James Yonan
1b0088ab2e
PolarSSL support fully implemented (except for External PKI).
2012-03-14 00:51:40 +00:00
James Yonan
801bfae881
Added Polar SSL crypto support via PolarSSLCryptoAPI.
2012-03-13 04:51:52 +00:00
James Yonan
34dc950815
Core refactor to abstract random and crypto APIs using
...
static polymorphism. Only OpenSSL crypto API is
presently implemented. Still need to implement Apple
and PolarSSL.
2012-03-12 12:24:40 +00:00
James Yonan
74503a4efa
Started PolarSSL port. Initially just add RNG support.
...
Because PolarSSL RNG requires state object, add state
objects for all other RNG providers (OpenSSL, Apple SSL)
to maintain a polymorphic model.
2012-03-11 12:09:25 +00:00
James Yonan
eca10fa23d
Minor changes to Android 4 client and core:
...
* clear_auth() now clears username field.
* OpenSSL impl in core now logs TLS handshake details.
* Added build-openssl-small to build a trimmed-down version
of OpenSSL.
2012-03-11 04:59:51 +00:00
James Yonan
deffceea7e
Android 4 -- Implemented External PKI.
2012-03-06 06:06:54 +00:00
James Yonan
bd13b38de0
Added explicit-exit-notify support (client-side only).
2012-02-27 07:31:45 +00:00
James Yonan
da248a8fbd
Search/replace of:
...
std::exception& e
to:
const std::exception& e
2012-02-17 19:28:44 +00:00
James Yonan
540c58e5d8
Android client successfully tested with null tun/tap.
2012-02-16 20:46:38 +00:00
James Yonan
f13ed3e7a8
Implemented Java client using Swig.
2012-02-11 14:02:51 +00:00
James Yonan
231bd0f21a
Top-level client refactoring, to move configuration functionality
...
from cli.cpp to ClientOptions in openvpn/client/cliopt.hpp.
2012-02-06 20:39:10 +00:00
James Yonan
f9ae757e1a
Added "remote" option list handling.
...
Added ClientProtoTerminateCallback abstraction to ClientProto.
Added ClientProto::Config for configuration parameters, rather than
passing parameters individually to ClientProto constructor.
2012-02-06 08:28:05 +00:00
James Yonan
e7a5d9f55b
Start process of moving client logic out of cli.cpp into
...
general-purpose classes.
Rename ProtoStats to SessionStats and make it more flexible
by using an abstract base class model.
Add a client event queue for the beginnings of a client-backend
API.
Added logic to ProtoContext to invalidate session on certain
kinds of errors in TCP that would be normally be okay in UDP
such as HMAC_ERROR, DECRYPT_ERROR, etc.
Add some alignment adjustment logic for READ_LINK_TCP (3 bytes)
and READ_LINK_UDP (1 byte).
2012-02-04 10:24:54 +00:00
James Yonan
b31a80da6b
Added compression methods LZO, LZ4, and Snappy.
...
Note that only LZO has been tested yet.
2012-01-31 11:15:21 +00:00
James Yonan
d9e8a028c8
Ported core to Windows except for TAP driver support.
2012-01-25 08:32:27 +00:00
James Yonan
f7067d817c
Added constant-time memcmp.
2012-01-24 01:54:35 +00:00
James Yonan
29bc40bf09
Added TCP transport support.
...
Disable retransmission of control channel packets
when running in TCP mode.
2012-01-20 23:13:48 +00:00
James Yonan
bd4673c60f
Added IP address classes for IPv4/v6.
...
Implemented get_default_gateway() for Mac OS X.
2012-01-11 06:15:32 +00:00
James Yonan
cd13bb745f
Minor file reorg/cleanup:
...
* link renamed to transport
* moved common/addr.hpp and common/iostats.hpp to unused
2011-12-31 19:49:43 +00:00
James Yonan
affa534dce
Added enable_strict_openvpn_2x() method to ProtoContext.
2011-12-29 21:54:12 +00:00
James Yonan
7371bd8e14
First working version of cli that can be entirely driven from config
...
file. Currently limited to UDP, runs only on Linux, and supports
pushed redirect-gateway but not route directives.
2011-12-18 10:50:08 +00:00
James Yonan
fb163b65f4
ProtoContext object can now be reused via reset() method.
...
Fixed rare bug where client receives auth, goes ACTIVE, but the ACK
response back to the server is dropped causing the server to receive
post-ACTIVE app messages from the client while it's still stuck
in the S_WAIT_AUTH_ACK state.
2011-12-17 10:53:21 +00:00
James Yonan
e0b96357fb
First working version of core (testcli.cpp).
2011-12-16 17:20:46 +00:00
James Yonan
990231b226
First successful negotiation with AS.
...
Still need to parse and apply PUSH_REPLY options.
2011-12-16 10:02:15 +00:00
James Yonan
a1033bc2a8
Extended dump_packet to handle DATA_V1 packets as well.
2011-12-15 09:14:56 +00:00
James Yonan
c8f7b0ff2f
Keepalive implementation.
2011-12-15 08:48:14 +00:00
James Yonan
3bcc32f696
Implemented auth methods in ProtoContext.
2011-12-14 16:20:07 +00:00
James Yonan
44ee74f374
Added compression framework.
...
Implemented LZO_STUB compressor.
Added methods to generate options and peer info strings.
2011-12-14 11:34:33 +00:00
James Yonan
1b5fa38adb
Comment additions.
...
Catch buffer exceptions and increment BUFFER_ERRORS.
2011-12-13 11:13:27 +00:00
James Yonan
1aa65c259b
Implemented soft reset in proto.hpp.
2011-12-13 04:46:56 +00:00
James Yonan
bade2e77f2
Added dirty bit to KeyContext.
2011-12-11 10:27:02 +00:00
James Yonan
f3e9239d80
Full-protocol unit test using ProtoContext, w/o soft resets.
...
Test in test/ssl/proto.cpp.
2011-12-11 08:28:55 +00:00
James Yonan
739b8d518f
More test/reliable/ssl.cpp changes to bring in line with
...
real OpenVPN protocol:
* proto Session ID support
* support for tls_auth to be enabled or disabled
2011-12-05 09:13:55 +00:00
James Yonan
ee46876142
Added HMAC and Packet ID integrity checks to reliable/SSL test.
2011-12-05 06:11:51 +00:00
James Yonan
16f2021000
Add ssl_started differentiation to ProtoStackBase.
2011-12-04 20:50:24 +00:00
James Yonan
abf3df3039
Added PACKET abstraction to ProtoStackBase.
2011-12-04 10:55:28 +00:00
James Yonan
d21c7de80c
Coded hmac2 methods, for dealing with HMAC operations where HMAC
...
signature exists within data range being signed.
In ProtoStack, add raw_write method sending raw packets
that will NOT be encrypted via SSL, but will still be
encapsulated and tracked via reliability layer.
Other misc changes.
2011-12-04 01:34:32 +00:00
James Yonan
3c57bf9b05
ProtoStack with Apple SSL client and OpenSSL server
...
successfully tested by test/reliable/ssl.cpp.
2011-12-02 22:00:56 +00:00
James Yonan
67304fc671
Initial implementation of class ProtoStackBase.
...
Compiles, but not yet tested.
2011-11-30 19:47:30 +00:00
James Yonan
2b7e81e55b
Added new constructor to AppleSSLContext so it can be
...
initialized via an SSLConfig.
2011-11-29 05:38:19 +00:00
James Yonan
f3ec4429ba
Minor fixes related to previous commit.
2011-11-25 05:38:40 +00:00
James Yonan
e56f1c6b11
Added OpenSSLContext data transfer test.
2011-11-24 10:47:11 +00:00
James Yonan
71eaaaac9d
Started process of abstracting SSL Context object to be independent
...
of the underlying crypto library.
2011-11-24 02:09:11 +00:00
James Yonan
671df2bb14
Reorganized files so that all code that references OpenSSL
...
is either under openvpn/openssl (implementation) or
openvpn/gencrypto (generic crypto selector).
Reorganized applecrypto with evp files under crypto so
that we can eventually build out applecrypto as a full
crypto/ssl replacement for OpenSSL.
2011-11-23 06:08:26 +00:00
James Yonan
d0e1d06812
Ported tlsprf to CommonCrypto.
2011-11-23 03:35:51 +00:00
James Yonan
7dd61393ab
Move crypto random number headers out of openvpn/openssl
...
into openvpn/random. Also move boostrand.hpp into
openvpn/random.
2011-11-21 06:11:06 +00:00
James Yonan
b45e9c2e15
Started on ProtoContext object (master OpenVPN protocol
...
context object).
Implemented TLS PRF functions.
2011-11-21 04:58:54 +00:00
James Yonan
1fcf65fbda
Started PKI tree for wrapping OpenSSL PKI objects.
...
Started SSL Context class.
Implemented dgram & stream buffer queues that can operate as
OpenSSL BIOs.
Reworked Frame class to make it more flexible.
2011-10-25 17:32:26 +00:00
James Yonan
11be943cbb
Added MessageWindow class and test.
2011-10-10 07:27:20 +00:00