tunnelkit/CHANGELOG.md

245 lines
7.6 KiB
Markdown
Raw Normal View History

2018-10-07 08:44:59 +00:00
# Changelog
All notable changes to this project will be documented in this file.
2018-09-23 10:30:29 +00:00
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
2018-09-20 22:11:01 +00:00
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
2018-09-23 10:30:29 +00:00
## Unreleased
2019-04-25 12:55:28 +00:00
### Changed
- Do not redirect all traffic to VPN unless `--redirect-gateway` specified. [#90](https://github.com/keeshux/tunnelkit/issues/90)
### Fixed
- SoftEther sends an incomplete PUSH_REPLY. [#86](https://github.com/keeshux/tunnelkit/issues/86)
- Authentication/Decrypt errors with TLS wrapping. [#88](https://github.com/keeshux/tunnelkit/issues/88), [#61](https://github.com/keeshux/tunnelkit/issues/61)
- Broken DNS when no servers provided. [#84](https://github.com/keeshux/tunnelkit/issues/84)
2019-04-17 07:25:36 +00:00
## 1.6.2 (2019-04-17)
### Added
- Basic support for proxy settings (no PAC). [#74](https://github.com/keeshux/tunnelkit/issues/74)
### Changed
- Make `hostname` optional and pick `resolvedAddresses` if nil.
### Fixed
- Negotiation times out with SoftEther. [#67](https://github.com/keeshux/tunnelkit/issues/67)
2019-04-16 22:26:56 +00:00
- Unable to handle continuated PUSH_REPLY. [#71](https://github.com/keeshux/tunnelkit/issues/71)
- TCP requiring multiple PUSH_REQUEST. [#73](https://github.com/keeshux/tunnelkit/issues/73)
2019-04-17 07:25:36 +00:00
- DNS inconsistencies. [#85](https://github.com/keeshux/tunnelkit/pull/85)
2019-04-08 21:28:13 +00:00
## 1.6.1 (2019-04-07)
### Fixed
- Cipher/digest erroneously required by AppExtension.
2019-04-06 14:57:56 +00:00
## 1.6.0 (2019-04-06)
### Added
- Handle `dhcp-option DOMAIN`. [#77](https://github.com/keeshux/tunnelkit/issues/77)
2019-04-03 10:20:34 +00:00
### Changed
2019-04-06 14:57:56 +00:00
- Refactor configuration parser for reuse.
2019-04-03 10:20:34 +00:00
### Fixed
- Unrecognized PKCS#8 encrypted private keys. [#80](https://github.com/keeshux/tunnelkit/issues/80)
2019-04-01 23:04:46 +00:00
- Handle PEM with preamble. [#78](https://github.com/keeshux/tunnelkit/issues/78)
2019-04-01 08:01:38 +00:00
## 1.5.2 (2019-04-01)
### Added
- Optional data count report via `TunnelKitProvider.Configuration.dataCount(in:)`.
2019-03-30 22:21:11 +00:00
### Changed
- Upgraded to Swift 5.
### Fixed
- `checksEKU` not propagated to TunnelKitProvider.
2019-03-25 20:20:04 +00:00
## 1.5.1 (2019-03-25)
2019-03-25 14:53:26 +00:00
### Added
- Scramble endpoints via `--remote-random`. [#76](https://github.com/keeshux/tunnelkit/issues/76)
2019-03-25 19:30:01 +00:00
- Support for encrypted certificate private keys. [#72](https://github.com/keeshux/tunnelkit/issues/72)
2019-03-25 14:53:26 +00:00
### Fixed
- Send explicit exit notification if UDP. [#29](https://github.com/keeshux/tunnelkit/issues/29)
2019-03-25 14:53:26 +00:00
- Broken reconnection on network change (mitigated). [#75](https://github.com/keeshux/tunnelkit/issues/75)
2019-03-20 15:47:09 +00:00
## 1.5.0 (2019-03-20)
2019-03-19 15:19:01 +00:00
### Added
- Support for legacy `--comp-lzo` compression. [#69](https://github.com/keeshux/tunnelkit/pull/69)
2019-03-19 22:55:24 +00:00
- Support for newer `--compress lzo` option. [#70](https://github.com/keeshux/tunnelkit/pull/70)
2019-03-19 15:19:01 +00:00
2019-03-18 17:45:56 +00:00
## 1.4.3 (2019-03-18)
2019-03-08 12:21:47 +00:00
### Fixed
- Several reconnection issues.
2019-03-18 16:27:48 +00:00
- Missing EKU flag evaluation.
2019-03-08 12:21:47 +00:00
2019-03-05 09:43:20 +00:00
## 1.4.2 (2019-03-05)
### Added
- Shut down if server pushes a compressed data packet.
2019-03-05 09:43:20 +00:00
### Fixed
- Custom DNS servers were not applied.
- Reject `<connection>` blocks as unsupported.
2019-02-25 22:46:46 +00:00
## 1.4.1 (2019-02-25)
2019-01-05 21:54:21 +00:00
### Added
- Override DNS servers client side. [#56](https://github.com/keeshux/tunnelkit/pull/56)
2019-02-25 22:18:42 +00:00
- Shut down if server pushes a compression directive. [#65](https://github.com/keeshux/tunnelkit/pull/65)
2019-01-05 21:54:21 +00:00
2019-02-23 11:07:24 +00:00
### Changed
- Enable or disable EKU according to `remote-cert-tls server` in .ovpn file. [#64](https://github.com/keeshux/tunnelkit/pull/64)
### Fixed
- Compiling errors in demo target.
- Linking errors with OpenSSL.
2019-02-25 22:35:38 +00:00
- A few potential vulnerabilities.
2018-11-17 17:01:14 +00:00
## 1.4.0 (2018-11-12)
2018-11-10 10:15:24 +00:00
### Added
- Parser for .ovpn configuration files. [#47](https://github.com/keeshux/tunnelkit/pull/47)
### Changed
2018-11-17 17:01:14 +00:00
- Due to [#47](https://github.com/keeshux/tunnelkit/pull/47), `SocketType` and `EndpointProtocol` were moved to Core subspec.
2018-11-10 10:15:24 +00:00
2018-11-07 23:00:06 +00:00
## 1.3.1 (2018-11-07)
2018-11-05 19:26:39 +00:00
### Fixed
- IPv4/UInt32 conversions are not endianness-agnostic. [#46](https://github.com/keeshux/tunnelkit/pull/46)
2018-10-27 22:32:01 +00:00
## 1.3.0 (2018-10-28)
2018-10-25 20:39:48 +00:00
### Changed
- Refactored tunnel configuration API for increased code reuse. [#44](https://github.com/keeshux/tunnelkit/pull/44)
### Deprecated
- Use high-level accessories instead of `debugLogKey` and `lastErrorKey`. [#45](https://github.com/keeshux/tunnelkit/pull/45)
2018-10-26 16:55:34 +00:00
### Fixed
- IPv4/UInt32 calculations were wrong.
2018-10-25 05:30:53 +00:00
## 1.2.2 (2018-10-25)
2018-10-21 22:46:08 +00:00
2018-10-24 17:53:38 +00:00
### Changed
2018-10-21 22:46:08 +00:00
2018-10-24 17:53:38 +00:00
- Debug log is saved to group container rather than `UserDefaults`. [#43](https://github.com/keeshux/tunnelkit/pull/43)
2018-10-21 22:46:08 +00:00
2018-10-24 17:53:38 +00:00
### Fixed
2018-10-24 16:56:11 +00:00
2018-10-24 17:53:38 +00:00
- Handle server-initiated renegotiation. [#41](https://github.com/keeshux/tunnelkit/pull/41)
2018-10-24 16:56:11 +00:00
- Potentially private data (e.g. Internet addresses) is now masked in debug log. [#42](https://github.com/keeshux/tunnelkit/pull/42)
2018-10-24 17:53:38 +00:00
## 1.2.1 (2018-10-24)
### Added
- Configuration key `lastErrorKey` for reporting errors to host app. [#40](https://github.com/keeshux/tunnelkit/pull/40)
- Server extended key usage validation (EKU). [#27](https://github.com/keeshux/tunnelkit/issues/27)
2018-10-21 22:46:08 +00:00
### Fixed
- CA file was not closed after MD5 calculation when using PIA patches.
- Mitigated an issue with MTU in TCP mode during negotiation. [#39](https://github.com/keeshux/tunnelkit/issues/39)
2018-10-20 09:15:36 +00:00
## 1.2.0 (2018-10-20)
2018-10-19 13:56:15 +00:00
2018-10-19 15:39:37 +00:00
### Added
2018-10-19 13:56:15 +00:00
2018-09-11 15:45:22 +00:00
- Support for `--tls-auth` wrapping. [#34](https://github.com/keeshux/tunnelkit/pull/34)
2018-09-20 22:11:01 +00:00
- Support for `--tls-crypt` wrapping. [#35](https://github.com/keeshux/tunnelkit/pull/35)
2018-10-19 15:39:37 +00:00
- Parser for static OpenVPN keys from file. [#36](https://github.com/keeshux/tunnelkit/pull/36)
### Fixed
- Handling of mixed DATA_V1/DATA_V2 packets. [#30](https://github.com/keeshux/tunnelkit/issues/30)
2018-10-19 13:56:15 +00:00
2018-10-18 14:35:20 +00:00
## 1.1.2 (2018-10-18)
2018-10-18 14:25:42 +00:00
### Added
2018-10-18 14:35:20 +00:00
- Restored support for PIA patches. [#32](https://github.com/keeshux/tunnelkit/pull/32)
2018-10-18 14:25:42 +00:00
2018-10-10 20:23:20 +00:00
## 1.1.1 (2018-10-10)
### Fixed
- Make CA non-optional. [#28](https://github.com/keeshux/tunnelkit/pull/28)
2018-09-23 13:15:06 +00:00
## 1.1.0 (2018-09-26)
2018-09-23 10:30:29 +00:00
### Added
- Client certificate verification. [#3](https://github.com/keeshux/tunnelkit/pull/3)
- Support for both `--comp-lzo` and `--compress` compression framing. [#2](https://github.com/keeshux/tunnelkit/pull/2), [#5](https://github.com/keeshux/tunnelkit/pull/5), [#10](https://github.com/keeshux/tunnelkit/pull/10)
- Routes setup from PUSH_REPLY. [#7](https://github.com/keeshux/tunnelkit/pull/7)
- Support for IPv6. [#8](https://github.com/keeshux/tunnelkit/pull/8)
- Support for server-side NCP. [#11](https://github.com/keeshux/tunnelkit/pull/11)
- Property to mark ciphers not requiring digest auth (e.g. GCM). [#13](https://github.com/keeshux/tunnelkit/pull/13)
- `Codable` implementations for native Swift serialization. [#15](https://github.com/keeshux/tunnelkit/pull/15)
- More cipher and digest algorithms. [#16](https://github.com/keeshux/tunnelkit/pull/16)
- Negotiated compression framing from PUSH_REPLY. [#19](https://github.com/keeshux/tunnelkit/pull/19)
- Customizable keep-alive. [#20](https://github.com/keeshux/tunnelkit/pull/20)
- Negotiated keep-alive from PUSH_REPLY. [#22](https://github.com/keeshux/tunnelkit/pull/22)
- Peer-info metadata.
### Changed
- Raised iOS target to 11 (drops 32-bit support).
- Upgraded OpenSSL from 1.1.0h to 1.1.0i.
- Minor adjustments for Xcode 10 / Swift 4.2.
2018-09-23 10:30:29 +00:00
- Deep refactoring of control channel for future extensibility.
- App group moved out of tunnel configuration, to make it more platform-agnostic and coherent to serialize.
- Keep-alive is disabled by default.
2018-09-23 10:30:29 +00:00
- Several internal renamings.
### Fixed
- Sensitive data logged in PUSH_REPLY. [#12](https://github.com/keeshux/tunnelkit/pull/12)
- Bad interpretation of 0 seconds between renegotiations. [#18](https://github.com/keeshux/tunnelkit/pull/18)
- Incorrect behavior on data-related failures. [#21](https://github.com/keeshux/tunnelkit/pull/21)
## 1.0.0 (2018-08-23)
### Added
- Initial fork from https://github.com/pia-foss/tunnel-apple
### Removed
- Non-standard PIA patches.