Fix problems with config init

MobileLibrary/iOS/.gitignore

@@ -3,7 +3,6 @@ go-ios-build
 build
 Psi.framework
 PsiphonTunnel.framework
-rootCAs.txt
 psiphon-config.json
 PsiphonTunnel/build-git-commit.txt
 

MobileLibrary/iOS/PsiphonTunnel/PsiphonTunnel.xcodeproj/project.pbxproj

@@ -24,7 +24,6 @@
 		66BDB02A1DA6BFCC0079384C /* PsiphonTunnel.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 66BDB0201DA6BFCC0079384C /* PsiphonTunnel.framework */; };
 		66BDB02F1DA6BFCC0079384C /* PsiphonTunnelTests.m in Sources */ = {isa = PBXBuildFile; fileRef = 66BDB02E1DA6BFCC0079384C /* PsiphonTunnelTests.m */; };
 		66BDB0311DA6BFCC0079384C /* PsiphonTunnel.h in Headers */ = {isa = PBXBuildFile; fileRef = 66BDB0231DA6BFCC0079384C /* PsiphonTunnel.h */; settings = {ATTRIBUTES = (Public, ); }; };
-		66BDB03E1DA6C79E0079384C /* rootCAs.txt in Resources */ = {isa = PBXBuildFile; fileRef = 66BDB03D1DA6C79E0079384C /* rootCAs.txt */; };
 		66BDB0441DA6C7DD0079384C /* PsiphonTunnel.m in Sources */ = {isa = PBXBuildFile; fileRef = 66BDB0431DA6C7DD0079384C /* PsiphonTunnel.m */; };
 		66BDB05A1DC26CCC0079384C /* SBJson4.h in Headers */ = {isa = PBXBuildFile; fileRef = 66BDB04B1DC26CCC0079384C /* SBJson4.h */; };
 		66BDB05B1DC26CCC0079384C /* SBJson4Parser.h in Headers */ = {isa = PBXBuildFile; fileRef = 66BDB04C1DC26CCC0079384C /* SBJson4Parser.h */; };
@@ -86,7 +85,6 @@
 		66BDB0291DA6BFCC0079384C /* PsiphonTunnelTests.xctest */ = {isa = PBXFileReference; explicitFileType = wrapper.cfbundle; includeInIndex = 0; path = PsiphonTunnelTests.xctest; sourceTree = BUILT_PRODUCTS_DIR; };
 		66BDB02E1DA6BFCC0079384C /* PsiphonTunnelTests.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = PsiphonTunnelTests.m; sourceTree = "<group>"; };
 		66BDB0301DA6BFCC0079384C /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = "<group>"; };
-		66BDB03D1DA6C79E0079384C /* rootCAs.txt */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; name = rootCAs.txt; path = PsiphonTunnel/rootCAs.txt; sourceTree = "<group>"; };
 		66BDB0431DA6C7DD0079384C /* PsiphonTunnel.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = PsiphonTunnel.m; sourceTree = "<group>"; };
 		66BDB04B1DC26CCC0079384C /* SBJson4.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SBJson4.h; sourceTree = "<group>"; };
 		66BDB04C1DC26CCC0079384C /* SBJson4Parser.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SBJson4Parser.h; sourceTree = "<group>"; };
@@ -205,7 +203,6 @@
 			children = (
 				669541B61EF9FECF0038E125 /* build-git-commit.txt */,
 				6685BDD81E300AC200F0E414 /* strip-frameworks.sh */,
-				66BDB03D1DA6C79E0079384C /* rootCAs.txt */,
 			);
 			name = Resources;
 			sourceTree = "<group>";
@@ -345,7 +342,6 @@
 			buildActionMask = 2147483647;
 			files = (
 				669541B71EF9FECF0038E125 /* build-git-commit.txt in Resources */,
-				66BDB03E1DA6C79E0079384C /* rootCAs.txt in Resources */,
 				6685BDD91E300AC200F0E414 /* strip-frameworks.sh in Resources */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;

MobileLibrary/iOS/PsiphonTunnel/PsiphonTunnel/PsiphonTunnel.h

@@ -89,10 +89,6 @@ typedef NS_ENUM(NSInteger, PsiphonConnectionState)
  - `EmitDiagnosticNotices`
  - `EgressRegion`
  - `EstablishTunnelTimeoutSeconds`
- - Should only be set if the Psiphon library is handling upgrade downloading (which it usually is _not_):
-   - `UpgradeDownloadURLs`
-   - `UpgradeDownloadClientVersionHeader`
-   - `UpgradeDownloadFilename`: Will be set to a sane default if not supplied.
  - Only set if disabling timeouts (for very slow network connections):
    - `TunnelConnectTimeoutSeconds`
    - `TunnelPortForwardDialTimeoutSeconds`
@@ -273,21 +269,6 @@ typedef NS_ENUM(NSInteger, PsiphonConnectionState)
  */
 - (void)onHomepage:(NSString * _Nonnull)url;
 
-/*!
- Called if the current version of the client is the latest (i.e., there is no upgrade available).
- Note: This is probably only applicable to Psiphon Inc.'s apps.
- Swift: @code func onClientIsLatestVersion() @endcode
- */
-- (void)onClientIsLatestVersion;
-
-/*!
- Called when a client upgrade has been downloaded.
- @param filename  The name of the file containing the upgrade.
- Note: This is probably only applicable to Psiphon Inc.'s apps.
- Swift: @code func onClientUpgradeDownloaded(_ filename: String) @endcode
- */
-- (void)onClientUpgradeDownloaded:(NSString * _Nonnull)filename;
-
 @end
 
 /*!

MobileLibrary/iOS/PsiphonTunnel/PsiphonTunnel/PsiphonTunnel.m

@@ -283,6 +283,12 @@
     //
     // Fill in optional config values.
     //
+
+    if (config[@"EstablishTunnelTimeoutSeconds"] == nil) {
+        // If not otherwise set, we want no tunnel establishment timeout
+        config[@"EstablishTunnelTimeoutSeconds"] = [NSNumber numberWithInt:0];
+    }
+
     
     NSFileManager *fileManager = [NSFileManager defaultManager];
     
@@ -373,23 +379,6 @@
         [self logMessage:@"Obfuscated server list functionality will be disabled"];
     }
 
-    //
-    // Upgrade Download Filename
-    //
-
-    NSString *defaultUpgradeDownloadFilename = [[libraryURL URLByAppendingPathComponent:@"upgrade_download_file" isDirectory:NO] path];
-    if (defaultUpgradeDownloadFilename == nil) {
-        [self logMessage:@"Unable to create defaultUpgradeDownloadFilename"];
-        return nil;
-    }
-
-    if (config[@"UpgradeDownloadFilename"] == nil) {
-        config[@"UpgradeDownloadFilename"] = defaultUpgradeDownloadFilename;
-    }
-    else {
-        [self logMessage:[NSString stringWithFormat: @"UpgradeDownloadFilename overridden from '%@' to '%@'", defaultUpgradeDownloadFilename, config[@"UpgradeDownloadFilename"]]];
-    }
-
     //
     // Tunnel Whole Device (defaults to not whole device)
     //
@@ -398,14 +387,12 @@
     tunnelWholeDevice = ([config[@"TunnelWholeDevice"] integerValue] == 1);
 
     // Other optional fields not being altered. If not set, their defaults will be used:
-    // * EstablishTunnelTimeoutSeconds
+    // * TunnelWholeDevice
     // * LocalSocksProxyPort
     // * LocalHttpProxyPort
     // * UpstreamProxyUrl
     // * EmitDiagnosticNotices
     // * EgressRegion
-    // * UpgradeDownloadUrl/UpgradeDownloadURLs
-    // * UpgradeDownloadClientVersionHeader
     // * timeout fields
     
     //
@@ -451,25 +438,26 @@
     config[@"DeviceRegion"] = [PsiphonTunnel getDeviceRegion];
     
     config[@"UseIndistinguishableTLS"] = [NSNumber numberWithBool:TRUE];
-    
-    // Get the location of the root CAs file in the bundle resources.
-    NSURL *rootCAsURL = [[NSBundle bundleForClass:[self class]] URLForResource:@"rootCAs" withExtension:@"txt"];
-    NSString *bundledTrustedCAPath = nil;
-    if (rootCAsURL == nil ||
-        (bundledTrustedCAPath = [rootCAsURL path]) == nil ||
-        ![[NSFileManager defaultManager] fileExistsAtPath:bundledTrustedCAPath]) {
-        [self logMessage:[NSString stringWithFormat: @"Unable to find Root CAs file in bundle: %@", bundledTrustedCAPath]];
-        return nil;
-    }
-    config[@"TrustedCACertificatesFilename"] = bundledTrustedCAPath;
-    
+
+    // We don't use OpenSSL, so we don't use a CA certs file
+    config[@"TrustedCACertificatesFilename"] = nil;
+
+    // This library expects a pool size of 1
+    config[@"TunnelPoolSize"] = [NSNumber numberWithInt:1];
+
+    // We don't support upgrade downloading
+    config[@"UpgradeDownloadURLs"] = nil;
+    config[@"UpgradeDownloadUrl"] = nil;
+    config[@"UpgradeDownloadClientVersionHeader"] = nil;
+    config[@"UpgradeDownloadFilename"] = nil;
+
     NSString *finalConfigStr = [[[SBJson4Writer alloc] init] stringWithObject:config];
     
     if (finalConfigStr == nil) {
         [self logMessage:@"Failed to convert config to JSON string"];
         return nil;
     }
-    
+
     return finalConfigStr;
 }
 
@@ -599,20 +587,10 @@
         }
     }
     else if ([noticeType isEqualToString:@"ClientUpgradeDownloaded"]) {
-        id filename = [notice valueForKeyPath:@"data.filename"];
-        if (![filename isKindOfClass:[NSString class]]) {
-            [self logMessage:[NSString stringWithFormat: @"ClientUpgradeDownloaded notice missing data.filename: %@", noticeJSON]];
-            return;
-        }
-        
-        if ([self.tunneledAppDelegate respondsToSelector:@selector(onClientUpgradeDownloaded:)]) {
-            [self.tunneledAppDelegate onClientUpgradeDownloaded:filename];
-        }
+        // We don't support upgrade downloading
     }
     else if ([noticeType isEqualToString:@"ClientIsLatestVersion"]) {
-        if ([self.tunneledAppDelegate respondsToSelector:@selector(onClientIsLatestVersion)]) {
-            [self.tunneledAppDelegate onClientIsLatestVersion];
-        }
+        // We don't support upgrade downloading
     }
     else if ([noticeType isEqualToString:@"Homepage"]) {
         id url = [notice valueForKeyPath:@"data.url"];

MobileLibrary/iOS/build-psiphon-framework.sh

@@ -43,15 +43,6 @@ if [[ ${FORCE_PRIVATE_PLUGINS} == true ]]; then PRIVATE_PLUGINS_TAG="PRIVATE_PLU
 BUILD_TAGS="IOS ${PRIVATE_PLUGINS_TAG}"
 
 UMBRELLA_FRAMEWORK_XCODE_PROJECT=${BASE_DIR}/PsiphonTunnel/PsiphonTunnel.xcodeproj/
-TRUSTED_ROOT_CA_FILE=${BASE_DIR}/PsiphonTunnel/PsiphonTunnel/rootCAs.txt
-
-# Download trustedroot CAs off curl website, see https://curl.haxx.se/docs/caextract.html for details
-curl -o $TRUSTED_ROOT_CA_FILE https://curl.haxx.se/ca/cacert.pem
-
-if [[ $? != 0 ]]; then
-  echo "FAILURE: curl -o $TRUSTED_ROOT_CA_FILE https://curl.haxx.se/ca/cacert.pem"
-  exit 1
-fi
 
 # Exporting these seems necessary for subcommands to pick them up.
 export GOPATH=${PWD}/go-ios-build