passepartoutvpn/tunnelkit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
271 Commits 1 Branch 58 Tags 3.2 MiB
f5d12300f9
Commit Graph

152 Commits

Author SHA1 Message Date
Davide De Rosa
f5d12300f9 Save debug log to file in app group container 
Don't bog UserDefaults. Reuse debugLogKey for the log filename.
 2018-10-24 21:06:04 +02:00
Davide De Rosa
b35fb34da5 Cap masked hash to 16 hexes 2018-10-24 18:50:36 +02:00
Davide De Rosa
ae85337e91 Mask log.debug 2018-10-24 18:47:41 +02:00
Davide De Rosa
033763f372 Mask log.info 2018-10-24 18:47:41 +02:00
Davide De Rosa
25d84f6530 Add internal flag for masking private data 
Hardcoded to true. Private data is mostly hostname/IP addresses
and routing information.
 2018-10-24 18:23:10 +02:00
Davide De Rosa
b1a79d6451 Shut down on server-initiated HARD_RESET 
Session is stale and not recoverable (lame duck).
 2018-10-24 12:31:37 +02:00
Davide De Rosa
0b79ce4194 Handle server-initiated SOFT_RESET 2018-10-24 12:22:47 +02:00
Davide De Rosa
d829247e6e Simplify socket shutdown code 
Drop weird (old?) linkFailures check.
 2018-10-24 09:42:18 +02:00
Davide De Rosa
91349fd780 Take shouldChangeProtocol out of GenericSocket 
Behavior is not exactly similar in UDP and TCP.
 2018-10-24 09:42:03 +02:00
Davide De Rosa
8b59fe6f4c Use RawRepresentable where adequate 2018-10-24 09:19:50 +02:00
Davide De Rosa
e3a5302e06 Check NULL EKU and simplify OID comparison 2018-10-24 00:43:01 +02:00
Davide De Rosa
3a95568d0b Remove unused code 2018-10-24 00:36:18 +02:00
Davide De Rosa
440a7f7da8 Verify server cert EKU 
Fixes #27
 2018-10-23 23:46:37 +02:00
Davide De Rosa
c32185b524 Review/complete mapping to ProviderError 
Errors from TunnelKitNative were not mapped. Also, move TLS CA
verification error to TLSBox domain.
 2018-10-23 23:44:25 +02:00
Davide De Rosa
f5d9720b01 Halt TLS on internal failure 2018-10-23 23:44:25 +02:00
Davide De Rosa
f725779e0e Convert ct pulling to try/catch 2018-10-23 22:47:04 +02:00
Davide De Rosa
1ad4a62593 Report error status to shared defaults 
Retain after disposal, unless manually stopped.
 2018-10-22 01:04:36 +02:00
Davide De Rosa
7ffb997904 Add defaults key for last error 2018-10-22 01:04:36 +02:00
Davide De Rosa
4bf7f1a1fc Bridge SessionError to public ProviderError 2018-10-22 01:04:36 +02:00
Davide De Rosa
6200a0bc1c Split configuration and session errors 2018-10-22 01:04:36 +02:00
Davide De Rosa
f93634bd7a Respect link MTU in TCP 
Mitigates #39
 2018-10-22 00:56:08 +02:00
Davide De Rosa
26fc12c2ef Add missing fclose() after fopen() 
Slip-up from #32
 2018-10-21 00:22:36 +02:00
Davide De Rosa
fbd3f977d5 Parse static key from file 2018-10-19 17:22:26 +02:00
Davide De Rosa
28d9f3ee68 Add crypt strategy 2018-10-19 17:06:29 +02:00
Davide De Rosa
55e0aa5c5a Implement and test crypt serializer 2018-10-19 17:06:26 +02:00
Davide De Rosa
3ec4a7d292 Implement AES-CTR encryption 2018-10-19 16:56:20 +02:00
Davide De Rosa
a430beb35f Improve Swift bridging of CryptoFlags 2018-10-19 16:56:20 +02:00
Davide De Rosa
8ccc4c08a5 Add auth strategy 2018-10-19 16:20:56 +02:00
Davide De Rosa
0fce5abdde Implement auth serializer 2018-10-19 16:20:56 +02:00
Davide De Rosa
a974646558 Add macros for replay packet id 2018-10-19 16:12:07 +02:00
Davide De Rosa
66735ec118 Prepare API to enable TLS wrapping 
Extensible TLSWrap parameter.
 2018-10-19 16:11:35 +02:00
Davide De Rosa
51720c1fbc Split ControlPacket header/content serialization 
rawSerializeTo: does not include opcode|session_id.
 2018-10-19 16:11:35 +02:00
Davide De Rosa
372fa194a5 Parse indexed keys from StaticKey 2018-10-19 16:11:35 +02:00
Davide De Rosa
5c8c361fce Add StaticKey class for static OpenVPN keys 2018-10-19 16:11:35 +02:00
Davide De Rosa
a85c4ea6da Rename packetId flag to more proper IV 2018-10-19 15:55:16 +02:00
Davide De Rosa
bff9352c6e Handle encryption/peer-id in a stateless manner 
Fixes #30
 2018-10-19 15:54:55 +02:00
Davide De Rosa
70b50a7a2e Parse data opcode when decrypting 
Assume it could be DATA_V1/V2 regardless of peer-id.
 2018-10-19 11:33:12 +02:00
Davide De Rosa
9b785084e2 Customize HARD_RESET payload when PIA-patched 2018-10-18 13:31:11 +02:00
Davide De Rosa
eb8a8b38c2 Restore PIA HARD_RESET code 2018-10-18 12:45:32 +02:00
Davide De Rosa
872e20a95a Add function to compute MD5 from certificate 2018-10-18 12:32:22 +02:00
Davide De Rosa
98c5a015f3 Split endpoint and credentials 
Basically drop AuthenticatedEndpoint.
 2018-10-06 16:22:02 +02:00
Davide De Rosa
40b733db57 Make credentials optional 2018-10-06 16:21:59 +02:00
Davide De Rosa
093774535d Make CA non-optional 
Fix up nullability qualifiers in TLSBox.

Fixes #26
 2018-10-06 15:53:22 +02:00
Davide De Rosa
09210b727a Use compression framing description 2018-09-28 08:40:14 +02:00
Davide De Rosa
7b96247c72 Fix interpretation of 0 seconds 
0 keep-alive = never
0 reneg seconds = never
 2018-09-28 08:39:57 +02:00
Davide De Rosa
24dabe2739 Set peer-info version from bundle 
Omit build number for now, seems more complex than expected to
accomplish with CocoaPods.
 2018-09-24 10:26:43 +02:00
Davide De Rosa
d6958ed28d Revert LZO deprecation, still widely used 2018-09-23 14:23:52 +02:00
Davide De Rosa
58726a67d7 Update SwiftyBeaver for MemoryDestination 
See for reference:

- https://github.com/pia-foss/tunnel-apple/pull/15
- https://github.com/SwiftyBeaver/SwiftyBeaver/pull/299
 2018-09-23 14:14:25 +02:00
Davide De Rosa
668474d75c Indent negotiated parameters in log 2018-09-21 19:53:38 +02:00
Davide De Rosa
44fc38e8ef Rename encryption headers for consistency 
The shared prefix makes it easier to associate them with
implementation files.
 2018-09-20 09:03:33 +02:00