From 33ee2a2a5757fde76aaecc03b72824cf6b49a0ee Mon Sep 17 00:00:00 2001 From: Davide De Rosa Date: Wed, 23 Oct 2019 13:36:12 +0200 Subject: [PATCH] . --- disclaimer/index.html | 14 +++++----- donation/index.html | 14 +++++----- faq/index.html | 63 ++++++++++++++++++++++++------------------- feed.xml | 2 +- index.html | 14 +++++----- privacy/index.html | 14 +++++----- 6 files changed, 64 insertions(+), 57 deletions(-) diff --git a/disclaimer/index.html b/disclaimer/index.html index 10962f0..0c5a350 100644 --- a/disclaimer/index.html +++ b/disclaimer/index.html @@ -21,7 +21,7 @@ - + @@ -31,23 +31,23 @@ - + - + - - + + - - + + diff --git a/donation/index.html b/donation/index.html index 3c77c88..383468e 100644 --- a/donation/index.html +++ b/donation/index.html @@ -21,7 +21,7 @@ - + @@ -31,23 +31,23 @@ - + - + - - + + - - + + diff --git a/faq/index.html b/faq/index.html index 8007697..49b06f9 100644 --- a/faq/index.html +++ b/faq/index.html @@ -21,7 +21,7 @@ - + @@ -31,23 +31,23 @@ - + - + - - + + - - + + @@ -65,8 +65,11 @@
  • My provider is not listed
  • I’m on Wi-Fi but my device shows I’m connected via LTE
  • I’m unable to add my Wi-Fi to Trusted Networks
    • -
  • The configuration file contains an unsupported option (external file)
    • -
  • The VPN connects but immediately disconnects with “Encryption failed”
    • +
  • The VPN fails with “Auth failed” or immediately disconnects with “Encryption failed”
    • +
  • My provider returns “Auth failed” but my credentials are correct
    • +
  • +

    The configuration file contains an unsupported option (external file)

    +
  • Why don’t Siri Shortcuts execute in the background?
  • It seems that my traffic doesn’t necessarily go through the VPN
  • I’d like to see a Today Widget in the Notification Center
    • @@ -92,6 +95,29 @@

    To work around this issue, you should trust the network while the VPN is enabled and connected through such network. I will try to restore former behavior in future versions of Passepartout, or at least add an informational footer below the “Trusted networks” section.

    +

    The VPN fails with “Auth failed” or immediately disconnects with “Encryption failed”

    + +

    This may happen when you rely on default OpenVPN encryption, which is normally Blowfish (BF-CBC). The algorithm, besides being unsupported by Passepartout, is also weak and therefore discouraged. In order to fix this issue, you must switch to AES encryption. Passepartout only supports AES, be it in CBC or GCM mode.

    + +

    Set encryption explicitly in the server configuration, e.g.:

    + +
    cipher AES-128-CBC
+auth SHA1
+
    + +

    and don’t forget to update the client .ovpn as well with the exact same parameters.

    + +

    If you want to leverage newer AES-GCM encryption, you could just use:

    + +
    ncp-ciphers AES-256-GCM   # or AES-128-GCM
+
    + +

    and the client wouldn’t need to change a thing, because the algorithm will be enforced by the server no matter what.

    + +

    My provider returns “Auth failed” but my credentials are correct

    + +

    Bear in mind that some providers require specific credentials for their direct OpenVPN servers. That’s why Passepartout, in those cases, has a convenient link in the bottom of the Account screen showing you where to find such credentials on your provider’s website.

    +

    The configuration file contains an unsupported option (external file)

    Due to easier interoperability, the app does not support external files in the .ovpn main configuration. That’s because more often than not, it may not make sense referring to relative paths in a mobile device environment. Think of the Mail app for example. The fix is straightforward though, say you have an external ca file:

    @@ -110,25 +136,6 @@ content of my-ca.crt

    The same applies to other settings like cert, key, tls-auth and tls-crypt.

    -

    The VPN connects but immediately disconnects with “Encryption failed”

    - -

    This happens when you rely on default OpenVPN encryption, which is normally Blowfish. The algorithm, besides being unsupported by Passepartout, is also weak and therefore discouraged. In order to fix this issue, you must switch to AES encryption. Passepartout only supports AES, be it in CBC or GCM mode.

    - -

    Set encryption explicitly in the server configuration, e.g.:

    - -
    cipher AES-128-CBC
-auth SHA1
-
    - -

    and don’t forget to update the client .ovpn as well with the exact same parameters.

    - -

    If you want to leverage newer AES-GCM encryption, you could just use:

    - -
    ncp-ciphers AES-256-GCM   # or AES-128-GCM
-
    - -

    and the client wouldn’t need to change a thing, because the algorithm will be enforced by the server no matter what.

    -

    Why don’t Siri Shortcuts execute in the background?

    Unfortunately Apple is guilty of not fixing a related bug. I mean, it’s been there for years -since iOS 9 with my first bug report dating back to 2017- without them caring at all. No feedback and not even a proper response. And of course, no progress.

    diff --git a/feed.xml b/feed.xml index 1ffa4fc..bc6b8a9 100644 --- a/feed.xml +++ b/feed.xml @@ -1 +1 @@ -Jekyll2019-09-22T20:24:07+02:00https://passepartoutvpn.app/feed.xmlPassepartout, OpenVPN client for iOS and macOSPassepartout is a non-official, user-friendly OpenVPN® client for iOS and macOS.Davide De Rosa \ No newline at end of file +Jekyll2019-10-23T13:36:11+02:00https://passepartoutvpn.app/feed.xmlPassepartout, OpenVPN client for iOS and macOSPassepartout is a non-official, user-friendly OpenVPN® client for iOS and macOS.Davide De Rosa \ No newline at end of file diff --git a/index.html b/index.html index 2d42205..03ff32f 100644 --- a/index.html +++ b/index.html @@ -21,7 +21,7 @@ - + @@ -31,23 +31,23 @@ - + - + - - + + - - + + diff --git a/privacy/index.html b/privacy/index.html index 92060fb..9d383e0 100644 --- a/privacy/index.html +++ b/privacy/index.html @@ -21,7 +21,7 @@ - + @@ -31,23 +31,23 @@ - + - + - - + + - - + +