passepartoutvpn/tunnelkit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
946 Commits 1 Branch 58 Tags 3.2 MiB
430e0e6afb
Commit Graph

946 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Davide De Rosa
430e0e6afb Handle --keepalive option 2022-01-04 09:21:45 +01:00
Davide De Rosa
decc82fb9f [ci skip] Change job name 2021-12-03 00:16:28 +01:00
Davide De Rosa
90d29d64e8 [ci skip] Ignore updates to *.md for testing 2021-12-02 15:44:28 +01:00
Davide De Rosa
e8a3abc0da [ci skip] Trigger release on milestone closed 2021-12-02 09:54:11 +01:00
Davide De Rosa
0c500fa4ee Add job names 2021-12-02 09:54:09 +01:00
Davide De Rosa
fda232edcb
Add WireGuard package (#236) 
* Add WireGuard packages

- Use eduVPN script for WireGuardKitGo
- Wrap WireGuardKit entities into Configuration
- Split demo into OpenVPN/WireGuard controllers

* Rewrite README with multiple VPN protocols
 2021-12-01 13:54:00 +01:00
Davide De Rosa
ae6cb4e8dc [ci skip] Add manual release action 2021-12-01 13:46:14 +01:00
Davide De Rosa
a199955b2d [ci skip] Add local script to push release 2021-11-28 19:45:11 +01:00
Davide De Rosa
f5b9ba0eba [ci skip] Rename workflow 2021-11-28 19:35:36 +01:00
Davide De Rosa
ccb6480fdb [ci skip] Polish case in badges 2021-11-28 16:50:56 +01:00
Davide De Rosa
80e4f2ff4e Add test workflow on push to master 
Add badge in README.
 2021-11-28 16:13:12 +01:00
Davide De Rosa
b88f490b82 Set release date 2021-11-27 12:35:21 +01:00
Davide De Rosa
9c63b856cb
Verify CA from on-disk file (#237) 
* Verify CA from on-disk file

Revert part of #213 again, because `SSL_CTX_load_verify_locations`
is just more reliable at setting up the trust store.

It looks like it's able to reference the .pem multiple times in
those cases where the root issuer of the CA is also embedded in
the file (which is the case with e.g. Let's Encrypt).

This is better than the current implementation, and I couldn't
easily find a way to do the same in-memory. I'd rather use the
standard API here.

See 7a85d3cac7
 2021-11-27 12:32:30 +01:00
Davide De Rosa
9f46054f04 Fix Bitcode note in README 2021-11-25 13:28:50 +01:00
Davide De Rosa
80fd2d99e1 Set release date 2021-11-25 13:00:10 +01:00
Davide De Rosa
d1e8f70da3 Bind to OpenSSL 1.1.1l 2021-11-25 12:40:56 +01:00
Davide De Rosa
7a85d3cac7
Restore and fix former PEM caching PR (#235) 
This reverts commit 995009121a.

* Improve error handling

* Trust intermediate CA

* Update CHANGELOG
 2021-11-25 12:36:17 +01:00
Davide De Rosa
e8f7778179 Use semantic version for OpenSSL 2021-11-25 09:30:24 +01:00
Davide De Rosa
67f6d83321 Mention "Run Script" fix around Xcode plugin bug 
Redundant "Frameworks" in app extensions.
 2021-11-24 18:21:27 +01:00
Davide De Rosa
b6d3cdc3b1
Revert to OpenSSL (#233) 
* Use an OpenSSL binary without Bitcode
* Restore TLS security level override
* Disable Bitcode completely in Demo
 2021-11-24 16:40:19 +01:00
Davide De Rosa
74f38d335b Move TunnelKit errors specific to OpenVPN 
Use local error domain in LZO to not depend on anything.
 2021-11-23 19:17:43 +01:00
Davide De Rosa
c7ffa79e91 Export TunnelKitCore together with OpenVPN 2021-11-23 19:17:43 +01:00
Davide De Rosa
bb5cd1e1ab Return password reference at the time of setting 
Simplifies app/extension IPC.
 2021-11-23 19:17:43 +01:00
Davide De Rosa
8e6624e113 Strip dependencies on TunnelKitCore 
- TunnelKitManager
- TunnelKitIKE
- TunnelKitOpenVPNManager
 2021-11-23 13:17:52 +01:00
Davide De Rosa
f1f2dddbf2 Bump demo version 2021-11-23 12:22:07 +01:00
Davide De Rosa
333fc2f6ed Update CHANGELOG 2021-11-18 12:53:48 +01:00
Davide De Rosa
995009121a Revert "Avoid caching PEMs on disk (#213)" 
This reverts commit 00d908cc89.
 2021-11-18 12:05:06 +01:00
Davide De Rosa
77b9aad500 Use a lower iOS target 2021-11-16 13:46:07 +01:00
Davide De Rosa
29ff5a3772 Set release date 2021-11-16 11:56:49 +01:00
Davide De Rosa
9536a72c56 Readd missing OpenSSL link 2021-11-16 11:56:49 +01:00
Davide De Rosa
4a47eec041 Update README with recent reorg 2021-11-12 10:00:55 +01:00
Davide De Rosa
9e14f33235 Drop jazzy, will use DocC 2021-11-12 10:00:55 +01:00
Davide De Rosa
bc776eda85 Replace OpenSSL with BoringSSL from SwiftNIO SSL 
- Raise iOS target to 13
- Drop support for TLS security level
- Address warnings about integer conversion (iOS)
 2021-11-12 10:00:46 +01:00
Davide De Rosa
50064fc3d0 Increase components granularity 
Minimize target dependency on OpenSSL (easier to drop later).

Outside of OpenVPN tunnel extension, OpenSSL is only used to
decrypt encrypted private keys in CryptoContainer (found in
TunnelKitOpenVPNCore, therefore "temporarily" dependent on
CTunnelKitOpenVPNAppExtension for TLSBox/CryptoBox).
 2021-11-11 15:18:03 +01:00
Davide De Rosa
d1f70171cb Lower SwiftPM version to 5.3 2021-11-06 11:37:26 +01:00
Davide De Rosa
950f5503e3 Drop CocoaPods from README 2021-11-05 11:51:21 +01:00
Davide De Rosa
3a546ebfbb Exclude main() from LZO package 2021-11-04 17:31:19 +01:00
Davide De Rosa
b86a72ebde Drop redundant test dependency 2021-11-03 19:30:19 +01:00
Davide De Rosa
e49e3cad08 Fix test inter-dependencies 
Cannot depend on another test target?
 2021-11-03 12:14:19 +01:00
Davide De Rosa
d977c3317c Fix macOS demo not connecting 
Missing keychain sharing capabilities.
 2021-11-02 22:30:43 +01:00
Davide De Rosa
92fd620771 Regroup targets 
Prefix "internal" modules with underscore.
 2021-10-29 23:22:17 +02:00
Davide De Rosa
0978b973eb Update CHANGELOG 
Fixes #210
 2021-10-26 15:43:14 +02:00
Davide De Rosa
50ea1ea81a Convert CocoaPods project to SwiftPM 2021-10-26 15:43:10 +02:00
Davide De Rosa
1b5f5dd663 Bump version 2021-10-21 10:48:59 +02:00
Davide De Rosa
25ce4b69db Drop unused variables 2021-10-18 12:53:15 +02:00
Davide De Rosa
44a0624b10 Set release date 2021-10-18 12:01:17 +02:00
Davide De Rosa
942dcc48b1 Support native IKE providers (IPSec/IKEv2) 2021-10-18 11:33:45 +02:00
Davide De Rosa
30da62971f Remove old Travis-CI badge 2021-10-18 11:33:45 +02:00
Davide De Rosa
4a49f09770 Update bundle 2021-10-17 20:16:20 +02:00
Roopesh Chander
00d908cc89
Avoid caching PEMs on disk (#213) 
* TLSBox: Use OpenSSL calls that take in-memory cert / private key

* TLSBox: Add ability to compute MD5 hash for cert in memory

* OpenVPNSession: Remove disk caching of ca, cert and key

* Add test for computing MD5 hash for cert in memory

Co-authored-by: Davide De Rosa <keeshux@gmail.com>
 2021-10-13 10:51:14 +02:00