2018-10-07 08:44:59 +00:00
# Changelog
All notable changes to this project will be documented in this file.
2018-09-23 10:30:29 +00:00
The format is based on [Keep a Changelog ](https://keepachangelog.com/en/1.0.0/ ),
2018-09-20 22:11:01 +00:00
and this project adheres to [Semantic Versioning ](https://semver.org/spec/v2.0.0.html ).
2018-09-23 10:30:29 +00:00
2024-01-05 22:41:31 +00:00
## 6.3.2 (2024-01-05)
2024-01-05 20:09:04 +00:00
### Fixed
2024-01-05 22:13:04 +00:00
- OpenVPN: HMAC breaking due to dangling OSSL_PARAM. [#405 ](https://github.com/passepartoutvpn/tunnelkit/pull/405 )
2024-01-05 20:09:04 +00:00
- OpenVPN: Bad error mapping. [#404 ](https://github.com/passepartoutvpn/tunnelkit/pull/404 )
2024-01-05 22:10:53 +00:00
- OpenVPN: Restore default security level. [#406 ](https://github.com/passepartoutvpn/tunnelkit/pull/406 )
2024-01-05 20:09:04 +00:00
2024-01-05 09:48:57 +00:00
## 6.3.1 (2024-01-05)
2024-01-05 09:46:54 +00:00
### Changed
- Demo rewritten in SwiftUI. [#399 ](https://github.com/passepartoutvpn/tunnelkit/issues/399 )
2023-12-31 00:11:51 +00:00
## 6.3.0 (2023-12-31)
2023-12-23 23:40:42 +00:00
### Added
2023-12-16 19:50:10 +00:00
- Support for Apple TV. [#337 ](https://github.com/passepartoutvpn/tunnelkit/issues/337 )
2023-12-23 23:40:42 +00:00
- Attach user data to VPN configuration. [#400 ](https://github.com/passepartoutvpn/tunnelkit/pull/400 )
2023-12-14 09:38:46 +00:00
## 6.2.0 (2023-12-14)
2023-12-13 20:17:38 +00:00
### Changed
- Upgrade OpenSSL to 3.2.0. [#336 ](https://github.com/passepartoutvpn/tunnelkit/issues/336 )
2023-07-06 10:09:03 +00:00
## 6.1.1 (2023-07-06)
2023-07-06 10:03:31 +00:00
### Fixed
- Keychain may fail to set password. [#327 ](https://github.com/passepartoutvpn/tunnelkit/issues/327 )
2023-07-05 16:12:09 +00:00
## 6.1.0 (2023-07-05)
2023-07-02 09:56:40 +00:00
### Changed
- Hide errors behind façade TunnelKit\*Error. [#325 ](https://github.com/passepartoutvpn/tunnelkit/pull/325 )
2023-04-02 21:47:12 +00:00
## 6.0.0 (2023-04-02)
2023-04-02 21:42:05 +00:00
2022-10-08 06:54:55 +00:00
### Added
2023-03-19 07:22:30 +00:00
- WireGuard: DoH/DoT options. [#314 ](https://github.com/passepartoutvpn/tunnelkit/pull/314 )
- OpenVPN: Full implementation of Tunnelblick XOR patch (tmthecoder). [#255 ](https://github.com/passepartoutvpn/tunnelkit/pull/255 )
2022-10-08 06:54:55 +00:00
- OpenVPN: Support for `--route-nopull` . [#280 ](https://github.com/passepartoutvpn/tunnelkit/pull/280 )
2022-10-17 07:00:23 +00:00
- OpenVPN: Support for `--remote-random-hostname` . [#286 ](https://github.com/passepartoutvpn/tunnelkit/pull/286 )
2022-10-30 08:07:17 +00:00
- Use .includeAllNetworks for best-effort kill switch. [#300 ](https://github.com/passepartoutvpn/tunnelkit/pull/300 )
2022-10-08 06:54:55 +00:00
2022-09-30 18:55:37 +00:00
### Changed
2023-03-19 07:22:30 +00:00
- Bump targets to iOS 15 / macOS 12.
2022-09-30 18:55:37 +00:00
- Upgrade OpenSSL to 1.1.1q.
2022-10-12 20:28:33 +00:00
- Use natively async methods from NetworkExtension. [#284 ](https://github.com/passepartoutvpn/tunnelkit/pull/284 )
2022-10-25 06:58:34 +00:00
- OpenVPN: Unmask PUSH_REPLY and network settings in logs.
2023-03-17 19:20:44 +00:00
- OpenVPN: Delay tunnel disposal. [#311 ](https://github.com/passepartoutvpn/tunnelkit/pull/311 )
2022-09-30 18:55:37 +00:00
2022-10-08 06:54:55 +00:00
### Fixed
2022-10-29 09:00:39 +00:00
- OpenVPN: Deal with remote options properly. [#297 ](https://github.com/passepartoutvpn/tunnelkit/pull/297 )
2022-10-29 10:24:28 +00:00
- OpenVPN: Routes from configuration file are ignored. [#278 ](https://github.com/passepartoutvpn/tunnelkit/issues/278 )
2023-03-17 19:22:21 +00:00
- OpenVPN: Split DNS domain and search domains. [#313 ](https://github.com/passepartoutvpn/tunnelkit/pulls/313 )
2023-04-02 21:44:33 +00:00
- WireGuard: Return native parsing errors from WireGuardKit. [#316 ](https://github.com/passepartoutvpn/tunnelkit/pull/316 )
2022-10-25 09:29:36 +00:00
- IPv6 endpoints are parsed improperly. [#293 ](https://github.com/passepartoutvpn/tunnelkit/issues/293 )
2022-10-12 20:39:21 +00:00
- Fix abandoned MockVPN. [#285 ](https://github.com/passepartoutvpn/tunnelkit/pull/285 )
2022-10-08 06:54:55 +00:00
2022-09-23 19:51:37 +00:00
## 5.0.0 (2022-09-23)
2022-02-12 07:37:51 +00:00
### Added
2022-03-03 14:34:57 +00:00
- OpenVPN: Parse authentication requirement from `--auth-user-pass` .
- OpenVPN: Handle multiple `--remote` options correctly.
2022-03-26 16:15:36 +00:00
- OpenVPN: Explicitly enable/disable DNS/proxy settings.
2022-09-23 14:16:48 +00:00
- Reconnect with current manager and configuration.
- Customize tunnel log path.
2022-02-12 07:37:51 +00:00
2022-02-11 17:45:40 +00:00
### Changed
2022-09-23 14:16:48 +00:00
- Rewrite Manager package with Swift Concurrency.
2022-03-12 09:09:40 +00:00
- WireGuard: Use entities from WireGuardKit directly.
2022-03-04 23:58:07 +00:00
- Only enable on-demand if at least one rule is provided.
2022-09-23 14:16:48 +00:00
- Drop incomplete support for IPSec/IKEv2.
- Upgrade OpenSSL to 1.1.1o.
### Fixed
- OpenVPN: Bug in StaticKey equality comparison.
2022-02-11 17:45:40 +00:00
2022-02-09 17:47:16 +00:00
## 4.1.0 (2022-02-09)
2021-12-01 12:54:00 +00:00
### Added
- WireGuard support. [#236 ](https://github.com/passepartoutvpn/tunnelkit/pull/236 )
2022-01-04 08:14:39 +00:00
- Handle `--keepalive` option.
2021-12-01 12:54:00 +00:00
2022-02-02 18:31:38 +00:00
### Changed
- Relax deployment target for macOS down to 10.14
- Upgrade OpenSSL to 1.1.1m.
2021-11-27 11:35:09 +00:00
## 4.0.3 (2021-11-27)
### Fixed
- Verify CA from on-disk file. [#237 ](https://github.com/passepartoutvpn/tunnelkit/pull/237 )
2021-11-25 12:00:10 +00:00
## 4.0.2 (2021-11-25)
2021-11-24 15:40:19 +00:00
### Changed
- Revert to OpenSSL. [#233 ](https://github.com/passepartoutvpn/tunnelkit/pull/233 )
2021-11-25 11:36:17 +00:00
### Fixed
2021-11-25 12:00:10 +00:00
- TLS fails on CA verification on some servers. [#232 ](https://github.com/passepartoutvpn/tunnelkit/issues/232 )
- TLS negotiation times out with ProtonVPN. [#230 ](https://github.com/passepartoutvpn/tunnelkit/issues/230 )
2021-11-25 11:36:17 +00:00
2021-11-18 11:52:01 +00:00
## 4.0.1 (2021-11-18)
### Fixed
- Regression in TLS handshake (temporarily revert [#213 ](https://github.com/passepartoutvpn/tunnelkit/pull/213 )).
2021-11-16 10:42:14 +00:00
## 4.0.0 (2021-11-16)
2021-10-26 13:41:49 +00:00
### Changed
- Migrate to SwiftPM. [#210 ](https://github.com/passepartoutvpn/tunnelkit/issues/210 )
2021-11-11 11:33:08 +00:00
- Replace OpenSSL with BoringSSL from SwiftNIO SSL.
- Drop support for TLS security level (not present in BoringSSL).
2021-10-26 13:41:49 +00:00
2021-10-18 10:01:17 +00:00
## 3.5.0 (2021-10-18)
2021-10-06 16:19:28 +00:00
2021-06-28 08:31:41 +00:00
### Added
- Support for IPSec/IKEv2 providers.
2021-10-06 16:19:28 +00:00
### Changed
2021-11-25 11:36:17 +00:00
- Avoid caching PEMs on disk (roop). [#213 ](https://github.com/passepartoutvpn/tunnelkit/pull/213 )
2021-10-06 16:19:28 +00:00
- Upgrade OpenSSL to 1.1.1l.
2021-11-18 11:52:01 +00:00
### Fixed
- Avoid caching PEMs on disk. [#213 ](https://github.com/passepartoutvpn/tunnelkit/pull/213 )
2021-08-07 21:15:53 +00:00
## 3.4.0 (2021-08-07)
2021-07-22 08:24:24 +00:00
### Added
- Support for XOR patch (Sam Foxman). [#170 ](https://github.com/passepartoutvpn/tunnelkit/pull/170 )
2021-07-18 20:53:40 +00:00
## 3.3.3 (2021-07-19)
2021-07-02 09:22:20 +00:00
2021-07-16 16:11:37 +00:00
### Added
- Support for `--compress stub-v2` .
2021-07-02 09:22:20 +00:00
### Fixed
- Return error in install completion handler. [#206 ](https://github.com/passepartoutvpn/tunnelkit/issues/206 )
2021-07-17 07:26:30 +00:00
- Relax handling of whitespaces in configuration file.
2021-07-02 09:22:20 +00:00
2021-06-26 09:13:51 +00:00
## 3.3.2 (2021-06-26)
2021-02-12 01:44:48 +00:00
### Fixed
- Clean up cached PEMs at the end of a Session. [#203 ](https://github.com/passepartoutvpn/tunnelkit/pull/203 )
2021-02-12 00:09:49 +00:00
## 3.3.1 (2021-02-12)
### Changed
2021-02-12 01:44:48 +00:00
- Skip keychain password prompt on macOS. [#200 ](https://github.com/passepartoutvpn/tunnelkit/pull/200 )
2021-02-12 00:09:49 +00:00
### Fixed
2021-02-12 01:44:48 +00:00
- Restore app group in keychain queries about password references. [#201 ](https://github.com/passepartoutvpn/tunnelkit/pull/201 )
2021-02-12 00:09:49 +00:00
2021-01-28 09:43:54 +00:00
## 3.3.0 (2021-01-28)
2021-01-02 23:56:02 +00:00
### Added
2021-01-08 18:46:16 +00:00
- Handle `--data-ciphers` and `data-ciphers-fallback` from OpenVPN 2.5
2021-01-22 09:29:03 +00:00
- Support DNS over HTTPS (DoH) and TLS (DoT).
2021-01-02 23:56:02 +00:00
2021-01-27 00:27:28 +00:00
### Changed
- Pick tunnel password reference from an existing keychain item context.
2021-01-26 09:03:22 +00:00
### Fixed
- Do not override network DNS settings when not provided by VPN. [#197 ](https://github.com/passepartoutvpn/tunnelkit/issues/197 )
2021-01-07 21:02:49 +00:00
## 3.2.0 (2021-01-07)
2021-01-03 11:41:50 +00:00
### Changed
- Encoding of internal provider configuration.
2020-12-28 16:50:22 +00:00
## 3.1.0 (2020-12-28)
2020-11-21 17:40:47 +00:00
2020-12-27 22:40:20 +00:00
### Added
- Parse `--tun-mtu` option.
2020-11-21 17:40:47 +00:00
### Changed
- Update API to access current Wi-Fi SSID.
2020-12-20 09:26:28 +00:00
- Refactor access to keychain.
2020-11-21 17:40:47 +00:00
2020-11-15 20:13:45 +00:00
## 3.0.0 (2020-11-15)
2020-06-13 11:23:23 +00:00
2020-07-11 09:22:22 +00:00
### Added
2020-11-13 15:54:57 +00:00
- Support for Apple Silicon (macOS arm64).
2020-07-11 09:22:22 +00:00
- Customize IV_UI_VER (pahnev). [#178 ](https://github.com/passepartoutvpn/tunnelkit/pull/178 )
2020-07-02 17:14:17 +00:00
### Changed
2020-11-13 15:54:57 +00:00
- Deployment targets raised to iOS 12.0 and macOS 10.15
2020-07-02 17:14:17 +00:00
- Use active profile name in VPN configuration (device settings).
2020-06-13 11:23:23 +00:00
### Fixed
- Incorrect tunnel bundle identifiers in Demo. [#176 ](https://github.com/passepartoutvpn/tunnelkit/issues/176 )
2020-06-29 11:36:51 +00:00
- IV_PLAT in peer info was hardcoded to "mac" (pahnev). [#177 ](https://github.com/passepartoutvpn/tunnelkit/pull/177 )
2020-06-13 11:23:23 +00:00
# 2.2.7 (2020-06-11)
### Fixed
2020-06-11 14:16:55 +00:00
- Code cleanup.
2020-05-19 22:50:55 +00:00
## 2.2.6 (2020-05-12)
2020-06-13 11:23:23 +00:00
### Fixed
2020-05-19 22:50:55 +00:00
- Address concerns from Guido Vranken fuzzers. [#141 ](https://github.com/passepartoutvpn/tunnelkit/pull/141 )
2020-05-12 13:13:10 +00:00
## 2.2.5 (2020-05-12)
### Changed
- Improve IP Header parsing (roop). [#171 ](https://github.com/passepartoutvpn/tunnelkit/pull/171 )
2020-05-10 09:33:37 +00:00
## 2.2.4 (2020-05-10)
2020-05-08 18:30:17 +00:00
2020-05-08 22:02:16 +00:00
### Added
- Support for SAN hostname in certificates (jaroslavas). [#168 ](https://github.com/passepartoutvpn/tunnelkit/pull/168 )
2020-05-08 21:50:03 +00:00
### Fixed
- IPv6 traffic broken on Mojave. [#146 ](https://github.com/passepartoutvpn/tunnelkit/issues/146 ), [#169 ](https://github.com/passepartoutvpn/tunnelkit/pull/169 )
2020-05-09 10:11:32 +00:00
- Restore tunnel MTU setting (ueshiba). [#148 ](https://github.com/passepartoutvpn/tunnelkit/pull/148 )
- Transient connected state upon connection failure (rob-patchett). [#128 ](https://github.com/passepartoutvpn/tunnelkit/pull/128 )
2020-05-08 18:30:17 +00:00
2020-05-10 09:33:37 +00:00
## 2.2.3 (2020-04-21)
2020-04-21 19:51:27 +00:00
### Changed
- Upgrade OpenSSL to 1.1.1g. [#166 ](https://github.com/passepartoutvpn/tunnelkit/issues/166 )
2020-05-10 09:33:37 +00:00
## 2.2.2 (2020-04-20)
2019-12-22 15:27:43 +00:00
2020-04-18 15:11:39 +00:00
### Changed
- Upgrade OpenSSL to 1.1.1f. [#165 ](https://github.com/passepartoutvpn/tunnelkit/issues/165 )
2019-12-22 15:27:43 +00:00
### Fixed
- Index out of range during negotiation (Grivus). [#143 ](https://github.com/passepartoutvpn/tunnelkit/pull/143 )
2020-02-29 18:26:43 +00:00
- Handle server shutdown/restart (remote `--explicit-exit-notify` ). [#131 ](https://github.com/passepartoutvpn/tunnelkit/issues/131 )
2020-04-13 10:22:32 +00:00
- Abrupt disconnection upon unknown packet key id (johankool). [#161 ](https://github.com/passepartoutvpn/tunnelkit/pull/161 )
2020-04-05 15:17:09 +00:00
- Handle explicit IPv4/IPv6 protocols (`4` or `6` suffix in `--proto` ). [#153 ](https://github.com/passepartoutvpn/tunnelkit/issues/153 )
2020-04-15 09:22:54 +00:00
- Mitigate IP traffic breaking on Mojave. [#146 ](https://github.com/passepartoutvpn/tunnelkit/issues/146 )
2020-04-05 15:08:23 +00:00
- Pointer warnings from Xcode 11.4 upgrade.
2019-12-22 15:27:43 +00:00
2019-12-14 08:28:58 +00:00
## 2.2.1 (2019-12-14)
2019-12-12 17:37:16 +00:00
### Fixed
- Keep-alive pings coalescing over time.
- Ping timeout not checked for if keep-alive is disabled.
2019-12-11 15:44:04 +00:00
## 2.2.0 (2019-12-11)
2019-11-20 00:03:50 +00:00
### Changed
- Require explicit `--ca` and `--cipher` in .ovpn configuration file.
2019-11-03 01:35:56 +00:00
## 2.1.0 (2019-11-03)
2019-10-17 17:27:16 +00:00
### Added
- Allow keep-alive timeout to be configured by the server or client (Robert Patchett). [#122 ](https://github.com/passepartoutvpn/tunnelkit/pull/122 )
2019-10-22 20:01:04 +00:00
- Support for proxy autoconfiguration URL (ThinkChaos). [#125 ](https://github.com/passepartoutvpn/tunnelkit/pull/125 )
2019-10-25 15:53:54 +00:00
- Support multiple DNS search domains. [#127 ](https://github.com/passepartoutvpn/tunnelkit/issues/127 )
2019-10-17 17:27:16 +00:00
2019-10-28 09:55:13 +00:00
### Changed
2019-11-03 01:35:56 +00:00
- Upgrade OpenSSL to 1.1.1d. [#123 ](https://github.com/passepartoutvpn/tunnelkit/issues/123 )
2019-10-28 09:55:13 +00:00
2019-10-17 17:27:16 +00:00
### Fixed
- Session negotiation succeeds too early (Robert Patchett). [#124 ](https://github.com/passepartoutvpn/tunnelkit/pull/124 )
2019-10-22 11:52:24 +00:00
- Handle `vpn_gateway` literal in `--route` .
2019-10-17 17:27:16 +00:00
2019-09-30 08:28:57 +00:00
## 2.0.5 (2019-09-26)
### Fixed
- OpenSSL framework structure on macOS makes binary invalid when uploaded to App Store Connect.
- Potential OOB in memcmp() (Guido Vranken).
2019-09-06 21:18:05 +00:00
## 2.0.3 (2019-09-06)
2019-08-23 07:15:37 +00:00
### Fixed
- Deadlock on shutdown (further fixes). [#106 ](https://github.com/passepartoutvpn/tunnelkit/issues/106 )
2019-09-06 21:18:05 +00:00
- Regression with negotiation failing due to .staleSession error. [#120 ](https://github.com/passepartoutvpn/tunnelkit/issues/120 )
2019-08-23 07:15:37 +00:00
2019-07-26 22:14:44 +00:00
## 2.0.2 (2019-07-27)
2019-07-07 21:34:45 +00:00
### Fixed
2019-07-11 16:45:39 +00:00
- Deadlock on shutdown. [#106 ](https://github.com/passepartoutvpn/tunnelkit/issues/106 )
- Stuck on SOFT_RESET. [#105 ](https://github.com/passepartoutvpn/tunnelkit/issues/105 )
2019-07-07 21:34:45 +00:00
- Tunnel dies unexpectedly on macOS. [#111 ](https://github.com/passepartoutvpn/tunnelkit/issues/111 )
2019-07-26 21:25:05 +00:00
- Recover from ENOBUFS. [#112 ](https://github.com/passepartoutvpn/tunnelkit/issues/112 )
2019-07-07 21:34:45 +00:00
2019-07-26 19:14:23 +00:00
## 2.0.1 (2019-05-28)
### Fixed
- Regression in LZO subspec.
## 2.0.0 (2019-05-28)
### Changed
- Major refactoring.
2019-05-14 09:16:56 +00:00
## 1.7.1 (2019-05-14)
### Added
2019-05-14 09:17:18 +00:00
- Partially support `--redirect-gateway block-local` . [#81 ](https://github.com/passepartoutvpn/tunnelkit/issues/81 )
2019-05-01 08:37:39 +00:00
### Fixed
2019-05-14 09:17:18 +00:00
- Authentication failure due to local options. [#95 ](https://github.com/passepartoutvpn/tunnelkit/issues/95 )
- Customize security level (to tolerate weak certificates). [#97 ](https://github.com/passepartoutvpn/tunnelkit/issues/97 )
2019-05-14 09:16:56 +00:00
- Connection stalls on server-initiated SOFT_RESET.
- Wrong configuration mutability.
2019-05-01 08:37:39 +00:00
2019-05-01 09:13:27 +00:00
## 1.7.0 (2019-04-28)
2019-04-18 11:08:09 +00:00
2019-04-25 12:55:28 +00:00
### Changed
2019-05-14 09:17:18 +00:00
- Do not redirect all traffic to VPN unless `--redirect-gateway` specified. [#90 ](https://github.com/passepartoutvpn/tunnelkit/issues/90 )
2019-04-27 14:13:42 +00:00
- Upgrade OpenSSL to 1.1.0j.
2019-04-25 12:55:28 +00:00
2019-04-18 11:08:09 +00:00
### Fixed
2019-05-14 09:17:18 +00:00
- SoftEther sends an incomplete PUSH_REPLY. [#86 ](https://github.com/passepartoutvpn/tunnelkit/issues/86 )
- Authentication/Decrypt errors with TLS wrapping. [#88 ](https://github.com/passepartoutvpn/tunnelkit/issues/88 ), [#61 ](https://github.com/passepartoutvpn/tunnelkit/issues/61 )
- Broken DNS when no servers provided. [#84 ](https://github.com/passepartoutvpn/tunnelkit/issues/84 )
- UDP may disconnect on high-speed upload link. [#87 ](https://github.com/passepartoutvpn/tunnelkit/issues/87 )
- Client certificate may fail when private key in .ovpn is encrypted. [#91 ](https://github.com/passepartoutvpn/tunnelkit/issues/91 )
- DNS is unreachable when VPN is not default gateway. [#94 ](https://github.com/passepartoutvpn/tunnelkit/issues/94 )
2019-04-18 11:08:09 +00:00
2019-04-17 07:25:36 +00:00
## 1.6.2 (2019-04-17)
2019-04-09 17:40:17 +00:00
2019-04-12 06:14:18 +00:00
### Added
2019-05-14 09:17:18 +00:00
- Basic support for proxy settings (no PAC). [#74 ](https://github.com/passepartoutvpn/tunnelkit/issues/74 )
2019-04-12 06:14:18 +00:00
2019-04-09 17:40:17 +00:00
### Changed
- Make `hostname` optional and pick `resolvedAddresses` if nil.
2019-04-13 21:31:26 +00:00
### Fixed
2019-05-14 09:17:18 +00:00
- Negotiation times out with SoftEther. [#67 ](https://github.com/passepartoutvpn/tunnelkit/issues/67 )
- Unable to handle continuated PUSH_REPLY. [#71 ](https://github.com/passepartoutvpn/tunnelkit/issues/71 )
- TCP requiring multiple PUSH_REQUEST. [#73 ](https://github.com/passepartoutvpn/tunnelkit/issues/73 )
- DNS inconsistencies. [#85 ](https://github.com/passepartoutvpn/tunnelkit/pull/85 )
2019-04-13 21:31:26 +00:00
2019-04-08 21:28:13 +00:00
## 1.6.1 (2019-04-07)
### Fixed
- Cipher/digest erroneously required by AppExtension.
2019-04-06 14:57:56 +00:00
## 1.6.0 (2019-04-06)
### Added
2019-05-14 09:17:18 +00:00
- Handle `dhcp-option DOMAIN` . [#77 ](https://github.com/passepartoutvpn/tunnelkit/issues/77 )
2019-04-01 22:33:20 +00:00
2019-04-03 10:20:34 +00:00
### Changed
2019-04-06 14:57:56 +00:00
- Refactor configuration parser for reuse.
2019-04-03 10:20:34 +00:00
2019-04-01 22:33:20 +00:00
### Fixed
2019-05-14 09:17:18 +00:00
- Unrecognized PKCS#8 encrypted private keys. [#80 ](https://github.com/passepartoutvpn/tunnelkit/issues/80 )
- Handle PEM with preamble. [#78 ](https://github.com/passepartoutvpn/tunnelkit/issues/78 )
2019-04-01 22:33:20 +00:00
2019-04-01 08:01:38 +00:00
## 1.5.2 (2019-04-01)
2019-03-25 23:36:36 +00:00
2019-03-27 23:04:35 +00:00
### Added
- Optional data count report via `TunnelKitProvider.Configuration.dataCount(in:)` .
2019-03-30 22:21:11 +00:00
### Changed
- Upgraded to Swift 5.
2019-03-25 23:36:36 +00:00
### Fixed
- `checksEKU` not propagated to TunnelKitProvider.
2019-03-25 20:20:04 +00:00
## 1.5.1 (2019-03-25)
2019-03-20 16:40:13 +00:00
2019-03-25 14:53:26 +00:00
### Added
2019-05-14 09:17:18 +00:00
- Scramble endpoints via `--remote-random` . [#76 ](https://github.com/passepartoutvpn/tunnelkit/issues/76 )
- Support for encrypted certificate private keys. [#72 ](https://github.com/passepartoutvpn/tunnelkit/issues/72 )
2019-03-25 14:53:26 +00:00
2019-03-20 16:40:13 +00:00
### Fixed
2019-05-14 09:17:18 +00:00
- Send explicit exit notification if UDP. [#29 ](https://github.com/passepartoutvpn/tunnelkit/issues/29 )
- Broken reconnection on network change (mitigated). [#75 ](https://github.com/passepartoutvpn/tunnelkit/issues/75 )
2019-03-20 16:40:13 +00:00
2019-03-20 15:47:09 +00:00
## 1.5.0 (2019-03-20)
2019-03-19 15:19:01 +00:00
### Added
2019-05-14 09:17:18 +00:00
- Support for legacy `--comp-lzo` compression. [#69 ](https://github.com/passepartoutvpn/tunnelkit/pull/69 )
- Support for newer `--compress lzo` option. [#70 ](https://github.com/passepartoutvpn/tunnelkit/pull/70 )
2019-03-19 15:19:01 +00:00
2019-03-18 17:45:56 +00:00
## 1.4.3 (2019-03-18)
2019-03-08 12:21:47 +00:00
### Fixed
- Several reconnection issues.
2019-03-18 16:27:48 +00:00
- Missing EKU flag evaluation.
2019-03-08 12:21:47 +00:00
2019-03-05 09:43:20 +00:00
## 1.4.2 (2019-03-05)
2019-02-28 16:10:50 +00:00
### Added
- Shut down if server pushes a compressed data packet.
2019-03-05 09:43:20 +00:00
### Fixed
- Custom DNS servers were not applied.
- Reject `<connection>` blocks as unsupported.
2019-02-25 22:46:46 +00:00
## 1.4.1 (2019-02-25)
2018-12-04 19:24:26 +00:00
2019-01-05 21:54:21 +00:00
### Added
2019-05-14 09:17:18 +00:00
- Override DNS servers client side. [#56 ](https://github.com/passepartoutvpn/tunnelkit/pull/56 )
- Shut down if server pushes a compression directive. [#65 ](https://github.com/passepartoutvpn/tunnelkit/pull/65 )
2019-01-05 21:54:21 +00:00
2019-02-23 11:07:24 +00:00
### Changed
2019-05-14 09:17:18 +00:00
- Enable or disable EKU according to `remote-cert-tls server` in .ovpn file. [#64 ](https://github.com/passepartoutvpn/tunnelkit/pull/64 )
2019-02-23 11:07:24 +00:00
2018-12-04 19:24:26 +00:00
### Fixed
- Compiling errors in demo target.
2019-02-23 21:31:15 +00:00
- Linking errors with OpenSSL.
2019-02-25 22:35:38 +00:00
- A few potential vulnerabilities.
2018-12-04 19:24:26 +00:00
2018-11-17 17:01:14 +00:00
## 1.4.0 (2018-11-12)
2018-11-10 10:15:24 +00:00
### Added
2019-05-14 09:17:18 +00:00
- Parser for .ovpn configuration files. [#47 ](https://github.com/passepartoutvpn/tunnelkit/pull/47 )
2018-11-10 10:15:24 +00:00
### Changed
2019-05-14 09:17:18 +00:00
- Due to [#47 ](https://github.com/passepartoutvpn/tunnelkit/pull/47 ), `SocketType` and `EndpointProtocol` were moved to Core subspec.
2018-11-10 10:15:24 +00:00
2018-11-07 23:00:06 +00:00
## 1.3.1 (2018-11-07)
2018-11-05 19:26:39 +00:00
### Fixed
2019-05-14 09:17:18 +00:00
- IPv4/UInt32 conversions are not endianness-agnostic. [#46 ](https://github.com/passepartoutvpn/tunnelkit/pull/46 )
2018-11-05 19:26:39 +00:00
2018-10-27 22:32:01 +00:00
## 1.3.0 (2018-10-28)
2018-10-25 20:39:48 +00:00
### Changed
2019-05-14 09:17:18 +00:00
- Refactored tunnel configuration API for increased code reuse. [#44 ](https://github.com/passepartoutvpn/tunnelkit/pull/44 )
2018-10-25 20:39:48 +00:00
### Deprecated
2019-05-14 09:17:18 +00:00
- Use high-level accessories instead of `debugLogKey` and `lastErrorKey` . [#45 ](https://github.com/passepartoutvpn/tunnelkit/pull/45 )
2018-10-25 20:39:48 +00:00
2018-10-26 16:55:34 +00:00
### Fixed
- IPv4/UInt32 calculations were wrong.
2018-10-25 05:30:53 +00:00
## 1.2.2 (2018-10-25)
2018-10-21 22:46:08 +00:00
2018-10-24 17:53:38 +00:00
### Changed
2018-10-21 22:46:08 +00:00
2019-05-14 09:17:18 +00:00
- Debug log is saved to group container rather than `UserDefaults` . [#43 ](https://github.com/passepartoutvpn/tunnelkit/pull/43 )
2018-10-21 22:46:08 +00:00
2018-10-24 17:53:38 +00:00
### Fixed
2018-10-24 16:56:11 +00:00
2019-05-14 09:17:18 +00:00
- Handle server-initiated renegotiation. [#41 ](https://github.com/passepartoutvpn/tunnelkit/pull/41 )
- Potentially private data (e.g. Internet addresses) is now masked in debug log. [#42 ](https://github.com/passepartoutvpn/tunnelkit/pull/42 )
2018-10-24 16:56:11 +00:00
2018-10-24 17:53:38 +00:00
## 1.2.1 (2018-10-24)
### Added
2019-05-14 09:17:18 +00:00
- Configuration key `lastErrorKey` for reporting errors to host app. [#40 ](https://github.com/passepartoutvpn/tunnelkit/pull/40 )
- Server extended key usage validation (EKU). [#27 ](https://github.com/passepartoutvpn/tunnelkit/issues/27 )
2018-10-24 17:53:38 +00:00
2018-10-21 22:46:08 +00:00
### Fixed
- CA file was not closed after MD5 calculation when using PIA patches.
2019-05-14 09:17:18 +00:00
- Mitigated an issue with MTU in TCP mode during negotiation. [#39 ](https://github.com/passepartoutvpn/tunnelkit/issues/39 )
2018-10-21 22:46:08 +00:00
2018-10-20 09:15:36 +00:00
## 1.2.0 (2018-10-20)
2018-10-19 13:56:15 +00:00
2018-10-19 15:39:37 +00:00
### Added
2018-10-19 13:56:15 +00:00
2019-05-14 09:17:18 +00:00
- Support for `--tls-auth` wrapping. [#34 ](https://github.com/passepartoutvpn/tunnelkit/pull/34 )
- Support for `--tls-crypt` wrapping. [#35 ](https://github.com/passepartoutvpn/tunnelkit/pull/35 )
- Parser for static OpenVPN keys from file. [#36 ](https://github.com/passepartoutvpn/tunnelkit/pull/36 )
2018-10-19 15:39:37 +00:00
### Fixed
2019-05-14 09:17:18 +00:00
- Handling of mixed DATA_V1/DATA_V2 packets. [#30 ](https://github.com/passepartoutvpn/tunnelkit/issues/30 )
2018-10-19 13:56:15 +00:00
2018-10-18 14:35:20 +00:00
## 1.1.2 (2018-10-18)
2018-10-18 14:25:42 +00:00
### Added
2019-05-14 09:17:18 +00:00
- Restored support for PIA patches. [#32 ](https://github.com/passepartoutvpn/tunnelkit/pull/32 )
2018-10-18 14:25:42 +00:00
2018-10-10 20:23:20 +00:00
## 1.1.1 (2018-10-10)
### Fixed
2019-05-14 09:17:18 +00:00
- Make CA non-optional. [#28 ](https://github.com/passepartoutvpn/tunnelkit/pull/28 )
2018-10-10 20:23:20 +00:00
2018-09-23 13:15:06 +00:00
## 1.1.0 (2018-09-26)
2018-09-23 10:30:29 +00:00
### Added
2019-05-14 09:17:18 +00:00
- Client certificate verification. [#3 ](https://github.com/passepartoutvpn/tunnelkit/pull/3 )
- Support for both `--comp-lzo` and `--compress` compression framing. [#2 ](https://github.com/passepartoutvpn/tunnelkit/pull/2 ), [#5 ](https://github.com/passepartoutvpn/tunnelkit/pull/5 ), [#10 ](https://github.com/passepartoutvpn/tunnelkit/pull/10 )
- Routes setup from PUSH_REPLY. [#7 ](https://github.com/passepartoutvpn/tunnelkit/pull/7 )
- Support for IPv6. [#8 ](https://github.com/passepartoutvpn/tunnelkit/pull/8 )
- Support for server-side NCP. [#11 ](https://github.com/passepartoutvpn/tunnelkit/pull/11 )
- Property to mark ciphers not requiring digest auth (e.g. GCM). [#13 ](https://github.com/passepartoutvpn/tunnelkit/pull/13 )
- `Codable` implementations for native Swift serialization. [#15 ](https://github.com/passepartoutvpn/tunnelkit/pull/15 )
- More cipher and digest algorithms. [#16 ](https://github.com/passepartoutvpn/tunnelkit/pull/16 )
- Negotiated compression framing from PUSH_REPLY. [#19 ](https://github.com/passepartoutvpn/tunnelkit/pull/19 )
- Customizable keep-alive. [#20 ](https://github.com/passepartoutvpn/tunnelkit/pull/20 )
- Negotiated keep-alive from PUSH_REPLY. [#22 ](https://github.com/passepartoutvpn/tunnelkit/pull/22 )
2018-09-23 10:30:29 +00:00
- Peer-info metadata.
### Changed
2018-09-26 08:41:59 +00:00
- Raised iOS target to 11 (drops 32-bit support).
- Upgraded OpenSSL from 1.1.0h to 1.1.0i.
- Minor adjustments for Xcode 10 / Swift 4.2.
2018-09-23 10:30:29 +00:00
- Deep refactoring of control channel for future extensibility.
- App group moved out of tunnel configuration, to make it more platform-agnostic and coherent to serialize.
2018-09-24 17:06:41 +00:00
- Keep-alive is disabled by default.
2018-09-23 10:30:29 +00:00
- Several internal renamings.
### Fixed
2019-05-14 09:17:18 +00:00
- Sensitive data logged in PUSH_REPLY. [#12 ](https://github.com/passepartoutvpn/tunnelkit/pull/12 )
- Bad interpretation of 0 seconds between renegotiations. [#18 ](https://github.com/passepartoutvpn/tunnelkit/pull/18 )
- Incorrect behavior on data-related failures. [#21 ](https://github.com/passepartoutvpn/tunnelkit/pull/21 )
2018-09-23 10:30:29 +00:00
## 1.0.0 (2018-08-23)
### Added
- Initial fork from https://github.com/pia-foss/tunnel-apple
### Removed
- Non-standard PIA patches.