three-level factory model:
CryptoDCFactory -- builds CryptoDCContext objects for a given
cipher/digest
CryptoDCContext -- builds CryptoDCBase objects for a given key ID
CryptoDCBase -- encrypt/decrypt data channel
These scripts
scripts/mac/build-minicrypto
scripts/mac/build-polarssl
will now build PolarSSL (on OSX) with libminicrypto linkage.
Currently, only SHA1/256/512 implementations from OpenSSL are
built in libminicrypto. We leave the current PolarSSL AES
implementation as-is since it now implements AES-NI.
Also added portable openssl/build-openssl script.
* Fixed compile issue due to need to replace cc.enable_debug()
with cc.ssl_debug_level = 1.
* Added RENEG var to control number of "virtual seconds" between
SSL renegotiations.
* Doc changes in README.txt.
like the rest of the core.
Added verbose() method to class SessionStats so that clients can
know whether to pass extra text data to error() virtual method.
* Updated to Xcode 4.5 and tested client build on iOS6.
* Note that it is no longer necessary to copy the private
SystemConfiguration header files for the VPN API into the
Xcode tree. The OpenVPN Xcode project file will now
reference them directly from the ovpn3 tree.
* Note that in Xcode 4.5, the iPhoneOSProductTypes.xcspec file that
must be edited to allow bundle signing is now a binary plist.
Use the Mac plutil tool to convert it to JSON so it can be edited
then convert back to binary:
$ cp iPhoneOSProductTypes.xcspec iPhoneOSProductTypes.xcspec.backup
$ plutil -convert json -r iPhoneOSProductTypes.xcspec
[ edit iPhoneOSProductTypes.xcspec according to instructions in
ovpn3/doc/Build_VPN_App_and_Plugin.pdf ]
$ plutil -convert binary1 iPhoneOSProductTypes.xcspec
* The ARM assembler provided in Xcode 4.5 is no longer able to
assemble the Minicrypto ASM algorithms. As a workaround, before
updating to Xcode 4.5, preserve the previous clang binary by
copying it to ~/clang3/clang -- the build-minicrypto script will
expect it to exist. This is the version of clang that must be used:
$ ~/clang3/clang --version
Apple clang version 3.0 (tags/Apple/clang-211.10.1) (based on LLVM 3.0svn)
Target: x86_64-apple-darwin11.4.2
Thread model: posix
* Make sure to update your PATH to include the new Xcode 4.5 clang and
rebuild all libraries. I found that updating to Xcode 4.5 left the
old clang in /usr/bin. The Xcode 4.5 clang should show this version
info:
$ clang --version
Apple clang version 4.1 (tags/Apple/clang-421.11.65) (based on LLVM 3.1svn)
Target: x86_64-apple-darwin11.4.2
Thread model: posix
* Added $O3/scripts/mac/build-all script to build all Mac/iOS
dependencies.
used as both client and server implementation.
Added DH support to PolarSSL.
Added CLIENT_NO_RENEG and SERVER_NO_RENEG flags to test code
in proto.cpp to allow scenarios to be tested where either
the server, client, or both initiate renegotiation.
Updated test/ovpncli/cli.cpp with new command line options
and will now run on Mac OS X.
Updated Android and iOS build systems to no longer include
any LZO support, and to include Snappy support instead.
organization.
Added scripts under scripts/linux for building dependent
libraries.
Added test/ovpncli/cli.cpp to provide a command line client that
exercises ovpncli.hpp API and can be built via build script.
general-purpose classes.
Rename ProtoStats to SessionStats and make it more flexible
by using an abstract base class model.
Add a client event queue for the beginnings of a client-backend
API.
Added logic to ProtoContext to invalidate session on certain
kinds of errors in TCP that would be normally be okay in UDP
such as HMAC_ERROR, DECRYPT_ERROR, etc.
Add some alignment adjustment logic for READ_LINK_TCP (3 bytes)
and READ_LINK_UDP (1 byte).