In the code base three different syntaxes for overriding virtual member
functions could be found:
1) virtual ... override
2) virtual ...
3) ... override
This converts all of them to the third syntax, as recommended by the ISO
C++ core guidelines in C.128
Signed-off-by: Heiko Hund <heiko@openvpn.net>
Add a single template function implementing the logging logic,
parametrized by log level, and have the log_{trace, info, ...}
functions call that.
While at it, const-ify a couple of member functions.
Signed-off-by: Razvan Cojocaru <razvan.cojocaru@openvpn.com>
Without this fix, the openvpn3-linux build is broken whenever a
dependency enables -Wnon-virtual-dtor (which protobuf 27.3
currently does on Arch Linux). The openvpn3-linux build treats
warnings as errors.
Jira: OVPN3-1242
Signed-off-by: Razvan Cojocaru <razvan.cojocaru@openvpn.com>
This adds support for parsing PUSH_UPDATE
control command, which enables to update
options "on the fly", without reconnect.
The options presented in the PUSH_UPDATE list
overwrite current options with the name. To unset
an option, it has to be prefixed with the "-".
For example:
PUSH_UPDATE,route 10.10.10.0 255.255.255.0,-dns
Replaces all existing routes with this new one
and removes all "dns" options.
If the client doesn't support updating certain option,
it reconnects. Except when option is prefixed with "?" -
in this case option is considered "optional".
For example, this message
PUSH_UPDATE,?unsupported_option_a
does nothing, but this one:
PUSH_UPDATE,dns 0,block-ipv6,unsupported_option_b
makes client reconnect, since it contains mandatory unsupported option.
OVPN3-1234
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Reduced the pasted implementations of the LOGGER_LOG_<VERBOSITY>
macros to a single macro with a verbosity parameter, in an attempt
to make the code easier to read by reducing the line count, and
hopefully reduce the probability of copy / paste bugs
(LOGGER_LOG_ERROR() was already checking against LOG_LEVEL_INFO).
Signed-off-by: Razvan Cojocaru <razvan.cojocaru@openvpn.com>
Returning OPENSSL_VERSION_TEXT will return the value of the library at
compile time. We rather want to know the version of the library that is
actually running, so use OpenSSL_version instead.
Jira: OVPN3-1227
Signed-off-by: Arne Schwabe <arne@openvpn.net>
Use empty braces to initalise the structs to zero since they
use sub structs and clang wants us to otherwise use {{ 0 }}
Ensure that methods with a return value do not return without a
value or exception by throwing an exception.
Add missing override in the unit test
Signed-off-by: Arne Schwabe <arne@openvpn.net>
In numeric_cast when casting from signed to unsigned, the second part
of the conditional might be const in some cases. This is intended to
ensure the second runtime check is only present if possibly needed.
This is better and avoids a Coverity performance warning
Signed-off-by: Charlie Vigue <charlie.vigue@openvpn.com>
* origin/releaseprep/3.10:
Do not reject control message with trailing newlines
aws: account for RandomAPI change
Allow disabling TLS 1.3 in certcheck to more easily debug problems
Implement changes to allow test dpc certcheck to be tested
Allow setting a maximum TLS version
Change cxa1 protocol tag to dpc1
Fix spelling errors raised by Debian linter
mac agent: reinstall host route during restart
Preparing QA cycle for OpenVPN 3 Core library release v3.10
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
We are now only initializing TLS-related objects if TLS auth mode
is enabled.
This fixes internal Jira issue PG-122.
Signed-off-by: Razvan Cojocaru <razvan.cojocaru@openvpn.com>
The previous fix to reject invalid control message was a bit too aggressive
as scripts often accidentally include an extra newline at the end of the
control message.
Jira: OVPN3-1225
Signed-off-by: Arne Schwabe <arne@openvpn.net>
- Remove dependency build. For normal use cases on a
recent distro, installing all dependencies from distro
should be fine. Tested on Ubuntu 20.04 (mbedTLS too old,
otherwise okay) and Ubuntu 22.04.
- Document more dependencies. With the added dependencies a
clean build and ctest run is possible starting with the
default ubuntu:<version> containers.
- Use ninja. We use this for all of our non-VC builds, so
recommend it here as well.
Based on a smaller change proposed in Github#301
by Scruel Tao.
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
This is something useful for debugging. We do not expose this feature
to avoid it being used for real connections.
Signed-off-by: Arne Schwabe <arne@openvpn.net>
Prior to this branch the various instances of the LoggerMixin were
coincidentally shared, depending on whether the default levels had
the same values in the template arguments or not. Since it's not clear
this sharing was intended or accidental I made it possible to tag if
desired to ensure the similarly tagged instances are unique.