github/OpenVPNAdapter
4
0
Fork 0
mirror of https://github.com/deneraraujo/OpenVPNAdapter.git synced 2026-04-24 00:00:05 +08:00
Code Issues Packages Projects Releases Wiki Activity

Wrap force ciphersuite and min tbs version properties

Browse Source
This commit is contained in:
Sergey Abramchuk
2017-04-24 13:34:50 +03:00
parent 61228ed00d
commit 2fc3e13911
2 changed files with 84 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
OpenVPN Adapter/OpenVPNConfiguration.h
+30
View File
@@ -50,6 +50,22 @@ typedef NS_ENUM(NSInteger, OpenVPNCompressionMode) {
OpenVPNCompressionModeDefault
};
/**
Minimum TLS version options
*/
typedef NS_ENUM(NSInteger, OpenVPNMinTLSVersion) {
/// Don't specify a minimum, and disable any minimum specified in profile
OpenVPNMinTLSVersionDisabled,
/// Use TLS 1.0 minimum (overrides profile)
OpenVPNMinTLSVersion10,
/// Use TLS 1.1 minimum (overrides profile)
OpenVPNMinTLSVersion11,
/// Use TLS 1.2 minimum (overrides profile)
OpenVPNMinTLSVersion12,
/// Use profile minimum
OpenVPNMinTLSVersionDefault
};
@interface OpenVPNConfiguration : NSObject
/**
@@ -134,4 +150,18 @@ typedef NS_ENUM(NSInteger, OpenVPNCompressionMode) {
*/
@property (nonatomic) NSInteger keyDirection;
/**
If YES, force ciphersuite to be one of:
1. TLS_DHE_RSA_WITH_AES_256_CBC_SHA, or
2. TLS_DHE_RSA_WITH_AES_128_CBC_SHA
and disable setting TLS minimum version.
This is intended for compatibility with legacy systems.
*/
@property (nonatomic) BOOL forceCiphersuitesAESCBC;
/**
Override the minimum TLS version
*/
@property (nonatomic) OpenVPNMinTLSVersion minTLSVersion;
@end