tunnelkit/CHANGELOG.md
Davide De Rosa e3241f4f4d Fix potential OOB during negotiation
Reported by @Grivus with SoftEther.

Closes #143
2019-12-22 16:31:57 +01:00

11 KiB

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

Unreleased

Fixed

  • Index out of range during negotiation (Grivus). #143

2.2.1 (2019-12-14)

Fixed

  • Keep-alive pings coalescing over time.
  • Ping timeout not checked for if keep-alive is disabled.

2.2.0 (2019-12-11)

Changed

  • Require explicit --ca and --cipher in .ovpn configuration file.

2.1.0 (2019-11-03)

Added

  • Allow keep-alive timeout to be configured by the server or client (Robert Patchett). #122
  • Support for proxy autoconfiguration URL (ThinkChaos). #125
  • Support multiple DNS search domains. #127

Changed

  • Upgrade OpenSSL to 1.1.1d. #123

Fixed

  • Session negotiation succeeds too early (Robert Patchett). #124
  • Handle vpn_gateway literal in --route.

2.0.5 (2019-09-26)

Fixed

  • OpenSSL framework structure on macOS makes binary invalid when uploaded to App Store Connect.
  • Potential OOB in memcmp() (Guido Vranken).

2.0.3 (2019-09-06)

Fixed

  • Deadlock on shutdown (further fixes). #106
  • Regression with negotiation failing due to .staleSession error. #120

2.0.2 (2019-07-27)

Fixed

  • Deadlock on shutdown. #106
  • Stuck on SOFT_RESET. #105
  • Tunnel dies unexpectedly on macOS. #111
  • Recover from ENOBUFS. #112

2.0.1 (2019-05-28)

Fixed

  • Regression in LZO subspec.

2.0.0 (2019-05-28)

Changed

  • Major refactoring.

1.7.1 (2019-05-14)

Added

  • Partially support --redirect-gateway block-local. #81

Fixed

  • Authentication failure due to local options. #95
  • Customize security level (to tolerate weak certificates). #97
  • Connection stalls on server-initiated SOFT_RESET.
  • Wrong configuration mutability.

1.7.0 (2019-04-28)

Changed

  • Do not redirect all traffic to VPN unless --redirect-gateway specified. #90
  • Upgrade OpenSSL to 1.1.0j.

Fixed

  • SoftEther sends an incomplete PUSH_REPLY. #86
  • Authentication/Decrypt errors with TLS wrapping. #88, #61
  • Broken DNS when no servers provided. #84
  • UDP may disconnect on high-speed upload link. #87
  • Client certificate may fail when private key in .ovpn is encrypted. #91
  • DNS is unreachable when VPN is not default gateway. #94

1.6.2 (2019-04-17)

Added

  • Basic support for proxy settings (no PAC). #74

Changed

  • Make hostname optional and pick resolvedAddresses if nil.

Fixed

  • Negotiation times out with SoftEther. #67
  • Unable to handle continuated PUSH_REPLY. #71
  • TCP requiring multiple PUSH_REQUEST. #73
  • DNS inconsistencies. #85

1.6.1 (2019-04-07)

Fixed

  • Cipher/digest erroneously required by AppExtension.

1.6.0 (2019-04-06)

Added

  • Handle dhcp-option DOMAIN. #77

Changed

  • Refactor configuration parser for reuse.

Fixed

  • Unrecognized PKCS#8 encrypted private keys. #80
  • Handle PEM with preamble. #78

1.5.2 (2019-04-01)

Added

  • Optional data count report via TunnelKitProvider.Configuration.dataCount(in:).

Changed

  • Upgraded to Swift 5.

Fixed

  • checksEKU not propagated to TunnelKitProvider.

1.5.1 (2019-03-25)

Added

  • Scramble endpoints via --remote-random. #76
  • Support for encrypted certificate private keys. #72

Fixed

  • Send explicit exit notification if UDP. #29
  • Broken reconnection on network change (mitigated). #75

1.5.0 (2019-03-20)

Added

  • Support for legacy --comp-lzo compression. #69
  • Support for newer --compress lzo option. #70

1.4.3 (2019-03-18)

Fixed

  • Several reconnection issues.
  • Missing EKU flag evaluation.

1.4.2 (2019-03-05)

Added

  • Shut down if server pushes a compressed data packet.

Fixed

  • Custom DNS servers were not applied.
  • Reject <connection> blocks as unsupported.

1.4.1 (2019-02-25)

Added

  • Override DNS servers client side. #56
  • Shut down if server pushes a compression directive. #65

Changed

  • Enable or disable EKU according to remote-cert-tls server in .ovpn file. #64

Fixed

  • Compiling errors in demo target.
  • Linking errors with OpenSSL.
  • A few potential vulnerabilities.

1.4.0 (2018-11-12)

Added

  • Parser for .ovpn configuration files. #47

Changed

  • Due to #47, SocketType and EndpointProtocol were moved to Core subspec.

1.3.1 (2018-11-07)

Fixed

  • IPv4/UInt32 conversions are not endianness-agnostic. #46

1.3.0 (2018-10-28)

Changed

  • Refactored tunnel configuration API for increased code reuse. #44

Deprecated

  • Use high-level accessories instead of debugLogKey and lastErrorKey. #45

Fixed

  • IPv4/UInt32 calculations were wrong.

1.2.2 (2018-10-25)

Changed

  • Debug log is saved to group container rather than UserDefaults. #43

Fixed

  • Handle server-initiated renegotiation. #41
  • Potentially private data (e.g. Internet addresses) is now masked in debug log. #42

1.2.1 (2018-10-24)

Added

  • Configuration key lastErrorKey for reporting errors to host app. #40
  • Server extended key usage validation (EKU). #27

Fixed

  • CA file was not closed after MD5 calculation when using PIA patches.
  • Mitigated an issue with MTU in TCP mode during negotiation. #39

1.2.0 (2018-10-20)

Added

  • Support for --tls-auth wrapping. #34
  • Support for --tls-crypt wrapping. #35
  • Parser for static OpenVPN keys from file. #36

Fixed

  • Handling of mixed DATA_V1/DATA_V2 packets. #30

1.1.2 (2018-10-18)

Added

  • Restored support for PIA patches. #32

1.1.1 (2018-10-10)

Fixed

  • Make CA non-optional. #28

1.1.0 (2018-09-26)

Added

  • Client certificate verification. #3
  • Support for both --comp-lzo and --compress compression framing. #2, #5, #10
  • Routes setup from PUSH_REPLY. #7
  • Support for IPv6. #8
  • Support for server-side NCP. #11
  • Property to mark ciphers not requiring digest auth (e.g. GCM). #13
  • Codable implementations for native Swift serialization. #15
  • More cipher and digest algorithms. #16
  • Negotiated compression framing from PUSH_REPLY. #19
  • Customizable keep-alive. #20
  • Negotiated keep-alive from PUSH_REPLY. #22
  • Peer-info metadata.

Changed

  • Raised iOS target to 11 (drops 32-bit support).
  • Upgraded OpenSSL from 1.1.0h to 1.1.0i.
  • Minor adjustments for Xcode 10 / Swift 4.2.
  • Deep refactoring of control channel for future extensibility.
  • App group moved out of tunnel configuration, to make it more platform-agnostic and coherent to serialize.
  • Keep-alive is disabled by default.
  • Several internal renamings.

Fixed

  • Sensitive data logged in PUSH_REPLY. #12
  • Bad interpretation of 0 seconds between renegotiations. #18
  • Incorrect behavior on data-related failures. #21

1.0.0 (2018-08-23)

Added

Removed

  • Non-standard PIA patches.