Commit Graph

107 Commits

Author SHA1 Message Date
Davide De Rosa accd04eead Default to server settings for default gateway
IPv6 is not necessarily supported.
2019-05-11 15:59:02 +02:00
Davide De Rosa 547746e0d9 Customize TLS security level (lowest) 2019-05-08 23:55:21 +02:00
Davide De Rosa d44e9f861b Set supported preset on start 2019-05-04 10:29:27 +02:00
Davide De Rosa 77eff6373b Parse optional category presets 2019-05-02 13:08:24 +02:00
Davide De Rosa c6fbdca342 Move network settings to ad-hoc screen
Can now set gateway/DNS/proxy settings explicitly.

- Read from .ovpn (hosts only)
- Pull from server (PUSH_REPLY)
- Set manually
2019-05-01 23:00:28 +02:00
Davide De Rosa bab8e28b04 Use builders for editing configurations
Slip-ups in TunnelKit made configurations erroneously mutable.
2019-05-01 23:00:28 +02:00
Davide De Rosa 4afbe4aa4e Fix condition for external hostname in endpoints 2019-04-26 15:29:50 +02:00
Davide De Rosa 027bf82208 Store category groups as a list
Map complexity is of no use.

Update JSON (stub).
2019-04-26 13:48:26 +02:00
Davide De Rosa b61906c32f Handle Pool.resolved to use external hostname 2019-04-26 10:15:24 +02:00
Davide De Rosa bd29b6d6f0 Split external configuration read and injection
For reuse in Pool.addresses
2019-04-25 22:25:54 +02:00
Davide De Rosa d9a0ebd923 Upgrade API to v2 (entities) 2019-04-25 21:30:43 +02:00
Davide De Rosa 04c2191e83 Migrate profiles routing policies
- Providers: enforce all (IPv4 + IPv6)
- Hosts: re-read .ovpn on app update, fall back to all (safer)

Reload hosts in order to re-interpret "redirect-gateway".
2019-04-25 15:40:40 +02:00
Davide De Rosa ddb0c38860 Add comments about the need of cache LRU 2019-04-11 23:38:16 +02:00
Davide De Rosa cf8f0984a3 Cache pool models, do not rebuild each time
Invalidate on new infrastructure.
2019-04-11 23:38:16 +02:00
Davide De Rosa 8a81ad8f72 Update NordVPN infrastructure
- Pick default pool by country e.g. "us" rather than "us-123"
- Drop overwhelming resolved addresses

Required changes:

- Assume default pool id to be a prefix
- Make Pool addresses optional
2019-04-11 21:14:56 +02:00
Davide De Rosa 2f09a41d06 Stop to download additional provider resources 2019-04-11 19:01:55 +02:00
Davide De Rosa 922a715bfd Inject external resources into configuration 2019-04-11 18:05:53 +02:00
Davide De Rosa 489229b1eb Fix nil pool for renamed/removed ids
Would crash on connect otherwise.
2019-04-10 16:28:13 +02:00
Davide De Rosa 12597d34b3 Override hostname with profile value
Now that TunnelKit uses sessionConfiguration.hostname to set
.serverAddress, it must be set no matter what.

If hostname is nil, serverAddress is set to
resolvedAddresses.first, which for host profiles is always nil.

Also reorder provider code.
2019-04-10 15:13:31 +02:00
Davide De Rosa 89d7c6924d Make hostname optional in provider pool
E.g. ProtonVPN SecureCore servers don't provide a hostname.
2019-04-09 20:47:08 +02:00
Davide De Rosa f53ad65bcd Default "Any" protocol to UDP endpoints
Mitigates a potential issue with randomizeEndpoint where TCP
endpoints might be picked with equal probability, resulting in
poor performance out of the box.

Let the user pick TCP endpoints manually.
2019-04-07 15:15:14 +02:00
Davide De Rosa 8d3a5d747d Convert table model to PoolGroup 2019-04-06 16:20:01 +02:00
Davide De Rosa caab7fa9bc Fall back to default infrastructure preset
Fixes #57
2019-04-05 19:45:20 +02:00
Davide De Rosa 485fd091aa Add shortcut for profile by key 2019-04-05 00:52:36 +02:00
Davide De Rosa fe669bb3e0 Migrate to Configuration optionals
- cipher
- digest
- compressionFraming
2019-04-04 19:03:55 +02:00
Davide De Rosa d53e874cac Migrate old endpoints to new format 2019-04-04 19:03:55 +02:00
Davide De Rosa 1904687a22 Upgrade to TunnelKit 1.6.0
- Make cipher/digest/compressionFraming optional
- Move endpointProtocols inside SessionProxy.Configuration
- Rename OptionsError to ConfigurationError
2019-04-04 19:03:53 +02:00
Davide De Rosa cb2917a0a8 Fix wrong return in loadProfiles() 2019-04-04 12:00:12 +02:00
Davide De Rosa 921e57557d Render data count with closest unit
Set a 10% boundary (e.g. 100MB = 0.1GB).
2019-03-30 20:10:04 +01:00
Davide De Rosa bc0a0d40dc Observe tunnel data count periodically (5s)
Use Timer as KVO is not possible on App Group defaults.

Be tolerant about missing sections, return type is optional.

Also reword data count cell caption.
2019-03-30 20:10:04 +01:00
Davide De Rosa fdc3869d29 Move baseVPNConfiguration to TransientStore
Simplifies configuration update.
2019-03-22 19:09:52 +01:00
Davide De Rosa c391663d11 Persist masking flag 2019-03-22 19:09:52 +01:00
Davide De Rosa e4c1ea4def Delete log on masking change
It may contain stale and either sensitive or irrelevant data.
2019-03-22 18:54:54 +01:00
Davide De Rosa 96f5210c7c Control debug masking via diagnostics
Be clear about NOT logging any sensitive data. In fact, the
variable name masksPrivateData is potentially misleading.
2019-03-22 18:54:54 +01:00
Davide De Rosa 9f6307dbc2 Make default VPN configuration mutable 2019-03-22 18:46:04 +01:00
Davide De Rosa 15602f7dc9 Pick profile/location for connection intent
- Host: ConnectVPN intent
- Provider: requires Pool selection
2019-03-18 22:13:36 +01:00
Davide De Rosa 5237aa3916 Import Core framework into iOS target 2019-03-18 11:52:19 +01:00
Davide De Rosa f661008679 Make framework internal components public 2019-03-18 11:50:52 +01:00
Davide De Rosa c7f522f55e Create Passepartout-Core framework target
Move all sources to this target, out of Passepartout-iOS.

FIXME: TrustedNetworks uses ServiceViewController.RowType
FIXME: make iOS target depend on Core.
2019-03-18 11:19:24 +01:00
Davide De Rosa 39fb191309 Log documents migration event
If anything was moved.
2019-03-11 10:17:45 +01:00
Davide De Rosa 9005bf6c19 Skip "Inbox" during migration
No permission.
2019-03-11 10:17:01 +01:00
Davide De Rosa 87249cb8ad Migrate documents to App Group 2019-03-11 10:16:33 +01:00
Davide De Rosa 8ede1ed3d4 Use App Group container for documents and caches 2019-03-11 10:05:54 +01:00
Davide De Rosa 7a21338042 Update copyright 2019-03-09 11:44:44 +01:00
Davide De Rosa 2e4d2162ac Define custom intents
- Connect
- Disable
- (Un)Trust current network
- (Un)Trust cellular network
- Move to location
2019-03-09 11:23:47 +01:00
Davide De Rosa ce3781e3b5 Be more formal about ProfileKey parsing 2019-03-08 10:21:08 +01:00
Davide De Rosa b50cb4681b Fix stupid parsing of ProfileKey from String
Fixes #19
2019-03-08 00:01:52 +01:00
Davide De Rosa e4ef4a9dbc Rearrange lines to isolate throwing code 2019-03-06 17:10:37 +01:00
Davide De Rosa 942aaecdc3 Refine profile description 2019-02-23 11:18:36 +01:00
Davide De Rosa d0de93c60a Do not sort endpoint addresses
Defeats purpose of best-first ordering in DNS reply.
2019-01-17 09:51:42 +01:00