diff --git a/AppCheck.xcodeproj/project.pbxproj b/AppCheck.xcodeproj/project.pbxproj index e3451e7..e1cb00b 100644 --- a/AppCheck.xcodeproj/project.pbxproj +++ b/AppCheck.xcodeproj/project.pbxproj @@ -3,7 +3,7 @@ archiveVersion = 1; classes = { }; - objectVersion = 51; + objectVersion = 50; objects = { /* Begin PBXBuildFile section */ @@ -19,18 +19,6 @@ 543CDB2523EEE61900B7F323 /* GlassVPN.appex in Embed App Extensions */ = {isa = PBXBuildFile; fileRef = 543CDB1D23EEE61900B7F323 /* GlassVPN.appex */; settings = {ATTRIBUTES = (RemoveHeadersOnCopy, ); }; }; 544C95262407B1C700AB89D0 /* SharedState.swift in Sources */ = {isa = PBXBuildFile; fileRef = 544C95252407B1C700AB89D0 /* SharedState.swift */; }; 546063E523FEFAFE008F505A /* SQDB.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54B7562223D7B2DC008F0C41 /* SQDB.swift */; }; - 54751E342422FC9E00168273 /* NEKit.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 546063B223FC254B008F505A /* NEKit.framework */; }; - 54751E372422FCC200168273 /* MMDB.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 546063B923FC254C008F505A /* MMDB.framework */; }; - 54751E392422FCC300168273 /* lwip.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 546063B623FC254B008F505A /* lwip.framework */; }; - 54751E3B2422FCC500168273 /* CocoaLumberjackSwift.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 546063B423FC254B008F505A /* CocoaLumberjackSwift.framework */; }; - 54751E3D2422FCC700168273 /* CocoaLumberjack.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 546063B523FC254B008F505A /* CocoaLumberjack.framework */; }; - 54751E412422FCCA00168273 /* Resolver.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 546063BA23FC254C008F505A /* Resolver.framework */; }; - 54751E432422FCCC00168273 /* Sodium.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 546063B123FC254B008F505A /* Sodium.framework */; }; - 54751E452422FCCD00168273 /* tun2socks.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 546063B323FC254B008F505A /* tun2socks.framework */; }; - 54751E472422FCCF00168273 /* Yaml.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 546063B823FC254C008F505A /* Yaml.framework */; }; - 54751E492422FD3500168273 /* CocoaAsyncSocket.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 546063B723FC254C008F505A /* CocoaAsyncSocket.framework */; }; - 54751E4E242303F300168273 /* output.xcfilelist in Resources */ = {isa = PBXBuildFile; fileRef = 54751E4C242303F200168273 /* output.xcfilelist */; }; - 54751E4F242303F300168273 /* input.xcfilelist in Resources */ = {isa = PBXBuildFile; fileRef = 54751E4D242303F200168273 /* input.xcfilelist */; }; 54751E512423955100168273 /* FileManager.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54751E502423955000168273 /* FileManager.swift */; }; 54751E522423955100168273 /* FileManager.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54751E502423955000168273 /* FileManager.swift */; }; 54953E3323DC752E0054345C /* SQDB.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54B7562223D7B2DC008F0C41 /* SQDB.swift */; }; @@ -48,6 +36,94 @@ 54B345B0242264F8004C53CC /* third-level.txt in Resources */ = {isa = PBXBuildFile; fileRef = 54B345AF242264F8004C53CC /* third-level.txt */; }; 54C056DB23E9E36E00214A3F /* AppInfoType.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54C056DA23E9E36E00214A3F /* AppInfoType.swift */; }; 54C056DD23E9EEF700214A3F /* BundleIcon.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54C056DC23E9EEF700214A3F /* BundleIcon.swift */; }; + 54CA01D32426B23D003A5E04 /* Resolver.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA01D22426B23D003A5E04 /* Resolver.swift */; }; + 54CA01D52426B252003A5E04 /* SafeDict.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA01D42426B251003A5E04 /* SafeDict.swift */; }; + 54CA025C2426B2FD003A5E04 /* ConnectSession.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA01E22426B2FC003A5E04 /* ConnectSession.swift */; }; + 54CA025D2426B2FD003A5E04 /* HTTPHeader.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA01E32426B2FC003A5E04 /* HTTPHeader.swift */; }; + 54CA025E2426B2FD003A5E04 /* ResponseGeneratorFactory.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA01E42426B2FC003A5E04 /* ResponseGeneratorFactory.swift */; }; + 54CA025F2426B2FD003A5E04 /* ProxyServer.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA01E62426B2FC003A5E04 /* ProxyServer.swift */; }; + 54CA02602426B2FD003A5E04 /* GCDProxyServer.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA01E72426B2FC003A5E04 /* GCDProxyServer.swift */; }; + 54CA02612426B2FD003A5E04 /* GCDSOCKS5ProxyServer.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA01E82426B2FC003A5E04 /* GCDSOCKS5ProxyServer.swift */; }; + 54CA02622426B2FD003A5E04 /* GCDHTTPProxyServer.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA01E92426B2FC003A5E04 /* GCDHTTPProxyServer.swift */; }; + 54CA02662426B2FD003A5E04 /* NWUDPSocket.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA01EF2426B2FC003A5E04 /* NWUDPSocket.swift */; }; + 54CA02672426B2FD003A5E04 /* RawTCPSocketProtocol.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA01F02426B2FC003A5E04 /* RawTCPSocketProtocol.swift */; }; + 54CA02682426B2FD003A5E04 /* NWTCPSocket.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA01F12426B2FC003A5E04 /* NWTCPSocket.swift */; }; + 54CA026A2426B2FD003A5E04 /* RawSocketFactory.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA01F32426B2FC003A5E04 /* RawSocketFactory.swift */; }; + 54CA026B2426B2FD003A5E04 /* GCDTCPSocket.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA01F42426B2FC003A5E04 /* GCDTCPSocket.swift */; }; + 54CA026D2426B2FD003A5E04 /* Opt.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA01F72426B2FC003A5E04 /* Opt.swift */; }; + 54CA026F2426B2FD003A5E04 /* Port.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA01FA2426B2FC003A5E04 /* Port.swift */; }; + 54CA02702426B2FD003A5E04 /* HTTPStreamScanner.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA01FB2426B2FC003A5E04 /* HTTPStreamScanner.swift */; }; + 54CA02712426B2FD003A5E04 /* UInt128.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA01FC2426B2FC003A5E04 /* UInt128.swift */; }; + 54CA02722426B2FD003A5E04 /* IPInterval.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA01FD2426B2FC003A5E04 /* IPInterval.swift */; }; + 54CA02732426B2FD003A5E04 /* IPPool.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA01FE2426B2FC003A5E04 /* IPPool.swift */; }; + 54CA02742426B2FD003A5E04 /* IPMask.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA01FF2426B2FC003A5E04 /* IPMask.swift */; }; + 54CA02752426B2FD003A5E04 /* IPRange.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02002426B2FC003A5E04 /* IPRange.swift */; }; + 54CA02762426B2FD003A5E04 /* IPAddress.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02012426B2FC003A5E04 /* IPAddress.swift */; }; + 54CA02782426B2FD003A5E04 /* BinaryDataScanner.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02032426B2FC003A5E04 /* BinaryDataScanner.swift */; }; + 54CA02792426B2FD003A5E04 /* Checksum.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02042426B2FC003A5E04 /* Checksum.swift */; }; + 54CA027A2426B2FD003A5E04 /* HTTPURL.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02052426B2FC003A5E04 /* HTTPURL.swift */; }; + 54CA027B2426B2FD003A5E04 /* HTTPAuthentication.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02062426B2FC003A5E04 /* HTTPAuthentication.swift */; }; + 54CA027C2426B2FD003A5E04 /* StreamScanner.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02072426B2FC003A5E04 /* StreamScanner.swift */; }; + 54CA027D2426B2FD003A5E04 /* GlobalIntializer.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02082426B2FC003A5E04 /* GlobalIntializer.swift */; }; + 54CA027E2426B2FD003A5E04 /* DomainListRule.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA020A2426B2FC003A5E04 /* DomainListRule.swift */; }; + 54CA02802426B2FD003A5E04 /* DNSSessionMatchType.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA020C2426B2FC003A5E04 /* DNSSessionMatchType.swift */; }; + 54CA02812426B2FD003A5E04 /* DNSFailRule.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA020D2426B2FC003A5E04 /* DNSFailRule.swift */; }; + 54CA02822426B2FD003A5E04 /* AllRule.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA020E2426B2FC003A5E04 /* AllRule.swift */; }; + 54CA02832426B2FD003A5E04 /* DNSSessionMatchResult.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA020F2426B2FC003A5E04 /* DNSSessionMatchResult.swift */; }; + 54CA02842426B2FD003A5E04 /* Rule.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02102426B2FC003A5E04 /* Rule.swift */; }; + 54CA02852426B2FD003A5E04 /* DirectRule.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02112426B2FC003A5E04 /* DirectRule.swift */; }; + 54CA02862426B2FD003A5E04 /* RuleManager.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02122426B2FC003A5E04 /* RuleManager.swift */; }; + 54CA02872426B2FD003A5E04 /* IPRangeListRule.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02132426B2FC003A5E04 /* IPRangeListRule.swift */; }; + 54CA02882426B2FD003A5E04 /* QueueFactory.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02152426B2FC003A5E04 /* QueueFactory.swift */; }; + 54CA02892426B2FD003A5E04 /* Tunnel.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02162426B2FC003A5E04 /* Tunnel.swift */; }; + 54CA028A2426B2FD003A5E04 /* ResponseGenerator.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02172426B2FC003A5E04 /* ResponseGenerator.swift */; }; + 54CA028B2426B2FD003A5E04 /* Utils.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02182426B2FC003A5E04 /* Utils.swift */; }; + 54CA028E2426B2FD003A5E04 /* IPStackProtocol.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA021C2426B2FC003A5E04 /* IPStackProtocol.swift */; }; + 54CA02912426B2FD003A5E04 /* DNSMessage.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02202426B2FC003A5E04 /* DNSMessage.swift */; }; + 54CA02922426B2FD003A5E04 /* DNSSession.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02212426B2FC003A5E04 /* DNSSession.swift */; }; + 54CA02932426B2FD003A5E04 /* DNSServer.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02222426B2FC003A5E04 /* DNSServer.swift */; }; + 54CA02942426B2FD003A5E04 /* DNSResolver.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02232426B2FC003A5E04 /* DNSResolver.swift */; }; + 54CA02952426B2FD003A5E04 /* DNSEnums.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02242426B2FC003A5E04 /* DNSEnums.swift */; }; + 54CA02962426B2FD003A5E04 /* PacketProtocolParser.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02262426B2FC003A5E04 /* PacketProtocolParser.swift */; }; + 54CA02972426B2FD003A5E04 /* IPPacket.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02272426B2FC003A5E04 /* IPPacket.swift */; }; + 54CA02982426B2FD003A5E04 /* IPMutablePacket.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02282426B2FC003A5E04 /* IPMutablePacket.swift */; }; + 54CA02992426B2FD003A5E04 /* TCPMutablePacket.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02292426B2FC003A5E04 /* TCPMutablePacket.swift */; }; + 54CA029A2426B2FD003A5E04 /* Observer.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA022B2426B2FC003A5E04 /* Observer.swift */; }; + 54CA029C2426B2FD003A5E04 /* AdapterSocketEvent.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA022E2426B2FC003A5E04 /* AdapterSocketEvent.swift */; }; + 54CA029D2426B2FD003A5E04 /* ProxyServerEvent.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA022F2426B2FC003A5E04 /* ProxyServerEvent.swift */; }; + 54CA029E2426B2FD003A5E04 /* EventType.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02302426B2FC003A5E04 /* EventType.swift */; }; + 54CA029F2426B2FD003A5E04 /* ProxySocketEvent.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02312426B2FC003A5E04 /* ProxySocketEvent.swift */; }; + 54CA02A02426B2FD003A5E04 /* TunnelEvent.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02322426B2FC003A5E04 /* TunnelEvent.swift */; }; + 54CA02A12426B2FD003A5E04 /* RuleMatchEvent.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02332426B2FC003A5E04 /* RuleMatchEvent.swift */; }; + 54CA02A22426B2FD003A5E04 /* ObserverFactory.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02342426B2FC003A5E04 /* ObserverFactory.swift */; }; + 54CA02A32426B2FD003A5E04 /* HTTPAdapter.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02372426B2FC003A5E04 /* HTTPAdapter.swift */; }; + 54CA02A42426B2FD003A5E04 /* SecureHTTPAdapter.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02382426B2FC003A5E04 /* SecureHTTPAdapter.swift */; }; + 54CA02A62426B2FD003A5E04 /* AdapterSocket.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA023A2426B2FC003A5E04 /* AdapterSocket.swift */; }; + 54CA02A72426B2FD003A5E04 /* DirectAdapter.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA023B2426B2FC003A5E04 /* DirectAdapter.swift */; }; + 54CA02A82426B2FD003A5E04 /* SOCKS5Adapter.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA023C2426B2FC003A5E04 /* SOCKS5Adapter.swift */; }; + 54CA02A92426B2FD003A5E04 /* RejectAdapter.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA023D2426B2FC003A5E04 /* RejectAdapter.swift */; }; + 54CA02AA2426B2FD003A5E04 /* SpeedAdapterFactory.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA023F2426B2FC003A5E04 /* SpeedAdapterFactory.swift */; }; + 54CA02AB2426B2FD003A5E04 /* ShadowsocksAdapterFactory.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02402426B2FC003A5E04 /* ShadowsocksAdapterFactory.swift */; }; + 54CA02AC2426B2FD003A5E04 /* AuthenticationServerAdapterFactory.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02412426B2FC003A5E04 /* AuthenticationServerAdapterFactory.swift */; }; + 54CA02AD2426B2FD003A5E04 /* RejectAdapterFactory.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02422426B2FC003A5E04 /* RejectAdapterFactory.swift */; }; + 54CA02AE2426B2FD003A5E04 /* AdapterFactory.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02432426B2FD003A5E04 /* AdapterFactory.swift */; }; + 54CA02AF2426B2FD003A5E04 /* SOCKS5AdapterFactory.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02442426B2FD003A5E04 /* SOCKS5AdapterFactory.swift */; }; + 54CA02B02426B2FD003A5E04 /* SecureHTTPAdapterFactory.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02452426B2FD003A5E04 /* SecureHTTPAdapterFactory.swift */; }; + 54CA02B12426B2FD003A5E04 /* ServerAdapterFactory.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02462426B2FD003A5E04 /* ServerAdapterFactory.swift */; }; + 54CA02B22426B2FD003A5E04 /* AdapterFactoryManager.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02472426B2FD003A5E04 /* AdapterFactoryManager.swift */; }; + 54CA02B32426B2FD003A5E04 /* HTTPAdapterFactory.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02482426B2FD003A5E04 /* HTTPAdapterFactory.swift */; }; + 54CA02B42426B2FD003A5E04 /* StreamObfuscater.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA024A2426B2FD003A5E04 /* StreamObfuscater.swift */; }; + 54CA02B52426B2FD003A5E04 /* CryptoStreamProcessor.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA024B2426B2FD003A5E04 /* CryptoStreamProcessor.swift */; }; + 54CA02B62426B2FD003A5E04 /* ProtocolObfuscater.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA024C2426B2FD003A5E04 /* ProtocolObfuscater.swift */; }; + 54CA02B72426B2FD003A5E04 /* ShadowsocksAdapter.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA024D2426B2FD003A5E04 /* ShadowsocksAdapter.swift */; }; + 54CA02B82426B2FD003A5E04 /* HTTPProxySocket.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA024F2426B2FD003A5E04 /* HTTPProxySocket.swift */; }; + 54CA02B92426B2FD003A5E04 /* DirectProxySocket.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02502426B2FD003A5E04 /* DirectProxySocket.swift */; }; + 54CA02BA2426B2FD003A5E04 /* ProxySocket.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02512426B2FD003A5E04 /* ProxySocket.swift */; }; + 54CA02BB2426B2FD003A5E04 /* SOCKS5ProxySocket.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02522426B2FD003A5E04 /* SOCKS5ProxySocket.swift */; }; + 54CA02BC2426B2FD003A5E04 /* SocketProtocol.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02532426B2FD003A5E04 /* SocketProtocol.swift */; }; + 54CA02BE2426D4F3003A5E04 /* DDLog.swift in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02BD2426D4F3003A5E04 /* DDLog.swift */; }; + 54CA02C32426DCCD003A5E04 /* GCDAsyncSocket.m in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02BF2426DCCC003A5E04 /* GCDAsyncSocket.m */; }; + 54CA02C42426DCCD003A5E04 /* GCDAsyncUdpSocket.m in Sources */ = {isa = PBXBuildFile; fileRef = 54CA02C02426DCCD003A5E04 /* GCDAsyncUdpSocket.m */; }; /* End PBXBuildFile section */ /* Begin PBXContainerItemProxy section */ @@ -83,7 +159,6 @@ 541AC5DE2399498B00A769D7 /* Assets.xcassets */ = {isa = PBXFileReference; lastKnownFileType = folder.assetcatalog; path = Assets.xcassets; sourceTree = ""; }; 541AC5E12399498B00A769D7 /* Base */ = {isa = PBXFileReference; lastKnownFileType = file.storyboard; name = Base; path = Base.lproj/LaunchScreen.storyboard; sourceTree = ""; }; 541AC5E32399498B00A769D7 /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; - 541AC5EA2399499A00A769D7 /* NetworkExtension.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = NetworkExtension.framework; path = System/Library/Frameworks/NetworkExtension.framework; sourceTree = SDKROOT; }; 542E2A972404973F001462DC /* TBCMain.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = TBCMain.swift; sourceTree = ""; }; 542E2A9924051556001462DC /* TVCSettings.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = TVCSettings.swift; sourceTree = ""; }; 543CDB1D23EEE61900B7F323 /* GlassVPN.appex */ = {isa = PBXFileReference; explicitFileType = "wrapper.app-extension"; includeInIndex = 0; path = GlassVPN.appex; sourceTree = BUILT_PRODUCTS_DIR; }; @@ -91,18 +166,6 @@ 543CDB2123EEE61900B7F323 /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; 543CDB2223EEE61900B7F323 /* GlassVPN.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = GlassVPN.entitlements; sourceTree = ""; }; 544C95252407B1C700AB89D0 /* SharedState.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SharedState.swift; sourceTree = ""; }; - 546063B123FC254B008F505A /* Sodium.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Sodium.framework; path = Carthage/Build/iOS/Sodium.framework; sourceTree = ""; }; - 546063B223FC254B008F505A /* NEKit.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = NEKit.framework; path = Carthage/Build/iOS/NEKit.framework; sourceTree = ""; }; - 546063B323FC254B008F505A /* tun2socks.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = tun2socks.framework; path = Carthage/Build/iOS/tun2socks.framework; sourceTree = ""; }; - 546063B423FC254B008F505A /* CocoaLumberjackSwift.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = CocoaLumberjackSwift.framework; path = Carthage/Build/iOS/CocoaLumberjackSwift.framework; sourceTree = ""; }; - 546063B523FC254B008F505A /* CocoaLumberjack.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = CocoaLumberjack.framework; path = Carthage/Build/iOS/CocoaLumberjack.framework; sourceTree = ""; }; - 546063B623FC254B008F505A /* lwip.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = lwip.framework; path = Carthage/Build/iOS/lwip.framework; sourceTree = ""; }; - 546063B723FC254C008F505A /* CocoaAsyncSocket.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = CocoaAsyncSocket.framework; path = Carthage/Build/iOS/CocoaAsyncSocket.framework; sourceTree = ""; }; - 546063B823FC254C008F505A /* Yaml.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Yaml.framework; path = Carthage/Build/iOS/Yaml.framework; sourceTree = ""; }; - 546063B923FC254C008F505A /* MMDB.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = MMDB.framework; path = Carthage/Build/iOS/MMDB.framework; sourceTree = ""; }; - 546063BA23FC254C008F505A /* Resolver.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Resolver.framework; path = Carthage/Build/iOS/Resolver.framework; sourceTree = ""; }; - 54751E4C242303F200168273 /* output.xcfilelist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xcfilelist; path = output.xcfilelist; sourceTree = ""; }; - 54751E4D242303F200168273 /* input.xcfilelist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xcfilelist; path = input.xcfilelist; sourceTree = ""; }; 54751E502423955000168273 /* FileManager.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = FileManager.swift; sourceTree = ""; }; 548B1F9423D338EC005B047C /* main.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = main.entitlements; sourceTree = ""; }; 54953E5E23DEBE840054345C /* TVCDomains.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = TVCDomains.swift; sourceTree = ""; }; @@ -120,6 +183,97 @@ 54B7562223D7B2DC008F0C41 /* SQDB.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SQDB.swift; sourceTree = ""; }; 54C056DA23E9E36E00214A3F /* AppInfoType.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = AppInfoType.swift; sourceTree = ""; }; 54C056DC23E9EEF700214A3F /* BundleIcon.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = BundleIcon.swift; sourceTree = ""; }; + 54CA00D62426A803003A5E04 /* CocoaAsyncSocket.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = CocoaAsyncSocket.h; sourceTree = ""; }; + 54CA01D22426B23D003A5E04 /* Resolver.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = Resolver.swift; sourceTree = ""; }; + 54CA01D42426B251003A5E04 /* SafeDict.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = SafeDict.swift; sourceTree = ""; }; + 54CA01E22426B2FC003A5E04 /* ConnectSession.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ConnectSession.swift; sourceTree = ""; }; + 54CA01E32426B2FC003A5E04 /* HTTPHeader.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = HTTPHeader.swift; sourceTree = ""; }; + 54CA01E42426B2FC003A5E04 /* ResponseGeneratorFactory.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ResponseGeneratorFactory.swift; sourceTree = ""; }; + 54CA01E62426B2FC003A5E04 /* ProxyServer.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ProxyServer.swift; sourceTree = ""; }; + 54CA01E72426B2FC003A5E04 /* GCDProxyServer.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = GCDProxyServer.swift; sourceTree = ""; }; + 54CA01E82426B2FC003A5E04 /* GCDSOCKS5ProxyServer.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = GCDSOCKS5ProxyServer.swift; sourceTree = ""; }; + 54CA01E92426B2FC003A5E04 /* GCDHTTPProxyServer.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = GCDHTTPProxyServer.swift; sourceTree = ""; }; + 54CA01EF2426B2FC003A5E04 /* NWUDPSocket.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = NWUDPSocket.swift; sourceTree = ""; }; + 54CA01F02426B2FC003A5E04 /* RawTCPSocketProtocol.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = RawTCPSocketProtocol.swift; sourceTree = ""; }; + 54CA01F12426B2FC003A5E04 /* NWTCPSocket.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = NWTCPSocket.swift; sourceTree = ""; }; + 54CA01F32426B2FC003A5E04 /* RawSocketFactory.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = RawSocketFactory.swift; sourceTree = ""; }; + 54CA01F42426B2FC003A5E04 /* GCDTCPSocket.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = GCDTCPSocket.swift; sourceTree = ""; }; + 54CA01F72426B2FC003A5E04 /* Opt.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = Opt.swift; sourceTree = ""; }; + 54CA01FA2426B2FC003A5E04 /* Port.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = Port.swift; sourceTree = ""; }; + 54CA01FB2426B2FC003A5E04 /* HTTPStreamScanner.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = HTTPStreamScanner.swift; sourceTree = ""; }; + 54CA01FC2426B2FC003A5E04 /* UInt128.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = UInt128.swift; sourceTree = ""; }; + 54CA01FD2426B2FC003A5E04 /* IPInterval.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = IPInterval.swift; sourceTree = ""; }; + 54CA01FE2426B2FC003A5E04 /* IPPool.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = IPPool.swift; sourceTree = ""; }; + 54CA01FF2426B2FC003A5E04 /* IPMask.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = IPMask.swift; sourceTree = ""; }; + 54CA02002426B2FC003A5E04 /* IPRange.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = IPRange.swift; sourceTree = ""; }; + 54CA02012426B2FC003A5E04 /* IPAddress.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = IPAddress.swift; sourceTree = ""; }; + 54CA02032426B2FC003A5E04 /* BinaryDataScanner.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = BinaryDataScanner.swift; sourceTree = ""; }; + 54CA02042426B2FC003A5E04 /* Checksum.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = Checksum.swift; sourceTree = ""; }; + 54CA02052426B2FC003A5E04 /* HTTPURL.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = HTTPURL.swift; sourceTree = ""; }; + 54CA02062426B2FC003A5E04 /* HTTPAuthentication.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = HTTPAuthentication.swift; sourceTree = ""; }; + 54CA02072426B2FC003A5E04 /* StreamScanner.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = StreamScanner.swift; sourceTree = ""; }; + 54CA02082426B2FC003A5E04 /* GlobalIntializer.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = GlobalIntializer.swift; sourceTree = ""; }; + 54CA020A2426B2FC003A5E04 /* DomainListRule.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DomainListRule.swift; sourceTree = ""; }; + 54CA020C2426B2FC003A5E04 /* DNSSessionMatchType.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DNSSessionMatchType.swift; sourceTree = ""; }; + 54CA020D2426B2FC003A5E04 /* DNSFailRule.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DNSFailRule.swift; sourceTree = ""; }; + 54CA020E2426B2FC003A5E04 /* AllRule.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = AllRule.swift; sourceTree = ""; }; + 54CA020F2426B2FC003A5E04 /* DNSSessionMatchResult.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DNSSessionMatchResult.swift; sourceTree = ""; }; + 54CA02102426B2FC003A5E04 /* Rule.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = Rule.swift; sourceTree = ""; }; + 54CA02112426B2FC003A5E04 /* DirectRule.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DirectRule.swift; sourceTree = ""; }; + 54CA02122426B2FC003A5E04 /* RuleManager.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = RuleManager.swift; sourceTree = ""; }; + 54CA02132426B2FC003A5E04 /* IPRangeListRule.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = IPRangeListRule.swift; sourceTree = ""; }; + 54CA02152426B2FC003A5E04 /* QueueFactory.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = QueueFactory.swift; sourceTree = ""; }; + 54CA02162426B2FC003A5E04 /* Tunnel.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = Tunnel.swift; sourceTree = ""; }; + 54CA02172426B2FC003A5E04 /* ResponseGenerator.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ResponseGenerator.swift; sourceTree = ""; }; + 54CA02182426B2FC003A5E04 /* Utils.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = Utils.swift; sourceTree = ""; }; + 54CA021C2426B2FC003A5E04 /* IPStackProtocol.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = IPStackProtocol.swift; sourceTree = ""; }; + 54CA02202426B2FC003A5E04 /* DNSMessage.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DNSMessage.swift; sourceTree = ""; }; + 54CA02212426B2FC003A5E04 /* DNSSession.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DNSSession.swift; sourceTree = ""; }; + 54CA02222426B2FC003A5E04 /* DNSServer.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DNSServer.swift; sourceTree = ""; }; + 54CA02232426B2FC003A5E04 /* DNSResolver.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DNSResolver.swift; sourceTree = ""; }; + 54CA02242426B2FC003A5E04 /* DNSEnums.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DNSEnums.swift; sourceTree = ""; }; + 54CA02262426B2FC003A5E04 /* PacketProtocolParser.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = PacketProtocolParser.swift; sourceTree = ""; }; + 54CA02272426B2FC003A5E04 /* IPPacket.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = IPPacket.swift; sourceTree = ""; }; + 54CA02282426B2FC003A5E04 /* IPMutablePacket.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = IPMutablePacket.swift; sourceTree = ""; }; + 54CA02292426B2FC003A5E04 /* TCPMutablePacket.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = TCPMutablePacket.swift; sourceTree = ""; }; + 54CA022B2426B2FC003A5E04 /* Observer.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = Observer.swift; sourceTree = ""; }; + 54CA022E2426B2FC003A5E04 /* AdapterSocketEvent.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = AdapterSocketEvent.swift; sourceTree = ""; }; + 54CA022F2426B2FC003A5E04 /* ProxyServerEvent.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ProxyServerEvent.swift; sourceTree = ""; }; + 54CA02302426B2FC003A5E04 /* EventType.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = EventType.swift; sourceTree = ""; }; + 54CA02312426B2FC003A5E04 /* ProxySocketEvent.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ProxySocketEvent.swift; sourceTree = ""; }; + 54CA02322426B2FC003A5E04 /* TunnelEvent.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = TunnelEvent.swift; sourceTree = ""; }; + 54CA02332426B2FC003A5E04 /* RuleMatchEvent.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = RuleMatchEvent.swift; sourceTree = ""; }; + 54CA02342426B2FC003A5E04 /* ObserverFactory.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ObserverFactory.swift; sourceTree = ""; }; + 54CA02372426B2FC003A5E04 /* HTTPAdapter.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = HTTPAdapter.swift; sourceTree = ""; }; + 54CA02382426B2FC003A5E04 /* SecureHTTPAdapter.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = SecureHTTPAdapter.swift; sourceTree = ""; }; + 54CA023A2426B2FC003A5E04 /* AdapterSocket.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = AdapterSocket.swift; sourceTree = ""; }; + 54CA023B2426B2FC003A5E04 /* DirectAdapter.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DirectAdapter.swift; sourceTree = ""; }; + 54CA023C2426B2FC003A5E04 /* SOCKS5Adapter.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = SOCKS5Adapter.swift; sourceTree = ""; }; + 54CA023D2426B2FC003A5E04 /* RejectAdapter.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = RejectAdapter.swift; sourceTree = ""; }; + 54CA023F2426B2FC003A5E04 /* SpeedAdapterFactory.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = SpeedAdapterFactory.swift; sourceTree = ""; }; + 54CA02402426B2FC003A5E04 /* ShadowsocksAdapterFactory.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ShadowsocksAdapterFactory.swift; sourceTree = ""; }; + 54CA02412426B2FC003A5E04 /* AuthenticationServerAdapterFactory.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = AuthenticationServerAdapterFactory.swift; sourceTree = ""; }; + 54CA02422426B2FC003A5E04 /* RejectAdapterFactory.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = RejectAdapterFactory.swift; sourceTree = ""; }; + 54CA02432426B2FD003A5E04 /* AdapterFactory.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = AdapterFactory.swift; sourceTree = ""; }; + 54CA02442426B2FD003A5E04 /* SOCKS5AdapterFactory.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = SOCKS5AdapterFactory.swift; sourceTree = ""; }; + 54CA02452426B2FD003A5E04 /* SecureHTTPAdapterFactory.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = SecureHTTPAdapterFactory.swift; sourceTree = ""; }; + 54CA02462426B2FD003A5E04 /* ServerAdapterFactory.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ServerAdapterFactory.swift; sourceTree = ""; }; + 54CA02472426B2FD003A5E04 /* AdapterFactoryManager.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = AdapterFactoryManager.swift; sourceTree = ""; }; + 54CA02482426B2FD003A5E04 /* HTTPAdapterFactory.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = HTTPAdapterFactory.swift; sourceTree = ""; }; + 54CA024A2426B2FD003A5E04 /* StreamObfuscater.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = StreamObfuscater.swift; sourceTree = ""; }; + 54CA024B2426B2FD003A5E04 /* CryptoStreamProcessor.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = CryptoStreamProcessor.swift; sourceTree = ""; }; + 54CA024C2426B2FD003A5E04 /* ProtocolObfuscater.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ProtocolObfuscater.swift; sourceTree = ""; }; + 54CA024D2426B2FD003A5E04 /* ShadowsocksAdapter.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ShadowsocksAdapter.swift; sourceTree = ""; }; + 54CA024F2426B2FD003A5E04 /* HTTPProxySocket.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = HTTPProxySocket.swift; sourceTree = ""; }; + 54CA02502426B2FD003A5E04 /* DirectProxySocket.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DirectProxySocket.swift; sourceTree = ""; }; + 54CA02512426B2FD003A5E04 /* ProxySocket.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ProxySocket.swift; sourceTree = ""; }; + 54CA02522426B2FD003A5E04 /* SOCKS5ProxySocket.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = SOCKS5ProxySocket.swift; sourceTree = ""; }; + 54CA02532426B2FD003A5E04 /* SocketProtocol.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = SocketProtocol.swift; sourceTree = ""; }; + 54CA02BD2426D4F3003A5E04 /* DDLog.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DDLog.swift; sourceTree = ""; }; + 54CA02BF2426DCCC003A5E04 /* GCDAsyncSocket.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = GCDAsyncSocket.m; sourceTree = ""; }; + 54CA02C02426DCCD003A5E04 /* GCDAsyncUdpSocket.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = GCDAsyncUdpSocket.m; sourceTree = ""; }; + 54CA02C12426DCCD003A5E04 /* GCDAsyncSocket.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = GCDAsyncSocket.h; sourceTree = ""; }; + 54CA02C22426DCCD003A5E04 /* GCDAsyncUdpSocket.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = GCDAsyncUdpSocket.h; sourceTree = ""; }; /* End PBXFileReference section */ /* Begin PBXFrameworksBuildPhase section */ @@ -134,16 +288,6 @@ isa = PBXFrameworksBuildPhase; buildActionMask = 2147483647; files = ( - 54751E372422FCC200168273 /* MMDB.framework in Frameworks */, - 54751E3D2422FCC700168273 /* CocoaLumberjack.framework in Frameworks */, - 54751E492422FD3500168273 /* CocoaAsyncSocket.framework in Frameworks */, - 54751E3B2422FCC500168273 /* CocoaLumberjackSwift.framework in Frameworks */, - 54751E342422FC9E00168273 /* NEKit.framework in Frameworks */, - 54751E472422FCCF00168273 /* Yaml.framework in Frameworks */, - 54751E392422FCC300168273 /* lwip.framework in Frameworks */, - 54751E452422FCCD00168273 /* tun2socks.framework in Frameworks */, - 54751E412422FCCA00168273 /* Resolver.framework in Frameworks */, - 54751E432422FCCC00168273 /* Sodium.framework in Frameworks */, ); runOnlyForDeploymentPostprocessing = 0; }; @@ -176,7 +320,6 @@ 542E2A9B24051F79001462DC /* media */, 543CDB1E23EEE61900B7F323 /* GlassVPN */, 541AC5D52399498A00A769D7 /* Products */, - 541AC5E92399499A00A769D7 /* Frameworks */, ); sourceTree = ""; }; @@ -210,24 +353,6 @@ path = main; sourceTree = ""; }; - 541AC5E92399499A00A769D7 /* Frameworks */ = { - isa = PBXGroup; - children = ( - 546063B723FC254C008F505A /* CocoaAsyncSocket.framework */, - 546063B523FC254B008F505A /* CocoaLumberjack.framework */, - 546063B423FC254B008F505A /* CocoaLumberjackSwift.framework */, - 546063B623FC254B008F505A /* lwip.framework */, - 546063B923FC254C008F505A /* MMDB.framework */, - 546063B223FC254B008F505A /* NEKit.framework */, - 546063BA23FC254C008F505A /* Resolver.framework */, - 546063B123FC254B008F505A /* Sodium.framework */, - 546063B323FC254B008F505A /* tun2socks.framework */, - 546063B823FC254C008F505A /* Yaml.framework */, - 541AC5EA2399499A00A769D7 /* NetworkExtension.framework */, - ); - name = Frameworks; - sourceTree = ""; - }; 542E2A9B24051F79001462DC /* media */ = { isa = PBXGroup; children = ( @@ -240,11 +365,13 @@ 543CDB1E23EEE61900B7F323 /* GlassVPN */ = { isa = PBXGroup; children = ( - 54751E4D242303F200168273 /* input.xcfilelist */, - 54751E4C242303F200168273 /* output.xcfilelist */, 543CDB1F23EEE61900B7F323 /* PacketTunnelProvider.swift */, 543CDB2123EEE61900B7F323 /* Info.plist */, 543CDB2223EEE61900B7F323 /* GlassVPN.entitlements */, + 54CA02BD2426D4F3003A5E04 /* DDLog.swift */, + 54CA01D72426B2FC003A5E04 /* zhuhaow-NEKit */, + 54CA01D62426B289003A5E04 /* zhuhaow-Resolver */, + 54CA00D52426A7F2003A5E04 /* robbiehanson-CocoaAsyncSocket */, ); path = GlassVPN; sourceTree = ""; @@ -289,6 +416,245 @@ path = unused; sourceTree = ""; }; + 54CA00D52426A7F2003A5E04 /* robbiehanson-CocoaAsyncSocket */ = { + isa = PBXGroup; + children = ( + 54CA00D62426A803003A5E04 /* CocoaAsyncSocket.h */, + 54CA02C12426DCCD003A5E04 /* GCDAsyncSocket.h */, + 54CA02BF2426DCCC003A5E04 /* GCDAsyncSocket.m */, + 54CA02C22426DCCD003A5E04 /* GCDAsyncUdpSocket.h */, + 54CA02C02426DCCD003A5E04 /* GCDAsyncUdpSocket.m */, + ); + path = "robbiehanson-CocoaAsyncSocket"; + sourceTree = ""; + }; + 54CA01D62426B289003A5E04 /* zhuhaow-Resolver */ = { + isa = PBXGroup; + children = ( + 54CA01D22426B23D003A5E04 /* Resolver.swift */, + 54CA01D42426B251003A5E04 /* SafeDict.swift */, + ); + path = "zhuhaow-Resolver"; + sourceTree = ""; + }; + 54CA01D72426B2FC003A5E04 /* zhuhaow-NEKit */ = { + isa = PBXGroup; + children = ( + 54CA01E12426B2FC003A5E04 /* Messages */, + 54CA01E42426B2FC003A5E04 /* ResponseGeneratorFactory.swift */, + 54CA01E52426B2FC003A5E04 /* ProxyServer */, + 54CA01EE2426B2FC003A5E04 /* RawSocket */, + 54CA01F72426B2FC003A5E04 /* Opt.swift */, + 54CA01F82426B2FC003A5E04 /* Utils */, + 54CA02082426B2FC003A5E04 /* GlobalIntializer.swift */, + 54CA02092426B2FC003A5E04 /* Rule */, + 54CA02142426B2FC003A5E04 /* Tunnel */, + 54CA02172426B2FC003A5E04 /* ResponseGenerator.swift */, + 54CA02182426B2FC003A5E04 /* Utils.swift */, + 54CA02192426B2FC003A5E04 /* IPStack */, + 54CA022A2426B2FC003A5E04 /* Event */, + 54CA02352426B2FC003A5E04 /* Socket */, + ); + path = "zhuhaow-NEKit"; + sourceTree = ""; + }; + 54CA01E12426B2FC003A5E04 /* Messages */ = { + isa = PBXGroup; + children = ( + 54CA01E22426B2FC003A5E04 /* ConnectSession.swift */, + 54CA01E32426B2FC003A5E04 /* HTTPHeader.swift */, + ); + path = Messages; + sourceTree = ""; + }; + 54CA01E52426B2FC003A5E04 /* ProxyServer */ = { + isa = PBXGroup; + children = ( + 54CA01E62426B2FC003A5E04 /* ProxyServer.swift */, + 54CA01E72426B2FC003A5E04 /* GCDProxyServer.swift */, + 54CA01E82426B2FC003A5E04 /* GCDSOCKS5ProxyServer.swift */, + 54CA01E92426B2FC003A5E04 /* GCDHTTPProxyServer.swift */, + ); + path = ProxyServer; + sourceTree = ""; + }; + 54CA01EE2426B2FC003A5E04 /* RawSocket */ = { + isa = PBXGroup; + children = ( + 54CA01EF2426B2FC003A5E04 /* NWUDPSocket.swift */, + 54CA01F02426B2FC003A5E04 /* RawTCPSocketProtocol.swift */, + 54CA01F12426B2FC003A5E04 /* NWTCPSocket.swift */, + 54CA01F32426B2FC003A5E04 /* RawSocketFactory.swift */, + 54CA01F42426B2FC003A5E04 /* GCDTCPSocket.swift */, + ); + path = RawSocket; + sourceTree = ""; + }; + 54CA01F82426B2FC003A5E04 /* Utils */ = { + isa = PBXGroup; + children = ( + 54CA01FA2426B2FC003A5E04 /* Port.swift */, + 54CA01FB2426B2FC003A5E04 /* HTTPStreamScanner.swift */, + 54CA01FC2426B2FC003A5E04 /* UInt128.swift */, + 54CA01FD2426B2FC003A5E04 /* IPInterval.swift */, + 54CA01FE2426B2FC003A5E04 /* IPPool.swift */, + 54CA01FF2426B2FC003A5E04 /* IPMask.swift */, + 54CA02002426B2FC003A5E04 /* IPRange.swift */, + 54CA02012426B2FC003A5E04 /* IPAddress.swift */, + 54CA02032426B2FC003A5E04 /* BinaryDataScanner.swift */, + 54CA02042426B2FC003A5E04 /* Checksum.swift */, + 54CA02052426B2FC003A5E04 /* HTTPURL.swift */, + 54CA02062426B2FC003A5E04 /* HTTPAuthentication.swift */, + 54CA02072426B2FC003A5E04 /* StreamScanner.swift */, + ); + path = Utils; + sourceTree = ""; + }; + 54CA02092426B2FC003A5E04 /* Rule */ = { + isa = PBXGroup; + children = ( + 54CA020A2426B2FC003A5E04 /* DomainListRule.swift */, + 54CA020C2426B2FC003A5E04 /* DNSSessionMatchType.swift */, + 54CA020D2426B2FC003A5E04 /* DNSFailRule.swift */, + 54CA020E2426B2FC003A5E04 /* AllRule.swift */, + 54CA020F2426B2FC003A5E04 /* DNSSessionMatchResult.swift */, + 54CA02102426B2FC003A5E04 /* Rule.swift */, + 54CA02112426B2FC003A5E04 /* DirectRule.swift */, + 54CA02122426B2FC003A5E04 /* RuleManager.swift */, + 54CA02132426B2FC003A5E04 /* IPRangeListRule.swift */, + ); + path = Rule; + sourceTree = ""; + }; + 54CA02142426B2FC003A5E04 /* Tunnel */ = { + isa = PBXGroup; + children = ( + 54CA02152426B2FC003A5E04 /* QueueFactory.swift */, + 54CA02162426B2FC003A5E04 /* Tunnel.swift */, + ); + path = Tunnel; + sourceTree = ""; + }; + 54CA02192426B2FC003A5E04 /* IPStack */ = { + isa = PBXGroup; + children = ( + 54CA021C2426B2FC003A5E04 /* IPStackProtocol.swift */, + 54CA021F2426B2FC003A5E04 /* DNS */, + 54CA02252426B2FC003A5E04 /* Packet */, + ); + path = IPStack; + sourceTree = ""; + }; + 54CA021F2426B2FC003A5E04 /* DNS */ = { + isa = PBXGroup; + children = ( + 54CA02202426B2FC003A5E04 /* DNSMessage.swift */, + 54CA02212426B2FC003A5E04 /* DNSSession.swift */, + 54CA02222426B2FC003A5E04 /* DNSServer.swift */, + 54CA02232426B2FC003A5E04 /* DNSResolver.swift */, + 54CA02242426B2FC003A5E04 /* DNSEnums.swift */, + ); + path = DNS; + sourceTree = ""; + }; + 54CA02252426B2FC003A5E04 /* Packet */ = { + isa = PBXGroup; + children = ( + 54CA02262426B2FC003A5E04 /* PacketProtocolParser.swift */, + 54CA02272426B2FC003A5E04 /* IPPacket.swift */, + 54CA02282426B2FC003A5E04 /* IPMutablePacket.swift */, + 54CA02292426B2FC003A5E04 /* TCPMutablePacket.swift */, + ); + path = Packet; + sourceTree = ""; + }; + 54CA022A2426B2FC003A5E04 /* Event */ = { + isa = PBXGroup; + children = ( + 54CA022B2426B2FC003A5E04 /* Observer.swift */, + 54CA022D2426B2FC003A5E04 /* Event */, + 54CA02342426B2FC003A5E04 /* ObserverFactory.swift */, + ); + path = Event; + sourceTree = ""; + }; + 54CA022D2426B2FC003A5E04 /* Event */ = { + isa = PBXGroup; + children = ( + 54CA022E2426B2FC003A5E04 /* AdapterSocketEvent.swift */, + 54CA022F2426B2FC003A5E04 /* ProxyServerEvent.swift */, + 54CA02302426B2FC003A5E04 /* EventType.swift */, + 54CA02312426B2FC003A5E04 /* ProxySocketEvent.swift */, + 54CA02322426B2FC003A5E04 /* TunnelEvent.swift */, + 54CA02332426B2FC003A5E04 /* RuleMatchEvent.swift */, + ); + path = Event; + sourceTree = ""; + }; + 54CA02352426B2FC003A5E04 /* Socket */ = { + isa = PBXGroup; + children = ( + 54CA02362426B2FC003A5E04 /* AdapterSocket */, + 54CA024E2426B2FD003A5E04 /* ProxySocket */, + 54CA02532426B2FD003A5E04 /* SocketProtocol.swift */, + ); + path = Socket; + sourceTree = ""; + }; + 54CA02362426B2FC003A5E04 /* AdapterSocket */ = { + isa = PBXGroup; + children = ( + 54CA02372426B2FC003A5E04 /* HTTPAdapter.swift */, + 54CA02382426B2FC003A5E04 /* SecureHTTPAdapter.swift */, + 54CA023A2426B2FC003A5E04 /* AdapterSocket.swift */, + 54CA023B2426B2FC003A5E04 /* DirectAdapter.swift */, + 54CA023C2426B2FC003A5E04 /* SOCKS5Adapter.swift */, + 54CA023D2426B2FC003A5E04 /* RejectAdapter.swift */, + 54CA023E2426B2FC003A5E04 /* Factory */, + 54CA02492426B2FD003A5E04 /* Shadowsocks */, + ); + path = AdapterSocket; + sourceTree = ""; + }; + 54CA023E2426B2FC003A5E04 /* Factory */ = { + isa = PBXGroup; + children = ( + 54CA023F2426B2FC003A5E04 /* SpeedAdapterFactory.swift */, + 54CA02402426B2FC003A5E04 /* ShadowsocksAdapterFactory.swift */, + 54CA02412426B2FC003A5E04 /* AuthenticationServerAdapterFactory.swift */, + 54CA02422426B2FC003A5E04 /* RejectAdapterFactory.swift */, + 54CA02432426B2FD003A5E04 /* AdapterFactory.swift */, + 54CA02442426B2FD003A5E04 /* SOCKS5AdapterFactory.swift */, + 54CA02452426B2FD003A5E04 /* SecureHTTPAdapterFactory.swift */, + 54CA02462426B2FD003A5E04 /* ServerAdapterFactory.swift */, + 54CA02472426B2FD003A5E04 /* AdapterFactoryManager.swift */, + 54CA02482426B2FD003A5E04 /* HTTPAdapterFactory.swift */, + ); + path = Factory; + sourceTree = ""; + }; + 54CA02492426B2FD003A5E04 /* Shadowsocks */ = { + isa = PBXGroup; + children = ( + 54CA024A2426B2FD003A5E04 /* StreamObfuscater.swift */, + 54CA024B2426B2FD003A5E04 /* CryptoStreamProcessor.swift */, + 54CA024C2426B2FD003A5E04 /* ProtocolObfuscater.swift */, + 54CA024D2426B2FD003A5E04 /* ShadowsocksAdapter.swift */, + ); + path = Shadowsocks; + sourceTree = ""; + }; + 54CA024E2426B2FD003A5E04 /* ProxySocket */ = { + isa = PBXGroup; + children = ( + 54CA024F2426B2FD003A5E04 /* HTTPProxySocket.swift */, + 54CA02502426B2FD003A5E04 /* DirectProxySocket.swift */, + 54CA02512426B2FD003A5E04 /* ProxySocket.swift */, + 54CA02522426B2FD003A5E04 /* SOCKS5ProxySocket.swift */, + ); + path = ProxySocket; + sourceTree = ""; + }; /* End PBXGroup section */ /* Begin PBXNativeTarget section */ @@ -320,7 +686,6 @@ 543CDB1923EEE61900B7F323 /* Sources */, 543CDB1A23EEE61900B7F323 /* Frameworks */, 543CDB1B23EEE61900B7F323 /* Resources */, - 54751E4B242302EE00168273 /* ShellScript */, ); buildRules = ( ); @@ -354,6 +719,7 @@ }; 543CDB1C23EEE61900B7F323 = { CreatedOnToolsVersion = 11.3.1; + LastSwiftMigration = 1130; }; }; }; @@ -396,35 +762,11 @@ isa = PBXResourcesBuildPhase; buildActionMask = 2147483647; files = ( - 54751E4E242303F300168273 /* output.xcfilelist in Resources */, - 54751E4F242303F300168273 /* input.xcfilelist in Resources */, ); runOnlyForDeploymentPostprocessing = 0; }; /* End PBXResourcesBuildPhase section */ -/* Begin PBXShellScriptBuildPhase section */ - 54751E4B242302EE00168273 /* ShellScript */ = { - isa = PBXShellScriptBuildPhase; - buildActionMask = 2147483647; - files = ( - ); - inputFileListPaths = ( - "$(SRCROOT)/GlassVPN/input.xcfilelist", - ); - inputPaths = ( - ); - outputFileListPaths = ( - "$(SRCROOT)/GlassVPN/output.xcfilelist", - ); - outputPaths = ( - ); - runOnlyForDeploymentPostprocessing = 0; - shellPath = /bin/sh; - shellScript = "~/bin/official/carthage copy-frameworks\n"; - }; -/* End PBXShellScriptBuildPhase section */ - /* Begin PBXSourcesBuildPhase section */ 541AC5D02399498A00A769D7 /* Sources */ = { isa = PBXSourcesBuildPhase; @@ -456,9 +798,97 @@ isa = PBXSourcesBuildPhase; buildActionMask = 2147483647; files = ( + 54CA027A2426B2FD003A5E04 /* HTTPURL.swift in Sources */, + 54CA025D2426B2FD003A5E04 /* HTTPHeader.swift in Sources */, + 54CA02832426B2FD003A5E04 /* DNSSessionMatchResult.swift in Sources */, + 54CA02862426B2FD003A5E04 /* RuleManager.swift in Sources */, + 54CA02B52426B2FD003A5E04 /* CryptoStreamProcessor.swift in Sources */, + 54CA02B82426B2FD003A5E04 /* HTTPProxySocket.swift in Sources */, + 54CA02C32426DCCD003A5E04 /* GCDAsyncSocket.m in Sources */, + 54CA02752426B2FD003A5E04 /* IPRange.swift in Sources */, + 54CA02722426B2FD003A5E04 /* IPInterval.swift in Sources */, + 54CA029A2426B2FD003A5E04 /* Observer.swift in Sources */, + 54CA025C2426B2FD003A5E04 /* ConnectSession.swift in Sources */, + 54CA02C42426DCCD003A5E04 /* GCDAsyncUdpSocket.m in Sources */, + 54CA02BA2426B2FD003A5E04 /* ProxySocket.swift in Sources */, + 54CA025E2426B2FD003A5E04 /* ResponseGeneratorFactory.swift in Sources */, + 54CA02982426B2FD003A5E04 /* IPMutablePacket.swift in Sources */, + 54CA02892426B2FD003A5E04 /* Tunnel.swift in Sources */, + 54CA029F2426B2FD003A5E04 /* ProxySocketEvent.swift in Sources */, + 54CA027D2426B2FD003A5E04 /* GlobalIntializer.swift in Sources */, + 54CA026F2426B2FD003A5E04 /* Port.swift in Sources */, + 54CA028A2426B2FD003A5E04 /* ResponseGenerator.swift in Sources */, + 54CA027C2426B2FD003A5E04 /* StreamScanner.swift in Sources */, + 54CA02AF2426B2FD003A5E04 /* SOCKS5AdapterFactory.swift in Sources */, + 54CA029E2426B2FD003A5E04 /* EventType.swift in Sources */, + 54CA02912426B2FD003A5E04 /* DNSMessage.swift in Sources */, + 54CA02712426B2FD003A5E04 /* UInt128.swift in Sources */, + 54CA02B62426B2FD003A5E04 /* ProtocolObfuscater.swift in Sources */, + 54CA02882426B2FD003A5E04 /* QueueFactory.swift in Sources */, + 54CA02A12426B2FD003A5E04 /* RuleMatchEvent.swift in Sources */, + 54CA02AB2426B2FD003A5E04 /* ShadowsocksAdapterFactory.swift in Sources */, + 54CA02BE2426D4F3003A5E04 /* DDLog.swift in Sources */, + 54CA02962426B2FD003A5E04 /* PacketProtocolParser.swift in Sources */, + 54CA02932426B2FD003A5E04 /* DNSServer.swift in Sources */, + 54CA02B22426B2FD003A5E04 /* AdapterFactoryManager.swift in Sources */, + 54CA02AE2426B2FD003A5E04 /* AdapterFactory.swift in Sources */, + 54CA02A82426B2FD003A5E04 /* SOCKS5Adapter.swift in Sources */, + 54CA02792426B2FD003A5E04 /* Checksum.swift in Sources */, + 54CA02AD2426B2FD003A5E04 /* RejectAdapterFactory.swift in Sources */, + 54CA02672426B2FD003A5E04 /* RawTCPSocketProtocol.swift in Sources */, + 54CA02602426B2FD003A5E04 /* GCDProxyServer.swift in Sources */, + 54CA026B2426B2FD003A5E04 /* GCDTCPSocket.swift in Sources */, + 54CA028E2426B2FD003A5E04 /* IPStackProtocol.swift in Sources */, + 54CA01D52426B252003A5E04 /* SafeDict.swift in Sources */, + 54CA02992426B2FD003A5E04 /* TCPMutablePacket.swift in Sources */, + 54CA027B2426B2FD003A5E04 /* HTTPAuthentication.swift in Sources */, + 54CA02762426B2FD003A5E04 /* IPAddress.swift in Sources */, + 54CA02B02426B2FD003A5E04 /* SecureHTTPAdapterFactory.swift in Sources */, + 54CA02A62426B2FD003A5E04 /* AdapterSocket.swift in Sources */, + 54CA02742426B2FD003A5E04 /* IPMask.swift in Sources */, + 54CA02BB2426B2FD003A5E04 /* SOCKS5ProxySocket.swift in Sources */, + 54CA02A42426B2FD003A5E04 /* SecureHTTPAdapter.swift in Sources */, + 54CA02942426B2FD003A5E04 /* DNSResolver.swift in Sources */, + 54CA025F2426B2FD003A5E04 /* ProxyServer.swift in Sources */, + 54CA02842426B2FD003A5E04 /* Rule.swift in Sources */, + 54CA02B92426B2FD003A5E04 /* DirectProxySocket.swift in Sources */, 54751E522423955100168273 /* FileManager.swift in Sources */, + 54CA02A92426B2FD003A5E04 /* RejectAdapter.swift in Sources */, + 54CA02732426B2FD003A5E04 /* IPPool.swift in Sources */, + 54CA027E2426B2FD003A5E04 /* DomainListRule.swift in Sources */, + 54CA02782426B2FD003A5E04 /* BinaryDataScanner.swift in Sources */, + 54CA02B12426B2FD003A5E04 /* ServerAdapterFactory.swift in Sources */, + 54CA02B42426B2FD003A5E04 /* StreamObfuscater.swift in Sources */, + 54CA02AA2426B2FD003A5E04 /* SpeedAdapterFactory.swift in Sources */, + 54CA02952426B2FD003A5E04 /* DNSEnums.swift in Sources */, + 54CA02802426B2FD003A5E04 /* DNSSessionMatchType.swift in Sources */, + 54CA02A22426B2FD003A5E04 /* ObserverFactory.swift in Sources */, + 54CA02612426B2FD003A5E04 /* GCDSOCKS5ProxyServer.swift in Sources */, + 54CA029D2426B2FD003A5E04 /* ProxyServerEvent.swift in Sources */, + 54CA02BC2426B2FD003A5E04 /* SocketProtocol.swift in Sources */, + 54CA029C2426B2FD003A5E04 /* AdapterSocketEvent.swift in Sources */, + 54CA02A72426B2FD003A5E04 /* DirectAdapter.swift in Sources */, + 54CA02A32426B2FD003A5E04 /* HTTPAdapter.swift in Sources */, + 54CA02622426B2FD003A5E04 /* GCDHTTPProxyServer.swift in Sources */, + 54CA02822426B2FD003A5E04 /* AllRule.swift in Sources */, 543CDB2023EEE61900B7F323 /* PacketTunnelProvider.swift in Sources */, + 54CA02662426B2FD003A5E04 /* NWUDPSocket.swift in Sources */, + 54CA02682426B2FD003A5E04 /* NWTCPSocket.swift in Sources */, + 54CA02852426B2FD003A5E04 /* DirectRule.swift in Sources */, + 54CA01D32426B23D003A5E04 /* Resolver.swift in Sources */, + 54CA028B2426B2FD003A5E04 /* Utils.swift in Sources */, + 54CA02972426B2FD003A5E04 /* IPPacket.swift in Sources */, + 54CA026A2426B2FD003A5E04 /* RawSocketFactory.swift in Sources */, + 54CA02A02426B2FD003A5E04 /* TunnelEvent.swift in Sources */, 546063E523FEFAFE008F505A /* SQDB.swift in Sources */, + 54CA02872426B2FD003A5E04 /* IPRangeListRule.swift in Sources */, + 54CA02922426B2FD003A5E04 /* DNSSession.swift in Sources */, + 54CA02B72426B2FD003A5E04 /* ShadowsocksAdapter.swift in Sources */, + 54CA026D2426B2FD003A5E04 /* Opt.swift in Sources */, + 54CA02B32426B2FD003A5E04 /* HTTPAdapterFactory.swift in Sources */, + 54CA02702426B2FD003A5E04 /* HTTPStreamScanner.swift in Sources */, + 54CA02812426B2FD003A5E04 /* DNSFailRule.swift in Sources */, + 54CA02AC2426B2FD003A5E04 /* AuthenticationServerAdapterFactory.swift in Sources */, ); runOnlyForDeploymentPostprocessing = 0; }; @@ -619,7 +1049,7 @@ ALWAYS_EMBED_SWIFT_STANDARD_LIBRARIES = YES; ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; CODE_SIGN_ENTITLEMENTS = main/main.entitlements; - CURRENT_PROJECT_VERSION = 9; + CURRENT_PROJECT_VERSION = 12; INFOPLIST_FILE = main/Info.plist; LD_RUNPATH_SEARCH_PATHS = ( "$(inherited)", @@ -638,7 +1068,7 @@ ALWAYS_EMBED_SWIFT_STANDARD_LIBRARIES = YES; ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; CODE_SIGN_ENTITLEMENTS = main/main.entitlements; - CURRENT_PROJECT_VERSION = 9; + CURRENT_PROJECT_VERSION = 12; INFOPLIST_FILE = main/Info.plist; LD_RUNPATH_SEARCH_PATHS = ( "$(inherited)", @@ -654,20 +1084,17 @@ 543CDB2723EEE61A00B7F323 /* Debug */ = { isa = XCBuildConfiguration; buildSettings = { + CLANG_ENABLE_MODULES = YES; CODE_SIGN_ENTITLEMENTS = GlassVPN/GlassVPN.entitlements; CODE_SIGN_STYLE = Automatic; - CURRENT_PROJECT_VERSION = 9; - FRAMEWORK_SEARCH_PATHS = "$(PROJECT_DIR)/Carthage/Build/iOS"; + CURRENT_PROJECT_VERSION = 12; INFOPLIST_FILE = GlassVPN/Info.plist; - LD_RUNPATH_SEARCH_PATHS = ( - "$(inherited)", - "@executable_path/Frameworks", - "@executable_path/../../Frameworks", - ); MARKETING_VERSION = 1.0.0; PRODUCT_BUNDLE_IDENTIFIER = "de.uni-bamberg.psi.AppCheck.VPN"; PRODUCT_NAME = "$(TARGET_NAME)"; SKIP_INSTALL = YES; + SWIFT_OBJC_BRIDGING_HEADER = "GlassVPN/robbiehanson-CocoaAsyncSocket/CocoaAsyncSocket.h"; + SWIFT_OPTIMIZATION_LEVEL = "-Onone"; SWIFT_VERSION = 5.0; }; name = Debug; @@ -675,20 +1102,16 @@ 543CDB2823EEE61A00B7F323 /* Release */ = { isa = XCBuildConfiguration; buildSettings = { + CLANG_ENABLE_MODULES = YES; CODE_SIGN_ENTITLEMENTS = GlassVPN/GlassVPN.entitlements; CODE_SIGN_STYLE = Automatic; - CURRENT_PROJECT_VERSION = 9; - FRAMEWORK_SEARCH_PATHS = "$(PROJECT_DIR)/Carthage/Build/iOS"; + CURRENT_PROJECT_VERSION = 12; INFOPLIST_FILE = GlassVPN/Info.plist; - LD_RUNPATH_SEARCH_PATHS = ( - "$(inherited)", - "@executable_path/Frameworks", - "@executable_path/../../Frameworks", - ); MARKETING_VERSION = 1.0.0; PRODUCT_BUNDLE_IDENTIFIER = "de.uni-bamberg.psi.AppCheck.VPN"; PRODUCT_NAME = "$(TARGET_NAME)"; SKIP_INSTALL = YES; + SWIFT_OBJC_BRIDGING_HEADER = "GlassVPN/robbiehanson-CocoaAsyncSocket/CocoaAsyncSocket.h"; SWIFT_VERSION = 5.0; }; name = Release; diff --git a/AppCheck.xcodeproj/xcshareddata/xcschemes/AppCheck.xcscheme b/AppCheck.xcodeproj/xcshareddata/xcschemes/AppCheck.xcscheme index d280382..2dd6982 100644 --- a/AppCheck.xcodeproj/xcshareddata/xcschemes/AppCheck.xcscheme +++ b/AppCheck.xcodeproj/xcshareddata/xcschemes/AppCheck.xcscheme @@ -73,14 +73,5 @@ - - - - - - diff --git a/Cartfile b/Cartfile deleted file mode 100644 index 1a40700..0000000 --- a/Cartfile +++ /dev/null @@ -1 +0,0 @@ -github "zhuhaow/NEKit" \ No newline at end of file diff --git a/Cartfile.resolved b/Cartfile.resolved deleted file mode 100644 index 07456a3..0000000 --- a/Cartfile.resolved +++ /dev/null @@ -1,8 +0,0 @@ -github "CocoaLumberjack/CocoaLumberjack" "3.6.1" -github "behrang/YamlSwift" "3.4.3" -github "lexrus/MMDB-Swift" "0.5.0" -github "robbiehanson/CocoaAsyncSocket" "7.6.4" -github "zhuhaow/NEKit" "0.15.0" -github "zhuhaow/Resolver" "0.2.0" -github "zhuhaow/Sodium-framework" "v1.0.10.1" -github "zhuhaow/tun2socks" "0.7.0" diff --git a/GlassTunnel-old/GlassTunnel.entitlements b/GlassTunnel-old/GlassTunnel.entitlements deleted file mode 100644 index 2ddf77d..0000000 --- a/GlassTunnel-old/GlassTunnel.entitlements +++ /dev/null @@ -1,14 +0,0 @@ - - - - - com.apple.developer.networking.networkextension - - packet-tunnel-provider - - com.apple.security.application-groups - - group.it.h4q.psi.PrivacyScore - - - diff --git a/GlassTunnel-old/Info.plist b/GlassTunnel-old/Info.plist deleted file mode 100644 index 2280eac..0000000 --- a/GlassTunnel-old/Info.plist +++ /dev/null @@ -1,31 +0,0 @@ - - - - - CFBundleDevelopmentRegion - $(DEVELOPMENT_LANGUAGE) - CFBundleDisplayName - Tunnel - CFBundleExecutable - $(EXECUTABLE_NAME) - CFBundleIdentifier - $(PRODUCT_BUNDLE_IDENTIFIER) - CFBundleInfoDictionaryVersion - 6.0 - CFBundleName - $(PRODUCT_NAME) - CFBundlePackageType - $(PRODUCT_BUNDLE_PACKAGE_TYPE) - CFBundleShortVersionString - 1.0 - CFBundleVersion - 1 - NSExtension - - NSExtensionPointIdentifier - com.apple.networkextension.packet-tunnel - NSExtensionPrincipalClass - $(PRODUCT_MODULE_NAME).PacketTunnelProvider - - - diff --git a/GlassTunnel-old/PacketTunnelProvider.swift b/GlassTunnel-old/PacketTunnelProvider.swift deleted file mode 100644 index 0d78264..0000000 --- a/GlassTunnel-old/PacketTunnelProvider.swift +++ /dev/null @@ -1,57 +0,0 @@ -import NetworkExtension - -class PacketTunnelProvider: NEPacketTunnelProvider { - - override func startTunnel(options: [String : NSObject]?, completionHandler: @escaping (Error?) -> Void) { - NSLog("TUN: startTunnel") -// let endpoint = NWHostEndpoint(hostname:"127.0.0.1", port:"4000") -// self.createTCPConnection(to: endpoint, enableTLS: false, tlsParameters: nil, delegate: nil) - completionHandler(nil) - /* - let settings = NEPacketTunnelNetworkSettings(tunnelRemoteAddress: "127.0.0.1") - let ip4set = NEIPv4Settings(addresses: ["127.0.0.1"], subnetMasks: ["255.255.255.0"]) - let defaultRoute = NEIPv4Route.default() - let localRoute = NEIPv4Route(destinationAddress: "192.168.2.1", subnetMask: "255.255.255.0") - ip4set.includedRoutes = [defaultRoute, localRoute] - ip4set.excludedRoutes = [] - settings.ipv4Settings = ip4set -// settings.mtu = 1500 - settings.dnsSettings = NEDNSSettings(servers: ["8.8.8.8"]) - settings.tunnelOverheadBytes = 150 - - self.setTunnelNetworkSettings(settings) { error in - guard error == nil else { - NSLog("setTunnelNetworkSettings error: \(String(describing: error))") - return - } - NSLog("setTunnelNetworkSettings success") - completionHandler(nil) - }*/ - } - - override func stopTunnel(with reason: NEProviderStopReason, completionHandler: @escaping () -> Void) { - NSLog("TUN: stopTunnel") - completionHandler() - } - - override func handleAppMessage(_ messageData: Data, completionHandler: ((Data?) -> Void)?) { - NSLog("TUN: handleAppMessage") - if let handler = completionHandler { - handler(messageData) - } - } - - override func sleep(completionHandler: @escaping () -> Void) { - NSLog("TUN: sleep") - completionHandler() - } - - override func wake() { - NSLog("TUN: wake") - } - - override func createUDPSessionThroughTunnel(to remoteEndpoint: NWEndpoint, from localEndpoint: NWHostEndpoint?) -> NWUDPSession { - NSLog("TUN: createUDP") - return createUDPSession(to: remoteEndpoint, from: localEndpoint) - } -} diff --git a/GlassVPN/DDLog.swift b/GlassVPN/DDLog.swift new file mode 100644 index 0000000..24a3f75 --- /dev/null +++ b/GlassVPN/DDLog.swift @@ -0,0 +1,24 @@ +import Foundation + +// MARK: Third party dependencies +// +// Removed unnecessary parts of NEKit to keep the dependency chain small. +// Omitting embeded frameworks; which aren't allowed in NetworkExtensions? +// +// 0.15.0 https://github.com/zhuhaow/NEKit/commit/f09ba8aef1e70881edf0578d23c04d88cc706f52 +// 0.3.0 https://github.com/zhuhaow/Resolver/commit/5d08fd52822d1f9217019ae8867e78daa48f667c +// 7.6.4 https://github.com/robbiehanson/CocoaAsyncSocket/commit/0e00c967a010fc43ce528bd633d032f17158d393 + + +// MARK: DDLog + +#if DEBUG +@inlinable public func DDLogVerbose(_ message: String) { NSLog("[VPN.VERBOSE] " + message) } +@inlinable public func DDLogDebug(_ message: String) { NSLog("[VPN.DEBUG] " + message) } +#else +@inlinable public func DDLogVerbose(_ _: String) {} +@inlinable public func DDLogDebug(_ _: String) {} +#endif +@inlinable public func DDLogInfo(_ message: String) { NSLog("[VPN.INFO] " + message) } +@inlinable public func DDLogWarn(_ message: String) { NSLog("[VPN.WARN] " + message) } +@inlinable public func DDLogError(_ message: String) { NSLog("[VPN.ERROR] " + message) } diff --git a/GlassVPN/PacketTunnelProvider.swift b/GlassVPN/PacketTunnelProvider.swift index fd310a8..27c6519 100644 --- a/GlassVPN/PacketTunnelProvider.swift +++ b/GlassVPN/PacketTunnelProvider.swift @@ -1,5 +1,4 @@ import NetworkExtension -import NEKit fileprivate var db: SQLiteDatabase? fileprivate var domainFilters: [String : FilterOptions] = [:] @@ -16,13 +15,13 @@ class LDObserverFactory: ObserverFactory { override func signal(_ event: ProxySocketEvent) { switch event { case .receivedRequest(let session, let socket): - ZLog("DNS: \(session.host)") + DDLogDebug("DNS: \(session.host)") let match = domainFilters.first { session.host == $0.key || session.host.hasSuffix("." + $0.key) } let block = match?.value.contains(.blocked) ?? false let ignore = match?.value.contains(.ignored) ?? false if !ignore { try? db?.insertDNSQuery(session.host, blocked: block) } - else { ZLog("ignored") } - if block { ZLog("blocked"); socket.forceDisconnect() } + else { DDLogDebug("ignored") } + if block { DDLogDebug("blocked"); socket.forceDisconnect() } default: break } @@ -44,10 +43,10 @@ class PacketTunnelProvider: NEPacketTunnelProvider { } override func startTunnel(options: [String : NSObject]?, completionHandler: @escaping (Error?) -> Void) { - ZLog("startTunnel") + DDLogVerbose("startTunnel") do { db = try SQLiteDatabase.open() - try db!.createTable(table: DNSQuery.self) + db!.initScheme() } catch { completionHandler(error) return @@ -79,11 +78,11 @@ class PacketTunnelProvider: NEPacketTunnelProvider { self.setTunnelNetworkSettings(settings) { error in guard error == nil else { - ZLog("setTunnelNetworkSettings error: \(String(describing: error))") + DDLogError("setTunnelNetworkSettings error: \(String(describing: error))") completionHandler(error) return } - ZLog("setTunnelNetworkSettings success \(self.packetFlow)") + DDLogVerbose("setTunnelNetworkSettings success \(self.packetFlow)") completionHandler(nil) self.proxyServer = GCDHTTPProxyServer(address: IPAddress(fromString: self.proxyServerAddress), port: Port(port: self.proxyServerPort)) @@ -92,7 +91,7 @@ class PacketTunnelProvider: NEPacketTunnelProvider { completionHandler(nil) } catch let proxyError { - ZLog("Error starting proxy server \(proxyError)") + DDLogError("Error starting proxy server \(proxyError)") completionHandler(proxyError) } } @@ -100,24 +99,19 @@ class PacketTunnelProvider: NEPacketTunnelProvider { override func stopTunnel(with reason: NEProviderStopReason, completionHandler: @escaping () -> Void) { - ZLog("stopTunnel") + DDLogVerbose("stopTunnel with reason: \(reason)") db = nil DNSServer.currentServer = nil RawSocketFactory.TunnelProvider = nil ObserverFactory.currentFactory = nil proxyServer.stop() proxyServer = nil - ZLog("error on stopping: \(reason)") completionHandler() exit(EXIT_SUCCESS) } override func handleAppMessage(_ messageData: Data, completionHandler: ((Data?) -> Void)?) { - ZLog("handleAppMessage") + DDLogVerbose("handleAppMessage") reloadDomainFilter() } } - -fileprivate func ZLog(_ message: String) { - NSLog("TUN: \(message)") -} diff --git a/GlassVPN/input.xcfilelist b/GlassVPN/input.xcfilelist deleted file mode 100644 index cdaaacc..0000000 --- a/GlassVPN/input.xcfilelist +++ /dev/null @@ -1,10 +0,0 @@ -$(SRCROOT)/Carthage/Build/iOS/CocoaAsyncSocket.framework -$(SRCROOT)/Carthage/Build/iOS/CocoaLumberjack.framework -$(SRCROOT)/Carthage/Build/iOS/CocoaLumberjackSwift.framework -$(SRCROOT)/Carthage/Build/iOS/lwip.framework -$(SRCROOT)/Carthage/Build/iOS/MMDB.framework -$(SRCROOT)/Carthage/Build/iOS/NEKit.framework -$(SRCROOT)/Carthage/Build/iOS/Resolver.framework -$(SRCROOT)/Carthage/Build/iOS/Sodium.framework -$(SRCROOT)/Carthage/Build/iOS/tun2socks.framework -$(SRCROOT)/Carthage/Build/iOS/Yaml.framework diff --git a/GlassVPN/output.xcfilelist b/GlassVPN/output.xcfilelist deleted file mode 100644 index 736acfe..0000000 --- a/GlassVPN/output.xcfilelist +++ /dev/null @@ -1,10 +0,0 @@ -$(BUILT_PRODUCTS_DIR)/$(FRAMEWORKS_FOLDER_PATH)/CocoaAsyncSocket.framework -$(BUILT_PRODUCTS_DIR)/$(FRAMEWORKS_FOLDER_PATH)/CocoaLumberjack.framework -$(BUILT_PRODUCTS_DIR)/$(FRAMEWORKS_FOLDER_PATH)/CocoaLumberjackSwift.framework -$(BUILT_PRODUCTS_DIR)/$(FRAMEWORKS_FOLDER_PATH)/lwip.framework -$(BUILT_PRODUCTS_DIR)/$(FRAMEWORKS_FOLDER_PATH)/MMDB.framework -$(BUILT_PRODUCTS_DIR)/$(FRAMEWORKS_FOLDER_PATH)/NEKit.framework -$(BUILT_PRODUCTS_DIR)/$(FRAMEWORKS_FOLDER_PATH)/Resolver.framework -$(BUILT_PRODUCTS_DIR)/$(FRAMEWORKS_FOLDER_PATH)/Sodium.framework -$(BUILT_PRODUCTS_DIR)/$(FRAMEWORKS_FOLDER_PATH)/tun2socks.framework -$(BUILT_PRODUCTS_DIR)/$(FRAMEWORKS_FOLDER_PATH)/Yaml.framework diff --git a/GlassVPN/robbiehanson-CocoaAsyncSocket/CocoaAsyncSocket.h b/GlassVPN/robbiehanson-CocoaAsyncSocket/CocoaAsyncSocket.h new file mode 100644 index 0000000..72c6f8b --- /dev/null +++ b/GlassVPN/robbiehanson-CocoaAsyncSocket/CocoaAsyncSocket.h @@ -0,0 +1,18 @@ +// +// CocoaAsyncSocket.h +// CocoaAsyncSocket +// +// Created by Derek Clarkson on 10/08/2015. +// CocoaAsyncSocket project is in the public domain. +// + +@import Foundation; + +//! Project version number for CocoaAsyncSocket. +FOUNDATION_EXPORT double cocoaAsyncSocketVersionNumber; + +//! Project version string for CocoaAsyncSocket. +FOUNDATION_EXPORT const unsigned char cocoaAsyncSocketVersionString[]; + +#import "GCDAsyncSocket.h" +#import "GCDAsyncUdpSocket.h" diff --git a/GlassVPN/robbiehanson-CocoaAsyncSocket/GCDAsyncSocket.h b/GlassVPN/robbiehanson-CocoaAsyncSocket/GCDAsyncSocket.h new file mode 100755 index 0000000..f32a37b --- /dev/null +++ b/GlassVPN/robbiehanson-CocoaAsyncSocket/GCDAsyncSocket.h @@ -0,0 +1,1225 @@ +// +// GCDAsyncSocket.h +// +// This class is in the public domain. +// Originally created by Robbie Hanson in Q3 2010. +// Updated and maintained by Deusty LLC and the Apple development community. +// +// https://github.com/robbiehanson/CocoaAsyncSocket +// + +#import +#import +#import +#import +#import + +#include // AF_INET, AF_INET6 + +@class GCDAsyncReadPacket; +@class GCDAsyncWritePacket; +@class GCDAsyncSocketPreBuffer; +@protocol GCDAsyncSocketDelegate; + +NS_ASSUME_NONNULL_BEGIN + +extern NSString *const GCDAsyncSocketException; +extern NSString *const GCDAsyncSocketErrorDomain; + +extern NSString *const GCDAsyncSocketQueueName; +extern NSString *const GCDAsyncSocketThreadName; + +extern NSString *const GCDAsyncSocketManuallyEvaluateTrust; +#if TARGET_OS_IPHONE +extern NSString *const GCDAsyncSocketUseCFStreamForTLS; +#endif +#define GCDAsyncSocketSSLPeerName (NSString *)kCFStreamSSLPeerName +#define GCDAsyncSocketSSLCertificates (NSString *)kCFStreamSSLCertificates +#define GCDAsyncSocketSSLIsServer (NSString *)kCFStreamSSLIsServer +extern NSString *const GCDAsyncSocketSSLPeerID; +extern NSString *const GCDAsyncSocketSSLProtocolVersionMin; +extern NSString *const GCDAsyncSocketSSLProtocolVersionMax; +extern NSString *const GCDAsyncSocketSSLSessionOptionFalseStart; +extern NSString *const GCDAsyncSocketSSLSessionOptionSendOneByteRecord; +extern NSString *const GCDAsyncSocketSSLCipherSuites; +#if !TARGET_OS_IPHONE +extern NSString *const GCDAsyncSocketSSLDiffieHellmanParameters; +#endif + +#define GCDAsyncSocketLoggingContext 65535 + + +typedef NS_ERROR_ENUM(GCDAsyncSocketErrorDomain, GCDAsyncSocketError) { + GCDAsyncSocketNoError = 0, // Never used + GCDAsyncSocketBadConfigError, // Invalid configuration + GCDAsyncSocketBadParamError, // Invalid parameter was passed + GCDAsyncSocketConnectTimeoutError, // A connect operation timed out + GCDAsyncSocketReadTimeoutError, // A read operation timed out + GCDAsyncSocketWriteTimeoutError, // A write operation timed out + GCDAsyncSocketReadMaxedOutError, // Reached set maxLength without completing + GCDAsyncSocketClosedError, // The remote peer closed the connection + GCDAsyncSocketOtherError, // Description provided in userInfo +}; + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark - +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + + +@interface GCDAsyncSocket : NSObject + +/** + * GCDAsyncSocket uses the standard delegate paradigm, + * but executes all delegate callbacks on a given delegate dispatch queue. + * This allows for maximum concurrency, while at the same time providing easy thread safety. + * + * You MUST set a delegate AND delegate dispatch queue before attempting to + * use the socket, or you will get an error. + * + * The socket queue is optional. + * If you pass NULL, GCDAsyncSocket will automatically create it's own socket queue. + * If you choose to provide a socket queue, the socket queue must not be a concurrent queue. + * If you choose to provide a socket queue, and the socket queue has a configured target queue, + * then please see the discussion for the method markSocketQueueTargetQueue. + * + * The delegate queue and socket queue can optionally be the same. +**/ +- (instancetype)init; +- (instancetype)initWithSocketQueue:(nullable dispatch_queue_t)sq; +- (instancetype)initWithDelegate:(nullable id)aDelegate delegateQueue:(nullable dispatch_queue_t)dq; +- (instancetype)initWithDelegate:(nullable id)aDelegate delegateQueue:(nullable dispatch_queue_t)dq socketQueue:(nullable dispatch_queue_t)sq NS_DESIGNATED_INITIALIZER; + +/** + * Create GCDAsyncSocket from already connect BSD socket file descriptor +**/ ++ (nullable instancetype)socketFromConnectedSocketFD:(int)socketFD socketQueue:(nullable dispatch_queue_t)sq error:(NSError**)error; + ++ (nullable instancetype)socketFromConnectedSocketFD:(int)socketFD delegate:(nullable id)aDelegate delegateQueue:(nullable dispatch_queue_t)dq error:(NSError**)error; + ++ (nullable instancetype)socketFromConnectedSocketFD:(int)socketFD delegate:(nullable id)aDelegate delegateQueue:(nullable dispatch_queue_t)dq socketQueue:(nullable dispatch_queue_t)sq error:(NSError **)error; + +#pragma mark Configuration + +@property (atomic, weak, readwrite, nullable) id delegate; +#if OS_OBJECT_USE_OBJC +@property (atomic, strong, readwrite, nullable) dispatch_queue_t delegateQueue; +#else +@property (atomic, assign, readwrite, nullable) dispatch_queue_t delegateQueue; +#endif + +- (void)getDelegate:(id __nullable * __nullable)delegatePtr delegateQueue:(dispatch_queue_t __nullable * __nullable)delegateQueuePtr; +- (void)setDelegate:(nullable id)delegate delegateQueue:(nullable dispatch_queue_t)delegateQueue; + +/** + * If you are setting the delegate to nil within the delegate's dealloc method, + * you may need to use the synchronous versions below. +**/ +- (void)synchronouslySetDelegate:(nullable id)delegate; +- (void)synchronouslySetDelegateQueue:(nullable dispatch_queue_t)delegateQueue; +- (void)synchronouslySetDelegate:(nullable id)delegate delegateQueue:(nullable dispatch_queue_t)delegateQueue; + +/** + * By default, both IPv4 and IPv6 are enabled. + * + * For accepting incoming connections, this means GCDAsyncSocket automatically supports both protocols, + * and can simulataneously accept incoming connections on either protocol. + * + * For outgoing connections, this means GCDAsyncSocket can connect to remote hosts running either protocol. + * If a DNS lookup returns only IPv4 results, GCDAsyncSocket will automatically use IPv4. + * If a DNS lookup returns only IPv6 results, GCDAsyncSocket will automatically use IPv6. + * If a DNS lookup returns both IPv4 and IPv6 results, the preferred protocol will be chosen. + * By default, the preferred protocol is IPv4, but may be configured as desired. +**/ + +@property (atomic, assign, readwrite, getter=isIPv4Enabled) BOOL IPv4Enabled; +@property (atomic, assign, readwrite, getter=isIPv6Enabled) BOOL IPv6Enabled; + +@property (atomic, assign, readwrite, getter=isIPv4PreferredOverIPv6) BOOL IPv4PreferredOverIPv6; + +/** + * When connecting to both IPv4 and IPv6 using Happy Eyeballs (RFC 6555) https://tools.ietf.org/html/rfc6555 + * this is the delay between connecting to the preferred protocol and the fallback protocol. + * + * Defaults to 300ms. +**/ +@property (atomic, assign, readwrite) NSTimeInterval alternateAddressDelay; + +/** + * User data allows you to associate arbitrary information with the socket. + * This data is not used internally by socket in any way. +**/ +@property (atomic, strong, readwrite, nullable) id userData; + +#pragma mark Accepting + +/** + * Tells the socket to begin listening and accepting connections on the given port. + * When a connection is accepted, a new instance of GCDAsyncSocket will be spawned to handle it, + * and the socket:didAcceptNewSocket: delegate method will be invoked. + * + * The socket will listen on all available interfaces (e.g. wifi, ethernet, etc) +**/ +- (BOOL)acceptOnPort:(uint16_t)port error:(NSError **)errPtr; + +/** + * This method is the same as acceptOnPort:error: with the + * additional option of specifying which interface to listen on. + * + * For example, you could specify that the socket should only accept connections over ethernet, + * and not other interfaces such as wifi. + * + * The interface may be specified by name (e.g. "en1" or "lo0") or by IP address (e.g. "192.168.4.34"). + * You may also use the special strings "localhost" or "loopback" to specify that + * the socket only accept connections from the local machine. + * + * You can see the list of interfaces via the command line utility "ifconfig", + * or programmatically via the getifaddrs() function. + * + * To accept connections on any interface pass nil, or simply use the acceptOnPort:error: method. +**/ +- (BOOL)acceptOnInterface:(nullable NSString *)interface port:(uint16_t)port error:(NSError **)errPtr; + +/** + * Tells the socket to begin listening and accepting connections on the unix domain at the given url. + * When a connection is accepted, a new instance of GCDAsyncSocket will be spawned to handle it, + * and the socket:didAcceptNewSocket: delegate method will be invoked. + * + * The socket will listen on all available interfaces (e.g. wifi, ethernet, etc) + **/ +- (BOOL)acceptOnUrl:(NSURL *)url error:(NSError **)errPtr; + +#pragma mark Connecting + +/** + * Connects to the given host and port. + * + * This method invokes connectToHost:onPort:viaInterface:withTimeout:error: + * and uses the default interface, and no timeout. +**/ +- (BOOL)connectToHost:(NSString *)host onPort:(uint16_t)port error:(NSError **)errPtr; + +/** + * Connects to the given host and port with an optional timeout. + * + * This method invokes connectToHost:onPort:viaInterface:withTimeout:error: and uses the default interface. +**/ +- (BOOL)connectToHost:(NSString *)host + onPort:(uint16_t)port + withTimeout:(NSTimeInterval)timeout + error:(NSError **)errPtr; + +/** + * Connects to the given host & port, via the optional interface, with an optional timeout. + * + * The host may be a domain name (e.g. "deusty.com") or an IP address string (e.g. "192.168.0.2"). + * The host may also be the special strings "localhost" or "loopback" to specify connecting + * to a service on the local machine. + * + * The interface may be a name (e.g. "en1" or "lo0") or the corresponding IP address (e.g. "192.168.4.35"). + * The interface may also be used to specify the local port (see below). + * + * To not time out use a negative time interval. + * + * This method will return NO if an error is detected, and set the error pointer (if one was given). + * Possible errors would be a nil host, invalid interface, or socket is already connected. + * + * If no errors are detected, this method will start a background connect operation and immediately return YES. + * The delegate callbacks are used to notify you when the socket connects, or if the host was unreachable. + * + * Since this class supports queued reads and writes, you can immediately start reading and/or writing. + * All read/write operations will be queued, and upon socket connection, + * the operations will be dequeued and processed in order. + * + * The interface may optionally contain a port number at the end of the string, separated by a colon. + * This allows you to specify the local port that should be used for the outgoing connection. (read paragraph to end) + * To specify both interface and local port: "en1:8082" or "192.168.4.35:2424". + * To specify only local port: ":8082". + * Please note this is an advanced feature, and is somewhat hidden on purpose. + * You should understand that 99.999% of the time you should NOT specify the local port for an outgoing connection. + * If you think you need to, there is a very good chance you have a fundamental misunderstanding somewhere. + * Local ports do NOT need to match remote ports. In fact, they almost never do. + * This feature is here for networking professionals using very advanced techniques. +**/ +- (BOOL)connectToHost:(NSString *)host + onPort:(uint16_t)port + viaInterface:(nullable NSString *)interface + withTimeout:(NSTimeInterval)timeout + error:(NSError **)errPtr; + +/** + * Connects to the given address, specified as a sockaddr structure wrapped in a NSData object. + * For example, a NSData object returned from NSNetService's addresses method. + * + * If you have an existing struct sockaddr you can convert it to a NSData object like so: + * struct sockaddr sa -> NSData *dsa = [NSData dataWithBytes:&remoteAddr length:remoteAddr.sa_len]; + * struct sockaddr *sa -> NSData *dsa = [NSData dataWithBytes:remoteAddr length:remoteAddr->sa_len]; + * + * This method invokes connectToAddress:remoteAddr viaInterface:nil withTimeout:-1 error:errPtr. +**/ +- (BOOL)connectToAddress:(NSData *)remoteAddr error:(NSError **)errPtr; + +/** + * This method is the same as connectToAddress:error: with an additional timeout option. + * To not time out use a negative time interval, or simply use the connectToAddress:error: method. +**/ +- (BOOL)connectToAddress:(NSData *)remoteAddr withTimeout:(NSTimeInterval)timeout error:(NSError **)errPtr; + +/** + * Connects to the given address, using the specified interface and timeout. + * + * The address is specified as a sockaddr structure wrapped in a NSData object. + * For example, a NSData object returned from NSNetService's addresses method. + * + * If you have an existing struct sockaddr you can convert it to a NSData object like so: + * struct sockaddr sa -> NSData *dsa = [NSData dataWithBytes:&remoteAddr length:remoteAddr.sa_len]; + * struct sockaddr *sa -> NSData *dsa = [NSData dataWithBytes:remoteAddr length:remoteAddr->sa_len]; + * + * The interface may be a name (e.g. "en1" or "lo0") or the corresponding IP address (e.g. "192.168.4.35"). + * The interface may also be used to specify the local port (see below). + * + * The timeout is optional. To not time out use a negative time interval. + * + * This method will return NO if an error is detected, and set the error pointer (if one was given). + * Possible errors would be a nil host, invalid interface, or socket is already connected. + * + * If no errors are detected, this method will start a background connect operation and immediately return YES. + * The delegate callbacks are used to notify you when the socket connects, or if the host was unreachable. + * + * Since this class supports queued reads and writes, you can immediately start reading and/or writing. + * All read/write operations will be queued, and upon socket connection, + * the operations will be dequeued and processed in order. + * + * The interface may optionally contain a port number at the end of the string, separated by a colon. + * This allows you to specify the local port that should be used for the outgoing connection. (read paragraph to end) + * To specify both interface and local port: "en1:8082" or "192.168.4.35:2424". + * To specify only local port: ":8082". + * Please note this is an advanced feature, and is somewhat hidden on purpose. + * You should understand that 99.999% of the time you should NOT specify the local port for an outgoing connection. + * If you think you need to, there is a very good chance you have a fundamental misunderstanding somewhere. + * Local ports do NOT need to match remote ports. In fact, they almost never do. + * This feature is here for networking professionals using very advanced techniques. +**/ +- (BOOL)connectToAddress:(NSData *)remoteAddr + viaInterface:(nullable NSString *)interface + withTimeout:(NSTimeInterval)timeout + error:(NSError **)errPtr; +/** + * Connects to the unix domain socket at the given url, using the specified timeout. + */ +- (BOOL)connectToUrl:(NSURL *)url withTimeout:(NSTimeInterval)timeout error:(NSError **)errPtr; + +/** + * Iterates over the given NetService's addresses in order, and invokes connectToAddress:error:. Stops at the + * first invocation that succeeds and returns YES; otherwise returns NO. + */ +- (BOOL)connectToNetService:(NSNetService *)netService error:(NSError **)errPtr; + +#pragma mark Disconnecting + +/** + * Disconnects immediately (synchronously). Any pending reads or writes are dropped. + * + * If the socket is not already disconnected, an invocation to the socketDidDisconnect:withError: delegate method + * will be queued onto the delegateQueue asynchronously (behind any previously queued delegate methods). + * In other words, the disconnected delegate method will be invoked sometime shortly after this method returns. + * + * Please note the recommended way of releasing a GCDAsyncSocket instance (e.g. in a dealloc method) + * [asyncSocket setDelegate:nil]; + * [asyncSocket disconnect]; + * [asyncSocket release]; + * + * If you plan on disconnecting the socket, and then immediately asking it to connect again, + * you'll likely want to do so like this: + * [asyncSocket setDelegate:nil]; + * [asyncSocket disconnect]; + * [asyncSocket setDelegate:self]; + * [asyncSocket connect...]; +**/ +- (void)disconnect; + +/** + * Disconnects after all pending reads have completed. + * After calling this, the read and write methods will do nothing. + * The socket will disconnect even if there are still pending writes. +**/ +- (void)disconnectAfterReading; + +/** + * Disconnects after all pending writes have completed. + * After calling this, the read and write methods will do nothing. + * The socket will disconnect even if there are still pending reads. +**/ +- (void)disconnectAfterWriting; + +/** + * Disconnects after all pending reads and writes have completed. + * After calling this, the read and write methods will do nothing. +**/ +- (void)disconnectAfterReadingAndWriting; + +#pragma mark Diagnostics + +/** + * Returns whether the socket is disconnected or connected. + * + * A disconnected socket may be recycled. + * That is, it can be used again for connecting or listening. + * + * If a socket is in the process of connecting, it may be neither disconnected nor connected. +**/ +@property (atomic, readonly) BOOL isDisconnected; +@property (atomic, readonly) BOOL isConnected; + +/** + * Returns the local or remote host and port to which this socket is connected, or nil and 0 if not connected. + * The host will be an IP address. +**/ +@property (atomic, readonly, nullable) NSString *connectedHost; +@property (atomic, readonly) uint16_t connectedPort; +@property (atomic, readonly, nullable) NSURL *connectedUrl; + +@property (atomic, readonly, nullable) NSString *localHost; +@property (atomic, readonly) uint16_t localPort; + +/** + * Returns the local or remote address to which this socket is connected, + * specified as a sockaddr structure wrapped in a NSData object. + * + * @seealso connectedHost + * @seealso connectedPort + * @seealso localHost + * @seealso localPort +**/ +@property (atomic, readonly, nullable) NSData *connectedAddress; +@property (atomic, readonly, nullable) NSData *localAddress; + +/** + * Returns whether the socket is IPv4 or IPv6. + * An accepting socket may be both. +**/ +@property (atomic, readonly) BOOL isIPv4; +@property (atomic, readonly) BOOL isIPv6; + +/** + * Returns whether or not the socket has been secured via SSL/TLS. + * + * See also the startTLS method. +**/ +@property (atomic, readonly) BOOL isSecure; + +#pragma mark Reading + +// The readData and writeData methods won't block (they are asynchronous). +// +// When a read is complete the socket:didReadData:withTag: delegate method is dispatched on the delegateQueue. +// When a write is complete the socket:didWriteDataWithTag: delegate method is dispatched on the delegateQueue. +// +// You may optionally set a timeout for any read/write operation. (To not timeout, use a negative time interval.) +// If a read/write opertion times out, the corresponding "socket:shouldTimeout..." delegate method +// is called to optionally allow you to extend the timeout. +// Upon a timeout, the "socket:didDisconnectWithError:" method is called +// +// The tag is for your convenience. +// You can use it as an array index, step number, state id, pointer, etc. + +/** + * Reads the first available bytes that become available on the socket. + * + * If the timeout value is negative, the read operation will not use a timeout. +**/ +- (void)readDataWithTimeout:(NSTimeInterval)timeout tag:(long)tag; + +/** + * Reads the first available bytes that become available on the socket. + * The bytes will be appended to the given byte buffer starting at the given offset. + * The given buffer will automatically be increased in size if needed. + * + * If the timeout value is negative, the read operation will not use a timeout. + * If the buffer is nil, the socket will create a buffer for you. + * + * If the bufferOffset is greater than the length of the given buffer, + * the method will do nothing, and the delegate will not be called. + * + * If you pass a buffer, you must not alter it in any way while the socket is using it. + * After completion, the data returned in socket:didReadData:withTag: will be a subset of the given buffer. + * That is, it will reference the bytes that were appended to the given buffer via + * the method [NSData dataWithBytesNoCopy:length:freeWhenDone:NO]. +**/ +- (void)readDataWithTimeout:(NSTimeInterval)timeout + buffer:(nullable NSMutableData *)buffer + bufferOffset:(NSUInteger)offset + tag:(long)tag; + +/** + * Reads the first available bytes that become available on the socket. + * The bytes will be appended to the given byte buffer starting at the given offset. + * The given buffer will automatically be increased in size if needed. + * A maximum of length bytes will be read. + * + * If the timeout value is negative, the read operation will not use a timeout. + * If the buffer is nil, a buffer will automatically be created for you. + * If maxLength is zero, no length restriction is enforced. + * + * If the bufferOffset is greater than the length of the given buffer, + * the method will do nothing, and the delegate will not be called. + * + * If you pass a buffer, you must not alter it in any way while the socket is using it. + * After completion, the data returned in socket:didReadData:withTag: will be a subset of the given buffer. + * That is, it will reference the bytes that were appended to the given buffer via + * the method [NSData dataWithBytesNoCopy:length:freeWhenDone:NO]. +**/ +- (void)readDataWithTimeout:(NSTimeInterval)timeout + buffer:(nullable NSMutableData *)buffer + bufferOffset:(NSUInteger)offset + maxLength:(NSUInteger)length + tag:(long)tag; + +/** + * Reads the given number of bytes. + * + * If the timeout value is negative, the read operation will not use a timeout. + * + * If the length is 0, this method does nothing and the delegate is not called. +**/ +- (void)readDataToLength:(NSUInteger)length withTimeout:(NSTimeInterval)timeout tag:(long)tag; + +/** + * Reads the given number of bytes. + * The bytes will be appended to the given byte buffer starting at the given offset. + * The given buffer will automatically be increased in size if needed. + * + * If the timeout value is negative, the read operation will not use a timeout. + * If the buffer is nil, a buffer will automatically be created for you. + * + * If the length is 0, this method does nothing and the delegate is not called. + * If the bufferOffset is greater than the length of the given buffer, + * the method will do nothing, and the delegate will not be called. + * + * If you pass a buffer, you must not alter it in any way while AsyncSocket is using it. + * After completion, the data returned in socket:didReadData:withTag: will be a subset of the given buffer. + * That is, it will reference the bytes that were appended to the given buffer via + * the method [NSData dataWithBytesNoCopy:length:freeWhenDone:NO]. +**/ +- (void)readDataToLength:(NSUInteger)length + withTimeout:(NSTimeInterval)timeout + buffer:(nullable NSMutableData *)buffer + bufferOffset:(NSUInteger)offset + tag:(long)tag; + +/** + * Reads bytes until (and including) the passed "data" parameter, which acts as a separator. + * + * If the timeout value is negative, the read operation will not use a timeout. + * + * If you pass nil or zero-length data as the "data" parameter, + * the method will do nothing (except maybe print a warning), and the delegate will not be called. + * + * To read a line from the socket, use the line separator (e.g. CRLF for HTTP, see below) as the "data" parameter. + * If you're developing your own custom protocol, be sure your separator can not occur naturally as + * part of the data between separators. + * For example, imagine you want to send several small documents over a socket. + * Using CRLF as a separator is likely unwise, as a CRLF could easily exist within the documents. + * In this particular example, it would be better to use a protocol similar to HTTP with + * a header that includes the length of the document. + * Also be careful that your separator cannot occur naturally as part of the encoding for a character. + * + * The given data (separator) parameter should be immutable. + * For performance reasons, the socket will retain it, not copy it. + * So if it is immutable, don't modify it while the socket is using it. +**/ +- (void)readDataToData:(nullable NSData *)data withTimeout:(NSTimeInterval)timeout tag:(long)tag; + +/** + * Reads bytes until (and including) the passed "data" parameter, which acts as a separator. + * The bytes will be appended to the given byte buffer starting at the given offset. + * The given buffer will automatically be increased in size if needed. + * + * If the timeout value is negative, the read operation will not use a timeout. + * If the buffer is nil, a buffer will automatically be created for you. + * + * If the bufferOffset is greater than the length of the given buffer, + * the method will do nothing (except maybe print a warning), and the delegate will not be called. + * + * If you pass a buffer, you must not alter it in any way while the socket is using it. + * After completion, the data returned in socket:didReadData:withTag: will be a subset of the given buffer. + * That is, it will reference the bytes that were appended to the given buffer via + * the method [NSData dataWithBytesNoCopy:length:freeWhenDone:NO]. + * + * To read a line from the socket, use the line separator (e.g. CRLF for HTTP, see below) as the "data" parameter. + * If you're developing your own custom protocol, be sure your separator can not occur naturally as + * part of the data between separators. + * For example, imagine you want to send several small documents over a socket. + * Using CRLF as a separator is likely unwise, as a CRLF could easily exist within the documents. + * In this particular example, it would be better to use a protocol similar to HTTP with + * a header that includes the length of the document. + * Also be careful that your separator cannot occur naturally as part of the encoding for a character. + * + * The given data (separator) parameter should be immutable. + * For performance reasons, the socket will retain it, not copy it. + * So if it is immutable, don't modify it while the socket is using it. +**/ +- (void)readDataToData:(NSData *)data + withTimeout:(NSTimeInterval)timeout + buffer:(nullable NSMutableData *)buffer + bufferOffset:(NSUInteger)offset + tag:(long)tag; + +/** + * Reads bytes until (and including) the passed "data" parameter, which acts as a separator. + * + * If the timeout value is negative, the read operation will not use a timeout. + * + * If maxLength is zero, no length restriction is enforced. + * Otherwise if maxLength bytes are read without completing the read, + * it is treated similarly to a timeout - the socket is closed with a GCDAsyncSocketReadMaxedOutError. + * The read will complete successfully if exactly maxLength bytes are read and the given data is found at the end. + * + * If you pass nil or zero-length data as the "data" parameter, + * the method will do nothing (except maybe print a warning), and the delegate will not be called. + * If you pass a maxLength parameter that is less than the length of the data parameter, + * the method will do nothing (except maybe print a warning), and the delegate will not be called. + * + * To read a line from the socket, use the line separator (e.g. CRLF for HTTP, see below) as the "data" parameter. + * If you're developing your own custom protocol, be sure your separator can not occur naturally as + * part of the data between separators. + * For example, imagine you want to send several small documents over a socket. + * Using CRLF as a separator is likely unwise, as a CRLF could easily exist within the documents. + * In this particular example, it would be better to use a protocol similar to HTTP with + * a header that includes the length of the document. + * Also be careful that your separator cannot occur naturally as part of the encoding for a character. + * + * The given data (separator) parameter should be immutable. + * For performance reasons, the socket will retain it, not copy it. + * So if it is immutable, don't modify it while the socket is using it. +**/ +- (void)readDataToData:(NSData *)data withTimeout:(NSTimeInterval)timeout maxLength:(NSUInteger)length tag:(long)tag; + +/** + * Reads bytes until (and including) the passed "data" parameter, which acts as a separator. + * The bytes will be appended to the given byte buffer starting at the given offset. + * The given buffer will automatically be increased in size if needed. + * + * If the timeout value is negative, the read operation will not use a timeout. + * If the buffer is nil, a buffer will automatically be created for you. + * + * If maxLength is zero, no length restriction is enforced. + * Otherwise if maxLength bytes are read without completing the read, + * it is treated similarly to a timeout - the socket is closed with a GCDAsyncSocketReadMaxedOutError. + * The read will complete successfully if exactly maxLength bytes are read and the given data is found at the end. + * + * If you pass a maxLength parameter that is less than the length of the data (separator) parameter, + * the method will do nothing (except maybe print a warning), and the delegate will not be called. + * If the bufferOffset is greater than the length of the given buffer, + * the method will do nothing (except maybe print a warning), and the delegate will not be called. + * + * If you pass a buffer, you must not alter it in any way while the socket is using it. + * After completion, the data returned in socket:didReadData:withTag: will be a subset of the given buffer. + * That is, it will reference the bytes that were appended to the given buffer via + * the method [NSData dataWithBytesNoCopy:length:freeWhenDone:NO]. + * + * To read a line from the socket, use the line separator (e.g. CRLF for HTTP, see below) as the "data" parameter. + * If you're developing your own custom protocol, be sure your separator can not occur naturally as + * part of the data between separators. + * For example, imagine you want to send several small documents over a socket. + * Using CRLF as a separator is likely unwise, as a CRLF could easily exist within the documents. + * In this particular example, it would be better to use a protocol similar to HTTP with + * a header that includes the length of the document. + * Also be careful that your separator cannot occur naturally as part of the encoding for a character. + * + * The given data (separator) parameter should be immutable. + * For performance reasons, the socket will retain it, not copy it. + * So if it is immutable, don't modify it while the socket is using it. +**/ +- (void)readDataToData:(NSData *)data + withTimeout:(NSTimeInterval)timeout + buffer:(nullable NSMutableData *)buffer + bufferOffset:(NSUInteger)offset + maxLength:(NSUInteger)length + tag:(long)tag; + +/** + * Returns progress of the current read, from 0.0 to 1.0, or NaN if no current read (use isnan() to check). + * The parameters "tag", "done" and "total" will be filled in if they aren't NULL. +**/ +- (float)progressOfReadReturningTag:(nullable long *)tagPtr bytesDone:(nullable NSUInteger *)donePtr total:(nullable NSUInteger *)totalPtr; + +#pragma mark Writing + +/** + * Writes data to the socket, and calls the delegate when finished. + * + * If you pass in nil or zero-length data, this method does nothing and the delegate will not be called. + * If the timeout value is negative, the write operation will not use a timeout. + * + * Thread-Safety Note: + * If the given data parameter is mutable (NSMutableData) then you MUST NOT alter the data while + * the socket is writing it. In other words, it's not safe to alter the data until after the delegate method + * socket:didWriteDataWithTag: is invoked signifying that this particular write operation has completed. + * This is due to the fact that GCDAsyncSocket does NOT copy the data. It simply retains it. + * This is for performance reasons. Often times, if NSMutableData is passed, it is because + * a request/response was built up in memory. Copying this data adds an unwanted/unneeded overhead. + * If you need to write data from an immutable buffer, and you need to alter the buffer before the socket + * completes writing the bytes (which is NOT immediately after this method returns, but rather at a later time + * when the delegate method notifies you), then you should first copy the bytes, and pass the copy to this method. +**/ +- (void)writeData:(nullable NSData *)data withTimeout:(NSTimeInterval)timeout tag:(long)tag; + +/** + * Returns progress of the current write, from 0.0 to 1.0, or NaN if no current write (use isnan() to check). + * The parameters "tag", "done" and "total" will be filled in if they aren't NULL. +**/ +- (float)progressOfWriteReturningTag:(nullable long *)tagPtr bytesDone:(nullable NSUInteger *)donePtr total:(nullable NSUInteger *)totalPtr; + +#pragma mark Security + +/** + * Secures the connection using SSL/TLS. + * + * This method may be called at any time, and the TLS handshake will occur after all pending reads and writes + * are finished. This allows one the option of sending a protocol dependent StartTLS message, and queuing + * the upgrade to TLS at the same time, without having to wait for the write to finish. + * Any reads or writes scheduled after this method is called will occur over the secured connection. + * + * ==== The available TOP-LEVEL KEYS are: + * + * - GCDAsyncSocketManuallyEvaluateTrust + * The value must be of type NSNumber, encapsulating a BOOL value. + * If you set this to YES, then the underlying SecureTransport system will not evaluate the SecTrustRef of the peer. + * Instead it will pause at the moment evaulation would typically occur, + * and allow us to handle the security evaluation however we see fit. + * So GCDAsyncSocket will invoke the delegate method socket:shouldTrustPeer: passing the SecTrustRef. + * + * Note that if you set this option, then all other configuration keys are ignored. + * Evaluation will be completely up to you during the socket:didReceiveTrust:completionHandler: delegate method. + * + * For more information on trust evaluation see: + * Apple's Technical Note TN2232 - HTTPS Server Trust Evaluation + * https://developer.apple.com/library/ios/technotes/tn2232/_index.html + * + * If unspecified, the default value is NO. + * + * - GCDAsyncSocketUseCFStreamForTLS (iOS only) + * The value must be of type NSNumber, encapsulating a BOOL value. + * By default GCDAsyncSocket will use the SecureTransport layer to perform encryption. + * This gives us more control over the security protocol (many more configuration options), + * plus it allows us to optimize things like sys calls and buffer allocation. + * + * However, if you absolutely must, you can instruct GCDAsyncSocket to use the old-fashioned encryption + * technique by going through the CFStream instead. So instead of using SecureTransport, GCDAsyncSocket + * will instead setup a CFRead/CFWriteStream. And then set the kCFStreamPropertySSLSettings property + * (via CFReadStreamSetProperty / CFWriteStreamSetProperty) and will pass the given options to this method. + * + * Thus all the other keys in the given dictionary will be ignored by GCDAsyncSocket, + * and will passed directly CFReadStreamSetProperty / CFWriteStreamSetProperty. + * For more infomation on these keys, please see the documentation for kCFStreamPropertySSLSettings. + * + * If unspecified, the default value is NO. + * + * ==== The available CONFIGURATION KEYS are: + * + * - kCFStreamSSLPeerName + * The value must be of type NSString. + * It should match the name in the X.509 certificate given by the remote party. + * See Apple's documentation for SSLSetPeerDomainName. + * + * - kCFStreamSSLCertificates + * The value must be of type NSArray. + * See Apple's documentation for SSLSetCertificate. + * + * - kCFStreamSSLIsServer + * The value must be of type NSNumber, encapsulationg a BOOL value. + * See Apple's documentation for SSLCreateContext for iOS. + * This is optional for iOS. If not supplied, a NO value is the default. + * This is not needed for Mac OS X, and the value is ignored. + * + * - GCDAsyncSocketSSLPeerID + * The value must be of type NSData. + * You must set this value if you want to use TLS session resumption. + * See Apple's documentation for SSLSetPeerID. + * + * - GCDAsyncSocketSSLProtocolVersionMin + * - GCDAsyncSocketSSLProtocolVersionMax + * The value(s) must be of type NSNumber, encapsulting a SSLProtocol value. + * See Apple's documentation for SSLSetProtocolVersionMin & SSLSetProtocolVersionMax. + * See also the SSLProtocol typedef. + * + * - GCDAsyncSocketSSLSessionOptionFalseStart + * The value must be of type NSNumber, encapsulating a BOOL value. + * See Apple's documentation for kSSLSessionOptionFalseStart. + * + * - GCDAsyncSocketSSLSessionOptionSendOneByteRecord + * The value must be of type NSNumber, encapsulating a BOOL value. + * See Apple's documentation for kSSLSessionOptionSendOneByteRecord. + * + * - GCDAsyncSocketSSLCipherSuites + * The values must be of type NSArray. + * Each item within the array must be a NSNumber, encapsulating an SSLCipherSuite. + * See Apple's documentation for SSLSetEnabledCiphers. + * See also the SSLCipherSuite typedef. + * + * - GCDAsyncSocketSSLDiffieHellmanParameters (Mac OS X only) + * The value must be of type NSData. + * See Apple's documentation for SSLSetDiffieHellmanParams. + * + * ==== The following UNAVAILABLE KEYS are: (with throw an exception) + * + * - kCFStreamSSLAllowsAnyRoot (UNAVAILABLE) + * You MUST use manual trust evaluation instead (see GCDAsyncSocketManuallyEvaluateTrust). + * Corresponding deprecated method: SSLSetAllowsAnyRoot + * + * - kCFStreamSSLAllowsExpiredRoots (UNAVAILABLE) + * You MUST use manual trust evaluation instead (see GCDAsyncSocketManuallyEvaluateTrust). + * Corresponding deprecated method: SSLSetAllowsExpiredRoots + * + * - kCFStreamSSLAllowsExpiredCertificates (UNAVAILABLE) + * You MUST use manual trust evaluation instead (see GCDAsyncSocketManuallyEvaluateTrust). + * Corresponding deprecated method: SSLSetAllowsExpiredCerts + * + * - kCFStreamSSLValidatesCertificateChain (UNAVAILABLE) + * You MUST use manual trust evaluation instead (see GCDAsyncSocketManuallyEvaluateTrust). + * Corresponding deprecated method: SSLSetEnableCertVerify + * + * - kCFStreamSSLLevel (UNAVAILABLE) + * You MUST use GCDAsyncSocketSSLProtocolVersionMin & GCDAsyncSocketSSLProtocolVersionMin instead. + * Corresponding deprecated method: SSLSetProtocolVersionEnabled + * + * + * Please refer to Apple's documentation for corresponding SSLFunctions. + * + * If you pass in nil or an empty dictionary, the default settings will be used. + * + * IMPORTANT SECURITY NOTE: + * The default settings will check to make sure the remote party's certificate is signed by a + * trusted 3rd party certificate agency (e.g. verisign) and that the certificate is not expired. + * However it will not verify the name on the certificate unless you + * give it a name to verify against via the kCFStreamSSLPeerName key. + * The security implications of this are important to understand. + * Imagine you are attempting to create a secure connection to MySecureServer.com, + * but your socket gets directed to MaliciousServer.com because of a hacked DNS server. + * If you simply use the default settings, and MaliciousServer.com has a valid certificate, + * the default settings will not detect any problems since the certificate is valid. + * To properly secure your connection in this particular scenario you + * should set the kCFStreamSSLPeerName property to "MySecureServer.com". + * + * You can also perform additional validation in socketDidSecure. +**/ +- (void)startTLS:(nullable NSDictionary *)tlsSettings; + +#pragma mark Advanced + +/** + * Traditionally sockets are not closed until the conversation is over. + * However, it is technically possible for the remote enpoint to close its write stream. + * Our socket would then be notified that there is no more data to be read, + * but our socket would still be writeable and the remote endpoint could continue to receive our data. + * + * The argument for this confusing functionality stems from the idea that a client could shut down its + * write stream after sending a request to the server, thus notifying the server there are to be no further requests. + * In practice, however, this technique did little to help server developers. + * + * To make matters worse, from a TCP perspective there is no way to tell the difference from a read stream close + * and a full socket close. They both result in the TCP stack receiving a FIN packet. The only way to tell + * is by continuing to write to the socket. If it was only a read stream close, then writes will continue to work. + * Otherwise an error will be occur shortly (when the remote end sends us a RST packet). + * + * In addition to the technical challenges and confusion, many high level socket/stream API's provide + * no support for dealing with the problem. If the read stream is closed, the API immediately declares the + * socket to be closed, and shuts down the write stream as well. In fact, this is what Apple's CFStream API does. + * It might sound like poor design at first, but in fact it simplifies development. + * + * The vast majority of the time if the read stream is closed it's because the remote endpoint closed its socket. + * Thus it actually makes sense to close the socket at this point. + * And in fact this is what most networking developers want and expect to happen. + * However, if you are writing a server that interacts with a plethora of clients, + * you might encounter a client that uses the discouraged technique of shutting down its write stream. + * If this is the case, you can set this property to NO, + * and make use of the socketDidCloseReadStream delegate method. + * + * The default value is YES. +**/ +@property (atomic, assign, readwrite) BOOL autoDisconnectOnClosedReadStream; + +/** + * GCDAsyncSocket maintains thread safety by using an internal serial dispatch_queue. + * In most cases, the instance creates this queue itself. + * However, to allow for maximum flexibility, the internal queue may be passed in the init method. + * This allows for some advanced options such as controlling socket priority via target queues. + * However, when one begins to use target queues like this, they open the door to some specific deadlock issues. + * + * For example, imagine there are 2 queues: + * dispatch_queue_t socketQueue; + * dispatch_queue_t socketTargetQueue; + * + * If you do this (pseudo-code): + * socketQueue.targetQueue = socketTargetQueue; + * + * Then all socketQueue operations will actually get run on the given socketTargetQueue. + * This is fine and works great in most situations. + * But if you run code directly from within the socketTargetQueue that accesses the socket, + * you could potentially get deadlock. Imagine the following code: + * + * - (BOOL)socketHasSomething + * { + * __block BOOL result = NO; + * dispatch_block_t block = ^{ + * result = [self someInternalMethodToBeRunOnlyOnSocketQueue]; + * } + * if (is_executing_on_queue(socketQueue)) + * block(); + * else + * dispatch_sync(socketQueue, block); + * + * return result; + * } + * + * What happens if you call this method from the socketTargetQueue? The result is deadlock. + * This is because the GCD API offers no mechanism to discover a queue's targetQueue. + * Thus we have no idea if our socketQueue is configured with a targetQueue. + * If we had this information, we could easily avoid deadlock. + * But, since these API's are missing or unfeasible, you'll have to explicitly set it. + * + * IF you pass a socketQueue via the init method, + * AND you've configured the passed socketQueue with a targetQueue, + * THEN you should pass the end queue in the target hierarchy. + * + * For example, consider the following queue hierarchy: + * socketQueue -> ipQueue -> moduleQueue + * + * This example demonstrates priority shaping within some server. + * All incoming client connections from the same IP address are executed on the same target queue. + * And all connections for a particular module are executed on the same target queue. + * Thus, the priority of all networking for the entire module can be changed on the fly. + * Additionally, networking traffic from a single IP cannot monopolize the module. + * + * Here's how you would accomplish something like that: + * - (dispatch_queue_t)newSocketQueueForConnectionFromAddress:(NSData *)address onSocket:(GCDAsyncSocket *)sock + * { + * dispatch_queue_t socketQueue = dispatch_queue_create("", NULL); + * dispatch_queue_t ipQueue = [self ipQueueForAddress:address]; + * + * dispatch_set_target_queue(socketQueue, ipQueue); + * dispatch_set_target_queue(iqQueue, moduleQueue); + * + * return socketQueue; + * } + * - (void)socket:(GCDAsyncSocket *)sock didAcceptNewSocket:(GCDAsyncSocket *)newSocket + * { + * [clientConnections addObject:newSocket]; + * [newSocket markSocketQueueTargetQueue:moduleQueue]; + * } + * + * Note: This workaround is ONLY needed if you intend to execute code directly on the ipQueue or moduleQueue. + * This is often NOT the case, as such queues are used solely for execution shaping. +**/ +- (void)markSocketQueueTargetQueue:(dispatch_queue_t)socketQueuesPreConfiguredTargetQueue; +- (void)unmarkSocketQueueTargetQueue:(dispatch_queue_t)socketQueuesPreviouslyConfiguredTargetQueue; + +/** + * It's not thread-safe to access certain variables from outside the socket's internal queue. + * + * For example, the socket file descriptor. + * File descriptors are simply integers which reference an index in the per-process file table. + * However, when one requests a new file descriptor (by opening a file or socket), + * the file descriptor returned is guaranteed to be the lowest numbered unused descriptor. + * So if we're not careful, the following could be possible: + * + * - Thread A invokes a method which returns the socket's file descriptor. + * - The socket is closed via the socket's internal queue on thread B. + * - Thread C opens a file, and subsequently receives the file descriptor that was previously the socket's FD. + * - Thread A is now accessing/altering the file instead of the socket. + * + * In addition to this, other variables are not actually objects, + * and thus cannot be retained/released or even autoreleased. + * An example is the sslContext, of type SSLContextRef, which is actually a malloc'd struct. + * + * Although there are internal variables that make it difficult to maintain thread-safety, + * it is important to provide access to these variables + * to ensure this class can be used in a wide array of environments. + * This method helps to accomplish this by invoking the current block on the socket's internal queue. + * The methods below can be invoked from within the block to access + * those generally thread-unsafe internal variables in a thread-safe manner. + * The given block will be invoked synchronously on the socket's internal queue. + * + * If you save references to any protected variables and use them outside the block, you do so at your own peril. +**/ +- (void)performBlock:(dispatch_block_t)block; + +/** + * These methods are only available from within the context of a performBlock: invocation. + * See the documentation for the performBlock: method above. + * + * Provides access to the socket's file descriptor(s). + * If the socket is a server socket (is accepting incoming connections), + * it might actually have multiple internal socket file descriptors - one for IPv4 and one for IPv6. +**/ +- (int)socketFD; +- (int)socket4FD; +- (int)socket6FD; + +#if TARGET_OS_IPHONE + +/** + * These methods are only available from within the context of a performBlock: invocation. + * See the documentation for the performBlock: method above. + * + * Provides access to the socket's internal CFReadStream/CFWriteStream. + * + * These streams are only used as workarounds for specific iOS shortcomings: + * + * - Apple has decided to keep the SecureTransport framework private is iOS. + * This means the only supplied way to do SSL/TLS is via CFStream or some other API layered on top of it. + * Thus, in order to provide SSL/TLS support on iOS we are forced to rely on CFStream, + * instead of the preferred and faster and more powerful SecureTransport. + * + * - If a socket doesn't have backgrounding enabled, and that socket is closed while the app is backgrounded, + * Apple only bothers to notify us via the CFStream API. + * The faster and more powerful GCD API isn't notified properly in this case. + * + * See also: (BOOL)enableBackgroundingOnSocket +**/ +- (nullable CFReadStreamRef)readStream; +- (nullable CFWriteStreamRef)writeStream; + +/** + * This method is only available from within the context of a performBlock: invocation. + * See the documentation for the performBlock: method above. + * + * Configures the socket to allow it to operate when the iOS application has been backgrounded. + * In other words, this method creates a read & write stream, and invokes: + * + * CFReadStreamSetProperty(readStream, kCFStreamNetworkServiceType, kCFStreamNetworkServiceTypeVoIP); + * CFWriteStreamSetProperty(writeStream, kCFStreamNetworkServiceType, kCFStreamNetworkServiceTypeVoIP); + * + * Returns YES if successful, NO otherwise. + * + * Note: Apple does not officially support backgrounding server sockets. + * That is, if your socket is accepting incoming connections, Apple does not officially support + * allowing iOS applications to accept incoming connections while an app is backgrounded. + * + * Example usage: + * + * - (void)socket:(GCDAsyncSocket *)sock didConnectToHost:(NSString *)host port:(uint16_t)port + * { + * [asyncSocket performBlock:^{ + * [asyncSocket enableBackgroundingOnSocket]; + * }]; + * } +**/ +- (BOOL)enableBackgroundingOnSocket; + +#endif + +/** + * This method is only available from within the context of a performBlock: invocation. + * See the documentation for the performBlock: method above. + * + * Provides access to the socket's SSLContext, if SSL/TLS has been started on the socket. +**/ +- (nullable SSLContextRef)sslContext; + +#pragma mark Utilities + +/** + * The address lookup utility used by the class. + * This method is synchronous, so it's recommended you use it on a background thread/queue. + * + * The special strings "localhost" and "loopback" return the loopback address for IPv4 and IPv6. + * + * @returns + * A mutable array with all IPv4 and IPv6 addresses returned by getaddrinfo. + * The addresses are specifically for TCP connections. + * You can filter the addresses, if needed, using the other utility methods provided by the class. +**/ ++ (nullable NSMutableArray *)lookupHost:(NSString *)host port:(uint16_t)port error:(NSError **)errPtr; + +/** + * Extracting host and port information from raw address data. +**/ + ++ (nullable NSString *)hostFromAddress:(NSData *)address; ++ (uint16_t)portFromAddress:(NSData *)address; + ++ (BOOL)isIPv4Address:(NSData *)address; ++ (BOOL)isIPv6Address:(NSData *)address; + ++ (BOOL)getHost:( NSString * __nullable * __nullable)hostPtr port:(nullable uint16_t *)portPtr fromAddress:(NSData *)address; + ++ (BOOL)getHost:(NSString * __nullable * __nullable)hostPtr port:(nullable uint16_t *)portPtr family:(nullable sa_family_t *)afPtr fromAddress:(NSData *)address; + +/** + * A few common line separators, for use with the readDataToData:... methods. +**/ ++ (NSData *)CRLFData; // 0x0D0A ++ (NSData *)CRData; // 0x0D ++ (NSData *)LFData; // 0x0A ++ (NSData *)ZeroData; // 0x00 + +@end + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark - +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +@protocol GCDAsyncSocketDelegate +@optional + +/** + * This method is called immediately prior to socket:didAcceptNewSocket:. + * It optionally allows a listening socket to specify the socketQueue for a new accepted socket. + * If this method is not implemented, or returns NULL, the new accepted socket will create its own default queue. + * + * Since you cannot autorelease a dispatch_queue, + * this method uses the "new" prefix in its name to specify that the returned queue has been retained. + * + * Thus you could do something like this in the implementation: + * return dispatch_queue_create("MyQueue", NULL); + * + * If you are placing multiple sockets on the same queue, + * then care should be taken to increment the retain count each time this method is invoked. + * + * For example, your implementation might look something like this: + * dispatch_retain(myExistingQueue); + * return myExistingQueue; +**/ +- (nullable dispatch_queue_t)newSocketQueueForConnectionFromAddress:(NSData *)address onSocket:(GCDAsyncSocket *)sock; + +/** + * Called when a socket accepts a connection. + * Another socket is automatically spawned to handle it. + * + * You must retain the newSocket if you wish to handle the connection. + * Otherwise the newSocket instance will be released and the spawned connection will be closed. + * + * By default the new socket will have the same delegate and delegateQueue. + * You may, of course, change this at any time. +**/ +- (void)socket:(GCDAsyncSocket *)sock didAcceptNewSocket:(GCDAsyncSocket *)newSocket; + +/** + * Called when a socket connects and is ready for reading and writing. + * The host parameter will be an IP address, not a DNS name. +**/ +- (void)socket:(GCDAsyncSocket *)sock didConnectToHost:(NSString *)host port:(uint16_t)port; + +/** + * Called when a socket connects and is ready for reading and writing. + * The host parameter will be an IP address, not a DNS name. + **/ +- (void)socket:(GCDAsyncSocket *)sock didConnectToUrl:(NSURL *)url; + +/** + * Called when a socket has completed reading the requested data into memory. + * Not called if there is an error. +**/ +- (void)socket:(GCDAsyncSocket *)sock didReadData:(NSData *)data withTag:(long)tag; + +/** + * Called when a socket has read in data, but has not yet completed the read. + * This would occur if using readToData: or readToLength: methods. + * It may be used for things such as updating progress bars. +**/ +- (void)socket:(GCDAsyncSocket *)sock didReadPartialDataOfLength:(NSUInteger)partialLength tag:(long)tag; + +/** + * Called when a socket has completed writing the requested data. Not called if there is an error. +**/ +- (void)socket:(GCDAsyncSocket *)sock didWriteDataWithTag:(long)tag; + +/** + * Called when a socket has written some data, but has not yet completed the entire write. + * It may be used for things such as updating progress bars. +**/ +- (void)socket:(GCDAsyncSocket *)sock didWritePartialDataOfLength:(NSUInteger)partialLength tag:(long)tag; + +/** + * Called if a read operation has reached its timeout without completing. + * This method allows you to optionally extend the timeout. + * If you return a positive time interval (> 0) the read's timeout will be extended by the given amount. + * If you don't implement this method, or return a non-positive time interval (<= 0) the read will timeout as usual. + * + * The elapsed parameter is the sum of the original timeout, plus any additions previously added via this method. + * The length parameter is the number of bytes that have been read so far for the read operation. + * + * Note that this method may be called multiple times for a single read if you return positive numbers. +**/ +- (NSTimeInterval)socket:(GCDAsyncSocket *)sock shouldTimeoutReadWithTag:(long)tag + elapsed:(NSTimeInterval)elapsed + bytesDone:(NSUInteger)length; + +/** + * Called if a write operation has reached its timeout without completing. + * This method allows you to optionally extend the timeout. + * If you return a positive time interval (> 0) the write's timeout will be extended by the given amount. + * If you don't implement this method, or return a non-positive time interval (<= 0) the write will timeout as usual. + * + * The elapsed parameter is the sum of the original timeout, plus any additions previously added via this method. + * The length parameter is the number of bytes that have been written so far for the write operation. + * + * Note that this method may be called multiple times for a single write if you return positive numbers. +**/ +- (NSTimeInterval)socket:(GCDAsyncSocket *)sock shouldTimeoutWriteWithTag:(long)tag + elapsed:(NSTimeInterval)elapsed + bytesDone:(NSUInteger)length; + +/** + * Conditionally called if the read stream closes, but the write stream may still be writeable. + * + * This delegate method is only called if autoDisconnectOnClosedReadStream has been set to NO. + * See the discussion on the autoDisconnectOnClosedReadStream method for more information. +**/ +- (void)socketDidCloseReadStream:(GCDAsyncSocket *)sock; + +/** + * Called when a socket disconnects with or without error. + * + * If you call the disconnect method, and the socket wasn't already disconnected, + * then an invocation of this delegate method will be enqueued on the delegateQueue + * before the disconnect method returns. + * + * Note: If the GCDAsyncSocket instance is deallocated while it is still connected, + * and the delegate is not also deallocated, then this method will be invoked, + * but the sock parameter will be nil. (It must necessarily be nil since it is no longer available.) + * This is a generally rare, but is possible if one writes code like this: + * + * asyncSocket = nil; // I'm implicitly disconnecting the socket + * + * In this case it may preferrable to nil the delegate beforehand, like this: + * + * asyncSocket.delegate = nil; // Don't invoke my delegate method + * asyncSocket = nil; // I'm implicitly disconnecting the socket + * + * Of course, this depends on how your state machine is configured. +**/ +- (void)socketDidDisconnect:(GCDAsyncSocket *)sock withError:(nullable NSError *)err; + +/** + * Called after the socket has successfully completed SSL/TLS negotiation. + * This method is not called unless you use the provided startTLS method. + * + * If a SSL/TLS negotiation fails (invalid certificate, etc) then the socket will immediately close, + * and the socketDidDisconnect:withError: delegate method will be called with the specific SSL error code. +**/ +- (void)socketDidSecure:(GCDAsyncSocket *)sock; + +/** + * Allows a socket delegate to hook into the TLS handshake and manually validate the peer it's connecting to. + * + * This is only called if startTLS is invoked with options that include: + * - GCDAsyncSocketManuallyEvaluateTrust == YES + * + * Typically the delegate will use SecTrustEvaluate (and related functions) to properly validate the peer. + * + * Note from Apple's documentation: + * Because [SecTrustEvaluate] might look on the network for certificates in the certificate chain, + * [it] might block while attempting network access. You should never call it from your main thread; + * call it only from within a function running on a dispatch queue or on a separate thread. + * + * Thus this method uses a completionHandler block rather than a normal return value. + * The completionHandler block is thread-safe, and may be invoked from a background queue/thread. + * It is safe to invoke the completionHandler block even if the socket has been closed. +**/ +- (void)socket:(GCDAsyncSocket *)sock didReceiveTrust:(SecTrustRef)trust + completionHandler:(void (^)(BOOL shouldTrustPeer))completionHandler; + +@end +NS_ASSUME_NONNULL_END diff --git a/GlassVPN/robbiehanson-CocoaAsyncSocket/GCDAsyncSocket.m b/GlassVPN/robbiehanson-CocoaAsyncSocket/GCDAsyncSocket.m new file mode 100755 index 0000000..1bbbaf4 --- /dev/null +++ b/GlassVPN/robbiehanson-CocoaAsyncSocket/GCDAsyncSocket.m @@ -0,0 +1,8495 @@ +// +// GCDAsyncSocket.m +// +// This class is in the public domain. +// Originally created by Robbie Hanson in Q4 2010. +// Updated and maintained by Deusty LLC and the Apple development community. +// +// https://github.com/robbiehanson/CocoaAsyncSocket +// + +#import "GCDAsyncSocket.h" + +#if TARGET_OS_IPHONE +#import +#endif + +#import +#import +#import +#import +#import +#import +#import +#import +#import +#import +#import +#import +#import +#import + +#if ! __has_feature(objc_arc) +#warning This file must be compiled with ARC. Use -fobjc-arc flag (or convert project to ARC). +// For more information see: https://github.com/robbiehanson/CocoaAsyncSocket/wiki/ARC +#endif + + +#ifndef GCDAsyncSocketLoggingEnabled +#define GCDAsyncSocketLoggingEnabled 0 +#endif + +#if GCDAsyncSocketLoggingEnabled + +// Logging Enabled - See log level below + +// Logging uses the CocoaLumberjack framework (which is also GCD based). +// https://github.com/robbiehanson/CocoaLumberjack +// +// It allows us to do a lot of logging without significantly slowing down the code. +#import "DDLog.h" + +#define LogAsync YES +#define LogContext GCDAsyncSocketLoggingContext + +#define LogObjc(flg, frmt, ...) LOG_OBJC_MAYBE(LogAsync, logLevel, flg, LogContext, frmt, ##__VA_ARGS__) +#define LogC(flg, frmt, ...) LOG_C_MAYBE(LogAsync, logLevel, flg, LogContext, frmt, ##__VA_ARGS__) + +#define LogError(frmt, ...) LogObjc(LOG_FLAG_ERROR, (@"%@: " frmt), THIS_FILE, ##__VA_ARGS__) +#define LogWarn(frmt, ...) LogObjc(LOG_FLAG_WARN, (@"%@: " frmt), THIS_FILE, ##__VA_ARGS__) +#define LogInfo(frmt, ...) LogObjc(LOG_FLAG_INFO, (@"%@: " frmt), THIS_FILE, ##__VA_ARGS__) +#define LogVerbose(frmt, ...) LogObjc(LOG_FLAG_VERBOSE, (@"%@: " frmt), THIS_FILE, ##__VA_ARGS__) + +#define LogCError(frmt, ...) LogC(LOG_FLAG_ERROR, (@"%@: " frmt), THIS_FILE, ##__VA_ARGS__) +#define LogCWarn(frmt, ...) LogC(LOG_FLAG_WARN, (@"%@: " frmt), THIS_FILE, ##__VA_ARGS__) +#define LogCInfo(frmt, ...) LogC(LOG_FLAG_INFO, (@"%@: " frmt), THIS_FILE, ##__VA_ARGS__) +#define LogCVerbose(frmt, ...) LogC(LOG_FLAG_VERBOSE, (@"%@: " frmt), THIS_FILE, ##__VA_ARGS__) + +#define LogTrace() LogObjc(LOG_FLAG_VERBOSE, @"%@: %@", THIS_FILE, THIS_METHOD) +#define LogCTrace() LogC(LOG_FLAG_VERBOSE, @"%@: %s", THIS_FILE, __FUNCTION__) + +#ifndef GCDAsyncSocketLogLevel +#define GCDAsyncSocketLogLevel LOG_LEVEL_VERBOSE +#endif + +// Log levels : off, error, warn, info, verbose +static const int logLevel = GCDAsyncSocketLogLevel; + +#else + +// Logging Disabled + +#define LogError(frmt, ...) {} +#define LogWarn(frmt, ...) {} +#define LogInfo(frmt, ...) {} +#define LogVerbose(frmt, ...) {} + +#define LogCError(frmt, ...) {} +#define LogCWarn(frmt, ...) {} +#define LogCInfo(frmt, ...) {} +#define LogCVerbose(frmt, ...) {} + +#define LogTrace() {} +#define LogCTrace(frmt, ...) {} + +#endif + +/** + * Seeing a return statements within an inner block + * can sometimes be mistaken for a return point of the enclosing method. + * This makes inline blocks a bit easier to read. +**/ +#define return_from_block return + +/** + * A socket file descriptor is really just an integer. + * It represents the index of the socket within the kernel. + * This makes invalid file descriptor comparisons easier to read. +**/ +#define SOCKET_NULL -1 + + +NSString *const GCDAsyncSocketException = @"GCDAsyncSocketException"; +NSString *const GCDAsyncSocketErrorDomain = @"GCDAsyncSocketErrorDomain"; + +NSString *const GCDAsyncSocketQueueName = @"GCDAsyncSocket"; +NSString *const GCDAsyncSocketThreadName = @"GCDAsyncSocket-CFStream"; + +NSString *const GCDAsyncSocketManuallyEvaluateTrust = @"GCDAsyncSocketManuallyEvaluateTrust"; +#if TARGET_OS_IPHONE +NSString *const GCDAsyncSocketUseCFStreamForTLS = @"GCDAsyncSocketUseCFStreamForTLS"; +#endif +NSString *const GCDAsyncSocketSSLPeerID = @"GCDAsyncSocketSSLPeerID"; +NSString *const GCDAsyncSocketSSLProtocolVersionMin = @"GCDAsyncSocketSSLProtocolVersionMin"; +NSString *const GCDAsyncSocketSSLProtocolVersionMax = @"GCDAsyncSocketSSLProtocolVersionMax"; +NSString *const GCDAsyncSocketSSLSessionOptionFalseStart = @"GCDAsyncSocketSSLSessionOptionFalseStart"; +NSString *const GCDAsyncSocketSSLSessionOptionSendOneByteRecord = @"GCDAsyncSocketSSLSessionOptionSendOneByteRecord"; +NSString *const GCDAsyncSocketSSLCipherSuites = @"GCDAsyncSocketSSLCipherSuites"; +#if !TARGET_OS_IPHONE +NSString *const GCDAsyncSocketSSLDiffieHellmanParameters = @"GCDAsyncSocketSSLDiffieHellmanParameters"; +#endif + +enum GCDAsyncSocketFlags +{ + kSocketStarted = 1 << 0, // If set, socket has been started (accepting/connecting) + kConnected = 1 << 1, // If set, the socket is connected + kForbidReadsWrites = 1 << 2, // If set, no new reads or writes are allowed + kReadsPaused = 1 << 3, // If set, reads are paused due to possible timeout + kWritesPaused = 1 << 4, // If set, writes are paused due to possible timeout + kDisconnectAfterReads = 1 << 5, // If set, disconnect after no more reads are queued + kDisconnectAfterWrites = 1 << 6, // If set, disconnect after no more writes are queued + kSocketCanAcceptBytes = 1 << 7, // If set, we know socket can accept bytes. If unset, it's unknown. + kReadSourceSuspended = 1 << 8, // If set, the read source is suspended + kWriteSourceSuspended = 1 << 9, // If set, the write source is suspended + kQueuedTLS = 1 << 10, // If set, we've queued an upgrade to TLS + kStartingReadTLS = 1 << 11, // If set, we're waiting for TLS negotiation to complete + kStartingWriteTLS = 1 << 12, // If set, we're waiting for TLS negotiation to complete + kSocketSecure = 1 << 13, // If set, socket is using secure communication via SSL/TLS + kSocketHasReadEOF = 1 << 14, // If set, we have read EOF from socket + kReadStreamClosed = 1 << 15, // If set, we've read EOF plus prebuffer has been drained + kDealloc = 1 << 16, // If set, the socket is being deallocated +#if TARGET_OS_IPHONE + kAddedStreamsToRunLoop = 1 << 17, // If set, CFStreams have been added to listener thread + kUsingCFStreamForTLS = 1 << 18, // If set, we're forced to use CFStream instead of SecureTransport + kSecureSocketHasBytesAvailable = 1 << 19, // If set, CFReadStream has notified us of bytes available +#endif +}; + +enum GCDAsyncSocketConfig +{ + kIPv4Disabled = 1 << 0, // If set, IPv4 is disabled + kIPv6Disabled = 1 << 1, // If set, IPv6 is disabled + kPreferIPv6 = 1 << 2, // If set, IPv6 is preferred over IPv4 + kAllowHalfDuplexConnection = 1 << 3, // If set, the socket will stay open even if the read stream closes +}; + +#if TARGET_OS_IPHONE + static NSThread *cfstreamThread; // Used for CFStreams + + + static uint64_t cfstreamThreadRetainCount; // setup & teardown + static dispatch_queue_t cfstreamThreadSetupQueue; // setup & teardown +#endif + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark - +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +/** + * A PreBuffer is used when there is more data available on the socket + * than is being requested by current read request. + * In this case we slurp up all data from the socket (to minimize sys calls), + * and store additional yet unread data in a "prebuffer". + * + * The prebuffer is entirely drained before we read from the socket again. + * In other words, a large chunk of data is written is written to the prebuffer. + * The prebuffer is then drained via a series of one or more reads (for subsequent read request(s)). + * + * A ring buffer was once used for this purpose. + * But a ring buffer takes up twice as much memory as needed (double the size for mirroring). + * In fact, it generally takes up more than twice the needed size as everything has to be rounded up to vm_page_size. + * And since the prebuffer is always completely drained after being written to, a full ring buffer isn't needed. + * + * The current design is very simple and straight-forward, while also keeping memory requirements lower. +**/ + +@interface GCDAsyncSocketPreBuffer : NSObject +{ + uint8_t *preBuffer; + size_t preBufferSize; + + uint8_t *readPointer; + uint8_t *writePointer; +} + +- (instancetype)initWithCapacity:(size_t)numBytes NS_DESIGNATED_INITIALIZER; + +- (void)ensureCapacityForWrite:(size_t)numBytes; + +- (size_t)availableBytes; +- (uint8_t *)readBuffer; + +- (void)getReadBuffer:(uint8_t **)bufferPtr availableBytes:(size_t *)availableBytesPtr; + +- (size_t)availableSpace; +- (uint8_t *)writeBuffer; + +- (void)getWriteBuffer:(uint8_t **)bufferPtr availableSpace:(size_t *)availableSpacePtr; + +- (void)didRead:(size_t)bytesRead; +- (void)didWrite:(size_t)bytesWritten; + +- (void)reset; + +@end + +@implementation GCDAsyncSocketPreBuffer + +// Cover the superclass' designated initializer +- (instancetype)init NS_UNAVAILABLE +{ + NSAssert(0, @"Use the designated initializer"); + return nil; +} + +- (instancetype)initWithCapacity:(size_t)numBytes +{ + if ((self = [super init])) + { + preBufferSize = numBytes; + preBuffer = malloc(preBufferSize); + + readPointer = preBuffer; + writePointer = preBuffer; + } + return self; +} + +- (void)dealloc +{ + if (preBuffer) + free(preBuffer); +} + +- (void)ensureCapacityForWrite:(size_t)numBytes +{ + size_t availableSpace = [self availableSpace]; + + if (numBytes > availableSpace) + { + size_t additionalBytes = numBytes - availableSpace; + + size_t newPreBufferSize = preBufferSize + additionalBytes; + uint8_t *newPreBuffer = realloc(preBuffer, newPreBufferSize); + + size_t readPointerOffset = readPointer - preBuffer; + size_t writePointerOffset = writePointer - preBuffer; + + preBuffer = newPreBuffer; + preBufferSize = newPreBufferSize; + + readPointer = preBuffer + readPointerOffset; + writePointer = preBuffer + writePointerOffset; + } +} + +- (size_t)availableBytes +{ + return writePointer - readPointer; +} + +- (uint8_t *)readBuffer +{ + return readPointer; +} + +- (void)getReadBuffer:(uint8_t **)bufferPtr availableBytes:(size_t *)availableBytesPtr +{ + if (bufferPtr) *bufferPtr = readPointer; + if (availableBytesPtr) *availableBytesPtr = [self availableBytes]; +} + +- (void)didRead:(size_t)bytesRead +{ + readPointer += bytesRead; + + if (readPointer == writePointer) + { + // The prebuffer has been drained. Reset pointers. + readPointer = preBuffer; + writePointer = preBuffer; + } +} + +- (size_t)availableSpace +{ + return preBufferSize - (writePointer - preBuffer); +} + +- (uint8_t *)writeBuffer +{ + return writePointer; +} + +- (void)getWriteBuffer:(uint8_t **)bufferPtr availableSpace:(size_t *)availableSpacePtr +{ + if (bufferPtr) *bufferPtr = writePointer; + if (availableSpacePtr) *availableSpacePtr = [self availableSpace]; +} + +- (void)didWrite:(size_t)bytesWritten +{ + writePointer += bytesWritten; +} + +- (void)reset +{ + readPointer = preBuffer; + writePointer = preBuffer; +} + +@end + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark - +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +/** + * The GCDAsyncReadPacket encompasses the instructions for any given read. + * The content of a read packet allows the code to determine if we're: + * - reading to a certain length + * - reading to a certain separator + * - or simply reading the first chunk of available data +**/ +@interface GCDAsyncReadPacket : NSObject +{ + @public + NSMutableData *buffer; + NSUInteger startOffset; + NSUInteger bytesDone; + NSUInteger maxLength; + NSTimeInterval timeout; + NSUInteger readLength; + NSData *term; + BOOL bufferOwner; + NSUInteger originalBufferLength; + long tag; +} +- (instancetype)initWithData:(NSMutableData *)d + startOffset:(NSUInteger)s + maxLength:(NSUInteger)m + timeout:(NSTimeInterval)t + readLength:(NSUInteger)l + terminator:(NSData *)e + tag:(long)i NS_DESIGNATED_INITIALIZER; + +- (void)ensureCapacityForAdditionalDataOfLength:(NSUInteger)bytesToRead; + +- (NSUInteger)optimalReadLengthWithDefault:(NSUInteger)defaultValue shouldPreBuffer:(BOOL *)shouldPreBufferPtr; + +- (NSUInteger)readLengthForNonTermWithHint:(NSUInteger)bytesAvailable; +- (NSUInteger)readLengthForTermWithHint:(NSUInteger)bytesAvailable shouldPreBuffer:(BOOL *)shouldPreBufferPtr; +- (NSUInteger)readLengthForTermWithPreBuffer:(GCDAsyncSocketPreBuffer *)preBuffer found:(BOOL *)foundPtr; + +- (NSInteger)searchForTermAfterPreBuffering:(ssize_t)numBytes; + +@end + +@implementation GCDAsyncReadPacket + +// Cover the superclass' designated initializer +- (instancetype)init NS_UNAVAILABLE +{ + NSAssert(0, @"Use the designated initializer"); + return nil; +} + +- (instancetype)initWithData:(NSMutableData *)d + startOffset:(NSUInteger)s + maxLength:(NSUInteger)m + timeout:(NSTimeInterval)t + readLength:(NSUInteger)l + terminator:(NSData *)e + tag:(long)i +{ + if((self = [super init])) + { + bytesDone = 0; + maxLength = m; + timeout = t; + readLength = l; + term = [e copy]; + tag = i; + + if (d) + { + buffer = d; + startOffset = s; + bufferOwner = NO; + originalBufferLength = [d length]; + } + else + { + if (readLength > 0) + buffer = [[NSMutableData alloc] initWithLength:readLength]; + else + buffer = [[NSMutableData alloc] initWithLength:0]; + + startOffset = 0; + bufferOwner = YES; + originalBufferLength = 0; + } + } + return self; +} + +/** + * Increases the length of the buffer (if needed) to ensure a read of the given size will fit. +**/ +- (void)ensureCapacityForAdditionalDataOfLength:(NSUInteger)bytesToRead +{ + NSUInteger buffSize = [buffer length]; + NSUInteger buffUsed = startOffset + bytesDone; + + NSUInteger buffSpace = buffSize - buffUsed; + + if (bytesToRead > buffSpace) + { + NSUInteger buffInc = bytesToRead - buffSpace; + + [buffer increaseLengthBy:buffInc]; + } +} + +/** + * This method is used when we do NOT know how much data is available to be read from the socket. + * This method returns the default value unless it exceeds the specified readLength or maxLength. + * + * Furthermore, the shouldPreBuffer decision is based upon the packet type, + * and whether the returned value would fit in the current buffer without requiring a resize of the buffer. +**/ +- (NSUInteger)optimalReadLengthWithDefault:(NSUInteger)defaultValue shouldPreBuffer:(BOOL *)shouldPreBufferPtr +{ + NSUInteger result; + + if (readLength > 0) + { + // Read a specific length of data + result = readLength - bytesDone; + + // There is no need to prebuffer since we know exactly how much data we need to read. + // Even if the buffer isn't currently big enough to fit this amount of data, + // it would have to be resized eventually anyway. + + if (shouldPreBufferPtr) + *shouldPreBufferPtr = NO; + } + else + { + // Either reading until we find a specified terminator, + // or we're simply reading all available data. + // + // In other words, one of: + // + // - readDataToData packet + // - readDataWithTimeout packet + + if (maxLength > 0) + result = MIN(defaultValue, (maxLength - bytesDone)); + else + result = defaultValue; + + // Since we don't know the size of the read in advance, + // the shouldPreBuffer decision is based upon whether the returned value would fit + // in the current buffer without requiring a resize of the buffer. + // + // This is because, in all likelyhood, the amount read from the socket will be less than the default value. + // Thus we should avoid over-allocating the read buffer when we can simply use the pre-buffer instead. + + if (shouldPreBufferPtr) + { + NSUInteger buffSize = [buffer length]; + NSUInteger buffUsed = startOffset + bytesDone; + + NSUInteger buffSpace = buffSize - buffUsed; + + if (buffSpace >= result) + *shouldPreBufferPtr = NO; + else + *shouldPreBufferPtr = YES; + } + } + + return result; +} + +/** + * For read packets without a set terminator, returns the amount of data + * that can be read without exceeding the readLength or maxLength. + * + * The given parameter indicates the number of bytes estimated to be available on the socket, + * which is taken into consideration during the calculation. + * + * The given hint MUST be greater than zero. +**/ +- (NSUInteger)readLengthForNonTermWithHint:(NSUInteger)bytesAvailable +{ + NSAssert(term == nil, @"This method does not apply to term reads"); + NSAssert(bytesAvailable > 0, @"Invalid parameter: bytesAvailable"); + + if (readLength > 0) + { + // Read a specific length of data + + return MIN(bytesAvailable, (readLength - bytesDone)); + + // No need to avoid resizing the buffer. + // If the user provided their own buffer, + // and told us to read a certain length of data that exceeds the size of the buffer, + // then it is clear that our code will resize the buffer during the read operation. + // + // This method does not actually do any resizing. + // The resizing will happen elsewhere if needed. + } + else + { + // Read all available data + + NSUInteger result = bytesAvailable; + + if (maxLength > 0) + { + result = MIN(result, (maxLength - bytesDone)); + } + + // No need to avoid resizing the buffer. + // If the user provided their own buffer, + // and told us to read all available data without giving us a maxLength, + // then it is clear that our code might resize the buffer during the read operation. + // + // This method does not actually do any resizing. + // The resizing will happen elsewhere if needed. + + return result; + } +} + +/** + * For read packets with a set terminator, returns the amount of data + * that can be read without exceeding the maxLength. + * + * The given parameter indicates the number of bytes estimated to be available on the socket, + * which is taken into consideration during the calculation. + * + * To optimize memory allocations, mem copies, and mem moves + * the shouldPreBuffer boolean value will indicate if the data should be read into a prebuffer first, + * or if the data can be read directly into the read packet's buffer. +**/ +- (NSUInteger)readLengthForTermWithHint:(NSUInteger)bytesAvailable shouldPreBuffer:(BOOL *)shouldPreBufferPtr +{ + NSAssert(term != nil, @"This method does not apply to non-term reads"); + NSAssert(bytesAvailable > 0, @"Invalid parameter: bytesAvailable"); + + + NSUInteger result = bytesAvailable; + + if (maxLength > 0) + { + result = MIN(result, (maxLength - bytesDone)); + } + + // Should the data be read into the read packet's buffer, or into a pre-buffer first? + // + // One would imagine the preferred option is the faster one. + // So which one is faster? + // + // Reading directly into the packet's buffer requires: + // 1. Possibly resizing packet buffer (malloc/realloc) + // 2. Filling buffer (read) + // 3. Searching for term (memcmp) + // 4. Possibly copying overflow into prebuffer (malloc/realloc, memcpy) + // + // Reading into prebuffer first: + // 1. Possibly resizing prebuffer (malloc/realloc) + // 2. Filling buffer (read) + // 3. Searching for term (memcmp) + // 4. Copying underflow into packet buffer (malloc/realloc, memcpy) + // 5. Removing underflow from prebuffer (memmove) + // + // Comparing the performance of the two we can see that reading + // data into the prebuffer first is slower due to the extra memove. + // + // However: + // The implementation of NSMutableData is open source via core foundation's CFMutableData. + // Decreasing the length of a mutable data object doesn't cause a realloc. + // In other words, the capacity of a mutable data object can grow, but doesn't shrink. + // + // This means the prebuffer will rarely need a realloc. + // The packet buffer, on the other hand, may often need a realloc. + // This is especially true if we are the buffer owner. + // Furthermore, if we are constantly realloc'ing the packet buffer, + // and then moving the overflow into the prebuffer, + // then we're consistently over-allocating memory for each term read. + // And now we get into a bit of a tradeoff between speed and memory utilization. + // + // The end result is that the two perform very similarly. + // And we can answer the original question very simply by another means. + // + // If we can read all the data directly into the packet's buffer without resizing it first, + // then we do so. Otherwise we use the prebuffer. + + if (shouldPreBufferPtr) + { + NSUInteger buffSize = [buffer length]; + NSUInteger buffUsed = startOffset + bytesDone; + + if ((buffSize - buffUsed) >= result) + *shouldPreBufferPtr = NO; + else + *shouldPreBufferPtr = YES; + } + + return result; +} + +/** + * For read packets with a set terminator, + * returns the amount of data that can be read from the given preBuffer, + * without going over a terminator or the maxLength. + * + * It is assumed the terminator has not already been read. +**/ +- (NSUInteger)readLengthForTermWithPreBuffer:(GCDAsyncSocketPreBuffer *)preBuffer found:(BOOL *)foundPtr +{ + NSAssert(term != nil, @"This method does not apply to non-term reads"); + NSAssert([preBuffer availableBytes] > 0, @"Invoked with empty pre buffer!"); + + // We know that the terminator, as a whole, doesn't exist in our own buffer. + // But it is possible that a _portion_ of it exists in our buffer. + // So we're going to look for the terminator starting with a portion of our own buffer. + // + // Example: + // + // term length = 3 bytes + // bytesDone = 5 bytes + // preBuffer length = 5 bytes + // + // If we append the preBuffer to our buffer, + // it would look like this: + // + // --------------------- + // |B|B|B|B|B|P|P|P|P|P| + // --------------------- + // + // So we start our search here: + // + // --------------------- + // |B|B|B|B|B|P|P|P|P|P| + // -------^-^-^--------- + // + // And move forwards... + // + // --------------------- + // |B|B|B|B|B|P|P|P|P|P| + // ---------^-^-^------- + // + // Until we find the terminator or reach the end. + // + // --------------------- + // |B|B|B|B|B|P|P|P|P|P| + // ---------------^-^-^- + + BOOL found = NO; + + NSUInteger termLength = [term length]; + NSUInteger preBufferLength = [preBuffer availableBytes]; + + if ((bytesDone + preBufferLength) < termLength) + { + // Not enough data for a full term sequence yet + return preBufferLength; + } + + NSUInteger maxPreBufferLength; + if (maxLength > 0) { + maxPreBufferLength = MIN(preBufferLength, (maxLength - bytesDone)); + + // Note: maxLength >= termLength + } + else { + maxPreBufferLength = preBufferLength; + } + + uint8_t seq[termLength]; + const void *termBuf = [term bytes]; + + NSUInteger bufLen = MIN(bytesDone, (termLength - 1)); + uint8_t *buf = (uint8_t *)[buffer mutableBytes] + startOffset + bytesDone - bufLen; + + NSUInteger preLen = termLength - bufLen; + const uint8_t *pre = [preBuffer readBuffer]; + + NSUInteger loopCount = bufLen + maxPreBufferLength - termLength + 1; // Plus one. See example above. + + NSUInteger result = maxPreBufferLength; + + NSUInteger i; + for (i = 0; i < loopCount; i++) + { + if (bufLen > 0) + { + // Combining bytes from buffer and preBuffer + + memcpy(seq, buf, bufLen); + memcpy(seq + bufLen, pre, preLen); + + if (memcmp(seq, termBuf, termLength) == 0) + { + result = preLen; + found = YES; + break; + } + + buf++; + bufLen--; + preLen++; + } + else + { + // Comparing directly from preBuffer + + if (memcmp(pre, termBuf, termLength) == 0) + { + NSUInteger preOffset = pre - [preBuffer readBuffer]; // pointer arithmetic + + result = preOffset + termLength; + found = YES; + break; + } + + pre++; + } + } + + // There is no need to avoid resizing the buffer in this particular situation. + + if (foundPtr) *foundPtr = found; + return result; +} + +/** + * For read packets with a set terminator, scans the packet buffer for the term. + * It is assumed the terminator had not been fully read prior to the new bytes. + * + * If the term is found, the number of excess bytes after the term are returned. + * If the term is not found, this method will return -1. + * + * Note: A return value of zero means the term was found at the very end. + * + * Prerequisites: + * The given number of bytes have been added to the end of our buffer. + * Our bytesDone variable has NOT been changed due to the prebuffered bytes. +**/ +- (NSInteger)searchForTermAfterPreBuffering:(ssize_t)numBytes +{ + NSAssert(term != nil, @"This method does not apply to non-term reads"); + + // The implementation of this method is very similar to the above method. + // See the above method for a discussion of the algorithm used here. + + uint8_t *buff = [buffer mutableBytes]; + NSUInteger buffLength = bytesDone + numBytes; + + const void *termBuff = [term bytes]; + NSUInteger termLength = [term length]; + + // Note: We are dealing with unsigned integers, + // so make sure the math doesn't go below zero. + + NSUInteger i = ((buffLength - numBytes) >= termLength) ? (buffLength - numBytes - termLength + 1) : 0; + + while (i + termLength <= buffLength) + { + uint8_t *subBuffer = buff + startOffset + i; + + if (memcmp(subBuffer, termBuff, termLength) == 0) + { + return buffLength - (i + termLength); + } + + i++; + } + + return -1; +} + + +@end + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark - +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +/** + * The GCDAsyncWritePacket encompasses the instructions for any given write. +**/ +@interface GCDAsyncWritePacket : NSObject +{ + @public + NSData *buffer; + NSUInteger bytesDone; + long tag; + NSTimeInterval timeout; +} +- (instancetype)initWithData:(NSData *)d timeout:(NSTimeInterval)t tag:(long)i NS_DESIGNATED_INITIALIZER; +@end + +@implementation GCDAsyncWritePacket + +// Cover the superclass' designated initializer +- (instancetype)init NS_UNAVAILABLE +{ + NSAssert(0, @"Use the designated initializer"); + return nil; +} + +- (instancetype)initWithData:(NSData *)d timeout:(NSTimeInterval)t tag:(long)i +{ + if((self = [super init])) + { + buffer = d; // Retain not copy. For performance as documented in header file. + bytesDone = 0; + timeout = t; + tag = i; + } + return self; +} + + +@end + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark - +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +/** + * The GCDAsyncSpecialPacket encompasses special instructions for interruptions in the read/write queues. + * This class my be altered to support more than just TLS in the future. +**/ +@interface GCDAsyncSpecialPacket : NSObject +{ + @public + NSDictionary *tlsSettings; +} +- (instancetype)initWithTLSSettings:(NSDictionary *)settings NS_DESIGNATED_INITIALIZER; +@end + +@implementation GCDAsyncSpecialPacket + +// Cover the superclass' designated initializer +- (instancetype)init NS_UNAVAILABLE +{ + NSAssert(0, @"Use the designated initializer"); + return nil; +} + +- (instancetype)initWithTLSSettings:(NSDictionary *)settings +{ + if((self = [super init])) + { + tlsSettings = [settings copy]; + } + return self; +} + + +@end + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark - +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +@implementation GCDAsyncSocket +{ + uint32_t flags; + uint16_t config; + + __weak id delegate; + dispatch_queue_t delegateQueue; + + int socket4FD; + int socket6FD; + int socketUN; + NSURL *socketUrl; + int stateIndex; + NSData * connectInterface4; + NSData * connectInterface6; + NSData * connectInterfaceUN; + + dispatch_queue_t socketQueue; + + dispatch_source_t accept4Source; + dispatch_source_t accept6Source; + dispatch_source_t acceptUNSource; + dispatch_source_t connectTimer; + dispatch_source_t readSource; + dispatch_source_t writeSource; + dispatch_source_t readTimer; + dispatch_source_t writeTimer; + + NSMutableArray *readQueue; + NSMutableArray *writeQueue; + + GCDAsyncReadPacket *currentRead; + GCDAsyncWritePacket *currentWrite; + + unsigned long socketFDBytesAvailable; + + GCDAsyncSocketPreBuffer *preBuffer; + +#if TARGET_OS_IPHONE + CFStreamClientContext streamContext; + CFReadStreamRef readStream; + CFWriteStreamRef writeStream; +#endif + SSLContextRef sslContext; + GCDAsyncSocketPreBuffer *sslPreBuffer; + size_t sslWriteCachedLength; + OSStatus sslErrCode; + OSStatus lastSSLHandshakeError; + + void *IsOnSocketQueueOrTargetQueueKey; + + id userData; + NSTimeInterval alternateAddressDelay; +} + +- (instancetype)init +{ + return [self initWithDelegate:nil delegateQueue:NULL socketQueue:NULL]; +} + +- (instancetype)initWithSocketQueue:(dispatch_queue_t)sq +{ + return [self initWithDelegate:nil delegateQueue:NULL socketQueue:sq]; +} + +- (instancetype)initWithDelegate:(id)aDelegate delegateQueue:(dispatch_queue_t)dq +{ + return [self initWithDelegate:aDelegate delegateQueue:dq socketQueue:NULL]; +} + +- (instancetype)initWithDelegate:(id)aDelegate delegateQueue:(dispatch_queue_t)dq socketQueue:(dispatch_queue_t)sq +{ + if((self = [super init])) + { + delegate = aDelegate; + delegateQueue = dq; + + #if !OS_OBJECT_USE_OBJC + if (dq) dispatch_retain(dq); + #endif + + socket4FD = SOCKET_NULL; + socket6FD = SOCKET_NULL; + socketUN = SOCKET_NULL; + socketUrl = nil; + stateIndex = 0; + + if (sq) + { + NSAssert(sq != dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_LOW, 0), + @"The given socketQueue parameter must not be a concurrent queue."); + NSAssert(sq != dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_HIGH, 0), + @"The given socketQueue parameter must not be a concurrent queue."); + NSAssert(sq != dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0), + @"The given socketQueue parameter must not be a concurrent queue."); + + socketQueue = sq; + #if !OS_OBJECT_USE_OBJC + dispatch_retain(sq); + #endif + } + else + { + socketQueue = dispatch_queue_create([GCDAsyncSocketQueueName UTF8String], NULL); + } + + // The dispatch_queue_set_specific() and dispatch_get_specific() functions take a "void *key" parameter. + // From the documentation: + // + // > Keys are only compared as pointers and are never dereferenced. + // > Thus, you can use a pointer to a static variable for a specific subsystem or + // > any other value that allows you to identify the value uniquely. + // + // We're just going to use the memory address of an ivar. + // Specifically an ivar that is explicitly named for our purpose to make the code more readable. + // + // However, it feels tedious (and less readable) to include the "&" all the time: + // dispatch_get_specific(&IsOnSocketQueueOrTargetQueueKey) + // + // So we're going to make it so it doesn't matter if we use the '&' or not, + // by assigning the value of the ivar to the address of the ivar. + // Thus: IsOnSocketQueueOrTargetQueueKey == &IsOnSocketQueueOrTargetQueueKey; + + IsOnSocketQueueOrTargetQueueKey = &IsOnSocketQueueOrTargetQueueKey; + + void *nonNullUnusedPointer = (__bridge void *)self; + dispatch_queue_set_specific(socketQueue, IsOnSocketQueueOrTargetQueueKey, nonNullUnusedPointer, NULL); + + readQueue = [[NSMutableArray alloc] initWithCapacity:5]; + currentRead = nil; + + writeQueue = [[NSMutableArray alloc] initWithCapacity:5]; + currentWrite = nil; + + preBuffer = [[GCDAsyncSocketPreBuffer alloc] initWithCapacity:(1024 * 4)]; + alternateAddressDelay = 0.3; + } + return self; +} + +- (void)dealloc +{ + LogInfo(@"%@ - %@ (start)", THIS_METHOD, self); + + // Set dealloc flag. + // This is used by closeWithError to ensure we don't accidentally retain ourself. + flags |= kDealloc; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + [self closeWithError:nil]; + } + else + { + dispatch_sync(socketQueue, ^{ + [self closeWithError:nil]; + }); + } + + delegate = nil; + + #if !OS_OBJECT_USE_OBJC + if (delegateQueue) dispatch_release(delegateQueue); + #endif + delegateQueue = NULL; + + #if !OS_OBJECT_USE_OBJC + if (socketQueue) dispatch_release(socketQueue); + #endif + socketQueue = NULL; + + LogInfo(@"%@ - %@ (finish)", THIS_METHOD, self); +} + +#pragma mark - + ++ (nullable instancetype)socketFromConnectedSocketFD:(int)socketFD socketQueue:(nullable dispatch_queue_t)sq error:(NSError**)error { + return [self socketFromConnectedSocketFD:socketFD delegate:nil delegateQueue:NULL socketQueue:sq error:error]; +} + ++ (nullable instancetype)socketFromConnectedSocketFD:(int)socketFD delegate:(nullable id)aDelegate delegateQueue:(nullable dispatch_queue_t)dq error:(NSError**)error { + return [self socketFromConnectedSocketFD:socketFD delegate:aDelegate delegateQueue:dq socketQueue:NULL error:error]; +} + ++ (nullable instancetype)socketFromConnectedSocketFD:(int)socketFD delegate:(nullable id)aDelegate delegateQueue:(nullable dispatch_queue_t)dq socketQueue:(nullable dispatch_queue_t)sq error:(NSError* __autoreleasing *)error +{ + __block BOOL errorOccured = NO; + + GCDAsyncSocket *socket = [[[self class] alloc] initWithDelegate:aDelegate delegateQueue:dq socketQueue:sq]; + + dispatch_sync(socket->socketQueue, ^{ @autoreleasepool { + struct sockaddr addr; + socklen_t addr_size = sizeof(struct sockaddr); + int retVal = getpeername(socketFD, (struct sockaddr *)&addr, &addr_size); + if (retVal) + { + NSString *errMsg = NSLocalizedStringWithDefaultValue(@"GCDAsyncSocketOtherError", + @"GCDAsyncSocket", [NSBundle mainBundle], + @"Attempt to create socket from socket FD failed. getpeername() failed", nil); + + NSDictionary *userInfo = @{NSLocalizedDescriptionKey : errMsg}; + + errorOccured = YES; + if (error) + *error = [NSError errorWithDomain:GCDAsyncSocketErrorDomain code:GCDAsyncSocketOtherError userInfo:userInfo]; + return; + } + + if (addr.sa_family == AF_INET) + { + socket->socket4FD = socketFD; + } + else if (addr.sa_family == AF_INET6) + { + socket->socket6FD = socketFD; + } + else + { + NSString *errMsg = NSLocalizedStringWithDefaultValue(@"GCDAsyncSocketOtherError", + @"GCDAsyncSocket", [NSBundle mainBundle], + @"Attempt to create socket from socket FD failed. socket FD is neither IPv4 nor IPv6", nil); + + NSDictionary *userInfo = @{NSLocalizedDescriptionKey : errMsg}; + + errorOccured = YES; + if (error) + *error = [NSError errorWithDomain:GCDAsyncSocketErrorDomain code:GCDAsyncSocketOtherError userInfo:userInfo]; + return; + } + + socket->flags = kSocketStarted; + [socket didConnect:socket->stateIndex]; + }}); + + return errorOccured? nil: socket; +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Configuration +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +- (id)delegate +{ + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + return delegate; + } + else + { + __block id result; + + dispatch_sync(socketQueue, ^{ + result = self->delegate; + }); + + return result; + } +} + +- (void)setDelegate:(id)newDelegate synchronously:(BOOL)synchronously +{ + dispatch_block_t block = ^{ + self->delegate = newDelegate; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) { + block(); + } + else { + if (synchronously) + dispatch_sync(socketQueue, block); + else + dispatch_async(socketQueue, block); + } +} + +- (void)setDelegate:(id)newDelegate +{ + [self setDelegate:newDelegate synchronously:NO]; +} + +- (void)synchronouslySetDelegate:(id)newDelegate +{ + [self setDelegate:newDelegate synchronously:YES]; +} + +- (dispatch_queue_t)delegateQueue +{ + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + return delegateQueue; + } + else + { + __block dispatch_queue_t result; + + dispatch_sync(socketQueue, ^{ + result = self->delegateQueue; + }); + + return result; + } +} + +- (void)setDelegateQueue:(dispatch_queue_t)newDelegateQueue synchronously:(BOOL)synchronously +{ + dispatch_block_t block = ^{ + + #if !OS_OBJECT_USE_OBJC + if (self->delegateQueue) dispatch_release(self->delegateQueue); + if (newDelegateQueue) dispatch_retain(newDelegateQueue); + #endif + + self->delegateQueue = newDelegateQueue; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) { + block(); + } + else { + if (synchronously) + dispatch_sync(socketQueue, block); + else + dispatch_async(socketQueue, block); + } +} + +- (void)setDelegateQueue:(dispatch_queue_t)newDelegateQueue +{ + [self setDelegateQueue:newDelegateQueue synchronously:NO]; +} + +- (void)synchronouslySetDelegateQueue:(dispatch_queue_t)newDelegateQueue +{ + [self setDelegateQueue:newDelegateQueue synchronously:YES]; +} + +- (void)getDelegate:(id *)delegatePtr delegateQueue:(dispatch_queue_t *)delegateQueuePtr +{ + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + if (delegatePtr) *delegatePtr = delegate; + if (delegateQueuePtr) *delegateQueuePtr = delegateQueue; + } + else + { + __block id dPtr = NULL; + __block dispatch_queue_t dqPtr = NULL; + + dispatch_sync(socketQueue, ^{ + dPtr = self->delegate; + dqPtr = self->delegateQueue; + }); + + if (delegatePtr) *delegatePtr = dPtr; + if (delegateQueuePtr) *delegateQueuePtr = dqPtr; + } +} + +- (void)setDelegate:(id)newDelegate delegateQueue:(dispatch_queue_t)newDelegateQueue synchronously:(BOOL)synchronously +{ + dispatch_block_t block = ^{ + + self->delegate = newDelegate; + + #if !OS_OBJECT_USE_OBJC + if (self->delegateQueue) dispatch_release(self->delegateQueue); + if (newDelegateQueue) dispatch_retain(newDelegateQueue); + #endif + + self->delegateQueue = newDelegateQueue; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) { + block(); + } + else { + if (synchronously) + dispatch_sync(socketQueue, block); + else + dispatch_async(socketQueue, block); + } +} + +- (void)setDelegate:(id)newDelegate delegateQueue:(dispatch_queue_t)newDelegateQueue +{ + [self setDelegate:newDelegate delegateQueue:newDelegateQueue synchronously:NO]; +} + +- (void)synchronouslySetDelegate:(id)newDelegate delegateQueue:(dispatch_queue_t)newDelegateQueue +{ + [self setDelegate:newDelegate delegateQueue:newDelegateQueue synchronously:YES]; +} + +- (BOOL)isIPv4Enabled +{ + // Note: YES means kIPv4Disabled is OFF + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + return ((config & kIPv4Disabled) == 0); + } + else + { + __block BOOL result; + + dispatch_sync(socketQueue, ^{ + result = ((self->config & kIPv4Disabled) == 0); + }); + + return result; + } +} + +- (void)setIPv4Enabled:(BOOL)flag +{ + // Note: YES means kIPv4Disabled is OFF + + dispatch_block_t block = ^{ + + if (flag) + self->config &= ~kIPv4Disabled; + else + self->config |= kIPv4Disabled; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_async(socketQueue, block); +} + +- (BOOL)isIPv6Enabled +{ + // Note: YES means kIPv6Disabled is OFF + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + return ((config & kIPv6Disabled) == 0); + } + else + { + __block BOOL result; + + dispatch_sync(socketQueue, ^{ + result = ((self->config & kIPv6Disabled) == 0); + }); + + return result; + } +} + +- (void)setIPv6Enabled:(BOOL)flag +{ + // Note: YES means kIPv6Disabled is OFF + + dispatch_block_t block = ^{ + + if (flag) + self->config &= ~kIPv6Disabled; + else + self->config |= kIPv6Disabled; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_async(socketQueue, block); +} + +- (BOOL)isIPv4PreferredOverIPv6 +{ + // Note: YES means kPreferIPv6 is OFF + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + return ((config & kPreferIPv6) == 0); + } + else + { + __block BOOL result; + + dispatch_sync(socketQueue, ^{ + result = ((self->config & kPreferIPv6) == 0); + }); + + return result; + } +} + +- (void)setIPv4PreferredOverIPv6:(BOOL)flag +{ + // Note: YES means kPreferIPv6 is OFF + + dispatch_block_t block = ^{ + + if (flag) + self->config &= ~kPreferIPv6; + else + self->config |= kPreferIPv6; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_async(socketQueue, block); +} + +- (NSTimeInterval) alternateAddressDelay { + __block NSTimeInterval delay; + dispatch_block_t block = ^{ + delay = self->alternateAddressDelay; + }; + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + return delay; +} + +- (void) setAlternateAddressDelay:(NSTimeInterval)delay { + dispatch_block_t block = ^{ + self->alternateAddressDelay = delay; + }; + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_async(socketQueue, block); +} + +- (id)userData +{ + __block id result = nil; + + dispatch_block_t block = ^{ + + result = self->userData; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + return result; +} + +- (void)setUserData:(id)arbitraryUserData +{ + dispatch_block_t block = ^{ + + if (self->userData != arbitraryUserData) + { + self->userData = arbitraryUserData; + } + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_async(socketQueue, block); +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Accepting +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +- (BOOL)acceptOnPort:(uint16_t)port error:(NSError **)errPtr +{ + return [self acceptOnInterface:nil port:port error:errPtr]; +} + +- (BOOL)acceptOnInterface:(NSString *)inInterface port:(uint16_t)port error:(NSError **)errPtr +{ + LogTrace(); + + // Just in-case interface parameter is immutable. + NSString *interface = [inInterface copy]; + + __block BOOL result = NO; + __block NSError *err = nil; + + // CreateSocket Block + // This block will be invoked within the dispatch block below. + + int(^createSocket)(int, NSData*) = ^int (int domain, NSData *interfaceAddr) { + + int socketFD = socket(domain, SOCK_STREAM, 0); + + if (socketFD == SOCKET_NULL) + { + NSString *reason = @"Error in socket() function"; + err = [self errorWithErrno:errno reason:reason]; + + return SOCKET_NULL; + } + + int status; + + // Set socket options + + status = fcntl(socketFD, F_SETFL, O_NONBLOCK); + if (status == -1) + { + NSString *reason = @"Error enabling non-blocking IO on socket (fcntl)"; + err = [self errorWithErrno:errno reason:reason]; + + LogVerbose(@"close(socketFD)"); + close(socketFD); + return SOCKET_NULL; + } + + int reuseOn = 1; + status = setsockopt(socketFD, SOL_SOCKET, SO_REUSEADDR, &reuseOn, sizeof(reuseOn)); + if (status == -1) + { + NSString *reason = @"Error enabling address reuse (setsockopt)"; + err = [self errorWithErrno:errno reason:reason]; + + LogVerbose(@"close(socketFD)"); + close(socketFD); + return SOCKET_NULL; + } + + // Bind socket + + status = bind(socketFD, (const struct sockaddr *)[interfaceAddr bytes], (socklen_t)[interfaceAddr length]); + if (status == -1) + { + NSString *reason = @"Error in bind() function"; + err = [self errorWithErrno:errno reason:reason]; + + LogVerbose(@"close(socketFD)"); + close(socketFD); + return SOCKET_NULL; + } + + // Listen + + status = listen(socketFD, 1024); + if (status == -1) + { + NSString *reason = @"Error in listen() function"; + err = [self errorWithErrno:errno reason:reason]; + + LogVerbose(@"close(socketFD)"); + close(socketFD); + return SOCKET_NULL; + } + + return socketFD; + }; + + // Create dispatch block and run on socketQueue + + dispatch_block_t block = ^{ @autoreleasepool { + + if (self->delegate == nil) // Must have delegate set + { + NSString *msg = @"Attempting to accept without a delegate. Set a delegate first."; + err = [self badConfigError:msg]; + + return_from_block; + } + + if (self->delegateQueue == NULL) // Must have delegate queue set + { + NSString *msg = @"Attempting to accept without a delegate queue. Set a delegate queue first."; + err = [self badConfigError:msg]; + + return_from_block; + } + + BOOL isIPv4Disabled = (self->config & kIPv4Disabled) ? YES : NO; + BOOL isIPv6Disabled = (self->config & kIPv6Disabled) ? YES : NO; + + if (isIPv4Disabled && isIPv6Disabled) // Must have IPv4 or IPv6 enabled + { + NSString *msg = @"Both IPv4 and IPv6 have been disabled. Must enable at least one protocol first."; + err = [self badConfigError:msg]; + + return_from_block; + } + + if (![self isDisconnected]) // Must be disconnected + { + NSString *msg = @"Attempting to accept while connected or accepting connections. Disconnect first."; + err = [self badConfigError:msg]; + + return_from_block; + } + + // Clear queues (spurious read/write requests post disconnect) + [self->readQueue removeAllObjects]; + [self->writeQueue removeAllObjects]; + + // Resolve interface from description + + NSMutableData *interface4 = nil; + NSMutableData *interface6 = nil; + + [self getInterfaceAddress4:&interface4 address6:&interface6 fromDescription:interface port:port]; + + if ((interface4 == nil) && (interface6 == nil)) + { + NSString *msg = @"Unknown interface. Specify valid interface by name (e.g. \"en1\") or IP address."; + err = [self badParamError:msg]; + + return_from_block; + } + + if (isIPv4Disabled && (interface6 == nil)) + { + NSString *msg = @"IPv4 has been disabled and specified interface doesn't support IPv6."; + err = [self badParamError:msg]; + + return_from_block; + } + + if (isIPv6Disabled && (interface4 == nil)) + { + NSString *msg = @"IPv6 has been disabled and specified interface doesn't support IPv4."; + err = [self badParamError:msg]; + + return_from_block; + } + + BOOL enableIPv4 = !isIPv4Disabled && (interface4 != nil); + BOOL enableIPv6 = !isIPv6Disabled && (interface6 != nil); + + // Create sockets, configure, bind, and listen + + if (enableIPv4) + { + LogVerbose(@"Creating IPv4 socket"); + self->socket4FD = createSocket(AF_INET, interface4); + + if (self->socket4FD == SOCKET_NULL) + { + return_from_block; + } + } + + if (enableIPv6) + { + LogVerbose(@"Creating IPv6 socket"); + + if (enableIPv4 && (port == 0)) + { + // No specific port was specified, so we allowed the OS to pick an available port for us. + // Now we need to make sure the IPv6 socket listens on the same port as the IPv4 socket. + + struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)[interface6 mutableBytes]; + addr6->sin6_port = htons([self localPort4]); + } + + self->socket6FD = createSocket(AF_INET6, interface6); + + if (self->socket6FD == SOCKET_NULL) + { + if (self->socket4FD != SOCKET_NULL) + { + LogVerbose(@"close(socket4FD)"); + close(self->socket4FD); + self->socket4FD = SOCKET_NULL; + } + + return_from_block; + } + } + + // Create accept sources + + if (enableIPv4) + { + self->accept4Source = dispatch_source_create(DISPATCH_SOURCE_TYPE_READ, self->socket4FD, 0, self->socketQueue); + + int socketFD = self->socket4FD; + dispatch_source_t acceptSource = self->accept4Source; + + __weak GCDAsyncSocket *weakSelf = self; + + dispatch_source_set_event_handler(self->accept4Source, ^{ @autoreleasepool { + #pragma clang diagnostic push + #pragma clang diagnostic warning "-Wimplicit-retain-self" + + __strong GCDAsyncSocket *strongSelf = weakSelf; + if (strongSelf == nil) return_from_block; + + LogVerbose(@"event4Block"); + + unsigned long i = 0; + unsigned long numPendingConnections = dispatch_source_get_data(acceptSource); + + LogVerbose(@"numPendingConnections: %lu", numPendingConnections); + + while ([strongSelf doAccept:socketFD] && (++i < numPendingConnections)); + + #pragma clang diagnostic pop + }}); + + + dispatch_source_set_cancel_handler(self->accept4Source, ^{ + #pragma clang diagnostic push + #pragma clang diagnostic warning "-Wimplicit-retain-self" + + #if !OS_OBJECT_USE_OBJC + LogVerbose(@"dispatch_release(accept4Source)"); + dispatch_release(acceptSource); + #endif + + LogVerbose(@"close(socket4FD)"); + close(socketFD); + + #pragma clang diagnostic pop + }); + + LogVerbose(@"dispatch_resume(accept4Source)"); + dispatch_resume(self->accept4Source); + } + + if (enableIPv6) + { + self->accept6Source = dispatch_source_create(DISPATCH_SOURCE_TYPE_READ, self->socket6FD, 0, self->socketQueue); + + int socketFD = self->socket6FD; + dispatch_source_t acceptSource = self->accept6Source; + + __weak GCDAsyncSocket *weakSelf = self; + + dispatch_source_set_event_handler(self->accept6Source, ^{ @autoreleasepool { + #pragma clang diagnostic push + #pragma clang diagnostic warning "-Wimplicit-retain-self" + + __strong GCDAsyncSocket *strongSelf = weakSelf; + if (strongSelf == nil) return_from_block; + + LogVerbose(@"event6Block"); + + unsigned long i = 0; + unsigned long numPendingConnections = dispatch_source_get_data(acceptSource); + + LogVerbose(@"numPendingConnections: %lu", numPendingConnections); + + while ([strongSelf doAccept:socketFD] && (++i < numPendingConnections)); + + #pragma clang diagnostic pop + }}); + + dispatch_source_set_cancel_handler(self->accept6Source, ^{ + #pragma clang diagnostic push + #pragma clang diagnostic warning "-Wimplicit-retain-self" + + #if !OS_OBJECT_USE_OBJC + LogVerbose(@"dispatch_release(accept6Source)"); + dispatch_release(acceptSource); + #endif + + LogVerbose(@"close(socket6FD)"); + close(socketFD); + + #pragma clang diagnostic pop + }); + + LogVerbose(@"dispatch_resume(accept6Source)"); + dispatch_resume(self->accept6Source); + } + + self->flags |= kSocketStarted; + + result = YES; + }}; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + if (result == NO) + { + LogInfo(@"Error in accept: %@", err); + + if (errPtr) + *errPtr = err; + } + + return result; +} + +- (BOOL)acceptOnUrl:(NSURL *)url error:(NSError **)errPtr +{ + LogTrace(); + + __block BOOL result = NO; + __block NSError *err = nil; + + // CreateSocket Block + // This block will be invoked within the dispatch block below. + + int(^createSocket)(int, NSData*) = ^int (int domain, NSData *interfaceAddr) { + + int socketFD = socket(domain, SOCK_STREAM, 0); + + if (socketFD == SOCKET_NULL) + { + NSString *reason = @"Error in socket() function"; + err = [self errorWithErrno:errno reason:reason]; + + return SOCKET_NULL; + } + + int status; + + // Set socket options + + status = fcntl(socketFD, F_SETFL, O_NONBLOCK); + if (status == -1) + { + NSString *reason = @"Error enabling non-blocking IO on socket (fcntl)"; + err = [self errorWithErrno:errno reason:reason]; + + LogVerbose(@"close(socketFD)"); + close(socketFD); + return SOCKET_NULL; + } + + int reuseOn = 1; + status = setsockopt(socketFD, SOL_SOCKET, SO_REUSEADDR, &reuseOn, sizeof(reuseOn)); + if (status == -1) + { + NSString *reason = @"Error enabling address reuse (setsockopt)"; + err = [self errorWithErrno:errno reason:reason]; + + LogVerbose(@"close(socketFD)"); + close(socketFD); + return SOCKET_NULL; + } + + // Bind socket + + status = bind(socketFD, (const struct sockaddr *)[interfaceAddr bytes], (socklen_t)[interfaceAddr length]); + if (status == -1) + { + NSString *reason = @"Error in bind() function"; + err = [self errorWithErrno:errno reason:reason]; + + LogVerbose(@"close(socketFD)"); + close(socketFD); + return SOCKET_NULL; + } + + // Listen + + status = listen(socketFD, 1024); + if (status == -1) + { + NSString *reason = @"Error in listen() function"; + err = [self errorWithErrno:errno reason:reason]; + + LogVerbose(@"close(socketFD)"); + close(socketFD); + return SOCKET_NULL; + } + + return socketFD; + }; + + // Create dispatch block and run on socketQueue + + dispatch_block_t block = ^{ @autoreleasepool { + + if (self->delegate == nil) // Must have delegate set + { + NSString *msg = @"Attempting to accept without a delegate. Set a delegate first."; + err = [self badConfigError:msg]; + + return_from_block; + } + + if (self->delegateQueue == NULL) // Must have delegate queue set + { + NSString *msg = @"Attempting to accept without a delegate queue. Set a delegate queue first."; + err = [self badConfigError:msg]; + + return_from_block; + } + + if (![self isDisconnected]) // Must be disconnected + { + NSString *msg = @"Attempting to accept while connected or accepting connections. Disconnect first."; + err = [self badConfigError:msg]; + + return_from_block; + } + + // Clear queues (spurious read/write requests post disconnect) + [self->readQueue removeAllObjects]; + [self->writeQueue removeAllObjects]; + + // Remove a previous socket + + NSError *error = nil; + NSFileManager *fileManager = [NSFileManager defaultManager]; + NSString *urlPath = url.path; + if (urlPath && [fileManager fileExistsAtPath:urlPath]) { + if (![fileManager removeItemAtURL:url error:&error]) { + NSString *msg = @"Could not remove previous unix domain socket at given url."; + err = [self otherError:msg]; + + return_from_block; + } + } + + // Resolve interface from description + + NSData *interface = [self getInterfaceAddressFromUrl:url]; + + if (interface == nil) + { + NSString *msg = @"Invalid unix domain url. Specify a valid file url that does not exist (e.g. \"file:///tmp/socket\")"; + err = [self badParamError:msg]; + + return_from_block; + } + + // Create sockets, configure, bind, and listen + + LogVerbose(@"Creating unix domain socket"); + self->socketUN = createSocket(AF_UNIX, interface); + + if (self->socketUN == SOCKET_NULL) + { + return_from_block; + } + + self->socketUrl = url; + + // Create accept sources + + self->acceptUNSource = dispatch_source_create(DISPATCH_SOURCE_TYPE_READ, self->socketUN, 0, self->socketQueue); + + int socketFD = self->socketUN; + dispatch_source_t acceptSource = self->acceptUNSource; + + __weak GCDAsyncSocket *weakSelf = self; + + dispatch_source_set_event_handler(self->acceptUNSource, ^{ @autoreleasepool { + + __strong GCDAsyncSocket *strongSelf = weakSelf; + + LogVerbose(@"eventUNBlock"); + + unsigned long i = 0; + unsigned long numPendingConnections = dispatch_source_get_data(acceptSource); + + LogVerbose(@"numPendingConnections: %lu", numPendingConnections); + + while ([strongSelf doAccept:socketFD] && (++i < numPendingConnections)); + }}); + + dispatch_source_set_cancel_handler(self->acceptUNSource, ^{ + +#if !OS_OBJECT_USE_OBJC + LogVerbose(@"dispatch_release(acceptUNSource)"); + dispatch_release(acceptSource); +#endif + + LogVerbose(@"close(socketUN)"); + close(socketFD); + }); + + LogVerbose(@"dispatch_resume(acceptUNSource)"); + dispatch_resume(self->acceptUNSource); + + self->flags |= kSocketStarted; + + result = YES; + }}; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + if (result == NO) + { + LogInfo(@"Error in accept: %@", err); + + if (errPtr) + *errPtr = err; + } + + return result; +} + +- (BOOL)doAccept:(int)parentSocketFD +{ + LogTrace(); + + int socketType; + int childSocketFD; + NSData *childSocketAddress; + + if (parentSocketFD == socket4FD) + { + socketType = 0; + + struct sockaddr_in addr; + socklen_t addrLen = sizeof(addr); + + childSocketFD = accept(parentSocketFD, (struct sockaddr *)&addr, &addrLen); + + if (childSocketFD == -1) + { + LogWarn(@"Accept failed with error: %@", [self errnoError]); + return NO; + } + + childSocketAddress = [NSData dataWithBytes:&addr length:addrLen]; + } + else if (parentSocketFD == socket6FD) + { + socketType = 1; + + struct sockaddr_in6 addr; + socklen_t addrLen = sizeof(addr); + + childSocketFD = accept(parentSocketFD, (struct sockaddr *)&addr, &addrLen); + + if (childSocketFD == -1) + { + LogWarn(@"Accept failed with error: %@", [self errnoError]); + return NO; + } + + childSocketAddress = [NSData dataWithBytes:&addr length:addrLen]; + } + else // if (parentSocketFD == socketUN) + { + socketType = 2; + + struct sockaddr_un addr; + socklen_t addrLen = sizeof(addr); + + childSocketFD = accept(parentSocketFD, (struct sockaddr *)&addr, &addrLen); + + if (childSocketFD == -1) + { + LogWarn(@"Accept failed with error: %@", [self errnoError]); + return NO; + } + + childSocketAddress = [NSData dataWithBytes:&addr length:addrLen]; + } + + // Enable non-blocking IO on the socket + + int result = fcntl(childSocketFD, F_SETFL, O_NONBLOCK); + if (result == -1) + { + LogWarn(@"Error enabling non-blocking IO on accepted socket (fcntl)"); + LogVerbose(@"close(childSocketFD)"); + close(childSocketFD); + return NO; + } + + // Prevent SIGPIPE signals + + int nosigpipe = 1; + setsockopt(childSocketFD, SOL_SOCKET, SO_NOSIGPIPE, &nosigpipe, sizeof(nosigpipe)); + + // Notify delegate + + if (delegateQueue) + { + __strong id theDelegate = delegate; + + dispatch_async(delegateQueue, ^{ @autoreleasepool { + + // Query delegate for custom socket queue + + dispatch_queue_t childSocketQueue = NULL; + + if ([theDelegate respondsToSelector:@selector(newSocketQueueForConnectionFromAddress:onSocket:)]) + { + childSocketQueue = [theDelegate newSocketQueueForConnectionFromAddress:childSocketAddress + onSocket:self]; + } + + // Create GCDAsyncSocket instance for accepted socket + + GCDAsyncSocket *acceptedSocket = [[[self class] alloc] initWithDelegate:theDelegate + delegateQueue:self->delegateQueue + socketQueue:childSocketQueue]; + + if (socketType == 0) + acceptedSocket->socket4FD = childSocketFD; + else if (socketType == 1) + acceptedSocket->socket6FD = childSocketFD; + else + acceptedSocket->socketUN = childSocketFD; + + acceptedSocket->flags = (kSocketStarted | kConnected); + + // Setup read and write sources for accepted socket + + dispatch_async(acceptedSocket->socketQueue, ^{ @autoreleasepool { + + [acceptedSocket setupReadAndWriteSourcesForNewlyConnectedSocket:childSocketFD]; + }}); + + // Notify delegate + + if ([theDelegate respondsToSelector:@selector(socket:didAcceptNewSocket:)]) + { + [theDelegate socket:self didAcceptNewSocket:acceptedSocket]; + } + + // Release the socket queue returned from the delegate (it was retained by acceptedSocket) + #if !OS_OBJECT_USE_OBJC + if (childSocketQueue) dispatch_release(childSocketQueue); + #endif + + // The accepted socket should have been retained by the delegate. + // Otherwise it gets properly released when exiting the block. + }}); + } + + return YES; +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Connecting +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +/** + * This method runs through the various checks required prior to a connection attempt. + * It is shared between the connectToHost and connectToAddress methods. + * +**/ +- (BOOL)preConnectWithInterface:(NSString *)interface error:(NSError **)errPtr +{ + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + if (delegate == nil) // Must have delegate set + { + if (errPtr) + { + NSString *msg = @"Attempting to connect without a delegate. Set a delegate first."; + *errPtr = [self badConfigError:msg]; + } + return NO; + } + + if (delegateQueue == NULL) // Must have delegate queue set + { + if (errPtr) + { + NSString *msg = @"Attempting to connect without a delegate queue. Set a delegate queue first."; + *errPtr = [self badConfigError:msg]; + } + return NO; + } + + if (![self isDisconnected]) // Must be disconnected + { + if (errPtr) + { + NSString *msg = @"Attempting to connect while connected or accepting connections. Disconnect first."; + *errPtr = [self badConfigError:msg]; + } + return NO; + } + + BOOL isIPv4Disabled = (config & kIPv4Disabled) ? YES : NO; + BOOL isIPv6Disabled = (config & kIPv6Disabled) ? YES : NO; + + if (isIPv4Disabled && isIPv6Disabled) // Must have IPv4 or IPv6 enabled + { + if (errPtr) + { + NSString *msg = @"Both IPv4 and IPv6 have been disabled. Must enable at least one protocol first."; + *errPtr = [self badConfigError:msg]; + } + return NO; + } + + if (interface) + { + NSMutableData *interface4 = nil; + NSMutableData *interface6 = nil; + + [self getInterfaceAddress4:&interface4 address6:&interface6 fromDescription:interface port:0]; + + if ((interface4 == nil) && (interface6 == nil)) + { + if (errPtr) + { + NSString *msg = @"Unknown interface. Specify valid interface by name (e.g. \"en1\") or IP address."; + *errPtr = [self badParamError:msg]; + } + return NO; + } + + if (isIPv4Disabled && (interface6 == nil)) + { + if (errPtr) + { + NSString *msg = @"IPv4 has been disabled and specified interface doesn't support IPv6."; + *errPtr = [self badParamError:msg]; + } + return NO; + } + + if (isIPv6Disabled && (interface4 == nil)) + { + if (errPtr) + { + NSString *msg = @"IPv6 has been disabled and specified interface doesn't support IPv4."; + *errPtr = [self badParamError:msg]; + } + return NO; + } + + connectInterface4 = interface4; + connectInterface6 = interface6; + } + + // Clear queues (spurious read/write requests post disconnect) + [readQueue removeAllObjects]; + [writeQueue removeAllObjects]; + + return YES; +} + +- (BOOL)preConnectWithUrl:(NSURL *)url error:(NSError **)errPtr +{ + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + if (delegate == nil) // Must have delegate set + { + if (errPtr) + { + NSString *msg = @"Attempting to connect without a delegate. Set a delegate first."; + *errPtr = [self badConfigError:msg]; + } + return NO; + } + + if (delegateQueue == NULL) // Must have delegate queue set + { + if (errPtr) + { + NSString *msg = @"Attempting to connect without a delegate queue. Set a delegate queue first."; + *errPtr = [self badConfigError:msg]; + } + return NO; + } + + if (![self isDisconnected]) // Must be disconnected + { + if (errPtr) + { + NSString *msg = @"Attempting to connect while connected or accepting connections. Disconnect first."; + *errPtr = [self badConfigError:msg]; + } + return NO; + } + + NSData *interface = [self getInterfaceAddressFromUrl:url]; + + if (interface == nil) + { + if (errPtr) + { + NSString *msg = @"Unknown interface. Specify valid interface by name (e.g. \"en1\") or IP address."; + *errPtr = [self badParamError:msg]; + } + return NO; + } + + connectInterfaceUN = interface; + + // Clear queues (spurious read/write requests post disconnect) + [readQueue removeAllObjects]; + [writeQueue removeAllObjects]; + + return YES; +} + +- (BOOL)connectToHost:(NSString*)host onPort:(uint16_t)port error:(NSError **)errPtr +{ + return [self connectToHost:host onPort:port withTimeout:-1 error:errPtr]; +} + +- (BOOL)connectToHost:(NSString *)host + onPort:(uint16_t)port + withTimeout:(NSTimeInterval)timeout + error:(NSError **)errPtr +{ + return [self connectToHost:host onPort:port viaInterface:nil withTimeout:timeout error:errPtr]; +} + +- (BOOL)connectToHost:(NSString *)inHost + onPort:(uint16_t)port + viaInterface:(NSString *)inInterface + withTimeout:(NSTimeInterval)timeout + error:(NSError **)errPtr +{ + LogTrace(); + + // Just in case immutable objects were passed + NSString *host = [inHost copy]; + NSString *interface = [inInterface copy]; + + __block BOOL result = NO; + __block NSError *preConnectErr = nil; + + dispatch_block_t block = ^{ @autoreleasepool { + + // Check for problems with host parameter + + if ([host length] == 0) + { + NSString *msg = @"Invalid host parameter (nil or \"\"). Should be a domain name or IP address string."; + preConnectErr = [self badParamError:msg]; + + return_from_block; + } + + // Run through standard pre-connect checks + + if (![self preConnectWithInterface:interface error:&preConnectErr]) + { + return_from_block; + } + + // We've made it past all the checks. + // It's time to start the connection process. + + self->flags |= kSocketStarted; + + LogVerbose(@"Dispatching DNS lookup..."); + + // It's possible that the given host parameter is actually a NSMutableString. + // So we want to copy it now, within this block that will be executed synchronously. + // This way the asynchronous lookup block below doesn't have to worry about it changing. + + NSString *hostCpy = [host copy]; + + int aStateIndex = self->stateIndex; + __weak GCDAsyncSocket *weakSelf = self; + + dispatch_queue_t globalConcurrentQueue = dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0); + dispatch_async(globalConcurrentQueue, ^{ @autoreleasepool { + #pragma clang diagnostic push + #pragma clang diagnostic warning "-Wimplicit-retain-self" + + NSError *lookupErr = nil; + NSMutableArray *addresses = [[self class] lookupHost:hostCpy port:port error:&lookupErr]; + + __strong GCDAsyncSocket *strongSelf = weakSelf; + if (strongSelf == nil) return_from_block; + + if (lookupErr) + { + dispatch_async(strongSelf->socketQueue, ^{ @autoreleasepool { + + [strongSelf lookup:aStateIndex didFail:lookupErr]; + }}); + } + else + { + NSData *address4 = nil; + NSData *address6 = nil; + + for (NSData *address in addresses) + { + if (!address4 && [[self class] isIPv4Address:address]) + { + address4 = address; + } + else if (!address6 && [[self class] isIPv6Address:address]) + { + address6 = address; + } + } + + dispatch_async(strongSelf->socketQueue, ^{ @autoreleasepool { + + [strongSelf lookup:aStateIndex didSucceedWithAddress4:address4 address6:address6]; + }}); + } + + #pragma clang diagnostic pop + }}); + + [self startConnectTimeout:timeout]; + + result = YES; + }}; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + + if (errPtr) *errPtr = preConnectErr; + return result; +} + +- (BOOL)connectToAddress:(NSData *)remoteAddr error:(NSError **)errPtr +{ + return [self connectToAddress:remoteAddr viaInterface:nil withTimeout:-1 error:errPtr]; +} + +- (BOOL)connectToAddress:(NSData *)remoteAddr withTimeout:(NSTimeInterval)timeout error:(NSError **)errPtr +{ + return [self connectToAddress:remoteAddr viaInterface:nil withTimeout:timeout error:errPtr]; +} + +- (BOOL)connectToAddress:(NSData *)inRemoteAddr + viaInterface:(NSString *)inInterface + withTimeout:(NSTimeInterval)timeout + error:(NSError **)errPtr +{ + LogTrace(); + + // Just in case immutable objects were passed + NSData *remoteAddr = [inRemoteAddr copy]; + NSString *interface = [inInterface copy]; + + __block BOOL result = NO; + __block NSError *err = nil; + + dispatch_block_t block = ^{ @autoreleasepool { + + // Check for problems with remoteAddr parameter + + NSData *address4 = nil; + NSData *address6 = nil; + + if ([remoteAddr length] >= sizeof(struct sockaddr)) + { + const struct sockaddr *sockaddr = (const struct sockaddr *)[remoteAddr bytes]; + + if (sockaddr->sa_family == AF_INET) + { + if ([remoteAddr length] == sizeof(struct sockaddr_in)) + { + address4 = remoteAddr; + } + } + else if (sockaddr->sa_family == AF_INET6) + { + if ([remoteAddr length] == sizeof(struct sockaddr_in6)) + { + address6 = remoteAddr; + } + } + } + + if ((address4 == nil) && (address6 == nil)) + { + NSString *msg = @"A valid IPv4 or IPv6 address was not given"; + err = [self badParamError:msg]; + + return_from_block; + } + + BOOL isIPv4Disabled = (self->config & kIPv4Disabled) ? YES : NO; + BOOL isIPv6Disabled = (self->config & kIPv6Disabled) ? YES : NO; + + if (isIPv4Disabled && (address4 != nil)) + { + NSString *msg = @"IPv4 has been disabled and an IPv4 address was passed."; + err = [self badParamError:msg]; + + return_from_block; + } + + if (isIPv6Disabled && (address6 != nil)) + { + NSString *msg = @"IPv6 has been disabled and an IPv6 address was passed."; + err = [self badParamError:msg]; + + return_from_block; + } + + // Run through standard pre-connect checks + + if (![self preConnectWithInterface:interface error:&err]) + { + return_from_block; + } + + // We've made it past all the checks. + // It's time to start the connection process. + + if (![self connectWithAddress4:address4 address6:address6 error:&err]) + { + return_from_block; + } + + self->flags |= kSocketStarted; + + [self startConnectTimeout:timeout]; + + result = YES; + }}; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + if (result == NO) + { + if (errPtr) + *errPtr = err; + } + + return result; +} + +- (BOOL)connectToUrl:(NSURL *)url withTimeout:(NSTimeInterval)timeout error:(NSError **)errPtr +{ + LogTrace(); + + __block BOOL result = NO; + __block NSError *err = nil; + + dispatch_block_t block = ^{ @autoreleasepool { + + // Check for problems with host parameter + + if ([url.path length] == 0) + { + NSString *msg = @"Invalid unix domain socket url."; + err = [self badParamError:msg]; + + return_from_block; + } + + // Run through standard pre-connect checks + + if (![self preConnectWithUrl:url error:&err]) + { + return_from_block; + } + + // We've made it past all the checks. + // It's time to start the connection process. + + self->flags |= kSocketStarted; + + // Start the normal connection process + + NSError *connectError = nil; + if (![self connectWithAddressUN:self->connectInterfaceUN error:&connectError]) + { + [self closeWithError:connectError]; + + return_from_block; + } + + [self startConnectTimeout:timeout]; + + result = YES; + }}; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + if (result == NO) + { + if (errPtr) + *errPtr = err; + } + + return result; +} + +- (BOOL)connectToNetService:(NSNetService *)netService error:(NSError **)errPtr +{ + NSArray* addresses = [netService addresses]; + for (NSData* address in addresses) + { + BOOL result = [self connectToAddress:address error:errPtr]; + if (result) + { + return YES; + } + } + + return NO; +} + +- (void)lookup:(int)aStateIndex didSucceedWithAddress4:(NSData *)address4 address6:(NSData *)address6 +{ + LogTrace(); + + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + NSAssert(address4 || address6, @"Expected at least one valid address"); + + if (aStateIndex != stateIndex) + { + LogInfo(@"Ignoring lookupDidSucceed, already disconnected"); + + // The connect operation has been cancelled. + // That is, socket was disconnected, or connection has already timed out. + return; + } + + // Check for problems + + BOOL isIPv4Disabled = (config & kIPv4Disabled) ? YES : NO; + BOOL isIPv6Disabled = (config & kIPv6Disabled) ? YES : NO; + + if (isIPv4Disabled && (address6 == nil)) + { + NSString *msg = @"IPv4 has been disabled and DNS lookup found no IPv6 address."; + + [self closeWithError:[self otherError:msg]]; + return; + } + + if (isIPv6Disabled && (address4 == nil)) + { + NSString *msg = @"IPv6 has been disabled and DNS lookup found no IPv4 address."; + + [self closeWithError:[self otherError:msg]]; + return; + } + + // Start the normal connection process + + NSError *err = nil; + if (![self connectWithAddress4:address4 address6:address6 error:&err]) + { + [self closeWithError:err]; + } +} + +/** + * This method is called if the DNS lookup fails. + * This method is executed on the socketQueue. + * + * Since the DNS lookup executed synchronously on a global concurrent queue, + * the original connection request may have already been cancelled or timed-out by the time this method is invoked. + * The lookupIndex tells us whether the lookup is still valid or not. +**/ +- (void)lookup:(int)aStateIndex didFail:(NSError *)error +{ + LogTrace(); + + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + + if (aStateIndex != stateIndex) + { + LogInfo(@"Ignoring lookup:didFail: - already disconnected"); + + // The connect operation has been cancelled. + // That is, socket was disconnected, or connection has already timed out. + return; + } + + [self endConnectTimeout]; + [self closeWithError:error]; +} + +- (BOOL)bindSocket:(int)socketFD toInterface:(NSData *)connectInterface error:(NSError **)errPtr +{ + // Bind the socket to the desired interface (if needed) + + if (connectInterface) + { + LogVerbose(@"Binding socket..."); + + if ([[self class] portFromAddress:connectInterface] > 0) + { + // Since we're going to be binding to a specific port, + // we should turn on reuseaddr to allow us to override sockets in time_wait. + + int reuseOn = 1; + setsockopt(socketFD, SOL_SOCKET, SO_REUSEADDR, &reuseOn, sizeof(reuseOn)); + } + + const struct sockaddr *interfaceAddr = (const struct sockaddr *)[connectInterface bytes]; + + int result = bind(socketFD, interfaceAddr, (socklen_t)[connectInterface length]); + if (result != 0) + { + if (errPtr) + *errPtr = [self errorWithErrno:errno reason:@"Error in bind() function"]; + + return NO; + } + } + + return YES; +} + +- (int)createSocket:(int)family connectInterface:(NSData *)connectInterface errPtr:(NSError **)errPtr +{ + int socketFD = socket(family, SOCK_STREAM, 0); + + if (socketFD == SOCKET_NULL) + { + if (errPtr) + *errPtr = [self errorWithErrno:errno reason:@"Error in socket() function"]; + + return socketFD; + } + + if (![self bindSocket:socketFD toInterface:connectInterface error:errPtr]) + { + [self closeSocket:socketFD]; + + return SOCKET_NULL; + } + + // Prevent SIGPIPE signals + + int nosigpipe = 1; + setsockopt(socketFD, SOL_SOCKET, SO_NOSIGPIPE, &nosigpipe, sizeof(nosigpipe)); + + return socketFD; +} + +- (void)connectSocket:(int)socketFD address:(NSData *)address stateIndex:(int)aStateIndex +{ + // If there already is a socket connected, we close socketFD and return + if (self.isConnected) + { + [self closeSocket:socketFD]; + return; + } + + // Start the connection process in a background queue + + __weak GCDAsyncSocket *weakSelf = self; + + dispatch_queue_t globalConcurrentQueue = dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0); + dispatch_async(globalConcurrentQueue, ^{ +#pragma clang diagnostic push +#pragma clang diagnostic warning "-Wimplicit-retain-self" + + int result = connect(socketFD, (const struct sockaddr *)[address bytes], (socklen_t)[address length]); + int err = errno; + + __strong GCDAsyncSocket *strongSelf = weakSelf; + if (strongSelf == nil) return_from_block; + + dispatch_async(strongSelf->socketQueue, ^{ @autoreleasepool { + + if (strongSelf.isConnected) + { + [strongSelf closeSocket:socketFD]; + return_from_block; + } + + if (result == 0) + { + [self closeUnusedSocket:socketFD]; + + [strongSelf didConnect:aStateIndex]; + } + else + { + [strongSelf closeSocket:socketFD]; + + // If there are no more sockets trying to connect, we inform the error to the delegate + if (strongSelf.socket4FD == SOCKET_NULL && strongSelf.socket6FD == SOCKET_NULL) + { + NSError *error = [strongSelf errorWithErrno:err reason:@"Error in connect() function"]; + [strongSelf didNotConnect:aStateIndex error:error]; + } + } + }}); + +#pragma clang diagnostic pop + }); + + LogVerbose(@"Connecting..."); +} + +- (void)closeSocket:(int)socketFD +{ + if (socketFD != SOCKET_NULL && + (socketFD == socket6FD || socketFD == socket4FD)) + { + close(socketFD); + + if (socketFD == socket4FD) + { + LogVerbose(@"close(socket4FD)"); + socket4FD = SOCKET_NULL; + } + else if (socketFD == socket6FD) + { + LogVerbose(@"close(socket6FD)"); + socket6FD = SOCKET_NULL; + } + } +} + +- (void)closeUnusedSocket:(int)usedSocketFD +{ + if (usedSocketFD != socket4FD) + { + [self closeSocket:socket4FD]; + } + else if (usedSocketFD != socket6FD) + { + [self closeSocket:socket6FD]; + } +} + +- (BOOL)connectWithAddress4:(NSData *)address4 address6:(NSData *)address6 error:(NSError **)errPtr +{ + LogTrace(); + + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + LogVerbose(@"IPv4: %@:%hu", [[self class] hostFromAddress:address4], [[self class] portFromAddress:address4]); + LogVerbose(@"IPv6: %@:%hu", [[self class] hostFromAddress:address6], [[self class] portFromAddress:address6]); + + // Determine socket type + + BOOL preferIPv6 = (config & kPreferIPv6) ? YES : NO; + + // Create and bind the sockets + + if (address4) + { + LogVerbose(@"Creating IPv4 socket"); + + socket4FD = [self createSocket:AF_INET connectInterface:connectInterface4 errPtr:errPtr]; + } + + if (address6) + { + LogVerbose(@"Creating IPv6 socket"); + + socket6FD = [self createSocket:AF_INET6 connectInterface:connectInterface6 errPtr:errPtr]; + } + + if (socket4FD == SOCKET_NULL && socket6FD == SOCKET_NULL) + { + return NO; + } + + int socketFD, alternateSocketFD; + NSData *address, *alternateAddress; + + if ((preferIPv6 && socket6FD != SOCKET_NULL) || socket4FD == SOCKET_NULL) + { + socketFD = socket6FD; + alternateSocketFD = socket4FD; + address = address6; + alternateAddress = address4; + } + else + { + socketFD = socket4FD; + alternateSocketFD = socket6FD; + address = address4; + alternateAddress = address6; + } + + int aStateIndex = stateIndex; + + [self connectSocket:socketFD address:address stateIndex:aStateIndex]; + + if (alternateAddress) + { + dispatch_after(dispatch_time(DISPATCH_TIME_NOW, (int64_t)(alternateAddressDelay * NSEC_PER_SEC)), socketQueue, ^{ + [self connectSocket:alternateSocketFD address:alternateAddress stateIndex:aStateIndex]; + }); + } + + return YES; +} + +- (BOOL)connectWithAddressUN:(NSData *)address error:(NSError **)errPtr +{ + LogTrace(); + + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + // Create the socket + + int socketFD; + + LogVerbose(@"Creating unix domain socket"); + + socketUN = socket(AF_UNIX, SOCK_STREAM, 0); + + socketFD = socketUN; + + if (socketFD == SOCKET_NULL) + { + if (errPtr) + *errPtr = [self errorWithErrno:errno reason:@"Error in socket() function"]; + + return NO; + } + + // Bind the socket to the desired interface (if needed) + + LogVerbose(@"Binding socket..."); + + int reuseOn = 1; + setsockopt(socketFD, SOL_SOCKET, SO_REUSEADDR, &reuseOn, sizeof(reuseOn)); + +// const struct sockaddr *interfaceAddr = (const struct sockaddr *)[address bytes]; +// +// int result = bind(socketFD, interfaceAddr, (socklen_t)[address length]); +// if (result != 0) +// { +// if (errPtr) +// *errPtr = [self errnoErrorWithReason:@"Error in bind() function"]; +// +// return NO; +// } + + // Prevent SIGPIPE signals + + int nosigpipe = 1; + setsockopt(socketFD, SOL_SOCKET, SO_NOSIGPIPE, &nosigpipe, sizeof(nosigpipe)); + + // Start the connection process in a background queue + + int aStateIndex = stateIndex; + + dispatch_queue_t globalConcurrentQueue = dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0); + dispatch_async(globalConcurrentQueue, ^{ + + const struct sockaddr *addr = (const struct sockaddr *)[address bytes]; + int result = connect(socketFD, addr, addr->sa_len); + if (result == 0) + { + dispatch_async(self->socketQueue, ^{ @autoreleasepool { + + [self didConnect:aStateIndex]; + }}); + } + else + { + // TODO: Bad file descriptor + perror("connect"); + NSError *error = [self errorWithErrno:errno reason:@"Error in connect() function"]; + + dispatch_async(self->socketQueue, ^{ @autoreleasepool { + + [self didNotConnect:aStateIndex error:error]; + }}); + } + }); + + LogVerbose(@"Connecting..."); + + return YES; +} + +- (void)didConnect:(int)aStateIndex +{ + LogTrace(); + + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + + if (aStateIndex != stateIndex) + { + LogInfo(@"Ignoring didConnect, already disconnected"); + + // The connect operation has been cancelled. + // That is, socket was disconnected, or connection has already timed out. + return; + } + + flags |= kConnected; + + [self endConnectTimeout]; + + #if TARGET_OS_IPHONE + // The endConnectTimeout method executed above incremented the stateIndex. + aStateIndex = stateIndex; + #endif + + // Setup read/write streams (as workaround for specific shortcomings in the iOS platform) + // + // Note: + // There may be configuration options that must be set by the delegate before opening the streams. + // The primary example is the kCFStreamNetworkServiceTypeVoIP flag, which only works on an unopened stream. + // + // Thus we wait until after the socket:didConnectToHost:port: delegate method has completed. + // This gives the delegate time to properly configure the streams if needed. + + dispatch_block_t SetupStreamsPart1 = ^{ + #if TARGET_OS_IPHONE + + if (![self createReadAndWriteStream]) + { + [self closeWithError:[self otherError:@"Error creating CFStreams"]]; + return; + } + + if (![self registerForStreamCallbacksIncludingReadWrite:NO]) + { + [self closeWithError:[self otherError:@"Error in CFStreamSetClient"]]; + return; + } + + #endif + }; + dispatch_block_t SetupStreamsPart2 = ^{ + #if TARGET_OS_IPHONE + + if (aStateIndex != self->stateIndex) + { + // The socket has been disconnected. + return; + } + + if (![self addStreamsToRunLoop]) + { + [self closeWithError:[self otherError:@"Error in CFStreamScheduleWithRunLoop"]]; + return; + } + + if (![self openStreams]) + { + [self closeWithError:[self otherError:@"Error creating CFStreams"]]; + return; + } + + #endif + }; + + // Notify delegate + + NSString *host = [self connectedHost]; + uint16_t port = [self connectedPort]; + NSURL *url = [self connectedUrl]; + + __strong id theDelegate = delegate; + + if (delegateQueue && host != nil && [theDelegate respondsToSelector:@selector(socket:didConnectToHost:port:)]) + { + SetupStreamsPart1(); + + dispatch_async(delegateQueue, ^{ @autoreleasepool { + + [theDelegate socket:self didConnectToHost:host port:port]; + + dispatch_async(self->socketQueue, ^{ @autoreleasepool { + + SetupStreamsPart2(); + }}); + }}); + } + else if (delegateQueue && url != nil && [theDelegate respondsToSelector:@selector(socket:didConnectToUrl:)]) + { + SetupStreamsPart1(); + + dispatch_async(delegateQueue, ^{ @autoreleasepool { + + [theDelegate socket:self didConnectToUrl:url]; + + dispatch_async(self->socketQueue, ^{ @autoreleasepool { + + SetupStreamsPart2(); + }}); + }}); + } + else + { + SetupStreamsPart1(); + SetupStreamsPart2(); + } + + // Get the connected socket + + int socketFD = (socket4FD != SOCKET_NULL) ? socket4FD : (socket6FD != SOCKET_NULL) ? socket6FD : socketUN; + + // Enable non-blocking IO on the socket + + int result = fcntl(socketFD, F_SETFL, O_NONBLOCK); + if (result == -1) + { + NSString *errMsg = @"Error enabling non-blocking IO on socket (fcntl)"; + [self closeWithError:[self otherError:errMsg]]; + + return; + } + + // Setup our read/write sources + + [self setupReadAndWriteSourcesForNewlyConnectedSocket:socketFD]; + + // Dequeue any pending read/write requests + + [self maybeDequeueRead]; + [self maybeDequeueWrite]; +} + +- (void)didNotConnect:(int)aStateIndex error:(NSError *)error +{ + LogTrace(); + + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + + if (aStateIndex != stateIndex) + { + LogInfo(@"Ignoring didNotConnect, already disconnected"); + + // The connect operation has been cancelled. + // That is, socket was disconnected, or connection has already timed out. + return; + } + + [self closeWithError:error]; +} + +- (void)startConnectTimeout:(NSTimeInterval)timeout +{ + if (timeout >= 0.0) + { + connectTimer = dispatch_source_create(DISPATCH_SOURCE_TYPE_TIMER, 0, 0, socketQueue); + + __weak GCDAsyncSocket *weakSelf = self; + + dispatch_source_set_event_handler(connectTimer, ^{ @autoreleasepool { + #pragma clang diagnostic push + #pragma clang diagnostic warning "-Wimplicit-retain-self" + + __strong GCDAsyncSocket *strongSelf = weakSelf; + if (strongSelf == nil) return_from_block; + + [strongSelf doConnectTimeout]; + + #pragma clang diagnostic pop + }}); + + #if !OS_OBJECT_USE_OBJC + dispatch_source_t theConnectTimer = connectTimer; + dispatch_source_set_cancel_handler(connectTimer, ^{ + #pragma clang diagnostic push + #pragma clang diagnostic warning "-Wimplicit-retain-self" + + LogVerbose(@"dispatch_release(connectTimer)"); + dispatch_release(theConnectTimer); + + #pragma clang diagnostic pop + }); + #endif + + dispatch_time_t tt = dispatch_time(DISPATCH_TIME_NOW, (int64_t)(timeout * NSEC_PER_SEC)); + dispatch_source_set_timer(connectTimer, tt, DISPATCH_TIME_FOREVER, 0); + + dispatch_resume(connectTimer); + } +} + +- (void)endConnectTimeout +{ + LogTrace(); + + if (connectTimer) + { + dispatch_source_cancel(connectTimer); + connectTimer = NULL; + } + + // Increment stateIndex. + // This will prevent us from processing results from any related background asynchronous operations. + // + // Note: This should be called from close method even if connectTimer is NULL. + // This is because one might disconnect a socket prior to a successful connection which had no timeout. + + stateIndex++; + + if (connectInterface4) + { + connectInterface4 = nil; + } + if (connectInterface6) + { + connectInterface6 = nil; + } +} + +- (void)doConnectTimeout +{ + LogTrace(); + + [self endConnectTimeout]; + [self closeWithError:[self connectTimeoutError]]; +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Disconnecting +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +- (void)closeWithError:(NSError *)error +{ + LogTrace(); + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + [self endConnectTimeout]; + + if (currentRead != nil) [self endCurrentRead]; + if (currentWrite != nil) [self endCurrentWrite]; + + [readQueue removeAllObjects]; + [writeQueue removeAllObjects]; + + [preBuffer reset]; + + #if TARGET_OS_IPHONE + { + if (readStream || writeStream) + { + [self removeStreamsFromRunLoop]; + + if (readStream) + { + CFReadStreamSetClient(readStream, kCFStreamEventNone, NULL, NULL); + CFReadStreamClose(readStream); + CFRelease(readStream); + readStream = NULL; + } + if (writeStream) + { + CFWriteStreamSetClient(writeStream, kCFStreamEventNone, NULL, NULL); + CFWriteStreamClose(writeStream); + CFRelease(writeStream); + writeStream = NULL; + } + } + } + #endif + + [sslPreBuffer reset]; + sslErrCode = lastSSLHandshakeError = noErr; + + if (sslContext) + { + // Getting a linker error here about the SSLx() functions? + // You need to add the Security Framework to your application. + + SSLClose(sslContext); + + #if TARGET_OS_IPHONE || (__MAC_OS_X_VERSION_MIN_REQUIRED >= 1080) + CFRelease(sslContext); + #else + SSLDisposeContext(sslContext); + #endif + + sslContext = NULL; + } + + // For some crazy reason (in my opinion), cancelling a dispatch source doesn't + // invoke the cancel handler if the dispatch source is paused. + // So we have to unpause the source if needed. + // This allows the cancel handler to be run, which in turn releases the source and closes the socket. + + if (!accept4Source && !accept6Source && !acceptUNSource && !readSource && !writeSource) + { + LogVerbose(@"manually closing close"); + + if (socket4FD != SOCKET_NULL) + { + LogVerbose(@"close(socket4FD)"); + close(socket4FD); + socket4FD = SOCKET_NULL; + } + + if (socket6FD != SOCKET_NULL) + { + LogVerbose(@"close(socket6FD)"); + close(socket6FD); + socket6FD = SOCKET_NULL; + } + + if (socketUN != SOCKET_NULL) + { + LogVerbose(@"close(socketUN)"); + close(socketUN); + socketUN = SOCKET_NULL; + unlink(socketUrl.path.fileSystemRepresentation); + socketUrl = nil; + } + } + else + { + if (accept4Source) + { + LogVerbose(@"dispatch_source_cancel(accept4Source)"); + dispatch_source_cancel(accept4Source); + + // We never suspend accept4Source + + accept4Source = NULL; + } + + if (accept6Source) + { + LogVerbose(@"dispatch_source_cancel(accept6Source)"); + dispatch_source_cancel(accept6Source); + + // We never suspend accept6Source + + accept6Source = NULL; + } + + if (acceptUNSource) + { + LogVerbose(@"dispatch_source_cancel(acceptUNSource)"); + dispatch_source_cancel(acceptUNSource); + + // We never suspend acceptUNSource + + acceptUNSource = NULL; + } + + if (readSource) + { + LogVerbose(@"dispatch_source_cancel(readSource)"); + dispatch_source_cancel(readSource); + + [self resumeReadSource]; + + readSource = NULL; + } + + if (writeSource) + { + LogVerbose(@"dispatch_source_cancel(writeSource)"); + dispatch_source_cancel(writeSource); + + [self resumeWriteSource]; + + writeSource = NULL; + } + + // The sockets will be closed by the cancel handlers of the corresponding source + + socket4FD = SOCKET_NULL; + socket6FD = SOCKET_NULL; + socketUN = SOCKET_NULL; + } + + // If the client has passed the connect/accept method, then the connection has at least begun. + // Notify delegate that it is now ending. + BOOL shouldCallDelegate = (flags & kSocketStarted) ? YES : NO; + BOOL isDeallocating = (flags & kDealloc) ? YES : NO; + + // Clear stored socket info and all flags (config remains as is) + socketFDBytesAvailable = 0; + flags = 0; + sslWriteCachedLength = 0; + + if (shouldCallDelegate) + { + __strong id theDelegate = delegate; + __strong id theSelf = isDeallocating ? nil : self; + + if (delegateQueue && [theDelegate respondsToSelector: @selector(socketDidDisconnect:withError:)]) + { + dispatch_async(delegateQueue, ^{ @autoreleasepool { + + [theDelegate socketDidDisconnect:theSelf withError:error]; + }}); + } + } +} + +- (void)disconnect +{ + dispatch_block_t block = ^{ @autoreleasepool { + + if (self->flags & kSocketStarted) + { + [self closeWithError:nil]; + } + }}; + + // Synchronous disconnection, as documented in the header file + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); +} + +- (void)disconnectAfterReading +{ + dispatch_async(socketQueue, ^{ @autoreleasepool { + + if (self->flags & kSocketStarted) + { + self->flags |= (kForbidReadsWrites | kDisconnectAfterReads); + [self maybeClose]; + } + }}); +} + +- (void)disconnectAfterWriting +{ + dispatch_async(socketQueue, ^{ @autoreleasepool { + + if (self->flags & kSocketStarted) + { + self->flags |= (kForbidReadsWrites | kDisconnectAfterWrites); + [self maybeClose]; + } + }}); +} + +- (void)disconnectAfterReadingAndWriting +{ + dispatch_async(socketQueue, ^{ @autoreleasepool { + + if (self->flags & kSocketStarted) + { + self->flags |= (kForbidReadsWrites | kDisconnectAfterReads | kDisconnectAfterWrites); + [self maybeClose]; + } + }}); +} + +/** + * Closes the socket if possible. + * That is, if all writes have completed, and we're set to disconnect after writing, + * or if all reads have completed, and we're set to disconnect after reading. +**/ +- (void)maybeClose +{ + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + BOOL shouldClose = NO; + + if (flags & kDisconnectAfterReads) + { + if (([readQueue count] == 0) && (currentRead == nil)) + { + if (flags & kDisconnectAfterWrites) + { + if (([writeQueue count] == 0) && (currentWrite == nil)) + { + shouldClose = YES; + } + } + else + { + shouldClose = YES; + } + } + } + else if (flags & kDisconnectAfterWrites) + { + if (([writeQueue count] == 0) && (currentWrite == nil)) + { + shouldClose = YES; + } + } + + if (shouldClose) + { + [self closeWithError:nil]; + } +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Errors +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +- (NSError *)badConfigError:(NSString *)errMsg +{ + NSDictionary *userInfo = @{NSLocalizedDescriptionKey : errMsg}; + + return [NSError errorWithDomain:GCDAsyncSocketErrorDomain code:GCDAsyncSocketBadConfigError userInfo:userInfo]; +} + +- (NSError *)badParamError:(NSString *)errMsg +{ + NSDictionary *userInfo = @{NSLocalizedDescriptionKey : errMsg}; + + return [NSError errorWithDomain:GCDAsyncSocketErrorDomain code:GCDAsyncSocketBadParamError userInfo:userInfo]; +} + ++ (NSError *)gaiError:(int)gai_error +{ + NSString *errMsg = [NSString stringWithCString:gai_strerror(gai_error) encoding:NSASCIIStringEncoding]; + NSDictionary *userInfo = @{NSLocalizedDescriptionKey : errMsg}; + + return [NSError errorWithDomain:@"kCFStreamErrorDomainNetDB" code:gai_error userInfo:userInfo]; +} + +- (NSError *)errorWithErrno:(int)err reason:(NSString *)reason +{ + NSString *errMsg = [NSString stringWithUTF8String:strerror(err)]; + NSDictionary *userInfo = @{NSLocalizedDescriptionKey : errMsg, + NSLocalizedFailureReasonErrorKey : reason}; + + return [NSError errorWithDomain:NSPOSIXErrorDomain code:err userInfo:userInfo]; +} + +- (NSError *)errnoError +{ + NSString *errMsg = [NSString stringWithUTF8String:strerror(errno)]; + NSDictionary *userInfo = @{NSLocalizedDescriptionKey : errMsg}; + + return [NSError errorWithDomain:NSPOSIXErrorDomain code:errno userInfo:userInfo]; +} + +- (NSError *)sslError:(OSStatus)ssl_error +{ + NSString *msg = @"Error code definition can be found in Apple's SecureTransport.h"; + NSDictionary *userInfo = @{NSLocalizedRecoverySuggestionErrorKey : msg}; + + return [NSError errorWithDomain:@"kCFStreamErrorDomainSSL" code:ssl_error userInfo:userInfo]; +} + +- (NSError *)connectTimeoutError +{ + NSString *errMsg = NSLocalizedStringWithDefaultValue(@"GCDAsyncSocketConnectTimeoutError", + @"GCDAsyncSocket", [NSBundle mainBundle], + @"Attempt to connect to host timed out", nil); + + NSDictionary *userInfo = @{NSLocalizedDescriptionKey : errMsg}; + + return [NSError errorWithDomain:GCDAsyncSocketErrorDomain code:GCDAsyncSocketConnectTimeoutError userInfo:userInfo]; +} + +/** + * Returns a standard AsyncSocket maxed out error. +**/ +- (NSError *)readMaxedOutError +{ + NSString *errMsg = NSLocalizedStringWithDefaultValue(@"GCDAsyncSocketReadMaxedOutError", + @"GCDAsyncSocket", [NSBundle mainBundle], + @"Read operation reached set maximum length", nil); + + NSDictionary *info = @{NSLocalizedDescriptionKey : errMsg}; + + return [NSError errorWithDomain:GCDAsyncSocketErrorDomain code:GCDAsyncSocketReadMaxedOutError userInfo:info]; +} + +/** + * Returns a standard AsyncSocket write timeout error. +**/ +- (NSError *)readTimeoutError +{ + NSString *errMsg = NSLocalizedStringWithDefaultValue(@"GCDAsyncSocketReadTimeoutError", + @"GCDAsyncSocket", [NSBundle mainBundle], + @"Read operation timed out", nil); + + NSDictionary *userInfo = @{NSLocalizedDescriptionKey : errMsg}; + + return [NSError errorWithDomain:GCDAsyncSocketErrorDomain code:GCDAsyncSocketReadTimeoutError userInfo:userInfo]; +} + +/** + * Returns a standard AsyncSocket write timeout error. +**/ +- (NSError *)writeTimeoutError +{ + NSString *errMsg = NSLocalizedStringWithDefaultValue(@"GCDAsyncSocketWriteTimeoutError", + @"GCDAsyncSocket", [NSBundle mainBundle], + @"Write operation timed out", nil); + + NSDictionary *userInfo = @{NSLocalizedDescriptionKey : errMsg}; + + return [NSError errorWithDomain:GCDAsyncSocketErrorDomain code:GCDAsyncSocketWriteTimeoutError userInfo:userInfo]; +} + +- (NSError *)connectionClosedError +{ + NSString *errMsg = NSLocalizedStringWithDefaultValue(@"GCDAsyncSocketClosedError", + @"GCDAsyncSocket", [NSBundle mainBundle], + @"Socket closed by remote peer", nil); + + NSDictionary *userInfo = @{NSLocalizedDescriptionKey : errMsg}; + + return [NSError errorWithDomain:GCDAsyncSocketErrorDomain code:GCDAsyncSocketClosedError userInfo:userInfo]; +} + +- (NSError *)otherError:(NSString *)errMsg +{ + NSDictionary *userInfo = @{NSLocalizedDescriptionKey : errMsg}; + + return [NSError errorWithDomain:GCDAsyncSocketErrorDomain code:GCDAsyncSocketOtherError userInfo:userInfo]; +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Diagnostics +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +- (BOOL)isDisconnected +{ + __block BOOL result = NO; + + dispatch_block_t block = ^{ + result = (self->flags & kSocketStarted) ? NO : YES; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + return result; +} + +- (BOOL)isConnected +{ + __block BOOL result = NO; + + dispatch_block_t block = ^{ + result = (self->flags & kConnected) ? YES : NO; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + return result; +} + +- (NSString *)connectedHost +{ + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + if (socket4FD != SOCKET_NULL) + return [self connectedHostFromSocket4:socket4FD]; + if (socket6FD != SOCKET_NULL) + return [self connectedHostFromSocket6:socket6FD]; + + return nil; + } + else + { + __block NSString *result = nil; + + dispatch_sync(socketQueue, ^{ @autoreleasepool { + + if (self->socket4FD != SOCKET_NULL) + result = [self connectedHostFromSocket4:self->socket4FD]; + else if (self->socket6FD != SOCKET_NULL) + result = [self connectedHostFromSocket6:self->socket6FD]; + }}); + + return result; + } +} + +- (uint16_t)connectedPort +{ + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + if (socket4FD != SOCKET_NULL) + return [self connectedPortFromSocket4:socket4FD]; + if (socket6FD != SOCKET_NULL) + return [self connectedPortFromSocket6:socket6FD]; + + return 0; + } + else + { + __block uint16_t result = 0; + + dispatch_sync(socketQueue, ^{ + // No need for autorelease pool + + if (self->socket4FD != SOCKET_NULL) + result = [self connectedPortFromSocket4:self->socket4FD]; + else if (self->socket6FD != SOCKET_NULL) + result = [self connectedPortFromSocket6:self->socket6FD]; + }); + + return result; + } +} + +- (NSURL *)connectedUrl +{ + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + if (socketUN != SOCKET_NULL) + return [self connectedUrlFromSocketUN:socketUN]; + + return nil; + } + else + { + __block NSURL *result = nil; + + dispatch_sync(socketQueue, ^{ @autoreleasepool { + + if (self->socketUN != SOCKET_NULL) + result = [self connectedUrlFromSocketUN:self->socketUN]; + }}); + + return result; + } +} + +- (NSString *)localHost +{ + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + if (socket4FD != SOCKET_NULL) + return [self localHostFromSocket4:socket4FD]; + if (socket6FD != SOCKET_NULL) + return [self localHostFromSocket6:socket6FD]; + + return nil; + } + else + { + __block NSString *result = nil; + + dispatch_sync(socketQueue, ^{ @autoreleasepool { + + if (self->socket4FD != SOCKET_NULL) + result = [self localHostFromSocket4:self->socket4FD]; + else if (self->socket6FD != SOCKET_NULL) + result = [self localHostFromSocket6:self->socket6FD]; + }}); + + return result; + } +} + +- (uint16_t)localPort +{ + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + if (socket4FD != SOCKET_NULL) + return [self localPortFromSocket4:socket4FD]; + if (socket6FD != SOCKET_NULL) + return [self localPortFromSocket6:socket6FD]; + + return 0; + } + else + { + __block uint16_t result = 0; + + dispatch_sync(socketQueue, ^{ + // No need for autorelease pool + + if (self->socket4FD != SOCKET_NULL) + result = [self localPortFromSocket4:self->socket4FD]; + else if (self->socket6FD != SOCKET_NULL) + result = [self localPortFromSocket6:self->socket6FD]; + }); + + return result; + } +} + +- (NSString *)connectedHost4 +{ + if (socket4FD != SOCKET_NULL) + return [self connectedHostFromSocket4:socket4FD]; + + return nil; +} + +- (NSString *)connectedHost6 +{ + if (socket6FD != SOCKET_NULL) + return [self connectedHostFromSocket6:socket6FD]; + + return nil; +} + +- (uint16_t)connectedPort4 +{ + if (socket4FD != SOCKET_NULL) + return [self connectedPortFromSocket4:socket4FD]; + + return 0; +} + +- (uint16_t)connectedPort6 +{ + if (socket6FD != SOCKET_NULL) + return [self connectedPortFromSocket6:socket6FD]; + + return 0; +} + +- (NSString *)localHost4 +{ + if (socket4FD != SOCKET_NULL) + return [self localHostFromSocket4:socket4FD]; + + return nil; +} + +- (NSString *)localHost6 +{ + if (socket6FD != SOCKET_NULL) + return [self localHostFromSocket6:socket6FD]; + + return nil; +} + +- (uint16_t)localPort4 +{ + if (socket4FD != SOCKET_NULL) + return [self localPortFromSocket4:socket4FD]; + + return 0; +} + +- (uint16_t)localPort6 +{ + if (socket6FD != SOCKET_NULL) + return [self localPortFromSocket6:socket6FD]; + + return 0; +} + +- (NSString *)connectedHostFromSocket4:(int)socketFD +{ + struct sockaddr_in sockaddr4; + socklen_t sockaddr4len = sizeof(sockaddr4); + + if (getpeername(socketFD, (struct sockaddr *)&sockaddr4, &sockaddr4len) < 0) + { + return nil; + } + return [[self class] hostFromSockaddr4:&sockaddr4]; +} + +- (NSString *)connectedHostFromSocket6:(int)socketFD +{ + struct sockaddr_in6 sockaddr6; + socklen_t sockaddr6len = sizeof(sockaddr6); + + if (getpeername(socketFD, (struct sockaddr *)&sockaddr6, &sockaddr6len) < 0) + { + return nil; + } + return [[self class] hostFromSockaddr6:&sockaddr6]; +} + +- (uint16_t)connectedPortFromSocket4:(int)socketFD +{ + struct sockaddr_in sockaddr4; + socklen_t sockaddr4len = sizeof(sockaddr4); + + if (getpeername(socketFD, (struct sockaddr *)&sockaddr4, &sockaddr4len) < 0) + { + return 0; + } + return [[self class] portFromSockaddr4:&sockaddr4]; +} + +- (uint16_t)connectedPortFromSocket6:(int)socketFD +{ + struct sockaddr_in6 sockaddr6; + socklen_t sockaddr6len = sizeof(sockaddr6); + + if (getpeername(socketFD, (struct sockaddr *)&sockaddr6, &sockaddr6len) < 0) + { + return 0; + } + return [[self class] portFromSockaddr6:&sockaddr6]; +} + +- (NSURL *)connectedUrlFromSocketUN:(int)socketFD +{ + struct sockaddr_un sockaddr; + socklen_t sockaddrlen = sizeof(sockaddr); + + if (getpeername(socketFD, (struct sockaddr *)&sockaddr, &sockaddrlen) < 0) + { + return 0; + } + return [[self class] urlFromSockaddrUN:&sockaddr]; +} + +- (NSString *)localHostFromSocket4:(int)socketFD +{ + struct sockaddr_in sockaddr4; + socklen_t sockaddr4len = sizeof(sockaddr4); + + if (getsockname(socketFD, (struct sockaddr *)&sockaddr4, &sockaddr4len) < 0) + { + return nil; + } + return [[self class] hostFromSockaddr4:&sockaddr4]; +} + +- (NSString *)localHostFromSocket6:(int)socketFD +{ + struct sockaddr_in6 sockaddr6; + socklen_t sockaddr6len = sizeof(sockaddr6); + + if (getsockname(socketFD, (struct sockaddr *)&sockaddr6, &sockaddr6len) < 0) + { + return nil; + } + return [[self class] hostFromSockaddr6:&sockaddr6]; +} + +- (uint16_t)localPortFromSocket4:(int)socketFD +{ + struct sockaddr_in sockaddr4; + socklen_t sockaddr4len = sizeof(sockaddr4); + + if (getsockname(socketFD, (struct sockaddr *)&sockaddr4, &sockaddr4len) < 0) + { + return 0; + } + return [[self class] portFromSockaddr4:&sockaddr4]; +} + +- (uint16_t)localPortFromSocket6:(int)socketFD +{ + struct sockaddr_in6 sockaddr6; + socklen_t sockaddr6len = sizeof(sockaddr6); + + if (getsockname(socketFD, (struct sockaddr *)&sockaddr6, &sockaddr6len) < 0) + { + return 0; + } + return [[self class] portFromSockaddr6:&sockaddr6]; +} + +- (NSData *)connectedAddress +{ + __block NSData *result = nil; + + dispatch_block_t block = ^{ + if (self->socket4FD != SOCKET_NULL) + { + struct sockaddr_in sockaddr4; + socklen_t sockaddr4len = sizeof(sockaddr4); + + if (getpeername(self->socket4FD, (struct sockaddr *)&sockaddr4, &sockaddr4len) == 0) + { + result = [[NSData alloc] initWithBytes:&sockaddr4 length:sockaddr4len]; + } + } + + if (self->socket6FD != SOCKET_NULL) + { + struct sockaddr_in6 sockaddr6; + socklen_t sockaddr6len = sizeof(sockaddr6); + + if (getpeername(self->socket6FD, (struct sockaddr *)&sockaddr6, &sockaddr6len) == 0) + { + result = [[NSData alloc] initWithBytes:&sockaddr6 length:sockaddr6len]; + } + } + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + return result; +} + +- (NSData *)localAddress +{ + __block NSData *result = nil; + + dispatch_block_t block = ^{ + if (self->socket4FD != SOCKET_NULL) + { + struct sockaddr_in sockaddr4; + socklen_t sockaddr4len = sizeof(sockaddr4); + + if (getsockname(self->socket4FD, (struct sockaddr *)&sockaddr4, &sockaddr4len) == 0) + { + result = [[NSData alloc] initWithBytes:&sockaddr4 length:sockaddr4len]; + } + } + + if (self->socket6FD != SOCKET_NULL) + { + struct sockaddr_in6 sockaddr6; + socklen_t sockaddr6len = sizeof(sockaddr6); + + if (getsockname(self->socket6FD, (struct sockaddr *)&sockaddr6, &sockaddr6len) == 0) + { + result = [[NSData alloc] initWithBytes:&sockaddr6 length:sockaddr6len]; + } + } + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + return result; +} + +- (BOOL)isIPv4 +{ + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + return (socket4FD != SOCKET_NULL); + } + else + { + __block BOOL result = NO; + + dispatch_sync(socketQueue, ^{ + result = (self->socket4FD != SOCKET_NULL); + }); + + return result; + } +} + +- (BOOL)isIPv6 +{ + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + return (socket6FD != SOCKET_NULL); + } + else + { + __block BOOL result = NO; + + dispatch_sync(socketQueue, ^{ + result = (self->socket6FD != SOCKET_NULL); + }); + + return result; + } +} + +- (BOOL)isSecure +{ + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + return (flags & kSocketSecure) ? YES : NO; + } + else + { + __block BOOL result; + + dispatch_sync(socketQueue, ^{ + result = (self->flags & kSocketSecure) ? YES : NO; + }); + + return result; + } +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Utilities +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +/** + * Finds the address of an interface description. + * An inteface description may be an interface name (en0, en1, lo0) or corresponding IP (192.168.4.34). + * + * The interface description may optionally contain a port number at the end, separated by a colon. + * If a non-zero port parameter is provided, any port number in the interface description is ignored. + * + * The returned value is a 'struct sockaddr' wrapped in an NSMutableData object. +**/ +- (void)getInterfaceAddress4:(NSMutableData **)interfaceAddr4Ptr + address6:(NSMutableData **)interfaceAddr6Ptr + fromDescription:(NSString *)interfaceDescription + port:(uint16_t)port +{ + NSMutableData *addr4 = nil; + NSMutableData *addr6 = nil; + + NSString *interface = nil; + + NSArray *components = [interfaceDescription componentsSeparatedByString:@":"]; + if ([components count] > 0) + { + NSString *temp = [components objectAtIndex:0]; + if ([temp length] > 0) + { + interface = temp; + } + } + if ([components count] > 1 && port == 0) + { + NSString *temp = [components objectAtIndex:1]; + long portL = strtol([temp UTF8String], NULL, 10); + + if (portL > 0 && portL <= UINT16_MAX) + { + port = (uint16_t)portL; + } + } + + if (interface == nil) + { + // ANY address + + struct sockaddr_in sockaddr4; + memset(&sockaddr4, 0, sizeof(sockaddr4)); + + sockaddr4.sin_len = sizeof(sockaddr4); + sockaddr4.sin_family = AF_INET; + sockaddr4.sin_port = htons(port); + sockaddr4.sin_addr.s_addr = htonl(INADDR_ANY); + + struct sockaddr_in6 sockaddr6; + memset(&sockaddr6, 0, sizeof(sockaddr6)); + + sockaddr6.sin6_len = sizeof(sockaddr6); + sockaddr6.sin6_family = AF_INET6; + sockaddr6.sin6_port = htons(port); + sockaddr6.sin6_addr = in6addr_any; + + addr4 = [NSMutableData dataWithBytes:&sockaddr4 length:sizeof(sockaddr4)]; + addr6 = [NSMutableData dataWithBytes:&sockaddr6 length:sizeof(sockaddr6)]; + } + else if ([interface isEqualToString:@"localhost"] || [interface isEqualToString:@"loopback"]) + { + // LOOPBACK address + + struct sockaddr_in sockaddr4; + memset(&sockaddr4, 0, sizeof(sockaddr4)); + + sockaddr4.sin_len = sizeof(sockaddr4); + sockaddr4.sin_family = AF_INET; + sockaddr4.sin_port = htons(port); + sockaddr4.sin_addr.s_addr = htonl(INADDR_LOOPBACK); + + struct sockaddr_in6 sockaddr6; + memset(&sockaddr6, 0, sizeof(sockaddr6)); + + sockaddr6.sin6_len = sizeof(sockaddr6); + sockaddr6.sin6_family = AF_INET6; + sockaddr6.sin6_port = htons(port); + sockaddr6.sin6_addr = in6addr_loopback; + + addr4 = [NSMutableData dataWithBytes:&sockaddr4 length:sizeof(sockaddr4)]; + addr6 = [NSMutableData dataWithBytes:&sockaddr6 length:sizeof(sockaddr6)]; + } + else + { + const char *iface = [interface UTF8String]; + + struct ifaddrs *addrs; + const struct ifaddrs *cursor; + + if ((getifaddrs(&addrs) == 0)) + { + cursor = addrs; + while (cursor != NULL) + { + if ((addr4 == nil) && (cursor->ifa_addr->sa_family == AF_INET)) + { + // IPv4 + + struct sockaddr_in nativeAddr4; + memcpy(&nativeAddr4, cursor->ifa_addr, sizeof(nativeAddr4)); + + if (strcmp(cursor->ifa_name, iface) == 0) + { + // Name match + + nativeAddr4.sin_port = htons(port); + + addr4 = [NSMutableData dataWithBytes:&nativeAddr4 length:sizeof(nativeAddr4)]; + } + else + { + char ip[INET_ADDRSTRLEN]; + + const char *conversion = inet_ntop(AF_INET, &nativeAddr4.sin_addr, ip, sizeof(ip)); + + if ((conversion != NULL) && (strcmp(ip, iface) == 0)) + { + // IP match + + nativeAddr4.sin_port = htons(port); + + addr4 = [NSMutableData dataWithBytes:&nativeAddr4 length:sizeof(nativeAddr4)]; + } + } + } + else if ((addr6 == nil) && (cursor->ifa_addr->sa_family == AF_INET6)) + { + // IPv6 + + struct sockaddr_in6 nativeAddr6; + memcpy(&nativeAddr6, cursor->ifa_addr, sizeof(nativeAddr6)); + + if (strcmp(cursor->ifa_name, iface) == 0) + { + // Name match + + nativeAddr6.sin6_port = htons(port); + + addr6 = [NSMutableData dataWithBytes:&nativeAddr6 length:sizeof(nativeAddr6)]; + } + else + { + char ip[INET6_ADDRSTRLEN]; + + const char *conversion = inet_ntop(AF_INET6, &nativeAddr6.sin6_addr, ip, sizeof(ip)); + + if ((conversion != NULL) && (strcmp(ip, iface) == 0)) + { + // IP match + + nativeAddr6.sin6_port = htons(port); + + addr6 = [NSMutableData dataWithBytes:&nativeAddr6 length:sizeof(nativeAddr6)]; + } + } + } + + cursor = cursor->ifa_next; + } + + freeifaddrs(addrs); + } + } + + if (interfaceAddr4Ptr) *interfaceAddr4Ptr = addr4; + if (interfaceAddr6Ptr) *interfaceAddr6Ptr = addr6; +} + +- (NSData *)getInterfaceAddressFromUrl:(NSURL *)url +{ + NSString *path = url.path; + if (path.length == 0) { + return nil; + } + + struct sockaddr_un nativeAddr; + nativeAddr.sun_family = AF_UNIX; + strlcpy(nativeAddr.sun_path, path.fileSystemRepresentation, sizeof(nativeAddr.sun_path)); + nativeAddr.sun_len = (unsigned char)SUN_LEN(&nativeAddr); + NSData *interface = [NSData dataWithBytes:&nativeAddr length:sizeof(struct sockaddr_un)]; + + return interface; +} + +- (void)setupReadAndWriteSourcesForNewlyConnectedSocket:(int)socketFD +{ + readSource = dispatch_source_create(DISPATCH_SOURCE_TYPE_READ, socketFD, 0, socketQueue); + writeSource = dispatch_source_create(DISPATCH_SOURCE_TYPE_WRITE, socketFD, 0, socketQueue); + + // Setup event handlers + + __weak GCDAsyncSocket *weakSelf = self; + + dispatch_source_set_event_handler(readSource, ^{ @autoreleasepool { + #pragma clang diagnostic push + #pragma clang diagnostic warning "-Wimplicit-retain-self" + + __strong GCDAsyncSocket *strongSelf = weakSelf; + if (strongSelf == nil) return_from_block; + + LogVerbose(@"readEventBlock"); + + strongSelf->socketFDBytesAvailable = dispatch_source_get_data(strongSelf->readSource); + LogVerbose(@"socketFDBytesAvailable: %lu", strongSelf->socketFDBytesAvailable); + + if (strongSelf->socketFDBytesAvailable > 0) + [strongSelf doReadData]; + else + [strongSelf doReadEOF]; + + #pragma clang diagnostic pop + }}); + + dispatch_source_set_event_handler(writeSource, ^{ @autoreleasepool { + #pragma clang diagnostic push + #pragma clang diagnostic warning "-Wimplicit-retain-self" + + __strong GCDAsyncSocket *strongSelf = weakSelf; + if (strongSelf == nil) return_from_block; + + LogVerbose(@"writeEventBlock"); + + strongSelf->flags |= kSocketCanAcceptBytes; + [strongSelf doWriteData]; + + #pragma clang diagnostic pop + }}); + + // Setup cancel handlers + + __block int socketFDRefCount = 2; + + #if !OS_OBJECT_USE_OBJC + dispatch_source_t theReadSource = readSource; + dispatch_source_t theWriteSource = writeSource; + #endif + + dispatch_source_set_cancel_handler(readSource, ^{ + #pragma clang diagnostic push + #pragma clang diagnostic warning "-Wimplicit-retain-self" + + LogVerbose(@"readCancelBlock"); + + #if !OS_OBJECT_USE_OBJC + LogVerbose(@"dispatch_release(readSource)"); + dispatch_release(theReadSource); + #endif + + if (--socketFDRefCount == 0) + { + LogVerbose(@"close(socketFD)"); + close(socketFD); + } + + #pragma clang diagnostic pop + }); + + dispatch_source_set_cancel_handler(writeSource, ^{ + #pragma clang diagnostic push + #pragma clang diagnostic warning "-Wimplicit-retain-self" + + LogVerbose(@"writeCancelBlock"); + + #if !OS_OBJECT_USE_OBJC + LogVerbose(@"dispatch_release(writeSource)"); + dispatch_release(theWriteSource); + #endif + + if (--socketFDRefCount == 0) + { + LogVerbose(@"close(socketFD)"); + close(socketFD); + } + + #pragma clang diagnostic pop + }); + + // We will not be able to read until data arrives. + // But we should be able to write immediately. + + socketFDBytesAvailable = 0; + flags &= ~kReadSourceSuspended; + + LogVerbose(@"dispatch_resume(readSource)"); + dispatch_resume(readSource); + + flags |= kSocketCanAcceptBytes; + flags |= kWriteSourceSuspended; +} + +- (BOOL)usingCFStreamForTLS +{ + #if TARGET_OS_IPHONE + + if ((flags & kSocketSecure) && (flags & kUsingCFStreamForTLS)) + { + // The startTLS method was given the GCDAsyncSocketUseCFStreamForTLS flag. + + return YES; + } + + #endif + + return NO; +} + +- (BOOL)usingSecureTransportForTLS +{ + // Invoking this method is equivalent to ![self usingCFStreamForTLS] (just more readable) + + #if TARGET_OS_IPHONE + + if ((flags & kSocketSecure) && (flags & kUsingCFStreamForTLS)) + { + // The startTLS method was given the GCDAsyncSocketUseCFStreamForTLS flag. + + return NO; + } + + #endif + + return YES; +} + +- (void)suspendReadSource +{ + if (!(flags & kReadSourceSuspended)) + { + LogVerbose(@"dispatch_suspend(readSource)"); + + dispatch_suspend(readSource); + flags |= kReadSourceSuspended; + } +} + +- (void)resumeReadSource +{ + if (flags & kReadSourceSuspended) + { + LogVerbose(@"dispatch_resume(readSource)"); + + dispatch_resume(readSource); + flags &= ~kReadSourceSuspended; + } +} + +- (void)suspendWriteSource +{ + if (!(flags & kWriteSourceSuspended)) + { + LogVerbose(@"dispatch_suspend(writeSource)"); + + dispatch_suspend(writeSource); + flags |= kWriteSourceSuspended; + } +} + +- (void)resumeWriteSource +{ + if (flags & kWriteSourceSuspended) + { + LogVerbose(@"dispatch_resume(writeSource)"); + + dispatch_resume(writeSource); + flags &= ~kWriteSourceSuspended; + } +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Reading +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +- (void)readDataWithTimeout:(NSTimeInterval)timeout tag:(long)tag +{ + [self readDataWithTimeout:timeout buffer:nil bufferOffset:0 maxLength:0 tag:tag]; +} + +- (void)readDataWithTimeout:(NSTimeInterval)timeout + buffer:(NSMutableData *)buffer + bufferOffset:(NSUInteger)offset + tag:(long)tag +{ + [self readDataWithTimeout:timeout buffer:buffer bufferOffset:offset maxLength:0 tag:tag]; +} + +- (void)readDataWithTimeout:(NSTimeInterval)timeout + buffer:(NSMutableData *)buffer + bufferOffset:(NSUInteger)offset + maxLength:(NSUInteger)length + tag:(long)tag +{ + if (offset > [buffer length]) { + LogWarn(@"Cannot read: offset > [buffer length]"); + return; + } + + GCDAsyncReadPacket *packet = [[GCDAsyncReadPacket alloc] initWithData:buffer + startOffset:offset + maxLength:length + timeout:timeout + readLength:0 + terminator:nil + tag:tag]; + + dispatch_async(socketQueue, ^{ @autoreleasepool { + + LogTrace(); + + if ((self->flags & kSocketStarted) && !(self->flags & kForbidReadsWrites)) + { + [self->readQueue addObject:packet]; + [self maybeDequeueRead]; + } + }}); + + // Do not rely on the block being run in order to release the packet, + // as the queue might get released without the block completing. +} + +- (void)readDataToLength:(NSUInteger)length withTimeout:(NSTimeInterval)timeout tag:(long)tag +{ + [self readDataToLength:length withTimeout:timeout buffer:nil bufferOffset:0 tag:tag]; +} + +- (void)readDataToLength:(NSUInteger)length + withTimeout:(NSTimeInterval)timeout + buffer:(NSMutableData *)buffer + bufferOffset:(NSUInteger)offset + tag:(long)tag +{ + if (length == 0) { + LogWarn(@"Cannot read: length == 0"); + return; + } + if (offset > [buffer length]) { + LogWarn(@"Cannot read: offset > [buffer length]"); + return; + } + + GCDAsyncReadPacket *packet = [[GCDAsyncReadPacket alloc] initWithData:buffer + startOffset:offset + maxLength:0 + timeout:timeout + readLength:length + terminator:nil + tag:tag]; + + dispatch_async(socketQueue, ^{ @autoreleasepool { + + LogTrace(); + + if ((self->flags & kSocketStarted) && !(self->flags & kForbidReadsWrites)) + { + [self->readQueue addObject:packet]; + [self maybeDequeueRead]; + } + }}); + + // Do not rely on the block being run in order to release the packet, + // as the queue might get released without the block completing. +} + +- (void)readDataToData:(NSData *)data withTimeout:(NSTimeInterval)timeout tag:(long)tag +{ + [self readDataToData:data withTimeout:timeout buffer:nil bufferOffset:0 maxLength:0 tag:tag]; +} + +- (void)readDataToData:(NSData *)data + withTimeout:(NSTimeInterval)timeout + buffer:(NSMutableData *)buffer + bufferOffset:(NSUInteger)offset + tag:(long)tag +{ + [self readDataToData:data withTimeout:timeout buffer:buffer bufferOffset:offset maxLength:0 tag:tag]; +} + +- (void)readDataToData:(NSData *)data withTimeout:(NSTimeInterval)timeout maxLength:(NSUInteger)length tag:(long)tag +{ + [self readDataToData:data withTimeout:timeout buffer:nil bufferOffset:0 maxLength:length tag:tag]; +} + +- (void)readDataToData:(NSData *)data + withTimeout:(NSTimeInterval)timeout + buffer:(NSMutableData *)buffer + bufferOffset:(NSUInteger)offset + maxLength:(NSUInteger)maxLength + tag:(long)tag +{ + if ([data length] == 0) { + LogWarn(@"Cannot read: [data length] == 0"); + return; + } + if (offset > [buffer length]) { + LogWarn(@"Cannot read: offset > [buffer length]"); + return; + } + if (maxLength > 0 && maxLength < [data length]) { + LogWarn(@"Cannot read: maxLength > 0 && maxLength < [data length]"); + return; + } + + GCDAsyncReadPacket *packet = [[GCDAsyncReadPacket alloc] initWithData:buffer + startOffset:offset + maxLength:maxLength + timeout:timeout + readLength:0 + terminator:data + tag:tag]; + + dispatch_async(socketQueue, ^{ @autoreleasepool { + + LogTrace(); + + if ((self->flags & kSocketStarted) && !(self->flags & kForbidReadsWrites)) + { + [self->readQueue addObject:packet]; + [self maybeDequeueRead]; + } + }}); + + // Do not rely on the block being run in order to release the packet, + // as the queue might get released without the block completing. +} + +- (float)progressOfReadReturningTag:(long *)tagPtr bytesDone:(NSUInteger *)donePtr total:(NSUInteger *)totalPtr +{ + __block float result = 0.0F; + + dispatch_block_t block = ^{ + + if (!self->currentRead || ![self->currentRead isKindOfClass:[GCDAsyncReadPacket class]]) + { + // We're not reading anything right now. + + if (tagPtr != NULL) *tagPtr = 0; + if (donePtr != NULL) *donePtr = 0; + if (totalPtr != NULL) *totalPtr = 0; + + result = NAN; + } + else + { + // It's only possible to know the progress of our read if we're reading to a certain length. + // If we're reading to data, we of course have no idea when the data will arrive. + // If we're reading to timeout, then we have no idea when the next chunk of data will arrive. + + NSUInteger done = self->currentRead->bytesDone; + NSUInteger total = self->currentRead->readLength; + + if (tagPtr != NULL) *tagPtr = self->currentRead->tag; + if (donePtr != NULL) *donePtr = done; + if (totalPtr != NULL) *totalPtr = total; + + if (total > 0) + result = (float)done / (float)total; + else + result = 1.0F; + } + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + return result; +} + +/** + * This method starts a new read, if needed. + * + * It is called when: + * - a user requests a read + * - after a read request has finished (to handle the next request) + * - immediately after the socket opens to handle any pending requests + * + * This method also handles auto-disconnect post read/write completion. +**/ +- (void)maybeDequeueRead +{ + LogTrace(); + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + // If we're not currently processing a read AND we have an available read stream + if ((currentRead == nil) && (flags & kConnected)) + { + if ([readQueue count] > 0) + { + // Dequeue the next object in the write queue + currentRead = [readQueue objectAtIndex:0]; + [readQueue removeObjectAtIndex:0]; + + + if ([currentRead isKindOfClass:[GCDAsyncSpecialPacket class]]) + { + LogVerbose(@"Dequeued GCDAsyncSpecialPacket"); + + // Attempt to start TLS + flags |= kStartingReadTLS; + + // This method won't do anything unless both kStartingReadTLS and kStartingWriteTLS are set + [self maybeStartTLS]; + } + else + { + LogVerbose(@"Dequeued GCDAsyncReadPacket"); + + // Setup read timer (if needed) + [self setupReadTimerWithTimeout:currentRead->timeout]; + + // Immediately read, if possible + [self doReadData]; + } + } + else if (flags & kDisconnectAfterReads) + { + if (flags & kDisconnectAfterWrites) + { + if (([writeQueue count] == 0) && (currentWrite == nil)) + { + [self closeWithError:nil]; + } + } + else + { + [self closeWithError:nil]; + } + } + else if (flags & kSocketSecure) + { + [self flushSSLBuffers]; + + // Edge case: + // + // We just drained all data from the ssl buffers, + // and all known data from the socket (socketFDBytesAvailable). + // + // If we didn't get any data from this process, + // then we may have reached the end of the TCP stream. + // + // Be sure callbacks are enabled so we're notified about a disconnection. + + if ([preBuffer availableBytes] == 0) + { + if ([self usingCFStreamForTLS]) { + // Callbacks never disabled + } + else { + [self resumeReadSource]; + } + } + } + } +} + +- (void)flushSSLBuffers +{ + LogTrace(); + + NSAssert((flags & kSocketSecure), @"Cannot flush ssl buffers on non-secure socket"); + + if ([preBuffer availableBytes] > 0) + { + // Only flush the ssl buffers if the prebuffer is empty. + // This is to avoid growing the prebuffer inifinitely large. + + return; + } + + #if TARGET_OS_IPHONE + + if ([self usingCFStreamForTLS]) + { + if ((flags & kSecureSocketHasBytesAvailable) && CFReadStreamHasBytesAvailable(readStream)) + { + LogVerbose(@"%@ - Flushing ssl buffers into prebuffer...", THIS_METHOD); + + CFIndex defaultBytesToRead = (1024 * 4); + + [preBuffer ensureCapacityForWrite:defaultBytesToRead]; + + uint8_t *buffer = [preBuffer writeBuffer]; + + CFIndex result = CFReadStreamRead(readStream, buffer, defaultBytesToRead); + LogVerbose(@"%@ - CFReadStreamRead(): result = %i", THIS_METHOD, (int)result); + + if (result > 0) + { + [preBuffer didWrite:result]; + } + + flags &= ~kSecureSocketHasBytesAvailable; + } + + return; + } + + #endif + + __block NSUInteger estimatedBytesAvailable = 0; + + dispatch_block_t updateEstimatedBytesAvailable = ^{ + + // Figure out if there is any data available to be read + // + // socketFDBytesAvailable <- Number of encrypted bytes we haven't read from the bsd socket + // [sslPreBuffer availableBytes] <- Number of encrypted bytes we've buffered from bsd socket + // sslInternalBufSize <- Number of decrypted bytes SecureTransport has buffered + // + // We call the variable "estimated" because we don't know how many decrypted bytes we'll get + // from the encrypted bytes in the sslPreBuffer. + // However, we do know this is an upper bound on the estimation. + + estimatedBytesAvailable = self->socketFDBytesAvailable + [self->sslPreBuffer availableBytes]; + + size_t sslInternalBufSize = 0; + SSLGetBufferedReadSize(self->sslContext, &sslInternalBufSize); + + estimatedBytesAvailable += sslInternalBufSize; + }; + + updateEstimatedBytesAvailable(); + + if (estimatedBytesAvailable > 0) + { + LogVerbose(@"%@ - Flushing ssl buffers into prebuffer...", THIS_METHOD); + + BOOL done = NO; + do + { + LogVerbose(@"%@ - estimatedBytesAvailable = %lu", THIS_METHOD, (unsigned long)estimatedBytesAvailable); + + // Make sure there's enough room in the prebuffer + + [preBuffer ensureCapacityForWrite:estimatedBytesAvailable]; + + // Read data into prebuffer + + uint8_t *buffer = [preBuffer writeBuffer]; + size_t bytesRead = 0; + + OSStatus result = SSLRead(sslContext, buffer, (size_t)estimatedBytesAvailable, &bytesRead); + LogVerbose(@"%@ - read from secure socket = %u", THIS_METHOD, (unsigned)bytesRead); + + if (bytesRead > 0) + { + [preBuffer didWrite:bytesRead]; + } + + LogVerbose(@"%@ - prebuffer.length = %zu", THIS_METHOD, [preBuffer availableBytes]); + + if (result != noErr) + { + done = YES; + } + else + { + updateEstimatedBytesAvailable(); + } + + } while (!done && estimatedBytesAvailable > 0); + } +} + +- (void)doReadData +{ + LogTrace(); + + // This method is called on the socketQueue. + // It might be called directly, or via the readSource when data is available to be read. + + if ((currentRead == nil) || (flags & kReadsPaused)) + { + LogVerbose(@"No currentRead or kReadsPaused"); + + // Unable to read at this time + + if (flags & kSocketSecure) + { + // Here's the situation: + // + // We have an established secure connection. + // There may not be a currentRead, but there might be encrypted data sitting around for us. + // When the user does get around to issuing a read, that encrypted data will need to be decrypted. + // + // So why make the user wait? + // We might as well get a head start on decrypting some data now. + // + // The other reason we do this has to do with detecting a socket disconnection. + // The SSL/TLS protocol has it's own disconnection handshake. + // So when a secure socket is closed, a "goodbye" packet comes across the wire. + // We want to make sure we read the "goodbye" packet so we can properly detect the TCP disconnection. + + [self flushSSLBuffers]; + } + + if ([self usingCFStreamForTLS]) + { + // CFReadStream only fires once when there is available data. + // It won't fire again until we've invoked CFReadStreamRead. + } + else + { + // If the readSource is firing, we need to pause it + // or else it will continue to fire over and over again. + // + // If the readSource is not firing, + // we want it to continue monitoring the socket. + + if (socketFDBytesAvailable > 0) + { + [self suspendReadSource]; + } + } + return; + } + + BOOL hasBytesAvailable = NO; + unsigned long estimatedBytesAvailable = 0; + + if ([self usingCFStreamForTLS]) + { + #if TARGET_OS_IPHONE + + // Requested CFStream, rather than SecureTransport, for TLS (via GCDAsyncSocketUseCFStreamForTLS) + + estimatedBytesAvailable = 0; + if ((flags & kSecureSocketHasBytesAvailable) && CFReadStreamHasBytesAvailable(readStream)) + hasBytesAvailable = YES; + else + hasBytesAvailable = NO; + + #endif + } + else + { + estimatedBytesAvailable = socketFDBytesAvailable; + + if (flags & kSocketSecure) + { + // There are 2 buffers to be aware of here. + // + // We are using SecureTransport, a TLS/SSL security layer which sits atop TCP. + // We issue a read to the SecureTranport API, which in turn issues a read to our SSLReadFunction. + // Our SSLReadFunction then reads from the BSD socket and returns the encrypted data to SecureTransport. + // SecureTransport then decrypts the data, and finally returns the decrypted data back to us. + // + // The first buffer is one we create. + // SecureTransport often requests small amounts of data. + // This has to do with the encypted packets that are coming across the TCP stream. + // But it's non-optimal to do a bunch of small reads from the BSD socket. + // So our SSLReadFunction reads all available data from the socket (optimizing the sys call) + // and may store excess in the sslPreBuffer. + + estimatedBytesAvailable += [sslPreBuffer availableBytes]; + + // The second buffer is within SecureTransport. + // As mentioned earlier, there are encrypted packets coming across the TCP stream. + // SecureTransport needs the entire packet to decrypt it. + // But if the entire packet produces X bytes of decrypted data, + // and we only asked SecureTransport for X/2 bytes of data, + // it must store the extra X/2 bytes of decrypted data for the next read. + // + // The SSLGetBufferedReadSize function will tell us the size of this internal buffer. + // From the documentation: + // + // "This function does not block or cause any low-level read operations to occur." + + size_t sslInternalBufSize = 0; + SSLGetBufferedReadSize(sslContext, &sslInternalBufSize); + + estimatedBytesAvailable += sslInternalBufSize; + } + + hasBytesAvailable = (estimatedBytesAvailable > 0); + } + + if ((hasBytesAvailable == NO) && ([preBuffer availableBytes] == 0)) + { + LogVerbose(@"No data available to read..."); + + // No data available to read. + + if (![self usingCFStreamForTLS]) + { + // Need to wait for readSource to fire and notify us of + // available data in the socket's internal read buffer. + + [self resumeReadSource]; + } + return; + } + + if (flags & kStartingReadTLS) + { + LogVerbose(@"Waiting for SSL/TLS handshake to complete"); + + // The readQueue is waiting for SSL/TLS handshake to complete. + + if (flags & kStartingWriteTLS) + { + if ([self usingSecureTransportForTLS] && lastSSLHandshakeError == errSSLWouldBlock) + { + // We are in the process of a SSL Handshake. + // We were waiting for incoming data which has just arrived. + + [self ssl_continueSSLHandshake]; + } + } + else + { + // We are still waiting for the writeQueue to drain and start the SSL/TLS process. + // We now know data is available to read. + + if (![self usingCFStreamForTLS]) + { + // Suspend the read source or else it will continue to fire nonstop. + + [self suspendReadSource]; + } + } + + return; + } + + BOOL done = NO; // Completed read operation + NSError *error = nil; // Error occurred + + NSUInteger totalBytesReadForCurrentRead = 0; + + // + // STEP 1 - READ FROM PREBUFFER + // + + if ([preBuffer availableBytes] > 0) + { + // There are 3 types of read packets: + // + // 1) Read all available data. + // 2) Read a specific length of data. + // 3) Read up to a particular terminator. + + NSUInteger bytesToCopy; + + if (currentRead->term != nil) + { + // Read type #3 - read up to a terminator + + bytesToCopy = [currentRead readLengthForTermWithPreBuffer:preBuffer found:&done]; + } + else + { + // Read type #1 or #2 + + bytesToCopy = [currentRead readLengthForNonTermWithHint:[preBuffer availableBytes]]; + } + + // Make sure we have enough room in the buffer for our read. + + [currentRead ensureCapacityForAdditionalDataOfLength:bytesToCopy]; + + // Copy bytes from prebuffer into packet buffer + + uint8_t *buffer = (uint8_t *)[currentRead->buffer mutableBytes] + currentRead->startOffset + + currentRead->bytesDone; + + memcpy(buffer, [preBuffer readBuffer], bytesToCopy); + + // Remove the copied bytes from the preBuffer + [preBuffer didRead:bytesToCopy]; + + LogVerbose(@"copied(%lu) preBufferLength(%zu)", (unsigned long)bytesToCopy, [preBuffer availableBytes]); + + // Update totals + + currentRead->bytesDone += bytesToCopy; + totalBytesReadForCurrentRead += bytesToCopy; + + // Check to see if the read operation is done + + if (currentRead->readLength > 0) + { + // Read type #2 - read a specific length of data + + done = (currentRead->bytesDone == currentRead->readLength); + } + else if (currentRead->term != nil) + { + // Read type #3 - read up to a terminator + + // Our 'done' variable was updated via the readLengthForTermWithPreBuffer:found: method + + if (!done && currentRead->maxLength > 0) + { + // We're not done and there's a set maxLength. + // Have we reached that maxLength yet? + + if (currentRead->bytesDone >= currentRead->maxLength) + { + error = [self readMaxedOutError]; + } + } + } + else + { + // Read type #1 - read all available data + // + // We're done as soon as + // - we've read all available data (in prebuffer and socket) + // - we've read the maxLength of read packet. + + done = ((currentRead->maxLength > 0) && (currentRead->bytesDone == currentRead->maxLength)); + } + + } + + // + // STEP 2 - READ FROM SOCKET + // + + BOOL socketEOF = (flags & kSocketHasReadEOF) ? YES : NO; // Nothing more to read via socket (end of file) + BOOL waiting = !done && !error && !socketEOF && !hasBytesAvailable; // Ran out of data, waiting for more + + if (!done && !error && !socketEOF && hasBytesAvailable) + { + NSAssert(([preBuffer availableBytes] == 0), @"Invalid logic"); + + BOOL readIntoPreBuffer = NO; + uint8_t *buffer = NULL; + size_t bytesRead = 0; + + if (flags & kSocketSecure) + { + if ([self usingCFStreamForTLS]) + { + #if TARGET_OS_IPHONE + + // Using CFStream, rather than SecureTransport, for TLS + + NSUInteger defaultReadLength = (1024 * 32); + + NSUInteger bytesToRead = [currentRead optimalReadLengthWithDefault:defaultReadLength + shouldPreBuffer:&readIntoPreBuffer]; + + // Make sure we have enough room in the buffer for our read. + // + // We are either reading directly into the currentRead->buffer, + // or we're reading into the temporary preBuffer. + + if (readIntoPreBuffer) + { + [preBuffer ensureCapacityForWrite:bytesToRead]; + + buffer = [preBuffer writeBuffer]; + } + else + { + [currentRead ensureCapacityForAdditionalDataOfLength:bytesToRead]; + + buffer = (uint8_t *)[currentRead->buffer mutableBytes] + + currentRead->startOffset + + currentRead->bytesDone; + } + + // Read data into buffer + + CFIndex result = CFReadStreamRead(readStream, buffer, (CFIndex)bytesToRead); + LogVerbose(@"CFReadStreamRead(): result = %i", (int)result); + + if (result < 0) + { + error = (__bridge_transfer NSError *)CFReadStreamCopyError(readStream); + } + else if (result == 0) + { + socketEOF = YES; + } + else + { + waiting = YES; + bytesRead = (size_t)result; + } + + // We only know how many decrypted bytes were read. + // The actual number of bytes read was likely more due to the overhead of the encryption. + // So we reset our flag, and rely on the next callback to alert us of more data. + flags &= ~kSecureSocketHasBytesAvailable; + + #endif + } + else + { + // Using SecureTransport for TLS + // + // We know: + // - how many bytes are available on the socket + // - how many encrypted bytes are sitting in the sslPreBuffer + // - how many decypted bytes are sitting in the sslContext + // + // But we do NOT know: + // - how many encypted bytes are sitting in the sslContext + // + // So we play the regular game of using an upper bound instead. + + NSUInteger defaultReadLength = (1024 * 32); + + if (defaultReadLength < estimatedBytesAvailable) { + defaultReadLength = estimatedBytesAvailable + (1024 * 16); + } + + NSUInteger bytesToRead = [currentRead optimalReadLengthWithDefault:defaultReadLength + shouldPreBuffer:&readIntoPreBuffer]; + + if (bytesToRead > SIZE_MAX) { // NSUInteger may be bigger than size_t + bytesToRead = SIZE_MAX; + } + + // Make sure we have enough room in the buffer for our read. + // + // We are either reading directly into the currentRead->buffer, + // or we're reading into the temporary preBuffer. + + if (readIntoPreBuffer) + { + [preBuffer ensureCapacityForWrite:bytesToRead]; + + buffer = [preBuffer writeBuffer]; + } + else + { + [currentRead ensureCapacityForAdditionalDataOfLength:bytesToRead]; + + buffer = (uint8_t *)[currentRead->buffer mutableBytes] + + currentRead->startOffset + + currentRead->bytesDone; + } + + // The documentation from Apple states: + // + // "a read operation might return errSSLWouldBlock, + // indicating that less data than requested was actually transferred" + // + // However, starting around 10.7, the function will sometimes return noErr, + // even if it didn't read as much data as requested. So we need to watch out for that. + + OSStatus result; + do + { + void *loop_buffer = buffer + bytesRead; + size_t loop_bytesToRead = (size_t)bytesToRead - bytesRead; + size_t loop_bytesRead = 0; + + result = SSLRead(sslContext, loop_buffer, loop_bytesToRead, &loop_bytesRead); + LogVerbose(@"read from secure socket = %u", (unsigned)loop_bytesRead); + + bytesRead += loop_bytesRead; + + } while ((result == noErr) && (bytesRead < bytesToRead)); + + + if (result != noErr) + { + if (result == errSSLWouldBlock) + waiting = YES; + else + { + if (result == errSSLClosedGraceful || result == errSSLClosedAbort) + { + // We've reached the end of the stream. + // Handle this the same way we would an EOF from the socket. + socketEOF = YES; + sslErrCode = result; + } + else + { + error = [self sslError:result]; + } + } + // It's possible that bytesRead > 0, even if the result was errSSLWouldBlock. + // This happens when the SSLRead function is able to read some data, + // but not the entire amount we requested. + + if (bytesRead <= 0) + { + bytesRead = 0; + } + } + + // Do not modify socketFDBytesAvailable. + // It will be updated via the SSLReadFunction(). + } + } + else + { + // Normal socket operation + + NSUInteger bytesToRead; + + // There are 3 types of read packets: + // + // 1) Read all available data. + // 2) Read a specific length of data. + // 3) Read up to a particular terminator. + + if (currentRead->term != nil) + { + // Read type #3 - read up to a terminator + + bytesToRead = [currentRead readLengthForTermWithHint:estimatedBytesAvailable + shouldPreBuffer:&readIntoPreBuffer]; + } + else + { + // Read type #1 or #2 + + bytesToRead = [currentRead readLengthForNonTermWithHint:estimatedBytesAvailable]; + } + + if (bytesToRead > SIZE_MAX) { // NSUInteger may be bigger than size_t (read param 3) + bytesToRead = SIZE_MAX; + } + + // Make sure we have enough room in the buffer for our read. + // + // We are either reading directly into the currentRead->buffer, + // or we're reading into the temporary preBuffer. + + if (readIntoPreBuffer) + { + [preBuffer ensureCapacityForWrite:bytesToRead]; + + buffer = [preBuffer writeBuffer]; + } + else + { + [currentRead ensureCapacityForAdditionalDataOfLength:bytesToRead]; + + buffer = (uint8_t *)[currentRead->buffer mutableBytes] + + currentRead->startOffset + + currentRead->bytesDone; + } + + // Read data into buffer + + int socketFD = (socket4FD != SOCKET_NULL) ? socket4FD : (socket6FD != SOCKET_NULL) ? socket6FD : socketUN; + + ssize_t result = read(socketFD, buffer, (size_t)bytesToRead); + LogVerbose(@"read from socket = %i", (int)result); + + if (result < 0) + { + if (errno == EWOULDBLOCK) + waiting = YES; + else + error = [self errorWithErrno:errno reason:@"Error in read() function"]; + + socketFDBytesAvailable = 0; + } + else if (result == 0) + { + socketEOF = YES; + socketFDBytesAvailable = 0; + } + else + { + bytesRead = result; + + if (bytesRead < bytesToRead) + { + // The read returned less data than requested. + // This means socketFDBytesAvailable was a bit off due to timing, + // because we read from the socket right when the readSource event was firing. + socketFDBytesAvailable = 0; + } + else + { + if (socketFDBytesAvailable <= bytesRead) + socketFDBytesAvailable = 0; + else + socketFDBytesAvailable -= bytesRead; + } + + if (socketFDBytesAvailable == 0) + { + waiting = YES; + } + } + } + + if (bytesRead > 0) + { + // Check to see if the read operation is done + + if (currentRead->readLength > 0) + { + // Read type #2 - read a specific length of data + // + // Note: We should never be using a prebuffer when we're reading a specific length of data. + + NSAssert(readIntoPreBuffer == NO, @"Invalid logic"); + + currentRead->bytesDone += bytesRead; + totalBytesReadForCurrentRead += bytesRead; + + done = (currentRead->bytesDone == currentRead->readLength); + } + else if (currentRead->term != nil) + { + // Read type #3 - read up to a terminator + + if (readIntoPreBuffer) + { + // We just read a big chunk of data into the preBuffer + + [preBuffer didWrite:bytesRead]; + LogVerbose(@"read data into preBuffer - preBuffer.length = %zu", [preBuffer availableBytes]); + + // Search for the terminating sequence + + NSUInteger bytesToCopy = [currentRead readLengthForTermWithPreBuffer:preBuffer found:&done]; + LogVerbose(@"copying %lu bytes from preBuffer", (unsigned long)bytesToCopy); + + // Ensure there's room on the read packet's buffer + + [currentRead ensureCapacityForAdditionalDataOfLength:bytesToCopy]; + + // Copy bytes from prebuffer into read buffer + + uint8_t *readBuf = (uint8_t *)[currentRead->buffer mutableBytes] + currentRead->startOffset + + currentRead->bytesDone; + + memcpy(readBuf, [preBuffer readBuffer], bytesToCopy); + + // Remove the copied bytes from the prebuffer + [preBuffer didRead:bytesToCopy]; + LogVerbose(@"preBuffer.length = %zu", [preBuffer availableBytes]); + + // Update totals + currentRead->bytesDone += bytesToCopy; + totalBytesReadForCurrentRead += bytesToCopy; + + // Our 'done' variable was updated via the readLengthForTermWithPreBuffer:found: method above + } + else + { + // We just read a big chunk of data directly into the packet's buffer. + // We need to move any overflow into the prebuffer. + + NSInteger overflow = [currentRead searchForTermAfterPreBuffering:bytesRead]; + + if (overflow == 0) + { + // Perfect match! + // Every byte we read stays in the read buffer, + // and the last byte we read was the last byte of the term. + + currentRead->bytesDone += bytesRead; + totalBytesReadForCurrentRead += bytesRead; + done = YES; + } + else if (overflow > 0) + { + // The term was found within the data that we read, + // and there are extra bytes that extend past the end of the term. + // We need to move these excess bytes out of the read packet and into the prebuffer. + + NSInteger underflow = bytesRead - overflow; + + // Copy excess data into preBuffer + + LogVerbose(@"copying %ld overflow bytes into preBuffer", (long)overflow); + [preBuffer ensureCapacityForWrite:overflow]; + + uint8_t *overflowBuffer = buffer + underflow; + memcpy([preBuffer writeBuffer], overflowBuffer, overflow); + + [preBuffer didWrite:overflow]; + LogVerbose(@"preBuffer.length = %zu", [preBuffer availableBytes]); + + // Note: The completeCurrentRead method will trim the buffer for us. + + currentRead->bytesDone += underflow; + totalBytesReadForCurrentRead += underflow; + done = YES; + } + else + { + // The term was not found within the data that we read. + + currentRead->bytesDone += bytesRead; + totalBytesReadForCurrentRead += bytesRead; + done = NO; + } + } + + if (!done && currentRead->maxLength > 0) + { + // We're not done and there's a set maxLength. + // Have we reached that maxLength yet? + + if (currentRead->bytesDone >= currentRead->maxLength) + { + error = [self readMaxedOutError]; + } + } + } + else + { + // Read type #1 - read all available data + + if (readIntoPreBuffer) + { + // We just read a chunk of data into the preBuffer + + [preBuffer didWrite:bytesRead]; + + // Now copy the data into the read packet. + // + // Recall that we didn't read directly into the packet's buffer to avoid + // over-allocating memory since we had no clue how much data was available to be read. + // + // Ensure there's room on the read packet's buffer + + [currentRead ensureCapacityForAdditionalDataOfLength:bytesRead]; + + // Copy bytes from prebuffer into read buffer + + uint8_t *readBuf = (uint8_t *)[currentRead->buffer mutableBytes] + currentRead->startOffset + + currentRead->bytesDone; + + memcpy(readBuf, [preBuffer readBuffer], bytesRead); + + // Remove the copied bytes from the prebuffer + [preBuffer didRead:bytesRead]; + + // Update totals + currentRead->bytesDone += bytesRead; + totalBytesReadForCurrentRead += bytesRead; + } + else + { + currentRead->bytesDone += bytesRead; + totalBytesReadForCurrentRead += bytesRead; + } + + done = YES; + } + + } // if (bytesRead > 0) + + } // if (!done && !error && !socketEOF && hasBytesAvailable) + + + if (!done && currentRead->readLength == 0 && currentRead->term == nil) + { + // Read type #1 - read all available data + // + // We might arrive here if we read data from the prebuffer but not from the socket. + + done = (totalBytesReadForCurrentRead > 0); + } + + // Check to see if we're done, or if we've made progress + + if (done) + { + [self completeCurrentRead]; + + if (!error && (!socketEOF || [preBuffer availableBytes] > 0)) + { + [self maybeDequeueRead]; + } + } + else if (totalBytesReadForCurrentRead > 0) + { + // We're not done read type #2 or #3 yet, but we have read in some bytes + // + // We ensure that `waiting` is set in order to resume the readSource (if it is suspended). It is + // possible to reach this point and `waiting` not be set, if the current read's length is + // sufficiently large. In that case, we may have read to some upperbound successfully, but + // that upperbound could be smaller than the desired length. + waiting = YES; + + __strong id theDelegate = delegate; + + if (delegateQueue && [theDelegate respondsToSelector:@selector(socket:didReadPartialDataOfLength:tag:)]) + { + long theReadTag = currentRead->tag; + + dispatch_async(delegateQueue, ^{ @autoreleasepool { + + [theDelegate socket:self didReadPartialDataOfLength:totalBytesReadForCurrentRead tag:theReadTag]; + }}); + } + } + + // Check for errors + + if (error) + { + [self closeWithError:error]; + } + else if (socketEOF) + { + [self doReadEOF]; + } + else if (waiting) + { + if (![self usingCFStreamForTLS]) + { + // Monitor the socket for readability (if we're not already doing so) + [self resumeReadSource]; + } + } + + // Do not add any code here without first adding return statements in the error cases above. +} + +- (void)doReadEOF +{ + LogTrace(); + + // This method may be called more than once. + // If the EOF is read while there is still data in the preBuffer, + // then this method may be called continually after invocations of doReadData to see if it's time to disconnect. + + flags |= kSocketHasReadEOF; + + if (flags & kSocketSecure) + { + // If the SSL layer has any buffered data, flush it into the preBuffer now. + + [self flushSSLBuffers]; + } + + BOOL shouldDisconnect = NO; + NSError *error = nil; + + if ((flags & kStartingReadTLS) || (flags & kStartingWriteTLS)) + { + // We received an EOF during or prior to startTLS. + // The SSL/TLS handshake is now impossible, so this is an unrecoverable situation. + + shouldDisconnect = YES; + + if ([self usingSecureTransportForTLS]) + { + error = [self sslError:errSSLClosedAbort]; + } + } + else if (flags & kReadStreamClosed) + { + // The preBuffer has already been drained. + // The config allows half-duplex connections. + // We've previously checked the socket, and it appeared writeable. + // So we marked the read stream as closed and notified the delegate. + // + // As per the half-duplex contract, the socket will be closed when a write fails, + // or when the socket is manually closed. + + shouldDisconnect = NO; + } + else if ([preBuffer availableBytes] > 0) + { + LogVerbose(@"Socket reached EOF, but there is still data available in prebuffer"); + + // Although we won't be able to read any more data from the socket, + // there is existing data that has been prebuffered that we can read. + + shouldDisconnect = NO; + } + else if (config & kAllowHalfDuplexConnection) + { + // We just received an EOF (end of file) from the socket's read stream. + // This means the remote end of the socket (the peer we're connected to) + // has explicitly stated that it will not be sending us any more data. + // + // Query the socket to see if it is still writeable. (Perhaps the peer will continue reading data from us) + + int socketFD = (socket4FD != SOCKET_NULL) ? socket4FD : (socket6FD != SOCKET_NULL) ? socket6FD : socketUN; + + struct pollfd pfd[1]; + pfd[0].fd = socketFD; + pfd[0].events = POLLOUT; + pfd[0].revents = 0; + + poll(pfd, 1, 0); + + if (pfd[0].revents & POLLOUT) + { + // Socket appears to still be writeable + + shouldDisconnect = NO; + flags |= kReadStreamClosed; + + // Notify the delegate that we're going half-duplex + + __strong id theDelegate = delegate; + + if (delegateQueue && [theDelegate respondsToSelector:@selector(socketDidCloseReadStream:)]) + { + dispatch_async(delegateQueue, ^{ @autoreleasepool { + + [theDelegate socketDidCloseReadStream:self]; + }}); + } + } + else + { + shouldDisconnect = YES; + } + } + else + { + shouldDisconnect = YES; + } + + + if (shouldDisconnect) + { + if (error == nil) + { + if ([self usingSecureTransportForTLS]) + { + if (sslErrCode != noErr && sslErrCode != errSSLClosedGraceful) + { + error = [self sslError:sslErrCode]; + } + else + { + error = [self connectionClosedError]; + } + } + else + { + error = [self connectionClosedError]; + } + } + [self closeWithError:error]; + } + else + { + if (![self usingCFStreamForTLS]) + { + // Suspend the read source (if needed) + + [self suspendReadSource]; + } + } +} + +- (void)completeCurrentRead +{ + LogTrace(); + + NSAssert(currentRead, @"Trying to complete current read when there is no current read."); + + + NSData *result = nil; + + if (currentRead->bufferOwner) + { + // We created the buffer on behalf of the user. + // Trim our buffer to be the proper size. + [currentRead->buffer setLength:currentRead->bytesDone]; + + result = currentRead->buffer; + } + else + { + // We did NOT create the buffer. + // The buffer is owned by the caller. + // Only trim the buffer if we had to increase its size. + + if ([currentRead->buffer length] > currentRead->originalBufferLength) + { + NSUInteger readSize = currentRead->startOffset + currentRead->bytesDone; + NSUInteger origSize = currentRead->originalBufferLength; + + NSUInteger buffSize = MAX(readSize, origSize); + + [currentRead->buffer setLength:buffSize]; + } + + uint8_t *buffer = (uint8_t *)[currentRead->buffer mutableBytes] + currentRead->startOffset; + + result = [NSData dataWithBytesNoCopy:buffer length:currentRead->bytesDone freeWhenDone:NO]; + } + + __strong id theDelegate = delegate; + + if (delegateQueue && [theDelegate respondsToSelector:@selector(socket:didReadData:withTag:)]) + { + GCDAsyncReadPacket *theRead = currentRead; // Ensure currentRead retained since result may not own buffer + + dispatch_async(delegateQueue, ^{ @autoreleasepool { + + [theDelegate socket:self didReadData:result withTag:theRead->tag]; + }}); + } + + [self endCurrentRead]; +} + +- (void)endCurrentRead +{ + if (readTimer) + { + dispatch_source_cancel(readTimer); + readTimer = NULL; + } + + currentRead = nil; +} + +- (void)setupReadTimerWithTimeout:(NSTimeInterval)timeout +{ + if (timeout >= 0.0) + { + readTimer = dispatch_source_create(DISPATCH_SOURCE_TYPE_TIMER, 0, 0, socketQueue); + + __weak GCDAsyncSocket *weakSelf = self; + + dispatch_source_set_event_handler(readTimer, ^{ @autoreleasepool { + #pragma clang diagnostic push + #pragma clang diagnostic warning "-Wimplicit-retain-self" + + __strong GCDAsyncSocket *strongSelf = weakSelf; + if (strongSelf == nil) return_from_block; + + [strongSelf doReadTimeout]; + + #pragma clang diagnostic pop + }}); + + #if !OS_OBJECT_USE_OBJC + dispatch_source_t theReadTimer = readTimer; + dispatch_source_set_cancel_handler(readTimer, ^{ + #pragma clang diagnostic push + #pragma clang diagnostic warning "-Wimplicit-retain-self" + + LogVerbose(@"dispatch_release(readTimer)"); + dispatch_release(theReadTimer); + + #pragma clang diagnostic pop + }); + #endif + + dispatch_time_t tt = dispatch_time(DISPATCH_TIME_NOW, (int64_t)(timeout * NSEC_PER_SEC)); + + dispatch_source_set_timer(readTimer, tt, DISPATCH_TIME_FOREVER, 0); + dispatch_resume(readTimer); + } +} + +- (void)doReadTimeout +{ + // This is a little bit tricky. + // Ideally we'd like to synchronously query the delegate about a timeout extension. + // But if we do so synchronously we risk a possible deadlock. + // So instead we have to do so asynchronously, and callback to ourselves from within the delegate block. + + flags |= kReadsPaused; + + __strong id theDelegate = delegate; + + if (delegateQueue && [theDelegate respondsToSelector:@selector(socket:shouldTimeoutReadWithTag:elapsed:bytesDone:)]) + { + GCDAsyncReadPacket *theRead = currentRead; + + dispatch_async(delegateQueue, ^{ @autoreleasepool { + + NSTimeInterval timeoutExtension = 0.0; + + timeoutExtension = [theDelegate socket:self shouldTimeoutReadWithTag:theRead->tag + elapsed:theRead->timeout + bytesDone:theRead->bytesDone]; + + dispatch_async(self->socketQueue, ^{ @autoreleasepool { + + [self doReadTimeoutWithExtension:timeoutExtension]; + }}); + }}); + } + else + { + [self doReadTimeoutWithExtension:0.0]; + } +} + +- (void)doReadTimeoutWithExtension:(NSTimeInterval)timeoutExtension +{ + if (currentRead) + { + if (timeoutExtension > 0.0) + { + currentRead->timeout += timeoutExtension; + + // Reschedule the timer + dispatch_time_t tt = dispatch_time(DISPATCH_TIME_NOW, (int64_t)(timeoutExtension * NSEC_PER_SEC)); + dispatch_source_set_timer(readTimer, tt, DISPATCH_TIME_FOREVER, 0); + + // Unpause reads, and continue + flags &= ~kReadsPaused; + [self doReadData]; + } + else + { + LogVerbose(@"ReadTimeout"); + + [self closeWithError:[self readTimeoutError]]; + } + } +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Writing +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +- (void)writeData:(NSData *)data withTimeout:(NSTimeInterval)timeout tag:(long)tag +{ + if ([data length] == 0) return; + + GCDAsyncWritePacket *packet = [[GCDAsyncWritePacket alloc] initWithData:data timeout:timeout tag:tag]; + + dispatch_async(socketQueue, ^{ @autoreleasepool { + + LogTrace(); + + if ((self->flags & kSocketStarted) && !(self->flags & kForbidReadsWrites)) + { + [self->writeQueue addObject:packet]; + [self maybeDequeueWrite]; + } + }}); + + // Do not rely on the block being run in order to release the packet, + // as the queue might get released without the block completing. +} + +- (float)progressOfWriteReturningTag:(long *)tagPtr bytesDone:(NSUInteger *)donePtr total:(NSUInteger *)totalPtr +{ + __block float result = 0.0F; + + dispatch_block_t block = ^{ + + if (!self->currentWrite || ![self->currentWrite isKindOfClass:[GCDAsyncWritePacket class]]) + { + // We're not writing anything right now. + + if (tagPtr != NULL) *tagPtr = 0; + if (donePtr != NULL) *donePtr = 0; + if (totalPtr != NULL) *totalPtr = 0; + + result = NAN; + } + else + { + NSUInteger done = self->currentWrite->bytesDone; + NSUInteger total = [self->currentWrite->buffer length]; + + if (tagPtr != NULL) *tagPtr = self->currentWrite->tag; + if (donePtr != NULL) *donePtr = done; + if (totalPtr != NULL) *totalPtr = total; + + result = (float)done / (float)total; + } + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + return result; +} + +/** + * Conditionally starts a new write. + * + * It is called when: + * - a user requests a write + * - after a write request has finished (to handle the next request) + * - immediately after the socket opens to handle any pending requests + * + * This method also handles auto-disconnect post read/write completion. +**/ +- (void)maybeDequeueWrite +{ + LogTrace(); + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + + // If we're not currently processing a write AND we have an available write stream + if ((currentWrite == nil) && (flags & kConnected)) + { + if ([writeQueue count] > 0) + { + // Dequeue the next object in the write queue + currentWrite = [writeQueue objectAtIndex:0]; + [writeQueue removeObjectAtIndex:0]; + + + if ([currentWrite isKindOfClass:[GCDAsyncSpecialPacket class]]) + { + LogVerbose(@"Dequeued GCDAsyncSpecialPacket"); + + // Attempt to start TLS + flags |= kStartingWriteTLS; + + // This method won't do anything unless both kStartingReadTLS and kStartingWriteTLS are set + [self maybeStartTLS]; + } + else + { + LogVerbose(@"Dequeued GCDAsyncWritePacket"); + + // Setup write timer (if needed) + [self setupWriteTimerWithTimeout:currentWrite->timeout]; + + // Immediately write, if possible + [self doWriteData]; + } + } + else if (flags & kDisconnectAfterWrites) + { + if (flags & kDisconnectAfterReads) + { + if (([readQueue count] == 0) && (currentRead == nil)) + { + [self closeWithError:nil]; + } + } + else + { + [self closeWithError:nil]; + } + } + } +} + +- (void)doWriteData +{ + LogTrace(); + + // This method is called by the writeSource via the socketQueue + + if ((currentWrite == nil) || (flags & kWritesPaused)) + { + LogVerbose(@"No currentWrite or kWritesPaused"); + + // Unable to write at this time + + if ([self usingCFStreamForTLS]) + { + // CFWriteStream only fires once when there is available data. + // It won't fire again until we've invoked CFWriteStreamWrite. + } + else + { + // If the writeSource is firing, we need to pause it + // or else it will continue to fire over and over again. + + if (flags & kSocketCanAcceptBytes) + { + [self suspendWriteSource]; + } + } + return; + } + + if (!(flags & kSocketCanAcceptBytes)) + { + LogVerbose(@"No space available to write..."); + + // No space available to write. + + if (![self usingCFStreamForTLS]) + { + // Need to wait for writeSource to fire and notify us of + // available space in the socket's internal write buffer. + + [self resumeWriteSource]; + } + return; + } + + if (flags & kStartingWriteTLS) + { + LogVerbose(@"Waiting for SSL/TLS handshake to complete"); + + // The writeQueue is waiting for SSL/TLS handshake to complete. + + if (flags & kStartingReadTLS) + { + if ([self usingSecureTransportForTLS] && lastSSLHandshakeError == errSSLWouldBlock) + { + // We are in the process of a SSL Handshake. + // We were waiting for available space in the socket's internal OS buffer to continue writing. + + [self ssl_continueSSLHandshake]; + } + } + else + { + // We are still waiting for the readQueue to drain and start the SSL/TLS process. + // We now know we can write to the socket. + + if (![self usingCFStreamForTLS]) + { + // Suspend the write source or else it will continue to fire nonstop. + + [self suspendWriteSource]; + } + } + + return; + } + + // Note: This method is not called if currentWrite is a GCDAsyncSpecialPacket (startTLS packet) + + BOOL waiting = NO; + NSError *error = nil; + size_t bytesWritten = 0; + + if (flags & kSocketSecure) + { + if ([self usingCFStreamForTLS]) + { + #if TARGET_OS_IPHONE + + // + // Writing data using CFStream (over internal TLS) + // + + const uint8_t *buffer = (const uint8_t *)[currentWrite->buffer bytes] + currentWrite->bytesDone; + + NSUInteger bytesToWrite = [currentWrite->buffer length] - currentWrite->bytesDone; + + if (bytesToWrite > SIZE_MAX) // NSUInteger may be bigger than size_t (write param 3) + { + bytesToWrite = SIZE_MAX; + } + + CFIndex result = CFWriteStreamWrite(writeStream, buffer, (CFIndex)bytesToWrite); + LogVerbose(@"CFWriteStreamWrite(%lu) = %li", (unsigned long)bytesToWrite, result); + + if (result < 0) + { + error = (__bridge_transfer NSError *)CFWriteStreamCopyError(writeStream); + } + else + { + bytesWritten = (size_t)result; + + // We always set waiting to true in this scenario. + // CFStream may have altered our underlying socket to non-blocking. + // Thus if we attempt to write without a callback, we may end up blocking our queue. + waiting = YES; + } + + #endif + } + else + { + // We're going to use the SSLWrite function. + // + // OSStatus SSLWrite(SSLContextRef context, const void *data, size_t dataLength, size_t *processed) + // + // Parameters: + // context - An SSL session context reference. + // data - A pointer to the buffer of data to write. + // dataLength - The amount, in bytes, of data to write. + // processed - On return, the length, in bytes, of the data actually written. + // + // It sounds pretty straight-forward, + // but there are a few caveats you should be aware of. + // + // The SSLWrite method operates in a non-obvious (and rather annoying) manner. + // According to the documentation: + // + // Because you may configure the underlying connection to operate in a non-blocking manner, + // a write operation might return errSSLWouldBlock, indicating that less data than requested + // was actually transferred. In this case, you should repeat the call to SSLWrite until some + // other result is returned. + // + // This sounds perfect, but when our SSLWriteFunction returns errSSLWouldBlock, + // then the SSLWrite method returns (with the proper errSSLWouldBlock return value), + // but it sets processed to dataLength !! + // + // In other words, if the SSLWrite function doesn't completely write all the data we tell it to, + // then it doesn't tell us how many bytes were actually written. So, for example, if we tell it to + // write 256 bytes then it might actually write 128 bytes, but then report 0 bytes written. + // + // You might be wondering: + // If the SSLWrite function doesn't tell us how many bytes were written, + // then how in the world are we supposed to update our parameters (buffer & bytesToWrite) + // for the next time we invoke SSLWrite? + // + // The answer is that SSLWrite cached all the data we told it to write, + // and it will push out that data next time we call SSLWrite. + // If we call SSLWrite with new data, it will push out the cached data first, and then the new data. + // If we call SSLWrite with empty data, then it will simply push out the cached data. + // + // For this purpose we're going to break large writes into a series of smaller writes. + // This allows us to report progress back to the delegate. + + OSStatus result; + + BOOL hasCachedDataToWrite = (sslWriteCachedLength > 0); + BOOL hasNewDataToWrite = YES; + + if (hasCachedDataToWrite) + { + size_t processed = 0; + + result = SSLWrite(sslContext, NULL, 0, &processed); + + if (result == noErr) + { + bytesWritten = sslWriteCachedLength; + sslWriteCachedLength = 0; + + if ([currentWrite->buffer length] == (currentWrite->bytesDone + bytesWritten)) + { + // We've written all data for the current write. + hasNewDataToWrite = NO; + } + } + else + { + if (result == errSSLWouldBlock) + { + waiting = YES; + } + else + { + error = [self sslError:result]; + } + + // Can't write any new data since we were unable to write the cached data. + hasNewDataToWrite = NO; + } + } + + if (hasNewDataToWrite) + { + const uint8_t *buffer = (const uint8_t *)[currentWrite->buffer bytes] + + currentWrite->bytesDone + + bytesWritten; + + NSUInteger bytesToWrite = [currentWrite->buffer length] - currentWrite->bytesDone - bytesWritten; + + if (bytesToWrite > SIZE_MAX) // NSUInteger may be bigger than size_t (write param 3) + { + bytesToWrite = SIZE_MAX; + } + + size_t bytesRemaining = bytesToWrite; + + BOOL keepLooping = YES; + while (keepLooping) + { + const size_t sslMaxBytesToWrite = 32768; + size_t sslBytesToWrite = MIN(bytesRemaining, sslMaxBytesToWrite); + size_t sslBytesWritten = 0; + + result = SSLWrite(sslContext, buffer, sslBytesToWrite, &sslBytesWritten); + + if (result == noErr) + { + buffer += sslBytesWritten; + bytesWritten += sslBytesWritten; + bytesRemaining -= sslBytesWritten; + + keepLooping = (bytesRemaining > 0); + } + else + { + if (result == errSSLWouldBlock) + { + waiting = YES; + sslWriteCachedLength = sslBytesToWrite; + } + else + { + error = [self sslError:result]; + } + + keepLooping = NO; + } + + } // while (keepLooping) + + } // if (hasNewDataToWrite) + } + } + else + { + // + // Writing data directly over raw socket + // + + int socketFD = (socket4FD != SOCKET_NULL) ? socket4FD : (socket6FD != SOCKET_NULL) ? socket6FD : socketUN; + + const uint8_t *buffer = (const uint8_t *)[currentWrite->buffer bytes] + currentWrite->bytesDone; + + NSUInteger bytesToWrite = [currentWrite->buffer length] - currentWrite->bytesDone; + + if (bytesToWrite > SIZE_MAX) // NSUInteger may be bigger than size_t (write param 3) + { + bytesToWrite = SIZE_MAX; + } + + ssize_t result = write(socketFD, buffer, (size_t)bytesToWrite); + LogVerbose(@"wrote to socket = %zd", result); + + // Check results + if (result < 0) + { + if (errno == EWOULDBLOCK) + { + waiting = YES; + } + else + { + error = [self errorWithErrno:errno reason:@"Error in write() function"]; + } + } + else + { + bytesWritten = result; + } + } + + // We're done with our writing. + // If we explictly ran into a situation where the socket told us there was no room in the buffer, + // then we immediately resume listening for notifications. + // + // We must do this before we dequeue another write, + // as that may in turn invoke this method again. + // + // Note that if CFStream is involved, it may have maliciously put our socket in blocking mode. + + if (waiting) + { + flags &= ~kSocketCanAcceptBytes; + + if (![self usingCFStreamForTLS]) + { + [self resumeWriteSource]; + } + } + + // Check our results + + BOOL done = NO; + + if (bytesWritten > 0) + { + // Update total amount read for the current write + currentWrite->bytesDone += bytesWritten; + LogVerbose(@"currentWrite->bytesDone = %lu", (unsigned long)currentWrite->bytesDone); + + // Is packet done? + done = (currentWrite->bytesDone == [currentWrite->buffer length]); + } + + if (done) + { + [self completeCurrentWrite]; + + if (!error) + { + dispatch_async(socketQueue, ^{ @autoreleasepool{ + + [self maybeDequeueWrite]; + }}); + } + } + else + { + // We were unable to finish writing the data, + // so we're waiting for another callback to notify us of available space in the lower-level output buffer. + + if (!waiting && !error) + { + // This would be the case if our write was able to accept some data, but not all of it. + + flags &= ~kSocketCanAcceptBytes; + + if (![self usingCFStreamForTLS]) + { + [self resumeWriteSource]; + } + } + + if (bytesWritten > 0) + { + // We're not done with the entire write, but we have written some bytes + + __strong id theDelegate = delegate; + + if (delegateQueue && [theDelegate respondsToSelector:@selector(socket:didWritePartialDataOfLength:tag:)]) + { + long theWriteTag = currentWrite->tag; + + dispatch_async(delegateQueue, ^{ @autoreleasepool { + + [theDelegate socket:self didWritePartialDataOfLength:bytesWritten tag:theWriteTag]; + }}); + } + } + } + + // Check for errors + + if (error) + { + [self closeWithError:[self errorWithErrno:errno reason:@"Error in write() function"]]; + } + + // Do not add any code here without first adding a return statement in the error case above. +} + +- (void)completeCurrentWrite +{ + LogTrace(); + + NSAssert(currentWrite, @"Trying to complete current write when there is no current write."); + + + __strong id theDelegate = delegate; + + if (delegateQueue && [theDelegate respondsToSelector:@selector(socket:didWriteDataWithTag:)]) + { + long theWriteTag = currentWrite->tag; + + dispatch_async(delegateQueue, ^{ @autoreleasepool { + + [theDelegate socket:self didWriteDataWithTag:theWriteTag]; + }}); + } + + [self endCurrentWrite]; +} + +- (void)endCurrentWrite +{ + if (writeTimer) + { + dispatch_source_cancel(writeTimer); + writeTimer = NULL; + } + + currentWrite = nil; +} + +- (void)setupWriteTimerWithTimeout:(NSTimeInterval)timeout +{ + if (timeout >= 0.0) + { + writeTimer = dispatch_source_create(DISPATCH_SOURCE_TYPE_TIMER, 0, 0, socketQueue); + + __weak GCDAsyncSocket *weakSelf = self; + + dispatch_source_set_event_handler(writeTimer, ^{ @autoreleasepool { + #pragma clang diagnostic push + #pragma clang diagnostic warning "-Wimplicit-retain-self" + + __strong GCDAsyncSocket *strongSelf = weakSelf; + if (strongSelf == nil) return_from_block; + + [strongSelf doWriteTimeout]; + + #pragma clang diagnostic pop + }}); + + #if !OS_OBJECT_USE_OBJC + dispatch_source_t theWriteTimer = writeTimer; + dispatch_source_set_cancel_handler(writeTimer, ^{ + #pragma clang diagnostic push + #pragma clang diagnostic warning "-Wimplicit-retain-self" + + LogVerbose(@"dispatch_release(writeTimer)"); + dispatch_release(theWriteTimer); + + #pragma clang diagnostic pop + }); + #endif + + dispatch_time_t tt = dispatch_time(DISPATCH_TIME_NOW, (int64_t)(timeout * NSEC_PER_SEC)); + + dispatch_source_set_timer(writeTimer, tt, DISPATCH_TIME_FOREVER, 0); + dispatch_resume(writeTimer); + } +} + +- (void)doWriteTimeout +{ + // This is a little bit tricky. + // Ideally we'd like to synchronously query the delegate about a timeout extension. + // But if we do so synchronously we risk a possible deadlock. + // So instead we have to do so asynchronously, and callback to ourselves from within the delegate block. + + flags |= kWritesPaused; + + __strong id theDelegate = delegate; + + if (delegateQueue && [theDelegate respondsToSelector:@selector(socket:shouldTimeoutWriteWithTag:elapsed:bytesDone:)]) + { + GCDAsyncWritePacket *theWrite = currentWrite; + + dispatch_async(delegateQueue, ^{ @autoreleasepool { + + NSTimeInterval timeoutExtension = 0.0; + + timeoutExtension = [theDelegate socket:self shouldTimeoutWriteWithTag:theWrite->tag + elapsed:theWrite->timeout + bytesDone:theWrite->bytesDone]; + + dispatch_async(self->socketQueue, ^{ @autoreleasepool { + + [self doWriteTimeoutWithExtension:timeoutExtension]; + }}); + }}); + } + else + { + [self doWriteTimeoutWithExtension:0.0]; + } +} + +- (void)doWriteTimeoutWithExtension:(NSTimeInterval)timeoutExtension +{ + if (currentWrite) + { + if (timeoutExtension > 0.0) + { + currentWrite->timeout += timeoutExtension; + + // Reschedule the timer + dispatch_time_t tt = dispatch_time(DISPATCH_TIME_NOW, (int64_t)(timeoutExtension * NSEC_PER_SEC)); + dispatch_source_set_timer(writeTimer, tt, DISPATCH_TIME_FOREVER, 0); + + // Unpause writes, and continue + flags &= ~kWritesPaused; + [self doWriteData]; + } + else + { + LogVerbose(@"WriteTimeout"); + + [self closeWithError:[self writeTimeoutError]]; + } + } +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Security +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +- (void)startTLS:(NSDictionary *)tlsSettings +{ + LogTrace(); + + if (tlsSettings == nil) + { + // Passing nil/NULL to CFReadStreamSetProperty will appear to work the same as passing an empty dictionary, + // but causes problems if we later try to fetch the remote host's certificate. + // + // To be exact, it causes the following to return NULL instead of the normal result: + // CFReadStreamCopyProperty(readStream, kCFStreamPropertySSLPeerCertificates) + // + // So we use an empty dictionary instead, which works perfectly. + + tlsSettings = [NSDictionary dictionary]; + } + + GCDAsyncSpecialPacket *packet = [[GCDAsyncSpecialPacket alloc] initWithTLSSettings:tlsSettings]; + + dispatch_async(socketQueue, ^{ @autoreleasepool { + + if ((self->flags & kSocketStarted) && !(self->flags & kQueuedTLS) && !(self->flags & kForbidReadsWrites)) + { + [self->readQueue addObject:packet]; + [self->writeQueue addObject:packet]; + + self->flags |= kQueuedTLS; + + [self maybeDequeueRead]; + [self maybeDequeueWrite]; + } + }}); + +} + +- (void)maybeStartTLS +{ + // We can't start TLS until: + // - All queued reads prior to the user calling startTLS are complete + // - All queued writes prior to the user calling startTLS are complete + // + // We'll know these conditions are met when both kStartingReadTLS and kStartingWriteTLS are set + + if ((flags & kStartingReadTLS) && (flags & kStartingWriteTLS)) + { + BOOL useSecureTransport = YES; + + #if TARGET_OS_IPHONE + { + GCDAsyncSpecialPacket *tlsPacket = (GCDAsyncSpecialPacket *)currentRead; + NSDictionary *tlsSettings = @{}; + if (tlsPacket) { + tlsSettings = tlsPacket->tlsSettings; + } + NSNumber *value = [tlsSettings objectForKey:GCDAsyncSocketUseCFStreamForTLS]; + if (value && [value boolValue]) + useSecureTransport = NO; + } + #endif + + if (useSecureTransport) + { + [self ssl_startTLS]; + } + else + { + #if TARGET_OS_IPHONE + [self cf_startTLS]; + #endif + } + } +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Security via SecureTransport +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +- (OSStatus)sslReadWithBuffer:(void *)buffer length:(size_t *)bufferLength +{ + LogVerbose(@"sslReadWithBuffer:%p length:%lu", buffer, (unsigned long)*bufferLength); + + if ((socketFDBytesAvailable == 0) && ([sslPreBuffer availableBytes] == 0)) + { + LogVerbose(@"%@ - No data available to read...", THIS_METHOD); + + // No data available to read. + // + // Need to wait for readSource to fire and notify us of + // available data in the socket's internal read buffer. + + [self resumeReadSource]; + + *bufferLength = 0; + return errSSLWouldBlock; + } + + size_t totalBytesRead = 0; + size_t totalBytesLeftToBeRead = *bufferLength; + + BOOL done = NO; + BOOL socketError = NO; + + // + // STEP 1 : READ FROM SSL PRE BUFFER + // + + size_t sslPreBufferLength = [sslPreBuffer availableBytes]; + + if (sslPreBufferLength > 0) + { + LogVerbose(@"%@: Reading from SSL pre buffer...", THIS_METHOD); + + size_t bytesToCopy; + if (sslPreBufferLength > totalBytesLeftToBeRead) + bytesToCopy = totalBytesLeftToBeRead; + else + bytesToCopy = sslPreBufferLength; + + LogVerbose(@"%@: Copying %zu bytes from sslPreBuffer", THIS_METHOD, bytesToCopy); + + memcpy(buffer, [sslPreBuffer readBuffer], bytesToCopy); + [sslPreBuffer didRead:bytesToCopy]; + + LogVerbose(@"%@: sslPreBuffer.length = %zu", THIS_METHOD, [sslPreBuffer availableBytes]); + + totalBytesRead += bytesToCopy; + totalBytesLeftToBeRead -= bytesToCopy; + + done = (totalBytesLeftToBeRead == 0); + + if (done) LogVerbose(@"%@: Complete", THIS_METHOD); + } + + // + // STEP 2 : READ FROM SOCKET + // + + if (!done && (socketFDBytesAvailable > 0)) + { + LogVerbose(@"%@: Reading from socket...", THIS_METHOD); + + int socketFD = (socket4FD != SOCKET_NULL) ? socket4FD : (socket6FD != SOCKET_NULL) ? socket6FD : socketUN; + + BOOL readIntoPreBuffer; + size_t bytesToRead; + uint8_t *buf; + + if (socketFDBytesAvailable > totalBytesLeftToBeRead) + { + // Read all available data from socket into sslPreBuffer. + // Then copy requested amount into dataBuffer. + + LogVerbose(@"%@: Reading into sslPreBuffer...", THIS_METHOD); + + [sslPreBuffer ensureCapacityForWrite:socketFDBytesAvailable]; + + readIntoPreBuffer = YES; + bytesToRead = (size_t)socketFDBytesAvailable; + buf = [sslPreBuffer writeBuffer]; + } + else + { + // Read available data from socket directly into dataBuffer. + + LogVerbose(@"%@: Reading directly into dataBuffer...", THIS_METHOD); + + readIntoPreBuffer = NO; + bytesToRead = totalBytesLeftToBeRead; + buf = (uint8_t *)buffer + totalBytesRead; + } + + ssize_t result = read(socketFD, buf, bytesToRead); + LogVerbose(@"%@: read from socket = %zd", THIS_METHOD, result); + + if (result < 0) + { + LogVerbose(@"%@: read errno = %i", THIS_METHOD, errno); + + if (errno != EWOULDBLOCK) + { + socketError = YES; + } + + socketFDBytesAvailable = 0; + } + else if (result == 0) + { + LogVerbose(@"%@: read EOF", THIS_METHOD); + + socketError = YES; + socketFDBytesAvailable = 0; + } + else + { + size_t bytesReadFromSocket = result; + + if (socketFDBytesAvailable > bytesReadFromSocket) + socketFDBytesAvailable -= bytesReadFromSocket; + else + socketFDBytesAvailable = 0; + + if (readIntoPreBuffer) + { + [sslPreBuffer didWrite:bytesReadFromSocket]; + + size_t bytesToCopy = MIN(totalBytesLeftToBeRead, bytesReadFromSocket); + + LogVerbose(@"%@: Copying %zu bytes out of sslPreBuffer", THIS_METHOD, bytesToCopy); + + memcpy((uint8_t *)buffer + totalBytesRead, [sslPreBuffer readBuffer], bytesToCopy); + [sslPreBuffer didRead:bytesToCopy]; + + totalBytesRead += bytesToCopy; + totalBytesLeftToBeRead -= bytesToCopy; + + LogVerbose(@"%@: sslPreBuffer.length = %zu", THIS_METHOD, [sslPreBuffer availableBytes]); + } + else + { + totalBytesRead += bytesReadFromSocket; + totalBytesLeftToBeRead -= bytesReadFromSocket; + } + + done = (totalBytesLeftToBeRead == 0); + + if (done) LogVerbose(@"%@: Complete", THIS_METHOD); + } + } + + *bufferLength = totalBytesRead; + + if (done) + return noErr; + + if (socketError) + return errSSLClosedAbort; + + return errSSLWouldBlock; +} + +- (OSStatus)sslWriteWithBuffer:(const void *)buffer length:(size_t *)bufferLength +{ + if (!(flags & kSocketCanAcceptBytes)) + { + // Unable to write. + // + // Need to wait for writeSource to fire and notify us of + // available space in the socket's internal write buffer. + + [self resumeWriteSource]; + + *bufferLength = 0; + return errSSLWouldBlock; + } + + size_t bytesToWrite = *bufferLength; + size_t bytesWritten = 0; + + BOOL done = NO; + BOOL socketError = NO; + + int socketFD = (socket4FD != SOCKET_NULL) ? socket4FD : (socket6FD != SOCKET_NULL) ? socket6FD : socketUN; + + ssize_t result = write(socketFD, buffer, bytesToWrite); + + if (result < 0) + { + if (errno != EWOULDBLOCK) + { + socketError = YES; + } + + flags &= ~kSocketCanAcceptBytes; + } + else if (result == 0) + { + flags &= ~kSocketCanAcceptBytes; + } + else + { + bytesWritten = result; + + done = (bytesWritten == bytesToWrite); + } + + *bufferLength = bytesWritten; + + if (done) + return noErr; + + if (socketError) + return errSSLClosedAbort; + + return errSSLWouldBlock; +} + +static OSStatus SSLReadFunction(SSLConnectionRef connection, void *data, size_t *dataLength) +{ + GCDAsyncSocket *asyncSocket = (__bridge GCDAsyncSocket *)connection; + + NSCAssert(dispatch_get_specific(asyncSocket->IsOnSocketQueueOrTargetQueueKey), @"What the deuce?"); + + return [asyncSocket sslReadWithBuffer:data length:dataLength]; +} + +static OSStatus SSLWriteFunction(SSLConnectionRef connection, const void *data, size_t *dataLength) +{ + GCDAsyncSocket *asyncSocket = (__bridge GCDAsyncSocket *)connection; + + NSCAssert(dispatch_get_specific(asyncSocket->IsOnSocketQueueOrTargetQueueKey), @"What the deuce?"); + + return [asyncSocket sslWriteWithBuffer:data length:dataLength]; +} + +- (void)ssl_startTLS +{ + LogTrace(); + + LogVerbose(@"Starting TLS (via SecureTransport)..."); + + OSStatus status; + + GCDAsyncSpecialPacket *tlsPacket = (GCDAsyncSpecialPacket *)currentRead; + if (tlsPacket == nil) // Code to quiet the analyzer + { + NSAssert(NO, @"Logic error"); + + [self closeWithError:[self otherError:@"Logic error"]]; + return; + } + NSDictionary *tlsSettings = tlsPacket->tlsSettings; + + // Create SSLContext, and setup IO callbacks and connection ref + + NSNumber *isServerNumber = [tlsSettings objectForKey:(__bridge NSString *)kCFStreamSSLIsServer]; + BOOL isServer = [isServerNumber boolValue]; + + #if TARGET_OS_IPHONE || (__MAC_OS_X_VERSION_MIN_REQUIRED >= 1080) + { + if (isServer) + sslContext = SSLCreateContext(kCFAllocatorDefault, kSSLServerSide, kSSLStreamType); + else + sslContext = SSLCreateContext(kCFAllocatorDefault, kSSLClientSide, kSSLStreamType); + + if (sslContext == NULL) + { + [self closeWithError:[self otherError:@"Error in SSLCreateContext"]]; + return; + } + } + #else // (__MAC_OS_X_VERSION_MIN_REQUIRED < 1080) + { + status = SSLNewContext(isServer, &sslContext); + if (status != noErr) + { + [self closeWithError:[self otherError:@"Error in SSLNewContext"]]; + return; + } + } + #endif + + status = SSLSetIOFuncs(sslContext, &SSLReadFunction, &SSLWriteFunction); + if (status != noErr) + { + [self closeWithError:[self otherError:@"Error in SSLSetIOFuncs"]]; + return; + } + + status = SSLSetConnection(sslContext, (__bridge SSLConnectionRef)self); + if (status != noErr) + { + [self closeWithError:[self otherError:@"Error in SSLSetConnection"]]; + return; + } + + + NSNumber *shouldManuallyEvaluateTrust = [tlsSettings objectForKey:GCDAsyncSocketManuallyEvaluateTrust]; + if ([shouldManuallyEvaluateTrust boolValue]) + { + if (isServer) + { + [self closeWithError:[self otherError:@"Manual trust validation is not supported for server sockets"]]; + return; + } + + status = SSLSetSessionOption(sslContext, kSSLSessionOptionBreakOnServerAuth, true); + if (status != noErr) + { + [self closeWithError:[self otherError:@"Error in SSLSetSessionOption"]]; + return; + } + + #if !TARGET_OS_IPHONE && (__MAC_OS_X_VERSION_MIN_REQUIRED < 1080) + + // Note from Apple's documentation: + // + // It is only necessary to call SSLSetEnableCertVerify on the Mac prior to OS X 10.8. + // On OS X 10.8 and later setting kSSLSessionOptionBreakOnServerAuth always disables the + // built-in trust evaluation. All versions of iOS behave like OS X 10.8 and thus + // SSLSetEnableCertVerify is not available on that platform at all. + + status = SSLSetEnableCertVerify(sslContext, NO); + if (status != noErr) + { + [self closeWithError:[self otherError:@"Error in SSLSetEnableCertVerify"]]; + return; + } + + #endif + } + + // Configure SSLContext from given settings + // + // Checklist: + // 1. kCFStreamSSLPeerName + // 2. kCFStreamSSLCertificates + // 3. GCDAsyncSocketSSLPeerID + // 4. GCDAsyncSocketSSLProtocolVersionMin + // 5. GCDAsyncSocketSSLProtocolVersionMax + // 6. GCDAsyncSocketSSLSessionOptionFalseStart + // 7. GCDAsyncSocketSSLSessionOptionSendOneByteRecord + // 8. GCDAsyncSocketSSLCipherSuites + // 9. GCDAsyncSocketSSLDiffieHellmanParameters (Mac) + // + // Deprecated (throw error): + // 10. kCFStreamSSLAllowsAnyRoot + // 11. kCFStreamSSLAllowsExpiredRoots + // 12. kCFStreamSSLAllowsExpiredCertificates + // 13. kCFStreamSSLValidatesCertificateChain + // 14. kCFStreamSSLLevel + + NSObject *value; + + // 1. kCFStreamSSLPeerName + + value = [tlsSettings objectForKey:(__bridge NSString *)kCFStreamSSLPeerName]; + if ([value isKindOfClass:[NSString class]]) + { + NSString *peerName = (NSString *)value; + + const char *peer = [peerName UTF8String]; + size_t peerLen = strlen(peer); + + status = SSLSetPeerDomainName(sslContext, peer, peerLen); + if (status != noErr) + { + [self closeWithError:[self otherError:@"Error in SSLSetPeerDomainName"]]; + return; + } + } + else if (value) + { + NSAssert(NO, @"Invalid value for kCFStreamSSLPeerName. Value must be of type NSString."); + + [self closeWithError:[self otherError:@"Invalid value for kCFStreamSSLPeerName."]]; + return; + } + + // 2. kCFStreamSSLCertificates + + value = [tlsSettings objectForKey:(__bridge NSString *)kCFStreamSSLCertificates]; + if ([value isKindOfClass:[NSArray class]]) + { + NSArray *certs = (NSArray *)value; + + status = SSLSetCertificate(sslContext, (__bridge CFArrayRef)certs); + if (status != noErr) + { + [self closeWithError:[self otherError:@"Error in SSLSetCertificate"]]; + return; + } + } + else if (value) + { + NSAssert(NO, @"Invalid value for kCFStreamSSLCertificates. Value must be of type NSArray."); + + [self closeWithError:[self otherError:@"Invalid value for kCFStreamSSLCertificates."]]; + return; + } + + // 3. GCDAsyncSocketSSLPeerID + + value = [tlsSettings objectForKey:GCDAsyncSocketSSLPeerID]; + if ([value isKindOfClass:[NSData class]]) + { + NSData *peerIdData = (NSData *)value; + + status = SSLSetPeerID(sslContext, [peerIdData bytes], [peerIdData length]); + if (status != noErr) + { + [self closeWithError:[self otherError:@"Error in SSLSetPeerID"]]; + return; + } + } + else if (value) + { + NSAssert(NO, @"Invalid value for GCDAsyncSocketSSLPeerID. Value must be of type NSData." + @" (You can convert strings to data using a method like" + @" [string dataUsingEncoding:NSUTF8StringEncoding])"); + + [self closeWithError:[self otherError:@"Invalid value for GCDAsyncSocketSSLPeerID."]]; + return; + } + + // 4. GCDAsyncSocketSSLProtocolVersionMin + + value = [tlsSettings objectForKey:GCDAsyncSocketSSLProtocolVersionMin]; + if ([value isKindOfClass:[NSNumber class]]) + { + SSLProtocol minProtocol = (SSLProtocol)[(NSNumber *)value intValue]; + if (minProtocol != kSSLProtocolUnknown) + { + status = SSLSetProtocolVersionMin(sslContext, minProtocol); + if (status != noErr) + { + [self closeWithError:[self otherError:@"Error in SSLSetProtocolVersionMin"]]; + return; + } + } + } + else if (value) + { + NSAssert(NO, @"Invalid value for GCDAsyncSocketSSLProtocolVersionMin. Value must be of type NSNumber."); + + [self closeWithError:[self otherError:@"Invalid value for GCDAsyncSocketSSLProtocolVersionMin."]]; + return; + } + + // 5. GCDAsyncSocketSSLProtocolVersionMax + + value = [tlsSettings objectForKey:GCDAsyncSocketSSLProtocolVersionMax]; + if ([value isKindOfClass:[NSNumber class]]) + { + SSLProtocol maxProtocol = (SSLProtocol)[(NSNumber *)value intValue]; + if (maxProtocol != kSSLProtocolUnknown) + { + status = SSLSetProtocolVersionMax(sslContext, maxProtocol); + if (status != noErr) + { + [self closeWithError:[self otherError:@"Error in SSLSetProtocolVersionMax"]]; + return; + } + } + } + else if (value) + { + NSAssert(NO, @"Invalid value for GCDAsyncSocketSSLProtocolVersionMax. Value must be of type NSNumber."); + + [self closeWithError:[self otherError:@"Invalid value for GCDAsyncSocketSSLProtocolVersionMax."]]; + return; + } + + // 6. GCDAsyncSocketSSLSessionOptionFalseStart + + value = [tlsSettings objectForKey:GCDAsyncSocketSSLSessionOptionFalseStart]; + if ([value isKindOfClass:[NSNumber class]]) + { + NSNumber *falseStart = (NSNumber *)value; + status = SSLSetSessionOption(sslContext, kSSLSessionOptionFalseStart, [falseStart boolValue]); + if (status != noErr) + { + [self closeWithError:[self otherError:@"Error in SSLSetSessionOption (kSSLSessionOptionFalseStart)"]]; + return; + } + } + else if (value) + { + NSAssert(NO, @"Invalid value for GCDAsyncSocketSSLSessionOptionFalseStart. Value must be of type NSNumber."); + + [self closeWithError:[self otherError:@"Invalid value for GCDAsyncSocketSSLSessionOptionFalseStart."]]; + return; + } + + // 7. GCDAsyncSocketSSLSessionOptionSendOneByteRecord + + value = [tlsSettings objectForKey:GCDAsyncSocketSSLSessionOptionSendOneByteRecord]; + if ([value isKindOfClass:[NSNumber class]]) + { + NSNumber *oneByteRecord = (NSNumber *)value; + status = SSLSetSessionOption(sslContext, kSSLSessionOptionSendOneByteRecord, [oneByteRecord boolValue]); + if (status != noErr) + { + [self closeWithError: + [self otherError:@"Error in SSLSetSessionOption (kSSLSessionOptionSendOneByteRecord)"]]; + return; + } + } + else if (value) + { + NSAssert(NO, @"Invalid value for GCDAsyncSocketSSLSessionOptionSendOneByteRecord." + @" Value must be of type NSNumber."); + + [self closeWithError:[self otherError:@"Invalid value for GCDAsyncSocketSSLSessionOptionSendOneByteRecord."]]; + return; + } + + // 8. GCDAsyncSocketSSLCipherSuites + + value = [tlsSettings objectForKey:GCDAsyncSocketSSLCipherSuites]; + if ([value isKindOfClass:[NSArray class]]) + { + NSArray *cipherSuites = (NSArray *)value; + NSUInteger numberCiphers = [cipherSuites count]; + SSLCipherSuite ciphers[numberCiphers]; + + NSUInteger cipherIndex; + for (cipherIndex = 0; cipherIndex < numberCiphers; cipherIndex++) + { + NSNumber *cipherObject = [cipherSuites objectAtIndex:cipherIndex]; + ciphers[cipherIndex] = (SSLCipherSuite)[cipherObject unsignedIntValue]; + } + + status = SSLSetEnabledCiphers(sslContext, ciphers, numberCiphers); + if (status != noErr) + { + [self closeWithError:[self otherError:@"Error in SSLSetEnabledCiphers"]]; + return; + } + } + else if (value) + { + NSAssert(NO, @"Invalid value for GCDAsyncSocketSSLCipherSuites. Value must be of type NSArray."); + + [self closeWithError:[self otherError:@"Invalid value for GCDAsyncSocketSSLCipherSuites."]]; + return; + } + + // 9. GCDAsyncSocketSSLDiffieHellmanParameters + + #if !TARGET_OS_IPHONE + value = [tlsSettings objectForKey:GCDAsyncSocketSSLDiffieHellmanParameters]; + if ([value isKindOfClass:[NSData class]]) + { + NSData *diffieHellmanData = (NSData *)value; + + status = SSLSetDiffieHellmanParams(sslContext, [diffieHellmanData bytes], [diffieHellmanData length]); + if (status != noErr) + { + [self closeWithError:[self otherError:@"Error in SSLSetDiffieHellmanParams"]]; + return; + } + } + else if (value) + { + NSAssert(NO, @"Invalid value for GCDAsyncSocketSSLDiffieHellmanParameters. Value must be of type NSData."); + + [self closeWithError:[self otherError:@"Invalid value for GCDAsyncSocketSSLDiffieHellmanParameters."]]; + return; + } + #endif + + // DEPRECATED checks + + // 10. kCFStreamSSLAllowsAnyRoot + + #pragma clang diagnostic push + #pragma clang diagnostic ignored "-Wdeprecated-declarations" + value = [tlsSettings objectForKey:(__bridge NSString *)kCFStreamSSLAllowsAnyRoot]; + #pragma clang diagnostic pop + if (value) + { + NSAssert(NO, @"Security option unavailable - kCFStreamSSLAllowsAnyRoot" + @" - You must use manual trust evaluation"); + + [self closeWithError:[self otherError:@"Security option unavailable - kCFStreamSSLAllowsAnyRoot"]]; + return; + } + + // 11. kCFStreamSSLAllowsExpiredRoots + + #pragma clang diagnostic push + #pragma clang diagnostic ignored "-Wdeprecated-declarations" + value = [tlsSettings objectForKey:(__bridge NSString *)kCFStreamSSLAllowsExpiredRoots]; + #pragma clang diagnostic pop + if (value) + { + NSAssert(NO, @"Security option unavailable - kCFStreamSSLAllowsExpiredRoots" + @" - You must use manual trust evaluation"); + + [self closeWithError:[self otherError:@"Security option unavailable - kCFStreamSSLAllowsExpiredRoots"]]; + return; + } + + // 12. kCFStreamSSLValidatesCertificateChain + + #pragma clang diagnostic push + #pragma clang diagnostic ignored "-Wdeprecated-declarations" + value = [tlsSettings objectForKey:(__bridge NSString *)kCFStreamSSLValidatesCertificateChain]; + #pragma clang diagnostic pop + if (value) + { + NSAssert(NO, @"Security option unavailable - kCFStreamSSLValidatesCertificateChain" + @" - You must use manual trust evaluation"); + + [self closeWithError:[self otherError:@"Security option unavailable - kCFStreamSSLValidatesCertificateChain"]]; + return; + } + + // 13. kCFStreamSSLAllowsExpiredCertificates + + #pragma clang diagnostic push + #pragma clang diagnostic ignored "-Wdeprecated-declarations" + value = [tlsSettings objectForKey:(__bridge NSString *)kCFStreamSSLAllowsExpiredCertificates]; + #pragma clang diagnostic pop + if (value) + { + NSAssert(NO, @"Security option unavailable - kCFStreamSSLAllowsExpiredCertificates" + @" - You must use manual trust evaluation"); + + [self closeWithError:[self otherError:@"Security option unavailable - kCFStreamSSLAllowsExpiredCertificates"]]; + return; + } + + // 14. kCFStreamSSLLevel + + #pragma clang diagnostic push + #pragma clang diagnostic ignored "-Wdeprecated-declarations" + value = [tlsSettings objectForKey:(__bridge NSString *)kCFStreamSSLLevel]; + #pragma clang diagnostic pop + if (value) + { + NSAssert(NO, @"Security option unavailable - kCFStreamSSLLevel" + @" - You must use GCDAsyncSocketSSLProtocolVersionMin & GCDAsyncSocketSSLProtocolVersionMax"); + + [self closeWithError:[self otherError:@"Security option unavailable - kCFStreamSSLLevel"]]; + return; + } + + // Setup the sslPreBuffer + // + // Any data in the preBuffer needs to be moved into the sslPreBuffer, + // as this data is now part of the secure read stream. + + sslPreBuffer = [[GCDAsyncSocketPreBuffer alloc] initWithCapacity:(1024 * 4)]; + + size_t preBufferLength = [preBuffer availableBytes]; + + if (preBufferLength > 0) + { + [sslPreBuffer ensureCapacityForWrite:preBufferLength]; + + memcpy([sslPreBuffer writeBuffer], [preBuffer readBuffer], preBufferLength); + [preBuffer didRead:preBufferLength]; + [sslPreBuffer didWrite:preBufferLength]; + } + + sslErrCode = lastSSLHandshakeError = noErr; + + // Start the SSL Handshake process + + [self ssl_continueSSLHandshake]; +} + +- (void)ssl_continueSSLHandshake +{ + LogTrace(); + + // If the return value is noErr, the session is ready for normal secure communication. + // If the return value is errSSLWouldBlock, the SSLHandshake function must be called again. + // If the return value is errSSLServerAuthCompleted, we ask delegate if we should trust the + // server and then call SSLHandshake again to resume the handshake or close the connection + // errSSLPeerBadCert SSL error. + // Otherwise, the return value indicates an error code. + + OSStatus status = SSLHandshake(sslContext); + lastSSLHandshakeError = status; + + if (status == noErr) + { + LogVerbose(@"SSLHandshake complete"); + + flags &= ~kStartingReadTLS; + flags &= ~kStartingWriteTLS; + + flags |= kSocketSecure; + + __strong id theDelegate = delegate; + + if (delegateQueue && [theDelegate respondsToSelector:@selector(socketDidSecure:)]) + { + dispatch_async(delegateQueue, ^{ @autoreleasepool { + + [theDelegate socketDidSecure:self]; + }}); + } + + [self endCurrentRead]; + [self endCurrentWrite]; + + [self maybeDequeueRead]; + [self maybeDequeueWrite]; + } + else if (status == errSSLPeerAuthCompleted) + { + LogVerbose(@"SSLHandshake peerAuthCompleted - awaiting delegate approval"); + + __block SecTrustRef trust = NULL; + status = SSLCopyPeerTrust(sslContext, &trust); + if (status != noErr) + { + [self closeWithError:[self sslError:status]]; + return; + } + + int aStateIndex = stateIndex; + dispatch_queue_t theSocketQueue = socketQueue; + + __weak GCDAsyncSocket *weakSelf = self; + + void (^comletionHandler)(BOOL) = ^(BOOL shouldTrust){ @autoreleasepool { + #pragma clang diagnostic push + #pragma clang diagnostic warning "-Wimplicit-retain-self" + + dispatch_async(theSocketQueue, ^{ @autoreleasepool { + + if (trust) { + CFRelease(trust); + trust = NULL; + } + + __strong GCDAsyncSocket *strongSelf = weakSelf; + if (strongSelf) + { + [strongSelf ssl_shouldTrustPeer:shouldTrust stateIndex:aStateIndex]; + } + }}); + + #pragma clang diagnostic pop + }}; + + __strong id theDelegate = delegate; + + if (delegateQueue && [theDelegate respondsToSelector:@selector(socket:didReceiveTrust:completionHandler:)]) + { + dispatch_async(delegateQueue, ^{ @autoreleasepool { + + [theDelegate socket:self didReceiveTrust:trust completionHandler:comletionHandler]; + }}); + } + else + { + if (trust) { + CFRelease(trust); + trust = NULL; + } + + NSString *msg = @"GCDAsyncSocketManuallyEvaluateTrust specified in tlsSettings," + @" but delegate doesn't implement socket:shouldTrustPeer:"; + + [self closeWithError:[self otherError:msg]]; + return; + } + } + else if (status == errSSLWouldBlock) + { + LogVerbose(@"SSLHandshake continues..."); + + // Handshake continues... + // + // This method will be called again from doReadData or doWriteData. + } + else + { + [self closeWithError:[self sslError:status]]; + } +} + +- (void)ssl_shouldTrustPeer:(BOOL)shouldTrust stateIndex:(int)aStateIndex +{ + LogTrace(); + + if (aStateIndex != stateIndex) + { + LogInfo(@"Ignoring ssl_shouldTrustPeer - invalid state (maybe disconnected)"); + + // One of the following is true + // - the socket was disconnected + // - the startTLS operation timed out + // - the completionHandler was already invoked once + + return; + } + + // Increment stateIndex to ensure completionHandler can only be called once. + stateIndex++; + + if (shouldTrust) + { + NSAssert(lastSSLHandshakeError == errSSLPeerAuthCompleted, @"ssl_shouldTrustPeer called when last error is %d and not errSSLPeerAuthCompleted", (int)lastSSLHandshakeError); + [self ssl_continueSSLHandshake]; + } + else + { + [self closeWithError:[self sslError:errSSLPeerBadCert]]; + } +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Security via CFStream +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +#if TARGET_OS_IPHONE + +- (void)cf_finishSSLHandshake +{ + LogTrace(); + + if ((flags & kStartingReadTLS) && (flags & kStartingWriteTLS)) + { + flags &= ~kStartingReadTLS; + flags &= ~kStartingWriteTLS; + + flags |= kSocketSecure; + + __strong id theDelegate = delegate; + + if (delegateQueue && [theDelegate respondsToSelector:@selector(socketDidSecure:)]) + { + dispatch_async(delegateQueue, ^{ @autoreleasepool { + + [theDelegate socketDidSecure:self]; + }}); + } + + [self endCurrentRead]; + [self endCurrentWrite]; + + [self maybeDequeueRead]; + [self maybeDequeueWrite]; + } +} + +- (void)cf_abortSSLHandshake:(NSError *)error +{ + LogTrace(); + + if ((flags & kStartingReadTLS) && (flags & kStartingWriteTLS)) + { + flags &= ~kStartingReadTLS; + flags &= ~kStartingWriteTLS; + + [self closeWithError:error]; + } +} + +- (void)cf_startTLS +{ + LogTrace(); + + LogVerbose(@"Starting TLS (via CFStream)..."); + + if ([preBuffer availableBytes] > 0) + { + NSString *msg = @"Invalid TLS transition. Handshake has already been read from socket."; + + [self closeWithError:[self otherError:msg]]; + return; + } + + [self suspendReadSource]; + [self suspendWriteSource]; + + socketFDBytesAvailable = 0; + flags &= ~kSocketCanAcceptBytes; + flags &= ~kSecureSocketHasBytesAvailable; + + flags |= kUsingCFStreamForTLS; + + if (![self createReadAndWriteStream]) + { + [self closeWithError:[self otherError:@"Error in CFStreamCreatePairWithSocket"]]; + return; + } + + if (![self registerForStreamCallbacksIncludingReadWrite:YES]) + { + [self closeWithError:[self otherError:@"Error in CFStreamSetClient"]]; + return; + } + + if (![self addStreamsToRunLoop]) + { + [self closeWithError:[self otherError:@"Error in CFStreamScheduleWithRunLoop"]]; + return; + } + + NSAssert([currentRead isKindOfClass:[GCDAsyncSpecialPacket class]], @"Invalid read packet for startTLS"); + NSAssert([currentWrite isKindOfClass:[GCDAsyncSpecialPacket class]], @"Invalid write packet for startTLS"); + + GCDAsyncSpecialPacket *tlsPacket = (GCDAsyncSpecialPacket *)currentRead; + CFDictionaryRef tlsSettings = (__bridge CFDictionaryRef)tlsPacket->tlsSettings; + + // Getting an error concerning kCFStreamPropertySSLSettings ? + // You need to add the CFNetwork framework to your iOS application. + + BOOL r1 = CFReadStreamSetProperty(readStream, kCFStreamPropertySSLSettings, tlsSettings); + BOOL r2 = CFWriteStreamSetProperty(writeStream, kCFStreamPropertySSLSettings, tlsSettings); + + // For some reason, starting around the time of iOS 4.3, + // the first call to set the kCFStreamPropertySSLSettings will return true, + // but the second will return false. + // + // Order doesn't seem to matter. + // So you could call CFReadStreamSetProperty and then CFWriteStreamSetProperty, or you could reverse the order. + // Either way, the first call will return true, and the second returns false. + // + // Interestingly, this doesn't seem to affect anything. + // Which is not altogether unusual, as the documentation seems to suggest that (for many settings) + // setting it on one side of the stream automatically sets it for the other side of the stream. + // + // Although there isn't anything in the documentation to suggest that the second attempt would fail. + // + // Furthermore, this only seems to affect streams that are negotiating a security upgrade. + // In other words, the socket gets connected, there is some back-and-forth communication over the unsecure + // connection, and then a startTLS is issued. + // So this mostly affects newer protocols (XMPP, IMAP) as opposed to older protocols (HTTPS). + + if (!r1 && !r2) // Yes, the && is correct - workaround for apple bug. + { + [self closeWithError:[self otherError:@"Error in CFStreamSetProperty"]]; + return; + } + + if (![self openStreams]) + { + [self closeWithError:[self otherError:@"Error in CFStreamOpen"]]; + return; + } + + LogVerbose(@"Waiting for SSL Handshake to complete..."); +} + +#endif + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark CFStream +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +#if TARGET_OS_IPHONE + ++ (void)ignore:(id)_ +{} + ++ (void)startCFStreamThreadIfNeeded +{ + LogTrace(); + + static dispatch_once_t predicate; + dispatch_once(&predicate, ^{ + + cfstreamThreadRetainCount = 0; + cfstreamThreadSetupQueue = dispatch_queue_create("GCDAsyncSocket-CFStreamThreadSetup", DISPATCH_QUEUE_SERIAL); + }); + + dispatch_sync(cfstreamThreadSetupQueue, ^{ @autoreleasepool { + + if (++cfstreamThreadRetainCount == 1) + { + cfstreamThread = [[NSThread alloc] initWithTarget:self + selector:@selector(cfstreamThread:) + object:nil]; + [cfstreamThread start]; + } + }}); +} + ++ (void)stopCFStreamThreadIfNeeded +{ + LogTrace(); + + // The creation of the cfstreamThread is relatively expensive. + // So we'd like to keep it available for recycling. + // However, there's a tradeoff here, because it shouldn't remain alive forever. + // So what we're going to do is use a little delay before taking it down. + // This way it can be reused properly in situations where multiple sockets are continually in flux. + + int delayInSeconds = 30; + dispatch_time_t when = dispatch_time(DISPATCH_TIME_NOW, (int64_t)(delayInSeconds * NSEC_PER_SEC)); + dispatch_after(when, cfstreamThreadSetupQueue, ^{ @autoreleasepool { + #pragma clang diagnostic push + #pragma clang diagnostic warning "-Wimplicit-retain-self" + + if (cfstreamThreadRetainCount == 0) + { + LogWarn(@"Logic error concerning cfstreamThread start / stop"); + return_from_block; + } + + if (--cfstreamThreadRetainCount == 0) + { + [cfstreamThread cancel]; // set isCancelled flag + + // wake up the thread + [[self class] performSelector:@selector(ignore:) + onThread:cfstreamThread + withObject:[NSNull null] + waitUntilDone:NO]; + + cfstreamThread = nil; + } + + #pragma clang diagnostic pop + }}); +} + ++ (void)cfstreamThread:(id)unused { @autoreleasepool +{ + [[NSThread currentThread] setName:GCDAsyncSocketThreadName]; + + LogInfo(@"CFStreamThread: Started"); + + // We can't run the run loop unless it has an associated input source or a timer. + // So we'll just create a timer that will never fire - unless the server runs for decades. + [NSTimer scheduledTimerWithTimeInterval:[[NSDate distantFuture] timeIntervalSinceNow] + target:self + selector:@selector(ignore:) + userInfo:nil + repeats:YES]; + + NSThread *currentThread = [NSThread currentThread]; + NSRunLoop *currentRunLoop = [NSRunLoop currentRunLoop]; + + BOOL isCancelled = [currentThread isCancelled]; + + while (!isCancelled && [currentRunLoop runMode:NSDefaultRunLoopMode beforeDate:[NSDate distantFuture]]) + { + isCancelled = [currentThread isCancelled]; + } + + LogInfo(@"CFStreamThread: Stopped"); +}} + ++ (void)scheduleCFStreams:(GCDAsyncSocket *)asyncSocket +{ + LogTrace(); + NSAssert([NSThread currentThread] == cfstreamThread, @"Invoked on wrong thread"); + + CFRunLoopRef runLoop = CFRunLoopGetCurrent(); + + if (asyncSocket->readStream) + CFReadStreamScheduleWithRunLoop(asyncSocket->readStream, runLoop, kCFRunLoopDefaultMode); + + if (asyncSocket->writeStream) + CFWriteStreamScheduleWithRunLoop(asyncSocket->writeStream, runLoop, kCFRunLoopDefaultMode); +} + ++ (void)unscheduleCFStreams:(GCDAsyncSocket *)asyncSocket +{ + LogTrace(); + NSAssert([NSThread currentThread] == cfstreamThread, @"Invoked on wrong thread"); + + CFRunLoopRef runLoop = CFRunLoopGetCurrent(); + + if (asyncSocket->readStream) + CFReadStreamUnscheduleFromRunLoop(asyncSocket->readStream, runLoop, kCFRunLoopDefaultMode); + + if (asyncSocket->writeStream) + CFWriteStreamUnscheduleFromRunLoop(asyncSocket->writeStream, runLoop, kCFRunLoopDefaultMode); +} + +static void CFReadStreamCallback (CFReadStreamRef stream, CFStreamEventType type, void *pInfo) +{ + GCDAsyncSocket *asyncSocket = (__bridge GCDAsyncSocket *)pInfo; + + switch(type) + { + case kCFStreamEventHasBytesAvailable: + { + dispatch_async(asyncSocket->socketQueue, ^{ @autoreleasepool { + + LogCVerbose(@"CFReadStreamCallback - HasBytesAvailable"); + + if (asyncSocket->readStream != stream) + return_from_block; + + if ((asyncSocket->flags & kStartingReadTLS) && (asyncSocket->flags & kStartingWriteTLS)) + { + // If we set kCFStreamPropertySSLSettings before we opened the streams, this might be a lie. + // (A callback related to the tcp stream, but not to the SSL layer). + + if (CFReadStreamHasBytesAvailable(asyncSocket->readStream)) + { + asyncSocket->flags |= kSecureSocketHasBytesAvailable; + [asyncSocket cf_finishSSLHandshake]; + } + } + else + { + asyncSocket->flags |= kSecureSocketHasBytesAvailable; + [asyncSocket doReadData]; + } + }}); + + break; + } + default: + { + NSError *error = (__bridge_transfer NSError *)CFReadStreamCopyError(stream); + + if (error == nil && type == kCFStreamEventEndEncountered) + { + error = [asyncSocket connectionClosedError]; + } + + dispatch_async(asyncSocket->socketQueue, ^{ @autoreleasepool { + + LogCVerbose(@"CFReadStreamCallback - Other"); + + if (asyncSocket->readStream != stream) + return_from_block; + + if ((asyncSocket->flags & kStartingReadTLS) && (asyncSocket->flags & kStartingWriteTLS)) + { + [asyncSocket cf_abortSSLHandshake:error]; + } + else + { + [asyncSocket closeWithError:error]; + } + }}); + + break; + } + } + +} + +static void CFWriteStreamCallback (CFWriteStreamRef stream, CFStreamEventType type, void *pInfo) +{ + GCDAsyncSocket *asyncSocket = (__bridge GCDAsyncSocket *)pInfo; + + switch(type) + { + case kCFStreamEventCanAcceptBytes: + { + dispatch_async(asyncSocket->socketQueue, ^{ @autoreleasepool { + + LogCVerbose(@"CFWriteStreamCallback - CanAcceptBytes"); + + if (asyncSocket->writeStream != stream) + return_from_block; + + if ((asyncSocket->flags & kStartingReadTLS) && (asyncSocket->flags & kStartingWriteTLS)) + { + // If we set kCFStreamPropertySSLSettings before we opened the streams, this might be a lie. + // (A callback related to the tcp stream, but not to the SSL layer). + + if (CFWriteStreamCanAcceptBytes(asyncSocket->writeStream)) + { + asyncSocket->flags |= kSocketCanAcceptBytes; + [asyncSocket cf_finishSSLHandshake]; + } + } + else + { + asyncSocket->flags |= kSocketCanAcceptBytes; + [asyncSocket doWriteData]; + } + }}); + + break; + } + default: + { + NSError *error = (__bridge_transfer NSError *)CFWriteStreamCopyError(stream); + + if (error == nil && type == kCFStreamEventEndEncountered) + { + error = [asyncSocket connectionClosedError]; + } + + dispatch_async(asyncSocket->socketQueue, ^{ @autoreleasepool { + + LogCVerbose(@"CFWriteStreamCallback - Other"); + + if (asyncSocket->writeStream != stream) + return_from_block; + + if ((asyncSocket->flags & kStartingReadTLS) && (asyncSocket->flags & kStartingWriteTLS)) + { + [asyncSocket cf_abortSSLHandshake:error]; + } + else + { + [asyncSocket closeWithError:error]; + } + }}); + + break; + } + } + +} + +- (BOOL)createReadAndWriteStream +{ + LogTrace(); + + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + + if (readStream || writeStream) + { + // Streams already created + return YES; + } + + int socketFD = (socket4FD != SOCKET_NULL) ? socket4FD : (socket6FD != SOCKET_NULL) ? socket6FD : socketUN; + + if (socketFD == SOCKET_NULL) + { + // Cannot create streams without a file descriptor + return NO; + } + + if (![self isConnected]) + { + // Cannot create streams until file descriptor is connected + return NO; + } + + LogVerbose(@"Creating read and write stream..."); + + CFStreamCreatePairWithSocket(NULL, (CFSocketNativeHandle)socketFD, &readStream, &writeStream); + + // The kCFStreamPropertyShouldCloseNativeSocket property should be false by default (for our case). + // But let's not take any chances. + + if (readStream) + CFReadStreamSetProperty(readStream, kCFStreamPropertyShouldCloseNativeSocket, kCFBooleanFalse); + if (writeStream) + CFWriteStreamSetProperty(writeStream, kCFStreamPropertyShouldCloseNativeSocket, kCFBooleanFalse); + + if ((readStream == NULL) || (writeStream == NULL)) + { + LogWarn(@"Unable to create read and write stream..."); + + if (readStream) + { + CFReadStreamClose(readStream); + CFRelease(readStream); + readStream = NULL; + } + if (writeStream) + { + CFWriteStreamClose(writeStream); + CFRelease(writeStream); + writeStream = NULL; + } + + return NO; + } + + return YES; +} + +- (BOOL)registerForStreamCallbacksIncludingReadWrite:(BOOL)includeReadWrite +{ + LogVerbose(@"%@ %@", THIS_METHOD, (includeReadWrite ? @"YES" : @"NO")); + + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + NSAssert((readStream != NULL && writeStream != NULL), @"Read/Write stream is null"); + + streamContext.version = 0; + streamContext.info = (__bridge void *)(self); + streamContext.retain = nil; + streamContext.release = nil; + streamContext.copyDescription = nil; + + CFOptionFlags readStreamEvents = kCFStreamEventErrorOccurred | kCFStreamEventEndEncountered; + if (includeReadWrite) + readStreamEvents |= kCFStreamEventHasBytesAvailable; + + if (!CFReadStreamSetClient(readStream, readStreamEvents, &CFReadStreamCallback, &streamContext)) + { + return NO; + } + + CFOptionFlags writeStreamEvents = kCFStreamEventErrorOccurred | kCFStreamEventEndEncountered; + if (includeReadWrite) + writeStreamEvents |= kCFStreamEventCanAcceptBytes; + + if (!CFWriteStreamSetClient(writeStream, writeStreamEvents, &CFWriteStreamCallback, &streamContext)) + { + return NO; + } + + return YES; +} + +- (BOOL)addStreamsToRunLoop +{ + LogTrace(); + + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + NSAssert((readStream != NULL && writeStream != NULL), @"Read/Write stream is null"); + + if (!(flags & kAddedStreamsToRunLoop)) + { + LogVerbose(@"Adding streams to runloop..."); + + [[self class] startCFStreamThreadIfNeeded]; + dispatch_sync(cfstreamThreadSetupQueue, ^{ + [[self class] performSelector:@selector(scheduleCFStreams:) + onThread:cfstreamThread + withObject:self + waitUntilDone:YES]; + }); + flags |= kAddedStreamsToRunLoop; + } + + return YES; +} + +- (void)removeStreamsFromRunLoop +{ + LogTrace(); + + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + NSAssert((readStream != NULL && writeStream != NULL), @"Read/Write stream is null"); + + if (flags & kAddedStreamsToRunLoop) + { + LogVerbose(@"Removing streams from runloop..."); + + dispatch_sync(cfstreamThreadSetupQueue, ^{ + [[self class] performSelector:@selector(unscheduleCFStreams:) + onThread:cfstreamThread + withObject:self + waitUntilDone:YES]; + }); + [[self class] stopCFStreamThreadIfNeeded]; + + flags &= ~kAddedStreamsToRunLoop; + } +} + +- (BOOL)openStreams +{ + LogTrace(); + + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + NSAssert((readStream != NULL && writeStream != NULL), @"Read/Write stream is null"); + + CFStreamStatus readStatus = CFReadStreamGetStatus(readStream); + CFStreamStatus writeStatus = CFWriteStreamGetStatus(writeStream); + + if ((readStatus == kCFStreamStatusNotOpen) || (writeStatus == kCFStreamStatusNotOpen)) + { + LogVerbose(@"Opening read and write stream..."); + + BOOL r1 = CFReadStreamOpen(readStream); + BOOL r2 = CFWriteStreamOpen(writeStream); + + if (!r1 || !r2) + { + LogError(@"Error in CFStreamOpen"); + return NO; + } + } + + return YES; +} + +#endif + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Advanced +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +/** + * See header file for big discussion of this method. +**/ +- (BOOL)autoDisconnectOnClosedReadStream +{ + // Note: YES means kAllowHalfDuplexConnection is OFF + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + return ((config & kAllowHalfDuplexConnection) == 0); + } + else + { + __block BOOL result; + + dispatch_sync(socketQueue, ^{ + result = ((self->config & kAllowHalfDuplexConnection) == 0); + }); + + return result; + } +} + +/** + * See header file for big discussion of this method. +**/ +- (void)setAutoDisconnectOnClosedReadStream:(BOOL)flag +{ + // Note: YES means kAllowHalfDuplexConnection is OFF + + dispatch_block_t block = ^{ + + if (flag) + self->config &= ~kAllowHalfDuplexConnection; + else + self->config |= kAllowHalfDuplexConnection; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_async(socketQueue, block); +} + + +/** + * See header file for big discussion of this method. +**/ +- (void)markSocketQueueTargetQueue:(dispatch_queue_t)socketNewTargetQueue +{ + void *nonNullUnusedPointer = (__bridge void *)self; + dispatch_queue_set_specific(socketNewTargetQueue, IsOnSocketQueueOrTargetQueueKey, nonNullUnusedPointer, NULL); +} + +/** + * See header file for big discussion of this method. +**/ +- (void)unmarkSocketQueueTargetQueue:(dispatch_queue_t)socketOldTargetQueue +{ + dispatch_queue_set_specific(socketOldTargetQueue, IsOnSocketQueueOrTargetQueueKey, NULL, NULL); +} + +/** + * See header file for big discussion of this method. +**/ +- (void)performBlock:(dispatch_block_t)block +{ + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); +} + +/** + * Questions? Have you read the header file? +**/ +- (int)socketFD +{ + if (!dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + LogWarn(@"%@ - Method only available from within the context of a performBlock: invocation", THIS_METHOD); + return SOCKET_NULL; + } + + if (socket4FD != SOCKET_NULL) + return socket4FD; + else + return socket6FD; +} + +/** + * Questions? Have you read the header file? +**/ +- (int)socket4FD +{ + if (!dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + LogWarn(@"%@ - Method only available from within the context of a performBlock: invocation", THIS_METHOD); + return SOCKET_NULL; + } + + return socket4FD; +} + +/** + * Questions? Have you read the header file? +**/ +- (int)socket6FD +{ + if (!dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + LogWarn(@"%@ - Method only available from within the context of a performBlock: invocation", THIS_METHOD); + return SOCKET_NULL; + } + + return socket6FD; +} + +#if TARGET_OS_IPHONE + +/** + * Questions? Have you read the header file? +**/ +- (CFReadStreamRef)readStream +{ + if (!dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + LogWarn(@"%@ - Method only available from within the context of a performBlock: invocation", THIS_METHOD); + return NULL; + } + + if (readStream == NULL) + [self createReadAndWriteStream]; + + return readStream; +} + +/** + * Questions? Have you read the header file? +**/ +- (CFWriteStreamRef)writeStream +{ + if (!dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + LogWarn(@"%@ - Method only available from within the context of a performBlock: invocation", THIS_METHOD); + return NULL; + } + + if (writeStream == NULL) + [self createReadAndWriteStream]; + + return writeStream; +} + +- (BOOL)enableBackgroundingOnSocketWithCaveat:(BOOL)caveat +{ + if (![self createReadAndWriteStream]) + { + // Error occurred creating streams (perhaps socket isn't open) + return NO; + } + + BOOL r1, r2; + + LogVerbose(@"Enabling backgrouding on socket"); + +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wdeprecated-declarations" + r1 = CFReadStreamSetProperty(readStream, kCFStreamNetworkServiceType, kCFStreamNetworkServiceTypeVoIP); + r2 = CFWriteStreamSetProperty(writeStream, kCFStreamNetworkServiceType, kCFStreamNetworkServiceTypeVoIP); +#pragma clang diagnostic pop + + if (!r1 || !r2) + { + return NO; + } + + if (!caveat) + { + if (![self openStreams]) + { + return NO; + } + } + + return YES; +} + +/** + * Questions? Have you read the header file? +**/ +- (BOOL)enableBackgroundingOnSocket +{ + LogTrace(); + + if (!dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + LogWarn(@"%@ - Method only available from within the context of a performBlock: invocation", THIS_METHOD); + return NO; + } + + return [self enableBackgroundingOnSocketWithCaveat:NO]; +} + +- (BOOL)enableBackgroundingOnSocketWithCaveat // Deprecated in iOS 4.??? +{ + // This method was created as a workaround for a bug in iOS. + // Apple has since fixed this bug. + // I'm not entirely sure which version of iOS they fixed it in... + + LogTrace(); + + if (!dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + LogWarn(@"%@ - Method only available from within the context of a performBlock: invocation", THIS_METHOD); + return NO; + } + + return [self enableBackgroundingOnSocketWithCaveat:YES]; +} + +#endif + +- (SSLContextRef)sslContext +{ + if (!dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + LogWarn(@"%@ - Method only available from within the context of a performBlock: invocation", THIS_METHOD); + return NULL; + } + + return sslContext; +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Class Utilities +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + ++ (NSMutableArray *)lookupHost:(NSString *)host port:(uint16_t)port error:(NSError **)errPtr +{ + LogTrace(); + + NSMutableArray *addresses = nil; + NSError *error = nil; + + if ([host isEqualToString:@"localhost"] || [host isEqualToString:@"loopback"]) + { + // Use LOOPBACK address + struct sockaddr_in nativeAddr4; + nativeAddr4.sin_len = sizeof(struct sockaddr_in); + nativeAddr4.sin_family = AF_INET; + nativeAddr4.sin_port = htons(port); + nativeAddr4.sin_addr.s_addr = htonl(INADDR_LOOPBACK); + memset(&(nativeAddr4.sin_zero), 0, sizeof(nativeAddr4.sin_zero)); + + struct sockaddr_in6 nativeAddr6; + nativeAddr6.sin6_len = sizeof(struct sockaddr_in6); + nativeAddr6.sin6_family = AF_INET6; + nativeAddr6.sin6_port = htons(port); + nativeAddr6.sin6_flowinfo = 0; + nativeAddr6.sin6_addr = in6addr_loopback; + nativeAddr6.sin6_scope_id = 0; + + // Wrap the native address structures + + NSData *address4 = [NSData dataWithBytes:&nativeAddr4 length:sizeof(nativeAddr4)]; + NSData *address6 = [NSData dataWithBytes:&nativeAddr6 length:sizeof(nativeAddr6)]; + + addresses = [NSMutableArray arrayWithCapacity:2]; + [addresses addObject:address4]; + [addresses addObject:address6]; + } + else + { + NSString *portStr = [NSString stringWithFormat:@"%hu", port]; + + struct addrinfo hints, *res, *res0; + + memset(&hints, 0, sizeof(hints)); + hints.ai_family = PF_UNSPEC; + hints.ai_socktype = SOCK_STREAM; + hints.ai_protocol = IPPROTO_TCP; + + int gai_error = getaddrinfo([host UTF8String], [portStr UTF8String], &hints, &res0); + + if (gai_error) + { + error = [self gaiError:gai_error]; + } + else + { + NSUInteger capacity = 0; + for (res = res0; res; res = res->ai_next) + { + if (res->ai_family == AF_INET || res->ai_family == AF_INET6) { + capacity++; + } + } + + addresses = [NSMutableArray arrayWithCapacity:capacity]; + + for (res = res0; res; res = res->ai_next) + { + if (res->ai_family == AF_INET) + { + // Found IPv4 address. + // Wrap the native address structure, and add to results. + + NSData *address4 = [NSData dataWithBytes:res->ai_addr length:res->ai_addrlen]; + [addresses addObject:address4]; + } + else if (res->ai_family == AF_INET6) + { + // Fixes connection issues with IPv6 + // https://github.com/robbiehanson/CocoaAsyncSocket/issues/429#issuecomment-222477158 + + // Found IPv6 address. + // Wrap the native address structure, and add to results. + + struct sockaddr_in6 *sockaddr = (struct sockaddr_in6 *)(void *)res->ai_addr; + in_port_t *portPtr = &sockaddr->sin6_port; + if ((portPtr != NULL) && (*portPtr == 0)) { + *portPtr = htons(port); + } + + NSData *address6 = [NSData dataWithBytes:res->ai_addr length:res->ai_addrlen]; + [addresses addObject:address6]; + } + } + freeaddrinfo(res0); + + if ([addresses count] == 0) + { + error = [self gaiError:EAI_FAIL]; + } + } + } + + if (errPtr) *errPtr = error; + return addresses; +} + ++ (NSString *)hostFromSockaddr4:(const struct sockaddr_in *)pSockaddr4 +{ + char addrBuf[INET_ADDRSTRLEN]; + + if (inet_ntop(AF_INET, &pSockaddr4->sin_addr, addrBuf, (socklen_t)sizeof(addrBuf)) == NULL) + { + addrBuf[0] = '\0'; + } + + return [NSString stringWithCString:addrBuf encoding:NSASCIIStringEncoding]; +} + ++ (NSString *)hostFromSockaddr6:(const struct sockaddr_in6 *)pSockaddr6 +{ + char addrBuf[INET6_ADDRSTRLEN]; + + if (inet_ntop(AF_INET6, &pSockaddr6->sin6_addr, addrBuf, (socklen_t)sizeof(addrBuf)) == NULL) + { + addrBuf[0] = '\0'; + } + + return [NSString stringWithCString:addrBuf encoding:NSASCIIStringEncoding]; +} + ++ (uint16_t)portFromSockaddr4:(const struct sockaddr_in *)pSockaddr4 +{ + return ntohs(pSockaddr4->sin_port); +} + ++ (uint16_t)portFromSockaddr6:(const struct sockaddr_in6 *)pSockaddr6 +{ + return ntohs(pSockaddr6->sin6_port); +} + ++ (NSURL *)urlFromSockaddrUN:(const struct sockaddr_un *)pSockaddr +{ + NSString *path = [NSString stringWithUTF8String:pSockaddr->sun_path]; + return [NSURL fileURLWithPath:path]; +} + ++ (NSString *)hostFromAddress:(NSData *)address +{ + NSString *host; + + if ([self getHost:&host port:NULL fromAddress:address]) + return host; + else + return nil; +} + ++ (uint16_t)portFromAddress:(NSData *)address +{ + uint16_t port; + + if ([self getHost:NULL port:&port fromAddress:address]) + return port; + else + return 0; +} + ++ (BOOL)isIPv4Address:(NSData *)address +{ + if ([address length] >= sizeof(struct sockaddr)) + { + const struct sockaddr *sockaddrX = [address bytes]; + + if (sockaddrX->sa_family == AF_INET) { + return YES; + } + } + + return NO; +} + ++ (BOOL)isIPv6Address:(NSData *)address +{ + if ([address length] >= sizeof(struct sockaddr)) + { + const struct sockaddr *sockaddrX = [address bytes]; + + if (sockaddrX->sa_family == AF_INET6) { + return YES; + } + } + + return NO; +} + ++ (BOOL)getHost:(NSString **)hostPtr port:(uint16_t *)portPtr fromAddress:(NSData *)address +{ + return [self getHost:hostPtr port:portPtr family:NULL fromAddress:address]; +} + ++ (BOOL)getHost:(NSString **)hostPtr port:(uint16_t *)portPtr family:(sa_family_t *)afPtr fromAddress:(NSData *)address +{ + if ([address length] >= sizeof(struct sockaddr)) + { + const struct sockaddr *sockaddrX = [address bytes]; + + if (sockaddrX->sa_family == AF_INET) + { + if ([address length] >= sizeof(struct sockaddr_in)) + { + struct sockaddr_in sockaddr4; + memcpy(&sockaddr4, sockaddrX, sizeof(sockaddr4)); + + if (hostPtr) *hostPtr = [self hostFromSockaddr4:&sockaddr4]; + if (portPtr) *portPtr = [self portFromSockaddr4:&sockaddr4]; + if (afPtr) *afPtr = AF_INET; + + return YES; + } + } + else if (sockaddrX->sa_family == AF_INET6) + { + if ([address length] >= sizeof(struct sockaddr_in6)) + { + struct sockaddr_in6 sockaddr6; + memcpy(&sockaddr6, sockaddrX, sizeof(sockaddr6)); + + if (hostPtr) *hostPtr = [self hostFromSockaddr6:&sockaddr6]; + if (portPtr) *portPtr = [self portFromSockaddr6:&sockaddr6]; + if (afPtr) *afPtr = AF_INET6; + + return YES; + } + } + } + + return NO; +} + ++ (NSData *)CRLFData +{ + return [NSData dataWithBytes:"\x0D\x0A" length:2]; +} + ++ (NSData *)CRData +{ + return [NSData dataWithBytes:"\x0D" length:1]; +} + ++ (NSData *)LFData +{ + return [NSData dataWithBytes:"\x0A" length:1]; +} + ++ (NSData *)ZeroData +{ + return [NSData dataWithBytes:"" length:1]; +} + +@end diff --git a/GlassVPN/robbiehanson-CocoaAsyncSocket/GCDAsyncUdpSocket.h b/GlassVPN/robbiehanson-CocoaAsyncSocket/GCDAsyncUdpSocket.h new file mode 100755 index 0000000..c98a448 --- /dev/null +++ b/GlassVPN/robbiehanson-CocoaAsyncSocket/GCDAsyncUdpSocket.h @@ -0,0 +1,1024 @@ +// +// GCDAsyncUdpSocket +// +// This class is in the public domain. +// Originally created by Robbie Hanson of Deusty LLC. +// Updated and maintained by Deusty LLC and the Apple development community. +// +// https://github.com/robbiehanson/CocoaAsyncSocket +// + +#import +#import +#import +#import + +NS_ASSUME_NONNULL_BEGIN +extern NSString *const GCDAsyncUdpSocketException; +extern NSString *const GCDAsyncUdpSocketErrorDomain; + +extern NSString *const GCDAsyncUdpSocketQueueName; +extern NSString *const GCDAsyncUdpSocketThreadName; + +typedef NS_ERROR_ENUM(GCDAsyncUdpSocketErrorDomain, GCDAsyncUdpSocketError) { + GCDAsyncUdpSocketNoError = 0, // Never used + GCDAsyncUdpSocketBadConfigError, // Invalid configuration + GCDAsyncUdpSocketBadParamError, // Invalid parameter was passed + GCDAsyncUdpSocketSendTimeoutError, // A send operation timed out + GCDAsyncUdpSocketClosedError, // The socket was closed + GCDAsyncUdpSocketOtherError, // Description provided in userInfo +}; + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark - +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +@class GCDAsyncUdpSocket; + +@protocol GCDAsyncUdpSocketDelegate +@optional + +/** + * By design, UDP is a connectionless protocol, and connecting is not needed. + * However, you may optionally choose to connect to a particular host for reasons + * outlined in the documentation for the various connect methods listed above. + * + * This method is called if one of the connect methods are invoked, and the connection is successful. +**/ +- (void)udpSocket:(GCDAsyncUdpSocket *)sock didConnectToAddress:(NSData *)address; + +/** + * By design, UDP is a connectionless protocol, and connecting is not needed. + * However, you may optionally choose to connect to a particular host for reasons + * outlined in the documentation for the various connect methods listed above. + * + * This method is called if one of the connect methods are invoked, and the connection fails. + * This may happen, for example, if a domain name is given for the host and the domain name is unable to be resolved. +**/ +- (void)udpSocket:(GCDAsyncUdpSocket *)sock didNotConnect:(NSError * _Nullable)error; + +/** + * Called when the datagram with the given tag has been sent. +**/ +- (void)udpSocket:(GCDAsyncUdpSocket *)sock didSendDataWithTag:(long)tag; + +/** + * Called if an error occurs while trying to send a datagram. + * This could be due to a timeout, or something more serious such as the data being too large to fit in a sigle packet. +**/ +- (void)udpSocket:(GCDAsyncUdpSocket *)sock didNotSendDataWithTag:(long)tag dueToError:(NSError * _Nullable)error; + +/** + * Called when the socket has received the requested datagram. +**/ +- (void)udpSocket:(GCDAsyncUdpSocket *)sock didReceiveData:(NSData *)data + fromAddress:(NSData *)address + withFilterContext:(nullable id)filterContext; + +/** + * Called when the socket is closed. +**/ +- (void)udpSocketDidClose:(GCDAsyncUdpSocket *)sock withError:(NSError * _Nullable)error; + +@end + +/** + * You may optionally set a receive filter for the socket. + * A filter can provide several useful features: + * + * 1. Many times udp packets need to be parsed. + * Since the filter can run in its own independent queue, you can parallelize this parsing quite easily. + * The end result is a parallel socket io, datagram parsing, and packet processing. + * + * 2. Many times udp packets are discarded because they are duplicate/unneeded/unsolicited. + * The filter can prevent such packets from arriving at the delegate. + * And because the filter can run in its own independent queue, this doesn't slow down the delegate. + * + * - Since the udp protocol does not guarantee delivery, udp packets may be lost. + * Many protocols built atop udp thus provide various resend/re-request algorithms. + * This sometimes results in duplicate packets arriving. + * A filter may allow you to architect the duplicate detection code to run in parallel to normal processing. + * + * - Since the udp socket may be connectionless, its possible for unsolicited packets to arrive. + * Such packets need to be ignored. + * + * 3. Sometimes traffic shapers are needed to simulate real world environments. + * A filter allows you to write custom code to simulate such environments. + * The ability to code this yourself is especially helpful when your simulated environment + * is more complicated than simple traffic shaping (e.g. simulating a cone port restricted router), + * or the system tools to handle this aren't available (e.g. on a mobile device). + * + * @param data - The packet that was received. + * @param address - The address the data was received from. + * See utilities section for methods to extract info from address. + * @param context - Out parameter you may optionally set, which will then be passed to the delegate method. + * For example, filter block can parse the data and then, + * pass the parsed data to the delegate. + * + * @returns - YES if the received packet should be passed onto the delegate. + * NO if the received packet should be discarded, and not reported to the delegete. + * + * Example: + * + * GCDAsyncUdpSocketReceiveFilterBlock filter = ^BOOL (NSData *data, NSData *address, id *context) { + * + * MyProtocolMessage *msg = [MyProtocol parseMessage:data]; + * + * *context = response; + * return (response != nil); + * }; + * [udpSocket setReceiveFilter:filter withQueue:myParsingQueue]; + * +**/ +typedef BOOL (^GCDAsyncUdpSocketReceiveFilterBlock)(NSData *data, NSData *address, id __nullable * __nonnull context); + +/** + * You may optionally set a send filter for the socket. + * A filter can provide several interesting possibilities: + * + * 1. Optional caching of resolved addresses for domain names. + * The cache could later be consulted, resulting in fewer system calls to getaddrinfo. + * + * 2. Reusable modules of code for bandwidth monitoring. + * + * 3. Sometimes traffic shapers are needed to simulate real world environments. + * A filter allows you to write custom code to simulate such environments. + * The ability to code this yourself is especially helpful when your simulated environment + * is more complicated than simple traffic shaping (e.g. simulating a cone port restricted router), + * or the system tools to handle this aren't available (e.g. on a mobile device). + * + * @param data - The packet that was received. + * @param address - The address the data was received from. + * See utilities section for methods to extract info from address. + * @param tag - The tag that was passed in the send method. + * + * @returns - YES if the packet should actually be sent over the socket. + * NO if the packet should be silently dropped (not sent over the socket). + * + * Regardless of the return value, the delegate will be informed that the packet was successfully sent. + * +**/ +typedef BOOL (^GCDAsyncUdpSocketSendFilterBlock)(NSData *data, NSData *address, long tag); + + +@interface GCDAsyncUdpSocket : NSObject + +/** + * GCDAsyncUdpSocket uses the standard delegate paradigm, + * but executes all delegate callbacks on a given delegate dispatch queue. + * This allows for maximum concurrency, while at the same time providing easy thread safety. + * + * You MUST set a delegate AND delegate dispatch queue before attempting to + * use the socket, or you will get an error. + * + * The socket queue is optional. + * If you pass NULL, GCDAsyncSocket will automatically create its own socket queue. + * If you choose to provide a socket queue, the socket queue must not be a concurrent queue, + * then please see the discussion for the method markSocketQueueTargetQueue. + * + * The delegate queue and socket queue can optionally be the same. +**/ +- (instancetype)init; +- (instancetype)initWithSocketQueue:(nullable dispatch_queue_t)sq; +- (instancetype)initWithDelegate:(nullable id)aDelegate delegateQueue:(nullable dispatch_queue_t)dq; +- (instancetype)initWithDelegate:(nullable id)aDelegate delegateQueue:(nullable dispatch_queue_t)dq socketQueue:(nullable dispatch_queue_t)sq NS_DESIGNATED_INITIALIZER; + +#pragma mark Configuration + +- (nullable id)delegate; +- (void)setDelegate:(nullable id)delegate; +- (void)synchronouslySetDelegate:(nullable id)delegate; + +- (nullable dispatch_queue_t)delegateQueue; +- (void)setDelegateQueue:(nullable dispatch_queue_t)delegateQueue; +- (void)synchronouslySetDelegateQueue:(nullable dispatch_queue_t)delegateQueue; + +- (void)getDelegate:(id __nullable * __nullable)delegatePtr delegateQueue:(dispatch_queue_t __nullable * __nullable)delegateQueuePtr; +- (void)setDelegate:(nullable id)delegate delegateQueue:(nullable dispatch_queue_t)delegateQueue; +- (void)synchronouslySetDelegate:(nullable id)delegate delegateQueue:(nullable dispatch_queue_t)delegateQueue; + +/** + * By default, both IPv4 and IPv6 are enabled. + * + * This means GCDAsyncUdpSocket automatically supports both protocols, + * and can send to IPv4 or IPv6 addresses, + * as well as receive over IPv4 and IPv6. + * + * For operations that require DNS resolution, GCDAsyncUdpSocket supports both IPv4 and IPv6. + * If a DNS lookup returns only IPv4 results, GCDAsyncUdpSocket will automatically use IPv4. + * If a DNS lookup returns only IPv6 results, GCDAsyncUdpSocket will automatically use IPv6. + * If a DNS lookup returns both IPv4 and IPv6 results, then the protocol used depends on the configured preference. + * If IPv4 is preferred, then IPv4 is used. + * If IPv6 is preferred, then IPv6 is used. + * If neutral, then the first IP version in the resolved array will be used. + * + * Starting with Mac OS X 10.7 Lion and iOS 5, the default IP preference is neutral. + * On prior systems the default IP preference is IPv4. + **/ +- (BOOL)isIPv4Enabled; +- (void)setIPv4Enabled:(BOOL)flag; + +- (BOOL)isIPv6Enabled; +- (void)setIPv6Enabled:(BOOL)flag; + +- (BOOL)isIPv4Preferred; +- (BOOL)isIPv6Preferred; +- (BOOL)isIPVersionNeutral; + +- (void)setPreferIPv4; +- (void)setPreferIPv6; +- (void)setIPVersionNeutral; + +/** + * Gets/Sets the maximum size of the buffer that will be allocated for receive operations. + * The default maximum size is 65535 bytes. + * + * The theoretical maximum size of any IPv4 UDP packet is UINT16_MAX = 65535. + * The theoretical maximum size of any IPv6 UDP packet is UINT32_MAX = 4294967295. + * + * Since the OS/GCD notifies us of the size of each received UDP packet, + * the actual allocated buffer size for each packet is exact. + * And in practice the size of UDP packets is generally much smaller than the max. + * Indeed most protocols will send and receive packets of only a few bytes, + * or will set a limit on the size of packets to prevent fragmentation in the IP layer. + * + * If you set the buffer size too small, the sockets API in the OS will silently discard + * any extra data, and you will not be notified of the error. +**/ +- (uint16_t)maxReceiveIPv4BufferSize; +- (void)setMaxReceiveIPv4BufferSize:(uint16_t)max; + +- (uint32_t)maxReceiveIPv6BufferSize; +- (void)setMaxReceiveIPv6BufferSize:(uint32_t)max; + +/** + * Gets/Sets the maximum size of the buffer that will be allocated for send operations. + * The default maximum size is 65535 bytes. + * + * Given that a typical link MTU is 1500 bytes, a large UDP datagram will have to be + * fragmented, and that’s both expensive and risky (if one fragment goes missing, the + * entire datagram is lost). You are much better off sending a large number of smaller + * UDP datagrams, preferably using a path MTU algorithm to avoid fragmentation. + * + * You must set it before the sockt is created otherwise it won't work. + * + **/ +- (uint16_t)maxSendBufferSize; +- (void)setMaxSendBufferSize:(uint16_t)max; + +/** + * User data allows you to associate arbitrary information with the socket. + * This data is not used internally in any way. +**/ +- (nullable id)userData; +- (void)setUserData:(nullable id)arbitraryUserData; + +#pragma mark Diagnostics + +/** + * Returns the local address info for the socket. + * + * The localAddress method returns a sockaddr structure wrapped in a NSData object. + * The localHost method returns the human readable IP address as a string. + * + * Note: Address info may not be available until after the socket has been binded, connected + * or until after data has been sent. +**/ +- (nullable NSData *)localAddress; +- (nullable NSString *)localHost; +- (uint16_t)localPort; + +- (nullable NSData *)localAddress_IPv4; +- (nullable NSString *)localHost_IPv4; +- (uint16_t)localPort_IPv4; + +- (nullable NSData *)localAddress_IPv6; +- (nullable NSString *)localHost_IPv6; +- (uint16_t)localPort_IPv6; + +/** + * Returns the remote address info for the socket. + * + * The connectedAddress method returns a sockaddr structure wrapped in a NSData object. + * The connectedHost method returns the human readable IP address as a string. + * + * Note: Since UDP is connectionless by design, connected address info + * will not be available unless the socket is explicitly connected to a remote host/port. + * If the socket is not connected, these methods will return nil / 0. +**/ +- (nullable NSData *)connectedAddress; +- (nullable NSString *)connectedHost; +- (uint16_t)connectedPort; + +/** + * Returns whether or not this socket has been connected to a single host. + * By design, UDP is a connectionless protocol, and connecting is not needed. + * If connected, the socket will only be able to send/receive data to/from the connected host. +**/ +- (BOOL)isConnected; + +/** + * Returns whether or not this socket has been closed. + * The only way a socket can be closed is if you explicitly call one of the close methods. +**/ +- (BOOL)isClosed; + +/** + * Returns whether or not this socket is IPv4. + * + * By default this will be true, unless: + * - IPv4 is disabled (via setIPv4Enabled:) + * - The socket is explicitly bound to an IPv6 address + * - The socket is connected to an IPv6 address +**/ +- (BOOL)isIPv4; + +/** + * Returns whether or not this socket is IPv6. + * + * By default this will be true, unless: + * - IPv6 is disabled (via setIPv6Enabled:) + * - The socket is explicitly bound to an IPv4 address + * _ The socket is connected to an IPv4 address + * + * This method will also return false on platforms that do not support IPv6. + * Note: The iPhone does not currently support IPv6. +**/ +- (BOOL)isIPv6; + +#pragma mark Binding + +/** + * Binds the UDP socket to the given port. + * Binding should be done for server sockets that receive data prior to sending it. + * Client sockets can skip binding, + * as the OS will automatically assign the socket an available port when it starts sending data. + * + * You may optionally pass a port number of zero to immediately bind the socket, + * yet still allow the OS to automatically assign an available port. + * + * You cannot bind a socket after its been connected. + * You can only bind a socket once. + * You can still connect a socket (if desired) after binding. + * + * On success, returns YES. + * Otherwise returns NO, and sets errPtr. If you don't care about the error, you can pass NULL for errPtr. +**/ +- (BOOL)bindToPort:(uint16_t)port error:(NSError **)errPtr; + +/** + * Binds the UDP socket to the given port and optional interface. + * Binding should be done for server sockets that receive data prior to sending it. + * Client sockets can skip binding, + * as the OS will automatically assign the socket an available port when it starts sending data. + * + * You may optionally pass a port number of zero to immediately bind the socket, + * yet still allow the OS to automatically assign an available port. + * + * The interface may be a name (e.g. "en1" or "lo0") or the corresponding IP address (e.g. "192.168.4.35"). + * You may also use the special strings "localhost" or "loopback" to specify that + * the socket only accept packets from the local machine. + * + * You cannot bind a socket after its been connected. + * You can only bind a socket once. + * You can still connect a socket (if desired) after binding. + * + * On success, returns YES. + * Otherwise returns NO, and sets errPtr. If you don't care about the error, you can pass NULL for errPtr. +**/ +- (BOOL)bindToPort:(uint16_t)port interface:(nullable NSString *)interface error:(NSError **)errPtr; + +/** + * Binds the UDP socket to the given address, specified as a sockaddr structure wrapped in a NSData object. + * + * If you have an existing struct sockaddr you can convert it to a NSData object like so: + * struct sockaddr sa -> NSData *dsa = [NSData dataWithBytes:&remoteAddr length:remoteAddr.sa_len]; + * struct sockaddr *sa -> NSData *dsa = [NSData dataWithBytes:remoteAddr length:remoteAddr->sa_len]; + * + * Binding should be done for server sockets that receive data prior to sending it. + * Client sockets can skip binding, + * as the OS will automatically assign the socket an available port when it starts sending data. + * + * You cannot bind a socket after its been connected. + * You can only bind a socket once. + * You can still connect a socket (if desired) after binding. + * + * On success, returns YES. + * Otherwise returns NO, and sets errPtr. If you don't care about the error, you can pass NULL for errPtr. +**/ +- (BOOL)bindToAddress:(NSData *)localAddr error:(NSError **)errPtr; + +#pragma mark Connecting + +/** + * Connects the UDP socket to the given host and port. + * By design, UDP is a connectionless protocol, and connecting is not needed. + * + * Choosing to connect to a specific host/port has the following effect: + * - You will only be able to send data to the connected host/port. + * - You will only be able to receive data from the connected host/port. + * - You will receive ICMP messages that come from the connected host/port, such as "connection refused". + * + * The actual process of connecting a UDP socket does not result in any communication on the socket. + * It simply changes the internal state of the socket. + * + * You cannot bind a socket after it has been connected. + * You can only connect a socket once. + * + * The host may be a domain name (e.g. "deusty.com") or an IP address string (e.g. "192.168.0.2"). + * + * This method is asynchronous as it requires a DNS lookup to resolve the given host name. + * If an obvious error is detected, this method immediately returns NO and sets errPtr. + * If you don't care about the error, you can pass nil for errPtr. + * Otherwise, this method returns YES and begins the asynchronous connection process. + * The result of the asynchronous connection process will be reported via the delegate methods. + **/ +- (BOOL)connectToHost:(NSString *)host onPort:(uint16_t)port error:(NSError **)errPtr; + +/** + * Connects the UDP socket to the given address, specified as a sockaddr structure wrapped in a NSData object. + * + * If you have an existing struct sockaddr you can convert it to a NSData object like so: + * struct sockaddr sa -> NSData *dsa = [NSData dataWithBytes:&remoteAddr length:remoteAddr.sa_len]; + * struct sockaddr *sa -> NSData *dsa = [NSData dataWithBytes:remoteAddr length:remoteAddr->sa_len]; + * + * By design, UDP is a connectionless protocol, and connecting is not needed. + * + * Choosing to connect to a specific address has the following effect: + * - You will only be able to send data to the connected address. + * - You will only be able to receive data from the connected address. + * - You will receive ICMP messages that come from the connected address, such as "connection refused". + * + * Connecting a UDP socket does not result in any communication on the socket. + * It simply changes the internal state of the socket. + * + * You cannot bind a socket after its been connected. + * You can only connect a socket once. + * + * On success, returns YES. + * Otherwise returns NO, and sets errPtr. If you don't care about the error, you can pass nil for errPtr. + * + * Note: Unlike the connectToHost:onPort:error: method, this method does not require a DNS lookup. + * Thus when this method returns, the connection has either failed or fully completed. + * In other words, this method is synchronous, unlike the asynchronous connectToHost::: method. + * However, for compatibility and simplification of delegate code, if this method returns YES + * then the corresponding delegate method (udpSocket:didConnectToHost:port:) is still invoked. +**/ +- (BOOL)connectToAddress:(NSData *)remoteAddr error:(NSError **)errPtr; + +#pragma mark Multicast + +/** + * Join multicast group. + * Group should be an IP address (eg @"225.228.0.1"). + * + * On success, returns YES. + * Otherwise returns NO, and sets errPtr. If you don't care about the error, you can pass nil for errPtr. +**/ +- (BOOL)joinMulticastGroup:(NSString *)group error:(NSError **)errPtr; + +/** + * Join multicast group. + * Group should be an IP address (eg @"225.228.0.1"). + * The interface may be a name (e.g. "en1" or "lo0") or the corresponding IP address (e.g. "192.168.4.35"). + * + * On success, returns YES. + * Otherwise returns NO, and sets errPtr. If you don't care about the error, you can pass nil for errPtr. +**/ +- (BOOL)joinMulticastGroup:(NSString *)group onInterface:(nullable NSString *)interface error:(NSError **)errPtr; + +- (BOOL)leaveMulticastGroup:(NSString *)group error:(NSError **)errPtr; +- (BOOL)leaveMulticastGroup:(NSString *)group onInterface:(nullable NSString *)interface error:(NSError **)errPtr; + +#pragma mark Reuse Port + +/** + * By default, only one socket can be bound to a given IP address + port at a time. + * To enable multiple processes to simultaneously bind to the same address+port, + * you need to enable this functionality in the socket. All processes that wish to + * use the address+port simultaneously must all enable reuse port on the socket + * bound to that port. + **/ +- (BOOL)enableReusePort:(BOOL)flag error:(NSError **)errPtr; + +#pragma mark Broadcast + +/** + * By default, the underlying socket in the OS will not allow you to send broadcast messages. + * In order to send broadcast messages, you need to enable this functionality in the socket. + * + * A broadcast is a UDP message to addresses like "192.168.255.255" or "255.255.255.255" that is + * delivered to every host on the network. + * The reason this is generally disabled by default (by the OS) is to prevent + * accidental broadcast messages from flooding the network. +**/ +- (BOOL)enableBroadcast:(BOOL)flag error:(NSError **)errPtr; + +#pragma mark Sending + +/** + * Asynchronously sends the given data, with the given timeout and tag. + * + * This method may only be used with a connected socket. + * Recall that connecting is optional for a UDP socket. + * For connected sockets, data can only be sent to the connected address. + * For non-connected sockets, the remote destination is specified for each packet. + * For more information about optionally connecting udp sockets, see the documentation for the connect methods above. + * + * @param data + * The data to send. + * If data is nil or zero-length, this method does nothing. + * If passing NSMutableData, please read the thread-safety notice below. + * + * @param timeout + * The timeout for the send opeartion. + * If the timeout value is negative, the send operation will not use a timeout. + * + * @param tag + * The tag is for your convenience. + * It is not sent or received over the socket in any manner what-so-ever. + * It is reported back as a parameter in the udpSocket:didSendDataWithTag: + * or udpSocket:didNotSendDataWithTag:dueToError: methods. + * You can use it as an array index, state id, type constant, etc. + * + * + * Thread-Safety Note: + * If the given data parameter is mutable (NSMutableData) then you MUST NOT alter the data while + * the socket is sending it. In other words, it's not safe to alter the data until after the delegate method + * udpSocket:didSendDataWithTag: or udpSocket:didNotSendDataWithTag:dueToError: is invoked signifying + * that this particular send operation has completed. + * This is due to the fact that GCDAsyncUdpSocket does NOT copy the data. + * It simply retains it for performance reasons. + * Often times, if NSMutableData is passed, it is because a request/response was built up in memory. + * Copying this data adds an unwanted/unneeded overhead. + * If you need to write data from an immutable buffer, and you need to alter the buffer before the socket + * completes sending the bytes (which is NOT immediately after this method returns, but rather at a later time + * when the delegate method notifies you), then you should first copy the bytes, and pass the copy to this method. +**/ +- (void)sendData:(NSData *)data withTimeout:(NSTimeInterval)timeout tag:(long)tag; + +/** + * Asynchronously sends the given data, with the given timeout and tag, to the given host and port. + * + * This method cannot be used with a connected socket. + * Recall that connecting is optional for a UDP socket. + * For connected sockets, data can only be sent to the connected address. + * For non-connected sockets, the remote destination is specified for each packet. + * For more information about optionally connecting udp sockets, see the documentation for the connect methods above. + * + * @param data + * The data to send. + * If data is nil or zero-length, this method does nothing. + * If passing NSMutableData, please read the thread-safety notice below. + * + * @param host + * The destination to send the udp packet to. + * May be specified as a domain name (e.g. "deusty.com") or an IP address string (e.g. "192.168.0.2"). + * You may also use the convenience strings of "loopback" or "localhost". + * + * @param port + * The port of the host to send to. + * + * @param timeout + * The timeout for the send opeartion. + * If the timeout value is negative, the send operation will not use a timeout. + * + * @param tag + * The tag is for your convenience. + * It is not sent or received over the socket in any manner what-so-ever. + * It is reported back as a parameter in the udpSocket:didSendDataWithTag: + * or udpSocket:didNotSendDataWithTag:dueToError: methods. + * You can use it as an array index, state id, type constant, etc. + * + * + * Thread-Safety Note: + * If the given data parameter is mutable (NSMutableData) then you MUST NOT alter the data while + * the socket is sending it. In other words, it's not safe to alter the data until after the delegate method + * udpSocket:didSendDataWithTag: or udpSocket:didNotSendDataWithTag:dueToError: is invoked signifying + * that this particular send operation has completed. + * This is due to the fact that GCDAsyncUdpSocket does NOT copy the data. + * It simply retains it for performance reasons. + * Often times, if NSMutableData is passed, it is because a request/response was built up in memory. + * Copying this data adds an unwanted/unneeded overhead. + * If you need to write data from an immutable buffer, and you need to alter the buffer before the socket + * completes sending the bytes (which is NOT immediately after this method returns, but rather at a later time + * when the delegate method notifies you), then you should first copy the bytes, and pass the copy to this method. +**/ +- (void)sendData:(NSData *)data + toHost:(NSString *)host + port:(uint16_t)port + withTimeout:(NSTimeInterval)timeout + tag:(long)tag; + +/** + * Asynchronously sends the given data, with the given timeout and tag, to the given address. + * + * This method cannot be used with a connected socket. + * Recall that connecting is optional for a UDP socket. + * For connected sockets, data can only be sent to the connected address. + * For non-connected sockets, the remote destination is specified for each packet. + * For more information about optionally connecting udp sockets, see the documentation for the connect methods above. + * + * @param data + * The data to send. + * If data is nil or zero-length, this method does nothing. + * If passing NSMutableData, please read the thread-safety notice below. + * + * @param remoteAddr + * The address to send the data to (specified as a sockaddr structure wrapped in a NSData object). + * + * @param timeout + * The timeout for the send opeartion. + * If the timeout value is negative, the send operation will not use a timeout. + * + * @param tag + * The tag is for your convenience. + * It is not sent or received over the socket in any manner what-so-ever. + * It is reported back as a parameter in the udpSocket:didSendDataWithTag: + * or udpSocket:didNotSendDataWithTag:dueToError: methods. + * You can use it as an array index, state id, type constant, etc. + * + * + * Thread-Safety Note: + * If the given data parameter is mutable (NSMutableData) then you MUST NOT alter the data while + * the socket is sending it. In other words, it's not safe to alter the data until after the delegate method + * udpSocket:didSendDataWithTag: or udpSocket:didNotSendDataWithTag:dueToError: is invoked signifying + * that this particular send operation has completed. + * This is due to the fact that GCDAsyncUdpSocket does NOT copy the data. + * It simply retains it for performance reasons. + * Often times, if NSMutableData is passed, it is because a request/response was built up in memory. + * Copying this data adds an unwanted/unneeded overhead. + * If you need to write data from an immutable buffer, and you need to alter the buffer before the socket + * completes sending the bytes (which is NOT immediately after this method returns, but rather at a later time + * when the delegate method notifies you), then you should first copy the bytes, and pass the copy to this method. +**/ +- (void)sendData:(NSData *)data toAddress:(NSData *)remoteAddr withTimeout:(NSTimeInterval)timeout tag:(long)tag; + +/** + * You may optionally set a send filter for the socket. + * A filter can provide several interesting possibilities: + * + * 1. Optional caching of resolved addresses for domain names. + * The cache could later be consulted, resulting in fewer system calls to getaddrinfo. + * + * 2. Reusable modules of code for bandwidth monitoring. + * + * 3. Sometimes traffic shapers are needed to simulate real world environments. + * A filter allows you to write custom code to simulate such environments. + * The ability to code this yourself is especially helpful when your simulated environment + * is more complicated than simple traffic shaping (e.g. simulating a cone port restricted router), + * or the system tools to handle this aren't available (e.g. on a mobile device). + * + * For more information about GCDAsyncUdpSocketSendFilterBlock, see the documentation for its typedef. + * To remove a previously set filter, invoke this method and pass a nil filterBlock and NULL filterQueue. + * + * Note: This method invokes setSendFilter:withQueue:isAsynchronous: (documented below), + * passing YES for the isAsynchronous parameter. +**/ +- (void)setSendFilter:(nullable GCDAsyncUdpSocketSendFilterBlock)filterBlock withQueue:(nullable dispatch_queue_t)filterQueue; + +/** + * The receive filter can be run via dispatch_async or dispatch_sync. + * Most typical situations call for asynchronous operation. + * + * However, there are a few situations in which synchronous operation is preferred. + * Such is the case when the filter is extremely minimal and fast. + * This is because dispatch_sync is faster than dispatch_async. + * + * If you choose synchronous operation, be aware of possible deadlock conditions. + * Since the socket queue is executing your block via dispatch_sync, + * then you cannot perform any tasks which may invoke dispatch_sync on the socket queue. + * For example, you can't query properties on the socket. +**/ +- (void)setSendFilter:(nullable GCDAsyncUdpSocketSendFilterBlock)filterBlock + withQueue:(nullable dispatch_queue_t)filterQueue + isAsynchronous:(BOOL)isAsynchronous; + +#pragma mark Receiving + +/** + * There are two modes of operation for receiving packets: one-at-a-time & continuous. + * + * In one-at-a-time mode, you call receiveOnce everytime your delegate is ready to process an incoming udp packet. + * Receiving packets one-at-a-time may be better suited for implementing certain state machine code, + * where your state machine may not always be ready to process incoming packets. + * + * In continuous mode, the delegate is invoked immediately everytime incoming udp packets are received. + * Receiving packets continuously is better suited to real-time streaming applications. + * + * You may switch back and forth between one-at-a-time mode and continuous mode. + * If the socket is currently in continuous mode, calling this method will switch it to one-at-a-time mode. + * + * When a packet is received (and not filtered by the optional receive filter), + * the delegate method (udpSocket:didReceiveData:fromAddress:withFilterContext:) is invoked. + * + * If the socket is able to begin receiving packets, this method returns YES. + * Otherwise it returns NO, and sets the errPtr with appropriate error information. + * + * An example error: + * You created a udp socket to act as a server, and immediately called receive. + * You forgot to first bind the socket to a port number, and received a error with a message like: + * "Must bind socket before you can receive data." +**/ +- (BOOL)receiveOnce:(NSError **)errPtr; + +/** + * There are two modes of operation for receiving packets: one-at-a-time & continuous. + * + * In one-at-a-time mode, you call receiveOnce everytime your delegate is ready to process an incoming udp packet. + * Receiving packets one-at-a-time may be better suited for implementing certain state machine code, + * where your state machine may not always be ready to process incoming packets. + * + * In continuous mode, the delegate is invoked immediately everytime incoming udp packets are received. + * Receiving packets continuously is better suited to real-time streaming applications. + * + * You may switch back and forth between one-at-a-time mode and continuous mode. + * If the socket is currently in one-at-a-time mode, calling this method will switch it to continuous mode. + * + * For every received packet (not filtered by the optional receive filter), + * the delegate method (udpSocket:didReceiveData:fromAddress:withFilterContext:) is invoked. + * + * If the socket is able to begin receiving packets, this method returns YES. + * Otherwise it returns NO, and sets the errPtr with appropriate error information. + * + * An example error: + * You created a udp socket to act as a server, and immediately called receive. + * You forgot to first bind the socket to a port number, and received a error with a message like: + * "Must bind socket before you can receive data." +**/ +- (BOOL)beginReceiving:(NSError **)errPtr; + +/** + * If the socket is currently receiving (beginReceiving has been called), this method pauses the receiving. + * That is, it won't read any more packets from the underlying OS socket until beginReceiving is called again. + * + * Important Note: + * GCDAsyncUdpSocket may be running in parallel with your code. + * That is, your delegate is likely running on a separate thread/dispatch_queue. + * When you invoke this method, GCDAsyncUdpSocket may have already dispatched delegate methods to be invoked. + * Thus, if those delegate methods have already been dispatch_async'd, + * your didReceive delegate method may still be invoked after this method has been called. + * You should be aware of this, and program defensively. +**/ +- (void)pauseReceiving; + +/** + * You may optionally set a receive filter for the socket. + * This receive filter may be set to run in its own queue (independent of delegate queue). + * + * A filter can provide several useful features. + * + * 1. Many times udp packets need to be parsed. + * Since the filter can run in its own independent queue, you can parallelize this parsing quite easily. + * The end result is a parallel socket io, datagram parsing, and packet processing. + * + * 2. Many times udp packets are discarded because they are duplicate/unneeded/unsolicited. + * The filter can prevent such packets from arriving at the delegate. + * And because the filter can run in its own independent queue, this doesn't slow down the delegate. + * + * - Since the udp protocol does not guarantee delivery, udp packets may be lost. + * Many protocols built atop udp thus provide various resend/re-request algorithms. + * This sometimes results in duplicate packets arriving. + * A filter may allow you to architect the duplicate detection code to run in parallel to normal processing. + * + * - Since the udp socket may be connectionless, its possible for unsolicited packets to arrive. + * Such packets need to be ignored. + * + * 3. Sometimes traffic shapers are needed to simulate real world environments. + * A filter allows you to write custom code to simulate such environments. + * The ability to code this yourself is especially helpful when your simulated environment + * is more complicated than simple traffic shaping (e.g. simulating a cone port restricted router), + * or the system tools to handle this aren't available (e.g. on a mobile device). + * + * Example: + * + * GCDAsyncUdpSocketReceiveFilterBlock filter = ^BOOL (NSData *data, NSData *address, id *context) { + * + * MyProtocolMessage *msg = [MyProtocol parseMessage:data]; + * + * *context = response; + * return (response != nil); + * }; + * [udpSocket setReceiveFilter:filter withQueue:myParsingQueue]; + * + * For more information about GCDAsyncUdpSocketReceiveFilterBlock, see the documentation for its typedef. + * To remove a previously set filter, invoke this method and pass a nil filterBlock and NULL filterQueue. + * + * Note: This method invokes setReceiveFilter:withQueue:isAsynchronous: (documented below), + * passing YES for the isAsynchronous parameter. +**/ +- (void)setReceiveFilter:(nullable GCDAsyncUdpSocketReceiveFilterBlock)filterBlock withQueue:(nullable dispatch_queue_t)filterQueue; + +/** + * The receive filter can be run via dispatch_async or dispatch_sync. + * Most typical situations call for asynchronous operation. + * + * However, there are a few situations in which synchronous operation is preferred. + * Such is the case when the filter is extremely minimal and fast. + * This is because dispatch_sync is faster than dispatch_async. + * + * If you choose synchronous operation, be aware of possible deadlock conditions. + * Since the socket queue is executing your block via dispatch_sync, + * then you cannot perform any tasks which may invoke dispatch_sync on the socket queue. + * For example, you can't query properties on the socket. +**/ +- (void)setReceiveFilter:(nullable GCDAsyncUdpSocketReceiveFilterBlock)filterBlock + withQueue:(nullable dispatch_queue_t)filterQueue + isAsynchronous:(BOOL)isAsynchronous; + +#pragma mark Closing + +/** + * Immediately closes the underlying socket. + * Any pending send operations are discarded. + * + * The GCDAsyncUdpSocket instance may optionally be used again. + * (it will setup/configure/use another unnderlying BSD socket). +**/ +- (void)close; + +/** + * Closes the underlying socket after all pending send operations have been sent. + * + * The GCDAsyncUdpSocket instance may optionally be used again. + * (it will setup/configure/use another unnderlying BSD socket). +**/ +- (void)closeAfterSending; + +#pragma mark Advanced +/** + * GCDAsyncSocket maintains thread safety by using an internal serial dispatch_queue. + * In most cases, the instance creates this queue itself. + * However, to allow for maximum flexibility, the internal queue may be passed in the init method. + * This allows for some advanced options such as controlling socket priority via target queues. + * However, when one begins to use target queues like this, they open the door to some specific deadlock issues. + * + * For example, imagine there are 2 queues: + * dispatch_queue_t socketQueue; + * dispatch_queue_t socketTargetQueue; + * + * If you do this (pseudo-code): + * socketQueue.targetQueue = socketTargetQueue; + * + * Then all socketQueue operations will actually get run on the given socketTargetQueue. + * This is fine and works great in most situations. + * But if you run code directly from within the socketTargetQueue that accesses the socket, + * you could potentially get deadlock. Imagine the following code: + * + * - (BOOL)socketHasSomething + * { + * __block BOOL result = NO; + * dispatch_block_t block = ^{ + * result = [self someInternalMethodToBeRunOnlyOnSocketQueue]; + * } + * if (is_executing_on_queue(socketQueue)) + * block(); + * else + * dispatch_sync(socketQueue, block); + * + * return result; + * } + * + * What happens if you call this method from the socketTargetQueue? The result is deadlock. + * This is because the GCD API offers no mechanism to discover a queue's targetQueue. + * Thus we have no idea if our socketQueue is configured with a targetQueue. + * If we had this information, we could easily avoid deadlock. + * But, since these API's are missing or unfeasible, you'll have to explicitly set it. + * + * IF you pass a socketQueue via the init method, + * AND you've configured the passed socketQueue with a targetQueue, + * THEN you should pass the end queue in the target hierarchy. + * + * For example, consider the following queue hierarchy: + * socketQueue -> ipQueue -> moduleQueue + * + * This example demonstrates priority shaping within some server. + * All incoming client connections from the same IP address are executed on the same target queue. + * And all connections for a particular module are executed on the same target queue. + * Thus, the priority of all networking for the entire module can be changed on the fly. + * Additionally, networking traffic from a single IP cannot monopolize the module. + * + * Here's how you would accomplish something like that: + * - (dispatch_queue_t)newSocketQueueForConnectionFromAddress:(NSData *)address onSocket:(GCDAsyncSocket *)sock + * { + * dispatch_queue_t socketQueue = dispatch_queue_create("", NULL); + * dispatch_queue_t ipQueue = [self ipQueueForAddress:address]; + * + * dispatch_set_target_queue(socketQueue, ipQueue); + * dispatch_set_target_queue(iqQueue, moduleQueue); + * + * return socketQueue; + * } + * - (void)socket:(GCDAsyncSocket *)sock didAcceptNewSocket:(GCDAsyncSocket *)newSocket + * { + * [clientConnections addObject:newSocket]; + * [newSocket markSocketQueueTargetQueue:moduleQueue]; + * } + * + * Note: This workaround is ONLY needed if you intend to execute code directly on the ipQueue or moduleQueue. + * This is often NOT the case, as such queues are used solely for execution shaping. + **/ +- (void)markSocketQueueTargetQueue:(dispatch_queue_t)socketQueuesPreConfiguredTargetQueue; +- (void)unmarkSocketQueueTargetQueue:(dispatch_queue_t)socketQueuesPreviouslyConfiguredTargetQueue; + +/** + * It's not thread-safe to access certain variables from outside the socket's internal queue. + * + * For example, the socket file descriptor. + * File descriptors are simply integers which reference an index in the per-process file table. + * However, when one requests a new file descriptor (by opening a file or socket), + * the file descriptor returned is guaranteed to be the lowest numbered unused descriptor. + * So if we're not careful, the following could be possible: + * + * - Thread A invokes a method which returns the socket's file descriptor. + * - The socket is closed via the socket's internal queue on thread B. + * - Thread C opens a file, and subsequently receives the file descriptor that was previously the socket's FD. + * - Thread A is now accessing/altering the file instead of the socket. + * + * In addition to this, other variables are not actually objects, + * and thus cannot be retained/released or even autoreleased. + * An example is the sslContext, of type SSLContextRef, which is actually a malloc'd struct. + * + * Although there are internal variables that make it difficult to maintain thread-safety, + * it is important to provide access to these variables + * to ensure this class can be used in a wide array of environments. + * This method helps to accomplish this by invoking the current block on the socket's internal queue. + * The methods below can be invoked from within the block to access + * those generally thread-unsafe internal variables in a thread-safe manner. + * The given block will be invoked synchronously on the socket's internal queue. + * + * If you save references to any protected variables and use them outside the block, you do so at your own peril. +**/ +- (void)performBlock:(dispatch_block_t)block; + +/** + * These methods are only available from within the context of a performBlock: invocation. + * See the documentation for the performBlock: method above. + * + * Provides access to the socket's file descriptor(s). + * If the socket isn't connected, or explicity bound to a particular interface, + * it might actually have multiple internal socket file descriptors - one for IPv4 and one for IPv6. +**/ +- (int)socketFD; +- (int)socket4FD; +- (int)socket6FD; + +#if TARGET_OS_IPHONE + +/** + * These methods are only available from within the context of a performBlock: invocation. + * See the documentation for the performBlock: method above. + * + * Returns (creating if necessary) a CFReadStream/CFWriteStream for the internal socket. + * + * Generally GCDAsyncUdpSocket doesn't use CFStream. (It uses the faster GCD API's.) + * However, if you need one for any reason, + * these methods are a convenient way to get access to a safe instance of one. +**/ +- (nullable CFReadStreamRef)readStream; +- (nullable CFWriteStreamRef)writeStream; + +/** + * This method is only available from within the context of a performBlock: invocation. + * See the documentation for the performBlock: method above. + * + * Configures the socket to allow it to operate when the iOS application has been backgrounded. + * In other words, this method creates a read & write stream, and invokes: + * + * CFReadStreamSetProperty(readStream, kCFStreamNetworkServiceType, kCFStreamNetworkServiceTypeVoIP); + * CFWriteStreamSetProperty(writeStream, kCFStreamNetworkServiceType, kCFStreamNetworkServiceTypeVoIP); + * + * Returns YES if successful, NO otherwise. + * + * Example usage: + * + * [asyncUdpSocket performBlock:^{ + * [asyncUdpSocket enableBackgroundingOnSocket]; + * }]; + * + * + * NOTE : Apple doesn't currently support backgrounding UDP sockets. (Only TCP for now). +**/ +//- (BOOL)enableBackgroundingOnSockets; + +#endif + +#pragma mark Utilities + +/** + * Extracting host/port/family information from raw address data. +**/ + ++ (nullable NSString *)hostFromAddress:(NSData *)address; ++ (uint16_t)portFromAddress:(NSData *)address; ++ (int)familyFromAddress:(NSData *)address; + ++ (BOOL)isIPv4Address:(NSData *)address; ++ (BOOL)isIPv6Address:(NSData *)address; + ++ (BOOL)getHost:(NSString * __nullable * __nullable)hostPtr port:(uint16_t * __nullable)portPtr fromAddress:(NSData *)address; ++ (BOOL)getHost:(NSString * __nullable * __nullable)hostPtr port:(uint16_t * __nullable)portPtr family:(int * __nullable)afPtr fromAddress:(NSData *)address; + +@end + +NS_ASSUME_NONNULL_END diff --git a/GlassVPN/robbiehanson-CocoaAsyncSocket/GCDAsyncUdpSocket.m b/GlassVPN/robbiehanson-CocoaAsyncSocket/GCDAsyncUdpSocket.m new file mode 100755 index 0000000..e297991 --- /dev/null +++ b/GlassVPN/robbiehanson-CocoaAsyncSocket/GCDAsyncUdpSocket.m @@ -0,0 +1,5517 @@ +// +// GCDAsyncUdpSocket +// +// This class is in the public domain. +// Originally created by Robbie Hanson of Deusty LLC. +// Updated and maintained by Deusty LLC and the Apple development community. +// +// https://github.com/robbiehanson/CocoaAsyncSocket +// + +#import "GCDAsyncUdpSocket.h" + +#if ! __has_feature(objc_arc) +#warning This file must be compiled with ARC. Use -fobjc-arc flag (or convert project to ARC). +// For more information see: https://github.com/robbiehanson/CocoaAsyncSocket/wiki/ARC +#endif + +#if TARGET_OS_IPHONE + #import + #import +#endif + +#import +#import +#import +#import +#import +#import +#import + + +#if 0 + +// Logging Enabled - See log level below + +// Logging uses the CocoaLumberjack framework (which is also GCD based). +// https://github.com/robbiehanson/CocoaLumberjack +// +// It allows us to do a lot of logging without significantly slowing down the code. +#import "DDLog.h" + +#define LogAsync NO +#define LogContext 65535 + +#define LogObjc(flg, frmt, ...) LOG_OBJC_MAYBE(LogAsync, logLevel, flg, LogContext, frmt, ##__VA_ARGS__) +#define LogC(flg, frmt, ...) LOG_C_MAYBE(LogAsync, logLevel, flg, LogContext, frmt, ##__VA_ARGS__) + +#define LogError(frmt, ...) LogObjc(LOG_FLAG_ERROR, (@"%@: " frmt), THIS_FILE, ##__VA_ARGS__) +#define LogWarn(frmt, ...) LogObjc(LOG_FLAG_WARN, (@"%@: " frmt), THIS_FILE, ##__VA_ARGS__) +#define LogInfo(frmt, ...) LogObjc(LOG_FLAG_INFO, (@"%@: " frmt), THIS_FILE, ##__VA_ARGS__) +#define LogVerbose(frmt, ...) LogObjc(LOG_FLAG_VERBOSE, (@"%@: " frmt), THIS_FILE, ##__VA_ARGS__) + +#define LogCError(frmt, ...) LogC(LOG_FLAG_ERROR, (@"%@: " frmt), THIS_FILE, ##__VA_ARGS__) +#define LogCWarn(frmt, ...) LogC(LOG_FLAG_WARN, (@"%@: " frmt), THIS_FILE, ##__VA_ARGS__) +#define LogCInfo(frmt, ...) LogC(LOG_FLAG_INFO, (@"%@: " frmt), THIS_FILE, ##__VA_ARGS__) +#define LogCVerbose(frmt, ...) LogC(LOG_FLAG_VERBOSE, (@"%@: " frmt), THIS_FILE, ##__VA_ARGS__) + +#define LogTrace() LogObjc(LOG_FLAG_VERBOSE, @"%@: %@", THIS_FILE, THIS_METHOD) +#define LogCTrace() LogC(LOG_FLAG_VERBOSE, @"%@: %s", THIS_FILE, __FUNCTION__) + +// Log levels : off, error, warn, info, verbose +static const int logLevel = LOG_LEVEL_VERBOSE; + +#else + +// Logging Disabled + +#define LogError(frmt, ...) {} +#define LogWarn(frmt, ...) {} +#define LogInfo(frmt, ...) {} +#define LogVerbose(frmt, ...) {} + +#define LogCError(frmt, ...) {} +#define LogCWarn(frmt, ...) {} +#define LogCInfo(frmt, ...) {} +#define LogCVerbose(frmt, ...) {} + +#define LogTrace() {} +#define LogCTrace(frmt, ...) {} + +#endif + +/** + * Seeing a return statements within an inner block + * can sometimes be mistaken for a return point of the enclosing method. + * This makes inline blocks a bit easier to read. +**/ +#define return_from_block return + +/** + * A socket file descriptor is really just an integer. + * It represents the index of the socket within the kernel. + * This makes invalid file descriptor comparisons easier to read. +**/ +#define SOCKET_NULL -1 + +/** + * Just to type less code. +**/ +#define AutoreleasedBlock(block) ^{ @autoreleasepool { block(); }} + + +@class GCDAsyncUdpSendPacket; + +NSString *const GCDAsyncUdpSocketException = @"GCDAsyncUdpSocketException"; +NSString *const GCDAsyncUdpSocketErrorDomain = @"GCDAsyncUdpSocketErrorDomain"; + +NSString *const GCDAsyncUdpSocketQueueName = @"GCDAsyncUdpSocket"; +NSString *const GCDAsyncUdpSocketThreadName = @"GCDAsyncUdpSocket-CFStream"; + +enum GCDAsyncUdpSocketFlags +{ + kDidCreateSockets = 1 << 0, // If set, the sockets have been created. + kDidBind = 1 << 1, // If set, bind has been called. + kConnecting = 1 << 2, // If set, a connection attempt is in progress. + kDidConnect = 1 << 3, // If set, socket is connected. + kReceiveOnce = 1 << 4, // If set, one-at-a-time receive is enabled + kReceiveContinuous = 1 << 5, // If set, continuous receive is enabled + kIPv4Deactivated = 1 << 6, // If set, socket4 was closed due to bind or connect on IPv6. + kIPv6Deactivated = 1 << 7, // If set, socket6 was closed due to bind or connect on IPv4. + kSend4SourceSuspended = 1 << 8, // If set, send4Source is suspended. + kSend6SourceSuspended = 1 << 9, // If set, send6Source is suspended. + kReceive4SourceSuspended = 1 << 10, // If set, receive4Source is suspended. + kReceive6SourceSuspended = 1 << 11, // If set, receive6Source is suspended. + kSock4CanAcceptBytes = 1 << 12, // If set, we know socket4 can accept bytes. If unset, it's unknown. + kSock6CanAcceptBytes = 1 << 13, // If set, we know socket6 can accept bytes. If unset, it's unknown. + kForbidSendReceive = 1 << 14, // If set, no new send or receive operations are allowed to be queued. + kCloseAfterSends = 1 << 15, // If set, close as soon as no more sends are queued. + kFlipFlop = 1 << 16, // Used to alternate between IPv4 and IPv6 sockets. +#if TARGET_OS_IPHONE + kAddedStreamListener = 1 << 17, // If set, CFStreams have been added to listener thread +#endif +}; + +enum GCDAsyncUdpSocketConfig +{ + kIPv4Disabled = 1 << 0, // If set, IPv4 is disabled + kIPv6Disabled = 1 << 1, // If set, IPv6 is disabled + kPreferIPv4 = 1 << 2, // If set, IPv4 is preferred over IPv6 + kPreferIPv6 = 1 << 3, // If set, IPv6 is preferred over IPv4 +}; + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark - +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +@interface GCDAsyncUdpSocket () +{ +#if __has_feature(objc_arc_weak) + __weak id delegate; +#else + __unsafe_unretained id delegate; +#endif + dispatch_queue_t delegateQueue; + + GCDAsyncUdpSocketReceiveFilterBlock receiveFilterBlock; + dispatch_queue_t receiveFilterQueue; + BOOL receiveFilterAsync; + + GCDAsyncUdpSocketSendFilterBlock sendFilterBlock; + dispatch_queue_t sendFilterQueue; + BOOL sendFilterAsync; + + uint32_t flags; + uint16_t config; + + uint16_t max4ReceiveSize; + uint32_t max6ReceiveSize; + + uint16_t maxSendSize; + + int socket4FD; + int socket6FD; + + dispatch_queue_t socketQueue; + + dispatch_source_t send4Source; + dispatch_source_t send6Source; + dispatch_source_t receive4Source; + dispatch_source_t receive6Source; + dispatch_source_t sendTimer; + + GCDAsyncUdpSendPacket *currentSend; + NSMutableArray *sendQueue; + + unsigned long socket4FDBytesAvailable; + unsigned long socket6FDBytesAvailable; + + uint32_t pendingFilterOperations; + + NSData *cachedLocalAddress4; + NSString *cachedLocalHost4; + uint16_t cachedLocalPort4; + + NSData *cachedLocalAddress6; + NSString *cachedLocalHost6; + uint16_t cachedLocalPort6; + + NSData *cachedConnectedAddress; + NSString *cachedConnectedHost; + uint16_t cachedConnectedPort; + int cachedConnectedFamily; + + void *IsOnSocketQueueOrTargetQueueKey; + +#if TARGET_OS_IPHONE + CFStreamClientContext streamContext; + CFReadStreamRef readStream4; + CFReadStreamRef readStream6; + CFWriteStreamRef writeStream4; + CFWriteStreamRef writeStream6; +#endif + + id userData; +} + +- (void)resumeSend4Source; +- (void)resumeSend6Source; +- (void)resumeReceive4Source; +- (void)resumeReceive6Source; +- (void)closeSockets; + +- (void)maybeConnect; +- (BOOL)connectWithAddress4:(NSData *)address4 error:(NSError **)errPtr; +- (BOOL)connectWithAddress6:(NSData *)address6 error:(NSError **)errPtr; + +- (void)maybeDequeueSend; +- (void)doPreSend; +- (void)doSend; +- (void)endCurrentSend; +- (void)setupSendTimerWithTimeout:(NSTimeInterval)timeout; + +- (void)doReceive; +- (void)doReceiveEOF; + +- (void)closeWithError:(NSError *)error; + +- (BOOL)performMulticastRequest:(int)requestType forGroup:(NSString *)group onInterface:(NSString *)interface error:(NSError **)errPtr; + +#if TARGET_OS_IPHONE +- (BOOL)createReadAndWriteStreams:(NSError **)errPtr; +- (BOOL)registerForStreamCallbacks:(NSError **)errPtr; +- (BOOL)addStreamsToRunLoop:(NSError **)errPtr; +- (BOOL)openStreams:(NSError **)errPtr; +- (void)removeStreamsFromRunLoop; +- (void)closeReadAndWriteStreams; +#endif + ++ (NSString *)hostFromSockaddr4:(const struct sockaddr_in *)pSockaddr4; ++ (NSString *)hostFromSockaddr6:(const struct sockaddr_in6 *)pSockaddr6; ++ (uint16_t)portFromSockaddr4:(const struct sockaddr_in *)pSockaddr4; ++ (uint16_t)portFromSockaddr6:(const struct sockaddr_in6 *)pSockaddr6; + +#if TARGET_OS_IPHONE +// Forward declaration ++ (void)listenerThread:(id)unused; +#endif + +@end + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark - +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +/** + * The GCDAsyncUdpSendPacket encompasses the instructions for a single send/write. +**/ +@interface GCDAsyncUdpSendPacket : NSObject { +@public + NSData *buffer; + NSTimeInterval timeout; + long tag; + + BOOL resolveInProgress; + BOOL filterInProgress; + + NSArray *resolvedAddresses; + NSError *resolveError; + + NSData *address; + int addressFamily; +} + +- (instancetype)initWithData:(NSData *)d timeout:(NSTimeInterval)t tag:(long)i NS_DESIGNATED_INITIALIZER; + +@end + +@implementation GCDAsyncUdpSendPacket + +// Cover the superclass' designated initializer +- (instancetype)init NS_UNAVAILABLE +{ + NSAssert(0, @"Use the designated initializer"); + return nil; +} + +- (instancetype)initWithData:(NSData *)d timeout:(NSTimeInterval)t tag:(long)i +{ + if ((self = [super init])) + { + buffer = d; + timeout = t; + tag = i; + + resolveInProgress = NO; + } + return self; +} + + +@end + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark - +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +@interface GCDAsyncUdpSpecialPacket : NSObject { +@public +// uint8_t type; + + BOOL resolveInProgress; + + NSArray *addresses; + NSError *error; +} + +- (instancetype)init NS_DESIGNATED_INITIALIZER; + +@end + +@implementation GCDAsyncUdpSpecialPacket + +- (instancetype)init +{ + self = [super init]; + return self; +} + + +@end + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark - +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +@implementation GCDAsyncUdpSocket + +- (instancetype)init +{ + LogTrace(); + + return [self initWithDelegate:nil delegateQueue:NULL socketQueue:NULL]; +} + +- (instancetype)initWithSocketQueue:(dispatch_queue_t)sq +{ + LogTrace(); + + return [self initWithDelegate:nil delegateQueue:NULL socketQueue:sq]; +} + +- (instancetype)initWithDelegate:(id)aDelegate delegateQueue:(dispatch_queue_t)dq +{ + LogTrace(); + + return [self initWithDelegate:aDelegate delegateQueue:dq socketQueue:NULL]; +} + +- (instancetype)initWithDelegate:(id)aDelegate delegateQueue:(dispatch_queue_t)dq socketQueue:(dispatch_queue_t)sq +{ + LogTrace(); + + if ((self = [super init])) + { + delegate = aDelegate; + + if (dq) + { + delegateQueue = dq; + #if !OS_OBJECT_USE_OBJC + dispatch_retain(delegateQueue); + #endif + } + + max4ReceiveSize = 65535; + max6ReceiveSize = 65535; + + maxSendSize = 65535; + + socket4FD = SOCKET_NULL; + socket6FD = SOCKET_NULL; + + if (sq) + { + NSAssert(sq != dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_LOW, 0), + @"The given socketQueue parameter must not be a concurrent queue."); + NSAssert(sq != dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_HIGH, 0), + @"The given socketQueue parameter must not be a concurrent queue."); + NSAssert(sq != dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0), + @"The given socketQueue parameter must not be a concurrent queue."); + + socketQueue = sq; + #if !OS_OBJECT_USE_OBJC + dispatch_retain(socketQueue); + #endif + } + else + { + socketQueue = dispatch_queue_create([GCDAsyncUdpSocketQueueName UTF8String], NULL); + } + + // The dispatch_queue_set_specific() and dispatch_get_specific() functions take a "void *key" parameter. + // From the documentation: + // + // > Keys are only compared as pointers and are never dereferenced. + // > Thus, you can use a pointer to a static variable for a specific subsystem or + // > any other value that allows you to identify the value uniquely. + // + // We're just going to use the memory address of an ivar. + // Specifically an ivar that is explicitly named for our purpose to make the code more readable. + // + // However, it feels tedious (and less readable) to include the "&" all the time: + // dispatch_get_specific(&IsOnSocketQueueOrTargetQueueKey) + // + // So we're going to make it so it doesn't matter if we use the '&' or not, + // by assigning the value of the ivar to the address of the ivar. + // Thus: IsOnSocketQueueOrTargetQueueKey == &IsOnSocketQueueOrTargetQueueKey; + + IsOnSocketQueueOrTargetQueueKey = &IsOnSocketQueueOrTargetQueueKey; + + void *nonNullUnusedPointer = (__bridge void *)self; + dispatch_queue_set_specific(socketQueue, IsOnSocketQueueOrTargetQueueKey, nonNullUnusedPointer, NULL); + + currentSend = nil; + sendQueue = [[NSMutableArray alloc] initWithCapacity:5]; + + #if TARGET_OS_IPHONE + [[NSNotificationCenter defaultCenter] addObserver:self + selector:@selector(applicationWillEnterForeground:) + name:UIApplicationWillEnterForegroundNotification + object:nil]; + #endif + } + return self; +} + +- (void)dealloc +{ + LogInfo(@"%@ - %@ (start)", THIS_METHOD, self); + +#if TARGET_OS_IPHONE + [[NSNotificationCenter defaultCenter] removeObserver:self]; +#endif + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + [self closeWithError:nil]; + } + else + { + dispatch_sync(socketQueue, ^{ + [self closeWithError:nil]; + }); + } + + delegate = nil; + #if !OS_OBJECT_USE_OBJC + if (delegateQueue) dispatch_release(delegateQueue); + #endif + delegateQueue = NULL; + + #if !OS_OBJECT_USE_OBJC + if (socketQueue) dispatch_release(socketQueue); + #endif + socketQueue = NULL; + + LogInfo(@"%@ - %@ (finish)", THIS_METHOD, self); +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Configuration +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +- (id)delegate +{ + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + return delegate; + } + else + { + __block id result = nil; + + dispatch_sync(socketQueue, ^{ + result = self->delegate; + }); + + return result; + } +} + +- (void)setDelegate:(id)newDelegate synchronously:(BOOL)synchronously +{ + dispatch_block_t block = ^{ + self->delegate = newDelegate; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) { + block(); + } + else { + if (synchronously) + dispatch_sync(socketQueue, block); + else + dispatch_async(socketQueue, block); + } +} + +- (void)setDelegate:(id)newDelegate +{ + [self setDelegate:newDelegate synchronously:NO]; +} + +- (void)synchronouslySetDelegate:(id)newDelegate +{ + [self setDelegate:newDelegate synchronously:YES]; +} + +- (dispatch_queue_t)delegateQueue +{ + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + return delegateQueue; + } + else + { + __block dispatch_queue_t result = NULL; + + dispatch_sync(socketQueue, ^{ + result = self->delegateQueue; + }); + + return result; + } +} + +- (void)setDelegateQueue:(dispatch_queue_t)newDelegateQueue synchronously:(BOOL)synchronously +{ + dispatch_block_t block = ^{ + + #if !OS_OBJECT_USE_OBJC + if (self->delegateQueue) dispatch_release(self->delegateQueue); + if (newDelegateQueue) dispatch_retain(newDelegateQueue); + #endif + + self->delegateQueue = newDelegateQueue; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) { + block(); + } + else { + if (synchronously) + dispatch_sync(socketQueue, block); + else + dispatch_async(socketQueue, block); + } +} + +- (void)setDelegateQueue:(dispatch_queue_t)newDelegateQueue +{ + [self setDelegateQueue:newDelegateQueue synchronously:NO]; +} + +- (void)synchronouslySetDelegateQueue:(dispatch_queue_t)newDelegateQueue +{ + [self setDelegateQueue:newDelegateQueue synchronously:YES]; +} + +- (void)getDelegate:(id *)delegatePtr delegateQueue:(dispatch_queue_t *)delegateQueuePtr +{ + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + if (delegatePtr) *delegatePtr = delegate; + if (delegateQueuePtr) *delegateQueuePtr = delegateQueue; + } + else + { + __block id dPtr = NULL; + __block dispatch_queue_t dqPtr = NULL; + + dispatch_sync(socketQueue, ^{ + dPtr = self->delegate; + dqPtr = self->delegateQueue; + }); + + if (delegatePtr) *delegatePtr = dPtr; + if (delegateQueuePtr) *delegateQueuePtr = dqPtr; + } +} + +- (void)setDelegate:(id)newDelegate delegateQueue:(dispatch_queue_t)newDelegateQueue synchronously:(BOOL)synchronously +{ + dispatch_block_t block = ^{ + + self->delegate = newDelegate; + + #if !OS_OBJECT_USE_OBJC + if (self->delegateQueue) dispatch_release(self->delegateQueue); + if (newDelegateQueue) dispatch_retain(newDelegateQueue); + #endif + + self->delegateQueue = newDelegateQueue; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) { + block(); + } + else { + if (synchronously) + dispatch_sync(socketQueue, block); + else + dispatch_async(socketQueue, block); + } +} + +- (void)setDelegate:(id)newDelegate delegateQueue:(dispatch_queue_t)newDelegateQueue +{ + [self setDelegate:newDelegate delegateQueue:newDelegateQueue synchronously:NO]; +} + +- (void)synchronouslySetDelegate:(id)newDelegate delegateQueue:(dispatch_queue_t)newDelegateQueue +{ + [self setDelegate:newDelegate delegateQueue:newDelegateQueue synchronously:YES]; +} + +- (BOOL)isIPv4Enabled +{ + // Note: YES means kIPv4Disabled is OFF + + __block BOOL result = NO; + + dispatch_block_t block = ^{ + + result = ((self->config & kIPv4Disabled) == 0); + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + return result; +} + +- (void)setIPv4Enabled:(BOOL)flag +{ + // Note: YES means kIPv4Disabled is OFF + + dispatch_block_t block = ^{ + + LogVerbose(@"%@ %@", THIS_METHOD, (flag ? @"YES" : @"NO")); + + if (flag) + self->config &= ~kIPv4Disabled; + else + self->config |= kIPv4Disabled; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_async(socketQueue, block); +} + +- (BOOL)isIPv6Enabled +{ + // Note: YES means kIPv6Disabled is OFF + + __block BOOL result = NO; + + dispatch_block_t block = ^{ + + result = ((self->config & kIPv6Disabled) == 0); + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + return result; +} + +- (void)setIPv6Enabled:(BOOL)flag +{ + // Note: YES means kIPv6Disabled is OFF + + dispatch_block_t block = ^{ + + LogVerbose(@"%@ %@", THIS_METHOD, (flag ? @"YES" : @"NO")); + + if (flag) + self->config &= ~kIPv6Disabled; + else + self->config |= kIPv6Disabled; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_async(socketQueue, block); +} + +- (BOOL)isIPv4Preferred +{ + __block BOOL result = NO; + + dispatch_block_t block = ^{ + result = (self->config & kPreferIPv4) ? YES : NO; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + return result; +} + +- (BOOL)isIPv6Preferred +{ + __block BOOL result = NO; + + dispatch_block_t block = ^{ + result = (self->config & kPreferIPv6) ? YES : NO; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + return result; +} + +- (BOOL)isIPVersionNeutral +{ + __block BOOL result = NO; + + dispatch_block_t block = ^{ + result = (self->config & (kPreferIPv4 | kPreferIPv6)) == 0; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + return result; +} + +- (void)setPreferIPv4 +{ + dispatch_block_t block = ^{ + + LogTrace(); + + self->config |= kPreferIPv4; + self->config &= ~kPreferIPv6; + + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_async(socketQueue, block); +} + +- (void)setPreferIPv6 +{ + dispatch_block_t block = ^{ + + LogTrace(); + + self->config &= ~kPreferIPv4; + self->config |= kPreferIPv6; + + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_async(socketQueue, block); +} + +- (void)setIPVersionNeutral +{ + dispatch_block_t block = ^{ + + LogTrace(); + + self->config &= ~kPreferIPv4; + self->config &= ~kPreferIPv6; + + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_async(socketQueue, block); +} + +- (uint16_t)maxReceiveIPv4BufferSize +{ + __block uint16_t result = 0; + + dispatch_block_t block = ^{ + + result = self->max4ReceiveSize; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + return result; +} + +- (void)setMaxReceiveIPv4BufferSize:(uint16_t)max +{ + dispatch_block_t block = ^{ + + LogVerbose(@"%@ %u", THIS_METHOD, (unsigned)max); + + self->max4ReceiveSize = max; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_async(socketQueue, block); +} + +- (uint32_t)maxReceiveIPv6BufferSize +{ + __block uint32_t result = 0; + + dispatch_block_t block = ^{ + + result = self->max6ReceiveSize; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + return result; +} + +- (void)setMaxReceiveIPv6BufferSize:(uint32_t)max +{ + dispatch_block_t block = ^{ + + LogVerbose(@"%@ %u", THIS_METHOD, (unsigned)max); + + self->max6ReceiveSize = max; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_async(socketQueue, block); +} + +- (void)setMaxSendBufferSize:(uint16_t)max +{ + dispatch_block_t block = ^{ + + LogVerbose(@"%@ %u", THIS_METHOD, (unsigned)max); + + self->maxSendSize = max; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_async(socketQueue, block); +} + +- (uint16_t)maxSendBufferSize +{ + __block uint16_t result = 0; + + dispatch_block_t block = ^{ + + result = self->maxSendSize; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + return result; +} + +- (id)userData +{ + __block id result = nil; + + dispatch_block_t block = ^{ + + result = self->userData; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + return result; +} + +- (void)setUserData:(id)arbitraryUserData +{ + dispatch_block_t block = ^{ + + if (self->userData != arbitraryUserData) + { + self->userData = arbitraryUserData; + } + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_async(socketQueue, block); +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Delegate Helpers +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +- (void)notifyDidConnectToAddress:(NSData *)anAddress +{ + LogTrace(); + + __strong id theDelegate = delegate; + if (delegateQueue && [theDelegate respondsToSelector:@selector(udpSocket:didConnectToAddress:)]) + { + NSData *address = [anAddress copy]; // In case param is NSMutableData + + dispatch_async(delegateQueue, ^{ @autoreleasepool { + + [theDelegate udpSocket:self didConnectToAddress:address]; + }}); + } +} + +- (void)notifyDidNotConnect:(NSError *)error +{ + LogTrace(); + + __strong id theDelegate = delegate; + if (delegateQueue && [theDelegate respondsToSelector:@selector(udpSocket:didNotConnect:)]) + { + dispatch_async(delegateQueue, ^{ @autoreleasepool { + + [theDelegate udpSocket:self didNotConnect:error]; + }}); + } +} + +- (void)notifyDidSendDataWithTag:(long)tag +{ + LogTrace(); + + __strong id theDelegate = delegate; + if (delegateQueue && [theDelegate respondsToSelector:@selector(udpSocket:didSendDataWithTag:)]) + { + dispatch_async(delegateQueue, ^{ @autoreleasepool { + + [theDelegate udpSocket:self didSendDataWithTag:tag]; + }}); + } +} + +- (void)notifyDidNotSendDataWithTag:(long)tag dueToError:(NSError *)error +{ + LogTrace(); + + __strong id theDelegate = delegate; + if (delegateQueue && [theDelegate respondsToSelector:@selector(udpSocket:didNotSendDataWithTag:dueToError:)]) + { + dispatch_async(delegateQueue, ^{ @autoreleasepool { + + [theDelegate udpSocket:self didNotSendDataWithTag:tag dueToError:error]; + }}); + } +} + +- (void)notifyDidReceiveData:(NSData *)data fromAddress:(NSData *)address withFilterContext:(id)context +{ + LogTrace(); + + SEL selector = @selector(udpSocket:didReceiveData:fromAddress:withFilterContext:); + + __strong id theDelegate = delegate; + if (delegateQueue && [theDelegate respondsToSelector:selector]) + { + dispatch_async(delegateQueue, ^{ @autoreleasepool { + + [theDelegate udpSocket:self didReceiveData:data fromAddress:address withFilterContext:context]; + }}); + } +} + +- (void)notifyDidCloseWithError:(NSError *)error +{ + LogTrace(); + + __strong id theDelegate = delegate; + if (delegateQueue && [theDelegate respondsToSelector:@selector(udpSocketDidClose:withError:)]) + { + dispatch_async(delegateQueue, ^{ @autoreleasepool { + + [theDelegate udpSocketDidClose:self withError:error]; + }}); + } +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Errors +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +- (NSError *)badConfigError:(NSString *)errMsg +{ + NSDictionary *userInfo = @{NSLocalizedDescriptionKey : errMsg}; + + return [NSError errorWithDomain:GCDAsyncUdpSocketErrorDomain + code:GCDAsyncUdpSocketBadConfigError + userInfo:userInfo]; +} + +- (NSError *)badParamError:(NSString *)errMsg +{ + NSDictionary *userInfo = @{NSLocalizedDescriptionKey : errMsg}; + + return [NSError errorWithDomain:GCDAsyncUdpSocketErrorDomain + code:GCDAsyncUdpSocketBadParamError + userInfo:userInfo]; +} + +- (NSError *)gaiError:(int)gai_error +{ + NSString *errMsg = [NSString stringWithCString:gai_strerror(gai_error) encoding:NSASCIIStringEncoding]; + NSDictionary *userInfo = @{NSLocalizedDescriptionKey : errMsg}; + + return [NSError errorWithDomain:@"kCFStreamErrorDomainNetDB" code:gai_error userInfo:userInfo]; +} + +- (NSError *)errnoErrorWithReason:(NSString *)reason +{ + NSString *errMsg = [NSString stringWithUTF8String:strerror(errno)]; + NSDictionary *userInfo; + + if (reason) + userInfo = @{NSLocalizedDescriptionKey : errMsg, + NSLocalizedFailureReasonErrorKey : reason}; + else + userInfo = @{NSLocalizedDescriptionKey : errMsg}; + + return [NSError errorWithDomain:NSPOSIXErrorDomain code:errno userInfo:userInfo]; +} + +- (NSError *)errnoError +{ + return [self errnoErrorWithReason:nil]; +} + +/** + * Returns a standard send timeout error. +**/ +- (NSError *)sendTimeoutError +{ + NSString *errMsg = NSLocalizedStringWithDefaultValue(@"GCDAsyncUdpSocketSendTimeoutError", + @"GCDAsyncUdpSocket", [NSBundle mainBundle], + @"Send operation timed out", nil); + + NSDictionary *userInfo = @{NSLocalizedDescriptionKey : errMsg}; + + return [NSError errorWithDomain:GCDAsyncUdpSocketErrorDomain + code:GCDAsyncUdpSocketSendTimeoutError + userInfo:userInfo]; +} + +- (NSError *)socketClosedError +{ + NSString *errMsg = NSLocalizedStringWithDefaultValue(@"GCDAsyncUdpSocketClosedError", + @"GCDAsyncUdpSocket", [NSBundle mainBundle], + @"Socket closed", nil); + + NSDictionary *userInfo = @{NSLocalizedDescriptionKey : errMsg}; + + return [NSError errorWithDomain:GCDAsyncUdpSocketErrorDomain code:GCDAsyncUdpSocketClosedError userInfo:userInfo]; +} + +- (NSError *)otherError:(NSString *)errMsg +{ + NSDictionary *userInfo = @{NSLocalizedDescriptionKey : errMsg}; + + return [NSError errorWithDomain:GCDAsyncUdpSocketErrorDomain + code:GCDAsyncUdpSocketOtherError + userInfo:userInfo]; +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Utilities +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +- (BOOL)preOp:(NSError **)errPtr +{ + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + if (delegate == nil) // Must have delegate set + { + if (errPtr) + { + NSString *msg = @"Attempting to use socket without a delegate. Set a delegate first."; + *errPtr = [self badConfigError:msg]; + } + return NO; + } + + if (delegateQueue == NULL) // Must have delegate queue set + { + if (errPtr) + { + NSString *msg = @"Attempting to use socket without a delegate queue. Set a delegate queue first."; + *errPtr = [self badConfigError:msg]; + } + return NO; + } + + return YES; +} + +/** + * This method executes on a global concurrent queue. + * When complete, it executes the given completion block on the socketQueue. +**/ +- (void)asyncResolveHost:(NSString *)aHost + port:(uint16_t)port + withCompletionBlock:(void (^)(NSArray *addresses, NSError *error))completionBlock +{ + LogTrace(); + + // Check parameter(s) + + if (aHost == nil) + { + NSString *msg = @"The host param is nil. Should be domain name or IP address string."; + NSError *error = [self badParamError:msg]; + + // We should still use dispatch_async since this method is expected to be asynchronous + + dispatch_async(socketQueue, ^{ @autoreleasepool { + + completionBlock(nil, error); + }}); + + return; + } + + // It's possible that the given aHost parameter is actually a NSMutableString. + // So we want to copy it now, within this block that will be executed synchronously. + // This way the asynchronous lookup block below doesn't have to worry about it changing. + + NSString *host = [aHost copy]; + + + dispatch_queue_t globalConcurrentQueue = dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0); + dispatch_async(globalConcurrentQueue, ^{ @autoreleasepool { + + NSMutableArray *addresses = [NSMutableArray arrayWithCapacity:2]; + NSError *error = nil; + + if ([host isEqualToString:@"localhost"] || [host isEqualToString:@"loopback"]) + { + // Use LOOPBACK address + struct sockaddr_in sockaddr4; + memset(&sockaddr4, 0, sizeof(sockaddr4)); + + sockaddr4.sin_len = sizeof(struct sockaddr_in); + sockaddr4.sin_family = AF_INET; + sockaddr4.sin_port = htons(port); + sockaddr4.sin_addr.s_addr = htonl(INADDR_LOOPBACK); + + struct sockaddr_in6 sockaddr6; + memset(&sockaddr6, 0, sizeof(sockaddr6)); + + sockaddr6.sin6_len = sizeof(struct sockaddr_in6); + sockaddr6.sin6_family = AF_INET6; + sockaddr6.sin6_port = htons(port); + sockaddr6.sin6_addr = in6addr_loopback; + + // Wrap the native address structures and add to list + [addresses addObject:[NSData dataWithBytes:&sockaddr4 length:sizeof(sockaddr4)]]; + [addresses addObject:[NSData dataWithBytes:&sockaddr6 length:sizeof(sockaddr6)]]; + } + else + { + NSString *portStr = [NSString stringWithFormat:@"%hu", port]; + + struct addrinfo hints, *res, *res0; + + memset(&hints, 0, sizeof(hints)); + hints.ai_family = PF_UNSPEC; + hints.ai_socktype = SOCK_DGRAM; + hints.ai_protocol = IPPROTO_UDP; + + int gai_error = getaddrinfo([host UTF8String], [portStr UTF8String], &hints, &res0); + + if (gai_error) + { + error = [self gaiError:gai_error]; + } + else + { + for(res = res0; res; res = res->ai_next) + { + if (res->ai_family == AF_INET) + { + // Found IPv4 address + // Wrap the native address structure and add to list + + [addresses addObject:[NSData dataWithBytes:res->ai_addr length:res->ai_addrlen]]; + } + else if (res->ai_family == AF_INET6) + { + + // Fixes connection issues with IPv6, it is the same solution for udp socket. + // https://github.com/robbiehanson/CocoaAsyncSocket/issues/429#issuecomment-222477158 + struct sockaddr_in6 *sockaddr = (struct sockaddr_in6 *)(void *)res->ai_addr; + in_port_t *portPtr = &sockaddr->sin6_port; + if ((portPtr != NULL) && (*portPtr == 0)) { + *portPtr = htons(port); + } + + // Found IPv6 address + // Wrap the native address structure and add to list + [addresses addObject:[NSData dataWithBytes:res->ai_addr length:res->ai_addrlen]]; + } + } + freeaddrinfo(res0); + + if ([addresses count] == 0) + { + error = [self gaiError:EAI_FAIL]; + } + } + } + + dispatch_async(self->socketQueue, ^{ @autoreleasepool { + + completionBlock(addresses, error); + }}); + + }}); +} + +/** + * This method picks an address from the given list of addresses. + * The address picked depends upon which protocols are disabled, deactived, & preferred. + * + * Returns the address family (AF_INET or AF_INET6) of the picked address, + * or AF_UNSPEC and the corresponding error is there's a problem. +**/ +- (int)getAddress:(NSData **)addressPtr error:(NSError **)errorPtr fromAddresses:(NSArray *)addresses +{ + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + NSAssert([addresses count] > 0, @"Expected at least one address"); + + int resultAF = AF_UNSPEC; + NSData *resultAddress = nil; + NSError *resultError = nil; + + // Check for problems + + BOOL resolvedIPv4Address = NO; + BOOL resolvedIPv6Address = NO; + + for (NSData *address in addresses) + { + switch ([[self class] familyFromAddress:address]) + { + case AF_INET : resolvedIPv4Address = YES; break; + case AF_INET6 : resolvedIPv6Address = YES; break; + + default : NSAssert(NO, @"Addresses array contains invalid address"); + } + } + + BOOL isIPv4Disabled = (config & kIPv4Disabled) ? YES : NO; + BOOL isIPv6Disabled = (config & kIPv6Disabled) ? YES : NO; + + if (isIPv4Disabled && !resolvedIPv6Address) + { + NSString *msg = @"IPv4 has been disabled and DNS lookup found no IPv6 address(es)."; + resultError = [self otherError:msg]; + + if (addressPtr) *addressPtr = resultAddress; + if (errorPtr) *errorPtr = resultError; + + return resultAF; + } + + if (isIPv6Disabled && !resolvedIPv4Address) + { + NSString *msg = @"IPv6 has been disabled and DNS lookup found no IPv4 address(es)."; + resultError = [self otherError:msg]; + + if (addressPtr) *addressPtr = resultAddress; + if (errorPtr) *errorPtr = resultError; + + return resultAF; + } + + BOOL isIPv4Deactivated = (flags & kIPv4Deactivated) ? YES : NO; + BOOL isIPv6Deactivated = (flags & kIPv6Deactivated) ? YES : NO; + + if (isIPv4Deactivated && !resolvedIPv6Address) + { + NSString *msg = @"IPv4 has been deactivated due to bind/connect, and DNS lookup found no IPv6 address(es)."; + resultError = [self otherError:msg]; + + if (addressPtr) *addressPtr = resultAddress; + if (errorPtr) *errorPtr = resultError; + + return resultAF; + } + + if (isIPv6Deactivated && !resolvedIPv4Address) + { + NSString *msg = @"IPv6 has been deactivated due to bind/connect, and DNS lookup found no IPv4 address(es)."; + resultError = [self otherError:msg]; + + if (addressPtr) *addressPtr = resultAddress; + if (errorPtr) *errorPtr = resultError; + + return resultAF; + } + + // Extract first IPv4 and IPv6 address in list + + BOOL ipv4WasFirstInList = YES; + NSData *address4 = nil; + NSData *address6 = nil; + + for (NSData *address in addresses) + { + int af = [[self class] familyFromAddress:address]; + + if (af == AF_INET) + { + if (address4 == nil) + { + address4 = address; + + if (address6) + break; + else + ipv4WasFirstInList = YES; + } + } + else // af == AF_INET6 + { + if (address6 == nil) + { + address6 = address; + + if (address4) + break; + else + ipv4WasFirstInList = NO; + } + } + } + + // Determine socket type + + BOOL preferIPv4 = (config & kPreferIPv4) ? YES : NO; + BOOL preferIPv6 = (config & kPreferIPv6) ? YES : NO; + + BOOL useIPv4 = ((preferIPv4 && address4) || (address6 == nil)); + BOOL useIPv6 = ((preferIPv6 && address6) || (address4 == nil)); + + NSAssert(!(preferIPv4 && preferIPv6), @"Invalid config state"); + NSAssert(!(useIPv4 && useIPv6), @"Invalid logic"); + + if (useIPv4 || (!useIPv6 && ipv4WasFirstInList)) + { + resultAF = AF_INET; + resultAddress = address4; + } + else + { + resultAF = AF_INET6; + resultAddress = address6; + } + + if (addressPtr) *addressPtr = resultAddress; + if (errorPtr) *errorPtr = resultError; + + return resultAF; +} + +/** + * Finds the address(es) of an interface description. + * An inteface description may be an interface name (en0, en1, lo0) or corresponding IP (192.168.4.34). +**/ +- (void)convertIntefaceDescription:(NSString *)interfaceDescription + port:(uint16_t)port + intoAddress4:(NSData **)interfaceAddr4Ptr + address6:(NSData **)interfaceAddr6Ptr +{ + NSData *addr4 = nil; + NSData *addr6 = nil; + + if (interfaceDescription == nil) + { + // ANY address + + struct sockaddr_in sockaddr4; + memset(&sockaddr4, 0, sizeof(sockaddr4)); + + sockaddr4.sin_len = sizeof(sockaddr4); + sockaddr4.sin_family = AF_INET; + sockaddr4.sin_port = htons(port); + sockaddr4.sin_addr.s_addr = htonl(INADDR_ANY); + + struct sockaddr_in6 sockaddr6; + memset(&sockaddr6, 0, sizeof(sockaddr6)); + + sockaddr6.sin6_len = sizeof(sockaddr6); + sockaddr6.sin6_family = AF_INET6; + sockaddr6.sin6_port = htons(port); + sockaddr6.sin6_addr = in6addr_any; + + addr4 = [NSData dataWithBytes:&sockaddr4 length:sizeof(sockaddr4)]; + addr6 = [NSData dataWithBytes:&sockaddr6 length:sizeof(sockaddr6)]; + } + else if ([interfaceDescription isEqualToString:@"localhost"] || + [interfaceDescription isEqualToString:@"loopback"]) + { + // LOOPBACK address + + struct sockaddr_in sockaddr4; + memset(&sockaddr4, 0, sizeof(sockaddr4)); + + sockaddr4.sin_len = sizeof(struct sockaddr_in); + sockaddr4.sin_family = AF_INET; + sockaddr4.sin_port = htons(port); + sockaddr4.sin_addr.s_addr = htonl(INADDR_LOOPBACK); + + struct sockaddr_in6 sockaddr6; + memset(&sockaddr6, 0, sizeof(sockaddr6)); + + sockaddr6.sin6_len = sizeof(struct sockaddr_in6); + sockaddr6.sin6_family = AF_INET6; + sockaddr6.sin6_port = htons(port); + sockaddr6.sin6_addr = in6addr_loopback; + + addr4 = [NSData dataWithBytes:&sockaddr4 length:sizeof(sockaddr4)]; + addr6 = [NSData dataWithBytes:&sockaddr6 length:sizeof(sockaddr6)]; + } + else + { + const char *iface = [interfaceDescription UTF8String]; + + struct ifaddrs *addrs; + const struct ifaddrs *cursor; + + if ((getifaddrs(&addrs) == 0)) + { + cursor = addrs; + while (cursor != NULL) + { + if ((addr4 == nil) && (cursor->ifa_addr->sa_family == AF_INET)) + { + // IPv4 + + struct sockaddr_in *addr = (struct sockaddr_in *)(void *)cursor->ifa_addr; + + if (strcmp(cursor->ifa_name, iface) == 0) + { + // Name match + + struct sockaddr_in nativeAddr4 = *addr; + nativeAddr4.sin_port = htons(port); + + addr4 = [NSData dataWithBytes:&nativeAddr4 length:sizeof(nativeAddr4)]; + } + else + { + char ip[INET_ADDRSTRLEN]; + + const char *conversion; + conversion = inet_ntop(AF_INET, &addr->sin_addr, ip, sizeof(ip)); + + if ((conversion != NULL) && (strcmp(ip, iface) == 0)) + { + // IP match + + struct sockaddr_in nativeAddr4 = *addr; + nativeAddr4.sin_port = htons(port); + + addr4 = [NSData dataWithBytes:&nativeAddr4 length:sizeof(nativeAddr4)]; + } + } + } + else if ((addr6 == nil) && (cursor->ifa_addr->sa_family == AF_INET6)) + { + // IPv6 + + const struct sockaddr_in6 *addr = (const struct sockaddr_in6 *)(const void *)cursor->ifa_addr; + + if (strcmp(cursor->ifa_name, iface) == 0) + { + // Name match + + struct sockaddr_in6 nativeAddr6 = *addr; + nativeAddr6.sin6_port = htons(port); + + addr6 = [NSData dataWithBytes:&nativeAddr6 length:sizeof(nativeAddr6)]; + } + else + { + char ip[INET6_ADDRSTRLEN]; + + const char *conversion; + conversion = inet_ntop(AF_INET6, &addr->sin6_addr, ip, sizeof(ip)); + + if ((conversion != NULL) && (strcmp(ip, iface) == 0)) + { + // IP match + + struct sockaddr_in6 nativeAddr6 = *addr; + nativeAddr6.sin6_port = htons(port); + + addr6 = [NSData dataWithBytes:&nativeAddr6 length:sizeof(nativeAddr6)]; + } + } + } + + cursor = cursor->ifa_next; + } + + freeifaddrs(addrs); + } + } + + if (interfaceAddr4Ptr) *interfaceAddr4Ptr = addr4; + if (interfaceAddr6Ptr) *interfaceAddr6Ptr = addr6; +} + +/** + * Converts a numeric hostname into its corresponding address. + * The hostname is expected to be an IPv4 or IPv6 address represented as a human-readable string. (e.g. 192.168.4.34) +**/ +- (void)convertNumericHost:(NSString *)numericHost + port:(uint16_t)port + intoAddress4:(NSData **)addr4Ptr + address6:(NSData **)addr6Ptr +{ + NSData *addr4 = nil; + NSData *addr6 = nil; + + if (numericHost) + { + NSString *portStr = [NSString stringWithFormat:@"%hu", port]; + + struct addrinfo hints, *res, *res0; + + memset(&hints, 0, sizeof(hints)); + hints.ai_family = PF_UNSPEC; + hints.ai_socktype = SOCK_DGRAM; + hints.ai_protocol = IPPROTO_UDP; + hints.ai_flags = AI_NUMERICHOST; // No name resolution should be attempted + + if (getaddrinfo([numericHost UTF8String], [portStr UTF8String], &hints, &res0) == 0) + { + for (res = res0; res; res = res->ai_next) + { + if ((addr4 == nil) && (res->ai_family == AF_INET)) + { + // Found IPv4 address + // Wrap the native address structure + addr4 = [NSData dataWithBytes:res->ai_addr length:res->ai_addrlen]; + } + else if ((addr6 == nil) && (res->ai_family == AF_INET6)) + { + // Found IPv6 address + // Wrap the native address structure + addr6 = [NSData dataWithBytes:res->ai_addr length:res->ai_addrlen]; + } + } + freeaddrinfo(res0); + } + } + + if (addr4Ptr) *addr4Ptr = addr4; + if (addr6Ptr) *addr6Ptr = addr6; +} + +- (BOOL)isConnectedToAddress4:(NSData *)someAddr4 +{ + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + NSAssert(flags & kDidConnect, @"Not connected"); + NSAssert(cachedConnectedAddress, @"Expected cached connected address"); + + if (cachedConnectedFamily != AF_INET) + { + return NO; + } + + const struct sockaddr_in *sSockaddr4 = (const struct sockaddr_in *)[someAddr4 bytes]; + const struct sockaddr_in *cSockaddr4 = (const struct sockaddr_in *)[cachedConnectedAddress bytes]; + + if (memcmp(&sSockaddr4->sin_addr, &cSockaddr4->sin_addr, sizeof(struct in_addr)) != 0) + { + return NO; + } + if (memcmp(&sSockaddr4->sin_port, &cSockaddr4->sin_port, sizeof(in_port_t)) != 0) + { + return NO; + } + + return YES; +} + +- (BOOL)isConnectedToAddress6:(NSData *)someAddr6 +{ + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + NSAssert(flags & kDidConnect, @"Not connected"); + NSAssert(cachedConnectedAddress, @"Expected cached connected address"); + + if (cachedConnectedFamily != AF_INET6) + { + return NO; + } + + const struct sockaddr_in6 *sSockaddr6 = (const struct sockaddr_in6 *)[someAddr6 bytes]; + const struct sockaddr_in6 *cSockaddr6 = (const struct sockaddr_in6 *)[cachedConnectedAddress bytes]; + + if (memcmp(&sSockaddr6->sin6_addr, &cSockaddr6->sin6_addr, sizeof(struct in6_addr)) != 0) + { + return NO; + } + if (memcmp(&sSockaddr6->sin6_port, &cSockaddr6->sin6_port, sizeof(in_port_t)) != 0) + { + return NO; + } + + return YES; +} + +- (unsigned int)indexOfInterfaceAddr4:(NSData *)interfaceAddr4 +{ + if (interfaceAddr4 == nil) + return 0; + if ([interfaceAddr4 length] != sizeof(struct sockaddr_in)) + return 0; + + int result = 0; + const struct sockaddr_in *ifaceAddr = (const struct sockaddr_in *)[interfaceAddr4 bytes]; + + struct ifaddrs *addrs; + const struct ifaddrs *cursor; + + if ((getifaddrs(&addrs) == 0)) + { + cursor = addrs; + while (cursor != NULL) + { + if (cursor->ifa_addr->sa_family == AF_INET) + { + // IPv4 + + const struct sockaddr_in *addr = (const struct sockaddr_in *)(const void *)cursor->ifa_addr; + + if (memcmp(&addr->sin_addr, &ifaceAddr->sin_addr, sizeof(struct in_addr)) == 0) + { + result = if_nametoindex(cursor->ifa_name); + break; + } + } + + cursor = cursor->ifa_next; + } + + freeifaddrs(addrs); + } + + return result; +} + +- (unsigned int)indexOfInterfaceAddr6:(NSData *)interfaceAddr6 +{ + if (interfaceAddr6 == nil) + return 0; + if ([interfaceAddr6 length] != sizeof(struct sockaddr_in6)) + return 0; + + int result = 0; + const struct sockaddr_in6 *ifaceAddr = (const struct sockaddr_in6 *)[interfaceAddr6 bytes]; + + struct ifaddrs *addrs; + const struct ifaddrs *cursor; + + if ((getifaddrs(&addrs) == 0)) + { + cursor = addrs; + while (cursor != NULL) + { + if (cursor->ifa_addr->sa_family == AF_INET6) + { + // IPv6 + + const struct sockaddr_in6 *addr = (const struct sockaddr_in6 *)(const void *)cursor->ifa_addr; + + if (memcmp(&addr->sin6_addr, &ifaceAddr->sin6_addr, sizeof(struct in6_addr)) == 0) + { + result = if_nametoindex(cursor->ifa_name); + break; + } + } + + cursor = cursor->ifa_next; + } + + freeifaddrs(addrs); + } + + return result; +} + +- (void)setupSendAndReceiveSourcesForSocket4 +{ + LogTrace(); + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + send4Source = dispatch_source_create(DISPATCH_SOURCE_TYPE_WRITE, socket4FD, 0, socketQueue); + receive4Source = dispatch_source_create(DISPATCH_SOURCE_TYPE_READ, socket4FD, 0, socketQueue); + + // Setup event handlers + + dispatch_source_set_event_handler(send4Source, ^{ @autoreleasepool { + + LogVerbose(@"send4EventBlock"); + LogVerbose(@"dispatch_source_get_data(send4Source) = %lu", dispatch_source_get_data(send4Source)); + + self->flags |= kSock4CanAcceptBytes; + + // If we're ready to send data, do so immediately. + // Otherwise pause the send source or it will continue to fire over and over again. + + if (self->currentSend == nil) + { + LogVerbose(@"Nothing to send"); + [self suspendSend4Source]; + } + else if (self->currentSend->resolveInProgress) + { + LogVerbose(@"currentSend - waiting for address resolve"); + [self suspendSend4Source]; + } + else if (self->currentSend->filterInProgress) + { + LogVerbose(@"currentSend - waiting on sendFilter"); + [self suspendSend4Source]; + } + else + { + [self doSend]; + } + + }}); + + dispatch_source_set_event_handler(receive4Source, ^{ @autoreleasepool { + + LogVerbose(@"receive4EventBlock"); + + self->socket4FDBytesAvailable = dispatch_source_get_data(self->receive4Source); + LogVerbose(@"socket4FDBytesAvailable: %lu", socket4FDBytesAvailable); + + if (self->socket4FDBytesAvailable > 0) + [self doReceive]; + else + [self doReceiveEOF]; + + }}); + + // Setup cancel handlers + + __block int socketFDRefCount = 2; + + int theSocketFD = socket4FD; + + #if !OS_OBJECT_USE_OBJC + dispatch_source_t theSendSource = send4Source; + dispatch_source_t theReceiveSource = receive4Source; + #endif + + dispatch_source_set_cancel_handler(send4Source, ^{ + + LogVerbose(@"send4CancelBlock"); + + #if !OS_OBJECT_USE_OBJC + LogVerbose(@"dispatch_release(send4Source)"); + dispatch_release(theSendSource); + #endif + + if (--socketFDRefCount == 0) + { + LogVerbose(@"close(socket4FD)"); + close(theSocketFD); + } + }); + + dispatch_source_set_cancel_handler(receive4Source, ^{ + + LogVerbose(@"receive4CancelBlock"); + + #if !OS_OBJECT_USE_OBJC + LogVerbose(@"dispatch_release(receive4Source)"); + dispatch_release(theReceiveSource); + #endif + + if (--socketFDRefCount == 0) + { + LogVerbose(@"close(socket4FD)"); + close(theSocketFD); + } + }); + + // We will not be able to receive until the socket is bound to a port, + // either explicitly via bind, or implicitly by connect or by sending data. + // + // But we should be able to send immediately. + + socket4FDBytesAvailable = 0; + flags |= kSock4CanAcceptBytes; + + flags |= kSend4SourceSuspended; + flags |= kReceive4SourceSuspended; +} + +- (void)setupSendAndReceiveSourcesForSocket6 +{ + LogTrace(); + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + send6Source = dispatch_source_create(DISPATCH_SOURCE_TYPE_WRITE, socket6FD, 0, socketQueue); + receive6Source = dispatch_source_create(DISPATCH_SOURCE_TYPE_READ, socket6FD, 0, socketQueue); + + // Setup event handlers + + dispatch_source_set_event_handler(send6Source, ^{ @autoreleasepool { + + LogVerbose(@"send6EventBlock"); + LogVerbose(@"dispatch_source_get_data(send6Source) = %lu", dispatch_source_get_data(send6Source)); + + self->flags |= kSock6CanAcceptBytes; + + // If we're ready to send data, do so immediately. + // Otherwise pause the send source or it will continue to fire over and over again. + + if (self->currentSend == nil) + { + LogVerbose(@"Nothing to send"); + [self suspendSend6Source]; + } + else if (self->currentSend->resolveInProgress) + { + LogVerbose(@"currentSend - waiting for address resolve"); + [self suspendSend6Source]; + } + else if (self->currentSend->filterInProgress) + { + LogVerbose(@"currentSend - waiting on sendFilter"); + [self suspendSend6Source]; + } + else + { + [self doSend]; + } + + }}); + + dispatch_source_set_event_handler(receive6Source, ^{ @autoreleasepool { + + LogVerbose(@"receive6EventBlock"); + + self->socket6FDBytesAvailable = dispatch_source_get_data(self->receive6Source); + LogVerbose(@"socket6FDBytesAvailable: %lu", socket6FDBytesAvailable); + + if (self->socket6FDBytesAvailable > 0) + [self doReceive]; + else + [self doReceiveEOF]; + + }}); + + // Setup cancel handlers + + __block int socketFDRefCount = 2; + + int theSocketFD = socket6FD; + + #if !OS_OBJECT_USE_OBJC + dispatch_source_t theSendSource = send6Source; + dispatch_source_t theReceiveSource = receive6Source; + #endif + + dispatch_source_set_cancel_handler(send6Source, ^{ + + LogVerbose(@"send6CancelBlock"); + + #if !OS_OBJECT_USE_OBJC + LogVerbose(@"dispatch_release(send6Source)"); + dispatch_release(theSendSource); + #endif + + if (--socketFDRefCount == 0) + { + LogVerbose(@"close(socket6FD)"); + close(theSocketFD); + } + }); + + dispatch_source_set_cancel_handler(receive6Source, ^{ + + LogVerbose(@"receive6CancelBlock"); + + #if !OS_OBJECT_USE_OBJC + LogVerbose(@"dispatch_release(receive6Source)"); + dispatch_release(theReceiveSource); + #endif + + if (--socketFDRefCount == 0) + { + LogVerbose(@"close(socket6FD)"); + close(theSocketFD); + } + }); + + // We will not be able to receive until the socket is bound to a port, + // either explicitly via bind, or implicitly by connect or by sending data. + // + // But we should be able to send immediately. + + socket6FDBytesAvailable = 0; + flags |= kSock6CanAcceptBytes; + + flags |= kSend6SourceSuspended; + flags |= kReceive6SourceSuspended; +} + +- (BOOL)createSocket4:(BOOL)useIPv4 socket6:(BOOL)useIPv6 error:(NSError * __autoreleasing *)errPtr +{ + LogTrace(); + + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + NSAssert(((flags & kDidCreateSockets) == 0), @"Sockets have already been created"); + + // CreateSocket Block + // This block will be invoked below. + + int(^createSocket)(int) = ^int (int domain) { + + int socketFD = socket(domain, SOCK_DGRAM, 0); + + if (socketFD == SOCKET_NULL) + { + if (errPtr) + *errPtr = [self errnoErrorWithReason:@"Error in socket() function"]; + + return SOCKET_NULL; + } + + int status; + + // Set socket options + + status = fcntl(socketFD, F_SETFL, O_NONBLOCK); + if (status == -1) + { + if (errPtr) + *errPtr = [self errnoErrorWithReason:@"Error enabling non-blocking IO on socket (fcntl)"]; + + close(socketFD); + return SOCKET_NULL; + } + + int reuseaddr = 1; + status = setsockopt(socketFD, SOL_SOCKET, SO_REUSEADDR, &reuseaddr, sizeof(reuseaddr)); + if (status == -1) + { + if (errPtr) + *errPtr = [self errnoErrorWithReason:@"Error enabling address reuse (setsockopt)"]; + + close(socketFD); + return SOCKET_NULL; + } + + int nosigpipe = 1; + status = setsockopt(socketFD, SOL_SOCKET, SO_NOSIGPIPE, &nosigpipe, sizeof(nosigpipe)); + if (status == -1) + { + if (errPtr) + *errPtr = [self errnoErrorWithReason:@"Error disabling sigpipe (setsockopt)"]; + + close(socketFD); + return SOCKET_NULL; + } + + /** + * The theoretical maximum size of any IPv4 UDP packet is UINT16_MAX = 65535. + * The theoretical maximum size of any IPv6 UDP packet is UINT32_MAX = 4294967295. + * + * The default maximum size of the UDP buffer in iOS is 9216 bytes. + * + * This is the reason of #222(GCD does not necessarily return the size of an entire UDP packet) and + * #535(GCDAsyncUDPSocket can not send data when data is greater than 9K) + * + * + * Enlarge the maximum size of UDP packet. + * I can not ensure the protocol type now so that the max size is set to 65535 :) + **/ + + status = setsockopt(socketFD, SOL_SOCKET, SO_SNDBUF, (const char*)&self->maxSendSize, sizeof(int)); + if (status == -1) + { + if (errPtr) + *errPtr = [self errnoErrorWithReason:@"Error setting send buffer size (setsockopt)"]; + close(socketFD); + return SOCKET_NULL; + } + + status = setsockopt(socketFD, SOL_SOCKET, SO_RCVBUF, (const char*)&self->maxSendSize, sizeof(int)); + if (status == -1) + { + if (errPtr) + *errPtr = [self errnoErrorWithReason:@"Error setting receive buffer size (setsockopt)"]; + close(socketFD); + return SOCKET_NULL; + } + + + return socketFD; + }; + + // Create sockets depending upon given configuration. + + if (useIPv4) + { + LogVerbose(@"Creating IPv4 socket"); + + socket4FD = createSocket(AF_INET); + if (socket4FD == SOCKET_NULL) + { + // errPtr set in local createSocket() block + return NO; + } + } + + if (useIPv6) + { + LogVerbose(@"Creating IPv6 socket"); + + socket6FD = createSocket(AF_INET6); + if (socket6FD == SOCKET_NULL) + { + // errPtr set in local createSocket() block + + if (socket4FD != SOCKET_NULL) + { + close(socket4FD); + socket4FD = SOCKET_NULL; + } + + return NO; + } + } + + // Setup send and receive sources + + if (useIPv4) + [self setupSendAndReceiveSourcesForSocket4]; + if (useIPv6) + [self setupSendAndReceiveSourcesForSocket6]; + + flags |= kDidCreateSockets; + return YES; +} + +- (BOOL)createSockets:(NSError **)errPtr +{ + LogTrace(); + + BOOL useIPv4 = [self isIPv4Enabled]; + BOOL useIPv6 = [self isIPv6Enabled]; + + return [self createSocket4:useIPv4 socket6:useIPv6 error:errPtr]; +} + +- (void)suspendSend4Source +{ + if (send4Source && !(flags & kSend4SourceSuspended)) + { + LogVerbose(@"dispatch_suspend(send4Source)"); + + dispatch_suspend(send4Source); + flags |= kSend4SourceSuspended; + } +} + +- (void)suspendSend6Source +{ + if (send6Source && !(flags & kSend6SourceSuspended)) + { + LogVerbose(@"dispatch_suspend(send6Source)"); + + dispatch_suspend(send6Source); + flags |= kSend6SourceSuspended; + } +} + +- (void)resumeSend4Source +{ + if (send4Source && (flags & kSend4SourceSuspended)) + { + LogVerbose(@"dispatch_resume(send4Source)"); + + dispatch_resume(send4Source); + flags &= ~kSend4SourceSuspended; + } +} + +- (void)resumeSend6Source +{ + if (send6Source && (flags & kSend6SourceSuspended)) + { + LogVerbose(@"dispatch_resume(send6Source)"); + + dispatch_resume(send6Source); + flags &= ~kSend6SourceSuspended; + } +} + +- (void)suspendReceive4Source +{ + if (receive4Source && !(flags & kReceive4SourceSuspended)) + { + LogVerbose(@"dispatch_suspend(receive4Source)"); + + dispatch_suspend(receive4Source); + flags |= kReceive4SourceSuspended; + } +} + +- (void)suspendReceive6Source +{ + if (receive6Source && !(flags & kReceive6SourceSuspended)) + { + LogVerbose(@"dispatch_suspend(receive6Source)"); + + dispatch_suspend(receive6Source); + flags |= kReceive6SourceSuspended; + } +} + +- (void)resumeReceive4Source +{ + if (receive4Source && (flags & kReceive4SourceSuspended)) + { + LogVerbose(@"dispatch_resume(receive4Source)"); + + dispatch_resume(receive4Source); + flags &= ~kReceive4SourceSuspended; + } +} + +- (void)resumeReceive6Source +{ + if (receive6Source && (flags & kReceive6SourceSuspended)) + { + LogVerbose(@"dispatch_resume(receive6Source)"); + + dispatch_resume(receive6Source); + flags &= ~kReceive6SourceSuspended; + } +} + +- (void)closeSocket4 +{ + if (socket4FD != SOCKET_NULL) + { + LogVerbose(@"dispatch_source_cancel(send4Source)"); + dispatch_source_cancel(send4Source); + + LogVerbose(@"dispatch_source_cancel(receive4Source)"); + dispatch_source_cancel(receive4Source); + + // For some crazy reason (in my opinion), cancelling a dispatch source doesn't + // invoke the cancel handler if the dispatch source is paused. + // So we have to unpause the source if needed. + // This allows the cancel handler to be run, which in turn releases the source and closes the socket. + + [self resumeSend4Source]; + [self resumeReceive4Source]; + + // The sockets will be closed by the cancel handlers of the corresponding source + + send4Source = NULL; + receive4Source = NULL; + + socket4FD = SOCKET_NULL; + + // Clear socket states + + socket4FDBytesAvailable = 0; + flags &= ~kSock4CanAcceptBytes; + + // Clear cached info + + cachedLocalAddress4 = nil; + cachedLocalHost4 = nil; + cachedLocalPort4 = 0; + } +} + +- (void)closeSocket6 +{ + if (socket6FD != SOCKET_NULL) + { + LogVerbose(@"dispatch_source_cancel(send6Source)"); + dispatch_source_cancel(send6Source); + + LogVerbose(@"dispatch_source_cancel(receive6Source)"); + dispatch_source_cancel(receive6Source); + + // For some crazy reason (in my opinion), cancelling a dispatch source doesn't + // invoke the cancel handler if the dispatch source is paused. + // So we have to unpause the source if needed. + // This allows the cancel handler to be run, which in turn releases the source and closes the socket. + + [self resumeSend6Source]; + [self resumeReceive6Source]; + + send6Source = NULL; + receive6Source = NULL; + + // The sockets will be closed by the cancel handlers of the corresponding source + + socket6FD = SOCKET_NULL; + + // Clear socket states + + socket6FDBytesAvailable = 0; + flags &= ~kSock6CanAcceptBytes; + + // Clear cached info + + cachedLocalAddress6 = nil; + cachedLocalHost6 = nil; + cachedLocalPort6 = 0; + } +} + +- (void)closeSockets +{ + [self closeSocket4]; + [self closeSocket6]; + + flags &= ~kDidCreateSockets; +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Diagnostics +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +- (BOOL)getLocalAddress:(NSData **)dataPtr + host:(NSString **)hostPtr + port:(uint16_t *)portPtr + forSocket:(int)socketFD + withFamily:(int)socketFamily +{ + + NSData *data = nil; + NSString *host = nil; + uint16_t port = 0; + + if (socketFamily == AF_INET) + { + struct sockaddr_in sockaddr4; + socklen_t sockaddr4len = sizeof(sockaddr4); + + if (getsockname(socketFD, (struct sockaddr *)&sockaddr4, &sockaddr4len) == 0) + { + data = [NSData dataWithBytes:&sockaddr4 length:sockaddr4len]; + host = [[self class] hostFromSockaddr4:&sockaddr4]; + port = [[self class] portFromSockaddr4:&sockaddr4]; + } + else + { + LogWarn(@"Error in getsockname: %@", [self errnoError]); + } + } + else if (socketFamily == AF_INET6) + { + struct sockaddr_in6 sockaddr6; + socklen_t sockaddr6len = sizeof(sockaddr6); + + if (getsockname(socketFD, (struct sockaddr *)&sockaddr6, &sockaddr6len) == 0) + { + data = [NSData dataWithBytes:&sockaddr6 length:sockaddr6len]; + host = [[self class] hostFromSockaddr6:&sockaddr6]; + port = [[self class] portFromSockaddr6:&sockaddr6]; + } + else + { + LogWarn(@"Error in getsockname: %@", [self errnoError]); + } + } + + if (dataPtr) *dataPtr = data; + if (hostPtr) *hostPtr = host; + if (portPtr) *portPtr = port; + + return (data != nil); +} + +- (void)maybeUpdateCachedLocalAddress4Info +{ + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + if ( cachedLocalAddress4 || ((flags & kDidBind) == 0) || (socket4FD == SOCKET_NULL) ) + { + return; + } + + NSData *address = nil; + NSString *host = nil; + uint16_t port = 0; + + if ([self getLocalAddress:&address host:&host port:&port forSocket:socket4FD withFamily:AF_INET]) + { + + cachedLocalAddress4 = address; + cachedLocalHost4 = host; + cachedLocalPort4 = port; + } +} + +- (void)maybeUpdateCachedLocalAddress6Info +{ + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + if ( cachedLocalAddress6 || ((flags & kDidBind) == 0) || (socket6FD == SOCKET_NULL) ) + { + return; + } + + NSData *address = nil; + NSString *host = nil; + uint16_t port = 0; + + if ([self getLocalAddress:&address host:&host port:&port forSocket:socket6FD withFamily:AF_INET6]) + { + + cachedLocalAddress6 = address; + cachedLocalHost6 = host; + cachedLocalPort6 = port; + } +} + +- (NSData *)localAddress +{ + __block NSData *result = nil; + + dispatch_block_t block = ^{ + + if (self->socket4FD != SOCKET_NULL) + { + [self maybeUpdateCachedLocalAddress4Info]; + result = self->cachedLocalAddress4; + } + else + { + [self maybeUpdateCachedLocalAddress6Info]; + result = self->cachedLocalAddress6; + } + + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, AutoreleasedBlock(block)); + + return result; +} + +- (NSString *)localHost +{ + __block NSString *result = nil; + + dispatch_block_t block = ^{ + + if (self->socket4FD != SOCKET_NULL) + { + [self maybeUpdateCachedLocalAddress4Info]; + result = self->cachedLocalHost4; + } + else + { + [self maybeUpdateCachedLocalAddress6Info]; + result = self->cachedLocalHost6; + } + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, AutoreleasedBlock(block)); + + return result; +} + +- (uint16_t)localPort +{ + __block uint16_t result = 0; + + dispatch_block_t block = ^{ + + if (self->socket4FD != SOCKET_NULL) + { + [self maybeUpdateCachedLocalAddress4Info]; + result = self->cachedLocalPort4; + } + else + { + [self maybeUpdateCachedLocalAddress6Info]; + result = self->cachedLocalPort6; + } + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, AutoreleasedBlock(block)); + + return result; +} + +- (NSData *)localAddress_IPv4 +{ + __block NSData *result = nil; + + dispatch_block_t block = ^{ + + [self maybeUpdateCachedLocalAddress4Info]; + result = self->cachedLocalAddress4; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, AutoreleasedBlock(block)); + + return result; +} + +- (NSString *)localHost_IPv4 +{ + __block NSString *result = nil; + + dispatch_block_t block = ^{ + + [self maybeUpdateCachedLocalAddress4Info]; + result = self->cachedLocalHost4; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, AutoreleasedBlock(block)); + + return result; +} + +- (uint16_t)localPort_IPv4 +{ + __block uint16_t result = 0; + + dispatch_block_t block = ^{ + + [self maybeUpdateCachedLocalAddress4Info]; + result = self->cachedLocalPort4; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, AutoreleasedBlock(block)); + + return result; +} + +- (NSData *)localAddress_IPv6 +{ + __block NSData *result = nil; + + dispatch_block_t block = ^{ + + [self maybeUpdateCachedLocalAddress6Info]; + result = self->cachedLocalAddress6; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, AutoreleasedBlock(block)); + + return result; +} + +- (NSString *)localHost_IPv6 +{ + __block NSString *result = nil; + + dispatch_block_t block = ^{ + + [self maybeUpdateCachedLocalAddress6Info]; + result = self->cachedLocalHost6; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, AutoreleasedBlock(block)); + + return result; +} + +- (uint16_t)localPort_IPv6 +{ + __block uint16_t result = 0; + + dispatch_block_t block = ^{ + + [self maybeUpdateCachedLocalAddress6Info]; + result = self->cachedLocalPort6; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, AutoreleasedBlock(block)); + + return result; +} + +- (void)maybeUpdateCachedConnectedAddressInfo +{ + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + if (cachedConnectedAddress || (flags & kDidConnect) == 0) + { + return; + } + + NSData *data = nil; + NSString *host = nil; + uint16_t port = 0; + int family = AF_UNSPEC; + + if (socket4FD != SOCKET_NULL) + { + struct sockaddr_in sockaddr4; + socklen_t sockaddr4len = sizeof(sockaddr4); + + if (getpeername(socket4FD, (struct sockaddr *)&sockaddr4, &sockaddr4len) == 0) + { + data = [NSData dataWithBytes:&sockaddr4 length:sockaddr4len]; + host = [[self class] hostFromSockaddr4:&sockaddr4]; + port = [[self class] portFromSockaddr4:&sockaddr4]; + family = AF_INET; + } + else + { + LogWarn(@"Error in getpeername: %@", [self errnoError]); + } + } + else if (socket6FD != SOCKET_NULL) + { + struct sockaddr_in6 sockaddr6; + socklen_t sockaddr6len = sizeof(sockaddr6); + + if (getpeername(socket6FD, (struct sockaddr *)&sockaddr6, &sockaddr6len) == 0) + { + data = [NSData dataWithBytes:&sockaddr6 length:sockaddr6len]; + host = [[self class] hostFromSockaddr6:&sockaddr6]; + port = [[self class] portFromSockaddr6:&sockaddr6]; + family = AF_INET6; + } + else + { + LogWarn(@"Error in getpeername: %@", [self errnoError]); + } + } + + + cachedConnectedAddress = data; + cachedConnectedHost = host; + cachedConnectedPort = port; + cachedConnectedFamily = family; +} + +- (NSData *)connectedAddress +{ + __block NSData *result = nil; + + dispatch_block_t block = ^{ + + [self maybeUpdateCachedConnectedAddressInfo]; + result = self->cachedConnectedAddress; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, AutoreleasedBlock(block)); + + return result; +} + +- (NSString *)connectedHost +{ + __block NSString *result = nil; + + dispatch_block_t block = ^{ + + [self maybeUpdateCachedConnectedAddressInfo]; + result = self->cachedConnectedHost; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, AutoreleasedBlock(block)); + + return result; +} + +- (uint16_t)connectedPort +{ + __block uint16_t result = 0; + + dispatch_block_t block = ^{ + + [self maybeUpdateCachedConnectedAddressInfo]; + result = self->cachedConnectedPort; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, AutoreleasedBlock(block)); + + return result; +} + +- (BOOL)isConnected +{ + __block BOOL result = NO; + + dispatch_block_t block = ^{ + result = (self->flags & kDidConnect) ? YES : NO; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + return result; +} + +- (BOOL)isClosed +{ + __block BOOL result = YES; + + dispatch_block_t block = ^{ + + result = (self->flags & kDidCreateSockets) ? NO : YES; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + return result; +} + +- (BOOL)isIPv4 +{ + __block BOOL result = NO; + + dispatch_block_t block = ^{ + + if (self->flags & kDidCreateSockets) + { + result = (self->socket4FD != SOCKET_NULL); + } + else + { + result = [self isIPv4Enabled]; + } + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + return result; +} + +- (BOOL)isIPv6 +{ + __block BOOL result = NO; + + dispatch_block_t block = ^{ + + if (self->flags & kDidCreateSockets) + { + result = (self->socket6FD != SOCKET_NULL); + } + else + { + result = [self isIPv6Enabled]; + } + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + return result; +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Binding +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +/** + * This method runs through the various checks required prior to a bind attempt. + * It is shared between the various bind methods. +**/ +- (BOOL)preBind:(NSError **)errPtr +{ + if (![self preOp:errPtr]) + { + return NO; + } + + if (flags & kDidBind) + { + if (errPtr) + { + NSString *msg = @"Cannot bind a socket more than once."; + *errPtr = [self badConfigError:msg]; + } + return NO; + } + + if ((flags & kConnecting) || (flags & kDidConnect)) + { + if (errPtr) + { + NSString *msg = @"Cannot bind after connecting. If needed, bind first, then connect."; + *errPtr = [self badConfigError:msg]; + } + return NO; + } + + BOOL isIPv4Disabled = (config & kIPv4Disabled) ? YES : NO; + BOOL isIPv6Disabled = (config & kIPv6Disabled) ? YES : NO; + + if (isIPv4Disabled && isIPv6Disabled) // Must have IPv4 or IPv6 enabled + { + if (errPtr) + { + NSString *msg = @"Both IPv4 and IPv6 have been disabled. Must enable at least one protocol first."; + *errPtr = [self badConfigError:msg]; + } + return NO; + } + + return YES; +} + +- (BOOL)bindToPort:(uint16_t)port error:(NSError **)errPtr +{ + return [self bindToPort:port interface:nil error:errPtr]; +} + +- (BOOL)bindToPort:(uint16_t)port interface:(NSString *)interface error:(NSError **)errPtr +{ + __block BOOL result = NO; + __block NSError *err = nil; + + dispatch_block_t block = ^{ @autoreleasepool { + + // Run through sanity checks + + if (![self preBind:&err]) + { + return_from_block; + } + + // Check the given interface + + NSData *interface4 = nil; + NSData *interface6 = nil; + + [self convertIntefaceDescription:interface port:port intoAddress4:&interface4 address6:&interface6]; + + if ((interface4 == nil) && (interface6 == nil)) + { + NSString *msg = @"Unknown interface. Specify valid interface by name (e.g. \"en1\") or IP address."; + err = [self badParamError:msg]; + + return_from_block; + } + + BOOL isIPv4Disabled = (self->config & kIPv4Disabled) ? YES : NO; + BOOL isIPv6Disabled = (self->config & kIPv6Disabled) ? YES : NO; + + if (isIPv4Disabled && (interface6 == nil)) + { + NSString *msg = @"IPv4 has been disabled and specified interface doesn't support IPv6."; + err = [self badParamError:msg]; + + return_from_block; + } + + if (isIPv6Disabled && (interface4 == nil)) + { + NSString *msg = @"IPv6 has been disabled and specified interface doesn't support IPv4."; + err = [self badParamError:msg]; + + return_from_block; + } + + // Determine protocol(s) + + BOOL useIPv4 = !isIPv4Disabled && (interface4 != nil); + BOOL useIPv6 = !isIPv6Disabled && (interface6 != nil); + + // Create the socket(s) if needed + + if ((self->flags & kDidCreateSockets) == 0) + { + if (![self createSocket4:useIPv4 socket6:useIPv6 error:&err]) + { + return_from_block; + } + } + + // Bind the socket(s) + + LogVerbose(@"Binding socket to port(%hu) interface(%@)", port, interface); + + if (useIPv4) + { + int status = bind(self->socket4FD, (const struct sockaddr *)[interface4 bytes], (socklen_t)[interface4 length]); + if (status == -1) + { + [self closeSockets]; + + NSString *reason = @"Error in bind() function"; + err = [self errnoErrorWithReason:reason]; + + return_from_block; + } + } + + if (useIPv6) + { + int status = bind(self->socket6FD, (const struct sockaddr *)[interface6 bytes], (socklen_t)[interface6 length]); + if (status == -1) + { + [self closeSockets]; + + NSString *reason = @"Error in bind() function"; + err = [self errnoErrorWithReason:reason]; + + return_from_block; + } + } + + // Update flags + + self->flags |= kDidBind; + + if (!useIPv4) self->flags |= kIPv4Deactivated; + if (!useIPv6) self->flags |= kIPv6Deactivated; + + result = YES; + + }}; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + if (err) + LogError(@"Error binding to port/interface: %@", err); + + if (errPtr) + *errPtr = err; + + return result; +} + +- (BOOL)bindToAddress:(NSData *)localAddr error:(NSError **)errPtr +{ + __block BOOL result = NO; + __block NSError *err = nil; + + dispatch_block_t block = ^{ @autoreleasepool { + + // Run through sanity checks + + if (![self preBind:&err]) + { + return_from_block; + } + + // Check the given address + + int addressFamily = [[self class] familyFromAddress:localAddr]; + + if (addressFamily == AF_UNSPEC) + { + NSString *msg = @"A valid IPv4 or IPv6 address was not given"; + err = [self badParamError:msg]; + + return_from_block; + } + + NSData *localAddr4 = (addressFamily == AF_INET) ? localAddr : nil; + NSData *localAddr6 = (addressFamily == AF_INET6) ? localAddr : nil; + + BOOL isIPv4Disabled = (self->config & kIPv4Disabled) ? YES : NO; + BOOL isIPv6Disabled = (self->config & kIPv6Disabled) ? YES : NO; + + if (isIPv4Disabled && localAddr4) + { + NSString *msg = @"IPv4 has been disabled and an IPv4 address was passed."; + err = [self badParamError:msg]; + + return_from_block; + } + + if (isIPv6Disabled && localAddr6) + { + NSString *msg = @"IPv6 has been disabled and an IPv6 address was passed."; + err = [self badParamError:msg]; + + return_from_block; + } + + // Determine protocol(s) + + BOOL useIPv4 = !isIPv4Disabled && (localAddr4 != nil); + BOOL useIPv6 = !isIPv6Disabled && (localAddr6 != nil); + + // Create the socket(s) if needed + + if ((self->flags & kDidCreateSockets) == 0) + { + if (![self createSocket4:useIPv4 socket6:useIPv6 error:&err]) + { + return_from_block; + } + } + + // Bind the socket(s) + + if (useIPv4) + { + LogVerbose(@"Binding socket to address(%@:%hu)", + [[self class] hostFromAddress:localAddr4], + [[self class] portFromAddress:localAddr4]); + + int status = bind(self->socket4FD, (const struct sockaddr *)[localAddr4 bytes], (socklen_t)[localAddr4 length]); + if (status == -1) + { + [self closeSockets]; + + NSString *reason = @"Error in bind() function"; + err = [self errnoErrorWithReason:reason]; + + return_from_block; + } + } + else + { + LogVerbose(@"Binding socket to address(%@:%hu)", + [[self class] hostFromAddress:localAddr6], + [[self class] portFromAddress:localAddr6]); + + int status = bind(self->socket6FD, (const struct sockaddr *)[localAddr6 bytes], (socklen_t)[localAddr6 length]); + if (status == -1) + { + [self closeSockets]; + + NSString *reason = @"Error in bind() function"; + err = [self errnoErrorWithReason:reason]; + + return_from_block; + } + } + + // Update flags + + self->flags |= kDidBind; + + if (!useIPv4) self->flags |= kIPv4Deactivated; + if (!useIPv6) self->flags |= kIPv6Deactivated; + + result = YES; + + }}; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + if (err) + LogError(@"Error binding to address: %@", err); + + if (errPtr) + *errPtr = err; + + return result; +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Connecting +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +/** + * This method runs through the various checks required prior to a connect attempt. + * It is shared between the various connect methods. +**/ +- (BOOL)preConnect:(NSError **)errPtr +{ + if (![self preOp:errPtr]) + { + return NO; + } + + if ((flags & kConnecting) || (flags & kDidConnect)) + { + if (errPtr) + { + NSString *msg = @"Cannot connect a socket more than once."; + *errPtr = [self badConfigError:msg]; + } + return NO; + } + + BOOL isIPv4Disabled = (config & kIPv4Disabled) ? YES : NO; + BOOL isIPv6Disabled = (config & kIPv6Disabled) ? YES : NO; + + if (isIPv4Disabled && isIPv6Disabled) // Must have IPv4 or IPv6 enabled + { + if (errPtr) + { + NSString *msg = @"Both IPv4 and IPv6 have been disabled. Must enable at least one protocol first."; + *errPtr = [self badConfigError:msg]; + } + return NO; + } + + return YES; +} + +- (BOOL)connectToHost:(NSString *)host onPort:(uint16_t)port error:(NSError **)errPtr +{ + __block BOOL result = NO; + __block NSError *err = nil; + + dispatch_block_t block = ^{ @autoreleasepool { + + // Run through sanity checks. + + if (![self preConnect:&err]) + { + return_from_block; + } + + // Check parameter(s) + + if (host == nil) + { + NSString *msg = @"The host param is nil. Should be domain name or IP address string."; + err = [self badParamError:msg]; + + return_from_block; + } + + // Create the socket(s) if needed + + if ((self->flags & kDidCreateSockets) == 0) + { + if (![self createSockets:&err]) + { + return_from_block; + } + } + + // Create special connect packet + + GCDAsyncUdpSpecialPacket *packet = [[GCDAsyncUdpSpecialPacket alloc] init]; + packet->resolveInProgress = YES; + + // Start asynchronous DNS resolve for host:port on background queue + + LogVerbose(@"Dispatching DNS resolve for connect..."); + + [self asyncResolveHost:host port:port withCompletionBlock:^(NSArray *addresses, NSError *error) { + + // The asyncResolveHost:port:: method asynchronously dispatches a task onto the global concurrent queue, + // and immediately returns. Once the async resolve task completes, + // this block is executed on our socketQueue. + + packet->resolveInProgress = NO; + + packet->addresses = addresses; + packet->error = error; + + [self maybeConnect]; + }]; + + // Updates flags, add connect packet to send queue, and pump send queue + + self->flags |= kConnecting; + + [self->sendQueue addObject:packet]; + [self maybeDequeueSend]; + + result = YES; + }}; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + if (err) + LogError(@"Error connecting to host/port: %@", err); + + if (errPtr) + *errPtr = err; + + return result; +} + +- (BOOL)connectToAddress:(NSData *)remoteAddr error:(NSError **)errPtr +{ + __block BOOL result = NO; + __block NSError *err = nil; + + dispatch_block_t block = ^{ @autoreleasepool { + + // Run through sanity checks. + + if (![self preConnect:&err]) + { + return_from_block; + } + + // Check parameter(s) + + if (remoteAddr == nil) + { + NSString *msg = @"The address param is nil. Should be a valid address."; + err = [self badParamError:msg]; + + return_from_block; + } + + // Create the socket(s) if needed + + if ((self->flags & kDidCreateSockets) == 0) + { + if (![self createSockets:&err]) + { + return_from_block; + } + } + + // The remoteAddr parameter could be of type NSMutableData. + // So we copy it to be safe. + + NSData *address = [remoteAddr copy]; + NSArray *addresses = [NSArray arrayWithObject:address]; + + GCDAsyncUdpSpecialPacket *packet = [[GCDAsyncUdpSpecialPacket alloc] init]; + packet->addresses = addresses; + + // Updates flags, add connect packet to send queue, and pump send queue + + self->flags |= kConnecting; + + [self->sendQueue addObject:packet]; + [self maybeDequeueSend]; + + result = YES; + }}; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + if (err) + LogError(@"Error connecting to address: %@", err); + + if (errPtr) + *errPtr = err; + + return result; +} + +- (void)maybeConnect +{ + LogTrace(); + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + + BOOL sendQueueReady = [currentSend isKindOfClass:[GCDAsyncUdpSpecialPacket class]]; + + if (sendQueueReady) + { + GCDAsyncUdpSpecialPacket *connectPacket = (GCDAsyncUdpSpecialPacket *)currentSend; + + if (connectPacket->resolveInProgress) + { + LogVerbose(@"Waiting for DNS resolve..."); + } + else + { + if (connectPacket->error) + { + [self notifyDidNotConnect:connectPacket->error]; + } + else + { + NSData *address = nil; + NSError *error = nil; + + int addressFamily = [self getAddress:&address error:&error fromAddresses:connectPacket->addresses]; + + // Perform connect + + BOOL result = NO; + + switch (addressFamily) + { + case AF_INET : result = [self connectWithAddress4:address error:&error]; break; + case AF_INET6 : result = [self connectWithAddress6:address error:&error]; break; + } + + if (result) + { + flags |= kDidBind; + flags |= kDidConnect; + + cachedConnectedAddress = address; + cachedConnectedHost = [[self class] hostFromAddress:address]; + cachedConnectedPort = [[self class] portFromAddress:address]; + cachedConnectedFamily = addressFamily; + + [self notifyDidConnectToAddress:address]; + } + else + { + [self notifyDidNotConnect:error]; + } + } + + flags &= ~kConnecting; + + [self endCurrentSend]; + [self maybeDequeueSend]; + } + } +} + +- (BOOL)connectWithAddress4:(NSData *)address4 error:(NSError **)errPtr +{ + LogTrace(); + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + int status = connect(socket4FD, (const struct sockaddr *)[address4 bytes], (socklen_t)[address4 length]); + if (status != 0) + { + if (errPtr) + *errPtr = [self errnoErrorWithReason:@"Error in connect() function"]; + + return NO; + } + + [self closeSocket6]; + flags |= kIPv6Deactivated; + + return YES; +} + +- (BOOL)connectWithAddress6:(NSData *)address6 error:(NSError **)errPtr +{ + LogTrace(); + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + int status = connect(socket6FD, (const struct sockaddr *)[address6 bytes], (socklen_t)[address6 length]); + if (status != 0) + { + if (errPtr) + *errPtr = [self errnoErrorWithReason:@"Error in connect() function"]; + + return NO; + } + + [self closeSocket4]; + flags |= kIPv4Deactivated; + + return YES; +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Multicast +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +- (BOOL)preJoin:(NSError **)errPtr +{ + if (![self preOp:errPtr]) + { + return NO; + } + + if (!(flags & kDidBind)) + { + if (errPtr) + { + NSString *msg = @"Must bind a socket before joining a multicast group."; + *errPtr = [self badConfigError:msg]; + } + return NO; + } + + if ((flags & kConnecting) || (flags & kDidConnect)) + { + if (errPtr) + { + NSString *msg = @"Cannot join a multicast group if connected."; + *errPtr = [self badConfigError:msg]; + } + return NO; + } + + return YES; +} + +- (BOOL)joinMulticastGroup:(NSString *)group error:(NSError **)errPtr +{ + return [self joinMulticastGroup:group onInterface:nil error:errPtr]; +} + +- (BOOL)joinMulticastGroup:(NSString *)group onInterface:(NSString *)interface error:(NSError **)errPtr +{ + // IP_ADD_MEMBERSHIP == IPV6_JOIN_GROUP + return [self performMulticastRequest:IP_ADD_MEMBERSHIP forGroup:group onInterface:interface error:errPtr]; +} + +- (BOOL)leaveMulticastGroup:(NSString *)group error:(NSError **)errPtr +{ + return [self leaveMulticastGroup:group onInterface:nil error:errPtr]; +} + +- (BOOL)leaveMulticastGroup:(NSString *)group onInterface:(NSString *)interface error:(NSError **)errPtr +{ + // IP_DROP_MEMBERSHIP == IPV6_LEAVE_GROUP + return [self performMulticastRequest:IP_DROP_MEMBERSHIP forGroup:group onInterface:interface error:errPtr]; +} + +- (BOOL)performMulticastRequest:(int)requestType + forGroup:(NSString *)group + onInterface:(NSString *)interface + error:(NSError **)errPtr +{ + __block BOOL result = NO; + __block NSError *err = nil; + + dispatch_block_t block = ^{ @autoreleasepool { + + // Run through sanity checks + + if (![self preJoin:&err]) + { + return_from_block; + } + + // Convert group to address + + NSData *groupAddr4 = nil; + NSData *groupAddr6 = nil; + + [self convertNumericHost:group port:0 intoAddress4:&groupAddr4 address6:&groupAddr6]; + + if ((groupAddr4 == nil) && (groupAddr6 == nil)) + { + NSString *msg = @"Unknown group. Specify valid group IP address."; + err = [self badParamError:msg]; + + return_from_block; + } + + // Convert interface to address + + NSData *interfaceAddr4 = nil; + NSData *interfaceAddr6 = nil; + + [self convertIntefaceDescription:interface port:0 intoAddress4:&interfaceAddr4 address6:&interfaceAddr6]; + + if ((interfaceAddr4 == nil) && (interfaceAddr6 == nil)) + { + NSString *msg = @"Unknown interface. Specify valid interface by name (e.g. \"en1\") or IP address."; + err = [self badParamError:msg]; + + return_from_block; + } + + // Perform join + + if ((self->socket4FD != SOCKET_NULL) && groupAddr4 && interfaceAddr4) + { + const struct sockaddr_in *nativeGroup = (const struct sockaddr_in *)[groupAddr4 bytes]; + const struct sockaddr_in *nativeIface = (const struct sockaddr_in *)[interfaceAddr4 bytes]; + + struct ip_mreq imreq; + imreq.imr_multiaddr = nativeGroup->sin_addr; + imreq.imr_interface = nativeIface->sin_addr; + + int status = setsockopt(self->socket4FD, IPPROTO_IP, requestType, (const void *)&imreq, sizeof(imreq)); + if (status != 0) + { + err = [self errnoErrorWithReason:@"Error in setsockopt() function"]; + + return_from_block; + } + + // Using IPv4 only + [self closeSocket6]; + + result = YES; + } + else if ((self->socket6FD != SOCKET_NULL) && groupAddr6 && interfaceAddr6) + { + const struct sockaddr_in6 *nativeGroup = (const struct sockaddr_in6 *)[groupAddr6 bytes]; + + struct ipv6_mreq imreq; + imreq.ipv6mr_multiaddr = nativeGroup->sin6_addr; + imreq.ipv6mr_interface = [self indexOfInterfaceAddr6:interfaceAddr6]; + + int status = setsockopt(self->socket6FD, IPPROTO_IPV6, requestType, (const void *)&imreq, sizeof(imreq)); + if (status != 0) + { + err = [self errnoErrorWithReason:@"Error in setsockopt() function"]; + + return_from_block; + } + + // Using IPv6 only + [self closeSocket4]; + + result = YES; + } + else + { + NSString *msg = @"Socket, group, and interface do not have matching IP versions"; + err = [self badParamError:msg]; + + return_from_block; + } + + }}; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + if (errPtr) + *errPtr = err; + + return result; +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Reuse port +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +- (BOOL)enableReusePort:(BOOL)flag error:(NSError **)errPtr +{ + __block BOOL result = NO; + __block NSError *err = nil; + + dispatch_block_t block = ^{ @autoreleasepool { + + if (![self preOp:&err]) + { + return_from_block; + } + + if ((self->flags & kDidCreateSockets) == 0) + { + if (![self createSockets:&err]) + { + return_from_block; + } + } + + int value = flag ? 1 : 0; + if (self->socket4FD != SOCKET_NULL) + { + int error = setsockopt(self->socket4FD, SOL_SOCKET, SO_REUSEPORT, (const void *)&value, sizeof(value)); + + if (error) + { + err = [self errnoErrorWithReason:@"Error in setsockopt() function"]; + + return_from_block; + } + result = YES; + } + + if (self->socket6FD != SOCKET_NULL) + { + int error = setsockopt(self->socket6FD, SOL_SOCKET, SO_REUSEPORT, (const void *)&value, sizeof(value)); + + if (error) + { + err = [self errnoErrorWithReason:@"Error in setsockopt() function"]; + + return_from_block; + } + result = YES; + } + + }}; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + if (errPtr) + *errPtr = err; + + return result; +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Broadcast +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +- (BOOL)enableBroadcast:(BOOL)flag error:(NSError **)errPtr +{ + __block BOOL result = NO; + __block NSError *err = nil; + + dispatch_block_t block = ^{ @autoreleasepool { + + if (![self preOp:&err]) + { + return_from_block; + } + + if ((self->flags & kDidCreateSockets) == 0) + { + if (![self createSockets:&err]) + { + return_from_block; + } + } + + if (self->socket4FD != SOCKET_NULL) + { + int value = flag ? 1 : 0; + int error = setsockopt(self->socket4FD, SOL_SOCKET, SO_BROADCAST, (const void *)&value, sizeof(value)); + + if (error) + { + err = [self errnoErrorWithReason:@"Error in setsockopt() function"]; + + return_from_block; + } + result = YES; + } + + // IPv6 does not implement broadcast, the ability to send a packet to all hosts on the attached link. + // The same effect can be achieved by sending a packet to the link-local all hosts multicast group. + + }}; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + if (errPtr) + *errPtr = err; + + return result; +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Sending +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +- (void)sendData:(NSData *)data withTag:(long)tag +{ + [self sendData:data withTimeout:-1.0 tag:tag]; +} + +- (void)sendData:(NSData *)data withTimeout:(NSTimeInterval)timeout tag:(long)tag +{ + LogTrace(); + + if ([data length] == 0) + { + LogWarn(@"Ignoring attempt to send nil/empty data."); + return; + } + + + + GCDAsyncUdpSendPacket *packet = [[GCDAsyncUdpSendPacket alloc] initWithData:data timeout:timeout tag:tag]; + + dispatch_async(socketQueue, ^{ @autoreleasepool { + + [self->sendQueue addObject:packet]; + [self maybeDequeueSend]; + }}); + +} + +- (void)sendData:(NSData *)data + toHost:(NSString *)host + port:(uint16_t)port + withTimeout:(NSTimeInterval)timeout + tag:(long)tag +{ + LogTrace(); + + if ([data length] == 0) + { + LogWarn(@"Ignoring attempt to send nil/empty data."); + return; + } + + GCDAsyncUdpSendPacket *packet = [[GCDAsyncUdpSendPacket alloc] initWithData:data timeout:timeout tag:tag]; + packet->resolveInProgress = YES; + + [self asyncResolveHost:host port:port withCompletionBlock:^(NSArray *addresses, NSError *error) { + + // The asyncResolveHost:port:: method asynchronously dispatches a task onto the global concurrent queue, + // and immediately returns. Once the async resolve task completes, + // this block is executed on our socketQueue. + + packet->resolveInProgress = NO; + + packet->resolvedAddresses = addresses; + packet->resolveError = error; + + if (packet == self->currentSend) + { + LogVerbose(@"currentSend - address resolved"); + [self doPreSend]; + } + }]; + + dispatch_async(socketQueue, ^{ @autoreleasepool { + + [self->sendQueue addObject:packet]; + [self maybeDequeueSend]; + + }}); + +} + +- (void)sendData:(NSData *)data toAddress:(NSData *)remoteAddr withTimeout:(NSTimeInterval)timeout tag:(long)tag +{ + LogTrace(); + + if ([data length] == 0) + { + LogWarn(@"Ignoring attempt to send nil/empty data."); + return; + } + + GCDAsyncUdpSendPacket *packet = [[GCDAsyncUdpSendPacket alloc] initWithData:data timeout:timeout tag:tag]; + packet->addressFamily = [GCDAsyncUdpSocket familyFromAddress:remoteAddr]; + packet->address = remoteAddr; + + dispatch_async(socketQueue, ^{ @autoreleasepool { + + [self->sendQueue addObject:packet]; + [self maybeDequeueSend]; + }}); +} + +- (void)setSendFilter:(GCDAsyncUdpSocketSendFilterBlock)filterBlock withQueue:(dispatch_queue_t)filterQueue +{ + [self setSendFilter:filterBlock withQueue:filterQueue isAsynchronous:YES]; +} + +- (void)setSendFilter:(GCDAsyncUdpSocketSendFilterBlock)filterBlock + withQueue:(dispatch_queue_t)filterQueue + isAsynchronous:(BOOL)isAsynchronous +{ + GCDAsyncUdpSocketSendFilterBlock newFilterBlock = NULL; + dispatch_queue_t newFilterQueue = NULL; + + if (filterBlock) + { + NSAssert(filterQueue, @"Must provide a dispatch_queue in which to run the filter block."); + + newFilterBlock = [filterBlock copy]; + newFilterQueue = filterQueue; + #if !OS_OBJECT_USE_OBJC + dispatch_retain(newFilterQueue); + #endif + } + + dispatch_block_t block = ^{ + + #if !OS_OBJECT_USE_OBJC + if (self->sendFilterQueue) dispatch_release(self->sendFilterQueue); + #endif + + self->sendFilterBlock = newFilterBlock; + self->sendFilterQueue = newFilterQueue; + self->sendFilterAsync = isAsynchronous; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_async(socketQueue, block); +} + +- (void)maybeDequeueSend +{ + LogTrace(); + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + // If we don't have a send operation already in progress + if (currentSend == nil) + { + // Create the sockets if needed + if ((flags & kDidCreateSockets) == 0) + { + NSError *err = nil; + if (![self createSockets:&err]) + { + [self closeWithError:err]; + return; + } + } + + while ([sendQueue count] > 0) + { + // Dequeue the next object in the queue + currentSend = [sendQueue objectAtIndex:0]; + [sendQueue removeObjectAtIndex:0]; + + if ([currentSend isKindOfClass:[GCDAsyncUdpSpecialPacket class]]) + { + [self maybeConnect]; + + return; // The maybeConnect method, if it connects, will invoke this method again + } + else if (currentSend->resolveError) + { + // Notify delegate + [self notifyDidNotSendDataWithTag:currentSend->tag dueToError:currentSend->resolveError]; + + // Clear currentSend + currentSend = nil; + + continue; + } + else + { + // Start preprocessing checks on the send packet + [self doPreSend]; + + break; + } + } + + if ((currentSend == nil) && (flags & kCloseAfterSends)) + { + [self closeWithError:nil]; + } + } +} + +/** + * This method is called after a sendPacket has been dequeued. + * It performs various preprocessing checks on the packet, + * and queries the sendFilter (if set) to determine if the packet can be sent. + * + * If the packet passes all checks, it will be passed on to the doSend method. +**/ +- (void)doPreSend +{ + LogTrace(); + + // + // 1. Check for problems with send packet + // + + BOOL waitingForResolve = NO; + NSError *error = nil; + + if (flags & kDidConnect) + { + // Connected socket + + if (currentSend->resolveInProgress || currentSend->resolvedAddresses || currentSend->resolveError) + { + NSString *msg = @"Cannot specify destination of packet for connected socket"; + error = [self badConfigError:msg]; + } + else + { + currentSend->address = cachedConnectedAddress; + currentSend->addressFamily = cachedConnectedFamily; + } + } + else + { + // Non-Connected socket + + if (currentSend->resolveInProgress) + { + // We're waiting for the packet's destination to be resolved. + waitingForResolve = YES; + } + else if (currentSend->resolveError) + { + error = currentSend->resolveError; + } + else if (currentSend->address == nil) + { + if (currentSend->resolvedAddresses == nil) + { + NSString *msg = @"You must specify destination of packet for a non-connected socket"; + error = [self badConfigError:msg]; + } + else + { + // Pick the proper address to use (out of possibly several resolved addresses) + + NSData *address = nil; + int addressFamily = AF_UNSPEC; + + addressFamily = [self getAddress:&address error:&error fromAddresses:currentSend->resolvedAddresses]; + + currentSend->address = address; + currentSend->addressFamily = addressFamily; + } + } + } + + if (waitingForResolve) + { + // We're waiting for the packet's destination to be resolved. + + LogVerbose(@"currentSend - waiting for address resolve"); + + if (flags & kSock4CanAcceptBytes) { + [self suspendSend4Source]; + } + if (flags & kSock6CanAcceptBytes) { + [self suspendSend6Source]; + } + + return; + } + + if (error) + { + // Unable to send packet due to some error. + // Notify delegate and move on. + + [self notifyDidNotSendDataWithTag:currentSend->tag dueToError:error]; + [self endCurrentSend]; + [self maybeDequeueSend]; + + return; + } + + // + // 2. Query sendFilter (if applicable) + // + + if (sendFilterBlock && sendFilterQueue) + { + // Query sendFilter + + if (sendFilterAsync) + { + // Scenario 1 of 3 - Need to asynchronously query sendFilter + + currentSend->filterInProgress = YES; + GCDAsyncUdpSendPacket *sendPacket = currentSend; + + dispatch_async(sendFilterQueue, ^{ @autoreleasepool { + + BOOL allowed = self->sendFilterBlock(sendPacket->buffer, sendPacket->address, sendPacket->tag); + + dispatch_async(self->socketQueue, ^{ @autoreleasepool { + + sendPacket->filterInProgress = NO; + if (sendPacket == self->currentSend) + { + if (allowed) + { + [self doSend]; + } + else + { + LogVerbose(@"currentSend - silently dropped by sendFilter"); + + [self notifyDidSendDataWithTag:self->currentSend->tag]; + [self endCurrentSend]; + [self maybeDequeueSend]; + } + } + }}); + }}); + } + else + { + // Scenario 2 of 3 - Need to synchronously query sendFilter + + __block BOOL allowed = YES; + + dispatch_sync(sendFilterQueue, ^{ @autoreleasepool { + + allowed = self->sendFilterBlock(self->currentSend->buffer, self->currentSend->address, self->currentSend->tag); + }}); + + if (allowed) + { + [self doSend]; + } + else + { + LogVerbose(@"currentSend - silently dropped by sendFilter"); + + [self notifyDidSendDataWithTag:currentSend->tag]; + [self endCurrentSend]; + [self maybeDequeueSend]; + } + } + } + else // if (!sendFilterBlock || !sendFilterQueue) + { + // Scenario 3 of 3 - No sendFilter. Just go straight into sending. + + [self doSend]; + } +} + +/** + * This method performs the actual sending of data in the currentSend packet. + * It should only be called if the +**/ +- (void)doSend +{ + LogTrace(); + + NSAssert(currentSend != nil, @"Invalid logic"); + + // Perform the actual send + + ssize_t result = 0; + + if (flags & kDidConnect) + { + // Connected socket + + const void *buffer = [currentSend->buffer bytes]; + size_t length = (size_t)[currentSend->buffer length]; + + if (currentSend->addressFamily == AF_INET) + { + result = send(socket4FD, buffer, length, 0); + LogVerbose(@"send(socket4FD) = %d", result); + } + else + { + result = send(socket6FD, buffer, length, 0); + LogVerbose(@"send(socket6FD) = %d", result); + } + } + else + { + // Non-Connected socket + + const void *buffer = [currentSend->buffer bytes]; + size_t length = (size_t)[currentSend->buffer length]; + + const void *dst = [currentSend->address bytes]; + socklen_t dstSize = (socklen_t)[currentSend->address length]; + + if (currentSend->addressFamily == AF_INET) + { + result = sendto(socket4FD, buffer, length, 0, dst, dstSize); + LogVerbose(@"sendto(socket4FD) = %d", result); + } + else + { + result = sendto(socket6FD, buffer, length, 0, dst, dstSize); + LogVerbose(@"sendto(socket6FD) = %d", result); + } + } + + // If the socket wasn't bound before, it is now + + if ((flags & kDidBind) == 0) + { + flags |= kDidBind; + } + + // Check the results. + // + // From the send() & sendto() manpage: + // + // Upon successful completion, the number of bytes which were sent is returned. + // Otherwise, -1 is returned and the global variable errno is set to indicate the error. + + BOOL waitingForSocket = NO; + NSError *socketError = nil; + + if (result == 0) + { + waitingForSocket = YES; + } + else if (result < 0) + { + if (errno == EAGAIN) + waitingForSocket = YES; + else + socketError = [self errnoErrorWithReason:@"Error in send() function."]; + } + + if (waitingForSocket) + { + // Not enough room in the underlying OS socket send buffer. + // Wait for a notification of available space. + + LogVerbose(@"currentSend - waiting for socket"); + + if (!(flags & kSock4CanAcceptBytes)) { + [self resumeSend4Source]; + } + if (!(flags & kSock6CanAcceptBytes)) { + [self resumeSend6Source]; + } + + if ((sendTimer == NULL) && (currentSend->timeout >= 0.0)) + { + // Unable to send packet right away. + // Start timer to timeout the send operation. + + [self setupSendTimerWithTimeout:currentSend->timeout]; + } + } + else if (socketError) + { + [self closeWithError:socketError]; + } + else // done + { + [self notifyDidSendDataWithTag:currentSend->tag]; + [self endCurrentSend]; + [self maybeDequeueSend]; + } +} + +/** + * Releases all resources associated with the currentSend. +**/ +- (void)endCurrentSend +{ + if (sendTimer) + { + dispatch_source_cancel(sendTimer); + #if !OS_OBJECT_USE_OBJC + dispatch_release(sendTimer); + #endif + sendTimer = NULL; + } + + currentSend = nil; +} + +/** + * Performs the operations to timeout the current send operation, and move on. +**/ +- (void)doSendTimeout +{ + LogTrace(); + + [self notifyDidNotSendDataWithTag:currentSend->tag dueToError:[self sendTimeoutError]]; + [self endCurrentSend]; + [self maybeDequeueSend]; +} + +/** + * Sets up a timer that fires to timeout the current send operation. + * This method should only be called once per send packet. +**/ +- (void)setupSendTimerWithTimeout:(NSTimeInterval)timeout +{ + NSAssert(sendTimer == NULL, @"Invalid logic"); + NSAssert(timeout >= 0.0, @"Invalid logic"); + + LogTrace(); + + sendTimer = dispatch_source_create(DISPATCH_SOURCE_TYPE_TIMER, 0, 0, socketQueue); + + dispatch_source_set_event_handler(sendTimer, ^{ @autoreleasepool { + + [self doSendTimeout]; + }}); + + dispatch_time_t tt = dispatch_time(DISPATCH_TIME_NOW, (int64_t)(timeout * NSEC_PER_SEC)); + + dispatch_source_set_timer(sendTimer, tt, DISPATCH_TIME_FOREVER, 0); + dispatch_resume(sendTimer); +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Receiving +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +- (BOOL)receiveOnce:(NSError **)errPtr +{ + LogTrace(); + + __block BOOL result = NO; + __block NSError *err = nil; + + dispatch_block_t block = ^{ + + if ((self->flags & kReceiveOnce) == 0) + { + if ((self->flags & kDidCreateSockets) == 0) + { + NSString *msg = @"Must bind socket before you can receive data. " + @"You can do this explicitly via bind, or implicitly via connect or by sending data."; + + err = [self badConfigError:msg]; + return_from_block; + } + + self->flags |= kReceiveOnce; // Enable + self->flags &= ~kReceiveContinuous; // Disable + + dispatch_async(self->socketQueue, ^{ @autoreleasepool { + + [self doReceive]; + }}); + } + + result = YES; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + if (err) + LogError(@"Error in beginReceiving: %@", err); + + if (errPtr) + *errPtr = err; + + return result; +} + +- (BOOL)beginReceiving:(NSError **)errPtr +{ + LogTrace(); + + __block BOOL result = NO; + __block NSError *err = nil; + + dispatch_block_t block = ^{ + + if ((self->flags & kReceiveContinuous) == 0) + { + if ((self->flags & kDidCreateSockets) == 0) + { + NSString *msg = @"Must bind socket before you can receive data. " + @"You can do this explicitly via bind, or implicitly via connect or by sending data."; + + err = [self badConfigError:msg]; + return_from_block; + } + + self->flags |= kReceiveContinuous; // Enable + self->flags &= ~kReceiveOnce; // Disable + + dispatch_async(self->socketQueue, ^{ @autoreleasepool { + + [self doReceive]; + }}); + } + + result = YES; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); + + if (err) + LogError(@"Error in beginReceiving: %@", err); + + if (errPtr) + *errPtr = err; + + return result; +} + +- (void)pauseReceiving +{ + LogTrace(); + + dispatch_block_t block = ^{ + + self->flags &= ~kReceiveOnce; // Disable + self->flags &= ~kReceiveContinuous; // Disable + + if (self->socket4FDBytesAvailable > 0) { + [self suspendReceive4Source]; + } + if (self->socket6FDBytesAvailable > 0) { + [self suspendReceive6Source]; + } + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_async(socketQueue, block); +} + +- (void)setReceiveFilter:(GCDAsyncUdpSocketReceiveFilterBlock)filterBlock withQueue:(dispatch_queue_t)filterQueue +{ + [self setReceiveFilter:filterBlock withQueue:filterQueue isAsynchronous:YES]; +} + +- (void)setReceiveFilter:(GCDAsyncUdpSocketReceiveFilterBlock)filterBlock + withQueue:(dispatch_queue_t)filterQueue + isAsynchronous:(BOOL)isAsynchronous +{ + GCDAsyncUdpSocketReceiveFilterBlock newFilterBlock = NULL; + dispatch_queue_t newFilterQueue = NULL; + + if (filterBlock) + { + NSAssert(filterQueue, @"Must provide a dispatch_queue in which to run the filter block."); + + newFilterBlock = [filterBlock copy]; + newFilterQueue = filterQueue; + #if !OS_OBJECT_USE_OBJC + dispatch_retain(newFilterQueue); + #endif + } + + dispatch_block_t block = ^{ + + #if !OS_OBJECT_USE_OBJC + if (self->receiveFilterQueue) dispatch_release(self->receiveFilterQueue); + #endif + + self->receiveFilterBlock = newFilterBlock; + self->receiveFilterQueue = newFilterQueue; + self->receiveFilterAsync = isAsynchronous; + }; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_async(socketQueue, block); +} + +- (void)doReceive +{ + LogTrace(); + + if ((flags & (kReceiveOnce | kReceiveContinuous)) == 0) + { + LogVerbose(@"Receiving is paused..."); + + if (socket4FDBytesAvailable > 0) { + [self suspendReceive4Source]; + } + if (socket6FDBytesAvailable > 0) { + [self suspendReceive6Source]; + } + + return; + } + + if ((flags & kReceiveOnce) && (pendingFilterOperations > 0)) + { + LogVerbose(@"Receiving is temporarily paused (pending filter operations)..."); + + if (socket4FDBytesAvailable > 0) { + [self suspendReceive4Source]; + } + if (socket6FDBytesAvailable > 0) { + [self suspendReceive6Source]; + } + + return; + } + + if ((socket4FDBytesAvailable == 0) && (socket6FDBytesAvailable == 0)) + { + LogVerbose(@"No data available to receive..."); + + if (socket4FDBytesAvailable == 0) { + [self resumeReceive4Source]; + } + if (socket6FDBytesAvailable == 0) { + [self resumeReceive6Source]; + } + + return; + } + + // Figure out if we should receive on socket4 or socket6 + + BOOL doReceive4; + + if (flags & kDidConnect) + { + // Connected socket + + doReceive4 = (socket4FD != SOCKET_NULL); + } + else + { + // Non-Connected socket + + if (socket4FDBytesAvailable > 0) + { + if (socket6FDBytesAvailable > 0) + { + // Bytes available on socket4 & socket6 + + doReceive4 = (flags & kFlipFlop) ? YES : NO; + + flags ^= kFlipFlop; // flags = flags xor kFlipFlop; (toggle flip flop bit) + } + else { + // Bytes available on socket4, but not socket6 + doReceive4 = YES; + } + } + else { + // Bytes available on socket6, but not socket4 + doReceive4 = NO; + } + } + + // Perform socket IO + + ssize_t result = 0; + + NSData *data = nil; + NSData *addr4 = nil; + NSData *addr6 = nil; + + if (doReceive4) + { + NSAssert(socket4FDBytesAvailable > 0, @"Invalid logic"); + LogVerbose(@"Receiving on IPv4"); + + struct sockaddr_in sockaddr4; + socklen_t sockaddr4len = sizeof(sockaddr4); + + // #222: GCD does not necessarily return the size of an entire UDP packet + // from dispatch_source_get_data(), so we must use the maximum packet size. + size_t bufSize = max4ReceiveSize; + void *buf = malloc(bufSize); + + result = recvfrom(socket4FD, buf, bufSize, 0, (struct sockaddr *)&sockaddr4, &sockaddr4len); + LogVerbose(@"recvfrom(socket4FD) = %i", (int)result); + + if (result > 0) + { + if ((size_t)result >= socket4FDBytesAvailable) + socket4FDBytesAvailable = 0; + else + socket4FDBytesAvailable -= result; + + if ((size_t)result != bufSize) { + buf = realloc(buf, result); + } + + data = [NSData dataWithBytesNoCopy:buf length:result freeWhenDone:YES]; + addr4 = [NSData dataWithBytes:&sockaddr4 length:sockaddr4len]; + } + else + { + LogVerbose(@"recvfrom(socket4FD) = %@", [self errnoError]); + socket4FDBytesAvailable = 0; + free(buf); + } + } + else + { + NSAssert(socket6FDBytesAvailable > 0, @"Invalid logic"); + LogVerbose(@"Receiving on IPv6"); + + struct sockaddr_in6 sockaddr6; + socklen_t sockaddr6len = sizeof(sockaddr6); + + // #222: GCD does not necessarily return the size of an entire UDP packet + // from dispatch_source_get_data(), so we must use the maximum packet size. + size_t bufSize = max6ReceiveSize; + void *buf = malloc(bufSize); + + result = recvfrom(socket6FD, buf, bufSize, 0, (struct sockaddr *)&sockaddr6, &sockaddr6len); + LogVerbose(@"recvfrom(socket6FD) -> %i", (int)result); + + if (result > 0) + { + if ((size_t)result >= socket6FDBytesAvailable) + socket6FDBytesAvailable = 0; + else + socket6FDBytesAvailable -= result; + + if ((size_t)result != bufSize) { + buf = realloc(buf, result); + } + + data = [NSData dataWithBytesNoCopy:buf length:result freeWhenDone:YES]; + addr6 = [NSData dataWithBytes:&sockaddr6 length:sockaddr6len]; + } + else + { + LogVerbose(@"recvfrom(socket6FD) = %@", [self errnoError]); + socket6FDBytesAvailable = 0; + free(buf); + } + } + + + BOOL waitingForSocket = NO; + BOOL notifiedDelegate = NO; + BOOL ignored = NO; + + NSError *socketError = nil; + + if (result == 0) + { + waitingForSocket = YES; + } + else if (result < 0) + { + if (errno == EAGAIN) + waitingForSocket = YES; + else + socketError = [self errnoErrorWithReason:@"Error in recvfrom() function"]; + } + else + { + if (flags & kDidConnect) + { + if (addr4 && ![self isConnectedToAddress4:addr4]) + ignored = YES; + if (addr6 && ![self isConnectedToAddress6:addr6]) + ignored = YES; + } + + NSData *addr = (addr4 != nil) ? addr4 : addr6; + + if (!ignored) + { + if (receiveFilterBlock && receiveFilterQueue) + { + // Run data through filter, and if approved, notify delegate + + __block id filterContext = nil; + __block BOOL allowed = NO; + + if (receiveFilterAsync) + { + pendingFilterOperations++; + dispatch_async(receiveFilterQueue, ^{ @autoreleasepool { + + allowed = self->receiveFilterBlock(data, addr, &filterContext); + + // Transition back to socketQueue to get the current delegate / delegateQueue + dispatch_async(self->socketQueue, ^{ @autoreleasepool { + + self->pendingFilterOperations--; + + if (allowed) + { + [self notifyDidReceiveData:data fromAddress:addr withFilterContext:filterContext]; + } + else + { + LogVerbose(@"received packet silently dropped by receiveFilter"); + } + + if (self->flags & kReceiveOnce) + { + if (allowed) + { + // The delegate has been notified, + // so our receive once operation has completed. + self->flags &= ~kReceiveOnce; + } + else if (self->pendingFilterOperations == 0) + { + // All pending filter operations have completed, + // and none were allowed through. + // Our receive once operation hasn't completed yet. + [self doReceive]; + } + } + }}); + }}); + } + else // if (!receiveFilterAsync) + { + dispatch_sync(receiveFilterQueue, ^{ @autoreleasepool { + + allowed = self->receiveFilterBlock(data, addr, &filterContext); + }}); + + if (allowed) + { + [self notifyDidReceiveData:data fromAddress:addr withFilterContext:filterContext]; + notifiedDelegate = YES; + } + else + { + LogVerbose(@"received packet silently dropped by receiveFilter"); + ignored = YES; + } + } + } + else // if (!receiveFilterBlock || !receiveFilterQueue) + { + [self notifyDidReceiveData:data fromAddress:addr withFilterContext:nil]; + notifiedDelegate = YES; + } + } + } + + if (waitingForSocket) + { + // Wait for a notification of available data. + + if (socket4FDBytesAvailable == 0) { + [self resumeReceive4Source]; + } + if (socket6FDBytesAvailable == 0) { + [self resumeReceive6Source]; + } + } + else if (socketError) + { + [self closeWithError:socketError]; + } + else + { + if (flags & kReceiveContinuous) + { + // Continuous receive mode + [self doReceive]; + } + else + { + // One-at-a-time receive mode + if (notifiedDelegate) + { + // The delegate has been notified (no set filter). + // So our receive once operation has completed. + flags &= ~kReceiveOnce; + } + else if (ignored) + { + [self doReceive]; + } + else + { + // Waiting on asynchronous receive filter... + } + } + } +} + +- (void)doReceiveEOF +{ + LogTrace(); + + [self closeWithError:[self socketClosedError]]; +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Closing +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +- (void)closeWithError:(NSError *)error +{ + LogVerbose(@"closeWithError: %@", error); + + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + if (currentSend) [self endCurrentSend]; + + [sendQueue removeAllObjects]; + + // If a socket has been created, we should notify the delegate. + BOOL shouldCallDelegate = (flags & kDidCreateSockets) ? YES : NO; + + // Close all sockets, send/receive sources, cfstreams, etc +#if TARGET_OS_IPHONE + [self removeStreamsFromRunLoop]; + [self closeReadAndWriteStreams]; +#endif + [self closeSockets]; + + // Clear all flags (config remains as is) + flags = 0; + + if (shouldCallDelegate) + { + [self notifyDidCloseWithError:error]; + } +} + +- (void)close +{ + LogTrace(); + + dispatch_block_t block = ^{ @autoreleasepool { + + [self closeWithError:nil]; + }}; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); +} + +- (void)closeAfterSending +{ + LogTrace(); + + dispatch_block_t block = ^{ @autoreleasepool { + + self->flags |= kCloseAfterSends; + + if (self->currentSend == nil && [self->sendQueue count] == 0) + { + [self closeWithError:nil]; + } + }}; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_async(socketQueue, block); +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark CFStream +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +#if TARGET_OS_IPHONE + +static NSThread *listenerThread; + ++ (void)ignore:(id)_ +{} + ++ (void)startListenerThreadIfNeeded +{ + static dispatch_once_t predicate; + dispatch_once(&predicate, ^{ + + listenerThread = [[NSThread alloc] initWithTarget:self + selector:@selector(listenerThread:) + object:nil]; + [listenerThread start]; + }); +} + ++ (void)listenerThread:(id)unused +{ + @autoreleasepool { + + [[NSThread currentThread] setName:GCDAsyncUdpSocketThreadName]; + + LogInfo(@"ListenerThread: Started"); + + // We can't run the run loop unless it has an associated input source or a timer. + // So we'll just create a timer that will never fire - unless the server runs for a decades. + [NSTimer scheduledTimerWithTimeInterval:[[NSDate distantFuture] timeIntervalSinceNow] + target:self + selector:@selector(ignore:) + userInfo:nil + repeats:YES]; + + [[NSRunLoop currentRunLoop] run]; + + LogInfo(@"ListenerThread: Stopped"); + } +} + ++ (void)addStreamListener:(GCDAsyncUdpSocket *)asyncUdpSocket +{ + LogTrace(); + NSAssert([NSThread currentThread] == listenerThread, @"Invoked on wrong thread"); + + CFRunLoopRef runLoop = CFRunLoopGetCurrent(); + + if (asyncUdpSocket->readStream4) + CFReadStreamScheduleWithRunLoop(asyncUdpSocket->readStream4, runLoop, kCFRunLoopDefaultMode); + + if (asyncUdpSocket->readStream6) + CFReadStreamScheduleWithRunLoop(asyncUdpSocket->readStream6, runLoop, kCFRunLoopDefaultMode); + + if (asyncUdpSocket->writeStream4) + CFWriteStreamScheduleWithRunLoop(asyncUdpSocket->writeStream4, runLoop, kCFRunLoopDefaultMode); + + if (asyncUdpSocket->writeStream6) + CFWriteStreamScheduleWithRunLoop(asyncUdpSocket->writeStream6, runLoop, kCFRunLoopDefaultMode); +} + ++ (void)removeStreamListener:(GCDAsyncUdpSocket *)asyncUdpSocket +{ + LogTrace(); + NSAssert([NSThread currentThread] == listenerThread, @"Invoked on wrong thread"); + + CFRunLoopRef runLoop = CFRunLoopGetCurrent(); + + if (asyncUdpSocket->readStream4) + CFReadStreamUnscheduleFromRunLoop(asyncUdpSocket->readStream4, runLoop, kCFRunLoopDefaultMode); + + if (asyncUdpSocket->readStream6) + CFReadStreamUnscheduleFromRunLoop(asyncUdpSocket->readStream6, runLoop, kCFRunLoopDefaultMode); + + if (asyncUdpSocket->writeStream4) + CFWriteStreamUnscheduleFromRunLoop(asyncUdpSocket->writeStream4, runLoop, kCFRunLoopDefaultMode); + + if (asyncUdpSocket->writeStream6) + CFWriteStreamUnscheduleFromRunLoop(asyncUdpSocket->writeStream6, runLoop, kCFRunLoopDefaultMode); +} + +static void CFReadStreamCallback(CFReadStreamRef stream, CFStreamEventType type, void *pInfo) +{ + @autoreleasepool { + GCDAsyncUdpSocket *asyncUdpSocket = (__bridge GCDAsyncUdpSocket *)pInfo; + + switch(type) + { + case kCFStreamEventOpenCompleted: + { + LogCVerbose(@"CFReadStreamCallback - Open"); + break; + } + case kCFStreamEventHasBytesAvailable: + { + LogCVerbose(@"CFReadStreamCallback - HasBytesAvailable"); + break; + } + case kCFStreamEventErrorOccurred: + case kCFStreamEventEndEncountered: + { + NSError *error = (__bridge_transfer NSError *)CFReadStreamCopyError(stream); + if (error == nil && type == kCFStreamEventEndEncountered) + { + error = [asyncUdpSocket socketClosedError]; + } + + dispatch_async(asyncUdpSocket->socketQueue, ^{ @autoreleasepool { + + LogCVerbose(@"CFReadStreamCallback - %@", + (type == kCFStreamEventErrorOccurred) ? @"Error" : @"EndEncountered"); + + if (stream != asyncUdpSocket->readStream4 && + stream != asyncUdpSocket->readStream6 ) + { + LogCVerbose(@"CFReadStreamCallback - Ignored"); + return_from_block; + } + + [asyncUdpSocket closeWithError:error]; + + }}); + + break; + } + default: + { + LogCError(@"CFReadStreamCallback - UnknownType: %i", (int)type); + } + } + } +} + +static void CFWriteStreamCallback(CFWriteStreamRef stream, CFStreamEventType type, void *pInfo) +{ + @autoreleasepool { + GCDAsyncUdpSocket *asyncUdpSocket = (__bridge GCDAsyncUdpSocket *)pInfo; + + switch(type) + { + case kCFStreamEventOpenCompleted: + { + LogCVerbose(@"CFWriteStreamCallback - Open"); + break; + } + case kCFStreamEventCanAcceptBytes: + { + LogCVerbose(@"CFWriteStreamCallback - CanAcceptBytes"); + break; + } + case kCFStreamEventErrorOccurred: + case kCFStreamEventEndEncountered: + { + NSError *error = (__bridge_transfer NSError *)CFWriteStreamCopyError(stream); + if (error == nil && type == kCFStreamEventEndEncountered) + { + error = [asyncUdpSocket socketClosedError]; + } + + dispatch_async(asyncUdpSocket->socketQueue, ^{ @autoreleasepool { + + LogCVerbose(@"CFWriteStreamCallback - %@", + (type == kCFStreamEventErrorOccurred) ? @"Error" : @"EndEncountered"); + + if (stream != asyncUdpSocket->writeStream4 && + stream != asyncUdpSocket->writeStream6 ) + { + LogCVerbose(@"CFWriteStreamCallback - Ignored"); + return_from_block; + } + + [asyncUdpSocket closeWithError:error]; + + }}); + + break; + } + default: + { + LogCError(@"CFWriteStreamCallback - UnknownType: %i", (int)type); + } + } + } +} + +- (BOOL)createReadAndWriteStreams:(NSError **)errPtr +{ + LogTrace(); + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + NSError *err = nil; + + if (readStream4 || writeStream4 || readStream6 || writeStream6) + { + // Streams already created + return YES; + } + + if (socket4FD == SOCKET_NULL && socket6FD == SOCKET_NULL) + { + err = [self otherError:@"Cannot create streams without a file descriptor"]; + goto Failed; + } + + // Create streams + + LogVerbose(@"Creating read and write stream(s)..."); + + if (socket4FD != SOCKET_NULL) + { + CFStreamCreatePairWithSocket(NULL, (CFSocketNativeHandle)socket4FD, &readStream4, &writeStream4); + if (!readStream4 || !writeStream4) + { + err = [self otherError:@"Error in CFStreamCreatePairWithSocket() [IPv4]"]; + goto Failed; + } + } + + if (socket6FD != SOCKET_NULL) + { + CFStreamCreatePairWithSocket(NULL, (CFSocketNativeHandle)socket6FD, &readStream6, &writeStream6); + if (!readStream6 || !writeStream6) + { + err = [self otherError:@"Error in CFStreamCreatePairWithSocket() [IPv6]"]; + goto Failed; + } + } + + // Ensure the CFStream's don't close our underlying socket + + CFReadStreamSetProperty(readStream4, kCFStreamPropertyShouldCloseNativeSocket, kCFBooleanFalse); + CFWriteStreamSetProperty(writeStream4, kCFStreamPropertyShouldCloseNativeSocket, kCFBooleanFalse); + + CFReadStreamSetProperty(readStream6, kCFStreamPropertyShouldCloseNativeSocket, kCFBooleanFalse); + CFWriteStreamSetProperty(writeStream6, kCFStreamPropertyShouldCloseNativeSocket, kCFBooleanFalse); + + return YES; + +Failed: + if (readStream4) + { + CFReadStreamClose(readStream4); + CFRelease(readStream4); + readStream4 = NULL; + } + if (writeStream4) + { + CFWriteStreamClose(writeStream4); + CFRelease(writeStream4); + writeStream4 = NULL; + } + if (readStream6) + { + CFReadStreamClose(readStream6); + CFRelease(readStream6); + readStream6 = NULL; + } + if (writeStream6) + { + CFWriteStreamClose(writeStream6); + CFRelease(writeStream6); + writeStream6 = NULL; + } + + if (errPtr) + *errPtr = err; + + return NO; +} + +- (BOOL)registerForStreamCallbacks:(NSError **)errPtr +{ + LogTrace(); + + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + NSAssert(readStream4 || writeStream4 || readStream6 || writeStream6, @"Read/Write streams are null"); + + NSError *err = nil; + + streamContext.version = 0; + streamContext.info = (__bridge void *)self; + streamContext.retain = nil; + streamContext.release = nil; + streamContext.copyDescription = nil; + + CFOptionFlags readStreamEvents = kCFStreamEventErrorOccurred | kCFStreamEventEndEncountered; + CFOptionFlags writeStreamEvents = kCFStreamEventErrorOccurred | kCFStreamEventEndEncountered; + +// readStreamEvents |= (kCFStreamEventOpenCompleted | kCFStreamEventHasBytesAvailable); +// writeStreamEvents |= (kCFStreamEventOpenCompleted | kCFStreamEventCanAcceptBytes); + + if (socket4FD != SOCKET_NULL) + { + if (readStream4 == NULL || writeStream4 == NULL) + { + err = [self otherError:@"Read/Write stream4 is null"]; + goto Failed; + } + + BOOL r1 = CFReadStreamSetClient(readStream4, readStreamEvents, &CFReadStreamCallback, &streamContext); + BOOL r2 = CFWriteStreamSetClient(writeStream4, writeStreamEvents, &CFWriteStreamCallback, &streamContext); + + if (!r1 || !r2) + { + err = [self otherError:@"Error in CFStreamSetClient(), [IPv4]"]; + goto Failed; + } + } + + if (socket6FD != SOCKET_NULL) + { + if (readStream6 == NULL || writeStream6 == NULL) + { + err = [self otherError:@"Read/Write stream6 is null"]; + goto Failed; + } + + BOOL r1 = CFReadStreamSetClient(readStream6, readStreamEvents, &CFReadStreamCallback, &streamContext); + BOOL r2 = CFWriteStreamSetClient(writeStream6, writeStreamEvents, &CFWriteStreamCallback, &streamContext); + + if (!r1 || !r2) + { + err = [self otherError:@"Error in CFStreamSetClient() [IPv6]"]; + goto Failed; + } + } + + return YES; + +Failed: + if (readStream4) { + CFReadStreamSetClient(readStream4, kCFStreamEventNone, NULL, NULL); + } + if (writeStream4) { + CFWriteStreamSetClient(writeStream4, kCFStreamEventNone, NULL, NULL); + } + if (readStream6) { + CFReadStreamSetClient(readStream6, kCFStreamEventNone, NULL, NULL); + } + if (writeStream6) { + CFWriteStreamSetClient(writeStream6, kCFStreamEventNone, NULL, NULL); + } + + if (errPtr) *errPtr = err; + return NO; +} + +- (BOOL)addStreamsToRunLoop:(NSError **)errPtr +{ + LogTrace(); + + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + NSAssert(readStream4 || writeStream4 || readStream6 || writeStream6, @"Read/Write streams are null"); + + if (!(flags & kAddedStreamListener)) + { + [[self class] startListenerThreadIfNeeded]; + [[self class] performSelector:@selector(addStreamListener:) + onThread:listenerThread + withObject:self + waitUntilDone:YES]; + + flags |= kAddedStreamListener; + } + + return YES; +} + +- (BOOL)openStreams:(NSError **)errPtr +{ + LogTrace(); + + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + NSAssert(readStream4 || writeStream4 || readStream6 || writeStream6, @"Read/Write streams are null"); + + NSError *err = nil; + + if (socket4FD != SOCKET_NULL) + { + BOOL r1 = CFReadStreamOpen(readStream4); + BOOL r2 = CFWriteStreamOpen(writeStream4); + + if (!r1 || !r2) + { + err = [self otherError:@"Error in CFStreamOpen() [IPv4]"]; + goto Failed; + } + } + + if (socket6FD != SOCKET_NULL) + { + BOOL r1 = CFReadStreamOpen(readStream6); + BOOL r2 = CFWriteStreamOpen(writeStream6); + + if (!r1 || !r2) + { + err = [self otherError:@"Error in CFStreamOpen() [IPv6]"]; + goto Failed; + } + } + + return YES; + +Failed: + if (errPtr) *errPtr = err; + return NO; +} + +- (void)removeStreamsFromRunLoop +{ + LogTrace(); + NSAssert(dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey), @"Must be dispatched on socketQueue"); + + if (flags & kAddedStreamListener) + { + [[self class] performSelector:@selector(removeStreamListener:) + onThread:listenerThread + withObject:self + waitUntilDone:YES]; + + flags &= ~kAddedStreamListener; + } +} + +- (void)closeReadAndWriteStreams +{ + LogTrace(); + + if (readStream4) + { + CFReadStreamSetClient(readStream4, kCFStreamEventNone, NULL, NULL); + CFReadStreamClose(readStream4); + CFRelease(readStream4); + readStream4 = NULL; + } + if (writeStream4) + { + CFWriteStreamSetClient(writeStream4, kCFStreamEventNone, NULL, NULL); + CFWriteStreamClose(writeStream4); + CFRelease(writeStream4); + writeStream4 = NULL; + } + if (readStream6) + { + CFReadStreamSetClient(readStream6, kCFStreamEventNone, NULL, NULL); + CFReadStreamClose(readStream6); + CFRelease(readStream6); + readStream6 = NULL; + } + if (writeStream6) + { + CFWriteStreamSetClient(writeStream6, kCFStreamEventNone, NULL, NULL); + CFWriteStreamClose(writeStream6); + CFRelease(writeStream6); + writeStream6 = NULL; + } +} + +#endif + +#if TARGET_OS_IPHONE +- (void)applicationWillEnterForeground:(NSNotification *)notification +{ + LogTrace(); + + // If the application was backgrounded, then iOS may have shut down our sockets. + // So we take a quick look to see if any of them received an EOF. + + dispatch_block_t block = ^{ @autoreleasepool { + + [self resumeReceive4Source]; + [self resumeReceive6Source]; + }}; + + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_async(socketQueue, block); +} +#endif + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Advanced +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +/** + * See header file for big discussion of this method. + **/ +- (void)markSocketQueueTargetQueue:(dispatch_queue_t)socketNewTargetQueue +{ + void *nonNullUnusedPointer = (__bridge void *)self; + dispatch_queue_set_specific(socketNewTargetQueue, IsOnSocketQueueOrTargetQueueKey, nonNullUnusedPointer, NULL); +} + +/** + * See header file for big discussion of this method. + **/ +- (void)unmarkSocketQueueTargetQueue:(dispatch_queue_t)socketOldTargetQueue +{ + dispatch_queue_set_specific(socketOldTargetQueue, IsOnSocketQueueOrTargetQueueKey, NULL, NULL); +} + +- (void)performBlock:(dispatch_block_t)block +{ + if (dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + block(); + else + dispatch_sync(socketQueue, block); +} + +- (int)socketFD +{ + if (! dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + LogWarn(@"%@: %@ - Method only available from within the context of a performBlock: invocation", + THIS_FILE, THIS_METHOD); + return SOCKET_NULL; + } + + if (socket4FD != SOCKET_NULL) + return socket4FD; + else + return socket6FD; +} + +- (int)socket4FD +{ + if (! dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + LogWarn(@"%@: %@ - Method only available from within the context of a performBlock: invocation", + THIS_FILE, THIS_METHOD); + return SOCKET_NULL; + } + + return socket4FD; +} + +- (int)socket6FD +{ + if (! dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + LogWarn(@"%@: %@ - Method only available from within the context of a performBlock: invocation", + THIS_FILE, THIS_METHOD); + return SOCKET_NULL; + } + + return socket6FD; +} + +#if TARGET_OS_IPHONE + +- (CFReadStreamRef)readStream +{ + if (! dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + LogWarn(@"%@: %@ - Method only available from within the context of a performBlock: invocation", + THIS_FILE, THIS_METHOD); + return NULL; + } + + NSError *err = nil; + if (![self createReadAndWriteStreams:&err]) + { + LogError(@"Error creating CFStream(s): %@", err); + return NULL; + } + + // Todo... + + if (readStream4) + return readStream4; + else + return readStream6; +} + +- (CFWriteStreamRef)writeStream +{ + if (! dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + LogWarn(@"%@: %@ - Method only available from within the context of a performBlock: invocation", + THIS_FILE, THIS_METHOD); + return NULL; + } + + NSError *err = nil; + if (![self createReadAndWriteStreams:&err]) + { + LogError(@"Error creating CFStream(s): %@", err); + return NULL; + } + + if (writeStream4) + return writeStream4; + else + return writeStream6; +} + +- (BOOL)enableBackgroundingOnSockets +{ + if (! dispatch_get_specific(IsOnSocketQueueOrTargetQueueKey)) + { + LogWarn(@"%@: %@ - Method only available from within the context of a performBlock: invocation", + THIS_FILE, THIS_METHOD); + return NO; + } + + // Why is this commented out? + // See comments below. + +// NSError *err = nil; +// if (![self createReadAndWriteStreams:&err]) +// { +// LogError(@"Error creating CFStream(s): %@", err); +// return NO; +// } +// +// LogVerbose(@"Enabling backgrouding on socket"); +// +// BOOL r1, r2; +// +// if (readStream4 && writeStream4) +// { +// r1 = CFReadStreamSetProperty(readStream4, kCFStreamNetworkServiceType, kCFStreamNetworkServiceTypeVoIP); +// r2 = CFWriteStreamSetProperty(writeStream4, kCFStreamNetworkServiceType, kCFStreamNetworkServiceTypeVoIP); +// +// if (!r1 || !r2) +// { +// LogError(@"Error setting voip type (IPv4)"); +// return NO; +// } +// } +// +// if (readStream6 && writeStream6) +// { +// r1 = CFReadStreamSetProperty(readStream6, kCFStreamNetworkServiceType, kCFStreamNetworkServiceTypeVoIP); +// r2 = CFWriteStreamSetProperty(writeStream6, kCFStreamNetworkServiceType, kCFStreamNetworkServiceTypeVoIP); +// +// if (!r1 || !r2) +// { +// LogError(@"Error setting voip type (IPv6)"); +// return NO; +// } +// } +// +// return YES; + + // The above code will actually appear to work. + // The methods will return YES, and everything will appear fine. + // + // One tiny problem: the sockets will still get closed when the app gets backgrounded. + // + // Apple does not officially support backgrounding UDP sockets. + + return NO; +} + +#endif + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +#pragma mark Class Methods +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + ++ (NSString *)hostFromSockaddr4:(const struct sockaddr_in *)pSockaddr4 +{ + char addrBuf[INET_ADDRSTRLEN]; + + if (inet_ntop(AF_INET, &pSockaddr4->sin_addr, addrBuf, (socklen_t)sizeof(addrBuf)) == NULL) + { + addrBuf[0] = '\0'; + } + + return [NSString stringWithCString:addrBuf encoding:NSASCIIStringEncoding]; +} + ++ (NSString *)hostFromSockaddr6:(const struct sockaddr_in6 *)pSockaddr6 +{ + char addrBuf[INET6_ADDRSTRLEN]; + + if (inet_ntop(AF_INET6, &pSockaddr6->sin6_addr, addrBuf, (socklen_t)sizeof(addrBuf)) == NULL) + { + addrBuf[0] = '\0'; + } + + return [NSString stringWithCString:addrBuf encoding:NSASCIIStringEncoding]; +} + ++ (uint16_t)portFromSockaddr4:(const struct sockaddr_in *)pSockaddr4 +{ + return ntohs(pSockaddr4->sin_port); +} + ++ (uint16_t)portFromSockaddr6:(const struct sockaddr_in6 *)pSockaddr6 +{ + return ntohs(pSockaddr6->sin6_port); +} + ++ (NSString *)hostFromAddress:(NSData *)address +{ + NSString *host = nil; + [self getHost:&host port:NULL family:NULL fromAddress:address]; + + return host; +} + ++ (uint16_t)portFromAddress:(NSData *)address +{ + uint16_t port = 0; + [self getHost:NULL port:&port family:NULL fromAddress:address]; + + return port; +} + ++ (int)familyFromAddress:(NSData *)address +{ + int af = AF_UNSPEC; + [self getHost:NULL port:NULL family:&af fromAddress:address]; + + return af; +} + ++ (BOOL)isIPv4Address:(NSData *)address +{ + int af = AF_UNSPEC; + [self getHost:NULL port:NULL family:&af fromAddress:address]; + + return (af == AF_INET); +} + ++ (BOOL)isIPv6Address:(NSData *)address +{ + int af = AF_UNSPEC; + [self getHost:NULL port:NULL family:&af fromAddress:address]; + + return (af == AF_INET6); +} + ++ (BOOL)getHost:(NSString **)hostPtr port:(uint16_t *)portPtr fromAddress:(NSData *)address +{ + return [self getHost:hostPtr port:portPtr family:NULL fromAddress:address]; +} + ++ (BOOL)getHost:(NSString **)hostPtr port:(uint16_t *)portPtr family:(int *)afPtr fromAddress:(NSData *)address +{ + if ([address length] >= sizeof(struct sockaddr)) + { + const struct sockaddr *addrX = (const struct sockaddr *)[address bytes]; + + if (addrX->sa_family == AF_INET) + { + if ([address length] >= sizeof(struct sockaddr_in)) + { + const struct sockaddr_in *addr4 = (const struct sockaddr_in *)(const void *)addrX; + + if (hostPtr) *hostPtr = [self hostFromSockaddr4:addr4]; + if (portPtr) *portPtr = [self portFromSockaddr4:addr4]; + if (afPtr) *afPtr = AF_INET; + + return YES; + } + } + else if (addrX->sa_family == AF_INET6) + { + if ([address length] >= sizeof(struct sockaddr_in6)) + { + const struct sockaddr_in6 *addr6 = (const struct sockaddr_in6 *)(const void *)addrX; + + if (hostPtr) *hostPtr = [self hostFromSockaddr6:addr6]; + if (portPtr) *portPtr = [self portFromSockaddr6:addr6]; + if (afPtr) *afPtr = AF_INET6; + + return YES; + } + } + } + + if (hostPtr) *hostPtr = nil; + if (portPtr) *portPtr = 0; + if (afPtr) *afPtr = AF_UNSPEC; + + return NO; +} + +@end diff --git a/GlassVPN/zhuhaow-NEKit/Event/Event/AdapterSocketEvent.swift b/GlassVPN/zhuhaow-NEKit/Event/Event/AdapterSocketEvent.swift new file mode 100755 index 0000000..cfa33c3 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Event/Event/AdapterSocketEvent.swift @@ -0,0 +1,40 @@ +import Foundation + +public enum AdapterSocketEvent: EventType { + public var description: String { + switch self { + case let .socketOpened(socket, withSession: session): + return "Adatper socket \(socket) starts to connect to remote with session \(session)." + case .disconnectCalled(let socket): + return "Disconnect is just called on adapter socket \(socket)." + case .forceDisconnectCalled(let socket): + return "Force disconnect is just called on adapter socket \(socket)." + case .disconnected(let socket): + return "Adapter socket \(socket) disconnected." + case let .readData(data, on: socket): + return "Received \(data.count) bytes data on adatper socket \(socket)." + case let .wroteData(data, on: socket): + if let data = data { + return "Sent \(data.count) bytes data on adapter socket \(socket)." + } else { + return "Sent data on adapter socket \(socket)." + } + case let .connected(socket): + return "Adapter socket \(socket) connected to remote." + case .readyForForward(let socket): + return "Adatper socket \(socket) is ready to forward data." + case let .errorOccured(error, on: socket): + return "Adapter socket \(socket) encountered an error \(error)." + } + } + + case socketOpened(AdapterSocket, withSession: ConnectSession), + disconnectCalled(AdapterSocket), + forceDisconnectCalled(AdapterSocket), + disconnected(AdapterSocket), + readData(Data, on: AdapterSocket), + wroteData(Data?, on: AdapterSocket), + connected(AdapterSocket), + readyForForward(AdapterSocket), + errorOccured(Error, on: AdapterSocket) +} diff --git a/GlassVPN/zhuhaow-NEKit/Event/Event/EventType.swift b/GlassVPN/zhuhaow-NEKit/Event/Event/EventType.swift new file mode 100755 index 0000000..987ad22 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Event/Event/EventType.swift @@ -0,0 +1,3 @@ +import Foundation + +public protocol EventType: CustomStringConvertible {} diff --git a/GlassVPN/zhuhaow-NEKit/Event/Event/ProxyServerEvent.swift b/GlassVPN/zhuhaow-NEKit/Event/Event/ProxyServerEvent.swift new file mode 100755 index 0000000..ed12753 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Event/Event/ProxyServerEvent.swift @@ -0,0 +1,18 @@ +import Foundation + +public enum ProxyServerEvent: EventType { + public var description: String { + switch self { + case let .newSocketAccepted(socket, onServer: server): + return "Proxy server \(server) just accepted a new socket \(socket)." + case let .tunnelClosed(tunnel, onServer: server): + return "A tunnel \(tunnel) on proxy server \(server) just closed." + case .started(let server): + return "Proxy server \(server) started." + case .stopped(let server): + return "Proxy server \(server) stopped." + } + } + + case newSocketAccepted(ProxySocket, onServer: ProxyServer), tunnelClosed(Tunnel, onServer: ProxyServer), started(ProxyServer), stopped(ProxyServer) +} diff --git a/GlassVPN/zhuhaow-NEKit/Event/Event/ProxySocketEvent.swift b/GlassVPN/zhuhaow-NEKit/Event/Event/ProxySocketEvent.swift new file mode 100755 index 0000000..7089969 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Event/Event/ProxySocketEvent.swift @@ -0,0 +1,43 @@ +import Foundation + +public enum ProxySocketEvent: EventType { + public var description: String { + switch self { + case .socketOpened(let socket): + return "Start processing data from proxy socket \(socket)." + case .disconnectCalled(let socket): + return "Disconnect is just called on proxy socket \(socket)." + case .forceDisconnectCalled(let socket): + return "Force disconnect is just called on proxy socket \(socket)." + case .disconnected(let socket): + return "Proxy socket \(socket) disconnected." + case let .receivedRequest(session, on: socket): + return "Proxy socket \(socket) received request \(session)." + case let .readData(data, on: socket): + return "Received \(data.count) bytes data on proxy socket \(socket)." + case let .wroteData(data, on: socket): + if let data = data { + return "Sent \(data.count) bytes data on proxy socket \(socket)." + } else { + return "Sent data on proxy socket \(socket)." + } + case let .askedToResponseTo(adapter, on: socket): + return "Proxy socket \(socket) is asked to respond to adapter \(adapter)." + case .readyForForward(let socket): + return "Proxy socket \(socket) is ready to forward data." + case let .errorOccured(error, on: socket): + return "Proxy socket \(socket) encountered an error \(error)." + } + } + + case socketOpened(ProxySocket), + disconnectCalled(ProxySocket), + forceDisconnectCalled(ProxySocket), + disconnected(ProxySocket), + receivedRequest(ConnectSession, on: ProxySocket), + readData(Data, on: ProxySocket), + wroteData(Data?, on: ProxySocket), + askedToResponseTo(AdapterSocket, on: ProxySocket), + readyForForward(ProxySocket), + errorOccured(Error, on: ProxySocket) +} diff --git a/GlassVPN/zhuhaow-NEKit/Event/Event/RuleMatchEvent.swift b/GlassVPN/zhuhaow-NEKit/Event/Event/RuleMatchEvent.swift new file mode 100755 index 0000000..2dcb1f2 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Event/Event/RuleMatchEvent.swift @@ -0,0 +1,16 @@ +import Foundation + +public enum RuleMatchEvent: EventType { + public var description: String { + switch self { + case let .ruleMatched(session, rule: rule): + return "Rule \(rule) matched session \(session)." + case let .ruleDidNotMatch(session, rule: rule): + return "Rule \(rule) did not match session \(session)." + case let .dnsRuleMatched(session, rule: rule, type: type, result: result): + return "Rule \(rule) matched DNS session \(session) of type \(type), the result is \(result)." + } + } + + case ruleMatched(ConnectSession, rule: Rule), ruleDidNotMatch(ConnectSession, rule: Rule), dnsRuleMatched(DNSSession, rule: Rule, type: DNSSessionMatchType, result: DNSSessionMatchResult) +} diff --git a/GlassVPN/zhuhaow-NEKit/Event/Event/TunnelEvent.swift b/GlassVPN/zhuhaow-NEKit/Event/Event/TunnelEvent.swift new file mode 100755 index 0000000..52b4935 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Event/Event/TunnelEvent.swift @@ -0,0 +1,57 @@ +import Foundation + +public enum TunnelEvent: EventType { + public var description: String { + switch self { + case .opened(let tunnel): + return "Tunnel \(tunnel) starts processing data." + case .closeCalled(let tunnel): + return "Close is called on tunnel \(tunnel)." + case .forceCloseCalled(let tunnel): + return "Force close is called on tunnel \(tunnel)." + case let .receivedRequest(request, from: socket, on: tunnel): + return "Tunnel \(tunnel) received request \(request) from proxy socket \(socket)." + case let .receivedReadySignal(socket, currentReady: signal, on: tunnel): + if signal == 1 { + return "Tunnel \(tunnel) received ready-for-forward signal from socket \(socket)." + } else { + return "Tunnel \(tunnel) received ready-for-forward signal from socket \(socket). Start forwarding data." + } + case let .proxySocketReadData(data, from: socket, on: tunnel): + return "Tunnel \(tunnel) received \(data.count) bytes from proxy socket \(socket)." + case let .proxySocketWroteData(data, by: socket, on: tunnel): + if let data = data { + return "Proxy socket \(socket) sent \(data.count) bytes data from Tunnel \(tunnel)." + } else { + return "Proxy socket \(socket) sent data from Tunnel \(tunnel)." + } + case let .adapterSocketReadData(data, from: socket, on: tunnel): + return "Tunnel \(tunnel) received \(data.count) bytes from adapter socket \(socket)." + case let .adapterSocketWroteData(data, by: socket, on: tunnel): + if let data = data { + return "Adatper socket \(socket) sent \(data.count) bytes data from Tunnel \(tunnel)." + } else { + return "Adapter socket \(socket) sent data from Tunnel \(tunnel)." + } + case let .connectedToRemote(socket, on: tunnel): + return "Adapter socket \(socket) connected to remote successfully on tunnel \(tunnel)." + case let .updatingAdapterSocket(from: old, to: new, on: tunnel): + return "Updating adapter socket of tunnel \(tunnel) from \(old) to \(new)." + case .closed(let tunnel): + return "Tunnel \(tunnel) closed." + } + } + + case opened(Tunnel), + closeCalled(Tunnel), + forceCloseCalled(Tunnel), + receivedRequest(ConnectSession, from: ProxySocket, on: Tunnel), + receivedReadySignal(SocketProtocol, currentReady: Int, on: Tunnel), + proxySocketReadData(Data, from: ProxySocket, on: Tunnel), + proxySocketWroteData(Data?, by: ProxySocket, on: Tunnel), + adapterSocketReadData(Data, from: AdapterSocket, on: Tunnel), + adapterSocketWroteData(Data?, by: AdapterSocket, on: Tunnel), + connectedToRemote(AdapterSocket, on: Tunnel), + updatingAdapterSocket(from: AdapterSocket, to: AdapterSocket, on: Tunnel), + closed(Tunnel) +} diff --git a/GlassVPN/zhuhaow-NEKit/Event/Observer.swift b/GlassVPN/zhuhaow-NEKit/Event/Observer.swift new file mode 100755 index 0000000..d6d501a --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Event/Observer.swift @@ -0,0 +1,6 @@ +import Foundation + +open class Observer { + public init() {} + open func signal(_ event: T) {} +} diff --git a/GlassVPN/zhuhaow-NEKit/Event/ObserverFactory.swift b/GlassVPN/zhuhaow-NEKit/Event/ObserverFactory.swift new file mode 100755 index 0000000..2eefd5a --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Event/ObserverFactory.swift @@ -0,0 +1,27 @@ +import Foundation + +open class ObserverFactory { + public static var currentFactory: ObserverFactory? + + public init() {} + + open func getObserverForTunnel(_ tunnel: Tunnel) -> Observer? { + return nil + } + + open func getObserverForAdapterSocket(_ socket: AdapterSocket) -> Observer? { + return nil + } + + open func getObserverForProxySocket(_ socket: ProxySocket) -> Observer? { + return nil + } + + open func getObserverForProxyServer(_ server: ProxyServer) -> Observer? { + return nil + } + + open func getObserverForRuleManager(_ manager: RuleManager) -> Observer? { + return nil + } +} diff --git a/GlassVPN/zhuhaow-NEKit/GlobalIntializer.swift b/GlassVPN/zhuhaow-NEKit/GlobalIntializer.swift new file mode 100755 index 0000000..80677a5 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/GlobalIntializer.swift @@ -0,0 +1,12 @@ +import Foundation + +struct GlobalIntializer { + private static let _initialized: Bool = { + Resolver.queue = QueueFactory.getQueue() + return true + }() + + static func initalize() { + _ = _initialized + } +} diff --git a/GlassVPN/zhuhaow-NEKit/IPStack/DNS/DNSEnums.swift b/GlassVPN/zhuhaow-NEKit/IPStack/DNS/DNSEnums.swift new file mode 100755 index 0000000..982ad63 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/IPStack/DNS/DNSEnums.swift @@ -0,0 +1,18 @@ +import Foundation + +public enum DNSType: UInt16 { + // swiftlint:disable:next type_name + case invalid = 0, a, ns, md, mf, cname, soa, mb, mg, mr, null, wks, ptr, hinfo, minfo, mx, txt, rp, afsdb, x25, isdn, rt, nsap, nsapptr, sig, key, px, gpos, aaaa, loc, nxt, eid, nimloc, srv, atma, naptr, kx, cert, a6, dname, sink, opt, apl, ds, sshfp, rrsig = 46, nsec, dnskey, tkey = 249, tsig, ixfr, axfr, mailb, maila, any +} + +public enum DNSMessageType: UInt8 { + case query, response +} + +public enum DNSReturnStatus: UInt8 { + case success = 0, formatError, serverFailure, nameError, notImplemented, refused +} + +public enum DNSClass: UInt16 { + case internet = 1 +} diff --git a/GlassVPN/zhuhaow-NEKit/IPStack/DNS/DNSMessage.swift b/GlassVPN/zhuhaow-NEKit/IPStack/DNS/DNSMessage.swift new file mode 100755 index 0000000..574ed5f --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/IPStack/DNS/DNSMessage.swift @@ -0,0 +1,389 @@ +import Foundation + +open class DNSMessage { + // var sourceAddress: IPv4Address? + // var sourcePort: Port? + // var destinationAddress: IPv4Address? + // var destinationPort: Port? + open var transactionID: UInt16 = 0 + open var messageType: DNSMessageType = .query + open var authoritative: Bool = false + open var truncation: Bool = false + open var recursionDesired: Bool = false + open var recursionAvailable: Bool = false + open var status: DNSReturnStatus = .success + open var queries: [DNSQuery] = [] + open var answers: [DNSResource] = [] + open var nameservers: [DNSResource] = [] + open var addtionals: [DNSResource] = [] + + var payload: Data! + + var bytesLength: Int { + var len = 12 + queries.reduce(0) { + $0 + $1.bytesLength + } + len += answers.reduce(0) { + $0 + $1.bytesLength + } + len += nameservers.reduce(0) { + $0 + $1.bytesLength + } + len += addtionals.reduce(0) { + $0 + $1.bytesLength + } + return len + } + + var resolvedIPv4Address: IPAddress? { + for answer in answers { + if let address = answer.ipv4Address { + return address + } + } + return nil + } + + var type: DNSType? { + return queries.first?.type + } + + init() {} + + init?(payload: Data) { + self.payload = payload + let scanner = BinaryDataScanner(data: payload, littleEndian: false) + + transactionID = scanner.read16()! + + var bytes = scanner.readByte()! + if bytes & 0x80 > 0 { + messageType = .response + } else { + messageType = .query + } + + // ignore OP code + + authoritative = bytes & 0x04 > 0 + truncation = bytes & 0x02 > 0 + recursionDesired = bytes & 0x01 > 0 + + bytes = scanner.readByte()! + recursionAvailable = bytes & 0x80 > 0 + if let status = DNSReturnStatus(rawValue: bytes & 0x0F) { + self.status = status + } else { + DDLogError("Received DNS response with unknown status: \(bytes & 0x0F).") + self.status = .serverFailure + } + + let queryCount = scanner.read16()! + let answerCount = scanner.read16()! + let nameserverCount = scanner.read16()! + let addtionalCount = scanner.read16()! + + for _ in 0.. Bool { + payload = Data(count: bytesLength) + if transactionID == 0 { + transactionID = UInt16(arc4random_uniform(UInt32(UInt16.max))) + } + setPayloadWithUInt16(transactionID, at: 0, swap: true) + var byte: UInt8 = 0 + byte += messageType.rawValue << 7 + if authoritative { + byte += 4 + } + if truncation { + byte += 2 + } + if recursionDesired { + byte += 1 + } + setPayloadWithUInt8(byte, at: 2) + byte = 0 + if recursionAvailable { + byte += 128 + } + + byte += status.rawValue + + setPayloadWithUInt8(byte, at: 3) + setPayloadWithUInt16(UInt16(queries.count), at: 4, swap: true) + setPayloadWithUInt16(UInt16(answers.count), at: 6, swap: true) + setPayloadWithUInt16(UInt16(nameservers.count), at: 8, swap: true) + setPayloadWithUInt16(UInt16(addtionals.count), at: 10, swap: true) + + return writeAllRecordAt(12) + } + + // swiftlint:disable variable_name + func setPayloadWithUInt8(_ value: UInt8, at: Int) { + var v = value + withUnsafeBytes(of: &v) { + payload.replaceSubrange(at.. Bool { + var position = at + for query in queries { + guard writeDNSQuery(query, at: position) else { + return false + } + position += query.bytesLength + } + for resources in [answers, nameservers, addtionals] { + for resource in resources { + guard writeDNSResource(resource, at: position) else { + return false + } + position += resource.bytesLength + } + } + return true + } + + fileprivate func writeDNSQuery(_ query: DNSQuery, at: Int) -> Bool { + guard DNSNameConverter.setName(query.name, toData: &payload!, at: at) else { + return false + } + setPayloadWithUInt16(query.type.rawValue, at: at + query.nameBytesLength, swap: true) + setPayloadWithUInt16(query.klass.rawValue, at: at + query.nameBytesLength + 2, swap: true) + return true + } + + fileprivate func writeDNSResource(_ resource: DNSResource, at: Int) -> Bool { + guard DNSNameConverter.setName(resource.name, toData: &payload!, at: at) else { + return false + } + setPayloadWithUInt16(resource.type.rawValue, at: at + resource.nameBytesLength, swap: true) + setPayloadWithUInt16(resource.klass.rawValue, at: at + resource.nameBytesLength + 2, swap: true) + setPayloadWithUInt32(resource.TTL, at: at + resource.nameBytesLength + 4, swap: true) + setPayloadWithUInt16(resource.dataLength, at: at + resource.nameBytesLength + 8, swap: true) + setPayloadWithData(resource.data, at: at + resource.nameBytesLength + 10) + return true + } +} + +open class DNSQuery { + public let name: String + public let type: DNSType + public let klass: DNSClass + let nameBytesLength: Int + + init(name: String, type: DNSType = .a, klass: DNSClass = .internet) { + self.name = name.trimmingCharacters(in: CharacterSet(charactersIn: ".")) + self.type = type + self.klass = klass + self.nameBytesLength = name.utf8.count + 2 + } + + init?(payload: Data, offset: Int, base: Int = 0) { + (self.name, self.nameBytesLength) = DNSNameConverter.getNamefromData(payload, offset: offset, base: base) + + let scanner = BinaryDataScanner(data: payload, littleEndian: false) + scanner.skip(to: offset + self.nameBytesLength) + + guard let type = DNSType(rawValue: scanner.read16()!) else { + DDLogError("Received DNS packet with unknown type.") + return nil + } + self.type = type + + guard let klass = DNSClass(rawValue: scanner.read16()!) else { + DDLogError("Received DNS packet with unknown class.") + return nil + } + self.klass = klass + + } + + var bytesLength: Int { + return nameBytesLength + 4 + } +} + +open class DNSResource { + public let name: String + public let type: DNSType + public let klass: DNSClass + public let TTL: UInt32 + let dataLength: UInt16 + public let data: Data + + let nameBytesLength: Int + + init(name: String, type: DNSType = .a, klass: DNSClass = .internet, TTL: UInt32 = 300, data: Data) { + self.name = name + self.type = type + self.klass = klass + self.TTL = TTL + dataLength = UInt16(data.count) + self.data = data + self.nameBytesLength = name.utf8.count + 2 + } + + static func ARecord(_ name: String, TTL: UInt32 = 300, address: IPAddress) -> DNSResource { + return DNSResource(name: name, type: .a, klass: .internet, TTL: TTL, data: address.dataInNetworkOrder) + } + + init?(payload: Data, offset: Int, base: Int = 0) { + (self.name, self.nameBytesLength) = DNSNameConverter.getNamefromData(payload, offset: offset, base: base) + + let scanner = BinaryDataScanner(data: payload, littleEndian: false) + scanner.skip(to: offset + self.nameBytesLength) + + guard let type = DNSType(rawValue: scanner.read16()!) else { + DDLogError("Received DNS packet with unknown type.") + return nil + } + self.type = type + + guard let klass = DNSClass(rawValue: scanner.read16()!) else { + DDLogError("Received DNS packet with unknown class.") + return nil + } + self.klass = klass + self.TTL = scanner.read32()! + dataLength = scanner.read16()! + self.data = payload.subdata(in: scanner.position.. Bool { + let labels = name.components(separatedBy: CharacterSet(charactersIn: ".")) + var position = at + + for label in labels { + let len = label.utf8.count + guard len != 0 else { + // invalid domain name + return false + } + data[position] = UInt8(len) + position += 1 + + data.replaceSubrange(position.. (String, Int) { + let scanner = BinaryDataScanner(data: data, littleEndian: false) + scanner.skip(to: offset) + + var len: UInt8 = 0 + var name = "" + var currentReadBytes = 0 + var jumped = false + var nameBytesLength = 0 + repeat { + let length = scanner.read16()! + // is this a pointer? + if length & 0xC000 == 0xC000 { + if !jumped { + // save the length position + nameBytesLength = 2 + currentReadBytes + jumped = true + } + scanner.skip(to: Int(length & 0x3FFF) + base) + } else { + scanner.advance(by: -2) + } + + len = scanner.readByte()! + currentReadBytes += 1 + if len == 0 { + break + } + + currentReadBytes += Int(len) + + guard let label = String(bytes: scanner.data.subdata(in: scanner.position.. Void)! + + // Only match A record as of now, all other records should be passed directly. + fileprivate let matchedType = [DNSType.a] + + /** + Initailize a DNS server. + + - parameter address: The IP address of the server. + - parameter port: The listening port of the server. + - parameter fakeIPPool: The pool of fake IP addresses. Set to nil if no fake IP is needed. + */ + public init(address: IPAddress, port: Port, fakeIPPool: IPPool? = nil) { + serverAddress = address + serverPort = port + pool = fakeIPPool + } + + /** + Clean up fake IP. + + - parameter address: The fake IP address. + - parameter delay: How long should the fake IP be valid. + */ + fileprivate func cleanUpFakeIP(_ address: IPAddress, after delay: Int) { + queue.asyncAfter(deadline: DispatchTime.now() + Double(Int64(delay) * Int64(NSEC_PER_SEC)) / Double(NSEC_PER_SEC)) { + [weak self] in + _ = self?.fakeSessions.removeValue(forKey: address) + self?.pool?.release(ip: address) + } + } + + /** + Clean up pending session. + + - parameter session: The pending session. + - parameter delay: How long before the pending session be cleaned up. + */ + fileprivate func cleanUpPendingSession(_ session: DNSSession, after delay: Int) { + queue.asyncAfter(deadline: DispatchTime.now() + Double(Int64(delay) * Int64(NSEC_PER_SEC)) / Double(NSEC_PER_SEC)) { + [weak self] in + _ = self?.pendingSessions.removeValue(forKey: session.requestMessage.transactionID) + } + } + + fileprivate func lookup(_ session: DNSSession) { + guard shouldMatch(session) else { + session.matchResult = .real + lookupRemotely(session) + return + } + + RuleManager.currentManager.matchDNS(session, type: .domain) + + switch session.matchResult! { + case .fake: + guard setUpFakeIP(session) else { + // failed to set up a fake IP, return the result directly + session.matchResult = .real + lookupRemotely(session) + return + } + outputSession(session) + case .real, .unknown: + lookupRemotely(session) + default: + DDLogError("The rule match result should never be .Pass.") + } + } + + fileprivate func lookupRemotely(_ session: DNSSession) { + pendingSessions[session.requestMessage.transactionID] = session + cleanUpPendingSession(session, after: Opt.DNSPendingSessionLifeTime) + sendQueryToRemote(session) + } + + fileprivate func sendQueryToRemote(_ session: DNSSession) { + for resolver in resolvers { + resolver.resolve(session: session) + } + } + + /** + Input IP packet into the DNS server. + + - parameter packet: The IP packet. + - parameter version: The version of the IP packet. + + - returns: If the packet is taken in by this DNS server. + */ + open func input(packet: Data, version: NSNumber?) -> Bool { + guard IPPacket.peekProtocol(packet) == .udp else { + return false + } + + guard IPPacket.peekDestinationAddress(packet) == serverAddress else { + return false + } + + guard IPPacket.peekDestinationPort(packet) == serverPort else { + return false + } + + guard let ipPacket = IPPacket(packetData: packet) else { + return false + } + + guard let session = DNSSession(packet: ipPacket) else { + return false + } + + queue.async { + self.lookup(session) + } + return true + } + + public func start() { + + } + + open func stop() { + for resolver in resolvers { + resolver.stop() + } + resolvers = [] + + // The blocks scheduled with `dispatch_after` are ignored since they are hard to cancel. But there should be no consequence, everything will be released except for a few `IPAddress`es and the `queue` which will be released later. + } + + fileprivate func outputSession(_ session: DNSSession) { + guard let result = session.matchResult else { + return + } + + let udpParser = UDPProtocolParser() + udpParser.sourcePort = serverPort + // swiftlint:disable:next force_cast + udpParser.destinationPort = (session.requestIPPacket!.protocolParser as! UDPProtocolParser).sourcePort + switch result { + case .real: + udpParser.payload = session.realResponseMessage!.payload + case .fake: + let response = DNSMessage() + response.transactionID = session.requestMessage.transactionID + response.messageType = .response + response.recursionAvailable = true + // since we only support ipv4 as of now, it must be an answer of type A + response.answers.append(DNSResource.ARecord(session.requestMessage.queries[0].name, TTL: UInt32(Opt.DNSFakeIPTTL), address: session.fakeIP!)) + session.expireAt = Date().addingTimeInterval(Double(Opt.DNSFakeIPTTL)) + guard response.buildMessage() else { + DDLogError("Failed to build DNS response.") + return + } + + udpParser.payload = response.payload + default: + return + } + let ipPacket = IPPacket() + ipPacket.sourceAddress = serverAddress + ipPacket.destinationAddress = session.requestIPPacket!.sourceAddress + ipPacket.protocolParser = udpParser + ipPacket.transportProtocol = .udp + ipPacket.buildPacket() + + outputFunc([ipPacket.packetData], [NSNumber(value: AF_INET as Int32)]) + } + + fileprivate func shouldMatch(_ session: DNSSession) -> Bool { + return matchedType.contains(session.requestMessage.type!) + } + + func isFakeIP(_ ipAddress: IPAddress) -> Bool { + return pool?.contains(ip: ipAddress) ?? false + } + + func lookupFakeIP(_ address: IPAddress) -> DNSSession? { + var session: DNSSession? + QueueFactory.executeOnQueueSynchronizedly { + session = self.fakeSessions[address] + } + return session + } + + /** + Add new DNS resolver to DNS server. + + - parameter resolver: The resolver to add. + */ + open func registerResolver(_ resolver: DNSResolverProtocol) { + resolver.delegate = self + resolvers.append(resolver) + } + + fileprivate func setUpFakeIP(_ session: DNSSession) -> Bool { + + guard let fakeIP = pool?.fetchIP() else { + DDLogVerbose("Failed to get a fake IP.") + return false + } + session.fakeIP = fakeIP + fakeSessions[fakeIP] = session + session.expireAt = Date().addingTimeInterval(TimeInterval(Opt.DNSFakeIPTTL)) + // keep the fake session for 2 TTL + cleanUpFakeIP(fakeIP, after: Opt.DNSFakeIPTTL * 2) + return true + } + + open func didReceive(rawResponse: Data) { + guard let message = DNSMessage(payload: rawResponse) else { + DDLogError("Failed to parse response from remote DNS server.") + return + } + + queue.async { + guard let session = self.pendingSessions.removeValue(forKey: message.transactionID) else { + // this should not be a problem if there are multiple DNS servers or the DNS server is hijacked. + DDLogVerbose("Do not find the corresponding DNS session for the response.") + return + } + + session.realResponseMessage = message + + session.realIP = message.resolvedIPv4Address + + if session.matchResult != .fake && session.matchResult != .real { + RuleManager.currentManager.matchDNS(session, type: .ip) + } + + switch session.matchResult! { + case .fake: + if !self.setUpFakeIP(session) { + // return real response + session.matchResult = .real + } + self.outputSession(session) + case .real: + self.outputSession(session) + default: + DDLogError("The rule match result should never be .Pass or .Unknown in IP mode.") + } + } + } +} diff --git a/GlassVPN/zhuhaow-NEKit/IPStack/DNS/DNSSession.swift b/GlassVPN/zhuhaow-NEKit/IPStack/DNS/DNSSession.swift new file mode 100755 index 0000000..b641690 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/IPStack/DNS/DNSSession.swift @@ -0,0 +1,49 @@ +import Foundation + +open class DNSSession { + public let requestMessage: DNSMessage + var requestIPPacket: IPPacket? + open var realIP: IPAddress? + open var fakeIP: IPAddress? + open var realResponseMessage: DNSMessage? + var realResponseIPPacket: IPPacket? + open var matchedRule: Rule? + open var matchResult: DNSSessionMatchResult? + var indexToMatch = 0 + var expireAt: Date? +// lazy var countryCode: String? = { +// [unowned self] in +// guard self.realIP != nil else { +// return nil +// } +// return Utils.GeoIPLookup.Lookup(self.realIP!.presentation) +// }() + + init?(message: DNSMessage) { + guard message.messageType == .query else { + DDLogError("DNSSession can only be initailized by a DNS query.") + return nil + } + + guard message.queries.count == 1 else { + DDLogError("Expecting the DNS query has exact one query entry.") + return nil + } + + requestMessage = message + } + + convenience init?(packet: IPPacket) { + guard let message = DNSMessage(payload: packet.protocolParser.payload) else { + return nil + } + self.init(message: message) + requestIPPacket = packet + } +} + +extension DNSSession: CustomStringConvertible { + public var description: String { + return "<\(type(of: self)) domain: \(self.requestMessage.queries.first!.name) realIP: \(String(describing: realIP)) fakeIP: \(String(describing: fakeIP))>" + } +} diff --git a/GlassVPN/zhuhaow-NEKit/IPStack/IPStackProtocol.swift b/GlassVPN/zhuhaow-NEKit/IPStack/IPStackProtocol.swift new file mode 100755 index 0000000..b133534 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/IPStack/IPStackProtocol.swift @@ -0,0 +1,34 @@ +import Foundation + +/// The protocol defines an IP stack. +public protocol IPStackProtocol: class { + /** + Input a packet into the stack. + + - parameter packet: The IP packet. + - parameter version: The version of the IP packet, i.e., AF_INET, AF_INET6. + + - returns: If the stack takes in this packet. If the packet is taken in, then it won't be processed by other IP stacks. + */ + func input(packet: Data, version: NSNumber?) -> Bool + + /// This is called when this stack decided to output some IP packet. This is set automatically when the stack is registered to some interface. + /// + /// The parameter is the safe as the `inputPacket`. + /// + /// - note: This block is thread-safe. + var outputFunc: (([Data], [NSNumber]) -> Void)! { get set } + + func start() + + /** + Stop the stack from running. + + This is called when the interface this stack is registered to stop to processing packets and will be released soon. + */ + func stop() +} + +extension IPStackProtocol { + public func stop() {} +} diff --git a/GlassVPN/zhuhaow-NEKit/IPStack/Packet/IPMutablePacket.swift b/GlassVPN/zhuhaow-NEKit/IPStack/Packet/IPMutablePacket.swift new file mode 100755 index 0000000..a3361c9 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/IPStack/Packet/IPMutablePacket.swift @@ -0,0 +1,76 @@ +//import Foundation +// +//enum ChangeType { +// case Address, Port +//} +// +//public class IPMutablePacket { +// // Support only IPv4 for now +// +// let version: IPVersion +// let proto: TransportType +// let IPHeaderLength: Int +// var sourceAddress: IPv4Address { +// get { +// return IPv4Address(fromBytesInNetworkOrder: payload.bytes.advancedBy(12)) +// } +// set { +// setIPv4Address(sourceAddress, newAddress: newValue, at: 12) +// } +// } +// var destinationAddress: IPv4Address { +// get { +// return IPv4Address(fromBytesInNetworkOrder: payload.bytes.advancedBy(16)) +// } +// set { +// setIPv4Address(destinationAddress, newAddress: newValue, at: 16) +// } +// } +// +// let payload: NSMutableData +// +// public init(payload: NSData) { +// let vl = UnsafePointer(payload.bytes).memory +// version = IPVersion(rawValue: vl >> 4)! +// IPHeaderLength = Int(vl & 0x0F) * 4 +// let p = UnsafePointer(payload.bytes.advancedBy(9)).memory +// proto = TransportType(rawValue: p)! +// self.payload = NSMutableData(data: payload) +// } +// +// func updateChecksum(oldValue: UInt16, newValue: UInt16, type: ChangeType) { +// if type == .Address { +// updateChecksum(oldValue, newValue: newValue, at: 10) +// } +// } +// +// // swiftlint:disable:next variable_name +// internal func updateChecksum(oldValue: UInt16, newValue: UInt16, at: Int) { +// let oldChecksum = UnsafePointer(payload.bytes.advancedBy(at)).memory +// let oc32 = UInt32(~oldChecksum) +// let ov32 = UInt32(~oldValue) +// let nv32 = UInt32(newValue) +// var newChecksum32 = oc32 &+ ov32 &+ nv32 +// newChecksum32 = (newChecksum32 & 0xFFFF) + (newChecksum32 >> 16) +// newChecksum32 = (newChecksum32 & 0xFFFF) &+ (newChecksum32 >> 16) +// var newChecksum = ~UInt16(newChecksum32) +// payload.replaceBytesInRange(NSRange(location: at, length: 2), withBytes: &newChecksum, length: 2) +// } +// +// // swiftlint:disable:next variable_name +// private func foldChecksum(checksum: UInt32) -> UInt32 { +// var checksum = checksum +// while checksum > 0xFFFF { +// checksum = (checksum & 0xFFFF) + (checksum >> 16) +// } +// return checksum +// } +// +// // swiftlint:disable:next variable_name +// private func setIPv4Address(oldAddress: IPv4Address, newAddress: IPv4Address, at: Int) { +// payload.replaceBytesInRange(NSRange(location: at, length: 4), withBytes: newAddress.bytesInNetworkOrder, length: 4) +// updateChecksum(UnsafePointer(oldAddress.bytesInNetworkOrder).memory, newValue: UnsafePointer(newAddress.bytesInNetworkOrder).memory, type: .Address) +// updateChecksum(UnsafePointer(oldAddress.bytesInNetworkOrder).advancedBy(1).memory, newValue: UnsafePointer(newAddress.bytesInNetworkOrder).advancedBy(1).memory, type: .Address) +// } +// +//} diff --git a/GlassVPN/zhuhaow-NEKit/IPStack/Packet/IPPacket.swift b/GlassVPN/zhuhaow-NEKit/IPStack/Packet/IPPacket.swift new file mode 100755 index 0000000..b8b9765 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/IPStack/Packet/IPPacket.swift @@ -0,0 +1,330 @@ +import Foundation + +public enum IPVersion: UInt8 { + case iPv4 = 4, iPv6 = 6 +} + +public enum TransportProtocol: UInt8 { + case icmp = 1, tcp = 6, udp = 17 +} + +/// The class to process and build IP packet. +/// +/// - note: Only IPv4 is supported as of now. +open class IPPacket { + /** + Get the version of the IP Packet without parsing the whole packet. + + - parameter data: The data containing the whole IP packet. + + - returns: The version of the packet. Returns `nil` if failed to parse the packet. + */ + public static func peekIPVersion(_ data: Data) -> IPVersion? { + guard data.count >= 20 else { + return nil + } + + let version = (data as NSData).bytes.bindMemory(to: UInt8.self, capacity: data.count).pointee >> 4 + return IPVersion(rawValue: version) + } + + /** + Get the protocol of the IP Packet without parsing the whole packet. + + - parameter data: The data containing the whole IP packet. + + - returns: The protocol of the packet. Returns `nil` if failed to parse the packet. + */ + public static func peekProtocol(_ data: Data) -> TransportProtocol? { + guard data.count >= 20 else { + return nil + } + + return TransportProtocol(rawValue: (data as NSData).bytes.bindMemory(to: UInt8.self, capacity: data.count).advanced(by: 9).pointee) + } + + /** + Get the source IP address of the IP packet without parsing the whole packet. + + - parameter data: The data containing the whole IP packet. + + - returns: The source IP address of the packet. Returns `nil` if failed to parse the packet. + */ + public static func peekSourceAddress(_ data: Data) -> IPAddress? { + guard data.count >= 20 else { + return nil + } + + return IPAddress(fromBytesInNetworkOrder: (data as NSData).bytes.advanced(by: 12)) + } + + /** + Get the destination IP address of the IP packet without parsing the whole packet. + + - parameter data: The data containing the whole IP packet. + + - returns: The destination IP address of the packet. Returns `nil` if failed to parse the packet. + */ + public static func peekDestinationAddress(_ data: Data) -> IPAddress? { + guard data.count >= 20 else { + return nil + } + + return IPAddress(fromBytesInNetworkOrder: (data as NSData).bytes.advanced(by: 16)) + } + + /** + Get the source port of the IP packet without parsing the whole packet. + + - parameter data: The data containing the whole IP packet. + + - returns: The source IP address of the packet. Returns `nil` if failed to parse the packet. + + - note: Only TCP and UDP packet has port field. + */ + public static func peekSourcePort(_ data: Data) -> Port? { + guard let proto = peekProtocol(data) else { + return nil + } + + guard proto == .tcp || proto == .udp else { + return nil + } + + let headerLength = Int((data as NSData).bytes.bindMemory(to: UInt8.self, capacity: data.count).pointee & 0x0F * 4) + + // Make sure there are bytes for source and destination bytes. + guard data.count > headerLength + 4 else { + return nil + } + + return Port(bytesInNetworkOrder: (data as NSData).bytes.advanced(by: headerLength)) + } + + /** + Get the destination port of the IP packet without parsing the whole packet. + + - parameter data: The data containing the whole IP packet. + + - returns: The destination IP address of the packet. Returns `nil` if failed to parse the packet. + + - note: Only TCP and UDP packet has port field. + */ + public static func peekDestinationPort(_ data: Data) -> Port? { + guard let proto = peekProtocol(data) else { + return nil + } + + guard proto == .tcp || proto == .udp else { + return nil + } + + let headerLength = Int((data as NSData).bytes.bindMemory(to: UInt8.self, capacity: data.count).pointee & 0x0F * 4) + + // Make sure there are bytes for source and destination bytes. + guard data.count > headerLength + 4 else { + return nil + } + + return Port(bytesInNetworkOrder: (data as NSData).bytes.advanced(by: headerLength + 2)) + } + + /// The version of the current IP packet. + open var version: IPVersion = .iPv4 + + /// The length of the IP packet header. + open var headerLength: UInt8 = 20 + + /// This contains the DSCP and ECN of the IP packet. + /// + /// - note: Since we can not send custom IP packet out with NetworkExtension, this is useless and simply ignored. + open var tos: UInt8 = 0 + + /// This should be the length of the datagram. + /// This value is not read from header since NEPacketTunnelFlow has already taken care of it for us. + open var totalLength: UInt16 { + return UInt16(packetData.count) + } + + /// Identification of the current packet. + /// + /// - note: Since we do not support fragment, this is ignored and always will be zero. + /// - note: Theoratically, this should be a sequentially increasing number. It probably will be implemented. + var identification: UInt16 = 0 + + /// Offset of the current packet. + /// + /// - note: Since we do not support fragment, this is ignored and always will be zero. + var offset: UInt16 = 0 + + /// TTL of the packet. + var TTL: UInt8 = 64 + + /// Source IP address. + var sourceAddress: IPAddress! + + /// Destination IP address. + var destinationAddress: IPAddress! + + /// Transport protocol of the packet. + var transportProtocol: TransportProtocol! + + /// Parser to parse the payload in IP packet. + var protocolParser: TransportProtocolParserProtocol! + + /// The data representing the packet. + var packetData: Data! + + /** + Initailize a new instance to build IP packet. + */ + init() {} + + /** + Initailize an `IPPacket` with data. + + - parameter packetData: The data containing a whole packet. + */ + init?(packetData: Data) { + // no need to validate the packet. + + self.packetData = packetData + + let scanner = BinaryDataScanner(data: packetData, littleEndian: false) + + let vhl = scanner.readByte()! + guard let v = IPVersion(rawValue: vhl >> 4) else { + DDLogError("Got unknown ip packet version \(vhl >> 4)") + return nil + } + version = v + headerLength = vhl & 0x0F * 4 + + guard packetData.count >= Int(headerLength) else { + return nil + } + + tos = scanner.readByte()! + + guard totalLength == scanner.read16()! else { + DDLogError("Packet length mismatches from header.") + return nil + } + + identification = scanner.read16()! + offset = scanner.read16()! + TTL = scanner.readByte()! + + guard let proto = TransportProtocol(rawValue: scanner.readByte()!) else { + DDLogWarn("Get unsupported packet protocol.") + return nil + } + transportProtocol = proto + + // ignore checksum + _ = scanner.read16()! + + switch version { + case .iPv4: + sourceAddress = IPAddress(ipv4InNetworkOrder: CFSwapInt32(scanner.read32()!)) + destinationAddress = IPAddress(ipv4InNetworkOrder: CFSwapInt32(scanner.read32()!)) + default: + // IPv6 is not supported yet. + DDLogWarn("IPv6 is not supported yet.") + return nil + } + + switch transportProtocol! { + case .udp: + guard let parser = UDPProtocolParser(packetData: packetData, offset: Int(headerLength)) else { + return nil + } + self.protocolParser = parser + default: + DDLogError("Can not parse packet header of type \(String(describing: transportProtocol)) yet") + return nil + } + } + + func computePseudoHeaderChecksum() -> UInt32 { + var result: UInt32 = 0 + if let address = sourceAddress { + result += address.UInt32InNetworkOrder! >> 16 + address.UInt32InNetworkOrder! & 0xFFFF + } + if let address = destinationAddress { + result += address.UInt32InNetworkOrder! >> 16 + address.UInt32InNetworkOrder! & 0xFFFF + } + result += UInt32(transportProtocol.rawValue) << 8 + result += CFSwapInt32(UInt32(protocolParser.bytesLength)) + return result + } + + func buildPacket() { + packetData = NSMutableData(length: Int(headerLength) + protocolParser.bytesLength) as Data? + + // set header + setPayloadWithUInt8(headerLength / 4 + version.rawValue << 4, at: 0) + setPayloadWithUInt8(tos, at: 1) + setPayloadWithUInt16(totalLength, at: 2) + setPayloadWithUInt16(identification, at: 4) + setPayloadWithUInt16(offset, at: 6) + setPayloadWithUInt8(TTL, at: 8) + setPayloadWithUInt8(transportProtocol.rawValue, at: 9) + // clear checksum bytes + resetPayloadAt(10, length: 2) + setPayloadWithUInt32(sourceAddress.UInt32InNetworkOrder!, at: 12, swap: false) + setPayloadWithUInt32(destinationAddress.UInt32InNetworkOrder!, at: 16, swap: false) + + // let TCP or UDP packet build + protocolParser.packetData = packetData + protocolParser.offset = Int(headerLength) + protocolParser.buildSegment(computePseudoHeaderChecksum()) + packetData = protocolParser.packetData + + setPayloadWithUInt16(Checksum.computeChecksum(packetData, from: 0, to: Int(headerLength)), at: 10, swap: false) + } + + func setPayloadWithUInt8(_ value: UInt8, at: Int) { + var v = value + withUnsafeBytes(of: &v) { + packetData.replaceSubrange(at..= offset + 8 else { + return nil + } + + self.packetData = packetData + self.offset = offset + + sourcePort = Port(bytesInNetworkOrder: (packetData as NSData).bytes.advanced(by: offset)) + destinationPort = Port(bytesInNetworkOrder: (packetData as NSData).bytes.advanced(by: offset + 2)) + + payload = packetData.subdata(in: offset+8.. Bool { + /// If custom DNS server is set up. + guard let dnsServer = DNSServer.currentServer else { + return true + } + + // Only IPv4 is supported as of now. + guard isIPv4() else { + return true + } + + let address = IPAddress(fromString: requestedHost)! + guard dnsServer.isFakeIP(address) else { + return true + } + + // Look up fake IP reversely should never fail. + guard let session = dnsServer.lookupFakeIP(address) else { + return false + } + + host = session.requestMessage.queries[0].name + ipAddress = session.realIP?.presentation ?? "" + matchedRule = session.matchedRule + +// if session.countryCode != nil { +// country = session.countryCode! +// } + return true + } + + public func isIPv4() -> Bool { + return Utils.IP.isIPv4(host) + } + + public func isIPv6() -> Bool { + return Utils.IP.isIPv6(host) + } + + public func isIP() -> Bool { + return isIPv4() || isIPv6() + } +} + +extension ConnectSession: CustomStringConvertible { + public var description: String { + if requestedHost != host { + return "<\(type(of: self)) host:\(host) port:\(port) requestedHost:\(requestedHost)>" + } else { + return "<\(type(of: self)) host:\(host) port:\(port)>" + } + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Messages/HTTPHeader.swift b/GlassVPN/zhuhaow-NEKit/Messages/HTTPHeader.swift new file mode 100755 index 0000000..c5ac34c --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Messages/HTTPHeader.swift @@ -0,0 +1,200 @@ +import Foundation + +open class HTTPHeader { + public enum HTTPHeaderError: Error { + case malformedHeader, invalidRequestLine, invalidHeaderField, invalidConnectURL, invalidConnectPort, invalidURL, missingHostField, invalidHostField, invalidHostPort, invalidContentLength, illegalEncoding + } + + open var HTTPVersion: String + open var method: String + open var isConnect: Bool = false + open var path: String + open var foundationURL: Foundation.URL? + open var homemadeURL: HTTPURL? + open var host: String + open var port: Int + // just assume that `Content-Length` is given as of now. + // Chunk is not supported yet. + open var contentLength: Int = 0 + open var headers: [(String, String)] = [] + open var rawHeader: Data? + + public init(headerString: String) throws { + let lines = headerString.components(separatedBy: "\r\n") + guard lines.count >= 3 else { + throw HTTPHeaderError.malformedHeader + } + + let request = lines[0].components(separatedBy: " ") + guard request.count == 3 else { + throw HTTPHeaderError.invalidRequestLine + } + + method = request[0] + path = request[1] + HTTPVersion = request[2] + + for line in lines[1.. String? { + get { + for (key, value) in headers { + if index.caseInsensitiveCompare(key) == .orderedSame { + return value + } + } + return nil + } + } + + open func toData() -> Data { + return toString().data(using: String.Encoding.utf8)! + } + + open func toString() -> String { + var strRep = "\(method) \(path) \(HTTPVersion)\r\n" + for (key, value) in headers { + strRep += "\(key): \(value)\r\n" + } + strRep += "\r\n" + return strRep + } + + open func addHeader(_ key: String, value: String) { + headers.append((key, value)) + } + + open func rewriteToRelativePath() { + if path[path.startIndex] != "/" { + guard let rewrotePath = URL.matchRelativePath(path) else { + return + } + path = rewrotePath + } + } + + open func removeHeader(_ key: String) -> String? { + for i in 0.. String? { + if let result = relativePathRegex.firstMatch(in: url, options: NSRegularExpression.MatchingOptions(), range: NSRange(location: 0, length: url.count)) { + + return (url as NSString).substring(with: result.range(at: 1)) + } else { + return nil + } + } + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Opt.swift b/GlassVPN/zhuhaow-NEKit/Opt.swift new file mode 100755 index 0000000..e78247c --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Opt.swift @@ -0,0 +1,24 @@ +import Foundation + +public struct Opt { + public static var MAXNWTCPSocketReadDataSize = 128 * 1024 + + // This is only used in finding the end of HTTP header (as of now). There is no limit on the length of http header, but Apache set it to 8KB + public static var MAXNWTCPScanLength = 8912 + + public static var DNSFakeIPTTL = 300 + + public static var DNSPendingSessionLifeTime = 10 + + public static var UDPSocketActiveTimeout = 300 + + public static var UDPSocketActiveCheckInterval = 60 + + public static var MAXHTTPContentBlockLength = 10240 + + public static var RejectAdapterDefaultDelay = 300 + + public static var DNSTimeout = 1 + + public static var forwardReadInterval = 50 +} diff --git a/GlassVPN/zhuhaow-NEKit/ProxyServer/GCDHTTPProxyServer.swift b/GlassVPN/zhuhaow-NEKit/ProxyServer/GCDHTTPProxyServer.swift new file mode 100755 index 0000000..3087379 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/ProxyServer/GCDHTTPProxyServer.swift @@ -0,0 +1,24 @@ +import Foundation + +/// The HTTP proxy server. +public final class GCDHTTPProxyServer: GCDProxyServer { + /** + Create an instance of HTTP proxy server. + + - parameter address: The address of proxy server. + - parameter port: The port of proxy server. + */ + override public init(address: IPAddress?, port: Port) { + super.init(address: address, port: port) + } + + /** + Handle the new accepted socket as a HTTP proxy connection. + + - parameter socket: The accepted socket. + */ + override public func handleNewGCDSocket(_ socket: GCDTCPSocket) { + let proxySocket = HTTPProxySocket(socket: socket) + didAcceptNewSocket(proxySocket) + } +} diff --git a/GlassVPN/zhuhaow-NEKit/ProxyServer/GCDProxyServer.swift b/GlassVPN/zhuhaow-NEKit/ProxyServer/GCDProxyServer.swift new file mode 100755 index 0000000..ace61f3 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/ProxyServer/GCDProxyServer.swift @@ -0,0 +1,61 @@ +import Foundation + +/// Proxy server which listens on some port by GCDAsyncSocket. +/// +/// This shoule be the base class for any concrete implementation of proxy server (e.g., HTTP or SOCKS5) which needs to listen on some port. +open class GCDProxyServer: ProxyServer, GCDAsyncSocketDelegate { + fileprivate var listenSocket: GCDAsyncSocket! + + /** + Start the proxy server which creates a GCDAsyncSocket listening on specific port. + + - throws: The error occured when starting the proxy server. + */ + override open func start() throws { + try QueueFactory.executeOnQueueSynchronizedly { + listenSocket = GCDAsyncSocket(delegate: self, delegateQueue: QueueFactory.getQueue(), socketQueue: QueueFactory.getQueue()) + try listenSocket.accept(onInterface: address?.presentation, port: port.value) + try super.start() + } + } + + /** + Stop the proxy server. + */ + override open func stop() { + QueueFactory.executeOnQueueSynchronizedly { + listenSocket?.setDelegate(nil, delegateQueue: nil) + listenSocket?.disconnect() + listenSocket = nil + super.stop() + } + } + + /** + Delegate method to handle the newly accepted GCDTCPSocket. + + Only this method should be overrided in any concrete implementation of proxy server which listens on some port with GCDAsyncSocket. + + - parameter socket: The accepted socket. + */ + open func handleNewGCDSocket(_ socket: GCDTCPSocket) { + + } + + /** + GCDAsyncSocket delegate callback. + + - parameter sock: The listening GCDAsyncSocket. + - parameter newSocket: The accepted new GCDAsyncSocket. + + - warning: Do not call this method. This should be marked private but have to be marked public since the `GCDAsyncSocketDelegate` is public. + */ + open func socket(_ sock: GCDAsyncSocket, didAcceptNewSocket newSocket: GCDAsyncSocket) { + let gcdTCPSocket = GCDTCPSocket(socket: newSocket) + handleNewGCDSocket(gcdTCPSocket) + } + + public func newSocketQueueForConnection(fromAddress address: Data, on sock: GCDAsyncSocket) -> DispatchQueue? { + return QueueFactory.getQueue() + } +} diff --git a/GlassVPN/zhuhaow-NEKit/ProxyServer/GCDSOCKS5ProxyServer.swift b/GlassVPN/zhuhaow-NEKit/ProxyServer/GCDSOCKS5ProxyServer.swift new file mode 100755 index 0000000..eb6bd73 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/ProxyServer/GCDSOCKS5ProxyServer.swift @@ -0,0 +1,24 @@ +import Foundation + +/// The SOCKS5 proxy server. +public final class GCDSOCKS5ProxyServer: GCDProxyServer { + /** + Create an instance of SOCKS5 proxy server. + + - parameter address: The address of proxy server. + - parameter port: The port of proxy server. + */ + override public init(address: IPAddress?, port: Port) { + super.init(address: address, port: port) + } + + /** + Handle the new accepted socket as a SOCKS5 proxy connection. + + - parameter socket: The accepted socket. + */ + override public func handleNewGCDSocket(_ socket: GCDTCPSocket) { + let proxySocket = SOCKS5ProxySocket(socket: socket) + didAcceptNewSocket(proxySocket) + } +} diff --git a/GlassVPN/zhuhaow-NEKit/ProxyServer/ProxyServer.swift b/GlassVPN/zhuhaow-NEKit/ProxyServer/ProxyServer.swift new file mode 100755 index 0000000..0226e44 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/ProxyServer/ProxyServer.swift @@ -0,0 +1,105 @@ +import Foundation + +/** + The base proxy server class. + + This proxy does not listen on any port. + */ +open class ProxyServer: NSObject, TunnelDelegate { + typealias TunnelArray = [Tunnel] + + /// The port of proxy server. + public let port: Port + + /// The address of proxy server. + public let address: IPAddress? + + /// The type of the proxy server. + /// + /// This can be set to anything describing the proxy server. + public let type: String + + /// The description of proxy server. + open override var description: String { + return "<\(type) address:\(String(describing: address)) port:\(port)>" + } + + open var observer: Observer? + + var tunnels: TunnelArray = [] + + /** + Create an instance of proxy server. + + - parameter address: The address of proxy server. + - parameter port: The port of proxy server. + + - warning: If you are using Network Extension, you have to set address or you may not able to connect to the proxy server. + */ + public init(address: IPAddress?, port: Port) { + self.address = address + self.port = port + type = "\(Swift.type(of: self))" + + super.init() + + self.observer = ObserverFactory.currentFactory?.getObserverForProxyServer(self) + } + + /** + Start the proxy server. + + - throws: The error occured when starting the proxy server. + */ + open func start() throws { + QueueFactory.executeOnQueueSynchronizedly { + GlobalIntializer.initalize() + self.observer?.signal(.started(self)) + } + } + + /** + Stop the proxy server. + */ + open func stop() { + QueueFactory.executeOnQueueSynchronizedly { + for tunnel in tunnels { + tunnel.forceClose() + } + + observer?.signal(.stopped(self)) + } + } + + /** + Delegate method when the proxy server accepts a new ProxySocket from local. + + When implementing a concrete proxy server, e.g., HTTP proxy server, the server should listen on some port and then wrap the raw socket in a corresponding ProxySocket subclass, then call this method. + + - parameter socket: The accepted proxy socket. + */ + func didAcceptNewSocket(_ socket: ProxySocket) { + observer?.signal(.newSocketAccepted(socket, onServer: self)) + let tunnel = Tunnel(proxySocket: socket) + tunnel.delegate = self + tunnels.append(tunnel) + tunnel.openTunnel() + } + + // MARK: TunnelDelegate implementation + + /** + Delegate method when a tunnel closed. The server will remote it internally. + + - parameter tunnel: The closed tunnel. + */ + func tunnelDidClose(_ tunnel: Tunnel) { + observer?.signal(.tunnelClosed(tunnel, onServer: self)) + guard let index = tunnels.firstIndex(of: tunnel) else { + // things went strange + return + } + + tunnels.remove(at: index) + } +} diff --git a/GlassVPN/zhuhaow-NEKit/RawSocket/GCDTCPSocket.swift b/GlassVPN/zhuhaow-NEKit/RawSocket/GCDTCPSocket.swift new file mode 100755 index 0000000..4418c17 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/RawSocket/GCDTCPSocket.swift @@ -0,0 +1,253 @@ +import Foundation + +/// The TCP socket build upon `GCDAsyncSocket`. +/// +/// - warning: This class is not thread-safe. +open class GCDTCPSocket: NSObject, GCDAsyncSocketDelegate, RawTCPSocketProtocol { + fileprivate let socket: GCDAsyncSocket + fileprivate var enableTLS: Bool = false + fileprivate var host: String? + + /** + Initailize an instance with `GCDAsyncSocket`. + + - parameter socket: The socket object to work with. If this is `nil`, then a new `GCDAsyncSocket` instance is created. + */ + public init(socket: GCDAsyncSocket? = nil) { + if let socket = socket { + self.socket = socket + self.socket.setDelegate(nil, delegateQueue: QueueFactory.getQueue()) + } else { + self.socket = GCDAsyncSocket(delegate: nil, delegateQueue: QueueFactory.getQueue(), socketQueue: QueueFactory.getQueue()) + } + + super.init() + + self.socket.synchronouslySetDelegate(self) + } + + // MARK: RawTCPSocketProtocol implementation + + /// The `RawTCPSocketDelegate` instance. + weak open var delegate: RawTCPSocketDelegate? + + /// If the socket is connected. + open var isConnected: Bool { + return !socket.isDisconnected + } + + /// The source address. + open var sourceIPAddress: IPAddress? { + guard let localHost = socket.localHost else { + return nil + } + return IPAddress(fromString: localHost) + } + + /// The source port. + open var sourcePort: Port? { + return Port(port: socket.localPort) + } + + /// The destination address. + /// + /// - note: Always returns `nil`. + open var destinationIPAddress: IPAddress? { + return nil + } + + /// The destination port. + /// + /// - note: Always returns `nil`. + open var destinationPort: Port? { + return nil + } + + /** + Connect to remote host. + + - parameter host: Remote host. + - parameter port: Remote port. + - parameter enableTLS: Should TLS be enabled. + - parameter tlsSettings: The settings of TLS. + + - throws: The error occured when connecting to host. + */ + open func connectTo(host: String, port: Int, enableTLS: Bool = false, tlsSettings: [AnyHashable: Any]? = nil) throws { + self.host = host + try connectTo(host: host, withPort: port) + self.enableTLS = enableTLS + if enableTLS { + startTLSWith(settings: tlsSettings) + } + } + + /** + Disconnect the socket. + + The socket will disconnect elegantly after any queued writing data are successfully sent. + */ + open func disconnect() { + socket.disconnectAfterWriting() + } + + /** + Disconnect the socket immediately. + */ + open func forceDisconnect() { + socket.disconnect() + } + + /** + Send data to remote. + + - parameter data: Data to send. + - warning: This should only be called after the last write is finished, i.e., `delegate?.didWriteData()` is called. + */ + open func write(data: Data) { + write(data: data, withTimeout: -1) + } + + /** + Read data from the socket. + + - warning: This should only be called after the last read is finished, i.e., `delegate?.didReadData()` is called. + */ + open func readData() { + socket.readData(withTimeout: -1, tag: 0) + } + + /** + Read specific length of data from the socket. + + - parameter length: The length of the data to read. + - warning: This should only be called after the last read is finished, i.e., `delegate?.didReadData()` is called. + */ + open func readDataTo(length: Int) { + readDataTo(length: length, withTimeout: -1) + } + + /** + Read data until a specific pattern (including the pattern). + + - parameter data: The pattern. + - warning: This should only be called after the last read is finished, i.e., `delegate?.didReadData()` is called. + */ + open func readDataTo(data: Data) { + readDataTo(data: data, maxLength: 0) + } + + /** + Read data until a specific pattern (including the pattern). + + - parameter data: The pattern. + - parameter maxLength: Ignored since `GCDAsyncSocket` does not support this. The max length of data to scan for the pattern. + - warning: This should only be called after the last read is finished, i.e., `delegate?.didReadData()` is called. + */ + open func readDataTo(data: Data, maxLength: Int) { + readDataTo(data: data, withTimeout: -1) + } + + // MARK: Other helper methods + /** + Send data to remote. + + - parameter data: Data to send. + - parameter timeout: Operation timeout. + - warning: This should only be called after the last write is finished, i.e., `delegate?.didWriteData()` is called. + */ + func write(data: Data, withTimeout timeout: Double) { + guard data.count > 0 else { + QueueFactory.getQueue().async { + self.delegate?.didWrite(data: data, by: self) + } + return + } + + socket.write(data, withTimeout: timeout, tag: 0) + } + + /** + Read specific length of data from the socket. + + - parameter length: The length of the data to read. + - parameter timeout: Operation timeout. + - warning: This should only be called after the last read is finished, i.e., `delegate?.didReadData()` is called. + */ + func readDataTo(length: Int, withTimeout timeout: Double) { + socket.readData(toLength: UInt(length), withTimeout: timeout, tag: 0) + } + + /** + Read data until a specific pattern (including the pattern). + + - parameter data: The pattern. + - parameter timeout: Operation timeout. + - warning: This should only be called after the last read is finished, i.e., `delegate?.didReadData()` is called. + */ + func readDataTo(data: Data, withTimeout timeout: Double) { + socket.readData(to: data, withTimeout: timeout, tag: 0) + } + + /** + Connect to remote host. + + - parameter host: Remote host. + - parameter port: Remote port. + + - throws: The error occured when connecting to host. + */ + func connectTo(host: String, withPort port: Int) throws { + try socket.connect(toHost: host, onPort: UInt16(port)) + } + + /** + Secures the connection using SSL/TLS. + + - parameter tlsSettings: TLS settings, refer to documents of `GCDAsyncSocket` for detail. + */ + func startTLSWith(settings: [AnyHashable: Any]!) { + if let settings = settings as? [String: NSObject] { + socket.startTLS(ensureSendPeerName(tlsSettings: settings)) + } else { + socket.startTLS(ensureSendPeerName(tlsSettings: nil)) + } + } + + // MARK: Delegate methods for GCDAsyncSocket + open func socket(_ sock: GCDAsyncSocket, didWriteDataWithTag tag: Int) { + delegate?.didWrite(data: nil, by: self) + } + + open func socket(_ sock: GCDAsyncSocket, didRead data: Data, withTag tag: Int) { + delegate?.didRead(data: data, from: self) + } + + open func socketDidDisconnect(_ socket: GCDAsyncSocket, withError err: Error?) { + delegate?.didDisconnectWith(socket: self) + delegate = nil + socket.setDelegate(nil, delegateQueue: nil) + } + + open func socket(_ sock: GCDAsyncSocket, didConnectToHost host: String, port: UInt16) { + if !enableTLS { + delegate?.didConnectWith(socket: self) + } + } + + open func socketDidSecure(_ sock: GCDAsyncSocket) { + if enableTLS { + delegate?.didConnectWith(socket: self) + } + } + + private func ensureSendPeerName(tlsSettings: [String: NSObject]? = nil) -> [String: NSObject] { + var setting = tlsSettings ?? [:] + guard setting[kCFStreamSSLPeerName as String] == nil else { + return setting + } + + setting[kCFStreamSSLPeerName as String] = host! as NSString + return setting + } +} diff --git a/GlassVPN/zhuhaow-NEKit/RawSocket/NWTCPSocket.swift b/GlassVPN/zhuhaow-NEKit/RawSocket/NWTCPSocket.swift new file mode 100755 index 0000000..72ee386 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/RawSocket/NWTCPSocket.swift @@ -0,0 +1,329 @@ +import Foundation +import NetworkExtension + +/// The TCP socket build upon `NWTCPConnection`. +/// +/// - warning: This class is not thread-safe. +public class NWTCPSocket: NSObject, RawTCPSocketProtocol { + private var connection: NWTCPConnection? + + private var writePending = false + private var closeAfterWriting = false + private var cancelled = false + + private var scanner: StreamScanner! + private var scanning: Bool = false + private var readDataPrefix: Data? + + // MARK: RawTCPSocketProtocol implementation + + /// The `RawTCPSocketDelegate` instance. + weak open var delegate: RawTCPSocketDelegate? + + /// If the socket is connected. + public var isConnected: Bool { + return connection != nil && connection!.state == .connected + } + + /// The source address. + /// + /// - note: Always returns `nil`. + public var sourceIPAddress: IPAddress? { + return nil + } + + /// The source port. + /// + /// - note: Always returns `nil`. + public var sourcePort: Port? { + return nil + } + + /// The destination address. + /// + /// - note: Always returns `nil`. + public var destinationIPAddress: IPAddress? { + return nil + } + + /// The destination port. + /// + /// - note: Always returns `nil`. + public var destinationPort: Port? { + return nil + } + + /** + Connect to remote host. + + - parameter host: Remote host. + - parameter port: Remote port. + - parameter enableTLS: Should TLS be enabled. + - parameter tlsSettings: The settings of TLS. + + - throws: Never throws. + */ + public func connectTo(host: String, port: Int, enableTLS: Bool, tlsSettings: [AnyHashable: Any]?) throws { + let endpoint = NWHostEndpoint(hostname: host, port: "\(port)") + let tlsParameters = NWTLSParameters() + if let tlsSettings = tlsSettings as? [String: AnyObject] { + tlsParameters.setValuesForKeys(tlsSettings) + } + + guard let connection = RawSocketFactory.TunnelProvider?.createTCPConnection(to: endpoint, enableTLS: enableTLS, tlsParameters: tlsParameters, delegate: nil) else { + // This should only happen when the extension is already stopped and `RawSocketFactory.TunnelProvider` is set to `nil`. + return + } + + self.connection = connection + connection.addObserver(self, forKeyPath: "state", options: [.initial, .new], context: nil) + } + + /** + Disconnect the socket. + + The socket will disconnect elegantly after any queued writing data are successfully sent. + */ + public func disconnect() { + cancelled = true + + if connection == nil || connection!.state == .cancelled { + delegate?.didDisconnectWith(socket: self) + } else { + closeAfterWriting = true + checkStatus() + } + } + + /** + Disconnect the socket immediately. + */ + public func forceDisconnect() { + cancelled = true + + if connection == nil || connection!.state == .cancelled { + delegate?.didDisconnectWith(socket: self) + } else { + cancel() + } + } + + /** + Send data to remote. + + - parameter data: Data to send. + - warning: This should only be called after the last write is finished, i.e., `delegate?.didWriteData()` is called. + */ + public func write(data: Data) { + guard !cancelled else { + return + } + + guard data.count > 0 else { + QueueFactory.getQueue().async { + self.delegate?.didWrite(data: data, by: self) + } + return + } + + send(data: data) + } + + /** + Read data from the socket. + + - warning: This should only be called after the last read is finished, i.e., `delegate?.didReadData()` is called. + */ + public func readData() { + guard !cancelled else { + return + } + + connection!.readMinimumLength(1, maximumLength: Opt.MAXNWTCPSocketReadDataSize) { data, error in + guard error == nil else { + DDLogError("NWTCPSocket got an error when reading data: \(String(describing: error))") + self.queueCall { + self.disconnect() + } + return + } + + self.readCallback(data: data) + } + } + + /** + Read specific length of data from the socket. + + - parameter length: The length of the data to read. + - warning: This should only be called after the last read is finished, i.e., `delegate?.didReadData()` is called. + */ + public func readDataTo(length: Int) { + guard !cancelled else { + return + } + + connection!.readLength(length) { data, error in + guard error == nil else { + DDLogError("NWTCPSocket got an error when reading data: \(String(describing: error))") + self.queueCall { + self.disconnect() + } + return + } + + self.readCallback(data: data) + } + } + + /** + Read data until a specific pattern (including the pattern). + + - parameter data: The pattern. + - warning: This should only be called after the last read is finished, i.e., `delegate?.didReadData()` is called. + */ + public func readDataTo(data: Data) { + readDataTo(data: data, maxLength: 0) + } + + // Actually, this method is available as `- (void)readToPattern:(id)arg1 maximumLength:(unsigned int)arg2 completionHandler:(id /* block */)arg3;` + // which is sadly not available in public header for some reason I don't know. + // I don't want to do it myself since This method is not trival to implement and I don't like reinventing the wheel. + // Here is only the most naive version, which may not be the optimal if using with large data blocks. + /** + Read data until a specific pattern (including the pattern). + + - parameter data: The pattern. + - parameter maxLength: The max length of data to scan for the pattern. + - warning: This should only be called after the last read is finished, i.e., `delegate?.didReadData()` is called. + */ + public func readDataTo(data: Data, maxLength: Int) { + guard !cancelled else { + return + } + + var maxLength = maxLength + if maxLength == 0 { + maxLength = Opt.MAXNWTCPScanLength + } + scanner = StreamScanner(pattern: data, maximumLength: maxLength) + scanning = true + readData() + } + + private func queueCall(_ block: @escaping () -> Void) { + QueueFactory.getQueue().async(execute: block) + } + + override public func observeValue(forKeyPath keyPath: String?, of object: Any?, change: [NSKeyValueChangeKey : Any]?, context: UnsafeMutableRawPointer?) { + guard keyPath == "state" else { + return + } + + switch connection!.state { + case .connected: + queueCall { + self.delegate?.didConnectWith(socket: self) + } + case .disconnected: + cancelled = true + cancel() + case .cancelled: + cancelled = true + queueCall { + let delegate = self.delegate + self.delegate = nil + delegate?.didDisconnectWith(socket: self) + } + default: + break + } + } + + private func readCallback(data: Data?) { + guard !cancelled else { + return + } + + queueCall { + guard let data = self.consumeReadData(data) else { + // remote read is closed, but this is okay, nothing need to be done, if this socket is read again, then error occurs. + return + } + + if self.scanning { + guard let (match, rest) = self.scanner.addAndScan(data) else { + self.readData() + return + } + + self.scanner = nil + self.scanning = false + + guard let matchData = match else { + // do not find match in the given length, stop now + return + } + + self.readDataPrefix = rest + self.delegate?.didRead(data: matchData, from: self) + } else { + self.delegate?.didRead(data: data, from: self) + } + } + } + + private func send(data: Data) { + writePending = true + self.connection!.write(data) { error in + self.queueCall { + self.writePending = false + + guard error == nil else { + DDLogError("NWTCPSocket got an error when writing data: \(String(describing: error))") + self.disconnect() + return + } + + self.delegate?.didWrite(data: data, by: self) + self.checkStatus() + } + } + } + + private func consumeReadData(_ data: Data?) -> Data? { + defer { + readDataPrefix = nil + } + + if readDataPrefix == nil { + return data + } + + if data == nil { + return readDataPrefix + } + + var wholeData = readDataPrefix! + wholeData.append(data!) + return wholeData + } + + private func cancel() { + connection?.cancel() + } + + private func checkStatus() { + if closeAfterWriting && !writePending { + cancel() + } + } + + deinit { + guard let connection = connection else { + return + } + + connection.removeObserver(self, forKeyPath: "state") + } +} diff --git a/GlassVPN/zhuhaow-NEKit/RawSocket/NWUDPSocket.swift b/GlassVPN/zhuhaow-NEKit/RawSocket/NWUDPSocket.swift new file mode 100755 index 0000000..142a30f --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/RawSocket/NWUDPSocket.swift @@ -0,0 +1,160 @@ +import Foundation +import NetworkExtension + +/// The delegate protocol of `NWUDPSocket`. +public protocol NWUDPSocketDelegate: class { + /** + Socket did receive data from remote. + + - parameter data: The data. + - parameter from: The socket the data is read from. + */ + func didReceive(data: Data, from: NWUDPSocket) + + func didCancel(socket: NWUDPSocket) +} + +/// The wrapper for NWUDPSession. +/// +/// - note: This class is thread-safe. +public class NWUDPSocket: NSObject { + private let session: NWUDPSession + private var pendingWriteData: [Data] = [] + private var writing = false + private let queue: DispatchQueue = QueueFactory.getQueue() + private let timer: DispatchSourceTimer + private let timeout: Int + + /// The delegate instance. + public weak var delegate: NWUDPSocketDelegate? + + /// The time when the last activity happens. + /// + /// Since UDP do not have a "close" semantic, this can be an indicator of timeout. + public var lastActive: Date = Date() + + /** + Create a new UDP socket connecting to remote. + + - parameter host: The host. + - parameter port: The port. + */ + public init?(host: String, port: Int, timeout: Int = Opt.UDPSocketActiveTimeout) { + guard let udpsession = RawSocketFactory.TunnelProvider?.createUDPSession(to: NWHostEndpoint(hostname: host, port: "\(port)"), from: nil) else { + return nil + } + + session = udpsession + self.timeout = timeout + + timer = DispatchSource.makeTimerSource(queue: queue) + + super.init() + + timer.schedule(deadline: DispatchTime.now(), repeating: DispatchTimeInterval.seconds(Opt.UDPSocketActiveCheckInterval), leeway: DispatchTimeInterval.seconds(Opt.UDPSocketActiveCheckInterval)) + timer.setEventHandler { [weak self] in + self?.queueCall { + self?.checkStatus() + } + } + timer.resume() + + session.addObserver(self, forKeyPath: #keyPath(NWUDPSession.state), options: [.new], context: nil) + + session.setReadHandler({ [ weak self ] dataArray, error in + self?.queueCall { + guard let sSelf = self else { + return + } + + sSelf.updateActivityTimer() + + guard error == nil, let dataArray = dataArray else { + DDLogError("Error when reading from remote server. \(error?.localizedDescription ?? "Connection reset")") + return + } + + for data in dataArray { + sSelf.delegate?.didReceive(data: data, from: sSelf) + } + } + }, maxDatagrams: 32) + } + + /** + Send data to remote. + + - parameter data: The data to send. + */ + public func write(data: Data) { + pendingWriteData.append(data) + checkWrite() + } + + public func disconnect() { + session.cancel() + timer.cancel() + } + + public override func observeValue(forKeyPath keyPath: String?, of object: Any?, change: [NSKeyValueChangeKey : Any]?, context: UnsafeMutableRawPointer?) { + guard keyPath == "state" else { + return + } + + switch session.state { + case .cancelled: + queueCall { + self.delegate?.didCancel(socket: self) + } + case .ready: + checkWrite() + default: + break + } + } + + private func checkWrite() { + updateActivityTimer() + + guard session.state == .ready else { + return + } + + guard !writing else { + return + } + + guard pendingWriteData.count > 0 else { + return + } + + writing = true + session.writeMultipleDatagrams(self.pendingWriteData) {_ in + self.queueCall { + self.writing = false + self.checkWrite() + } + } + self.pendingWriteData.removeAll(keepingCapacity: true) + } + + private func updateActivityTimer() { + lastActive = Date() + } + + private func checkStatus() { + if timeout > 0 && Date().timeIntervalSince(lastActive) > TimeInterval(timeout) { + disconnect() + } + } + + private func queueCall(block: @escaping () -> Void) { + queue.async { + block() + } + } + + deinit { + session.removeObserver(self, forKeyPath: #keyPath(NWUDPSession.state)) + } +} diff --git a/GlassVPN/zhuhaow-NEKit/RawSocket/RawSocketFactory.swift b/GlassVPN/zhuhaow-NEKit/RawSocket/RawSocketFactory.swift new file mode 100755 index 0000000..c786b2c --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/RawSocket/RawSocketFactory.swift @@ -0,0 +1,42 @@ +import Foundation +import NetworkExtension + +/** + Represents the type of the socket. + + - NW: The socket based on `NWTCPConnection`. + - GCD: The socket based on `GCDAsyncSocket`. + */ +public enum SocketBaseType { + case nw, gcd +} + +/// Factory to create `RawTCPSocket` based on configuration. +open class RawSocketFactory { + /// Current active `NETunnelProvider` which creates `NWTCPConnection` instance. + /// + /// - note: Must set before any connection is created if `NWTCPSocket` or `NWUDPSocket` is used. + public static weak var TunnelProvider: NETunnelProvider? + + /** + Return `RawTCPSocket` instance. + + - parameter type: The type of the socket. + + - returns: The created socket instance. + */ + public static func getRawSocket(_ type: SocketBaseType? = nil) -> RawTCPSocketProtocol { + switch type { + case .some(.nw): + return NWTCPSocket() + case .some(.gcd): + return GCDTCPSocket() + case nil: + if RawSocketFactory.TunnelProvider == nil { + return GCDTCPSocket() + } else { + return NWTCPSocket() + } + } + } +} diff --git a/GlassVPN/zhuhaow-NEKit/RawSocket/RawTCPSocketProtocol.swift b/GlassVPN/zhuhaow-NEKit/RawSocket/RawTCPSocketProtocol.swift new file mode 100755 index 0000000..a746256 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/RawSocket/RawTCPSocketProtocol.swift @@ -0,0 +1,129 @@ +import Foundation + +/// The raw socket protocol which represents a TCP socket. +/// +/// Any concrete implementation does not need to be thread-safe. +/// +/// - warning: It is expected that the instance is accessed on the specific queue only. +public protocol RawTCPSocketProtocol : class { + /// The `RawTCPSocketDelegate` instance. + var delegate: RawTCPSocketDelegate? { get set } + + /// If the socket is connected. + var isConnected: Bool { get } + + /// The source address. + var sourceIPAddress: IPAddress? { get } + + /// The source port. + var sourcePort: Port? { get } + + /// The destination address. + var destinationIPAddress: IPAddress? { get } + + /// The destination port. + var destinationPort: Port? { get } + + /** + Connect to remote host. + + - parameter host: Remote host. + - parameter port: Remote port. + - parameter enableTLS: Should TLS be enabled. + - parameter tlsSettings: The settings of TLS. + + - throws: The error occured when connecting to host. + */ + func connectTo(host: String, port: Int, enableTLS: Bool, tlsSettings: [AnyHashable: Any]?) throws + + /** + Disconnect the socket. + + The socket should disconnect elegantly after any queued writing data are successfully sent. + + - note: Usually, any concrete implementation should wait until any pending writing data are finished then call `forceDisconnect()`. + */ + func disconnect() + + /** + Disconnect the socket immediately. + + - note: The socket should disconnect as soon as possible. + */ + func forceDisconnect() + + /** + Send data to remote. + + - parameter data: Data to send. + - warning: This should only be called after the last write is finished, i.e., `delegate?.didWriteData()` is called. + */ + func write(data: Data) + + /** + Read data from the socket. + + - warning: This should only be called after the last read is finished, i.e., `delegate?.didReadData()` is called. + */ + func readData() + + /** + Read specific length of data from the socket. + + - parameter length: The length of the data to read. + - warning: This should only be called after the last read is finished, i.e., `delegate?.didReadData()` is called. + */ + func readDataTo(length: Int) + + /** + Read data until a specific pattern (including the pattern). + + - parameter data: The pattern. + - warning: This should only be called after the last read is finished, i.e., `delegate?.didReadData()` is called. + */ + func readDataTo(data: Data) + + /** + Read data until a specific pattern (including the pattern). + + - parameter data: The pattern. + - parameter maxLength: The max length of data to scan for the pattern. + - warning: This should only be called after the last read is finished, i.e., `delegate?.didReadData()` is called. + */ + func readDataTo(data: Data, maxLength: Int) +} + +/// The delegate protocol to handle the events from a raw TCP socket. +public protocol RawTCPSocketDelegate: class { + /** + The socket did disconnect. + + This should only be called once in the entire lifetime of a socket. After this is called, the delegate will not receive any other events from that socket and the socket should be released. + + - parameter socket: The socket which did disconnect. + */ + func didDisconnectWith(socket: RawTCPSocketProtocol) + + /** + The socket did read some data. + + - parameter data: The data read from the socket. + - parameter from: The socket where the data is read from. + */ + func didRead(data: Data, from: RawTCPSocketProtocol) + + /** + The socket did send some data. + + - parameter data: The data which have been sent to remote (acknowledged). Note this may not be available since the data may be released to save memory. + - parameter by: The socket where the data is sent out. + */ + func didWrite(data: Data?, by: RawTCPSocketProtocol) + + /** + The socket did connect to remote. + + - parameter socket: The connected socket. + */ + func didConnectWith(socket: RawTCPSocketProtocol) +} diff --git a/GlassVPN/zhuhaow-NEKit/ResponseGenerator.swift b/GlassVPN/zhuhaow-NEKit/ResponseGenerator.swift new file mode 100755 index 0000000..33a3f72 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/ResponseGenerator.swift @@ -0,0 +1,13 @@ +import Foundation + +open class ResponseGenerator { + public let session: ConnectSession + + public init(withSession session: ConnectSession) { + self.session = session + } + + open func generateResponse() -> Data { + return Data() + } +} diff --git a/GlassVPN/zhuhaow-NEKit/ResponseGeneratorFactory.swift b/GlassVPN/zhuhaow-NEKit/ResponseGeneratorFactory.swift new file mode 100755 index 0000000..97a1c4d --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/ResponseGeneratorFactory.swift @@ -0,0 +1,6 @@ +import Foundation + +open class ResponseGeneratorFactory { + static var HTTPProxyResponseGenerator: ResponseGenerator.Type? + static var SOCKS5ProxyResponseGenerator: ResponseGenerator.Type? +} diff --git a/GlassVPN/zhuhaow-NEKit/Rule/AllRule.swift b/GlassVPN/zhuhaow-NEKit/Rule/AllRule.swift new file mode 100755 index 0000000..c7733bc --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Rule/AllRule.swift @@ -0,0 +1,48 @@ +import Foundation + +/// The rule matches all DNS and connect sessions. +open class AllRule: Rule { + fileprivate let adapterFactory: AdapterFactory + + open override var description: String { + return "" + } + + /** + Create a new `AllRule` instance. + + - parameter adapterFactory: The factory which builds a corresponding adapter when needed. + */ + public init(adapterFactory: AdapterFactory) { + self.adapterFactory = adapterFactory + super.init() + } + + /** + Match DNS session to this rule. + + - parameter session: The DNS session to match. + - parameter type: What kind of information is available. + + - returns: The result of match. + */ + override open func matchDNS(_ session: DNSSession, type: DNSSessionMatchType) -> DNSSessionMatchResult { + // only return real IP when we connect to remote directly + if let _ = adapterFactory as? DirectAdapterFactory { + return .real + } else { + return .fake + } + } + + /** + Match connect session to this rule. + + - parameter session: connect session to match. + + - returns: The configured adapter. + */ + override open func match(_ session: ConnectSession) -> AdapterFactory? { + return adapterFactory + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Rule/DNSFailRule.swift b/GlassVPN/zhuhaow-NEKit/Rule/DNSFailRule.swift new file mode 100755 index 0000000..f831398 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Rule/DNSFailRule.swift @@ -0,0 +1,60 @@ +import Foundation + +/// The rule matches the request which failed to look up. +open class DNSFailRule: Rule { + fileprivate let adapterFactory: AdapterFactory + + open override var description: String { + return "" + } + + /** + Create a new `DNSFailRule` instance. + + - parameter adapterFactory: The factory which builds a corresponding adapter when needed. + */ + public init(adapterFactory: AdapterFactory) { + self.adapterFactory = adapterFactory + super.init() + } + + /** + Match DNS request to this rule. + + - parameter session: The DNS session to match. + - parameter type: What kind of information is available. + + - returns: The result of match. + */ + override open func matchDNS(_ session: DNSSession, type: DNSSessionMatchType) -> DNSSessionMatchResult { + guard type == .ip else { + return .unknown + } + + // only return real IP when we connect to remote directly + if session.realIP == nil { + if let _ = adapterFactory as? DirectAdapterFactory { + return .real + } else { + return .fake + } + } else { + return .pass + } + } + + /** + Match connect session to this rule. + + - parameter session: connect session to match. + + - returns: The configured adapter. + */ + override open func match(_ session: ConnectSession) -> AdapterFactory? { + if session.ipAddress == "" { + return adapterFactory + } else { + return nil + } + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Rule/DNSSessionMatchResult.swift b/GlassVPN/zhuhaow-NEKit/Rule/DNSSessionMatchResult.swift new file mode 100755 index 0000000..98fc570 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Rule/DNSSessionMatchResult.swift @@ -0,0 +1,13 @@ +import Foundation + +/** + The result of matching the rule to DNS request. + + - Real: The request matches the rule and the connection can be done with a real IP address. + - Fake: The request matches the rule but we need to identify this session when a later connection is fired with an IP address instead of the host domain. + - Unknown: The match type is `DNSSessionMatchType.Domain` but rule needs the resolved IP address. + - Pass: This rule does not match the request. + */ +public enum DNSSessionMatchResult { + case real, fake, unknown, pass +} diff --git a/GlassVPN/zhuhaow-NEKit/Rule/DNSSessionMatchType.swift b/GlassVPN/zhuhaow-NEKit/Rule/DNSSessionMatchType.swift new file mode 100755 index 0000000..be792c2 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Rule/DNSSessionMatchType.swift @@ -0,0 +1,13 @@ +import Foundation + +/** + The information available in current round of matching. + + Since we want to speed things up, we first match the request without resolving it (`.Domain`). If any rule returns `.Unknown`, we lookup the request and rematches that rule (`.IP`). + + - Domain: Only domain information is available. + - IP: The IP address is resolved. + */ +public enum DNSSessionMatchType { + case domain, ip +} diff --git a/GlassVPN/zhuhaow-NEKit/Rule/DirectRule.swift b/GlassVPN/zhuhaow-NEKit/Rule/DirectRule.swift new file mode 100755 index 0000000..8a49752 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Rule/DirectRule.swift @@ -0,0 +1,16 @@ +import Foundation + +/// The rule matches every request and returns direct adapter. +/// +/// This is equivalent to create an `AllRule` with a `DirectAdapterFactory`. +open class DirectRule: AllRule { + open override var description: String { + return "" + } + /** + Create a new `DirectRule` instance. + */ + public init() { + super.init(adapterFactory: DirectAdapterFactory()) + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Rule/DomainListRule.swift b/GlassVPN/zhuhaow-NEKit/Rule/DomainListRule.swift new file mode 100755 index 0000000..72f6a5d --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Rule/DomainListRule.swift @@ -0,0 +1,84 @@ +import Foundation + +/// The rule matches the host domain to a list of predefined criteria. +open class DomainListRule: Rule { + public enum MatchCriterion { + case regex(NSRegularExpression), prefix(String), suffix(String), keyword(String), complete(String) + + func match(_ domain: String) -> Bool { + switch self { + case .regex(let regex): + return regex.firstMatch(in: domain, options: [], range: NSRange(location: 0, length: domain.utf8.count)) != nil + case .prefix(let prefix): + return domain.hasPrefix(prefix) + case .suffix(let suffix): + return domain.hasSuffix(suffix) + case .keyword(let keyword): + return domain.contains(keyword) + case .complete(let match): + return domain == match + } + } + } + + fileprivate let adapterFactory: AdapterFactory + + open override var description: String { + return "" + } + + /// The list of criteria to match to. + open var matchCriteria: [MatchCriterion] = [] + + /** + Create a new `DomainListRule` instance. + + - parameter adapterFactory: The factory which builds a corresponding adapter when needed. + - parameter criteria: The list of criteria to match. + */ + public init(adapterFactory: AdapterFactory, criteria: [MatchCriterion]) { + self.adapterFactory = adapterFactory + self.matchCriteria = criteria + } + + /** + Match DNS request to this rule. + + - parameter session: The DNS session to match. + - parameter type: What kind of information is available. + + - returns: The result of match. + */ + override open func matchDNS(_ session: DNSSession, type: DNSSessionMatchType) -> DNSSessionMatchResult { + if matchDomain(session.requestMessage.queries.first!.name) { + if let _ = adapterFactory as? DirectAdapterFactory { + return .real + } + return .fake + } + return .pass + } + + /** + Match connect session to this rule. + + - parameter session: connect session to match. + + - returns: The configured adapter if matched, return `nil` if not matched. + */ + override open func match(_ session: ConnectSession) -> AdapterFactory? { + if matchDomain(session.host) { + return adapterFactory + } + return nil + } + + fileprivate func matchDomain(_ domain: String) -> Bool { + for criterion in matchCriteria { + if criterion.match(domain) { + return true + } + } + return false + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Rule/IPRangeListRule.swift b/GlassVPN/zhuhaow-NEKit/Rule/IPRangeListRule.swift new file mode 100755 index 0000000..c2bf08b --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Rule/IPRangeListRule.swift @@ -0,0 +1,75 @@ +import Foundation + +/// The rule matches the ip of the target hsot to a list of IP ranges. +open class IPRangeListRule: Rule { + fileprivate let adapterFactory: AdapterFactory + + open override var description: String { + return "" + } + + /// The list of regular expressions to match to. + open var ranges: [IPRange] = [] + + /** + Create a new `IPRangeListRule` instance. + + - parameter adapterFactory: The factory which builds a corresponding adapter when needed. + - parameter ranges: The list of IP ranges to match. The IP ranges are expressed in CIDR form ("127.0.0.1/8") or range form ("127.0.0.1+16777216"). + + - throws: The error when parsing the IP range. + */ + public init(adapterFactory: AdapterFactory, ranges: [String]) throws { + self.adapterFactory = adapterFactory + self.ranges = try ranges.map { + let range = try IPRange(withString: $0) + return range + } + } + + /** + Match DNS request to this rule. + + - parameter session: The DNS session to match. + - parameter type: What kind of information is available. + + - returns: The result of match. + */ + override open func matchDNS(_ session: DNSSession, type: DNSSessionMatchType) -> DNSSessionMatchResult { + guard type == .ip else { + return .unknown + } + + // Probably we should match all answers? + guard let ip = session.realIP else { + return .pass + } + + for range in ranges { + if range.contains(ip: ip) { + return .fake + } + } + return .pass + } + + /** + Match connect session to this rule. + + - parameter session: connect session to match. + + - returns: The configured adapter if matched, return `nil` if not matched. + */ + override open func match(_ session: ConnectSession) -> AdapterFactory? { + guard let ip = IPAddress(fromString: session.ipAddress) else { + return nil + } + + for range in ranges { + if range.contains(ip: ip) { + return adapterFactory + } + } + return nil + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Rule/Rule.swift b/GlassVPN/zhuhaow-NEKit/Rule/Rule.swift new file mode 100755 index 0000000..f515022 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Rule/Rule.swift @@ -0,0 +1,37 @@ +import Foundation + +/// The rule defines what to do for DNS requests and connect sessions. +open class Rule: CustomStringConvertible { + open var description: String { + return "" + } + + /** + Create a new rule. + */ + public init() { + } + + /** + Match DNS request to this rule. + + - parameter session: The DNS session to match. + - parameter type: What kind of information is available. + + - returns: The result of match. + */ + open func matchDNS(_ session: DNSSession, type: DNSSessionMatchType) -> DNSSessionMatchResult { + return .real + } + + /** + Match connect session to this rule. + + - parameter session: connect session to match. + + - returns: The configured adapter if matched, return `nil` if not matched. + */ + open func match(_ session: ConnectSession) -> AdapterFactory? { + return nil + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Rule/RuleManager.swift b/GlassVPN/zhuhaow-NEKit/Rule/RuleManager.swift new file mode 100755 index 0000000..dbf6360 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Rule/RuleManager.swift @@ -0,0 +1,80 @@ +import Foundation + +/// The class managing rules. +open class RuleManager { + /// The current used `RuleManager`, there is only one manager should be used at a time. + /// + /// - note: This should be set before any DNS or connect sessions. + public static var currentManager: RuleManager = RuleManager(fromRules: [], appendDirect: true) + + /// The rule list. + var rules: [Rule] = [] + + open var observer: Observer? + + /** + Create a new `RuleManager` from the given rules. + + - parameter rules: The rules. + - parameter appendDirect: Whether to append a `DirectRule` at the end of the list so any request does not match with any rule go directly. + */ + public init(fromRules rules: [Rule], appendDirect: Bool = false) { + self.rules = [] + + if appendDirect || self.rules.count == 0 { + self.rules.append(DirectRule()) + } + + observer = ObserverFactory.currentFactory?.getObserverForRuleManager(self) + } + + /** + Match DNS request to all rules. + + - parameter session: The DNS session to match. + - parameter type: What kind of information is available. + */ + func matchDNS(_ session: DNSSession, type: DNSSessionMatchType) { + for (i, rule) in rules[session.indexToMatch.. AdapterFactory! { + if session.matchedRule != nil { + observer?.signal(.ruleMatched(session, rule: session.matchedRule!)) + return session.matchedRule!.match(session) + } + + for rule in rules { + if let adapterFactory = rule.match(session) { + observer?.signal(.ruleMatched(session, rule: rule)) + + session.matchedRule = rule + return adapterFactory + } else { + observer?.signal(.ruleDidNotMatch(session, rule: rule)) + } + } + return nil // this should never happens + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/AdapterSocket.swift b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/AdapterSocket.swift new file mode 100755 index 0000000..889546b --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/AdapterSocket.swift @@ -0,0 +1,156 @@ +import Foundation + +open class AdapterSocket: NSObject, SocketProtocol, RawTCPSocketDelegate { + open var session: ConnectSession! + + open var observer: Observer? + + open override var description: String { + return "<\(typeName) host:\(session.host) port:\(session.port))>" + } + + internal var _cancelled = false + public var isCancelled: Bool { + return _cancelled + } + + /** + Connect to remote according to the `ConnectSession`. + + - parameter session: The connect session. + */ + open func openSocketWith(session: ConnectSession) { + guard !isCancelled else { + return + } + + self.session = session + observer?.signal(.socketOpened(self, withSession: session)) + + socket?.delegate = self + _status = .connecting + } + + deinit { + socket?.delegate = nil + } + + // MARK: SocketProtocol Implementation + + /// The underlying TCP socket transmitting data. + open var socket: RawTCPSocketProtocol! + + /// The delegate instance. + weak open var delegate: SocketDelegate? + + var _status: SocketStatus = .invalid + /// The current connection status of the socket. + public var status: SocketStatus { + return _status + } + + open var statusDescription: String { + return "\(status)" + } + + public init(observe: Bool = true) { + super.init() + + if observe { + observer = ObserverFactory.currentFactory?.getObserverForAdapterSocket(self) + } + } + + /** + Read data from the socket. + + - warning: This should only be called after the last read is finished, i.e., `delegate?.didReadData()` is called. + */ + open func readData() { + guard !isCancelled else { + return + } + + socket?.readData() + } + + /** + Send data to remote. + + - parameter data: Data to send. + - warning: This should only be called after the last write is finished, i.e., `delegate?.didWriteData()` is called. + */ + open func write(data: Data) { + guard !isCancelled else { + return + } + + socket?.write(data: data) + } + + /** + Disconnect the socket elegantly. + */ + open func disconnect(becauseOf error: Error? = nil) { + _status = .disconnecting + _cancelled = true + session.disconnected(becauseOf: error, by: .adapter) + observer?.signal(.disconnectCalled(self)) + socket?.disconnect() + } + + /** + Disconnect the socket immediately. + */ + open func forceDisconnect(becauseOf error: Error? = nil) { + _status = .disconnecting + _cancelled = true + session.disconnected(becauseOf: error, by: .adapter) + observer?.signal(.forceDisconnectCalled(self)) + socket?.forceDisconnect() + } + + // MARK: RawTCPSocketDelegate Protocol Implementation + + /** + The socket did disconnect. + + - parameter socket: The socket which did disconnect. + */ + open func didDisconnectWith(socket: RawTCPSocketProtocol) { + _status = .closed + observer?.signal(.disconnected(self)) + delegate?.didDisconnectWith(socket: self) + } + + /** + The socket did read some data. + + - parameter data: The data read from the socket. + - parameter from: The socket where the data is read from. + */ + open func didRead(data: Data, from: RawTCPSocketProtocol) { + observer?.signal(.readData(data, on: self)) + } + + /** + The socket did send some data. + + - parameter data: The data which have been sent to remote (acknowledged). Note this may not be available since the data may be released to save memory. + - parameter by: The socket where the data is sent out. + */ + open func didWrite(data: Data?, by: RawTCPSocketProtocol) { + observer?.signal(.wroteData(data, on: self)) + } + + /** + The socket did connect to remote. + + - parameter socket: The connected socket. + */ + open func didConnectWith(socket: RawTCPSocketProtocol) { + _status = .established + observer?.signal(.connected(self)) + delegate?.didConnectWith(adapterSocket: self) + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/DirectAdapter.swift b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/DirectAdapter.swift new file mode 100755 index 0000000..b835bce --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/DirectAdapter.swift @@ -0,0 +1,48 @@ +import Foundation + +/// This adapter connects to remote directly. +public class DirectAdapter: AdapterSocket { + /// If this is set to `false`, then the IP address will be resolved by system. + var resolveHost = false + + /** + Connect to remote according to the `ConnectSession`. + + - parameter session: The connect session. + */ + override public func openSocketWith(session: ConnectSession) { + super.openSocketWith(session: session) + + guard !isCancelled else { + return + } + + do { + try socket.connectTo(host: session.host, port: Int(session.port), enableTLS: false, tlsSettings: nil) + } catch let error { + observer?.signal(.errorOccured(error, on: self)) + disconnect() + } + } + + /** + The socket did connect to remote. + + - parameter socket: The connected socket. + */ + override public func didConnectWith(socket: RawTCPSocketProtocol) { + super.didConnectWith(socket: socket) + observer?.signal(.readyForForward(self)) + delegate?.didBecomeReadyToForwardWith(socket: self) + } + + override public func didRead(data: Data, from rawSocket: RawTCPSocketProtocol) { + super.didRead(data: data, from: rawSocket) + delegate?.didRead(data: data, from: self) + } + + override public func didWrite(data: Data?, by rawSocket: RawTCPSocketProtocol) { + super.didWrite(data: data, by: rawSocket) + delegate?.didWrite(data: data, by: self) + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/AdapterFactory.swift b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/AdapterFactory.swift new file mode 100755 index 0000000..5b0bb7a --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/AdapterFactory.swift @@ -0,0 +1,35 @@ +import Foundation + +/// The base class of adapter factory. +open class AdapterFactory { + public init() {} + + /** + Build an adapter. + + - parameter session: The connect session. + + - returns: The built adapter. + */ + open func getAdapterFor(session: ConnectSession) -> AdapterSocket { + return getDirectAdapter() + } + + /** + Helper method to get a `DirectAdapter`. + + - returns: A direct adapter. + */ + public func getDirectAdapter() -> AdapterSocket { + let adapter = DirectAdapter() + adapter.socket = RawSocketFactory.getRawSocket() + return adapter + } +} + +/// Factory building direct adapters. +/// +/// - note: This is needed since we need to identify direct adapter factory. +public class DirectAdapterFactory: AdapterFactory { + public override init() {} +} diff --git a/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/AdapterFactoryManager.swift b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/AdapterFactoryManager.swift new file mode 100755 index 0000000..30fdc10 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/AdapterFactoryManager.swift @@ -0,0 +1,27 @@ +import Foundation + +/// This is a very simple wrapper of a dict of type `[String: AdapterFactory]`. +/// +/// Use it as a normal dict. +public class AdapterFactoryManager { + private var factoryDict: [String: AdapterFactory] + + public subscript(index: String) -> AdapterFactory? { + get { + if index == "direct" { + return DirectAdapterFactory() + } + return factoryDict[index] + } + set { factoryDict[index] = newValue } + } + + /** + Initialize a new factory manager. + + - parameter factoryDict: The factory dict. + */ + public init(factoryDict: [String: AdapterFactory]) { + self.factoryDict = factoryDict + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/AuthenticationServerAdapterFactory.swift b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/AuthenticationServerAdapterFactory.swift new file mode 100755 index 0000000..d9356c7 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/AuthenticationServerAdapterFactory.swift @@ -0,0 +1,11 @@ +import Foundation + +/// Factory building server adapter which requires authentication. +open class HTTPAuthenticationAdapterFactory: ServerAdapterFactory { + let auth: HTTPAuthentication? + + required public init(serverHost: String, serverPort: Int, auth: HTTPAuthentication?) { + self.auth = auth + super.init(serverHost: serverHost, serverPort: serverPort) + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/HTTPAdapterFactory.swift b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/HTTPAdapterFactory.swift new file mode 100755 index 0000000..838df80 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/HTTPAdapterFactory.swift @@ -0,0 +1,21 @@ +import Foundation + +/// Factory building HTTP adapter. +open class HTTPAdapterFactory: HTTPAuthenticationAdapterFactory { + required public init(serverHost: String, serverPort: Int, auth: HTTPAuthentication?) { + super.init(serverHost: serverHost, serverPort: serverPort, auth: auth) + } + + /** + Get a HTTP adapter. + + - parameter session: The connect session. + + - returns: The built adapter. + */ + override open func getAdapterFor(session: ConnectSession) -> AdapterSocket { + let adapter = HTTPAdapter(serverHost: serverHost, serverPort: serverPort, auth: auth) + adapter.socket = RawSocketFactory.getRawSocket() + return adapter + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/RejectAdapterFactory.swift b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/RejectAdapterFactory.swift new file mode 100755 index 0000000..3032cef --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/RejectAdapterFactory.swift @@ -0,0 +1,13 @@ +import Foundation + +open class RejectAdapterFactory: AdapterFactory { + public let delay: Int + + public init(delay: Int = Opt.RejectAdapterDefaultDelay) { + self.delay = delay + } + + override open func getAdapterFor(session: ConnectSession) -> AdapterSocket { + return RejectAdapter(delay: delay) + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/SOCKS5AdapterFactory.swift b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/SOCKS5AdapterFactory.swift new file mode 100755 index 0000000..46371a6 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/SOCKS5AdapterFactory.swift @@ -0,0 +1,21 @@ +import Foundation + +/// Factory building SOCKS5 adapter. +open class SOCKS5AdapterFactory: ServerAdapterFactory { + override public init(serverHost: String, serverPort: Int) { + super.init(serverHost: serverHost, serverPort: serverPort) + } + + /** + Get a SOCKS5 adapter. + + - parameter session: The connect session. + + - returns: The built adapter. + */ + override open func getAdapterFor(session: ConnectSession) -> AdapterSocket { + let adapter = SOCKS5Adapter(serverHost: serverHost, serverPort: serverPort) + adapter.socket = RawSocketFactory.getRawSocket() + return adapter + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/SecureHTTPAdapterFactory.swift b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/SecureHTTPAdapterFactory.swift new file mode 100755 index 0000000..7e95122 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/SecureHTTPAdapterFactory.swift @@ -0,0 +1,21 @@ +import Foundation + +/// Factory building secured HTTP (HTTP with SSL) adapter. +open class SecureHTTPAdapterFactory: HTTPAdapterFactory { + required public init(serverHost: String, serverPort: Int, auth: HTTPAuthentication?) { + super.init(serverHost: serverHost, serverPort: serverPort, auth: auth) + } + + /** + Get a secured HTTP adapter. + + - parameter session: The connect session. + + - returns: The built adapter. + */ + override open func getAdapterFor(session: ConnectSession) -> AdapterSocket { + let adapter = SecureHTTPAdapter(serverHost: serverHost, serverPort: serverPort, auth: auth) + adapter.socket = RawSocketFactory.getRawSocket() + return adapter + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/ServerAdapterFactory.swift b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/ServerAdapterFactory.swift new file mode 100755 index 0000000..ed361a4 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/ServerAdapterFactory.swift @@ -0,0 +1,12 @@ +import Foundation + +/// Factory building adapter with proxy server host and port. +open class ServerAdapterFactory: AdapterFactory { + let serverHost: String + let serverPort: Int + + public init(serverHost: String, serverPort: Int) { + self.serverHost = serverHost + self.serverPort = serverPort + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/ShadowsocksAdapterFactory.swift b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/ShadowsocksAdapterFactory.swift new file mode 100755 index 0000000..122f8a0 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/ShadowsocksAdapterFactory.swift @@ -0,0 +1,28 @@ +//import Foundation +// +///// Factory building Shadowsocks adapter. +//open class ShadowsocksAdapterFactory: ServerAdapterFactory { +// let protocolObfuscaterFactory: ShadowsocksAdapter.ProtocolObfuscater.Factory +// let cryptorFactory: ShadowsocksAdapter.CryptoStreamProcessor.Factory +// let streamObfuscaterFactory: ShadowsocksAdapter.StreamObfuscater.Factory +// +// public init(serverHost: String, serverPort: Int, protocolObfuscaterFactory: ShadowsocksAdapter.ProtocolObfuscater.Factory, cryptorFactory: ShadowsocksAdapter.CryptoStreamProcessor.Factory, streamObfuscaterFactory: ShadowsocksAdapter.StreamObfuscater.Factory) { +// self.protocolObfuscaterFactory = protocolObfuscaterFactory +// self.cryptorFactory = cryptorFactory +// self.streamObfuscaterFactory = streamObfuscaterFactory +// super.init(serverHost: serverHost, serverPort: serverPort) +// } +// +// /** +// Get a Shadowsocks adapter. +// +// - parameter session: The connect session. +// +// - returns: The built adapter. +// */ +// override open func getAdapterFor(session: ConnectSession) -> AdapterSocket { +// let adapter = ShadowsocksAdapter(host: serverHost, port: serverPort, protocolObfuscater: protocolObfuscaterFactory.build(), cryptor: cryptorFactory.build(), streamObfuscator: streamObfuscaterFactory.build(for: session)) +// adapter.socket = RawSocketFactory.getRawSocket() +// return adapter +// } +//} diff --git a/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/SpeedAdapterFactory.swift b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/SpeedAdapterFactory.swift new file mode 100755 index 0000000..980ffb0 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Factory/SpeedAdapterFactory.swift @@ -0,0 +1,26 @@ +//import Foundation +// +///// Factory building speed adapter. +//open class SpeedAdapterFactory: AdapterFactory { +// open var adapterFactories: [(AdapterFactory, Int)]! +// +// public override init() {} +// +// /** +// Get a speed adapter. +// +// - parameter session: The connect session. +// +// - returns: The built adapter. +// */ +// override open func getAdapterFor(session: ConnectSession) -> AdapterSocket { +// let adapters = adapterFactories.map { adapterFactory, delay -> (AdapterSocket, Int) in +// let adapter = adapterFactory.getAdapterFor(session: session) +// adapter.socket = RawSocketFactory.getRawSocket() +// return (adapter, delay) +// } +// let speedAdapter = SpeedAdapter() +// speedAdapter.adapters = adapters +// return speedAdapter +// } +//} diff --git a/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/HTTPAdapter.swift b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/HTTPAdapter.swift new file mode 100755 index 0000000..57ff9fa --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/HTTPAdapter.swift @@ -0,0 +1,110 @@ +import Foundation + +public enum HTTPAdapterError: Error, CustomStringConvertible { + case invalidURL, serailizationFailure + + public var description: String { + switch self { + case .invalidURL: + return "Invalid url when connecting through proxy" + case .serailizationFailure: + return "Failed to serialize HTTP CONNECT header" + } + } +} + +/// This adapter connects to remote host through a HTTP proxy. +public class HTTPAdapter: AdapterSocket { + enum HTTPAdapterStatus { + case invalid, + connecting, + readingResponse, + forwarding, + stopped + } + + /// The host domain of the HTTP proxy. + let serverHost: String + + /// The port of the HTTP proxy. + let serverPort: Int + + /// The authentication information for the HTTP proxy. + let auth: HTTPAuthentication? + + /// Whether the connection to the proxy should be secured or not. + var secured: Bool + + var internalStatus: HTTPAdapterStatus = .invalid + + public init(serverHost: String, serverPort: Int, auth: HTTPAuthentication?) { + self.serverHost = serverHost + self.serverPort = serverPort + self.auth = auth + secured = false + super.init() + } + + override public func openSocketWith(session: ConnectSession) { + super.openSocketWith(session: session) + + guard !isCancelled else { + return + } + + do { + internalStatus = .connecting + try socket.connectTo(host: serverHost, port: serverPort, enableTLS: secured, tlsSettings: nil) + } catch {} + } + + override public func didConnectWith(socket: RawTCPSocketProtocol) { + super.didConnectWith(socket: socket) + + guard let url = URL(string: "\(session.host):\(session.port)") else { + observer?.signal(.errorOccured(HTTPAdapterError.invalidURL, on: self)) + disconnect() + return + } + let message = CFHTTPMessageCreateRequest(kCFAllocatorDefault, "CONNECT" as CFString, url as CFURL, kCFHTTPVersion1_1).takeRetainedValue() + if let authData = auth { + CFHTTPMessageSetHeaderFieldValue(message, "Proxy-Authorization" as CFString, authData.authString() as CFString?) + } + CFHTTPMessageSetHeaderFieldValue(message, "Host" as CFString, "\(session.host):\(session.port)" as CFString?) + CFHTTPMessageSetHeaderFieldValue(message, "Content-Length" as CFString, "0" as CFString?) + + guard let requestData = CFHTTPMessageCopySerializedMessage(message)?.takeRetainedValue() else { + observer?.signal(.errorOccured(HTTPAdapterError.serailizationFailure, on: self)) + disconnect() + return + } + + internalStatus = .readingResponse + write(data: requestData as Data) + socket.readDataTo(data: Utils.HTTPData.DoubleCRLF) + } + + override public func didRead(data: Data, from socket: RawTCPSocketProtocol) { + super.didRead(data: data, from: socket) + + switch internalStatus { + case .readingResponse: + internalStatus = .forwarding + observer?.signal(.readyForForward(self)) + delegate?.didBecomeReadyToForwardWith(socket: self) + case .forwarding: + observer?.signal(.readData(data, on: self)) + delegate?.didRead(data: data, from: self) + default: + return + } + } + + override public func didWrite(data: Data?, by socket: RawTCPSocketProtocol) { + super.didWrite(data: data, by: socket) + if internalStatus == .forwarding { + observer?.signal(.wroteData(data, on: self)) + delegate?.didWrite(data: data, by: self) + } + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/RejectAdapter.swift b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/RejectAdapter.swift new file mode 100755 index 0000000..8a61e3d --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/RejectAdapter.swift @@ -0,0 +1,49 @@ +import Foundation + +public class RejectAdapter: AdapterSocket { + public let delay: Int + + public init(delay: Int) { + self.delay = delay + } + + override public func openSocketWith(session: ConnectSession) { + super.openSocketWith(session: session) + + QueueFactory.getQueue().asyncAfter(deadline: DispatchTime.now() + DispatchTimeInterval.milliseconds(delay)) { + [weak self] in + self?.disconnect() + } + } + + /** + Disconnect the socket elegantly. + */ + public override func disconnect(becauseOf error: Error? = nil) { + guard !isCancelled else { + return + } + + _cancelled = true + session.disconnected(becauseOf: error, by: .adapter) + observer?.signal(.disconnectCalled(self)) + _status = .closed + delegate?.didDisconnectWith(socket: self) + } + + /** + Disconnect the socket immediately. + */ + public override func forceDisconnect(becauseOf error: Error? = nil) { + guard !isCancelled else { + return + } + + _cancelled = true + session.disconnected(becauseOf: error, by: .adapter) + observer?.signal(.forceDisconnectCalled(self)) + _status = .closed + delegate?.didDisconnectWith(socket: self) + } + +} diff --git a/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/SOCKS5Adapter.swift b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/SOCKS5Adapter.swift new file mode 100755 index 0000000..3333db2 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/SOCKS5Adapter.swift @@ -0,0 +1,112 @@ +import Foundation + +public class SOCKS5Adapter: AdapterSocket { + enum SOCKS5AdapterStatus { + case invalid, + connecting, + readingMethodResponse, + readingResponseFirstPart, + readingResponseSecondPart, + forwarding + } + public let serverHost: String + public let serverPort: Int + + var internalStatus: SOCKS5AdapterStatus = .invalid + + let helloData = Data(bytes: UnsafePointer(([0x05, 0x01, 0x00] as [UInt8])), count: 3) + + public enum ReadTag: Int { + case methodResponse = -20000, connectResponseFirstPart, connectResponseSecondPart + } + + public enum WriteTag: Int { + case open = -21000, connectIPv4, connectIPv6, connectDomainLength, connectPort + } + + public init(serverHost: String, serverPort: Int) { + self.serverHost = serverHost + self.serverPort = serverPort + super.init() + } + + public override func openSocketWith(session: ConnectSession) { + super.openSocketWith(session: session) + + guard !isCancelled else { + return + } + + do { + internalStatus = .connecting + try socket.connectTo(host: serverHost, port: serverPort, enableTLS: false, tlsSettings: nil) + } catch {} + } + + public override func didConnectWith(socket: RawTCPSocketProtocol) { + super.didConnectWith(socket: socket) + + write(data: helloData) + internalStatus = .readingMethodResponse + socket.readDataTo(length: 2) + } + + public override func didRead(data: Data, from socket: RawTCPSocketProtocol) { + super.didRead(data: data, from: socket) + + switch internalStatus { + case .readingMethodResponse: + var response: [UInt8] + if session.isIPv4() { + response = [0x05, 0x01, 0x00, 0x01] + let address = IPAddress(fromString: session.host)! + response += [UInt8](address.dataInNetworkOrder) + } else if session.isIPv6() { + response = [0x05, 0x01, 0x00, 0x04] + let address = IPAddress(fromString: session.host)! + response += [UInt8](address.dataInNetworkOrder) + } else { + response = [0x05, 0x01, 0x00, 0x03] + response.append(UInt8(session.host.utf8.count)) + response += [UInt8](session.host.utf8) + } + + let portBytes: [UInt8] = Utils.toByteArray(UInt16(session.port)).reversed() + response.append(contentsOf: portBytes) + write(data: Data(response)) + + internalStatus = .readingResponseFirstPart + socket.readDataTo(length: 5) + case .readingResponseFirstPart: + var readLength = 0 + switch data[3] { + case 1: + readLength = 3 + 2 + case 3: + readLength = Int(data[4]) + 2 + case 4: + readLength = 15 + 2 + default: + break + } + internalStatus = .readingResponseSecondPart + socket.readDataTo(length: readLength) + case .readingResponseSecondPart: + internalStatus = .forwarding + observer?.signal(.readyForForward(self)) + delegate?.didBecomeReadyToForwardWith(socket: self) + case .forwarding: + delegate?.didRead(data: data, from: self) + default: + return + } + } + + override open func didWrite(data: Data?, by socket: RawTCPSocketProtocol) { + super.didWrite(data: data, by: socket) + + if internalStatus == .forwarding { + delegate?.didWrite(data: data, by: self) + } + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/SecureHTTPAdapter.swift b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/SecureHTTPAdapter.swift new file mode 100755 index 0000000..b4f7024 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/SecureHTTPAdapter.swift @@ -0,0 +1,9 @@ +import Foundation + +/// This adapter connects to remote host through a HTTP proxy with SSL. +public class SecureHTTPAdapter: HTTPAdapter { + override public init(serverHost: String, serverPort: Int, auth: HTTPAuthentication?) { + super.init(serverHost: serverHost, serverPort: serverPort, auth: auth) + secured = true + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Shadowsocks/CryptoStreamProcessor.swift b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Shadowsocks/CryptoStreamProcessor.swift new file mode 100755 index 0000000..9584fba --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Shadowsocks/CryptoStreamProcessor.swift @@ -0,0 +1,133 @@ +//import Foundation +// +//extension ShadowsocksAdapter { +// public class CryptoStreamProcessor { +// public class Factory { +// let password: String +// let algorithm: CryptoAlgorithm +// let key: Data +// +// public init(password: String, algorithm: CryptoAlgorithm) { +// self.password = password +// self.algorithm = algorithm +// key = CryptoHelper.getKey(password, methodType: algorithm) +// } +// +// public func build() -> CryptoStreamProcessor { +// return CryptoStreamProcessor(key: key, algorithm: algorithm) +// } +// } +// +// public weak var inputStreamProcessor: StreamObfuscater.StreamObfuscaterBase! +// public weak var outputStreamProcessor: ProtocolObfuscater.ProtocolObfuscaterBase! +// +// var readIV: Data! +// let key: Data +// let algorithm: CryptoAlgorithm +// +// var sendKey = false +// +// var buffer = Buffer(capacity: 0) +// +// lazy var writeIV: Data = { +// [unowned self] in +// CryptoHelper.getIV(self.algorithm) +// }() +// lazy var ivLength: Int = { +// [unowned self] in +// CryptoHelper.getIVLength(self.algorithm) +// }() +// lazy var encryptor: StreamCryptoProtocol = { +// [unowned self] in +// self.getCrypto(.encrypt) +// }() +// lazy var decryptor: StreamCryptoProtocol = { +// [unowned self] in +// self.getCrypto(.decrypt) +// }() +// +// init(key: Data, algorithm: CryptoAlgorithm) { +// self.key = key +// self.algorithm = algorithm +// } +// +// func encrypt(data: inout Data) { +// return encryptor.update(&data) +// } +// +// func decrypt(data: inout Data) { +// return decryptor.update(&data) +// } +// +// public func input(data: Data) throws { +// var data = data +// +// if readIV == nil { +// buffer.append(data: data) +// readIV = buffer.get(length: ivLength) +// guard readIV != nil else { +// try inputStreamProcessor!.input(data: Data()) +// return +// } +// +// data = buffer.get() ?? Data() +// buffer.release() +// } +// +// decrypt(data: &data) +// try inputStreamProcessor!.input(data: data) +// } +// +// public func output(data: Data) { +// var data = data +// encrypt(data: &data) +// if sendKey { +// return outputStreamProcessor!.output(data: data) +// } else { +// sendKey = true +// var out = Data(capacity: data.count + writeIV.count) +// out.append(writeIV) +// out.append(data) +// +// return outputStreamProcessor!.output(data: out) +// } +// } +// +// private func getCrypto(_ operation: CryptoOperation) -> StreamCryptoProtocol { +// switch algorithm { +// case .AES128CFB, .AES192CFB, .AES256CFB: +// switch operation { +// case .decrypt: +// return CCCrypto(operation: .decrypt, mode: .cfb, algorithm: .aes, initialVector: readIV, key: key) +// case .encrypt: +// return CCCrypto(operation: .encrypt, mode: .cfb, algorithm: .aes, initialVector: writeIV, key: key) +// } +// case .CHACHA20: +// switch operation { +// case .decrypt: +// return SodiumStreamCrypto(key: key, iv: readIV, algorithm: .chacha20) +// case .encrypt: +// return SodiumStreamCrypto(key: key, iv: writeIV, algorithm: .chacha20) +// } +// case .SALSA20: +// switch operation { +// case .decrypt: +// return SodiumStreamCrypto(key: key, iv: readIV, algorithm: .salsa20) +// case .encrypt: +// return SodiumStreamCrypto(key: key, iv: writeIV, algorithm: .salsa20) +// } +// case .RC4MD5: +// var combinedKey = Data(capacity: key.count + ivLength) +// combinedKey.append(key) +// switch operation { +// case .decrypt: +// combinedKey.append(readIV) +// return CCCrypto(operation: .decrypt, mode: .rc4, algorithm: .rc4, initialVector: nil, key: MD5Hash.final(combinedKey)) +// case .encrypt: +// combinedKey.append(writeIV) +// return CCCrypto(operation: .encrypt, mode: .rc4, algorithm: .rc4, initialVector: nil, key: MD5Hash.final(combinedKey)) +// } +// } +// } +// } +//} diff --git a/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Shadowsocks/ProtocolObfuscater.swift b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Shadowsocks/ProtocolObfuscater.swift new file mode 100755 index 0000000..cbee102 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Shadowsocks/ProtocolObfuscater.swift @@ -0,0 +1,371 @@ +//import Foundation +// +//extension ShadowsocksAdapter { +// public struct ProtocolObfuscater { +// public class Factory { +// public init() {} +// +// public func build() -> ProtocolObfuscaterBase { +// return ProtocolObfuscaterBase() +// } +// } +// +// public class ProtocolObfuscaterBase { +// public weak var inputStreamProcessor: CryptoStreamProcessor! +// public weak var outputStreamProcessor: ShadowsocksAdapter! +// +// public func start() {} +// public func input(data: Data) throws {} +// public func output(data: Data) {} +// +// public func didWrite() {} +// } +// +// public class OriginProtocolObfuscater: ProtocolObfuscaterBase { +// +// public class Factory: ProtocolObfuscater.Factory { +// public override init() {} +// +// public override func build() -> ShadowsocksAdapter.ProtocolObfuscater.ProtocolObfuscaterBase { +// return OriginProtocolObfuscater() +// } +// } +// +// public override func start() { +// outputStreamProcessor.becomeReadyToForward() +// } +// +// public override func input(data: Data) throws { +// try inputStreamProcessor.input(data: data) +// } +// +// public override func output(data: Data) { +// outputStreamProcessor.output(data: data) +// } +// } +// +// public class HTTPProtocolObfuscater: ProtocolObfuscaterBase { +// +// public class Factory: ProtocolObfuscater.Factory { +// let method: String +// let hosts: [String] +// let customHeader: String? +// +// public init(method: String = "GET", hosts: [String], customHeader: String?) { +// self.method = method +// self.hosts = hosts +// self.customHeader = customHeader +// } +// +// public override func build() -> ShadowsocksAdapter.ProtocolObfuscater.ProtocolObfuscaterBase { +// return HTTPProtocolObfuscater(method: method, hosts: hosts, customHeader: customHeader) +// } +// } +// +// static let headerLength = 30 +// static let userAgent = ["Mozilla/5.0 (Windows NT 6.3; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0", +// "Mozilla/5.0 (Windows NT 6.3; WOW64; rv:40.0) Gecko/20100101 Firefox/44.0", +// "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36", +// "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.11 (KHTML, like Gecko) Ubuntu/11.10 Chromium/27.0.1453.93 Chrome/27.0.1453.93 Safari/537.36", +// "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:35.0) Gecko/20100101 Firefox/35.0", +// "Mozilla/5.0 (compatible; WOW64; MSIE 10.0; Windows NT 6.2)", +// "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/533.20.25 (KHTML, like Gecko) Version/5.0.4 Safari/533.20.27", +// "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.3; Trident/7.0; .NET4.0E; .NET4.0C)", +// "Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko", +// "Mozilla/5.0 (Linux; Android 4.4; Nexus 5 Build/BuildID) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/30.0.0.0 Mobile Safari/537.36", +// "Mozilla/5.0 (iPad; CPU OS 5_0 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9A334 Safari/7534.48.3", +// "Mozilla/5.0 (iPhone; CPU iPhone OS 5_0 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9A334 Safari/7534.48.3"] +// +// let method: String +// let hosts: [String] +// let customHeader: String? +// +// var readingFakeHeader = false +// var sendHeader = false +// var remaining = false +// +// var buffer = Buffer(capacity: 8192) +// +// public init(method: String = "GET", hosts: [String], customHeader: String?) { +// self.method = method +// self.hosts = hosts +// self.customHeader = customHeader +// } +// +// private func generateHeader(encapsulating data: Data) -> String { +// let ind = Int(arc4random_uniform(UInt32(hosts.count))) +// let host = outputStreamProcessor.port == 80 ? hosts[ind] : "\(hosts[ind]):\(outputStreamProcessor.port)" +// var header = "\(method) /\(hexlify(data: data)) HTTP/1.1\r\nHost: \(host)\r\n" +// if let customHeader = customHeader { +// header += customHeader +// } else { +// let ind = Int(arc4random_uniform(UInt32(HTTPProtocolObfuscater.userAgent.count))) +// header += "User-Agent: \(HTTPProtocolObfuscater.userAgent[ind])\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.8\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive" +// } +// header += "\r\n\r\n" +// return header +// } +// +// private func hexlify(data: Data) -> String { +// var result = "" +// for i in data { +// result = result.appendingFormat("%%%02x", i) +// } +// return result +// } +// +// public override func start() { +// readingFakeHeader = true +// outputStreamProcessor.becomeReadyToForward() +// } +// +// public override func input(data: Data) throws { +// if readingFakeHeader { +// buffer.append(data: data) +// if buffer.get(to: Utils.HTTPData.DoubleCRLF) != nil { +// readingFakeHeader = false +// if let remainData = buffer.get() { +// try inputStreamProcessor.input(data: remainData) +// return +// } +// } +// try inputStreamProcessor.input(data: Data()) +// return +// } +// +// try inputStreamProcessor.input(data: data) +// } +// +// public override func output(data: Data) { +// if sendHeader { +// outputStreamProcessor.output(data: data) +// } else { +// var fakeRequestDataLength = inputStreamProcessor.key.count + HTTPProtocolObfuscater.headerLength +// if data.count - fakeRequestDataLength > 64 { +// fakeRequestDataLength += Int(arc4random_uniform(64)) +// } else { +// fakeRequestDataLength = data.count +// } +// +// var outputData = generateHeader(encapsulating: data.subdata(in: 0 ..< fakeRequestDataLength)).data(using: .utf8)! +// outputData.append(data.subdata(in: fakeRequestDataLength ..< data.count)) +// sendHeader = true +// outputStreamProcessor.output(data: outputData) +// } +// } +// } +// +// public class TLSProtocolObfuscater: ProtocolObfuscaterBase { +// +// public class Factory: ProtocolObfuscater.Factory { +// let hosts: [String] +// +// public init(hosts: [String]) { +// self.hosts = hosts +// } +// +// public override func build() -> ShadowsocksAdapter.ProtocolObfuscater.ProtocolObfuscaterBase { +// return TLSProtocolObfuscater(hosts: hosts) +// } +// } +// +// let hosts: [String] +// let clientID: Data = { +// var id = Data(count: 32) +// Utils.Random.fill(data: &id) +// return id +// }() +// +// private var status = 0 +// +// private var buffer = Buffer(capacity: 1024) +// +// init(hosts: [String]) { +// self.hosts = hosts +// } +// +// public override func start() { +// handleStatus0() +// outputStreamProcessor.socket.readDataTo(length: 129) +// } +// +// public override func input(data: Data) throws { +// switch status { +// case 8: +// try handleInput(data: data) +// case 1: +// outputStreamProcessor.becomeReadyToForward() +// default: +// break +// } +// } +// +// public override func output(data: Data) { +// switch status { +// case 8: +// handleStatus8(data: data) +// return +// case 1: +// handleStatus1(data: data) +// return +// default: +// break +// } +// } +// +// private func authData() -> Data { +// var time = UInt32(Date.init().timeIntervalSince1970).bigEndian +// var output = Data(count: 32) +// var key = inputStreamProcessor.key +// key.append(clientID) +// +// withUnsafeBytes(of: &time) { +// output.replaceSubrange(0 ..< 4, with: $0) +// } +// +// Utils.Random.fill(data: &output, from: 4, length: 18) +// output.withUnsafeBytes { +// output.replaceSubrange(22 ..< 32, with: HMAC.final(value: $0.baseAddress!, length: 22, algorithm: .SHA1, key: key).subdata(in: 0..<10)) +// } +// return output +// } +// +// private func pack(data: Data) -> Data { +// var output = Data() +// var left = data.count +// while left > 0 { +// let blockSize = UInt16(min(Int(arc4random_uniform(UInt32(UInt16.max))) % 4096 + 100, left)) +// var blockSizeBE = blockSize.bigEndian +// output.append(contentsOf: [0x17, 0x03, 0x03]) +// withUnsafeBytes(of: &blockSizeBE) { +// output.append($0.baseAddress!.assumingMemoryBound(to: UInt8.self), count: $0.count) +// } +// output.append(data.subdata(in: data.count - left ..< data.count - left + Int(blockSize))) +// left -= Int(blockSize) +// } +// return output +// } +// +// private func handleStatus8(data: Data) { +// outputStreamProcessor.output(data: pack(data: data)) +// } +// +// private func handleStatus0() { +// status = 1 +// +// var outData = Data() +// outData.append(contentsOf: [0x03, 0x03]) +// outData.append(authData()) +// outData.append(0x20) +// outData.append(clientID) +// outData.append(contentsOf: [0x00, 0x1c, 0xc0, 0x2b, 0xc0, 0x2f, 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0x14, 0xcc, 0x13, 0xc0, 0x0a, 0xc0, 0x14, 0xc0, 0x09, 0xc0, 0x13, 0x00, 0x9c, 0x00, 0x35, 0x00, 0x2f, 0x00, 0x0a]) +// outData.append("0100".data(using: .utf8)!) +// +// var extData = Data() +// extData.append(contentsOf: [0xff, 0x01, 0x00, 0x01, 0x00]) +// let hostData = hosts[Int(arc4random_uniform(UInt32(hosts.count)))].data(using: .utf8)! +// +// var sniData = Data(capacity: hosts.count + 2 + 1 + 2 + 2 + 2) +// +// sniData.append(contentsOf: [0x00, 0x00]) +// +// var _lenBE = UInt16(hostData.count + 5).bigEndian +// withUnsafeBytes(of: &_lenBE) { +// sniData.append($0.baseAddress!.assumingMemoryBound(to: UInt8.self), count: $0.count) +// } +// +// _lenBE = UInt16(hostData.count + 3).bigEndian +// withUnsafeBytes(of: &_lenBE) { +// sniData.append($0.baseAddress!.assumingMemoryBound(to: UInt8.self), count: $0.count) +// } +// +// sniData.append(0x00) +// +// _lenBE = UInt16(hostData.count).bigEndian +// withUnsafeBytes(of: &_lenBE) { +// sniData.append($0.baseAddress!.assumingMemoryBound(to: UInt8.self), count: $0.count) +// } +// +// sniData.append(hostData) +// +// extData.append(sniData) +// +// extData.append(contentsOf: [0x00, 0x17, 0x00, 0x00, 0x00, 0x23, 0x00, 0xd0]) +// +// var randomData = Data(count: 208) +// Utils.Random.fill(data: &randomData) +// extData.append(randomData) +// +// extData.append(contentsOf: [0x00, 0x0d, 0x00, 0x16, 0x00, 0x14, 0x06, 0x01, 0x06, 0x03, 0x05, 0x01, 0x05, 0x03, 0x04, 0x01, 0x04, 0x03, 0x03, 0x01, 0x03, 0x03, 0x02, 0x01, 0x02, 0x03]) +// extData.append(contentsOf: [0x00, 0x05, 0x00, 0x05, 0x01, 0x00, 0x00, 0x00, 0x00]) +// extData.append(contentsOf: [0x00, 0x12, 0x00, 0x00]) +// extData.append(contentsOf: [0x75, 0x50, 0x00, 0x00]) +// extData.append(contentsOf: [0x00, 0x0b, 0x00, 0x02, 0x01, 0x00]) +// extData.append(contentsOf: [0x00, 0x0a, 0x00, 0x06, 0x00, 0x04, 0x00, 0x17, 0x00, 0x18]) +// +// _lenBE = UInt16(extData.count).bigEndian +// withUnsafeBytes(of: &_lenBE) { +// outData.append($0.baseAddress!.assumingMemoryBound(to: UInt8.self), count: $0.count) +// } +// outData.append(extData) +// +// var outputData = Data(capacity: outData.count + 9) +// outputData.append(contentsOf: [0x16, 0x03, 0x01]) +// _lenBE = UInt16(outData.count + 4).bigEndian +// withUnsafeBytes(of: &_lenBE) { +// outputData.append($0.baseAddress!.assumingMemoryBound(to: UInt8.self), count: $0.count) +// } +// outputData.append(contentsOf: [0x01, 0x00]) +// _lenBE = UInt16(outData.count).bigEndian +// withUnsafeBytes(of: &_lenBE) { +// outputData.append($0.baseAddress!.assumingMemoryBound(to: UInt8.self), count: $0.count) +// } +// outputData.append(outData) +// outputStreamProcessor.output(data: outputData) +// } +// +// private func handleStatus1(data: Data) { +// status = 8 +// +// var outputData = Data() +// outputData.append(contentsOf: [0x14, 0x03, 0x03, 0x00, 0x01, 0x01, 0x16, 0x03, 0x03, 0x00, 0x20]) +// var random = Data(count: 22) +// Utils.Random.fill(data: &random) +// outputData.append(random) +// +// var key = inputStreamProcessor.key +// key.append(clientID) +// outputData.withUnsafeBytes { +// outputData.append(HMAC.final(value: $0.baseAddress!, length: outputData.count, algorithm: .SHA1, key: key).subdata(in: 0..<10)) +// } +// +// outputData.append(pack(data: data)) +// +// outputStreamProcessor.output(data: outputData) +// } +// +// private func handleInput(data: Data) throws { +// buffer.append(data: data) +// var unpackedData = Data() +// while buffer.left > 5 { +// buffer.skip(3) +// var length: Int = 0 +// buffer.withUnsafeBytes { (ptr: UnsafePointer) in +// length = Int(ptr.pointee.byteSwapped) +// } +// buffer.skip(2) +// if buffer.left >= length { +// unpackedData.append(buffer.get(length: length)!) +// continue +// } else { +// buffer.setBack(length: 5) +// break +// } +// } +// buffer.squeeze() +// try inputStreamProcessor.input(data: unpackedData) +// } +// } +// +// } +//} diff --git a/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Shadowsocks/ShadowsocksAdapter.swift b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Shadowsocks/ShadowsocksAdapter.swift new file mode 100755 index 0000000..19289e2 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Shadowsocks/ShadowsocksAdapter.swift @@ -0,0 +1,112 @@ +//import Foundation +//import CommonCrypto +// +///// This adapter connects to remote through Shadowsocks proxy. +//public class ShadowsocksAdapter: AdapterSocket { +// enum ShadowsocksAdapterStatus { +// case invalid, +// connecting, +// connected, +// forwarding, +// stopped +// } +// +// enum EncryptMethod: String { +// case AES128CFB = "AES-128-CFB", AES192CFB = "AES-192-CFB", AES256CFB = "AES-256-CFB" +// +// static let allValues: [EncryptMethod] = [.AES128CFB, .AES192CFB, .AES256CFB] +// } +// +// public let host: String +// public let port: Int +// +// var internalStatus: ShadowsocksAdapterStatus = .invalid +// +// private let protocolObfuscater: ProtocolObfuscater.ProtocolObfuscaterBase +// private let cryptor: CryptoStreamProcessor +// private let streamObfuscator: StreamObfuscater.StreamObfuscaterBase +// +// public init(host: String, port: Int, protocolObfuscater: ProtocolObfuscater.ProtocolObfuscaterBase, cryptor: CryptoStreamProcessor, streamObfuscator: StreamObfuscater.StreamObfuscaterBase) { +// self.host = host +// self.port = port +// self.protocolObfuscater = protocolObfuscater +// self.cryptor = cryptor +// self.streamObfuscator = streamObfuscator +// +// super.init() +// +// protocolObfuscater.inputStreamProcessor = cryptor +// protocolObfuscater.outputStreamProcessor = self +// +// cryptor.inputStreamProcessor = streamObfuscator +// cryptor.outputStreamProcessor = protocolObfuscater +// +// streamObfuscator.inputStreamProcessor = self +// streamObfuscator.outputStreamProcessor = cryptor +// } +// +// override public func openSocketWith(session: ConnectSession) { +// super.openSocketWith(session: session) +// +// do { +// internalStatus = .connecting +// try socket.connectTo(host: host, port: port, enableTLS: false, tlsSettings: nil) +// } catch let error { +// observer?.signal(.errorOccured(error, on: self)) +// disconnect() +// } +// } +// +// override public func didConnectWith(socket: RawTCPSocketProtocol) { +// super.didConnectWith(socket: socket) +// +// internalStatus = .connected +// +// protocolObfuscater.start() +// } +// +// override public func didRead(data: Data, from socket: RawTCPSocketProtocol) { +// super.didRead(data: data, from: socket) +// +// do { +// try protocolObfuscater.input(data: data) +// } catch { +// disconnect() +// } +// } +// +// public override func write(data: Data) { +// streamObfuscator.output(data: data) +// } +// +// public func write(rawData: Data) { +// super.write(data: rawData) +// } +// +// public func input(data: Data) { +// delegate?.didRead(data: data, from: self) +// } +// +// public func output(data: Data) { +// write(rawData: data) +// } +// +// override public func didWrite(data: Data?, by socket: RawTCPSocketProtocol) { +// super.didWrite(data: data, by: socket) +// +// protocolObfuscater.didWrite() +// +// switch internalStatus { +// case .forwarding: +// delegate?.didWrite(data: data, by: self) +// default: +// return +// } +// } +// +// func becomeReadyToForward() { +// internalStatus = .forwarding +// observer?.signal(.readyForForward(self)) +// delegate?.didBecomeReadyToForwardWith(socket: self) +// } +//} diff --git a/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Shadowsocks/StreamObfuscater.swift b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Shadowsocks/StreamObfuscater.swift new file mode 100755 index 0000000..2ebb8e4 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Socket/AdapterSocket/Shadowsocks/StreamObfuscater.swift @@ -0,0 +1,167 @@ +//import Foundation +// +//extension ShadowsocksAdapter { +// public struct StreamObfuscater { +// public class Factory { +// public init() {} +// +// public func build(for session: ConnectSession) -> StreamObfuscaterBase { +// return StreamObfuscaterBase(for: session) +// } +// } +// +// public class StreamObfuscaterBase { +// public weak var inputStreamProcessor: ShadowsocksAdapter! +// private weak var _outputStreamProcessor: CryptoStreamProcessor! +// public var outputStreamProcessor: CryptoStreamProcessor! { +// get { +// return _outputStreamProcessor +// } +// set { +// _outputStreamProcessor = newValue +// key = _outputStreamProcessor?.key +// writeIV = _outputStreamProcessor?.writeIV +// } +// } +// +// public var key: Data? +// public var writeIV: Data? +// +// let session: ConnectSession +// +// init(for session: ConnectSession) { +// self.session = session +// } +// +// func output(data: Data) {} +// func input(data: Data) throws {} +// } +// +// public class OriginStreamObfuscater: StreamObfuscaterBase { +// public class Factory: StreamObfuscater.Factory { +// public override init() {} +// +// public override func build(for session: ConnectSession) -> ShadowsocksAdapter.StreamObfuscater.StreamObfuscaterBase { +// return OriginStreamObfuscater(for: session) +// } +// } +// +// private var requestSend = false +// +// private func requestData(withData data: Data) -> Data { +// let hostLength = session.host.utf8.count +// let length = 1 + 1 + hostLength + 2 + data.count +// var response = Data(count: length) +// response[0] = 3 +// response[1] = UInt8(hostLength) +// response.replaceSubrange(2..<2+hostLength, with: session.host.utf8) +// var beport = UInt16(session.port).bigEndian +// withUnsafeBytes(of: &beport) { +// response.replaceSubrange(2+hostLength..<4+hostLength, with: $0) +// } +// response.replaceSubrange(4+hostLength.. ShadowsocksAdapter.StreamObfuscater.StreamObfuscaterBase { +// return OTAStreamObfuscater(for: session) +// } +// } +// +// private var count: UInt32 = 0 +// +// private let DATA_BLOCK_SIZE = 0xFFFF - 12 +// +// private var requestSend = false +// +// private func requestData() -> Data { +// var response: [UInt8] = [0x13] +// response.append(UInt8(session.host.utf8.count)) +// response += [UInt8](session.host.utf8) +// response += [UInt8](Utils.toByteArray(UInt16(session.port)).reversed()) +// var responseData = Data(bytes: UnsafePointer(response), count: response.count) +// var keyiv = Data(count: key!.count + writeIV!.count) +// +// keyiv.replaceSubrange(0.. fullBlockCount * DATA_BLOCK_SIZE { +// outputSize += data.count - fullBlockCount * DATA_BLOCK_SIZE + 10 + 2 +// } +// +// let _requestData: Data = requestData() +// if !requestSend { +// outputSize += _requestData.count +// } +// +// var outputData = Data(count: outputSize) +// var outputOffset = 0 +// var dataOffset = 0 +// +// if !requestSend { +// requestSend = true +// outputData.replaceSubrange(0..<_requestData.count, with: _requestData) +// outputOffset += _requestData.count +// } +// +// while outputOffset != outputSize { +// let blockLength = min(data.count - dataOffset, DATA_BLOCK_SIZE) +// var len = UInt16(blockLength).bigEndian +// withUnsafeBytes(of: &len) { +// outputData.replaceSubrange(outputOffset.. 0 { + socket.readDataTo(length: length) + } else { + socket.readData() + } + case .readHeader: + readStatus = .readingHeader + socket.readDataTo(data: Utils.HTTPData.DoubleCRLF) + case .stop: + readStatus = .stopped + disconnect() + } + + } + + // swiftlint:disable function_body_length + // swiftlint:disable cyclomatic_complexity + /** + The socket did read some data. + + - parameter data: The data read from the socket. + - parameter from: The socket where the data is read from. + */ + override public func didRead(data: Data, from: RawTCPSocketProtocol) { + super.didRead(data: data, from: from) + + let result: HTTPStreamScanner.Result + do { + result = try scanner.input(data) + } catch let error { + disconnect(becauseOf: error) + return + } + + switch (readStatus, result) { + case (.readingFirstHeader, .header(let header)): + currentHeader = header + currentHeader.removeProxyHeader() + currentHeader.rewriteToRelativePath() + + destinationHost = currentHeader.host + destinationPort = currentHeader.port + isConnectCommand = currentHeader.isConnect + + if !isConnectCommand { + readStatus = .pendingFirstHeader + } else { + readStatus = .readingContent + } + + session = ConnectSession(host: destinationHost!, port: destinationPort!) + observer?.signal(.receivedRequest(session!, on: self)) + delegate?.didReceive(session: session!, from: self) + case (.readingHeader, .header(let header)): + currentHeader = header + currentHeader.removeProxyHeader() + currentHeader.rewriteToRelativePath() + + delegate?.didRead(data: currentHeader.toData(), from: self) + case (.readingContent, .content(let content)): + delegate?.didRead(data: content, from: self) + default: + return + } + } + + /** + The socket did send some data. + + - parameter data: The data which have been sent to remote (acknowledged). Note this may not be available since the data may be released to save memory. + - parameter by: The socket where the data is sent out. + */ + override public func didWrite(data: Data?, by: RawTCPSocketProtocol) { + super.didWrite(data: data, by: by) + + switch writeStatus { + case .sendingConnectResponse: + writeStatus = .forwarding + observer?.signal(.readyForForward(self)) + delegate?.didBecomeReadyToForwardWith(socket: self) + default: + delegate?.didWrite(data: data, by: self) + } + } + + /** + Response to the `AdapterSocket` on the other side of the `Tunnel` which has succefully connected to the remote server. + + - parameter adapter: The `AdapterSocket`. + */ + public override func respondTo(adapter: AdapterSocket) { + super.respondTo(adapter: adapter) + + guard !isCancelled else { + return + } + + if isConnectCommand { + writeStatus = .sendingConnectResponse + write(data: Utils.HTTPData.ConnectSuccessResponse) + } else { + writeStatus = .forwarding + observer?.signal(.readyForForward(self)) + delegate?.didBecomeReadyToForwardWith(socket: self) + } + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Socket/ProxySocket/ProxySocket.swift b/GlassVPN/zhuhaow-NEKit/Socket/ProxySocket/ProxySocket.swift new file mode 100755 index 0000000..7f845ab --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Socket/ProxySocket/ProxySocket.swift @@ -0,0 +1,178 @@ +import Foundation + +/// The socket which encapsulates the logic to handle connection to proxies. +open class ProxySocket: NSObject, SocketProtocol, RawTCPSocketDelegate { + /// Received `ConnectSession`. + public var session: ConnectSession? + + public var observer: Observer? + + private var _cancelled = false + var isCancelled: Bool { + return _cancelled + } + + open override var description: String { + if let session = session { + return "<\(typeName) host:\(session.host) port: \(session.port))>" + } else { + return "<\(typeName)>" + } + } + + /** + Init a `ProxySocket` with a raw TCP socket. + + - parameter socket: The raw TCP socket. + */ + public init(socket: RawTCPSocketProtocol, observe: Bool = true) { + self.socket = socket + + super.init() + + self.socket.delegate = self + + if observe { + observer = ObserverFactory.currentFactory?.getObserverForProxySocket(self) + } + } + + /** + Begin reading and processing data from the socket. + */ + open func openSocket() { + guard !isCancelled else { + return + } + + observer?.signal(.socketOpened(self)) + } + + /** + Response to the `AdapterSocket` on the other side of the `Tunnel` which has succefully connected to the remote server. + + - parameter adapter: The `AdapterSocket`. + */ + open func respondTo(adapter: AdapterSocket) { + guard !isCancelled else { + return + } + + observer?.signal(.askedToResponseTo(adapter, on: self)) + } + + /** + Read data from the socket. + - warning: This should only be called after the last read is finished, i.e., `delegate?.didReadData()` is called. + */ + open func readData() { + guard !isCancelled else { + return + } + + socket.readData() + } + + /** + Send data to remote. + + - parameter data: Data to send. + - warning: This should only be called after the last write is finished, i.e., `delegate?.didWriteData()` is called. + */ + open func write(data: Data) { + guard !isCancelled else { + return + } + + socket.write(data: data) + } + + /** + Disconnect the socket elegantly. + */ + open func disconnect(becauseOf error: Error? = nil) { + guard !isCancelled else { + return + } + + _status = .disconnecting + _cancelled = true + session?.disconnected(becauseOf: error, by: .proxy) + socket.disconnect() + observer?.signal(.disconnectCalled(self)) + } + + /** + Disconnect the socket immediately. + */ + open func forceDisconnect(becauseOf error: Error? = nil) { + guard !isCancelled else { + return + } + + _status = .disconnecting + _cancelled = true + session?.disconnected(becauseOf: error, by: .proxy) + socket.forceDisconnect() + observer?.signal(.forceDisconnectCalled(self)) + } + + // MARK: SocketProtocol Implementation + + /// The underlying TCP socket transmitting data. + public var socket: RawTCPSocketProtocol! + + /// The delegate instance. + weak public var delegate: SocketDelegate? + + var _status: SocketStatus = .established + /// The current connection status of the socket. + public var status: SocketStatus { + return _status + } + + // MARK: RawTCPSocketDelegate Protocol Implementation + /** + The socket did disconnect. + + - parameter socket: The socket which did disconnect. + */ + open func didDisconnectWith(socket: RawTCPSocketProtocol) { + _status = .closed + observer?.signal(.disconnected(self)) + delegate?.didDisconnectWith(socket: self) + } + + /** + The socket did read some data. + + - parameter data: The data read from the socket. + - parameter withTag: The tag given when calling the `readData` method. + - parameter from: The socket where the data is read from. + */ + open func didRead(data: Data, from: RawTCPSocketProtocol) { + observer?.signal(.readData(data, on: self)) + } + + /** + The socket did send some data. + + - parameter data: The data which have been sent to remote (acknowledged). Note this may not be available since the data may be released to save memory. + - parameter from: The socket where the data is sent out. + */ + open func didWrite(data: Data?, by: RawTCPSocketProtocol) { + observer?.signal(.wroteData(data, on: self)) + } + + /** + The socket did connect to remote. + + - note: This never happens for `ProxySocket`. + + - parameter socket: The connected socket. + */ + open func didConnectWith(socket: RawTCPSocketProtocol) { + + } + +} diff --git a/GlassVPN/zhuhaow-NEKit/Socket/ProxySocket/SOCKS5ProxySocket.swift b/GlassVPN/zhuhaow-NEKit/Socket/ProxySocket/SOCKS5ProxySocket.swift new file mode 100755 index 0000000..bb9677e --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Socket/ProxySocket/SOCKS5ProxySocket.swift @@ -0,0 +1,244 @@ +import Foundation + +public class SOCKS5ProxySocket: ProxySocket { + enum SOCKS5ProxyReadStatus: CustomStringConvertible { + case invalid, + readingVersionIdentifierAndNumberOfMethods, + readingMethods, + readingConnectHeader, + readingIPv4Address, + readingDomainLength, + readingDomain, + readingIPv6Address, + readingPort, + forwarding, + stopped + + var description: String { + switch self { + case .invalid: + return "invalid" + case .readingVersionIdentifierAndNumberOfMethods: + return "reading version and methods" + case .readingMethods: + return "reading methods" + case .readingConnectHeader: + return "reading connect header" + case .readingIPv4Address: + return "IPv4 address" + case .readingDomainLength: + return "domain length" + case .readingDomain: + return "domain" + case .readingIPv6Address: + return "IPv6 address" + case .readingPort: + return "reading port" + case .forwarding: + return "forwarding" + case .stopped: + return "stopped" + } + } + } + + enum SOCKS5ProxyWriteStatus: CustomStringConvertible { + case invalid, + sendingResponse, + forwarding, + stopped + + var description: String { + switch self { + case .invalid: + return "invalid" + case .sendingResponse: + return "sending response" + case .forwarding: + return "forwarding" + case .stopped: + return "stopped" + } + } + } + /// The remote host to connect to. + public var destinationHost: String! + + /// The remote port to connect to. + public var destinationPort: Int! + + private var readStatus: SOCKS5ProxyReadStatus = .invalid + private var writeStatus: SOCKS5ProxyWriteStatus = .invalid + + public var readStatusDescription: String { + return readStatus.description + } + + public var writeStatusDescription: String { + return writeStatus.description + } + + /** + Begin reading and processing data from the socket. + */ + override public func openSocket() { + super.openSocket() + + guard !isCancelled else { + return + } + + readStatus = .readingVersionIdentifierAndNumberOfMethods + socket.readDataTo(length: 2) + } + + // swiftlint:disable function_body_length + // swiftlint:disable cyclomatic_complexity + /** + The socket did read some data. + + - parameter data: The data read from the socket. + - parameter from: The socket where the data is read from. + */ + override public func didRead(data: Data, from: RawTCPSocketProtocol) { + super.didRead(data: data, from: from) + + switch readStatus { + case .forwarding: + delegate?.didRead(data: data, from: self) + case .readingVersionIdentifierAndNumberOfMethods: + data.withUnsafeBytes { pointer in + let p = pointer.bindMemory(to: Int8.self) + + guard p.baseAddress!.pointee == 5 else { + // TODO: notify observer + self.disconnect() + return + } + + guard p.baseAddress!.successor().pointee > 0 else { + // TODO: notify observer + self.disconnect() + return + } + + self.readStatus = .readingMethods + self.socket.readDataTo(length: Int(p.baseAddress!.successor().pointee)) + } + case .readingMethods: + // TODO: check for 0x00 in read data + + let response = Data([0x05, 0x00]) + // we would not be able to read anything before the data is written out, so no need to handle the dataWrote event. + write(data: response) + readStatus = .readingConnectHeader + socket.readDataTo(length: 4) + case .readingConnectHeader: + data.withUnsafeBytes { pointer in + let p = pointer.bindMemory(to: Int8.self) + + guard p.baseAddress!.pointee == 5 && p.baseAddress!.successor().pointee == 1 else { + // TODO: notify observer + self.disconnect() + return + } + switch p.baseAddress!.advanced(by: 3).pointee { + case 1: + readStatus = .readingIPv4Address + socket.readDataTo(length: 4) + case 3: + readStatus = .readingDomainLength + socket.readDataTo(length: 1) + case 4: + readStatus = .readingIPv6Address + socket.readDataTo(length: 16) + default: + break + } + } + case .readingIPv4Address: + var address = Data(count: Int(INET_ADDRSTRLEN)) + _ = data.withUnsafeBytes { data_ptr in + address.withUnsafeMutableBytes { addr_ptr in + inet_ntop(AF_INET, data_ptr.baseAddress!, addr_ptr.bindMemory(to: Int8.self).baseAddress!, socklen_t(INET_ADDRSTRLEN)) + } + } + + destinationHost = String(data: address, encoding: .utf8) + + readStatus = .readingPort + socket.readDataTo(length: 2) + case .readingIPv6Address: + var address = Data(count: Int(INET6_ADDRSTRLEN)) + _ = data.withUnsafeBytes { data_ptr in + address.withUnsafeMutableBytes { addr_ptr in + inet_ntop(AF_INET6, data_ptr.baseAddress!, addr_ptr.bindMemory(to: Int8.self).baseAddress!, socklen_t(INET6_ADDRSTRLEN)) + } + } + + destinationHost = String(data: address, encoding: .utf8) + + readStatus = .readingPort + socket.readDataTo(length: 2) + case .readingDomainLength: + readStatus = .readingDomain + socket.readDataTo(length: Int(data.first!)) + case .readingDomain: + destinationHost = String(data: data, encoding: .utf8) + readStatus = .readingPort + socket.readDataTo(length: 2) + case .readingPort: + data.withUnsafeBytes { + destinationPort = Int($0.load(as: UInt16.self).bigEndian) + } + + readStatus = .forwarding + session = ConnectSession(host: destinationHost, port: destinationPort) + observer?.signal(.receivedRequest(session!, on: self)) + delegate?.didReceive(session: session!, from: self) + default: + return + } + } + + /** + The socket did send some data. + + - parameter data: The data which have been sent to remote (acknowledged). Note this may not be available since the data may be released to save memory. + - parameter from: The socket where the data is sent out. + */ + override public func didWrite(data: Data?, by: RawTCPSocketProtocol) { + super.didWrite(data: data, by: by) + + switch writeStatus { + case .forwarding: + delegate?.didWrite(data: data, by: self) + case .sendingResponse: + writeStatus = .forwarding + observer?.signal(.readyForForward(self)) + delegate?.didBecomeReadyToForwardWith(socket: self) + default: + return + } + } + + /** + Response to the `AdapterSocket` on the other side of the `Tunnel` which has succefully connected to the remote server. + + - parameter adapter: The `AdapterSocket`. + */ + override public func respondTo(adapter: AdapterSocket) { + super.respondTo(adapter: adapter) + + guard !isCancelled else { + return + } + + var responseBytes = [UInt8](repeating: 0, count: 10) + responseBytes[0...3] = [0x05, 0x00, 0x00, 0x01] + let responseData = Data(responseBytes) + + writeStatus = .sendingResponse + write(data: responseData) + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Socket/SocketProtocol.swift b/GlassVPN/zhuhaow-NEKit/Socket/SocketProtocol.swift new file mode 100755 index 0000000..e376f45 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Socket/SocketProtocol.swift @@ -0,0 +1,155 @@ +import Foundation + +/** + The current connection status of the socket. + + - Invalid: The socket is just created but never connects. + - Connecting: The socket is connecting. + - Established: The connection is established. + - Disconnecting: The socket is disconnecting. + - Closed: The socket is closed. + */ +public enum SocketStatus { + /// The socket is just created but never connects. + case invalid, + + /// The socket is connecting. + connecting, + + /// The connection is established. + established, + + /// The socket is disconnecting. + disconnecting, + + /// The socket is closed. + closed +} + +/// Protocol for socket with various functions. +/// +/// Any concrete implementation does not need to be thread-safe. +public protocol SocketProtocol: class { + /// The underlying TCP socket transmitting data. + var socket: RawTCPSocketProtocol! { get } + + /// The delegate instance. + var delegate: SocketDelegate? { get set } + + /// The current connection status of the socket. + var status: SocketStatus { get } + +// /// The description of the currect status. +// var statusDescription: String { get } + + /// If the socket is disconnected. + var isDisconnected: Bool { get } + + /// The type of the socket. + var typeName: String { get } + + var readStatusDescription: String { get } + + var writeStatusDescription: String { get } + + /** + Read data from the socket. + + - warning: This should only be called after the last read is finished, i.e., `delegate?.didReadData()` is called. + */ + func readData() + + /** + Send data to remote. + + - parameter data: Data to send. + - warning: This should only be called after the last write is finished, i.e., `delegate?.didWriteData()` is called. + */ + func write(data: Data) + + /** + Disconnect the socket elegantly. + */ + func disconnect(becauseOf error: Error?) + + /** + Disconnect the socket immediately. + */ + func forceDisconnect(becauseOf error: Error?) +} + +extension SocketProtocol { + /// If the socket is disconnected. + public var isDisconnected: Bool { + return status == .closed || status == .invalid + } + + public var typeName: String { + return String(describing: type(of: self)) + } + + public var readStatusDescription: String { + return "\(status)" + } + + public var writeStatusDescription: String { + return "\(status)" + } +} + +/// The delegate protocol to handle the events from a socket. +public protocol SocketDelegate : class { + /** + The socket did connect to remote. + + - parameter adapterSocket: The connected socket. + */ + func didConnectWith(adapterSocket: AdapterSocket) + + /** + The socket did disconnect. + + This should only be called once in the entire lifetime of a socket. After this is called, the delegate will not receive any other events from that socket and the socket should be released. + + - parameter socket: The socket which did disconnect. + */ + func didDisconnectWith(socket: SocketProtocol) + + /** + The socket did read some data. + + - parameter data: The data read from the socket. + - parameter from: The socket where the data is read from. + */ + func didRead(data: Data, from: SocketProtocol) + + /** + The socket did send some data. + + - parameter data: The data which have been sent to remote (acknowledged). Note this may not be available since the data may be released to save memory. + - parameter by: The socket where the data is sent out. + */ + func didWrite(data: Data?, by: SocketProtocol) + + /** + The socket is ready to forward data back and forth. + + - parameter socket: The socket which becomes ready to forward data. + */ + func didBecomeReadyToForwardWith(socket: SocketProtocol) + + /** + Did receive a `ConnectSession` from local now it is time to connect to remote. + + - parameter session: The received `ConnectSession`. + - parameter from: The socket where the `ConnectSession` is received. + */ + func didReceive(session: ConnectSession, from: ProxySocket) + + /** + The adapter socket decided to replace itself with a new `AdapterSocket` to connect to remote. + + - parameter newAdapter: The new `AdapterSocket` to replace the old one. + */ + func updateAdapterWith(newAdapter: AdapterSocket) +} diff --git a/GlassVPN/zhuhaow-NEKit/Tunnel/QueueFactory.swift b/GlassVPN/zhuhaow-NEKit/Tunnel/QueueFactory.swift new file mode 100755 index 0000000..5095b48 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Tunnel/QueueFactory.swift @@ -0,0 +1,29 @@ +import Foundation + +class QueueFactory { + private static let queueKey = DispatchSpecificKey() + + static let queue: DispatchQueue = { + let q = DispatchQueue(label: "NEKit.ProcessingQueue") + q.setSpecific(key: QueueFactory.queueKey, value: "NEKit.ProcessingQueue") + return q + }() + + static func getQueue() -> DispatchQueue { + return QueueFactory.queue + } + + static func onQueue() -> Bool { + return DispatchQueue.getSpecific(key: QueueFactory.queueKey) == "NEKit.ProcessingQueue" + } + + static func executeOnQueueSynchronizedly(block: () throws -> T ) rethrows -> T { + if onQueue() { + return try block() + } else { + return try getQueue().sync { + return try block() + } + } + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Tunnel/Tunnel.swift b/GlassVPN/zhuhaow-NEKit/Tunnel/Tunnel.swift new file mode 100755 index 0000000..317b004 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Tunnel/Tunnel.swift @@ -0,0 +1,274 @@ +import Foundation + +protocol TunnelDelegate : class { + func tunnelDidClose(_ tunnel: Tunnel) +} + +/// The tunnel forwards data between local and remote. +public class Tunnel: NSObject, SocketDelegate { + + /// The status of `Tunnel`. + public enum TunnelStatus: CustomStringConvertible { + + case invalid, readingRequest, waitingToBeReady, forwarding, closing, closed + + public var description: String { + switch self { + case .invalid: + return "invalid" + case .readingRequest: + return "reading request" + case .waitingToBeReady: + return "waiting to be ready" + case .forwarding: + return "forwarding" + case .closing: + return "closing" + case .closed: + return "closed" + } + } + } + + /// The proxy socket. + var proxySocket: ProxySocket + + /// The adapter socket connecting to remote. + var adapterSocket: AdapterSocket? + + /// The delegate instance. + weak var delegate: TunnelDelegate? + + var observer: Observer? + + /// Indicating how many socket is ready to forward data. + private var readySignal = 0 + + /// If the tunnel is closed, i.e., proxy socket and adapter socket are both disconnected. + var isClosed: Bool { + return proxySocket.isDisconnected && (adapterSocket?.isDisconnected ?? true) + } + + fileprivate var _cancelled: Bool = false + fileprivate var _stopForwarding = false + public var isCancelled: Bool { + return _cancelled + } + + fileprivate var _status: TunnelStatus = .invalid + public var status: TunnelStatus { + return _status + } + + public var statusDescription: String { + return status.description + } + + override public var description: String { + if let adapterSocket = adapterSocket { + return "" + } else { + return "" + } + } + + init(proxySocket: ProxySocket) { + self.proxySocket = proxySocket + super.init() + self.proxySocket.delegate = self + + self.observer = ObserverFactory.currentFactory?.getObserverForTunnel(self) + } + + /** + Start running the tunnel. + */ + func openTunnel() { + guard !self.isCancelled else { + return + } + + self.proxySocket.openSocket() + self._status = .readingRequest + self.observer?.signal(.opened(self)) + } + + /** + Close the tunnel elegantly. + */ + func close() { + observer?.signal(.closeCalled(self)) + + guard !self.isCancelled else { + return + } + + self._cancelled = true + self._status = .closing + + if !self.proxySocket.isDisconnected { + self.proxySocket.disconnect() + } + if let adapterSocket = self.adapterSocket { + if !adapterSocket.isDisconnected { + adapterSocket.disconnect() + } + } + } + + /// Close the tunnel immediately. + /// + /// - note: This method is thread-safe. + func forceClose() { + observer?.signal(.forceCloseCalled(self)) + + guard !self.isCancelled else { + return + } + + self._cancelled = true + self._status = .closing + self._stopForwarding = true + + if !self.proxySocket.isDisconnected { + self.proxySocket.forceDisconnect() + } + if let adapterSocket = self.adapterSocket { + if !adapterSocket.isDisconnected { + adapterSocket.forceDisconnect() + } + } + } + + public func didReceive(session: ConnectSession, from: ProxySocket) { + guard !isCancelled else { + return + } + + _status = .waitingToBeReady + observer?.signal(.receivedRequest(session, from: from, on: self)) + + if !session.isIP() { + _ = Resolver.resolve(hostname: session.host, timeout: Opt.DNSTimeout) { [weak self] resolver, err in + QueueFactory.getQueue().async { + if err != nil { + session.ipAddress = "" + } else { + session.ipAddress = (resolver?.ipv4Result.first)! + } + self?.openAdapter(for: session) + } + } + } else { + session.ipAddress = session.host + openAdapter(for: session) + } + } + + fileprivate func openAdapter(for session: ConnectSession) { + guard !isCancelled else { + return + } + + let manager = RuleManager.currentManager + let factory = manager.match(session)! + adapterSocket = factory.getAdapterFor(session: session) + adapterSocket!.delegate = self + adapterSocket!.openSocketWith(session: session) + } + + public func didBecomeReadyToForwardWith(socket: SocketProtocol) { + guard !isCancelled else { + return + } + + readySignal += 1 + observer?.signal(.receivedReadySignal(socket, currentReady: readySignal, on: self)) + + defer { + if let socket = socket as? AdapterSocket { + proxySocket.respondTo(adapter: socket) + } + } + if readySignal == 2 { + _status = .forwarding + proxySocket.readData() + adapterSocket?.readData() + } + } + + public func didDisconnectWith(socket: SocketProtocol) { + if !isCancelled { + _stopForwarding = true + close() + } + checkStatus() + } + + public func didRead(data: Data, from socket: SocketProtocol) { + if let socket = socket as? ProxySocket { + observer?.signal(.proxySocketReadData(data, from: socket, on: self)) + + guard !isCancelled else { + return + } + adapterSocket!.write(data: data) + } else if let socket = socket as? AdapterSocket { + observer?.signal(.adapterSocketReadData(data, from: socket, on: self)) + + guard !isCancelled else { + return + } + proxySocket.write(data: data) + } + } + + public func didWrite(data: Data?, by socket: SocketProtocol) { + if let socket = socket as? ProxySocket { + observer?.signal(.proxySocketWroteData(data, by: socket, on: self)) + + guard !isCancelled else { + return + } + QueueFactory.getQueue().asyncAfter(deadline: DispatchTime.now() + DispatchTimeInterval.microseconds(Opt.forwardReadInterval)) { [weak self] in + self?.adapterSocket?.readData() + } + } else if let socket = socket as? AdapterSocket { + observer?.signal(.adapterSocketWroteData(data, by: socket, on: self)) + + guard !isCancelled else { + return + } + + proxySocket.readData() + } + } + + public func didConnectWith(adapterSocket: AdapterSocket) { + guard !isCancelled else { + return + } + + observer?.signal(.connectedToRemote(adapterSocket, on: self)) + } + + public func updateAdapterWith(newAdapter: AdapterSocket) { + guard !isCancelled else { + return + } + + observer?.signal(.updatingAdapterSocket(from: adapterSocket!, to: newAdapter, on: self)) + + adapterSocket = newAdapter + adapterSocket?.delegate = self + } + + fileprivate func checkStatus() { + if isClosed { + _status = .closed + observer?.signal(.closed(self)) + delegate?.tunnelDidClose(self) + delegate = nil + } + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Utils.swift b/GlassVPN/zhuhaow-NEKit/Utils.swift new file mode 100755 index 0000000..d3011d3 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Utils.swift @@ -0,0 +1,114 @@ +import Foundation + +public struct Utils { + public struct HTTPData { + public static let DoubleCRLF = "\r\n\r\n".data(using: String.Encoding.utf8)! + public static let CRLF = "\r\n".data(using: String.Encoding.utf8)! + public static let ConnectSuccessResponse = "HTTP/1.1 200 Connection Established\r\n\r\n".data(using: String.Encoding.utf8)! + } + + public struct DNS { + // swiftlint:disable:next nesting + public enum QueryType { + // swiftlint:disable:next type_name + case a, aaaa, unspec + } + + public static func resolve(_ name: String, type: QueryType = .unspec) -> String { + let remoteHostEnt = gethostbyname2((name as NSString).utf8String, AF_INET) + + if remoteHostEnt == nil { + return "" + } + + let remoteAddr = UnsafeMutableRawPointer(remoteHostEnt?.pointee.h_addr_list[0]) + + var output = [Int8](repeating: 0, count: Int(INET6_ADDRSTRLEN)) + inet_ntop(AF_INET, remoteAddr, &output, socklen_t(INET6_ADDRSTRLEN)) + return NSString(utf8String: output)! as String + } + } + + // swiftlint:disable:next type_name + public struct IP { + public static func isIPv4(_ ipAddress: String) -> Bool { + if IPv4ToInt(ipAddress) != nil { + return true + } else { + return false + } + } + + public static func isIPv6(_ ipAddress: String) -> Bool { + let utf8Str = (ipAddress as NSString).utf8String + var dst = [UInt8](repeating: 0, count: 16) + return inet_pton(AF_INET6, utf8Str, &dst) == 1 + } + + public static func isIP(_ ipAddress: String) -> Bool { + return isIPv4(ipAddress) || isIPv6(ipAddress) + } + + public static func IPv4ToInt(_ ipAddress: String) -> UInt32? { + let utf8Str = (ipAddress as NSString).utf8String + var dst = in_addr(s_addr: 0) + if inet_pton(AF_INET, utf8Str, &(dst.s_addr)) == 1 { + return UInt32(dst.s_addr) + } else { + return nil + } + } + + public static func IPv4ToBytes(_ ipAddress: String) -> [UInt8]? { + if let ipv4int = IPv4ToInt(ipAddress) { + return Utils.toByteArray(ipv4int).reversed() + } else { + return nil + } + } + + public static func IPv6ToBytes(_ ipAddress: String) -> [UInt8]? { + let utf8Str = (ipAddress as NSString).utf8String + var dst = [UInt8](repeating: 0, count: 16) + if inet_pton(AF_INET6, utf8Str, &dst) == 1 { + return Utils.toByteArray(dst).reversed() + } else { + return nil + } + } + } + +// struct GeoIPLookup { +// +// static func Lookup(_ ipAddress: String) -> String? { +// if Utils.IP.isIP(ipAddress) { +// guard let result = GeoIP.LookUp(ipAddress) else { +// return "--" +// } +// return result.isoCode +// } else { +// return nil +// } +// } +// } + + static func toByteArray(_ value: T) -> [UInt8] { + var value = value + return withUnsafeBytes(of: &value) { + Array($0) + } + } + + struct Random { + static func fill(data: inout Data, from: Int = 0, to: Int = -1) { + let c = data.count + data.withUnsafeMutableBytes { + arc4random_buf($0.baseAddress!.advanced(by: from), to == -1 ? c - from : to - from) + } + } + + static func fill(data: inout Data, from: Int = 0, length: Int) { + fill(data: &data, from: from, to: from + length) + } + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Utils/BinaryDataScanner.swift b/GlassVPN/zhuhaow-NEKit/Utils/BinaryDataScanner.swift new file mode 100755 index 0000000..0cb5556 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Utils/BinaryDataScanner.swift @@ -0,0 +1,93 @@ +// +// BinaryDataScanner.swift +// Murphy +// +// Created by Dave Peck on 7/20/14. +// Copyright (c) 2014 Dave Peck. All rights reserved. +// + +import Foundation + +/* +Toying with tools to help read binary formats. + +I've seen lots of approaches in swift that create +an intermediate object per-read (usually another NSData) +but even if these are lightweight under the hood, +it seems like overkill. Plus this taught me about <()> aka + +And it would be nice to have an extension to +NSFileHandle too that does much the same. +*/ + +public protocol BinaryReadable { + var littleEndian: Self { get } + var bigEndian: Self { get } +} + +extension UInt8: BinaryReadable { + public var littleEndian: UInt8 { return self } + public var bigEndian: UInt8 { return self } +} + +extension UInt16: BinaryReadable {} + +extension UInt32: BinaryReadable {} + +extension UInt64: BinaryReadable {} + +open class BinaryDataScanner { + let data: Data + let littleEndian: Bool +// let encoding: NSStringEncoding + + var remaining: Int { + return data.count - position + } + + var position: Int = 0 + + public init(data: Data, littleEndian: Bool) { + self.data = data + self.littleEndian = littleEndian + } + + open func read() -> T? { + if remaining < MemoryLayout.size { + return nil + } + + let v = data.withUnsafeBytes { + $0.baseAddress!.advanced(by: position).assumingMemoryBound(to: T.self).pointee + } + position += MemoryLayout.size + return littleEndian ? v.littleEndian : v.bigEndian + } + + // swiftlint:disable variable_name + open func skip(to n: Int) { + position = n + } + + open func advance(by n: Int) { + position += n + } + + /* convenience read funcs */ + + open func readByte() -> UInt8? { + return read() + } + + open func read16() -> UInt16? { + return read() + } + + open func read32() -> UInt32? { + return read() + } + + open func read64() -> UInt64? { + return read() + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Utils/Checksum.swift b/GlassVPN/zhuhaow-NEKit/Utils/Checksum.swift new file mode 100755 index 0000000..d5176ed --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Utils/Checksum.swift @@ -0,0 +1,44 @@ +import Foundation + +open class Checksum { + + public static func computeChecksum(_ data: Data, from start: Int = 0, to end: Int? = nil, withPseudoHeaderChecksum initChecksum: UInt32 = 0) -> UInt16 { + return toChecksum(computeChecksumUnfold(data, from: start, to: end, withPseudoHeaderChecksum: initChecksum)) + } + + public static func validateChecksum(_ payload: Data, from start: Int = 0, to end: Int? = nil) -> Bool { + let cs = computeChecksumUnfold(payload, from: start, to: end) + return toChecksum(cs) == 0 + } + + public static func computeChecksumUnfold(_ data: Data, from start: Int = 0, to end: Int? = nil, withPseudoHeaderChecksum initChecksum: UInt32 = 0) -> UInt32 { + let scanner = BinaryDataScanner(data: data, littleEndian: true) + scanner.skip(to: start) + var result: UInt32 = initChecksum + var end = end + if end == nil { + end = data.count + } + while scanner.position + 2 <= end! { + let value = scanner.read16()! + result += UInt32(value) + } + + if scanner.position != end { + // data is of odd size + // Intel and ARM are both litten endian + // so just add it + let value = scanner.readByte()! + result += UInt32(value) + } + return result + } + + public static func toChecksum(_ checksum: UInt32) -> UInt16 { + var result = checksum + while (result) >> 16 != 0 { + result = result >> 16 + result & 0xFFFF + } + return ~UInt16(result) + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Utils/HTTPAuthentication.swift b/GlassVPN/zhuhaow-NEKit/Utils/HTTPAuthentication.swift new file mode 100755 index 0000000..21ebac2 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Utils/HTTPAuthentication.swift @@ -0,0 +1,44 @@ +import Foundation + +/** + * The helper wrapping up an HTTP basic authentication credential. + */ +public struct HTTPAuthentication { + /// The username of the credential. + public let username: String + + /// The password of the credential. + public let password: String + + /** + Initailize the credential with username and password. + + - parameter username: The username of the credential. + - parameter password: The password of the credential. + + - returns: The credential. + */ + public init(username: String, password: String) { + self.username = username + self.password = password + } + + /** + Return the base64 encoded string of the credential. + + - returns: The credential encoded with `"\(username):\(password)"` + */ + public func encoding() -> String? { + let auth = "\(username):\(password)" + return auth.data(using: String.Encoding.utf8)?.base64EncodedString(options: NSData.Base64EncodingOptions.endLineWithLineFeed) + } + + /** + Return the full header field content for `Authorization` of an HTTP basic authentication. + + - returns: The encoded authentication string. + */ + public func authString() -> String { + return "Basic \(encoding()!)" + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Utils/HTTPStreamScanner.swift b/GlassVPN/zhuhaow-NEKit/Utils/HTTPStreamScanner.swift new file mode 100755 index 0000000..8ddc82d --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Utils/HTTPStreamScanner.swift @@ -0,0 +1,81 @@ +import Foundation + +class HTTPStreamScanner { + enum ReadAction { + case readHeader, readContent(Int), stop + } + + enum Result { + case header(HTTPHeader), content(Data) + } + + enum HTTPStreamScannerError: Error { + case contentIsTooLong, scannerIsStopped, unsupportedStreamType + } + + var nextAction: ReadAction = .readHeader + + var remainContentLength: Int = 0 + + var currentHeader: HTTPHeader! + + var isConnect: Bool = false + + func input(_ data: Data) throws -> Result { + switch nextAction { + case .readHeader: + let header: HTTPHeader + do { + header = try HTTPHeader(headerData: data) + // To temporarily solve a bug in firefox for mac + if currentHeader != nil && header.host != currentHeader.host { + throw HTTPStreamScannerError.unsupportedStreamType + } + } catch let error { + nextAction = .stop + throw error + } + + if currentHeader == nil { + if header.isConnect { + isConnect = true + remainContentLength = -1 + } else { + isConnect = false + remainContentLength = header.contentLength + } + } else { + remainContentLength = header.contentLength + } + + currentHeader = header + + setNextAction() + + return .header(header) + case .readContent: + remainContentLength -= data.count + if !isConnect && remainContentLength < 0 { + nextAction = .stop + throw HTTPStreamScannerError.contentIsTooLong + } + + setNextAction() + + return .content(data) + case .stop: + throw HTTPStreamScannerError.scannerIsStopped + } + } + + fileprivate func setNextAction() { + switch remainContentLength { + case 0: + nextAction = .readHeader + case _ where remainContentLength < 0: + nextAction = .readContent(-1) + default: + nextAction = .readContent(min(remainContentLength, Opt.MAXHTTPContentBlockLength)) + } + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Utils/HTTPURL.swift b/GlassVPN/zhuhaow-NEKit/Utils/HTTPURL.swift new file mode 100755 index 0000000..f69b28f --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Utils/HTTPURL.swift @@ -0,0 +1,57 @@ +import Foundation + +public class HTTPURL { + public let scheme: String? + public let host: String? + public let port: Int? + // public let path: String + public let relativePath: String + + // swiftlint:disable:next force_try + static let urlreg = try! NSRegularExpression(pattern: "^(?:(?:(https?):\\/\\/)?([\\w\\.-]+)(?::(\\d+))?)?(?:\\/(.*))?$", options: NSRegularExpression.Options.caseInsensitive) + + init?(string url: String) { + let nsurl = url as NSString + + guard let result = HTTPURL.urlreg.firstMatch(in: url, range: NSRange(location: 0, length: nsurl.length)) else { + return nil + } + + guard result.numberOfRanges == 5 else { + return nil + } + + guard result.range(at: 0).location != NSNotFound else { + return nil + } + + var range = result.range(at: 1) + if range.location != NSNotFound { + scheme = nsurl.substring(with: range) + } else { + scheme = nil + } + + range = result.range(at: 2) + if range.location != NSNotFound { + host = nsurl.substring(with: range) + } else { + host = nil + } + + range = result.range(at: 3) + if range.location != NSNotFound { + port = Int(nsurl.substring(with: range)) + } else { + port = nil + } + + range = result.range(at: 4) + if range.location != NSNotFound { + relativePath = nsurl.substring(with: range) + } else { + relativePath = "" + } + + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Utils/IPAddress.swift b/GlassVPN/zhuhaow-NEKit/Utils/IPAddress.swift new file mode 100755 index 0000000..2c28a35 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Utils/IPAddress.swift @@ -0,0 +1,208 @@ +import Foundation + +public class IPAddress: CustomStringConvertible, Comparable { + public enum Family { + case IPv4, IPv6 + } + + public enum Address: Equatable { + case IPv4(in_addr), IPv6(in6_addr) + + public var asUInt128: UInt128 { + switch self { + case .IPv4(let addr): + return UInt128(addr.s_addr.byteSwapped) + case .IPv6(var addr): + var upperBits: UInt64 = 0, lowerBits: UInt64 = 0 + withUnsafeBytes(of: &addr) { + upperBits = $0.load(as: UInt64.self).byteSwapped + lowerBits = $0.load(fromByteOffset: MemoryLayout.size, as: UInt64.self).byteSwapped + } + return UInt128(upperBits: upperBits, lowerBits: lowerBits) + } + } + } + + public let family: Family + public let address: Address + + public lazy var presentation: String = { [unowned self] in + switch self.address { + case .IPv4(var addr): + var buffer = [Int8](repeating: 0, count: Int(INET_ADDRSTRLEN)) + var p: UnsafePointer! = nil + withUnsafePointer(to: &addr) { + p = inet_ntop(AF_INET, $0, &buffer, UInt32(INET_ADDRSTRLEN)) + } + return String(cString: p) + case .IPv6(var addr): + var buffer = [Int8](repeating: 0, count: Int(INET6_ADDRSTRLEN)) + var p: UnsafePointer! = nil + withUnsafePointer(to: &addr) { + p = inet_ntop(AF_INET6, $0, &buffer, UInt32(INET6_ADDRSTRLEN)) + } + return String(cString: p) + } + }() + + public init(fromInAddr addr: in_addr) { + family = .IPv4 + address = .IPv4(addr) + } + + public init(fromIn6Addr addr6: in6_addr) { + family = .IPv6 + address = .IPv6(addr6) + } + + public convenience init?(fromString string: String) { + var addr = in_addr() + + if (string.withCString { + return inet_pton(AF_INET, $0, &addr) + }) == 1 { + self.init(fromInAddr: addr) + presentation = string + } else { + var addr6 = in6_addr() + if (string.withCString { + return inet_pton(AF_INET6, $0, &addr6) + }) == 1 { + self.init(fromIn6Addr: addr6) + presentation = string + } else { + return nil + } + } + } + + public convenience init(ipv4InNetworkOrder: UInt32) { + let addr = in_addr(s_addr: ipv4InNetworkOrder) + self.init(fromInAddr: addr) + } + + public convenience init(ipv6InNetworkOrder: UInt128) { + var ip = ipv6InNetworkOrder + var addr = in6_addr() + withUnsafeBytes(of: &ip) { ipptr in + withUnsafeMutableBytes(of: &addr) { addrptr in + addrptr.storeBytes(of: ipptr.load(fromByteOffset: MemoryLayout.size, as: UInt64.self), toByteOffset: 0, as: UInt64.self) + addrptr.storeBytes(of: ipptr.load(as: UInt64.self), toByteOffset: MemoryLayout.size, as: UInt64.self) + } + } + self.init(fromIn6Addr: addr) + } + + public convenience init(fromBytesInNetworkOrder ptr: UnsafeRawPointer, family: Family = .IPv4) { + switch family { + case .IPv4: + let addr = ptr.assumingMemoryBound(to: in_addr.self).pointee + self.init(fromInAddr: addr) + case .IPv6: + let addr6 = ptr.assumingMemoryBound(to: in6_addr.self).pointee + self.init(fromIn6Addr: addr6) + } + } + + public var description: String { + return presentation + } + + public var dataInNetworkOrder: Data { + var outputData: Data? = nil + withBytesInNetworkOrder { + outputData = Data($0) + } + return outputData! + } + + public var UInt32InNetworkOrder: UInt32? { + switch self.address { + case .IPv4(let addr): + return addr.s_addr + default: + return nil + } + } + + public var UInt128InNetworkOrder: UInt128? { + return self.address.asUInt128.byteSwapped + } + + public func withBytesInNetworkOrder(_ body: (UnsafeRawBufferPointer) throws -> U) rethrows -> U { + switch address { + case .IPv4(var addr): + return try withUnsafeBytes(of: &addr, body) + case .IPv6(var addr): + return try withUnsafeBytes(of: &addr, body) + } + } + + public func advanced(by interval: IPInterval) -> IPAddress? { + switch (interval, address) { + case (.IPv4(let range), .IPv4(let addr)): + return IPAddress(ipv4InNetworkOrder: (addr.s_addr.byteSwapped &+ range).byteSwapped) + case (.IPv6(let range), .IPv6): + return IPAddress(ipv6InNetworkOrder: (address.asUInt128 &+ range).byteSwapped) + default: + return nil + } + } + + public func advanced(by interval: UInt) -> IPAddress? { + switch self.address { + case .IPv4(let addr): + return IPAddress(ipv4InNetworkOrder: (addr.s_addr.byteSwapped &+ UInt32(interval)).byteSwapped) + case .IPv6: + return IPAddress(ipv6InNetworkOrder: (address.asUInt128 &+ UInt128(interval)).byteSwapped) + } + } +} + +public func == (lhs: IPAddress, rhs: IPAddress) -> Bool { + return lhs.address == rhs.address +} + +// Comparing IP addresses of different families are undefined. +// But currently, IPv4 is considered smaller than IPv6 address. Do NOT depend on this behavior. +public func < (lhs: IPAddress, rhs: IPAddress) -> Bool { + switch (lhs.address, rhs.address) { + case (.IPv4(let addrl), .IPv4(let addrr)): + return addrl.s_addr.byteSwapped < addrr.s_addr.byteSwapped + case (.IPv6(var addrl), .IPv6(var addrr)): + let ms = MemoryLayout.size(ofValue: addrl) + return (withUnsafeBytes(of: &addrl) { ptrl in + withUnsafeBytes(of: &addrr) { ptrr in + return memcmp(ptrl.baseAddress!, ptrr.baseAddress!, ms) + } + }) < 0 + case (.IPv4, .IPv6): + return true + case (.IPv6, .IPv4): + return false + } +} + +public func == (lhs: IPAddress.Address, rhs: IPAddress.Address) -> Bool { + switch (lhs, rhs) { + case (.IPv4(let addrl), .IPv4(let addrr)): + return addrl.s_addr == addrr.s_addr + case (.IPv6(let addrl), .IPv6(let addrr)): + return addrl.__u6_addr.__u6_addr32 == addrr.__u6_addr.__u6_addr32 + default: + return false + } +} + +extension IPAddress: Hashable { + public func hash(into hasher: inout Hasher) { + switch address { + case .IPv4(let addr): + return hasher.combine(addr.s_addr.hashValue) + case .IPv6(var addr): + return withUnsafeBytes(of: &addr) { + return hasher.combine(bytes: $0) + } + } + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Utils/IPInterval.swift b/GlassVPN/zhuhaow-NEKit/Utils/IPInterval.swift new file mode 100755 index 0000000..a6c2496 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Utils/IPInterval.swift @@ -0,0 +1,5 @@ +import Foundation + +public enum IPInterval { + case IPv4(UInt32), IPv6(UInt128) +} diff --git a/GlassVPN/zhuhaow-NEKit/Utils/IPMask.swift b/GlassVPN/zhuhaow-NEKit/Utils/IPMask.swift new file mode 100755 index 0000000..f94d0f6 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Utils/IPMask.swift @@ -0,0 +1,50 @@ +import Foundation + +public enum IPMask { + case IPv4(UInt32), IPv6(UInt128) + + func mask(baseIP: IPAddress) -> (IPAddress, IPAddress)? { + switch (self, baseIP.address) { + case (.IPv4(var m), .IPv4(let addr)): + guard m <= 32 else { + return nil + } + + if m == 32 { + return (baseIP, baseIP) + } + + if m == 0 { + return (IPAddress(ipv4InNetworkOrder: 0), IPAddress(ipv4InNetworkOrder: UInt32.max)) + } + + m = 32 - m + let base = (addr.s_addr.byteSwapped >> m) << m + let end = base | ~((UInt32.max >> m) << m) + let b = IPAddress(ipv4InNetworkOrder: base.byteSwapped) + let e = IPAddress(ipv4InNetworkOrder: end.byteSwapped) + return (b, e) + case (.IPv6(var m), .IPv6): + guard m <= 128 else { + return nil + } + + if m == 128 { + return (baseIP, baseIP) + } + + if m == 0 { + return (IPAddress(ipv6InNetworkOrder: 0), IPAddress(ipv6InNetworkOrder: UInt128.max)) + } + + m = 128 - m + let base = (baseIP.address.asUInt128.byteSwapped >> m) << m + let end = base | ~((UInt128.max >> m) << m) + let b = IPAddress(ipv6InNetworkOrder: base.byteSwapped) + let e = IPAddress(ipv6InNetworkOrder: end.byteSwapped) + return (b, e) + default: + return nil + } + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Utils/IPPool.swift b/GlassVPN/zhuhaow-NEKit/Utils/IPPool.swift new file mode 100755 index 0000000..b164575 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Utils/IPPool.swift @@ -0,0 +1,47 @@ +import Foundation + +/** + The pool is build to hold fake ips. + + - note: It is NOT thread-safe. + */ +public final class IPPool { + let family: IPAddress.Family + let range: IPRange + var currentEnd: IPAddress + var pool: [IPAddress] = [] + + public init(range: IPRange) { + family = range.family + self.range = range + + currentEnd = range.startIP + } + + func fetchIP() -> IPAddress? { + if pool.count == 0 { + if range.contains(ip: currentEnd) { + defer { + currentEnd = currentEnd.advanced(by: 1)! + } + return currentEnd + } else { + return nil + } + } + + return pool.removeLast() + } + + func release(ip: IPAddress) { + guard ip.family == family else { + return + } + + pool.append(ip) + } + + func contains(ip: IPAddress) -> Bool { + return range.contains(ip: ip) + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Utils/IPRange.swift b/GlassVPN/zhuhaow-NEKit/Utils/IPRange.swift new file mode 100755 index 0000000..2bd51ce --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Utils/IPRange.swift @@ -0,0 +1,122 @@ +import Foundation + +public enum IPRangeError: Error { + case invalidCIDRFormat, invalidRangeFormat, invalidRange, invalidFormat, addressIncompatible, noRange, intervalInvalid, invalidMask +} + +public class IPRange { + public let startIP: IPAddress + // including, so we can include 255.255.255.255 in range. + public let endIP: IPAddress + + public let family: IPAddress.Family + + public init(startIP: IPAddress, endIP: IPAddress) throws { + guard startIP.family == endIP.family else { + throw IPRangeError.addressIncompatible + } + + guard startIP <= endIP else { + throw IPRangeError.invalidRange + } + + self.startIP = startIP + self.endIP = endIP + family = startIP.family + } + + public convenience init(startIP: IPAddress, interval: IPInterval) throws { + guard let endIP = startIP.advanced(by: interval) else { + throw IPRangeError.intervalInvalid + } + + try self.init(startIP: startIP, endIP: endIP) + } + + public convenience init(startIP: IPAddress, mask: IPMask) throws { + guard let (startIP, endIP) = mask.mask(baseIP: startIP) else { + throw IPRangeError.invalidMask + } + + try self.init(startIP: startIP, endIP: endIP) + } + + public func contains(ip: IPAddress) -> Bool { + guard ip.family == family else { + return false + } + + return ip >= startIP && ip <= endIP + } +} + +extension IPRange { + public convenience init(withCIDRString rep: String) throws { + let info = rep.components(separatedBy: "/") + guard info.count == 2 else { + throw IPRangeError.invalidCIDRFormat + } + + guard let ip = IPAddress(fromString: info[0]) else { + throw IPRangeError.invalidCIDRFormat + } + + var mask: IPMask + switch ip.family { + case .IPv4: + guard let m = UInt32(info[1]) else { + throw IPRangeError.invalidCIDRFormat + } + mask = IPMask.IPv4(m) + case .IPv6: + guard let m6 = try? UInt128(info[1]) else { + throw IPRangeError.invalidCIDRFormat + } + mask = IPMask.IPv6(m6) + } + + try self.init(startIP: ip, mask: mask) + } + + public convenience init(withRangeString rep: String) throws { + let info = rep.components(separatedBy: "+") + guard info.count == 2 else { + throw IPRangeError.invalidRangeFormat + } + + guard let startIP = IPAddress(fromString: info[0]) else { + throw IPRangeError.invalidRangeFormat + } + + var interval: IPInterval + switch startIP.family { + case .IPv4: + guard let m = UInt32(info[1]) else { + throw IPRangeError.invalidRangeFormat + } + interval = IPInterval.IPv4(m) + case .IPv6: + guard let m6 = try? UInt128(info[1]) else { + throw IPRangeError.invalidRangeFormat + } + interval = IPInterval.IPv6(m6) + } + + try self.init(startIP: startIP, interval: interval) + } + + public convenience init(withString rep: String) throws { + if rep.contains("/") { + try self.init(withCIDRString: rep) + } else if rep.contains("+") { + try self.init(withRangeString: rep) + } else { + guard let ip = IPAddress(fromString: rep) else { + throw IPRangeError.invalidFormat + } + + try self.init(startIP: ip, endIP: ip) + } + } + +} diff --git a/GlassVPN/zhuhaow-NEKit/Utils/Port.swift b/GlassVPN/zhuhaow-NEKit/Utils/Port.swift new file mode 100755 index 0000000..8f3d5cf --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Utils/Port.swift @@ -0,0 +1,77 @@ +import Foundation + +/// Represents the port number of IP protocol. +public struct Port: CustomStringConvertible, ExpressibleByIntegerLiteral { + public typealias IntegerLiteralType = UInt16 + + fileprivate var inport: UInt16 + + /** + Initialize a new instance with the port number in network byte order. + + - parameter portInNetworkOrder: The port number in network byte order. + + - returns: The initailized port. + */ + public init(portInNetworkOrder: UInt16) { + self.inport = portInNetworkOrder + } + + /** + Initialize a new instance with the port number. + + - parameter port: The port number. + + - returns: The initailized port. + */ + public init(port: UInt16) { + self.init(portInNetworkOrder: NSSwapHostShortToBig(port)) + } + + public init(integerLiteral value: Port.IntegerLiteralType) { + self.init(port: value) + } + + /** + Initialize a new instance with data in network byte order. + + - parameter bytesInNetworkOrder: The port data in network byte order. + + - returns: The initailized port. + */ + public init(bytesInNetworkOrder: UnsafeRawPointer) { + self.init(portInNetworkOrder: bytesInNetworkOrder.load(as: UInt16.self)) + } + + public var description: String { + return "" + } + + /// The port number. + public var value: UInt16 { + return NSSwapBigShortToHost(inport) + } + + public var valueInNetworkOrder: UInt16 { + return inport + } + + /** + Run a block with the bytes of port in **network order**. + + - parameter block: The block to run. + + - returns: The value the block returns. + */ + public mutating func withUnsafeBufferPointer(_ block: (UnsafeRawBufferPointer) -> T) -> T { + return withUnsafeBytes(of: &inport) { + return block($0) + } + } +} + +public func == (left: Port, right: Port) -> Bool { + return left.valueInNetworkOrder == right.valueInNetworkOrder +} + +extension Port: Hashable {} diff --git a/GlassVPN/zhuhaow-NEKit/Utils/StreamScanner.swift b/GlassVPN/zhuhaow-NEKit/Utils/StreamScanner.swift new file mode 100755 index 0000000..35067c6 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Utils/StreamScanner.swift @@ -0,0 +1,41 @@ +import Foundation + +open class StreamScanner { + var receivedData: NSMutableData = NSMutableData() + let pattern: Data + let maximumLength: Int + var finished = false + + var currentLength: Int { + return receivedData.length + } + + public init(pattern: Data, maximumLength: Int) { + self.pattern = pattern + self.maximumLength = maximumLength + } + + // I know this is not the most effcient algorithm if there is a large number of NSDatas, but since we only need to find the CRLF in http header (as of now), and it should be ready in the first readData call, there is no need to implement a complicate algorithm which is very likely to be slower in such case. + open func addAndScan(_ data: Data) -> (Data?, Data)? { + guard finished == false else { + return nil + } + + receivedData.append(data) + let startind = max(0, receivedData.length - pattern.count - data.count) + let range = receivedData.range(of: pattern, options: .backwards, in: NSRange(location: startind, length: receivedData.length - startind)) + + if range.location == NSNotFound { + if receivedData.length > maximumLength { + finished = true + return (nil, receivedData as Data) + } else { + return nil + } + } else { + finished = true + let foundEndIndex = range.location + range.length + return (receivedData.subdata(with: NSRange(location: 0, length: foundEndIndex)), receivedData.subdata(with: NSRange(location: foundEndIndex, length: receivedData.length - foundEndIndex))) + } + } +} diff --git a/GlassVPN/zhuhaow-NEKit/Utils/UInt128.swift b/GlassVPN/zhuhaow-NEKit/Utils/UInt128.swift new file mode 100755 index 0000000..da4fb13 --- /dev/null +++ b/GlassVPN/zhuhaow-NEKit/Utils/UInt128.swift @@ -0,0 +1,801 @@ +// +// UInt128.swift +// +// An implementation of a 128-bit unsigned integer data type not +// relying on any outside libraries apart from Swift's standard +// library. It also seeks to implement the entirety of the +// UnsignedInteger protocol as well as standard functions supported +// by Swift's native unsigned integer types. +// +// Copyright 2017 Joel Gerber +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +// MARK: Error Type + +/// An `ErrorType` for `UInt128` data types. It includes cases +/// for errors that can occur during string +/// conversion. +public enum UInt128Errors : Error { + /// Input cannot be converted to a UInt128 value. + case invalidString +} + +// MARK: - Data Type + +/// A 128-bit unsigned integer value type. +/// Storage is based upon a tuple of 2, 64-bit, unsigned integers. +public struct UInt128 { + // MARK: Instance Properties + + /// Internal value is presented as a tuple of 2 64-bit + /// unsigned integers. + internal var value: (upperBits: UInt64, lowerBits: UInt64) + + /// Counts up the significant bits in stored data. + public var significantBits: UInt128 { + var significantBits: UInt128 = 0 + var bitsToWalk: UInt64 = 0 // The bits to crawl in loop. + + // When upperBits > 0, lowerBits are all significant. + if self.value.upperBits > 0 { + bitsToWalk = self.value.upperBits + significantBits = 64 + } else if self.value.lowerBits > 0 { + bitsToWalk = self.value.lowerBits + } + + // Walk significant bits by shifting right until all bits are equal to 0. + while bitsToWalk > 0 { + bitsToWalk >>= 1 + significantBits += 1 + } + + return significantBits + } + + /// Undocumented private variable required for passing this type + /// to a BinaryFloatingPoint type. See FloatingPoint.swift.gyb in + /// the Swift stdlib/public/core directory. + internal var signBitIndex: Int { + return 127 - leadingZeroBitCount + } + + // MARK: Initializers + + /// Designated initializer for the UInt128 type. + public init(upperBits: UInt64, lowerBits: UInt64) { + value.upperBits = upperBits + value.lowerBits = lowerBits + } + + public init() { + self.init(upperBits: 0, lowerBits: 0) + } + + public init(_ source: UInt128) { + self.init(upperBits: source.value.upperBits, + lowerBits: source.value.lowerBits) + } + + /// Initialize a UInt128 value from a string. + /// + /// - parameter source: the string that will be converted into a + /// UInt128 value. Defaults to being analyzed as a base10 number, + /// but can be prefixed with `0b` for base2, `0o` for base8 + /// or `0x` for base16. + public init(_ source: String) throws { + guard let result = UInt128._valueFromString(source) else { + throw UInt128Errors.invalidString + } + self = result + } +} + +// MARK: - FixedWidthInteger Conformance + +extension UInt128 : FixedWidthInteger { + public static var bitWidth : Int { return 128 } + + // MARK: Instance Properties + + public var nonzeroBitCount: Int { + var nonZeroCount = 0 + var shiftWidth = 0 + + while shiftWidth < 128 { + let shiftedSelf = self &>> shiftWidth + let currentBit = shiftedSelf & 1 + if currentBit == 1 { + nonZeroCount += 1 + } + shiftWidth += 1 + } + + return nonZeroCount + } + + public var leadingZeroBitCount: Int { + var zeroCount = 0 + var shiftWidth = 127 + + while shiftWidth >= 0 { + let currentBit = self &>> shiftWidth + guard currentBit == 0 else { break } + zeroCount += 1 + shiftWidth -= 1 + } + + return zeroCount + } + + /// Returns the big-endian representation of the integer, changing the byte order if necessary. + public var bigEndian: UInt128 { + #if arch(i386) || arch(x86_64) || arch(arm) || arch(arm64) + return self.byteSwapped + #else + return self + #endif + } + + /// Returns the little-endian representation of the integer, changing the byte order if necessary. + public var littleEndian: UInt128 { + #if arch(i386) || arch(x86_64) || arch(arm) || arch(arm64) + return self + #else + return self.byteSwapped + #endif + } + + /// Returns the current integer with the byte order swapped. + public var byteSwapped: UInt128 { + return UInt128(upperBits: self.value.lowerBits.byteSwapped, lowerBits: self.value.upperBits.byteSwapped) + } + + // MARK: Initializers + + /// Creates a UInt128 from a given value, with the input's value + /// truncated to a size no larger than what UInt128 can handle. + /// Since the input is constrained to an UInt, no truncation needs + /// to occur, as a UInt is currently 64 bits at the maximum. + public init(_truncatingBits bits: UInt) { + self.init(upperBits: 0, lowerBits: UInt64(bits)) + } + + /// Creates an integer from its big-endian representation, changing the + /// byte order if necessary. + public init(bigEndian value: UInt128) { + #if arch(i386) || arch(x86_64) || arch(arm) || arch(arm64) + self = value.byteSwapped + #else + self = value + #endif + } + + /// Creates an integer from its little-endian representation, changing the + /// byte order if necessary. + public init(littleEndian value: UInt128) { + #if arch(i386) || arch(x86_64) || arch(arm) || arch(arm64) + self = value + #else + self = value.byteSwapped + #endif + } + + // MARK: Instance Methods + + public func addingReportingOverflow(_ rhs: UInt128) -> (partialValue: UInt128, overflow: Bool) { + var resultOverflow = false + let (lowerBits, lowerOverflow) = self.value.lowerBits.addingReportingOverflow(rhs.value.lowerBits) + var (upperBits, upperOverflow) = self.value.upperBits.addingReportingOverflow(rhs.value.upperBits) + + // If the lower bits overflowed, we need to add 1 to upper bits. + if lowerOverflow { + (upperBits, resultOverflow) = upperBits.addingReportingOverflow(1) + } + + return (partialValue: UInt128(upperBits: upperBits, lowerBits: lowerBits), + overflow: upperOverflow || resultOverflow) + } + + public func subtractingReportingOverflow(_ rhs: UInt128) -> (partialValue: UInt128, overflow: Bool) { + var resultOverflow = false + let (lowerBits, lowerOverflow) = self.value.lowerBits.subtractingReportingOverflow(rhs.value.lowerBits) + var (upperBits, upperOverflow) = self.value.upperBits.subtractingReportingOverflow(rhs.value.upperBits) + + // If the lower bits overflowed, we need to subtract (borrow) 1 from the upper bits. + if lowerOverflow { + (upperBits, resultOverflow) = upperBits.subtractingReportingOverflow(1) + } + + return (partialValue: UInt128(upperBits: upperBits, lowerBits: lowerBits), + overflow: upperOverflow || resultOverflow) + } + + public func multipliedReportingOverflow(by rhs: UInt128) -> (partialValue: UInt128, overflow: Bool) { + let multiplicationResult = self.multipliedFullWidth(by: rhs) + let overflowEncountered = multiplicationResult.high > 0 + + return (partialValue: multiplicationResult.low, + overflow: overflowEncountered) + } + + public func multipliedFullWidth(by other: UInt128) -> (high: UInt128, low: UInt128.Magnitude) { + // Bit mask that facilitates masking the lower 32 bits of a 64 bit UInt. + let lower32 = UInt64(UInt32.max) + + // Decompose lhs into an array of 4, 32 significant bit UInt64s. + let lhsArray = [ + self.value.upperBits >> 32, /*0*/ self.value.upperBits & lower32, /*1*/ + self.value.lowerBits >> 32, /*2*/ self.value.lowerBits & lower32 /*3*/ + ] + + // Decompose rhs into an array of 4, 32 significant bit UInt64s. + let rhsArray = [ + other.value.upperBits >> 32, /*0*/ other.value.upperBits & lower32, /*1*/ + other.value.lowerBits >> 32, /*2*/ other.value.lowerBits & lower32 /*3*/ + ] + + // The future contents of this array will be used to store segment + // multiplication results. + var resultArray = [[UInt64]].init( + repeating: [UInt64].init(repeating: 0, count: 4), count: 4 + ) + + // Loop through every combination of lhsArray[x] * rhsArray[y] + for rhsSegment in 0 ..< rhsArray.count { + for lhsSegment in 0 ..< lhsArray.count { + let currentValue = lhsArray[lhsSegment] * rhsArray[rhsSegment] + resultArray[lhsSegment][rhsSegment] = currentValue + } + } + + // Perform multiplication similar to pen and paper in 64bit, 32bit masked increments. + let bitSegment8 = resultArray[3][3] & lower32 + let bitSegment7 = UInt128._variadicAdditionWithOverflowCount( + resultArray[2][3] & lower32, + resultArray[3][2] & lower32, + resultArray[3][3] >> 32) // overflow from bitSegment8 + let bitSegment6 = UInt128._variadicAdditionWithOverflowCount( + resultArray[1][3] & lower32, + resultArray[2][2] & lower32, + resultArray[3][1] & lower32, + resultArray[2][3] >> 32, // overflow from bitSegment7 + resultArray[3][2] >> 32, // overflow from bitSegment7 + bitSegment7.overflowCount) + let bitSegment5 = UInt128._variadicAdditionWithOverflowCount( + resultArray[0][3] & lower32, + resultArray[1][2] & lower32, + resultArray[2][1] & lower32, + resultArray[3][0] & lower32, + resultArray[1][3] >> 32, // overflow from bitSegment6 + resultArray[2][2] >> 32, // overflow from bitSegment6 + resultArray[3][1] >> 32, // overflow from bitSegment6 + bitSegment6.overflowCount) + let bitSegment4 = UInt128._variadicAdditionWithOverflowCount( + resultArray[0][2] & lower32, + resultArray[1][1] & lower32, + resultArray[2][0] & lower32, + resultArray[0][3] >> 32, // overflow from bitSegment5 + resultArray[1][2] >> 32, // overflow from bitSegment5 + resultArray[2][1] >> 32, // overflow from bitSegment5 + resultArray[3][0] >> 32, // overflow from bitSegment5 + bitSegment5.overflowCount) + let bitSegment3 = UInt128._variadicAdditionWithOverflowCount( + resultArray[0][1] & lower32, + resultArray[1][0] & lower32, + resultArray[0][2] >> 32, // overflow from bitSegment4 + resultArray[1][1] >> 32, // overflow from bitSegment4 + resultArray[2][0] >> 32, // overflow from bitSegment4 + bitSegment4.overflowCount) + let bitSegment1 = UInt128._variadicAdditionWithOverflowCount( + resultArray[0][0], + resultArray[0][1] >> 32, // overflow from bitSegment3 + resultArray[1][0] >> 32, // overflow from bitSegment3 + bitSegment3.overflowCount) + + // Shift and merge the results into 64 bit groups, adding in overflows as we go. + let lowerLowerBits = UInt128._variadicAdditionWithOverflowCount( + bitSegment8, + bitSegment7.truncatedValue << 32) + let upperLowerBits = UInt128._variadicAdditionWithOverflowCount( + bitSegment7.truncatedValue >> 32, + bitSegment6.truncatedValue, + bitSegment5.truncatedValue << 32, + lowerLowerBits.overflowCount) + let lowerUpperBits = UInt128._variadicAdditionWithOverflowCount( + bitSegment5.truncatedValue >> 32, + bitSegment4.truncatedValue, + bitSegment3.truncatedValue << 32, + upperLowerBits.overflowCount) + let upperUpperBits = UInt128._variadicAdditionWithOverflowCount( + bitSegment3.truncatedValue >> 32, + bitSegment1.truncatedValue, + lowerUpperBits.overflowCount) + + // Bring the 64bit unsigned integer results together into a high and low 128bit unsigned integer result. + return (high: UInt128(upperBits: upperUpperBits.truncatedValue, lowerBits: lowerUpperBits.truncatedValue), + low: UInt128(upperBits: upperLowerBits.truncatedValue, lowerBits: lowerLowerBits.truncatedValue)) + } + + /// Takes a variable amount of 64bit Unsigned Integers and adds them together, + /// tracking the total amount of overflows that occurred during addition. + /// + /// - Parameter addends: + /// Variably sized list of UInt64 values. + /// - Returns: + /// A tuple containing the truncated result and a count of the total + /// amount of overflows that occurred during addition. + private static func _variadicAdditionWithOverflowCount(_ addends: UInt64...) -> (truncatedValue: UInt64, overflowCount: UInt64) { + var sum: UInt64 = 0 + var overflowCount: UInt64 = 0 + + addends.forEach { addend in + let interimSum = sum.addingReportingOverflow(addend) + if interimSum.overflow { + overflowCount += 1 + } + sum = interimSum.partialValue + } + + return (truncatedValue: sum, overflowCount: overflowCount) + } + + public func dividedReportingOverflow(by rhs: UInt128) -> (partialValue: UInt128, overflow: Bool) { + guard rhs != 0 else { + return (self, true) + } + + let quotient = self.quotientAndRemainder(dividingBy: rhs).quotient + return (quotient, false) + } + + public func dividingFullWidth(_ dividend: (high: UInt128, low: UInt128)) -> (quotient: UInt128, remainder: UInt128) { + return self._quotientAndRemainderFullWidth(dividingBy: dividend) + } + + public func remainderReportingOverflow(dividingBy rhs: UInt128) -> (partialValue: UInt128, overflow: Bool) { + guard rhs != 0 else { + return (self, true) + } + + let remainder = self.quotientAndRemainder(dividingBy: rhs).remainder + return (remainder, false) + } + + public func quotientAndRemainder(dividingBy rhs: UInt128) -> (quotient: UInt128, remainder: UInt128) { + return rhs._quotientAndRemainderFullWidth(dividingBy: (high: 0, low: self)) + } + + /// Provides the quotient and remainder when dividing the provided value by self. + internal func _quotientAndRemainderFullWidth(dividingBy dividend: (high: UInt128, low: UInt128)) -> (quotient: UInt128, remainder: UInt128) { + let divisor = self + let numeratorBitsToWalk: UInt128 + + if dividend.high > 0 { + numeratorBitsToWalk = dividend.high.significantBits + 128 - 1 + } else if dividend.low == 0 { + return (0, 0) + } else { + numeratorBitsToWalk = dividend.low.significantBits - 1 + } + + // The below algorithm was adapted from: + // https://en.wikipedia.org/wiki/Division_algorithm#Integer_division_.28unsigned.29_with_remainder + + precondition(self != 0, "Division by 0") + + var quotient = UInt128.min + var remainder = UInt128.min + + for numeratorShiftWidth in (0...numeratorBitsToWalk).reversed() { + remainder <<= 1 + remainder |= UInt128._bitFromDoubleWidth(at: numeratorShiftWidth, for: dividend) + + if remainder >= divisor { + remainder -= divisor + quotient |= 1 << numeratorShiftWidth + } + } + + return (quotient, remainder) + } + + /// Returns the bit stored at the given position for the provided double width UInt128 input. + /// + /// - parameter at: position to grab bit value from. + /// - parameter for: the double width UInt128 data value to grab the + /// bit from. + /// - returns: single bit stored in a UInt128 value. + internal static func _bitFromDoubleWidth(at bitPosition: UInt128, for input: (high: UInt128, low: UInt128)) -> UInt128 { + switch bitPosition { + case 0: + return input.low & 1 + case 1...127: + return input.low >> bitPosition & 1 + case 128: + return input.high & 1 + default: + return input.high >> (bitPosition - 128) & 1 + } + } +} + +// MARK: - BinaryInteger Conformance + +extension UInt128 : BinaryInteger { + // MARK: Instance Properties + + public var bitWidth : Int { return 128 } + + + // MARK: Instance Methods + + public var words: [UInt] { + guard self != UInt128.min else { + return [] + } + + var words: [UInt] = [] + + for currentWord in 0 ... self.bitWidth / UInt.bitWidth { + let shiftAmount: UInt64 = UInt64(UInt.bitWidth) * UInt64(currentWord) + let mask = UInt64(UInt.max) + var shifted = self + + if shiftAmount > 0 { + shifted &>>= UInt128(upperBits: 0, lowerBits: shiftAmount) + } + + let masked: UInt128 = shifted & UInt128(upperBits: 0, lowerBits: mask) + + words.append(UInt(masked.value.lowerBits)) + } + return words + } + + public var trailingZeroBitCount: Int { + let mask: UInt128 = 1 + var bitsToWalk = self + + for currentPosition in 0...128 { + if bitsToWalk & mask == 1 { + return currentPosition + } + bitsToWalk >>= 1 + } + + return 128 + } + + // MARK: Initializers + + public init?(exactly source: T) { + if source.isZero { + self = UInt128() + } + else if source.exponent < 0 || source.rounded() != source { + return nil + } + else { + self = UInt128(UInt64(source)) + } + } + + public init(_ source: T) { + self.init(UInt64(source)) + } + + // MARK: Type Methods + + public static func /(_ lhs: UInt128, _ rhs: UInt128) -> UInt128 { + let result = lhs.dividedReportingOverflow(by: rhs) + + return result.partialValue + } + + public static func /=(_ lhs: inout UInt128, _ rhs: UInt128) { + lhs = lhs / rhs + } + + public static func %(_ lhs: UInt128, _ rhs: UInt128) -> UInt128 { + let result = lhs.remainderReportingOverflow(dividingBy: rhs) + + return result.partialValue + } + + public static func %=(_ lhs: inout UInt128, _ rhs: UInt128) { + lhs = lhs % rhs + } + + /// Performs a bitwise AND operation on 2 UInt128 data types. + public static func &=(_ lhs: inout UInt128, _ rhs: UInt128) { + let upperBits = lhs.value.upperBits & rhs.value.upperBits + let lowerBits = lhs.value.lowerBits & rhs.value.lowerBits + + lhs = UInt128(upperBits: upperBits, lowerBits: lowerBits) + } + + /// Performs a bitwise OR operation on 2 UInt128 data types. + public static func |=(_ lhs: inout UInt128, _ rhs: UInt128) { + let upperBits = lhs.value.upperBits | rhs.value.upperBits + let lowerBits = lhs.value.lowerBits | rhs.value.lowerBits + + lhs = UInt128(upperBits: upperBits, lowerBits: lowerBits) + } + + /// Performs a bitwise XOR operation on 2 UInt128 data types. + public static func ^=(_ lhs: inout UInt128, _ rhs: UInt128) { + let upperBits = lhs.value.upperBits ^ rhs.value.upperBits + let lowerBits = lhs.value.lowerBits ^ rhs.value.lowerBits + + lhs = UInt128(upperBits: upperBits, lowerBits: lowerBits) + } + + /// Perform a masked right SHIFT operation self. + /// + /// The masking operation will mask `rhs` against the highest + /// shift value that will not cause an overflowing shift before + /// performing the shift. IE: `rhs = 128` will become `rhs = 0` + /// and `rhs = 129` will become `rhs = 1`. + public static func &>>=(_ lhs: inout UInt128, _ rhs: UInt128) { + let shiftWidth = rhs.value.lowerBits & 127 + + switch shiftWidth { + case 0: return // Do nothing shift. + case 1...63: + let upperBits = lhs.value.upperBits >> shiftWidth + let lowerBits = (lhs.value.lowerBits >> shiftWidth) + (lhs.value.upperBits << (64 - shiftWidth)) + lhs = UInt128(upperBits: upperBits, lowerBits: lowerBits) + case 64: + // Shift 64 means move upper bits to lower bits. + lhs = UInt128(upperBits: 0, lowerBits: lhs.value.upperBits) + default: + let lowerBits = lhs.value.upperBits >> (shiftWidth - 64) + lhs = UInt128(upperBits: 0, lowerBits: lowerBits) + } + } + + /// Perform a masked left SHIFT operation on self. + /// + /// The masking operation will mask `rhs` against the highest + /// shift value that will not cause an overflowing shift before + /// performing the shift. IE: `rhs = 128` will become `rhs = 0` + /// and `rhs = 129` will become `rhs = 1`. + public static func &<<=(_ lhs: inout UInt128, _ rhs: UInt128) { + let shiftWidth = rhs.value.lowerBits & 127 + + switch shiftWidth { + case 0: return // Do nothing shift. + case 1...63: + let upperBits = (lhs.value.upperBits << shiftWidth) + (lhs.value.lowerBits >> (64 - shiftWidth)) + let lowerBits = lhs.value.lowerBits << shiftWidth + lhs = UInt128(upperBits: upperBits, lowerBits: lowerBits) + case 64: + // Shift 64 means move lower bits to upper bits. + lhs = UInt128(upperBits: lhs.value.lowerBits, lowerBits: 0) + default: + let upperBits = lhs.value.lowerBits << (shiftWidth - 64) + lhs = UInt128(upperBits: upperBits, lowerBits: 0) + } + } +} + +// MARK: - UnsignedInteger Conformance + +extension UInt128 : UnsignedInteger {} + +// MARK: - Hashable Conformance + +extension UInt128 : Hashable { + public func hash(into hasher: inout Hasher) { + hasher.combine(self.value.lowerBits) + hasher.combine(self.value.upperBits) + } +} + +// MARK: - Numeric Conformance + +extension UInt128 : Numeric { + public static func +(_ lhs: UInt128, _ rhs: UInt128) -> UInt128 { + precondition(~lhs >= rhs, "Addition overflow!") + let result = lhs.addingReportingOverflow(rhs) + return result.partialValue + } + public static func +=(_ lhs: inout UInt128, _ rhs: UInt128) { + lhs = lhs + rhs + } + public static func -(_ lhs: UInt128, _ rhs: UInt128) -> UInt128 { + precondition(lhs >= rhs, "Integer underflow") + let result = lhs.subtractingReportingOverflow(rhs) + return result.partialValue + } + public static func -=(_ lhs: inout UInt128, _ rhs: UInt128) { + lhs = lhs - rhs + } + public static func *(_ lhs: UInt128, _ rhs: UInt128) -> UInt128 { + let result = lhs.multipliedReportingOverflow(by: rhs) + precondition(!result.overflow, "Multiplication overflow!") + return result.partialValue + } + public static func *=(_ lhs: inout UInt128, _ rhs: UInt128) { + lhs = lhs * rhs + } +} + +// MARK: - Equatable Conformance + +extension UInt128 : Equatable { + /// Checks if the `lhs` is equal to the `rhs`. + public static func ==(lhs: UInt128, rhs: UInt128) -> Bool { + if lhs.value.lowerBits == rhs.value.lowerBits && lhs.value.upperBits == rhs.value.upperBits { + return true + } + return false + } +} + +// MARK: - ExpressibleByIntegerLiteral Conformance + +extension UInt128 : ExpressibleByIntegerLiteral { + public init(integerLiteral value: IntegerLiteralType) { + self.init(upperBits: 0, lowerBits: UInt64(value)) + } +} + +// MARK: - CustomStringConvertible Conformance + +extension UInt128 : CustomStringConvertible { + // MARK: Instance Properties + + public var description: String { + return self._valueToString() + } + + // MARK: Instance Methods + + /// Converts the stored value into a string representation. + /// - parameter radix: + /// The radix for the base numbering system you wish to have + /// the type presented in. + /// - parameter uppercase: + /// Determines whether letter components of the outputted string will be in + /// uppercase format or not. + /// - returns: + /// String representation of the stored UInt128 value. + internal func _valueToString(radix: Int = 10, uppercase: Bool = true) -> String { + precondition(radix > 1 && radix < 37, "radix must be within the range of 2-36.") + // Will store the final string result. + var result = String() + // Simple case. + if self == 0 { + result.append("0") + return result + } + // Used as the check for indexing through UInt128 for string interpolation. + var divmodResult = (quotient: self, remainder: UInt128(0)) + // Will hold the pool of possible values. + let characterPool = (uppercase) ? "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ" : "0123456789abcdefghijklmnopqrstuvwxyz" + // Go through internal value until every base position is string(ed). + repeat { + divmodResult = divmodResult.quotient.quotientAndRemainder(dividingBy: UInt128(radix)) + let index = characterPool.index(characterPool.startIndex, offsetBy: Int(divmodResult.remainder)) + result.insert(characterPool[index], at: result.startIndex) + } while divmodResult.quotient > 0 + return result + } +} + +// MARK: - CustomDebugStringConvertible Conformance + +extension UInt128 : CustomDebugStringConvertible { + public var debugDescription: String { + return self.description + } +} + +// MARK: - Comparable Conformance + +extension UInt128 : Comparable { + public static func <(lhs: UInt128, rhs: UInt128) -> Bool { + if lhs.value.upperBits < rhs.value.upperBits { + return true + } else if lhs.value.upperBits == rhs.value.upperBits && lhs.value.lowerBits < rhs.value.lowerBits { + return true + } + return false + } +} + +// MARK: - ExpressibleByStringLiteral Conformance + +extension UInt128 : ExpressibleByStringLiteral { + // MARK: Initializers + + public init(stringLiteral value: StringLiteralType) { + self.init() + + if let result = UInt128._valueFromString(value) { + self = result + } + } + + // MARK: Type Methods + + internal static func _valueFromString(_ value: String) -> UInt128? { + let radix = UInt128._determineRadixFromString(value) + let inputString = radix == 10 ? value : String(value.dropFirst(2)) + + return UInt128(inputString, radix: radix) + } + + internal static func _determineRadixFromString(_ string: String) -> Int { + let radix: Int + + if string.hasPrefix("0b") { radix = 2 } + else if string.hasPrefix("0o") { radix = 8 } + else if string.hasPrefix("0x") { radix = 16 } + else { radix = 10 } + + return radix + } +} + +// MARK: - Deprecated API + +extension UInt128 { + /// Initialize a UInt128 value from a string. + /// + /// - parameter source: the string that will be converted into a + /// UInt128 value. Defaults to being analyzed as a base10 number, + /// but can be prefixed with `0b` for base2, `0o` for base8 + /// or `0x` for base16. + @available(swift, deprecated: 3.2, renamed: "init(_:)") + public static func fromUnparsedString(_ source: String) throws -> UInt128 { + return try UInt128.init(source) + } +} + +// MARK: - BinaryFloatingPoint Interworking + +extension BinaryFloatingPoint { + public init(_ value: UInt128) { + precondition(value.value.upperBits == 0, "Value is too large to fit into a BinaryFloatingPoint until a 128bit BinaryFloatingPoint type is defined.") + self.init(value.value.lowerBits) + } + + public init?(exactly value: UInt128) { + if value.value.upperBits > 0 { + return nil + } + self = Self(value.value.lowerBits) + } +} + +// MARK: - String Interworking + +extension String { + /// Creates a string representing the given value in base 10, or some other + /// specified base. + /// + /// - Parameters: + /// - value: The UInt128 value to convert to a string. + /// - radix: The base to use for the string representation. `radix` must be + /// at least 2 and at most 36. The default is 10. + /// - uppercase: Pass `true` to use uppercase letters to represent numerals + /// or `false` to use lowercase letters. The default is `false`. + public init(_ value: UInt128, radix: Int = 10, uppercase: Bool = false) { + self = value._valueToString(radix: radix, uppercase: uppercase) + } +} diff --git a/GlassVPN/zhuhaow-Resolver/Resolver.swift b/GlassVPN/zhuhaow-Resolver/Resolver.swift new file mode 100644 index 0000000..edf23be --- /dev/null +++ b/GlassVPN/zhuhaow-Resolver/Resolver.swift @@ -0,0 +1,161 @@ +import Foundation +import dnssd + +private let dict = SafeDict() + +public enum ResolveType: DNSServiceProtocol { + case ipv4 = 1, ipv6 = 2, any = 3 +} + +public class Resolver { + public static var queue: DispatchQueue { + get { + return _queue + } + set { + _queue.setSpecific(key: queueKey, value: "") + _queue = newValue + _queue.setSpecific(key: queueKey, value: "ResolverQueue") + } + } + + fileprivate static let queueKey = DispatchSpecificKey() + private static var _queue = { + return DispatchQueue(label: "ResolverQueue") + }() + + public static var activeCount: Int { + return dict.count + } + + public let hostname: String + fileprivate let resolveType: ResolveType + fileprivate let firstResult: Bool + public var ipv4Result: [String] = [] + public var ipv6Result: [String] = [] + public var result: [String] { + return ipv4Result + ipv6Result + } + + var cancelled = false + + fileprivate var ref: DNSServiceRef? + fileprivate var id: UnsafeMutablePointer? + fileprivate var completionHandler: ((Resolver?, DNSServiceErrorType?)->())! + fileprivate let timeout: Int + fileprivate let timer = DispatchSource.makeTimerSource(queue: Resolver.queue) + + public static func resolve(hostname: String, qtype: ResolveType = .ipv4, firstResult: Bool = true, timeout: Int = 3, completionHanlder: @escaping (Resolver?, DNSServiceErrorType?)->()) -> Bool { + let resolver = Resolver(hostname: hostname, qtype: qtype, firstResult: firstResult, timeout: timeout) + resolver.completionHandler = completionHanlder + return resolver.resolve() + } + + fileprivate init(hostname: String, qtype: ResolveType, firstResult: Bool, timeout: Int) { + self.hostname = hostname + self.resolveType = qtype + self.firstResult = firstResult + self.timeout = timeout + } + + fileprivate func resolve() -> Bool { + guard ref == nil else { + return false + } + + var result: Bool = false + let action = DispatchWorkItem { + self.id = dict.insert(value: self) + + self.timer.schedule(deadline: DispatchTime.now() + DispatchTimeInterval.seconds(self.timeout)) + self.timer.setEventHandler(handler: self.timeoutHandler) + + result = self.hostname.withCString { (ptr: UnsafePointer) in + guard DNSServiceGetAddrInfo(&self.ref, 0, 0, self.resolveType.rawValue, self.hostname, { (sdRef, flags, interfaceIndex, errorCode, ptr, address, ttl, context) in + // Note this callback block will be called on `Resolver.queue`. + + guard let resolver = dict.get(context!.bindMemory(to: Int.self, capacity: 1)) else { + NSLog("Error: Got some unknown resolver.") + return + } + + guard !resolver.cancelled else { + return + } + + guard errorCode == DNSServiceErrorType(kDNSServiceErr_NoError) else { + resolver.release() + resolver.completionHandler(nil, errorCode) + return + } + + switch (Int32(address!.pointee.sa_family)) { + case AF_INET: + var buffer = [Int8](repeating: 0, count: Int(INET_ADDRSTRLEN)) + _ = buffer.withUnsafeMutableBufferPointer { buf in + address?.withMemoryRebound(to: sockaddr_in.self, capacity: 1) { addr in + var sin_addr = addr.pointee.sin_addr + inet_ntop(AF_INET, &sin_addr, buf.baseAddress, socklen_t(INET_ADDRSTRLEN)) + let addr = String(cString: buf.baseAddress!) + resolver.ipv4Result.append(addr) + } + } + case AF_INET6: + var buffer = [Int8](repeating: 0, count: Int(INET6_ADDRSTRLEN)) + _ = buffer.withUnsafeMutableBufferPointer { buf in + address?.withMemoryRebound(to: sockaddr_in6.self, capacity: 1) { addr in + var sin6_addr = addr.pointee.sin6_addr + inet_ntop(AF_INET6, &sin6_addr, buf.baseAddress, socklen_t(INET6_ADDRSTRLEN)) + let addr = String(cString: buf.baseAddress!) + resolver.ipv6Result.append(addr) + } + } + default: + break + } + + if (resolver.firstResult || flags & DNSServiceFlags(kDNSServiceFlagsMoreComing) == 0) { + resolver.release() + return resolver.completionHandler(resolver, nil) + } + }, self.id) == DNSServiceErrorType(kDNSServiceErr_NoError) else { + return false + } + + DNSServiceSetDispatchQueue(self.ref, Resolver.queue) + self.timer.resume() + return true + } + } + + if DispatchQueue.getSpecific(key: Resolver.queueKey) == "ResolverQueue" { + action.perform() + } else { + Resolver.queue.sync(execute: action) + } + + return result + } + + func timeoutHandler() { + if !cancelled { + release() + completionHandler(nil, DNSServiceErrorType(kDNSServiceErr_Timeout)) + } + } + + func release() { + cancelled = true + + timer.cancel() + + if ref != nil { + DNSServiceRefDeallocate(ref) + ref = nil + } + if id != nil { + _ = dict.remove(id!) + id = nil + } + } +} diff --git a/GlassVPN/zhuhaow-Resolver/SafeDict.swift b/GlassVPN/zhuhaow-Resolver/SafeDict.swift new file mode 100644 index 0000000..e934da0 --- /dev/null +++ b/GlassVPN/zhuhaow-Resolver/SafeDict.swift @@ -0,0 +1,40 @@ +import Foundation + + +/// This class is not thread-safe. +class SafeDict { + private var dict: [Int:T] = [:] + private var curr = 0 + + var count: Int { + return dict.count + } + + func insert(value: T) -> UnsafeMutablePointer { + let ptr = UnsafeMutablePointer.allocate(capacity: 1) + ptr.pointee = curr + dict[curr] = value + curr += 1 + return ptr + } + + func get(_ id: Int) -> T? { + return dict[id] + } + + func get(_ id: UnsafePointer) -> T? { + return get(id.pointee) + } + + func remove(_ id: Int) -> T? { + return dict.removeValue(forKey: id) + } + + func remove(_ id: UnsafeMutablePointer) -> T? { + defer { + id.deallocate() + } + return remove(id.pointee) + } + +} diff --git a/main/AppDelegate.swift b/main/AppDelegate.swift index 3c0e1da..a51e651 100644 --- a/main/AppDelegate.swift +++ b/main/AppDelegate.swift @@ -14,11 +14,7 @@ class AppDelegate: UIResponder, UIApplicationDelegate { UserDefaults.standard.set(false, forKey: "kill_db") SQLiteDatabase.destroyDatabase() } - do { - let db = try SQLiteDatabase.open() - try db.createTable(table: DNSQuery.self) - try db.createTable(table: DNSFilter.self) - } catch {} + try? SQLiteDatabase.open().initScheme() DBWrp.initContentOfDB() diff --git a/main/DB/SQDB.swift b/main/DB/SQDB.swift index 8168e78..8b317c1 100644 --- a/main/DB/SQDB.swift +++ b/main/DB/SQDB.swift @@ -158,10 +158,17 @@ private extension SQLiteDatabase { } } +extension SQLiteDatabase { + func initScheme() { + try? self.createTable(table: DNSQueryT.self) + try? self.createTable(table: DNSFilterT.self) + } +} -// MARK: - DNSQuery -struct DNSQuery: SQLTable { +// MARK: - DNSQueryT + +private struct DNSQueryT: SQLTable { let ts: Timestamp let domain: String let wasBlocked: Bool @@ -195,7 +202,7 @@ extension SQLiteDatabase { try? run(sql: "DROP TABLE IF EXISTS req;", bind: nil) { try ifStep($0, SQLITE_DONE) } - try? createTable(table: DNSQuery.self) + try? createTable(table: DNSQueryT.self) } /// Delete rows matching `ts >= ? AND "domain" OR "*.domain"` @@ -236,9 +243,9 @@ extension SQLiteDatabase { } -// MARK: - DNSFilter +// MARK: - DNSFilterT -struct DNSFilter: SQLTable { +private struct DNSFilterT: SQLTable { let domain: String let options: FilterOptions static var createStatement: String {