passepartoutvpn/tunnelkit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
851 Commits 1 Branch 58 Tags 3.2 MiB
0f097d50af
Commit Graph

84 Commits

Author SHA1 Message Date
Davide De Rosa
0f097d50af Fall back to network settings when no DNS servers 
Rather than forcing CloudFlare (by default).

Fixes #197
 2021-01-26 10:18:04 +01:00
Davide De Rosa
fd9d34b49c Print description of new DNS settings 2021-01-22 21:14:38 +01:00
Davide De Rosa
dd81ad7a99 Pick proper DNS settings according to protocol 2021-01-22 21:14:38 +01:00
Davide De Rosa
3c92e18c0e Add DNSProtocol 2021-01-22 21:14:38 +01:00
Davide De Rosa
e388842d37 Add fallback compression algorithm 
Disabled.
 2021-01-13 08:10:33 +01:00
Davide De Rosa
c15d6f521a Parse dataCiphersFallback as last resort 
Prioritize over deprecate cipher.
 2021-01-08 19:50:28 +01:00
Davide De Rosa
7ea088e4a1 Make peerInfo dynamic to add IV_CIPHERS 
Fixes #193
 2021-01-08 19:41:16 +01:00
Davide De Rosa
119d2f02e4 Add OpenVPN dataCiphers field 2021-01-08 19:26:20 +01:00
Davide De Rosa
80d99cab6c Refactor legacy parsing of provider configuration 
Leverage Codable implementation of OpenVPN*.Configuration
 2021-01-03 10:47:06 +01:00
Davide De Rosa
e923382c81 Default to unspecified MTU 
Hardcode control channel packets to 1000 bytes.
 2020-12-28 16:04:15 +01:00
Davide De Rosa
1966143fe9 Parse MTU from --tun-mtu 2020-12-28 13:07:19 +01:00
Davide De Rosa
6cb04da05d Add MTU to OpenVPN layer 2020-12-28 13:02:09 +01:00
Davide De Rosa
e3ce38e47e Remove MTU from AppExtension layer 2020-12-27 22:51:58 +01:00
Davide De Rosa
ba3ead13a3 Update copyright 2020-12-27 17:29:39 +01:00
Davide De Rosa
663cab34c9 Centralize reconnection delay 2020-12-20 19:43:23 +01:00
Davide De Rosa
304d0215b6 Use keychain service as item context 
Primary key = (context, username)
 2020-12-20 10:57:06 +01:00
Davide De Rosa
6b8d88fef5 Consider last appearing DOMAIN option 2020-12-15 13:59:06 +01:00
Davide De Rosa
7535458339 Parse domain option 2020-12-11 17:09:15 +01:00
Davide De Rosa
44844cfd9c Update API to access current Wi-Fi SSID 2020-11-21 19:10:58 +01:00
Davide De Rosa
e098117bf1 Drop StandardVPNProvider class name 
Had only renamed file, not class.

See 945bb1b9b7
 2020-11-15 22:09:02 +01:00
Davide De Rosa
945bb1b9b7 Fix context of StandardVPNProvider 
Not generic, rather an OpenVPN implementation.

- Move to OpenVPN subspec
- Rename to OpenVPNProvider
- Depend OpenVPN on Manager
 2020-11-15 21:12:53 +01:00
Kirill Pahnev
014f8aabbd Make IV_UI_VER flag overridable 2020-06-29 16:31:20 +03:00
Kirill Pahnev
d3caa5c4ad Set IV_PLAT based on current OS 2020-06-29 13:00:17 +03:00
Davide De Rosa
a232af1100 Redefine generic Session.serverConfiguration() 
For reuse in Session implementations.
 2020-06-13 13:32:21 +02:00
Davide De Rosa
6c3e667f80 Add a few missing nodoc 2020-06-13 13:31:15 +02:00
Davide De Rosa
74ed3cb4cd Move some initialization after logging configuration 
Logging and masking were not configured at Credentials and
ConnectionStrategy initialization time, hence the missing log
entries from e.g. ConnectionStrategy.init().
 2020-06-11 16:37:20 +02:00
Davide De Rosa
1ff936895f Improve logging of ConnectionStrategy 2020-06-11 16:22:45 +02:00
Davide De Rosa
7a278dba69 Fix nullability of partitioned route 2020-05-23 17:07:59 +02:00
Davide De Rosa
17cb2601be Fix unused result warning 2020-05-23 17:05:46 +02:00
Davide De Rosa
9095ea250e
Address concerns from Guido Vranken fuzzers (#141) 
* 002: Assert return value of snprintf/getnameinfo

* 003: Address OOB reads on decrypted data

* 004: Handle boundary prefixes in .partitioned()

* 005: Fix OOB read in matchesDestination()

* 006: Fix parsing in netname6()

* 007: Fix incorrect use of sizeof()

* 008: Add safety checks in MSSFix()

* 009: Fix bad usage of minilzo calls

* Add checks after RoutingTableEntryAddress4/6
 2020-05-16 15:10:07 +02:00
Davide De Rosa
5285ba7aa8 Set reasserting to false if canRebindLink() 
Code is currently disabled (canRebindLink() is hardcoded to false),
still it's good to stay consistent with semantics of
reasserting = false, i.e. "connection has become active again".
 2020-05-09 15:01:11 +02:00
Davide De Rosa
9b82d7f9ec Evaluate reconnection without touching reasserting 
Use a different variable to signal an upcoming reconnection. Make
sure that reasserting is never set to false with the meaning of
"do not reconnect", because doing so would trigger a transient
"connected" state in the VPN.

Reverts use of cancelTunnelWithError() in sessionDidStop.
 2020-05-09 12:09:03 +02:00
Davide De Rosa
93c24a96cf Refactor with an error parameter in sessionDidStop 
Both versions prevent clients from compiling, but this version
impacts less on existing codebase.
 2020-05-09 12:09:03 +02:00
Robert Patchett
1cd00f9459 Call cancelTunnelWithError(_:) if a connection fails and won't be retried 2020-05-09 12:09:03 +02:00
Jose Blaya
c22bfb3edd Set MTU value in Tunnel settings 2020-05-09 01:09:20 +02:00
Jaroslav_
1ceeb8ddbb
SAN host check (#168) 
* Check if host is present in certificates SAN list

* Save .tlsServerHost error as .tlsServerVerification into last error

Co-authored-by: Davide De Rosa <keeshux@gmail.com>
 2020-05-09 00:02:16 +02:00
Roopesh Chander
753927f36b Fix how NETunnelInterface handles IP protocol number 
The IP protocol number passed to NEPacketTunnelFlow is determined per
packet based on the IP header, instead of determining it based on
whether IPv6 settings are available or not.
 2020-05-06 09:37:24 +05:30
Davide De Rosa
4bdf6b7006 Redefine endpoint strategy according to IPv4/6 2020-04-14 22:57:23 +02:00
Davide De Rosa
6f235e9ea2 Handle IPv4/IPv6 variants in SocketType 2020-04-14 21:54:21 +02:00
Johan Kool
ffe7fc0a0a Continue instead of early return on unknown key id 2020-04-10 13:35:12 +02:00
Davide De Rosa
a02857fdb9 Drop unused variable 2020-04-05 17:16:55 +02:00
Davide De Rosa
311015950e Shut down on server "RESTART" control message 
Fixes #131
 2020-02-29 19:23:26 +01:00
Davide De Rosa
f6d915e6dd Reset rather than nil out Authenticator 
For reuse in control channel.
 2020-02-29 19:11:15 +01:00
Davide De Rosa
a7aa78141e Update copyright clause 2020-01-11 09:26:41 +01:00
Davide De Rosa
e3241f4f4d Fix potential OOB during negotiation 
Reported by @Grivus with SoftEther.

Closes #143
 2019-12-22 16:31:57 +01:00
Davide De Rosa
2c8c2d20f8 Add comment about read failure not shutting down 2019-12-12 20:37:10 +01:00
Davide De Rosa
63aa4b42d7 Use .utility QoS for tunnel queue 
Fixes #138
 2019-12-12 18:34:24 +01:00
Davide De Rosa
88a1bdac06 Schedule ping block even just for timeout check 
In case keepAliveInterval is not set.
 2019-12-12 18:34:20 +01:00
Davide De Rosa
e6f2f3e85a Send pings at regular schedules 
Also fixes coalescing schedules.
 2019-12-12 18:34:20 +01:00
Davide De Rosa
2687dcf36e Debug wake/sleep signals 2019-12-12 15:05:21 +01:00