Added VPN button

ghostery · Oct 23, 2018 · f851e99098605e4c8323bebcb834106f97157cbe · f851e99
1 parent 1952651
commit f851e99098605e4c8323bebcb834106f97157cbe
diff --git a/Client.xcodeproj/project.pbxproj b/Client.xcodeproj/project.pbxproj
@@ -494,6 +494,8 @@
 		AF28D3DD207E378E0065FF86 /* GeoLocationBridge.m in Sources */ = {isa = PBXBuildFile; fileRef = AF28D3DC207E378E0065FF86 /* GeoLocationBridge.m */; };
 		AF28D3DF207E37A20065FF86 /* GeoLocation.swift in Sources */ = {isa = PBXBuildFile; fileRef = AF28D3DE207E37A20065FF86 /* GeoLocation.swift */; };
 		AF2A979F213432D800A37E4E /* FirefoxSearchViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = AF2A979E213432D800A37E4E /* FirefoxSearchViewController.swift */; };
+		AF2B90D7217F208B00550C57 /* NetworkExtension.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = AF2B90D6217F208B00550C57 /* NetworkExtension.framework */; };
+		AF2B90D8217F291700550C57 /* NetworkExtension.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = AF2B90D6217F208B00550C57 /* NetworkExtension.framework */; };
 		AF4C19B920AC7AC400D3F740 /* TopTabs.swift in Sources */ = {isa = PBXBuildFile; fileRef = AF4C19B820AC7AC400D3F740 /* TopTabs.swift */; };
 		AF53D3BC206A346B0012A11F /* TabExtension.swift in Sources */ = {isa = PBXBuildFile; fileRef = AF53D3BB206A346B0012A11F /* TabExtension.swift */; };
 		AF6F247D20AF0749009C3D0D /* CliqzStrings.swift in Sources */ = {isa = PBXBuildFile; fileRef = AF6F247C20AF0749009C3D0D /* CliqzStrings.swift */; };
@@ -1836,6 +1838,7 @@
 		AF28D3DC207E378E0065FF86 /* GeoLocationBridge.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = GeoLocationBridge.m; sourceTree = "<group>"; };
 		AF28D3DE207E37A20065FF86 /* GeoLocation.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = GeoLocation.swift; sourceTree = "<group>"; };
 		AF2A979E213432D800A37E4E /* FirefoxSearchViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = FirefoxSearchViewController.swift; sourceTree = "<group>"; };
+		AF2B90D6217F208B00550C57 /* NetworkExtension.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = NetworkExtension.framework; path = System/Library/Frameworks/NetworkExtension.framework; sourceTree = SDKROOT; };
 		AF4C19B820AC7AC400D3F740 /* TopTabs.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = TopTabs.swift; sourceTree = "<group>"; };
 		AF53D3BB206A346B0012A11F /* TabExtension.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = TabExtension.swift; sourceTree = "<group>"; };
 		AF6F247C20AF0749009C3D0D /* CliqzStrings.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CliqzStrings.swift; sourceTree = "<group>"; };
@@ -2304,6 +2307,7 @@
 				E6231C031B90A466005ABB0D /* libstdc++.6.0.9.tbd in Frameworks */,
 				E6231C051B90A472005ABB0D /* libxml2.2.tbd in Frameworks */,
 				E6231C011B90A44F005ABB0D /* libz.tbd in Frameworks */,
+				AF2B90D7217F208B00550C57 /* NetworkExtension.framework in Frameworks */,
 				E4A888161A95679500CDC337 /* FxA.framework in Frameworks */,
 				2FA436121ABB83B4008031D1 /* Account.framework in Frameworks */,
 				288A2D9D1AB8B3260023ABC3 /* Shared.framework in Frameworks */,
@@ -2477,6 +2481,7 @@
 				28C8D1391AD4CE9100F62011 /* Shared.framework in Frameworks */,
 				28C8D11D1AD4CE8900F62011 /* Storage.framework in Frameworks */,
 				2868FA061ADF7B69000D9B1D /* Sync.framework in Frameworks */,
+				AF2B90D8217F291700550C57 /* NetworkExtension.framework in Frameworks */,
 				7B604F871C494995006EEEC3 /* Alamofire.framework in Frameworks */,
 				3BA9A0321D2C2C0500BD418C /* Fuzi.framework in Frameworks */,
 				0B75AEA91AC20FB20015E5DC /* ImageIO.framework in Frameworks */,
@@ -3397,6 +3402,7 @@
 		7B604FC11C496005006EEEC3 /* Frameworks */ = {
 			isa = PBXGroup;
 			children = (
+				AF2B90D6217F208B00550C57 /* NetworkExtension.framework */,
 				392E18021FEC4D7B00EBA79C /* MappaMundi.framework */,
 				E46175F21EBB73A10021AE8A /* Sentry.framework */,
 				3B4988CD1E42B01800A12FDA /* SwiftyJSON.framework */,
@@ -5111,12 +5117,18 @@
 							com.apple.Keychain = {
 								enabled = 0;
 							};
+							com.apple.NetworkExtensions.iOS = {
+								enabled = 1;
+							};
 							com.apple.Push = {
 								enabled = 0;
 							};
 							com.apple.SafariKeychain = {
 								enabled = 0;
 							};
+							com.apple.VPNLite = {
+								enabled = 1;
+							};
 						};
 					};
 					F84B21D21A090F8100AAB793 = {
@@ -5137,9 +5149,15 @@
 							com.apple.Keychain = {
 								enabled = 0;
 							};
+							com.apple.NetworkExtensions.iOS = {
+								enabled = 1;
+							};
 							com.apple.Push = {
 								enabled = 0;
 							};
+							com.apple.VPNLite = {
+								enabled = 0;
+							};
 						};
 					};
 				};

diff --git a/Client/Client.entitlements b/Client/Client.entitlements
@@ -2,6 +2,14 @@
 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 <plist version="1.0">
 <dict>
+	<key>com.apple.developer.networking.networkextension</key>
+	<array>
+		<string>packet-tunnel-provider</string>
+	</array>
+	<key>com.apple.developer.networking.vpn.api</key>
+	<array>
+		<string>allow-vpn</string>
+	</array>
 	<key>com.apple.security.application-groups</key>
 	<array>
 		<string>group.com.cliqz.ios.newCliqz</string>

diff --git a/Client/Info.plist b/Client/Info.plist
@@ -99,7 +99,7 @@
 	<key>PocketEnvironmentAPIKey</key>
 	<string>$(POCKET_API_KEY)</string>
 	<key>SentryDSN</key>
-	<string>$(SENTRY_DSN)</string>
+	<string></string>
 	<key>UIAppFonts</key>
 	<array>
 		<string>CharisSILB.ttf</string>
@@ -181,5 +181,7 @@
 			<string></string>
 		</dict>
 	</array>
+	<key>VPNPass</key>
+	<string></string>
 </dict>
 </plist>
diff --git a/Cliqz/Extensions/AppDelegateExtension.swift b/Cliqz/Extensions/AppDelegateExtension.swift
@@ -7,6 +7,7 @@
 //
 
 import UIKit
+import NetworkExtension
 
 let InstallDateKey = "InstallDateKey"
 #if GHOSTERY
@@ -31,5 +32,110 @@ extension AppDelegate {
         navigationBarAppearace.tintColor = UIColor.white
         navigationBarAppearace.titleTextAttributes = [NSAttributedStringKey.foregroundColor:UIColor.white]
     }
+}
 
+open class DAKeychain {
+
+    open var loggingEnabled = true
+
+    private init() {}
+
+    private static var _shared: DAKeychain?
+    public static var shared: DAKeychain {
+        get {
+            if _shared == nil {
+                DispatchQueue.global().sync(flags: .barrier) {
+                    if _shared == nil {
+                        _shared = DAKeychain()
+                    }
+                }
+            }
+            return _shared!
+        }
+    }
+
+    open subscript(key: String) -> String? {
+        get {
+            return ""//load(withKey: key)
+        } set {
+            DispatchQueue.global().sync(flags: .barrier) {
+                self.save(newValue, forKey: key)
+            }
+        }
+    }
+
+    public func load(withKey key: String) -> Data? {
+        let query = keychainQuery(withKey: key)
+        query.setValue(kCFBooleanTrue, forKey: kSecReturnData as String)
+        query.setValue(kCFBooleanTrue, forKey: kSecReturnAttributes as String)
+        query.setValue(kCFBooleanTrue, forKey: kSecReturnPersistentRef as String)
+
+        var result: CFTypeRef?
+        let status = SecItemCopyMatching(query, &result)
+
+        guard
+            let resultsDict = result as? NSDictionary,
+            let resultsData = resultsDict.value(forKey: kSecValuePersistentRef as String) as? Data,
+            status == noErr
+            else {
+                logPrint("Load status: ", status)
+                return nil
+        }
+        return resultsData//String(data: resultsData, encoding: .utf8)
+    }
+
+    private func save(_ string: String?, forKey key: String) {
+        let query = keychainQuery(withKey: key)
+
+        let objectData: Data? = string?.data(using: .utf8, allowLossyConversion: false)
+
+        if SecItemCopyMatching(query, nil) == noErr {
+            if let dictData = objectData {
+                let status = SecItemUpdate(query, NSDictionary(dictionary: [kSecValueData: dictData]))
+                logPrint("Update status: ", status)
+            } else {
+                let status = SecItemDelete(query)
+                logPrint("Delete status: ", status)
+            }
+        } else {
+            if let dictData = objectData {
+                query.setValue(dictData, forKey: kSecValueData as String)
+                let status = SecItemAdd(query, nil)
+                logPrint("Update status: ", status)
+            }
+        }
+    }
+
+    //    private func load(withKey key: String) -> String? {
+    //        let query = keychainQuery(withKey: key)
+    //        query.setValue(kCFBooleanTrue, forKey: kSecReturnData as String)
+    //        query.setValue(kCFBooleanTrue, forKey: kSecReturnAttributes as String)
+    //
+    //        var result: CFTypeRef?
+    //        let status = SecItemCopyMatching(query, &result)
+    //
+    //        guard
+    //            let resultsDict = result as? NSDictionary,
+    //            let resultsData = resultsDict.value(forKey: kSecValueData as String) as? Data,
+    //            status == noErr
+    //            else {
+    //                logPrint("Load status: ", status)
+    //                return nil
+    //        }
+    //        return String(data: resultsData, encoding: .utf8)
+    //    }
+    
+    private func keychainQuery(withKey key: String) -> NSMutableDictionary {
+        let result = NSMutableDictionary()
+        result.setValue(kSecClassGenericPassword, forKey: kSecClass as String)
+        result.setValue(key, forKey: kSecAttrService as String)
+        result.setValue(kSecAttrAccessibleAlwaysThisDeviceOnly, forKey: kSecAttrAccessible as String)
+        return result
+    }
+
+    private func logPrint(_ items: Any...) {
+        if loggingEnabled {
+            print(items)
+        }
+    }
 }
diff --git a/Cliqz/Settings/CliqzAppSettingsOptions.swift b/Cliqz/Settings/CliqzAppSettingsOptions.swift
@@ -8,6 +8,7 @@
 
 import Foundation
 import MessageUI
+import NetworkExtension
 
 // MARK:- cliqz settings
 class CliqzConnectSetting: Setting {
@@ -31,6 +32,88 @@ class CliqzConnectSetting: Setting {
     }
 }
 
+class VPNConnectSetting: Setting {
+
+    let profile: Profile
+    weak var settingsViewController: SettingsTableViewController?
+
+    init(settings: SettingsTableViewController) {
+        self.profile = settings.profile
+        self.settingsViewController = settings
+
+        var title = NSLocalizedString("ConnectVPN", tableName: "Cliqz", comment: "[Settings] ConnectVPN")
+
+        if NEVPNManager.shared().connection.status == .connected {
+            title = NSLocalizedString("DisconnectVPN", tableName: "Cliqz", comment: "[Settings] DisconnectVPN")
+        }
+        super.init(title: NSAttributedString(string: title, attributes: [NSAttributedStringKey.foregroundColor: SettingsUX.TableViewRowTextColor]))
+    }
+
+    override var accessoryType: UITableViewCellAccessoryType { return .none }
+
+    override func onClick(_ navigationController: UINavigationController?) {
+        if NEVPNManager.shared().connection.status == .connected {
+            self.disconnectVPN()
+        }
+        else {
+            self.connect2VPN()
+        }
+    }
+
+    func reload() {
+        DispatchQueue.main.asyncAfter(deadline: .now() + 1.2) { [weak self] in
+            self?.settingsViewController?.reloadSettings()
+        }
+    }
+
+    func disconnectVPN() {
+        NEVPNManager.shared().connection.stopVPNTunnel()
+        self.reload()
+    }
+
+    func connect2VPN() {
+
+        //Insert credentials into Keychain
+        let username = "cliqz"
+
+        guard let password = Bundle.main.object(forInfoDictionaryKey: "VPNPass") as? String, !password.isEmpty else {
+            return
+        }
+
+        let keychain = DAKeychain.shared
+        keychain[username] = password
+        keychain["sharedSecret"] = "foxyproxy"
+
+        NEVPNManager.shared().loadFromPreferences { [unowned self](error) in
+            if NEVPNManager.shared().protocolConfiguration == nil {
+                let newIPSec = NEVPNProtocolIPSec()
+                //setUp the protocol
+                newIPSec.useExtendedAuthentication = true
+
+                newIPSec.authenticationMethod = .sharedSecret
+                newIPSec.sharedSecretReference = keychain.load(withKey: "sharedSecret")
+
+                newIPSec.username = "cliqz"
+                newIPSec.passwordReference = keychain.load(withKey: username)
+                newIPSec.serverAddress = "195.181.170.100"
+                newIPSec.disconnectOnSleep = false
+
+                NEVPNManager.shared().protocolConfiguration = newIPSec
+                NEVPNManager.shared().isEnabled = true
+                NEVPNManager.shared().saveToPreferences(completionHandler: { (error) in
+                    try? NEVPNManager.shared().connection.startVPNTunnel()
+                    self.reload()
+                })
+            }
+            else {
+                NEVPNManager.shared().isEnabled = true;
+                try? NEVPNManager.shared().connection.startVPNTunnel()
+                self.reload()
+            }
+        }
+    }
+}
+
 class RegionalSetting: Setting {
     let profile: Profile
 

diff --git a/Cliqz/Settings/CliqzAppSettingsTableViewController.swift b/Cliqz/Settings/CliqzAppSettingsTableViewController.swift
@@ -17,6 +17,10 @@ class CliqzAppSettingsTableViewController: AppSettingsTableViewController {
 
         #if GHOSTERY
         // Connect is not available in Ghostery
+        #elseif PAID
+        let connectVPNSettings = [VPNConnectSetting(settings: self)]
+        let connectVPNSettingsTitle = NSLocalizedString("ConnectVPN", tableName: "Cliqz", comment: "[Settings] ConnectVPN section title")
+        settings += [ SettingSection(title: NSAttributedString(string: connectVPNSettingsTitle), footerTitle: nil, children: connectVPNSettings)]
         #else
         // Connect
         let conenctSettings = [CliqzConnectSetting(settings: self)]

diff --git a/Jenkinsfile.publish b/Jenkinsfile.publish
@@ -86,6 +86,7 @@ node('mac-vm-host') {
                             ],
                             string(credentialsId: '8b4f7459-c446-4058-be61-3c3d98fe72e2', variable: 'ITUNES_USER'),
                             string(credentialsId: 'c454a3e9-83af-480a-82fe-08c858512140', variable: 'SentryDSN'),
+                            string(credentialsId: 'b4d6c48f-2b1e-4f24-8d9f-5f2d8eb4df64', variable: 'VPNPass'),
                             string(credentialsId: '05be12cd-5177-4adf-9812-809f01451fa0', variable: 'FASTLANE_PASSWORD'),
                             string(credentialsId: 'ee93743c-b0be-46aa-b49a-ab3caaea4f67', variable: 'MATCH_PASSWORD'),
                             string(credentialsId: 'f206e880-e09a-4369-a3f6-f86ee94481f2', variable: 'SENTRY_AUTH_TOKEN'),

diff --git a/fastlane/Fastfile b/fastlane/Fastfile
@@ -244,6 +244,9 @@ platform :ios do
     # Configuring Sentry DSN
     sh("cd .. && plutil -replace SentryDSN -string $SentryDSN Client/Info.plist")
 
+    # Configuring VPN
+    sh("cd .. && plutil -replace VPNPass -string $VPNPass Client/Info.plist")
+
     # Building ReactNative Entension
     sh("cd .. && npm run bundle")