Commit Graph

34 Commits

Author SHA1 Message Date
Davide De Rosa 713a46d817 Update GitHub URL
Move to passepartoutvpn org.
2019-05-14 10:58:47 +02:00
Davide De Rosa a693075e90 Block LAN when redirect-gateway block-local
Fixes #81
2019-05-03 15:14:25 +02:00
Davide De Rosa 0ee39c8fb0 Extend handling of redirect-gateway flags
- def1 (IPv4)
- ipv6 (IPv6)
- !ipv4 (IPv6 only)
2019-04-27 22:55:20 +02:00
Davide De Rosa 224a76ac58 Parse --redirect-gateway from configuration
FIXME: for now only redirects ALL traffic when the option is found
in the configuration file, whatever the arguments.

Also drop unnecessary base options in tests as everything was made
optional recently.
2019-04-25 14:39:23 +02:00
Davide De Rosa 28fd80f4e0 Treat empty DNS servers as nil
Empty local DNS array was pretty much hiding server-pushed DNS.
2019-04-17 00:50:53 +02:00
Davide De Rosa 380ac2beac Throw to exit PUSH_REPLY parsing on continuation 2019-04-16 23:59:56 +02:00
Davide De Rosa 0a956f5b9f Handle dhcp-option PROXY_BYPASS 2019-04-13 19:23:02 +02:00
Davide De Rosa 5fb70b5bab Parse dhcp-option PROXY_HTTP* into Configuration 2019-04-12 08:10:47 +02:00
Davide De Rosa 5e2f9b59f1 Rename ParsingResult to Result
No need to prefix an inner class.
2019-04-04 19:22:22 +02:00
Davide De Rosa 55534df6fa Work around cipher/digest/framing issues
- Make them optional
- Set default values inside SessionProxy

Fallback is not needed anywhere else.
2019-04-04 18:51:06 +02:00
Davide De Rosa 4dc9539260 Rename OptionsError to ConfigurationError 2019-04-04 18:51:06 +02:00
Davide De Rosa a2250686b6 Merge OptionsBundle into Configuration
FIXME: issues with non-optional .cipher and .compressionFraming

Because:

- No pushed cipher (nil) is NOT .aes128cbc
- No pushed framing (nil) is NOT .disabled

Breaks conditions on pushed cipher/framing via PUSH_REPLY.
2019-04-04 18:51:06 +02:00
Davide De Rosa 7aec0637b2 Move endpoints inside SessionProxy.Configuration
Make optional.

TunnelKitProvider still gets hostname from .serverAddress rather
than SessionProxy.Configuration

Also drop useless Equatable implementations.
2019-04-04 13:09:50 +02:00
Davide De Rosa e8396ec2cd Parse search domain from configuration
Fixes #77
2019-04-03 14:29:09 +02:00
Davide De Rosa fe2ad52df0 Document OptionsBundle
Move most from SessionProxy.Configuration.
2019-04-03 13:34:08 +02:00
Davide De Rosa b9b9c4db60 Parse basic options in OptionsBundle
- Handle isEncrypted inside CryptoContainer
- Rename ParsingError to OptionsError

Reuse OptionsBundle in ConfigurationParser.
2019-04-03 13:19:16 +02:00
Davide De Rosa e7dadefabb Generalize cipher regex 2019-04-03 12:20:53 +02:00
Davide De Rosa ccb6329f05 Don't parse a block begin while inside a block
If a PEM contained anything like <foobar>, the parser was doomed.

Fixes #78
2019-04-02 19:07:48 +02:00
Davide De Rosa 11fd418f82 Extend encrypted private key quick test
Test .ovpn didn't use an PKCS#8 key due to a slip-up. Fixing it
unveiled that isEncrypted returned false for PKCS#8 keys.

Fixes #80
2019-04-02 11:41:18 +02:00
Davide De Rosa def622506b Check PKCS#1 via "Proc-Type" presence instead 2019-04-02 00:37:52 +02:00
Davide De Rosa 00c76f707f Throw specific error if unable to decrypt
Normally a bad passphrase.
2019-03-25 19:24:35 +01:00
Davide De Rosa ffcccb5420 Throw specific error on missing passphrase
So that client can retry with a passphrase.
2019-03-25 18:49:53 +01:00
Davide De Rosa b07ec88ff2 Add passphrase parameter to ConfigurationParser
Use it to decrypt encrypted PEMs.
2019-03-25 18:48:59 +01:00
Davide De Rosa 53f3048674 Add missing documentation 2019-03-25 15:46:15 +01:00
Davide De Rosa 7ce31c3184 Parse randomize endpoints from --remote-random 2019-03-25 10:32:08 +01:00
Davide De Rosa 9a6f3d638c Recognize "--compress lzo" option as legal 2019-03-20 09:04:27 +01:00
Davide De Rosa 0eb0e3e478 Parse compression from several places
- PUSH_REPLY
- .ovpn configuration
- TunnelKitProvider
2019-03-19 15:14:29 +01:00
Davide De Rosa 5cc32b1060 Wrap minilzo into dynamic Obj-C plugin
Handle library errors to some extent.
2019-03-19 15:12:46 +01:00
Davide De Rosa 7d69e09c53 Update copyright 2019-03-09 11:44:18 +01:00
Davide De Rosa e849e6c0da Reject <connection> blocks in .ovpn
- Use enumerateComponents for boolean test.
- Fix a test compile error on the way.
2019-03-04 17:39:37 +01:00
Davide De Rosa 010da904fa Parse EKU choice in .ovpn from remote-cert-tls
Fix unhandled extra spaces in dhcp-option DNS regex.
2019-02-25 11:16:26 +01:00
Davide De Rosa c244b29a8f Parse DNS servers from configuration 2019-01-05 22:29:16 +01:00
Davide De Rosa 03478b6fbf Add jazzy doc to ConfigurationParser 2018-11-12 10:42:04 +01:00
Davide De Rosa 40fd2c7ede Parse configuration from .ovpn file 2018-11-10 10:58:06 +01:00