Davide De Rosa
80d99cab6c
Refactor legacy parsing of provider configuration
...
Leverage Codable implementation of OpenVPN*.Configuration
2021-01-03 10:47:06 +01:00
Davide De Rosa
e923382c81
Default to unspecified MTU
...
Hardcode control channel packets to 1000 bytes.
2020-12-28 16:04:15 +01:00
Davide De Rosa
ba3ead13a3
Update copyright
2020-12-27 17:29:39 +01:00
Davide De Rosa
663cab34c9
Centralize reconnection delay
2020-12-20 19:43:23 +01:00
Kirill Pahnev
014f8aabbd
Make IV_UI_VER flag overridable
2020-06-29 16:31:20 +03:00
Davide De Rosa
f424d4a064
Add missing entities from docs
2020-06-13 17:38:28 +02:00
Davide De Rosa
a232af1100
Redefine generic Session.serverConfiguration()
...
For reuse in Session implementations.
2020-06-13 13:32:21 +02:00
Davide De Rosa
7a278dba69
Fix nullability of partitioned route
2020-05-23 17:07:59 +02:00
Davide De Rosa
9095ea250e
Address concerns from Guido Vranken fuzzers ( #141 )
...
* 002: Assert return value of snprintf/getnameinfo
* 003: Address OOB reads on decrypted data
* 004: Handle boundary prefixes in .partitioned()
* 005: Fix OOB read in matchesDestination()
* 006: Fix parsing in netname6()
* 007: Fix incorrect use of sizeof()
* 008: Add safety checks in MSSFix()
* 009: Fix bad usage of minilzo calls
* Add checks after RoutingTableEntryAddress4/6
2020-05-16 15:10:07 +02:00
Davide De Rosa
01554713b8
Move IP header logic to separate struct
2020-05-12 13:07:09 +02:00
Jaroslav_
1ceeb8ddbb
SAN host check ( #168 )
...
* Check if host is present in certificates SAN list
* Save .tlsServerHost error as .tlsServerVerification into last error
Co-authored-by: Davide De Rosa <keeshux@gmail.com>
2020-05-09 00:02:16 +02:00
Davide De Rosa
40eb98fd72
Return IP version-aware records from DNSResolver
...
FIXME: compilation errors in ConnectionStrategy and related.
2020-04-14 22:57:08 +02:00
Davide De Rosa
6f235e9ea2
Handle IPv4/IPv6 variants in SocketType
2020-04-14 21:54:21 +02:00
Davide De Rosa
c7595ed295
Rewrite IPv4-to-String conversion
...
Flaky Swift pointer API.
2020-04-14 21:54:19 +02:00
Davide De Rosa
deff855bbc
Fix pointers to local buffers
2020-04-05 17:30:17 +02:00
Davide De Rosa
a7aa78141e
Update copyright clause
2020-01-11 09:26:41 +01:00
Davide De Rosa
dcac7cb2d4
Fix hidden IPv4Settings fields
2019-10-23 10:55:37 +02:00
Davide De Rosa
d22f40f7e9
Fix potential OOB in memcmp()
2019-09-17 23:41:35 +02:00
Davide De Rosa
d815f5222f
Change var to let
...
Xcode no more signals wrong side-effect in withUnsafeBytes.
2019-09-17 16:09:09 +02:00
Davide De Rosa
eb56a9a56c
Optimize [Data].flatCount
2019-06-05 14:14:15 +02:00
Davide De Rosa
2ddf712176
Update jazzy YAML
2019-05-24 16:04:19 +02:00
Davide De Rosa
21eee24e7c
Add missing documentation
2019-05-24 16:02:06 +02:00
Davide De Rosa
72ce14b676
Make AppExtension entities public
2019-05-24 16:02:06 +02:00
Davide De Rosa
9445b825d0
Make AppExtension generic
...
- Make AppExtension a standalone util subspec
- Move OpenVPN tunnel provider to OpenVPN subspec
- Move Utils to Core subspec
- Depend OpenVPN on Core + AppExtension
2019-05-24 10:41:26 +02:00
Davide De Rosa
6ebf025859
Take Session protocol out of OpenVPNSession
...
Fix some doc.
2019-05-19 15:08:43 +02:00
Davide De Rosa
313d076ddf
Move Error extension to Core
2019-05-19 14:34:27 +02:00
Davide De Rosa
50d492096f
Move a few generic entities to Core
...
- IPv4Settings
- IPv6Settings
- Proxy
- EndpointProtocol (Codable)
2019-05-19 12:40:20 +02:00
Davide De Rosa
930f05c984
Move OpenVPN timeouts out of Core
2019-05-19 12:39:51 +02:00
Davide De Rosa
5b81aa6a78
Drop "Box" from error codes
2019-05-19 12:22:32 +02:00
Davide De Rosa
9da7fa9667
Split Core into Core+OpenVPN
...
Two Obj-C modules:
- __TunnelKitCore
- __TunnelKitOpenVPN
Seems the only way to do it in multiple module maps.
Move OpenVPN specifics out of CoreConfiguration.
2019-05-19 12:22:32 +02:00
Davide De Rosa
491092f2a3
Drop extra header lines
2019-05-19 12:21:44 +02:00
Davide De Rosa
21b67fd9ff
Make CoreConfiguration a class for bundle lookup
2019-05-19 11:36:26 +02:00
Davide De Rosa
470c50b037
Return just <masked> when masked description
...
Why bother with useless hashes?
2019-05-19 11:36:26 +02:00
Davide De Rosa
d19e029131
Use guard
2019-05-19 11:36:26 +02:00
Davide De Rosa
713a46d817
Update GitHub URL
...
Move to passepartoutvpn org.
2019-05-14 10:58:47 +02:00
Davide De Rosa
7cbcfcd264
Fix condition for SOFT_RESET
...
May receive multiple packets while handling in progress.
2019-05-13 12:15:44 +02:00
Davide De Rosa
3a136bdce9
Make TLS security level an option
...
Default level by default.
2019-05-08 16:10:35 +02:00
Davide De Rosa
82f0431303
Take optional securityLevel field in TLSBox
2019-05-08 15:54:05 +02:00
Davide De Rosa
97f178cdac
Tolerate weak certificates
...
Lower SSL security level.
Fixes #97
2019-05-05 17:51:24 +02:00
Davide De Rosa
273007cc59
Copy route.h from macOS
...
Missing on iOS.
2019-05-03 15:14:25 +02:00
Davide De Rosa
a693075e90
Block LAN when redirect-gateway block-local
...
Fixes #81
2019-05-03 15:14:25 +02:00
Davide De Rosa
13cae06a49
Add method to partition a subnet
2019-05-03 15:14:25 +02:00
Davide De Rosa
03a1eb2203
Return IPv4 network mask for a route
2019-05-03 15:14:25 +02:00
Davide De Rosa
4295e63c98
Read relevant routing table
2019-05-03 15:14:25 +02:00
Davide De Rosa
1430241b0c
Do not fake BF-CBC, pleae
2019-05-01 23:18:54 +02:00
Davide De Rosa
037f08ed62
Retry auth once without local options
...
Hack around picky server implementations.
Fixes #95
2019-05-01 11:14:52 +02:00
Davide De Rosa
14b7f08fb5
Use strict ordering in local options
...
And add TLS wrapping.
2019-05-01 11:14:38 +02:00
Davide De Rosa
7389d72f1f
Fix mutable SessionProxy.Configuration
2019-05-01 11:14:38 +02:00
Davide De Rosa
0ee39c8fb0
Extend handling of redirect-gateway flags
...
- def1 (IPv4)
- ipv6 (IPv6)
- !ipv4 (IPv6 only)
2019-04-27 22:55:20 +02:00
Davide De Rosa
a48bcc7261
Decrypt generic EVP private key
...
Why PKCS#8?
2019-04-27 10:54:32 +02:00