old easy-rsa 1.0 files. (even current openvpn-2.1_rc2-install.exe)
This bug is not that critical, but it is annoying that easy-rsa still
creates server certificates without extended key usage per default
(openssl.cnf), making the windows user wonder about error messages if
the recommended "remote-cert-tls" option is used. (In this case simply
copying the openssl.cnf from the 2.0 directory did the job, for regular
usage the path to opensc in the newly added pkcs11 section should be
changed).
And if possible please add the following three files to the "Windows"
directory if easy-rsa. They allow to build password protected versions
of the keys (I just copied the files and remove the "-nodes" parameter).
Except of build-key-server-pass.bat i think that they are vital for
security (e.g. the key files are in an unencrypted directory and
physical access is possible). -- Daniel Zauft
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1862 e7ae566f-a301-0410-adde-c780ea21d3b5
require that all .h files have to be compiled.
Also, FreeBSD install does not support GNU long options which the
Makefile in easy-rsa/2.0 uses (not checked the others as we don't
install those on Gentoo) -- Roy Marples
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1861 e7ae566f-a301-0410-adde-c780ea21d3b5
directly from an svn checkout or export.
install-win32/version.nsi contains high-level version info.
The script install-win32/winconfig should be run initially to set up
build configuration files.
Then make can be executed as such:
. autodefs/nsidefs.sh
make -f makefile.w32 -j 2
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1757 e7ae566f-a301-0410-adde-c780ea21d3b5
to reflect the fact that Vista has blacklisted the tap0801.sys
file name due to previous compatibility issues which have now
been resolved. TAP-Win32 major/minor version number is now 9/1.
Windows installer will delete a previously installed
tap0801.sys TAP driver before installing tap0901.sys.
Added code to Windows installer to fail gracefully on 64 bit
installs until 64-bit TAP driver issues can be resolved.
Added code to Windows installer to fail gracefully on
versions of Windows which are not explicitly supported.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1746 e7ae566f-a301-0410-adde-c780ea21d3b5
change the value of an existing name=value pair
would delay the freeing of the memory held by
the previous name=value pair until the underlying
client instance object is closed.
This could cause a server that handles long-term
client connections, resulting in many periodic calls
to verify_callback, to needlessly grow the env_set
memory allocation until the underlying client instance
object is closed.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1493 e7ae566f-a301-0410-adde-c780ea21d3b5
Implemented AUTO_USERID using
MD5(MAC address(primary network adapter)).
Currently implemented for Linux and Windows.
Basically if ENABLE_AUTO_USERID is defined,
the --auth-user-pass option will not prompt
for username/password, but will rather generate
a unique username and blank password.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1459 e7ae566f-a301-0410-adde-c780ea21d3b5
management hold state.
During management hold, ignore SIGUSR1/SIGHUP signals
thrown with the "signal" command.
Also, "signal" command will now apply remapping as
specified with the --remap-usr1 option.
When a signal entered using the "signal" command from a management
hold is ignored, output:
>HOLD:Waiting for hold release
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1458 e7ae566f-a301-0410-adde-c780ea21d3b5