passepartoutvpn
/
tunnelkit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
271 Commits 1 Branch 58 Tags 3.2 MiB
Commit Graph

152 Commits

Author SHA1 Message Date
Davide De Rosa f5d12300f9 Save debug log to file in app group container 
Don't bog UserDefaults. Reuse debugLogKey for the log filename.
 2018-10-24 21:06:04 +02:00
Davide De Rosa b35fb34da5 Cap masked hash to 16 hexes 2018-10-24 18:50:36 +02:00
Davide De Rosa ae85337e91 Mask log.debug 2018-10-24 18:47:41 +02:00
Davide De Rosa 033763f372 Mask log.info 2018-10-24 18:47:41 +02:00
Davide De Rosa 25d84f6530 Add internal flag for masking private data 
Hardcoded to true. Private data is mostly hostname/IP addresses
and routing information.
 2018-10-24 18:23:10 +02:00
Davide De Rosa b1a79d6451 Shut down on server-initiated HARD_RESET 
Session is stale and not recoverable (lame duck).
 2018-10-24 12:31:37 +02:00
Davide De Rosa 0b79ce4194 Handle server-initiated SOFT_RESET 2018-10-24 12:22:47 +02:00
Davide De Rosa d829247e6e Simplify socket shutdown code 
Drop weird (old?) linkFailures check.
 2018-10-24 09:42:18 +02:00
Davide De Rosa 91349fd780 Take shouldChangeProtocol out of GenericSocket 
Behavior is not exactly similar in UDP and TCP.
 2018-10-24 09:42:03 +02:00
Davide De Rosa 8b59fe6f4c Use RawRepresentable where adequate 2018-10-24 09:19:50 +02:00
Davide De Rosa e3a5302e06 Check NULL EKU and simplify OID comparison 2018-10-24 00:43:01 +02:00
Davide De Rosa 3a95568d0b Remove unused code 2018-10-24 00:36:18 +02:00
Davide De Rosa 440a7f7da8 Verify server cert EKU 
Fixes #27
 2018-10-23 23:46:37 +02:00
Davide De Rosa c32185b524 Review/complete mapping to ProviderError 
Errors from TunnelKitNative were not mapped. Also, move TLS CA
verification error to TLSBox domain.
 2018-10-23 23:44:25 +02:00
Davide De Rosa f5d9720b01 Halt TLS on internal failure 2018-10-23 23:44:25 +02:00
Davide De Rosa f725779e0e Convert ct pulling to try/catch 2018-10-23 22:47:04 +02:00
Davide De Rosa 1ad4a62593 Report error status to shared defaults 
Retain after disposal, unless manually stopped.
 2018-10-22 01:04:36 +02:00
Davide De Rosa 7ffb997904 Add defaults key for last error 2018-10-22 01:04:36 +02:00
Davide De Rosa 4bf7f1a1fc Bridge SessionError to public ProviderError 2018-10-22 01:04:36 +02:00
Davide De Rosa 6200a0bc1c Split configuration and session errors 2018-10-22 01:04:36 +02:00
Davide De Rosa f93634bd7a Respect link MTU in TCP 
Mitigates #39
 2018-10-22 00:56:08 +02:00
Davide De Rosa 26fc12c2ef Add missing fclose() after fopen() 
Slip-up from #32
 2018-10-21 00:22:36 +02:00
Davide De Rosa fbd3f977d5 Parse static key from file 2018-10-19 17:22:26 +02:00
Davide De Rosa 28d9f3ee68 Add crypt strategy 2018-10-19 17:06:29 +02:00
Davide De Rosa 55e0aa5c5a Implement and test crypt serializer 2018-10-19 17:06:26 +02:00
Davide De Rosa 3ec4a7d292 Implement AES-CTR encryption 2018-10-19 16:56:20 +02:00
Davide De Rosa a430beb35f Improve Swift bridging of CryptoFlags 2018-10-19 16:56:20 +02:00
Davide De Rosa 8ccc4c08a5 Add auth strategy 2018-10-19 16:20:56 +02:00
Davide De Rosa 0fce5abdde Implement auth serializer 2018-10-19 16:20:56 +02:00
Davide De Rosa a974646558 Add macros for replay packet id 2018-10-19 16:12:07 +02:00
Davide De Rosa 66735ec118 Prepare API to enable TLS wrapping 
Extensible TLSWrap parameter.
 2018-10-19 16:11:35 +02:00
Davide De Rosa 51720c1fbc Split ControlPacket header/content serialization 
rawSerializeTo: does not include opcode|session_id.
 2018-10-19 16:11:35 +02:00
Davide De Rosa 372fa194a5 Parse indexed keys from StaticKey 2018-10-19 16:11:35 +02:00
Davide De Rosa 5c8c361fce Add StaticKey class for static OpenVPN keys 2018-10-19 16:11:35 +02:00
Davide De Rosa a85c4ea6da Rename packetId flag to more proper IV 2018-10-19 15:55:16 +02:00
Davide De Rosa bff9352c6e Handle encryption/peer-id in a stateless manner 
Fixes #30
 2018-10-19 15:54:55 +02:00
Davide De Rosa 70b50a7a2e Parse data opcode when decrypting 
Assume it could be DATA_V1/V2 regardless of peer-id.
 2018-10-19 11:33:12 +02:00
Davide De Rosa 9b785084e2 Customize HARD_RESET payload when PIA-patched 2018-10-18 13:31:11 +02:00
Davide De Rosa eb8a8b38c2 Restore PIA HARD_RESET code 2018-10-18 12:45:32 +02:00
Davide De Rosa 872e20a95a Add function to compute MD5 from certificate 2018-10-18 12:32:22 +02:00
Davide De Rosa 98c5a015f3 Split endpoint and credentials 
Basically drop AuthenticatedEndpoint.
 2018-10-06 16:22:02 +02:00
Davide De Rosa 40b733db57 Make credentials optional 2018-10-06 16:21:59 +02:00
Davide De Rosa 093774535d Make CA non-optional 
Fix up nullability qualifiers in TLSBox.

Fixes #26
 2018-10-06 15:53:22 +02:00
Davide De Rosa 09210b727a Use compression framing description 2018-09-28 08:40:14 +02:00
Davide De Rosa 7b96247c72 Fix interpretation of 0 seconds 
0 keep-alive = never
0 reneg seconds = never
 2018-09-28 08:39:57 +02:00
Davide De Rosa 24dabe2739 Set peer-info version from bundle 
Omit build number for now, seems more complex than expected to
accomplish with CocoaPods.
 2018-09-24 10:26:43 +02:00
Davide De Rosa d6958ed28d Revert LZO deprecation, still widely used 2018-09-23 14:23:52 +02:00
Davide De Rosa 58726a67d7 Update SwiftyBeaver for MemoryDestination 
See for reference:

- https://github.com/pia-foss/tunnel-apple/pull/15
- https://github.com/SwiftyBeaver/SwiftyBeaver/pull/299
 2018-09-23 14:14:25 +02:00
Davide De Rosa 668474d75c Indent negotiated parameters in log 2018-09-21 19:53:38 +02:00
Davide De Rosa 44fc38e8ef Rename encryption headers for consistency 
The shared prefix makes it easier to associate them with
implementation files.
 2018-09-20 09:03:33 +02:00