Adds a patch formed from ovpn-asio repository:
- branch 1-14-ovpn
- commit df7759c141a31159d0ca4267b63f64dfd2a385b1
The patch adds kovpn route_id support to endpoints for sendto/recvfrom.
Signed-off-by: Jani Väyrynen <jani.vayrynen@openvpn.net>
This is mostly used by Linux client, which supports
among other distros CentOS7, Ubuntu 16 and Ubuntu 18 -
all of them have different tinyxml2 versions.
Signed-off-by: Lev Stipakov <lstipakov@gmail.com>
This is needed for the tls-cipehr/tls-ciphersuites to have an
initialised OpenSSL when using OpenSSL < 1.1.0
Signed-off-by: Arne Schwabe <arne@openvpn.net>
This option has been very likely been to fix some incompatibilities
between some TLS libraries. But nobody really remember what it fixes
and its usage today is questionable. So remove the option instead
of supporting an option we cannot even test anymore.
Signed-off-by: Arne Schwabe <arne@openvpn.net>
When OMI is stopped, we must cancel wait on
exit event, otherwise ASIO won't terminate event loop
and process won't exit.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
pkg_check_modules() sets PKG_CONFIG_PATH by
joining values of CMAKE_PREFIX_PATH list and then replacing
separator ";" with ":". However, replacing was broken for mingw and
was fixed very recently. As a workaroud, create CMAKE_PREFIX_PATH
with single value to avoid broken join.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
mingw produces incorrect result when converting
from utf8 to wchar_t using codecvt_utf8.
https://sourceforge.net/p/mingw-w64/bugs/538/
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Added a unit test to confirm the fix.
Other changes:
* In Base64 decode(), avoid the use of std::strlen() in favor
of std::string length() method since a std::string could
conceivably contain embedded null chars.
* In Base64 unit test, renamed b64_test_bad() to
b64_test_bad_decode() for clarity.
Signed-off-by: James Yonan <james@openvpn.net>
The Time code was originally designed to be efficient on 32-bit
processors. On 64-bit processors, define OPENVPN_TIME_NO_BASE
to optimize out the base_ variable. This also has the benefit
of allowing Time to represent any arbitrary time_t value.
Signed-off-by: James Yonan <james@openvpn.net>
The get_integer_optional select the type to get from the JSON
dependent on the default_value parameter, making it simple to ensure
that the returned value will fit the requested type and range.
Signed-off-by: Arne Schwabe <arne@openvpn.net>
This is useful for running a command from a worker thread
where signals have been blocked, but we want the child
process to run with the original pre-blocked signal configuration.
Signed-off-by: James Yonan <james@openvpn.net>
Before the OpenSSL 1.1 changes ctx was a struct and not a pointer, so
the extra variable was necessary
This also solves a defect reported by Coverity of ctx not always
initialised.
Signed-off-by: Arne Schwabe <arne@openvpn.net>
ARCH enables to build certain architecture only.
NO_DEPS disables downloading and building dependencies.
NO_OPENSSL disables downloading and building OpenSSL.
OPENSSL_ROOT_DIR allows to specify location for OpenSSL root
Example:
ARCH=x86_64 NO_OPENSSL=1 ./build
Signed-off-by: Lev Stipakov <lev@openvpn.net>
The added IV_CIPHER string that we send, brought the Frame used in
the proto test client over the 256 byte limit. Change the proto test
to use a larger test frame of 378 byte.
Signed-off-by: Arne Schwabe <arne@openvpn.net>
This also changes the mbed TLS implementation from using the AES GCM
specific API to the generic AEAD API in mbed TLS. As result we can
refactor the commonly used parts of AEAD and normal cipher into a
common class.
Signed-off-by: Arne Schwabe <arne@openvpn.net>
This code is MSVC specific (other compilers
don't support SEH) and is only useful during
debugging.
It is better to remove it and mute exception
in debugger, than add ifdefs for other compilers.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
c++17 provides overload, which accepts
std::filestream::path, which accepts wchar_t,
MSVS provides overload, which directly accepts wchar_t.
In other cases use char constructor. This likely breaks
support of non-ascii profile paths.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Having capture without initializer after nested struct
is broken in GCC 7.x and is fixed starting from GCC 8.1
(see https://stackoverflow.com/questions/60110629/).
Signed-off-by: Lev Stipakov <lev@openvpn.net>