tunnelkit

Author	SHA1	Message	Date
Davide De Rosa	8f328709c8	Wrap TKP.Configuration fields in SP.Configuration Take credentials out of SP.Configuration. Makes sense as they never appear in e.g. an .ovpn file.	2018-10-25 18:34:03 +02:00
Davide De Rosa	d6e27938bc	Make usesPIAPatches optional For compatible decoding.	2018-10-25 18:34:03 +02:00
Davide De Rosa	197d29042c	Take a cache URL in SessionProxy to store PEMs	2018-10-25 18:34:03 +02:00
Davide De Rosa	ae85337e91	Mask log.debug	2018-10-24 18:47:41 +02:00
Davide De Rosa	b1a79d6451	Shut down on server-initiated HARD_RESET Session is stale and not recoverable (lame duck).	2018-10-24 12:31:37 +02:00
Davide De Rosa	0b79ce4194	Handle server-initiated SOFT_RESET	2018-10-24 12:22:47 +02:00
Davide De Rosa	c32185b524	Review/complete mapping to ProviderError Errors from TunnelKitNative were not mapped. Also, move TLS CA verification error to TLSBox domain.	2018-10-23 23:44:25 +02:00
Davide De Rosa	f5d9720b01	Halt TLS on internal failure	2018-10-23 23:44:25 +02:00
Davide De Rosa	f725779e0e	Convert ct pulling to try/catch	2018-10-23 22:47:04 +02:00
Davide De Rosa	28d9f3ee68	Add crypt strategy	2018-10-19 17:06:29 +02:00
Davide De Rosa	8ccc4c08a5	Add auth strategy	2018-10-19 16:20:56 +02:00
Davide De Rosa	66735ec118	Prepare API to enable TLS wrapping Extensible TLSWrap parameter.	2018-10-19 16:11:35 +02:00
Davide De Rosa	9b785084e2	Customize HARD_RESET payload when PIA-patched	2018-10-18 13:31:11 +02:00
Davide De Rosa	98c5a015f3	Split endpoint and credentials Basically drop AuthenticatedEndpoint.	2018-10-06 16:22:02 +02:00
Davide De Rosa	09210b727a	Use compression framing description	2018-09-28 08:40:14 +02:00
Davide De Rosa	668474d75c	Indent negotiated parameters in log	2018-09-21 19:53:38 +02:00
Davide De Rosa	1099d9adbf	Improve control channel log readability - Use consistent convention in id logging. - Describe packet codes. - Encapsulate packet logging.	2018-09-20 09:00:11 +02:00
Davide De Rosa	ce94a594f9	Bring code/key deserialization into serializer Duplicates first byte parsing but makes testing more meaningful, because there's no need to provide a bogus code/key pair.	2018-09-20 08:59:50 +02:00
Davide De Rosa	11cb312c02	Move control channel logic to PlainSerializer	2018-09-19 22:04:52 +02:00
Davide De Rosa	3608860b9d	Move sessionId and remoteSessionId	2018-09-19 22:04:52 +02:00
Davide De Rosa	1573b2070a	Move control queue management - Out packets - In packets - Acks	2018-09-19 22:04:52 +02:00
Davide De Rosa	e6dd4de472	Move control data parsing	2018-09-19 22:04:52 +02:00
Davide De Rosa	19ce7de819	Encapsulate control state into ControlChannel First step: variables + mutating funcs.	2018-09-19 22:04:52 +02:00
Davide De Rosa	d80c0b5460	Move in/out states to a generic struct	2018-09-19 22:04:52 +02:00
Davide De Rosa	2bd9484a43	Move ControlPacket serialization to Obj-C Additionally, make sessionId non-optional in control packets. They must have it, therefore treat a missing sessionId as a programming error instead. Reuse routines for acks to make PacketMacros the only point of packets serialization.	2018-09-19 22:04:52 +02:00
Davide De Rosa	92dbb57666	Revert CommonPacket name to ControlPacket	2018-09-19 22:04:52 +02:00
Davide De Rosa	915638b163	Log negotiated parms at info level Useful when debug disabled.	2018-09-12 15:48:47 +02:00
Davide De Rosa	4af0ce8739	Refactor duplicate keep-alive code	2018-09-09 00:52:16 +02:00
Davide De Rosa	3a02557b5e	Override keep-alive with pushed interval	2018-09-09 00:52:16 +02:00
Davide De Rosa	01f65b2a7e	Always shut down on known tunnel error Not recoverable by default (e.g algorithm mismatch).	2018-09-08 00:10:35 +02:00
Davide De Rosa	ecbad85b4a	Discard 0 keep-alive interval	2018-09-08 00:06:19 +02:00
Davide De Rosa	e5918d1b05	Override framing with pushed if available	2018-09-07 15:11:44 +02:00
Davide De Rosa	55cdd6227c	Interpret 0 reneg seconds as never	2018-09-07 14:58:56 +02:00
Davide De Rosa	3543f7aab3	Omit sensitive data from PUSH_REPLY log Namely auth-token.	2018-09-02 12:48:45 +02:00
Davide De Rosa	81eb18619d	Pick cipher from PUSH_REPLY if present	2018-09-02 02:09:20 +02:00
Davide De Rosa	31e694859f	Cache aggregated PushReply object - authToken - peerId - cipher Retain across soft resets.	2018-09-02 02:09:20 +02:00
Davide De Rosa	e900454504	Share connection completion code Across hard and soft reset.	2018-09-02 02:09:20 +02:00
Davide De Rosa	c930cda065	Consolidate DataPath with new flow	2018-09-02 02:09:20 +02:00
Davide De Rosa	c01ac7e1e3	Postpone keys setup until after PUSH_REPLY And rename to setupEncryption() for ambiguity with SessionKey.	2018-09-02 02:09:20 +02:00
Davide De Rosa	5bf7813d56	Forward compound SessionReply to delegate Improves extensibility.	2018-08-30 18:02:12 +02:00
Davide De Rosa	209889b9d2	Make compression framing an enum option - Disabled: no framing (default) - CompLZO: NO_COMPRESS - Compress: NO_COMPRESS_SWAP	2018-08-30 12:43:36 +02:00
Davide De Rosa	a4c109a916	Bridge client cert from SessionProxy to TLSBox	2018-08-28 12:55:27 +02:00
Davide De Rosa	b7a48d4f4f	Support client certificate in TLSBox	2018-08-28 12:55:27 +02:00
Davide De Rosa	b172f79719	Re-license with proper per-file notices Clarify explicitly the author/extent of the fork, with proper credit to the original project's license and copyright holder.	2018-08-28 12:53:14 +02:00
Davide De Rosa	9f54e624ee	Expose LZO framing option	2018-08-24 00:27:45 +02:00
Davide De Rosa	fe7a2c6941	Drop a few old commented lines	2018-08-23 18:51:36 +02:00
Davide De Rosa	2459fe1bfd	Move a few classes inside SessionProxy - Authenticator - EncryptionBridge (formerly EncryptionProxy) - PushReply - SessionKey They only make sense there. Content unchanged.	2018-08-23 18:51:36 +02:00
Davide De Rosa	6d5e9f68a9	Move cipher/digest enums to Core Restrict choice to supported OpenSSL algorithms.	2018-08-23 18:51:36 +02:00
Davide De Rosa	8a9e99e6a9	Wrap SessionProxy configuration in a builder	2018-08-23 18:51:36 +02:00
Davide De Rosa	897e824340	Enforce use of non-preset CA certificates	2018-08-23 12:11:55 +02:00

1 2

53 Commits