fix glitch upon key re-negotiation when using tls-crypt
fix interoperability issue with private keys created using OpenSSL 1.1 default settings (aka add support for private keys encrypted using PKCS#5v2.0 with PRF newer than SHA1)
Changes between 1.2.7 and 1.2.8:
fixed spurious crash on reconnection after sleep
restored access to CertificatePayloads (p12 bundles) uploaded via Provisioning Profiles (.mobileconfig files)
show warning pop-up when connecting to server using insecure MD5 algorithm to sign certificates (MD5 support will be dropped end of Apr 2018)
report unique app specific UUID to server within peer info (variable IV_HWADDR)
added support for ECDSA ciphersuites (for EC certificates)
fixed VPN status after closing and re-opening App with tunnel activated (VPN IPs, last event, etc.)
fixed profiles loading from iCloud with Files app (due to an iOS bug, only 1 file can be loaded at once)
improved .ovpn12 file import
Changes between 1.2.6 and 1.2.7:
fixed WiFi detection while connected via LTE
fixed tunnel reconfiguration after reconnection with seamless tunnel ON
added message about new .ovpn12 extension in cert list (when empty)
fixed issue with DNS upon reconnection in split tunnel setups
fixed tunnel disconnection when closing App from background app list
fixed spurious connection crash when connecting using TCP
fixed several connection instabilities
fixed routing towards VPN IPs other than the VPN server
fixed usage of PROXY_AUTO_CONFIG_URL and PROXY_BYPASS setting
fixed DNS settings when server directive comes as last one
Changes between 1.2.5 and 1.2.6
fixed reconnection with external certificate or password when device is still locked
fixed blank-screen issue on iPods
fixed reconnection after sleep or connectivity loss
fixed seamless tunnel handling
fixed tls-auth setup. missing key-direction in new profiles is again interpreted as "bidirectional" mode
fixed DNS server assignment on split tunnel configurations
fixed IPv6 DNS server assignment on split tunnel configurations
fixed search domain assignment on split tunnel configurations
fixed profile renaming
fixed PROXY settings assignment
fixed permanent disconnection due to TRANSPORT_ERROR when uplink is unavailable
Changes between 1.1.1 and 1.2.5
converted VPN backend to new Apple Network Extensions framework
implemented private keychain for storing certificates and passwords. PKCS#12 bundles imported via Safari or Mail must now end with '.ovpn12'
implemented support for "tls-crypt" config option. If the OpenVPN server you are connecting to has enabled this option, it will provider a safer method to exchange certificates during the initial TLS handshake
improved log verbosity
added preference switch to disable MD5 in TLS
updated mbedTLS to 2.6.0 (MD5 support will be dropped on Apr, 31st 2018)