passepartoutvpn/tunnelkit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
454 Commits 1 Branch 58 Tags 3.2 MiB
cfe61d5d40
Commit Graph

200 Commits

Author SHA1 Message Date
Davide De Rosa
7aec0637b2 Move endpoints inside SessionProxy.Configuration 
Make optional.

TunnelKitProvider still gets hostname from .serverAddress rather
than SessionProxy.Configuration

Also drop useless Equatable implementations.
 2019-04-04 13:09:50 +02:00
Davide De Rosa
e8396ec2cd Parse search domain from configuration 
Fixes #77
 2019-04-03 14:29:09 +02:00
Davide De Rosa
370e68aa3f Parse search domain from dhcp-option DOMAIN 2019-04-03 14:29:09 +02:00
Davide De Rosa
fe2ad52df0 Document OptionsBundle 
Move most from SessionProxy.Configuration.
 2019-04-03 13:34:08 +02:00
Davide De Rosa
f9ae3412a5 Move malformed error out of unrelated SessionError 
Also give more detail about the reason.
 2019-04-03 13:20:49 +02:00
Davide De Rosa
42232804ca Rename file to public entity 2019-04-03 13:19:47 +02:00
Davide De Rosa
49c805af52 Fix a few isHandled 
Skip to exclude from strippedLines.
 2019-04-03 13:19:47 +02:00
Davide De Rosa
9876c81de5 Parse PUSH_REPLY options in OptionsBundle 
- auth-token
- peer-id
- Routing

Reorganize options by semantic.

Reuse OptionsBundle in PushReply.
 2019-04-03 13:19:21 +02:00
Davide De Rosa
b9b9c4db60 Parse basic options in OptionsBundle 
- Handle isEncrypted inside CryptoContainer
- Rename ParsingError to OptionsError

Reuse OptionsBundle in ConfigurationParser.
 2019-04-03 13:19:16 +02:00
Davide De Rosa
e7dadefabb Generalize cipher regex 2019-04-03 12:20:53 +02:00
Davide De Rosa
d72b583900 Improve parsing of PUSH_REPLY prefix 2019-04-03 12:20:53 +02:00
Davide De Rosa
27901c991b Skip deinit documentation 2019-04-02 19:18:23 +02:00
Davide De Rosa
ccb6329f05 Don't parse a block begin while inside a block 
If a PEM contained anything like <foobar>, the parser was doomed.

Fixes #78
 2019-04-02 19:07:48 +02:00
Davide De Rosa
11fd418f82 Extend encrypted private key quick test 
Test .ovpn didn't use an PKCS#8 key due to a slip-up. Fixing it
unveiled that isEncrypted returned false for PKCS#8 keys.

Fixes #80
 2019-04-02 11:41:18 +02:00
Davide De Rosa
22f80735ca Strip certificate preamble 
Fixes #78
 2019-04-02 00:55:58 +02:00
Davide De Rosa
def622506b Check PKCS#1 via "Proc-Type" presence instead 2019-04-02 00:37:52 +02:00
Davide De Rosa
47b80d5361 Refactor to decrypt generic key 2019-04-02 00:31:54 +02:00
Davide De Rosa
0bfc1e08eb Fix retarded Swift pointer API somehow 2019-03-30 23:18:45 +01:00
Davide De Rosa
207a4f063a Replace deprecated Data(bytes:) 2019-03-30 23:18:45 +01:00
Davide De Rosa
8dfd5f23c1 Handle unknown enum defaults 2019-03-30 23:18:45 +01:00
Davide De Rosa
f686a0aee4 Fix Xcode warnings 2019-03-30 20:16:04 +01:00
Davide De Rosa
44fb5a5b48 Track data count in shared UserDefaults 
Default disabled (dataCountInterval = 0).
 2019-03-30 19:56:26 +01:00
Davide De Rosa
00c76f707f Throw specific error if unable to decrypt 
Normally a bad passphrase.
 2019-03-25 19:24:35 +01:00
Davide De Rosa
ffcccb5420 Throw specific error on missing passphrase 
So that client can retry with a passphrase.
 2019-03-25 18:49:53 +01:00
Davide De Rosa
b07ec88ff2 Add passphrase parameter to ConfigurationParser 
Use it to decrypt encrypted PEMs.
 2019-03-25 18:48:59 +01:00
Davide De Rosa
f37bfb3579 Implement RSA privkey decryption via OpenSSL 2019-03-25 18:45:00 +01:00
Davide De Rosa
53f3048674 Add missing documentation 2019-03-25 15:46:15 +01:00
Davide De Rosa
9c4d491a3b Make floating XXX a FIXME 2019-03-25 10:37:15 +01:00
Davide De Rosa
7ce31c3184 Parse randomize endpoints from --remote-random 2019-03-25 10:32:08 +01:00
Davide De Rosa
42227fcc00 Add SessionProxy.Configuration.randomizeEndpoint 2019-03-25 10:32:08 +01:00
Davide De Rosa
9c0205614b Disable rebind-on-float until a solid fix 
Mitigates #75
 2019-03-25 10:10:08 +01:00
Davide De Rosa
71d54e2dc3 Send IV_LZO only if supported 2019-03-25 10:07:57 +01:00
Davide De Rosa
fad20668b0 Override masksPrivateData via AppExtension 
Unmask in demo.

Fixes #62
 2019-03-21 19:19:22 +01:00
Davide De Rosa
79509a1ea1 Fix execution queue in network handler 2019-03-20 18:01:57 +01:00
Davide De Rosa
a5b8907918 Postpone shutdown until notification is written 
Otherwise socket might be force-closed while sending the packet.
 2019-03-20 17:57:56 +01:00
Davide De Rosa
c93461b153 Send explicit exit notification if UDP 
Implement --explicit-exit-notify by default.

Fixes #29
 2019-03-20 17:57:56 +01:00
Davide De Rosa
c6ab3b57db Fix a few return in wrong scope 2019-03-20 17:57:56 +01:00
Davide De Rosa
9d479a9aba Handle LZO compression in --compress framing 
Share parse block between comp-lzo and compress.

It seems that --compress sends NO_COMPRESS w/o swapping.

Also suppress redundant LZOIsSupported(), implied by non-nil value
of self.lzo.
 2019-03-20 09:04:27 +01:00
Davide De Rosa
4b9ffcfb4e Accept LZO regardless of framing 2019-03-20 09:04:27 +01:00
Davide De Rosa
9a6f3d638c Recognize "--compress lzo" option as legal 2019-03-20 09:04:27 +01:00
Davide De Rosa
7a449f90ee Advertise LZO support 2019-03-19 15:14:29 +01:00
Davide De Rosa
0eb0e3e478 Parse compression from several places 
- PUSH_REPLY
- .ovpn configuration
- TunnelKitProvider
 2019-03-19 15:14:29 +01:00
Davide De Rosa
4d6d51818d Compress/decompress LZO data packets 
Return compressionHeader from parse blocks.
 2019-03-19 15:14:27 +01:00
Davide De Rosa
197679057d Return NSData from parsePayloadWithBlock 
More friendly to (de)compression stage.
 2019-03-19 15:12:56 +01:00
Davide De Rosa
5cc32b1060 Wrap minilzo into dynamic Obj-C plugin 
Handle library errors to some extent.
 2019-03-19 15:12:46 +01:00
Davide De Rosa
08b04c8e02 Fix not propagated checksEKU flag 2019-03-18 17:27:48 +01:00
Davide De Rosa
7d69e09c53 Update copyright 2019-03-09 11:44:18 +01:00
Davide De Rosa
e3b8a6b16b Shut down on link error 
Because it doesn't seem to recover until the tunnel dies.
 2019-03-08 13:08:54 +01:00
Davide De Rosa
e849e6c0da Reject <connection> blocks in .ovpn 
- Use enumerateComponents for boolean test.
- Fix a test compile error on the way.
 2019-03-04 17:39:37 +01:00
Davide De Rosa
86420ba8ea Shut down on compressed data packet 
Re-inforce #65 at the data path level. Should now cover all
compression scenarios.
 2019-02-28 17:16:14 +01:00