileManager.createDirectory(at: siteDir, withIntermediateDirectories: true)
}
return siteDir
}
/// Gets the file that represents the site configuration, $rootDir/sites/$siteID/config.json
static func getSiteConfigFile(id: String, createDir: Bool) throws -> URL {
return try getSiteDir(id: id, create: createDir).appendingPathComponent("config", isDirectory: false).appendingPathExtension("json")
}
/// Gets the file that represents the site log output, $rootDir/sites/$siteID/log
static func getSiteLogFile(id: String, createDir: Bool) throws -> URL {
return try getSiteDir(id: id, create: createDir).appendingPathComponent("logs", isDirectory: false)
}
init(completion: @escaping ([String: Site]?, Error?) -> ()) {
#if targetEnvironment(simulator)
SiteList.loadAllFromFS { sites, err in
if sites != nil {
self.sites = sites!
}
completion(sites, err)
}
#else
SiteList.loadAllFromNETPM { sites, err in
if sites != nil {
self.sites = sites!
}
completion(sites, err)
}
#endif
}
private static func loadAllFromFS(completion: @escaping ([String: Site]?, Error?) -> ()) {
let fileManager = FileManager.default
var siteDirs: [URL]
var sites = [String: Site]()
do {
siteDirs = try fileManager.contentsOfDirectory(at: getSitesDir(), includingPropertiesForKeys: nil)
} catch {
completion(nil, error)
return
}
siteDirs.forEach { path in
do {
let site = try Site(path: path.appendingPathComponent("config").appendingPathExtension("json"))
sites[site.id] = site
} catch {
print(error)
try? fileManager.removeItem(at: path)
print("Deleted non conforming site \(path)")
}
}
completion(sites, nil)
}
private static func loadAllFromNETPM(completion: @escaping ([String: Site]?, Error?) -> ()) {
var sites = [String: Site]()
// dispatchGroup is used to ensure we have migrated all sites before returning them
// If there are no sites to migrate, there are never any entrants
let dispatchGroup = DispatchGroup()
NETunnelProviderManager.loadAllFromPreferences() { newManagers, err in
if (err != nil) {
return completion(nil, err)
}
newManagers?.forEach { manager in
do {
let site = try Site(manager: manager)
if site.needsToMigrateToFS {
dispatchGroup.enter()
site.incomingSite?.save(manager: manager) { error in
if error != nil {
print("Error while migrating site to fs: \(error!.localizedDescription)")
}
print("Migrated site to fs: \(site.name)")
site.needsToMigrateToFS = false
dispatchGroup.leave()
}
}
sites[site.id] = site
} catch {
//TODO: notify the user about this
print("Deleted non conforming site \(manager) \(error)")
manager.removeFromPreferences()
//TODO: delete from disk, we need to try and discover the site id though
}
}
dispatchGroup.notify(queue: .main) {
completion(sites, nil)
}
}
}
func getSites() -> [String: Site] {
return sites
}
}

16
ios/Podfile
View File

@ -32,15 +32,25 @@ target 'Runner' do
use_modular_headers!
flutter_install_all_ios_pods File.dirname(File.realpath(__FILE__))
pod 'MMWormhole', '~> 2.0.0'
pod 'SwiftyJSON', '~> 5.0'
end
target 'NebulaNetworkExtension' do
use_frameworks!
pod 'MMWormhole', '~> 2.0.0'
use_frameworks!
pod 'SwiftyJSON', '~> 5.0'
end
post_install do |installer|
installer.generated_projects.each do |project|
project.targets.each do |target|
target.build_configurations.each do |config|
if Gem::Version.new('11.0') > Gem::Version.new(config.build_settings['IPHONEOS_DEPLOYMENT_TARGET'])
config.build_settings['IPHONEOS_DEPLOYMENT_TARGET'] = '11.0'
end
end
end
end
installer.pods_project.targets.each do |target|
flutter_additional_ios_build_settings(target)
end

123
ios/Podfile.lock
View File

@ -1,112 +1,103 @@
PODS:
- barcode_scan (0.0.1):
- Flutter
- MTBBarcodeScanner
- SwiftProtobuf
- DKImagePickerController/Core (4.3.0):
- DKImagePickerController/Core (4.3.4):
- DKImagePickerController/ImageDataManager
- DKImagePickerController/Resource
- DKImagePickerController/ImageDataManager (4.3.0)
- DKImagePickerController/PhotoGallery (4.3.0):
- DKImagePickerController/ImageDataManager (4.3.4)
- DKImagePickerController/PhotoGallery (4.3.4):
- DKImagePickerController/Core
- DKPhotoGallery
- DKImagePickerController/Resource (4.3.0)
- DKPhotoGallery (0.0.15):
- DKPhotoGallery/Core (= 0.0.15)
- DKPhotoGallery/Model (= 0.0.15)
- DKPhotoGallery/Preview (= 0.0.15)
- DKPhotoGallery/Resource (= 0.0.15)
- DKImagePickerController/Resource (4.3.4)
- DKPhotoGallery (0.0.17):
- DKPhotoGallery/Core (= 0.0.17)
- DKPhotoGallery/Model (= 0.0.17)
- DKPhotoGallery/Preview (= 0.0.17)
- DKPhotoGallery/Resource (= 0.0.17)
- SDWebImage
- SDWebImageFLPlugin
- DKPhotoGallery/Core (0.0.15):
- SwiftyGif
- DKPhotoGallery/Core (0.0.17):
- DKPhotoGallery/Model
- DKPhotoGallery/Preview
- SDWebImage
- SDWebImageFLPlugin
- DKPhotoGallery/Model (0.0.15):
- SwiftyGif
- DKPhotoGallery/Model (0.0.17):
- SDWebImage
- SDWebImageFLPlugin
- DKPhotoGallery/Preview (0.0.15):
- SwiftyGif
- DKPhotoGallery/Preview (0.0.17):
- DKPhotoGallery/Model
- DKPhotoGallery/Resource
- SDWebImage
- SDWebImageFLPlugin
- DKPhotoGallery/Resource (0.0.15):
- SwiftyGif
- DKPhotoGallery/Resource (0.0.17):
- SDWebImage
- SDWebImageFLPlugin
- SwiftyGif
- file_picker (0.0.1):
- DKImagePickerController/PhotoGallery
- Flutter
- FLAnimatedImage (1.0.12)
- Flutter (1.0.0)
- MMWormhole (2.0.0):
- MMWormhole/Core (= 2.0.0)
- MMWormhole/Core (2.0.0)
- MTBBarcodeScanner (5.0.11)
- flutter_barcode_scanner (2.0.0):
- Flutter
- package_info (0.0.1):
- Flutter
- path_provider (0.0.1):
- path_provider_ios (0.0.1):
- Flutter
- SDWebImage (5.8.0):
- SDWebImage/Core (= 5.8.0)
- SDWebImage/Core (5.8.0)
- SDWebImageFLPlugin (0.4.0):
- FLAnimatedImage (>= 1.0.11)
- SDWebImage/Core (~> 5.6)
- SwiftProtobuf (1.8.0)
- url_launcher (0.0.1):
- SDWebImage (5.15.5):
- SDWebImage/Core (= 5.15.5)
- SDWebImage/Core (5.15.5)
- share_plus (0.0.1):
- Flutter
- SwiftyGif (5.4.4)
- SwiftyJSON (5.0.1)
- url_launcher_ios (0.0.1):
- Flutter
DEPENDENCIES:
- barcode_scan (from `.symlinks/plugins/barcode_scan/ios`)
- file_picker (from `.symlinks/plugins/file_picker/ios`)
- Flutter (from `Flutter`)
- MMWormhole (~> 2.0.0)
- flutter_barcode_scanner (from `.symlinks/plugins/flutter_barcode_scanner/ios`)
- package_info (from `.symlinks/plugins/package_info/ios`)
- path_provider (from `.symlinks/plugins/path_provider/ios`)
- url_launcher (from `.symlinks/plugins/url_launcher/ios`)
- path_provider_ios (from `.symlinks/plugins/path_provider_ios/ios`)
- share_plus (from `.symlinks/plugins/share_plus/ios`)
- SwiftyJSON (~> 5.0)
- url_launcher_ios (from `.symlinks/plugins/url_launcher_ios/ios`)
SPEC REPOS:
trunk:
- DKImagePickerController
- DKPhotoGallery
- FLAnimatedImage
- MMWormhole
- MTBBarcodeScanner
- SDWebImage
- SDWebImageFLPlugin
- SwiftProtobuf
- SwiftyGif
- SwiftyJSON
EXTERNAL SOURCES:
barcode_scan:
:path: ".symlinks/plugins/barcode_scan/ios"
file_picker:
:path: ".symlinks/plugins/file_picker/ios"
Flutter:
:path: Flutter
flutter_barcode_scanner:
:path: ".symlinks/plugins/flutter_barcode_scanner/ios"
package_info:
:path: ".symlinks/plugins/package_info/ios"
path_provider:
:path: ".symlinks/plugins/path_provider/ios"
url_launcher:
:path: ".symlinks/plugins/url_launcher/ios"
path_provider_ios:
:path: ".symlinks/plugins/path_provider_ios/ios"
share_plus:
:path: ".symlinks/plugins/share_plus/ios"
url_launcher_ios:
:path: ".symlinks/plugins/url_launcher_ios/ios"
SPEC CHECKSUMS:
barcode_scan: a5c27959edfafaa0c771905bad0b29d6d39e4479
DKImagePickerController: 397702a3590d4958fad336e9a77079935c500ddb
DKPhotoGallery: e880aef16c108333240e1e7327896f2ea380f4f0
file_picker: 3e6c3790de664ccf9b882732d9db5eaf6b8d4eb1
FLAnimatedImage: 4a0b56255d9b05f18b6dd7ee06871be5d3b89e31
Flutter: 0e3d915762c693b495b44d77113d4970485de6ec
MMWormhole: 0cd3fd35a9118b2e2d762b499f54eeaace0be791
MTBBarcodeScanner: f453b33c4b7dfe545d8c6484ed744d55671788cb
DKImagePickerController: b512c28220a2b8ac7419f21c491fc8534b7601ac
DKPhotoGallery: fdfad5125a9fdda9cc57df834d49df790dbb4179
file_picker: 817ab1d8cd2da9d2da412a417162deee3500fc95
Flutter: f04841e97a9d0b0a8025694d0796dd46242b2854
flutter_barcode_scanner: 7a1144744c28dc0c57a8de7218ffe5ec59a9e4bf
package_info: 873975fc26034f0b863a300ad47e7f1ac6c7ec62
path_provider: abfe2b5c733d04e238b0d8691db0cfd63a27a93c
SDWebImage: 84000f962cbfa70c07f19d2234cbfcf5d779b5dc
SDWebImageFLPlugin: 6c2295fb1242d44467c6c87dc5db6b0a13228fd8
SwiftProtobuf: 2cbd9409689b7df170d82a92a33443c8e3e14a70
url_launcher: 6fef411d543ceb26efce54b05a0a40bfd74cbbef
path_provider_ios: 7d7ce634493af4477d156294792024ec3485acd5
SDWebImage: fd7e1a22f00303e058058278639bf6196ee431fe
share_plus: 056a1e8ac890df3e33cb503afffaf1e9b4fbae68
SwiftyGif: 93a1cc87bf3a51916001cf8f3d63835fb64c819f
SwiftyJSON: 2f33a42c6fbc52764d96f13368585094bfd8aa5e
url_launcher_ios: 02f1989d4e14e998335b02b67a7590fa34f971af
PODFILE CHECKSUM: e8d4fb1ed5b0713de2623a28dfae2585e15c0d00
PODFILE CHECKSUM: b4b37a776e1b487bf31fc5e5014fa5a74f5a022a
COCOAPODS: 1.9.0
COCOAPODS: 1.11.3

245
ios/Runner.xcodeproj/project.pbxproj
View File

@ -3,30 +3,37 @@
archiveVersion = 1;
classes = {
};
objectVersion = 46;
objectVersion = 52;
objects = {
/* Begin PBXBuildFile section */
1498D2341E8E89220040F4C2 /* GeneratedPluginRegistrant.m in Sources */ = {isa = PBXBuildFile; fileRef = 1498D2331E8E89220040F4C2 /* GeneratedPluginRegistrant.m */; };
3B3967161E833CAA004F5970 /* AppFrameworkInfo.plist in Resources */ = {isa = PBXBuildFile; fileRef = 3B3967151E833CAA004F5970 /* AppFrameworkInfo.plist */; };
432D0E3E291C562200752563 /* SiteList.swift in Sources */ = {isa = PBXBuildFile; fileRef = 432D0E3D291C562200752563 /* SiteList.swift */; };
432D0E3F291C562200752563 /* SiteList.swift in Sources */ = {isa = PBXBuildFile; fileRef = 432D0E3D291C562200752563 /* SiteList.swift */; };
43498725289B484C00476B19 /* MobileNebula.xcframework in Frameworks */ = {isa = PBXBuildFile; fileRef = 43498724289B484C00476B19 /* MobileNebula.xcframework */; };
43498726289B484C00476B19 /* MobileNebula.xcframework in Frameworks */ = {isa = PBXBuildFile; fileRef = 43498724289B484C00476B19 /* MobileNebula.xcframework */; };
437F72592469AAC500A0C4B9 /* Site.swift in Sources */ = {isa = PBXBuildFile; fileRef = 437F72582469AAC500A0C4B9 /* Site.swift */; };
437F725E2469AC5700A0C4B9 /* Keychain.swift in Sources */ = {isa = PBXBuildFile; fileRef = 437F725C2469AC5700A0C4B9 /* Keychain.swift */; };
437F725F2469B4B000A0C4B9 /* Site.swift in Sources */ = {isa = PBXBuildFile; fileRef = 437F72582469AAC500A0C4B9 /* Site.swift */; };
437F72602469B4B300A0C4B9 /* Keychain.swift in Sources */ = {isa = PBXBuildFile; fileRef = 437F725C2469AC5700A0C4B9 /* Keychain.swift */; };
43871C9B2444DD39004F9075 /* MobileNebula.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 43871C9A2444DD39004F9075 /* MobileNebula.framework */; };
43871C9D2444E2EC004F9075 /* Sites.swift in Sources */ = {isa = PBXBuildFile; fileRef = 43871C9C2444E2EC004F9075 /* Sites.swift */; };
43871C9E2444E61F004F9075 /* MobileNebula.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 43871C9A2444DD39004F9075 /* MobileNebula.framework */; };
43AA894F2444D8BC00EDC39C /* NetworkExtension.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 43AA894E2444D8BC00EDC39C /* NetworkExtension.framework */; };
43AA89572444DA6500EDC39C /* PacketTunnelProvider.swift in Sources */ = {isa = PBXBuildFile; fileRef = 43AA89562444DA6500EDC39C /* PacketTunnelProvider.swift */; };
43AA895C2444DA6500EDC39C /* NebulaNetworkExtension.appex in Embed App Extensions */ = {isa = PBXBuildFile; fileRef = 43AA89542444DA6500EDC39C /* NebulaNetworkExtension.appex */; settings = {ATTRIBUTES = (RemoveHeadersOnCopy, ); }; };
43AA89622444DAA500EDC39C /* NetworkExtension.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 43AA894E2444D8BC00EDC39C /* NetworkExtension.framework */; };
43AD63F424EB3802000FB47E /* Share.swift in Sources */ = {isa = PBXBuildFile; fileRef = 43AD63F324EB3802000FB47E /* Share.swift */; };
43ED87842912D0DD004DAFC5 /* DNUpdate.swift in Sources */ = {isa = PBXBuildFile; fileRef = 43ED87832912D0DD004DAFC5 /* DNUpdate.swift */; };
43ED87852912D0DD004DAFC5 /* DNUpdate.swift in Sources */ = {isa = PBXBuildFile; fileRef = 43ED87832912D0DD004DAFC5 /* DNUpdate.swift */; };
4CF2F06A02A63B862C9F6F03 /* Pods_Runner.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 384887B4785D38431E800D3A /* Pods_Runner.framework */; };
74858FAF1ED2DC5600515810 /* AppDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = 74858FAE1ED2DC5600515810 /* AppDelegate.swift */; };
78E28476711DF3A9D186C429 /* Pods_NebulaNetworkExtension.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 8EFDD7248CAE56012FE2608C /* Pods_NebulaNetworkExtension.framework */; };
97C146FC1CF9000F007C117D /* Main.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = 97C146FA1CF9000F007C117D /* Main.storyboard */; };
97C146FE1CF9000F007C117D /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 97C146FD1CF9000F007C117D /* Assets.xcassets */; };
97C147011CF9000F007C117D /* LaunchScreen.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = 97C146FF1CF9000F007C117D /* LaunchScreen.storyboard */; };
BE45F626291AEAB300902884 /* PackageInfo.swift in Sources */ = {isa = PBXBuildFile; fileRef = BE45F625291AEAB300902884 /* PackageInfo.swift */; };
BE5BC106291C41E600B6FE5B /* APIClient.swift in Sources */ = {isa = PBXBuildFile; fileRef = BE5BC105291C41E600B6FE5B /* APIClient.swift */; };
BEC5939E291C502F00709118 /* APIClient.swift in Sources */ = {isa = PBXBuildFile; fileRef = BE5BC105291C41E600B6FE5B /* APIClient.swift */; };
BEC5939F291C503D00709118 /* PackageInfo.swift in Sources */ = {isa = PBXBuildFile; fileRef = BE45F625291AEAB300902884 /* PackageInfo.swift */; };
E91B9DAD4A83866D0AF1DAE1 /* Pods_NebulaNetworkExtension.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 5C0A96949A0B117C4ACE752C /* Pods_NebulaNetworkExtension.framework */; };
/* End PBXBuildFile section */
/* Begin PBXContainerItemProxy section */
@ -64,14 +71,16 @@
/* End PBXCopyFilesBuildPhase section */
/* Begin PBXFileReference section */
137DCAF9F91CD7AF6438A183 /* Pods-NebulaNetworkExtension.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-NebulaNetworkExtension.debug.xcconfig"; path = "Target Support Files/Pods-NebulaNetworkExtension/Pods-NebulaNetworkExtension.debug.xcconfig"; sourceTree = "<group>"; };
1498D2321E8E86230040F4C2 /* GeneratedPluginRegistrant.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = GeneratedPluginRegistrant.h; sourceTree = "<group>"; };
1498D2331E8E89220040F4C2 /* GeneratedPluginRegistrant.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = GeneratedPluginRegistrant.m; sourceTree = "<group>"; };
384887B4785D38431E800D3A /* Pods_Runner.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = Pods_Runner.framework; sourceTree = BUILT_PRODUCTS_DIR; };
3B3967151E833CAA004F5970 /* AppFrameworkInfo.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; name = AppFrameworkInfo.plist; path = Flutter/AppFrameworkInfo.plist; sourceTree = "<group>"; };
41927814D2E140A347A01067 /* Pods-NebulaNetworkExtension.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-NebulaNetworkExtension.debug.xcconfig"; path = "Target Support Files/Pods-NebulaNetworkExtension/Pods-NebulaNetworkExtension.debug.xcconfig"; sourceTree = "<group>"; };
432D0E3D291C562200752563 /* SiteList.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SiteList.swift; sourceTree = "<group>"; };
43498724289B484C00476B19 /* MobileNebula.xcframework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.xcframework; path = MobileNebula.xcframework; sourceTree = SOURCE_ROOT; };
436DE7A226EFF18500BB2950 /* CtlInfo.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = CtlInfo.h; sourceTree = "<group>"; };
437F72582469AAC500A0C4B9 /* Site.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = Site.swift; sourceTree = "<group>"; };
437F725C2469AC5700A0C4B9 /* Keychain.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = Keychain.swift; sourceTree = "<group>"; };
43871C9A2444DD39004F9075 /* MobileNebula.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; path = MobileNebula.framework; sourceTree = "<group>"; };
43871C9C2444E2EC004F9075 /* Sites.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = Sites.swift; sourceTree = "<group>"; };
43AA894C2444D8BC00EDC39C /* Runner.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = Runner.entitlements; sourceTree = "<group>"; };
43AA894E2444D8BC00EDC39C /* NetworkExtension.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = NetworkExtension.framework; path = System/Library/Frameworks/NetworkExtension.framework; sourceTree = SDKROOT; };
@ -79,17 +88,17 @@
43AA89562444DA6500EDC39C /* PacketTunnelProvider.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PacketTunnelProvider.swift; sourceTree = "<group>"; };
43AA89582444DA6500EDC39C /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = "<group>"; };
43AA89592444DA6500EDC39C /* NebulaNetworkExtension.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = NebulaNetworkExtension.entitlements; sourceTree = "<group>"; };
43AD63F324EB3802000FB47E /* Share.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = Share.swift; sourceTree = "<group>"; };
43B66ECA245A0C8400B18C36 /* CoreFoundation.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = CoreFoundation.framework; path = System/Library/Frameworks/CoreFoundation.framework; sourceTree = SDKROOT; };
43B66ECC245A146300B18C36 /* Foundation.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Foundation.framework; path = System/Library/Frameworks/Foundation.framework; sourceTree = SDKROOT; };
43B828DA249C08DC00CA229C /* MMWormhole.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; path = MMWormhole.framework; sourceTree = BUILT_PRODUCTS_DIR; };
43E9BBD0251450C5000BFB8C /* MMWormhole.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; path = MMWormhole.framework; sourceTree = BUILT_PRODUCTS_DIR; };
43ED87832912D0DD004DAFC5 /* DNUpdate.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = DNUpdate.swift; sourceTree = "<group>"; };
53C42258A2092B55937DCF53 /* Pods-NebulaNetworkExtension.profile.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-NebulaNetworkExtension.profile.xcconfig"; path = "Target Support Files/Pods-NebulaNetworkExtension/Pods-NebulaNetworkExtension.profile.xcconfig"; sourceTree = "<group>"; };
5C0A96949A0B117C4ACE752C /* Pods_NebulaNetworkExtension.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = Pods_NebulaNetworkExtension.framework; sourceTree = BUILT_PRODUCTS_DIR; };
6E7A71D8C71BF965D042667D /* Pods-Runner.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-Runner.release.xcconfig"; path = "Target Support Files/Pods-Runner/Pods-Runner.release.xcconfig"; sourceTree = "<group>"; };
74858FAD1ED2DC5600515810 /* Runner-Bridging-Header.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = "Runner-Bridging-Header.h"; sourceTree = "<group>"; };
74858FAE1ED2DC5600515810 /* AppDelegate.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = AppDelegate.swift; sourceTree = "<group>"; };
7AFA3C8E1D35360C0083082E /* Release.xcconfig */ = {isa = PBXFileReference; lastKnownFileType = text.xcconfig; name = Release.xcconfig; path = Flutter/Release.xcconfig; sourceTree = "<group>"; };
8E4961BE2F06B97C8C693530 /* Pods-Runner.profile.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-Runner.profile.xcconfig"; path = "Target Support Files/Pods-Runner/Pods-Runner.profile.xcconfig"; sourceTree = "<group>"; };
8EFDD7248CAE56012FE2608C /* Pods_NebulaNetworkExtension.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = Pods_NebulaNetworkExtension.framework; sourceTree = BUILT_PRODUCTS_DIR; };
9169E2D0D49FAF5172A6E7B8 /* Pods-NebulaNetworkExtension.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-NebulaNetworkExtension.release.xcconfig"; path = "Target Support Files/Pods-NebulaNetworkExtension/Pods-NebulaNetworkExtension.release.xcconfig"; sourceTree = "<group>"; };
9740EEB21CF90195004384FC /* Debug.xcconfig */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xcconfig; name = Debug.xcconfig; path = Flutter/Debug.xcconfig; sourceTree = "<group>"; };
9740EEB31CF90195004384FC /* Generated.xcconfig */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xcconfig; name = Generated.xcconfig; path = Flutter/Generated.xcconfig; sourceTree = "<group>"; };
97C146EE1CF9000F007C117D /* Runner.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = Runner.app; sourceTree = BUILT_PRODUCTS_DIR; };
@ -97,9 +106,9 @@
97C146FD1CF9000F007C117D /* Assets.xcassets */ = {isa = PBXFileReference; lastKnownFileType = folder.assetcatalog; path = Assets.xcassets; sourceTree = "<group>"; };
97C147001CF9000F007C117D /* Base */ = {isa = PBXFileReference; lastKnownFileType = file.storyboard; name = Base; path = Base.lproj/LaunchScreen.storyboard; sourceTree = "<group>"; };
97C147021CF9000F007C117D /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = "<group>"; };
BE45F625291AEAB300902884 /* PackageInfo.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PackageInfo.swift; sourceTree = "<group>"; };
BE5BC105291C41E600B6FE5B /* APIClient.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = APIClient.swift; sourceTree = "<group>"; };
C2D5198CF6975BF93E8A6F93 /* Pods-Runner.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-Runner.debug.xcconfig"; path = "Target Support Files/Pods-Runner/Pods-Runner.debug.xcconfig"; sourceTree = "<group>"; };
E346A0DC829EBFB76D581AAD /* Pods-NebulaNetworkExtension.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-NebulaNetworkExtension.release.xcconfig"; path = "Target Support Files/Pods-NebulaNetworkExtension/Pods-NebulaNetworkExtension.release.xcconfig"; sourceTree = "<group>"; };
FA7B03A7901388BC39329544 /* Pods-NebulaNetworkExtension.profile.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-NebulaNetworkExtension.profile.xcconfig"; path = "Target Support Files/Pods-NebulaNetworkExtension/Pods-NebulaNetworkExtension.profile.xcconfig"; sourceTree = "<group>"; };
/* End PBXFileReference section */
/* Begin PBXFrameworksBuildPhase section */
@ -108,8 +117,8 @@
buildActionMask = 2147483647;
files = (
43AA89622444DAA500EDC39C /* NetworkExtension.framework in Frameworks */,
43871C9B2444DD39004F9075 /* MobileNebula.framework in Frameworks */,
78E28476711DF3A9D186C429 /* Pods_NebulaNetworkExtension.framework in Frameworks */,
43498726289B484C00476B19 /* MobileNebula.xcframework in Frameworks */,
E91B9DAD4A83866D0AF1DAE1 /* Pods_NebulaNetworkExtension.framework in Frameworks */,
);
runOnlyForDeploymentPostprocessing = 0;
};
@ -118,8 +127,8 @@
buildActionMask = 2147483647;
files = (
43AA894F2444D8BC00EDC39C /* NetworkExtension.framework in Frameworks */,
43498725289B484C00476B19 /* MobileNebula.xcframework in Frameworks */,
4CF2F06A02A63B862C9F6F03 /* Pods_Runner.framework in Frameworks */,
43871C9E2444E61F004F9075 /* MobileNebula.framework in Frameworks */,
);
runOnlyForDeploymentPostprocessing = 0;
};
@ -129,13 +138,11 @@
43AA894D2444D8BC00EDC39C /* Frameworks */ = {
isa = PBXGroup;
children = (
43E9BBD0251450C5000BFB8C /* MMWormhole.framework */,
43B828DA249C08DC00CA229C /* MMWormhole.framework */,
43B66ECC245A146300B18C36 /* Foundation.framework */,
43B66ECA245A0C8400B18C36 /* CoreFoundation.framework */,
43AA894E2444D8BC00EDC39C /* NetworkExtension.framework */,
384887B4785D38431E800D3A /* Pods_Runner.framework */,
8EFDD7248CAE56012FE2608C /* Pods_NebulaNetworkExtension.framework */,
5C0A96949A0B117C4ACE752C /* Pods_NebulaNetworkExtension.framework */,
);
name = Frameworks;
sourceTree = "<group>";
@ -144,11 +151,13 @@
isa = PBXGroup;
children = (
437F725C2469AC5700A0C4B9 /* Keychain.swift */,
43871C9A2444DD39004F9075 /* MobileNebula.framework */,
43AA89562444DA6500EDC39C /* PacketTunnelProvider.swift */,
43498724289B484C00476B19 /* MobileNebula.xcframework */,
43AA89582444DA6500EDC39C /* Info.plist */,
43AA89592444DA6500EDC39C /* NebulaNetworkExtension.entitlements */,
437F72582469AAC500A0C4B9 /* Site.swift */,
436DE7A226EFF18500BB2950 /* CtlInfo.h */,
432D0E3D291C562200752563 /* SiteList.swift */,
);
path = NebulaNetworkExtension;
sourceTree = "<group>";
@ -199,7 +208,9 @@
74858FAE1ED2DC5600515810 /* AppDelegate.swift */,
74858FAD1ED2DC5600515810 /* Runner-Bridging-Header.h */,
43871C9C2444E2EC004F9075 /* Sites.swift */,
43AD63F324EB3802000FB47E /* Share.swift */,
43ED87832912D0DD004DAFC5 /* DNUpdate.swift */,
BE45F625291AEAB300902884 /* PackageInfo.swift */,
BE5BC105291C41E600B6FE5B /* APIClient.swift */,
);
path = Runner;
sourceTree = "<group>";
@ -217,9 +228,9 @@
C2D5198CF6975BF93E8A6F93 /* Pods-Runner.debug.xcconfig */,
6E7A71D8C71BF965D042667D /* Pods-Runner.release.xcconfig */,
8E4961BE2F06B97C8C693530 /* Pods-Runner.profile.xcconfig */,
137DCAF9F91CD7AF6438A183 /* Pods-NebulaNetworkExtension.debug.xcconfig */,
E346A0DC829EBFB76D581AAD /* Pods-NebulaNetworkExtension.release.xcconfig */,
FA7B03A7901388BC39329544 /* Pods-NebulaNetworkExtension.profile.xcconfig */,
41927814D2E140A347A01067 /* Pods-NebulaNetworkExtension.debug.xcconfig */,
9169E2D0D49FAF5172A6E7B8 /* Pods-NebulaNetworkExtension.release.xcconfig */,
53C42258A2092B55937DCF53 /* Pods-NebulaNetworkExtension.profile.xcconfig */,
);
path = Pods;
sourceTree = "<group>";
@ -231,8 +242,7 @@
isa = PBXNativeTarget;
buildConfigurationList = 43AA895D2444DA6500EDC39C /* Build configuration list for PBXNativeTarget "NebulaNetworkExtension" */;
buildPhases = (
D39D78EE128AD494ACEF8DC0 /* [CP] Check Pods Manifest.lock */,
43AA89632444DAD100EDC39C /* ShellScript */,
2C0A52E24BC9F327251CBAD2 /* [CP] Check Pods Manifest.lock */,
43AA89502444DA6500EDC39C /* Sources */,
43AA89512444DA6500EDC39C /* Frameworks */,
43AA89522444DA6500EDC39C /* Resources */,
@ -277,7 +287,7 @@
isa = PBXProject;
attributes = {
LastSwiftUpdateCheck = 1140;
LastUpgradeCheck = 1020;
LastUpgradeCheck = 1300;
ORGANIZATIONNAME = "The Chromium Authors";
TargetAttributes = {
43AA89532444DA6500EDC39C = {
@ -342,88 +352,36 @@
"${PODS_ROOT}/Target Support Files/Pods-Runner/Pods-Runner-frameworks.sh",
"${BUILT_PRODUCTS_DIR}/DKImagePickerController/DKImagePickerController.framework",
"${BUILT_PRODUCTS_DIR}/DKPhotoGallery/DKPhotoGallery.framework",
"${BUILT_PRODUCTS_DIR}/FLAnimatedImage/FLAnimatedImage.framework",
"${PODS_ROOT}/../Flutter/Flutter.framework",
"${BUILT_PRODUCTS_DIR}/MMWormhole/MMWormhole.framework",
"${BUILT_PRODUCTS_DIR}/MTBBarcodeScanner/MTBBarcodeScanner.framework",
"${BUILT_PRODUCTS_DIR}/SDWebImage/SDWebImage.framework",
"${BUILT_PRODUCTS_DIR}/SDWebImageFLPlugin/SDWebImageFLPlugin.framework",
"${BUILT_PRODUCTS_DIR}/SwiftProtobuf/SwiftProtobuf.framework",
"${BUILT_PRODUCTS_DIR}/barcode_scan/barcode_scan.framework",
"${BUILT_PRODUCTS_DIR}/SwiftyGif/SwiftyGif.framework",
"${BUILT_PRODUCTS_DIR}/SwiftyJSON/SwiftyJSON.framework",
"${BUILT_PRODUCTS_DIR}/file_picker/file_picker.framework",
"${BUILT_PRODUCTS_DIR}/flutter_barcode_scanner/flutter_barcode_scanner.framework",
"${BUILT_PRODUCTS_DIR}/package_info/package_info.framework",
"${BUILT_PRODUCTS_DIR}/path_provider/path_provider.framework",
"${BUILT_PRODUCTS_DIR}/url_launcher/url_launcher.framework",
"${BUILT_PRODUCTS_DIR}/path_provider_ios/path_provider_ios.framework",
"${BUILT_PRODUCTS_DIR}/share_plus/share_plus.framework",
"${BUILT_PRODUCTS_DIR}/url_launcher_ios/url_launcher_ios.framework",
);
name = "[CP] Embed Pods Frameworks";
outputPaths = (
"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/DKImagePickerController.framework",
"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/DKPhotoGallery.framework",
"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/FLAnimatedImage.framework",
"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/Flutter.framework",
"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/MMWormhole.framework",
"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/MTBBarcodeScanner.framework",
"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/SDWebImage.framework",
"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/SDWebImageFLPlugin.framework",
"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/SwiftProtobuf.framework",
"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/barcode_scan.framework",
"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/SwiftyGif.framework",
"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/SwiftyJSON.framework",
"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/file_picker.framework",
"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/flutter_barcode_scanner.framework",
"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/package_info.framework",
"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/path_provider.framework",
"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/url_launcher.framework",
"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/path_provider_ios.framework",
"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/share_plus.framework",
"${TARGET_BUILD_DIR}/${FRAMEWORKS_FOLDER_PATH}/url_launcher_ios.framework",
);
runOnlyForDeploymentPostprocessing = 0;
shellPath = /bin/sh;
shellScript = "\"${PODS_ROOT}/Target Support Files/Pods-Runner/Pods-Runner-frameworks.sh\"\n";
showEnvVarsInLog = 0;
};
3B06AD1E1E4923F5004D2608 /* Thin Binary */ = {
isa = PBXShellScriptBuildPhase;
buildActionMask = 2147483647;
files = (
);
inputPaths = (
);
name = "Thin Binary";
outputPaths = (
);
runOnlyForDeploymentPostprocessing = 0;
shellPath = /bin/sh;
shellScript = "/bin/sh \"$FLUTTER_ROOT/packages/flutter_tools/bin/xcode_backend.sh\" embed\n/bin/sh \"$FLUTTER_ROOT/packages/flutter_tools/bin/xcode_backend.sh\" thin\n";
};
43AA89632444DAD100EDC39C /* ShellScript */ = {
isa = PBXShellScriptBuildPhase;
buildActionMask = 2147483647;
files = (
);
inputFileListPaths = (
);
inputPaths = (
);
outputFileListPaths = (
);
outputPaths = (
);
runOnlyForDeploymentPostprocessing = 0;
shellPath = /bin/sh;
shellScript = "cd ..\n./gen-artifacts.sh ios\n";
showEnvVarsInLog = 0;
};
9740EEB61CF901F6004384FC /* Run Script */ = {
isa = PBXShellScriptBuildPhase;
buildActionMask = 2147483647;
files = (
);
inputPaths = (
);
name = "Run Script";
outputPaths = (
);
runOnlyForDeploymentPostprocessing = 0;
shellPath = /bin/sh;
shellScript = "/bin/sh \"$FLUTTER_ROOT/packages/flutter_tools/bin/xcode_backend.sh\" build\n";
};
D39D78EE128AD494ACEF8DC0 /* [CP] Check Pods Manifest.lock */ = {
2C0A52E24BC9F327251CBAD2 /* [CP] Check Pods Manifest.lock */ = {
isa = PBXShellScriptBuildPhase;
buildActionMask = 2147483647;
files = (
@ -445,6 +403,34 @@
shellScript = "diff \"${PODS_PODFILE_DIR_PATH}/Podfile.lock\" \"${PODS_ROOT}/Manifest.lock\" > /dev/null\nif [ $? != 0 ] ; then\n # print error to STDERR\n echo \"error: The sandbox is not in sync with the Podfile.lock. Run 'pod install' or update your CocoaPods installation.\" >&2\n exit 1\nfi\n# This output is used by Xcode 'outputs' to avoid re-running this script phase.\necho \"SUCCESS\" > \"${SCRIPT_OUTPUT_FILE_0}\"\n";
showEnvVarsInLog = 0;
};
3B06AD1E1E4923F5004D2608 /* Thin Binary */ = {
isa = PBXShellScriptBuildPhase;
buildActionMask = 2147483647;
files = (
);
inputPaths = (
);
name = "Thin Binary";
outputPaths = (
);
runOnlyForDeploymentPostprocessing = 0;
shellPath = /bin/sh;
shellScript = "/bin/sh \"$FLUTTER_ROOT/packages/flutter_tools/bin/xcode_backend.sh\" embed\n/bin/sh \"$FLUTTER_ROOT/packages/flutter_tools/bin/xcode_backend.sh\" thin\n";
};
9740EEB61CF901F6004384FC /* Run Script */ = {
isa = PBXShellScriptBuildPhase;
buildActionMask = 2147483647;
files = (
);
inputPaths = (
);
name = "Run Script";
outputPaths = (
);
runOnlyForDeploymentPostprocessing = 0;
shellPath = /bin/sh;
shellScript = "/bin/sh \"$FLUTTER_ROOT/packages/flutter_tools/bin/xcode_backend.sh\" build\n";
};
FF0E0EB9A684F086443A8FBA /* [CP] Check Pods Manifest.lock */ = {
isa = PBXShellScriptBuildPhase;
buildActionMask = 2147483647;
@ -474,8 +460,12 @@
isa = PBXSourcesBuildPhase;
buildActionMask = 2147483647;
files = (
432D0E3F291C562200752563 /* SiteList.swift in Sources */,
43AA89572444DA6500EDC39C /* PacketTunnelProvider.swift in Sources */,
437F72592469AAC500A0C4B9 /* Site.swift in Sources */,
43ED87852912D0DD004DAFC5 /* DNUpdate.swift in Sources */,
BEC5939E291C502F00709118 /* APIClient.swift in Sources */,
BEC5939F291C503D00709118 /* PackageInfo.swift in Sources */,
437F725E2469AC5700A0C4B9 /* Keychain.swift in Sources */,
);
runOnlyForDeploymentPostprocessing = 0;
@ -485,11 +475,14 @@
buildActionMask = 2147483647;
files = (
74858FAF1ED2DC5600515810 /* AppDelegate.swift in Sources */,
43AD63F424EB3802000FB47E /* Share.swift in Sources */,
432D0E3E291C562200752563 /* SiteList.swift in Sources */,
43871C9D2444E2EC004F9075 /* Sites.swift in Sources */,
BE5BC106291C41E600B6FE5B /* APIClient.swift in Sources */,
437F725F2469B4B000A0C4B9 /* Site.swift in Sources */,
BE45F626291AEAB300902884 /* PackageInfo.swift in Sources */,
1498D2341E8E89220040F4C2 /* GeneratedPluginRegistrant.m in Sources */,
437F72602469B4B300A0C4B9 /* Keychain.swift in Sources */,
43ED87842912D0DD004DAFC5 /* DNUpdate.swift in Sources */,
);
runOnlyForDeploymentPostprocessing = 0;
};
@ -581,7 +574,7 @@
ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
CLANG_ENABLE_MODULES = YES;
CODE_SIGN_ENTITLEMENTS = Runner/Runner.entitlements;
CURRENT_PROJECT_VERSION = 1;
CURRENT_PROJECT_VERSION = 4;
DEVELOPMENT_TEAM = 576H3XS7FP;
ENABLE_BITCODE = NO;
FRAMEWORK_SEARCH_PATHS = (
@ -591,12 +584,15 @@
);
INFOPLIST_FILE = Runner/Info.plist;
IPHONEOS_DEPLOYMENT_TARGET = 14.0;
LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks";
LD_RUNPATH_SEARCH_PATHS = (
"$(inherited)",
"@executable_path/Frameworks",
);
LIBRARY_SEARCH_PATHS = (
"$(inherited)",
"$(PROJECT_DIR)/Flutter",
);
MARKETING_VERSION = 0.0.38;
MARKETING_VERSION = 0.1.0;
PRODUCT_BUNDLE_IDENTIFIER = net.defined.mobileNebula;
PRODUCT_NAME = "$(TARGET_NAME)";
SWIFT_OBJC_BRIDGING_HEADER = "Runner/Runner-Bridging-Header.h";
@ -607,7 +603,7 @@
};
43AA895E2444DA6500EDC39C /* Debug */ = {
isa = XCBuildConfiguration;
baseConfigurationReference = 137DCAF9F91CD7AF6438A183 /* Pods-NebulaNetworkExtension.debug.xcconfig */;
baseConfigurationReference = 41927814D2E140A347A01067 /* Pods-NebulaNetworkExtension.debug.xcconfig */;
buildSettings = {
CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE;
CLANG_CXX_LANGUAGE_STANDARD = "gnu++14";
@ -616,7 +612,7 @@
CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE;
CODE_SIGN_ENTITLEMENTS = NebulaNetworkExtension/NebulaNetworkExtension.entitlements;
CODE_SIGN_STYLE = Automatic;
CURRENT_PROJECT_VERSION = 1;
CURRENT_PROJECT_VERSION = 4;
DEVELOPMENT_TEAM = 576H3XS7FP;
ENABLE_BITCODE = NO;
FRAMEWORK_SEARCH_PATHS = (
@ -626,8 +622,12 @@
GCC_C_LANGUAGE_STANDARD = gnu11;
INFOPLIST_FILE = NebulaNetworkExtension/Info.plist;
IPHONEOS_DEPLOYMENT_TARGET = 14.0;
LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @executable_path/../../Frameworks";
MARKETING_VERSION = 0.0.38;
LD_RUNPATH_SEARCH_PATHS = (
"$(inherited)",
"@executable_path/Frameworks",
"@executable_path/../../Frameworks",
);
MARKETING_VERSION = 0.1.0;
MTL_ENABLE_DEBUG_INFO = INCLUDE_SOURCE;
MTL_FAST_MATH = YES;
OTHER_LDFLAGS = "";
@ -635,6 +635,7 @@
PRODUCT_NAME = "$(TARGET_NAME)";
SKIP_INSTALL = YES;
SWIFT_ACTIVE_COMPILATION_CONDITIONS = DEBUG;
SWIFT_OBJC_BRIDGING_HEADER = NebulaNetworkExtension/CtlInfo.h;
SWIFT_OPTIMIZATION_LEVEL = "-Onone";
SWIFT_VERSION = 5.0;
TARGETED_DEVICE_FAMILY = "1,2";
@ -643,7 +644,7 @@
};
43AA895F2444DA6500EDC39C /* Release */ = {
isa = XCBuildConfiguration;
baseConfigurationReference = E346A0DC829EBFB76D581AAD /* Pods-NebulaNetworkExtension.release.xcconfig */;
baseConfigurationReference = 9169E2D0D49FAF5172A6E7B8 /* Pods-NebulaNetworkExtension.release.xcconfig */;
buildSettings = {
CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE;
CLANG_CXX_LANGUAGE_STANDARD = "gnu++14";
@ -652,7 +653,7 @@
CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE;
CODE_SIGN_ENTITLEMENTS = NebulaNetworkExtension/NebulaNetworkExtension.entitlements;
CODE_SIGN_STYLE = Automatic;
CURRENT_PROJECT_VERSION = 1;
CURRENT_PROJECT_VERSION = 4;
DEVELOPMENT_TEAM = 576H3XS7FP;
ENABLE_BITCODE = NO;
FRAMEWORK_SEARCH_PATHS = (
@ -662,13 +663,18 @@
GCC_C_LANGUAGE_STANDARD = gnu11;
INFOPLIST_FILE = NebulaNetworkExtension/Info.plist;
IPHONEOS_DEPLOYMENT_TARGET = 14.0;
LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @executable_path/../../Frameworks";
MARKETING_VERSION = 0.0.38;
LD_RUNPATH_SEARCH_PATHS = (
"$(inherited)",
"@executable_path/Frameworks",
"@executable_path/../../Frameworks",
);
MARKETING_VERSION = 0.1.0;
MTL_FAST_MATH = YES;
OTHER_LDFLAGS = "";
PRODUCT_BUNDLE_IDENTIFIER = net.defined.mobileNebula.NebulaNetworkExtension;
PRODUCT_NAME = "$(TARGET_NAME)";
SKIP_INSTALL = YES;
SWIFT_OBJC_BRIDGING_HEADER = NebulaNetworkExtension/CtlInfo.h;
SWIFT_VERSION = 5.0;
TARGETED_DEVICE_FAMILY = "1,2";
};
@ -676,7 +682,7 @@
};
43AA89602444DA6500EDC39C /* Profile */ = {
isa = XCBuildConfiguration;
baseConfigurationReference = FA7B03A7901388BC39329544 /* Pods-NebulaNetworkExtension.profile.xcconfig */;
baseConfigurationReference = 53C42258A2092B55937DCF53 /* Pods-NebulaNetworkExtension.profile.xcconfig */;
buildSettings = {
CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE;
CLANG_CXX_LANGUAGE_STANDARD = "gnu++14";
@ -685,7 +691,7 @@
CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE;
CODE_SIGN_ENTITLEMENTS = NebulaNetworkExtension/NebulaNetworkExtension.entitlements;
CODE_SIGN_STYLE = Automatic;
CURRENT_PROJECT_VERSION = 1;
CURRENT_PROJECT_VERSION = 4;
DEVELOPMENT_TEAM = 576H3XS7FP;
ENABLE_BITCODE = NO;
FRAMEWORK_SEARCH_PATHS = (
@ -695,13 +701,18 @@
GCC_C_LANGUAGE_STANDARD = gnu11;
INFOPLIST_FILE = NebulaNetworkExtension/Info.plist;
IPHONEOS_DEPLOYMENT_TARGET = 14.0;
LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @executable_path/../../Frameworks";
MARKETING_VERSION = 0.0.38;
LD_RUNPATH_SEARCH_PATHS = (
"$(inherited)",
"@executable_path/Frameworks",
"@executable_path/../../Frameworks",
);
MARKETING_VERSION = 0.1.0;
MTL_FAST_MATH = YES;
OTHER_LDFLAGS = "";
PRODUCT_BUNDLE_IDENTIFIER = net.defined.mobileNebula.NebulaNetworkExtension;
PRODUCT_NAME = "$(TARGET_NAME)";
SKIP_INSTALL = YES;
SWIFT_OBJC_BRIDGING_HEADER = NebulaNetworkExtension/CtlInfo.h;
SWIFT_VERSION = 5.0;
TARGETED_DEVICE_FAMILY = "1,2";
};
@ -821,7 +832,7 @@
ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
CLANG_ENABLE_MODULES = YES;
CODE_SIGN_ENTITLEMENTS = Runner/Runner.entitlements;
CURRENT_PROJECT_VERSION = 1;
CURRENT_PROJECT_VERSION = 4;
DEVELOPMENT_TEAM = 576H3XS7FP;
ENABLE_BITCODE = NO;
FRAMEWORK_SEARCH_PATHS = (
@ -831,12 +842,15 @@
);
INFOPLIST_FILE = Runner/Info.plist;
IPHONEOS_DEPLOYMENT_TARGET = 14.0;
LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks";
LD_RUNPATH_SEARCH_PATHS = (
"$(inherited)",
"@executable_path/Frameworks",
);
LIBRARY_SEARCH_PATHS = (
"$(inherited)",
"$(PROJECT_DIR)/Flutter",
);
MARKETING_VERSION = 0.0.38;
MARKETING_VERSION = 0.1.0;
PRODUCT_BUNDLE_IDENTIFIER = net.defined.mobileNebula;
PRODUCT_NAME = "$(TARGET_NAME)";
SWIFT_OBJC_BRIDGING_HEADER = "Runner/Runner-Bridging-Header.h";
@ -854,7 +868,7 @@
ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
CLANG_ENABLE_MODULES = YES;
CODE_SIGN_ENTITLEMENTS = Runner/Runner.entitlements;
CURRENT_PROJECT_VERSION = 1;
CURRENT_PROJECT_VERSION = 4;
DEVELOPMENT_TEAM = 576H3XS7FP;
ENABLE_BITCODE = NO;
FRAMEWORK_SEARCH_PATHS = (
@ -864,12 +878,15 @@
);
INFOPLIST_FILE = Runner/Info.plist;
IPHONEOS_DEPLOYMENT_TARGET = 14.0;
LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks";
LD_RUNPATH_SEARCH_PATHS = (
"$(inherited)",
"@executable_path/Frameworks",
);
LIBRARY_SEARCH_PATHS = (
"$(inherited)",
"$(PROJECT_DIR)/Flutter",
);
MARKETING_VERSION = 0.0.38;
MARKETING_VERSION = 0.1.0;
PRODUCT_BUNDLE_IDENTIFIER = net.defined.mobileNebula;
PRODUCT_NAME = "$(TARGET_NAME)";
SWIFT_OBJC_BRIDGING_HEADER = "Runner/Runner-Bridging-Header.h";

2
ios/Runner.xcodeproj/project.xcworkspace/contents.xcworkspacedata generated
View File

@ -2,6 +2,6 @@
<Workspace
version = "1.0">
<FileRef
location = "group:Runner.xcodeproj">
location = "self:">
</FileRef>
</Workspace>

22
ios/Runner.xcodeproj/xcshareddata/xcschemes/Runner.xcscheme
View File

@ -1,10 +1,28 @@
<?xml version="1.0" encoding="UTF-8"?>
<Scheme
LastUpgradeVersion = "1020"
version = "1.3">
LastUpgradeVersion = "1300"
version = "1.7">
<BuildAction
parallelizeBuildables = "YES"
buildImplicitDependencies = "YES">
<PreActions>
<ExecutionAction
ActionType = "Xcode.IDEStandardExecutionActionsCore.ExecutionActionType.ShellScriptAction">
<ActionContent
title = "Run Script"
scriptText = "cd &quot;$PROJECT_DIR&quot;/..&#10;./gen-artifacts.sh ios&#10;">
<EnvironmentBuildable>
<BuildableReference
BuildableIdentifier = "primary"
BlueprintIdentifier = "97C146ED1CF9000F007C117D"
BuildableName = "Runner.app"
BlueprintName = "Runner"
ReferencedContainer = "container:Runner.xcodeproj">
</BuildableReference>
</EnvironmentBuildable>
</ActionContent>
</ExecutionAction>
</PreActions>
<BuildActionEntries>
<BuildActionEntry
buildForTesting = "YES"

54
ios/Runner/APIClient.swift Normal file
View File

@ -0,0 +1,54 @@
import MobileNebula
enum APIClientError: Error {
case invalidCredentials
}
class APIClient {
let apiClient: MobileNebulaAPIClient
let json = JSONDecoder()
init() {
let packageInfo = PackageInfo()
apiClient = MobileNebulaNewAPIClient("MobileNebula/\(packageInfo.getVersion()) (iOS \(packageInfo.getSystemVersion()))")!
}
func enroll(code: String) throws -> IncomingSite {
let res = try apiClient.enroll(code)
return try decodeIncomingSite(jsonSite: res.site)
}
func tryUpdate(siteName: String, hostID: String, privateKey: String, counter: Int, trustedKeys: String) throws -> IncomingSite? {
let res: MobileNebulaTryUpdateResult
do {
res = try apiClient.tryUpdate(
siteName,
hostID: hostID,
privateKey: privateKey,
counter: counter,
trustedKeys: trustedKeys)
} catch {
// type information from Go is not available, use string matching instead
if (error.localizedDescription == "invalid credentials") {
throw APIClientError.invalidCredentials
}
throw error
}
if (res.fetchedUpdate) {
return try decodeIncomingSite(jsonSite: res.site)
}
return nil
}
private func decodeIncomingSite(jsonSite: String) throws -> IncomingSite {
do {
return try json.decode(IncomingSite.self, from: jsonSite.data(using: .utf8)!)
} catch {
print("decodeIncomingSite: \(error)")
throw error
}
}
}

235
ios/Runner/AppDelegate.swift
View File

@ -2,7 +2,7 @@ import UIKit
import Flutter
import MobileNebula
import NetworkExtension
import MMWormhole
import SwiftyJSON
enum ChannelName {
static let vpn = "net.defined.mobileNebula/NebulaVpnService"
@ -14,8 +14,11 @@ func MissingArgumentError(message: String, details: Any?) -> FlutterError {
@UIApplicationMain
@objc class AppDelegate: FlutterAppDelegate {
private let dnUpdater = DNUpdater()
private let apiClient = APIClient()
private var sites: Sites?
private var wormhole = MMWormhole(applicationGroupIdentifier: "group.net.defined.mobileNebula", optionalDirectory: "ipc")
private var ui: FlutterMethodChannel?
override func application(
_ application: UIApplication,
@ -23,21 +26,35 @@ func MissingArgumentError(message: String, details: Any?) -> FlutterError {
) -> Bool {
GeneratedPluginRegistrant.register(with: self)
dnUpdater.updateAllLoop { site in
// Signal the site has changed in case the current site details screen is active
let container = self.sites?.getContainer(id: site.id)
if (container != nil) {
// Update references to the site with the new site config
container!.site = site
container!.updater.update(connected: site.connected ?? false, replaceSite: site)
}
// Signal to the main screen to reload
self.ui?.invokeMethod("refreshSites", arguments: nil)
}
guard let controller = window?.rootViewController as? FlutterViewController else {
fatalError("rootViewController is not type FlutterViewController")
}
sites = Sites(messenger: controller.binaryMessenger)
let channel = FlutterMethodChannel(name: ChannelName.vpn, binaryMessenger: controller.binaryMessenger)
ui = FlutterMethodChannel(name: ChannelName.vpn, binaryMessenger: controller.binaryMessenger)
NSKeyedUnarchiver.setClass(IPCMessage.classForKeyedUnarchiver(), forClassName: "NebulaNetworkExtension.IPCMessage")
wormhole.listenForMessage(withIdentifier: "nebula", listener: self.wormholeListener)
channel.setMethodCallHandler({(call: FlutterMethodCall, result: @escaping FlutterResult) -> Void in
ui!.setMethodCallHandler({(call: FlutterMethodCall, result: @escaping FlutterResult) -> Void in
switch call.method {
case "nebula.parseCerts": return self.nebulaParseCerts(call: call, result: result)
case "nebula.generateKeyPair": return self.nebulaGenerateKeyPair(result: result)
case "nebula.renderConfig": return self.nebulaRenderConfig(call: call, result: result)
case "nebula.verifyCertAndKey": return self.nebulaVerifyCertAndKey(call: call, result: result)
case "dn.enroll": return self.dnEnroll(call: call, result: result)
case "listSites": return self.listSites(result: result)
case "deleteSite": return self.deleteSite(call: call, result: result)
@ -45,14 +62,11 @@ func MissingArgumentError(message: String, details: Any?) -> FlutterError {
case "startSite": return self.startSite(call: call, result: result)
case "stopSite": return self.stopSite(call: call, result: result)
case "active.listHostmap": self.activeListHostmap(call: call, result: result)
case "active.listPendingHostmap": self.activeListPendingHostmap(call: call, result: result)
case "active.getHostInfo": self.activeGetHostInfo(call: call, result: result)
case "active.setRemoteForTunnel": self.activeSetRemoteForTunnel(call: call, result: result)
case "active.closeTunnel": self.activeCloseTunnel(call: call, result: result)
case "share": Share.share(call: call, result: result)
case "shareFile": Share.shareFile(call: call, result: result)
case "active.listHostmap": self.vpnRequest(command: "listHostmap", arguments: call.arguments, result: result)
case "active.listPendingHostmap": self.vpnRequest(command: "listPendingHostmap", arguments: call.arguments, result: result)
case "active.getHostInfo": self.vpnRequest(command: "getHostInfo", arguments: call.arguments, result: result)
case "active.setRemoteForTunnel": self.vpnRequest(command: "setRemoteForTunnel", arguments: call.arguments, result: result)
case "active.closeTunnel": self.vpnRequest(command: "closeTunnel", arguments: call.arguments, result: result)
default:
result(FlutterMethodNotImplemented)
@ -75,6 +89,21 @@ func MissingArgumentError(message: String, details: Any?) -> FlutterError {
return result(json)
}
func nebulaVerifyCertAndKey(call: FlutterMethodCall, result: FlutterResult) {
guard let args = call.arguments as? Dictionary<String, String> else { return result(NoArgumentsError()) }
guard let cert = args["cert"] else { return result(MissingArgumentError(message: "cert is a required argument")) }
guard let key = args["key"] else { return result(MissingArgumentError(message: "key is a required argument")) }
var err: NSError?
var validd: ObjCBool = false
let valid = MobileNebulaVerifyCertAndKey(cert, key, &validd, &err)
if (err != nil) {
return result(CallFailedError(message: "Error while verifying certificate and private key", details: err!.localizedDescription))
}
return result(valid)
}
func nebulaGenerateKeyPair(result: FlutterResult) {
var err: NSError?
let kp = MobileNebulaGenerateKeyPair(&err)
@ -97,6 +126,25 @@ func MissingArgumentError(message: String, details: Any?) -> FlutterError {
return result(yaml)
}
func dnEnroll(call: FlutterMethodCall, result: @escaping FlutterResult) {
guard let code = call.arguments as? String else { return result(NoArgumentsError()) }
do {
let site = try apiClient.enroll(code: code)
let oldSite = self.sites?.getSite(id: site.id)
site.save(manager: oldSite?.manager) { error in
if (error != nil) {
return result(CallFailedError(message: "Failed to enroll", details: error!.localizedDescription))
}
result(nil)
}
} catch {
return result(CallFailedError(message: "Error from DN api", details: error.localizedDescription))
}
}
func listSites(result: @escaping FlutterResult) {
self.sites?.loadSites { (sites, err) -> () in
if (err != nil) {
@ -136,19 +184,23 @@ func MissingArgumentError(message: String, details: Any?) -> FlutterError {
return result(CallFailedError(message: "Failed to save site", details: error!.localizedDescription))
}
result(nil)
self.sites?.loadSites { _, _ in
result(nil)
}
}
}
func startSite(call: FlutterMethodCall, result: @escaping FlutterResult) {
guard let args = call.arguments as? Dictionary<String, String> else { return result(NoArgumentsError()) }
guard let id = args["id"] else { return result(MissingArgumentError(message: "id is a required argument")) }
#if targetEnvironment(simulator)
let updater = self.sites?.getUpdater(id: id)
updater?.update(connected: true)
#else
let manager = self.sites?.getSite(id: id)?.manager
let container = self.sites?.getContainer(id: id)
let manager = container?.site.manager
manager?.loadFromPreferences{ error in
//TODO: Handle load error
// This is silly but we need to enable the site each time to avoid situations where folks have multiple sites
@ -158,12 +210,13 @@ func MissingArgumentError(message: String, details: Any?) -> FlutterError {
manager?.loadFromPreferences{ error in
//TODO: Handle load error
do {
try manager?.connection.startVPNTunnel()
container?.updater.startFunc = {() -> Void in
return self.vpnRequest(command: "start", arguments: args, result: result)
}
try manager?.connection.startVPNTunnel(options: ["expectStart": NSNumber(1)])
} catch {
return result(CallFailedError(message: "Could not start site", details: error.localizedDescription))
}
return result(nil)
}
}
}
@ -188,120 +241,46 @@ func MissingArgumentError(message: String, details: Any?) -> FlutterError {
#endif
}
func activeListHostmap(call: FlutterMethodCall, result: @escaping FlutterResult) {
guard let args = call.arguments as? Dictionary<String, String> else { return result(NoArgumentsError()) }
guard let id = args["id"] else { return result(MissingArgumentError(message: "id is a required argument")) }
//TODO: match id for safety?
wormholeRequestWithCallback(type: "listHostmap", arguments: nil) { (data, err) -> () in
if (err != nil) {
return result(CallFailedError(message: err!.localizedDescription))
}
result(data)
}
}
func activeListPendingHostmap(call: FlutterMethodCall, result: @escaping FlutterResult) {
guard let args = call.arguments as? Dictionary<String, String> else { return result(NoArgumentsError()) }
guard let id = args["id"] else { return result(MissingArgumentError(message: "id is a required argument")) }
//TODO: match id for safety?
wormholeRequestWithCallback(type: "listPendingHostmap", arguments: nil) { (data, err) -> () in
if (err != nil) {
return result(CallFailedError(message: err!.localizedDescription))
}
result(data)
}
}
func activeGetHostInfo(call: FlutterMethodCall, result: @escaping FlutterResult) {
guard let args = call.arguments as? Dictionary<String, Any> else { return result(NoArgumentsError()) }
func vpnRequest(command: String, arguments: Any?, result: @escaping FlutterResult) {
guard let args = arguments as? Dictionary<String, Any> else { return result(NoArgumentsError()) }
guard let id = args["id"] as? String else { return result(MissingArgumentError(message: "id is a required argument")) }
guard let vpnIp = args["vpnIp"] as? String else { return result(MissingArgumentError(message: "vpnIp is a required argument")) }
let pending = args["pending"] as? Bool ?? false
let container = sites?.getContainer(id: id)
//TODO: match id for safety?
wormholeRequestWithCallback(type: "getHostInfo", arguments: ["vpnIp": vpnIp, "pending": pending]) { (data, err) -> () in
if (err != nil) {
return result(CallFailedError(message: err!.localizedDescription))
}
result(data)
}
}
func activeSetRemoteForTunnel(call: FlutterMethodCall, result: @escaping FlutterResult) {
guard let args = call.arguments as? Dictionary<String, String> else { return result(NoArgumentsError()) }
guard let id = args["id"] else { return result(MissingArgumentError(message: "id is a required argument")) }
guard let vpnIp = args["vpnIp"] else { return result(MissingArgumentError(message: "vpnIp is a required argument")) }
guard let addr = args["addr"] else { return result(MissingArgumentError(message: "addr is a required argument")) }
//TODO: match id for safety?
wormholeRequestWithCallback(type: "setRemoteForTunnel", arguments: ["vpnIp": vpnIp, "addr": addr]) { (data, err) -> () in
if (err != nil) {
return result(CallFailedError(message: err!.localizedDescription))
}
result(data)
}
}
func activeCloseTunnel(call: FlutterMethodCall, result: @escaping FlutterResult) {
guard let args = call.arguments as? Dictionary<String, String> else { return result(NoArgumentsError()) }
guard let id = args["id"] else { return result(MissingArgumentError(message: "id is a required argument")) }
guard let vpnIp = args["vpnIp"] else { return result(MissingArgumentError(message: "vpnIp is a required argument")) }
//TODO: match id for safety?
wormholeRequestWithCallback(type: "closeTunnel", arguments: ["vpnIp": vpnIp]) { (data, err) -> () in
if (err != nil) {
return result(CallFailedError(message: err!.localizedDescription))
}
result(data as? Bool ?? false)
}
}
func wormholeListener(msg: Any?) {
guard let call = msg as? IPCMessage else {
print("Failed to decode IPCMessage from network extension")
return
if container == nil {
// No site for this id
return result(nil)
}
switch call.type {
case "error":
guard let updater = self.sites?.getUpdater(id: call.id) else {
return print("Could not find site to deliver error to \(call.id): \(String(describing: call.message))")
}
updater.setError(err: call.message as! String)
default:
print("Unknown IPC message type \(call.type)")
if !(container!.site.connected ?? false) {
// Site isn't connected, no point in sending a command
return result(nil)
}
}
func wormholeRequestWithCallback(type: String, arguments: Dictionary<String, Any>?, completion: @escaping (Any?, Error?) -> ()) {
let uuid = UUID().uuidString
wormhole.listenForMessage(withIdentifier: uuid) { msg -> () in
self.wormhole.stopListeningForMessage(withIdentifier: uuid)
guard let call = msg as? IPCMessage else {
completion("", "Failed to decode IPCMessage callback from network extension")
return
}
switch call.type {
case "error":
completion("", call.message as? String ?? "Failed to convert error")
case "success":
completion(call.message, nil)
default:
completion("", "Unknown IPC message type \(call.type)")
if let session = container!.site.manager?.connection as? NETunnelProviderSession {
do {
try session.sendProviderMessage(try JSONEncoder().encode(IPCRequest(command: command, arguments: JSON(args)))) { data in
if data == nil {
return result(nil)
}
//print(String(decoding: data!, as: UTF8.self))
guard let res = try? JSONDecoder().decode(IPCResponse.self, from: data!) else {
return result(CallFailedError(message: "Failed to decode response"))
}
if res.type == .success {
return result(res.message?.object)
}
return result(CallFailedError(message: res.message?.debugDescription ?? "Failed to convert error"))
}
} catch {
return result(CallFailedError(message: error.localizedDescription))
}
} else {
//TODO: we have a site without a manager, things have gone weird. How to handle since this shouldn't happen?
result(nil)
}
wormhole.passMessageObject(IPCRequest(callbackId: uuid, type: type, arguments: arguments), identifier: "app")
}
}

BIN
ios/Runner/Assets.xcassets/AppIcon.appiconset/nebula icon white@2x-1024.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 468 KiB

After

Width:  |  Height:  |  Size: 390 KiB

BIN
ios/Runner/Assets.xcassets/AppIcon.appiconset/nebula icon white@2x-20.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.9 KiB

After

Width:  |  Height:  |  Size: 1.8 KiB

BIN
ios/Runner/Assets.xcassets/AppIcon.appiconset/nebula icon white@2x-20@2x.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 3.0 KiB

After

Width:  |  Height:  |  Size: 2.8 KiB

BIN
ios/Runner/Assets.xcassets/AppIcon.appiconset/nebula icon white@2x-20@3x.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 4.8 KiB

After

Width:  |  Height:  |  Size: 4.1 KiB

BIN
ios/Runner/Assets.xcassets/AppIcon.appiconset/nebula icon white@2x-29.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.3 KiB

After

Width:  |  Height:  |  Size: 2.2 KiB

BIN
ios/Runner/Assets.xcassets/AppIcon.appiconset/nebula icon white@2x-29@2x.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 4.5 KiB

After

Width:  |  Height:  |  Size: 3.9 KiB

BIN
ios/Runner/Assets.xcassets/AppIcon.appiconset/nebula icon white@2x-29@3x.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 7.9 KiB

After

Width:  |  Height:  |  Size: 6.7 KiB

BIN
ios/Runner/Assets.xcassets/AppIcon.appiconset/nebula icon white@2x-40.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 3.0 KiB

After

Width:  |  Height:  |  Size: 2.8 KiB

BIN
ios/Runner/Assets.xcassets/AppIcon.appiconset/nebula icon white@2x-40@2x.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 7.0 KiB

After

Width:  |  Height:  |  Size: 5.9 KiB

BIN
ios/Runner/Assets.xcassets/AppIcon.appiconset/nebula icon white@2x-40@3x.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 13 KiB

After

Width:  |  Height:  |  Size: 11 KiB

BIN
ios/Runner/Assets.xcassets/AppIcon.appiconset/nebula icon white@2x-60@2x.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 13 KiB

After

Width:  |  Height:  |  Size: 11 KiB

BIN
ios/Runner/Assets.xcassets/AppIcon.appiconset/nebula icon white@2x-60@3x.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 25 KiB

After

Width:  |  Height:  |  Size: 21 KiB

BIN
ios/Runner/Assets.xcassets/AppIcon.appiconset/nebula icon white@2x-76.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 6.4 KiB

After

Width:  |  Height:  |  Size: 5.5 KiB

BIN
ios/Runner/Assets.xcassets/AppIcon.appiconset/nebula icon white@2x-76@2x.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 19 KiB

After

Width:  |  Height:  |  Size: 16 KiB

BIN
ios/Runner/Assets.xcassets/AppIcon.appiconset/nebula icon white@2x-83.5@2x.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 22 KiB

After

Width:  |  Height:  |  Size: 18 KiB

13
ios/Runner/Base.lproj/Main.storyboard
View File

@ -1,8 +1,10 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<document type="com.apple.InterfaceBuilder3.CocoaTouch.Storyboard.XIB" version="3.0" toolsVersion="10117" systemVersion="15F34" targetRuntime="iOS.CocoaTouch" propertyAccessControl="none" useAutolayout="YES" useTraitCollections="YES" initialViewController="BYZ-38-t0r">
<?xml version="1.0" encoding="UTF-8"?>
<document type="com.apple.InterfaceBuilder3.CocoaTouch.Storyboard.XIB" version="3.0" toolsVersion="21225" targetRuntime="iOS.CocoaTouch" propertyAccessControl="none" useAutolayout="YES" useTraitCollections="YES" colorMatched="YES" initialViewController="BYZ-38-t0r">
<device id="retina6_0" orientation="portrait" appearance="light"/>
<dependencies>
<deployment identifier="iOS"/>
<plugIn identifier="com.apple.InterfaceBuilder.IBCocoaTouchPlugin" version="10085"/>
<plugIn identifier="com.apple.InterfaceBuilder.IBCocoaTouchPlugin" version="21207"/>
<capability name="documents saved in the Xcode 8 format" minToolsVersion="8.0"/>
</dependencies>
<scenes>
<!--Flutter View Controller-->
@ -14,13 +16,14 @@
<viewControllerLayoutGuide type="bottom" id="wfy-db-euE"/>
</layoutGuides>
<view key="view" contentMode="scaleToFill" id="8bC-Xf-vdC">
<rect key="frame" x="0.0" y="0.0" width="600" height="600"/>
<rect key="frame" x="0.0" y="0.0" width="390" height="844"/>
<autoresizingMask key="autoresizingMask" widthSizable="YES" heightSizable="YES"/>
<color key="backgroundColor" white="1" alpha="1" colorSpace="custom" customColorSpace="calibratedWhite"/>
<color key="backgroundColor" red="1" green="1" blue="1" alpha="1" colorSpace="custom" customColorSpace="sRGB"/>
</view>
</viewController>
<placeholder placeholderIdentifier="IBFirstResponder" id="dkx-z0-nzr" sceneMemberID="firstResponder"/>
</objects>
<point key="canvasLocation" x="-16" y="-40"/>
</scene>
</scenes>
</document>

136
ios/Runner/DNUpdate.swift Normal file
View File

@ -0,0 +1,136 @@
import Foundation
class DNUpdater {
private let apiClient = APIClient()
private let timer = RepeatingTimer(timeInterval: 15 * 60) // 15 * 60 is 15 minutes
func updateAll(onUpdate: @escaping (Site) -> ()) {
_ = SiteList{ (sites, _) -> () in
// NEVPN seems to force us onto the main thread and we are about to make network calls that
// could block for a while. Push ourselves onto another thread to avoid blocking the UI.
Task.detached(priority: .userInitiated) {
sites?.values.forEach { site in
if (site.connected == true) {
// The vpn service is in charge of updating the currently connected site
return
}
self.updateSite(site: site, onUpdate: onUpdate)
}
}
}
}
func updateAllLoop(onUpdate: @escaping (Site) -> ()) {
timer.eventHandler = {
self.updateAll(onUpdate: onUpdate)
}
timer.resume()
}
func updateSingleLoop(site: Site, onUpdate: @escaping (Site) -> ()) {
timer.eventHandler = {
self.updateSite(site: site, onUpdate: onUpdate)
}
timer.resume()
}
func updateSite(site: Site, onUpdate: @escaping (Site) -> ()) {
do {
if (!site.managed) {
return
}
let credentials = try site.getDNCredentials()
let newSite: IncomingSite?
do {
newSite = try apiClient.tryUpdate(
siteName: site.name,
hostID: credentials.hostID,
privateKey: credentials.privateKey,
counter: credentials.counter,
trustedKeys: credentials.trustedKeys
)
} catch (APIClientError.invalidCredentials) {
if (!credentials.invalid) {
try site.invalidateDNCredentials()
print("Invalidated credentials in site \(site.name)")
}
return
}
newSite?.save(manager: nil) { error in
if (error != nil) {
print("failed to save update: \(error!.localizedDescription)")
} else {
onUpdate(Site(incoming: newSite!))
}
}
if (credentials.invalid) {
try site.validateDNCredentials()
print("Revalidated credentials in site \(site.name)")
}
} catch {
print("Error while updating \(site.name): \(error.localizedDescription)")
}
}
}
// From https://medium.com/over-engineering/a-background-repeating-timer-in-swift-412cecfd2ef9
class RepeatingTimer {
let timeInterval: TimeInterval
init(timeInterval: TimeInterval) {
self.timeInterval = timeInterval
}
private lazy var timer: DispatchSourceTimer = {
let t = DispatchSource.makeTimerSource()
t.schedule(deadline: .now(), repeating: self.timeInterval)
t.setEventHandler(handler: { [weak self] in
self?.eventHandler?()
})
return t
}()
var eventHandler: (() -> Void)?
private enum State {
case suspended
case resumed
}
private var state: State = .suspended
deinit {
timer.setEventHandler {}
timer.cancel()
/*
If the timer is suspended, calling cancel without resuming
triggers a crash. This is documented here https://forums.developer.apple.com/thread/15902
*/
resume()
eventHandler = nil
}
func resume() {
if state == .resumed {
return
}
state = .resumed
timer.resume()
}
func suspend() {
if state == .suspended {
return
}
state = .suspended
timer.suspend()
}
}

17
ios/Runner/Info.plist
View File

@ -2,6 +2,8 @@
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CADisableMinimumFrameDurationOnPhone</key>
<true/>
<key>CFBundleDevelopmentRegion</key>
<string>$(DEVELOPMENT_LANGUAGE)</string>
<key>CFBundleExecutable</key>
@ -18,8 +20,23 @@
<string>$(MARKETING_VERSION)</string>
<key>CFBundleSignature</key>
<string>????</string>
<key>CFBundleURLTypes</key>
<array>
<dict>
<key>CFBundleTypeRole</key>
<string>Viewer</string>
<key>CFBundleURLName</key>
<string>mailto</string>
<key>CFBundleURLSchemes</key>
<array>
<string>mailto</string>
</array>
</dict>
</array>
<key>CFBundleVersion</key>
<string>$(CURRENT_PROJECT_VERSION)</string>
<key>FlutterDeepLinkingEnabled</key>
<true/>
<key>ITSAppUsesNonExemptEncryption</key>
<false/>
<key>LSRequiresIPhoneOS</key>

26
ios/Runner/PackageInfo.swift Normal file
View File

@ -0,0 +1,26 @@
import Foundation
class PackageInfo {
func getVersion() -> String {
let version = Bundle.main.infoDictionary?["CFBundleShortVersionString"] as? String ??
"unknown"
let buildNumber = Bundle.main.infoDictionary?["CFBundleVersion"] as? String
if (buildNumber == nil) {
return version
}
return "\(version)-\(buildNumber!)"
}
func getName() -> String {
return Bundle.main.infoDictionary?["CFBundleDisplayName"] as? String ??
Bundle.main.infoDictionary?["CFBundleName"] as? String ??
"Nebula"
}
func getSystemVersion() -> String {
let osVersion = ProcessInfo.processInfo.operatingSystemVersion
return "\(osVersion.majorVersion).\(osVersion.minorVersion).\(osVersion.patchVersion)"
}
}

4
ios/Runner/Runner.entitlements
View File

@ -2,6 +2,10 @@
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.developer.associated-domains</key>
<array>
<string>applinks:api.defined.net</string>
</array>
<key>com.apple.developer.networking.networkextension</key>
<array>
<string>packet-tunnel-provider</string>

150
ios/Runner/Share.swift
View File

@ -1,150 +0,0 @@
// Basis of this code comes from https://github.com/lubritto/flutter_share
import Flutter
import UIKit
public class Share {
public static func share(call: FlutterMethodCall, result: @escaping FlutterResult) {
let args = call.arguments as? [String: Any?]
let title = args!["title"] as? String
let text = args!["text"] as? String
let filename = args!["filename"] as? String
let tmpDirURL = FileManager.default.temporaryDirectory
if (filename == nil || filename!.isEmpty) {
return result(false)
}
let tmpFile = tmpDirURL.appendingPathComponent(filename!)
do {
try text?.write(to: tmpFile, atomically: true, encoding: .utf8)
} catch {
//TODO: return error
return result(false)
}
pop(title: title, file: tmpFile) { pass in
let fm = FileManager()
do {
try fm.removeItem(at: tmpFile)
} catch {}
return result(pass)
}
}
public static func shareFile(call: FlutterMethodCall, result: @escaping FlutterResult) {
let args = call.arguments as? [String: Any?]
let title = args!["title"] as? String
let filePath = args!["filePath"] as? String
let filename = args!["filename"] as? String
if (filePath == nil || filePath!.isEmpty) {
return result(false)
}
var tmpFile: URL?
let fm = FileManager()
var realPath = URL(fileURLWithPath: filePath!)
if (filename != nil && !filename!.isEmpty) {
tmpFile = FileManager.default.temporaryDirectory.appendingPathComponent(filename!)
do {
try fm.linkItem(at: URL(fileURLWithPath: filePath!), to: tmpFile!)
} catch {
//TODO: return error
return result(false)
}
realPath = tmpFile!
}
pop(title: title, file: realPath) { pass in
if (tmpFile != nil) {
do {
try fm.removeItem(at: tmpFile!)
} catch {}
}
result(pass)
}
}
private static func pop(title: String?, file: URL, completion: @escaping ((Bool) -> Void)) {
if (title == nil || title!.isEmpty) {
return completion(false)
}
let activityViewController = UIActivityViewController(activityItems: [ShareCopy(file: file)], applicationActivities: nil)
activityViewController.completionWithItemsHandler = {(activityType: UIActivity.ActivityType?, completed: Bool, returnedItems: [Any]?, error: Error?) in
completion(true)
}
// Subject
activityViewController.setValue(title, forKeyPath: "subject")
// For iPads, fix issue where Exception is thrown by using a popup instead
if UIDevice.current.userInterfaceIdiom == .pad {
activityViewController.popoverPresentationController?.sourceView = UIApplication.topViewController()?.view
if let view = UIApplication.topViewController()?.view {
activityViewController.popoverPresentationController?.permittedArrowDirections = []
activityViewController.popoverPresentationController?.sourceRect = CGRect(x: view.bounds.midX, y: view.bounds.midY, width: 0, height: 0)
}
}
DispatchQueue.main.async {
UIApplication.topViewController()?.present(activityViewController, animated: true)
}
}
}
extension UIApplication {
class func topViewController(controller: UIViewController? = UIApplication.shared.keyWindow?.rootViewController) -> UIViewController? {
if let navigationController = controller as? UINavigationController {
return topViewController(controller: navigationController.visibleViewController)
}
if let tabController = controller as? UITabBarController {
if let selected = tabController.selectedViewController {
return topViewController(controller: selected)
}
}
if let presented = controller?.presentedViewController {
return topViewController(controller: presented)
}
return controller
}
}
class ShareCopy: UIActivityItemProvider {
private let file: URL
private let content: String
init(file: URL) {
self.file = file
do {
self.content = try String.init(contentsOf: file)
} catch {
self.content = "Error"
}
// the type of the placeholder item is used to
// display correct activity types by UIActivityControler
super.init(placeholderItem: self.content)
}
override var item: Any {
get {
guard let activityType = activityType else {
return file
}
switch activityType {
case .copyToPasteboard: return content
default: return file
}
}
}
}

202
ios/Runner/Sites.swift
View File

@ -12,7 +12,7 @@ class SiteContainer {
}
class Sites {
private var sites = [String: SiteContainer]()
private var containers = [String: SiteContainer]()
private var messenger: FlutterBinaryMessenger?
init(messenger: FlutterBinaryMessenger?) {
@ -20,77 +20,44 @@ class Sites {
}
func loadSites(completion: @escaping ([String: Site]?, Error?) -> ()) {
#if targetEnvironment(simulator)
let fileManager = FileManager.default
let documentsURL = fileManager.urls(for: .documentDirectory, in: .userDomainMask)[0].appendingPathComponent("sites")
var configPaths: [URL]
do {
if (!fileManager.fileExists(atPath: documentsURL.absoluteString)) {
try fileManager.createDirectory(at: documentsURL, withIntermediateDirectories: true)
}
configPaths = try fileManager.contentsOfDirectory(at: documentsURL, includingPropertiesForKeys: nil)
} catch {
return completion(nil, error)
}
configPaths.forEach { path in
do {
let config = try Data(contentsOf: path)
let decoder = JSONDecoder()
let incoming = try decoder.decode(IncomingSite.self, from: config)
let site = try Site(incoming: incoming)
let updater = SiteUpdater(messenger: self.messenger!, site: site)
self.sites[site.id] = SiteContainer(site: site, updater: updater)
} catch {
print(error)
// try? fileManager.removeItem(at: path)
print("Deleted non conforming site \(path)")
}
}
let justSites = self.sites.mapValues {
return $0.site
}
completion(justSites, nil)
#else
NETunnelProviderManager.loadAllFromPreferences() { newManagers, err in
_ = SiteList { (sites, err) in
if (err != nil) {
return completion(nil, err)
}
newManagers?.forEach { manager in
do {
let site = try Site(manager: manager)
// Load the private key to make sure we can
_ = try site.getKey()
let updater = SiteUpdater(messenger: self.messenger!, site: site)
self.sites[site.id] = SiteContainer(site: site, updater: updater)
} catch {
//TODO: notify the user about this
print("Deleted non conforming site \(manager) \(error)")
manager.removeFromPreferences()
sites?.values.forEach{ site in
var updater = self.containers[site.id]?.updater
if (updater != nil) {
updater!.setSite(site: site)
} else {
updater = SiteUpdater(messenger: self.messenger!, site: site)
}
self.containers[site.id] = SiteContainer(site: site, updater: updater!)
}
let justSites = self.sites.mapValues {
let justSites = self.containers.mapValues {
return $0.site
}
completion(justSites, nil)
}
#endif
}
func deleteSite(id: String, callback: @escaping (Error?) -> ()) {
if let site = self.sites.removeValue(forKey: id) {
#if targetEnvironment(simulator)
let fileManager = FileManager.default
let sitePath = fileManager.urls(for: .documentDirectory, in: .userDomainMask)[0].appendingPathComponent("sites").appendingPathComponent(site.site.id)
try? fileManager.removeItem(at: sitePath)
#else
_ = KeyChain.delete(key: site.site.id)
site.site.manager.removeFromPreferences(completionHandler: callback)
if let site = self.containers.removeValue(forKey: id) {
_ = KeyChain.delete(key: "\(site.site.id).dnCredentials")
_ = KeyChain.delete(key: "\(site.site.id).key")
do {
let fileManager = FileManager.default
let siteDir = try SiteList.getSiteDir(id: site.site.id)
try fileManager.removeItem(at: siteDir)
} catch {
print("Failed to delete site from fs: \(error.localizedDescription)")
}
#if !targetEnvironment(simulator)
site.site.manager!.removeFromPreferences(completionHandler: callback)
return
#endif
}
@ -99,11 +66,15 @@ class Sites {
}
func getSite(id: String) -> Site? {
return self.sites[id]?.site
return self.containers[id]?.site
}
func getUpdater(id: String) -> SiteUpdater? {
return self.sites[id]?.updater
return self.containers[id]?.updater
}
func getContainer(id: String) -> SiteContainer? {
return self.containers[id]
}
}
@ -112,40 +83,74 @@ class SiteUpdater: NSObject, FlutterStreamHandler {
private var eventChannel: FlutterEventChannel;
private var site: Site
private var notification: Any?
public var startFunc: (() -> Void)?
private var configFd: Int32? = nil
private var configObserver: DispatchSourceFileSystemObject? = nil
init(messenger: FlutterBinaryMessenger, site: Site) {
do {
let configPath = try SiteList.getSiteConfigFile(id: site.id, createDir: false)
self.configFd = open(configPath.path, O_EVTONLY)
self.configObserver = DispatchSource.makeFileSystemObjectSource(
fileDescriptor: self.configFd!,
eventMask: .write
)
} catch {
// SiteList.getSiteConfigFile should never throw because we are not creating it here
self.configObserver = nil
}
eventChannel = FlutterEventChannel(name: "net.defined.nebula/\(site.id)", binaryMessenger: messenger)
self.site = site
super.init()
eventChannel.setStreamHandler(self)
}
func onListen(withArguments arguments: Any?, eventSink events: @escaping FlutterEventSink) -> FlutterError? {
eventSink = events;
self.notification = NotificationCenter.default.addObserver(forName: NSNotification.Name.NEVPNStatusDidChange, object: site.manager.connection , queue: nil) { _ in
self.site.status = statusString[self.site.manager.connection.status]
self.site.connected = statusMap[self.site.manager.connection.status]
let d: Dictionary<String, Any> = [
"connected": self.site.connected!,
"status": self.site.status!,
]
self.eventSink?(d)
self.configObserver?.setEventHandler(handler: self.configUpdated)
self.configObserver?.setCancelHandler {
if self.configFd != nil {
close(self.configFd!)
}
self.configObserver = nil
}
self.configObserver?.resume()
}
func setSite(site: Site) {
self.site = site
}
/// onListen is called when flutter code attaches an event listener
func onListen(withArguments arguments: Any?, eventSink events: @escaping FlutterEventSink) -> FlutterError? {
eventSink = events;
#if !targetEnvironment(simulator)
if site.manager == nil {
//TODO: The dn updater path seems to race to build a site that lacks a manager. The UI does not display this error
// and a another listen should occur and succeed.
return FlutterError(code: "Internal Error", message: "Flutter manager was not present", details: nil)
}
self.notification = NotificationCenter.default.addObserver(forName: NSNotification.Name.NEVPNStatusDidChange, object: site.manager!.connection , queue: nil) { n in
let oldConnected = self.site.connected
self.site.status = statusString[self.site.manager!.connection.status]
self.site.connected = statusMap[self.site.manager!.connection.status]
// Check to see if we just moved to connected and if we have a start function to call when that happens
if self.site.connected! && oldConnected != self.site.connected && self.startFunc != nil {
self.startFunc!()
self.startFunc = nil
}
self.update(connected: self.site.connected!)
}
#endif
return nil
}
func setError(err: String) {
let d: Dictionary<String, Any> = [
"connected": self.site.connected!,
"status": self.site.status!,
]
self.eventSink?(FlutterError(code: "", message: err, details: d))
}
/// onCancel is called when the flutter listener stops listening
func onCancel(withArguments arguments: Any?) -> FlutterError? {
if (self.notification != nil) {
NotificationCenter.default.removeObserver(self.notification!)
@ -153,11 +158,28 @@ class SiteUpdater: NSObject, FlutterStreamHandler {
return nil
}
func update(connected: Bool) {
let d: Dictionary<String, Any> = [
"connected": connected,
"status": connected ? "Connected" : "Disconnected",
]
self.eventSink?(d)
/// update is a way to send information to the flutter listener and generally should not be used directly
func update(connected: Bool, replaceSite: Site? = nil) {
if (replaceSite != nil) {
site = replaceSite!
}
site.connected = connected
site.status = connected ? "Connected" : "Disconnected"
let encoder = JSONEncoder()
let data = try! encoder.encode(site)
self.eventSink?(String(data: data, encoding: .utf8))
}
private func configUpdated() {
if self.site.connected != true {
return
}
guard let newSite = try? Site(manager: self.site.manager!) else {
return
}
self.update(connected: newSite.connected ?? false, replaceSite: newSite)
}
}

6
ios/fastlane/Appfile Normal file
View File

@ -0,0 +1,6 @@
app_identifier("net.defined.mobileNebula") # The bundle identifier of your app
itc_team_id("633953") # App Store Connect Team ID
team_id("576H3XS7FP") # Developer Portal Team ID
# For more information about the Appfile, see:
# https://docs.fastlane.tools/advanced/#appfile

84
ios/fastlane/Fastfile Normal file
View File

@ -0,0 +1,84 @@
# This file contains the fastlane.tools configuration
# You can find the documentation at https://docs.fastlane.tools
#
# For a list of all available actions, check out
#
# https://docs.fastlane.tools/actions
#
# For a list of all available plugins, check out
#
# https://docs.fastlane.tools/plugins/available-plugins
#
# Uncomment the line if you want fastlane to automatically update itself
# update_fastlane
default_platform(:ios)
platform :ios do
desc "Push a new beta build to TestFlight"
lane :build do
# Do some things like setting up a temporary keystore to host secrets in CI
setup_ci
# # Authenticate with Apple app store connect
# app_store_connect_api_key
# Change signing behavior to work in CI
update_code_signing_settings(
# Automatic signing seems to be a good thing to have on in dev but will not work in CI
use_automatic_signing: false,
# The default value for this is iOS Development which is not appropriate for release
code_sign_identity: "Apple Distribution",
)
# Find our signing certs and profiles, these come from a private repository and managed by `fastlane match`
match(type: 'appstore', app_identifier: ["net.defined.mobileNebula","net.defined.mobileNebula.NebulaNetworkExtension"], readonly: true)
# Update our main program to have the correct provisioning profile from Apple
update_project_provisioning(
xcodeproj: "Runner.xcodeproj",
target_filter: "Runner",
# This comes from match() above
profile:ENV["sigh_net.defined.mobileNebula_appstore_profile-path"],
build_configuration: "Release"
)
# Update our network extension to have the correct provisioning profile from Apple
update_project_provisioning(
xcodeproj: "Runner.xcodeproj",
target_filter: "NebulaNetworkExtension",
# This comes from match() above
profile:ENV["sigh_net.defined.mobileNebula.NebulaNetworkExtension_appstore_profile-path"],
build_configuration: "Release"
)
increment_build_number(
xcodeproj: "Runner.xcodeproj",
build_number: ENV['BUILD_NUMBER']
)
increment_version_number(
xcodeproj: "Runner.xcodeproj",
version_number: ENV['BUILD_NAME']
)
build_app(
output_name: "MobileNebula.ipa",
workspace: "Runner.xcworkspace",
scheme: "Runner",
export_method: "app-store",
)
end
lane :release do
# Do some things like setting up a temporary keystore to host secrets in CI
setup_ci
# Authenticate with Apple app store connect
app_store_connect_api_key
upload_to_testflight(skip_waiting_for_build_processing: true)
end
end

14
ios/fastlane/Matchfile Normal file
View File

@ -0,0 +1,14 @@
git_url("https://github.com/DefinedNet/mobile_nebula_match.git")
storage_mode("git")
type("appstore") # The default type, can be: appstore, adhoc, enterprise or development
app_identifier(["net.defined.mobileNebula", "net.defined.mobileNebula.NebulaNetworkExtension"])
# username("user@fastlane.tools") # Your Apple Developer Portal username
# For all available options run `fastlane match --help`
# Remove the # in the beginning of the line to enable the other options
# The docs are available on https://docs.fastlane.tools/actions/match

94
lib/components/CIDRField.dart
View File

@ -1,7 +1,5 @@
import 'package:flutter/cupertino.dart';
import 'package:flutter/material.dart';
import 'package:flutter/services.dart';
import 'package:flutter/widgets.dart';
import 'package:mobile_nebula/components/SpecialTextField.dart';
import 'package:mobile_nebula/models/CIDR.dart';
import '../services/utils.dart';
@ -10,7 +8,7 @@ import 'IPField.dart';
//TODO: Support initialValue
class CIDRField extends StatefulWidget {
const CIDRField({
Key key,
Key? key,
this.ipHelp = "ip address",
this.autoFocus = false,
this.focusNode,
@ -23,12 +21,12 @@ class CIDRField extends StatefulWidget {
final String ipHelp;
final bool autoFocus;
final FocusNode focusNode;
final FocusNode nextFocusNode;
final ValueChanged<CIDR> onChanged;
final TextInputAction textInputAction;
final TextEditingController ipController;
final TextEditingController bitsController;
final FocusNode? focusNode;
final FocusNode? nextFocusNode;
final ValueChanged<CIDR>? onChanged;
final TextInputAction? textInputAction;
final TextEditingController? ipController;
final TextEditingController? bitsController;
@override
_CIDRFieldState createState() => _CIDRFieldState();
@ -46,7 +44,7 @@ class _CIDRFieldState extends State<CIDRField> {
void initState() {
//TODO: this won't track external controller changes appropriately
cidr.ip = widget.ipController?.text ?? "";
cidr.bits = int.tryParse(widget.bitsController?.text ?? "");
cidr.bits = int.tryParse(widget.bitsController?.text ?? "") ?? 0;
super.initState();
}
@ -56,42 +54,50 @@ class _CIDRFieldState extends State<CIDRField> {
return Container(
child: Row(children: <Widget>[
Expanded(
child: Padding(
padding: EdgeInsets.fromLTRB(6, 6, 2, 6),
child: IPField(
help: widget.ipHelp,
ipOnly: true,
textPadding: EdgeInsets.all(0),
textInputAction: TextInputAction.next,
textAlign: TextAlign.end,
focusNode: widget.focusNode,
nextFocusNode: bitsFocus,
onChanged: (val) {
cidr.ip = val;
widget.onChanged(cidr);
},
controller: widget.ipController,
))),
Text("/"),
Container(
width: Utils.textSize("bits", textStyle).width + 12,
padding: EdgeInsets.fromLTRB(2, 6, 6, 6),
child: SpecialTextField(
keyboardType: TextInputType.number,
focusNode: bitsFocus,
nextFocusNode: widget.nextFocusNode,
controller: widget.bitsController,
Expanded(
child: Padding(
padding: EdgeInsets.fromLTRB(6, 6, 2, 6),
child: IPField(
help: widget.ipHelp,
ipOnly: true,
textPadding: EdgeInsets.all(0),
textInputAction: TextInputAction.next,
textAlign: TextAlign.end,
focusNode: widget.focusNode,
nextFocusNode: bitsFocus,
onChanged: (val) {
cidr.bits = int.tryParse(val ?? "");
widget.onChanged(cidr);
if (widget.onChanged == null) {
return;
}
cidr.ip = val;
widget.onChanged!(cidr);
},
maxLength: 2,
inputFormatters: [WhitelistingTextInputFormatter.digitsOnly],
textInputAction: widget.textInputAction ?? TextInputAction.done,
placeholder: 'bits',
))
]));
controller: widget.ipController,
))),
Text("/"),
Container(
width: Utils.textSize("bits", textStyle).width + 12,
padding: EdgeInsets.fromLTRB(2, 6, 6, 6),
child: SpecialTextField(
keyboardType: TextInputType.number,
focusNode: bitsFocus,
nextFocusNode: widget.nextFocusNode,
controller: widget.bitsController,
onChanged: (val) {
if (widget.onChanged == null) {
return;
}
cidr.bits = int.tryParse(val) ?? 0;
widget.onChanged!(cidr);
},
maxLength: 2,
inputFormatters: [FilteringTextInputFormatter.digitsOnly],
textInputAction: widget.textInputAction ?? TextInputAction.done,
placeholder: 'bits',
))
]));
}
@override

62
lib/components/CIDRFormField.dart
View File

@ -1,20 +1,20 @@
import 'package:flutter/cupertino.dart';
import 'package:flutter/widgets.dart';
import 'package:mobile_nebula/components/CIDRField.dart';
import 'package:mobile_nebula/models/CIDR.dart';
import 'package:mobile_nebula/validators/ipValidator.dart';
class CIDRFormField extends FormField<CIDR> {
//TODO: onSaved, validator, autovalidate, enabled?
//TODO: onSaved, validator, auto-validate, enabled?
CIDRFormField({
Key key,
Key? key,
autoFocus = false,
enableIPV6 = false,
focusNode,
nextFocusNode,
ValueChanged<CIDR> onChanged,
FormFieldSetter<CIDR> onSaved,
ValueChanged<CIDR>? onChanged,
FormFieldSetter<CIDR>? onSaved,
textInputAction,
CIDR initialValue,
CIDR? initialValue,
this.ipController,
this.bitsController,
}) : super(
@ -26,18 +26,18 @@ class CIDRFormField extends FormField<CIDR> {
return "Please fill out this field";
}
if (!ipValidator(cidr.ip)) {
if (!ipValidator(cidr.ip, enableIPV6)) {
return 'Please enter a valid ip address';
}
if (cidr.bits == null || cidr.bits > 32 || cidr.bits < 0) {
if (cidr.bits > 32 || cidr.bits < 0) {
return "Please enter a valid number of bits";
}
return null;
},
builder: (FormFieldState<CIDR> field) {
final _CIDRFormField state = field;
final _CIDRFormField state = field as _CIDRFormField;
void onChangedHandler(CIDR value) {
if (onChanged != null) {
@ -57,50 +57,50 @@ class CIDRFormField extends FormField<CIDR> {
bitsController: state._effectiveBitsController,
),
field.hasError
? Text(field.errorText,
? Text(field.errorText ?? "Unknown error",
style: TextStyle(color: CupertinoColors.systemRed.resolveFrom(field.context), fontSize: 13),
textAlign: TextAlign.end)
: Container(height: 0)
]);
});
final TextEditingController ipController;
final TextEditingController bitsController;
final TextEditingController? ipController;
final TextEditingController? bitsController;
@override
_CIDRFormField createState() => _CIDRFormField();
}
class _CIDRFormField extends FormFieldState<CIDR> {
TextEditingController _ipController;
TextEditingController _bitsController;
TextEditingController? _ipController = TextEditingController();
TextEditingController? _bitsController = TextEditingController();
TextEditingController get _effectiveIPController => widget.ipController ?? _ipController;
TextEditingController get _effectiveBitsController => widget.bitsController ?? _bitsController;
TextEditingController get _effectiveIPController => widget.ipController ?? _ipController!;
TextEditingController get _effectiveBitsController => widget.bitsController ?? _bitsController!;
@override
CIDRFormField get widget => super.widget;
CIDRFormField get widget => super.widget as CIDRFormField;
@override
void initState() {
super.initState();
if (widget.ipController == null) {
_ipController = TextEditingController(text: widget.initialValue.ip);
_ipController = TextEditingController(text: widget.initialValue?.ip);
} else {
widget.ipController.addListener(_handleControllerChanged);
widget.ipController!.addListener(_handleControllerChanged);
}
if (widget.bitsController == null) {
_bitsController = TextEditingController(text: widget.initialValue?.bits?.toString() ?? "");
_bitsController = TextEditingController(text: widget.initialValue?.bits.toString() ?? "");
} else {
widget.bitsController.addListener(_handleControllerChanged);
widget.bitsController!.addListener(_handleControllerChanged);
}
}
@override
void didUpdateWidget(CIDRFormField oldWidget) {
super.didUpdateWidget(oldWidget);
var update = CIDR(ip: widget.ipController?.text, bits: int.tryParse(widget.bitsController?.text ?? "") ?? null);
var update = CIDR(ip: widget.ipController?.text ?? "", bits: int.tryParse(widget.bitsController?.text ?? "") ?? 0);
bool shouldUpdate = false;
if (widget.ipController != oldWidget.ipController) {
@ -108,12 +108,12 @@ class _CIDRFormField extends FormFieldState<CIDR> {
widget.ipController?.addListener(_handleControllerChanged);
if (oldWidget.ipController != null && widget.ipController == null) {
_ipController = TextEditingController.fromValue(oldWidget.ipController.value);
_ipController = TextEditingController.fromValue(oldWidget.ipController!.value);
}
if (widget.ipController != null) {
shouldUpdate = true;
update.ip = widget.ipController.text;
update.ip = widget.ipController!.text;
if (oldWidget.ipController == null) _ipController = null;
}
}
@ -123,12 +123,12 @@ class _CIDRFormField extends FormFieldState<CIDR> {
widget.bitsController?.addListener(_handleControllerChanged);
if (oldWidget.bitsController != null && widget.bitsController == null) {
_bitsController = TextEditingController.fromValue(oldWidget.bitsController.value);
_bitsController = TextEditingController.fromValue(oldWidget.bitsController!.value);
}
if (widget.bitsController != null) {
shouldUpdate = true;
update.bits = int.parse(widget.bitsController.text);
update.bits = int.parse(widget.bitsController!.text);
if (oldWidget.bitsController == null) _bitsController = null;
}
}
@ -149,8 +149,8 @@ class _CIDRFormField extends FormFieldState<CIDR> {
void reset() {
super.reset();
setState(() {
_effectiveIPController.text = widget.initialValue.ip;
_effectiveBitsController.text = widget.initialValue.bits.toString();
_effectiveIPController.text = widget.initialValue?.ip ?? "";
_effectiveBitsController.text = widget.initialValue?.bits.toString() ?? "";
});
}
@ -163,7 +163,11 @@ class _CIDRFormField extends FormFieldState<CIDR> {
// example, the reset() method. In such cases, the FormField value will
// already have been set.
final effectiveBits = int.parse(_effectiveBitsController.text);
if (_effectiveIPController.text != value.ip || effectiveBits != value.bits) {
if (value == null) {
return;
}
if (_effectiveIPController.text != value!.ip || effectiveBits != value!.bits) {
didChange(CIDR(ip: _effectiveIPController.text, bits: effectiveBits));
}
}

20
lib/components/FormPage.dart
View File

@ -8,12 +8,19 @@ import 'package:mobile_nebula/services/utils.dart';
/// SimplePage with a form and built in validation and confirmation to discard changes if any are made
class FormPage extends StatefulWidget {
const FormPage(
{Key key, this.title, @required this.child, @required this.onSave, @required this.changed, this.hideSave = false})
{Key? key,
required this.title,
required this.child,
required this.onSave,
required this.changed,
this.hideSave = false,
this.scrollController})
: super(key: key);
final String title;
final Function onSave;
final Widget child;
final ScrollController? scrollController;
/// If you need the page to progress to a certain point before saving, control it here
final bool hideSave;
@ -50,7 +57,8 @@ class _FormPageState extends State<FormPage> {
child: SimplePage(
leadingAction: _buildLeader(context),
trailingActions: _buildTrailer(context),
title: widget.title,
scrollController: widget.scrollController,
title: Text(widget.title),
child: Form(
key: _formKey,
onChanged: () => setState(() {
@ -82,11 +90,15 @@ class _FormPageState extends State<FormPage> {
Utils.trailingSaveWidget(
context,
() {
if (!_formKey.currentState.validate()) {
if (_formKey.currentState == null) {
return;
}
_formKey.currentState.save();
if (!_formKey.currentState!.validate()) {
return;
}
_formKey.currentState!.save();
widget.onSave();
},
)

22
lib/components/IPAndPortField.dart
View File

@ -1,7 +1,5 @@
import 'package:flutter/cupertino.dart';
import 'package:flutter/material.dart';
import 'package:flutter/services.dart';
import 'package:flutter/widgets.dart';
import 'package:mobile_nebula/components/SpecialTextField.dart';
import 'package:mobile_nebula/models/IPAndPort.dart';
import '../services/utils.dart';
@ -10,13 +8,13 @@ import 'IPField.dart';
//TODO: Support initialValue
class IPAndPortField extends StatefulWidget {
const IPAndPortField({
Key key,
Key? key,
this.ipOnly = false,
this.ipHelp = "ip address",
this.autoFocus = false,
this.focusNode,
this.nextFocusNode,
this.onChanged,
required this.onChanged,
this.textInputAction,
this.noBorder = false,
this.ipTextAlign,
@ -27,14 +25,14 @@ class IPAndPortField extends StatefulWidget {
final String ipHelp;
final bool ipOnly;
final bool autoFocus;
final FocusNode focusNode;
final FocusNode nextFocusNode;
final FocusNode? focusNode;
final FocusNode? nextFocusNode;
final ValueChanged<IPAndPort> onChanged;
final TextInputAction textInputAction;
final TextInputAction? textInputAction;
final bool noBorder;
final TextAlign ipTextAlign;
final TextEditingController ipController;
final TextEditingController portController;
final TextAlign? ipTextAlign;
final TextEditingController? ipController;
final TextEditingController? portController;
@override
_IPAndPortFieldState createState() => _IPAndPortFieldState();
@ -89,11 +87,11 @@ class _IPAndPortFieldState extends State<IPAndPortField> {
nextFocusNode: widget.nextFocusNode,
controller: widget.portController,
onChanged: (val) {
_ipAndPort.port = int.tryParse(val ?? "");
_ipAndPort.port = int.tryParse(val);
widget.onChanged(_ipAndPort);
},
maxLength: 5,
inputFormatters: [WhitelistingTextInputFormatter.digitsOnly],
inputFormatters: [FilteringTextInputFormatter.digitsOnly],
textInputAction: TextInputAction.done,
placeholder: 'port',
))

58
lib/components/IPAndPortFormField.dart
View File

@ -1,5 +1,4 @@
import 'package:flutter/cupertino.dart';
import 'package:flutter/widgets.dart';
import 'package:mobile_nebula/models/IPAndPort.dart';
import 'package:mobile_nebula/validators/dnsValidator.dart';
import 'package:mobile_nebula/validators/ipValidator.dart';
@ -7,18 +6,19 @@ import 'package:mobile_nebula/validators/ipValidator.dart';
import 'IPAndPortField.dart';
class IPAndPortFormField extends FormField<IPAndPort> {
//TODO: onSaved, validator, autovalidate, enabled?
//TODO: onSaved, validator, auto-validate, enabled?
IPAndPortFormField({
Key key,
Key? key,
ipOnly = false,
enableIPV6 = false,
ipHelp = "ip address",
autoFocus = false,
focusNode,
nextFocusNode,
ValueChanged<IPAndPort> onChanged,
FormFieldSetter<IPAndPort> onSaved,
ValueChanged<IPAndPort>? onChanged,
FormFieldSetter<IPAndPort>? onSaved,
textInputAction,
IPAndPort initialValue,
IPAndPort? initialValue,
noBorder,
ipTextAlign = TextAlign.center,
this.ipController,
@ -32,18 +32,18 @@ class IPAndPortFormField extends FormField<IPAndPort> {
return "Please fill out this field";
}
if (!ipValidator(ipAndPort.ip) && (!ipOnly && !dnsValidator(ipAndPort.ip))) {
if (!ipValidator(ipAndPort.ip, enableIPV6) && (!ipOnly && !dnsValidator(ipAndPort.ip))) {
return ipOnly ? 'Please enter a valid ip address' : 'Please enter a valid ip address or dns name';
}
if (ipAndPort.port == null || ipAndPort.port > 65535 || ipAndPort.port < 0) {
if (ipAndPort.port == null || ipAndPort.port! > 65535 || ipAndPort.port! < 0) {
return "Please enter a valid port";
}
return null;
},
builder: (FormFieldState<IPAndPort> field) {
final _IPAndPortFormField state = field;
final _IPAndPortFormField state = field as _IPAndPortFormField;
void onChangedHandler(IPAndPort value) {
if (onChanged != null) {
@ -67,42 +67,42 @@ class IPAndPortFormField extends FormField<IPAndPort> {
ipTextAlign: ipTextAlign,
),
field.hasError
? Text(field.errorText,
? Text(field.errorText!,
style: TextStyle(color: CupertinoColors.systemRed.resolveFrom(field.context), fontSize: 13))
: Container(height: 0)
]);
});
final TextEditingController ipController;
final TextEditingController portController;
final TextEditingController? ipController;
final TextEditingController? portController;
@override
_IPAndPortFormField createState() => _IPAndPortFormField();
}
class _IPAndPortFormField extends FormFieldState<IPAndPort> {
TextEditingController _ipController;
TextEditingController _portController;
TextEditingController? _ipController;
TextEditingController? _portController;
TextEditingController get _effectiveIPController => widget.ipController ?? _ipController;
TextEditingController get _effectivePortController => widget.portController ?? _portController;
TextEditingController get _effectiveIPController => widget.ipController ?? _ipController!;
TextEditingController get _effectivePortController => widget.portController ?? _portController!;
@override
IPAndPortFormField get widget => super.widget;
IPAndPortFormField get widget => super.widget as IPAndPortFormField;
@override
void initState() {
super.initState();
if (widget.ipController == null) {
_ipController = TextEditingController(text: widget.initialValue.ip);
_ipController = TextEditingController(text: widget.initialValue?.ip ?? "");
} else {
widget.ipController.addListener(_handleControllerChanged);
widget.ipController!.addListener(_handleControllerChanged);
}
if (widget.portController == null) {
_portController = TextEditingController(text: widget.initialValue?.port?.toString() ?? "");
} else {
widget.portController.addListener(_handleControllerChanged);
widget.portController!.addListener(_handleControllerChanged);
}
}
@ -118,12 +118,12 @@ class _IPAndPortFormField extends FormFieldState<IPAndPort> {
widget.ipController?.addListener(_handleControllerChanged);
if (oldWidget.ipController != null && widget.ipController == null) {
_ipController = TextEditingController.fromValue(oldWidget.ipController.value);
_ipController = TextEditingController.fromValue(oldWidget.ipController!.value);
}
if (widget.ipController != null) {
shouldUpdate = true;
update.ip = widget.ipController.text;
update.ip = widget.ipController!.text;
if (oldWidget.ipController == null) _ipController = null;
}
}
@ -133,12 +133,12 @@ class _IPAndPortFormField extends FormFieldState<IPAndPort> {
widget.portController?.addListener(_handleControllerChanged);
if (oldWidget.portController != null && widget.portController == null) {
_portController = TextEditingController.fromValue(oldWidget.portController.value);
_portController = TextEditingController.fromValue(oldWidget.portController!.value);
}
if (widget.portController != null) {
shouldUpdate = true;
update.port = int.parse(widget.portController.text);
update.port = int.parse(widget.portController!.text);
if (oldWidget.portController == null) _portController = null;
}
}
@ -159,8 +159,8 @@ class _IPAndPortFormField extends FormFieldState<IPAndPort> {
void reset() {
super.reset();
setState(() {
_effectiveIPController.text = widget.initialValue.ip;
_effectivePortController.text = widget.initialValue.port.toString();
_effectiveIPController.text = widget.initialValue?.ip ?? "";
_effectivePortController.text = widget.initialValue?.port?.toString() ?? "";
});
}
@ -173,7 +173,11 @@ class _IPAndPortFormField extends FormFieldState<IPAndPort> {
// example, the reset() method. In such cases, the FormField value will
// already have been set.
final effectivePort = int.parse(_effectivePortController.text);
if (_effectiveIPController.text != value.ip || effectivePort != value.port) {
if (value == null) {
return;
}
if (_effectiveIPController.text != value!.ip || effectivePort != value!.port) {
didChange(IPAndPort(ip: _effectiveIPController.text, port: effectivePort));
}
}

53
lib/components/IPField.dart
View File

@ -1,25 +1,23 @@
import 'package:flutter/cupertino.dart';
import 'package:flutter/material.dart';
import 'package:flutter/services.dart';
import 'package:flutter/widgets.dart';
import 'package:flutter_platform_widgets/flutter_platform_widgets.dart';
import 'package:mobile_nebula/components/SpecialTextField.dart';
import '../services/utils.dart';
class IPField extends StatelessWidget {
final String help;
final bool ipOnly;
final bool autoFocus;
final FocusNode focusNode;
final FocusNode nextFocusNode;
final ValueChanged<String> onChanged;
final FocusNode? focusNode;
final FocusNode? nextFocusNode;
final ValueChanged<String>? onChanged;
final EdgeInsetsGeometry textPadding;
final TextInputAction textInputAction;
final TextInputAction? textInputAction;
final controller;
final textAlign;
const IPField(
{Key key,
{Key? key,
this.ipOnly = false,
this.help = "ip address",
this.autoFocus = false,
@ -35,12 +33,12 @@ class IPField extends StatelessWidget {
@override
Widget build(BuildContext context) {
var textStyle = CupertinoTheme.of(context).textTheme.textStyle;
final double ipWidth = ipOnly ? Utils.textSize("000000000000000", textStyle).width + 12 : null;
final double? ipWidth = ipOnly ? Utils.textSize("000000000000000", textStyle).width + 12 : null;
return SizedBox(
width: ipWidth,
child: SpecialTextField(
keyboardType: ipOnly ? TextInputType.numberWithOptions(decimal: true) : null,
keyboardType: ipOnly ? TextInputType.numberWithOptions(decimal: true, signed: true) : null,
textAlign: textAlign,
autofocus: autoFocus,
focusNode: focusNode,
@ -48,10 +46,8 @@ class IPField extends StatelessWidget {
controller: controller,
onChanged: onChanged,
maxLength: ipOnly ? 15 : null,
maxLengthEnforced: ipOnly ? true : false,
inputFormatters: ipOnly
? [IPTextInputFormatter()]
: [WhitelistingTextInputFormatter(RegExp(r'[^\s]+'))],
maxLengthEnforcement: ipOnly ? MaxLengthEnforcement.enforced : MaxLengthEnforcement.none,
inputFormatters: ipOnly ? [IPTextInputFormatter()] : [FilteringTextInputFormatter.allow(RegExp(r'[^\s]+'))],
textInputAction: this.textInputAction,
placeholder: help,
));
@ -68,33 +64,28 @@ class IPTextInputFormatter extends TextInputFormatter {
(String substring) {
return whitelistedPattern
.allMatches(substring)
.map<String>((Match match) => match.group(0))
.join().replaceAll(RegExp(r','), '.');
.map<String>((Match match) => match.group(0)!)
.join()
.replaceAll(RegExp(r','), '.');
},
);
}
}
TextEditingValue _selectionAwareTextManipulation(
TextEditingValue value,
String substringManipulation(String substring),
) {
TextEditingValue value,
String substringManipulation(String substring),
) {
final int selectionStartIndex = value.selection.start;
final int selectionEndIndex = value.selection.end;
String manipulatedText;
TextSelection manipulatedSelection;
TextSelection? manipulatedSelection;
if (selectionStartIndex < 0 || selectionEndIndex < 0) {
manipulatedText = substringManipulation(value.text);
} else {
final String beforeSelection = substringManipulation(
value.text.substring(0, selectionStartIndex)
);
final String inSelection = substringManipulation(
value.text.substring(selectionStartIndex, selectionEndIndex)
);
final String afterSelection = substringManipulation(
value.text.substring(selectionEndIndex)
);
final String beforeSelection = substringManipulation(value.text.substring(0, selectionStartIndex));
final String inSelection = substringManipulation(value.text.substring(selectionStartIndex, selectionEndIndex));
final String afterSelection = substringManipulation(value.text.substring(selectionEndIndex));
manipulatedText = beforeSelection + inSelection + afterSelection;
if (value.selection.baseOffset > value.selection.extentOffset) {
manipulatedSelection = value.selection.copyWith(
@ -111,8 +102,6 @@ TextEditingValue _selectionAwareTextManipulation(
return TextEditingValue(
text: manipulatedText,
selection: manipulatedSelection ?? const TextSelection.collapsed(offset: -1),
composing: manipulatedText == value.text
? value.composing
: TextRange.empty,
composing: manipulatedText == value.text ? value.composing : TextRange.empty,
);
}

Some files were not shown because too many files have changed in this diff Show More