9445b825d0
Make AppExtension generic
...
- Make AppExtension a standalone util subspec
- Move OpenVPN tunnel provider to OpenVPN subspec
- Move Utils to Core subspec
- Depend OpenVPN on Core + AppExtension
2019-05-24 10:41:26 +02:00
b6da3f2d13
Rename proxy to session
...
According to SessionProxy -> OpenVPNSession.
2019-05-19 15:56:44 +02:00
8be0f14aa9
Move PRNG initialization to namespace level
2019-05-19 15:52:55 +02:00
d057e9645b
Restore AppExtension with recent changes
2019-05-19 15:50:12 +02:00
930f05c984
Move OpenVPN timeouts out of Core
2019-05-19 12:39:51 +02:00
5b81aa6a78
Drop "Box" from error codes
2019-05-19 12:22:32 +02:00
9da7fa9667
Split Core into Core+OpenVPN
...
Two Obj-C modules:
- __TunnelKitCore
- __TunnelKitOpenVPN
Seems the only way to do it in multiple module maps.
Move OpenVPN specifics out of CoreConfiguration.
2019-05-19 12:22:32 +02:00
491092f2a3
Drop extra header lines
2019-05-19 12:21:44 +02:00
713a46d817
Update GitHub URL
...
Move to passepartoutvpn org.
2019-05-14 10:58:47 +02:00
d06b2e1928
Shut down if no default gateway
2019-05-11 17:40:46 +02:00
5ce49953a0
Assume empty policies to override server settings
...
Empty != nil. When nil, pull from server.
2019-05-11 16:33:49 +02:00
43c70b2673
Refine logging of some configuration
...
Log about routing entries.
2019-05-11 14:54:25 +02:00
ff0dfc450c
Get TLS security level via AppExtension
...
Improves #97
2019-05-08 16:16:30 +02:00
a693075e90
Block LAN when redirect-gateway block-local
...
Fixes #81
2019-05-03 15:14:25 +02:00
d44d08c95e
Retain self weakly for shutdown on timeout
2019-05-02 13:13:43 +02:00
f799f47c25
Add direct routes to DNS servers
...
If VPN is not default gateway.
Further fix of #94
2019-04-28 15:51:16 +02:00
0b72a30cdd
Add full set of CloudFlare DNS servers
2019-04-28 10:56:39 +02:00
ebabf02eb5
Fix DNS in VPN when not default gateway
...
Awful API requires .matchDomains = [""]
Fixes #94
2019-04-28 10:39:55 +02:00
b331e3cfe6
Mask fallback DNS servers
...
Comment about fallback DNS being public
2019-04-28 10:39:25 +02:00
7978398e1e
Fix logging of routing policies
2019-04-27 22:55:20 +02:00
155bd5f1e7
Revert def1 trick
...
Not needed, routes are not persistent.
Revert 7d26323d3f
2019-04-27 22:55:19 +02:00
7d26323d3f
Use OpenVPN trick to retain default gateway
...
Override default gateway with 2 split routes.
- IPv4: 0.0.0.0/1, 128.0.0.0/1
- IPv6: 2000::/4, 3000::/4
2019-04-27 22:29:51 +02:00
3505f68b04
Revert DNS merge
...
Revert 1d3660459e
2019-04-27 18:25:08 +02:00
b8cd969a1a
Fall back to configurable preset DNS servers
...
Default to CloudFlare 1.1.1.1
Hard time making it work with system DNS servers. Retry later.
2019-04-25 17:18:28 +02:00
1d3660459e
Merge local and remote DNS servers
...
- Local first
- Remote last
2019-04-25 16:18:54 +02:00
82394e0433
Skip DNS settings if no servers are provided
2019-04-25 16:18:54 +02:00
4ce2d78c5a
Adjust log of routing policies
...
Consistent with print configuration.
2019-04-25 16:18:52 +02:00
1b0c9979ce
Log "default" DNS when servers are empty
2019-04-25 16:09:04 +02:00
3f37489c13
Handle pushed routing policies
2019-04-25 16:02:19 +02:00
7382616e8b
Parse routing policies for TunnelKitProvider
2019-04-25 14:39:47 +02:00
f9f642b64e
Set as default gateway based on routing policies
...
Also fix IPv6 routes not properly set.
2019-04-25 14:39:40 +02:00
1b8647bcac
Convert PacketSteram to Obj-C
...
For better TCP efficiency.
2019-04-25 12:42:29 +02:00
9b8be02c2a
Shut down when no IPv4/6 routing available
...
Would fake-connect without VPN icon otherwise.
2019-04-19 09:45:15 +02:00
95ba9dacdb
Fix typo
2019-04-18 12:02:23 +02:00
233aa02169
Add FIXME for default DNS from network interface
2019-04-17 00:50:53 +02:00
b199064b94
Only override domain if non-nil
2019-04-17 00:50:53 +02:00
28fd80f4e0
Treat empty DNS servers as nil
...
Empty local DNS array was pretty much hiding server-pushed DNS.
2019-04-17 00:50:53 +02:00
23b6e3b98e
Relax negotiation timeouts
2019-04-16 23:59:56 +02:00
0a956f5b9f
Handle dhcp-option PROXY_BYPASS
2019-04-13 19:23:02 +02:00
b118030d43
Enable both HTTP and HTTPS proxies
2019-04-13 17:55:08 +02:00
904e7bae21
Apply proxy settings if present
...
Fixes #74
2019-04-12 08:21:04 +02:00
ef9f3c6d0a
Parse proxies into AppExtension configuration
2019-04-12 08:21:04 +02:00
5df614b5e2
Fix incomplete builder() from Configuration
...
Adding a Configuration field is error-prone beyond reason...
2019-04-11 15:30:14 +02:00
914864c31a
Infer serverAddress from sessionConfiguration
2019-04-09 20:45:28 +02:00
3fe9c6de6d
Make hostname optional in ConnectionStrategy
...
Assume preferring resolved addresses.
2019-04-09 20:34:03 +02:00
9f358d6326
Accept nil cipher/digest in AppExtension
...
Reorganize code for clarity.
2019-04-07 08:35:40 +02:00
3717136bd9
Move EndpointProtocol Codable to Core spec
2019-04-05 00:46:45 +02:00
8394fd0676
Rely on default ConfigurationBuilder.init()
2019-04-04 18:51:06 +02:00
55534df6fa
Work around cipher/digest/framing issues
...
- Make them optional
- Set default values inside SessionProxy
Fallback is not needed anywhere else.
2019-04-04 18:51:06 +02:00
a2250686b6
Merge OptionsBundle into Configuration
...
FIXME: issues with non-optional .cipher and .compressionFraming
Because:
- No pushed cipher (nil) is NOT .aes128cbc
- No pushed framing (nil) is NOT .disabled
Breaks conditions on pushed cipher/framing via PUSH_REPLY.
2019-04-04 18:51:06 +02:00
Davide De Rosa