Commit Graph

9 Commits

Author SHA1 Message Date
Davide De Rosa f4508911aa Refine Keychain class
- Require context (kSecAttrService)

- Support userDefined parameter (kSecAttrGeneric)
2022-03-21 17:28:44 +01:00
Davide De Rosa 3741a17c20 Rewrite Manager package to make it stateless
In order to avoid chaos from multiple profiles, retain the
profile to be installed and remove all the other ones. Also,
make sure to do the removal AFTER install, as doing it
before would trigger the VPN permission alert again.

XXX: there is some weird behavior from NetworkExtension
occasionally sending notifications with a bogus NEVPNManager
object having a nil .localizedDescription and other properties set
to nonsensical values. Discard the notification when such an object
is identified.

Encapsulate extra NetworkExtension settings:

- passwordReference
- onDemandRules
- disconnectsOnSleep

Also:

- Only set on-demand if any rules are set
- Assume VPN is enabled even with on-demand disabled
- Use DataCount instead of raw Int pair

Attach useful information to VPN notifications:

- VPN isEnabled
- VPN status
- VPN command error
- Tunnel bundle identifier (if available)

Expose specific OpenVPN/WireGuard shared data via extensions in
UserDefaults/FileManager.

Finally, drop incomplete IKE support. No fit.
2022-03-12 10:35:39 +01:00
Davide De Rosa 2646762bb4 [ci skip] Update copyright 2022-02-04 12:57:40 +01:00
Davide De Rosa 871e51517c Relax macOS target to 10.14
Requires updating OpenSSL package.
2022-02-02 23:24:29 +01:00
Davide De Rosa bb5cd1e1ab Return password reference at the time of setting
Simplifies app/extension IPC.
2021-11-23 19:17:43 +01:00
Davide De Rosa 8e6624e113 Strip dependencies on TunnelKitCore
- TunnelKitManager
- TunnelKitIKE
- TunnelKitOpenVPNManager
2021-11-23 13:17:52 +01:00
Davide De Rosa 9e14f33235 Drop jazzy, will use DocC 2021-11-12 10:00:55 +01:00
Davide De Rosa 50064fc3d0 Increase components granularity
Minimize target dependency on OpenSSL (easier to drop later).

Outside of OpenVPN tunnel extension, OpenSSL is only used to
decrypt encrypted private keys in CryptoContainer (found in
TunnelKitOpenVPNCore, therefore "temporarily" dependent on
CTunnelKitOpenVPNAppExtension for TLSBox/CryptoBox).
2021-11-11 15:18:03 +01:00
Davide De Rosa 50ea1ea81a Convert CocoaPods project to SwiftPM 2021-10-26 15:43:10 +02:00