Support OpenVPN 2.5 --data-ciphers
When present, pick cipher among available data ciphers from configuration, rather than all recognized ciphers. Reorder available ciphers by decreasing "security".
This commit is contained in:
parent
0f44e9dc71
commit
81bc2a7ebd
|
@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
||||||
|
|
||||||
## Unreleased
|
## Unreleased
|
||||||
|
|
||||||
|
### Added
|
||||||
|
|
||||||
|
- Support `--data-ciphers` from OpenVPN 2.5 [tunnelkit#193](https://github.com/passepartoutvpn/tunnelkit/issues/193)
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
- Drop hosts restriction in free version ("Unlimited hosts").
|
- Drop hosts restriction in free version ("Unlimited hosts").
|
||||||
|
|
|
@ -352,10 +352,19 @@ extension ConfigurationViewController: UITableViewDataSource, UITableViewDelegat
|
||||||
|
|
||||||
switch model.row(at: indexPath) {
|
switch model.row(at: indexPath) {
|
||||||
case .cipher:
|
case .cipher:
|
||||||
|
var options: [OpenVPN.Cipher] = configuration.dataCiphers ?? []
|
||||||
|
if !options.isEmpty {
|
||||||
|
if let cipher = configuration.cipher, !options.contains(cipher) {
|
||||||
|
options.append(cipher)
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
options.append(contentsOf: OpenVPN.Cipher.available)
|
||||||
|
}
|
||||||
|
|
||||||
let vc = SingleOptionViewController<OpenVPN.Cipher>()
|
let vc = SingleOptionViewController<OpenVPN.Cipher>()
|
||||||
vc.applyTint(.current)
|
vc.applyTint(.current)
|
||||||
vc.title = settingCell?.leftText
|
vc.title = settingCell?.leftText
|
||||||
vc.options = OpenVPN.Cipher.available
|
vc.options = options
|
||||||
vc.selectedOption = configuration.cipher
|
vc.selectedOption = configuration.cipher
|
||||||
vc.descriptionBlock = { $0.description }
|
vc.descriptionBlock = { $0.description }
|
||||||
vc.selectionBlock = { [weak self] in
|
vc.selectionBlock = { [weak self] in
|
||||||
|
|
|
@ -155,9 +155,19 @@ class ConfigurationViewController: NSViewController, ProfileCustomization {
|
||||||
popupDigest.removeAllItems()
|
popupDigest.removeAllItems()
|
||||||
popupCompressionFraming.removeAllItems()
|
popupCompressionFraming.removeAllItems()
|
||||||
popupCompressionAlgorithm.removeAllItems()
|
popupCompressionAlgorithm.removeAllItems()
|
||||||
for cipher in OpenVPN.Cipher.available {
|
|
||||||
|
var cipherOptions: [OpenVPN.Cipher] = configuration.dataCiphers ?? []
|
||||||
|
if !cipherOptions.isEmpty {
|
||||||
|
if let cipher = configuration.cipher, !cipherOptions.contains(cipher) {
|
||||||
|
cipherOptions.append(cipher)
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
cipherOptions.append(contentsOf: OpenVPN.Cipher.available)
|
||||||
|
}
|
||||||
|
for cipher in cipherOptions {
|
||||||
popupCipher.addItem(withTitle: cipher.rawValue)
|
popupCipher.addItem(withTitle: cipher.rawValue)
|
||||||
}
|
}
|
||||||
|
|
||||||
for digest in OpenVPN.Digest.available {
|
for digest in OpenVPN.Digest.available {
|
||||||
popupDigest.addItem(withTitle: digest.rawValue)
|
popupDigest.addItem(withTitle: digest.rawValue)
|
||||||
}
|
}
|
||||||
|
|
|
@ -28,12 +28,12 @@ import TunnelKit
|
||||||
|
|
||||||
extension OpenVPN.Cipher {
|
extension OpenVPN.Cipher {
|
||||||
public static let available: [OpenVPN.Cipher] = [
|
public static let available: [OpenVPN.Cipher] = [
|
||||||
.aes128cbc,
|
.aes256gcm,
|
||||||
.aes192cbc,
|
|
||||||
.aes256cbc,
|
|
||||||
.aes128gcm,
|
|
||||||
.aes192gcm,
|
.aes192gcm,
|
||||||
.aes256gcm
|
.aes128gcm,
|
||||||
|
.aes256cbc,
|
||||||
|
.aes192cbc,
|
||||||
|
.aes128cbc
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
2
Podfile
2
Podfile
|
@ -8,7 +8,7 @@ $tunnelkit_specs = ['Protocols/OpenVPN', 'Extra/LZO']
|
||||||
|
|
||||||
def shared_pods
|
def shared_pods
|
||||||
#pod_version $tunnelkit_name, $tunnelkit_specs, '~> 3.1.0'
|
#pod_version $tunnelkit_name, $tunnelkit_specs, '~> 3.1.0'
|
||||||
pod_git $tunnelkit_name, $tunnelkit_specs, '2886222'
|
pod_git $tunnelkit_name, $tunnelkit_specs, 'c15d6f5'
|
||||||
#pod_path $tunnelkit_name, $tunnelkit_specs, '..'
|
#pod_path $tunnelkit_name, $tunnelkit_specs, '..'
|
||||||
pod 'SSZipArchive'
|
pod 'SSZipArchive'
|
||||||
pod 'Kvitto', :git => 'https://github.com/keeshux/Kvitto', :branch => 'enable-macos-spec'
|
pod 'Kvitto', :git => 'https://github.com/keeshux/Kvitto', :branch => 'enable-macos-spec'
|
||||||
|
|
22
Podfile.lock
22
Podfile.lock
|
@ -24,15 +24,15 @@ PODS:
|
||||||
- OpenSSL-Apple (1.1.1h.10)
|
- OpenSSL-Apple (1.1.1h.10)
|
||||||
- SSZipArchive (2.2.3)
|
- SSZipArchive (2.2.3)
|
||||||
- SwiftyBeaver (1.9.3)
|
- SwiftyBeaver (1.9.3)
|
||||||
- TunnelKit/AppExtension (3.2.0):
|
- TunnelKit/AppExtension (3.3.0):
|
||||||
- SwiftyBeaver
|
- SwiftyBeaver
|
||||||
- TunnelKit/Core
|
- TunnelKit/Core
|
||||||
- TunnelKit/Core (3.2.0):
|
- TunnelKit/Core (3.3.0):
|
||||||
- SwiftyBeaver
|
- SwiftyBeaver
|
||||||
- TunnelKit/Extra/LZO (3.2.0)
|
- TunnelKit/Extra/LZO (3.3.0)
|
||||||
- TunnelKit/Manager (3.2.0):
|
- TunnelKit/Manager (3.3.0):
|
||||||
- SwiftyBeaver
|
- SwiftyBeaver
|
||||||
- TunnelKit/Protocols/OpenVPN (3.2.0):
|
- TunnelKit/Protocols/OpenVPN (3.3.0):
|
||||||
- OpenSSL-Apple (~> 1.1.1h.10)
|
- OpenSSL-Apple (~> 1.1.1h.10)
|
||||||
- TunnelKit/AppExtension
|
- TunnelKit/AppExtension
|
||||||
- TunnelKit/Core
|
- TunnelKit/Core
|
||||||
|
@ -52,8 +52,8 @@ DEPENDENCIES:
|
||||||
- Kvitto (from `https://github.com/keeshux/Kvitto`, branch `enable-macos-spec`)
|
- Kvitto (from `https://github.com/keeshux/Kvitto`, branch `enable-macos-spec`)
|
||||||
- MBProgressHUD
|
- MBProgressHUD
|
||||||
- SSZipArchive
|
- SSZipArchive
|
||||||
- TunnelKit/Extra/LZO (from `https://github.com/passepartoutvpn/tunnelkit`, commit `2886222`)
|
- TunnelKit/Extra/LZO (from `https://github.com/passepartoutvpn/tunnelkit`, commit `c15d6f5`)
|
||||||
- TunnelKit/Protocols/OpenVPN (from `https://github.com/passepartoutvpn/tunnelkit`, commit `2886222`)
|
- TunnelKit/Protocols/OpenVPN (from `https://github.com/passepartoutvpn/tunnelkit`, commit `c15d6f5`)
|
||||||
|
|
||||||
SPEC REPOS:
|
SPEC REPOS:
|
||||||
https://github.com/cocoapods/specs.git:
|
https://github.com/cocoapods/specs.git:
|
||||||
|
@ -71,7 +71,7 @@ EXTERNAL SOURCES:
|
||||||
:branch: enable-macos-spec
|
:branch: enable-macos-spec
|
||||||
:git: https://github.com/keeshux/Kvitto
|
:git: https://github.com/keeshux/Kvitto
|
||||||
TunnelKit:
|
TunnelKit:
|
||||||
:commit: '2886222'
|
:commit: c15d6f5
|
||||||
:git: https://github.com/passepartoutvpn/tunnelkit
|
:git: https://github.com/passepartoutvpn/tunnelkit
|
||||||
|
|
||||||
CHECKOUT OPTIONS:
|
CHECKOUT OPTIONS:
|
||||||
|
@ -82,7 +82,7 @@ CHECKOUT OPTIONS:
|
||||||
:commit: e263fcd1f40a6a482a0f1e424ba98009c4ad2b96
|
:commit: e263fcd1f40a6a482a0f1e424ba98009c4ad2b96
|
||||||
:git: https://github.com/keeshux/Kvitto
|
:git: https://github.com/keeshux/Kvitto
|
||||||
TunnelKit:
|
TunnelKit:
|
||||||
:commit: '2886222'
|
:commit: c15d6f5
|
||||||
:git: https://github.com/passepartoutvpn/tunnelkit
|
:git: https://github.com/passepartoutvpn/tunnelkit
|
||||||
|
|
||||||
SPEC CHECKSUMS:
|
SPEC CHECKSUMS:
|
||||||
|
@ -93,8 +93,8 @@ SPEC CHECKSUMS:
|
||||||
OpenSSL-Apple: 8a8fcb06fb66f9c2f7aed45ce363668493b8e5f6
|
OpenSSL-Apple: 8a8fcb06fb66f9c2f7aed45ce363668493b8e5f6
|
||||||
SSZipArchive: 62d4947b08730e4cda640473b0066d209ff033c9
|
SSZipArchive: 62d4947b08730e4cda640473b0066d209ff033c9
|
||||||
SwiftyBeaver: 2e8acd6fc90c6d0a27055867a290794926d57c02
|
SwiftyBeaver: 2e8acd6fc90c6d0a27055867a290794926d57c02
|
||||||
TunnelKit: b9ea352cbcce641f98687109c2e7d8cb1fa40e19
|
TunnelKit: 2a6aadea2d772a2760b153aee27d1c334c9ca6db
|
||||||
|
|
||||||
PODFILE CHECKSUM: ba0c9bc518c5eaec3a015c524fb62f23396463bd
|
PODFILE CHECKSUM: 9751a898e23369673b1dfb0c7c7fde9834a55d53
|
||||||
|
|
||||||
COCOAPODS: 1.10.0
|
COCOAPODS: 1.10.0
|
||||||
|
|
Loading…
Reference in New Issue