mirror/openvpn3
0
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn3.git synced 2024-09-20 20:13:05 +02:00
Code
1,171 Commits 3 Branches 40 Tags 12 MiB
20cba09579
Commit Graph

342 Commits

Author SHA1 Message Date
James Yonan
da5927761c In split.hpp, use std::move where possible. 2015-06-03 23:48:36 -06:00
James Yonan
87a2a684ce Allow callers of split_host_port() to get the actual 
integer port number.
 2015-06-03 23:46:11 -06:00
James Yonan
94260d47c2 In rc.hpp, add debugging mode enabled by OPENVPN_RC_DEBUG that 
will log info about objects being managed.
 2015-06-01 23:35:03 -06:00
James Yonan
803b91724b In asiodispatch.hpp, added class AsioDispatchResolveArg. 2015-06-01 23:31:36 -06:00
James Yonan
bceb5be362 Add noexcept to some methods in process.hpp and redir.hpp 
that need to run in an async-signal context, i.e. between
fork on the child side, and execve.
 2015-05-27 13:54:10 -06:00
James Yonan
16bb7df1d2 Added support for weak pointers to rc.hpp. 2015-05-26 22:45:24 -06:00
James Yonan
adb617c40a Refactored daemon.hpp and process.hpp, adding a more 
general-purpose stdin/stdout/stderr redirection
class.
 2015-05-26 15:22:22 -06:00
James Yonan
be2922de39 Refactored methods for parsing/validating hosts/ports 
into openvpn/common/hostport.hpp
 2015-05-19 15:01:53 -06:00
James Yonan
e609e318ca Renamed openvpn/common/port.hpp -> openvpn/common/hostport.hpp 2015-05-19 13:33:29 -06:00
James Yonan
b75c780cab Renamed boost::intrusive_ptr<T> usage to RCPtr<T>. 2015-05-17 21:26:53 -06:00
James Yonan
35ac9f6229 Renamed types.hpp to size.hpp since it now only defines 
size_t and ssize_t.
 2015-05-17 13:27:34 -06:00
James Yonan
e494846f7d Moved count_t to its own header file. 2015-05-17 13:17:24 -06:00
James Yonan
5d1bc1c952 Moved array_size() function to its own header file. 2015-05-17 12:57:23 -06:00
James Yonan
fe6fcefa61 C++11 : rename NULL to nullptr 2015-05-17 02:53:37 -06:00
James Yonan
68b8f12b25 Refactored ScopedPtr usage to std::unique_ptr. 
Removed ScopedPtr.
 2015-05-17 01:41:16 -06:00
James Yonan
fd6892f8fa Added AsioBoundSocket -- an Asio TCP socket that can be configured 
so that open() method always prebinds the socket to a given local
address.  Useful for TCP clients.
 2015-05-15 13:33:56 -06:00
James Yonan
53e6af884a In OptionList, added get_optional_relaxed() and 
get_default_relaxed() methods.
 2015-05-13 21:55:32 -06:00
James Yonan
970a41757d Modified OPENVPN_OSTREAM() macro to not require data 
type to be convertible to std::string.
 2015-05-10 20:05:00 -06:00
James Yonan
3bcf8743c1 More conversions of threads/mutexes from boost to C++11 std. 
As part of this work, removed openvpn/common/thread.hpp
 2015-05-10 20:04:22 -06:00
James Yonan
7a6053f4b5 class RC: redefined thread_safe_refcount in a C++11 way. 2015-05-10 15:33:06 -06:00
James Yonan
e7b3af3e01 class Base64: added encode() method that accepts a raw unsigned 
char * buffer.
 2015-05-10 15:30:30 -06:00
James Yonan
6baf23462f Added render_hex_sep() method that allows a separator between 
each byte.
 2015-05-01 13:41:25 -06:00
James Yonan
d441693725 Added a second SetUserGroup constructor that accepts std::string 
arguments instead of const char *.  Made both constructors
explicit.
 2015-04-30 10:34:07 -06:00
James Yonan
36576a26c5 Break up existing daemonize() method into two methods: 
1. log_setup -- redirect stdin/stdout/stderr
2. daemonize -- actually call daemon()

For compatibility, the old daemonize() method is still
available and is now internally composed using the new
methods.
 2015-04-30 10:29:51 -06:00
James Yonan
6b8d51e5d9 Added event_loop_wait_barrier(). 2015-04-25 10:09:08 -06:00
James Yonan
46498b6bbf Refactored RunContext to eliminate possibility of race between 
set_thread and set_server.
 2015-04-25 10:03:33 -06:00
James Yonan
709486cd1a Added some extra logging to RunContext::do_cancel() to show 
number of threads we called thread_safe_stop() on compared
to the total number of threads.
 2015-04-24 01:26:42 -06:00
James Yonan
c7bc3aff22 Don't use #include <cassert>, instead throw Exception() 
instead of assert().
 2015-04-24 01:24:48 -06:00
James Yonan
0fde33173a C++11 update: mass replace of boost::uint/int to std::uint/int. 2015-04-23 17:55:07 -06:00
James Yonan
a51c0bf0bf Mostly complete transition from boost::thread to std::thread. 2015-04-23 17:07:56 -06:00
James Yonan
89cf6bb369 Changed BOOST_ASSERT usage to assert() (#include <cassert>). 2015-04-23 15:42:12 -06:00
James Yonan
36550cd35e Update to C++11 noncopyable semantics. 
Instead of inheriting from boost::noncopyable,
use the C++11 delete qualifier:

    Class(const Class&) = delete;
    Class& operator=(const Class&) = delete;
 2015-04-23 15:10:43 -06:00
James Yonan
f12c2ab7eb C++11 update -- in rc.hpp, change boost::detail::atomic_count 
to std::atomic<long>.
 2015-04-23 14:37:28 -06:00
James Yonan
9d9c51d6f4 C++11 update -- converted boost::unordered_map usage to 
std::unordered_map.
 2015-04-23 14:08:54 -06:00
James Yonan
4b02f237eb minor C++11 update: Changed BOOST_STATIC_ASSERT to static_assert. 2015-04-23 13:03:09 -06:00
James Yonan
069de90ffd minor C++11 updates: 
* rename BOOST_NOEXCEPT to noexcept

* verify that certain classes are noexcept move constructable
  including Option, Buffer, BufferAllocated, RunContext::Thread
 2015-04-23 12:49:25 -06:00
James Yonan
95e11e9172 Added openvpn/common/stat.hpp with file_exists() method. 2015-04-22 17:53:12 -06:00
James Yonan
b27ce6ad93 New string methods: 
string::unix2dos()         -- convert \n to \r\n
string::split_host_port()  -- split host:port
 2015-04-22 01:51:57 -06:00
James Yonan
d6fa2307b1 Use a switch in string::is_space(). 2015-04-22 01:51:07 -06:00
James Yonan
664b276716 render_hex() methods now take an optional caps argument to 
control whether hex chars a-f are rendered as lowercase or
uppercase.

Renamed the template form of render_hex() to render_hex_generic(),
to avoid ambiguity from new caps parameter.
 2015-04-21 00:42:15 -06:00
James Yonan
1e54bba2bc Added ServerThreadBase to runcontext.hpp. 2015-04-19 11:20:47 -06:00
James Yonan
7b4d98d1eb Added missing include to asiodispatch.hpp. 2015-04-15 22:18:32 -06:00
James Yonan
d1bd2d8d3c Added operator[] to ScopedPtr. 2015-04-12 10:52:59 -06:00
James Yonan
6f35bbd9d1 Extend daemonize() to do initial log rotate. 2015-04-09 21:45:19 -06:00
James Yonan
f2d03f292a Added string::replace_spaces method. 2015-04-09 15:22:38 -06:00
James Yonan
a206d08820 Added OptionList::get_optional_noexcept method. 2015-04-09 15:21:56 -06:00
James Yonan
1d6096609b Added additional parse_user_pass() convenience method. 2015-03-27 01:20:30 -06:00
James Yonan
688588bd12 Added sockopt.hpp with common setsockopt functions 
(reuseport, reuseaddr, tcp_nodelay).
 2015-03-19 14:04:31 -06:00
James Yonan
f683eca1d7 Added SignalBlockerDefault to handle common usage case. 2015-03-19 13:58:31 -06:00
James Yonan
987867082c Use C++11 std::thread (instead of boost::thread) if USE_STD_THREAD 
if defined.
 2015-03-19 13:56:38 -06:00
James Yonan
d1072035b3 Added openvpn/common/inotify.hpp. 
Created initial method INotify::mask_to_string() to convert
an inotify mask to a human-readable string for debugging.
 2015-02-10 15:58:58 -07:00
James Yonan
c8ffeea283 Added string::len_without_trailing_nulls method. 2015-02-10 15:57:42 -07:00
James Yonan
26b792436a Added ScopedFD::reset() method. 2015-02-10 15:57:09 -07:00
James Yonan
58031408d7 ScopedFD::close() should not be virtual. 2015-02-10 15:56:49 -07:00
James Yonan
01a381ef44 Added nondigit_term bool to parse_number() to allow parsing 
of numbers that are terminated by non-number chars.  Previously
only '\0' could terminate a number.
 2015-02-10 15:55:32 -07:00
James Yonan
2226a34850 In asiodispatch.hpp, added dispatcher for asio async_read 
without argument: asio_dispatch_read_noarg().
 2015-02-10 15:54:34 -07:00
James Yonan
90d98c8fac class OptionList now inherits from RCCopyable. 2015-02-03 17:34:13 -07:00
James Yonan
d5f249b3a4 Added class RunContext for managing threads in a 
multi-threaded server.
 2015-02-01 01:48:18 -07:00
James Yonan
169612f842 Add virtual void post_close() method to ScopedFD so derived 
classes can do post-close actions.
 2015-01-24 20:07:36 -07:00
James Yonan
79b9deb2bc Added SIGUSR1/SIGUSR2 to class ASIOSignals. 
Also added register_signals_all() method.
 2015-01-16 01:52:59 -07:00
James Yonan
69d0a9cefb Added SetUserGroup class for downgrading UID/GID. 2015-01-14 23:50:40 -07:00
James Yonan
fbfc84f460 Refactored PThreadCond and added PThreadBarrier for cases 
where all threads need to reach a known point before
executing some action.
 2015-01-14 23:17:20 -07:00
James Yonan
8d61382731 Core version number updated to 3.0.3. 2015-01-14 12:12:34 -07:00
James Yonan
915d0220a4 Added methods for daemonization and redirecting stdout/stderr 
to a log file.
 2015-01-13 23:18:57 -07:00
James Yonan
e0910bf6c4 Added PolarSSL AuthCert support (server-side only). 2015-01-12 23:20:23 -07:00
James Yonan
e817a9dc0b Added dump_hex methods. 2015-01-12 23:16:51 -07:00
James Yonan
9004e8cbea Added PThreadCond, a wrapper for pthread conditions. 2015-01-12 18:39:32 -07:00
James Yonan
58de6a371d Added class OptionList convenience method get_num() 
with range checking.
 2015-01-12 18:35:53 -07:00
James Yonan
9965704558 Added write_string() method to write a std::string to a file. 2015-01-12 18:34:10 -07:00
James Yonan
2f65d5b550 Added enum_dir() function to return filenames in a directory 
as a vector of strings.
 2015-01-08 15:18:55 -07:00
James Yonan
93ced6f8d9 Added string::root() function to return the 
non-extension part of the filename.
 2015-01-08 15:16:51 -07:00
James Yonan
d51c6c6dc4 Added render_hex_number() function to hexstr.hpp. 2015-01-08 15:16:11 -07:00
James Yonan
c2c7292a70 Updated copyright to 2015. 2015-01-06 12:56:21 -07:00
James Yonan
47236d5ab5 Updated OPENVPN_VERSION to "3.0.2". 2015-01-05 19:25:18 -07:00
James Yonan
0acb038808 Added class OptionList convenience methods get_default() 
and get_num().

Also, get_optional() should return a std::string, not a
const std::string.
 2014-12-29 21:54:23 -07:00
James Yonan
464690aa6b Added class ServerPushList for keeping track of 
push "..." directives on the server.
 2014-12-29 21:51:08 -07:00
James Yonan
1789443603 Updated core version to 3.0.1. 2014-12-21 11:03:09 -07:00
James Yonan
ea29858135 Added Option::get_default method. 2014-12-13 21:20:29 -07:00
James Yonan
81a7f2ad75 In asiodispatch.hpp, added dispatcher for asio 
async_accept with argument.
 2014-12-13 21:19:18 -07:00
James Yonan
f5ff65562e OptionList, Option: 
* Make use of C++11 move semantics for optimization, especially
  where std::vector<Option> is pushed onto OptionList.

* Fixed bug in Option::render() where arguments would be
  printed without any delimiter if RENDER_BRACKET flag was
  absent.

* Added parse_from_peer_info() method, for parsing peer info
  string received from client.
 2014-10-30 10:36:33 -06:00
James Yonan
758ac9daa0 Templatized UTF-8 methods such as Unicode::utf8_printable to 
work on arbitrary string types (such as upcoming SafeString).
 2014-10-30 10:18:30 -06:00
James Yonan
43f0a6a636 Added a more human-readable render_hex method: render_hex_pretty. 2014-10-25 22:25:11 -06:00
James Yonan
0c91391bae Added C++11 array_size method that is constexpr so it can be used 
for compile-time asserts.

Use C++11 static_assert and array_size to verify size consistency
of tables in openvpn/error/error.hpp.
 2014-10-23 13:44:52 -06:00
James Yonan
5826910bbe Refactored server-side client instance object (ServerProto::Session) 
to use Link abstraction (openvpn/common/link.hpp) to link with
transport layer (and other layers such as routing and management
as development progresses).
 2014-08-19 15:41:59 -06:00
James Yonan
1531189578 class BackRef is no longer used. Move it to unused directory. 2014-08-19 09:20:39 -06:00
James Yonan
ea406b83c8 Added flag OPENVPN_RC_USERDEF to allow for debug implementations 
of intrusive_ptr_add_ref and intrusive_ptr_release.
 2014-08-19 00:57:38 -06:00
James Yonan
170fc59508 Refer to abort() as std::abort(). 2014-08-18 02:55:30 -06:00
James Yonan
516cd89a76 Added class SignalBlocker for selective blocking of posix signals. 2014-08-17 22:35:51 -06:00
James Yonan
4e39a533e9 Added new constant-time memory comparison function crypto::memneq 
to replace memcmp_secure.  crypto::memneq benefits from insights
gained during the development of crypto_memneq for the Linux kernel.
 2014-08-17 22:09:12 -06:00
James Yonan
6e5e84d2d6 Added new function hash_combine_data. 2014-08-15 22:19:17 -06:00
James Yonan
03d74ed507 Annotate RC and RCCopyable methods with BOOST_NOEXCEPT 
to play well with std::function small object optimization.
 2014-08-15 22:05:25 -06:00
James Yonan
08fff1b640 For class String (RC-inheriting version of std::string), forgot 
to make the inheritance of RC<thread_unsafe_refcount> public.
 2014-08-14 11:24:07 -06:00
James Yonan
aeba511846 Added parse_port function. 2014-08-14 11:22:33 -06:00
James Yonan
03dd9aa766 Added write_binary method to file.hpp. 2014-08-11 18:02:21 -06:00
James Yonan
b3245b4590 Simplified class BackRef and added test code. 2014-08-10 20:59:21 -06:00
James Yonan
4b5cbc4cc6 Added AsioDispatchComposedConnect for dispatch/callback 
to an Asio ComposedConnectHandler.
 2014-08-10 17:17:11 -06:00
James Yonan
564dcdc2cf Added C++11 move construction/assignment to CF::Wrap, 
BufferAllocatedType, ScopedPtr, and ScopedFD.
 2014-08-10 16:53:39 -06:00
James Yonan
2c6d972ad6 Added AGPL copyright/licensing language. 2014-07-20 21:22:06 -06:00
James Yonan
820b0720ff Core: Fixed issue in base64.hpp with typo in expression that 
terminates loop through char array.

This is functionally a no-op because the
(*p == equal || is_base64_char(*p)) term will effectively
terminate the loop when *p != '\0' because is_base64_char(0)
returns 0.
 2014-07-07 14:46:44 -06:00
James Yonan
5c009430bb New implementation of tunPersist for Mac OS X based on FailsafeBlock 
strategy, where the default route and DNS client are redirected to
localhost during pause/reconnect.
 2014-03-30 23:21:28 -06:00
James Yonan
40a1842502 Implemented non-echoed console prompt for password in cli wrapper 
(Unix platforms only).
 2014-03-28 18:53:15 -06:00
James Yonan
91f82f1276 cli wrapper now handles SIGUSR1/SIGUSR2: 
SIGUSR1: print stats
SIGUSR2: toggle pause/resume state
 2014-03-24 16:53:19 -06:00
James Yonan
c1cf0d7375 In ActionList::execute(), catch exceptions and log them. 2014-03-06 00:27:41 -07:00
James Yonan
9e35e41fb4 Added ActionThread class to allow Action objects to be 
executed asynchronously in a worker thread.

Needed to make some changes to logthread as well
to allow log context to be made available to
the worker thread.
 2014-03-06 00:27:41 -07:00
James Yonan
074dbafa27 Ported minicrypto lib to OS X for PolarSSL optimization. 
These scripts

  scripts/mac/build-minicrypto
  scripts/mac/build-polarssl

will now build PolarSSL (on OSX) with libminicrypto linkage.
Currently, only SHA1/256/512 implementations from OpenSSL are
built in libminicrypto.  We leave the current PolarSSL AES
implementation as-is since it now implements AES-NI.

Also added portable openssl/build-openssl script.
 2014-03-04 17:42:00 -07:00
James Yonan
6900658a39 Fixed issue where OPENVPN_SIMPLE_EXCEPTION_INHERIT 
instantiation was failing due to lack of a default constructor.
 2014-02-27 21:21:54 -07:00
James Yonan
28bf9b2a15 Added full support for OpenVPN 3 on Mac OS X (10.6 and higher) 
including DNS and IPv6 support.
 2014-02-27 18:34:17 -07:00
James Yonan
33f6153f34 Added ScopedPtr<T>::ref() method. 2014-02-20 17:10:57 -07:00
James Yonan
e8be2d6956 Added operator()() convenience method to ScopedPtr to return 
raw pointer.
 2014-02-16 00:44:49 -07:00
James Yonan
c91beca441 Moved OPENVPN_STRINGIZE(x), a macro that puts double-quotes 
around x, into its own source file in common.  Modified
exception.hpp to reference it.
 2014-02-16 00:37:50 -07:00
James Yonan
4f4571ee30 More additions to TunPersist for Windows: 
* Allow DestructorBase object to be bound to TunPersist-owned
  SCOPED_OBJ object, so that DestructorBase::destroy() is guaranteed
  to be called before SCOPED_OBJ destruction.  This is used as a
  mechanism to remove routes and other properties of the Windows
  TAP adapter that must be unwound when the TAP adapter is closed.

* Added ScopedAsioStream to allow an Asio stream object to
  be managed by a TunPersist object.

* Added TunPersistAsioStream which supports that subset of the Asio
  stream interface required by TunIO, and is intended to wrap a
  ScopedAsioStream embedded in a TunPersist object.
  It is used primarily on Windows to wrap the TAP interface HANDLE
  in way that plays well with Windows I/O completion ports (once
  a HANDLE is bound to an I/O completion port it cannot be unbound).
 2014-02-16 00:14:36 -07:00
James Yonan
a9a60a2283 ScopedFD::close() should return a standard status independent of the 
underlying implementation.  So return boolean true on successful
close (or no-op) and false on error.
 2014-02-11 19:55:12 -07:00
James Yonan
09681f9aea Added ScopedFD::defined_static method. 2014-02-11 00:24:40 -07:00
James Yonan
279c6d5994 Added static ScopedFD::undefined() method to return the undefined 
base_type value, i.e. -1.  This is intended to smooth out the
differences between ScopedFD and (upcoming) ScopedHANDLE APIs,
so that they can be used as template types.
 2014-02-10 22:59:02 -07:00
James Yonan
0255621670 Added a getopt_long implementation for Windows, since MSVC does 
not provide one.
 2014-02-08 00:13:23 -07:00
James Yonan
ecc122feed In cli.cpp, avoid compiling signal stuff when on Windows. 2014-02-08 00:13:23 -07:00
James Yonan
03cf311f75 Windows: fix some MSVC compiler warnings. 2014-02-08 00:13:23 -07:00
James Yonan
ea4e95bf24 Refactored find_first_set and find_last_set for both 
Unix and Windows support.
 2014-02-07 21:22:29 -07:00
James Yonan
7ce7b73940 Added opportunistic long typedefs (olong and oulong) that are 
32 bits on 32-bit machines and 64 bits on 64-bit machines.

This is needed because on Windows (MSVC), long is 32 bits
even when building in x64 mode.
 2014-02-07 21:11:32 -07:00
James Yonan
b80e4af571 core: recognize backslash as a directory separator char on all 
platforms, including Unix.  This is necessary to allow ProfileMerge
to operate correctly when Windows profiles are merged on Unix.
 2014-01-30 12:31:32 -07:00
James Yonan
d20fb9a47f core: added platform info method to OpenVPN 3 API: 
// Returns platform description string
  static std::string platform();
 2014-01-14 16:28:29 -07:00
James Yonan
baca5e05d5 Core proxy changes: 
Added support for "http-proxy" and "http-proxy-option" directives
in the main section of the config file, outside of <connection>
blocks.

Added <http-proxy-user-pass> multiline directive for inlining
proxy creds:

  <http-proxy-user-pass>
  user
  pass
  </http-proxy-user-pass>

Merge class now knows how to expand creds file inline.
For example,

  http-proxy ntlm.yonan.net 3128 auth.txt

is converted to:

  http-proxy ntlm.yonan.net 3128 auto
  <http-proxy-user-pass>
  user
  pass
  </http-proxy-user-pass>
 2013-12-30 16:17:22 -07:00
James Yonan
b6d17ba69e Added Option::escape() method. 
Minor string/option refactoring.
 2013-12-28 20:20:21 -07:00
James Yonan
2cbe310f35 OpenVPN 1.0.4 build 114 (iOS) 
Dusted off LZ4 implementation and enabled in iOS
and cli.cpp builds.

Tested LZ4 as well with OpenVPN 3 acting as the client,
with a hacked AS and OpenVPN 2.3 (JY) acting as the server
(see lz4hack patches).
 2013-12-27 22:21:22 -07:00
James Yonan
1481327d72 OpenVPN 1.0.2 build 98 (iOS) 
Ported iOS client and OpenVPN 3 core to ARM-64.
Now building a "fat binary" with Xcode 5.0.1 that
targets arm7, arm7s, and arm64.

Outstanding issues:

* IPv6 doesn't route through tunnel on iOS7
* Client doesn't install on iOS 5.1.1.
 2013-11-11 12:33:35 -07:00
James Yonan
f290f9feee Extended IP.Addr class to handle extents as IP.Addr objects. This 
extends the IP.Addr class to act more-or-less as a generic 128-bit
unsigned integer class.
 2013-07-29 05:48:03 +00:00
James Yonan
a5210ce061 In ipv6-vps.ovpn, use the setenv opt form of the 
tls-version-min directive:

  setenv opt tls-version-min 1.2 or-highest

In 3.0 core, properly set OPENVPN_VERSION to 3.0.

Updated make-community to automatically push at
end of build.
 2013-06-11 02:04:07 +00:00
James Yonan
cf39be0516 Log unused options, i.e. options specified in config file that were 
unrecognized, ignored, or unused.

This behavior is somewhat different (by design) to 2.x branch, which
will raise a fatal exception if an unrecognized option is
encountered.
 2013-06-10 00:42:19 +00:00
James Yonan
906584ba3b Support "setenv opt" prefix before directives, where 
its presence indicates that the directive is optional,
i.e. if a client doesn't understand the directive, it
should simply ignore it.
 2013-06-08 16:10:35 +00:00
James Yonan
e92899c490 Relax options parser a bit and follow OpenVPN 2.x behavior 
where if more than one instance of an option exists, and
a single instance of the option is required, use the last
instance.  Previously we would raise an exception in this case.
 2013-06-03 06:31:22 +00:00
James Yonan
bbaaf65b0a Fixed options parsing issue if non-aggregate option was 
specified in profile as well as pushed by server
(the pushed version should win).
 2013-05-25 01:13:11 +00:00
James Yonan
d3c592c991 For iOS (and other platforms in the future), added the capability 
for server to push proxy options, e.g.:

  push "dhcp-option PROXY_HTTP 10.144.5.14 3128"
  push "dhcp-option PROXY_HTTPS 10.144.5.14 3128"
  push "dhcp-option PROXY_BYPASS www.yonan.net staging.openvpn.net"
  push "dhcp-option PROXY_AUTO_CONFIG_URL http://www.yonan.net/proxy.pac"
 2013-05-24 20:04:37 +00:00
James Yonan
ffe53114ab Copy ProtoConfig for each connection within a client session so that 
modifications due to server push will not persist across client
instantiations.

Added RCCopyable object, a variation on RC that allows copying and
assignment.
 2013-04-21 20:29:14 +00:00
James Yonan
964e9553b5 Added more functionality to IP:Addr classes so that they can be 
wrapped by swig and used in the Access Server to represent IPv4
and IPv6 addresses.
 2013-04-04 00:51:25 +00:00
James Yonan
82d2dfb280 OpenVPN 1.0.1 build 79 (iOS) 
OpenVPN 1.1.10 build 42 (Android)

Change to memcmp_secure: declare memory regions as volatile
to avoid potential compiler optimizations from leaking
timing info.
 2013-03-22 18:02:45 +00:00
James Yonan
cebc610e8e Implemented route-nopull (second attempt). 2013-03-14 02:54:58 +00:00
James Yonan
be3a573f66 Core change: provide logic for tunPerist that works with iOS-style 
tun semantics, however this code has not been enabled yet on iOS
because it breaks in several ways:

1. network available/unavailable detection appears to break when
   tun interface is kept alive across transport connection sessions.

2. plugin session persistence appears to fail when these lines are not
   executed immediately after transport pause/resume:

     VPNTunnelSetStatus(tunnelRef, kVPNTunnelStatusReasserting, 0);
     VPNTunnelClearConfiguration(tunnelRef)

iOS Core change: change pause/reconnect delay to 3 seconds (from 2)
to reduce flapping.
 2013-02-19 06:38:10 +00:00
James Yonan
13db8d94ca Core: modified read_text_utf8 to remove the Windows UTF-8 BOM, 
if present.
 2013-01-30 13:36:53 +00:00
James Yonan
6c0be1e1c0 iOS: 1.0.1 build 55 
Android: 1.1.9 build 31

* Reverted key-direction back to a default of 1.

* Raise fatal error if "fragment" option is used.

* Made TunBuilderCapture more useful as a base class for
  tun construction on various platforms.

* Added disableClientCert flag at ovpncli.hpp API.

* Updated help FAQ with more details on how to
  properly set key-direction, and notes about
  possible network disconnect during voice calls.
 2013-01-24 13:34:17 +00:00
James Yonan
3b8ede216d Core: on PolarSSL, try to do string rendition of X509 subject 
just like OpenSSL, so that tls-remote equality matches with the
X509 subject will be compatible.
 2013-01-20 08:44:49 +00:00
James Yonan
5055dedbfc Core: fixed issue with parsing time period options (such as 
"reneg-sec"), where if period is 0, we must treat it as essentially
infinite.  This fixes the issue where "reneg-sec 0" was causing an
infinite connect loop.

Refactored number.hpp to provide all reasonable number-parsing
functionality, so that typeinfo.hpp can be retired.
 2013-01-20 06:34:49 +00:00
James Yonan
400b7324da In Android client, added a custom error dialog for 
TAP-based tunnels not supported.
 2012-12-12 02:19:07 +00:00
James Yonan
e51e5421cf Updated OpenSSL driver to feature equivalance with 
PolarSSL driver.

Updated Linux build.

Added badcert.ovpn test profile to trigger certificate
verification error.
 2012-11-26 07:46:09 +00:00
James Yonan
d5874f4684 Misc client and pre-server cleanup. 2012-11-26 01:51:24 +00:00
James Yonan
3a16bc0248 Move unused files out of source tree. 2012-11-23 06:33:27 +00:00
James Yonan
4d9a751af2 Added head comments to all source files. 
Minor reorganization of unicode code.
 2012-11-23 06:18:43 +00:00
James Yonan
5047d251a0 Fixed iOS regression caused by addition of support for non-unified 
profile merge, where profiles that succeeded in the merge phase
but failed in the options parse phase would crash the UI.
 2012-11-15 16:17:46 +00:00
James Yonan
0d16acd0bb Minor exception code cleanup. 2012-11-14 16:41:33 +00:00
James Yonan
daa97ededd Added support for <connection> blocks in profile. 2012-11-14 05:12:48 +00:00
James Yonan
31d87f09a4 Extend config file parser to recognize end-of-line comments 
that start with # or ;

To pass these chars as part of an argument, make sure to quote
them.
 2012-11-14 03:25:59 +00:00