passepartoutvpn/tunnelkit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
819 Commits 1 Branch 58 Tags 3.2 MiB
6cb04da05d
Commit Graph

277 Commits

Author SHA1 Message Date
Davide De Rosa
ba3ead13a3 Update copyright 2020-12-27 17:29:39 +01:00
Davide De Rosa
663cab34c9 Centralize reconnection delay 2020-12-20 19:43:23 +01:00
Kirill Pahnev
014f8aabbd Make IV_UI_VER flag overridable 2020-06-29 16:31:20 +03:00
Davide De Rosa
f424d4a064 Add missing entities from docs 2020-06-13 17:38:28 +02:00
Davide De Rosa
a232af1100 Redefine generic Session.serverConfiguration() 
For reuse in Session implementations.
 2020-06-13 13:32:21 +02:00
Davide De Rosa
7a278dba69 Fix nullability of partitioned route 2020-05-23 17:07:59 +02:00
Davide De Rosa
9095ea250e
Address concerns from Guido Vranken fuzzers (#141) 
* 002: Assert return value of snprintf/getnameinfo

* 003: Address OOB reads on decrypted data

* 004: Handle boundary prefixes in .partitioned()

* 005: Fix OOB read in matchesDestination()

* 006: Fix parsing in netname6()

* 007: Fix incorrect use of sizeof()

* 008: Add safety checks in MSSFix()

* 009: Fix bad usage of minilzo calls

* Add checks after RoutingTableEntryAddress4/6
 2020-05-16 15:10:07 +02:00
Davide De Rosa
01554713b8 Move IP header logic to separate struct 2020-05-12 13:07:09 +02:00
Jaroslav_
1ceeb8ddbb
SAN host check (#168) 
* Check if host is present in certificates SAN list

* Save .tlsServerHost error as .tlsServerVerification into last error

Co-authored-by: Davide De Rosa <keeshux@gmail.com>
 2020-05-09 00:02:16 +02:00
Davide De Rosa
40eb98fd72 Return IP version-aware records from DNSResolver 
FIXME: compilation errors in ConnectionStrategy and related.
 2020-04-14 22:57:08 +02:00
Davide De Rosa
6f235e9ea2 Handle IPv4/IPv6 variants in SocketType 2020-04-14 21:54:21 +02:00
Davide De Rosa
c7595ed295 Rewrite IPv4-to-String conversion 
Flaky Swift pointer API.
 2020-04-14 21:54:19 +02:00
Davide De Rosa
deff855bbc Fix pointers to local buffers 2020-04-05 17:30:17 +02:00
Davide De Rosa
a7aa78141e Update copyright clause 2020-01-11 09:26:41 +01:00
Davide De Rosa
dcac7cb2d4 Fix hidden IPv4Settings fields 2019-10-23 10:55:37 +02:00
Davide De Rosa
d22f40f7e9 Fix potential OOB in memcmp() 2019-09-17 23:41:35 +02:00
Davide De Rosa
d815f5222f Change var to let 
Xcode no more signals wrong side-effect in withUnsafeBytes.
 2019-09-17 16:09:09 +02:00
Davide De Rosa
eb56a9a56c Optimize [Data].flatCount 2019-06-05 14:14:15 +02:00
Davide De Rosa
2ddf712176 Update jazzy YAML 2019-05-24 16:04:19 +02:00
Davide De Rosa
21eee24e7c Add missing documentation 2019-05-24 16:02:06 +02:00
Davide De Rosa
72ce14b676 Make AppExtension entities public 2019-05-24 16:02:06 +02:00
Davide De Rosa
9445b825d0 Make AppExtension generic 
- Make AppExtension a standalone util subspec
- Move OpenVPN tunnel provider to OpenVPN subspec
- Move Utils to Core subspec
- Depend OpenVPN on Core + AppExtension
 2019-05-24 10:41:26 +02:00
Davide De Rosa
6ebf025859 Take Session protocol out of OpenVPNSession 
Fix some doc.
 2019-05-19 15:08:43 +02:00
Davide De Rosa
313d076ddf Move Error extension to Core 2019-05-19 14:34:27 +02:00
Davide De Rosa
50d492096f Move a few generic entities to Core 
- IPv4Settings
- IPv6Settings
- Proxy
- EndpointProtocol (Codable)
 2019-05-19 12:40:20 +02:00
Davide De Rosa
930f05c984 Move OpenVPN timeouts out of Core 2019-05-19 12:39:51 +02:00
Davide De Rosa
5b81aa6a78 Drop "Box" from error codes 2019-05-19 12:22:32 +02:00
Davide De Rosa
9da7fa9667 Split Core into Core+OpenVPN 
Two Obj-C modules:

- __TunnelKitCore
- __TunnelKitOpenVPN

Seems the only way to do it in multiple module maps.

Move OpenVPN specifics out of CoreConfiguration.
 2019-05-19 12:22:32 +02:00
Davide De Rosa
491092f2a3 Drop extra header lines 2019-05-19 12:21:44 +02:00
Davide De Rosa
21b67fd9ff Make CoreConfiguration a class for bundle lookup 2019-05-19 11:36:26 +02:00
Davide De Rosa
470c50b037 Return just <masked> when masked description 
Why bother with useless hashes?
 2019-05-19 11:36:26 +02:00
Davide De Rosa
d19e029131 Use guard 2019-05-19 11:36:26 +02:00
Davide De Rosa
713a46d817 Update GitHub URL 
Move to passepartoutvpn org.
 2019-05-14 10:58:47 +02:00
Davide De Rosa
7cbcfcd264 Fix condition for SOFT_RESET 
May receive multiple packets while handling in progress.
 2019-05-13 12:15:44 +02:00
Davide De Rosa
3a136bdce9 Make TLS security level an option 
Default level by default.
 2019-05-08 16:10:35 +02:00
Davide De Rosa
82f0431303 Take optional securityLevel field in TLSBox 2019-05-08 15:54:05 +02:00
Davide De Rosa
97f178cdac Tolerate weak certificates 
Lower SSL security level.

Fixes #97
 2019-05-05 17:51:24 +02:00
Davide De Rosa
273007cc59 Copy route.h from macOS 
Missing on iOS.
 2019-05-03 15:14:25 +02:00
Davide De Rosa
a693075e90 Block LAN when redirect-gateway block-local 
Fixes #81
 2019-05-03 15:14:25 +02:00
Davide De Rosa
13cae06a49 Add method to partition a subnet 2019-05-03 15:14:25 +02:00
Davide De Rosa
03a1eb2203 Return IPv4 network mask for a route 2019-05-03 15:14:25 +02:00
Davide De Rosa
4295e63c98 Read relevant routing table 2019-05-03 15:14:25 +02:00
Davide De Rosa
1430241b0c Do not fake BF-CBC, pleae 2019-05-01 23:18:54 +02:00
Davide De Rosa
037f08ed62 Retry auth once without local options 
Hack around picky server implementations.

Fixes #95
 2019-05-01 11:14:52 +02:00
Davide De Rosa
14b7f08fb5 Use strict ordering in local options 
And add TLS wrapping.
 2019-05-01 11:14:38 +02:00
Davide De Rosa
7389d72f1f Fix mutable SessionProxy.Configuration 2019-05-01 11:14:38 +02:00
Davide De Rosa
0ee39c8fb0 Extend handling of redirect-gateway flags 
- def1 (IPv4)
- ipv6 (IPv6)
- !ipv4 (IPv6 only)
 2019-04-27 22:55:20 +02:00
Davide De Rosa
a48bcc7261 Decrypt generic EVP private key 
Why PKCS#8?
 2019-04-27 10:54:32 +02:00
Davide De Rosa
e0c06ece18 Drop extra EVP_PKEY_free call 2019-04-27 10:44:08 +02:00
Davide De Rosa
6fb409b112 Drop UDP packets on no buffer space available 
Tolerate only on data channel. Control channel should never reach
high speeds.

Fixes #87
 2019-04-25 17:29:10 +02:00