The -Wno-stringop-truncation flag is only supported by some GCC versions
and not by Clang (macOS, FreeBSD) at all.
Move the includes to the top the file to have them available when running
the check_c_compiler_flag.
Change-Id: I452bc4ee935d13f8e9095d0a31805a3bbaff0cec
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20230629215611.3292788-3-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26791.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
On my system python3 is the macOS system python3 while rst2html has
#!/opt/homebrew/opt/python@3.9/bin/python3.9
as its first line. Running that with a different python results in missing
python modules. So directly execute the rst2html script instead.
Change-Id: I7e27ae031179c91cc1bca8122caf2453d6396ec0
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20230629215611.3292788-2-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26790.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
the funktion is_on_link is not used on FreeBSD and triggers a
warning/error (-Werror) on FreeBSD.
Patch v2: use actual platforms instead an ifndef FreeBSD
Change-Id: I6757d6509ff3ff522d6de417372a21e73ccca3ba
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230701202453.3517822-2-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26804.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Use the casting variants of mock(). Using the mock_ptr_type
fixes an existing bug where test_tls_crypt.c couldn't
build in MinGW 32bit:
test_tls_crypt.c:127:27: error:
cast to pointer from integer of different size
[-Werror=int-to-pointer-cast]
127 | const char *pem_str = (const char *) mock();
Change-Id: I6c03313b8677fa07c07e718b1f85f7efd3c4dea8
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20230630123908.82588-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26796.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This improves binary cache handling.
Change-Id: I4183edacc0295e9671c586cfcd77cf687015a22c
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Lev Stipakov <lstipakov@gmail.com>
Message-Id: <20230620135310.94455-6-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26755.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
So that we get reproducible builds.
Change-Id: Iffdd3ac5f266cc7d592ab678afc14c122acbb351
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Lev Stipakov <lstipakov@gmail.com>
Message-Id: <20230620135310.94455-5-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26757.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Completely replaced by the CMake build system now.
v3:
- rebase on top of my dist fixes
Change-Id: I807cffa40f18faa1adec4e15e84c032877a2b92e
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Lev Stipakov <lstipakov@gmail.com>
Message-Id: <20230620135310.94455-4-frank@lichtenheld.com>
URL: https://www.mail-archive.com/search?l=mid&q=20230620135310.94455-4-frank@lichtenheld.com
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This is based on the initial CMake patch by
Arne Schwabe, but extends that to provide
a complete replacement for existing MinGW
build (autotools based) and MSVC build
(openvpn.sln).
The following features are added while switching
these builds to CMake:
- vcpkg support for MinGW build, allowing for
trivial cross-compilation on Linux
- Add unittests to MSVC build
- Rework MSVC config header generation, removing
need for separate headers between autotools
and MSVC
The following advantages are reasons for switching
to CMake over the existing MSVC build:
- Easier to maintain CMake files without IDE
than the sln and vcxproj files
- Able to maintain MSVC and MinGW build side-by-side
The plan is to completely remove the existing MSVC
build system but leave the existing autotools builds
in place as-is, including MinGW support.
CMake is not the intended build system for Unix-like
platforms and there are no current plans to switch
to it.
v2:
- Reduce default warning level for MSVC to /W2. With
/W3 the build is just much too noisy, making it
difficult to spot new warnings.
- Change MSVC CMake presets to have hardcoded build
type. When using pkg_search_module MSVC Multi-Config
builds do not work correctly at all since PkgConfig
doesn't seem to be able to create multi-config
libraries like find_package does.
- Change minGW presets to be Multi-Config capable.
- Remove OPENVPN_VERSION_MAJOR, OPENVPN_VERSION_MINOR,
OPENVPN_VERSION_PATCH from config.h.cmake.in.
They are not required and cause macro redefinition
warnings in MSVC (with openvpn-plugin.h). gcc doesn't
warn about this because the definitions are identical
so no need to fix this in autoheader config.h.in.
v3:
- Apply fixes by Lev Stipakov to match MSVC compile
options better to previous build.
- Apply change by Lev Stipakov to enable generation
of PDB files.
- Move /Brepro to its own commit. This is a behavior
change that should be more visible.
- Rebase on top of my dist fixes.
Change-Id: I237f28eca618d4fc476225b887c0be26cca362b1
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Lev Stipakov <lstipakov@gmail.com>
Message-Id: <20230620135310.94455-3-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26754.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This helps with IDE integration among other things.
This is a basic implementation for development purposes
that can't replace any of the existing release builds.
Change-Id: I666314a223d324ca72dbe7ba7d22f764996d3ca2
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Lev Stipakov <lstipakov@gmail.com>
Message-Id: <20230620135310.94455-2-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26758.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Avoid compilation warnings on 32 bit platforms.
dco_linux.c: In function 'dco_update_peer_stat':
dco_linux.c:830:26: error: format '%lu' expects argument of type
'long unsigned int', but argument 4 has type 'counter_type'
{aka 'long long unsigned int'} [-Werror=format=]
830 | msg(D_DCO_DEBUG, "%s / dco_read_bytes: %lu", __func__,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~
831 | c2->dco_read_bytes);
| ~~~~~~~~~~~~~~~~~~
| |
| counter_type {aka long long unsigned int}
Signed-off-by: Sergey Korolev <sergey.korolev@keenetic.com>
Acked-by: Antonio Quartulli <a@unstable.cc>
Message-Id: <20230626130939.3267280-1-sergey.korolev@keenetic.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26767.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
No need to deprive tar ball users of this information.
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230619132934.76085-5-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26749.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Document the dependency. Also fixes cert_data.h missing from
distribution.
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230619132934.76085-4-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26750.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Remove the number prefixes we do not use anyway.
And then rename Allow-the-build-to-succeed-if-configured-with-disabl.patch
to make it short enough that it can fit in a tar archive
built with --old-archive. Otherwise make dist might not include it:
tar:
openvpn-2.7_git/contrib/vcpkg-ports/pkcs11-helper/Allow-the-build-to-succee
d-if-configured-with-disabl.patch:
file name is too long (max 99); not dumped
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230619132934.76085-3-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26747.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
So it is possible to build with MSVC from the release
tarballs.
Fixes#344.
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230619132934.76085-2-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26748.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This part of the function is not used by any part of
our source code. It looks also broken if called with kt!=NULL
The function cipher_kt_key_size expects its argument to be not
NULL and would break. So remove the unused code instead of fixing
it.
Found by Coverity.
Change-Id: Id56628cfb3dfd2f306bd9bdcca2e567ac0ca9ab2
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230601102506.4068185-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26737.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
In many scenarios the context will still have a reference to the cipher, so
this use-after-free does not explode but it is still wrong.
Change-Id: I59002d6613eaef36d5a47b20b56073e399cfa1df
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Antonio Quartulli <a@unstable.cc>
Message-Id: <20230601095721.4065834-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26735.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Commit 36bef1b52b removed
the option but did not delete it from usage text.
Change-Id: I68d3c90c2bdf6f426a9eef81f852fcae2ea47ce9
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230525144657.40732-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26726.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
At the moment if --name is not specified, adapter names
are generated by Windows and they look a bit confusing
like "Local Area Connection 2".
This is also behavior of "Add a new <driver-name> virtual network
adapter" shortcuts.
This makes tapctl generate driver-specific names for adapters
if --name is missing, inclusing resolving duplicates. For instance
following commands:
tapctl.exe create --hwid ovpn-dco
will create an adapter named
OpenVPN Data Channel Offload
If the name is taken, the next one will be
OpenVPN Data Channel Offload #1
and so on up to 100.
Fixes https://github.com/OpenVPN/openvpn/issues/337
Change-Id: Ic5afb470d14ac7b231d91f0f5de0a0046043a7e0
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Acked-by: Selva Nair <selva.nair@gmail.com>
Message-Id: <20230519082548.1714-1-lstipakov@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26712.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Setting the desktop as "winsta0\default" does not always work when run
from a non-interactive session which may not have access to the
the window station "Winsta0". Leave this as NULL to let the system
automatically assign a window station and desktop.
Test runs on Win10 confirm that "Winsta0\Default" still gets selected
when run interactively (e.g., using the GUI or from task scheduler as
an interactive job). This is the same behaviour as now.
The change allows "interactive service" to be used for launching
OpenVPN from non-interactive sessions. For example, when service client
is a non-interactive task from the task scheduler, the default desktop
in a custom window station gets assigned to openvpn.exe.
Note that we already run openvpn.exe in a non-interactive window
station when directly launched by "automatic service".
Github: FixesOpenVPN/openvpn-gui#626
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230518173345.2722530-1-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26705.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
With --dev-node on Windows, one can specify GUID
of the adapter openvpn should use. Those can be listed with:
C:\Program Files\OpenVPN\bin>openvpn.exe --show-adapters
While on it, remove "TAP-WIN32 / Wintun" from --show-adapters output.
Github: FixesOpenVPN/openvpn#336
Change-Id: I57de4d3c069465fb730bb635bfdbdf360fc8c475
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230518110058.1382-1-lstipakov@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26702.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
malloc was not checked against NULL, I was able
to get core dump in case of failure
Signed-off-by: Ilya Shipitsin <chipitsine@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230518212139.1261-1-chipitsine@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26707.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Since we use strlen() to determine the length
and then check it ourselves, there is really
no point in using strncpy.
But the compiler might complain that we use
the output of strlen() for the length of
strncpy which is usually a sign for bugs:
error: ‘strncpy’ specified bound depends
on the length of the source argument
[-Werror=stringop-overflow=]
Warning was at least triggered for
mingw-gcc version 10-win32 20220113.
Also change the type of len to size_t
which avoids potential problems with
signed overflow.
v2:
- make len size_t and change code to avoid any theoretical overflows
- remove useless casts
v3:
- fix off-by-one introduced by v2 %)
v4:
- ignore unsigned overflow to simplify code
Change-Id: If4a67adac4d2e870fd719b58075d39efcd67c671
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230517113619.82808-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26683.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Just some very basic tests.
v2:
- fix off-by-one
Change-Id: I73fc893136387d1da05f4aea98cb37b02d6c3230
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230517084422.70547-2-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26680.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This makes it easy to test an installed binary for
example.
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230511101253.369196-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26648.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Currently we use the ANSI version of CreateEvent causing name of the
exit event to be interpreted differently depending on the code page
in effect. Internally all strings parsed from command line and config
file are stored as UTF8-encoded Uniode. When passed to Windows API calls,
these should be converted to UTF16 and wide character version of the API
should be used.
CreateEvent calls for unnamed events are left unchanged as there is no
text-encoding dependence in those cases.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Lev Stipakov <lstipakov@gmail.com>
Message-Id: <20230516024232.2680491-1-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26666.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
I was looking for memleaks in the code and found
this one with cppcheck. Only an example, but no
need to leave this bug in it.
Also fix fortify problem in keying-material-exporter-demo
so I can actually test the compilation of the sample
plugins.
v2:
- remove unneccessary usages of snprintf, replace
with strncpy.
Change-Id: Ibd1b282afc4a28768be3f165f84ab60ca4d24a9b
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230516093534.26384-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26668.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
A fallout of my memleak investigation. These are
not leaks, we just assign a value that is never
read before overwritten. Not critical, but since
I already stumbled over it...
Change-Id: I761ea3d289f49a20e42a3d1bfccebce3c7447afe
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230515155407.38647-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26662.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Leaks a small amount of memory every 15s.
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Antonio Quartulli <a@unstable.cc>
Message-Id: <20230515142116.33135-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26659.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Since we only call this once, it is not a bad
leak, but still.
Change-Id: Id85766738c3ece4f2d1860f7d101e4446a894aed
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230512155023.444406-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26650.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
So it is easier to check the merge status.
Change-Id: Ia1f8a8d26d4752a7dda1a20521c59ded06bc7c52
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Lev Stipakov <lstipakov@gmail.com>
Message-Id: <20230331154214.613245-4-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26569.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
To be in line with current vcpkg packaging policies.
Change-Id: Ifad0965a2b724b0b278783ba9c0ad5a82274445d
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Lev Stipakov <lstipakov@gmail.com>
Message-Id: <20230331154214.613245-3-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26571.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Annoyingly this requires custom vcpkg triplets because
the mingw toolchain definition and the vcpkg_configure_make
function use incompatible default triplets (-pc-mingw32 vs
-w64-mingw32).
Change-Id: I4e671938220e9bfd798f91819f34b6f8ceaa45f5
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Lev Stipakov <lstipakov@gmail.com>
Message-Id: <20230331154214.613245-2-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26572.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Commit 3132bead49 accidentially was submitted with a missing semicolon
at the end of the line. Whoops.
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230417134046.81761-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26593.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
It is generated from t_client.sh.in by configure,
so no need to ship it. Due to the dependency on
the configuration it also might break reproducibility
of the dist tarball.
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230418134941.86637-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26596.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
None of this is likely relevant for a current reader.
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230503135922.54871-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26621.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Allow the kernel driver to notify us that it's time to renegotiate keys.
The intent is to avoid IV re-use after 2^32 packets.
This is a first draft intended for discussion. The accompanying kernel
change for FreeBSD can be found in https://reviews.freebsd.org/D39570
Signed-off-by: Kristof Provost <kprovost@netgate.com>
Acked-by: Antonio Quartulli <antonio@openvpn.net>
Message-Id: <20230414094227.9153-1-kprovost@netgate.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26590.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
- We assume that all text passed to the management interface
and written to log file are in Unicode (UTF-8). This is broken by
the use of the ANSI version of FormatMessage() for Windows error
messages. Fix by using FormatMessageW() and converting the UTF-16
result to UTF-8.
v2: assign return value of FormatMessageW() to DWORD, not int
Github: fixesOpenVPN/openvpn#319
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20230418141446.1755363-1-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26598.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
After first round of mailing people with more than 10 commits we have
almost all committers have agreed. This put this license in the realm
of having a realistic change to work. Had any of these contributers
disagreed, rewriting all their code might have been not feasible.
The rationale of adding this exception now is to avoid having to
have a second round of agreement for new contributers and ensure
that all new code will include the exemption.
patch v2: add explaination and use exception rather than excemption
patch v3: actually send v3
Change-Id: Ide83f914f383b53ef37ddf628e4da5a78e241bf0
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <20230426094931.1168078-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26610.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
The newer compilers started to complain about this.
Change-Id: I784def4d941b7d21c7979f84f8681719c9ff7a53
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230430172202.206528-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26612.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Basically -Werror for docutils.
Fix all issues raised by this. The following issue
classes were reported:
Possible title underline, too short for the title.
Treating it as ordinary text because it's so short.
(:: at the start of the line directly below text,
either add empty line of merge into : on previous line)
Enumerated list start value not ordinal-1
(error in numbering)
Change-Id: Id3b0f7be4602f70115c60e6ddb89f6ed58e94e64
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20230331132429.601635-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26567.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
We set DNS domain either via interactve service or DHCP.
When interactive service is not used, for example,
when profiles are started by OpenVPNService, this option
is not working for DCO and wintun.
This implements setting DNS domain via WMIC command,
similar to implementation in interactive service.
This is done when:
- interactive service is not used
- DHCP is not used (ip-win32 is either NETSH or IPAPI,
or IPv4 address is not pushed)
Github: fixesOpenVPN/openvpn#306
Change-Id: Ic72a4ecd0414c0d7bf013415f52640fd122cb739
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Acked-by: Selva Nair <selva.nair@gmail.com>
Message-Id: <20230406071546.1056-1-lstipakov@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26582.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This was added back in commit
6187644b66
to support the NSIS windows installer.
It is now unused.
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230330094226.487951-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26560.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This only defines three types and none of them is
used anywhere in our source code.
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230330094215.487924-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26559.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
We need this for the MSI build. Previously this was enabled
by default.
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Lev Stipakov <lstipakov@gmail.com>
Message-Id: <20230330101536.533080-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26561.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
- Do not use non-literal initializers for static objects
- Replace empty initializer {} by {0}
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Co-authored-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20230327114937.28246-1-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26525.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
- Enabled for the Ubuntu 22.04 build (OpenSSL 3) and one of the
Ubuntu 20.04 builds (OpenSSL 1.1.1).
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20230322221456.1660425-3-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26485.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
- Load some test certificate/key pairs into a temporary softhsm2 token
and enumerate available objects through pkcs11-helper interface
- For each object, load it into SSL_CTX and test sign (if using OpenSSL 3)
or check the certificate and public-key match (if using OpenSSl 1.1.1.).
The pkcs11-id for each object is specified directly or
through a mocked management callback to test pkcs11-id-management
Limitations:
Depends on libsofthsm2.so and p11tool (install softhsm2 and gnutls-bin
packages). Mbed-TLS/pkcs11-helper combination is not tested.
If locations of these binaries are not auto-detected or need to be
overridden, use -DSOFTHSM2_UTIL=<path> -DP11TOOL=<path> to configure.
Location of SOFTHSM2_MODULE is not auto-detected and defaults to
/usr/lib/softhsm/libsofthsm2.so. It may be changed by passing
-DSOFTHSM2_MODULE=/some-path/libsofthsm2.so to configure.
Also see "configure --help".
The test is enabled only if --enable-pkcs11 is in use, and SOFTHSM2_UTIL
& P11TOOL are found in path or manually defined during configuring.
Changes relative to github PR
- Explicitly disable building the test on Windows: need to port mkstemp,
mkdtemp, setenv etc., before enabling this on Windows.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20230322221456.1660425-2-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26483.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>