minor edits:
* Don't build OpenSSL.
* Edited ovpncli/README.txt with updated build command.
* Enabled C++11 in compiler flags, and turned off
some spurious warnings.
* Added CXX_COMPILER_FLAGS build flag to allow
C++-only flags to be defined.
Changes to build script as well:
* Honor OTHER_COMPILER_FLAGS and CXX_COMPILER_FLAGS
settings.
* For debug builds, DEBUG_BUILD=1 setting should be placed
in vars-x. Existing build DEBUG=1 setting now only
sets -g.
* For clang builds, don't emit -fvisibility=hidden because
that should be placed in OTHER_COMPILER_FLAGS in vars-x.
terminates loop through char array.
This is functionally a no-op because the
(*p == equal || is_base64_char(*p)) term will effectively
terminate the loop when *p != '\0' because is_base64_char(0)
returns 0.
For add_del_route() on IPv6 routes, don't output the gateway
as an IP address if R_IFACE is provided. Instead use the
-iface option.
Use R_IFACE_HINT when IPv6 route gateway is on real IPv6
interface. This causes %interface to be appended to the
gateway address.
Use R_IFACE when IPv6 route gateway is utun interface.
This will cause -iface utunX to be used as route gateway
option rather than an explicit IP address.
Note that these changes, by themselves, still don't fix issue
where blocking IPv6 during pause/reconnect, when the transport
is running over IPv6, prevents further connections, so this
code remains #ifdefed out.
An issue remains where blocking IPv6 during pause/reconnect, when
the transport is running over IPv6, prevents further connections,
so this code has been #ifdefed out.
work:
1. utun dev wrapper doesn't seem to survive reconnects, and
2. route hole punching for server address is required for
subsequent reconnects to succeed
Split TunPersistTemplate into two classes, TunPersistTemplate
and TunWrapTemplate.
TunPersistTemplate now inherits from TunWrapTemplate and is
functionally unchanged.
TunWrapTemplate can be used to minimalistically wrap the tun
instance in cases where persistence isn't required.
Renamed TunPersistAsioStream to TunWrapAsioStream.
(MacLifeCycle).
Monitor connection lifecycle notifications, such as sleep, wakeup,
network-unavailable, and network-available.
Note that not all platforms define a lifecycle object. Some
platforms such as Android and iOS manage lifecycle notifications at
the service level, and they call pause(), resume(), reconnect(),
etc. as needed using the main ovpncli API.
Also, added a reason string to Pause event.
based on current OS X version. The cache flush method
is called on connect and disconnect.
Previously, we always followed the 10.9 method. So this
change is a no-op on 10.9.
OS X 10.9 or higher (Mavericks):
/usr/bin/dscacheutil -flushcache
/usr/bin/killall -HUP mDNSResponder
OS X 10.7 & 10.8 (Lion and Mountain Lion):
/usr/bin/killall -HUP mDNSResponder
OS X 10.6 (Snow Leopard)
/usr/bin/dscacheutil -flushcache
We don't support earlier OS X versions.
side of the TAP interface using the "gateway=" option in the
netsh interface ip set address command. This seems to mostly
solve the issue of the TAP adapter appearing to be unconnected
to the internet in the Control Panel.
* Adapted TunWin::Client to work with ActionList (instead of
WinCommandList) as the mechanism for executing netsh commands.
* Included sample code (test/unused/win-tuncli-actionthread.diff)
for embedding an ActionThread in TunWin::Client.
executed asynchronously in a worker thread.
Needed to make some changes to logthread as well
to allow log context to be made available to
the worker thread.
These scripts
scripts/mac/build-minicrypto
scripts/mac/build-polarssl
will now build PolarSSL (on OSX) with libminicrypto linkage.
Currently, only SHA1/256/512 implementations from OpenSSL are
built in libminicrypto. We leave the current PolarSSL AES
implementation as-is since it now implements AES-NI.
Also added portable openssl/build-openssl script.
represent that as TLSVersion::UNDEF. For OpenSSL driver,
TLSVersion::UNDEF will trigger legacy TLSv1 connections
using TLSv1_server_method() and TLSv1_client_method().
* Fixed compile issue due to need to replace cc.enable_debug()
with cc.ssl_debug_level = 1.
* Added RENEG var to control number of "virtual seconds" between
SSL renegotiations.
* Doc changes in README.txt.
* Added new cross-platform boost/build-boost script.
* Added new LINK_MODE var (static|shared) that is
used by Boost, PolarSSL, and OpenSSL (Linux) builds.
* More DEP_DIR flexibility:
(a) DEP_DIR can be defined prior to call of build-all scripts.
(b) On Linux, vars-linux script will not override DEP_DIR.
