Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

persist controller list in zid files #259

Merged
merged 11 commits into from
Jan 23, 2025
+156 −75
Merged

persist controller list in zid files #259

Changes from 10 commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
3697a12
update [email protected]
scareything Nov 20, 2024
653c4fe
update [email protected]
scareything Nov 22, 2024
65f2136
update [email protected]
scareything Dec 5, 2024
2055370
run vcpkg install with --debug
scareything Jan 15, 2025
9642c5f
handle csdk/tsdk config events
scareything Jan 15, 2025
53b6e0f
update ziti-sdk-c to 1.3.x PR branch with config event updates
scareything Jan 23, 2025
5b3a7dc
process config events
scareything Jan 23, 2025
c96aae1
mention need for libz.1.tbd
scareything Jan 23, 2025
69c1e32
undo whitespace changes
scareything Jan 23, 2025
e1a22f9
freshen tsdk branch
scareything Jan 23, 2025
3372daf
update [email protected]
scareything Jan 23, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 6 additions & 6 deletions CZiti.xcodeproj/project.pbxproj
View file
Original file line number Diff line number Diff line change
@@ -57,7 +57,7 @@
5AB8309E247432C40089AF93 /* ZitiError.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5AB8308F247432C40089AF93 /* ZitiError.swift */; };
5AB8309F247432C40089AF93 /* ZitiIntercept.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5AB83090247432C40089AF93 /* ZitiIntercept.swift */; };
5AB830A0247432C40089AF93 /* ZitiKeychain.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5AB83091247432C40089AF93 /* ZitiKeychain.swift */; };
5AB830A1247432C40089AF93 /* ZitiConfig.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5AB83092247432C40089AF93 /* ZitiConfig.swift */; };
5AB830A1247432C40089AF93 /* ZitiServiceConfig.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5AB83092247432C40089AF93 /* ZitiServiceConfig.swift */; };
5AB830A2247432C40089AF93 /* ZitiUnretained.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5AB83093247432C40089AF93 /* ZitiUnretained.swift */; };
5AB830A3247432C40089AF93 /* ZitiLog.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5AB83094247432C40089AF93 /* ZitiLog.swift */; };
5AB830A4247432C40089AF93 /* ZitiUrlClientConfigV1.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5AB83095247432C40089AF93 /* ZitiUrlClientConfigV1.swift */; };
@@ -71,7 +71,7 @@
5AB830AC2474330D0089AF93 /* ZitiError.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5AB8308F247432C40089AF93 /* ZitiError.swift */; };
5AB830AD247433110089AF93 /* ZitiIntercept.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5AB83090247432C40089AF93 /* ZitiIntercept.swift */; };
5AB830AE247433150089AF93 /* ZitiKeychain.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5AB83091247432C40089AF93 /* ZitiKeychain.swift */; };
5AB830AF247433190089AF93 /* ZitiConfig.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5AB83092247432C40089AF93 /* ZitiConfig.swift */; };
5AB830AF247433190089AF93 /* ZitiServiceConfig.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5AB83092247432C40089AF93 /* ZitiServiceConfig.swift */; };
5AB830B02474331C0089AF93 /* ZitiUnretained.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5AB83093247432C40089AF93 /* ZitiUnretained.swift */; };
5AB830B1247433200089AF93 /* ZitiLog.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5AB83094247432C40089AF93 /* ZitiLog.swift */; };
5AB830B2247433230089AF93 /* ZitiUrlClientConfigV1.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5AB83095247432C40089AF93 /* ZitiUrlClientConfigV1.swift */; };
@@ -221,7 +221,7 @@
5AB8308F247432C40089AF93 /* ZitiError.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ZitiError.swift; sourceTree = "<group>"; };
5AB83090247432C40089AF93 /* ZitiIntercept.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ZitiIntercept.swift; sourceTree = "<group>"; };
5AB83091247432C40089AF93 /* ZitiKeychain.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ZitiKeychain.swift; sourceTree = "<group>"; };
5AB83092247432C40089AF93 /* ZitiConfig.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ZitiConfig.swift; sourceTree = "<group>"; };
5AB83092247432C40089AF93 /* ZitiServiceConfig.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ZitiServiceConfig.swift; sourceTree = "<group>"; };
5AB83093247432C40089AF93 /* ZitiUnretained.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ZitiUnretained.swift; sourceTree = "<group>"; };
5AB83094247432C40089AF93 /* ZitiLog.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ZitiLog.swift; sourceTree = "<group>"; };
5AB83095247432C40089AF93 /* ZitiUrlClientConfigV1.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ZitiUrlClientConfigV1.swift; sourceTree = "<group>"; };
@@ -454,7 +454,7 @@
5AB83096247432C40089AF93 /* ZitiUrlProtocol.swift */,
5AB83090247432C40089AF93 /* ZitiIntercept.swift */,
5AB83091247432C40089AF93 /* ZitiKeychain.swift */,
5AB83092247432C40089AF93 /* ZitiConfig.swift */,
5AB83092247432C40089AF93 /* ZitiServiceConfig.swift */,
5AB83095247432C40089AF93 /* ZitiUrlClientConfigV1.swift */,
5AB83098247432C40089AF93 /* ZitiTunnelClientConfigV1.swift */,
5A8B0C1C2594119900182437 /* ZitiTunnelServerConfigV1.swift */,
@@ -718,7 +718,7 @@
files = (
5AB830A0247432C40089AF93 /* ZitiKeychain.swift in Sources */,
5A8B0B81258FEA9A00182437 /* ZitiService.swift in Sources */,
5AB830A1247432C40089AF93 /* ZitiConfig.swift in Sources */,
5AB830A1247432C40089AF93 /* ZitiServiceConfig.swift in Sources */,
5AB8309E247432C40089AF93 /* ZitiError.swift in Sources */,
5AB830A7247432C40089AF93 /* ZitiTunnelClientConfigV1.swift in Sources */,
5AB830A5247432C40089AF93 /* ZitiUrlProtocol.swift in Sources */,
@@ -753,7 +753,7 @@
files = (
5AB830AE247433150089AF93 /* ZitiKeychain.swift in Sources */,
5A8B0B82258FEA9A00182437 /* ZitiService.swift in Sources */,
5AB830AF247433190089AF93 /* ZitiConfig.swift in Sources */,
5AB830AF247433190089AF93 /* ZitiServiceConfig.swift in Sources */,
5AB830AC2474330D0089AF93 /* ZitiError.swift in Sources */,
5AB830B52474332E0089AF93 /* ZitiTunnelClientConfigV1.swift in Sources */,
5AB830B3247433270089AF93 /* ZitiUrlProtocol.swift in Sources */,
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
@@ -150,7 +150,7 @@ See also the documentation included in the `CZiti` module available in the `Xcod

Note that that `CZiti` is not built for Bitcode, and when building for a device the __Build Settings - Build Options__ should set `Enable Bitcode` to `No`.

Note that `CZiti` depends on `libresolv.9.tbd`, and requires access to outbound network connections and the Apple Keychain.
Note that `CZiti` depends on `libresolv.9.tbd` and `libz.1.tbd` when linking, and requires access to outbound network connections and the Apple Keychain at runtime.

## Via `Swift Package Manager`
See [ziti-sdk-swift-dist](https://github.com/openziti/ziti-sdk-swift-dist) for access to `CZiti.xcframework` built from this repository and made available as a `.binaryTarget`.
1 change: 1 addition & 0 deletions build_all.sh
View file
Original file line number Diff line number Diff line change
@@ -33,6 +33,7 @@ function build_tsdk {
cmake -DCMAKE_BUILD_TYPE=${cmake_build_type} \
${clang_asan_flags} \
-DTLSUV_TLSLIB=openssl \
-DVCPKG_INSTALL_OPTIONS="--debug" \
-DEXCLUDE_PROGRAMS=ON \
-DZITI_TUNNEL_BUILD_TESTS=OFF \
-DCMAKE_TOOLCHAIN_FILE="${toolchain}" \
2 changes: 1 addition & 1 deletion deps/ziti-tunnel-sdk-c
Submodule ziti-tunnel-sdk-c updated 89 files
+1 −1 .github/actions/openziti-tunnel-build-action/gh-release/entrypoint.sh
+3 −12 .github/workflows/cmake.yml
+1 −1 .github/workflows/cpack.yml
+22 −2 .github/workflows/main.yml
+3 −2 .github/workflows/mattermost-ziti-webhook.yml
+2 −2 .github/workflows/promote-downstreams.yml
+3 −3 .github/workflows/release.yml
+1 −1 CMakeLists.txt
+2 −42 README.md
+6 −9 deps/CMakeLists.txt
+0 −149 docker/BUILD.md
+1 −1 docker/LICENSE-Apache
+0 −123 docker/buildx.sh
+8 −1 docker/compose.test.yml
+1 −1 docker/docker-entrypoint.sh
+61 −13 docker/docker.test.bash
+1 −1 docs/openwrt/ziti.init
+1 −1 lib/tests/dns_test.cpp
+1 −1 lib/tests/tunnel_integ_test.cpp
+1 −1 lib/ziti-tunnel-cbs/dns_host.c
+1 −1 lib/ziti-tunnel-cbs/dns_host.h
+1 −1 lib/ziti-tunnel-cbs/dns_msg.c
+1 −1 lib/ziti-tunnel-cbs/include/ziti/ziti_dns.h
+29 −17 lib/ziti-tunnel-cbs/include/ziti/ziti_tunnel_cbs.h
+1 −1 lib/ziti-tunnel-cbs/tests/dns_test.cpp
+1 −1 lib/ziti-tunnel-cbs/tests/tunnel_cbs_tests.cpp
+1 −1 lib/ziti-tunnel-cbs/ziti_dns.c
+1 −1 lib/ziti-tunnel-cbs/ziti_hosting.c
+1 −1 lib/ziti-tunnel-cbs/ziti_hosting.h
+1 −1 lib/ziti-tunnel-cbs/ziti_instance.h
+1 −1 lib/ziti-tunnel-cbs/ziti_tunnel_cbs.c
+94 −154 lib/ziti-tunnel-cbs/ziti_tunnel_ctrl.c
+3 −2 lib/ziti-tunnel-cbs/ziti_tunnel_model.c
+5 −3 lib/ziti-tunnel/include/ziti/netif_driver.h
+1 −1 lib/ziti-tunnel/include/ziti/ziti_tunnel.h
+1 −1 lib/ziti-tunnel/intercept.c
+1 −1 lib/ziti-tunnel/route.c
+1 −1 lib/ziti-tunnel/tests/address_test.cpp
+1 −1 lib/ziti-tunnel/tests/tunnel_test.cpp
+1 −1 lib/ziti-tunnel/tunnel_log.c
+1 −1 lib/ziti-tunnel/tunnel_tcp.c
+1 −1 lib/ziti-tunnel/tunnel_tcp.h
+1 −1 lib/ziti-tunnel/tunnel_udp.c
+1 −1 lib/ziti-tunnel/tunnel_udp.h
+1 −1 lib/ziti-tunnel/ziti_tunnel.c
+1 −1 lib/ziti-tunnel/ziti_tunnel_priv.h
+1 −1 lib/ziti-tunnel/ziti_utils.c
+3 −4 programs/CMakeLists.txt
+9 −3 programs/ziti-edge-tunnel/CMakeLists.txt
+135 −28 programs/ziti-edge-tunnel/config-utils.c
+4 −6 programs/ziti-edge-tunnel/include/config-utils.h
+5 −1 programs/ziti-edge-tunnel/include/identity-utils.h
+2 −4 programs/ziti-edge-tunnel/include/instance-config.h
+32 −0 programs/ziti-edge-tunnel/include/linux/diverter.h
+6 −2 programs/ziti-edge-tunnel/include/model/dtos.h
+1 −1 programs/ziti-edge-tunnel/include/model/events.h
+1 −1 programs/ziti-edge-tunnel/include/service-utils.h
+5 −4 programs/ziti-edge-tunnel/include/windows/windows-scripts.h
+8 −0 programs/ziti-edge-tunnel/include/windows/windows-service.h
+16 −58 programs/ziti-edge-tunnel/instance-config.c
+50 −11 programs/ziti-edge-tunnel/instance.c
+10 −10 programs/ziti-edge-tunnel/ipc_cmd.c
+1 −1 programs/ziti-edge-tunnel/ipc_event.c
+264 −0 programs/ziti-edge-tunnel/linux/diverter.c
+1 −1 programs/ziti-edge-tunnel/model.c
+6 −1 programs/ziti-edge-tunnel/netif_driver/darwin/utun.c
+1 −1 programs/ziti-edge-tunnel/netif_driver/darwin/utun.h
+1 −1 programs/ziti-edge-tunnel/netif_driver/linux/resolvers.c
+1 −1 programs/ziti-edge-tunnel/netif_driver/linux/resolvers.h
+7 −2 programs/ziti-edge-tunnel/netif_driver/linux/tun.c
+1 −1 programs/ziti-edge-tunnel/netif_driver/linux/tun.h
+45 −2 programs/ziti-edge-tunnel/netif_driver/linux/utils.c
+4 −1 programs/ziti-edge-tunnel/netif_driver/linux/utils.h
+1 −1 programs/ziti-edge-tunnel/netif_driver/socket_util.c
+1 −1 programs/ziti-edge-tunnel/netif_driver/socket_util.h
+26 −25 programs/ziti-edge-tunnel/netif_driver/windows/tun.c
+2 −4 programs/ziti-edge-tunnel/netif_driver/windows/tun.h
+1 −1 programs/ziti-edge-tunnel/package/deb/postinst.in
+1 −1 programs/ziti-edge-tunnel/package/rpm/post.sh.in
+1 −1 programs/ziti-edge-tunnel/package/systemd/ziti-edge-tunnel.sh.in
+175 −41 programs/ziti-edge-tunnel/process_cmd.c
+45 −24 programs/ziti-edge-tunnel/windows-scripts.c
+5 −3 programs/ziti-edge-tunnel/windows-service.c
+26 −28 programs/ziti-edge-tunnel/windows/log_utils.c
+40 −0 programs/ziti-edge-tunnel/windows/minidump.c
+23 −0 programs/ziti-edge-tunnel/windows/minidump.h
+303 −115 programs/ziti-edge-tunnel/ziti-edge-tunnel.c
+1 −1 scripts/install-ubuntu.bash
+2 −2 toolchains/Linux-arm.cmake
41 changes: 27 additions & 14 deletions lib/Ziti.swift
View file
Original file line number Diff line number Diff line change
@@ -149,11 +149,11 @@ import CZitiPrivate
///
/// - Parameters:
/// - id: Usually the `sub` field from the one-time enrollment JWT. Used by `Ziti` to store and retrieve identity-related items in the Keychain`
/// - ztAPI: scheme, host, and port used to communicate with Ziti controller
/// - name: name assocaited with this identity in Ziti.
/// - ztAPIs: array of URLs (scheme, host, and port) used to communicate with Ziti controllers
/// - name: name assocaited with this identity in Ziti.
/// - caPool: CA pool verified as part of enrollment that can be used to establish trust with of the Ziti controller
@objc public init(_ id:String, _ ztAPI:String, name:String?, caPool:String?) {
self.id = ZitiIdentity(id:id, ztAPI:ztAPI, name:name, ca:caPool)
@objc public init(_ id:String, _ ztAPIs:[String], name:String?, caPool:String?) {
self.id = ZitiIdentity(id:id, ztAPIs:ztAPIs, name:name, ca:caPool)
privateLoop = true
loop = UnsafeMutablePointer<uv_loop_t>.allocate(capacity: 1)
loop.initialize(to: uv_loop_t())
@@ -345,7 +345,7 @@ import CZitiPrivate
ca = dropFirst("pem:", idCa)
}

let zid = ZitiIdentity(id: subj, ztAPI: resp.ztAPI, ca: ca)
let zid = ZitiIdentity(id: subj, ztAPIs: resp.ztAPIs, ca: ca)
log.info("Enrolled id:\(subj) with controller: \(zid.ztAPI)", function:"enroll()")

enrollCallback(zid, nil)
@@ -429,7 +429,13 @@ import CZitiPrivate
}

// set up the ziti_config with our cert, etc.
var ctrls:model_list = model_list.init() // todo get controllers list
var ctrls:model_list = model_list()
id.ztAPIs?.forEach { c in
let ctrlPtr = UnsafeMutablePointer<Int8>.allocate(capacity: c.count + 1)
ctrlPtr.initialize(from: c, count: c.count + 1)
model_list_append(&ctrls, ctrlPtr)
}

var zitiCfg = ziti_config(
controller_url: ctrlPtr,
controllers: ctrls,
@@ -451,6 +457,17 @@ import CZitiPrivate
caPEMPtr!.deallocate()
}

withUnsafeMutablePointer(to: &ctrls) { ctrlListPtr in
var i = model_list_iterator(ctrlListPtr)
while i != nil {
let ctrlPtr = model_list_it_element(i)
if let ctrl = UnsafeMutablePointer<CChar>(OpaquePointer(ctrlPtr)) {
ctrl.deallocate()
}
i = model_list_it_next(i)
}
}

ziti_log_init_wrapper(loop)

var zitiOpts = ziti_options(disabled: id.startDisabled ?? false,
@@ -463,7 +480,7 @@ import CZitiPrivate
pq_process_cb: postureChecks?.processQuery != nil ? Ziti.onProcessQuery : nil,
pq_domain_cb: postureChecks?.domainQuery != nil ? Ziti.onDomainQuery : nil,
app_ctx: self.toVoidPtr(),
events: ZitiContextEvent.rawValue | ZitiRouterEvent.rawValue | ZitiServiceEvent.rawValue | ZitiAuthEvent.rawValue | ZitiAPIEvent.rawValue,
events: ZitiContextEvent.rawValue | ZitiRouterEvent.rawValue | ZitiServiceEvent.rawValue | ZitiAuthEvent.rawValue | ZitiConfigEvent.rawValue,
event_cb: Ziti.onEvent)

zitiStatus = ziti_context_set_options(self.ztx, &zitiOpts)
@@ -919,13 +936,9 @@ import CZitiPrivate
let event = ZitiEvent(mySelf, cEvent)

// update ourself
if event.type == ZitiEvent.EventType.ApiEvent {
if !event.apiEvent!.newControllerAddress.isEmpty {
mySelf.id.ztAPI = event.apiEvent!.newControllerAddress
}
if !event.apiEvent!.newCaBundle.isEmpty {
mySelf.id.ca = event.apiEvent!.newCaBundle
}
if event.type == ZitiEvent.EventType.ConfigEvent {
mySelf.id.ztAPI = event.configEvent!.controller_url
mySelf.id.ca = event.configEvent!.caBundle
}

mySelf.eventCallbacksLock.lock()
28 changes: 21 additions & 7 deletions lib/ZitiEnroller.swift
View file
Original file line number Diff line number Diff line change
@@ -56,9 +56,9 @@ import CZitiPrivate
/**
* URL of controller returned on successful enrollment attempt
*/
public let ztAPI:String, id:Identity
init(ztAPI:String, id:Identity) {
self.ztAPI = ztAPI
public let ztAPIs:[String], id:Identity
init(ztAPIs:[String], id:Identity) {
self.ztAPIs = ztAPIs
self.id = id
}
}
@@ -127,9 +127,9 @@ import CZitiPrivate
enrollData.pointee.privatePem_c = UnsafeMutablePointer<Int8>.allocate(capacity: privatePem.count + 1)
enrollData.pointee.privatePem_c!.initialize(from: privatePem.cString(using: .utf8)!, count: privatePem.count + 1)

var enroll_opts = ziti_enroll_opts(jwt: enrollData.pointee.jwtFile_c,
enroll_key: enrollData.pointee.privatePem_c,
enroll_cert: nil, enroll_name: nil, jwt_content: nil, use_keychain: false)
var enroll_opts = ziti_enroll_opts(url: nil, token: enrollData.pointee.jwtFile_c,
key: enrollData.pointee.privatePem_c,
cert: nil, name: nil, use_keychain: false)
let status = ziti_enroll(&enroll_opts, loop, ZitiEnroller.on_enroll, enrollData)
guard status == ZITI_OK else {
let errStr = String(cString: ziti_errorstr(status))
@@ -233,6 +233,20 @@ import CZitiPrivate
enrollData.pointee.enrollmentCallback?(nil, nil, ze)
return
}

var controllers:[String] = []
var ctrlList = zc.controllers
withUnsafeMutablePointer(to: &ctrlList) { ctrlListPtr in
var i = model_list_iterator(ctrlListPtr)
while i != nil {
let ctrlPtr = model_list_it_element(i)
if let ctrl = UnsafeMutablePointer<CChar>(OpaquePointer(ctrlPtr)) {
let ctrlStr = String(cString: ctrl)
controllers.append(ctrlStr)
}
i = model_list_it_next(i)
}
}
guard let ztAPI = String(cString: zc.controller_url, encoding: .utf8) else {
let errStr = "Invaid ztAPI response"
log.error(errStr, function:"on_enroll()")
@@ -244,7 +258,7 @@ import CZitiPrivate
let id = EnrollmentResponse.Identity(cert: cert,
key: String(cString: zc.id.key, encoding: .utf8),
ca: String(cString: zc.id.ca, encoding: .utf8))
let enrollResp = EnrollmentResponse(ztAPI: ztAPI, id: id)
let enrollResp = EnrollmentResponse(ztAPIs: controllers, id: id)
enrollData.pointee.enrollmentCallback?(enrollResp, enrollData.pointee.subj, nil)
}

63 changes: 45 additions & 18 deletions lib/ZitiEvent.swift
View file
Original file line number Diff line number Diff line change
@@ -42,7 +42,7 @@ import CZitiPrivate
case Auth = 0x08 // ZitiAuthEvent.rawValue

/// Indicates an `ApiEvent`
case ApiEvent = 0x10 // ZitiApiEvent.rawValue
case ConfigEvent = 0x10 // ZitiConfigEvent.rawValue

/// Generates a string describing the event
/// - returns: String describing the event
@@ -61,8 +61,8 @@ import CZitiPrivate
/// Indicates `AuthEvent`
case .Auth: return ".Auth"

/// Indicates `ApiEvent`
case .ApiEvent: return ".ApiEvent"
/// Indicates `ConfigEvent`
case .ConfigEvent: return ".ConfigEvent"

/// Indicates unrecognized event
case .Invalid: return ".Invalid"
@@ -264,27 +264,51 @@ import CZitiPrivate
}
}

/// Encapsulation of Ziti SDK C's API Event
@objc public class ApiEvent : NSObject {
/// Encapsulation of Ziti SDK C's Config Event
@objc public class ConfigEvent : NSObject {

/// New controller address
@objc public let newControllerAddress:String
@objc public let newCaBundle:String
init( _ cEvent:ziti_api_event) {
/// Controller address
@objc public let controller_url:String // todo enapsulate ziti_config_s ?
@objc public let controllers:[String]
@objc public let cfgSource:String

@objc public let caBundle:String // todo encapsulate ziti_id_cfg_s?

init( _ cEvent:ziti_config_event) {
var str = ""
if let cStr = cEvent.new_ctrl_address {
if let cStr = cEvent.config.pointee.controller_url {
str = String(cString: cStr)
}
if !str.starts(with: "https://") {
str.insert(contentsOf: "https://", at: str.startIndex)
}
newControllerAddress = str
controller_url = str

var cfgSourceStr = ""
if let cStr = cEvent.config.pointee.cfg_source {
cfgSourceStr = String(cString: cStr)
}
cfgSource = cfgSourceStr

var caStr = ""
if let cStr = cEvent.new_ca_bundle {
if let cStr = cEvent.config.pointee.id.ca {
caStr = String(cString: cStr)
}
newCaBundle = caStr
caBundle = caStr

var ctrlsArray:[String] = []
var ctrlList = cEvent.config.pointee.controllers
withUnsafeMutablePointer(to: &ctrlList) { ctrlListPtr in
var i = model_list_iterator(ctrlListPtr)
while i != nil {
let ctrlPtr = model_list_it_element(i)
if let ctrl = UnsafeMutablePointer<CChar>(OpaquePointer(ctrlPtr)) {
ctrlsArray.append(String(ctrl.pointee))
}
i = model_list_it_next(i)
}
}
controllers = ctrlsArray
}
}

@@ -304,7 +328,7 @@ import CZitiPrivate
@objc public var authEvent:AuthEvent?

/// Populated based on event `type`
@objc public var apiEvent:ApiEvent?
@objc public var configEvent:ConfigEvent?

init(_ ziti:Ziti, _ cEvent:UnsafePointer<ziti_event_t>) {
self.ziti = ziti
@@ -317,8 +341,8 @@ import CZitiPrivate
routerEvent = RouterEvent(cEvent.pointee.router)
} else if type == .Auth {
authEvent = AuthEvent(cEvent.pointee.auth)
} else if type == .ApiEvent {
apiEvent = ApiEvent(cEvent.pointee.api)
} else if type == .ConfigEvent {
configEvent = ConfigEvent(cEvent.pointee.cfg)
} else {
log.error("unrecognized event type \(cEvent.pointee.type.rawValue)")
}
@@ -354,8 +378,11 @@ import CZitiPrivate
str += " providers: (\(e.providers.count))\n\(ZitiEvent.jwtSignerArrToStr(e.providers))"
}

if let e = apiEvent {
str += " newControllerAddress: \(e.newControllerAddress)\n"
if let e = configEvent {
str += " controller_url: \(e.controller_url)\n"
str += " controllers: \(e.controllers))\n"
str += " cfgSource: \(e.cfgSource)\n"
str += " caBundle: \(e.caBundle)\n"
}
return str
}
2 changes: 1 addition & 1 deletion lib/ZitiHostConfigV1.swift
View file
Original file line number Diff line number Diff line change
@@ -16,7 +16,7 @@ limitations under the License.
import Foundation

/// Class representation of host.v1 service configuration
public class ZitiHostConfigV1 : Codable, ZitiConfig {
public class ZitiHostConfigV1 : Codable, ZitiServiceConfig {
static var configType = "host.v1"

enum CodingKeys: String, CodingKey {
8 changes: 6 additions & 2 deletions lib/ZitiIdentity.swift
View file
Original file line number Diff line number Diff line change
@@ -37,6 +37,9 @@ import Foundation
/// scheme, host, and port used to communicate with Ziti controller
@objc public var ztAPI:String

/// scheme, host. and port of all controllers in cluster
@objc public var ztAPIs:[String]?

/// name assocaited with this identity in Ziti.
///
/// Note that this name is unknown until a session with Ziti is active
@@ -55,9 +58,10 @@ import Foundation
/// - ztAPI: URL for accessing Ziti controller API
/// - name: name currently configured for this identity
/// - ca: CA pool that can be used to verify trust of the Ziti controller
@objc public init(id:String, ztAPI:String, name:String?=nil, ca:String?=nil) {
@objc public init(id:String, ztAPIs:[String], name:String?=nil, ca:String?=nil) {
self.id = id
self.ztAPI = ztAPI
self.ztAPI = ztAPIs.first ?? ""
self.ztAPIs = ztAPIs
self.name = name
self.ca = ca
}
2 changes: 1 addition & 1 deletion lib/ZitiInterceptConfigV1.swift
View file
Original file line number Diff line number Diff line change
@@ -16,7 +16,7 @@ limitations under the License.
import Foundation

/// Class representation of intercept.v1 service configuration
public class ZitiInterceptConfigV1 : Codable, ZitiConfig {
public class ZitiInterceptConfigV1 : Codable, ZitiServiceConfig {
static var configType = "intercept.v1"

/// Class representing port range to intercept
2 changes: 1 addition & 1 deletion lib/ZitiService.swift
View file
Original file line number Diff line number Diff line change
@@ -97,7 +97,7 @@ import CZitiPrivate
}
}

static func parseConfig<T>(_ type: T.Type, _ zs: inout ziti_service) -> T? where T:Decodable, T:ZitiConfig {
static func parseConfig<T>(_ type: T.Type, _ zs: inout ziti_service) -> T? where T:Decodable, T:ZitiServiceConfig {
if let cfg = ziti_service_get_raw_config(&zs, type.configType.cString(using: .utf8)) {
return try? JSONDecoder().decode(type, from: Data(String(cString: cfg).utf8))
}
2 changes: 1 addition & 1 deletion lib/ZitiConfig.swift → lib/ZitiServiceConfig.swift
View file
Original file line number Diff line number Diff line change
@@ -15,6 +15,6 @@ limitations under the License.
*/
import Foundation

protocol ZitiConfig {
protocol ZitiServiceConfig {
static var configType:String { get }
}
19 changes: 11 additions & 8 deletions lib/ZitiTunnel.swift
View file
Original file line number Diff line number Diff line change
@@ -112,7 +112,7 @@ public class ZitiTunnel : NSObject, ZitiUnretained {

set_tunnel_logger()

opsZiti = Ziti(zid: ZitiIdentity(id: "--- ops Ziti ---", ztAPI: ""), loopPtr: loopPtr)
opsZiti = Ziti(zid: ZitiIdentity(id: "--- ops Ziti ---", ztAPIs: []), loopPtr: loopPtr)
self.tunnelProvider = tunnelProvider
netifDriver = NetifDriver(tunnelProvider: tunnelProvider)
super.init()
@@ -336,15 +336,18 @@ public class ZitiTunnel : NSObject, ZitiUnretained {
case TunnelEvents.MFAEvent.rawValue:
var cMfaAuthEvent = UnsafeRawPointer(cEvent).bindMemory(to: mfa_event.self, capacity: 1)
mySelf.tunnelProvider?.tunnelEventCallback(ZitiTunnelMfaEvent(ziti, cMfaAuthEvent))
case TunnelEvents.APIEvent.rawValue:
var cApiEvent = UnsafeRawPointer(cEvent).bindMemory(to: api_event.self, capacity: 1)
let event = ZitiTunnelApiEvent(ziti, cApiEvent)
case TunnelEvents.ConfigEvent.rawValue:
var cConfigEvent = UnsafeRawPointer(cEvent).bindMemory(to: config_event.self, capacity: 1)
let event = ZitiTunnelConfigEvent(ziti, cConfigEvent)
// update ourself with event info
if !event.newControllerAddress.isEmpty {
ziti.id.ztAPI = event.newControllerAddress
if !event.controller_url.isEmpty {
ziti.id.ztAPI = event.controller_url
}
if !event.newCaBundle.isEmpty {
ziti.id.ca = event.newCaBundle
if !event.controllers.isEmpty {
ziti.id.ztAPIs = event.controllers
}
if !event.caBundle.isEmpty {
ziti.id.ca = event.caBundle
}
// pass event to application
mySelf.tunnelProvider?.tunnelEventCallback(event)
2 changes: 1 addition & 1 deletion lib/ZitiTunnelClientConfigV1.swift
View file
Original file line number Diff line number Diff line change
@@ -16,7 +16,7 @@ limitations under the License.
import Foundation

/// Class representation of ziti-tunneler-client.v1 service configuration
public class ZitiTunnelClientConfigV1 : Codable, ZitiConfig {
public class ZitiTunnelClientConfigV1 : Codable, ZitiServiceConfig {
static var configType = "ziti-tunneler-client.v1"

/// hostname to intercept
41 changes: 30 additions & 11 deletions lib/ZitiTunnelEvent.swift
View file
Original file line number Diff line number Diff line change
@@ -208,26 +208,45 @@ import CZitiPrivate
}
}

/// Class encapsulating Ziti Tunnel SDK C API Event
@objc public class ZitiTunnelApiEvent : ZitiTunnelEvent {
/// Class encapsulating Ziti Tunnel SDK C Config Event
@objc public class ZitiTunnelConfigEvent : ZitiTunnelEvent {

/// New controller address
public var newControllerAddress:String = ""
/// Controller address (legacy)
public var controller_url:String = ""

/// New ca bundle
public var newCaBundle:String = ""
/// Controller addresses
public var controllers:[String] = []

init(_ ziti:Ziti, _ evt:UnsafePointer<api_event>) {
/// CA bundle
public var caBundle:String = ""

init(_ ziti:Ziti, _ evt:UnsafePointer<config_event>) {
super.init(ziti)
self.newControllerAddress = toStr(evt.pointee.new_ctrl_address)
self.newCaBundle = toStr(evt.pointee.new_ca_bundle)
var ziti_cfg_ptr:UnsafeMutablePointer<ziti_config>?
parse_ziti_config_ptr(&ziti_cfg_ptr, evt.pointee.config_json, strlen(evt.pointee.config_json))
self.controller_url = toStr(ziti_cfg_ptr?.pointee.controller_url)

var ctrlList = ziti_cfg_ptr!.pointee.controllers
withUnsafeMutablePointer(to: &ctrlList) { ctrlListPtr in
var i = model_list_iterator(ctrlListPtr)
while i != nil {
let ctrlPtr = model_list_it_element(i)
if let ctrl = UnsafeMutablePointer<CChar>(OpaquePointer(ctrlPtr)) {
let ctrlStr = toStr(ctrl)
controllers.append(ctrlStr)
}
i = model_list_it_next(i)
}
}
self.caBundle = toStr(ziti_cfg_ptr?.pointee.id.ca)
}

/// Debug description
/// - returns: String containing debug description of this event
public override var debugDescription: String {
return super.debugDescription + "\n" +
" newControllerAddress: \(newControllerAddress)\n" +
" newCaBundle: \(newCaBundle)"
" controller_url: \(controller_url)\n" +
" contrlollers: \(controllers)\n" +
" caBundle: \(caBundle)"
}
}
2 changes: 1 addition & 1 deletion lib/ZitiTunnelServerConfigV1.swift
View file
Original file line number Diff line number Diff line change
@@ -16,7 +16,7 @@ limitations under the License.
import Foundation

/// Class representation of ziti-tunneler-server.v1 service configuration
public class ZitiTunnelServerConfigV1 : Codable, ZitiConfig {
public class ZitiTunnelServerConfigV1 : Codable, ZitiServiceConfig {
static var configType = "ziti-tunneler-server.v1"
enum CodingKeys: String, CodingKey {
case hostname
2 changes: 1 addition & 1 deletion lib/ZitiUrlClientConfigV1.swift
View file
Original file line number Diff line number Diff line change
@@ -16,7 +16,7 @@ limitations under the License.
import Foundation

/// Class representation of ziti-url-client.v1 service configuration
public class ZitiUrlClientConfigV1 : Codable, ZitiConfig {
public class ZitiUrlClientConfigV1 : Codable, ZitiServiceConfig {
static var configType = "ziti-url-client.v1"

/// Scheme name (e.g., http, https)