The Windows Service class did not specify its destructor as virtual, but
has other virtual function. Not specifying the d'tor virtual is an
anti-pattern in this case.
Signed-off-by: Heiko Hund <heiko@openvpn.net>
Create a struct NetApi, which contains various network related functions
that will be used. This is done so that these operations can be injected
as a dependency and thus replaced with mock operation for the purpose of
testing.
There are also functions which operate solely on the Registry, those are
left out of the NetApi since they can already be abstracted by struct Reg.
Signed-off-by: Heiko Hund <heiko@openvpn.net>
Create a struct Reg, which contains various setter and getter functions
for different registry types and other operations that will be used.
This is done so that these operations can be injected as a dependency
and thus replaced with mock operation for the purpose of testing.
Besides that it makes code more brief and less error prone, since
there's now one implementation for converting C <-> C++ for each operation.
Move existing class RegKey and class RegKeyEnumerator into struct Reg as
well, so they are now known as Reg::Key and Reg::KeyEnumerator.
Signed-off-by: Heiko Hund <heiko@openvpn.net>
Instead of using nullptr for uninitialized RegKey, use the value defined
in WIN32 API for that. We need to check for it anyways, so unifying this
makes the checks more straight forward.
Signed-off-by: Heiko Hund <heiko@openvpn.net>
The reauthentication logic differs from openvpn2
and the code is a bit hard to follow. Simplify
the code and make it behave like in openvpn2.
- password is cached by default
- password is purged when auth-nocache is presented in a local config or pushed
- when AUTH_FAILED is received and we have no session-id, throw a fatal error
- when AUTH_FAILED is received and user interaction is required for
authentication (MFA), throw a fatal error
- when AUTH_FAILED is received, user interaction is not required
for authentication and either we have a cached password OR password is not
needed, we reconnect.
Password is "needed" when non-empty password is provided.
User interaction is required for static/dynamic challenge and SAML.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
For consistency. Some of the Windows-specific files, but not
all of them, had CRLF file endings.
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Password is not echoed and submitted when Enter is pressed.
This requires not removing ENABLE_PROCESSED_INPUT and ENABLE_LINE_INPUT
flags.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
We store an output of SetupDiOpenDevRegKey() in Win::RegKey. However,
this API returns INVALID_HANDLE_VALUE on error. In this case we should
not attempt to call RegCloseKey() on this handle, which we do in destructor
of Win::RegKey if handle is defined.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
This is the result after running 'clang-format -i' on all C++ files and
headers, with the defined formatting rules in .clang-format.
Only the openvpn/common/unicode-impl.hpp has been excluded, as that is
mostly a copy of an external project.
Signed-off-by: David Sommerseth <davids@openvpn.net>
This code is MSVC specific (other compilers
don't support SEH) and is only useful during
debugging.
It is better to remove it and mute exception
in debugger, than add ifdefs for other compilers.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Linux filesystem is case-sensitive and all
mingw includes are in lower case. Also use
Linux directory separator, since it works on both
Linux and Windows.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
This is needed to make openvpn-gui client work with openpvn3.
openvpn-gui passes all information, required to start vpn session,
to agent via named pipe. Agent impersonates another end of pipe,
which is gui process, running under user privileges, and starts
openvpn process.
openvpn-gui generates a random password, which is written by agent
into openvpn process's stdin. That password is used by openvpn-gui to
connect to openvpn's management interface.
openvpn-gui creates an event with unique name, which it is passed
to openvpn via command line. When user disconnects VPN session, gui
sets event into signalled state. openvpn waits on event and, when it is signalled, quits.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Win::Service -- A Windows Service wrapper.
Win::LogFile -- a LogBase derivative that allows logging
to a natively created and handled file.
Win::module_name() -- Get the module name as a
std::wstring.
Win::module_name_utf8() -- Get the module name as a UTF-8
string.
* Where unicode/ansi versions of a method exist, always
explicitly call one of unicode or ansi methods by
appending a 'W' or 'A' to the end of the method name.
Never omit the 'W' or 'A' because that will cause the
default method to be used which may vary according to
build flags.
* Prepend all Windows API method references with "::" to
indicate that the method names should be resolved from
the top-level namespace.
Win::Service -- A Windows Service wrapper.
Win::LogFile -- a LogBase derivative that allows logging
to a natively created and handled file.
Win::module_name() -- Get the module name as a
std::wstring.
Win::module_name_utf8() -- Get the module name as a UTF-8
string.
* Where unicode/ansi versions of a method exist, always
explicitly call one of unicode or ansi methods by
appending a 'W' or 'A' to the end of the method name.
Never omit the 'W' or 'A' because that will cause the
default method to be used which may vary according to
build flags.
* Prepend all Windows API method references with "::" to
indicate that the method names should be resolved from
the top-level namespace.
1. NamedPipeImpersonate : RAII class for scoping
ImpersonateNamedPipeClient/RevertToSelf.
2. send_handle() : duplicate a handle prior to sending
to a remote process.
Added #ifdefs to support both XP/Win2003 and Vista+.
* Where unicode/ansi versions of a method exist, always
explicitly call one of unicode or ansi methods by
appending a 'W' or 'A' to the end of the method name.
Never omit the 'W' or 'A' because that will cause the
default method to be used which may vary according to
build flags.
* Prepend all Windows API method references with "::" to
indicate that the method names should be resolved from
the top-level namespace.
