Age | Commit message (Collapse) | Author | |
---|---|---|---|
2019-05-23 | [bug] bitmask-vpn needs tun-ipv6 flag | Kali Kaneko | |
2019-01-30 | [bug] allow tls 1.0 as a workaround for buster/sid | Kali Kaneko | |
in systems with newer openssl, tls 1.0 has been disabled. however, this breaks the ability of a client in a newer system to connect with the openvpn servers on providers that are still on stretch. platform needs to be upgraded. -Related: https://0xacab.org/leap/bitmask-vpn/issues/105 | |||
2019-01-30 | [docs] add a small usage hint | Kali Kaneko | |
-Resolves: #9378 | |||
2019-01-30 | [style] linting | Kali Kaneko | |
2018-09-06 | [bug] get openvpn from snap, disable ipv6 workaround | Kali Kaneko | |
when using snap, at least in qubes there's an error if we pick openvpn from the system. if we're executing from a snap, we should pick the snap's openpvn. also disabling for now the ipv6 workaround, since it fails when attempting to setup the i6 addr on the interface. --pull-filter should work here, see https://community.openvpn.net/openvpn/ticket/849 | |||
2018-09-06 | [bug] disable temporarily ipv6 as part of the firewall | Kali Kaneko | |
Since we're blocking ipv6, it's nice to avoid resolving dual-stack sites to ipv6, because many tools don't work otherwise. - Resolves: #9027 | |||
2018-09-06 | [bug] search for any openvpn process, the binary name might not match | Ruben Pollan | |
2018-07-23 | [bug] return allways a valid state from openvpn | Ruben Pollan | |
Even if we don't recognize the state that openvpn is providing. Add TCP_CONNECT state as well. | |||
2018-06-13 | [bug] fix constants import error | kali | |
2018-06-12 | [feat] add support for tcp management in bitmask-root | Ruben Pollan | |
2018-04-11 | [feat] add fw_reload to bitmaskctl | Ruben Pollan | |
Some systems remove firewall rules, is usefull to be able to script the reload of those rules in hooks or other custom systems. - Resolves: #9289 | |||
2018-04-11 | [bug] fix import | Kali Kaneko | |
2018-04-11 | [style] pep8 | Kali Kaneko | |
2018-04-11 | several fixes for riseupvpn snap | Kali Kaneko | |
- move snap folder to root folder, to allow automated builds - install only polkit file outside of snap - change path of bitmask-root accordingly in bitmask - fix check for polkit file inside snap - change and document the algorithm for picking bitmask-root in linux - add LD_LIBRARY_PATH as an environment entry for bitmask-systray | |||
2018-03-28 | [refactor] move autostart code into core | Ruben Pollan | |
All the logic to autostart bitmask should not be vpn dependent. | |||
2018-03-28 | [refactor] move platform constants into leap.bitmask | Ruben Pollan | |
The IS_${platform} constants are used in more places than the vpn module. Let's define them in leap.bitmask. | |||
2018-03-22 | [pkg] minor adjustments for riseupvpn osx bundle | Kali Kaneko | |
- duplicate the scripts folder for riseupvpn - fix renaming of helper - set openvpn path for riseupvpn | |||
2018-03-05 | [style] pep8 | Kali Kaneko | |
2018-03-02 | [bug] do not use tcp4 version for snaps | Kali Kaneko | |
2018-03-02 | [feat] increase verbosity on vpn checks to ease debugging | Kali Kaneko | |
2018-03-02 | [bug] fix openvpn path in snap check | Kali Kaneko | |
2018-03-02 | [bug] fix bitmask-root detection in snap | Kali Kaneko | |
2018-03-02 | [refactor] openvpn path and cmd for snap | Kali Kaneko | |
2018-03-02 | [pkg] add snap openvpn to bitmask-root | Kali Kaneko | |
2018-03-02 | [bug] fix launching of vpn for snaps | Kali Kaneko | |
2018-03-02 | [bug] debug launching | Kali Kaneko | |
2018-03-01 | [style] pep8 | Kali Kaneko | |
2018-02-19 | [pkg] osx packaging changes for riseupvpn | Kali Kaneko | |
2018-02-15 | [bug] privcheck takes one argument | Kali Kaneko | |
2018-02-15 | [style] pep8 | Kali Kaneko | |
2018-02-15 | [bug] do not attempt to stop a non running looping call | Kali Kaneko | |
2018-02-15 | [bug] fix logger instance | Kali Kaneko | |
2018-01-26 | [style] some wording fixes | Kali Kaneko | |
2018-01-26 | [refactor] yet another readability pass | Ruben Pollan | |
2018-01-26 | [refactor] clean up the helpers check to make it more readable | Ruben Pollan | |
2018-01-26 | [bug] don't check for updates on polkit just for its existence | Ruben Pollan | |
We don't update the polkit file normally, for now let's check if it's installed. It should be more clever, detecting wich file is needed, depending on wich bitmask-root will be executed. But for now it's just a dummy check. | |||
2018-01-25 | [tests] workaround for functional tests in docker | Kali Kaneko | |
polkit doesn't work inside docker. | |||
2018-01-25 | [bug] do not fail if the provider does not allow anonymous vpn | Kali Kaneko | |
Since bonafide was not catching the error 401, an attempt to bootstrap a provider that does not support anonvpn with the new setup was resulting in a json that was containing only an error message. this was producing an error when trying to access the configuration for that provider's EIP section. we now avoid writing a json config file if an error 401 is found, and also catch the exception for a ValueError when the EIP section is not found in the provider's configuration. | |||
2018-01-25 | [bug] several fixes after review | Kali Kaneko | |
2018-01-25 | [feat] report missing polkit properly from main UI | Kali Kaneko | |
also refactor and move polkit_agent so that it does not depend on having bitmask on the path. | |||
2018-01-25 | [bug] check if attribute exists | Kali Kaneko | |
2018-01-25 | [feat] autostart application when user logs in | Kali Kaneko | |
2018-01-25 | [feat] implement autostart for vpn | Kali Kaneko | |
2018-01-25 | [feat] implement vpn status watchdog | Kali Kaneko | |
2018-01-25 | [feat] hardcode tcp4 in vpn connections | Kali Kaneko | |
for now, we'll be hardcoding tcp as a more reliable alternative, no matter what the provider announces. explicitely specifying ipv4 should fix the case in which vpn fails to start because ipv6 is disabled. -Resolves: #9181, #9129 | |||
2018-01-25 | [feat] support anonymous vpn | Kali Kaneko | |
honor the anonymous certificate for the providers that offer it. this still needs a change in bonafide, in which if provider supports anonymous access we still have to download eip-service.json for testing, I assume this has been already manually downloaded. | |||
2018-01-25 | [feat] get cert automatically on vpn start | Kali Kaneko | |
2018-01-16 | [bug] fix the systemctl run | Ruben Pollan | |
2018-01-12 | [feat] bump bitmask-root version | Ruben Pollan | |
2018-01-12 | Add Qubes DNS support, fixes | Christopher Laprise | |