VpnSDK Changelog

v2.2.47

Features

1. Increased the default WireGuard service timeout from 10 to 30 seconds, now allowing it to be configured.

Bug fixes

1. Resolved an issue where the OpenVPN adapter was not detected after a system restart.
2. Fixed a crash that occurred when the partner app targeted the .NET Framework.

v2.2.46

Bug fixes

1. Improved the server selection logic to ensure better load distribution.

v2.2.45

Features

1. The optimal algorithm now prioritizes the user's location.
2. A specific exception (EndpointsUnreachableException) is now thrown when all API endpoints are blocked, enabling partners to handle such scenarios effectively.
3. SDK server list updates are now quicker.
4. The SDK now supports shorter access token durations.

v2.2.44

Features

1. Implemented general enhancements to API request handling.

v2.2.42

Bug fixes

1. Fixed an issue where the SDK used an incorrect port for WireGuard protocol connections in certain edge cases.
2. Addressed an issue where double-hop connections with OpenVPN failed if the OpenVPN TAP adapter was not installed during SDK initialization.
3. Updated the external VPN check code to also detect Ethernet adapters.

v2.2.40

Features

1. IKEv2 Support
   • Added support for IKEv2 on Windows Server 2016 and 2019.
2. Double Hop Functionality
   • Introduced double hop functionality for OpenVPN (excluding Scramble) and WireGuard, enabling the selection of two servers for a VPN connection to enhance security and anonymity. The enabling of this feature may be subject to updated contract terms.
3. DNS Monitoring
   • Added support for DNS monitoring. This feature allows partners to monitor DNS queries and retrieve domain details directly within their applications.
4. App Traffic Optimizer
   • Added support for App Traffic Optimizer to prioritize traffic for up to 3 critical applications.
5. ARM64 Support
   • Added ARM64 support for WireGuard.
   • Added ARM64 support for OpenVPN with WHQL-certified ARM64 OpenVPN Tap Adapters.
   • Added ARM64 support for our callout drivers, enabling full functionality including split tunneling, DNS monitoring, and traffic optimization on ARM64 machines.
     
     Note: IKEv2 support for ARM64 is already available.
6. OpenVPN Enhancements
   • Developed a new OpenVPN Tap Adapter with a unique hardware ID (tapwlvpn), replacing the previous generic ID (tap0901) to avoid conflicts with other VPN clients.
   • Updated OpenVPN assemblies to the latest version (OpenVPN v2.6.11, OpenSSL v3.3.1) to address known vulnerabilities.
   • The OpenVPN installation now includes separate assemblies for x86, x64, and ARM64 systems, improving the previous setup that used the same x86 versions of openssl.exe, openvpn.exe, and libpkcs11-helper-1.dll for both x86 and x64 systems. SDK will handle it automatically based on the OS architecture.
   • OpenVPN assemblies are now digitally signed.
   • Reduced OpenVPN handshake timeout from 60 seconds to 30 seconds.
   • Removed outdated OpenVPN switches as per recommendations.
     
     Note: To benefit from these OpenVPN updates, upgrade the OpenVPN.Binaries.Scramble nuget package to version 2.5.6 and OpenVPN.Certificates.WLVPN to 1.1.1.
7. HTTP Request Timeout Handling
   • During a VPN connection, if an HTTP request times out after 30 seconds, the SDK will no longer attempt retries with other servers. Instead, it will fail more quickly and throw an ApiTimeoutException. This change aims to address potential HTTP traffic blockages more efficiently.
8. WireGuard MTU Configuration
   • Added an option to set the MTU for the WireGuard protocol. Use SetMtu() in the WireGuardConnectionConfigurationBuilder class to configure.
9. Custom Callout Driver Name
   • Added support for customizing the callout driver name to enhance security and differentiate network filtering. Use SetCalloutDriverName(CalloutDriverName) while setting up the SDK.
10. Active VPN Connection Detection
    • Introduced SDK.GetActiveVpnConnectionName to detect if another VPN is running before initiating a connection.

Bug fixes

1. Fixed an issue where WireGuard remained connected after manually killing VpnHostService.exe.
2. The SDK now includes automatic retry logic to connect to the next server if the current one is detected as unhealthy, improving server failover handling.
3. Resolved a minor issue where SDK initialization problems prevented network filters from applying correctly.
4. Various minor stability improvements have been made to the SDK

v2.2.32

Features

1. OpenVPN TAP adapters for Win 10 and above have been updated and are now WHQL certified for improved compatibility and stability. To update the TAP adapters, simply upgrade the OpenVPN.Binaries.Scramble nuGet package to version 2.5.3.
2. Added support to enable threat protection while the VPN connection is active.
3. Domain-based split tunneling can now be operational at the same time as an active kill switch.
4. Added token-based support, allowing users to log in using access and refresh tokens.
5. Added support for adding and fetching account metadata.
6. Added new methods for stopping and uninstalling the split tunnel driver service.
7. Removed the logging of DNS requests unless Debug Mode is enabled.

Bug fixes

1. Fixed an issue where some network filters failed to clear correctly following an abrupt SDK termination.
2. Fixed a minor issue when disconnecting the SDK when domain based split tunneling is active.

v2.2.31

Features

1. Introduced a new DataTransfer Event, allowing users to retrieve the downloaded and uploaded bytes for a VPN connection.
2. Removed the domain validations from the SplitTunnelDomain class. Now, it's up to the client to provide a valid domain, giving the partner more control over validation.
3. Improved the performance of domain-based split tunneling.
4. Added the ability to set a custom description for the OpenVPN TAP adapter.
5. The Split Tunneling drivers are now WHQL certified for compatibility and stability.

Bug fixes

1. Resolved a crash triggered during the loading of our SDK in C++ CLR.

v2.2.30

Features

1. Application and Domain-based Split Tunneling: Added support for selectively routing specific applications or domains through the local adapter.

v2.2.29

Features

1. Added an Automatic option for protocol selection, making it easier to choose a protocol for your VPN connection.
2. Implemented the option to allow or block local network interfaces while connected to a VPN server.
3. Upgraded OpenVPN to version 2.6.4, ensuring the latest security enhancements and performance improvements are available to our users.

Bug fixes

1. Addressed and resolved several bugs to enhance the overall stability and reliability of the SDK.

v2.2.28

Bug fixes

1. Fixed Kill switch issues with WireGuard on .NETCore app.

v2.2.27

Features

1. Added support for WireGuard protocol.

v2.2.26

Features

1. Removed support for the legacy insecure protocols L2TP, SSTP and PPTP.

v2.2.25

Bug fixes

1. Fixed OpenVPN's TAP adapter installation issues

v2.2.24

Bug fixes

1. Fixed an issue with the locations collection update.
2. Fixed an issue where SDK threw a security exception on initialization when running under non-elevated process.
3. Fixed the RAS connection dispose process.

v2.2.20

Features

1. Added IKEv2 fragmentation support for Windows 10 2004+ build.
2. Added .NET Standard 2.0 support.
3. Added a new event LocationsRefreshStatusChanged to ISDK. It returns a RefreshLocationListStatus on ISDK.Locations list update.
4. Added a mechanism to enable TLS 1.2 for Windows 7 if it was disabled.

Bug fixes

1. Fixed an issue where servers in maintenance mode were included in the locations list.
2. Fixed an issue with the RAS connection disposing.
3. Fixed an edge case to prevent the NPE when active connections do not exist.
4. Fixed an exception on token refresh.
5. Improved ISDK.Locations collection updates.

v2.1.23

Features

1. An update in the WFP library to use a second optional flag for detecting loopback traffic.
2. Loopback improvements: Changed WFP manager to look for interfaces with the loopback type on them as well as looking for 127.0.0.0/8. This should reduce edge cases of loopback traffic incorrectly characterized as normal traffic.
3. Checks to determine if the running process is Elevated. If not Elevated the following features will not be functional: (a) DNS leak protection (b) IPv6 leak protection (c) OpenVPN protocol (d) Connection kill switch
4. Login improvements: Ensures the server list is up to date upon user login. This version of SDK uses the existing server list cache (if it has not expired) at login while an updated list is fired in the background. Previously the server list cache would be used only (a) If the server list API was inaccessible; and (b) If the cache had not expired
5. RefreshServerInfo() allows the server list to explicitly refresh if required. It now has a cool down of 5 minutes.

Bug fixes

1. Fix to recreate RAS phonebook entries. This is in the event these entries are deleted

v2.0.33

Breaking Changes

• When the running process is not elevated, setters of the following properties DisableDNSLeakProtection, DisableIPv6LeakProtection, AllowOnlyVPNConnectivity and AllowLANTraffic now throw NotElevatedException, the getter always returns the default value.
• When the running process is not elevated, OpenVPN protocol is disabled.
• When the running process is not elevated, InstallTapDriver() now throws NotElevatedException.

Features

• Added IsElevated property to ISDK interface. That property indicates if the running process is elevated or not.

v2.0.30

Bug fixes

• Internal references update.
• API requests logging improved.
• Improve RAS event logging
• Dispose internal logs properly to prevent leaks
• Improve network filtering.
• Proper exception throwing on OpenVPN authentication failure.
• Force adapter metric to be lowered when connected.
• For RAS type of connections, set a new metric via DotRas, rather than doing interop.

v2.0.23

Bug fixes

• Fixed the issue with reading exitcode of OpenVPN process that is not exited yet.
• Throw login exceptions correctly.
• Other stability improvements