Davide De Rosa
9c63b856cb
Verify CA from on-disk file ( #237 )
...
* Verify CA from on-disk file
Revert part of #213 again, because `SSL_CTX_load_verify_locations`
is just more reliable at setting up the trust store.
It looks like it's able to reference the .pem multiple times in
those cases where the root issuer of the CA is also embedded in
the file (which is the case with e.g. Let's Encrypt).
This is better than the current implementation, and I couldn't
easily find a way to do the same in-memory. I'd rather use the
standard API here.
See 7a85d3cac7
2021-11-27 12:32:30 +01:00
Davide De Rosa
9f46054f04
Fix Bitcode note in README
2021-11-25 13:28:50 +01:00
Davide De Rosa
80fd2d99e1
Set release date
2021-11-25 13:00:10 +01:00
Davide De Rosa
d1e8f70da3
Bind to OpenSSL 1.1.1l
2021-11-25 12:40:56 +01:00
Davide De Rosa
7a85d3cac7
Restore and fix former PEM caching PR ( #235 )
...
This reverts commit 995009121a
.
* Improve error handling
* Trust intermediate CA
* Update CHANGELOG
2021-11-25 12:36:17 +01:00
Davide De Rosa
e8f7778179
Use semantic version for OpenSSL
2021-11-25 09:30:24 +01:00
Davide De Rosa
67f6d83321
Mention "Run Script" fix around Xcode plugin bug
...
Redundant "Frameworks" in app extensions.
2021-11-24 18:21:27 +01:00
Davide De Rosa
b6d3cdc3b1
Revert to OpenSSL ( #233 )
...
* Use an OpenSSL binary without Bitcode
* Restore TLS security level override
* Disable Bitcode completely in Demo
2021-11-24 16:40:19 +01:00
Davide De Rosa
74f38d335b
Move TunnelKit errors specific to OpenVPN
...
Use local error domain in LZO to not depend on anything.
2021-11-23 19:17:43 +01:00
Davide De Rosa
c7ffa79e91
Export TunnelKitCore together with OpenVPN
2021-11-23 19:17:43 +01:00
Davide De Rosa
bb5cd1e1ab
Return password reference at the time of setting
...
Simplifies app/extension IPC.
2021-11-23 19:17:43 +01:00
Davide De Rosa
8e6624e113
Strip dependencies on TunnelKitCore
...
- TunnelKitManager
- TunnelKitIKE
- TunnelKitOpenVPNManager
2021-11-23 13:17:52 +01:00
Davide De Rosa
f1f2dddbf2
Bump demo version
2021-11-23 12:22:07 +01:00
Davide De Rosa
333fc2f6ed
Update CHANGELOG
2021-11-18 12:53:48 +01:00
Davide De Rosa
995009121a
Revert "Avoid caching PEMs on disk ( #213 )"
...
This reverts commit 00d908cc89
.
2021-11-18 12:05:06 +01:00
Davide De Rosa
77b9aad500
Use a lower iOS target
2021-11-16 13:46:07 +01:00
Davide De Rosa
29ff5a3772
Set release date
2021-11-16 11:56:49 +01:00
Davide De Rosa
9536a72c56
Readd missing OpenSSL link
2021-11-16 11:56:49 +01:00
Davide De Rosa
4a47eec041
Update README with recent reorg
2021-11-12 10:00:55 +01:00
Davide De Rosa
9e14f33235
Drop jazzy, will use DocC
2021-11-12 10:00:55 +01:00
Davide De Rosa
bc776eda85
Replace OpenSSL with BoringSSL from SwiftNIO SSL
...
- Raise iOS target to 13
- Drop support for TLS security level
- Address warnings about integer conversion (iOS)
2021-11-12 10:00:46 +01:00
Davide De Rosa
50064fc3d0
Increase components granularity
...
Minimize target dependency on OpenSSL (easier to drop later).
Outside of OpenVPN tunnel extension, OpenSSL is only used to
decrypt encrypted private keys in CryptoContainer (found in
TunnelKitOpenVPNCore, therefore "temporarily" dependent on
CTunnelKitOpenVPNAppExtension for TLSBox/CryptoBox).
2021-11-11 15:18:03 +01:00
Davide De Rosa
d1f70171cb
Lower SwiftPM version to 5.3
2021-11-06 11:37:26 +01:00
Davide De Rosa
950f5503e3
Drop CocoaPods from README
2021-11-05 11:51:21 +01:00
Davide De Rosa
3a546ebfbb
Exclude main() from LZO package
2021-11-04 17:31:19 +01:00
Davide De Rosa
b86a72ebde
Drop redundant test dependency
2021-11-03 19:30:19 +01:00
Davide De Rosa
e49e3cad08
Fix test inter-dependencies
...
Cannot depend on another test target?
2021-11-03 12:14:19 +01:00
Davide De Rosa
d977c3317c
Fix macOS demo not connecting
...
Missing keychain sharing capabilities.
2021-11-02 22:30:43 +01:00
Davide De Rosa
92fd620771
Regroup targets
...
Prefix "internal" modules with underscore.
2021-10-29 23:22:17 +02:00
Davide De Rosa
0978b973eb
Update CHANGELOG
...
Fixes #210
2021-10-26 15:43:14 +02:00
Davide De Rosa
50ea1ea81a
Convert CocoaPods project to SwiftPM
2021-10-26 15:43:10 +02:00
Davide De Rosa
1b5f5dd663
Bump version
2021-10-21 10:48:59 +02:00
Davide De Rosa
25ce4b69db
Drop unused variables
2021-10-18 12:53:15 +02:00
Davide De Rosa
44a0624b10
Set release date
2021-10-18 12:01:17 +02:00
Davide De Rosa
942dcc48b1
Support native IKE providers (IPSec/IKEv2)
2021-10-18 11:33:45 +02:00
Davide De Rosa
30da62971f
Remove old Travis-CI badge
2021-10-18 11:33:45 +02:00
Davide De Rosa
4a49f09770
Update bundle
2021-10-17 20:16:20 +02:00
Roopesh Chander
00d908cc89
Avoid caching PEMs on disk ( #213 )
...
* TLSBox: Use OpenSSL calls that take in-memory cert / private key
* TLSBox: Add ability to compute MD5 hash for cert in memory
* OpenVPNSession: Remove disk caching of ca, cert and key
* Add test for computing MD5 hash for cert in memory
Co-authored-by: Davide De Rosa <keeshux@gmail.com>
2021-10-13 10:51:14 +02:00
Davide De Rosa
16c00410ed
Update OpenSSL to 1.1.1l
2021-10-06 18:19:28 +02:00
Davide De Rosa
d107e485d1
Merge branch 'refactor-multiple-protocols'
2021-09-20 20:21:28 +02:00
Davide De Rosa
48c7e068e6
Expose MockVPNProvider
2021-09-20 19:43:17 +02:00
Davide De Rosa
ff4a1e3945
Ditch non-scalable VPN.shared
2021-09-20 18:52:34 +02:00
Davide De Rosa
c442d44a0f
Complete jazzy documentation
2021-09-20 18:35:33 +02:00
Davide De Rosa
70f8c6cc2b
Reorganize VPNProvider related components
...
Reuse most code for native or custom providers.
2021-09-20 18:34:45 +02:00
Davide De Rosa
e6e37cd528
Relax protocol type in base VPN configuration
...
NETunnelProviderProtocol -> NEVPNProtocol
2021-08-25 18:00:48 +02:00
Davide De Rosa
9a00befca9
Move configuration implementation to single file
2021-08-25 18:00:25 +02:00
Davide De Rosa
d5e849f699
Bump version and update library purpose
2021-08-09 10:30:22 +02:00
Davide De Rosa
13b255623a
Prepare for release
...
- Upgrade OpenSSL
- Set release date
2021-08-07 23:15:53 +02:00
Davide De Rosa
e3157343dc
Merge pull request #170 from passepartoutvpn/add-scramble-xormask
...
Add scramble xormask
2021-07-23 17:09:53 +02:00
Davide De Rosa
434817c563
Mention XOR option in README
2021-07-23 11:15:08 +02:00