passepartoutvpn/tunnelkit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
844 Commits 1 Branch 58 Tags 3.2 MiB
c15d6f521a
Commit Graph

450 Commits

Author SHA1 Message Date
Davide De Rosa
c15d6f521a Parse dataCiphersFallback as last resort 
Prioritize over deprecate cipher.
 2021-01-08 19:50:28 +01:00
Davide De Rosa
7ea088e4a1 Make peerInfo dynamic to add IV_CIPHERS 
Fixes #193
 2021-01-08 19:41:16 +01:00
Davide De Rosa
119d2f02e4 Add OpenVPN dataCiphers field 2021-01-08 19:26:20 +01:00
Davide De Rosa
80d99cab6c Refactor legacy parsing of provider configuration 
Leverage Codable implementation of OpenVPN*.Configuration
 2021-01-03 10:47:06 +01:00
Davide De Rosa
e923382c81 Default to unspecified MTU 
Hardcode control channel packets to 1000 bytes.
 2020-12-28 16:04:15 +01:00
Davide De Rosa
1966143fe9 Parse MTU from --tun-mtu 2020-12-28 13:07:19 +01:00
Davide De Rosa
6cb04da05d Add MTU to OpenVPN layer 2020-12-28 13:02:09 +01:00
Davide De Rosa
e3ce38e47e Remove MTU from AppExtension layer 2020-12-27 22:51:58 +01:00
Davide De Rosa
ba3ead13a3 Update copyright 2020-12-27 17:29:39 +01:00
Davide De Rosa
663cab34c9 Centralize reconnection delay 2020-12-20 19:43:23 +01:00
Davide De Rosa
304d0215b6 Use keychain service as item context 
Primary key = (context, username)
 2020-12-20 10:57:06 +01:00
Davide De Rosa
4a5bc92fcb Remove password inside try/catch 2020-12-18 19:11:52 +01:00
Davide De Rosa
ecb2c951a8 Handle keychain cancelation 
E.g. stop on "Deny" button.
 2020-12-18 19:11:52 +01:00
Davide De Rosa
6b8d88fef5 Consider last appearing DOMAIN option 2020-12-15 13:59:06 +01:00
Davide De Rosa
7535458339 Parse domain option 2020-12-11 17:09:15 +01:00
Davide De Rosa
44844cfd9c Update API to access current Wi-Fi SSID 2020-11-21 19:10:58 +01:00
Davide De Rosa
e098117bf1 Drop StandardVPNProvider class name 
Had only renamed file, not class.

See 945bb1b9b7
 2020-11-15 22:09:02 +01:00
Davide De Rosa
945bb1b9b7 Fix context of StandardVPNProvider 
Not generic, rather an OpenVPN implementation.

- Move to OpenVPN subspec
- Rename to OpenVPNProvider
- Depend OpenVPN on Manager
 2020-11-15 21:12:53 +01:00
Davide De Rosa
65234cefa3
Merge pull request #178 from pahnev/master 
Make IV_UI_VER flag overridable
 2020-07-11 11:17:15 +02:00
Davide De Rosa
683617ddd4 Use active profile name in VPN configuration 
Rather than "Passepartout", as seen in device settings.
 2020-07-02 19:26:50 +02:00
Kirill Pahnev
014f8aabbd Make IV_UI_VER flag overridable 2020-06-29 16:31:20 +03:00
Davide De Rosa
e0781926e8
Merge pull request #177 from pahnev/master 
Set IV_PLAT based on current OS
 2020-06-29 13:35:11 +02:00
Kirill Pahnev
d3caa5c4ad Set IV_PLAT based on current OS 2020-06-29 13:00:17 +03:00
Davide De Rosa
8c405e7ea5 Add String value to VPNStatus 2020-06-13 17:51:46 +02:00
Davide De Rosa
10aec5185d Document Manager subspec 
Refactor notifications to newer Swift convention.
 2020-06-13 17:38:55 +02:00
Davide De Rosa
5807924202 Create "Manager" subspec 
- Move VPN helpers from Passepartout
- Initialize VPN.shared explicitly
- Expose internal *VPNConfiguration constructors
 2020-06-13 17:38:55 +02:00
Davide De Rosa
f424d4a064 Add missing entities from docs 2020-06-13 17:38:28 +02:00
Davide De Rosa
a232af1100 Redefine generic Session.serverConfiguration() 
For reuse in Session implementations.
 2020-06-13 13:32:21 +02:00
Davide De Rosa
6c3e667f80 Add a few missing nodoc 2020-06-13 13:31:15 +02:00
Davide De Rosa
74ed3cb4cd Move some initialization after logging configuration 
Logging and masking were not configured at Credentials and
ConnectionStrategy initialization time, hence the missing log
entries from e.g. ConnectionStrategy.init().
 2020-06-11 16:37:20 +02:00
Davide De Rosa
1ff936895f Improve logging of ConnectionStrategy 2020-06-11 16:22:45 +02:00
Davide De Rosa
7a278dba69 Fix nullability of partitioned route 2020-05-23 17:07:59 +02:00
Davide De Rosa
17cb2601be Fix unused result warning 2020-05-23 17:05:46 +02:00
Davide De Rosa
9095ea250e
Address concerns from Guido Vranken fuzzers (#141) 
* 002: Assert return value of snprintf/getnameinfo

* 003: Address OOB reads on decrypted data

* 004: Handle boundary prefixes in .partitioned()

* 005: Fix OOB read in matchesDestination()

* 006: Fix parsing in netname6()

* 007: Fix incorrect use of sizeof()

* 008: Add safety checks in MSSFix()

* 009: Fix bad usage of minilzo calls

* Add checks after RoutingTableEntryAddress4/6
 2020-05-16 15:10:07 +02:00
Davide De Rosa
01554713b8 Move IP header logic to separate struct 2020-05-12 13:07:09 +02:00
Davide De Rosa
f1a28a8d32 Revert to more efficient ternary op in IP header 
See #169 and 753927f36b
 2020-05-12 12:59:33 +02:00
Davide De Rosa
5285ba7aa8 Set reasserting to false if canRebindLink() 
Code is currently disabled (canRebindLink() is hardcoded to false),
still it's good to stay consistent with semantics of
reasserting = false, i.e. "connection has become active again".
 2020-05-09 15:01:11 +02:00
Davide De Rosa
9b82d7f9ec Evaluate reconnection without touching reasserting 
Use a different variable to signal an upcoming reconnection. Make
sure that reasserting is never set to false with the meaning of
"do not reconnect", because doing so would trigger a transient
"connected" state in the VPN.

Reverts use of cancelTunnelWithError() in sessionDidStop.
 2020-05-09 12:09:03 +02:00
Davide De Rosa
93c24a96cf Refactor with an error parameter in sessionDidStop 
Both versions prevent clients from compiling, but this version
impacts less on existing codebase.
 2020-05-09 12:09:03 +02:00
Robert Patchett
1cd00f9459 Call cancelTunnelWithError(_:) if a connection fails and won't be retried 2020-05-09 12:09:03 +02:00
Jose Blaya
c22bfb3edd Set MTU value in Tunnel settings 2020-05-09 01:09:20 +02:00
Jaroslav_
1ceeb8ddbb
SAN host check (#168) 
* Check if host is present in certificates SAN list

* Save .tlsServerHost error as .tlsServerVerification into last error

Co-authored-by: Davide De Rosa <keeshux@gmail.com>
 2020-05-09 00:02:16 +02:00
Davide De Rosa
60213bafb8 Fix and improve #169 
- Use constants
- Check packet length for OOB read
- Replace assertion with logging
 2020-05-08 21:01:36 +02:00
Roopesh Chander
753927f36b Fix how NETunnelInterface handles IP protocol number 
The IP protocol number passed to NEPacketTunnelFlow is determined per
packet based on the IP header, instead of determining it based on
whether IPv6 settings are available or not.
 2020-05-06 09:37:24 +05:30
Davide De Rosa
d74a7bf637
Merge pull request #162 from johankool/feature/mojave 
Mitigate IP traffic breaking on Mojave
 2020-04-15 11:21:18 +02:00
Davide De Rosa
4bdf6b7006 Redefine endpoint strategy according to IPv4/6 2020-04-14 22:57:23 +02:00
Davide De Rosa
40eb98fd72 Return IP version-aware records from DNSResolver 
FIXME: compilation errors in ConnectionStrategy and related.
 2020-04-14 22:57:08 +02:00
Davide De Rosa
6f235e9ea2 Handle IPv4/IPv6 variants in SocketType 2020-04-14 21:54:21 +02:00
Davide De Rosa
c7595ed295 Rewrite IPv4-to-String conversion 
Flaky Swift pointer API.
 2020-04-14 21:54:19 +02:00
Johan Kool
78e332d48b Force IPv4 on Mojave otherwise it breaks 2020-04-10 13:37:15 +02:00