mirror/openvpn3
0
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn3.git synced 2024-09-20 20:13:05 +02:00
Code
212 Commits 3 Branches 40 Tags 12 MiB
f91339e739
Commit Graph

49 Commits

Author SHA1 Message Date
James Yonan
1b0088ab2e PolarSSL support fully implemented (except for External PKI). 2012-03-14 00:51:40 +00:00
James Yonan
801bfae881 Added Polar SSL crypto support via PolarSSLCryptoAPI. 2012-03-13 04:51:52 +00:00
James Yonan
34dc950815 Core refactor to abstract random and crypto APIs using 
static polymorphism.  Only OpenSSL crypto API is
presently implemented.  Still need to implement Apple
and PolarSSL.
 2012-03-12 12:24:40 +00:00
James Yonan
74503a4efa Started PolarSSL port. Initially just add RNG support. 
Because PolarSSL RNG requires state object, add state
objects for all other RNG providers (OpenSSL, Apple SSL)
to maintain a polymorphic model.
 2012-03-11 12:09:25 +00:00
James Yonan
eca10fa23d Minor changes to Android 4 client and core: 
* clear_auth() now clears username field.

* OpenSSL impl in core now logs TLS handshake details.

* Added build-openssl-small to build a trimmed-down version
  of OpenSSL.
 2012-03-11 04:59:51 +00:00
James Yonan
deffceea7e Android 4 -- Implemented External PKI. 2012-03-06 06:06:54 +00:00
James Yonan
bd13b38de0 Added explicit-exit-notify support (client-side only). 2012-02-27 07:31:45 +00:00
James Yonan
da248a8fbd Search/replace of: 
std::exception& e

to:

  const std::exception& e
 2012-02-17 19:28:44 +00:00
James Yonan
540c58e5d8 Android client successfully tested with null tun/tap. 2012-02-16 20:46:38 +00:00
James Yonan
f13ed3e7a8 Implemented Java client using Swig. 2012-02-11 14:02:51 +00:00
James Yonan
231bd0f21a Top-level client refactoring, to move configuration functionality 
from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
 2012-02-06 20:39:10 +00:00
James Yonan
f9ae757e1a Added "remote" option list handling. 
Added ClientProtoTerminateCallback abstraction to ClientProto.

Added ClientProto::Config for configuration parameters, rather than
passing parameters individually to ClientProto constructor.
 2012-02-06 08:28:05 +00:00
James Yonan
e7a5d9f55b Start process of moving client logic out of cli.cpp into 
general-purpose classes.

Rename ProtoStats to SessionStats and make it more flexible
by using an abstract base class model.

Add a client event queue for the beginnings of a client-backend
API.

Added logic to ProtoContext to invalidate session on certain
kinds of errors in TCP that would be normally be okay in UDP
such as HMAC_ERROR, DECRYPT_ERROR, etc.

Add some alignment adjustment logic for READ_LINK_TCP (3 bytes)
and READ_LINK_UDP (1 byte).
 2012-02-04 10:24:54 +00:00
James Yonan
b31a80da6b Added compression methods LZO, LZ4, and Snappy. 
Note that only LZO has been tested yet.
 2012-01-31 11:15:21 +00:00
James Yonan
d9e8a028c8 Ported core to Windows except for TAP driver support. 2012-01-25 08:32:27 +00:00
James Yonan
f7067d817c Added constant-time memcmp. 2012-01-24 01:54:35 +00:00
James Yonan
29bc40bf09 Added TCP transport support. 
Disable retransmission of control channel packets
when running in TCP mode.
 2012-01-20 23:13:48 +00:00
James Yonan
bd4673c60f Added IP address classes for IPv4/v6. 
Implemented get_default_gateway() for Mac OS X.
 2012-01-11 06:15:32 +00:00
James Yonan
cd13bb745f Minor file reorg/cleanup: 
* link renamed to transport
* moved common/addr.hpp and common/iostats.hpp to unused
 2011-12-31 19:49:43 +00:00
James Yonan
affa534dce Added enable_strict_openvpn_2x() method to ProtoContext. 2011-12-29 21:54:12 +00:00
James Yonan
7371bd8e14 First working version of cli that can be entirely driven from config 
file.  Currently limited to UDP, runs only on Linux, and supports
pushed redirect-gateway but not route directives.
 2011-12-18 10:50:08 +00:00
James Yonan
fb163b65f4 ProtoContext object can now be reused via reset() method. 
Fixed rare bug where client receives auth, goes ACTIVE, but the ACK
response back to the server is dropped causing the server to receive
post-ACTIVE app messages from the client while it's still stuck
in the S_WAIT_AUTH_ACK state.
 2011-12-17 10:53:21 +00:00
James Yonan
e0b96357fb First working version of core (testcli.cpp). 2011-12-16 17:20:46 +00:00
James Yonan
990231b226 First successful negotiation with AS. 
Still need to parse and apply PUSH_REPLY options.
 2011-12-16 10:02:15 +00:00
James Yonan
a1033bc2a8 Extended dump_packet to handle DATA_V1 packets as well. 2011-12-15 09:14:56 +00:00
James Yonan
c8f7b0ff2f Keepalive implementation. 2011-12-15 08:48:14 +00:00
James Yonan
3bcc32f696 Implemented auth methods in ProtoContext. 2011-12-14 16:20:07 +00:00
James Yonan
44ee74f374 Added compression framework. 
Implemented LZO_STUB compressor.

Added methods to generate options and peer info strings.
 2011-12-14 11:34:33 +00:00
James Yonan
1b5fa38adb Comment additions. 
Catch buffer exceptions and increment BUFFER_ERRORS.
 2011-12-13 11:13:27 +00:00
James Yonan
1aa65c259b Implemented soft reset in proto.hpp. 2011-12-13 04:46:56 +00:00
James Yonan
bade2e77f2 Added dirty bit to KeyContext. 2011-12-11 10:27:02 +00:00
James Yonan
f3e9239d80 Full-protocol unit test using ProtoContext, w/o soft resets. 
Test in test/ssl/proto.cpp.
 2011-12-11 08:28:55 +00:00
James Yonan
739b8d518f More test/reliable/ssl.cpp changes to bring in line with 
real OpenVPN protocol:

* proto Session ID support
* support for tls_auth to be enabled or disabled
 2011-12-05 09:13:55 +00:00
James Yonan
ee46876142 Added HMAC and Packet ID integrity checks to reliable/SSL test. 2011-12-05 06:11:51 +00:00
James Yonan
16f2021000 Add ssl_started differentiation to ProtoStackBase. 2011-12-04 20:50:24 +00:00
James Yonan
abf3df3039 Added PACKET abstraction to ProtoStackBase. 2011-12-04 10:55:28 +00:00
James Yonan
d21c7de80c Coded hmac2 methods, for dealing with HMAC operations where HMAC 
signature exists within data range being signed.

In ProtoStack, add raw_write method sending raw packets
that will NOT be encrypted via SSL, but will still be
encapsulated and tracked via reliability layer.

Other misc changes.
 2011-12-04 01:34:32 +00:00
James Yonan
3c57bf9b05 ProtoStack with Apple SSL client and OpenSSL server 
successfully tested by test/reliable/ssl.cpp.
 2011-12-02 22:00:56 +00:00
James Yonan
67304fc671 Initial implementation of class ProtoStackBase. 
Compiles, but not yet tested.
 2011-11-30 19:47:30 +00:00
James Yonan
2b7e81e55b Added new constructor to AppleSSLContext so it can be 
initialized via an SSLConfig.
 2011-11-29 05:38:19 +00:00
James Yonan
f3ec4429ba Minor fixes related to previous commit. 2011-11-25 05:38:40 +00:00
James Yonan
e56f1c6b11 Added OpenSSLContext data transfer test. 2011-11-24 10:47:11 +00:00
James Yonan
71eaaaac9d Started process of abstracting SSL Context object to be independent 
of the underlying crypto library.
 2011-11-24 02:09:11 +00:00
James Yonan
671df2bb14 Reorganized files so that all code that references OpenSSL 
is either under openvpn/openssl (implementation) or
openvpn/gencrypto (generic crypto selector).

Reorganized applecrypto with evp files under crypto so
that we can eventually build out applecrypto as a full
crypto/ssl replacement for OpenSSL.
 2011-11-23 06:08:26 +00:00
James Yonan
d0e1d06812 Ported tlsprf to CommonCrypto. 2011-11-23 03:35:51 +00:00
James Yonan
7dd61393ab Move crypto random number headers out of openvpn/openssl 
into openvpn/random.  Also move boostrand.hpp into
openvpn/random.
 2011-11-21 06:11:06 +00:00
James Yonan
b45e9c2e15 Started on ProtoContext object (master OpenVPN protocol 
context object).

Implemented TLS PRF functions.
 2011-11-21 04:58:54 +00:00
James Yonan
1fcf65fbda Started PKI tree for wrapping OpenSSL PKI objects. 
Started SSL Context class.

Implemented dgram & stream buffer queues that can operate as
OpenSSL BIOs.

Reworked Frame class to make it more flexible.
 2011-10-25 17:32:26 +00:00
James Yonan
11be943cbb Added MessageWindow class and test. 2011-10-10 07:27:20 +00:00