663cab34c9
Centralize reconnection delay
2020-12-20 19:43:23 +01:00
014f8aabbd
Make IV_UI_VER flag overridable
2020-06-29 16:31:20 +03:00
f424d4a064
Add missing entities from docs
2020-06-13 17:38:28 +02:00
a232af1100
Redefine generic Session.serverConfiguration()
...
For reuse in Session implementations.
2020-06-13 13:32:21 +02:00
7a278dba69
Fix nullability of partitioned route
2020-05-23 17:07:59 +02:00
9095ea250e
Address concerns from Guido Vranken fuzzers ( #141 )
...
* 002: Assert return value of snprintf/getnameinfo
* 003: Address OOB reads on decrypted data
* 004: Handle boundary prefixes in .partitioned()
* 005: Fix OOB read in matchesDestination()
* 006: Fix parsing in netname6()
* 007: Fix incorrect use of sizeof()
* 008: Add safety checks in MSSFix()
* 009: Fix bad usage of minilzo calls
* Add checks after RoutingTableEntryAddress4/6
2020-05-16 15:10:07 +02:00
01554713b8
Move IP header logic to separate struct
2020-05-12 13:07:09 +02:00
1ceeb8ddbb
SAN host check ( #168 )
...
* Check if host is present in certificates SAN list
* Save .tlsServerHost error as .tlsServerVerification into last error
Co-authored-by: Davide De Rosa <keeshux@gmail.com>
2020-05-09 00:02:16 +02:00
40eb98fd72
Return IP version-aware records from DNSResolver
...
FIXME: compilation errors in ConnectionStrategy and related.
2020-04-14 22:57:08 +02:00
6f235e9ea2
Handle IPv4/IPv6 variants in SocketType
2020-04-14 21:54:21 +02:00
c7595ed295
Rewrite IPv4-to-String conversion
...
Flaky Swift pointer API.
2020-04-14 21:54:19 +02:00
deff855bbc
Fix pointers to local buffers
2020-04-05 17:30:17 +02:00
a7aa78141e
Update copyright clause
2020-01-11 09:26:41 +01:00
dcac7cb2d4
Fix hidden IPv4Settings fields
2019-10-23 10:55:37 +02:00
d22f40f7e9
Fix potential OOB in memcmp()
2019-09-17 23:41:35 +02:00
d815f5222f
Change var to let
...
Xcode no more signals wrong side-effect in withUnsafeBytes.
2019-09-17 16:09:09 +02:00
eb56a9a56c
Optimize [Data].flatCount
2019-06-05 14:14:15 +02:00
2ddf712176
Update jazzy YAML
2019-05-24 16:04:19 +02:00
21eee24e7c
Add missing documentation
2019-05-24 16:02:06 +02:00
72ce14b676
Make AppExtension entities public
2019-05-24 16:02:06 +02:00
9445b825d0
Make AppExtension generic
...
- Make AppExtension a standalone util subspec
- Move OpenVPN tunnel provider to OpenVPN subspec
- Move Utils to Core subspec
- Depend OpenVPN on Core + AppExtension
2019-05-24 10:41:26 +02:00
6ebf025859
Take Session protocol out of OpenVPNSession
...
Fix some doc.
2019-05-19 15:08:43 +02:00
313d076ddf
Move Error extension to Core
2019-05-19 14:34:27 +02:00
50d492096f
Move a few generic entities to Core
...
- IPv4Settings
- IPv6Settings
- Proxy
- EndpointProtocol (Codable)
2019-05-19 12:40:20 +02:00
930f05c984
Move OpenVPN timeouts out of Core
2019-05-19 12:39:51 +02:00
5b81aa6a78
Drop "Box" from error codes
2019-05-19 12:22:32 +02:00
9da7fa9667
Split Core into Core+OpenVPN
...
Two Obj-C modules:
- __TunnelKitCore
- __TunnelKitOpenVPN
Seems the only way to do it in multiple module maps.
Move OpenVPN specifics out of CoreConfiguration.
2019-05-19 12:22:32 +02:00
491092f2a3
Drop extra header lines
2019-05-19 12:21:44 +02:00
21b67fd9ff
Make CoreConfiguration a class for bundle lookup
2019-05-19 11:36:26 +02:00
470c50b037
Return just <masked> when masked description
...
Why bother with useless hashes?
2019-05-19 11:36:26 +02:00
d19e029131
Use guard
2019-05-19 11:36:26 +02:00
713a46d817
Update GitHub URL
...
Move to passepartoutvpn org.
2019-05-14 10:58:47 +02:00
7cbcfcd264
Fix condition for SOFT_RESET
...
May receive multiple packets while handling in progress.
2019-05-13 12:15:44 +02:00
3a136bdce9
Make TLS security level an option
...
Default level by default.
2019-05-08 16:10:35 +02:00
82f0431303
Take optional securityLevel field in TLSBox
2019-05-08 15:54:05 +02:00
97f178cdac
Tolerate weak certificates
...
Lower SSL security level.
Fixes #97
2019-05-05 17:51:24 +02:00
273007cc59
Copy route.h from macOS
...
Missing on iOS.
2019-05-03 15:14:25 +02:00
a693075e90
Block LAN when redirect-gateway block-local
...
Fixes #81
2019-05-03 15:14:25 +02:00
13cae06a49
Add method to partition a subnet
2019-05-03 15:14:25 +02:00
03a1eb2203
Return IPv4 network mask for a route
2019-05-03 15:14:25 +02:00
4295e63c98
Read relevant routing table
2019-05-03 15:14:25 +02:00
1430241b0c
Do not fake BF-CBC, pleae
2019-05-01 23:18:54 +02:00
037f08ed62
Retry auth once without local options
...
Hack around picky server implementations.
Fixes #95
2019-05-01 11:14:52 +02:00
14b7f08fb5
Use strict ordering in local options
...
And add TLS wrapping.
2019-05-01 11:14:38 +02:00
7389d72f1f
Fix mutable SessionProxy.Configuration
2019-05-01 11:14:38 +02:00
0ee39c8fb0
Extend handling of redirect-gateway flags
...
- def1 (IPv4)
- ipv6 (IPv6)
- !ipv4 (IPv6 only)
2019-04-27 22:55:20 +02:00
a48bcc7261
Decrypt generic EVP private key
...
Why PKCS#8?
2019-04-27 10:54:32 +02:00
e0c06ece18
Drop extra EVP_PKEY_free call
2019-04-27 10:44:08 +02:00
6fb409b112
Drop UDP packets on no buffer space available
...
Tolerate only on data channel. Control channel should never reach
high speeds.
Fixes #87
2019-04-25 17:29:10 +02:00
31d9019f1a
Read system-wide DNS servers
...
Add libresolv to podspec.
2019-04-25 16:36:16 +02:00
Davide De Rosa
Kirill Pahnev
Jaroslav_