| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |\ |
|
| | |\
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Hopefully the last SVN merge we need to do, as these merges are getting
more and more difficult. Most of the files had minor changes, but due to
the CRLF unification patch (commit 6b2883a637fe73492) we got an increased
number of conflicts. In addition inclusion of IPv6 support makes the
creates a lot of merge issues in route.c and socket.c
This merge also reverts commit 7c18c6353904f8c6e7 which merged
add_bypass_address() into add_host_route_if_nonlocal(). However the SVN
tree began to use add_bypass_address() another place, where at first glance
it did not be appropriate to use add_host_route_if_nonlocal().
This merge has gone through a 'make check' without any errors, but have
not been tested more thoroughly yet.
Conflicts:
ChangeLog
INSTALL
INSTALL-win32.txt
Makefile.am
acinclude.m4
base64.c
buffer.c
buffer.h
common.h
configure.ac
contrib/pull-resolv-conf/client.down
contrib/pull-resolv-conf/client.up
crypto.c
cryptoapi.c
easy-rsa/2.0/Makefile
easy-rsa/2.0/README
easy-rsa/2.0/build-ca
easy-rsa/2.0/build-dh
easy-rsa/2.0/build-inter
easy-rsa/2.0/build-key
easy-rsa/2.0/build-key-pass
easy-rsa/2.0/build-key-pkcs12
easy-rsa/2.0/build-key-server
easy-rsa/2.0/build-req
easy-rsa/2.0/build-req-pass
easy-rsa/2.0/clean-all
easy-rsa/2.0/inherit-inter
easy-rsa/2.0/list-crl
easy-rsa/2.0/pkitool
easy-rsa/2.0/revoke-full
easy-rsa/2.0/sign-req
easy-rsa/2.0/vars
easy-rsa/2.0/whichopensslcnf
easy-rsa/Windows/build-ca-pass.bat
easy-rsa/Windows/build-key-pass.bat
easy-rsa/Windows/build-key-server-pass.bat
easy-rsa/Windows/init-config.bat
easy-rsa/Windows/vars.bat.sample
error.c
error.h
forward.c
helper.c
httpdigest.c
httpdigest.h
ieproxy.c
init.c
init.h
install-win32/Makefile.am
install-win32/makeopenvpn
install-win32/openssl/openssl097.patch
install-win32/openssl/openssl098.patch
install-win32/openvpn.nsi
list.c
list.h
manage.c
manage.h
management/management-notes.txt
mbuf.c
mbuf.h
misc.c
misc.h
mroute.c
mroute.h
msvc/autodefs.h.in
msvc/config.py
msvc/msvc.mak
mtcp.c
mudp.c
multi.c
multi.h
occ.c
openvpn-plugin.h
openvpn.8
openvpn.h
options.c
options.h
otime.c
otime.h
perf.c
pf.c
ping.c
pkcs11.c
plugin.c
plugin.h
plugin/auth-pam/README
plugin/auth-pam/auth-pam.c
pool.c
pool.h
proto.h
proxy.c
ps.c
push.c
reliable.c
route.c
route.h
sample-config-files/firewall.sh
sample-scripts/bridge-start
sample-scripts/bridge-stop
sample-scripts/openvpn.init
sample-scripts/verify-cn
schedule.c
schedule.h
service-win32/openvpnserv.c
sig.c
socket.c
socket.h
socks.c
socks.h
ssl.c
ssl.h
status.c
syshead.h
tap-win32/SOURCES.in
tap-win32/common.h
tap-win32/proto.h
tap-win32/tapdrvr.c
tap-win32/types.h
tun.c
tun.h
version.m4
win/autodefs.h.in
win/build.py
win/build_all.py
win/build_ddk.py
win/build_exe.py
win/config.py
win/config_all.py
win/config_tap.py
win/config_ti.py
win/js.py
win/make_dist.py
win/msvc.mak.in
win/settings.in
win/show.py
win/sign.py
win/tap_span.py
win/wb.py
win32.c
win32.h
Signed-off-by: David Sommerseth <davids@redhat.com>
Reviewed-by: Gert Doering <gert@greenie.muc.de>
Reviewed-by: James Yonan <james@openvpn.net>
Reviewed-by: Adriaan de Jong <dejong@fox-it.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Version 2.1.6.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7419 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | | |
| | |
| | |
| | | |
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7412 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
the management interface to override the "remote" directive.
See "remote" command in management/management-notes.txt for
documentation.
Version 2.1.4.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7410 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
e.g.:
x509-track "+SHA1"
will extract the SHA1 certificate hash for all certs in the
client chain.
Version 2.1.3z
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7408 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Linux, Mac OS X, and Linux. This flag (which is pushable
from server) blocks client access to local LAN while VPN
session is active.
Added standalone --show-gateway option to show info about
default gateway.
Extensively refactored get_default_gateway function in
route.c to ease implementation of block-local.
Removed "Experimental" disclaimer from redirect-gateway
man page.
Version 2.1.3y.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7334 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Version 2.1.3x1.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7332 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This includes the new "static-challenge" directive.
See management/management-notes.txt for details on both
static and dynamic challenge/response protocols.
All client-side challenge/response code is #ifdefed on
ENABLE_CLIENT_CR and can be removed from the build
by commenting out the definition of ENABLE_CLIENT_CR
in syshead.h.
Version 2.1.3x.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7316 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Version 2.1.3w
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7219 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
details).
Increase the timeout after SIGUSR1 restart when restart is not
due to server_poll_timeout.
Version 2.1.3v
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7215 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Don't call SSL_CTX_set_client_CA_list or SSL_CTX_set_client_CA_list
if not running in server mode (these functions are only useful for
TLS/SSL servers).
Modified openvpn_snprintf to return false on overflow, and true
otherwise.
When AUTH_FAILED,... is received, log the full string.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7213 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
configure option. ipconfig on Mac has certain behavior that makes
it unsuitable for use by OpenVPN to configure tun/tap interface.
Version 2.1.3u
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7191 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | | |
| | |
| | |
| | | |
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7152 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
command on failure once every second for up to 15 seconds. This
is necessary to work around an issue observed on OSX 10.5 where
the ipconfig command sometimes fails if executed immediately after
the tun device open.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7151 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
crash with output like this:
TCP connection established with 85.190.0.3:41781
85.190.0.3:41781 SIGTERM[soft,port-share-redirect] received, client-instance exiting
MANAGEMENT: TCP recv error: Socket operation on non-socket
MANAGEMENT: Client disconnected
MANAGEMENT: Triggering management exit
Exiting due to fatal error
EVENT: epoll_ctl EPOLL_CTL_MOD failed, sd=6: Bad file descriptor (errno=9)
Then an error like this for every incoming connection that should be
proxied:
76.120.71.74:55302 PORT SHARE: sendmsg failed -- unable to communicate with background process (6,8,-1,-1): Connection refused (errno=111)
Version 2.1.3s
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7127 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
UDP sessions when the client daemon was running in UDP/TCP adaptive
mode, and transitioned from TCP to UDP.
The bug would cause a single dropped packet in UDP mode to trigger a
barrage of packet replay errors followed by a disconnect and
reconnect.
Version 2.1.3r
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7125 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
false positive packet replays.
Version 2.1.3q.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7109 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
enable the use of ipconfig (instead of ifconfig) for configuring the
IP address and netmask of the tun/tap adapter.
Version 2.1.3p
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7092 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
pushed by server, and that is used to offer a temporary session
token to clients that can be used in place of a password on
subsequent credential challenges.
This accomplishes the security benefit of preventing caching
of the real password while offering most of the advantages
of password caching, i.e. not forcing the user to re-enter
credentials for every TLS renegotiation or network hiccup.
auth-token does two things:
1. if password caching is enabled, the token replaces the
previous password, and
2. if the management interface is active, the token is output
to it:
>PASSWORD:Auth-Token:<token>
Also made a minor change to HALT/RESTART processing when password
caching is enabled. When client receives a HALT or RESTART message,
and if the message text contains a flags block (i.e. [FFF]:message),
if flag 'P' (preserve auth) is present in flags, don't purge the Auth
password. Otherwise do purge the Auth password.
Version 2.1.3o
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7088 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | | |
| | |
| | |
| | | |
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7086 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | | |
| | |
| | |
| | | |
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7069 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
within handshake-window seconds.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7066 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
to accept an optional message string. The message string format is:
RESTART|HALT,<human-readable-message>
RESTART will tell the client to restart (i.e. SIGUSR1).
HALT will tell the client to exit (i.e. SIGTERM).
On the client, human-readable-message will be communicated via
management interface:
>NOTIFY,<severity>,<type>,<human-readable-message>"
Version 2.1.3m
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7063 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
PORT SHARE: sendmsg failed (unable to communicate with background process)
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7062 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
a server if it sent multiple push requests due to the server being
slow to respond. This could cause the client to process pushed
options twice, leading to duplicate pushed routes, among other issues.
The fix, implemented server-side, is to reply only once to a push
request even if multiple requests are received.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7060 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
in chain (as tls_serial_n vars), rather than only tls_serial_0.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7055 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | |
| |
| |
| | |
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7051 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| | |
| |
| |
| |
| |
| | |
Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: David Sommerseth <dazo@users.sourceforge.net>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
| | |
| |
| |
| |
| |
| | |
Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: James Yonan <james@openvpn.net>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
| | |
| |
| |
| |
| |
| | |
Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: James Yonan <james@openvpn.net>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
| | |
| |
| |
| |
| |
| | |
Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: James Yonan <james@openvpn.net>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
| | |
| |
| |
| |
| |
| | |
Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: James Yonan <james@openvpn.net>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
| | |
| |
| |
| |
| |
| | |
Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: James Yonan <james@openvpn.net>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
| | |
| |
| |
| |
| |
| | |
Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: James Yonan <james@openvpn.net>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
| | |
| |
| |
| |
| |
| | |
Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: David Sommerseth <dazo@users.sourceforge.net>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
| |/
|
|
|
|
| |
Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: David Sommerseth <dazo@users.sourceforge.net>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
As support for OpenSSL 1.0.0 requires a modified openssl.cnf file, it was
decided to rename openssl.cnf to openssl-1.0.0.cnf for clarity and better
support of different OpenSSL versions. The old openssl.cnf was renamed as
openssl-0.9.8.cnf.
This patch makes sure that all openssl*.cnf files are copied when running 'make
install' in easy-rsa and makes the whichopensslcnf script aware of them as well.
Signed-off-by: Samuli Seppänen <samuli@openvpn.net>
Acked-by: David Sommerseth <davids@redhat.com>
Signed-off-by: David Sommerseth <davids@redhat.com>
|
| |
|
|
|
|
| |
Signed-off-by: Samuli Seppänen <samuli@openvpn.net>
Acked-by: David Sommerseth <davids@redhat.com>
Signed-off-by: David Sommerseth <davids@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch fixes remaining issues with Trac ticket #125. It does the following:
- Update easy-rsa/2.0/README
- Rename easy-rsa/2.0/openssl.cnf as openssl-0.9.8.cnf
- Add easy-rsa/2.0/openssl-1.0.0.cnf
- Updated vars.bat.sample to use openssl-1.0.0.cnf
- Updated win/openvpn.nsi to use openssl-1.0.0.cnf
- Add a few undefined variables to vars and vars.bat.sample:
required by OpenSSL 1.0.0 (at least on Windows)
Signed-off-by: Samuli Seppänen <samuli@openvpn.net>
Tested-by: Samuli Seppänen <samuli@openvpn.net>
Acked-by: David Sommerseth <davids@redhat.com>
Signed-off-by: David Sommerseth <davids@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
This reverts commit 663860ad04dd4190fddbee63e724d3fdceafd937.
Accoding to Jan Just Keijser [1] there are issues with this new
openssl.cnf file, so reverting this commit and wait for a new patch.
[1] http://thread.gmane.org/gmane.network.openvpn.devel/4729/focus=4735
|
| |
|
|
|
|
|
| |
This is required for patch "Fix a build-ca issue on Windows" to work
Signed-off-by: Samuli Seppänen <samuli@openvpn.net>
Acked-by: David Sommerseth <davids@redhat.com>
|
| |
|
|
|
|
|
|
| |
Fixes Trac ticket #125
Signed-off-by: Samuli Seppänen <samuli@openvpn.net>
Acked-by: David Sommerseth <davids@redhat.com>
Signed-off-by: David Sommerseth <davids@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When configuring OpenVPN nowadays, the TUN/TAP configuration can
sometimes jump into the Linux 2.2 fallback code paths, which will
also fails. The reason it jumps into fallback mode is that the
tun/tap device already exists or that /dev/net/tun does not exist.
This can be very confusing, as /dev/tunX which the fallback mode tries
to use, does not exist on Linux 2.4 and newer.
Considering that the last Linux 2.2 update was released 25-Feb-2004
and the first Linux 2.4 release came 04-Jan-2001, there are no
reasonable reasons to help users to stay on outdated kernels.
I consider this extra code path just waste of bytes ... so lets make
the world simpler.
Signed-off-by: David Sommerseth <davids@redhat.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
|
| |
|
|
|
|
|
|
| |
Also fixed a typo in the --help screen.
Signed-off-by: Robert Fischer <ml-openvpn@trispace.org>
Acked-by: David Sommerseth <davids@redhat.com>
Signed-off-by: David Sommerseth <davids@redhat.com>
|
| |
|
|
|
|
| |
Signed-off-by: Robert Fischer <ml-openvpn@trispace.org>
Acked-by: David Sommerseth <davids@redhat.com>
Signed-off-by: David Sommerseth <davids@redhat.com>
|
| |
|
|
|
|
|
|
| |
pkcs11.c seems to miss some header files which gets implicitly added when
the management interface is enabled.
Signed-off-by: David Sommerseth <davids@redhat.com>
Tested-by: Mr Dash Four <mr.dash.four@googlemail.com>
|
| |
|
|
|
|
|
|
|
|
| |
The push_peer_info feature depends on the SSL infrastructure and openvpn
will fail to build if ./configure --disable-crypto --disable-ssl is
used. The solution is to not define ENABLE_PUSH_PEER_INFO if we don't
have crypto/ssl.
Signed-off-by: David Sommerseth <davids@redhat.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
|
| |\
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
options.c
- version string for IPv6 payload changed
Signed-off-by: David Sommerseth <davids@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
after tunnel shutdown. Needs to make delete_route_ipv6() visible from
tun.c (route.c, route.h) and to properly zero-out host bits from IPv6
"network" at interface route clearing. Further, add IPv6 routes with
"store=active" to make sure nothing lingers after a system crash while
OpenVPN was running.
While at it, small Solaris cleanup - use CLEAR() to zero-out "ifr" struct.
Tested on Windows XP SP3 and Win7 by Gert Doering and Tony Lim.
Signed-off-by: Gert Doering <gert@greenie.muc.de>
|
