summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* PROTO_TCPv4 is never used as an index intojames2006-11-082-5/+8
| | | | | | | proto_overhead, however this should be fixed. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1434 e7ae566f-a301-0410-adde-c780ea21d3b5
* Fixed typo in tapdrvr.c -- the fix is functionally cosmeticjames2006-11-021-1/+1
| | | | | | | because NdisFreeSpinLock is a null macro. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1429 e7ae566f-a301-0410-adde-c780ea21d3b5
* SO_REUSEADDR should not be set on Windows TCP sockets becausejames2006-11-011-0/+2
| | | | | | | it will cause bind to succeed on port conflicts. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1428 e7ae566f-a301-0410-adde-c780ea21d3b5
* Prevent SIGUSR1 or SIGHUP from causing programjames2006-11-014-1/+28
| | | | | | | exit from initial management hold. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1427 e7ae566f-a301-0410-adde-c780ea21d3b5
* auth-pam change: link with -lpam ratherjames2006-11-012-3/+2
| | | | | | | than dlopen (Roy Marples). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1421 e7ae566f-a301-0410-adde-c780ea21d3b5
* Merged Alon's branch:v2.1_rc1james2006-11-017-36/+88
| | | | | | | | | svn merge -r1322:1392 https://svn.openvpn.net/projects/openvpn/contrib/alon/21rc/openvpn . Version 2.1_rc1 released git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1420 e7ae566f-a301-0410-adde-c780ea21d3b5
* Version 2.1_beta16 releasedjames2006-10-011-1/+1
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1335 e7ae566f-a301-0410-adde-c780ea21d3b5
* For Windows build, updated OpenSSL to 0.9.7l.james2006-10-014-7/+47
| | | | | | | | Added small OpenSSL patch to be applied prior to Windows build. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1328 e7ae566f-a301-0410-adde-c780ea21d3b5
* Documented --socket-flags and the TCP_NODELAY flag.james2006-09-211-0/+17
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1276 e7ae566f-a301-0410-adde-c780ea21d3b5
* ChangeLog edits for r1229 and r1230.james2006-09-141-0/+13
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1231 e7ae566f-a301-0410-adde-c780ea21d3b5
* Fixed bug in loopback self-test introducedjames2006-09-142-2/+2
| | | | | | | | | in 2.1-beta15 where self test as invoked by "make check" would not properly exit after 2 minutes (Paul Howarth). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1230 e7ae566f-a301-0410-adde-c780ea21d3b5
* TAP-Win32 fixes to run on Windows Vista.james2006-09-1411-31/+320
| | | | | | | | | | | Modified installer to detect 32-bit vs. 64 bit Windows and install the correct TAP driver. TAP-Win32 version number is at 8.4. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1229 e7ae566f-a301-0410-adde-c780ea21d3b5
* Version 2.1_beta15 releasedjames2006-09-123-2/+49
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1226 e7ae566f-a301-0410-adde-c780ea21d3b5
* Comment about assertion being hit.james2006-07-031-1/+1
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1079 e7ae566f-a301-0410-adde-c780ea21d3b5
* Fixed bug introduced with the --port-share directivejames2006-06-301-1/+1
| | | | | | | | | | back in r893 which causes TLS soft resets (1 per hour by default) in TCP server mode to force a blockage of tunnel packets and later time-out and restart the connection. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1076 e7ae566f-a301-0410-adde-c780ea21d3b5
* pkcs11 changes:james2006-06-292-17/+28
| | | | | | | | | | -r 1046:1053 https://svn.openvpn.net/projects/openvpn/contrib/alon/BETA21 1. Modified ssl.c to not FATAL and return to init.c so auth-retry will work. 2. Modifed pkcs11-helper.c to fix some problem with multiple providers. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1070 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added two new management states:james2006-06-294-7/+39
| | | | | | | | | | OPENVPN_STATE_RESOLVE -- DNS lookup */ OPENVPN_STATE_TCP_CONNECT -- Connecting to TCP server Echo management state change to log. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1068 e7ae566f-a301-0410-adde-c780ea21d3b5
* Minor syshead.h change for NetBSD to allowjames2006-06-281-0/+4
| | | | | | | TCP_NODELAY flag to work. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1060 e7ae566f-a301-0410-adde-c780ea21d3b5
* Removed 'keywords' propset from everythingjames2006-06-260-0/+0
| | | | | | | except ChangeLog. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1050 e7ae566f-a301-0410-adde-c780ea21d3b5
* Removed spurious executable propset fromjames2006-06-264-0/+0
| | | | | | | several source files. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1048 e7ae566f-a301-0410-adde-c780ea21d3b5
* Modified --port-share code to remove the assumption thatjames2006-06-242-17/+15
| | | | | | | | CMSG_SPACE always evaluates to a constant, to enable compilation on NetBSD and possibly other BSDs as well. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1041 e7ae566f-a301-0410-adde-c780ea21d3b5
* Eliminated gcc 3.3.3 warnings on NetBSDjames2006-06-248-12/+16
| | | | | | | when ./configure --enable-strict is used. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1040 e7ae566f-a301-0410-adde-c780ea21d3b5
* -r 1026:1032james2006-06-135-29/+79
| | | | | | | | | | | | | | | https://svn.openvpn.net/projects/openvpn/contrib/alon/BETA21/openvpn Changes: 1. Updated makefile.w32-vc to include lladdr.*, updated linkage libraries. 2. Modified lladdr.c to be compiled under visual C. 3. Added retry counter to PKCS#11 PIN hook. 4. Modified PKCS#11 PIN retry loop to return correct error code when PIN is incorrect. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1038 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added optional minimum-number-of-bytesjames2006-06-117-17/+38
| | | | | | | parameter to --inactive directive. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1036 e7ae566f-a301-0410-adde-c780ea21d3b5
* A few more updates:james2006-06-113-2/+72
| | | | | | | | | | | | | | | -r 1015:1025 https://svn.openvpn.net/projects/openvpn/contrib/alon/BETA21 Changes: 1. Fix handling (ignoring) zero sized attributes. 2. Fix gcc-2 issues. 3. Fix openssl 0.9.6 (first version) issues. 4. easy-rsa Makefile (install) is now available so that distribs will be able to install it safely. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1033 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added credit for CAN-2005-2532.james2006-05-112-2/+2
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1024 e7ae566f-a301-0410-adde-c780ea21d3b5
* Version 2.1_beta14 releasedjames2006-04-131-1/+1
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1013 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added --lladdr option to specify the link layer (MAC) addressjames2006-04-139-1/+97
| | | | | | | for the tap interface on non-Windows platforms (Roy Marples). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1012 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added --route-metric option to set a default route metricjames2006-04-137-3/+42
| | | | | | | for --route (Roy Marples). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1011 e7ae566f-a301-0410-adde-c780ea21d3b5
* Version number increment.james2006-04-131-1/+1
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1010 e7ae566f-a301-0410-adde-c780ea21d3b5
* ChangeLog edits.james2006-04-131-0/+8
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1009 e7ae566f-a301-0410-adde-c780ea21d3b5
* Re-added backtrack handling code.james2006-04-133-3/+84
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1008 e7ae566f-a301-0410-adde-c780ea21d3b5
* Merged PKCS#11 extensions to easy-rsa/2.0 (Alon Bar-Lev).james2006-04-139-33/+501
| | | | | | | svn merge -r 995:998 https://svn.openvpn.net/projects/openvpn/contrib/alon/easy-rsa git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1006 e7ae566f-a301-0410-adde-c780ea21d3b5
* Temporarily backed out time backtrack handling codejames2006-04-134-109/+81
| | | | | | | | | | due to issues on Windows. Rewrote gettimeofday function for Windows to be simpler and more efficient. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1005 e7ae566f-a301-0410-adde-c780ea21d3b5
* Version 2.1_beta13 releasedjames2006-04-122-1/+7
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1004 e7ae566f-a301-0410-adde-c780ea21d3b5
* svn merge -r 999:1000 $SO/trunk/openvpn .james2006-04-122-3/+17
| | | | | | | (Fixed 64-bit counter bug on Windows) git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1002 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added credit and CVE number to security vulnerability fix in 2.0.6.james2006-04-121-1/+2
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1001 e7ae566f-a301-0410-adde-c780ea21d3b5
* Version 2.1_beta12 releasedjames2006-04-052-1/+40
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@993 e7ae566f-a301-0410-adde-c780ea21d3b5
* svn merge -r 886:987 $SO/trunk/openvpn .james2006-04-053-4/+25
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@991 e7ae566f-a301-0410-adde-c780ea21d3b5
* I've recently worked on a better version of pkcs11-helper. I've also mergedjames2006-04-0510-2353/+9422
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | it into QCA (Qt Cryptographic Architecture), so that KDE 4 will finally be able to use smartcards. The changes allows the following features: 1. Thread safe, is activated if USE_PTHREAD. 2. Slot event - Will allow us in the future to disconnect VPN when smartcard is removed. In order to support this OpenVPN must support threading... At least SIGUSR1 from a different thread. Threading should be supported in both Windows and Linux. -- currently disabled. When I talk about threading support it is just support in configuration script and that the method that SIGUSR1 self can be called from a different thread. I already handle the monitor threads. 3. Certificate enumeration - Will allow us to finally have one configuration file for all users! When you add the plugin GUI stuff you talked about, we will be able to display a list of available certificates for the user to select. -- currently disabled. 4. Data object manipulation - Will allow us to store tls-auth on the smartcard as well. -- currently disabled. 5. Many other minor improvements. Alon Bar-Lev git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@990 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added man page entry for --setenv-safe.james2006-04-051-0/+12
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@989 e7ae566f-a301-0410-adde-c780ea21d3b5
* "topology subnet" fix for FreeBSD (Benoit Bourdin).james2006-04-051-2/+25
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@986 e7ae566f-a301-0410-adde-c780ea21d3b5
* Security Vulnerability -- An OpenVPN client connecting to ajames2006-04-053-1/+15
| | | | | | | | | | | | | | | | | | | | | | | | | malicious or compromised server could potentially receive "setenv" configuration directives from the server which could cause arbitrary code execution on the client via a LD_PRELOAD attack. A successful attack appears to require that (a) the client has agreed to allow the server to push configuration directives to it by including "pull" or the macro "client" in its configuration file, (b) the client configuration file uses a scripting directive such as "up" or "down", (c) the client succesfully authenticates the server, (d) the server is malicious or has been compromised and is under the control of the attacker, and (e) the attacker has at least some level of pre-existing control over files on the client (this might be accomplished by having the server respond to a client web request with a specially crafted file). The fix is to disallow "setenv" to be pushed to clients from the server, and to add a new directive "setenv-safe" which is pushable from the server, but which appends "OPENVPN_" to the name of each remotely set environmental variable. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@983 e7ae566f-a301-0410-adde-c780ea21d3b5
* Minor fixes for gcc (GCC) 4.0.2 warnings.james2006-02-234-5/+3
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@905 e7ae566f-a301-0410-adde-c780ea21d3b5
* Version 2.1_beta11 releasedjames2006-02-193-34/+41
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@904 e7ae566f-a301-0410-adde-c780ea21d3b5
* Port share proxy bug fixes.james2006-02-182-99/+61
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@903 e7ae566f-a301-0410-adde-c780ea21d3b5
* ps.c debug codejames2006-02-182-75/+155
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@902 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added comments to ps.c (port share proxy code).james2006-02-182-4/+64
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@901 e7ae566f-a301-0410-adde-c780ea21d3b5
* Version 2.1_beta10 releasedjames2006-02-175-9/+36
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@899 e7ae566f-a301-0410-adde-c780ea21d3b5
* Version 2.1_beta9 releasedjames2006-02-162-1/+2
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@896 e7ae566f-a301-0410-adde-c780ea21d3b5
generated by cgit (git 2.34.1) at 2024-06-30 18:12:59 +0000