mirror/openvpn3
0
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn3.git synced 2024-09-20 12:12:15 +02:00
Code
4a72d62592
openvpn3/openvpn/client/cliproto.hpp

692 lines
18 KiB
C++
Raw Normal View History

Global edit to add copyright notice at head of each source file.
2012-08-24 23:13:42 +02:00
//
// cliproto.hpp
// OpenVPN
//
// Copyright (c) 2012 OpenVPN Technologies, Inc. All rights reserved.
//
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
#ifndef OPENVPN_CLIENT_CLIPROTO_H
#define OPENVPN_CLIENT_CLIPROTO_H
Added head comments to all source files. Minor reorganization of unicode code.
2012-11-23 07:18:43 +01:00
// This is a middle-layer object in the OpenVPN client protocol stack.
// It is above the general OpenVPN protocol implementation in
// ProtoContext<RAND_API, CRYPTO_API, SSL_API> but below the top
// level object in a client connect (ClientConnect). See ClientConnect for
// a fuller description of the full client stack.
//
// This layer deals with setting up an OpenVPN client connection:
//
// 1. handles creation of transport-layer handler via TransportClientFactory
// 2. handles creation of tun-layer handler via TunClientFactory
// 3. handles sending PUSH_REQUEST to server and processing reply of server-pushed options
// 4. manages the underlying OpenVPN protocol object (ProtoContext<RAND_API, CRYPTO_API, SSL_API>)
// 5. handles timers on behalf of the underlying OpenVPN protocol object
// 6. acts as an exception dispatcher for errors occuring in any of the underlying layers
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
#include <string>
#include <vector>
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
#include <boost/asio.hpp>
Added "remote" option list handling. Added ClientProtoTerminateCallback abstraction to ClientProto. Added ClientProto::Config for configuration parameters, rather than passing parameters individually to ClientProto constructor.
2012-02-06 09:28:05 +01:00
#include <boost/cstdint.hpp> // for boost::uint...
Added AuthFailed as an event type.
2012-02-15 19:19:34 +01:00
#include <boost/algorithm/string.hpp> // for boost::algorithm::starts_with and trim_left_copy
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
#include <openvpn/common/rc.hpp>
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
#include <openvpn/tun/client/tunbase.hpp>
#include <openvpn/transport/client/transbase.hpp>
#include <openvpn/options/continuation.hpp>
Android 4 client: * Added OpenVPN log file page view in advanced preferences. * Added OpenSSL verify_callback. * Support ns-cert-type * Sanitize logged data to remove Session ID.
2012-03-08 11:30:43 +01:00
#include <openvpn/options/sanitize.hpp>
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
#include <openvpn/client/clievent.hpp>
Android 4 client fixes: Fixed session ID -> password replacement. Allow username to be specified as profile/username.
2012-02-28 00:00:29 +01:00
#include <openvpn/client/clicreds.hpp>
Added parser size validation constants in openvpn/client/cliconstants.hpp
2012-11-12 02:52:03 +01:00
#include <openvpn/client/cliconstants.hpp>
Fixed a race condition issue with "hot connect", i.e. sending a connect intent to service when already connected. One of the ramifications of the "hot connect" fix above is that OpenVPNClientBase.is_active() will now return a value that is instantaneously up-to-date, whereas events might lag because of the mechanics of inter-thread message posting. Keep this in mind when correlating received events to is_active() values. For C++ core threads, increased allowed thread-stop delay to 2.5 seconds before thread is marked as unresponsive and abandoned. Previous delay was 1 second. This delay can't be made too long, otherwise Android will tell the user that the app is unresponsive and invite them to kill it. When closing out an abandoned core thread, indicate this condition with a new event type called CORE_THREAD_ABANDONED. If the thread is abandoned due to lack of response to a disconnect request, then the CORE_THREAD_ABANDONED event will occur followed by CORE_THREAD_INACTIVE. For core threads that properly exit, the DISCONNECTED event will be followed by CORE_THREAD_INACTIVE. Added save_as_filename parameter to importProfileRemote method for controlling the filename that the imported profile is saved as. This parameter may be set to null to have the method choose an appropriate name. To have an imported profile replace an existing profile, the filenames much match. Added UI_OVERLOADED debugging constant to OpenVPNClient to allow the UI to connect to a profile when already connected to another profile in order to test "hot connect". Added new events CLIENT_HALT and CLIENT_RESTART for compatibility with an Access Server feature that allows the server to remotely kill or restart the client. When connecting a profile, the core will now automatically fill in the username if it is not specified for userlocked profiles. Version 0.902.
2012-03-31 18:08:20 +02:00
#include <openvpn/options/clihalt.hpp>
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
#include <openvpn/time/asiotimer.hpp>
#include <openvpn/time/coarsetime.hpp>
Minor exception code cleanup.
2012-11-14 17:41:33 +01:00
#include <openvpn/error/excode.hpp>
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
#include <openvpn/ssl/proto.hpp>
#ifdef OPENVPN_DEBUG_CLIPROTO
#define OPENVPN_LOG_CLIPROTO(x) OPENVPN_LOG(x)
#else
#define OPENVPN_LOG_CLIPROTO(x)
#endif
namespace openvpn {
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
namespace ClientProto {
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
struct NotifyCallback {
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
virtual void client_proto_terminate() = 0;
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
virtual void client_proto_connected() {}
Added "remote" option list handling. Added ClientProtoTerminateCallback abstraction to ClientProto. Added ClientProto::Config for configuration parameters, rather than passing parameters individually to ClientProto constructor.
2012-02-06 09:28:05 +01:00
};
Core refactor to abstract random and crypto APIs using static polymorphism. Only OpenSSL crypto API is presently implemented. Still need to implement Apple and PolarSSL.
2012-03-12 13:24:40 +01:00
template <typename RAND_API, typename CRYPTO_API, typename SSL_API>
class Session : public ProtoContext<RAND_API, CRYPTO_API, SSL_API>, TransportClientParent, TunClientParent
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
{
Core refactor to abstract random and crypto APIs using static polymorphism. Only OpenSSL crypto API is presently implemented. Still need to implement Apple and PolarSSL.
2012-03-12 13:24:40 +01:00
typedef ProtoContext<RAND_API, CRYPTO_API, SSL_API> Base;
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
typedef typename Base::PacketType PacketType;
using Base::now;
"last packet received n seconds ago" stat is now provided by core.
2012-09-06 00:03:26 +02:00
using Base::stat;
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
public:
typedef boost::intrusive_ptr<Session> Ptr;
typedef typename Base::Config ProtoConfig;
OPENVPN_EXCEPTION(client_exception);
Fixed a race condition issue with "hot connect", i.e. sending a connect intent to service when already connected. One of the ramifications of the "hot connect" fix above is that OpenVPNClientBase.is_active() will now return a value that is instantaneously up-to-date, whereas events might lag because of the mechanics of inter-thread message posting. Keep this in mind when correlating received events to is_active() values. For C++ core threads, increased allowed thread-stop delay to 2.5 seconds before thread is marked as unresponsive and abandoned. Previous delay was 1 second. This delay can't be made too long, otherwise Android will tell the user that the app is unresponsive and invite them to kill it. When closing out an abandoned core thread, indicate this condition with a new event type called CORE_THREAD_ABANDONED. If the thread is abandoned due to lack of response to a disconnect request, then the CORE_THREAD_ABANDONED event will occur followed by CORE_THREAD_INACTIVE. For core threads that properly exit, the DISCONNECTED event will be followed by CORE_THREAD_INACTIVE. Added save_as_filename parameter to importProfileRemote method for controlling the filename that the imported profile is saved as. This parameter may be set to null to have the method choose an appropriate name. To have an imported profile replace an existing profile, the filenames much match. Added UI_OVERLOADED debugging constant to OpenVPNClient to allow the UI to connect to a profile when already connected to another profile in order to test "hot connect". Added new events CLIENT_HALT and CLIENT_RESTART for compatibility with an Access Server feature that allows the server to remotely kill or restart the client. When connecting a profile, the core will now automatically fill in the username if it is not specified for userlocked profiles. Version 0.902.
2012-03-31 18:08:20 +02:00
OPENVPN_EXCEPTION(client_halt_restart);
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
OPENVPN_EXCEPTION(tun_exception);
OPENVPN_EXCEPTION(transport_exception);
Android 4 client port is almost working (need to get an Android build that includes tun driver to test further).
2012-02-19 02:36:50 +01:00
OPENVPN_EXCEPTION(max_pushed_options_exceeded);
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
OPENVPN_SIMPLE_EXCEPTION(session_invalidated);
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
OPENVPN_SIMPLE_EXCEPTION(authentication_failed);
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
Initial HTTP proxy implementation in core, with support for non-authenticated proxies and Basic Auth. Includes new PROXY_ERROR and PROXY_NEED_CREDS events. Still to do: Digest and NTLM auth.
2012-10-24 08:38:20 +02:00
OPENVPN_EXCEPTION(proxy_exception);
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
struct Config : public RC<thread_unsafe_refcount>
{
typedef boost::intrusive_ptr<Config> Ptr;
Android 4 client port is almost working (need to get an Android build that includes tun driver to test further).
2012-02-19 02:36:50 +01:00
Config()
Added parser size validation constants in openvpn/client/cliconstants.hpp
2012-11-12 02:52:03 +01:00
: pushed_options_limit("server-pushed options data too large",
ProfileParseLimits::MAX_PUSH_SIZE,
ProfileParseLimits::OPT_OVERHEAD,
ProfileParseLimits::TERM_OVERHEAD,
More profile validation.
2012-11-14 03:35:50 +01:00
0,
ProfileParseLimits::MAX_DIRECTIVE_SIZE)
Android 4 client port is almost working (need to get an Android build that includes tun driver to test further).
2012-02-19 02:36:50 +01:00
{}
iOS version: 1.0 Beta 17 Android version: 1.1 beta 1 More alignment of iOS and Android clients: * Normalized building of dependencies for Android and iOS: This build adds some new library dependencies: The library versions required are enumerated in ovpn3/lib-versions, currently: export BOOST_VERSION=boost_1_51_0 export OPENSSL_VERSION=openssl-1.0.1c export POLARSSL_VERSION=polarssl-1.1.4 export LZO_VERSION=lzo-2.06 To build, first mkdir ~/src/android and ~/src/mac if they don't already exist. Set the env var O3 to point to the ovpn3 dir, usually ~/src/ovpn3. Build on iOS: [set PATH to include NDK] cd ~/src/android $O3/scripts/android/build-boost $O3/scripts/android/build-minicrypto $O3/scripts/android/build-polarssl $O3/scripts/android/build-lzo Build on Android: [set PATH to include NDK] cd ~/src/android $O3/scripts/android/build-boost $O3/scripts/android/build-minicrypto $O3/scripts/android/build-polarssl $O3/scripts/android/build-lzo * Integrated Minicrypto library (an assembly language library of low-level crypto functions adapted from OpenSSL). * Added LZO compression with a preference/settings item to enable or disable. * Added special compression handling to support older servers that ignore compression handshake -- this will handle receiving compressed packets even if we didn't ask for them. * Normalized profile naming conventions. iOS changes: * Log tunnel performance stats immediately on disconnection of tunnel. Android changes: * Client now supports loading profiles as attachments opened from other apps. * Added Import Private Tunnel menu item, however current Private Tunnel download page needs to be adapted to fit requirements of Android download manager. * Enter key should advance to the next input field, or connect if entered from the last field. * Import from Access Server now provides the option to download autologin vs. userlogin profiles. * "About" page now shows copyright text for included libraries/content (except for LZO and PolarSSL which will presumably be commercially licensed).
2012-09-05 03:09:34 +02:00
typename ProtoConfig::Ptr proto_context_config;
Compression selector in mobile clients is now 3-state: yes -- support compression on both uplink and downlink asym -- support compression on downlink only no (default) -- no compression (stubs only) Added our own internal LZO decompressor, which is enabled when HAVE_LZO is undefined and the standard LZO library is not linked. This allows clients to support LZO in downlink mode only if the library isn't available.
2012-09-08 03:36:54 +02:00
ProtoContextOptions::Ptr proto_context_options;
OpenVPN 1.0 Beta 21 (iOS) Implemented IPv6 in iOS client. Added new flags to redirect-gateway to control whether redirection occurs at IPv4 or IPv6 levels (or both): * ipv4 (default) * !ipv4 * ipv6 * !ipv6 Added new directive "redirect-dns yes|no". If yes, all DNS requests will be forwarded through pushed DNS servers. If no, only DNS requests that match domains enumerated in "dhcp-option DOMAIN" directives will be forwarded. If redirect-dns is omitted, it will default to yes if redirect-gateway is specified at the IPv4 level (this is the normal pre-existing behavior). Allow the following aggregated options that are normally pushed by the server to be defined in the config file as well. These options will be combined with server-pushed options: * route * route-ipv6 * redirect-gateway * redirect-private * dhcp-option Allow the following singleton options (i.e. options that don't aggregate), that are normally pushed, to be defined in the config file (note that server-pushed singleton options will override the config file setting): * redirect-dns The Connection Details section of the UI now displays VPN IP addresses for IPv4 and IPv6. Added new pushable option "client-ip IP_ADDR" that can be pushed by the server with the client's IP address as seen by the server. The client will then show the address in the Connection Details section of the UI.
2012-10-03 11:03:02 +02:00
PushOptionsBase::Ptr push_base;
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
TransportClientFactory::Ptr transport_factory;
TunClientFactory::Ptr tun_factory;
SessionStats::Ptr cli_stats;
ClientEvent::Queue::Ptr cli_events;
Android 4 client fixes: Fixed session ID -> password replacement. Allow username to be specified as profile/username.
2012-02-28 00:00:29 +01:00
ClientCreds::Ptr creds;
Added parser size validation constants in openvpn/client/cliconstants.hpp
2012-11-12 02:52:03 +01:00
OptionList::Limits pushed_options_limit;
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
};
Session(boost::asio::io_service& io_service_arg,
const Config& config,
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
NotifyCallback* notify_callback_arg)
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
: Base(config.proto_context_config, config.cli_stats),
io_service(io_service_arg),
transport_factory(config.transport_factory),
tun_factory(config.tun_factory),
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
notify_callback(notify_callback_arg),
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
housekeeping_timer(io_service_arg),
push_request_timer(io_service_arg),
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
halt(false),
OpenVPN 1.0 Beta 21 (iOS) Implemented IPv6 in iOS client. Added new flags to redirect-gateway to control whether redirection occurs at IPv4 or IPv6 levels (or both): * ipv4 (default) * !ipv4 * ipv6 * !ipv6 Added new directive "redirect-dns yes|no". If yes, all DNS requests will be forwarded through pushed DNS servers. If no, only DNS requests that match domains enumerated in "dhcp-option DOMAIN" directives will be forwarded. If redirect-dns is omitted, it will default to yes if redirect-gateway is specified at the IPv4 level (this is the normal pre-existing behavior). Allow the following aggregated options that are normally pushed by the server to be defined in the config file as well. These options will be combined with server-pushed options: * route * route-ipv6 * redirect-gateway * redirect-private * dhcp-option Allow the following singleton options (i.e. options that don't aggregate), that are normally pushed, to be defined in the config file (note that server-pushed singleton options will override the config file setting): * redirect-dns The Connection Details section of the UI now displays VPN IP addresses for IPv4 and IPv6. Added new pushable option "client-ip IP_ADDR" that can be pushed by the server with the client's IP address as seen by the server. The client will then show the address in the Connection Details section of the UI.
2012-10-03 11:03:02 +02:00
received_options(config.push_base),
Android 4 client fixes: Fixed session ID -> password replacement. Allow username to be specified as profile/username.
2012-02-28 00:00:29 +01:00
creds(config.creds),
Compression selector in mobile clients is now 3-state: yes -- support compression on both uplink and downlink asym -- support compression on downlink only no (default) -- no compression (stubs only) Added our own internal LZO decompressor, which is enabled when HAVE_LZO is undefined and the standard LZO library is not linked. This allows clients to support LZO in downlink mode only if the library isn't available.
2012-09-08 03:36:54 +02:00
proto_context_options(config.proto_context_options),
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
first_packet_received_(false),
sent_push_request(false),
Added support to new core for remote-cert-tls, remote-cert-ku, and remote-cert-eku directives.
2012-10-31 15:46:40 +01:00
cli_stats(config.cli_stats),
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
cli_events(config.cli_events),
connected_(false),
Did some refactoring to make it easier for tun and transport objects to communicate specific errors or warnings. Added TUN_IFACE_CREATE event, which indicates an error creating the tun interface. Added REROUTE_GW_NO_DNS error stat, which indicates that redirect-gateway (IPv4) was processed without an accompanying DNS directive.
2012-10-24 11:32:15 +02:00
fatal_(Error::UNDEF),
Added parser size validation constants in openvpn/client/cliconstants.hpp
2012-11-12 02:52:03 +01:00
pushed_options_limit(config.pushed_options_limit)
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
{
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
#ifdef OPENVPN_PACKET_LOG
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
packet_log.open(OPENVPN_PACKET_LOG, std::ios::binary);
if (!packet_log)
OPENVPN_THROW(open_file_error, "cannot open packet log for output: " << OPENVPN_PACKET_LOG);
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
#endif
Android client successfully tested with null tun/tap.
2012-02-16 21:46:38 +01:00
Base::update_now();
Base::reset();
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
//Base::enable_strict_openvpn_2x();
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
bool first_packet_received() const { return first_packet_received_; }
Added "remote" option list handling. Added ClientProtoTerminateCallback abstraction to ClientProto. Added ClientProto::Config for configuration parameters, rather than passing parameters individually to ClientProto constructor.
2012-02-06 09:28:05 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
void start()
{
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
if (!halt)
{
Bug fixes: * raise default headroom/tailroom to 512 for worst-case compression expansion * for TCP connections use async_connect instead of connect * for Time and Time::Duration, handle subtraction reasonably with infinite values * handle possible infinite duration in to_posix_duration * fix overflow in Time::Duration::to_milliseconds * call Base::update_now() in ClientProto::start
2012-02-07 21:52:40 +01:00
Base::update_now();
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
// coarse wakeup range
housekeeping_schedule.init(Time::Duration::binary_ms(512), Time::Duration::binary_ms(1024));
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
// initialize transport-layer packet handler
transport = transport_factory->new_client_obj(io_service, *this);
transport->start();
}
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
explicit-exit-notify fixes.
2012-02-27 09:16:27 +01:00
void send_explicit_exit_notify()
{
if (!halt)
Base::send_explicit_exit_notify();
}
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
void stop(const bool call_terminate_callback)
{
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
if (!halt)
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
{
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
halt = true;
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
housekeeping_timer.cancel();
push_request_timer.cancel();
if (tun)
tun->stop();
if (transport)
transport->stop();
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
if (notify_callback && call_terminate_callback)
notify_callback->client_proto_terminate();
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
}
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
void stop_on_signal(const boost::system::error_code& error, int signal_number)
{
stop(true);
}
bool reached_connected_state() const { return connected_; }
Android 4 client port is almost working (need to get an Android build that includes tun driver to test further).
2012-02-19 02:36:50 +01:00
// Fatal error means that we shouldn't retry.
Did some refactoring to make it easier for tun and transport objects to communicate specific errors or warnings. Added TUN_IFACE_CREATE event, which indicates an error creating the tun interface. Added REROUTE_GW_NO_DNS error stat, which indicates that redirect-gateway (IPv4) was processed without an accompanying DNS directive.
2012-10-24 11:32:15 +02:00
// Returns a value != Error::UNDEF if error
Android 4 client port is almost working (need to get an Android build that includes tun driver to test further).
2012-02-19 02:36:50 +01:00
Error::Type fatal() const { return fatal_; }
const std::string& fatal_reason() const { return fatal_reason_; }
Added AuthFailed as an event type.
2012-02-15 19:19:34 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
virtual ~Session()
{
stop(false);
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
private:
// transport obj calls here with incoming packets
virtual void transport_recv(BufferAllocated& buf)
{
try {
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
OPENVPN_LOG_CLIPROTO("Transport RECV " << server_endpoint_render() << ' ' << Base::dump_packet(buf));
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
// update current time
Base::update_now();
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
"last packet received n seconds ago" stat is now provided by core.
2012-09-06 00:03:26 +02:00
// update last packet received
stat().update_last_packet_received(now());
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
// log connecting event (only on first packet received)
if (!first_packet_received_)
{
ClientEvent::Base::Ptr ev = new ClientEvent::Connecting();
cli_events->add_event(ev);
first_packet_received_ = true;
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
// get packet type
typename Base::PacketType pt = Base::packet_type(buf);
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
// process packet
if (tun && pt.is_data())
{
// data packet
Base::data_decrypt(pt, buf);
if (buf.size())
{
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
#ifdef OPENVPN_PACKET_LOG
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
log_packet(buf, false);
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
#endif
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
// make packet appear as incoming on tun interface
OPENVPN_LOG_CLIPROTO("TUN send, size=" << buf.size());
tun->tun_send(buf);
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
// do a lightweight flush
Base::flush(false);
}
else if (pt.is_control())
{
// control packet
Base::control_net_recv(pt, buf);
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
// do a full flush
Base::flush(true);
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
// schedule housekeeping wakeup
set_housekeeping_timer();
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
}
Added support to new core for remote-cert-tls, remote-cert-ku, and remote-cert-eku directives.
2012-10-31 15:46:40 +01:00
catch (const ExceptionCode& e)
{
Added parser size validation constants in openvpn/client/cliconstants.hpp
2012-11-12 02:52:03 +01:00
if (e.code_defined())
{
if (e.fatal())
transport_error((Error::Type)e.code(), e.what());
else
cli_stats->error((Error::Type)e.code());
}
Added support to new core for remote-cert-tls, remote-cert-ku, and remote-cert-eku directives.
2012-10-31 15:46:40 +01:00
else
Minor exception code cleanup.
2012-11-14 17:41:33 +01:00
process_exception(e, "transport_recv_excode");
}
catch (const std::exception& e)
{
process_exception(e, "transport_recv");
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
}
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
// tun i/o driver calls here with incoming packets
virtual void tun_recv(BufferAllocated& buf)
{
try {
OPENVPN_LOG_CLIPROTO("TUN recv, size=" << buf.size());
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
// update current time
Base::update_now();
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
// encrypt packet
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
#ifdef OPENVPN_PACKET_LOG
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
log_packet(buf, true);
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
#endif
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
Base::data_encrypt(buf);
if (buf.size())
{
// send packet via transport to destination
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
OPENVPN_LOG_CLIPROTO("Transport SEND " << server_endpoint_render() << ' ' << Base::dump_packet(buf));
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
if (transport->transport_send(buf))
Base::update_last_sent();
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
// do a lightweight flush
Base::flush(false);
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
// schedule housekeeping wakeup
set_housekeeping_timer();
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
}
Search/replace of: std::exception& e to: const std::exception& e
2012-02-17 20:28:44 +01:00
catch (const std::exception& e)
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
{
First working iOS build.
2012-07-01 17:37:46 +02:00
process_exception(e, "tun_recv");
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
}
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
virtual void transport_pre_resolve()
{
ClientEvent::Base::Ptr ev = new ClientEvent::Resolve();
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
cli_events->add_event(ev);
}
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
std::string server_endpoint_render()
{
std::string server_host, server_port, server_proto, server_ip;
transport->server_endpoint_info(server_host, server_port, server_proto, server_ip);
std::ostringstream out;
out << server_host << ":" << server_port << " (" << server_ip << ") via " << server_proto;
return out.str();
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Android 1.1.4 build 17 Better differentiation between "waiting for proxy" vs. "waiting for server" in UI event messaging.
2012-10-31 19:54:02 +01:00
virtual void transport_wait_proxy()
{
ClientEvent::Base::Ptr ev = new ClientEvent::WaitProxy();
cli_events->add_event(ev);
}
virtual void transport_wait()
{
ClientEvent::Base::Ptr ev = new ClientEvent::Wait();
cli_events->add_event(ev);
}
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
virtual void transport_connecting()
{
try {
OPENVPN_LOG("Connecting to " << server_endpoint_render());
Base::start();
Base::flush(true);
set_housekeeping_timer();
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
}
Search/replace of: std::exception& e to: const std::exception& e
2012-02-17 20:28:44 +01:00
catch (const std::exception& e)
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
{
First working iOS build.
2012-07-01 17:37:46 +02:00
process_exception(e, "transport_connecting");
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
}
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Did some refactoring to make it easier for tun and transport objects to communicate specific errors or warnings. Added TUN_IFACE_CREATE event, which indicates an error creating the tun interface. Added REROUTE_GW_NO_DNS error stat, which indicates that redirect-gateway (IPv4) was processed without an accompanying DNS directive.
2012-10-24 11:32:15 +02:00
virtual void transport_error(const Error::Type fatal_err, const std::string& err_text)
Initial HTTP proxy implementation in core, with support for non-authenticated proxies and Basic Auth. Includes new PROXY_ERROR and PROXY_NEED_CREDS events. Still to do: Digest and NTLM auth.
2012-10-24 08:38:20 +02:00
{
Did some refactoring to make it easier for tun and transport objects to communicate specific errors or warnings. Added TUN_IFACE_CREATE event, which indicates an error creating the tun interface. Added REROUTE_GW_NO_DNS error stat, which indicates that redirect-gateway (IPv4) was processed without an accompanying DNS directive.
2012-10-24 11:32:15 +02:00
if (fatal_err != Error::UNDEF)
{
fatal_ = fatal_err;
fatal_reason_ = err_text;
}
Initial HTTP proxy implementation in core, with support for non-authenticated proxies and Basic Auth. Includes new PROXY_ERROR and PROXY_NEED_CREDS events. Still to do: Digest and NTLM auth.
2012-10-24 08:38:20 +02:00
if (notify_callback)
{
Did some refactoring to make it easier for tun and transport objects to communicate specific errors or warnings. Added TUN_IFACE_CREATE event, which indicates an error creating the tun interface. Added REROUTE_GW_NO_DNS error stat, which indicates that redirect-gateway (IPv4) was processed without an accompanying DNS directive.
2012-10-24 11:32:15 +02:00
OPENVPN_LOG("Transport Error: " << err_text);
Initial HTTP proxy implementation in core, with support for non-authenticated proxies and Basic Auth. Includes new PROXY_ERROR and PROXY_NEED_CREDS events. Still to do: Digest and NTLM auth.
2012-10-24 08:38:20 +02:00
stop(true);
}
else
Did some refactoring to make it easier for tun and transport objects to communicate specific errors or warnings. Added TUN_IFACE_CREATE event, which indicates an error creating the tun interface. Added REROUTE_GW_NO_DNS error stat, which indicates that redirect-gateway (IPv4) was processed without an accompanying DNS directive.
2012-10-24 11:32:15 +02:00
throw transport_exception(err_text);
Initial HTTP proxy implementation in core, with support for non-authenticated proxies and Basic Auth. Includes new PROXY_ERROR and PROXY_NEED_CREDS events. Still to do: Digest and NTLM auth.
2012-10-24 08:38:20 +02:00
}
Did some refactoring to make it easier for tun and transport objects to communicate specific errors or warnings. Added TUN_IFACE_CREATE event, which indicates an error creating the tun interface. Added REROUTE_GW_NO_DNS error stat, which indicates that redirect-gateway (IPv4) was processed without an accompanying DNS directive.
2012-10-24 11:32:15 +02:00
virtual void proxy_error(const Error::Type fatal_err, const std::string& err_text)
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
{
Did some refactoring to make it easier for tun and transport objects to communicate specific errors or warnings. Added TUN_IFACE_CREATE event, which indicates an error creating the tun interface. Added REROUTE_GW_NO_DNS error stat, which indicates that redirect-gateway (IPv4) was processed without an accompanying DNS directive.
2012-10-24 11:32:15 +02:00
if (fatal_err != Error::UNDEF)
{
fatal_ = fatal_err;
fatal_reason_ = err_text;
}
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
if (notify_callback)
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
{
Did some refactoring to make it easier for tun and transport objects to communicate specific errors or warnings. Added TUN_IFACE_CREATE event, which indicates an error creating the tun interface. Added REROUTE_GW_NO_DNS error stat, which indicates that redirect-gateway (IPv4) was processed without an accompanying DNS directive.
2012-10-24 11:32:15 +02:00
OPENVPN_LOG("Proxy Error: " << err_text);
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
stop(true);
}
else
Did some refactoring to make it easier for tun and transport objects to communicate specific errors or warnings. Added TUN_IFACE_CREATE event, which indicates an error creating the tun interface. Added REROUTE_GW_NO_DNS error stat, which indicates that redirect-gateway (IPv4) was processed without an accompanying DNS directive.
2012-10-24 11:32:15 +02:00
throw proxy_exception(err_text);
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
void extract_auth_token(const OptionList& opt)
{
// if auth-token is present, use it as the password for future renegotiations
const Option* o = opt.get_ptr("auth-token");
if (o)
{
More profile validation.
2012-11-14 03:35:50 +01:00
const std::string& sess_id = o->get(1, 256);
Fixed a race condition issue with "hot connect", i.e. sending a connect intent to service when already connected. One of the ramifications of the "hot connect" fix above is that OpenVPNClientBase.is_active() will now return a value that is instantaneously up-to-date, whereas events might lag because of the mechanics of inter-thread message posting. Keep this in mind when correlating received events to is_active() values. For C++ core threads, increased allowed thread-stop delay to 2.5 seconds before thread is marked as unresponsive and abandoned. Previous delay was 1 second. This delay can't be made too long, otherwise Android will tell the user that the app is unresponsive and invite them to kill it. When closing out an abandoned core thread, indicate this condition with a new event type called CORE_THREAD_ABANDONED. If the thread is abandoned due to lack of response to a disconnect request, then the CORE_THREAD_ABANDONED event will occur followed by CORE_THREAD_INACTIVE. For core threads that properly exit, the DISCONNECTED event will be followed by CORE_THREAD_INACTIVE. Added save_as_filename parameter to importProfileRemote method for controlling the filename that the imported profile is saved as. This parameter may be set to null to have the method choose an appropriate name. To have an imported profile replace an existing profile, the filenames much match. Added UI_OVERLOADED debugging constant to OpenVPNClient to allow the UI to connect to a profile when already connected to another profile in order to test "hot connect". Added new events CLIENT_HALT and CLIENT_RESTART for compatibility with an Access Server feature that allows the server to remotely kill or restart the client. When connecting a profile, the core will now automatically fill in the username if it is not specified for userlocked profiles. Version 0.902.
2012-03-31 18:08:20 +02:00
if (creds)
creds->set_session_id(sess_id);
Android 4 client: * Added OpenVPN log file page view in advanced preferences. * Added OpenSSL verify_callback. * Support ns-cert-type * Sanitize logged data to remove Session ID.
2012-03-08 11:30:43 +01:00
#ifdef OPENVPN_SHOW_SESSION_TOKEN
OPENVPN_LOG("using session token " << sess_id);
#else
OPENVPN_LOG("using session token");
#endif
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
}
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
// proto base class calls here for control channel network sends
virtual void control_net_send(const Buffer& net_buf)
{
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
OPENVPN_LOG_CLIPROTO("Transport SEND " << server_endpoint_render() << ' ' << Base::dump_packet(net_buf));
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
if (transport->transport_send_const(net_buf))
Base::update_last_sent();
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
// proto base class calls here for app-level control-channel messages received
virtual void control_recv(BufferPtr& app_bp)
{
More profile validation.
2012-11-14 03:35:50 +01:00
const std::string msg = Unicode::utf8_printable(Base::template read_control_string<std::string>(*app_bp),
Unicode::UTF8_FILTER);
OpenVPN 1.0 Beta 21 (iOS) Implemented IPv6 in iOS client. Added new flags to redirect-gateway to control whether redirection occurs at IPv4 or IPv6 levels (or both): * ipv4 (default) * !ipv4 * ipv6 * !ipv6 Added new directive "redirect-dns yes|no". If yes, all DNS requests will be forwarded through pushed DNS servers. If no, only DNS requests that match domains enumerated in "dhcp-option DOMAIN" directives will be forwarded. If redirect-dns is omitted, it will default to yes if redirect-gateway is specified at the IPv4 level (this is the normal pre-existing behavior). Allow the following aggregated options that are normally pushed by the server to be defined in the config file as well. These options will be combined with server-pushed options: * route * route-ipv6 * redirect-gateway * redirect-private * dhcp-option Allow the following singleton options (i.e. options that don't aggregate), that are normally pushed, to be defined in the config file (note that server-pushed singleton options will override the config file setting): * redirect-dns The Connection Details section of the UI now displays VPN IP addresses for IPv4 and IPv6. Added new pushable option "client-ip IP_ADDR" that can be pushed by the server with the client's IP address as seen by the server. The client will then show the address in the Connection Details section of the UI.
2012-10-03 11:03:02 +02:00
//OPENVPN_LOG("SERVER: " << sanitize_control_message(msg));
Added parser size validation constants in openvpn/client/cliconstants.hpp
2012-11-12 02:52:03 +01:00
Added AuthFailed as an event type.
2012-02-15 19:19:34 +01:00
if (!received_options.complete() && boost::algorithm::starts_with(msg, "PUSH_REPLY,"))
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
{
// parse the received options
Added parser size validation constants in openvpn/client/cliconstants.hpp
2012-11-12 02:52:03 +01:00
received_options.add(OptionList::parse_from_csv_static(msg.substr(11), &pushed_options_limit));
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
if (received_options.complete())
{
// show options
OpenVPN 1.0 Beta 21 (iOS) Implemented IPv6 in iOS client. Added new flags to redirect-gateway to control whether redirection occurs at IPv4 or IPv6 levels (or both): * ipv4 (default) * !ipv4 * ipv6 * !ipv6 Added new directive "redirect-dns yes|no". If yes, all DNS requests will be forwarded through pushed DNS servers. If no, only DNS requests that match domains enumerated in "dhcp-option DOMAIN" directives will be forwarded. If redirect-dns is omitted, it will default to yes if redirect-gateway is specified at the IPv4 level (this is the normal pre-existing behavior). Allow the following aggregated options that are normally pushed by the server to be defined in the config file as well. These options will be combined with server-pushed options: * route * route-ipv6 * redirect-gateway * redirect-private * dhcp-option Allow the following singleton options (i.e. options that don't aggregate), that are normally pushed, to be defined in the config file (note that server-pushed singleton options will override the config file setting): * redirect-dns The Connection Details section of the UI now displays VPN IP addresses for IPv4 and IPv6. Added new pushable option "client-ip IP_ADDR" that can be pushed by the server with the client's IP address as seen by the server. The client will then show the address in the Connection Details section of the UI.
2012-10-03 11:03:02 +02:00
OPENVPN_LOG("OPTIONS:" << std::endl << render_options_sanitized(received_options));
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
// process auth-token
extract_auth_token(received_options);
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
// modify proto config (cipher, auth, and compression methods)
Compression selector in mobile clients is now 3-state: yes -- support compression on both uplink and downlink asym -- support compression on downlink only no (default) -- no compression (stubs only) Added our own internal LZO decompressor, which is enabled when HAVE_LZO is undefined and the standard LZO library is not linked. This allows clients to support LZO in downlink mode only if the library isn't available.
2012-09-08 03:36:54 +02:00
Base::process_push(received_options, *proto_context_options);
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
// initialize tun/routing
tun = tun_factory->new_client_obj(io_service, *this);
tun->client_start(received_options, *transport);
}
else
OPENVPN_LOG("Options continuation...");
}
Added AuthFailed as an event type.
2012-02-15 19:19:34 +01:00
else if (boost::algorithm::starts_with(msg, "AUTH_FAILED"))
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
{
Android 4 client port is almost working (need to get an Android build that includes tun driver to test further).
2012-02-19 02:36:50 +01:00
fatal_ = Error::AUTH_FAILED;
Added AuthFailed as an event type.
2012-02-15 19:19:34 +01:00
if (msg.length() >= 13)
Android 4 client port is almost working (need to get an Android build that includes tun driver to test further).
2012-02-19 02:36:50 +01:00
fatal_reason_ = boost::algorithm::trim_left_copy(std::string(msg, 12));
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
if (notify_callback)
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
{
OPENVPN_LOG("AUTH_FAILED");
stop(true);
}
else
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
throw authentication_failed();
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
}
Fixed a race condition issue with "hot connect", i.e. sending a connect intent to service when already connected. One of the ramifications of the "hot connect" fix above is that OpenVPNClientBase.is_active() will now return a value that is instantaneously up-to-date, whereas events might lag because of the mechanics of inter-thread message posting. Keep this in mind when correlating received events to is_active() values. For C++ core threads, increased allowed thread-stop delay to 2.5 seconds before thread is marked as unresponsive and abandoned. Previous delay was 1 second. This delay can't be made too long, otherwise Android will tell the user that the app is unresponsive and invite them to kill it. When closing out an abandoned core thread, indicate this condition with a new event type called CORE_THREAD_ABANDONED. If the thread is abandoned due to lack of response to a disconnect request, then the CORE_THREAD_ABANDONED event will occur followed by CORE_THREAD_INACTIVE. For core threads that properly exit, the DISCONNECTED event will be followed by CORE_THREAD_INACTIVE. Added save_as_filename parameter to importProfileRemote method for controlling the filename that the imported profile is saved as. This parameter may be set to null to have the method choose an appropriate name. To have an imported profile replace an existing profile, the filenames much match. Added UI_OVERLOADED debugging constant to OpenVPNClient to allow the UI to connect to a profile when already connected to another profile in order to test "hot connect". Added new events CLIENT_HALT and CLIENT_RESTART for compatibility with an Access Server feature that allows the server to remotely kill or restart the client. When connecting a profile, the core will now automatically fill in the username if it is not specified for userlocked profiles. Version 0.902.
2012-03-31 18:08:20 +02:00
else if (ClientHalt::match(msg))
{
const ClientHalt ch(msg);
process_halt_restart(ch);
}
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
virtual void tun_pre_tun_config()
{
ClientEvent::Base::Ptr ev = new ClientEvent::AssignIP();
cli_events->add_event(ev);
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
virtual void tun_pre_route_config()
{
ClientEvent::Base::Ptr ev = new ClientEvent::AddRoutes();
cli_events->add_event(ev);
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
virtual void tun_connected()
{
OPENVPN_LOG("Connected via " + tun->tun_name());
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
ClientEvent::Connected::Ptr ev = new ClientEvent::Connected();
Android 4 client fixes: Fixed session ID -> password replacement. Allow username to be specified as profile/username.
2012-02-28 00:00:29 +01:00
if (creds)
Android 4 UI work: * Multi-profile support. * UI now only shows required fields for each profile. * Added support for server field. * Added support for static challenge/response. * Persist profile/server settings to preferences store.
2012-03-01 09:11:00 +01:00
ev->user = creds->get_username();
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
transport->server_endpoint_info(ev->server_host, ev->server_port, ev->server_proto, ev->server_ip);
OpenVPN 1.0 Beta 21 (iOS) Implemented IPv6 in iOS client. Added new flags to redirect-gateway to control whether redirection occurs at IPv4 or IPv6 levels (or both): * ipv4 (default) * !ipv4 * ipv6 * !ipv6 Added new directive "redirect-dns yes|no". If yes, all DNS requests will be forwarded through pushed DNS servers. If no, only DNS requests that match domains enumerated in "dhcp-option DOMAIN" directives will be forwarded. If redirect-dns is omitted, it will default to yes if redirect-gateway is specified at the IPv4 level (this is the normal pre-existing behavior). Allow the following aggregated options that are normally pushed by the server to be defined in the config file as well. These options will be combined with server-pushed options: * route * route-ipv6 * redirect-gateway * redirect-private * dhcp-option Allow the following singleton options (i.e. options that don't aggregate), that are normally pushed, to be defined in the config file (note that server-pushed singleton options will override the config file setting): * redirect-dns The Connection Details section of the UI now displays VPN IP addresses for IPv4 and IPv6. Added new pushable option "client-ip IP_ADDR" that can be pushed by the server with the client's IP address as seen by the server. The client will then show the address in the Connection Details section of the UI.
2012-10-03 11:03:02 +02:00
ev->vpn_ip4 = tun->vpn_ip4();
ev->vpn_ip6 = tun->vpn_ip6();
try {
More profile validation.
2012-11-14 03:35:50 +01:00
std::string client_ip = received_options.get_optional("client-ip", 1, 256);
Ignore pushed "client-ip" directive unless it is a valid IP address.
2012-10-07 10:57:41 +02:00
if (!client_ip.empty())
ev->client_ip = IP::Addr::validate(client_ip, "client-ip");
OpenVPN 1.0 Beta 21 (iOS) Implemented IPv6 in iOS client. Added new flags to redirect-gateway to control whether redirection occurs at IPv4 or IPv6 levels (or both): * ipv4 (default) * !ipv4 * ipv6 * !ipv6 Added new directive "redirect-dns yes|no". If yes, all DNS requests will be forwarded through pushed DNS servers. If no, only DNS requests that match domains enumerated in "dhcp-option DOMAIN" directives will be forwarded. If redirect-dns is omitted, it will default to yes if redirect-gateway is specified at the IPv4 level (this is the normal pre-existing behavior). Allow the following aggregated options that are normally pushed by the server to be defined in the config file as well. These options will be combined with server-pushed options: * route * route-ipv6 * redirect-gateway * redirect-private * dhcp-option Allow the following singleton options (i.e. options that don't aggregate), that are normally pushed, to be defined in the config file (note that server-pushed singleton options will override the config file setting): * redirect-dns The Connection Details section of the UI now displays VPN IP addresses for IPv4 and IPv6. Added new pushable option "client-ip IP_ADDR" that can be pushed by the server with the client's IP address as seen by the server. The client will then show the address in the Connection Details section of the UI.
2012-10-03 11:03:02 +02:00
}
catch (const std::exception& e)
{
OPENVPN_LOG("Error parsing client-ip: " << e.what());
}
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
ev->tun_name = tun->tun_name();
cli_events->add_event(ev);
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
connected_ = true;
if (notify_callback)
notify_callback->client_proto_connected();
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Did some refactoring to make it easier for tun and transport objects to communicate specific errors or warnings. Added TUN_IFACE_CREATE event, which indicates an error creating the tun interface. Added REROUTE_GW_NO_DNS error stat, which indicates that redirect-gateway (IPv4) was processed without an accompanying DNS directive.
2012-10-24 11:32:15 +02:00
virtual void tun_error(const Error::Type fatal_err, const std::string& err_text)
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
{
Did some refactoring to make it easier for tun and transport objects to communicate specific errors or warnings. Added TUN_IFACE_CREATE event, which indicates an error creating the tun interface. Added REROUTE_GW_NO_DNS error stat, which indicates that redirect-gateway (IPv4) was processed without an accompanying DNS directive.
2012-10-24 11:32:15 +02:00
if (fatal_err != Error::UNDEF)
{
fatal_ = fatal_err;
fatal_reason_ = err_text;
}
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
if (notify_callback)
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
{
Did some refactoring to make it easier for tun and transport objects to communicate specific errors or warnings. Added TUN_IFACE_CREATE event, which indicates an error creating the tun interface. Added REROUTE_GW_NO_DNS error stat, which indicates that redirect-gateway (IPv4) was processed without an accompanying DNS directive.
2012-10-24 11:32:15 +02:00
OPENVPN_LOG("TUN Error: " << err_text);
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
stop(true);
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
}
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
else
Did some refactoring to make it easier for tun and transport objects to communicate specific errors or warnings. Added TUN_IFACE_CREATE event, which indicates an error creating the tun interface. Added REROUTE_GW_NO_DNS error stat, which indicates that redirect-gateway (IPv4) was processed without an accompanying DNS directive.
2012-10-24 11:32:15 +02:00
throw tun_exception(err_text);
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
}
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
// proto base class calls here to get auth credentials
virtual void client_auth(Buffer& buf)
{
Android 4 client fixes: Fixed session ID -> password replacement. Allow username to be specified as profile/username.
2012-02-28 00:00:29 +01:00
if (creds)
{
Android 4 UI work: * Multi-profile support. * UI now only shows required fields for each profile. * Added support for server field. * Added support for static challenge/response. * Persist profile/server settings to preferences store.
2012-03-01 09:11:00 +01:00
Base::write_auth_string(creds->get_username(), buf);
Base::write_auth_string(creds->get_password(), buf);
Android 4 client fixes: Fixed session ID -> password replacement. Allow username to be specified as profile/username.
2012-02-28 00:00:29 +01:00
}
else
{
Base::write_empty_string(buf); // username
Base::write_empty_string(buf); // password
}
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
}
void send_push_request_callback(const boost::system::error_code& e)
{
try {
Bug fixes: * raise default headroom/tailroom to 512 for worst-case compression expansion * for TCP connections use async_connect instead of connect * for Time and Time::Duration, handle subtraction reasonably with infinite values * handle possible infinite duration in to_posix_duration * fix overflow in Time::Duration::to_milliseconds * call Base::update_now() in ClientProto::start
2012-02-07 21:52:40 +01:00
if (!e && !halt && !received_options.partial())
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
{
Base::update_now();
if (!sent_push_request)
{
ClientEvent::Base::Ptr ev = new ClientEvent::GetConfig();
cli_events->add_event(ev);
sent_push_request = true;
}
OPENVPN_LOG("Sending PUSH_REQUEST to server...");
Base::write_control_string(std::string("PUSH_REQUEST"));
Base::flush(true);
set_housekeeping_timer();
schedule_push_request_callback(false);
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
}
Search/replace of: std::exception& e to: const std::exception& e
2012-02-17 20:28:44 +01:00
catch (const std::exception& e)
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
{
First working iOS build.
2012-07-01 17:37:46 +02:00
process_exception(e, "send_push_request_callback");
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
}
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
void schedule_push_request_callback(bool short_time)
{
if (!received_options.partial())
{
push_request_timer.expires_at(now() + (short_time ? Time::Duration::seconds(1) : Time::Duration::seconds(3)));
push_request_timer.async_wait(asio_dispatch_timer(&Session::send_push_request_callback, this));
}
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
// base class calls here when primary session transitions to ACTIVE state
virtual void active()
{
OPENVPN_LOG("Session is ACTIVE");
schedule_push_request_callback(true);
}
void housekeeping_callback(const boost::system::error_code& e)
{
try {
Bug fixes: * raise default headroom/tailroom to 512 for worst-case compression expansion * for TCP connections use async_connect instead of connect * for Time and Time::Duration, handle subtraction reasonably with infinite values * handle possible infinite duration in to_posix_duration * fix overflow in Time::Duration::to_milliseconds * call Base::update_now() in ClientProto::start
2012-02-07 21:52:40 +01:00
if (!e && !halt)
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
{
// update current time
Base::update_now();
housekeeping_schedule.reset();
Base::housekeeping();
if (Base::invalidated())
{
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
if (notify_callback)
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
{
OPENVPN_LOG("Session invalidated");
stop(true);
}
else
throw session_invalidated();
}
set_housekeeping_timer();
}
}
Search/replace of: std::exception& e to: const std::exception& e
2012-02-17 20:28:44 +01:00
catch (const std::exception& e)
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
{
First working iOS build.
2012-07-01 17:37:46 +02:00
process_exception(e, "housekeeping_callback");
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
}
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
void set_housekeeping_timer()
{
Time next = Base::next_housekeeping();
if (!housekeeping_schedule.similar(next))
{
if (!next.is_infinite())
{
next.max(now());
housekeeping_schedule.reset(next);
housekeeping_timer.expires_at(next);
housekeeping_timer.async_wait(asio_dispatch_timer(&Session::housekeeping_callback, this));
}
else
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
{
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
housekeeping_timer.cancel();
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
}
}
}
First working iOS build.
2012-07-01 17:37:46 +02:00
void process_exception(const std::exception& e, const char *method_name)
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
{
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
if (notify_callback)
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
{
First working iOS build.
2012-07-01 17:37:46 +02:00
OPENVPN_LOG("Client exception in " << method_name << ": " << e.what());
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
stop(true);
}
else
throw client_exception(e.what());
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Fixed a race condition issue with "hot connect", i.e. sending a connect intent to service when already connected. One of the ramifications of the "hot connect" fix above is that OpenVPNClientBase.is_active() will now return a value that is instantaneously up-to-date, whereas events might lag because of the mechanics of inter-thread message posting. Keep this in mind when correlating received events to is_active() values. For C++ core threads, increased allowed thread-stop delay to 2.5 seconds before thread is marked as unresponsive and abandoned. Previous delay was 1 second. This delay can't be made too long, otherwise Android will tell the user that the app is unresponsive and invite them to kill it. When closing out an abandoned core thread, indicate this condition with a new event type called CORE_THREAD_ABANDONED. If the thread is abandoned due to lack of response to a disconnect request, then the CORE_THREAD_ABANDONED event will occur followed by CORE_THREAD_INACTIVE. For core threads that properly exit, the DISCONNECTED event will be followed by CORE_THREAD_INACTIVE. Added save_as_filename parameter to importProfileRemote method for controlling the filename that the imported profile is saved as. This parameter may be set to null to have the method choose an appropriate name. To have an imported profile replace an existing profile, the filenames much match. Added UI_OVERLOADED debugging constant to OpenVPNClient to allow the UI to connect to a profile when already connected to another profile in order to test "hot connect". Added new events CLIENT_HALT and CLIENT_RESTART for compatibility with an Access Server feature that allows the server to remotely kill or restart the client. When connecting a profile, the core will now automatically fill in the username if it is not specified for userlocked profiles. Version 0.902.
2012-03-31 18:08:20 +02:00
void process_halt_restart(const ClientHalt& ch)
{
if (ch.restart() && (ch.psid() || !creds || !creds->password_defined()))
fatal_ = Error::CLIENT_RESTART;
else
fatal_ = Error::CLIENT_HALT;
fatal_reason_ = ch.reason();
if (notify_callback)
{
OPENVPN_LOG("Client halt/restart: " << ch.render());
stop(true);
}
else
throw client_halt_restart(ch.render());
}
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
#ifdef OPENVPN_PACKET_LOG
void log_packet(const Buffer& buf, const bool out)
{
if (buf.size())
{
boost::uint16_t len = buf.size() & 0x7FFF;
if (out)
len |= 0x8000;
packet_log.write((const char *)&len, sizeof(len));
packet_log.write((const char *)buf.c_data(), buf.size());
}
}
#endif
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
boost::asio::io_service& io_service;
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
TransportClientFactory::Ptr transport_factory;
TransportClient::Ptr transport;
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
TunClientFactory::Ptr tun_factory;
TunClient::Ptr tun;
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
NotifyCallback* notify_callback;
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
CoarseTime housekeeping_schedule;
AsioTimer housekeeping_timer;
AsioTimer push_request_timer;
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
bool halt;
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
OptionListContinuation received_options;
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Android 4 client fixes: Fixed session ID -> password replacement. Allow username to be specified as profile/username.
2012-02-28 00:00:29 +01:00
ClientCreds::Ptr creds;
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Compression selector in mobile clients is now 3-state: yes -- support compression on both uplink and downlink asym -- support compression on downlink only no (default) -- no compression (stubs only) Added our own internal LZO decompressor, which is enabled when HAVE_LZO is undefined and the standard LZO library is not linked. This allows clients to support LZO in downlink mode only if the library isn't available.
2012-09-08 03:36:54 +02:00
ProtoContextOptions::Ptr proto_context_options;
iOS version: 1.0 Beta 17 Android version: 1.1 beta 1 More alignment of iOS and Android clients: * Normalized building of dependencies for Android and iOS: This build adds some new library dependencies: The library versions required are enumerated in ovpn3/lib-versions, currently: export BOOST_VERSION=boost_1_51_0 export OPENSSL_VERSION=openssl-1.0.1c export POLARSSL_VERSION=polarssl-1.1.4 export LZO_VERSION=lzo-2.06 To build, first mkdir ~/src/android and ~/src/mac if they don't already exist. Set the env var O3 to point to the ovpn3 dir, usually ~/src/ovpn3. Build on iOS: [set PATH to include NDK] cd ~/src/android $O3/scripts/android/build-boost $O3/scripts/android/build-minicrypto $O3/scripts/android/build-polarssl $O3/scripts/android/build-lzo Build on Android: [set PATH to include NDK] cd ~/src/android $O3/scripts/android/build-boost $O3/scripts/android/build-minicrypto $O3/scripts/android/build-polarssl $O3/scripts/android/build-lzo * Integrated Minicrypto library (an assembly language library of low-level crypto functions adapted from OpenSSL). * Added LZO compression with a preference/settings item to enable or disable. * Added special compression handling to support older servers that ignore compression handshake -- this will handle receiving compressed packets even if we didn't ask for them. * Normalized profile naming conventions. iOS changes: * Log tunnel performance stats immediately on disconnection of tunnel. Android changes: * Client now supports loading profiles as attachments opened from other apps. * Added Import Private Tunnel menu item, however current Private Tunnel download page needs to be adapted to fit requirements of Android download manager. * Enter key should advance to the next input field, or connect if entered from the last field. * Import from Access Server now provides the option to download autologin vs. userlogin profiles. * "About" page now shows copyright text for included libraries/content (except for LZO and PolarSSL which will presumably be commercially licensed).
2012-09-05 03:09:34 +02:00
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
bool first_packet_received_;
bool sent_push_request;
Added support to new core for remote-cert-tls, remote-cert-ku, and remote-cert-eku directives.
2012-10-31 15:46:40 +01:00
SessionStats::Ptr cli_stats;
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
ClientEvent::Queue::Ptr cli_events;
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
bool connected_;
Android 4 client port is almost working (need to get an Android build that includes tun driver to test further).
2012-02-19 02:36:50 +01:00
Error::Type fatal_;
std::string fatal_reason_;
Added parser size validation constants in openvpn/client/cliconstants.hpp
2012-11-12 02:52:03 +01:00
OptionList::Limits pushed_options_limit;
Added ClientConnect class which implements an "always-try-to-reconnect" approach, with remote list rotation. Only gives up on auth failure.
2012-02-07 12:37:35 +01:00
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
#ifdef OPENVPN_PACKET_LOG
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
std::ofstream packet_log;
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
#endif
Top-level client refactoring, to move configuration functionality from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 21:39:10 +01:00
};
}
Start process of moving client logic out of cli.cpp into general-purpose classes. Rename ProtoStats to SessionStats and make it more flexible by using an abstract base class model. Add a client event queue for the beginnings of a client-backend API. Added logic to ProtoContext to invalidate session on certain kinds of errors in TCP that would be normally be okay in UDP such as HMAC_ERROR, DECRYPT_ERROR, etc. Add some alignment adjustment logic for READ_LINK_TCP (3 bytes) and READ_LINK_UDP (1 byte).
2012-02-04 11:24:54 +01:00
}
#endif
Copy Permalink