diff --git a/ios/MullvadREST/Relay/NoRelaysSatisfyingConstraintsError.swift b/ios/MullvadREST/Relay/NoRelaysSatisfyingConstraintsError.swift new file mode 100644 index 000000000000..9435929db687 --- /dev/null +++ b/ios/MullvadREST/Relay/NoRelaysSatisfyingConstraintsError.swift @@ -0,0 +1,15 @@ +// +// NoRelaysSatisfyingConstraintsError.swift +// MullvadREST +// +// Created by Mojgan on 2024-04-26. +// Copyright © 2024 Mullvad VPN AB. All rights reserved. +// + +import Foundation + +public struct NoRelaysSatisfyingConstraintsError: LocalizedError { + public var errorDescription: String? { + "No relays satisfying constraints." + } +} diff --git a/ios/MullvadREST/Relay/RelaySelector.swift b/ios/MullvadREST/Relay/RelaySelector.swift index 18dce0e83b35..6957b9c931ea 100644 --- a/ios/MullvadREST/Relay/RelaySelector.swift +++ b/ios/MullvadREST/Relay/RelaySelector.swift @@ -12,112 +12,178 @@ import MullvadTypes private let defaultPort: UInt16 = 53 public enum RelaySelector { - /** - Returns random shadowsocks TCP bridge, otherwise `nil` if there are no shadowdsocks bridges. - */ - public static func shadowsocksTCPBridge(from relays: REST.ServerRelaysResponse) -> REST.ServerShadowsocks? { - relays.bridge.shadowsocks.filter { $0.protocol == "tcp" }.randomElement() - } + public enum Shadowsocks { + /** + Returns random shadowsocks TCP bridge, otherwise `nil` if there are no shadowdsocks bridges. + */ + public static func tcpBridge(from relays: REST.ServerRelaysResponse) -> REST.ServerShadowsocks? { + relays.bridge.shadowsocks.filter { $0.protocol == "tcp" }.randomElement() + } - /// Return a random Shadowsocks bridge relay, or `nil` if no relay were found. - /// - /// Non `active` relays are filtered out. - /// - Parameter relays: The list of relays to randomly select from. - /// - Returns: A Shadowsocks relay or `nil` if no active relay were found. - public static func shadowsocksRelay(from relaysResponse: REST.ServerRelaysResponse) -> REST.BridgeRelay? { - relaysResponse.bridge.relays.filter { $0.active }.randomElement() - } + /// Return a random Shadowsocks bridge relay, or `nil` if no relay were found. + /// + /// Non `active` relays are filtered out. + /// - Parameter relays: The list of relays to randomly select from. + /// - Returns: A Shadowsocks relay or `nil` if no active relay were found. + public static func relay(from relaysResponse: REST.ServerRelaysResponse) -> REST.BridgeRelay? { + relaysResponse.bridge.relays.filter { $0.active }.randomElement() + } - /// Returns the closest Shadowsocks relay using the given `constraints`, or a random relay if `constraints` were - /// unsatisfiable. - /// - /// - Parameters: - /// - constraints: The user selected `constraints` - /// - relays: The list of relays to randomly select from. - /// - Returns: A Shadowsocks relay or `nil` if no active relay were found. - public static func closestShadowsocksRelayConstrained( - by constraints: RelayConstraints, - in relaysResponse: REST.ServerRelaysResponse - ) -> REST.BridgeRelay? { - let mappedBridges = mapRelays(relays: relaysResponse.bridge.relays, locations: relaysResponse.locations) - let filteredRelays = applyConstraints(constraints, relays: mappedBridges) - guard filteredRelays.isEmpty == false else { return shadowsocksRelay(from: relaysResponse) } - - // Compute the midpoint location from all the filtered relays - // Take *either* the first five relays, OR the relays below maximum bridge distance - // sort all of them by Haversine distance from the computed midpoint location - // then use the roulette selection to pick a bridge - - let midpointDistance = Midpoint.location(in: filteredRelays.map { $0.serverLocation.geoCoordinate }) - let maximumBridgeDistance = 1500.0 - let relaysWithDistance = filteredRelays.map { - RelayWithDistance( - relay: $0.relay, - distance: Haversine.distance( - midpointDistance.latitude, - midpointDistance.longitude, - $0.serverLocation.latitude, - $0.serverLocation.longitude - ) + /// Returns the closest Shadowsocks relay using the given `location`, or a random relay if `constraints` were + /// unsatisfiable. + /// + /// - Parameters: + /// - location: The user selected `location` + /// - port: The user selected port + /// - filter: The user filtered criteria + /// - relays: The list of relays to randomly select from. + /// - Returns: A Shadowsocks relay or `nil` if no active relay were found. + public static func closestRelay( + location: RelayConstraint, + port: RelayConstraint, + filter: RelayConstraint, + in relaysResponse: REST.ServerRelaysResponse + ) -> REST.BridgeRelay? { + let mappedBridges = mapRelays(relays: relaysResponse.bridge.relays, locations: relaysResponse.locations) + let filteredRelays = applyConstraints( + location, + portConstraint: port, + filterConstraint: filter, + relays: mappedBridges ) - }.sorted { - $0.distance < $1.distance - }.filter { - $0.distance <= maximumBridgeDistance - }.prefix(5) - - var greatestDistance = 0.0 - relaysWithDistance.forEach { - if $0.distance > greatestDistance { - greatestDistance = $0.distance + guard filteredRelays.isEmpty == false else { return relay(from: relaysResponse) } + + // Compute the midpoint location from all the filtered relays + // Take *either* the first five relays, OR the relays below maximum bridge distance + // sort all of them by Haversine distance from the computed midpoint location + // then use the roulette selection to pick a bridge + + let midpointDistance = Midpoint.location(in: filteredRelays.map { $0.serverLocation.geoCoordinate }) + let maximumBridgeDistance = 1500.0 + let relaysWithDistance = filteredRelays.map { + RelayWithDistance( + relay: $0.relay, + distance: Haversine.distance( + midpointDistance.latitude, + midpointDistance.longitude, + $0.serverLocation.latitude, + $0.serverLocation.longitude + ) + ) + }.sorted { + $0.distance < $1.distance + }.filter { + $0.distance <= maximumBridgeDistance + }.prefix(5) + + var greatestDistance = 0.0 + relaysWithDistance.forEach { + if $0.distance > greatestDistance { + greatestDistance = $0.distance + } } - } - let randomRelay = rouletteSelection(relays: Array(relaysWithDistance), weightFunction: { relay in - UInt64(1 + greatestDistance - relay.distance) - }) + let randomRelay = rouletteSelection(relays: Array(relaysWithDistance), weightFunction: { relay in + UInt64(1 + greatestDistance - relay.distance) + }) - return randomRelay?.relay ?? filteredRelays.randomElement()?.relay + return randomRelay?.relay ?? filteredRelays.randomElement()?.relay + } } - /** - Filters relay list using given constraints and selects random relay. - Throws an error if there are no relays satisfying the given constraints. - */ - public static func evaluate( - relays: REST.ServerRelaysResponse, - constraints: RelayConstraints, - numberOfFailedAttempts: UInt - ) throws -> RelaySelectorResult { - let mappedRelays = mapRelays(relays: relays.wireguard.relays, locations: relays.locations) - let filteredRelays = applyConstraints(constraints, relays: mappedRelays) - let port = applyConstraints( - constraints, - rawPortRanges: relays.wireguard.portRanges, - numberOfFailedAttempts: numberOfFailedAttempts - ) + public enum WireGuard { + /** + Filters relay list using given constraints and selects random relay for exit relay. + Throws an error if there are no relays satisfying the given constraints. + */ + public static func evaluateForSingleHop( + by constraints: RelayConstraints, + in relaysResponse: REST.ServerRelaysResponse, + numberOfFailedAttempts: UInt + ) throws -> RelaySelectorResult { + let exitCandidates = try findBestMatch( + relays: relaysResponse, + relayConstraint: constraints.exitLocations, + portConstraint: constraints.port, + filterConstraint: constraints.filter, + numberOfFailedAttempts: numberOfFailedAttempts + ) - guard let relayWithLocation = pickRandomRelayByWeight(relays: filteredRelays), let port else { - throw NoRelaysSatisfyingConstraintsError() + return exitCandidates } - let endpoint = MullvadEndpoint( - ipv4Relay: IPv4Endpoint( - ip: relayWithLocation.relay.ipv4AddrIn, - port: port - ), - ipv6Relay: nil, - ipv4Gateway: relays.wireguard.ipv4Gateway, - ipv6Gateway: relays.wireguard.ipv6Gateway, - publicKey: relayWithLocation.relay.publicKey - ) + /** + Filters relay list using given constraints and selects random relays for entry and exit relay. + Throws an error if there are no relays satisfying the given constraints. + */ + public static func evaluateForMultiHop( + by constraints: RelayConstraints, + in relaysResponse: REST.ServerRelaysResponse, + numberOfFailedAttempts: UInt + ) throws -> RelaySelectorResult { + let exitCandidates = try findBestMatch( + relays: relaysResponse, + relayConstraint: constraints.exitLocations, + portConstraint: constraints.port, + filterConstraint: constraints.filter, + numberOfFailedAttempts: numberOfFailedAttempts + ) - return RelaySelectorResult( - endpoint: endpoint, - relay: relayWithLocation.relay, - location: relayWithLocation.serverLocation - ) + return exitCandidates + + // + // TODO: Find the best match for the entry + // + } + + // MARK: - private functions + + private static func findBestMatch( + relays: REST.ServerRelaysResponse, + relayConstraint: RelayConstraint, + portConstraint: RelayConstraint, + filterConstraint: RelayConstraint, + numberOfFailedAttempts: UInt + ) throws -> RelaySelectorMatch { + let mappedRelays = mapRelays(relays: relays.wireguard.relays, locations: relays.locations) + let filteredRelays = applyConstraints( + relayConstraint, + portConstraint: portConstraint, + filterConstraint: filterConstraint, + relays: mappedRelays + ) + let port = applyPortConstraint( + portConstraint, + rawPortRanges: relays.wireguard.portRanges, + numberOfFailedAttempts: numberOfFailedAttempts + ) + + guard let relayWithLocation = pickRandomRelayByWeight(relays: filteredRelays), let port else { + throw NoRelaysSatisfyingConstraintsError() + } + + let endpoint = MullvadEndpoint( + ipv4Relay: IPv4Endpoint( + ip: relayWithLocation.relay.ipv4AddrIn, + port: port + ), + ipv6Relay: nil, + ipv4Gateway: relays.wireguard.ipv4Gateway, + ipv6Gateway: relays.wireguard.ipv6Gateway, + publicKey: relayWithLocation.relay.publicKey + ) + + return RelaySelectorMatch( + endpoint: endpoint, + relay: relayWithLocation.relay, + location: relayWithLocation.serverLocation + ) + } } +} + +extension RelaySelector { + // MARK: - public /// Determines whether a `REST.ServerRelay` satisfies the given relay filter. public static func relayMatchesFilter(_ relay: AnyRelay, filter: RelayFilter) -> Bool { @@ -135,83 +201,34 @@ public enum RelaySelector { } } - /// Produce a list of `RelayWithLocation` items satisfying the given constraints - static func applyConstraints( - _ constraints: RelayConstraints, - relays: [RelayWithLocation] - ) -> [RelayWithLocation] { - // Filter on active status, filter, and location. - let filteredRelays = relays.filter { relayWithLocation -> Bool in - guard relayWithLocation.relay.active else { - return false - } + // MARK: - private - switch constraints.filter { - case .any: - break - case let .only(filter): - if !relayMatchesFilter(relayWithLocation.relay, filter: filter) { - return false - } - } + private static func pickRandomRelayByWeight(relays: [RelayWithLocation]) + -> RelayWithLocation? { + rouletteSelection(relays: relays, weightFunction: { relayWithLocation in relayWithLocation.relay.weight }) + } - return switch constraints.locations { - case .any: - true - case let .only(relayConstraint): - // At least one location must match the relay under test. - relayConstraint.locations.contains { location in - relayWithLocation.matches(location: location) - } - } + private static func pickRandomPort(rawPortRanges: [[UInt16]]) -> UInt16? { + let portRanges = parseRawPortRanges(rawPortRanges) + let portAmount = portRanges.reduce(0) { partialResult, closedRange in + partialResult + closedRange.count } - // Filter on country inclusion. - let includeInCountryFilteredRelays = filteredRelays.filter { relayWithLocation in - return switch constraints.locations { - case .any: - true - case let .only(relayConstraint): - relayConstraint.locations.contains { location in - if case .country = location { - return relayWithLocation.relay.includeInCountry - } - return false - } - } + guard var portIndex = (0 ..< portAmount).randomElement() else { + return nil } - // If no relays should be included in the matched country, instead accept all. - if includeInCountryFilteredRelays.isEmpty { - return filteredRelays - } else { - return includeInCountryFilteredRelays + for range in portRanges { + if portIndex < range.count { + return UInt16(portIndex) + range.lowerBound + } else { + portIndex -= range.count + } } - } - - /// Produce a port that is either user provided or randomly selected, satisfying the given constraints. - private static func applyConstraints( - _ constraints: RelayConstraints, - rawPortRanges: [[UInt16]], - numberOfFailedAttempts: UInt - ) -> UInt16? { - switch constraints.port { - case let .only(port): - return port - - case .any: - // 1. First two attempts should pick a random port. - // 2. The next two should pick port 53. - // 3. Repeat steps 1 and 2. - let useDefaultPort = (numberOfFailedAttempts % 4 == 2) || (numberOfFailedAttempts % 4 == 3) - return useDefaultPort ? defaultPort : pickRandomPort(rawPortRanges: rawPortRanges) - } - } + assertionFailure("Port selection algorithm is broken!") - private static func pickRandomRelayByWeight(relays: [RelayWithLocation]) - -> RelayWithLocation? { - rouletteSelection(relays: relays, weightFunction: { relayWithLocation in relayWithLocation.relay.weight }) + return nil } private static func rouletteSelection(relays: [T], weightFunction: (T) -> UInt64) -> T? { @@ -241,44 +258,6 @@ public enum RelaySelector { return randomRelay } - private static func pickRandomPort(rawPortRanges: [[UInt16]]) -> UInt16? { - let portRanges = parseRawPortRanges(rawPortRanges) - let portAmount = portRanges.reduce(0) { partialResult, closedRange in - partialResult + closedRange.count - } - - guard var portIndex = (0 ..< portAmount).randomElement() else { - return nil - } - - for range in portRanges { - if portIndex < range.count { - return UInt16(portIndex) + range.lowerBound - } else { - portIndex -= range.count - } - } - - assertionFailure("Port selection algorithm is broken!") - - return nil - } - - private static func parseRawPortRanges(_ rawPortRanges: [[UInt16]]) -> [ClosedRange] { - rawPortRanges.compactMap { inputRange -> ClosedRange? in - guard inputRange.count == 2 else { return nil } - - let startPort = inputRange[0] - let endPort = inputRange[1] - - if startPort <= endPort { - return startPort ... endPort - } else { - return nil - } - } - } - private static func mapRelays( relays: [T], locations: [String: REST.ServerLocation] @@ -307,18 +286,97 @@ public enum RelaySelector { return RelayWithLocation(relay: relay, serverLocation: location) } -} -public struct NoRelaysSatisfyingConstraintsError: LocalizedError { - public var errorDescription: String? { - "No relays satisfying constraints." + private static func parseRawPortRanges(_ rawPortRanges: [[UInt16]]) -> [ClosedRange] { + rawPortRanges.compactMap { inputRange -> ClosedRange? in + guard inputRange.count == 2 else { return nil } + + let startPort = inputRange[0] + let endPort = inputRange[1] + + if startPort <= endPort { + return startPort ... endPort + } else { + return nil + } + } } -} -public struct RelaySelectorResult: Codable, Equatable { - public var endpoint: MullvadEndpoint - public var relay: REST.ServerRelay - public var location: Location + /// Produce a list of `RelayWithLocation` items satisfying the given constraints + static func applyConstraints( + _ relayConstraint: RelayConstraint, + portConstraint: RelayConstraint, + filterConstraint: RelayConstraint, + relays: [RelayWithLocation] + ) -> [RelayWithLocation] { + // Filter on active status, filter, and location. + let filteredRelays = relays.filter { relayWithLocation -> Bool in + guard relayWithLocation.relay.active else { + return false + } + + switch filterConstraint { + case .any: + break + case let .only(filter): + if !relayMatchesFilter(relayWithLocation.relay, filter: filter) { + return false + } + } + + return switch relayConstraint { + case .any: + true + case let .only(relayConstraint): + // At least one location must match the relay under test. + relayConstraint.locations.contains { location in + relayWithLocation.matches(location: location) + } + } + } + + // Filter on country inclusion. + let includeInCountryFilteredRelays = filteredRelays.filter { relayWithLocation in + return switch relayConstraint { + case .any: + true + case let .only(relayConstraint): + relayConstraint.locations.contains { location in + if case .country = location { + return relayWithLocation.relay.includeInCountry + } + return false + } + } + } + + // If no relays should be included in the matched country, instead accept all. + if includeInCountryFilteredRelays.isEmpty { + return filteredRelays + } else { + return includeInCountryFilteredRelays + } + } + + /// Produce a port that is either user provided or randomly selected, satisfying the given constraints. + private static func applyPortConstraint( + _ portConstraint: RelayConstraint, + rawPortRanges: [[UInt16]], + numberOfFailedAttempts: UInt + ) -> UInt16? { + switch portConstraint { + case let .only(port): + return port + + case .any: + // 1. First two attempts should pick a random port. + // 2. The next two should pick port 53. + // 3. Repeat steps 1 and 2. + let useDefaultPort = (numberOfFailedAttempts % 4 == 2) || (numberOfFailedAttempts % 4 == 3) + + return useDefaultPort ? defaultPort : pickRandomPort(rawPortRanges: rawPortRanges) + } + } } struct RelayWithLocation { @@ -342,7 +400,9 @@ struct RelayWithLocation { } } -private struct RelayWithDistance { +struct RelayWithDistance { let relay: T let distance: Double } + +// swiftlint:disable:this file_length diff --git a/ios/MullvadREST/Relay/RelaySelectorResult.swift b/ios/MullvadREST/Relay/RelaySelectorResult.swift new file mode 100644 index 000000000000..3e9ffa4bb013 --- /dev/null +++ b/ios/MullvadREST/Relay/RelaySelectorResult.swift @@ -0,0 +1,18 @@ +// +// RelaySelectorResult.swift +// MullvadREST +// +// Created by Mojgan on 2024-05-14. +// Copyright © 2024 Mullvad VPN AB. All rights reserved. +// + +import Foundation +import MullvadTypes + +public typealias RelaySelectorResult = RelaySelectorMatch + +public struct RelaySelectorMatch: Codable, Equatable { + public var endpoint: MullvadEndpoint + public var relay: REST.ServerRelay + public var location: Location +} diff --git a/ios/MullvadREST/Transport/Shadowsocks/ShadowsocksLoader.swift b/ios/MullvadREST/Transport/Shadowsocks/ShadowsocksLoader.swift index 839e3b524fa5..1d4a350a4b3f 100644 --- a/ios/MullvadREST/Transport/Shadowsocks/ShadowsocksLoader.swift +++ b/ios/MullvadREST/Transport/Shadowsocks/ShadowsocksLoader.swift @@ -7,6 +7,7 @@ // import Foundation +import MullvadSettings import MullvadTypes public protocol ShadowsocksLoaderProtocol { @@ -19,6 +20,11 @@ public class ShadowsocksLoader: ShadowsocksLoaderProtocol { private let relayCache: RelayCacheProtocol private var relayConstraints = RelayConstraints() private let constraintsUpdater: RelayConstraintsUpdater + private let tunnelSettings: LatestTunnelSettings? = try? SettingsManager.readSettings() + + private var location: RelayConstraint { + tunnelSettings?.tunnelMultihopState == .on ? relayConstraints.entryLocations : relayConstraints.exitLocations + } public init( shadowsocksCache: ShadowsocksConfigurationCache, @@ -55,12 +61,15 @@ public class ShadowsocksLoader: ShadowsocksLoaderProtocol { /// Returns a randomly selected shadowsocks configuration. private func create() throws -> ShadowsocksConfiguration { let cachedRelays = try relayCache.read() - let bridgeConfiguration = RelaySelector.shadowsocksTCPBridge(from: cachedRelays.relays) - let closestRelay = RelaySelector.closestShadowsocksRelayConstrained( - by: relayConstraints, + let bridgeConfiguration = RelaySelector.Shadowsocks.tcpBridge(from: cachedRelays.relays) + + // TODO: pick entry if multi hop is enabled otherwise pick exit entry + let closestRelay = RelaySelector.Shadowsocks.closestRelay( + location: location, + port: relayConstraints.port, + filter: relayConstraints.filter, in: cachedRelays.relays ) - guard let bridgeAddress = closestRelay?.ipv4AddrIn, let bridgeConfiguration else { throw POSIXError(.ENOENT) } return ShadowsocksConfiguration( diff --git a/ios/MullvadSettings/MultihopSettings.swift b/ios/MullvadSettings/MultihopSettings.swift new file mode 100644 index 000000000000..b935f8f7c1e1 --- /dev/null +++ b/ios/MullvadSettings/MultihopSettings.swift @@ -0,0 +1,15 @@ +// +// MultihopSettings.swift +// MullvadSettings +// +// Created by Mojgan on 2024-04-26. +// Copyright © 2024 Mullvad VPN AB. All rights reserved. +// + +import Foundation + +/// Whether Multi-hop is enabled +public enum MultihopState: Codable { + case on + case off +} diff --git a/ios/MullvadSettings/TunnelSettings.swift b/ios/MullvadSettings/TunnelSettings.swift index b8a276cb7cbc..853e3dc70ee3 100644 --- a/ios/MullvadSettings/TunnelSettings.swift +++ b/ios/MullvadSettings/TunnelSettings.swift @@ -9,7 +9,7 @@ import Foundation /// Alias to the latest version of the `TunnelSettings`. -public typealias LatestTunnelSettings = TunnelSettingsV4 +public typealias LatestTunnelSettings = TunnelSettingsV5 /// Protocol all TunnelSettings must adhere to, for upgrade purposes. public protocol TunnelSettings: Codable { @@ -27,14 +27,19 @@ public enum SchemaVersion: Int, Equatable { /// V2 format with WireGuard obfuscation options, stored as `TunnelSettingsV3`. case v3 = 3 + /// V3 format with post quantum options, stored as `TunnelSettingsV4`. case v4 = 4 + /// V4 format with multi-hop options, stored as `TunnelSettingsV5`. + case v5 = 5 + var settingsType: any TunnelSettings.Type { switch self { case .v1: return TunnelSettingsV1.self case .v2: return TunnelSettingsV2.self case .v3: return TunnelSettingsV3.self case .v4: return TunnelSettingsV4.self + case .v5: return TunnelSettingsV5.self } } @@ -43,10 +48,11 @@ public enum SchemaVersion: Int, Equatable { case .v1: return .v2 case .v2: return .v3 case .v3: return .v4 - case .v4: return .v4 + case .v4: return .v5 + case .v5: return .v5 } } /// Current schema version. - public static let current = SchemaVersion.v4 + public static let current = SchemaVersion.v5 } diff --git a/ios/MullvadSettings/TunnelSettingsUpdate.swift b/ios/MullvadSettings/TunnelSettingsUpdate.swift index c915e5dc7f5f..92349a38ed79 100644 --- a/ios/MullvadSettings/TunnelSettingsUpdate.swift +++ b/ios/MullvadSettings/TunnelSettingsUpdate.swift @@ -14,6 +14,7 @@ public enum TunnelSettingsUpdate { case obfuscation(WireGuardObfuscationSettings) case relayConstraints(RelayConstraints) case quantumResistance(TunnelQuantumResistance) + case multihop(MultihopState) } extension TunnelSettingsUpdate { @@ -27,6 +28,8 @@ extension TunnelSettingsUpdate { settings.relayConstraints = newRelayConstraints case let .quantumResistance(newQuantumResistance): settings.tunnelQuantumResistance = newQuantumResistance + case let .multihop(newState): + settings.tunnelMultihopState = newState } } @@ -36,6 +39,7 @@ extension TunnelSettingsUpdate { case .obfuscation: "obfuscation settings" case .relayConstraints: "relay constraints" case .quantumResistance: "quantum resistance" + case .multihop: "Multihop" } } } diff --git a/ios/MullvadSettings/TunnelSettingsV4.swift b/ios/MullvadSettings/TunnelSettingsV4.swift index 0d938bc27974..9b75a7ebf37e 100644 --- a/ios/MullvadSettings/TunnelSettingsV4.swift +++ b/ios/MullvadSettings/TunnelSettingsV4.swift @@ -35,6 +35,12 @@ public struct TunnelSettingsV4: Codable, Equatable, TunnelSettings { } public func upgradeToNextVersion() -> any TunnelSettings { - self + TunnelSettingsV5( + relayConstraints: relayConstraints, + dnsSettings: dnsSettings, + wireGuardObfuscation: wireGuardObfuscation, + tunnelQuantumResistance: tunnelQuantumResistance, + tunnelMultihopState: .off + ) } } diff --git a/ios/MullvadSettings/TunnelSettingsV5.swift b/ios/MullvadSettings/TunnelSettingsV5.swift new file mode 100644 index 000000000000..e8035d0b6629 --- /dev/null +++ b/ios/MullvadSettings/TunnelSettingsV5.swift @@ -0,0 +1,46 @@ +// +// TunnelSettingsV5.swift +// MullvadSettings +// +// Created by Mojgan on 2024-05-13. +// Copyright © 2024 Mullvad VPN AB. All rights reserved. +// + +import Foundation +import MullvadTypes + +public struct TunnelSettingsV5: Codable, Equatable, TunnelSettings { + /// Relay constraints. + public var relayConstraints: RelayConstraints + + /// DNS settings. + public var dnsSettings: DNSSettings + + /// WireGuard obfuscation settings + public var wireGuardObfuscation: WireGuardObfuscationSettings + + /// Whether Post Quantum exchanges are enabled. + public var tunnelQuantumResistance: TunnelQuantumResistance + + /// Whether Multi-hop is enabled. + public var tunnelMultihopState: MultihopState + + public init( + relayConstraints: RelayConstraints = RelayConstraints(), + dnsSettings: DNSSettings = DNSSettings(), + wireGuardObfuscation: WireGuardObfuscationSettings = WireGuardObfuscationSettings(), + tunnelQuantumResistance: TunnelQuantumResistance = .automatic, + tunnelMultihopState: MultihopState = .off + + ) { + self.relayConstraints = relayConstraints + self.dnsSettings = dnsSettings + self.wireGuardObfuscation = wireGuardObfuscation + self.tunnelQuantumResistance = tunnelQuantumResistance + self.tunnelMultihopState = tunnelMultihopState + } + + public func upgradeToNextVersion() -> any TunnelSettings { + self + } +} diff --git a/ios/MullvadTypes/RelayConstraints.swift b/ios/MullvadTypes/RelayConstraints.swift index 21444a26586f..466511ae8bc3 100644 --- a/ios/MullvadTypes/RelayConstraints.swift +++ b/ios/MullvadTypes/RelayConstraints.swift @@ -20,28 +20,31 @@ public class RelayConstraintsUpdater: ConstraintsPropagation { } } -public struct RelayConstraints: Codable, Equatable, CustomDebugStringConvertible { +public struct RelayConstraints: Codable, Equatable { @available(*, deprecated, renamed: "locations") private var location: RelayConstraint = .only(.country("se")) - // Added in 2023.3 - public var port: RelayConstraint - public var filter: RelayConstraint - // Added in 2024.1 // Changed from RelayLocations to UserSelectedRelays in 2024.3 - public var locations: RelayConstraint + @available(*, deprecated, renamed: "exitLocations") + private var locations: RelayConstraint = .only(UserSelectedRelays(locations: [.country("se")])) - public var debugDescription: String { - "RelayConstraints { locations: \(locations), port: \(port), filter: \(filter) }" - } + // Added in 2024.5 to support multi-hop + public var entryLocations: RelayConstraint + public var exitLocations: RelayConstraint + + // Added in 2023.3 + public var port: RelayConstraint + public var filter: RelayConstraint public init( - locations: RelayConstraint = .only(UserSelectedRelays(locations: [.country("se")])), + entryLocations: RelayConstraint = .only(UserSelectedRelays(locations: [.country("se")])), + exitLocations: RelayConstraint = .only(UserSelectedRelays(locations: [.country("se")])), port: RelayConstraint = .any, filter: RelayConstraint = .any ) { - self.locations = locations + self.entryLocations = entryLocations + self.exitLocations = exitLocations self.port = port self.filter = filter } @@ -53,9 +56,19 @@ public struct RelayConstraints: Codable, Equatable, CustomDebugStringConvertible port = try container.decodeIfPresent(RelayConstraint.self, forKey: .port) ?? .any filter = try container.decodeIfPresent(RelayConstraint.self, forKey: .filter) ?? .any - // Added in 2024.1 - locations = try container.decodeIfPresent(RelayConstraint.self, forKey: .locations) - ?? Self.migrateRelayLocation(decoder: decoder) + // Added in 2024.5 + entryLocations = try container.decodeIfPresent( + RelayConstraint.self, + forKey: .entryLocations + ) ?? .only(UserSelectedRelays(locations: [.country("se")])) + + exitLocations = try container + .decodeIfPresent(RelayConstraint.self, forKey: .exitLocations) ?? + container.decodeIfPresent( + RelayConstraint.self, + forKey: .locations + ) ?? + Self.migrateRelayLocation(decoder: decoder) ?? .only(UserSelectedRelays(locations: [.country("se")])) } } diff --git a/ios/MullvadVPN.xcodeproj/project.pbxproj b/ios/MullvadVPN.xcodeproj/project.pbxproj index 776943004beb..8806f38c6cf0 100644 --- a/ios/MullvadVPN.xcodeproj/project.pbxproj +++ b/ios/MullvadVPN.xcodeproj/project.pbxproj @@ -913,6 +913,8 @@ F0DDE42B2B220A15006B57A7 /* RelaySelector.swift in Sources */ = {isa = PBXBuildFile; fileRef = F0DDE4282B220A15006B57A7 /* RelaySelector.swift */; }; F0DDE42C2B220A15006B57A7 /* Midpoint.swift in Sources */ = {isa = PBXBuildFile; fileRef = F0DDE4292B220A15006B57A7 /* Midpoint.swift */; }; F0E3618B2A4ADD2F00AEEF2B /* WelcomeContentView.swift in Sources */ = {isa = PBXBuildFile; fileRef = F0E3618A2A4ADD2F00AEEF2B /* WelcomeContentView.swift */; }; + F0E61CAA2BF2911D000C4A95 /* TunnelSettingsV5.swift in Sources */ = {isa = PBXBuildFile; fileRef = F0E61CA82BF2911D000C4A95 /* TunnelSettingsV5.swift */; }; + F0E61CAB2BF2911D000C4A95 /* MultihopSettings.swift in Sources */ = {isa = PBXBuildFile; fileRef = F0E61CA92BF2911D000C4A95 /* MultihopSettings.swift */; }; F0E8CC032A4C753B007ED3B4 /* WelcomeViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = F0E8CC022A4C753B007ED3B4 /* WelcomeViewController.swift */; }; F0E8CC0A2A4EE127007ED3B4 /* SetupAccountCompletedContentView.swift in Sources */ = {isa = PBXBuildFile; fileRef = F0E8CC092A4EE127007ED3B4 /* SetupAccountCompletedContentView.swift */; }; F0E8CC0C2A4EE672007ED3B4 /* SetupAccountCompletedController.swift in Sources */ = {isa = PBXBuildFile; fileRef = F0E8CC0B2A4EE672007ED3B4 /* SetupAccountCompletedController.swift */; }; @@ -923,6 +925,8 @@ F0E8E4C92A604E7400ED26A3 /* AccountDeletionInteractor.swift in Sources */ = {isa = PBXBuildFile; fileRef = F0E8E4C82A604E7400ED26A3 /* AccountDeletionInteractor.swift */; }; F0EF50D32A8FA47E0031E8DF /* ChangeLogInteractor.swift in Sources */ = {isa = PBXBuildFile; fileRef = F0EF50D22A8FA47E0031E8DF /* ChangeLogInteractor.swift */; }; F0EF50D52A949F8E0031E8DF /* ChangeLogViewModel.swift in Sources */ = {isa = PBXBuildFile; fileRef = F0EF50D42A949F8E0031E8DF /* ChangeLogViewModel.swift */; }; + F0F316192BF3572B0078DBCF /* RelaySelectorResult.swift in Sources */ = {isa = PBXBuildFile; fileRef = F0F316182BF3572B0078DBCF /* RelaySelectorResult.swift */; }; + F0F3161B2BF358590078DBCF /* NoRelaysSatisfyingConstraintsError.swift in Sources */ = {isa = PBXBuildFile; fileRef = F0F3161A2BF358590078DBCF /* NoRelaysSatisfyingConstraintsError.swift */; }; F0FADDEA2BE90AAA000D0B02 /* LaunchArguments.swift in Sources */ = {isa = PBXBuildFile; fileRef = F0F1EF8C2BE8FF0A00CED01D /* LaunchArguments.swift */; }; F0FADDEB2BE90AAE000D0B02 /* LaunchArguments.swift in Sources */ = {isa = PBXBuildFile; fileRef = F0F1EF8C2BE8FF0A00CED01D /* LaunchArguments.swift */; }; F0FADDEC2BE90AB0000D0B02 /* LaunchArguments.swift in Sources */ = {isa = PBXBuildFile; fileRef = F0F1EF8C2BE8FF0A00CED01D /* LaunchArguments.swift */; }; @@ -2097,6 +2101,8 @@ F0DDE4282B220A15006B57A7 /* RelaySelector.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = RelaySelector.swift; sourceTree = ""; }; F0DDE4292B220A15006B57A7 /* Midpoint.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = Midpoint.swift; sourceTree = ""; }; F0E3618A2A4ADD2F00AEEF2B /* WelcomeContentView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = WelcomeContentView.swift; sourceTree = ""; }; + F0E61CA82BF2911D000C4A95 /* TunnelSettingsV5.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = TunnelSettingsV5.swift; sourceTree = ""; }; + F0E61CA92BF2911D000C4A95 /* MultihopSettings.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = MultihopSettings.swift; sourceTree = ""; }; F0E8CC022A4C753B007ED3B4 /* WelcomeViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = WelcomeViewController.swift; sourceTree = ""; }; F0E8CC092A4EE127007ED3B4 /* SetupAccountCompletedContentView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SetupAccountCompletedContentView.swift; sourceTree = ""; }; F0E8CC0B2A4EE672007ED3B4 /* SetupAccountCompletedController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SetupAccountCompletedController.swift; sourceTree = ""; }; @@ -2108,6 +2114,8 @@ F0EF50D22A8FA47E0031E8DF /* ChangeLogInteractor.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ChangeLogInteractor.swift; sourceTree = ""; }; F0EF50D42A949F8E0031E8DF /* ChangeLogViewModel.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ChangeLogViewModel.swift; sourceTree = ""; }; F0F1EF8C2BE8FF0A00CED01D /* LaunchArguments.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = LaunchArguments.swift; sourceTree = ""; }; + F0F316182BF3572B0078DBCF /* RelaySelectorResult.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = RelaySelectorResult.swift; sourceTree = ""; }; + F0F3161A2BF358590078DBCF /* NoRelaysSatisfyingConstraintsError.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = NoRelaysSatisfyingConstraintsError.swift; sourceTree = ""; }; /* End PBXFileReference section */ /* Begin PBXFrameworksBuildPhase section */ @@ -2582,13 +2590,13 @@ 5820676326E771DB00655B05 /* TunnelManagerErrors.swift */, 5823FA5326CE49F600283BF8 /* TunnelObserver.swift */, 58B93A1226C3F13600A55733 /* TunnelState.swift */, + A9E0317D2ACC32920095D843 /* TunnelStatusBlockObserver.swift */, 5803B4B12940A48700C23744 /* TunnelStore.swift */, + A9E031762ACB08950095D843 /* UIApplication+Extensions.swift */, 5842102F282D8A3C00F24E46 /* UpdateAccountDataOperation.swift */, 58421031282E42B000F24E46 /* UpdateDeviceDataOperation.swift */, A9F360332AAB626300F53531 /* VPNConnectionProtocol.swift */, 581DA2742A1E283E0046ED47 /* WgKeyRotation.swift */, - A9E031762ACB08950095D843 /* UIApplication+Extensions.swift */, - A9E0317D2ACC32920095D843 /* TunnelStatusBlockObserver.swift */, ); path = TunnelManager; sourceTree = ""; @@ -3231,6 +3239,7 @@ 068CE5732927B7A400A068BB /* Migration.swift */, A9D96B192A8247C100A5C673 /* MigrationManager.swift */, 58B2FDD52AA71D2A003EB5C6 /* MullvadSettings.h */, + F0E61CA92BF2911D000C4A95 /* MultihopSettings.swift */, 586C0D962B04E0AC00E7CDD7 /* PersistentAccessMethod.swift */, 44DD7D2C2B74E44A0005F67F /* QuantumResistanceSettings.swift */, 58FF2C02281BDE02009EF542 /* SettingsManager.swift */, @@ -3241,11 +3250,12 @@ A92ECC272A7802AB0052F1B1 /* StoredDeviceData.swift */, A97D30162AE6B5E90045C0E4 /* StoredWgKeyData.swift */, A92ECC202A77FFAF0052F1B1 /* TunnelSettings.swift */, + 449872E02B7BBC5400094DDC /* TunnelSettingsUpdate.swift */, 587AD7C523421D7000E93A53 /* TunnelSettingsV1.swift */, 580F8B8228197881002E0998 /* TunnelSettingsV2.swift */, A988DF282ADE880300D807EF /* TunnelSettingsV3.swift */, A93181A02B727ED700E341D2 /* TunnelSettingsV4.swift */, - 449872E02B7BBC5400094DDC /* TunnelSettingsUpdate.swift */, + F0E61CA82BF2911D000C4A95 /* TunnelSettingsV5.swift */, A988DF252ADE86ED00D807EF /* WireGuardObfuscationSettings.swift */, ); path = MullvadSettings; @@ -4003,8 +4013,10 @@ F0DDE4272B220A15006B57A7 /* Haversine.swift */, 7A516C392B7111A700BBD33D /* IPOverrideWrapper.swift */, F0DDE4292B220A15006B57A7 /* Midpoint.swift */, + F0F3161A2BF358590078DBCF /* NoRelaysSatisfyingConstraintsError.swift */, 5820675A26E6576800655B05 /* RelayCache.swift */, F0DDE4282B220A15006B57A7 /* RelaySelector.swift */, + F0F316182BF3572B0078DBCF /* RelaySelectorResult.swift */, ); path = Relay; sourceTree = ""; @@ -5023,6 +5035,7 @@ buildActionMask = 2147483647; files = ( F05F39982B21C73C006E60A7 /* CachedRelays.swift in Sources */, + F0F316192BF3572B0078DBCF /* RelaySelectorResult.swift in Sources */, F05F39972B21C735006E60A7 /* RelayCache.swift in Sources */, A932D9EF2B5ADD0700999395 /* ProxyConfigurationTransportProvider.swift in Sources */, 06799AE728F98E4800ACD94E /* RESTURLSession.swift in Sources */, @@ -5073,6 +5086,7 @@ F0164ED12B4F2DCB0020268D /* AccessMethodIterator.swift in Sources */, A9D99B9A2A1F7C3200DE27D3 /* RESTTransport.swift in Sources */, A90763BB2B2857D50045ADF0 /* Socks5AddressType.swift in Sources */, + F0F3161B2BF358590078DBCF /* NoRelaysSatisfyingConstraintsError.swift in Sources */, 06799AE028F98E4800ACD94E /* RESTCoding.swift in Sources */, A90763B72B2857D50045ADF0 /* Socks5DataStreamHandler.swift in Sources */, A90763B22B2857D50045ADF0 /* Socks5EndpointReader.swift in Sources */, @@ -5275,6 +5289,7 @@ buildActionMask = 2147483647; files = ( F050AE582B7376C6003F4EDB /* CustomListRepository.swift in Sources */, + F0E61CAA2BF2911D000C4A95 /* TunnelSettingsV5.swift in Sources */, 7A5869BD2B56EF7300640D27 /* IPOverride.swift in Sources */, 58B2FDEE2AA72098003EB5C6 /* ApplicationConfiguration.swift in Sources */, F050AE572B7376C6003F4EDB /* CustomListRepositoryProtocol.swift in Sources */, @@ -5305,6 +5320,7 @@ 58B2FDE22AA71D5C003EB5C6 /* StoredAccountData.swift in Sources */, F0D7FF902B31E00B00E0FDE5 /* AccessMethodKind.swift in Sources */, 7A5869BC2B56EF3400640D27 /* IPOverrideRepository.swift in Sources */, + F0E61CAB2BF2911D000C4A95 /* MultihopSettings.swift in Sources */, 58B2FDE82AA71D5C003EB5C6 /* KeychainSettingsStore.swift in Sources */, ); runOnlyForDeploymentPostprocessing = 0; diff --git a/ios/MullvadVPN/Coordinators/CustomLists/ListCustomListCoordinator.swift b/ios/MullvadVPN/Coordinators/CustomLists/ListCustomListCoordinator.swift index 713458e5b540..ff69c6288788 100644 --- a/ios/MullvadVPN/Coordinators/CustomLists/ListCustomListCoordinator.swift +++ b/ios/MullvadVPN/Coordinators/CustomLists/ListCustomListCoordinator.swift @@ -78,29 +78,30 @@ class ListCustomListCoordinator: Coordinator, Presentable, Presenting { private func updateRelayConstraints(for action: EditCustomListCoordinator.FinishAction, in list: CustomList) { var relayConstraints = tunnelManager.settings.relayConstraints - guard let customListSelection = relayConstraints.locations.value?.customListSelection, + guard let customListSelection = relayConstraints.exitLocations.value?.customListSelection, customListSelection.listId == list.id else { return } switch action { case .save: + // TODO: - Add entry locations if customListSelection.isList { let selectedRelays = UserSelectedRelays( locations: list.locations, customListSelection: UserSelectedRelays.CustomListSelection(listId: list.id, isList: true) ) - relayConstraints.locations = .only(selectedRelays) + relayConstraints.exitLocations = .only(selectedRelays) } else { let selectedConstraintIsRemovedFromList = list.locations.filter { - relayConstraints.locations.value?.locations.contains($0) ?? false + relayConstraints.exitLocations.value?.locations.contains($0) ?? false }.isEmpty if selectedConstraintIsRemovedFromList { - relayConstraints.locations = .only(UserSelectedRelays(locations: [])) + relayConstraints.exitLocations = .only(UserSelectedRelays(locations: [])) } } case .delete: - relayConstraints.locations = .only(UserSelectedRelays(locations: [])) + relayConstraints.exitLocations = .only(UserSelectedRelays(locations: [])) } tunnelManager.updateSettings([.relayConstraints(relayConstraints)]) { [weak self] in diff --git a/ios/MullvadVPN/Coordinators/LocationCoordinator.swift b/ios/MullvadVPN/Coordinators/LocationCoordinator.swift index 58e828ef1289..38b9ced8cd22 100644 --- a/ios/MullvadVPN/Coordinators/LocationCoordinator.swift +++ b/ios/MullvadVPN/Coordinators/LocationCoordinator.swift @@ -54,9 +54,10 @@ class LocationCoordinator: Coordinator, Presentable, Presenting { } func start() { + // TODO: - the location should be defined whether it's Entry or Exit location let locationViewControllerWrapper = LocationViewControllerWrapper( customListRepository: customListRepository, - selectedRelays: tunnelManager.settings.relayConstraints.locations.value + selectedRelays: tunnelManager.settings.relayConstraints.exitLocations.value ) locationViewControllerWrapper.delegate = self @@ -156,7 +157,7 @@ extension LocationCoordinator: RelayCacheTrackerObserver { extension LocationCoordinator: LocationViewControllerWrapperDelegate { func didSelectRelays(relays: UserSelectedRelays) { var relayConstraints = tunnelManager.settings.relayConstraints - relayConstraints.locations = .only(relays) + relayConstraints.exitLocations = .only(relays) tunnelManager.updateSettings([.relayConstraints(relayConstraints)]) { self.tunnelManager.startTunnel() diff --git a/ios/MullvadVPN/SimulatorTunnelProvider/SimulatorTunnelProviderHost.swift b/ios/MullvadVPN/SimulatorTunnelProvider/SimulatorTunnelProviderHost.swift index e7bf690f872d..0d84e0984dcf 100644 --- a/ios/MullvadVPN/SimulatorTunnelProvider/SimulatorTunnelProviderHost.swift +++ b/ios/MullvadVPN/SimulatorTunnelProvider/SimulatorTunnelProviderHost.swift @@ -159,9 +159,9 @@ final class SimulatorTunnelProviderHost: SimulatorTunnelProviderDelegate { private func pickRelay() throws -> SelectedRelay { let cachedRelays = try relayCacheTracker.getCachedRelays() let tunnelSettings = try SettingsManager.readSettings() - let selectorResult = try RelaySelector.evaluate( - relays: cachedRelays.relays, - constraints: tunnelSettings.relayConstraints, + let selectorResult = try RelaySelector.WireGuard.evaluateForSingleHop( + by: tunnelSettings.relayConstraints, + in: cachedRelays.relays, numberOfFailedAttempts: 0 ) return SelectedRelay( diff --git a/ios/MullvadVPN/TunnelManager/TunnelManager.swift b/ios/MullvadVPN/TunnelManager/TunnelManager.swift index 8f3b69112cea..69faaf1ad194 100644 --- a/ios/MullvadVPN/TunnelManager/TunnelManager.swift +++ b/ios/MullvadVPN/TunnelManager/TunnelManager.swift @@ -787,9 +787,9 @@ final class TunnelManager: StorePaymentObserver { fileprivate func selectRelay() throws -> SelectedRelay { let cachedRelays = try relayCacheTracker.getCachedRelays() let retryAttempts = tunnelStatus.observedState.connectionState?.connectionAttemptCount ?? 0 - let selectorResult = try RelaySelector.evaluate( - relays: cachedRelays.relays, - constraints: settings.relayConstraints, + let selectorResult = try RelaySelector.WireGuard.evaluateForSingleHop( + by: settings.relayConstraints, + in: cachedRelays.relays, numberOfFailedAttempts: retryAttempts ) diff --git a/ios/MullvadVPNTests/MullvadREST/Relay/RelaySelectorTests.swift b/ios/MullvadVPNTests/MullvadREST/Relay/RelaySelectorTests.swift index 68f48c011289..2e88ea0327e0 100644 --- a/ios/MullvadVPNTests/MullvadREST/Relay/RelaySelectorTests.swift +++ b/ios/MullvadVPNTests/MullvadREST/Relay/RelaySelectorTests.swift @@ -17,14 +17,16 @@ private let defaultPort: UInt16 = 53 class RelaySelectorTests: XCTestCase { let sampleRelays = ServerRelaysResponseStubs.sampleRelays + // MARK: - single-Hop tests + func testCountryConstraint() throws { let constraints = RelayConstraints( - locations: .only(UserSelectedRelays(locations: [.country("es")])) + exitLocations: .only(UserSelectedRelays(locations: [.country("es")])) ) - let result = try RelaySelector.evaluate( - relays: sampleRelays, - constraints: constraints, + let result = try RelaySelector.WireGuard.evaluateForSingleHop( + by: constraints, + in: sampleRelays, numberOfFailedAttempts: 0 ) @@ -33,26 +35,25 @@ class RelaySelectorTests: XCTestCase { func testCityConstraint() throws { let constraints = RelayConstraints( - locations: .only(UserSelectedRelays(locations: [.city("se", "got")])) + exitLocations: .only(UserSelectedRelays(locations: [.city("se", "got")])) ) - let result = try RelaySelector.evaluate( - relays: sampleRelays, - constraints: constraints, + let result = try RelaySelector.WireGuard.evaluateForSingleHop( + by: constraints, + in: sampleRelays, numberOfFailedAttempts: 0 ) - XCTAssertEqual(result.relay.hostname, "se10-wireguard") } func testHostnameConstraint() throws { let constraints = RelayConstraints( - locations: .only(UserSelectedRelays(locations: [.hostname("se", "sto", "se6-wireguard")])) + exitLocations: .only(UserSelectedRelays(locations: [.hostname("se", "sto", "se6-wireguard")])) ) - let result = try RelaySelector.evaluate( - relays: sampleRelays, - constraints: constraints, + let result = try RelaySelector.WireGuard.evaluateForSingleHop( + by: constraints, + in: sampleRelays, numberOfFailedAttempts: 0 ) @@ -61,7 +62,7 @@ class RelaySelectorTests: XCTestCase { func testMultipleLocationsConstraint() throws { let constraints = RelayConstraints( - locations: .only(UserSelectedRelays(locations: [ + exitLocations: .only(UserSelectedRelays(locations: [ .city("se", "got"), .hostname("se", "sto", "se6-wireguard"), ])) @@ -84,13 +85,19 @@ class RelaySelectorTests: XCTestCase { ) } - let constrainedLocations = RelaySelector.applyConstraints(constraints, relays: relayWithLocations) + let constrainedLocations = RelaySelector.applyConstraints( + constraints.exitLocations, + portConstraint: constraints.port, + filterConstraint: constraints.filter, + relays: relayWithLocations + ) XCTAssertTrue( constrainedLocations.contains( where: { $0.matches(location: .city("se", "got")) } ) ) + XCTAssertTrue( constrainedLocations.contains( where: { $0.matches(location: .hostname("se", "sto", "se6-wireguard")) } @@ -100,13 +107,13 @@ class RelaySelectorTests: XCTestCase { func testSpecificPortConstraint() throws { let constraints = RelayConstraints( - locations: .only(UserSelectedRelays(locations: [.hostname("se", "sto", "se6-wireguard")])), + exitLocations: .only(UserSelectedRelays(locations: [.hostname("se", "sto", "se6-wireguard")])), port: .only(1) ) - let result = try RelaySelector.evaluate( - relays: sampleRelays, - constraints: constraints, + let result = try RelaySelector.WireGuard.evaluateForSingleHop( + by: constraints, + in: sampleRelays, numberOfFailedAttempts: 0 ) @@ -115,47 +122,70 @@ class RelaySelectorTests: XCTestCase { func testRandomPortSelectionWithFailedAttempts() throws { let constraints = RelayConstraints( - locations: .only(UserSelectedRelays(locations: [.hostname("se", "sto", "se6-wireguard")])) + exitLocations: .only(UserSelectedRelays(locations: [.hostname("se", "sto", "se6-wireguard")])) ) let allPorts = portRanges.flatMap { $0 } - var result = try RelaySelector.evaluate( - relays: sampleRelays, - constraints: constraints, + var result = try RelaySelector.WireGuard.evaluateForSingleHop( + by: constraints, + in: sampleRelays, numberOfFailedAttempts: 0 ) XCTAssertTrue(allPorts.contains(result.endpoint.ipv4Relay.port)) - result = try RelaySelector.evaluate(relays: sampleRelays, constraints: constraints, numberOfFailedAttempts: 1) + result = try RelaySelector.WireGuard.evaluateForSingleHop( + by: constraints, + in: sampleRelays, + numberOfFailedAttempts: 1 + ) XCTAssertTrue(allPorts.contains(result.endpoint.ipv4Relay.port)) - result = try RelaySelector.evaluate(relays: sampleRelays, constraints: constraints, numberOfFailedAttempts: 2) + result = try RelaySelector.WireGuard.evaluateForSingleHop( + by: constraints, + in: sampleRelays, + numberOfFailedAttempts: 2 + ) XCTAssertEqual(result.endpoint.ipv4Relay.port, defaultPort) - result = try RelaySelector.evaluate(relays: sampleRelays, constraints: constraints, numberOfFailedAttempts: 3) + result = try RelaySelector.WireGuard.evaluateForSingleHop( + by: constraints, + in: sampleRelays, + numberOfFailedAttempts: 3 + ) XCTAssertEqual(result.endpoint.ipv4Relay.port, defaultPort) - result = try RelaySelector.evaluate(relays: sampleRelays, constraints: constraints, numberOfFailedAttempts: 4) + result = try RelaySelector.WireGuard.evaluateForSingleHop( + by: constraints, + in: sampleRelays, + numberOfFailedAttempts: 4 + ) XCTAssertTrue(allPorts.contains(result.endpoint.ipv4Relay.port)) } func testClosestShadowsocksRelay() throws { let constraints = RelayConstraints( - locations: .only(UserSelectedRelays(locations: [.city("se", "sto")])) + exitLocations: .only(UserSelectedRelays(locations: [.city("se", "sto")])) ) - let selectedRelay = RelaySelector.closestShadowsocksRelayConstrained(by: constraints, in: sampleRelays) + let selectedRelay = RelaySelector.Shadowsocks.closestRelay( + location: constraints.exitLocations, + port: constraints.port, + filter: constraints.filter, + in: sampleRelays + ) XCTAssertEqual(selectedRelay?.hostname, "se-sto-br-001") } func testClosestShadowsocksRelayIsRandomWhenNoContraintsAreSatisfied() throws { let constraints = RelayConstraints( - locations: .only(UserSelectedRelays(locations: [.country("INVALID COUNTRY")])) + exitLocations: .only(UserSelectedRelays(locations: [.country("INVALID COUNTRY")])) ) - let selectedRelay = try XCTUnwrap(RelaySelector.closestShadowsocksRelayConstrained( - by: constraints, + let selectedRelay = try XCTUnwrap(RelaySelector.Shadowsocks.closestRelay( + location: constraints.exitLocations, + port: constraints.port, + filter: constraints.filter, in: sampleRelays )) @@ -166,13 +196,13 @@ class RelaySelectorTests: XCTestCase { let filter = RelayFilter(ownership: .owned, providers: .any) let constraints = RelayConstraints( - locations: .only(UserSelectedRelays(locations: [.hostname("se", "sto", "se6-wireguard")])), + exitLocations: .only(UserSelectedRelays(locations: [.hostname("se", "sto", "se6-wireguard")])), filter: .only(filter) ) - let result = try RelaySelector.evaluate( - relays: sampleRelays, - constraints: constraints, + let result = try RelaySelector.WireGuard.evaluateForSingleHop( + by: constraints, + in: sampleRelays, numberOfFailedAttempts: 0 ) @@ -183,13 +213,13 @@ class RelaySelectorTests: XCTestCase { let filter = RelayFilter(ownership: .rented, providers: .any) let constraints = RelayConstraints( - locations: .only(UserSelectedRelays(locations: [.hostname("se", "sto", "se6-wireguard")])), + exitLocations: .only(UserSelectedRelays(locations: [.hostname("se", "sto", "se6-wireguard")])), filter: .only(filter) ) - let result = try? RelaySelector.evaluate( - relays: sampleRelays, - constraints: constraints, + let result = try? RelaySelector.WireGuard.evaluateForSingleHop( + by: constraints, + in: sampleRelays, numberOfFailedAttempts: 0 ) @@ -201,13 +231,13 @@ class RelaySelectorTests: XCTestCase { let filter = RelayFilter(ownership: .any, providers: .only([provider])) let constraints = RelayConstraints( - locations: .only(UserSelectedRelays(locations: [.hostname("se", "sto", "se6-wireguard")])), + exitLocations: .only(UserSelectedRelays(locations: [.hostname("se", "sto", "se6-wireguard")])), filter: .only(filter) ) - let result = try RelaySelector.evaluate( - relays: sampleRelays, - constraints: constraints, + let result = try RelaySelector.WireGuard.evaluateForSingleHop( + by: constraints, + in: sampleRelays, numberOfFailedAttempts: 0 ) @@ -219,16 +249,18 @@ class RelaySelectorTests: XCTestCase { let filter = RelayFilter(ownership: .any, providers: .only([provider])) let constraints = RelayConstraints( - locations: .only(UserSelectedRelays(locations: [.hostname("se", "sto", "se6-wireguard")])), + exitLocations: .only(UserSelectedRelays(locations: [.hostname("se", "sto", "se6-wireguard")])), filter: .only(filter) ) - let result = try? RelaySelector.evaluate( - relays: sampleRelays, - constraints: constraints, + let result = try? RelaySelector.WireGuard.evaluateForSingleHop( + by: constraints, + in: sampleRelays, numberOfFailedAttempts: 0 ) XCTAssertNil(result) } + + // MARK: - Multi-Hop tests } diff --git a/ios/MullvadVPNTests/MullvadSettings/MigrationManagerTests.swift b/ios/MullvadVPNTests/MullvadSettings/MigrationManagerTests.swift index ace14e8eb0a6..22be6900f2cb 100644 --- a/ios/MullvadVPNTests/MullvadSettings/MigrationManagerTests.swift +++ b/ios/MullvadVPNTests/MullvadSettings/MigrationManagerTests.swift @@ -119,10 +119,49 @@ final class MigrationManagerTests: XCTestCase { wait(for: [failedMigrationExpectation], timeout: 1) } + func testSuccessfulMigrationFromV4ToLatest() throws { + var settingsV4 = TunnelSettingsV4() + let relayConstraints = RelayConstraints( + exitLocations: .only(UserSelectedRelays(locations: [.city("jp", "osa")])) + ) + + settingsV4.relayConstraints = relayConstraints + settingsV4.tunnelQuantumResistance = .off + settingsV4.wireGuardObfuscation = WireGuardObfuscationSettings(state: .off, port: .automatic) + + try migrateToLatest(settingsV4, version: .v4) + + // Once the migration is done, settings should have been updated to the latest available version + // Verify that the old settings are still valid + let latestSettings = try SettingsManager.readSettings() + XCTAssertEqual(settingsV4.relayConstraints, latestSettings.relayConstraints) + XCTAssertEqual(settingsV4.tunnelQuantumResistance, latestSettings.tunnelQuantumResistance) + XCTAssertEqual(settingsV4.wireGuardObfuscation, latestSettings.wireGuardObfuscation) + } + + func testSuccessfulMigrationFromV3ToLatest() throws { + var settingsV3 = TunnelSettingsV3() + let relayConstraints = RelayConstraints( + exitLocations: .only(UserSelectedRelays(locations: [.city("jp", "osa")])) + ) + + settingsV3.relayConstraints = relayConstraints + settingsV3.dnsSettings = DNSSettings() + settingsV3.wireGuardObfuscation = WireGuardObfuscationSettings(state: .on, port: .port80) + + try migrateToLatest(settingsV3, version: .v3) + + // Once the migration is done, settings should have been updated to the latest available version + // Verify that the old settings are still valid + let latestSettings = try SettingsManager.readSettings() + XCTAssertEqual(settingsV3.relayConstraints, latestSettings.relayConstraints) + XCTAssertEqual(settingsV3.wireGuardObfuscation, latestSettings.wireGuardObfuscation) + } + func testSuccessfulMigrationFromV2ToLatest() throws { var settingsV2 = TunnelSettingsV2() let osakaRelayConstraints = RelayConstraints( - locations: .only(UserSelectedRelays(locations: [.city("jp", "osa")])) + exitLocations: .only(UserSelectedRelays(locations: [.city("jp", "osa")])) ) settingsV2.relayConstraints = osakaRelayConstraints @@ -136,7 +175,7 @@ final class MigrationManagerTests: XCTestCase { func testSuccessfulMigrationFromV1ToLatest() throws { var settingsV1 = TunnelSettingsV1() let osakaRelayConstraints = RelayConstraints( - locations: .only(UserSelectedRelays(locations: [.city("jp", "osa")])) + exitLocations: .only(UserSelectedRelays(locations: [.city("jp", "osa")])) ) settingsV1.relayConstraints = osakaRelayConstraints diff --git a/ios/MullvadVPNTests/MullvadSettings/TunnelSettingsUpdateTests.swift b/ios/MullvadVPNTests/MullvadSettings/TunnelSettingsUpdateTests.swift index 89a234f3ce9a..346dce00b77d 100644 --- a/ios/MullvadVPNTests/MullvadSettings/TunnelSettingsUpdateTests.swift +++ b/ios/MullvadVPNTests/MullvadSettings/TunnelSettingsUpdateTests.swift @@ -48,7 +48,7 @@ final class TunnelSettingsUpdateTests: XCTestCase { // When: let relayConstraints = RelayConstraints( - locations: .only(UserSelectedRelays(locations: [.country("zz")])), + exitLocations: .only(UserSelectedRelays(locations: [.country("zz")])), port: .only(9999), filter: .only(.init(ownership: .rented, providers: .only(["foo", "bar"]))) ) diff --git a/ios/MullvadVPNTests/MullvadTypes/RelayConstraintsTests.swift b/ios/MullvadVPNTests/MullvadTypes/RelayConstraintsTests.swift index 401dc13eddb2..15ed22663e28 100644 --- a/ios/MullvadVPNTests/MullvadTypes/RelayConstraintsTests.swift +++ b/ios/MullvadVPNTests/MullvadTypes/RelayConstraintsTests.swift @@ -20,7 +20,7 @@ final class RelayConstraintsTests: XCTestCase { let constraintsFromJson = try parseData(from: constraintsV1) let constraintsFromInit = RelayConstraints( - locations: .only(UserSelectedRelays(locations: [.city("se", "got")])), + exitLocations: .only(UserSelectedRelays(locations: [.city("se", "got")])), port: .only(80), filter: .only(RelayFilter(ownership: .rented, providers: .any)) ) diff --git a/ios/PacketTunnel/PacketTunnelProvider/PacketTunnelProvider.swift b/ios/PacketTunnel/PacketTunnelProvider/PacketTunnelProvider.swift index a63534877397..2ac17aa97888 100644 --- a/ios/PacketTunnel/PacketTunnelProvider/PacketTunnelProvider.swift +++ b/ios/PacketTunnel/PacketTunnelProvider/PacketTunnelProvider.swift @@ -72,7 +72,7 @@ class PacketTunnelProvider: NEPacketTunnelProvider { tunnelMonitor: tunnelMonitor, defaultPathObserver: PacketTunnelPathObserver(packetTunnelProvider: self, eventQueue: internalQueue), blockedStateErrorMapper: BlockedStateErrorMapper(), - relaySelector: RelaySelectorWrapper(relayCache: ipOverrideWrapper), + relaySelector: RelaySelectorWrapper(relayCache: ipOverrideWrapper, settingsReader: SettingsReader()), settingsReader: SettingsReader(), protocolObfuscator: ProtocolObfuscator() ) diff --git a/ios/PacketTunnel/PacketTunnelProvider/RelaySelectorWrapper.swift b/ios/PacketTunnel/PacketTunnelProvider/RelaySelectorWrapper.swift index 73f6fa267407..3b88e173e69c 100644 --- a/ios/PacketTunnel/PacketTunnelProvider/RelaySelectorWrapper.swift +++ b/ios/PacketTunnel/PacketTunnelProvider/RelaySelectorWrapper.swift @@ -11,24 +11,37 @@ import MullvadREST import MullvadTypes import PacketTunnelCore +struct MultihopNotImplementedError: LocalizedError { + public var errorDescription: String? { + "The picking relays for Multihop is not implemented yet." + } +} + struct RelaySelectorWrapper: RelaySelectorProtocol { let relayCache: RelayCacheProtocol + let settingsReader: SettingsReaderProtocol func selectRelay( with constraints: RelayConstraints, connectionAttemptFailureCount: UInt ) throws -> SelectedRelay { - let selectorResult = try RelaySelector.evaluate( - relays: relayCache.read().relays, - constraints: constraints, - numberOfFailedAttempts: connectionAttemptFailureCount - ) + switch try settingsReader.read().multihopState { + case .off: + let selectorResult = try RelaySelector.WireGuard.evaluateForSingleHop( + by: constraints, + in: relayCache.read().relays, + numberOfFailedAttempts: connectionAttemptFailureCount + ) + + return SelectedRelay( + endpoint: selectorResult.endpoint, + hostname: selectorResult.relay.hostname, + location: selectorResult.location, + retryAttempts: connectionAttemptFailureCount + ) - return SelectedRelay( - endpoint: selectorResult.endpoint, - hostname: selectorResult.relay.hostname, - location: selectorResult.location, - retryAttempts: connectionAttemptFailureCount - ) + case .on: + throw MultihopNotImplementedError() + } } } diff --git a/ios/PacketTunnel/PacketTunnelProvider/SettingsReader.swift b/ios/PacketTunnel/PacketTunnelProvider/SettingsReader.swift index 10282b5ff32e..9fb3858ba948 100644 --- a/ios/PacketTunnel/PacketTunnelProvider/SettingsReader.swift +++ b/ios/PacketTunnel/PacketTunnelProvider/SettingsReader.swift @@ -21,7 +21,8 @@ struct SettingsReader: SettingsReaderProtocol { interfaceAddresses: [deviceData.ipv4Address, deviceData.ipv6Address], relayConstraints: settings.relayConstraints, dnsServers: settings.dnsSettings.selectedDNSServers, - obfuscation: settings.wireGuardObfuscation + obfuscation: settings.wireGuardObfuscation, + multihopState: settings.tunnelMultihopState ) } } diff --git a/ios/PacketTunnelCore/Actor/Protocols/SettingsReaderProtocol.swift b/ios/PacketTunnelCore/Actor/Protocols/SettingsReaderProtocol.swift index 9d75149b455b..e7b5a7f36d88 100644 --- a/ios/PacketTunnelCore/Actor/Protocols/SettingsReaderProtocol.swift +++ b/ios/PacketTunnelCore/Actor/Protocols/SettingsReaderProtocol.swift @@ -40,18 +40,23 @@ public struct Settings { /// Obfuscation settings public var obfuscation: WireGuardObfuscationSettings + /// Whether Multi-hop is enabled. + public var multihopState: MultihopState + public init( privateKey: PrivateKey, interfaceAddresses: [IPAddressRange], relayConstraints: RelayConstraints, dnsServers: SelectedDNSServers, - obfuscation: WireGuardObfuscationSettings + obfuscation: WireGuardObfuscationSettings, + multihopState: MultihopState ) { self.privateKey = privateKey self.interfaceAddresses = interfaceAddresses self.relayConstraints = relayConstraints self.dnsServers = dnsServers self.obfuscation = obfuscation + self.multihopState = multihopState } } diff --git a/ios/PacketTunnelCoreTests/AppMessageHandlerTests.swift b/ios/PacketTunnelCoreTests/AppMessageHandlerTests.swift index cdd062b098f5..012a4036cc02 100644 --- a/ios/PacketTunnelCoreTests/AppMessageHandlerTests.swift +++ b/ios/PacketTunnelCoreTests/AppMessageHandlerTests.swift @@ -79,11 +79,11 @@ final class AppMessageHandlerTests: XCTestCase { let appMessageHandler = createAppMessageHandler(actor: actor) let relayConstraints = RelayConstraints( - locations: .only(UserSelectedRelays(locations: [.hostname("se", "sto", "se6-wireguard")])) + exitLocations: .only(UserSelectedRelays(locations: [.hostname("se", "sto", "se6-wireguard")])) ) - let selectorResult = try XCTUnwrap(try? RelaySelector.evaluate( - relays: ServerRelaysResponseStubs.sampleRelays, - constraints: relayConstraints, + let selectorResult = try XCTUnwrap(try? RelaySelector.WireGuard.evaluateForSingleHop( + by: relayConstraints, + in: ServerRelaysResponseStubs.sampleRelays, numberOfFailedAttempts: 0 )) diff --git a/ios/PacketTunnelCoreTests/Mocks/SettingsReaderStub.swift b/ios/PacketTunnelCoreTests/Mocks/SettingsReaderStub.swift index c95133b09108..c310a4795908 100644 --- a/ios/PacketTunnelCoreTests/Mocks/SettingsReaderStub.swift +++ b/ios/PacketTunnelCoreTests/Mocks/SettingsReaderStub.swift @@ -29,7 +29,8 @@ extension SettingsReaderStub { interfaceAddresses: [IPAddressRange(from: "127.0.0.1/32")!], relayConstraints: RelayConstraints(), dnsServers: .gateway, - obfuscation: WireGuardObfuscationSettings(state: .off, port: .automatic) + obfuscation: WireGuardObfuscationSettings(state: .off, port: .automatic), + multihopState: .off ) return SettingsReaderStub { diff --git a/ios/PacketTunnelCoreTests/PacketTunnelActorTests.swift b/ios/PacketTunnelCoreTests/PacketTunnelActorTests.swift index fb37ef6b0da1..e94a5d179611 100644 --- a/ios/PacketTunnelCoreTests/PacketTunnelActorTests.swift +++ b/ios/PacketTunnelCoreTests/PacketTunnelActorTests.swift @@ -208,7 +208,8 @@ final class PacketTunnelActorTests: XCTestCase { interfaceAddresses: [IPAddressRange(from: "127.0.0.1/32")!], relayConstraints: RelayConstraints(), dnsServers: .gateway, - obfuscation: WireGuardObfuscationSettings(state: .off, port: .automatic) + obfuscation: WireGuardObfuscationSettings(state: .off, port: .automatic), + multihopState: .off ) } } diff --git a/ios/PacketTunnelCoreTests/ProtocolObfuscatorTests.swift b/ios/PacketTunnelCoreTests/ProtocolObfuscatorTests.swift index dd644a74e14b..e600c9701bac 100644 --- a/ios/PacketTunnelCoreTests/ProtocolObfuscatorTests.swift +++ b/ios/PacketTunnelCoreTests/ProtocolObfuscatorTests.swift @@ -110,7 +110,8 @@ final class ProtocolObfuscatorTests: XCTestCase { obfuscation: WireGuardObfuscationSettings( state: obfuscationState, port: obfuscationPort - ) + ), + multihopState: .off ) } }