with the new C++17 capability of inline for variables, we can avoid
having to ifdef tricks to only include the variables into one compilation
unit. Also remove the extern.hpp that serves no purpose now anymore.
Signed-off-by: Arne Schwabe <arne@openvpn.net>
This is the result after running 'clang-format -i' on all C++ files and
headers, with the defined formatting rules in .clang-format.
Only the openvpn/common/unicode-impl.hpp has been excluded, as that is
mostly a copy of an external project.
Signed-off-by: David Sommerseth <davids@openvpn.net>
Although the init calls were protected by a mutex more than consumer of
the API will the second one if the uninit was called too early.
While at it, move from explicit init/uninit calls to RAII.
Signed-off-by: Arne Schwabe <arne@openvpn.net>
Our OpenSSL init code depends on calling the OpenSSL init code
from ASIO. Fortunately that init code is no longer needed with
OpenSSL 1.1.0+, so remove the call and dependency when we are
using OpenSSL 1.1.0+
Signed-off-by: Arne Schwabe <arne@openvpn.net>
commit e9c0bd00be
Author: Arne Schwabe <arne@openvpn.net>
Date: Tue Oct 23 13:47:07 2018 +0200
Remove unused private field
crypto_init_ is not used at all and since it is a private field it is
safe to remove.
We also revert the following commit which is redundant once the above
commit is reverted.
commit d87f5bbc04
Author: Antonio Quartulli <antonio@openvpn.net>
Date: Thu Nov 15 21:03:46 2018 +1000
OpenSSL: init library
From the manpage:
"SSL_library_init() must be called before any other action takes place."
Signed-off-by: Antonio Quartulli <antonio@openvpn.net>
Signed-off-by: James Yonan <james@openvpn.net>
definition of mutable globals.
For all but the first compilation unit, define:
#define OPENVPN_EXTERN extern
This will cause mutable globals to be referenced as
extern.
new AuthCert object, and pass it through to
management decision object along with other creds
to consider for authentication.
In OpenSSL driver, split the verify_callback
function into client/server versions.
Modified InitProcess to do a special one-time call of
SSL_get_ex_new_index in OpenSSL library, so that we
can store a private object pointer in an OpenSSL
SSL struct.
TODO: Add AuthCert functionality to PolarSSL driver.
These scripts
scripts/mac/build-minicrypto
scripts/mac/build-polarssl
will now build PolarSSL (on OSX) with libminicrypto linkage.
Currently, only SHA1/256/512 implementations from OpenSSL are
built in libminicrypto. We leave the current PolarSSL AES
implementation as-is since it now implements AES-NI.
Also added portable openssl/build-openssl script.
Android version: 1.1 beta 1
More alignment of iOS and Android clients:
* Normalized building of dependencies for Android and iOS:
This build adds some new library dependencies:
The library versions required are enumerated in
ovpn3/lib-versions, currently:
export BOOST_VERSION=boost_1_51_0
export OPENSSL_VERSION=openssl-1.0.1c
export POLARSSL_VERSION=polarssl-1.1.4
export LZO_VERSION=lzo-2.06
To build, first mkdir ~/src/android and ~/src/mac if they don't
already exist. Set the env var O3 to point to the ovpn3 dir,
usually ~/src/ovpn3.
Build on iOS:
[set PATH to include NDK]
cd ~/src/android
$O3/scripts/android/build-boost
$O3/scripts/android/build-minicrypto
$O3/scripts/android/build-polarssl
$O3/scripts/android/build-lzo
Build on Android:
[set PATH to include NDK]
cd ~/src/android
$O3/scripts/android/build-boost
$O3/scripts/android/build-minicrypto
$O3/scripts/android/build-polarssl
$O3/scripts/android/build-lzo
* Integrated Minicrypto library (an assembly language library
of low-level crypto functions adapted from OpenSSL).
* Added LZO compression with a preference/settings item
to enable or disable.
* Added special compression handling to support older servers
that ignore compression handshake -- this will handle receiving
compressed packets even if we didn't ask for them.
* Normalized profile naming conventions.
iOS changes:
* Log tunnel performance stats immediately on disconnection
of tunnel.
Android changes:
* Client now supports loading profiles as attachments
opened from other apps.
* Added Import Private Tunnel menu item, however current
Private Tunnel download page needs to be adapted to fit
requirements of Android download manager.
* Enter key should advance to the next input field,
or connect if entered from the last field.
* Import from Access Server now provides the option to
download autologin vs. userlogin profiles.
* "About" page now shows copyright text for included
libraries/content (except for LZO and PolarSSL
which will presumably be commercially licensed).