summaryrefslogtreecommitdiffstats
path: root/init.c
Commit message (Collapse)AuthorAgeFilesLines
* Added argv_x functions to buffer.[ch] to be used to safely buildjames2008-07-231-0/+8
| | | | | | | | up argv strings for execve without the possibility of truncation or misinterpretation of mid-argument spacing. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3107 e7ae566f-a301-0410-adde-c780ea21d3b5
* status_printf function will now set error flag onjames2008-07-181-1/+14
| | | | | | | | | | output truncation or failure of write() to write the expected number of bytes. Raised STATUS_PRINTF_MAXLEN to 512 (from 256). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3077 e7ae566f-a301-0410-adde-c780ea21d3b5
* gen_path will no longer silently truncate the generatedjames2008-07-181-0/+13
| | | | | | | filename at 256 bytes. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3076 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added warning when using chroot without specifying user and group.james2008-07-171-0/+3
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3069 e7ae566f-a301-0410-adde-c780ea21d3b5
* Copyright change OpenVPN Solutions LLC -> Telethra, Inc.james2008-07-141-1/+1
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3048 e7ae566f-a301-0410-adde-c780ea21d3b5
* Updated copyright notice to 2008.james2008-06-111-1/+1
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2995 e7ae566f-a301-0410-adde-c780ea21d3b5
* Merged connection profiles fromjames2008-06-111-64/+228
| | | | | | | http://svn.openvpn.net/projects/openvpn/test/conn git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2993 e7ae566f-a301-0410-adde-c780ea21d3b5
* Updated version to 2.1_rc7e.james2008-06-111-8/+15
| | | | | | | | | | | | | | | | | | | Added client authentication and packet filtering capability to management interface. Extended packet filtering capability to work on both --dev tun and --dev tap tunnels. Updated valgrind-suppress file. Made "Linux ip addr del failed" error nonfatal. Amplified --client-cert-not-required warning. Added #pragma pack to proto.h. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2991 e7ae566f-a301-0410-adde-c780ea21d3b5
* Incremented version to 2.1_rc7d.james2008-06-041-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Support asynchronous authentication by plugins by allowing OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY to return OPENVPN_PLUGIN_FUNC_DEFERRED. See comments in openvpn-plugin.h for documentation. Enabled by ENABLE_DEF_AUTH. Added a simple packet filter functionality that can be driven by a plugin. See comments in openvpn-plugin.h for documentation. Enabled by ENABLE_PF. See openvpn/plugin/defer/simple.c for examples of ENABLE_DEF_AUTH and ENABLE_PF. "TLS Error: local/remote TLS keys are out of sync" is no longer a fatal error for TCP-based sessions, since the error can arise normally in the course of deferred authentication. In a related change, allow packet-id sequence to begin at some number n > 0 for TCP sessions, rather than strictly requiring sequence to begin at 1. Added a test to configure.ac for LoadLibrary function on Windows. Modified "make dist" function to include all files from install-win32 so that ./domake-win can be run from a tarball-expanded directory. setenv and setenv-safe directives may now omit a value argument which defaults to "". git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2978 e7ae566f-a301-0410-adde-c780ea21d3b5
* Support asynchronous/deferred authentication injames2008-05-241-1/+1
| | | | | | | | | | OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY plugin handler. See documentation in openvpn-plugin.h and example usage in plugin/defer/simple.c. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2969 e7ae566f-a301-0410-adde-c780ea21d3b5
* Moved branch into official BETA21 position.james2008-05-121-6/+0
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2959 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added --management-forget-disconnect option -- forgetjames2008-01-231-0/+1
| | | | | | | passwords when management session disconnects (Alon Bar-Lev). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2652 e7ae566f-a301-0410-adde-c780ea21d3b5
* Allow OpenVPN to run completely unprivileged under Linuxjames2008-01-211-1/+1
| | | | | | | | | | by allowing openvpn --mktun to be used with --user and --group to set the UID/GID of the tun device node. Also added --iproute option to allow an alternative command to be executed in place of the default iproute2 command (Alon Bar-Lev). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2639 e7ae566f-a301-0410-adde-c780ea21d3b5
* Use pkcs11-helper as external library, can be downloadedjames2007-10-221-1/+1
| | | | | | | from https://www.opensc-project.org/pkcs11-helper (Alon Bar-Lev). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2418 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added --management-signal option to signal SIGUSR1 when the managementjames2007-10-221-0/+1
| | | | | | | interface disconnects (Alon Bar-Lev). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2413 e7ae566f-a301-0410-adde-c780ea21d3b5
* Fixed issue where struct env_set methods thatjames2006-11-231-1/+17
| | | | | | | | | | | | | | | | change the value of an existing name=value pair would delay the freeing of the memory held by the previous name=value pair until the underlying client instance object is closed. This could cause a server that handles long-term client connections, resulting in many periodic calls to verify_callback, to needlessly grow the env_set memory allocation until the underlying client instance object is closed. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1493 e7ae566f-a301-0410-adde-c780ea21d3b5
* Attempt at rational signal handling when in thejames2006-11-131-3/+5
| | | | | | | | | | | | | | | | | | management hold state. During management hold, ignore SIGUSR1/SIGHUP signals thrown with the "signal" command. Also, "signal" command will now apply remapping as specified with the --remap-usr1 option. When a signal entered using the "signal" command from a management hold is ignored, output: >HOLD:Waiting for hold release git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1458 e7ae566f-a301-0410-adde-c780ea21d3b5
* Fixed issue where OpenVPN does not apply the --txqueuelen optionjames2006-11-091-1/+2
| | | | | | | to persistent interfaces made with --mktun (Roy Marples). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1447 e7ae566f-a301-0410-adde-c780ea21d3b5
* Prevent SIGUSR1 or SIGHUP from causing programjames2006-11-011-0/+1
| | | | | | | exit from initial management hold. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1427 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added --lladdr option to specify the link layer (MAC) addressjames2006-04-131-0/+7
| | | | | | | for the tap interface on non-Windows platforms (Roy Marples). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1012 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added --route-metric option to set a default route metricjames2006-04-131-0/+4
| | | | | | | for --route (Roy Marples). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1011 e7ae566f-a301-0410-adde-c780ea21d3b5
* Temporarily backed out time backtrack handling codejames2006-04-131-0/+5
| | | | | | | | | | due to issues on Windows. Rewrote gettimeofday function for Windows to be simpler and more efficient. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1005 e7ae566f-a301-0410-adde-c780ea21d3b5
* I've recently worked on a better version of pkcs11-helper. I've also mergedjames2006-04-051-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | it into QCA (Qt Cryptographic Architecture), so that KDE 4 will finally be able to use smartcards. The changes allows the following features: 1. Thread safe, is activated if USE_PTHREAD. 2. Slot event - Will allow us in the future to disconnect VPN when smartcard is removed. In order to support this OpenVPN must support threading... At least SIGUSR1 from a different thread. Threading should be supported in both Windows and Linux. -- currently disabled. When I talk about threading support it is just support in configuration script and that the method that SIGUSR1 self can be called from a different thread. I already handle the monitor threads. 3. Certificate enumeration - Will allow us to finally have one configuration file for all users! When you add the plugin GUI stuff you talked about, we will be able to display a list of available certificates for the user to select. -- currently disabled. 4. Data object manipulation - Will allow us to store tls-auth on the smartcard as well. -- currently disabled. 5. Many other minor improvements. Alon Bar-Lev git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@990 e7ae566f-a301-0410-adde-c780ea21d3b5
* Version 2.1_beta10 releasedjames2006-02-171-2/+9
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@899 e7ae566f-a301-0410-adde-c780ea21d3b5
* svn merge -r 888:889 ↵james2006-02-161-1/+1
| | | | | | https://svn.openvpn.net/projects/openvpn/contrib/alon/BETA21 21 git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@894 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added --port-share option for allowing OpenVPN and HTTPSjames2006-02-161-0/+42
| | | | | | | server to share the same port number. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@893 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added feature to --management-client to confirm connectionjames2006-02-031-2/+4
| | | | | | | by writing IP addr and port to a file. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@885 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added --management-client option to connect as a client tojames2006-01-231-1/+2
| | | | | | | management GUI app rather than be connected to as a server. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@884 e7ae566f-a301-0410-adde-c780ea21d3b5
* Fixed bug with tls-auth and key-direction parameterjames2005-12-291-1/+2
| | | | | | | which was introduced in r844. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@865 e7ae566f-a301-0410-adde-c780ea21d3b5
* Some PKCS11-related code wasn't properly #ifdefed.james2005-12-231-1/+5
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@860 e7ae566f-a301-0410-adde-c780ea21d3b5
* --ip-win32 adaptive is now the default.james2005-12-221-2/+12
| | | | | | | | | --ip-win32 netsh (or --ip-win32 adaptive when in netsh mode) can now set DNS/WINS addresses on the TAP-Win32 adapter. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@857 e7ae566f-a301-0410-adde-c780ea21d3b5
* svn merge -r 845:854 $SO/trunk/openvpn .james2005-12-141-27/+45
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@855 e7ae566f-a301-0410-adde-c780ea21d3b5
* Don't warn user if he uses user/group/chroot andjames2005-12-131-2/+7
| | | | | | | | | did not specify persist-key but uses PKCS#11. svn merge -r 847:848 https://svn.openvpn.net/projects/openvpn/contrib/alon/BETA21/openvpn . git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@853 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added --auto-proxy directive to auto-detect HTTP or SOCKSjames2005-12-121-2/+12
| | | | | | | proxy settings (currently Windows only). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@850 e7ae566f-a301-0410-adde-c780ea21d3b5
* Inline file capability now works forjames2005-12-081-5/+29
| | | | | | | | | | | --secret and --tls-auth. For example: <secret> [ascii key data] </secret> git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@844 e7ae566f-a301-0410-adde-c780ea21d3b5
* Fixed segfault that occurred if remote_cert_eku is undefined and nojames2005-12-051-1/+1
| | | | | | | | | server certificate verification method was enabled. Don't declare pkcs11 variables in struct options unless pkcs11 support is enabled. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@833 e7ae566f-a301-0410-adde-c780ea21d3b5
* svn merge -r 823:825 $SO/contrib/alon/BETA21/openvpn .james2005-11-281-1/+2
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@827 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added --connect-timeout option to control the timeoutjames2005-11-251-0/+5
| | | | | | | | | on TCP client connection attempts (doesn't work on all OSes). This patch also makes OpenVPN signalable during TCP connection attempts. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@823 e7ae566f-a301-0410-adde-c780ea21d3b5
* --remap-usr1 will now also remap signals thrown during initialization.james2005-11-241-1/+4
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@822 e7ae566f-a301-0410-adde-c780ea21d3b5
* Reduce sensitivity to system clock instabilityjames2005-11-121-0/+2
| | | | | | | and backtracks. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@799 e7ae566f-a301-0410-adde-c780ea21d3b5
* Merged --remote-cert-ku, --remote-cert-eku, andjames2005-11-121-0/+2
| | | | | | | | --remote-cert-tls from Alon's branch: svn merge -r 793:796 $SO/contrib/alon/BETA21/openvpn . git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@797 e7ae566f-a301-0410-adde-c780ea21d3b5
* Merged (with some changes) Alon'sjames2005-11-091-0/+9
| | | | | | | | | | | | | connect-retry-max option from /contrib/alon/BETA21@783. Added uninit_management_callback call to init_instance_handle_signals so that signals thrown during initialization can bring us back to a management hold. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@786 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added ENABLE_INLINE_FILES feature.james2005-11-081-0/+8
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@784 e7ae566f-a301-0410-adde-c780ea21d3b5
* Merged /contrib/alon/BETA21@778james2005-11-051-1/+1
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@782 e7ae566f-a301-0410-adde-c780ea21d3b5
* Merged 2.0.4 changes.james2005-11-011-1/+1
| | | | | | | svn merge -r 737:749 $SO/trunk/openvpn git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@750 e7ae566f-a301-0410-adde-c780ea21d3b5
* svn merge -r 734:737 $SO/trunk/openvpnjames2005-10-311-2/+6
| | | | | | | Security fixes from 2.0.3 git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@740 e7ae566f-a301-0410-adde-c780ea21d3b5
* Windows reliability changes:james2005-10-311-1/+5
| | | | | | | | | | | * Added code to make sure that the local PATH environmental variable points to the Windows system32 directory. * Added new --ip-win32 adaptive mode which tries 'dynamic' and then fails over to 'netsh' if the DHCP negotiation fails. * Made --ip-win32 adaptive the default. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@739 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added actual remote address used to the ">STATE" alertjames2005-10-201-1/+5
| | | | | | | in the management interface (Rolf Fokkens). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@701 e7ae566f-a301-0410-adde-c780ea21d3b5
* Some changes to GET_USER_PASS_NEED_OK flag tojames2005-10-201-0/+14
| | | | | | | | | | | | | | | | | | | get_user_pass. (1) Allow an additional longer prompt string to be passed to the management interface client, in addition to the request type string. (2) Allow the management interface client to return a string, usually "ok" or "cancel" as the third argument to "needok" command. (3) Renamed "ok" command in management interface to "needok". (4) Edited management-notes.txt to reflect new needok feature. (5) See init.c:125 for new code example. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@694 e7ae566f-a301-0410-adde-c780ea21d3b5
* Merged with Alon's r688.james2005-10-201-5/+5
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@689 e7ae566f-a301-0410-adde-c780ea21d3b5
generated by cgit (git 2.34.1) at 2024-05-11 08:58:24 +0000