mirror/openvpn3
0
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn3.git synced 2024-09-20 20:13:05 +02:00
Code
afc1a40d00
openvpn3/test/ovpncli/cli.cpp

673 lines
20 KiB
C++
Raw Normal View History

Added AGPL copyrights to some misc source files.
2014-08-25 09:02:40 +02:00
// OpenVPN -- An application to securely tunnel IP networks
// over a single port, with support for SSL/TLS-based
// session authentication and key exchange,
// packet encryption, packet authentication, and
// packet compression.
Added copyright to some straggler files.
2013-01-31 16:00:45 +01:00
//
Updated copyright to 2015.
2015-01-06 20:56:21 +01:00
// Copyright (C) 2012-2015 OpenVPN Technologies, Inc.
Added copyright to some straggler files.
2013-01-31 16:00:45 +01:00
//
Added AGPL copyrights to some misc source files.
2014-08-25 09:02:40 +02:00
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
Added copyright to some straggler files.
2013-01-31 16:00:45 +01:00
//
Added AGPL copyrights to some misc source files.
2014-08-25 09:02:40 +02:00
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.
// OpenVPN 3 test client
Added copyright to some straggler files.
2013-01-31 16:00:45 +01:00
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
#include <stdlib.h> // for atoi
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
#include <string>
#include <iostream>
More conversions of threads/mutexes from boost to C++11 std. As part of this work, removed openvpn/common/thread.hpp
2015-05-11 04:04:22 +02:00
#include <thread>
Refactored cli.cpp so it can be called externally via openvpn_client() method.
2015-11-26 03:51:12 +01:00
#include <memory>
Core: #define BOOST_DISABLE_ASSERTS because boost asserts on null smart pointer dereferences are fairly useless since a segfault will generate more actionable debug info.
2015-04-11 07:48:24 +02:00
In cli.cpp, document the process for using a custom logging class with ovpn3 core: // If enabled, don't direct ovpn3 core logging to // ClientAPI::OpenVPNClient::log() virtual method. // Instead, logging will go to LogBaseSimple::log(). // In this case, make sure to define: // LogBaseSimple log; // at the top of your main() function to receive // log messages from all threads. // Also, note that the OPENVPN_LOG_GLOBAL setting // MUST be consistent across all compilation units. #if 0 #define OPENVPN_LOG_GLOBAL // use global rather than thread-local log object pointer #include <openvpn/log/logbasesimple.hpp> #endif
2015-11-25 19:31:24 +01:00
// If enabled, don't direct ovpn3 core logging to
// ClientAPI::OpenVPNClient::log() virtual method.
// Instead, logging will go to LogBaseSimple::log().
// In this case, make sure to define:
// LogBaseSimple log;
// at the top of your main() function to receive
// log messages from all threads.
// Also, note that the OPENVPN_LOG_GLOBAL setting
// MUST be consistent across all compilation units.
Refactored cli.cpp so it can be called externally via openvpn_client() method.
2015-11-26 03:51:12 +01:00
#ifdef OPENVPN_USE_LOG_BASE_SIMPLE
In cli.cpp, document the process for using a custom logging class with ovpn3 core: // If enabled, don't direct ovpn3 core logging to // ClientAPI::OpenVPNClient::log() virtual method. // Instead, logging will go to LogBaseSimple::log(). // In this case, make sure to define: // LogBaseSimple log; // at the top of your main() function to receive // log messages from all threads. // Also, note that the OPENVPN_LOG_GLOBAL setting // MUST be consistent across all compilation units. #if 0 #define OPENVPN_LOG_GLOBAL // use global rather than thread-local log object pointer #include <openvpn/log/logbasesimple.hpp> #endif
2015-11-25 19:31:24 +01:00
#define OPENVPN_LOG_GLOBAL // use global rather than thread-local log object pointer
#include <openvpn/log/logbasesimple.hpp>
#endif
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
In cli.cpp, document the process for using a custom logging class with ovpn3 core: // If enabled, don't direct ovpn3 core logging to // ClientAPI::OpenVPNClient::log() virtual method. // Instead, logging will go to LogBaseSimple::log(). // In this case, make sure to define: // LogBaseSimple log; // at the top of your main() function to receive // log messages from all threads. // Also, note that the OPENVPN_LOG_GLOBAL setting // MUST be consistent across all compilation units. #if 0 #define OPENVPN_LOG_GLOBAL // use global rather than thread-local log object pointer #include <openvpn/log/logbasesimple.hpp> #endif
2015-11-25 19:31:24 +01:00
// don't export core symbols
#define OPENVPN_CORE_API_VISIBILITY_HIDDEN
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
In cli.cpp, document the process for using a custom logging class with ovpn3 core: // If enabled, don't direct ovpn3 core logging to // ClientAPI::OpenVPNClient::log() virtual method. // Instead, logging will go to LogBaseSimple::log(). // In this case, make sure to define: // LogBaseSimple log; // at the top of your main() function to receive // log messages from all threads. // Also, note that the OPENVPN_LOG_GLOBAL setting // MUST be consistent across all compilation units. #if 0 #define OPENVPN_LOG_GLOBAL // use global rather than thread-local log object pointer #include <openvpn/log/logbasesimple.hpp> #endif
2015-11-25 19:31:24 +01:00
// should be included before other openvpn includes,
// with the exception of openvpn/log includes
#include <client/ovpncli.cpp>
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
In cli.cpp, document the process for using a custom logging class with ovpn3 core: // If enabled, don't direct ovpn3 core logging to // ClientAPI::OpenVPNClient::log() virtual method. // Instead, logging will go to LogBaseSimple::log(). // In this case, make sure to define: // LogBaseSimple log; // at the top of your main() function to receive // log messages from all threads. // Also, note that the OPENVPN_LOG_GLOBAL setting // MUST be consistent across all compilation units. #if 0 #define OPENVPN_LOG_GLOBAL // use global rather than thread-local log object pointer #include <openvpn/log/logbasesimple.hpp> #endif
2015-11-25 19:31:24 +01:00
#include <openvpn/common/platform.hpp>
Fixed build script to work again on OS X. Implement our own wrapper around ::system().
2012-09-12 01:51:37 +02:00
#include <openvpn/common/exception.hpp>
Refactored cli.cpp so it can be called externally via openvpn_client() method.
2015-11-26 03:51:12 +01:00
#include <openvpn/common/string.hpp>
Misc client and pre-server cleanup.
2012-11-26 02:51:24 +01:00
#include <openvpn/common/signal.hpp>
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
#include <openvpn/common/file.hpp>
Added a getopt_long implementation for Windows, since MSVC does not provide one.
2014-02-08 05:49:32 +01:00
#include <openvpn/common/getopt.hpp>
Implemented non-echoed console prompt for password in cli wrapper (Unix platforms only).
2014-03-26 16:44:52 +01:00
#include <openvpn/common/getpw.hpp>
Refactored cli.cpp so it can be called externally via openvpn_client() method.
2015-11-26 03:51:12 +01:00
#include <openvpn/common/cleanup.hpp>
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
#include <openvpn/time/timestr.hpp>
ovpn3 client API now supports adding user-defined peer-info data to the OpenVPN handshake (peer-info is a client -> server key/value list that is part of the OpenVPN protocol). To add peer-info key/value pairs, use ClientAPI::Config::peerInfo. Incremented core OPENVPN_VERSION to "3.0.6".
2015-09-22 04:42:24 +02:00
#include <openvpn/ssl/peerinfo.hpp>
Fixed build script to work again on OS X. Implement our own wrapper around ::system().
2012-09-12 01:51:37 +02:00
Ported to Windows. Implemented full TunClient class for Windows with TAP driver support. For now, we use netsh (rather than TAP driver DHCP) to set all tunnel adapter properties, as this appears to work great on Windows 7. IPv6 is fully supported. Known isues: * netsh doesn't have a command for adding DNS search domains, so we don't support them yet. * While we always try to remove routes and added properties from TAP adapter instance when we close out the session, for robustness, when we bring up TAP adapter, we should try to delete any stale routes on interface left over from previous session. * Right now we call netsh with system(). For security and compatibility with Windows apps (not only console apps), we should use CreateProcess instead.
2014-02-16 09:13:26 +01:00
#if defined(OPENVPN_PLATFORM_WIN)
#include <openvpn/win/console.hpp>
#endif
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
using namespace openvpn;
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
Refactored cli.cpp so it can be called externally via openvpn_client() method.
2015-11-26 03:51:12 +01:00
namespace {
OPENVPN_SIMPLE_EXCEPTION(usage);
}
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
class Client : public ClientAPI::OpenVPNClient
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
{
In cli.cpp, improve dynamic challenge/response support. In client API, allow ClientAPI::ProvideCreds::dynamicChallengeCookie to be set with either the dynamic challenge/response State ID or the full cookie.
2015-05-10 23:39:57 +02:00
public:
bool is_dynamic_challenge() const
{
return !dc_cookie.empty();
}
std::string dynamic_challenge_cookie()
{
return dc_cookie;
}
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
private:
virtual bool socket_protect(int socket)
{
std::cout << "*** socket_protect " << socket << std::endl;
return true;
}
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
virtual void event(const ClientAPI::Event& ev)
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
{
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
std::cout << date_time() << " EVENT: " << ev.name;
if (!ev.info.empty())
std::cout << ' ' << ev.info;
if (ev.error)
std::cout << " [ERR]";
In cli.cpp, improve dynamic challenge/response support. In client API, allow ClientAPI::ProvideCreds::dynamicChallengeCookie to be set with either the dynamic challenge/response State ID or the full cookie.
2015-05-10 23:39:57 +02:00
std::cout << std::endl;
if (ev.name == "DYNAMIC_CHALLENGE")
{
dc_cookie = ev.info;
ClientAPI::DynamicChallenge dc;
if (ClientAPI::OpenVPNClient::parse_dynamic_challenge(ev.info, dc)) {
std::cout << "DYNAMIC CHALLENGE" << std::endl;
std::cout << "challenge: " << dc.challenge << std::endl;
std::cout << "echo: " << dc.echo << std::endl;
std::cout << "responseRequired: " << dc.responseRequired << std::endl;
std::cout << "stateID: " << dc.stateID << std::endl;
}
}
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
}
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
virtual void log(const ClientAPI::LogInfo& log)
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
{
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
std::cout << date_time() << ' ' << log.text << std::flush;
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
}
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
virtual void external_pki_cert_request(ClientAPI::ExternalPKICertRequest& certreq)
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
{
std::cout << "*** external_pki_cert_request" << std::endl;
certreq.error = true;
certreq.errorText = "external_pki_cert_request not implemented";
}
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
virtual void external_pki_sign_request(ClientAPI::ExternalPKISignRequest& signreq)
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
{
std::cout << "*** external_pki_sign_request" << std::endl;
signreq.error = true;
signreq.errorText = "external_pki_sign_request not implemented";
}
Initial HTTP proxy implementation in core, with support for non-authenticated proxies and Basic Auth. Includes new PROXY_ERROR and PROXY_NEED_CREDS events. Still to do: Digest and NTLM auth.
2012-10-24 08:38:20 +02:00
virtual bool pause_on_connection_timeout()
{
return false;
}
In cli.cpp, improve dynamic challenge/response support. In client API, allow ClientAPI::ProvideCreds::dynamicChallengeCookie to be set with either the dynamic challenge/response State ID or the full cookie.
2015-05-10 23:39:57 +02:00
std::string dc_cookie;
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
};
Refactored cli.cpp so it can be called externally via openvpn_client() method.
2015-11-26 03:51:12 +01:00
static Client *the_client = nullptr; // GLOBAL
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
Refactored cli.cpp so it can be called externally via openvpn_client() method.
2015-11-26 03:51:12 +01:00
static void worker_thread()
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
{
Boost dependency elimination -- final removal of Boost dependency. Asio is now included as a standalone, header-only dependency.
2015-06-06 18:59:18 +02:00
asio::detail::signal_blocker signal_blocker; // signals should be handled by parent thread
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
try {
std::cout << "Thread starting..." << std::endl;
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
ClientAPI::Status connect_status = the_client->connect();
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
if (connect_status.error)
Add error code for PEM_PASSWORD_FAIL for conveying error up through client API.
2012-11-16 05:13:48 +01:00
{
std::cout << "connect error: ";
if (!connect_status.status.empty())
std::cout << connect_status.status << ": ";
std::cout << connect_status.message << std::endl;
}
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
}
catch (const std::exception& e)
{
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
std::cout << "Connect thread exception: " << e.what() << std::endl;
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
}
std::cout << "Thread finished" << std::endl;
}
Refactored cli.cpp so it can be called externally via openvpn_client() method.
2015-11-26 03:51:12 +01:00
static void print_stats(const Client& client)
cli wrapper now handles SIGUSR1/SIGUSR2: SIGUSR1: print stats SIGUSR2: toggle pause/resume state
2014-03-24 23:53:19 +01:00
{
const int n = client.stats_n();
std::vector<long long> stats = client.stats_bundle();
std::cout << "STATS:" << std::endl;
for (int i = 0; i < n; ++i)
{
const long long value = stats[i];
if (value)
std::cout << " " << client.stats_name(i) << " : " << value << std::endl;
}
}
In cli.cpp, avoid compiling signal stuff when on Windows.
2014-02-08 05:46:56 +01:00
#if !defined(OPENVPN_PLATFORM_WIN)
Refactored cli.cpp so it can be called externally via openvpn_client() method.
2015-11-26 03:51:12 +01:00
static void handler(int signum)
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
{
Fixed build script to work again on OS X. Implement our own wrapper around ::system().
2012-09-12 01:51:37 +02:00
switch (signum)
{
case SIGTERM:
case SIGINT:
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
std::cout << "received stop signal " << signum << std::endl;
Fixed build script to work again on OS X. Implement our own wrapper around ::system().
2012-09-12 01:51:37 +02:00
if (the_client)
the_client->stop();
break;
case SIGHUP:
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
std::cout << "received reconnect signal " << signum << std::endl;
Fixed build script to work again on OS X. Implement our own wrapper around ::system().
2012-09-12 01:51:37 +02:00
if (the_client)
Ported to Windows. Implemented full TunClient class for Windows with TAP driver support. For now, we use netsh (rather than TAP driver DHCP) to set all tunnel adapter properties, as this appears to work great on Windows 7. IPv6 is fully supported. Known isues: * netsh doesn't have a command for adding DNS search domains, so we don't support them yet. * While we always try to remove routes and added properties from TAP adapter instance when we close out the session, for robustness, when we bring up TAP adapter, we should try to delete any stale routes on interface left over from previous session. * Right now we call netsh with system(). For security and compatibility with Windows apps (not only console apps), we should use CreateProcess instead.
2014-02-16 09:13:26 +01:00
the_client->reconnect(0);
Fixed build script to work again on OS X. Implement our own wrapper around ::system().
2012-09-12 01:51:37 +02:00
break;
cli wrapper now handles SIGUSR1/SIGUSR2: SIGUSR1: print stats SIGUSR2: toggle pause/resume state
2014-03-24 23:53:19 +01:00
case SIGUSR1:
if (the_client)
print_stats(*the_client);
break;
case SIGUSR2:
{
// toggle pause/resume
static bool hup = false;
std::cout << "received pause/resume toggle signal " << signum << std::endl;
if (the_client)
{
if (hup)
the_client->resume();
else
the_client->pause("pause-resume-signal");
hup = !hup;
}
}
break;
Fixed build script to work again on OS X. Implement our own wrapper around ::system().
2012-09-12 01:51:37 +02:00
default:
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
std::cout << "received unknown signal " << signum << std::endl;
Fixed build script to work again on OS X. Implement our own wrapper around ::system().
2012-09-12 01:51:37 +02:00
break;
}
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
}
In cli.cpp, avoid compiling signal stuff when on Windows.
2014-02-08 05:46:56 +01:00
#endif
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
Refactored cli.cpp so it can be called externally via openvpn_client() method.
2015-11-26 03:51:12 +01:00
static std::string read_profile(const char *fn, const std::string* profile_content)
{
if (!string::strcasecmp(fn, "http") && profile_content && !profile_content->empty())
return *profile_content;
else
{
ProfileMerge pm(fn, "ovpn", "", ProfileMerge::FOLLOW_FULL,
ProfileParseLimits::MAX_LINE_SIZE, ProfileParseLimits::MAX_PROFILE_SIZE);
if (pm.status() != ProfileMerge::MERGE_SUCCESS)
OPENVPN_THROW_EXCEPTION("merge config error: " << pm.status_string() << " : " << pm.error());
return pm.profile_content();
}
}
int openvpn_client(int argc, char *argv[], const std::string* profile_content)
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
{
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
static const struct option longopts[] = {
C++11 : rename NULL to nullptr
2015-05-17 10:53:37 +02:00
{ "username", required_argument, nullptr, 'u' },
{ "password", required_argument, nullptr, 'p' },
{ "response", required_argument, nullptr, 'r' },
{ "dc", required_argument, nullptr, 'D' },
{ "proto", required_argument, nullptr, 'P' },
{ "server", required_argument, nullptr, 's' },
{ "timeout", required_argument, nullptr, 't' },
{ "compress", required_argument, nullptr, 'c' },
{ "pk-password", required_argument, nullptr, 'z' },
{ "tvm-override", required_argument, nullptr, 'M' },
{ "proxy-host", required_argument, nullptr, 'h' },
{ "proxy-port", required_argument, nullptr, 'q' },
{ "proxy-username", required_argument, nullptr, 'U' },
{ "proxy-password", required_argument, nullptr, 'W' },
ovpn3 client API now supports adding user-defined peer-info data to the OpenVPN handshake (peer-info is a client -> server key/value list that is part of the OpenVPN protocol). To add peer-info key/value pairs, use ClientAPI::Config::peerInfo. Incremented core OPENVPN_VERSION to "3.0.6".
2015-09-22 04:42:24 +02:00
{ "peer-info", required_argument, nullptr, 'I' },
Added gremlin option to client, controllable via ClientAPI::Config::gremlinConfig string. The gremlin option allows extra packet latency or unreliability to be added to the tunnel. The format of the option is a comma-separated list of numerical parameters: send_delay_ms, recv_delay_ms, send_drop_prob, recv_drop_prob Parameter description: send_delay_ms : delay packets by n milliseconds before transmission (UDP/TCP). recv_delay_ms : delay received packets by n milliseconds before processing them (UDP/TCP). send_drop_prob : drop sent packets with probability 1/n (UDP only). recv_drop_prob : drop received packets with probability 1/n (UDP only). Set any parameter to 0 to disable. Gremlin parameters currently work with UDP and TCP transport as documented above, but not for proxy transport. Client must be built with the OPENVPN_GREMLIN flag to compile gremlin functionality. Command-line client can set the gremlin config string using --gremlin or -G, for example: --gremlin=250,250,64,64 When using the above parameters, an extra 500 milliseconds will be added to round-trip latency, and 1/64 sent or received packets will be dropped.
2016-01-26 08:27:11 +01:00
{ "gremlin", required_argument, nullptr, 'G' },
C++11 : rename NULL to nullptr
2015-05-17 10:53:37 +02:00
{ "proxy-basic", no_argument, nullptr, 'B' },
{ "alt-proxy", no_argument, nullptr, 'A' },
Added client hooks for DCO (Data Channel offload). Updated tun implementation on Linux.
2015-06-17 09:48:33 +02:00
{ "dco", no_argument, nullptr, 'd' },
C++11 : rename NULL to nullptr
2015-05-17 10:53:37 +02:00
{ "eval", no_argument, nullptr, 'e' },
{ "self-test", no_argument, nullptr, 'T' },
{ "cache-password", no_argument, nullptr, 'C' },
{ "no-cert", no_argument, nullptr, 'x' },
{ "force-aes-cbc", no_argument, nullptr, 'f' },
{ "google-dns", no_argument, nullptr, 'g' },
{ "persist-tun", no_argument, nullptr, 'j' },
{ "def-keydir", required_argument, nullptr, 'k' },
{ "merge", no_argument, nullptr, 'm' },
{ "version", no_argument, nullptr, 'v' },
Autologin Sessions are now enabled via the client API bool ClientAPI::Config::autologinSessions and default to false. Previously, the logic was hardcoded to true. Autologin Sessions can be enabled in the cli.cpp wrapper using the -a flag.
2016-02-04 19:39:44 +01:00
{ "auto-sess", no_argument, nullptr, 'a' },
C++11 : rename NULL to nullptr
2015-05-17 10:53:37 +02:00
{ nullptr, 0, nullptr, 0 }
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
};
Added OpenVPNClient::uninit_process() API method that calls InitProcess::uninit(). In test/ovpncli/cli.cpp, move boost::thread* to higher scope.
2014-08-11 00:44:09 +02:00
int ret = 0;
Refactored cli.cpp so it can be called externally via openvpn_client() method.
2015-11-26 03:51:12 +01:00
auto cleanup = Cleanup([]() {
the_client = nullptr;
});
std::unique_ptr<std::thread> thread;
In cli.cpp, document the process for using a custom logging class with ovpn3 core: // If enabled, don't direct ovpn3 core logging to // ClientAPI::OpenVPNClient::log() virtual method. // Instead, logging will go to LogBaseSimple::log(). // In this case, make sure to define: // LogBaseSimple log; // at the top of your main() function to receive // log messages from all threads. // Also, note that the OPENVPN_LOG_GLOBAL setting // MUST be consistent across all compilation units. #if 0 #define OPENVPN_LOG_GLOBAL // use global rather than thread-local log object pointer #include <openvpn/log/logbasesimple.hpp> #endif
2015-11-25 19:31:24 +01:00
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
try {
if (argc >= 2)
{
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
std::string username;
std::string password;
Core changes for password save support.
2012-11-18 19:53:10 +01:00
std::string response;
In cli.cpp, improve dynamic challenge/response support. In client API, allow ClientAPI::ProvideCreds::dynamicChallengeCookie to be set with either the dynamic challenge/response State ID or the full cookie.
2015-05-10 23:39:57 +02:00
std::string dynamicChallengeCookie;
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
std::string proto;
std::string server;
int timeout = 0;
std::string compress;
Added core support for PEM private key passwords.
2012-11-15 23:48:13 +01:00
std::string privateKeyPassword;
Added TLS version min override parameter to ClientAPI::Config: // Override the minimum TLS version: // disabled -- don't specify a minimum, and disable any minimum // specified in profile // default or "" -- use profile minimum // tls_1_0 -- use TLS 1.0 minimum (overrides profile) // tls_1_1 -- use TLS 1.1 minimum (overrides profile) // tls_1_2 -- use TLS 1.2 minimum (overrides profile) std::string tlsVersionMinOverride;
2015-02-05 04:29:43 +01:00
std::string tlsVersionMinOverride;
Initial HTTP proxy implementation in core, with support for non-authenticated proxies and Basic Auth. Includes new PROXY_ERROR and PROXY_NEED_CREDS events. Still to do: Digest and NTLM auth.
2012-10-24 08:38:20 +02:00
std::string proxyHost;
std::string proxyPort;
std::string proxyUsername;
std::string proxyPassword;
ovpn3 client API now supports adding user-defined peer-info data to the OpenVPN handshake (peer-info is a client -> server key/value list that is part of the OpenVPN protocol). To add peer-info key/value pairs, use ClientAPI::Config::peerInfo. Incremented core OPENVPN_VERSION to "3.0.6".
2015-09-22 04:42:24 +02:00
std::string peer_info;
Added gremlin option to client, controllable via ClientAPI::Config::gremlinConfig string. The gremlin option allows extra packet latency or unreliability to be added to the tunnel. The format of the option is a comma-separated list of numerical parameters: send_delay_ms, recv_delay_ms, send_drop_prob, recv_drop_prob Parameter description: send_delay_ms : delay packets by n milliseconds before transmission (UDP/TCP). recv_delay_ms : delay received packets by n milliseconds before processing them (UDP/TCP). send_drop_prob : drop sent packets with probability 1/n (UDP only). recv_drop_prob : drop received packets with probability 1/n (UDP only). Set any parameter to 0 to disable. Gremlin parameters currently work with UDP and TCP transport as documented above, but not for proxy transport. Client must be built with the OPENVPN_GREMLIN flag to compile gremlin functionality. Command-line client can set the gremlin config string using --gremlin or -G, for example: --gremlin=250,250,64,64 When using the above parameters, an extra 500 milliseconds will be added to round-trip latency, and 1/64 sent or received packets will be dropped.
2016-01-26 08:27:11 +01:00
std::string gremlin;
Added core support for PEM private key passwords.
2012-11-15 23:48:13 +01:00
bool eval = false;
Added crypto self test capability to core. Added polarssl/bignum-arm.patch to resolve issue where asm-optimized bignum code would crash on iOS.
2013-06-14 02:34:49 +02:00
bool self_test = false;
Core changes for password save support.
2012-11-18 19:53:10 +01:00
bool cachePassword = false;
iOS: 1.0.1 build 55 Android: 1.1.9 build 31 * Reverted key-direction back to a default of 1. * Raise fatal error if "fragment" option is used. * Made TunBuilderCapture more useful as a base class for tun construction on various platforms. * Added disableClientCert flag at ovpncli.hpp API. * Updated help FAQ with more details on how to properly set key-direction, and notes about possible network disconnect during voice calls.
2013-01-24 14:34:17 +01:00
bool disableClientCert = false;
OpenVPN 1.0.1 build 80 (iOS) OpenVPN 1.1.11 build 43 (Android) Fixed issue with NTLM proxy authentication where connections through Squid proxies would produce the error "NTLM phase-2 Content-Length is not zero".
2013-03-26 18:07:38 +01:00
bool proxyAllowCleartextAuth = false;
Android 1.1.9 build 34 * key-direction default can now be set through the ovpncli API, but generally defaults to -1 (bidirectional).
2013-01-28 02:11:28 +01:00
int defaultKeyDirection = -1;
OpenVPN 1.0.4 build 113 (iOS) Core: Added forceAesCbcCiphersuites config flag. When enabled, the TLS implementation will not set a minimum TLS version for peer negotiation (even if tls-version-min is specified), but will instead force one of these two ciphersuites: 1. TLS_DHE_RSA_WITH_AES_256_CBC_SHA, or 2. TLS_DHE_RSA_WITH_AES_128_CBC_SHA When forceAesCbcCiphersuites is disabled, no explicit set of ciphersuites will be forced, but the TLS minimum version will be set to 1.0 or (or higher if tls-version-min is specified). Also added iOS preference and cli.cpp option to control the forceAesCbcCiphersuites flag.
2013-12-27 23:16:05 +01:00
bool forceAesCbcCiphersuites = false;
Added --google-dns, -g, enable Google DNS fallback option to cli.cpp frontend.
2014-03-03 22:41:25 +01:00
bool googleDnsFallback = false;
Autologin Sessions are now enabled via the client API bool ClientAPI::Config::autologinSessions and default to false. Previously, the logic was hardcoded to true. Autologin Sessions can be enabled in the cli.cpp wrapper using the -a flag.
2016-02-04 19:39:44 +01:00
bool autologinSessions = false;
Added cli option to enable tunPersist: --persist-tun, -j : keep TUN interface open across reconnects
2014-02-16 09:04:19 +01:00
bool tunPersist = false;
Added ./cli -m (merge) option.
2013-12-29 04:12:21 +01:00
bool merge = false;
Added -v flag to OpenVPN cli tool -- will output API platform() string.
2014-01-15 00:34:03 +01:00
bool version = false;
Added AltProxy API that allows for alternative proxy implementations to be developed outside the core.
2015-02-03 07:11:51 +01:00
bool altProxy = false;
Added client hooks for DCO (Data Channel offload). Updated tun implementation on Linux.
2015-06-17 09:48:33 +02:00
bool dco = false;
Initial HTTP proxy implementation in core, with support for non-authenticated proxies and Basic Auth. Includes new PROXY_ERROR and PROXY_NEED_CREDS events. Still to do: Digest and NTLM auth.
2012-10-24 08:38:20 +02:00
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
int ch;
In cli.cpp, fixed regression where command line arg parser wasn't aligning correctly on the argv array.
2015-12-11 20:11:25 +01:00
optind = 1;
Autologin Sessions are now enabled via the client API bool ClientAPI::Config::autologinSessions and default to false. Previously, the logic was hardcoded to true. Autologin Sessions can be enabled in the cli.cpp wrapper using the -a flag.
2016-02-04 19:39:44 +01:00
while ((ch = getopt_long(argc, argv, "BAdeTCxfgjmvau:p:r:D:P:s:t:c:z:M:h:q:U:W:I:G:k:", longopts, nullptr)) != -1)
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
{
switch (ch)
{
Added core support for PEM private key passwords.
2012-11-15 23:48:13 +01:00
case 'e':
eval = true;
break;
Added crypto self test capability to core. Added polarssl/bignum-arm.patch to resolve issue where asm-optimized bignum code would crash on iOS.
2013-06-14 02:34:49 +02:00
case 'T':
self_test = true;
break;
Core changes for password save support.
2012-11-18 19:53:10 +01:00
case 'C':
cachePassword = true;
break;
iOS: 1.0.1 build 55 Android: 1.1.9 build 31 * Reverted key-direction back to a default of 1. * Raise fatal error if "fragment" option is used. * Made TunBuilderCapture more useful as a base class for tun construction on various platforms. * Added disableClientCert flag at ovpncli.hpp API. * Updated help FAQ with more details on how to properly set key-direction, and notes about possible network disconnect during voice calls.
2013-01-24 14:34:17 +01:00
case 'x':
disableClientCert = true;
break;
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
case 'u':
username = optarg;
break;
case 'p':
password = optarg;
break;
Core changes for password save support.
2012-11-18 19:53:10 +01:00
case 'r':
response = optarg;
break;
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
case 'P':
proto = optarg;
break;
case 's':
server = optarg;
break;
case 't':
Android 1.1.9 build 34 * key-direction default can now be set through the ovpncli API, but generally defaults to -1 (bidirectional).
2013-01-28 02:11:28 +01:00
timeout = ::atoi(optarg);
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
break;
case 'c':
compress = optarg;
break;
Added core support for PEM private key passwords.
2012-11-15 23:48:13 +01:00
case 'z':
privateKeyPassword = optarg;
break;
Added TLS version min override parameter to ClientAPI::Config: // Override the minimum TLS version: // disabled -- don't specify a minimum, and disable any minimum // specified in profile // default or "" -- use profile minimum // tls_1_0 -- use TLS 1.0 minimum (overrides profile) // tls_1_1 -- use TLS 1.1 minimum (overrides profile) // tls_1_2 -- use TLS 1.2 minimum (overrides profile) std::string tlsVersionMinOverride;
2015-02-05 04:29:43 +01:00
case 'M':
tlsVersionMinOverride = optarg;
break;
Initial HTTP proxy implementation in core, with support for non-authenticated proxies and Basic Auth. Includes new PROXY_ERROR and PROXY_NEED_CREDS events. Still to do: Digest and NTLM auth.
2012-10-24 08:38:20 +02:00
case 'h':
proxyHost = optarg;
break;
case 'q':
proxyPort = optarg;
break;
case 'U':
proxyUsername = optarg;
break;
case 'W':
proxyPassword = optarg;
break;
OpenVPN 1.0.1 build 80 (iOS) OpenVPN 1.1.11 build 43 (Android) Fixed issue with NTLM proxy authentication where connections through Squid proxies would produce the error "NTLM phase-2 Content-Length is not zero".
2013-03-26 18:07:38 +01:00
case 'B':
proxyAllowCleartextAuth = true;
break;
Added AltProxy API that allows for alternative proxy implementations to be developed outside the core.
2015-02-03 07:11:51 +01:00
case 'A':
altProxy = true;
break;
Added client hooks for DCO (Data Channel offload). Updated tun implementation on Linux.
2015-06-17 09:48:33 +02:00
case 'd':
dco = true;
break;
OpenVPN 1.0.4 build 113 (iOS) Core: Added forceAesCbcCiphersuites config flag. When enabled, the TLS implementation will not set a minimum TLS version for peer negotiation (even if tls-version-min is specified), but will instead force one of these two ciphersuites: 1. TLS_DHE_RSA_WITH_AES_256_CBC_SHA, or 2. TLS_DHE_RSA_WITH_AES_128_CBC_SHA When forceAesCbcCiphersuites is disabled, no explicit set of ciphersuites will be forced, but the TLS minimum version will be set to 1.0 or (or higher if tls-version-min is specified). Also added iOS preference and cli.cpp option to control the forceAesCbcCiphersuites flag.
2013-12-27 23:16:05 +01:00
case 'f':
forceAesCbcCiphersuites = true;
break;
Added --google-dns, -g, enable Google DNS fallback option to cli.cpp frontend.
2014-03-03 22:41:25 +01:00
case 'g':
googleDnsFallback = true;
break;
Autologin Sessions are now enabled via the client API bool ClientAPI::Config::autologinSessions and default to false. Previously, the logic was hardcoded to true. Autologin Sessions can be enabled in the cli.cpp wrapper using the -a flag.
2016-02-04 19:39:44 +01:00
case 'a':
autologinSessions = true;
break;
Added cli option to enable tunPersist: --persist-tun, -j : keep TUN interface open across reconnects
2014-02-16 09:04:19 +01:00
case 'j':
tunPersist = true;
break;
Added ./cli -m (merge) option.
2013-12-29 04:12:21 +01:00
case 'm':
merge = true;
break;
Added -v flag to OpenVPN cli tool -- will output API platform() string.
2014-01-15 00:34:03 +01:00
case 'v':
version = true;
break;
Android 1.1.9 build 34 * key-direction default can now be set through the ovpncli API, but generally defaults to -1 (bidirectional).
2013-01-28 02:11:28 +01:00
case 'k':
{
const std::string arg = optarg;
if (arg == "bi" || arg == "bidirectional")
defaultKeyDirection = -1;
else if (arg == "0")
defaultKeyDirection = 0;
else if (arg == "1")
defaultKeyDirection = 1;
else
OPENVPN_THROW_EXCEPTION("bad default key-direction: " << arg);
}
break;
In cli.cpp, improve dynamic challenge/response support. In client API, allow ClientAPI::ProvideCreds::dynamicChallengeCookie to be set with either the dynamic challenge/response State ID or the full cookie.
2015-05-10 23:39:57 +02:00
case 'D':
dynamicChallengeCookie = optarg;
break;
ovpn3 client API now supports adding user-defined peer-info data to the OpenVPN handshake (peer-info is a client -> server key/value list that is part of the OpenVPN protocol). To add peer-info key/value pairs, use ClientAPI::Config::peerInfo. Incremented core OPENVPN_VERSION to "3.0.6".
2015-09-22 04:42:24 +02:00
case 'I':
peer_info = optarg;
break;
Added gremlin option to client, controllable via ClientAPI::Config::gremlinConfig string. The gremlin option allows extra packet latency or unreliability to be added to the tunnel. The format of the option is a comma-separated list of numerical parameters: send_delay_ms, recv_delay_ms, send_drop_prob, recv_drop_prob Parameter description: send_delay_ms : delay packets by n milliseconds before transmission (UDP/TCP). recv_delay_ms : delay received packets by n milliseconds before processing them (UDP/TCP). send_drop_prob : drop sent packets with probability 1/n (UDP only). recv_drop_prob : drop received packets with probability 1/n (UDP only). Set any parameter to 0 to disable. Gremlin parameters currently work with UDP and TCP transport as documented above, but not for proxy transport. Client must be built with the OPENVPN_GREMLIN flag to compile gremlin functionality. Command-line client can set the gremlin config string using --gremlin or -G, for example: --gremlin=250,250,64,64 When using the above parameters, an extra 500 milliseconds will be added to round-trip latency, and 1/64 sent or received packets will be dropped.
2016-01-26 08:27:11 +01:00
case 'G':
gremlin = optarg;
break;
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
default:
Refactored cli.cpp so it can be called externally via openvpn_client() method.
2015-11-26 03:51:12 +01:00
throw usage();
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
}
}
argc -= optind;
argv += optind;
Added -v flag to OpenVPN cli tool -- will output API platform() string.
2014-01-15 00:34:03 +01:00
if (version)
{
std::cout << "OpenVPN cli 1.0" << std::endl;
std::cout << ClientAPI::OpenVPNClient::platform() << std::endl;
std::cout << ClientAPI::OpenVPNClient::copyright() << std::endl;
}
else if (self_test)
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
{
Added crypto self test capability to core. Added polarssl/bignum-arm.patch to resolve issue where asm-optimized bignum code would crash on iOS.
2013-06-14 02:34:49 +02:00
std::cout << ClientAPI::OpenVPNClient::crypto_self_test();
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
}
Added ./cli -m (merge) option.
2013-12-29 04:12:21 +01:00
else if (merge)
{
if (argc != 1)
Refactored cli.cpp so it can be called externally via openvpn_client() method.
2015-11-26 03:51:12 +01:00
throw usage();
std::cout << read_profile(argv[0], profile_content);
Added ./cli -m (merge) option.
2013-12-29 04:12:21 +01:00
}
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
else
{
In command line client (cli.cpp), allow additional config file directives to be specified on the command line after the config file name.
2015-12-28 21:23:39 +01:00
if (argc < 1)
Refactored cli.cpp so it can be called externally via openvpn_client() method.
2015-11-26 03:51:12 +01:00
throw usage();
Added crypto self test capability to core. Added polarssl/bignum-arm.patch to resolve issue where asm-optimized bignum code would crash on iOS.
2013-06-14 02:34:49 +02:00
In cli.cpp, improve dynamic challenge/response support. In client API, allow ClientAPI::ProvideCreds::dynamicChallengeCookie to be set with either the dynamic challenge/response State ID or the full cookie.
2015-05-10 23:39:57 +02:00
bool retry;
do {
retry = false;
ClientAPI::Config config;
config.guiVersion = "cli 1.0";
Refactored cli.cpp so it can be called externally via openvpn_client() method.
2015-11-26 03:51:12 +01:00
config.content = read_profile(argv[0], profile_content);
In command line client (cli.cpp), allow additional config file directives to be specified on the command line after the config file name.
2015-12-28 21:23:39 +01:00
for (int i = 1; i < argc; ++i)
{
config.content += argv[i];
config.content += '\n';
}
In cli.cpp, improve dynamic challenge/response support. In client API, allow ClientAPI::ProvideCreds::dynamicChallengeCookie to be set with either the dynamic challenge/response State ID or the full cookie.
2015-05-10 23:39:57 +02:00
config.serverOverride = server;
config.protoOverride = proto;
config.connTimeout = timeout;
config.compressionMode = compress;
config.privateKeyPassword = privateKeyPassword;
config.tlsVersionMinOverride = tlsVersionMinOverride;
config.disableClientCert = disableClientCert;
config.proxyHost = proxyHost;
config.proxyPort = proxyPort;
config.proxyUsername = proxyUsername;
config.proxyPassword = proxyPassword;
config.proxyAllowCleartextAuth = proxyAllowCleartextAuth;
config.altProxy = altProxy;
Added client hooks for DCO (Data Channel offload). Updated tun implementation on Linux.
2015-06-17 09:48:33 +02:00
config.dco = dco;
In cli.cpp, improve dynamic challenge/response support. In client API, allow ClientAPI::ProvideCreds::dynamicChallengeCookie to be set with either the dynamic challenge/response State ID or the full cookie.
2015-05-10 23:39:57 +02:00
config.defaultKeyDirection = defaultKeyDirection;
config.forceAesCbcCiphersuites = forceAesCbcCiphersuites;
config.googleDnsFallback = googleDnsFallback;
Autologin Sessions are now enabled via the client API bool ClientAPI::Config::autologinSessions and default to false. Previously, the logic was hardcoded to true. Autologin Sessions can be enabled in the cli.cpp wrapper using the -a flag.
2016-02-04 19:39:44 +01:00
config.autologinSessions = autologinSessions;
In cli.cpp, improve dynamic challenge/response support. In client API, allow ClientAPI::ProvideCreds::dynamicChallengeCookie to be set with either the dynamic challenge/response State ID or the full cookie.
2015-05-10 23:39:57 +02:00
config.tunPersist = tunPersist;
Added gremlin option to client, controllable via ClientAPI::Config::gremlinConfig string. The gremlin option allows extra packet latency or unreliability to be added to the tunnel. The format of the option is a comma-separated list of numerical parameters: send_delay_ms, recv_delay_ms, send_drop_prob, recv_drop_prob Parameter description: send_delay_ms : delay packets by n milliseconds before transmission (UDP/TCP). recv_delay_ms : delay received packets by n milliseconds before processing them (UDP/TCP). send_drop_prob : drop sent packets with probability 1/n (UDP only). recv_drop_prob : drop received packets with probability 1/n (UDP only). Set any parameter to 0 to disable. Gremlin parameters currently work with UDP and TCP transport as documented above, but not for proxy transport. Client must be built with the OPENVPN_GREMLIN flag to compile gremlin functionality. Command-line client can set the gremlin config string using --gremlin or -G, for example: --gremlin=250,250,64,64 When using the above parameters, an extra 500 milliseconds will be added to round-trip latency, and 1/64 sent or received packets will be dropped.
2016-01-26 08:27:11 +01:00
config.gremlinConfig = gremlin;
ovpn3 client API now supports adding user-defined peer-info data to the OpenVPN handshake (peer-info is a client -> server key/value list that is part of the OpenVPN protocol). To add peer-info key/value pairs, use ClientAPI::Config::peerInfo. Incremented core OPENVPN_VERSION to "3.0.6".
2015-09-22 04:42:24 +02:00
PeerInfo::Set::parse_csv(peer_info, config.peerInfo);
In cli.cpp, improve dynamic challenge/response support. In client API, allow ClientAPI::ProvideCreds::dynamicChallengeCookie to be set with either the dynamic challenge/response State ID or the full cookie.
2015-05-10 23:39:57 +02:00
if (eval)
{
ClientAPI::EvalConfig eval = ClientAPI::OpenVPNClient::eval_config_static(config);
std::cout << "EVAL PROFILE" << std::endl;
std::cout << "error=" << eval.error << std::endl;
std::cout << "message=" << eval.message << std::endl;
std::cout << "userlockedUsername=" << eval.userlockedUsername << std::endl;
std::cout << "profileName=" << eval.profileName << std::endl;
std::cout << "friendlyName=" << eval.friendlyName << std::endl;
std::cout << "autologin=" << eval.autologin << std::endl;
std::cout << "externalPki=" << eval.externalPki << std::endl;
std::cout << "staticChallenge=" << eval.staticChallenge << std::endl;
std::cout << "staticChallengeEcho=" << eval.staticChallengeEcho << std::endl;
std::cout << "privateKeyPasswordRequired=" << eval.privateKeyPasswordRequired << std::endl;
std::cout << "allowPasswordSave=" << eval.allowPasswordSave << std::endl;
for (size_t i = 0; i < eval.serverList.size(); ++i)
{
const ClientAPI::ServerEntry& se = eval.serverList[i];
std::cout << '[' << i << "] " << se.server << '/' << se.friendlyName << std::endl;
}
}
else
{
Client client;
ClientAPI::EvalConfig eval = client.eval_config(config);
if (eval.error)
OPENVPN_THROW_EXCEPTION("eval config error: " << eval.message);
if (eval.autologin)
{
if (!username.empty() || !password.empty())
std::cout << "NOTE: creds were not needed" << std::endl;
}
else
{
if (username.empty())
OPENVPN_THROW_EXCEPTION("need creds");
ClientAPI::ProvideCreds creds;
if (password.empty() && dynamicChallengeCookie.empty())
password = get_password("Password:");
creds.username = username;
creds.password = password;
creds.response = response;
creds.dynamicChallengeCookie = dynamicChallengeCookie;
creds.replacePasswordWithSessionID = true;
creds.cachePassword = cachePassword;
ClientAPI::Status creds_status = client.provide_creds(creds);
if (creds_status.error)
OPENVPN_THROW_EXCEPTION("creds error: " << creds_status.message);
}
std::cout << "CONNECTING..." << std::endl;
Added crypto self test capability to core. Added polarssl/bignum-arm.patch to resolve issue where asm-optimized bignum code would crash on iOS.
2013-06-14 02:34:49 +02:00
In cli.cpp, avoid compiling signal stuff when on Windows.
2014-02-08 05:46:56 +01:00
#if !defined(OPENVPN_PLATFORM_WIN)
In cli.cpp, improve dynamic challenge/response support. In client API, allow ClientAPI::ProvideCreds::dynamicChallengeCookie to be set with either the dynamic challenge/response State ID or the full cookie.
2015-05-10 23:39:57 +02:00
// start connect thread
the_client = &client;
Refactored cli.cpp so it can be called externally via openvpn_client() method.
2015-11-26 03:51:12 +01:00
thread.reset(new std::thread([]() {
worker_thread();
}));
Added crypto self test capability to core. Added polarssl/bignum-arm.patch to resolve issue where asm-optimized bignum code would crash on iOS.
2013-06-14 02:34:49 +02:00
In ovpn3 command-line client (cli.cpp), scope the signal handler (for unix) so that it's only active during thread->join() to minimize potential deadlock issues between signal handler and main thread.
2015-05-28 06:01:05 +02:00
{
// catch signals that might occur while we're in join()
Signal signal(handler, Signal::F_SIGINT|Signal::F_SIGTERM|Signal::F_SIGHUP|Signal::F_SIGUSR1|Signal::F_SIGUSR2);
// wait for connect thread to exit
thread->join();
}
C++11 : rename NULL to nullptr
2015-05-17 10:53:37 +02:00
the_client = nullptr;
Ported to Windows. Implemented full TunClient class for Windows with TAP driver support. For now, we use netsh (rather than TAP driver DHCP) to set all tunnel adapter properties, as this appears to work great on Windows 7. IPv6 is fully supported. Known isues: * netsh doesn't have a command for adding DNS search domains, so we don't support them yet. * While we always try to remove routes and added properties from TAP adapter instance when we close out the session, for robustness, when we bring up TAP adapter, we should try to delete any stale routes on interface left over from previous session. * Right now we call netsh with system(). For security and compatibility with Windows apps (not only console apps), we should use CreateProcess instead.
2014-02-16 09:13:26 +01:00
#else
In cli.cpp, improve dynamic challenge/response support. In client API, allow ClientAPI::ProvideCreds::dynamicChallengeCookie to be set with either the dynamic challenge/response State ID or the full cookie.
2015-05-10 23:39:57 +02:00
// Set Windows title bar
const std::string title_text = "F2:Stats F3:Reconnect F4:Stop F5:Pause";
Win::Console::Title title(ClientAPI::OpenVPNClient::platform() + " " + title_text);
Win::Console::Input console;
// start connect thread
Updated Windows client for VS 2015.
2015-06-09 19:21:41 +02:00
volatile bool thread_exit = false;
In cli.cpp, improve dynamic challenge/response support. In client API, allow ClientAPI::ProvideCreds::dynamicChallengeCookie to be set with either the dynamic challenge/response State ID or the full cookie.
2015-05-10 23:39:57 +02:00
the_client = &client;
Refactored cli.cpp so it can be called externally via openvpn_client() method.
2015-11-26 03:51:12 +01:00
thread.reset(new std::thread([&thread_exit]() {
worker_thread();
thread_exit = true;
}));
In cli.cpp, improve dynamic challenge/response support. In client API, allow ClientAPI::ProvideCreds::dynamicChallengeCookie to be set with either the dynamic challenge/response State ID or the full cookie.
2015-05-10 23:39:57 +02:00
// wait for connect thread to exit, also check for keypresses
Updated Windows client for VS 2015.
2015-06-09 19:21:41 +02:00
while (!thread_exit)
In cli.cpp, improve dynamic challenge/response support. In client API, allow ClientAPI::ProvideCreds::dynamicChallengeCookie to be set with either the dynamic challenge/response State ID or the full cookie.
2015-05-10 23:39:57 +02:00
{
while (true)
{
const unsigned int c = console.get();
if (!c)
break;
else if (c == 0x3C) // F2
print_stats(*the_client);
else if (c == 0x3D) // F3
the_client->reconnect(0);
else if (c == 0x3E) // F4
the_client->stop();
else if (c == 0x3F) // F5
the_client->pause("user-pause");
}
Updated Windows client for VS 2015.
2015-06-09 19:21:41 +02:00
Sleep(1000);
In cli.cpp, improve dynamic challenge/response support. In client API, allow ClientAPI::ProvideCreds::dynamicChallengeCookie to be set with either the dynamic challenge/response State ID or the full cookie.
2015-05-10 23:39:57 +02:00
}
Updated Windows client for VS 2015.
2015-06-09 19:21:41 +02:00
// wait for connect thread to exit
thread->join();
C++11 : rename NULL to nullptr
2015-05-17 10:53:37 +02:00
the_client = nullptr;
Ported to Windows. Implemented full TunClient class for Windows with TAP driver support. For now, we use netsh (rather than TAP driver DHCP) to set all tunnel adapter properties, as this appears to work great on Windows 7. IPv6 is fully supported. Known isues: * netsh doesn't have a command for adding DNS search domains, so we don't support them yet. * While we always try to remove routes and added properties from TAP adapter instance when we close out the session, for robustness, when we bring up TAP adapter, we should try to delete any stale routes on interface left over from previous session. * Right now we call netsh with system(). For security and compatibility with Windows apps (not only console apps), we should use CreateProcess instead.
2014-02-16 09:13:26 +01:00
#endif
Added crypto self test capability to core. Added polarssl/bignum-arm.patch to resolve issue where asm-optimized bignum code would crash on iOS.
2013-06-14 02:34:49 +02:00
In cli.cpp, improve dynamic challenge/response support. In client API, allow ClientAPI::ProvideCreds::dynamicChallengeCookie to be set with either the dynamic challenge/response State ID or the full cookie.
2015-05-10 23:39:57 +02:00
// Get dynamic challenge response
if (client.is_dynamic_challenge())
{
std::cout << "ENTER RESPONSE" << std::endl;
std::getline(std::cin, response);
if (!response.empty())
{
dynamicChallengeCookie = client.dynamic_challenge_cookie();
retry = true;
}
}
else
{
// print closing stats
print_stats(client);
}
}
} while (retry);
Added core support for PEM private key passwords.
2012-11-15 23:48:13 +01:00
}
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
}
else
Refactored cli.cpp so it can be called externally via openvpn_client() method.
2015-11-26 03:51:12 +01:00
throw usage();
}
catch (const usage&)
{
std::cout << "OpenVPN Client (ovpncli)" << std::endl;
In command line client (cli.cpp), allow additional config file directives to be specified on the command line after the config file name.
2015-12-28 21:23:39 +01:00
std::cout << "usage: cli [options] <config-file> [extra-config-directives...]" << std::endl;
Refactored cli.cpp so it can be called externally via openvpn_client() method.
2015-11-26 03:51:12 +01:00
std::cout << "--version, -v : show version info" << std::endl;
std::cout << "--eval, -e : evaluate profile only (standalone)" << std::endl;
std::cout << "--merge, -m : merge profile into unified format (standalone)" << std::endl;
std::cout << "--username, -u : username" << std::endl;
std::cout << "--password, -p : password" << std::endl;
std::cout << "--response, -r : static response" << std::endl;
std::cout << "--dc, -D : dynamic challenge/response cookie" << std::endl;
std::cout << "--proto, -P : protocol override (udp|tcp)" << std::endl;
std::cout << "--server, -s : server override" << std::endl;
std::cout << "--timeout, -t : timeout" << std::endl;
std::cout << "--compress, -c : compression mode (yes|no|asym)" << std::endl;
std::cout << "--pk-password, -z : private key password" << std::endl;
std::cout << "--tvm-override, -M : tls-version-min override (disabled, default, tls_1_x)" << std::endl;
std::cout << "--proxy-host, -h : HTTP proxy hostname/IP" << std::endl;
std::cout << "--proxy-port, -q : HTTP proxy port" << std::endl;
std::cout << "--proxy-username, -U : HTTP proxy username" << std::endl;
std::cout << "--proxy-password, -W : HTTP proxy password" << std::endl;
std::cout << "--proxy-basic, -B : allow HTTP basic auth" << std::endl;
std::cout << "--alt-proxy, -A : enable alternative proxy module" << std::endl;
std::cout << "--dco, -d : enable data channel offload" << std::endl;
std::cout << "--cache-password, -C : cache password" << std::endl;
std::cout << "--no-cert, -x : disable client certificate" << std::endl;
std::cout << "--def-keydir, -k : default key direction ('bi', '0', or '1')" << std::endl;
std::cout << "--force-aes-cbc, -f : force AES-CBC ciphersuites" << std::endl;
std::cout << "--google-dns, -g : enable Google DNS fallback" << std::endl;
Autologin Sessions are now enabled via the client API bool ClientAPI::Config::autologinSessions and default to false. Previously, the logic was hardcoded to true. Autologin Sessions can be enabled in the cli.cpp wrapper using the -a flag.
2016-02-04 19:39:44 +01:00
std::cout << "--auto-sess, -a : request autologin session" << std::endl;
Refactored cli.cpp so it can be called externally via openvpn_client() method.
2015-11-26 03:51:12 +01:00
std::cout << "--persist-tun, -j : keep TUN interface open across reconnects" << std::endl;
std::cout << "--peer-info, -I : peer info key/value list in the form K1=V1,K2=V2,..." << std::endl;
Added gremlin option to client, controllable via ClientAPI::Config::gremlinConfig string. The gremlin option allows extra packet latency or unreliability to be added to the tunnel. The format of the option is a comma-separated list of numerical parameters: send_delay_ms, recv_delay_ms, send_drop_prob, recv_drop_prob Parameter description: send_delay_ms : delay packets by n milliseconds before transmission (UDP/TCP). recv_delay_ms : delay received packets by n milliseconds before processing them (UDP/TCP). send_drop_prob : drop sent packets with probability 1/n (UDP only). recv_drop_prob : drop received packets with probability 1/n (UDP only). Set any parameter to 0 to disable. Gremlin parameters currently work with UDP and TCP transport as documented above, but not for proxy transport. Client must be built with the OPENVPN_GREMLIN flag to compile gremlin functionality. Command-line client can set the gremlin config string using --gremlin or -G, for example: --gremlin=250,250,64,64 When using the above parameters, an extra 500 milliseconds will be added to round-trip latency, and 1/64 sent or received packets will be dropped.
2016-01-26 08:27:11 +01:00
std::cout << "--gremlin, -G : gremlin info (send_delay_ms, recv_delay_ms, send_drop_prob, recv_drop_prob)" << std::endl;
Refactored cli.cpp so it can be called externally via openvpn_client() method.
2015-11-26 03:51:12 +01:00
ret = 2;
}
return ret;
}
#ifndef OPENVPN_OVPNCLI_OMIT_MAIN
int main(int argc, char *argv[])
{
int ret = 0;
#ifdef OPENVPN_LOG_LOGBASE_H
LogBaseSimple log;
#endif
try {
Client::init_process();
ret = openvpn_client(argc, argv, nullptr);
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
}
catch (const std::exception& e)
{
Allow test/ssl/proto.cpp to be run on Mac OS X with PolarSSL used as both client and server implementation. Added DH support to PolarSSL. Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code in proto.cpp to allow scenarios to be tested where either the server, client, or both initiate renegotiation. Updated test/ovpncli/cli.cpp with new command line options and will now run on Mac OS X. Updated Android and iOS build systems to no longer include any LZO support, and to include Snappy support instead.
2012-09-15 08:56:18 +02:00
std::cout << "Main thread exception: " << e.what() << std::endl;
Added OpenVPNClient::uninit_process() API method that calls InitProcess::uninit(). In test/ovpncli/cli.cpp, move boost::thread* to higher scope.
2014-08-11 00:44:09 +02:00
ret = 1;
Added crypto self test capability to core. Added polarssl/bignum-arm.patch to resolve issue where asm-optimized bignum code would crash on iOS.
2013-06-14 02:34:49 +02:00
}
Added OpenVPNClient::uninit_process() API method that calls InitProcess::uninit(). In test/ovpncli/cli.cpp, move boost::thread* to higher scope.
2014-08-11 00:44:09 +02:00
Client::uninit_process();
return ret;
Updated linux scripts to work with latest core and library organization. Added scripts under scripts/linux for building dependent libraries. Added test/ovpncli/cli.cpp to provide a command line client that exercises ovpncli.hpp API and can be built via build script.
2012-09-10 01:10:20 +02:00
}
Refactored cli.cpp so it can be called externally via openvpn_client() method.
2015-11-26 03:51:12 +01:00
#endif
Copy Permalink