passepartoutvpn
/
tunnelkit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
557 Commits 1 Branch 58 Tags 3.2 MiB
Commit Graph

557 Commits

Author SHA1 Message Date
Davide De Rosa 0a80dec3a7 Add static key encryption to unsupported 2019-05-09 10:18:31 +02:00
Davide De Rosa 977ff7e573
Merge pull request #98 from keeshux/customize-security-level 
Customize security level
 2019-05-09 10:18:04 +02:00
Davide De Rosa ff0dfc450c Get TLS security level via AppExtension 
Improves #97
 2019-05-08 16:16:30 +02:00
Davide De Rosa 3a136bdce9 Make TLS security level an option 
Default level by default.
 2019-05-08 16:10:35 +02:00
Davide De Rosa 82f0431303 Take optional securityLevel field in TLSBox 2019-05-08 15:54:05 +02:00
Davide De Rosa 97f178cdac Tolerate weak certificates 
Lower SSL security level.

Fixes #97
 2019-05-05 17:51:24 +02:00
Davide De Rosa 84a81ccd13
Merge pull request #96 from keeshux/block-local-network 
Block local network
 2019-05-05 17:48:57 +02:00
Davide De Rosa 273007cc59 Copy route.h from macOS 
Missing on iOS.
 2019-05-03 15:14:25 +02:00
Davide De Rosa a693075e90 Block LAN when redirect-gateway block-local 
Fixes #81
 2019-05-03 15:14:25 +02:00
Davide De Rosa 13cae06a49 Add method to partition a subnet 2019-05-03 15:14:25 +02:00
Davide De Rosa 03a1eb2203 Return IPv4 network mask for a route 2019-05-03 15:14:25 +02:00
Davide De Rosa 4295e63c98 Read relevant routing table 2019-05-03 15:14:25 +02:00
Davide De Rosa d44d08c95e Retain self weakly for shutdown on timeout 2019-05-02 13:13:43 +02:00
Davide De Rosa 705be661b0 Clarify README bit about proxy 2019-05-02 10:49:30 +02:00
Davide De Rosa 1430241b0c Do not fake BF-CBC, pleae 2019-05-01 23:18:54 +02:00
Davide De Rosa 037f08ed62 Retry auth once without local options 
Hack around picky server implementations.

Fixes #95
 2019-05-01 11:14:52 +02:00
Davide De Rosa 14b7f08fb5 Use strict ordering in local options 
And add TLS wrapping.
 2019-05-01 11:14:38 +02:00
Davide De Rosa 7389d72f1f Fix mutable SessionProxy.Configuration 2019-05-01 11:14:38 +02:00
Davide De Rosa edd15f661e Bump version 2019-05-01 11:14:38 +02:00
Davide De Rosa 2b41264e48 Set release date 2019-05-01 11:13:27 +02:00
Davide De Rosa 295d5fa713 Bump minor version 
Makes sense, lot of fixes.
 2019-04-28 16:23:38 +02:00
Davide De Rosa f799f47c25 Add direct routes to DNS servers 
If VPN is not default gateway.

Further fix of #94
 2019-04-28 15:51:16 +02:00
Davide De Rosa 0b72a30cdd Add full set of CloudFlare DNS servers 2019-04-28 10:56:39 +02:00
Davide De Rosa ebabf02eb5 Fix DNS in VPN when not default gateway 
Awful API requires .matchDomains = [""]

Fixes #94
 2019-04-28 10:39:55 +02:00
Davide De Rosa b331e3cfe6 Mask fallback DNS servers 
Comment about fallback DNS being public
 2019-04-28 10:39:25 +02:00
Davide De Rosa a4d6f94b7f Merge branch 'extend-redirect-gateway-flags' 2019-04-27 23:06:46 +02:00
Davide De Rosa 7978398e1e Fix logging of routing policies 2019-04-27 22:55:20 +02:00
Davide De Rosa 0ee39c8fb0 Extend handling of redirect-gateway flags 
- def1 (IPv4)
- ipv6 (IPv6)
- !ipv4 (IPv6 only)
 2019-04-27 22:55:20 +02:00
Davide De Rosa 155bd5f1e7 Revert def1 trick 
Not needed, routes are not persistent.

Revert 7d26323d3f
 2019-04-27 22:55:19 +02:00
Davide De Rosa 7d26323d3f Use OpenVPN trick to retain default gateway 
Override default gateway with 2 split routes.

- IPv4: 0.0.0.0/1, 128.0.0.0/1
- IPv6: 2000::/4, 3000::/4
 2019-04-27 22:29:51 +02:00
Davide De Rosa a047d2bdd5 Fix Demo 
- Update pods
- Prevent crash when no debug log available (#93)
 2019-04-27 22:29:15 +02:00
Davide De Rosa 3505f68b04 Revert DNS merge 
Revert 1d3660459e
 2019-04-27 18:25:08 +02:00
Davide De Rosa 53c393f2d7 Update CHANGELOG 
Fixes #91
 2019-04-27 18:24:48 +02:00
Davide De Rosa 56d05e17ae Update README 2019-04-27 13:54:14 +02:00
Davide De Rosa a48bcc7261 Decrypt generic EVP private key 
Why PKCS#8?
 2019-04-27 10:54:32 +02:00
Davide De Rosa e0c06ece18 Drop extra EVP_PKEY_free call 2019-04-27 10:44:08 +02:00
Davide De Rosa 212ef481dc Upgrade OpenSSL to 1.1.0j 2019-04-27 10:01:09 +02:00
Davide De Rosa 6fb409b112 Drop UDP packets on no buffer space available 
Tolerate only on data channel. Control channel should never reach
high speeds.

Fixes #87
 2019-04-25 17:29:10 +02:00
Davide De Rosa 4acf7f3b49 Merge branch 'improve-dns-fallback' 
Fixes #84
 2019-04-25 17:23:01 +02:00
Davide De Rosa b8cd969a1a Fall back to configurable preset DNS servers 
Default to CloudFlare 1.1.1.1

Hard time making it work with system DNS servers. Retry later.
 2019-04-25 17:18:28 +02:00
Davide De Rosa 31d9019f1a Read system-wide DNS servers 
Add libresolv to podspec.
 2019-04-25 16:36:16 +02:00
Davide De Rosa 1d3660459e Merge local and remote DNS servers 
- Local first
- Remote last
 2019-04-25 16:18:54 +02:00
Davide De Rosa 82394e0433 Skip DNS settings if no servers are provided 2019-04-25 16:18:54 +02:00
Davide De Rosa 4ce2d78c5a Adjust log of routing policies 
Consistent with print configuration.
 2019-04-25 16:18:52 +02:00
Davide De Rosa 1b0c9979ce Log "default" DNS when servers are empty 2019-04-25 16:09:04 +02:00
Davide De Rosa e17c5d0fdd Merge branch 'routing-policies' 2019-04-25 16:07:11 +02:00
Davide De Rosa f95d9ae551 Update CHANGELOG 
Fixes #90
 2019-04-25 16:02:19 +02:00
Davide De Rosa 3f37489c13 Handle pushed routing policies 2019-04-25 16:02:19 +02:00
Davide De Rosa 7382616e8b Parse routing policies for TunnelKitProvider 2019-04-25 14:39:47 +02:00
Davide De Rosa f9f642b64e Set as default gateway based on routing policies 
Also fix IPv6 routes not properly set.
 2019-04-25 14:39:40 +02:00