based on current OS X version. The cache flush method
is called on connect and disconnect.
Previously, we always followed the 10.9 method. So this
change is a no-op on 10.9.
OS X 10.9 or higher (Mavericks):
/usr/bin/dscacheutil -flushcache
/usr/bin/killall -HUP mDNSResponder
OS X 10.7 & 10.8 (Lion and Mountain Lion):
/usr/bin/killall -HUP mDNSResponder
OS X 10.6 (Snow Leopard)
/usr/bin/dscacheutil -flushcache
We don't support earlier OS X versions.
side of the TAP interface using the "gateway=" option in the
netsh interface ip set address command. This seems to mostly
solve the issue of the TAP adapter appearing to be unconnected
to the internet in the Control Panel.
* Adapted TunWin::Client to work with ActionList (instead of
WinCommandList) as the mechanism for executing netsh commands.
* Included sample code (test/unused/win-tuncli-actionthread.diff)
for embedding an ActionThread in TunWin::Client.
executed asynchronously in a worker thread.
Needed to make some changes to logthread as well
to allow log context to be made available to
the worker thread.
These scripts
scripts/mac/build-minicrypto
scripts/mac/build-polarssl
will now build PolarSSL (on OSX) with libminicrypto linkage.
Currently, only SHA1/256/512 implementations from OpenSSL are
built in libminicrypto. We leave the current PolarSSL AES
implementation as-is since it now implements AES-NI.
Also added portable openssl/build-openssl script.
represent that as TLSVersion::UNDEF. For OpenSSL driver,
TLSVersion::UNDEF will trigger legacy TLSv1 connections
using TLSv1_server_method() and TLSv1_client_method().
* Fixed compile issue due to need to replace cc.enable_debug()
with cc.ssl_debug_level = 1.
* Added RENEG var to control number of "virtual seconds" between
SSL renegotiations.
* Doc changes in README.txt.
* Added new cross-platform boost/build-boost script.
* Added new LINK_MODE var (static|shared) that is
used by Boost, PolarSSL, and OpenSSL (Linux) builds.
* More DEP_DIR flexibility:
(a) DEP_DIR can be defined prior to call of build-all scripts.
(b) On Linux, vars-linux script will not override DEP_DIR.
BOOST_ASIO_DISABLE_KQUEUE is left undefined. To enable
fallback to Mac TunTap driver, MAC_TUNTAP_FALLBACK
and BOOST_ASIO_DISABLE_KQUEUE must be defined.
(const std::string& server_address and bool server_address_ipv6)
because they are redundant. The same info is passed via
tun_builder_set_remote_address.
* More flexible type casting.
* Support C++11 move constructors.
* Added some additional dictionary and array methods.
* mutable_dict_copy now verifies that passed src dictionary
is defined.
on Mac OS X 10.6. Going forward on OS X, we will probably need to
move away from HYBRID model to pure PolarSSL. AES-NI support in
PolarSSL 1.3 helps us here.
of errors. Use this callback to detect STATUS_CANCELLED
returns from Windows TAP driver which translates to
ERROR_OPERATION_ABORTED 995 (0x3E3) from userspace.
This will trigger a fatal error in the client
Error::TUN_IFACE_DISABLED ("TAP adapter is disabled").
call close method on tun_persist object rather than merely
deleting the smart pointer (because other references could
still exist, preventing immediate close).
Implemented full TunClient class for Windows with TAP driver
support. For now, we use netsh (rather than TAP driver DHCP)
to set all tunnel adapter properties, as this appears to work
great on Windows 7.
IPv6 is fully supported.
Known isues:
* netsh doesn't have a command for adding DNS search domains, so
we don't support them yet.
* While we always try to remove routes and added properties from
TAP adapter instance when we close out the session, for robustness,
when we bring up TAP adapter, we should try to delete any stale
routes on interface left over from previous session.
* Right now we call netsh with system(). For security and
compatibility with Windows apps (not only console apps),
we should use CreateProcess instead.
Previously we threw an exception that "only topology 'subnet'
supported with IPv6". Now we just ignore it because the
topology setting doesn't really affect IPv6.
* Allow DestructorBase object to be bound to TunPersist-owned
SCOPED_OBJ object, so that DestructorBase::destroy() is guaranteed
to be called before SCOPED_OBJ destruction. This is used as a
mechanism to remove routes and other properties of the Windows
TAP adapter that must be unwound when the TAP adapter is closed.
* Added ScopedAsioStream to allow an Asio stream object to
be managed by a TunPersist object.
* Added TunPersistAsioStream which supports that subset of the Asio
stream interface required by TunIO, and is intended to wrap a
ScopedAsioStream embedded in a TunPersist object.
It is used primarily on Windows to wrap the TAP interface HANDLE
in way that plays well with Windows I/O completion ports (once
a HANDLE is bound to an I/O completion port it cannot be unbound).