james
e482a63238
Added two new management states:
...
OPENVPN_STATE_RESOLVE -- DNS lookup */
OPENVPN_STATE_TCP_CONNECT -- Connecting to TCP server
Echo management state change to log.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1068 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-06-29 18:57:21 +00:00
james
6c29814b4b
Minor syshead.h change for NetBSD to allow
...
TCP_NODELAY flag to work.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1060 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-06-28 03:08:19 +00:00
james
ff51355dd1
Removed 'keywords' propset from everything
...
except ChangeLog.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1050 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-06-26 02:47:53 +00:00
james
64780a92e3
Removed spurious executable propset from
...
several source files.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1048 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-06-26 01:35:18 +00:00
james
d3ad45706a
Modified --port-share code to remove the assumption that
...
CMSG_SPACE always evaluates to a constant, to enable
compilation on NetBSD and possibly other BSDs as well.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1041 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-06-24 08:10:10 +00:00
james
dcc0b2447e
Eliminated gcc 3.3.3 warnings on NetBSD
...
when ./configure --enable-strict is used.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1040 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-06-24 08:04:42 +00:00
james
14a4962ab0
-r 1026:1032
...
https://svn.openvpn.net/projects/openvpn/contrib/alon/BETA21/openvpn
Changes:
1. Updated makefile.w32-vc to include lladdr.*, updated
linkage libraries.
2. Modified lladdr.c to be compiled under visual C.
3. Added retry counter to PKCS#11 PIN hook.
4. Modified PKCS#11 PIN retry loop to return correct error
code when PIN is incorrect.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1038 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-06-13 17:02:28 +00:00
james
838911cc42
Added optional minimum-number-of-bytes
...
parameter to --inactive directive.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1036 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-06-11 04:22:11 +00:00
james
acb567cde0
A few more updates:
...
-r 1015:1025
https://svn.openvpn.net/projects/openvpn/contrib/alon/BETA21
Changes:
1. Fix handling (ignoring) zero sized attributes.
2. Fix gcc-2 issues.
3. Fix openssl 0.9.6 (first version) issues.
4. easy-rsa Makefile (install) is now available so that
distribs will be able to install it safely.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1033 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-06-11 03:56:52 +00:00
james
7d6c582090
Added credit for CAN-2005-2532.
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1024 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-05-11 16:21:33 +00:00
james
3713f21f89
Version 2.1_beta14 released
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1013 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-13 21:46:40 +00:00
james
e12fe2864a
Added --lladdr option to specify the link layer (MAC) address
...
for the tap interface on non-Windows platforms (Roy Marples).
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1012 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-13 21:09:04 +00:00
james
40ac3d7ac1
Added --route-metric option to set a default route metric
...
for --route (Roy Marples).
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1011 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-13 20:40:39 +00:00
james
151ea252ee
Version number increment.
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1010 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-13 20:11:26 +00:00
james
89a649b6c3
ChangeLog edits.
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1009 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-13 20:08:47 +00:00
james
e5239fc26e
Re-added backtrack handling code.
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1008 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-13 20:02:27 +00:00
james
a8105c6747
Merged PKCS#11 extensions to easy-rsa/2.0 (Alon Bar-Lev).
...
svn merge -r 995:998 https://svn.openvpn.net/projects/openvpn/contrib/alon/easy-rsa
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1006 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-13 10:20:43 +00:00
james
428b827967
Temporarily backed out time backtrack handling code
...
due to issues on Windows.
Rewrote gettimeofday function for Windows to be
simpler and more efficient.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1005 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-13 09:48:11 +00:00
james
f84f536b05
Version 2.1_beta13 released
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1004 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-12 09:48:15 +00:00
james
b9baa4d9ca
svn merge -r 999:1000 $SO/trunk/openvpn .
...
(Fixed 64-bit counter bug on Windows)
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1002 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-12 09:26:10 +00:00
james
fc1f8ad57e
Added credit and CVE number to security vulnerability fix in 2.0.6.
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1001 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-12 09:25:14 +00:00
james
35fd760fc7
Version 2.1_beta12 released
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@993 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-05 08:31:23 +00:00
james
55ff44b4ef
svn merge -r 886:987 $SO/trunk/openvpn .
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@991 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-05 07:30:04 +00:00
james
18597b93f7
I've recently worked on a better version of pkcs11-helper. I've also merged
...
it into QCA (Qt Cryptographic Architecture), so that KDE 4 will finally be
able to use smartcards.
The changes allows the following features:
1. Thread safe, is activated if USE_PTHREAD.
2. Slot event - Will allow us in the future to disconnect VPN when smartcard
is removed. In order to support this OpenVPN must support threading... At
least SIGUSR1 from a different thread. Threading should be supported in both
Windows and Linux. -- currently disabled.
When I talk about threading support it is just support in configuration script
and that the method that SIGUSR1 self can be called from a different thread.
I already handle the monitor threads.
3. Certificate enumeration - Will allow us to finally have one configuration
file for all users! When you add the plugin GUI stuff you talked about, we will
be able to display a list of available certificates for the user to select.
-- currently disabled.
4. Data object manipulation - Will allow us to store tls-auth on the smartcard
as well. -- currently disabled.
5. Many other minor improvements.
Alon Bar-Lev
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@990 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-05 07:17:02 +00:00
james
be9150b693
Added man page entry for --setenv-safe.
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@989 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-05 06:57:31 +00:00
james
c1c27fe32a
"topology subnet" fix for FreeBSD (Benoit Bourdin).
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@986 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-05 06:28:19 +00:00
james
07d19ba76c
Security Vulnerability -- An OpenVPN client connecting to a
...
malicious or compromised server could potentially receive
"setenv" configuration directives from the server which could
cause arbitrary code execution on the client via a LD_PRELOAD
attack. A successful attack appears to require that (a) the
client has agreed to allow the server to push configuration
directives to it by including "pull" or the macro "client" in
its configuration file, (b) the client configuration file uses
a scripting directive such as "up" or "down", (c) the client
succesfully authenticates the server, (d) the server is
malicious or has been compromised and is under the control of
the attacker, and (e) the attacker has at least some level of
pre-existing control over files on the client (this might be
accomplished by having the server respond to a client web request
with a specially crafted file).
The fix is to disallow "setenv" to be pushed to clients from
the server, and to add a new directive "setenv-safe" which is
pushable from the server, but which appends "OPENVPN_" to the
name of each remotely set environmental variable.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@983 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-05 06:01:08 +00:00
james
28549038ac
Minor fixes for gcc (GCC) 4.0.2 warnings.
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@905 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-02-23 13:14:55 +00:00
james
16eda09737
Version 2.1_beta11 released
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@904 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-02-19 12:17:59 +00:00
james
154adc7a21
Port share proxy bug fixes.
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@903 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-02-18 22:40:55 +00:00
james
93cb134df7
ps.c debug code
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@902 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-02-18 16:35:21 +00:00
james
e92cee68c7
Added comments to ps.c (port share proxy code).
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@901 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-02-18 10:33:41 +00:00
james
dc46c0676f
Version 2.1_beta10 released
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@899 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-02-17 07:43:32 +00:00
james
651a01f913
Version 2.1_beta9 released
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@896 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-02-16 18:35:22 +00:00
james
6117b639d3
svn merge -r 888:889 https://svn.openvpn.net/projects/openvpn/contrib/alon/BETA21 21
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@894 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-02-16 18:17:32 +00:00
james
6add6b2fe7
Added --port-share option for allowing OpenVPN and HTTPS
...
server to share the same port number.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@893 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-02-16 18:12:24 +00:00
james
34a507c9ab
Added "bytecount" command to management interface.
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@887 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-02-10 10:01:46 +00:00
james
8d33c06028
Added feature to --management-client to confirm connection
...
by writing IP addr and port to a file.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@885 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-02-03 09:04:52 +00:00
james
4f404ad36d
Added --management-client option to connect as a client to
...
management GUI app rather than be connected to as a server.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@884 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-01-23 14:08:27 +00:00
james
49eb050d55
pkcs11 fixes.
...
svn merge -r 879:881 https://svn.openvpn.net/projects/openvpn/contrib/alon/BETA21/openvpn .
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@882 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-01-14 21:12:22 +00:00
james
513baee13d
Small fixes:
...
* Fixed variable declaration in crypto.c that is not at
the head of a block.
* Added library to Visual C makefile.
* In server.conf config sample, add additional comment
text on "dev tap" usage.
* Added some short documentation on revoke-full script.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@877 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-01-07 03:21:49 +00:00
james
b366a1ff29
Version 2.1_beta8 released
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@874 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-01-03 09:46:04 +00:00
james
296eddd8f6
incremented version number to 2.1_beta7b
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@872 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-01-03 03:03:24 +00:00
james
183f592033
Added patch to modify openvpn.nsi for building
...
a turnkey installer.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@866 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-30 04:44:42 +00:00
james
e5d281cf2f
Fixed bug with tls-auth and key-direction parameter
...
which was introduced in r844.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@865 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-29 07:47:47 +00:00
james
cbc0dada77
svn merge -r 854:863 $SO/trunk/openvpn
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@864 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-29 02:13:30 +00:00
james
d92819fa1a
Added OPENVPN_PLUGIN_TLS_FINAL plugin callback.
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@862 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-28 06:58:19 +00:00
james
1147885939
Minor ChangeLog edit.
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@861 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-23 17:34:46 +00:00
james
51b1d4c2b0
Some PKCS11-related code wasn't properly #ifdefed.
...
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@860 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-23 17:29:22 +00:00
james
33e81c4841
Man page and usage message changes to reflect
...
--ip-win32 adaptive and --route-method adaptive.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@859 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-22 19:50:48 +00:00