mirror of
https://github.com/trailofbits/algo.git
synced 2025-09-09 13:33:00 +02:00
7a2e0496b7
If a user is not connected to a trusted Wi-Fi network or if the URLStringProbe fails none of the existing dictionaries match. According to the Apple Configuration Profile Reference[1] section "VPN Payload > On Demand Rules Dictionary Keys" a default behavior for unknown networks with no matching criteria should always be set as the last dictionary in the array. The current default behavior is to allow a connection to occur, but this behavior is not guaranteed. Tear down the VPN connection and do not reconnect on demand as long as the catch-all dictionary matches to guarantee the default behavior and more specifically allow users to access captive portals. [1]: https://developer.apple.com/library/content/featuredarticles/iPhoneConfigurationProfileRef/Introduction/Introduction.html |
||
|---|---|---|
| .. | ||
| 100-CustomLimitations.conf.j2 | ||
| android_html_helper.j2 | ||
| client_ipsec.conf.j2 | ||
| client_ipsec.secrets.j2 | ||
| client_windows.ps1.j2 | ||
| ipsec.conf.j2 | ||
| ipsec.secrets.j2 | ||
| mobileconfig.j2 | ||
| openssl.cnf.j2 | ||
| rules.v4.j2 | ||
| rules.v6.j2 | ||
| sswan.j2 | ||
| strongswan.conf.j2 | ||