| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Openvpn for Windows is not compiled as a Unicode binary and thus cannot
handle paths which contain non-ASCII characters using the argv vector.
Characters that are not present in the system codepage are simply replaced
with a question mark, e.g. if started as 'openvpn --config домой.ovpn'
the file '?????.ovpn' is tried to be opened as configuration.
The same applies to paths in config files which need to be UTF-8
encoded if they contain non ASCII characters. The option line
'key лев.pem' will lead to openvpn trying to open 'лев.pem' on a
system with codepage 1252.
This patch makes openvpn read the command line in UCS-2 and convert
it to UTF-8 internally. Windows stores names in the filesystem in UCS-2.
When using a paths openvpn converts it from UTF-8 to UCS-2 and uses the
wide character Windows API function.
Signed-off-by: Heiko Hund <heiko.hund@sophos.com>
Acked-by: David Sommerseth <davids@redhat.com>
Signed-off-by: David Sommerseth <davids@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
- Removed the dependency on an SSL library for USE_SSL when creating non-SSL plugins
- Fixed example plugin code to include USE_SSL when needed
Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: James Yonan <james@openvpn.net>
Signed-off-by: David Sommerseth <davids@redhat.com>
|
| |
|
|
|
|
| |
Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: James Yonan <james@openvpn.net>
Signed-off-by: David Sommerseth <davids@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
MS Visual Studio don't like to have struct members named in the
variable declaration. Without this fix, Visual Studio is not able
to compile the new v3 plug-in API.
Signed-off-by: David Sommerseth <davids@redhat.com>
Tested-by: Samuli Seppänen <samuli@openvpn.net>
Signed-off-by: Samuli Seppänen <samuli@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
After a review of the second round of the the v3 plug-in implementation, it
was decided to use a separate constant defining the version of the structs
used for argument and return value passing, instead of OPENVPN_PLUGIN_VERSION.
To not make it too complex, this patch uses a shared version constant for all
the v3 structures. It is not expected that these strucutures will change too
much and too often.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
Acked-by: James Yonan <james@openvpn.net>
|
| |
|
|
|
|
|
|
|
| |
The certificates sent to the plug-in API will only happen during the
OPENVPN_PLUGIN_TLS_VERIFY phase and will contain a pointer to the OpenSSL
X509 certificate data.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
Acked-by: James Yonan <james@openvpn.net>
|
| |
|
|
|
|
|
|
| |
Let OpenVPN call the openvpn_plugin_open_v3() and
openvpn_plugin_func_v3() plug-in functions if they exist in the plug-in.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
Acked-by: James Yonan <james@openvpn.net>
|
| |
|
|
|
|
|
|
| |
This just implements the basic API changes needed for the newer and more
flexible plug-in API.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
Acked-by: James Yonan <james@openvpn.net>
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
acinclude.m4
config-win32.h
configure.ac
misc.c
thread.c
thread.h
- These conflicts was mainly due to feat_misc getting old
and mostly caused by the pthread clean-up patches in
feat_misc
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This code was not activated at all, and hard coded as disabled in syshead.h
with this code snippet:
/*
* Pthread support is currently experimental (and quite unfinished).
*/
#if 1 /* JYFIXME -- if defined, disable pthread */
#undef USE_PTHREAD
#endif
So no matter if --enable-pthread when running ./configure or not, this feature
was never enabled in reality. Further, by removing the blocker code above made
OpenVPN uncompilable in the current state.
As the threading part needs to be completely rewritten and pthreading will not be
supported in OpenVPN 2.x, removing this code seems most reasonable.
In addition, a lot of mutex locking code was also removed, as they were practically
NOP functions, due to pthreading being forcefully disabled
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
Acked-by: James Yonan <james@openvpn.net>
|
| |/
|
|
| |
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5599 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| |
|
|
| |
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4477 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| |
|
|
|
|
|
| |
Telethra to OpenVPN Technologies.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3409 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* All external programs and scripts are now called by execve() on unix and
CreateProcess on Windows.
* The system() function is no longer used.
* Argument lists for external programs and scripts are now built by the new
argv_printf function which natively outputs to string arrays (i.e.
char *argv[] lists), never truncates its output, and eliminates the security
issues inherent in formatting and parsing command lines, and dealing with
argument quoting.
* The --script-security directive has been added to offer policy controls on
OpenVPN's execution of external programs and scripts.
Also added a new plugin example (openvpn/plugin/examples/log.c) that logs
information to stdout for every plugin method called by OpenVPN.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3122 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| |
|
|
|
|
|
| |
an absolute pathname.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3082 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| |
|
|
|
|
|
|
|
|
| |
password if the verbosity was set to a high debug level
such as 7 or higher. Normally this would only be used by
developers. Now, even at high debug levels, the password
will not be output.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3073 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| |
|
|
| |
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3048 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| |
|
|
| |
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2995 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Support asynchronous authentication by plugins by allowing
OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY to return
OPENVPN_PLUGIN_FUNC_DEFERRED. See comments in
openvpn-plugin.h for documentation. Enabled by ENABLE_DEF_AUTH.
Added a simple packet filter functionality that can be driven by
a plugin. See comments in openvpn-plugin.h for documentation.
Enabled by ENABLE_PF.
See openvpn/plugin/defer/simple.c for examples of ENABLE_DEF_AUTH
and ENABLE_PF.
"TLS Error: local/remote TLS keys are out of sync" is no longer a
fatal error for TCP-based sessions, since the error can arise
normally in the course of deferred authentication. In a related
change, allow packet-id sequence to begin at some number n > 0 for
TCP sessions, rather than strictly requiring sequence to begin
at 1.
Added a test to configure.ac for LoadLibrary function on Windows.
Modified "make dist" function to include all files from
install-win32 so that ./domake-win can be run from a
tarball-expanded directory.
setenv and setenv-safe directives may now omit a value argument
which defaults to "".
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2978 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| |
|
|
|
|
|
|
|
|
|
|
| |
to not be called for the top-level "generic" client template.
Added additional documentation to openvpn-plugin.h that more clearly
illustrates the full sequence and ordering of plugin callbacks
(plugin/defer/simple.c was extended to provide the raw data for this
documentation).
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2973 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| |
|
|
|
|
|
|
|
|
| |
OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY plugin handler.
See documentation in openvpn-plugin.h and example
usage in plugin/defer/simple.c.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2969 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| |
|
|
| |
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2959 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| |
|
|
|
|
|
|
| |
directory to the dlopen search list when the user specifies the basename
of the plugin only (Marius Tomaschewski).
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2637 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| |
|
|
| |
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@862 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allow plugin and push directives to have multiple
parameters specified instead of only 1 quoted
parameter.
Allow plugin and push directives to have multi-line
parameter lists, such as:
<plugin>
my-plugin.so
parm1
parm2
</plugin>
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@785 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| |
|
|
| |
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@784 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| |
|
|
|
|
|
| |
2.1_beta1
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@591 e7ae566f-a301-0410-adde-c780ea21d3b5
|
| |
|
|
| |
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@581 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
|
It includes the --topology feature, and
TAP-Win32 driver changes to allow
non-admin access.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@580 e7ae566f-a301-0410-adde-c780ea21d3b5
|
