openvpn.git - Copy of the official OpenVPN git repo

	Commit message (Collapse)	Author	Age	Files	Lines
*	Provide OpenVPN runtime version information to plug-ins	David Sommerseth	2015-07-27	1	-0/+6
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Also updated the log_v3 sample-plugin to demonstrate how this works. $ openvpn --plugin log_v3.so --dev tun Fri Jul 10 15:17:28 2015 OpenVPN 2.3_git [git:dev/plugin-version/f05d8623a29078bf+]..... ...more.openvpn.logging... log_v3: OpenVPN 2.3_git (Major: 2, Minor: 3, Patch: git:dev/plugin-version/f05d8623a29078bf+) ...more.openvpn.logging... $ Signed-off-by: David Sommerseth <davids@redhat.com> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <1436534548-21507-3-git-send-email-openvpn.list@topphemmelig.net> URL: http://article.gmane.org/gmane.network.openvpn.devel/9904 Signed-off-by: Gert Doering <gert@greenie.muc.de>
*	Use tls-auth in sample config files	Steffan Karger	2015-02-22	6	-2/+28
\| \| \| \| \| \| \| \| \| \| \| \|	For two reasons: 1) May motivate people to use tls-auth in their setups 2) Verify tls-auth functionality when running 'make check' Signed-off-by: Steffan Karger <steffan.karger@fox-it.com> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <1424614268-5078-1-git-send-email-steffan.karger@fox-it.com> URL: http://article.gmane.org/gmane.network.openvpn.devel/9467 Signed-off-by: Gert Doering <gert@greenie.muc.de>
*	Remove ENABLE_SSL define (and --disable-ssl configure option)	Steffan Karger	2014-12-31	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Remove the --disable-ssl configure option and accompanying ENABLE_SSL defines in the master/2.4 branch, to reduce the code and testing complexity a bit. This does not remove to runtime option to run without SSL, just the compile time option to not include any SSL-related code. During the community meeting in November 2014 there were no objections amongst he developers present. Also, this has been announced on the -users and -devel mailing lists two weeks ago, without any response whatsoever. Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <54A4248A.1090501@karger.me> URL: http://article.gmane.org/gmane.network.openvpn.devel/9371 Signed-off-by: Gert Doering <gert@greenie.muc.de>
*	Modernize sample keys and sample configs	Steffan Karger	2014-11-15	32	-410/+779
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	I kept most of the certificate properties equal to the old certs, since some people's test scripts might rely on them (and it does not require any creativity from my part). Changes: * Add script to generate fresh test/sample keys (but keep sample keys in git for simple testing) * Switch from 1024 to 4096 bits RSA CA * Switch from 1024 to 2048 bits client/server RSA keys * Switch from 1024 to 2048 bits Diffie-Hellman parameters * Generate EC client and server cert, but sign with RSA CA (lets us test EC <-> RSA interoperability) * Remove 3DES cipher from 'sample' config * Add 'remote-cert-tls server' to client config * Update config files to deprecate nsCertType in favour of the keyUsage and extendedKeyUsage extensions. * Make naming more consistent Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Samuli Seppänen <samuli@openvpn.net> Message-Id: <CAA1AbxKZr_E6Wk9GBbB3xpLyJzyBxSa1k21UDXnC90d8refUzw@mail.gmail.com> URL: http://article.gmane.org/gmane.network.openvpn.devel/9226 Signed-off-by: Gert Doering <gert@greenie.muc.de>
*	Add topology in sample server configuration file	Philipp Hagemeister	2014-07-13	1	-1/+8
\| \| \| \| \| \| \| \| \| \| \| \| \|	This is an OpenPGP/MIME signed message (RFC 4880 and 3156) On modern systems, topology subnet should always be set, but it's missing in the configuration file. Add it with a short explanation. Signed-off-by: Philipp Hagemeister <phihag@phihag.de> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <53BF9998.5020906@phihag.de> URL: http://article.gmane.org/gmane.network.openvpn.devel/8878 Signed-off-by: Gert Doering <gert@greenie.muc.de>
*	Add an elliptic curve testing cert chain to the sample keys	Steffan Karger	2014-04-25	7	-3/+156
\| \| \| \| \| \| \| \|	Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Arne Schwabe <arne@rfc2549.org> Message-Id: <1398293018-8581-3-git-send-email-steffan@karger.me> URL: http://article.gmane.org/gmane.network.openvpn.devel/8601 Signed-off-by: Gert Doering <gert@greenie.muc.de>
*	Fix typo in sample build script to use LDFLAGS	kangsterizer	2014-04-13	1	-1/+1
\| \| \| \| \| \| \|	Came in as github pull request #15 Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-By: Arne Schwabe <arne@rfc2549.org>
*	plugin: Extend the plug-in v3 API to identify the SSL implementation used	David Sommerseth	2013-07-03	2	-1/+6
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	OpenVPN would segfault unexpectedly if it would be compiled against PolarSSL and the plug-in would expect OpenSSL, or vice-versa. This segfault would not appear before the plug-in would try to access functions which would be available if the plug-in and OpenVPN uses the same SSL implementation. This patch adds a member to the plug-in initialisation function, which identifies the SSL implementation. The log_v3 plug-in is updated accordingly + a simple fix to make it buildable again using the ./build script. A minor documentation error in the openvpn-plugin.h was also corrected, where it mentioned OPENVPN_PLUGIN_VERSION instead of OPENVPN_PLUGINv3_STRUCTVER. v2 - add const ovpnSSLAPI ssl_api at the end of struct openvpn_plugin_args_open_in and not in the "middle" v3 - fix bug in plug-in init, as the SSLAPI was located wrong in the args struct sent to the openvpn_plugin_open_v3() function. v4 - Ensure SSLAPI got a sane/known value if SSL is disabled or unknown Signed-off-by: David Sommerseth <davids@redhat.com> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <1372879030-10576-1-git-send-email-dazo@users.sourceforge.net> URL: http://article.gmane.org/gmane.network.openvpn.devel/7754 Signed-off-by: Gert Doering <gert@greenie.muc.de>
*	build: integrate plugins build into core build	Alon Bar-Lev	2012-06-26	15	-0/+1000
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	As disucssed[1], keep plugins in repository. 1, Proper automake/libtool build. 2. Move example plugins to samples/sample-plugins. 3. Plugins are installed at LIBDIR/openvpn/plugins. [1] http://comments.gmane.org/gmane.network.openvpn.devel/6436 Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com> Acked-by: David Sommerseth <davids@redhat.com> Message-Id: 1337035323-27465-1-git-send-email-alon.barlev@gmail.com URL: http://article.gmane.org/gmane.network.openvpn.devel/6591 Signed-off-by: David Sommerseth <davids@redhat.com>
*	build: distribute samples in windows	Alon Bar-Lev	2012-03-24	1	-0/+14
\| \| \| \| \| \|	Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com> Acked-by: Samuli Seppänen <samuli@openvpn.net> Signed-off-by: David Sommerseth <davids@redhat.com>
*	build: standard directory layout	Alon Bar-Lev	2012-03-22	34	-0/+1622
	Suitable for mature project. root - administrative stuff doc - documents src - sources tests - tests distro - distro specific files sample - samples SIDE EFFECT: many changes to rpm spec. Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com> Acked-by: Adriaan de Jong <dejong@fox-it.com> Signed-off-by: David Sommerseth <davids@redhat.com>