diff --git a/CHANGELOG.md b/CHANGELOG.md index fdd9e2b..4a606e2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,13 +9,15 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Added -- OpenVPN: Full implementation of Tunnelblick XOR patch (tmthecoder). [#255][https://github.com/passepartoutvpn/tunnelkit/pull/255] +- WireGuard: DoH/DoT options. [#314](https://github.com/passepartoutvpn/tunnelkit/pull/314) +- OpenVPN: Full implementation of Tunnelblick XOR patch (tmthecoder). [#255](https://github.com/passepartoutvpn/tunnelkit/pull/255) - OpenVPN: Support for `--route-nopull`. [#280](https://github.com/passepartoutvpn/tunnelkit/pull/280) - OpenVPN: Support for `--remote-random-hostname`. [#286](https://github.com/passepartoutvpn/tunnelkit/pull/286) - Use .includeAllNetworks for best-effort kill switch. [#300](https://github.com/passepartoutvpn/tunnelkit/pull/300) ### Changed +- Bump targets to iOS 15 / macOS 12. - Upgrade OpenSSL to 1.1.1q. - Use natively async methods from NetworkExtension. [#284](https://github.com/passepartoutvpn/tunnelkit/pull/284) - OpenVPN: Unmask PUSH_REPLY and network settings in logs. diff --git a/Package.resolved b/Package.resolved index fe4df5b..be2024f 100644 --- a/Package.resolved +++ b/Package.resolved @@ -24,8 +24,8 @@ "repositoryURL": "https://github.com/passepartoutvpn/wireguard-apple", "state": { "branch": null, - "revision": "d3b8f1ac6f3361d69bd3daf8aee3c43012c6ec0b", - "version": "1.0.16" + "revision": "cbcbf4369e1852fdf3398f9fbb49a26cfff4c97f", + "version": null } } ] diff --git a/Package.swift b/Package.swift index 9288f25..f4937b7 100644 --- a/Package.swift +++ b/Package.swift @@ -1,4 +1,4 @@ -// swift-tools-version:5.3 +// swift-tools-version:5.5 // The swift-tools-version declares the minimum version of Swift required to build this package. import PackageDescription @@ -6,7 +6,7 @@ import PackageDescription let package = Package( name: "TunnelKit", platforms: [ - .iOS(.v13), .macOS(.v10_15) + .iOS(.v15), .macOS(.v12) ], products: [ // Products define the executables and libraries a package produces, and make them visible to other packages. @@ -41,7 +41,8 @@ let package = Package( .package(url: "https://github.com/SwiftyBeaver/SwiftyBeaver", from: "1.9.0"), .package(url: "https://github.com/passepartoutvpn/openssl-apple", from: "1.1.11700"), // .package(name: "WireGuardKit", url: "https://git.zx2c4.com/wireguard-apple", .exact("1.0.15-26")) - .package(name: "WireGuardKit", url: "https://github.com/passepartoutvpn/wireguard-apple", from: "1.0.16") + .package(name: "WireGuardKit", url: "https://github.com/passepartoutvpn/wireguard-apple", .revision("73d9152fa0cb661db0348a1ac11dbbf998422a50")) +// .package(name: "WireGuardKit", path: "../wireguard-apple") ], targets: [ // Targets are the basic building blocks of a package. A target can define a module or a test suite. diff --git a/Sources/TunnelKitWireGuardCore/Configuration.swift b/Sources/TunnelKitWireGuardCore/Configuration.swift index 85baacc..698dc39 100644 --- a/Sources/TunnelKitWireGuardCore/Configuration.swift +++ b/Sources/TunnelKitWireGuardCore/Configuration.swift @@ -42,6 +42,10 @@ public protocol WireGuardConfigurationProviding { var dnsSearchDomains: [String] { get } + var dnsHTTPSURL: URL? { get } + + var dnsTLSServerName: String? { get } + var mtu: UInt16? { get } var peersCount: Int { get } @@ -129,6 +133,24 @@ extension WireGuard { } } + public var dnsHTTPSURL: URL? { + get { + interface.dnsHTTPSURL + } + set { + interface.dnsHTTPSURL = newValue + } + } + + public var dnsTLSServerName: String? { + get { + interface.dnsTLSServerName + } + set { + interface.dnsTLSServerName = newValue + } + } + public var mtu: UInt16? { get { interface.mtu @@ -256,6 +278,14 @@ extension WireGuard { interface.dnsSearch } + public var dnsHTTPSURL: URL? { + interface.dnsHTTPSURL + } + + public var dnsTLSServerName: String? { + interface.dnsTLSServerName + } + public var mtu: UInt16? { interface.mtu } diff --git a/Sources/TunnelKitWireGuardCore/Internal/TunnelConfiguration+WgQuickConfig.swift b/Sources/TunnelKitWireGuardCore/Internal/TunnelConfiguration+WgQuickConfig.swift index b20dc65..74a564d 100644 --- a/Sources/TunnelKitWireGuardCore/Internal/TunnelConfiguration+WgQuickConfig.swift +++ b/Sources/TunnelKitWireGuardCore/Internal/TunnelConfiguration+WgQuickConfig.swift @@ -73,7 +73,7 @@ extension TunnelConfiguration { } else { attributes[key] = value } - let interfaceSectionKeys: Set = ["privatekey", "listenport", "address", "dns", "mtu"] + let interfaceSectionKeys: Set = ["privatekey", "listenport", "address", "dns", "dnsoverhttpsurl", "dnsovertlsservername", "mtu"] let peerSectionKeys: Set = ["publickey", "presharedkey", "allowedips", "endpoint", "persistentkeepalive"] if parserState == .inInterfaceSection { guard interfaceSectionKeys.contains(key) else { @@ -141,6 +141,12 @@ extension TunnelConfiguration { let dnsString = dnsLine.joined(separator: ", ") output.append("DNS = \(dnsString)\n") } + if let dnsHTTPSURL = interface.dnsHTTPSURL { + output.append("DNSOverHTTPSURL = \(dnsHTTPSURL)\n") + } + if let dnsTLSServerName = interface.dnsTLSServerName { + output.append("DNSOverTLSServerName = \(dnsTLSServerName)\n") + } if let mtu = interface.mtu { output.append("MTU = \(mtu)\n") } @@ -203,6 +209,12 @@ extension TunnelConfiguration { interface.dns = dnsServers interface.dnsSearch = dnsSearch } + if let dnsHTTPSURL = attributes["dnsoverhttpsurl"] { + interface.dnsHTTPSURL = URL(string: dnsHTTPSURL) + } + if let dnsTLSServerName = attributes["dnsovertlsservername"] { + interface.dnsTLSServerName = dnsTLSServerName + } if let mtuString = attributes["mtu"] { guard let mtu = UInt16(mtuString) else { throw ParseError.interfaceHasInvalidMTU(mtuString)