passepartoutvpn/tunnelkit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
740 Commits 1 Branch 58 Tags 3.2 MiB
c22bfb3edd
Commit Graph

50 Commits

Author SHA1 Message Date
Jose Blaya
c22bfb3edd Set MTU value in Tunnel settings 2020-05-09 01:09:20 +02:00
Jaroslav_
1ceeb8ddbb
SAN host check (#168) 
* Check if host is present in certificates SAN list

* Save .tlsServerHost error as .tlsServerVerification into last error

Co-authored-by: Davide De Rosa <keeshux@gmail.com>
 2020-05-09 00:02:16 +02:00
Roopesh Chander
753927f36b Fix how NETunnelInterface handles IP protocol number 
The IP protocol number passed to NEPacketTunnelFlow is determined per
packet based on the IP header, instead of determining it based on
whether IPv6 settings are available or not.
 2020-05-06 09:37:24 +05:30
Davide De Rosa
4bdf6b7006 Redefine endpoint strategy according to IPv4/6 2020-04-14 22:57:23 +02:00
Davide De Rosa
6f235e9ea2 Handle IPv4/IPv6 variants in SocketType 2020-04-14 21:54:21 +02:00
Johan Kool
ffe7fc0a0a Continue instead of early return on unknown key id 2020-04-10 13:35:12 +02:00
Davide De Rosa
a02857fdb9 Drop unused variable 2020-04-05 17:16:55 +02:00
Davide De Rosa
311015950e Shut down on server "RESTART" control message 
Fixes #131
 2020-02-29 19:23:26 +01:00
Davide De Rosa
f6d915e6dd Reset rather than nil out Authenticator 
For reuse in control channel.
 2020-02-29 19:11:15 +01:00
Davide De Rosa
a7aa78141e Update copyright clause 2020-01-11 09:26:41 +01:00
Davide De Rosa
e3241f4f4d Fix potential OOB during negotiation 
Reported by @Grivus with SoftEther.

Closes #143
 2019-12-22 16:31:57 +01:00
Davide De Rosa
2c8c2d20f8 Add comment about read failure not shutting down 2019-12-12 20:37:10 +01:00
Davide De Rosa
63aa4b42d7 Use .utility QoS for tunnel queue 
Fixes #138
 2019-12-12 18:34:24 +01:00
Davide De Rosa
88a1bdac06 Schedule ping block even just for timeout check 
In case keepAliveInterval is not set.
 2019-12-12 18:34:20 +01:00
Davide De Rosa
e6f2f3e85a Send pings at regular schedules 
Also fixes coalescing schedules.
 2019-12-12 18:34:20 +01:00
Davide De Rosa
2687dcf36e Debug wake/sleep signals 2019-12-12 15:05:21 +01:00
Davide De Rosa
8ae92d29db Log details about ping schedule 2019-12-12 14:00:43 +01:00
Davide De Rosa
5b0df2eada Allow customization of debug log level 2019-12-12 09:42:48 +01:00
Davide De Rosa
0f2bf8cf48 Fix non-existing variable in log 2019-12-12 09:34:08 +01:00
Davide De Rosa
90c118a3d0 Warn about discarded received packets 2019-12-12 09:32:34 +01:00
Davide De Rosa
66ae7973ae Discard data with missing key, do not shut down 
Probably more resilient to DoS.
 2019-12-07 09:43:47 +01:00
Davide De Rosa
8c4b0db301 Debug "reasserting" updates 2019-12-07 09:43:47 +01:00
Davide De Rosa
13027b8932 Only require --ca and --cipher from clients 
Not in a PUSH_REPLY, for example.
 2019-11-20 19:48:40 +01:00
Davide De Rosa
b1c11e3e56 Make --ca and --cipher non-optional in .ovpn 
Dodge those annoying scenarios where server cipher is not set
and defaults to BF-CBC, whereas default TunnelKit cipher
is AES-128-CBC. And data channel stalls.
 2019-11-20 01:07:39 +01:00
Davide De Rosa
3a38b0da15 Log effective search domains 2019-10-25 19:08:44 +02:00
Davide De Rosa
4e77f5b6b3 Parse multiple "dhcp-option DOMAIN" lines 2019-10-25 17:21:44 +02:00
Davide De Rosa
645f65ccd0 Adjust Configuration.searchDomain to searchDomains 
XXX: "breaks" search domains in existing VPN profiles. Reinstall
to fix.
 2019-10-25 17:17:48 +02:00
Davide De Rosa
495944297c
Merge pull request #126 from ThinkChaos/fix_pac_logging 
Fix logging for Proxy Auto-Configuration (PAC)
 2019-10-23 13:07:03 +02:00
Davide De Rosa
e5a7a09b7f Parse PAC from provider configuration 
Not propagated to AppExtension.
 2019-10-23 13:02:29 +02:00
Davide De Rosa
7608ae2e3c Expose server configuration via provider message 2019-10-23 10:27:51 +02:00
ThinkChaos
907bbe20ae Fix logging for Proxy Auto-Configuration (PAC) 2019-10-23 01:08:39 +02:00
Davide De Rosa
7d0cba8df8
Merge pull request #125 from ThinkChaos/proxy_auto_conf 
Add Proxy Auto-Configuration (PAC) support
 2019-10-22 21:55:29 +02:00
ThinkChaos
26d7b9fe0f Address review comments 2019-10-22 21:03:25 +02:00
Davide De Rosa
98b9d71eb3 Assume VPN gateway when route gw is "vpn_gateway" 2019-10-22 13:53:36 +02:00
Davide De Rosa
eb09493882
Merge pull request #122 from rob-patchett/ping-timeout 
Allow keep-alive timeout to be configured by the server or client
 2019-10-22 10:51:27 +02:00
Robert Patchett
87cb448d12 Fix comment typo 2019-10-22 10:43:57 +02:00
ThinkChaos
c6cb5a646a Add Proxy Auto-Configuration (PAC) support 2019-10-21 21:47:45 +02:00
Robert Patchett
bdf34f8882 Set tunnel provider's reasserting to false after the system starts using the tunnel 2019-10-17 14:23:16 +02:00
Robert Patchett
55f7e64f19 Allow keep alive timeout to be configured by the server or client 2019-09-30 11:54:29 -07:00
Davide De Rosa
e0ab2a1ddb Disconnect if HARD_RESET received while SOFT_RESET 
Bad condition for .staleSession

Fixes #120

See 0f2234f1d1
 2019-09-03 00:27:54 +02:00
Davide De Rosa
de21adfef6 Beware of execution queue in write callbacks 
self.link was not checked against in tunnel queue.
 2019-08-23 09:15:59 +02:00
Davide De Rosa
6b281711c7 Ignore errors from outdated link writes 
Prevents async delegation after cleanup.
 2019-08-23 09:15:57 +02:00
Davide De Rosa
a4333eaafe Revert ENOBUFS mitigation, do disconnect instead 
Reverts #87 "fix"
 2019-07-26 21:14:57 +02:00
Davide De Rosa
aefeb252b3 Do not defer stop more than once 
May cause multiple delegation and queue deadlock when a
reconnection is scheduled to trigger.

Fixes #106
 2019-07-09 14:09:02 +02:00
Davide De Rosa
2c56a8ea95 Send PUSH_REQUEST immediately after auth 
First call would always fail otherwise.
 2019-07-09 12:40:10 +02:00
Davide De Rosa
40139cbef0 Replace key flag with session-wide isRenegotiating 
Prevent new if one in progress.

Fixes #105
 2019-07-09 12:17:12 +02:00
Davide De Rosa
0f2234f1d1 Assume stale session if server sends HARD_RESET 
When unsolicited.
 2019-07-09 11:42:12 +02:00
Davide De Rosa
1dcf4d7745 Shut down abruptly to work around macOS bug 
Fixes #111
 2019-07-07 23:36:06 +02:00
Davide De Rosa
b04f7f20d4 Log info about DNS servers in use 2019-07-03 19:04:53 +02:00
Davide De Rosa
be1081aad6 Nest subspecs by purpose 
- Protocols
- Extra
 2019-05-24 16:02:59 +02:00