f9f642b64e
Set as default gateway based on routing policies
...
Also fix IPv6 routes not properly set.
2019-04-25 14:39:40 +02:00
224a76ac58
Parse --redirect-gateway from configuration
...
FIXME: for now only redirects ALL traffic when the option is found
in the configuration file, whatever the arguments.
Also drop unnecessary base options in tests as everything was made
optional recently.
2019-04-25 14:39:23 +02:00
1b8647bcac
Convert PacketSteram to Obj-C
...
For better TCP efficiency.
2019-04-25 12:42:29 +02:00
ef5180a4ed
Set tls-auth/crypt timestamp once
...
Packets rejected due to replay protection.
Fixes #88
Fixes #61
2019-04-23 23:07:32 +02:00
65af163aeb
Do not resend non-acked packets if reliable
...
In control channel.
2019-04-23 23:06:39 +02:00
707db2c6de
Add keydir to local options
2019-04-20 17:20:45 +02:00
9b8be02c2a
Shut down when no IPv4/6 routing available
...
Would fake-connect without VPN icon otherwise.
2019-04-19 09:45:15 +02:00
c565e32dcd
Add "dev-type tun" to local options
...
Plus other hardcoded options like key-method and tls-client.
Seems that older OpenVPN servers didn't send routing info in
PUSH_REPLY if dev-type is not specified explicitly.
Fixes #86
2019-04-18 13:10:57 +02:00
887e2ae55d
Consider stale if HARD_RESET while connected
...
Was disconnecting when more than one HARD_RESET_SERVER was
received during negotiation.
2019-04-17 09:24:16 +02:00
28fd80f4e0
Treat empty DNS servers as nil
...
Empty local DNS array was pretty much hiding server-pushed DNS.
2019-04-17 00:50:53 +02:00
6fd6d228bf
Loop pulling plain text from TLS
...
There might be more data to read.
Fixes #71 , #73
2019-04-17 00:18:02 +02:00
88cd62064a
Handle continuation in PUSH_REPLY
2019-04-16 23:59:56 +02:00
380ac2beac
Throw to exit PUSH_REPLY parsing on continuation
2019-04-16 23:59:56 +02:00
d097afccdc
Resend PUSH_REQUEST every 2 seconds
...
Regardless of link reliability.
2019-04-16 23:43:33 +02:00
ad964e2041
Send local options with authentication
...
Fixes some obsolete servers requiring cipher keysize.
2019-04-15 17:37:57 +02:00
322242de5c
Fix malformed key generation message
...
Make nullTerminated argument explicit, easier to debug.
Fixes #67
2019-04-13 23:55:18 +02:00
0a956f5b9f
Handle dhcp-option PROXY_BYPASS
2019-04-13 19:23:02 +02:00
5fb70b5bab
Parse dhcp-option PROXY_HTTP* into Configuration
2019-04-12 08:10:47 +02:00
26cec205a7
Move builder() to extension
2019-04-11 16:46:52 +02:00
3717136bd9
Move EndpointProtocol Codable to Core spec
2019-04-05 00:46:45 +02:00
5e2f9b59f1
Rename ParsingResult to Result
...
No need to prefix an inner class.
2019-04-04 19:22:22 +02:00
7333ea226c
Document ignored settings client-side
2019-04-04 18:51:06 +02:00
55534df6fa
Work around cipher/digest/framing issues
...
- Make them optional
- Set default values inside SessionProxy
Fallback is not needed anywhere else.
2019-04-04 18:51:06 +02:00
0d86bd20b6
Expose ConfigurationBuilder.init()
2019-04-04 18:51:06 +02:00
4dc9539260
Rename OptionsError to ConfigurationError
2019-04-04 18:51:06 +02:00
a2250686b6
Merge OptionsBundle into Configuration
...
FIXME: issues with non-optional .cipher and .compressionFraming
Because:
- No pushed cipher (nil) is NOT .aes128cbc
- No pushed framing (nil) is NOT .disabled
Breaks conditions on pushed cipher/framing via PUSH_REPLY.
2019-04-04 18:51:06 +02:00
7aec0637b2
Move endpoints inside SessionProxy.Configuration
...
Make optional.
TunnelKitProvider still gets hostname from .serverAddress rather
than SessionProxy.Configuration
Also drop useless Equatable implementations.
2019-04-04 13:09:50 +02:00
e8396ec2cd
Parse search domain from configuration
...
Fixes #77
2019-04-03 14:29:09 +02:00
370e68aa3f
Parse search domain from dhcp-option DOMAIN
2019-04-03 14:29:09 +02:00
fe2ad52df0
Document OptionsBundle
...
Move most from SessionProxy.Configuration.
2019-04-03 13:34:08 +02:00
f9ae3412a5
Move malformed error out of unrelated SessionError
...
Also give more detail about the reason.
2019-04-03 13:20:49 +02:00
42232804ca
Rename file to public entity
2019-04-03 13:19:47 +02:00
49c805af52
Fix a few isHandled
...
Skip to exclude from strippedLines.
2019-04-03 13:19:47 +02:00
9876c81de5
Parse PUSH_REPLY options in OptionsBundle
...
- auth-token
- peer-id
- Routing
Reorganize options by semantic.
Reuse OptionsBundle in PushReply.
2019-04-03 13:19:21 +02:00
b9b9c4db60
Parse basic options in OptionsBundle
...
- Handle isEncrypted inside CryptoContainer
- Rename ParsingError to OptionsError
Reuse OptionsBundle in ConfigurationParser.
2019-04-03 13:19:16 +02:00
e7dadefabb
Generalize cipher regex
2019-04-03 12:20:53 +02:00
d72b583900
Improve parsing of PUSH_REPLY prefix
2019-04-03 12:20:53 +02:00
27901c991b
Skip deinit documentation
2019-04-02 19:18:23 +02:00
ccb6329f05
Don't parse a block begin while inside a block
...
If a PEM contained anything like <foobar>, the parser was doomed.
Fixes #78
2019-04-02 19:07:48 +02:00
11fd418f82
Extend encrypted private key quick test
...
Test .ovpn didn't use an PKCS#8 key due to a slip-up. Fixing it
unveiled that isEncrypted returned false for PKCS#8 keys.
Fixes #80
2019-04-02 11:41:18 +02:00
22f80735ca
Strip certificate preamble
...
Fixes #78
2019-04-02 00:55:58 +02:00
def622506b
Check PKCS#1 via "Proc-Type" presence instead
2019-04-02 00:37:52 +02:00
47b80d5361
Refactor to decrypt generic key
2019-04-02 00:31:54 +02:00
0bfc1e08eb
Fix retarded Swift pointer API somehow
2019-03-30 23:18:45 +01:00
207a4f063a
Replace deprecated Data(bytes:)
2019-03-30 23:18:45 +01:00
8dfd5f23c1
Handle unknown enum defaults
2019-03-30 23:18:45 +01:00
f686a0aee4
Fix Xcode warnings
2019-03-30 20:16:04 +01:00
44fb5a5b48
Track data count in shared UserDefaults
...
Default disabled (dataCountInterval = 0).
2019-03-30 19:56:26 +01:00
00c76f707f
Throw specific error if unable to decrypt
...
Normally a bad passphrase.
2019-03-25 19:24:35 +01:00
ffcccb5420
Throw specific error on missing passphrase
...
So that client can retry with a passphrase.
2019-03-25 18:49:53 +01:00
Davide De Rosa