mirror/openvpn3
0
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn3.git synced 2024-09-20 12:12:15 +02:00
Code
1,485 Commits 3 Branches 40 Tags 12 MiB
fad49b2059
Commit Graph

1191 Commits

Author SHA1 Message Date
James Yonan
b31a80da6b Added compression methods LZO, LZ4, and Snappy. 
Note that only LZO has been tested yet.
 2012-01-31 11:15:21 +00:00
James Yonan
d9e8a028c8 Ported core to Windows except for TAP driver support. 2012-01-25 08:32:27 +00:00
James Yonan
f7067d817c Added constant-time memcmp. 2012-01-24 01:54:35 +00:00
James Yonan
667297ffcc Added null tun class for testing which is defined when 
either (a) the platform has no native tun class or
(b) OPENVPN_FORCE_TUN_NULL is defined.
 2012-01-21 17:25:32 +00:00
James Yonan
29bc40bf09 Added TCP transport support. 
Disable retransmission of control channel packets
when running in TCP mode.
 2012-01-20 23:13:48 +00:00
James Yonan
75943dc2a4 Linux changes for new IP address classes. 2012-01-11 06:56:49 +00:00
James Yonan
bd4673c60f Added IP address classes for IPv4/v6. 
Implemented get_default_gateway() for Mac OS X.
 2012-01-11 06:15:32 +00:00
James Yonan
e5c2791c65 Ported cli.cpp to Mac. Still a couple fixmes to address. 2012-01-05 07:47:24 +00:00
James Yonan
648298d17a Completed client refactoring to make polymorphic abstraction 
layer for transport and tun objects.
 2012-01-04 15:58:31 +00:00
James Yonan
d7039586dd Made client transport layer polymorphic. 2012-01-03 08:04:41 +00:00
James Yonan
e4053d0bd9 More ReadHandler tweaks + lambda tests. 2012-01-02 07:08:00 +00:00
James Yonan
5c29216c63 Unvirtualize udp_read_handler and tun_read_handler. 2012-01-02 02:26:11 +00:00
James Yonan
a20651efbf Make DNS resolution asynchronous. 2012-01-02 01:58:00 +00:00
James Yonan
3f5c9c330c Redid tun/udp read handlers to use virtual functions rather 
than function objects.
 2012-01-01 22:53:38 +00:00
James Yonan
cd13bb745f Minor file reorg/cleanup: 
* link renamed to transport
* moved common/addr.hpp and common/iostats.hpp to unused
 2011-12-31 19:49:43 +00:00
James Yonan
a13f44199e minor changes to platform.hpp. 2011-12-31 19:44:50 +00:00
James Yonan
83f057b6db Temporarily factor out linkbase.hpp. 2011-12-31 18:47:18 +00:00
James Yonan
161bbb241d Added BidirObjBase + test code. 2011-12-30 02:05:07 +00:00
James Yonan
affa534dce Added enable_strict_openvpn_2x() method to ProtoContext. 2011-12-29 21:54:12 +00:00
James Yonan
ac32190acf Minor changes to proto.cpp on Apple to conform with new 
SSL context Config class semantics.
 2011-12-18 11:33:15 +00:00
James Yonan
7371bd8e14 First working version of cli that can be entirely driven from config 
file.  Currently limited to UDP, runs only on Linux, and supports
pushed redirect-gateway but not route directives.
 2011-12-18 10:50:08 +00:00
James Yonan
fb163b65f4 ProtoContext object can now be reused via reset() method. 
Fixed rare bug where client receives auth, goes ACTIVE, but the ACK
response back to the server is dropped causing the server to receive
post-ACTIVE app messages from the client while it's still stuck
in the S_WAIT_AUTH_ACK state.
 2011-12-17 10:53:21 +00:00
James Yonan
6260957c37 Added AES-NI support. 
Disable logging in Packet ID code unless OPENVPN_DEBUG_PACKET_ID
is defined.
 2011-12-17 05:06:39 +00:00
James Yonan
e0b96357fb First working version of core (testcli.cpp). 2011-12-16 17:20:46 +00:00
James Yonan
990231b226 First successful negotiation with AS. 
Still need to parse and apply PUSH_REPLY options.
 2011-12-16 10:02:15 +00:00
James Yonan
a1033bc2a8 Extended dump_packet to handle DATA_V1 packets as well. 2011-12-15 09:14:56 +00:00
James Yonan
c8f7b0ff2f Keepalive implementation. 2011-12-15 08:48:14 +00:00
James Yonan
3bcc32f696 Implemented auth methods in ProtoContext. 2011-12-14 16:20:07 +00:00
James Yonan
44ee74f374 Added compression framework. 
Implemented LZO_STUB compressor.

Added methods to generate options and peer info strings.
 2011-12-14 11:34:33 +00:00
James Yonan
3f73d56afb Added some string parsing classes/functions for parsing OpenVPN options 
given as a comma-separated list.
 2011-12-13 19:51:29 +00:00
James Yonan
1b5fa38adb Comment additions. 
Catch buffer exceptions and increment BUFFER_ERRORS.
 2011-12-13 11:13:27 +00:00
James Yonan
1aa65c259b Implemented soft reset in proto.hpp. 2011-12-13 04:46:56 +00:00
James Yonan
bade2e77f2 Added dirty bit to KeyContext. 2011-12-11 10:27:02 +00:00
James Yonan
f3e9239d80 Full-protocol unit test using ProtoContext, w/o soft resets. 
Test in test/ssl/proto.cpp.
 2011-12-11 08:28:55 +00:00
James Yonan
3ed5459996 Minor fixes. 2011-12-05 21:00:43 +00:00
James Yonan
739b8d518f More test/reliable/ssl.cpp changes to bring in line with 
real OpenVPN protocol:

* proto Session ID support
* support for tls_auth to be enabled or disabled
 2011-12-05 09:13:55 +00:00
James Yonan
ee46876142 Added HMAC and Packet ID integrity checks to reliable/SSL test. 2011-12-05 06:11:51 +00:00
James Yonan
16f2021000 Add ssl_started differentiation to ProtoStackBase. 2011-12-04 20:50:24 +00:00
James Yonan
abf3df3039 Added PACKET abstraction to ProtoStackBase. 2011-12-04 10:55:28 +00:00
James Yonan
e4902ec958 Minor changes. 2011-12-04 06:05:34 +00:00
James Yonan
d21c7de80c Coded hmac2 methods, for dealing with HMAC operations where HMAC 
signature exists within data range being signed.

In ProtoStack, add raw_write method sending raw packets
that will NOT be encrypted via SSL, but will still be
encapsulated and tracked via reliability layer.

Other misc changes.
 2011-12-04 01:34:32 +00:00
James Yonan
d77746ce40 Allow test/reliable/ssl.cpp to be built with either 
Apple SSL client and OpenSSL server, or OpenSSL
for both client and server (see README.txt).
 2011-12-03 00:46:17 +00:00
James Yonan
3c57bf9b05 ProtoStack with Apple SSL client and OpenSSL server 
successfully tested by test/reliable/ssl.cpp.
 2011-12-02 22:00:56 +00:00
James Yonan
67304fc671 Initial implementation of class ProtoStackBase. 
Compiles, but not yet tested.
 2011-11-30 19:47:30 +00:00
James Yonan
2b7e81e55b Added new constructor to AppleSSLContext so it can be 
initialized via an SSLConfig.
 2011-11-29 05:38:19 +00:00
James Yonan
3e91be1849 Added AppleSSLContext. 
Cleaned up test/osx/ssl.cpp.  Old (messy) version
moved to ssl1.cpp.
 2011-11-28 06:53:44 +00:00
James Yonan
8425a7e8ad Minor CF changes. 
osx/ssl.cpp now obtains the client side ca/cert/key
via the keychain rather than try to load it directly
from pkcs12 file.
 2011-11-28 03:37:10 +00:00
James Yonan
532c79e46e Added test/osx/ssl.cpp, simulates an SSL connection between 
an Apple-crypto-based client and an OpenSSL server.
 2011-11-27 11:33:27 +00:00
James Yonan
fc0635e657 Read PKCS#12 file using Apple crypto. 2011-11-26 11:33:39 +00:00
James Yonan
3903704788 Frame class changes: 
* Take into account the actual alignment of the underlying
  buffer pointer.

* Added standardize_capacity method to set the capacity of
  a group of Context objects to the highest capacity of any
  one of the members.
 2011-11-26 07:30:27 +00:00
James Yonan
bfbed01e12 Work around an issue in older versions of OpenSSL 
where DHparams_dup is defined as a macro.
 2011-11-25 07:06:30 +00:00
James Yonan
f3ec4429ba Minor fixes related to previous commit. 2011-11-25 05:38:40 +00:00
James Yonan
e56f1c6b11 Added OpenSSLContext data transfer test. 2011-11-24 10:47:11 +00:00
James Yonan
71eaaaac9d Started process of abstracting SSL Context object to be independent 
of the underlying crypto library.
 2011-11-24 02:09:11 +00:00
James Yonan
671df2bb14 Reorganized files so that all code that references OpenSSL 
is either under openvpn/openssl (implementation) or
openvpn/gencrypto (generic crypto selector).

Reorganized applecrypto with evp files under crypto so
that we can eventually build out applecrypto as a full
crypto/ssl replacement for OpenSSL.
 2011-11-23 06:08:26 +00:00
James Yonan
d0e1d06812 Ported tlsprf to CommonCrypto. 2011-11-23 03:35:51 +00:00
James Yonan
713fbab110 Extended Apple CommonCrypto support to full OpenVPN 
data channel layer, so that encdec benchmark will
now run with only CommonCrypto (no OpenSSL linkage).
 2011-11-22 09:13:22 +00:00
James Yonan
0d293533f5 Added OpenSSL-like HMAC API using Apple 
CommonCrypto as backend.
 2011-11-22 03:01:28 +00:00
James Yonan
d05decf3a9 Added OpenSSL-like EVP API (for digests only) and random 
API using Apple CommonCrypto and Security/SecRandom APIs
as backend.
 2011-11-21 22:39:33 +00:00
James Yonan
7dd61393ab Move crypto random number headers out of openvpn/openssl 
into openvpn/random.  Also move boostrand.hpp into
openvpn/random.
 2011-11-21 06:11:06 +00:00
James Yonan
6fcd683d46 Added align_block parameter to Frame::Context, since align_block isn't 
necessarily going to always be sizeof(size_t).  In some cases, we might
want it to be the cipher block size.
 2011-11-21 05:45:29 +00:00
James Yonan
b45e9c2e15 Started on ProtoContext object (master OpenVPN protocol 
context object).

Implemented TLS PRF functions.
 2011-11-21 04:58:54 +00:00
James Yonan
673c214da4 time::now needs to be volatile. 2011-11-09 15:26:40 +00:00
James Yonan
f09b9ae12a Added reltest.cpp for testing ReliableRecv and ReliableSend 
objects by simulating an unreliable packet stream.

Modified packet_id code so that current time (now) is passed
via function calls rather than accessed as a global.

Added integer random number support via boost::random.
 2011-11-09 05:52:52 +00:00
James Yonan
52c42fb5d2 Moved time source files to openvpn/time. 
Added search/replace tool smod.
 2011-11-05 17:02:16 +00:00
James Yonan
b1b313ec28 Implemented new time system based on Time and Time::Duration, 
with Asio integration using boost::asio::time_traits<openvpn::Time>.

Started reliable receive class (ReliableRecv).
 2011-11-01 13:00:49 +00:00
James Yonan
1fcf65fbda Started PKI tree for wrapping OpenSSL PKI objects. 
Started SSL Context class.

Implemented dgram & stream buffer queues that can operate as
OpenSSL BIOs.

Reworked Frame class to make it more flexible.
 2011-10-25 17:32:26 +00:00
James Yonan
e5b9f303bc Developed openvpn::time abstraction. 2011-10-16 07:51:07 +00:00
James Yonan
11be943cbb Added MessageWindow class and test. 2011-10-10 07:27:20 +00:00
James Yonan
ab4c6ee28e Added NowUpdater class to update "now" variable once per second. 
Currently being used in static key tunnel (st.cpp).
 2011-10-08 06:20:49 +00:00
James Yonan
918caca206 First working static key implementation. 
Tested interoperability with OpenVPN in static key mode.
 2011-10-07 05:47:49 +00:00
James Yonan
422cd204af Added CryptoContext wrapper struct for Encrypt and Decrypt objects. 
Modified build scripts to use -fwhole-program.

Added read_text function to read a text file into a string.
 2011-10-06 17:22:37 +00:00
James Yonan
8a942b6d19 Pass Frame object around to other objects via a boost::shared_ptr. 2011-10-06 05:54:30 +00:00
James Yonan
32d9456035 Modified cleartun to use new Frame abstraction. 2011-10-06 05:19:28 +00:00
James Yonan
e3422bd755 Encrypt and Decrypt classes implemented for OpenVPN data channel protocol. 2011-10-06 00:18:46 +00:00
James Yonan
4453f890a0 Added Cipher and HMAC classes. 2011-10-04 05:34:04 +00:00
James Yonan
bcd127a7ce Implemented buffer write/read/prepend. 2011-10-03 04:10:01 +00:00
James Yonan
7822e9e298 Make Buffer/BufferAllocated into BufferType/BufferAllocatedType 
templates.

Obsolete SimpleArray (all SimpleArray functionality is now
supported by BufferAllocatedType).
 2011-10-02 18:55:55 +00:00
James Yonan
23aaf02d71 Use class-private static const strings in OpenVPNStaticKey. 2011-10-01 02:22:52 +00:00
James Yonan
f2423aad9d Misc fixes: 
* Changes to make library more properly "header only".
* Make Allocator argument to SimpleArray a template parameter.
 2011-09-30 23:20:30 +00:00
James Yonan
bba84f1692 Minor fix. 2011-09-30 16:47:28 +00:00
James Yonan
e4f9d20a0f Added OpenVPN Static Key parser/renderer. 2011-09-30 15:25:38 +00:00
James Yonan
45cd55cb4d Added allocators to SimpleArray to allow for a secure 
allocator that zeros data before deallocation.
 2011-09-30 01:01:01 +00:00
James Yonan
4d66859513 Added PRNG. 2011-09-29 22:42:37 +00:00
James Yonan
f25c9b37ef Added SimpleArray class template. 
Misc cleanup.
 2011-09-29 06:35:23 +00:00
James Yonan
931a4b1a07 In Cleartun, revert to single-threaded mode only regardless of whether 
Boost/Asio built in single-threaded mode.  This is done due to the
revelation that Asio socket objects are not thread-safe.

Break out IOStats into two classes:

* IOStatsSingleThread
* IOStatsMultiThread
 2011-09-29 03:01:36 +00:00
James Yonan
ff23d78fa9 Implemented OpenVPN Packet ID code. 2011-09-28 23:12:37 +00:00
James Yonan
fed617b613 Added cleartun optimizations: 
* reuse buffer for next queue
* do 8 async_read_somes in parallel
* use hand-rolled function object instead of boost::bind
 2011-09-26 21:02:13 +00:00
James Yonan
c90ba6937d Added cleartun benchmark to demonstrate cleartext 
tun-based VPN implemented in C++/Asio/Boost.

See test/cleartun/notes.txt.
 2011-09-24 22:51:28 +00:00
James Yonan
f11af8460f Commit of misc C/C++ code: 
* test/cascli -- call AS client API from C++ by embedding python
* test/embed -- misc test code for embedding python
* test/dtls -- DTLS proof-of-concept code
* test/tunflood -- test boost::asio wrapper around linux tun/tap device
 2010-09-23 09:01:19 +00:00
James Yonan
24a4eb3267 Initial checkin for OpenVPN 3 rewrite. 
This very basic proof-of-concept implements a
boost::asio wrapper around the linux tun/tap device.
 2010-09-13 08:52:18 +00:00