Davide De Rosa
942dcc48b1
Support native IKE providers (IPSec/IKEv2)
2021-10-18 11:33:45 +02:00
Roopesh Chander
00d908cc89
Avoid caching PEMs on disk ( #213 )
...
* TLSBox: Use OpenSSL calls that take in-memory cert / private key
* TLSBox: Add ability to compute MD5 hash for cert in memory
* OpenVPNSession: Remove disk caching of ca, cert and key
* Add test for computing MD5 hash for cert in memory
Co-authored-by: Davide De Rosa <keeshux@gmail.com>
2021-10-13 10:51:14 +02:00
Davide De Rosa
16c00410ed
Update OpenSSL to 1.1.1l
2021-10-06 18:19:28 +02:00
Davide De Rosa
13b255623a
Prepare for release
...
- Upgrade OpenSSL
- Set release date
2021-08-07 23:15:53 +02:00
Davide De Rosa
65774c9a09
Update CHANGELOG
...
Move XOR PR credits to README.
2021-07-22 10:55:57 +02:00
Davide De Rosa
194f74e126
Set release date
2021-07-18 22:53:40 +02:00
Davide De Rosa
7a6e97da36
Merge branch 'support-stub-v2'
2021-07-18 22:50:30 +02:00
Davide De Rosa
a98943728f
Relax handling of .ovpn whitespaces
2021-07-17 09:46:32 +02:00
Davide De Rosa
4dc3eeeeea
Handle stub/stub-v2 as viable --compress arguments
2021-07-17 09:44:38 +02:00
Davide De Rosa
0a1f33823a
Return error in install completion handler
...
Fixes #206
2021-07-02 11:23:58 +02:00
Davide De Rosa
68d7e08461
Update CHANGELOG
2021-06-26 11:13:51 +02:00
Davide De Rosa
d03204589f
Update + fix CHANGELOG
2021-03-02 15:00:40 +01:00
Davide De Rosa
4fe379a239
Update CHANGELOG
2021-02-12 01:40:53 +01:00
Davide De Rosa
8618b66900
Set release date
2021-01-28 10:43:54 +01:00
Davide De Rosa
4490f0c116
Pick tunnel password reference from existing item
...
Assume that credentials already exist elsewhere for reuse as
password reference. Avoids a redundant keychain entry.
2021-01-27 01:28:27 +01:00
Davide De Rosa
0f097d50af
Fall back to network settings when no DNS servers
...
Rather than forcing CloudFlare (by default).
Fixes #197
2021-01-26 10:18:04 +01:00
Davide De Rosa
dd81ad7a99
Pick proper DNS settings according to protocol
2021-01-22 21:14:38 +01:00
Davide De Rosa
c15d6f521a
Parse dataCiphersFallback as last resort
...
Prioritize over deprecate cipher.
2021-01-08 19:50:28 +01:00
Davide De Rosa
7ea088e4a1
Make peerInfo dynamic to add IV_CIPHERS
...
Fixes #193
2021-01-08 19:41:16 +01:00
Davide De Rosa
8e351f91b4
Set release date
2021-01-07 22:02:49 +01:00
Davide De Rosa
c4b86506cf
Update Demo and metadata
2021-01-03 17:47:48 +01:00
Davide De Rosa
3c2ed00c90
Set release date
2020-12-28 17:50:22 +01:00
Davide De Rosa
1966143fe9
Parse MTU from --tun-mtu
2020-12-28 13:07:19 +01:00
Davide De Rosa
304d0215b6
Use keychain service as item context
...
Primary key = (context, username)
2020-12-20 10:57:06 +01:00
Davide De Rosa
44844cfd9c
Update API to access current Wi-Fi SSID
2020-11-21 19:10:58 +01:00
Davide De Rosa
5c4a4e39c8
Bump version to 3.0.0
2020-11-15 21:24:37 +01:00
Davide De Rosa
cf3151788c
Upgrade OpenSSL-Apple
...
- Apple Silicon
- OpenSSL as XCFramework
2020-11-15 21:12:53 +01:00
Davide De Rosa
11acbfcb96
Update CHANGELOG
2020-10-29 19:19:17 +01:00
Davide De Rosa
683617ddd4
Use active profile name in VPN configuration
...
Rather than "Passepartout", as seen in device settings.
2020-07-02 19:26:50 +02:00
Davide De Rosa
7d2184d205
Update CHANGELOG
2020-06-29 13:36:51 +02:00
Davide De Rosa
48dcad83e2
Fix tunnel bundle identifiers in Demo
...
Also fix past CHANGELOG.
Fixes #176
2020-06-13 13:24:35 +02:00
Davide De Rosa
1ff936895f
Improve logging of ConnectionStrategy
2020-06-11 16:22:45 +02:00
Davide De Rosa
e1e386c61a
Update CHANGELOG
2020-05-20 00:50:55 +02:00
Davide De Rosa
2619036961
Set release date
2020-05-12 15:13:10 +02:00
Davide De Rosa
fe697c2c56
Update CHANGELOG
...
And fix year of recent releases (was 2019).
2020-05-10 11:33:37 +02:00
Davide De Rosa
0d4fc503ec
Update CHANGELOG
2020-05-09 12:12:27 +02:00
Jaroslav_
1ceeb8ddbb
SAN host check ( #168 )
...
* Check if host is present in certificates SAN list
* Save .tlsServerHost error as .tlsServerVerification into last error
Co-authored-by: Davide De Rosa <keeshux@gmail.com>
2020-05-09 00:02:16 +02:00
Davide De Rosa
56eda2720e
Fix CHANGELOG format
2020-05-08 23:50:03 +02:00
Davide De Rosa
60213bafb8
Fix and improve #169
...
- Use constants
- Check packet length for OOB read
- Replace assertion with logging
2020-05-08 21:01:36 +02:00
Davide De Rosa
60e6bcdba8
Update OpenSSL to 1.1.1g
...
Fixes #166
2020-04-21 22:03:08 +02:00
Davide De Rosa
7ba022527c
Update CHANGELOG and README
2020-04-19 02:33:44 +02:00
Davide De Rosa
735c1fd7fd
Update CHANGELOG
2020-04-18 17:11:39 +02:00
Davide De Rosa
d24fe30c7e
Update CHANGELOG
2020-04-15 11:22:54 +02:00
Davide De Rosa
e8f3d74894
Update CHANGELOG
...
Fixes #153
2020-04-14 22:57:23 +02:00
Davide De Rosa
af9f7f8165
Update CHANGELOG
2020-04-13 17:53:10 +02:00
Davide De Rosa
deff855bbc
Fix pointers to local buffers
2020-04-05 17:30:17 +02:00
Davide De Rosa
8825a4e9c8
Update CHANGELOG
2020-02-29 19:26:43 +01:00
Davide De Rosa
e3241f4f4d
Fix potential OOB during negotiation
...
Reported by @Grivus with SoftEther.
Closes #143
2019-12-22 16:31:57 +01:00
Davide De Rosa
6ae741a310
Refine CHANGELOG
...
Issue #138 not really fixed, Apple feedback needed.
2019-12-14 10:14:27 +01:00
Davide De Rosa
db787268a2
Update CHANGELOG
2019-12-12 18:37:16 +01:00
Davide De Rosa
a65682a89a
Update CHANGELOG
2019-12-11 16:44:04 +01:00
Davide De Rosa
b1c11e3e56
Make --ca and --cipher non-optional in .ovpn
...
Dodge those annoying scenarios where server cipher is not set
and defaults to BF-CBC, whereas default TunnelKit cipher
is AES-128-CBC. And data channel stalls.
2019-11-20 01:07:39 +01:00
Davide De Rosa
907c8ec00c
Set release date
...
Fixes #123
2019-11-03 03:46:04 +01:00
Davide De Rosa
9c92d1d567
Upgrade OpenSSL to 1.1.1d
2019-11-02 00:21:51 +01:00
Davide De Rosa
eabcf39f35
Upgrade OpenSSL to 1.1.0l
2019-10-28 11:11:49 +01:00
Davide De Rosa
4d930d3562
Update CHANGELOG
...
Fixes #127
2019-10-25 19:08:44 +02:00
Davide De Rosa
74ec321946
Update CHANGELOG
2019-10-22 22:01:04 +02:00
Davide De Rosa
98b9d71eb3
Assume VPN gateway when route gw is "vpn_gateway"
2019-10-22 13:53:36 +02:00
Davide De Rosa
920a84f952
Update CHANGELOG
2019-10-22 11:02:51 +02:00
Davide De Rosa
9619d21d15
Add missing changelog for 2.0.5
2019-09-30 10:28:57 +02:00
Davide De Rosa
93ac2442b3
Set release date
2019-09-06 23:19:52 +02:00
Davide De Rosa
1ab045e413
Update CHANGELOG
...
Fixes #106
2019-08-23 09:15:59 +02:00
Davide De Rosa
a893504b5f
Set release date
2019-07-27 00:14:44 +02:00
Davide De Rosa
3577674fd2
Update CHANGELOG
...
Fixes #104
2019-07-26 23:26:51 +02:00
Davide De Rosa
ca517b3075
Add missing changelogs of recent 2.x versions
2019-07-26 21:14:23 +02:00
Davide De Rosa
a7a912a0d8
Update CHANGELOG
2019-07-11 18:45:39 +02:00
Davide De Rosa
1dcf4d7745
Shut down abruptly to work around macOS bug
...
Fixes #111
2019-07-07 23:36:06 +02:00
Davide De Rosa
e4f60ddd3a
Update GitHub URL in CHANGELOG
2019-05-14 11:17:18 +02:00
Davide De Rosa
05d12a22d1
Update CHANGELOG
2019-05-14 11:16:56 +02:00
Davide De Rosa
97f178cdac
Tolerate weak certificates
...
Lower SSL security level.
Fixes #97
2019-05-05 17:51:24 +02:00
Davide De Rosa
037f08ed62
Retry auth once without local options
...
Hack around picky server implementations.
Fixes #95
2019-05-01 11:14:52 +02:00
Davide De Rosa
2b41264e48
Set release date
2019-05-01 11:13:27 +02:00
Davide De Rosa
ebabf02eb5
Fix DNS in VPN when not default gateway
...
Awful API requires .matchDomains = [""]
Fixes #94
2019-04-28 10:39:55 +02:00
Davide De Rosa
53c393f2d7
Update CHANGELOG
...
Fixes #91
2019-04-27 18:24:48 +02:00
Davide De Rosa
212ef481dc
Upgrade OpenSSL to 1.1.0j
2019-04-27 10:01:09 +02:00
Davide De Rosa
6fb409b112
Drop UDP packets on no buffer space available
...
Tolerate only on data channel. Control channel should never reach
high speeds.
Fixes #87
2019-04-25 17:29:10 +02:00
Davide De Rosa
b8cd969a1a
Fall back to configurable preset DNS servers
...
Default to CloudFlare 1.1.1.1
Hard time making it work with system DNS servers. Retry later.
2019-04-25 17:18:28 +02:00
Davide De Rosa
f95d9ae551
Update CHANGELOG
...
Fixes #90
2019-04-25 16:02:19 +02:00
Davide De Rosa
ef5180a4ed
Set tls-auth/crypt timestamp once
...
Packets rejected due to replay protection.
Fixes #88
Fixes #61
2019-04-23 23:07:32 +02:00
Davide De Rosa
c565e32dcd
Add "dev-type tun" to local options
...
Plus other hardcoded options like key-method and tls-client.
Seems that older OpenVPN servers didn't send routing info in
PUSH_REPLY if dev-type is not specified explicitly.
Fixes #86
2019-04-18 13:10:57 +02:00
Davide De Rosa
e7a5ce062e
Update CHANGELOG
2019-04-17 09:25:49 +02:00
Davide De Rosa
80f5a3250d
Update CHANGELOG
2019-04-17 00:26:56 +02:00
Davide De Rosa
322242de5c
Fix malformed key generation message
...
Make nullTerminated argument explicit, easier to debug.
Fixes #67
2019-04-13 23:55:18 +02:00
Davide De Rosa
904e7bae21
Apply proxy settings if present
...
Fixes #74
2019-04-12 08:21:04 +02:00
Davide De Rosa
3fe9c6de6d
Make hostname optional in ConnectionStrategy
...
Assume preferring resolved addresses.
2019-04-09 20:34:03 +02:00
Davide De Rosa
f4683bd337
Update CHANGELOG
2019-04-08 23:28:19 +02:00
Davide De Rosa
604f76320d
Set release date
2019-04-06 16:57:56 +02:00
Davide De Rosa
79850575e9
Update CHANGELOG
2019-04-03 13:34:08 +02:00
Davide De Rosa
46fb871375
Update CHANGELOG
2019-04-02 01:04:46 +02:00
Davide De Rosa
559bb6607c
Add and test PKCS#8 decryption
...
Fixes #80
2019-04-02 00:34:23 +02:00
Davide De Rosa
60345f2964
Set release date
2019-04-01 10:01:38 +02:00
Davide De Rosa
93a7729425
Set Swift 5 in docs
2019-03-30 23:21:11 +01:00
Davide De Rosa
44fb5a5b48
Track data count in shared UserDefaults
...
Default disabled (dataCountInterval = 0).
2019-03-30 19:56:26 +01:00
Davide De Rosa
d03f1bd9af
Fix checksEKU not propagated to TunnelKitProvider
2019-03-26 00:37:35 +01:00
Davide De Rosa
39a4c33f43
Set release date
2019-03-25 21:20:04 +01:00
Davide De Rosa
b5b68474af
Update CHANGELOG and README
...
Fixes #72
2019-03-25 20:30:32 +01:00
Davide De Rosa
3e2c9ad7ba
Update CHANGELOG
2019-03-25 15:53:26 +01:00
Davide De Rosa
c93461b153
Send explicit exit notification if UDP
...
Implement --explicit-exit-notify by default.
Fixes #29
2019-03-20 17:57:56 +01:00
Davide De Rosa
a31ad09711
Set release date
2019-03-20 16:47:09 +01:00
Davide De Rosa
40458ebf5f
Update CHANGELOG
2019-03-20 09:08:35 +01:00