Gemini/GeminiProtocol/NWParameters+Gemini.swift

//
//  NWParameters+Gemini.swift
//  Gemini
//
//  Created by Shadowfacts on 7/12/20.
//

import Network

extension NWParameters {
    static var gemini: NWParameters {
        let tlsOptions = geminiTLSOptions
        let tcpOptions = NWProtocolTCP.Options()
        let parameters = NWParameters(tls: tlsOptions, tcp: tcpOptions)
        
        let geminiOptions = NWProtocolFramer.Options(definition: GeminiProtocol.definition)
        parameters.defaultProtocolStack.applicationProtocols.insert(geminiOptions, at: 0)
        
        return parameters
    }
    
    private static var geminiTLSOptions: NWProtocolTLS.Options {
        let options = NWProtocolTLS.Options()
        
        sec_protocol_options_set_min_tls_protocol_version(options.securityProtocolOptions, .TLSv12)
        // based on https://developer.apple.com/forums/thread/104018
        sec_protocol_options_set_verify_block(options.securityProtocolOptions, { (sec_protocol_metadata, sec_trust, sec_protocol_verify_complete) in
            
            let trust = sec_trust_copy_ref(sec_trust).takeRetainedValue()
            
            var error: CFError?
            if SecTrustEvaluateWithError(trust, &error) {
                sec_protocol_verify_complete(true)
            } else {
                // todo: prompt user to trust cert on first use
                sec_protocol_verify_complete(true)
            }
        }, .main)
        
        return options
    }
}
Add WIP GeminiProtocol framework 2020-07-13 03:09:37 +00:00			`//`
			`// NWParameters+Gemini.swift`
			`// Gemini`
			`//`
			`// Created by Shadowfacts on 7/12/20.`
			`//`

			`import Network`

			`extension NWParameters {`
			`static var gemini: NWParameters {`
			`let tlsOptions = geminiTLSOptions`
			`let tcpOptions = NWProtocolTCP.Options()`
			`let parameters = NWParameters(tls: tlsOptions, tcp: tcpOptions)`

			`let geminiOptions = NWProtocolFramer.Options(definition: GeminiProtocol.definition)`
			`parameters.defaultProtocolStack.applicationProtocols.insert(geminiOptions, at: 0)`

			`return parameters`
			`}`

			`private static var geminiTLSOptions: NWProtocolTLS.Options {`
			`let options = NWProtocolTLS.Options()`

			`sec_protocol_options_set_min_tls_protocol_version(options.securityProtocolOptions, .TLSv12)`
			`// based on https://developer.apple.com/forums/thread/104018`
			`sec_protocol_options_set_verify_block(options.securityProtocolOptions, { (sec_protocol_metadata, sec_trust, sec_protocol_verify_complete) in`

			`let trust = sec_trust_copy_ref(sec_trust).takeRetainedValue()`

			`var error: CFError?`
			`if SecTrustEvaluateWithError(trust, &error) {`
			`sec_protocol_verify_complete(true)`
			`} else {`
			`// todo: prompt user to trust cert on first use`
			`sec_protocol_verify_complete(true)`
			`}`
			`}, .main)`

			`return options`
			`}`
			`}`