passepartoutvpn
/
tunnelkit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
882 Commits 1 Branch 58 Tags 3.2 MiB
Commit Graph

50 Commits

Author SHA1 Message Date
Roopesh Chander 2b3eb5412c Keychain: Use app group when dereferencing a password reference 
Co-authored-by: Davide De Rosa <keeshux@gmail.com>

Better retain access group every time keychain is written to or
read from, there is no good reason to omit it. Requires Keychain
method to be reverted to non-static.

Partially revert 4490f0c116, based
on wrong assumptions about password references.
 2021-02-11 13:44:00 +01:00
Davide De Rosa 4490f0c116 Pick tunnel password reference from existing item 
Assume that credentials already exist elsewhere for reuse as
password reference. Avoids a redundant keychain entry.
 2021-01-27 01:28:27 +01:00
Jose Blaya 4b3f3dee5f
Check if cfg.sessionConfiguration.dnsServers is empty (#198) 2021-01-26 16:31:57 +01:00
Davide De Rosa 790ec276db Restrain DNS servers according to protocol 
- Cleartext: pick any available
- HTTPS/TLS: only pick local servers, secure DNS may NEVER come
  from VPN server

Require for TLS, not for HTTPS (not even sure about their need).
 2021-01-26 11:20:01 +01:00
Davide De Rosa 3abb7cbccc Fix up misleading log from condition in latest commit 2021-01-26 10:59:37 +01:00
Davide De Rosa 0f097d50af Fall back to network settings when no DNS servers 
Rather than forcing CloudFlare (by default).

Fixes #197
 2021-01-26 10:18:04 +01:00
Davide De Rosa dd81ad7a99 Pick proper DNS settings according to protocol 2021-01-22 21:14:38 +01:00
Davide De Rosa 80d99cab6c Refactor legacy parsing of provider configuration 
Leverage Codable implementation of OpenVPN*.Configuration
 2021-01-03 10:47:06 +01:00
Davide De Rosa e923382c81 Default to unspecified MTU 
Hardcode control channel packets to 1000 bytes.
 2020-12-28 16:04:15 +01:00
Davide De Rosa 6cb04da05d Add MTU to OpenVPN layer 2020-12-28 13:02:09 +01:00
Davide De Rosa e3ce38e47e Remove MTU from AppExtension layer 2020-12-27 22:51:58 +01:00
Davide De Rosa ba3ead13a3 Update copyright 2020-12-27 17:29:39 +01:00
Davide De Rosa 304d0215b6 Use keychain service as item context 
Primary key = (context, username)
 2020-12-20 10:57:06 +01:00
Davide De Rosa 44844cfd9c Update API to access current Wi-Fi SSID 2020-11-21 19:10:58 +01:00
Kirill Pahnev 014f8aabbd Make IV_UI_VER flag overridable 2020-06-29 16:31:20 +03:00
Davide De Rosa a232af1100 Redefine generic Session.serverConfiguration() 
For reuse in Session implementations.
 2020-06-13 13:32:21 +02:00
Davide De Rosa 6c3e667f80 Add a few missing nodoc 2020-06-13 13:31:15 +02:00
Davide De Rosa 74ed3cb4cd Move some initialization after logging configuration 
Logging and masking were not configured at Credentials and
ConnectionStrategy initialization time, hence the missing log
entries from e.g. ConnectionStrategy.init().
 2020-06-11 16:37:20 +02:00
Davide De Rosa 1ff936895f Improve logging of ConnectionStrategy 2020-06-11 16:22:45 +02:00
Davide De Rosa 7a278dba69 Fix nullability of partitioned route 2020-05-23 17:07:59 +02:00
Davide De Rosa 5285ba7aa8 Set reasserting to false if canRebindLink() 
Code is currently disabled (canRebindLink() is hardcoded to false),
still it's good to stay consistent with semantics of
reasserting = false, i.e. "connection has become active again".
 2020-05-09 15:01:11 +02:00
Davide De Rosa 9b82d7f9ec Evaluate reconnection without touching reasserting 
Use a different variable to signal an upcoming reconnection. Make
sure that reasserting is never set to false with the meaning of
"do not reconnect", because doing so would trigger a transient
"connected" state in the VPN.

Reverts use of cancelTunnelWithError() in sessionDidStop.
 2020-05-09 12:09:03 +02:00
Davide De Rosa 93c24a96cf Refactor with an error parameter in sessionDidStop 
Both versions prevent clients from compiling, but this version
impacts less on existing codebase.
 2020-05-09 12:09:03 +02:00
Robert Patchett 1cd00f9459 Call cancelTunnelWithError(_:) if a connection fails and won't be retried 2020-05-09 12:09:03 +02:00
Jose Blaya c22bfb3edd Set MTU value in Tunnel settings 2020-05-09 01:09:20 +02:00
Jaroslav_ 1ceeb8ddbb
SAN host check (#168) 
* Check if host is present in certificates SAN list

* Save .tlsServerHost error as .tlsServerVerification into last error

Co-authored-by: Davide De Rosa <keeshux@gmail.com>
 2020-05-09 00:02:16 +02:00
Roopesh Chander 753927f36b Fix how NETunnelInterface handles IP protocol number 
The IP protocol number passed to NEPacketTunnelFlow is determined per
packet based on the IP header, instead of determining it based on
whether IPv6 settings are available or not.
 2020-05-06 09:37:24 +05:30
Davide De Rosa 4bdf6b7006 Redefine endpoint strategy according to IPv4/6 2020-04-14 22:57:23 +02:00
Davide De Rosa 6f235e9ea2 Handle IPv4/IPv6 variants in SocketType 2020-04-14 21:54:21 +02:00
Davide De Rosa 311015950e Shut down on server "RESTART" control message 
Fixes #131
 2020-02-29 19:23:26 +01:00
Davide De Rosa a7aa78141e Update copyright clause 2020-01-11 09:26:41 +01:00
Davide De Rosa 63aa4b42d7 Use .utility QoS for tunnel queue 
Fixes #138
 2019-12-12 18:34:24 +01:00
Davide De Rosa 2687dcf36e Debug wake/sleep signals 2019-12-12 15:05:21 +01:00
Davide De Rosa 5b0df2eada Allow customization of debug log level 2019-12-12 09:42:48 +01:00
Davide De Rosa 8c4b0db301 Debug "reasserting" updates 2019-12-07 09:43:47 +01:00
Davide De Rosa 3a38b0da15 Log effective search domains 2019-10-25 19:08:44 +02:00
Davide De Rosa 645f65ccd0 Adjust Configuration.searchDomain to searchDomains 
XXX: "breaks" search domains in existing VPN profiles. Reinstall
to fix.
 2019-10-25 17:17:48 +02:00
Davide De Rosa 495944297c
Merge pull request #126 from ThinkChaos/fix_pac_logging 
Fix logging for Proxy Auto-Configuration (PAC)
 2019-10-23 13:07:03 +02:00
Davide De Rosa e5a7a09b7f Parse PAC from provider configuration 
Not propagated to AppExtension.
 2019-10-23 13:02:29 +02:00
Davide De Rosa 7608ae2e3c Expose server configuration via provider message 2019-10-23 10:27:51 +02:00
ThinkChaos 907bbe20ae Fix logging for Proxy Auto-Configuration (PAC) 2019-10-23 01:08:39 +02:00
Davide De Rosa 7d0cba8df8
Merge pull request #125 from ThinkChaos/proxy_auto_conf 
Add Proxy Auto-Configuration (PAC) support
 2019-10-22 21:55:29 +02:00
ThinkChaos 26d7b9fe0f Address review comments 2019-10-22 21:03:25 +02:00
Davide De Rosa eb09493882
Merge pull request #122 from rob-patchett/ping-timeout 
Allow keep-alive timeout to be configured by the server or client
 2019-10-22 10:51:27 +02:00
ThinkChaos c6cb5a646a Add Proxy Auto-Configuration (PAC) support 2019-10-21 21:47:45 +02:00
Robert Patchett bdf34f8882 Set tunnel provider's reasserting to false after the system starts using the tunnel 2019-10-17 14:23:16 +02:00
Robert Patchett 55f7e64f19 Allow keep alive timeout to be configured by the server or client 2019-09-30 11:54:29 -07:00
Davide De Rosa 1dcf4d7745 Shut down abruptly to work around macOS bug 
Fixes #111
 2019-07-07 23:36:06 +02:00
Davide De Rosa b04f7f20d4 Log info about DNS servers in use 2019-07-03 19:04:53 +02:00
Davide De Rosa be1081aad6 Nest subspecs by purpose 
- Protocols
- Extra
 2019-05-24 16:02:59 +02:00