Davide De Rosa
65774c9a09
Update CHANGELOG
...
Move XOR PR credits to README.
2021-07-22 10:55:57 +02:00
sam
e69079d1f6
Add xormask option
2021-07-22 10:55:57 +02:00
Davide De Rosa
7f84d8338c
Upgrade Xcode project
2021-06-26 11:00:24 +02:00
Roopesh Chander
433e3f8dc9
Keychain: Enable correct keychain sharing in macOS
...
To enable sharing of keychain items using access groups in macOS,
the kSecUseDataProtectionKeychain attribute should be set.
This key has effect only in macOS, and is unavailable in iOS 12,
so we set it only in macOS.
2021-02-12 01:07:43 +01:00
Roopesh Chander
2b3eb5412c
Keychain: Use app group when dereferencing a password reference
...
Co-authored-by: Davide De Rosa <keeshux@gmail.com>
Better retain access group every time keychain is written to or
read from, there is no good reason to omit it. Requires Keychain
method to be reverted to non-static.
Partially revert 4490f0c116
, based
on wrong assumptions about password references.
2021-02-11 13:44:00 +01:00
Davide De Rosa
e923382c81
Default to unspecified MTU
...
Hardcode control channel packets to 1000 bytes.
2020-12-28 16:04:15 +01:00
Davide De Rosa
ba3ead13a3
Update copyright
2020-12-27 17:29:39 +01:00
Davide De Rosa
304d0215b6
Use keychain service as item context
...
Primary key = (context, username)
2020-12-20 10:57:06 +01:00
Davide De Rosa
4a5bc92fcb
Remove password inside try/catch
2020-12-18 19:11:52 +01:00
Davide De Rosa
ecb2c951a8
Handle keychain cancelation
...
E.g. stop on "Deny" button.
2020-12-18 19:11:52 +01:00
Davide De Rosa
44844cfd9c
Update API to access current Wi-Fi SSID
2020-11-21 19:10:58 +01:00
Davide De Rosa
10aec5185d
Document Manager subspec
...
Refactor notifications to newer Swift convention.
2020-06-13 17:38:55 +02:00
Davide De Rosa
01554713b8
Move IP header logic to separate struct
2020-05-12 13:07:09 +02:00
Davide De Rosa
f1a28a8d32
Revert to more efficient ternary op in IP header
...
See #169 and 753927f36b
2020-05-12 12:59:33 +02:00
Davide De Rosa
60213bafb8
Fix and improve #169
...
- Use constants
- Check packet length for OOB read
- Replace assertion with logging
2020-05-08 21:01:36 +02:00
Roopesh Chander
753927f36b
Fix how NETunnelInterface handles IP protocol number
...
The IP protocol number passed to NEPacketTunnelFlow is determined per
packet based on the IP header, instead of determining it based on
whether IPv6 settings are available or not.
2020-05-06 09:37:24 +05:30
Johan Kool
78e332d48b
Force IPv4 on Mojave otherwise it breaks
2020-04-10 13:37:15 +02:00
Davide De Rosa
a7aa78141e
Update copyright clause
2020-01-11 09:26:41 +01:00
Davide De Rosa
4ced1c499d
Use modern structure for notifications
2019-11-02 11:32:16 +01:00
Davide De Rosa
21eee24e7c
Add missing documentation
2019-05-24 16:02:06 +02:00
Davide De Rosa
72ce14b676
Make AppExtension entities public
2019-05-24 16:02:06 +02:00
Davide De Rosa
9445b825d0
Make AppExtension generic
...
- Make AppExtension a standalone util subspec
- Move OpenVPN tunnel provider to OpenVPN subspec
- Move Utils to Core subspec
- Depend OpenVPN on Core + AppExtension
2019-05-24 10:41:26 +02:00
Davide De Rosa
b6da3f2d13
Rename proxy to session
...
According to SessionProxy -> OpenVPNSession.
2019-05-19 15:56:44 +02:00
Davide De Rosa
8be0f14aa9
Move PRNG initialization to namespace level
2019-05-19 15:52:55 +02:00
Davide De Rosa
d057e9645b
Restore AppExtension with recent changes
2019-05-19 15:50:12 +02:00
Davide De Rosa
930f05c984
Move OpenVPN timeouts out of Core
2019-05-19 12:39:51 +02:00
Davide De Rosa
5b81aa6a78
Drop "Box" from error codes
2019-05-19 12:22:32 +02:00
Davide De Rosa
9da7fa9667
Split Core into Core+OpenVPN
...
Two Obj-C modules:
- __TunnelKitCore
- __TunnelKitOpenVPN
Seems the only way to do it in multiple module maps.
Move OpenVPN specifics out of CoreConfiguration.
2019-05-19 12:22:32 +02:00
Davide De Rosa
491092f2a3
Drop extra header lines
2019-05-19 12:21:44 +02:00
Davide De Rosa
713a46d817
Update GitHub URL
...
Move to passepartoutvpn org.
2019-05-14 10:58:47 +02:00
Davide De Rosa
d06b2e1928
Shut down if no default gateway
2019-05-11 17:40:46 +02:00
Davide De Rosa
5ce49953a0
Assume empty policies to override server settings
...
Empty != nil. When nil, pull from server.
2019-05-11 16:33:49 +02:00
Davide De Rosa
43c70b2673
Refine logging of some configuration
...
Log about routing entries.
2019-05-11 14:54:25 +02:00
Davide De Rosa
ff0dfc450c
Get TLS security level via AppExtension
...
Improves #97
2019-05-08 16:16:30 +02:00
Davide De Rosa
a693075e90
Block LAN when redirect-gateway block-local
...
Fixes #81
2019-05-03 15:14:25 +02:00
Davide De Rosa
d44d08c95e
Retain self weakly for shutdown on timeout
2019-05-02 13:13:43 +02:00
Davide De Rosa
f799f47c25
Add direct routes to DNS servers
...
If VPN is not default gateway.
Further fix of #94
2019-04-28 15:51:16 +02:00
Davide De Rosa
0b72a30cdd
Add full set of CloudFlare DNS servers
2019-04-28 10:56:39 +02:00
Davide De Rosa
ebabf02eb5
Fix DNS in VPN when not default gateway
...
Awful API requires .matchDomains = [""]
Fixes #94
2019-04-28 10:39:55 +02:00
Davide De Rosa
b331e3cfe6
Mask fallback DNS servers
...
Comment about fallback DNS being public
2019-04-28 10:39:25 +02:00
Davide De Rosa
7978398e1e
Fix logging of routing policies
2019-04-27 22:55:20 +02:00
Davide De Rosa
155bd5f1e7
Revert def1 trick
...
Not needed, routes are not persistent.
Revert 7d26323d3f
2019-04-27 22:55:19 +02:00
Davide De Rosa
7d26323d3f
Use OpenVPN trick to retain default gateway
...
Override default gateway with 2 split routes.
- IPv4: 0.0.0.0/1, 128.0.0.0/1
- IPv6: 2000::/4, 3000::/4
2019-04-27 22:29:51 +02:00
Davide De Rosa
3505f68b04
Revert DNS merge
...
Revert 1d3660459e
2019-04-27 18:25:08 +02:00
Davide De Rosa
b8cd969a1a
Fall back to configurable preset DNS servers
...
Default to CloudFlare 1.1.1.1
Hard time making it work with system DNS servers. Retry later.
2019-04-25 17:18:28 +02:00
Davide De Rosa
1d3660459e
Merge local and remote DNS servers
...
- Local first
- Remote last
2019-04-25 16:18:54 +02:00
Davide De Rosa
82394e0433
Skip DNS settings if no servers are provided
2019-04-25 16:18:54 +02:00
Davide De Rosa
4ce2d78c5a
Adjust log of routing policies
...
Consistent with print configuration.
2019-04-25 16:18:52 +02:00
Davide De Rosa
1b0c9979ce
Log "default" DNS when servers are empty
2019-04-25 16:09:04 +02:00
Davide De Rosa
3f37489c13
Handle pushed routing policies
2019-04-25 16:02:19 +02:00