Commit Graph

397 Commits

Author SHA1 Message Date
Davide De Rosa 86420ba8ea Shut down on compressed data packet
Re-inforce #65 at the data path level. Should now cover all
compression scenarios.
2019-02-28 17:16:14 +01:00
Davide De Rosa 9544e59fcf Fix missing try in test 2019-02-27 20:08:59 +01:00
Davide De Rosa f67b33bf56 Set release date 2019-02-25 23:46:46 +01:00
Davide De Rosa 3ddf1a41e8 Merge branch 'fix-some-low-level-vulns' 2019-02-25 23:45:47 +01:00
Davide De Rosa 068d05b82f Update CHANGELOG 2019-02-25 23:35:38 +01:00
Davide De Rosa 0f2a5e1e14 Check NULL when verifying EKU 2019-02-25 23:33:31 +01:00
Davide De Rosa 8fe43269ab Catch errors on CA MD5 calculation (PIA only) 2019-02-25 23:33:26 +01:00
Davide De Rosa d1b5c94be9 Fix potential overflow in AEAD IV length 2019-02-25 23:23:43 +01:00
Davide De Rosa 0750d860ba
Merge pull request #65 from keeshux/catch-compression-mismatch
Catch compression mismatch
2019-02-25 23:19:57 +01:00
Davide De Rosa 78ac025e97 Add PR link to CHANGELOG 2019-02-25 23:18:42 +01:00
Davide De Rosa 06a872c448 Add ProviderError.serverCompression mapping 2019-02-25 23:09:06 +01:00
Davide De Rosa 3aadaf0186 Shut down when server pushes compression enabled 2019-02-25 23:01:21 +01:00
Davide De Rosa 367e8b7e08 Track whether server pushed a compression option 2019-02-25 23:01:21 +01:00
Davide De Rosa 8c1b95eaa7 Group PushReply regexes 2019-02-25 23:01:21 +01:00
Davide De Rosa 842959612e XXX: Work around missing OpenSSL from ld flags
Comes from a regression in CocoaPods 1.6+ and I don't know how to
fix it properly. Neither do I want to waste too much time on it.
2019-02-25 22:55:07 +01:00
Davide De Rosa 3ee257b281
Merge pull request #64 from keeshux/make-eku-optional
Make EKU optional
2019-02-25 22:53:09 +01:00
Davide De Rosa e4dc6ea2ea Bump version 2019-02-25 11:16:27 +01:00
Davide De Rosa d4b70cd3bd Update CHANGELOG 2019-02-25 11:16:26 +01:00
Davide De Rosa d6076b045a Make checksEKU optional to fall back on decoding 2019-02-25 11:16:26 +01:00
Davide De Rosa 010da904fa Parse EKU choice in .ovpn from remote-cert-tls
Fix unhandled extra spaces in dhcp-option DNS regex.
2019-02-25 11:16:26 +01:00
Davide De Rosa 265aca0829 Make EKU verification optional in TLSBox 2019-02-25 11:16:26 +01:00
Davide De Rosa 0e891a1029 Fix OpenSSL version in pod and podspec
And bump spec to 1.4.1
2019-02-23 23:19:06 +01:00
Davide De Rosa 2373dc88f5
Merge pull request #56 from keeshux/override-dns-servers
Override DNS servers
2019-02-23 11:35:03 +01:00
Davide De Rosa e12240f33a Update CHANGELOG 2019-01-05 22:54:21 +01:00
Davide De Rosa c244b29a8f Parse DNS servers from configuration 2019-01-05 22:29:16 +01:00
Davide De Rosa 13c41d80e7 Allow overriding DNS servers
Fall back to those in PUSH_REPLY.
2019-01-05 22:25:58 +01:00
Davide De Rosa 650f0d5456 Suggest disabling Bitcode in README
Fix mentioned in #51
2018-12-14 14:31:53 +01:00
Davide De Rosa 7179d6471c Upgrade demo code to TunnelKit 1.4.0
Fixes #52
2018-12-04 20:26:17 +01:00
Davide De Rosa 62c9b98092 Update CHANGELOG 2018-11-17 18:02:32 +01:00
Davide De Rosa acb9c8c9f5 Update log sharing method in README 2018-11-12 23:38:02 +01:00
Davide De Rosa b36e7b80e6
Merge pull request #47 from keeshux/support-ovpn-files
Support .ovpn files
2018-11-12 10:43:55 +01:00
Davide De Rosa 03478b6fbf Add jazzy doc to ConfigurationParser 2018-11-12 10:42:04 +01:00
Davide De Rosa 61345a2dbe Update CHANGELOG 2018-11-10 11:16:20 +01:00
Davide De Rosa ac9ce0dba2 Document support for .ovpn 2018-11-10 10:58:46 +01:00
Davide De Rosa 0302803d3e Test configuration parser 2018-11-10 10:58:06 +01:00
Davide De Rosa 40fd2c7ede Parse configuration from .ovpn file 2018-11-10 10:58:06 +01:00
Davide De Rosa f91db4cbf1 Move EndpointProtocol/SocketType to Core 2018-11-10 10:48:17 +01:00
Davide De Rosa 0800c943a8 Add shortcut extension for creating regexes
Also expose enumeration methods for internal reuse.
2018-11-10 10:47:58 +01:00
Davide De Rosa a6bd33ae83 Bump minor version 2018-11-10 10:41:42 +01:00
Davide De Rosa 698112e220 Set release date 2018-11-08 00:00:06 +01:00
Davide De Rosa fdb7829d64 Merge branch 'expose-tag-length' 2018-11-06 10:39:30 +01:00
Davide De Rosa 36e93651ba Replace hardcoded 32 tag length in tls-crypt 2018-11-06 10:35:37 +01:00
Davide De Rosa b366925125 Hardcode digestLength to tagLength in CTR
Code is not using digestLength in any way.
2018-11-06 10:35:19 +01:00
Davide De Rosa 7ffbf41b30 Expose internal tag length, 0 if none 2018-11-06 10:31:55 +01:00
Davide De Rosa 2fde43b1fc Keep tag length constants private
Also AD length in AEAD was an unresolved relic.
2018-11-06 10:25:35 +01:00
Davide De Rosa caea6624fc Unmask IPv4 netmask and IPv6 prefix
Masking that is useless and paranoid. May help debugging.
2018-11-05 20:40:12 +01:00
Davide De Rosa dbd552116c
Merge pull request #46 from keeshux/endianness-agnostic-dns
Endianness-agnostic IPv4/UInt32 conversions
2018-11-05 20:39:17 +01:00
Davide De Rosa 9cf97250f3 Update CHANGELOG 2018-11-05 20:28:21 +01:00
Davide De Rosa e198e80595 Use standard inet_ntop/pton for IPv4 conversion
Swap endianness internally.
2018-11-05 20:21:10 +01:00
Davide De Rosa c0cdaf7aa4 Merge branch 'add-macos-test-target' 2018-11-05 20:20:57 +01:00