With this change we always build multihome support if the operating
system supports it.
Patch v2: Remove also from config-msvc.h
Patch v3: Remove also another line from configure.ac
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20210503105638.3903379-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg22290.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
We have two define that do exactly the same. Also move the check
from configure.ac to syshead.h since it is really only checking
for Windows.
Patch V2: Also remove from config-msvc.h
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20210422152939.2134046-5-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg22203.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
The direct.h header provides only a handful of functions [1] of which
we only use _wchdir. Directly included the direct.h file where it is
used and remove autoconf magic around it.
[1]
https://docs.microsoft.com/en-us/previous-versions/visualstudio/visual-stud
io-2012/as5kw0ze(v=vs.110)?redirectedfrom=MSDN
Patch V2: also remove from config-msvc.h
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20210422152939.2134046-3-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg22202.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
For the unlink function we actually have code that just ignores
the unlink call if the unlink function is not present. But all
platforms should have an unlink function.
This also removes all conditionals check for the headers that
belong to the C99 standard library header list
(https://en.cppreference.com/w/c/header).
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20210406162518.4075-3-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg22053.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
While the check if all socket related functions are present sounds like
a good idea in theory, in reality it just adds time to configure runs.
Our poll check on windows is currently only depending on sys/poll.h
non-existance. Make the check and comment more explicit.
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20210406162518.4075-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg22052.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This option has been deprecated in OpenVPN 2.4 and the ciphers that allow
using this option fall all into the SWEET32 category of ciphers with
64 bit block size.
Patch V2: Remove superflous check in OpenSSL codepath to check keysize
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Antonio Quartulli <antonio@openvpn.net>
Message-Id: <20210401123751.31756-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg21943.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
We require ISO C99 as minimum support for our source code and all compilers
should support the ISO C99 macros. Especially gcc does not need
the gcc extensions anymore. Also MSVC has support for it (as defined
in the config-msvc.h but also double checked)
LCLINT seems to be a C analyzer that history has forgotten about. I could
only find https://splint.org/release1.3.html and an similarly old research
paper.
Patch V2: Also remove AX_ macros from configure.ac
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Steffan Karger <steffan.karger@foxcrypto.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20210328142038.8826-2-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg21883.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This is configure macro that tries out how to declare a variable array
at the end of struct. This has been standardised in C99, so there is
no more need for non C99 magic. See also this stackoverflow discussion:
https://stackoverflow.com/questions/14643406/whats-the-need-of-array-with-z
ero-elements
Patch V2: Also remove AX_EMPTY_ARRAY from configure.ac
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Steffan Karger <steffan.karger@foxcrypto.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20210328142038.8826-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg21882.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
When using the LLVM clang compiler instead the MSVC cl.exe but with
the same build environment as MSVC, clang encounters a few errors:
src\openvpn\socket.c(3550,23): warning: assigning to 'CHAR *' (aka 'char
*') from 'uint8_t *' (aka 'unsigned char *') converts between pointers to
integer types with different sign [-Wpointer-sign]
wsabuf[0].buf = BPTR(&sock->reads.buf);
^ ~~~~~~~~~~~~~~~~~~~~~~
src\openvpn\socket.c(3670,23): warning: assigning to 'CHAR *' (aka 'char
*') from 'uint8_t *' (aka 'unsigned char *') converts between pointers to
integer types with different sign [-Wpointer-sign]
wsabuf[0].buf = BPTR(&sock->writes.buf);
^ ~~~~~~~~~~~~~~~~~~~~~~~
Use BSTR instead of BPTR, which casts to the correct type that is
expected.
src\compat\compat-gettimeofday.c(105,18): error: assignment to cast is
illegal, lvalue casts are not supported
tv->tv_sec = (long)last_sec = (long)sec;
Split into two assignments to avoid the illegal cast
include\stdint.h(18,28): error: typedef redefinition with different types
('signed char' vs 'char')
typedef signed char int8_t;
^
openvpn\config-msvc.h(162,16): note: previous definition is here
typedef __int8 int8_t;
Removes our custom int type typdefs from config-msvc.h and replace it
with an include of inttypes.h.
C:\Program Files (x86)\Windows
Kits\10\include\10.0.19041.0\shared\tcpmib.h(56,3): error: typedef
redefinition with different types ('enum MIB_TCP_STATE' vs 'int')
} MIB_TCP_STATE;
^
C:\Users\User\source\repos\openvpn\src\openvpn/syshead.h(369,13): note:
previous definition is here
typedef int MIB_TCP_STATE;
^
1 error generated.
This seems to be for mingw32 only, so guard this with a mingw32
compiler guard.
\src\openvpn\tun.c(3727,34): warning: passing 'char [256]' to parameter of
type 'LPBYTE' (aka 'unsigned char *') converts between pointers to integer
types with different sign [-Wpointer-sign]
net_cfg_instance_id,
^~~~~~~~~~~~~~~~~~~
C:\Program Files (x86)\Windows
Kits\10\include\10.0.19041.0\um\winreg.h(955,88): note: passing argument
to parameter 'lpData' here
This is windows specific code, use the Windows LPBTYE in the
definitions. (long pointer to BYTE (long pointer as far/near pointer
relict from windows 16 bit times, in moddern words (unsigned char *))
Fix also a few other char vs uint8/unisgned char/BYTE issues in tun.c
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20210319114631.20459-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg21719.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Since 2014, the OpenVPN project has shipped an adopted LZ4 library to be
enabled if no LZ4 libraries was found on the system. This was due to
the LZ4 library not being available on all platforms and it was vastly
better than the older LZO compression algorithm. But this was years
before VORACLE and related attack vectors affecting VPN connections,
where compression is considered a vulnerability.
The OpenVPN project is gradually moving away from supporting compression,
so shipping our own LZ4 library is no longer wanted. It will now only
use the LZ4 compression libraries found on the host, and can otherwise
be disabled completely with ./configure --disable-lz4.
Signed-off-by: David Sommerseth <davids@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20210317220642.38741-1-openvpn@sf.lists.topphemmelig.net>
URL: https://www.mail-archive.com/search?l=mid&q=20210317220642.38741-1-openvpn@sf.lists.topphemmelig.net
Signed-off-by: Gert Doering <gert@greenie.muc.de>
With scripts, plugin and management interface now all supporting
deferred auth, maintaining support of --disbale-def-auth becomes more
of a burden and the few kilobyte in potential binary size do not
outweigh this. Also the code in ssl_verify is hard to hard because
all the ifdefs.
Especially for management interface there are so many features not
directly related to deferred that depend on MANAGEMENT_DEF_AUTH
(like client-kill) that supporting management without deferred auth
is not worth it anymore. And removing this remover a high number of
ifdefs in manage.c/h
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20201023113244.26295-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg21214.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
As reported in Trac 1321, additional adapter installation
by tapctl.exe fails to fully setup the device node (some registry
keys missing, error in setapi.dev.log etc.).
Although the exact cause of this failure is unclear,
letting the Plug and Play subsystem handle the installation
by calling DiInstallDevice() avoids it.
We let the system automatically choose the best driver
by passing NULL for driverinfo to DiInstallDevice().
This also eliminates the need for enumerating all drivers
in the Net class and selecting a matching one.
Somehow mingw-w64 fails to find DiInstallDriver() in
newdev.lib although the header does define it. Use LoadLibrary()
to locate it at run time (available in Vista and above).
Built using mingw and tested both the msi installer (code shared
with libopenvpnmscia.dll) and tapctl.exe on Windows 10 64 bit.
Fixes: Trac #1321
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Lev Stipakov <lstipakov@gmail.com>
Message-Id: <1599177404-29996-1-git-send-email-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg20880.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
All supported crypto libraries have AEAD support and with our
ncp/de facto default cipher AES-256-GCM we do not want to support
the obscure corner case of a library with disabled AEAD.
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Patch V2: Remove three instances of (harmless) #ifdef Steffan spotted
that can be removed now too.
Acked-by: Steffan Karger <steffan.karger@foxcrypto.com>
Message-Id: <20200720121704.20333-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg20506.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Since we release Windows client with OpenSSL 1.1.0
(and will switch to 1.1.1 in the next release),
it makes sense to use a newer version in VS build.
This patch adds msvc-specific defines which imply
that underlying OpenSSL is 1.1.x (works with 1.1.0 and 1.1.1).
Also OpenSSL library names in project file are updated.
Signed-off-by: Lev Stipakov <lstipakov@gmail.com>
Acked-by: Simon Rozman <simon@rozman.si>
Message-Id: <1571315023-17044-1-git-send-email-lstipakov@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg18948.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This patch enables building openvpn with Visual Studio 2017.
It is advised to use openvpn-build/msvs/build.bat which
also downloads and build required dependencies.
Changes made:
- updated path to Visual Studio toolchain
- updated platform toolset
- added missing libraries
- added x64 configurations
- enabled AEAD ciphers to make NCP work
- enabled unicode support
- updated source files in project settings
- fix includes
- restored variable which was erroneously removed
- added properties file which sets required env variables
(required to build with IDE)
- etc
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Acked-by: Simon Rozman <simon@rozman.si>
Message-Id: <1538141209-32330-1-git-send-email-lstipakov@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg17499.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
With this patch we remove the possibility to disable the crypto engine
(ENABLE_CRYPTO define) at configuration time.
[--disable-crypto has been removed from .travis.yml too]
Signed-off-by: Antonio Quartulli <a@unstable.cc>
Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <20171203124952.15220-1-a@unstable.cc>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15979.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This switch is broken and unmaintained.
However there wasn't any ticket about it so far,
which means that it is practically unused.
Get rid of it and simplify P2MP logic.
Signed-off-by: Antonio Quartulli <a@unstable.cc>
Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <20170816132454.13046-1-a@unstable.cc>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15275.html
Signed-off-by: David Sommerseth <davids@openvpn.net>
This patch enables the building of OpenVPN for the 2.4 and master
branches using MSVC (Visual Studio 2013 / MSVC v120), which currently
doesn't work with 2.4 or a clone of master. 2013 is being used as it
reduces the complexity of the redistributable requirements and has
mostly complete C99 support. Further changes will be necessary for 2015
support when the switch is made.
Note the changes to config-msvc-version.h.in are more of a work around.
It was a simpler approach when compared to modifying msvc-generate.js to
handle m4 syntax, and so it may be dropped if there is an intention to
update the javascript generator.
Signed-off by: Eric Thorpe <eric@sparklabs.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <df273b9b-6ca4-a539-cdf5-d4f9f991896b@sparklabs.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg14268.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This is the first commit of the big reformatting task. This
is performed by running the ./dev-tools/reformat-all.sh script.
This is based upon the v3 reformat-all.sh/uncrustify.conf version
which is now applied to git master.
Signed-off-by: David Sommerseth <davids@openvpn.net>
- Include lz4 code and header in VC project files.
- Fix an issue in comp-lz4.h that prevents it from compiling under MSVC.
Signed-off-by: Fish <fish.thss@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1456434882-6009-1-git-send-email-fish.thss@gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11262
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Also send it with peer-info as IV_PLAT_VER.
Signed-off-by: Lev Stipakov <lstipakov@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1451422957-23951-1-git-send-email-lstipakov@gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/10904
Signed-off-by: Gert Doering <gert@greenie.muc.de>
* Upgrade API level to Vista to implement get_default_gateway_ipv6
* Define HAVE_INET_NTOP/PTON since Vista has its own implementation of
those
Signed-off-by: Lev Stipakov <lstipakov@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1444130113-23387-1-git-send-email-lstipakov@gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/10194
Signed-off-by: Gert Doering <gert@greenie.muc.de>
* Tools version changed to 12
* Added comp.c/h and compat.c/h to project files
* Workaround for missing __attribute__ support
Also, as a preparation for MSVS2015, ensured that snprintf is not defined
for that VS version.
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1443786401-30416-1-git-send-email-lstipakov@gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/10174
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Remove the --disable-ssl configure option and accompanying ENABLE_SSL
defines in the master/2.4 branch, to reduce the code and testing
complexity a bit.
This does not remove to runtime option to run without SSL, just the compile
time option to not include any SSL-related code.
During the community meeting in November 2014 there were no objections
amongst he developers present. Also, this has been announced on the -users
and -devel mailing lists two weeks ago, without any response whatsoever.
Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <54A4248A.1090501@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/9371
Signed-off-by: Gert Doering <gert@greenie.muc.de>
MSVC 2013 C library now defines strtoull() function,
so use the native implementation when available.
Signed-off-by: James Yonan <james@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1398064204-26476-3-git-send-email-james@openvpn.net>
URL: http://article.gmane.org/gmane.network.openvpn.devel/8561
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Use limits.h for maximum value.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Signed-off-by: David Sommerseth <davids@redhat.com>
Remove all references to gettimeofday() from main project.
SIDE EFFECT: mingw will use its own internal gettimeofday().
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Acked-by: David Sommerseth <davids@redhat.com>
Signed-off-by: David Sommerseth <davids@redhat.com>