Davide De Rosa
5561c7adc6
Group OpenVPN.Configuration funcs into extension
...
- with (creation)
- store (convert to dict)
- print (log)
2019-05-24 10:54:25 +02:00
Davide De Rosa
a85404e951
Rename provider class to OpenVPNTunnelProvider
2019-05-24 10:41:30 +02:00
Davide De Rosa
9445b825d0
Make AppExtension generic
...
- Make AppExtension a standalone util subspec
- Move OpenVPN tunnel provider to OpenVPN subspec
- Move Utils to Core subspec
- Depend OpenVPN on Core + AppExtension
2019-05-24 10:41:26 +02:00
Davide De Rosa
b6da3f2d13
Rename proxy to session
...
According to SessionProxy -> OpenVPNSession.
2019-05-19 15:56:44 +02:00
Davide De Rosa
8be0f14aa9
Move PRNG initialization to namespace level
2019-05-19 15:52:55 +02:00
Davide De Rosa
d057e9645b
Restore AppExtension with recent changes
2019-05-19 15:50:12 +02:00
Davide De Rosa
6ebf025859
Take Session protocol out of OpenVPNSession
...
Fix some doc.
2019-05-19 15:08:43 +02:00
Davide De Rosa
313d076ddf
Move Error extension to Core
2019-05-19 14:34:27 +02:00
Davide De Rosa
c4a84a5ade
Prefix top-level entities with OpenVPN*
2019-05-19 14:34:23 +02:00
Davide De Rosa
9c7ae47679
Make SessionProxy* top level
...
Drop redundant SessionReply.
2019-05-19 14:17:18 +02:00
Davide De Rosa
465e08e42f
Wrap OpenVPN entities in pseudonamespace
...
Temporarily exclude AppExtension and tests.
2019-05-19 14:05:02 +02:00
Davide De Rosa
50d492096f
Move a few generic entities to Core
...
- IPv4Settings
- IPv6Settings
- Proxy
- EndpointProtocol (Codable)
2019-05-19 12:40:20 +02:00
Davide De Rosa
930f05c984
Move OpenVPN timeouts out of Core
2019-05-19 12:39:51 +02:00
Davide De Rosa
5b81aa6a78
Drop "Box" from error codes
2019-05-19 12:22:32 +02:00
Davide De Rosa
9da7fa9667
Split Core into Core+OpenVPN
...
Two Obj-C modules:
- __TunnelKitCore
- __TunnelKitOpenVPN
Seems the only way to do it in multiple module maps.
Move OpenVPN specifics out of CoreConfiguration.
2019-05-19 12:22:32 +02:00
Davide De Rosa
491092f2a3
Drop extra header lines
2019-05-19 12:21:44 +02:00
Davide De Rosa
21b67fd9ff
Make CoreConfiguration a class for bundle lookup
2019-05-19 11:36:26 +02:00
Davide De Rosa
470c50b037
Return just <masked> when masked description
...
Why bother with useless hashes?
2019-05-19 11:36:26 +02:00
Davide De Rosa
d19e029131
Use guard
2019-05-19 11:36:26 +02:00
Davide De Rosa
713a46d817
Update GitHub URL
...
Move to passepartoutvpn org.
2019-05-14 10:58:47 +02:00
Davide De Rosa
7cbcfcd264
Fix condition for SOFT_RESET
...
May receive multiple packets while handling in progress.
2019-05-13 12:15:44 +02:00
Davide De Rosa
d06b2e1928
Shut down if no default gateway
2019-05-11 17:40:46 +02:00
Davide De Rosa
5ce49953a0
Assume empty policies to override server settings
...
Empty != nil. When nil, pull from server.
2019-05-11 16:33:49 +02:00
Davide De Rosa
43c70b2673
Refine logging of some configuration
...
Log about routing entries.
2019-05-11 14:54:25 +02:00
Davide De Rosa
ff0dfc450c
Get TLS security level via AppExtension
...
Improves #97
2019-05-08 16:16:30 +02:00
Davide De Rosa
3a136bdce9
Make TLS security level an option
...
Default level by default.
2019-05-08 16:10:35 +02:00
Davide De Rosa
82f0431303
Take optional securityLevel field in TLSBox
2019-05-08 15:54:05 +02:00
Davide De Rosa
97f178cdac
Tolerate weak certificates
...
Lower SSL security level.
Fixes #97
2019-05-05 17:51:24 +02:00
Davide De Rosa
273007cc59
Copy route.h from macOS
...
Missing on iOS.
2019-05-03 15:14:25 +02:00
Davide De Rosa
a693075e90
Block LAN when redirect-gateway block-local
...
Fixes #81
2019-05-03 15:14:25 +02:00
Davide De Rosa
13cae06a49
Add method to partition a subnet
2019-05-03 15:14:25 +02:00
Davide De Rosa
03a1eb2203
Return IPv4 network mask for a route
2019-05-03 15:14:25 +02:00
Davide De Rosa
4295e63c98
Read relevant routing table
2019-05-03 15:14:25 +02:00
Davide De Rosa
d44d08c95e
Retain self weakly for shutdown on timeout
2019-05-02 13:13:43 +02:00
Davide De Rosa
1430241b0c
Do not fake BF-CBC, pleae
2019-05-01 23:18:54 +02:00
Davide De Rosa
037f08ed62
Retry auth once without local options
...
Hack around picky server implementations.
Fixes #95
2019-05-01 11:14:52 +02:00
Davide De Rosa
14b7f08fb5
Use strict ordering in local options
...
And add TLS wrapping.
2019-05-01 11:14:38 +02:00
Davide De Rosa
7389d72f1f
Fix mutable SessionProxy.Configuration
2019-05-01 11:14:38 +02:00
Davide De Rosa
f799f47c25
Add direct routes to DNS servers
...
If VPN is not default gateway.
Further fix of #94
2019-04-28 15:51:16 +02:00
Davide De Rosa
0b72a30cdd
Add full set of CloudFlare DNS servers
2019-04-28 10:56:39 +02:00
Davide De Rosa
ebabf02eb5
Fix DNS in VPN when not default gateway
...
Awful API requires .matchDomains = [""]
Fixes #94
2019-04-28 10:39:55 +02:00
Davide De Rosa
b331e3cfe6
Mask fallback DNS servers
...
Comment about fallback DNS being public
2019-04-28 10:39:25 +02:00
Davide De Rosa
7978398e1e
Fix logging of routing policies
2019-04-27 22:55:20 +02:00
Davide De Rosa
0ee39c8fb0
Extend handling of redirect-gateway flags
...
- def1 (IPv4)
- ipv6 (IPv6)
- !ipv4 (IPv6 only)
2019-04-27 22:55:20 +02:00
Davide De Rosa
155bd5f1e7
Revert def1 trick
...
Not needed, routes are not persistent.
Revert 7d26323d3f
2019-04-27 22:55:19 +02:00
Davide De Rosa
7d26323d3f
Use OpenVPN trick to retain default gateway
...
Override default gateway with 2 split routes.
- IPv4: 0.0.0.0/1, 128.0.0.0/1
- IPv6: 2000::/4, 3000::/4
2019-04-27 22:29:51 +02:00
Davide De Rosa
3505f68b04
Revert DNS merge
...
Revert 1d3660459e
2019-04-27 18:25:08 +02:00
Davide De Rosa
a48bcc7261
Decrypt generic EVP private key
...
Why PKCS#8?
2019-04-27 10:54:32 +02:00
Davide De Rosa
e0c06ece18
Drop extra EVP_PKEY_free call
2019-04-27 10:44:08 +02:00
Davide De Rosa
6fb409b112
Drop UDP packets on no buffer space available
...
Tolerate only on data channel. Control channel should never reach
high speeds.
Fixes #87
2019-04-25 17:29:10 +02:00