diff --git a/Passepartout.xcodeproj/project.pbxproj b/Passepartout.xcodeproj/project.pbxproj
index 1f86d7c4..8abf9d08 100644
--- a/Passepartout.xcodeproj/project.pbxproj
+++ b/Passepartout.xcodeproj/project.pbxproj
@@ -738,6 +738,7 @@
0E9AAACA259F806B003FAFF1 /* CopyFiles */,
0E5203C2259F5F3F00CBAB56 /* Embed App Extensions */,
0E5203F6259F60D600CBAB56 /* Embed Frameworks */,
+ 0EBEF139274E4DAE00EAC689 /* Drop Extra Frameworks In Extensions */,
);
buildRules = (
);
@@ -782,6 +783,7 @@
0E57F63620C83FC5008323CF /* Resources */,
0E3152B7223F9EF500F61841 /* Embed Frameworks */,
0EB2B14B2733FB6F007705AB /* Embed App Extensions */,
+ 0EBEF138274E4C7F00EAC689 /* Drop Extra Frameworks In Extensions */,
);
buildRules = (
);
@@ -984,6 +986,45 @@
};
/* End PBXResourcesBuildPhase section */
+/* Begin PBXShellScriptBuildPhase section */
+ 0EBEF138274E4C7F00EAC689 /* Drop Extra Frameworks In Extensions */ = {
+ isa = PBXShellScriptBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ );
+ inputFileListPaths = (
+ );
+ inputPaths = (
+ );
+ name = "Drop Extra Frameworks In Extensions";
+ outputFileListPaths = (
+ );
+ outputPaths = (
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ shellPath = /bin/sh;
+ shellScript = "# Type a script or drag a script file from your workspace to insert its path.\nrm -rf \"${BUILT_PRODUCTS_DIR}/${PLUGINS_FOLDER_PATH}/PassepartoutTunnel.appex/Frameworks\"\n";
+ };
+ 0EBEF139274E4DAE00EAC689 /* Drop Extra Frameworks In Extensions */ = {
+ isa = PBXShellScriptBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ );
+ inputFileListPaths = (
+ );
+ inputPaths = (
+ );
+ name = "Drop Extra Frameworks In Extensions";
+ outputFileListPaths = (
+ );
+ outputPaths = (
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ shellPath = /bin/sh;
+ shellScript = "# Type a script or drag a script file from your workspace to insert its path.\nrm -rf \"${BUILT_PRODUCTS_DIR}/${PLUGINS_FOLDER_PATH}/PassepartoutTunnel.appex/Contents/Frameworks\"\n";
+ };
+/* End PBXShellScriptBuildPhase section */
+
/* Begin PBXSourcesBuildPhase section */
0E5202F3259F573500CBAB56 /* Sources */ = {
isa = PBXSourcesBuildPhase;
@@ -1385,8 +1426,9 @@
CLANG_WARN_UNREACHABLE_CODE = YES;
CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
CODE_SIGN_IDENTITY = "iPhone Developer";
- CURRENT_PROJECT_VERSION = 1058;
+ CURRENT_PROJECT_VERSION = 1065;
DEBUG_INFORMATION_FORMAT = dwarf;
+ ENABLE_BITCODE = NO;
ENABLE_STRICT_OBJC_MSGSEND = YES;
ENABLE_TESTABILITY = YES;
GCC_C_LANGUAGE_STANDARD = gnu11;
@@ -1450,8 +1492,9 @@
CLANG_WARN_UNREACHABLE_CODE = YES;
CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
CODE_SIGN_IDENTITY = "iPhone Developer";
- CURRENT_PROJECT_VERSION = 1058;
+ CURRENT_PROJECT_VERSION = 1065;
DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym";
+ ENABLE_BITCODE = NO;
ENABLE_NS_ASSERTIONS = NO;
ENABLE_STRICT_OBJC_MSGSEND = YES;
GCC_C_LANGUAGE_STANDARD = gnu11;
diff --git a/Passepartout/App/iOS/CHANGELOG.md b/Passepartout/App/iOS/CHANGELOG.md
index c61cb1fa..8506753f 100644
--- a/Passepartout/App/iOS/CHANGELOG.md
+++ b/Passepartout/App/iOS/CHANGELOG.md
@@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
## Unreleased
+### Changed
+
+- Revert to OpenSSL.
+
### Fixed
- Regression in TLS handshake on certain devices.
diff --git a/Passepartout/App/iOS/Info.plist b/Passepartout/App/iOS/Info.plist
index 0867336f..26135649 100644
--- a/Passepartout/App/iOS/Info.plist
+++ b/Passepartout/App/iOS/Info.plist
@@ -35,7 +35,7 @@
CFBundleShortVersionString
1.17.2
CFBundleVersion
- 1058
+ 1065
ITSAppUsesNonExemptEncryption
LSRequiresIPhoneOS
diff --git a/Passepartout/App/macOS/CHANGELOG.md b/Passepartout/App/macOS/CHANGELOG.md
index e46ee3f9..ff11cb48 100644
--- a/Passepartout/App/macOS/CHANGELOG.md
+++ b/Passepartout/App/macOS/CHANGELOG.md
@@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
## Unreleased
+### Changed
+
+- Revert to OpenSSL.
+
### Fixed
- Regression in TLS handshake on certain devices.
diff --git a/Passepartout/App/macOS/Info.plist b/Passepartout/App/macOS/Info.plist
index 266a17b1..44acaf36 100644
--- a/Passepartout/App/macOS/Info.plist
+++ b/Passepartout/App/macOS/Info.plist
@@ -34,7 +34,7 @@
CFBundleShortVersionString
1.17.2
CFBundleVersion
- 1058
+ 1065
ITSAppUsesNonExemptEncryption
LSApplicationCategoryType
diff --git a/Passepartout/App/macOS/Launcher/Info.plist b/Passepartout/App/macOS/Launcher/Info.plist
index 0fefd978..ea39b53d 100644
--- a/Passepartout/App/macOS/Launcher/Info.plist
+++ b/Passepartout/App/macOS/Launcher/Info.plist
@@ -21,7 +21,7 @@
CFBundleShortVersionString
1.17.2
CFBundleVersion
- 1058
+ 1065
ITSAppUsesNonExemptEncryption
LSApplicationCategoryType
diff --git a/Passepartout/Tunnel/Info.plist b/Passepartout/Tunnel/Info.plist
index f9217af5..4b146810 100644
--- a/Passepartout/Tunnel/Info.plist
+++ b/Passepartout/Tunnel/Info.plist
@@ -19,7 +19,7 @@
CFBundleShortVersionString
1.17.2
CFBundleVersion
- 1058
+ 1065
LSMinimumSystemVersion
$(MACOSX_DEPLOYMENT_TARGET)
NSExtension
diff --git a/PassepartoutCore/Package.swift b/PassepartoutCore/Package.swift
index 24a22fe4..cb1acb1f 100644
--- a/PassepartoutCore/Package.swift
+++ b/PassepartoutCore/Package.swift
@@ -22,7 +22,7 @@ let package = Package(
// Dependencies declare other packages that this package depends on.
// .package(url: /* package url */, from: "1.0.0"),
// .package(name: "TunnelKit", url: "https://github.com/passepartoutvpn/tunnelkit", from: "4.0.1"),
- .package(name: "TunnelKit", url: "https://github.com/passepartoutvpn/tunnelkit", .revision("c40863d36687c4d44985e7ba804cac41608038e0")),
+ .package(name: "TunnelKit", url: "https://github.com/passepartoutvpn/tunnelkit", .revision("b6d3cdc3b12a01816b9728b562c5cce700c8977b")),
// .package(name: "TunnelKit", path: "../../tunnelkit"),
.package(name: "Convenience", url: "https://github.com/keeshux/convenience", .revision("347105ec0ce27cd4255acf9875fd60ad1f213801")),
.package(url: "https://github.com/Cocoanetics/Kvitto", from: "1.0.0")
diff --git a/PassepartoutCore/Sources/PassepartoutCore/Model/Profiles/HostConnectionProfile.swift b/PassepartoutCore/Sources/PassepartoutCore/Model/Profiles/HostConnectionProfile.swift
index 9501b2f7..d1a87af2 100644
--- a/PassepartoutCore/Sources/PassepartoutCore/Model/Profiles/HostConnectionProfile.swift
+++ b/PassepartoutCore/Sources/PassepartoutCore/Model/Profiles/HostConnectionProfile.swift
@@ -108,6 +108,7 @@ public class HostConnectionProfile: ConnectionProfile, Codable, Equatable {
// forcibly override hostname with profile hostname (never nil)
var sessionBuilder = builder.sessionConfiguration.builder()
sessionBuilder.hostname = hostname
+ sessionBuilder.tlsSecurityLevel = 0 // lowest, tolerate widest range of certificates
if sessionBuilder.mtu == nil {
sessionBuilder.mtu = configuration.sessionConfiguration.mtu
}