aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2008-07-18Reverted some recent buffer.[ch] changes, including r3058 (except forjames3-64/+21
likely() and unlikely() macro additions to syshead.h) and r3061. I would like to give more thought to the bigger issue of fortifying buffer.[ch] through the use of additional defensive programming techniques. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3081 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-18Fixed format string issue in read_inline_file,james1-1/+1
used in the config file parser. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3078 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-18status_printf function will now set error flag onjames2-7/+24
output truncation or failure of write() to write the expected number of bytes. Raised STATUS_PRINTF_MAXLEN to 512 (from 256). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3077 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-18gen_path will no longer silently truncate the generatedjames2-1/+15
filename at 256 bytes. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3076 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-18Fixed code inclusion bug that was erroneously testingjames2-6/+9
defined(P2MP_SERVER) rather than P2MP_SERVER. Fixed compile issues when USE_CRYPTO is undefined. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3075 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-18Modified create_temp_filename to create unpredictablejames1-5/+12
filenames. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3074 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-17Previously, OpenVPN might log a client's auth-user-passjames3-2/+19
password if the verbosity was set to a high debug level such as 7 or higher. Normally this would only be used by developers. Now, even at high debug levels, the password will not be output. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3073 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-17gen_path now rejects filenames that match Windowsjames3-1/+72
device names such as CON, NUL, LPT1, etc. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3072 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-17Call prng_init after fork in background processjames1-0/+4
created by port_share_open, so as to ensure a newly seeded PRNG sequence. This is strictly defensive programming since port_share_proxy currently does not use the PRNG. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3070 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-17Added warning when using chroot without specifying user and group.james1-0/+3
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3069 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-17Check for multiplication overflow on ALLOC_ARRAY* functions.james2-4/+16
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3068 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-17Removed old version of extract_x509_field.james1-40/+0
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3066 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-17Support wraparound of reliable.[ch] packet IDs. Injames1-12/+44
practice, wraparound of the packet ID sequence is extremely unlikely since the sequence is restarted for each mid-session TLS renegotiation. But we will support it for completeness. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3065 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-17Fixed a potential information leak in the new NTLM phase 3 code,james2-8/+21
as well as a failure of the code to check the return value from base64_decode. Fixed compiler warnings in the new NTLM phase 3 code about implicit casting between signed and unsigned char *. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3064 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-17Fixed issue in read_key_file, where the return value ofjames1-1/+3
read() wasn't being checked for errors. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3063 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-16Added SOCKET_SND_RCV_BUF_MAX constant (set to 1000000) to limit thejames2-5/+16
maximum size passed to setsockopt SNDBUF/RCVBUF. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3062 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-16In the Windows version of tun_finalize, on errors that wouldjames1-1/+6
return -1, set buf->len to 0 rather than -1. While downstream code is set up to consider the buffer invalidated if its length is <= 0, this change makes the code cleaner and safer. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3061 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-16Used unlikely() macro to tell compiler that msg() willjames1-1/+1
usually be silent. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3060 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-16Added likely() and unlikely() branch prediction hint macrosjames4-21/+68
to syshead.h Introduced BUF_MAX constant to limit struct buffer offset and length values. BUF_MAX has been set to 2^20. Use likely() and unlikely() macros in buffer.h code to allow the compiler to generate more efficient code. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3058 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-14Copyright change OpenVPN Solutions LLC -> Telethra, Inc.james153-159/+159
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3048 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-06-13Version 2.1_rc8v2.1_rc8james2-5/+13
On Windows, use -leay32 and -lssl32 to link with OpenSSL. On Windows, bundle pkcs11-helper-1.06-beta1. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2997 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-06-11Updated copyright notice to 2008.james150-152/+152
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2995 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-06-11Updated version & changelog.james4-4/+77
Updated build-pkcs11-helper.sh to build from OpenSSL 0.9.8h. Added pkcs11-related fixes to easy-rsa/2.0/vars. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2994 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-06-11Merged connection profiles fromjames23-582/+1076
http://svn.openvpn.net/projects/openvpn/test/conn git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2993 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-06-11Updated version to 2.1_rc7e.james30-569/+2495
Added client authentication and packet filtering capability to management interface. Extended packet filtering capability to work on both --dev tun and --dev tap tunnels. Updated valgrind-suppress file. Made "Linux ip addr del failed" error nonfatal. Amplified --client-cert-not-required warning. Added #pragma pack to proto.h. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2991 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-06-04Added support for building and linking withjames6-6/+91
openssl-0.9.8h on Windows. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2982 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-06-04Fixed unbounded memory growth bug injames3-2/+18
environmental variable code that could have caused long-running OpenVPN sessions with many TLS renegotiations to incrementally increase memory usage over time. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2981 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-06-04Fixed an issue in extract_x509_field_ssl where the extractionjames1-1/+1
would fail on the first field of the subject name, such as the common name in: /CN=foo/emailAddress=foo@bar.com git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2980 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-06-04In auth-pam authentication module, even when in debug mode,james1-2/+8
never output passwords to stderr. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2979 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-06-04Incremented version to 2.1_rc7d.james26-108/+1210
Support asynchronous authentication by plugins by allowing OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY to return OPENVPN_PLUGIN_FUNC_DEFERRED. See comments in openvpn-plugin.h for documentation. Enabled by ENABLE_DEF_AUTH. Added a simple packet filter functionality that can be driven by a plugin. See comments in openvpn-plugin.h for documentation. Enabled by ENABLE_PF. See openvpn/plugin/defer/simple.c for examples of ENABLE_DEF_AUTH and ENABLE_PF. "TLS Error: local/remote TLS keys are out of sync" is no longer a fatal error for TCP-based sessions, since the error can arise normally in the course of deferred authentication. In a related change, allow packet-id sequence to begin at some number n > 0 for TCP sessions, rather than strictly requiring sequence to begin at 1. Added a test to configure.ac for LoadLibrary function on Windows. Modified "make dist" function to include all files from install-win32 so that ./domake-win can be run from a tarball-expanded directory. setenv and setenv-safe directives may now omit a value argument which defaults to "". git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2978 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-05-25Fixed a bug in plugin.c that caused openvpn_plugin_client_destructor_v1james6-13/+136
to not be called for the top-level "generic" client template. Added additional documentation to openvpn-plugin.h that more clearly illustrates the full sequence and ordering of plugin callbacks (plugin/defer/simple.c was extended to provide the raw data for this documentation). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2973 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-05-24Support asynchronous/deferred authentication injames19-101/+456
OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY plugin handler. See documentation in openvpn-plugin.h and example usage in plugin/defer/simple.c. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2969 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-05-24Did:james0-0/+0
svn propset svn:ignore -F .svnignore . on the modified .svnignore files. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2967 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-05-24Modified .svnignore to only ignore files generatedjames3-46/+18
by the auto* tools and make. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2966 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-05-12Moved branch into official BETA21 position.james90-1274/+2241
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2959 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-03-11Misc XGUI fixes.james4-20/+24
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2836 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-03-11Set tool defaults in pkitool.james1-0/+5
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2835 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-03-10First working version of XGUI inclusion.james10-55/+221
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2834 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-03-05Added new OpenVPN icon and installer graphic.james2-0/+0
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2783 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-02-18Version 2.1_rc7a.james5-12/+15
Minor Windows build system changes: * Fall back to prebuilt-binary if gcc is not available. * Documentation changes in ./domake-win git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2760 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-02-17Clarified tcp-queue-limit man page entryjames1-3/+3
(Matti Linnanvuori). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2750 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-02-17The new function extract_x509_field_ssl tends to breakjames2-1/+14
in early versions of OpenSSL 0.9.6. Now we will fall back to the old function extract_x509_field for OpenSSL 0.9.6. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2749 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-02-17Cleanup IP address for persistence interfaces for tap and also usingjames1-8/+26
ifconfig, gentoo#209055 (Alon Bar-Lev). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2748 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-02-01Changes to Windows build system: added GENOUT_PREBUILT modejames5-15/+86
to allow building an OpenVPN installer with a reduced set of prerequisites. See comments in domake-win for more info. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2711 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-02-01Changes to Windows build system to make it easier to dojames19-195/+248
partial builds, where only a subset of OpenVPN installer components are built. See ./domake-win comments. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2710 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-01-30Version 2.1_rc7v2.1_rc7james2-1/+8
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2702 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-01-26Fixup null interface on close, don't use ip addr flushjames1-9/+16
(Alon Bar-Lev). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2683 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-01-25Added a few extra files that exist in the svn repojames2-2/+6
but were not being copied into the tarball by make dist. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2674 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-01-24VERSION 2.1_rc6v2.1_rc6james2-1/+8
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2666 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-01-24Fixed pkcs11_private_mode undef.james1-1/+1
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2664 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-01-23VERSION 2.1_rc5v2.1_rc5james5-39/+138
Updated ChangeLog. Cleaned up start menu shortcuts in the Windows installer. Make sure that the uninstaller deletes SAMPCONF files. Minor uninstaller fixes to prevent files from being left behind after uninstall. Updated Windows notes. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2660 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-01-23Forgot to put struct WIN2K_NDIS_MINIPORT_BLOCK outsidejames1-4/+4
of #if ENABLE_NONADMIN block. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2658 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-01-23Squashed Win2K TAP bug that was introduced by Vista fixes.james3-88/+106
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2657 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-01-23Incremented TAP version number to 9.4.james2-8/+29
Added SAMPCONF macros to settings.in and openvpn.nsi to allow a default configuration to be loaded by the installer. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2656 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-01-23Added --management-forget-disconnect option -- forgetjames6-1/+36
passwords when management session disconnects (Alon Bar-Lev). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2652 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-01-22Upgraded TAP build scripts to use WDK 6001.17121james8-11/+20
(Windows 2008 Server pre-RTM). Fixed typo of DESC_SecPKCS11DLLs in openvpn.nsi. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2651 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-01-22Incremented version number to 2.1_rc4a.james7-14/+81
Windows changes: Incremented included OpenSSL version to openssl-0.9.7m. Updated openssl.patch for openssl-0.9.7m and added some brief usage comments to the head of the patch. Added build-pkcs11-helper.sh for building the pkcs11-helper library. Integrated inclusion of pkcs11-helper into Windows build system. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2649 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-01-21Changed ASSERT(0) to a more descriptive fatal error in tun.cjames1-1/+1
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2641 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-01-21Fixed --disable-iproute2 in ./configure to actually disablejames1-1/+1
iproute2 usage (Alon Bar-Lev). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2640 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-01-21Allow OpenVPN to run completely unprivileged under Linuxjames9-10/+100
by allowing openvpn --mktun to be used with --user and --group to set the UID/GID of the tun device node. Also added --iproute option to allow an alternative command to be executed in place of the default iproute2 command (Alon Bar-Lev). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2639 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-01-21Rewrote extract_x509_field and modified COMMON_NAME_CHAR_CLASSjames2-2/+48
to allow forward slash characters ("/") in the X509 common name (Pavel Shramov). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2638 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-01-21Added PLUGIN_LIBDIR preprocessor string to prepend a default pluginjames1-1/+20
directory to the dlopen search list when the user specifies the basename of the plugin only (Marius Tomaschewski). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2637 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-01-21Define ALLOW_NON_CBC_CIPHERS for people who don'tjames1-0/+2
want to use a CBC cipher for OpenVPN's data channel. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2636 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-01-21Simple fix where options->ca_file was used withoutjames1-1/+1
first being checked against NULL. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2635 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-01-21epoll driver in event.c should be prepared to handle anjames1-1/+1
EPOLLHUP event in the same way as it handles EPOLLIN, EPOLLPRI, or EPOLLERR events. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2634 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-01-21Fixed interim memory growth issue in TCP connect loop wherejames1-0/+2
"TCP: connect to %s failed, will try again in %d seconds: %s" is output. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2633 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-01-21Added note about alternative version of easy-rsajames1-1/+9
that supports subjectAltName for multi-domain web certificates. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2632 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-10-26PKCS-11 fixups (Alon Bar-Lev).james1-1/+1
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2438 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-10-22Use pkcs11-helper as external library, can be downloadedjames22-14449/+468
from https://www.opensc-project.org/pkcs11-helper (Alon Bar-Lev). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2418 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-10-22Modified command line and config file parser to allowjames2-4/+20
quoted strings using single quotes ('') (Alon Bar-Lev). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2414 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-10-22Added --management-signal option to signal SIGUSR1 when the managementjames6-1/+37
interface disconnects (Alon Bar-Lev). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2413 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-10-22Add "forget-passwords" command to the management interface (Alon Bar-Lev).james2-0/+23
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2412 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-08-17AUTO_USERID feature -- if the auth-user-pass option is usedjames3-3/+5
with some argument ARG, then -ARG will be appended to the username string that is sent to the server. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2259 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-08-14config-win32.h and install-win32/openvpn.nsi are no longer generatedjames1-1/+1
(i.e. they are now original sources), therefore doclean should not delete them. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2249 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-07-18updated iconjames1-0/+0
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2120 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-06-11Fixed a variable declaration that wasn't at the startjames1-2/+4
of a block. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2026 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-04-26script comment changesjames2-1/+3
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1900 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-04-25Version 2.1_rc4v2.1_rc4james2-1/+10
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1881 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-04-25Fixed 64-bit portability bug in time_string function (Thomas Habets).james1-1/+2
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1880 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-04-25misc Windows build system changesjames6-6/+24
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1875 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-04-25TAP driver now passes signing tests on Vista x64.james36-315/+431
Added new settings to settings.in to better control build process. Removed some unneeded JYFIXMEs from source code. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1874 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-04-23Forgot to add changelog item about OpenVPN GUI beingjames1-1/+5
included in 2.1-rc3. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1869 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-04-23Version 2.1_rc3v2.1_rc3james2-1/+21
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1868 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-04-22Version is now specified in version.m4 for bothjames19-92/+204
unix and windows versions. Reworked the Windows build scripting system, with settings (other than version #) specified in settings.in. Moved the native scripting grammar as defined by trans.pl away from NSIS and to something more generic. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1867 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-04-21Moved OpenVPN version number from configure.acjames2-1/+4
to version.m4 git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1866 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-04-21Added a Windows README file to the installer thanjames2-3/+20
contains quick-start instructions. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1864 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-04-21Added OpenVPN GUI (Mathias Sundman version) as installjames2-2/+36
option in Windows installer. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1863 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-04-21The easy-rsa directory installed by the windows installer comes with thejames3-0/+24
old easy-rsa 1.0 files. (even current openvpn-2.1_rc2-install.exe) This bug is not that critical, but it is annoying that easy-rsa still creates server certificates without extended key usage per default (openssl.cnf), making the windows user wonder about error messages if the recommended "remote-cert-tls" option is used. (In this case simply copying the openssl.cnf from the 2.0 directory did the job, for regular usage the path to opensc in the newly added pkcs11 section should be changed). And if possible please add the following three files to the "Windows" directory if easy-rsa. They allow to build password protected versions of the keys (I just copied the files and remove the "-nodes" parameter). Except of build-key-server-pass.bat i think that they are vital for security (e.g. the key files are in an unencrypted directory and physical access is possible). -- Daniel Zauft git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1862 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-04-21Clean up configure on FreeBSD for recent autotool versions thatjames2-7/+39
require that all .h files have to be compiled. Also, FreeBSD install does not support GNU long options which the Makefile in easy-rsa/2.0 uses (not checked the others as we don't install those on Gentoo) -- Roy Marples git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1861 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-04-19Use Server 2003 rather than Vista as x64 target for tap/tapinstall.james4-8/+4
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1853 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-04-19Updated build system and tap driver to work withjames9-28/+42
version 5600 of the Windows DDK. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1851 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-04-14Added options to version.nsi that allow prebuiltjames3-4/+35
amd64 tap/tapinstall to be specified. Verify that tapinstall directory exists before trying to build it. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1838 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-03-16Revert r1773james4-11/+13
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1776 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-03-08Don't build special x64 version of tapinstall.exejames4-13/+11
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1773 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-03-07Windows TAP driver license text changes.james19-168/+174
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1764 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-03-07Cleaned up Windows build scripts.james13-113/+234
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1763 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-03-06Forgot to svn add buildinstaller before last commit.james1-0/+6
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1762 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-03-06./domake-win will now do a full build of the installerjames3-2/+35
from source. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1761 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-03-06Added maketapinstall.james6-15/+83
Added makebin to build bin directory. Modified openvpn.nsi to read distribution files from the new locations. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1760 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-03-06Added maketap and signtap scripts.james3-0/+62
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1759 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-03-06Added service configuration to install-win32/winconfigjames2-0/+17
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1758 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-03-06Changes to Windows build environment, to allow straightforward buildingjames16-437/+106
directly from an svn checkout or export. install-win32/version.nsi contains high-level version info. The script install-win32/winconfig should be run initially to set up build configuration files. Then make can be executed as such: . autodefs/nsidefs.sh make -f makefile.w32 -j 2 git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1757 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-03-05Allow installation of TAP-Win64james3-15/+15
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1755 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-03-05TAP driver fix for Vista x64 BSOD.james4-4/+21
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1754 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-03-05Include tap.cat (TAP driver catalog file) in Windowsjames3-3/+5
installer. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1753 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-02-28Version 2.1_rc2 releasedv2.1_rc2james2-1/+64
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1750 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-02-28On Windows, revert to "ip-win32 dynamic" as the default.james1-1/+1
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1749 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-02-28Worked around an incompatibility in the Windows Vistajames1-7/+25
version of CreateIpForwardEntry as described in http://www.nynaeve.net/?p=59 This issue would cause route additions using the IP Helper API to fail on Vista. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1748 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-02-27The Windows version will now use a default route-delayjames1-1/+1
of 5 seconds to deal with an apparent routing table race condition on Vista. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1747 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-02-27Renamed TAP-Win32 driver from tap0801.sys to tap0901.sysjames12-88/+232
to reflect the fact that Vista has blacklisted the tap0801.sys file name due to previous compatibility issues which have now been resolved. TAP-Win32 major/minor version number is now 9/1. Windows installer will delete a previously installed tap0801.sys TAP driver before installing tap0901.sys. Added code to Windows installer to fail gracefully on 64 bit installs until 64-bit TAP driver issues can be resolved. Added code to Windows installer to fail gracefully on versions of Windows which are not explicitly supported. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1746 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-12-24--reneg-sec clarification in man page.james1-0/+13
Should be added to 2.0.x branch as well. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1606 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-12-05Interim snapshot 2.1_rc1cjames1-1/+1
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1541 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-11-23updated valgrind-suppress for OpenSSL 0.9.8james1-228/+40
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1494 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-11-23Fixed issue where struct env_set methods thatjames4-4/+40
change the value of an existing name=value pair would delay the freeing of the memory held by the previous name=value pair until the underlying client instance object is closed. This could cause a server that handles long-term client connections, resulting in many periodic calls to verify_callback, to needlessly grow the env_set memory allocation until the underlying client instance object is closed. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1493 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-11-13Interim snapshot 2.1_rc1bjames1-1/+1
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1461 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-11-13Revert TAP-Win64 binaries to tapbin64-0801james1-2/+4
in prebuild script. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1460 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-11-13New try at AUTO_USERID.james9-2/+236
Implemented AUTO_USERID using MD5(MAC address(primary network adapter)). Currently implemented for Linux and Windows. Basically if ENABLE_AUTO_USERID is defined, the --auth-user-pass option will not prompt for username/password, but will rather generate a unique username and blank password. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1459 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-11-13Attempt at rational signal handling when in thejames4-11/+69
management hold state. During management hold, ignore SIGUSR1/SIGHUP signals thrown with the "signal" command. Also, "signal" command will now apply remapping as specified with the --remap-usr1 option. When a signal entered using the "signal" command from a management hold is ignored, output: >HOLD:Waiting for hold release git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1458 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-11-10Backed out AUTO_USERID feature introduced in r1436.james4-48/+4
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1449 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-11-09Fixed issue where OpenVPN does not apply the --txqueuelen optionjames3-3/+5
to persistent interfaces made with --mktun (Roy Marples). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1447 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-11-08Interim snapshot 2.1_rc1ajames1-1/+1
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1441 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-11-08Added time_ascii, time_duration, and time_unixjames4-8/+63
environmental variables for plugins and callback scripts. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1440 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-11-08Added #ifdefed out AUTO_USERID feature.james4-4/+48
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1436 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-11-08PROTO_TCPv4 is never used as an index intojames2-5/+8
proto_overhead, however this should be fixed. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1434 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-11-02Fixed typo in tapdrvr.c -- the fix is functionally cosmeticjames1-1/+1
because NdisFreeSpinLock is a null macro. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1429 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-11-01SO_REUSEADDR should not be set on Windows TCP sockets becausejames1-0/+2
it will cause bind to succeed on port conflicts. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1428 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-11-01Prevent SIGUSR1 or SIGHUP from causing programjames4-1/+28
exit from initial management hold. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1427 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-11-01auth-pam change: link with -lpam ratherjames2-3/+2
than dlopen (Roy Marples). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1421 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-11-01Merged Alon's branch:v2.1_rc1james7-36/+88
svn merge -r1322:1392 https://svn.openvpn.net/projects/openvpn/contrib/alon/21rc/openvpn . Version 2.1_rc1 released git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1420 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-10-01Version 2.1_beta16 releasedjames1-1/+1
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1335 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-10-01For Windows build, updated OpenSSL to 0.9.7l.james4-7/+47
Added small OpenSSL patch to be applied prior to Windows build. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1328 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-09-21Documented --socket-flags and the TCP_NODELAY flag.james1-0/+17
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1276 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-09-14ChangeLog edits for r1229 and r1230.james1-0/+13
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1231 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-09-14Fixed bug in loopback self-test introducedjames2-2/+2
in 2.1-beta15 where self test as invoked by "make check" would not properly exit after 2 minutes (Paul Howarth). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1230 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-09-14TAP-Win32 fixes to run on Windows Vista.james11-31/+320
Modified installer to detect 32-bit vs. 64 bit Windows and install the correct TAP driver. TAP-Win32 version number is at 8.4. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1229 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-09-12Version 2.1_beta15 releasedjames3-2/+49
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1226 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-07-03Comment about assertion being hit.james1-1/+1
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1079 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-06-30Fixed bug introduced with the --port-share directivejames1-1/+1
back in r893 which causes TLS soft resets (1 per hour by default) in TCP server mode to force a blockage of tunnel packets and later time-out and restart the connection. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1076 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-06-29pkcs11 changes:james2-17/+28
-r 1046:1053 https://svn.openvpn.net/projects/openvpn/contrib/alon/BETA21 1. Modified ssl.c to not FATAL and return to init.c so auth-retry will work. 2. Modifed pkcs11-helper.c to fix some problem with multiple providers. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1070 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-06-29Added two new management states:james4-7/+39
OPENVPN_STATE_RESOLVE -- DNS lookup */ OPENVPN_STATE_TCP_CONNECT -- Connecting to TCP server Echo management state change to log. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1068 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-06-28Minor syshead.h change for NetBSD to allowjames1-0/+4
TCP_NODELAY flag to work. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1060 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-06-26Removed 'keywords' propset from everythingjames0-0/+0
except ChangeLog. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1050 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-06-26Removed spurious executable propset fromjames4-0/+0
several source files. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1048 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-06-24Modified --port-share code to remove the assumption thatjames2-17/+15
CMSG_SPACE always evaluates to a constant, to enable compilation on NetBSD and possibly other BSDs as well. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1041 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-06-24Eliminated gcc 3.3.3 warnings on NetBSDjames8-12/+16
when ./configure --enable-strict is used. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1040 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-06-13-r 1026:1032james5-29/+79
https://svn.openvpn.net/projects/openvpn/contrib/alon/BETA21/openvpn Changes: 1. Updated makefile.w32-vc to include lladdr.*, updated linkage libraries. 2. Modified lladdr.c to be compiled under visual C. 3. Added retry counter to PKCS#11 PIN hook. 4. Modified PKCS#11 PIN retry loop to return correct error code when PIN is incorrect. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1038 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-06-11Added optional minimum-number-of-bytesjames7-17/+38
parameter to --inactive directive. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1036 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-06-11A few more updates:james3-2/+72
-r 1015:1025 https://svn.openvpn.net/projects/openvpn/contrib/alon/BETA21 Changes: 1. Fix handling (ignoring) zero sized attributes. 2. Fix gcc-2 issues. 3. Fix openssl 0.9.6 (first version) issues. 4. easy-rsa Makefile (install) is now available so that distribs will be able to install it safely. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1033 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-05-11Added credit for CAN-2005-2532.james2-2/+2
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1024 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-13Version 2.1_beta14 releasedjames1-1/+1
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1013 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-13Added --lladdr option to specify the link layer (MAC) addressjames9-1/+97
for the tap interface on non-Windows platforms (Roy Marples). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1012 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-13Added --route-metric option to set a default route metricjames7-3/+42
for --route (Roy Marples). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1011 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-13Version number increment.james1-1/+1
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1010 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-13ChangeLog edits.james1-0/+8
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1009 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-13Re-added backtrack handling code.james3-3/+84
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1008 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-13Merged PKCS#11 extensions to easy-rsa/2.0 (Alon Bar-Lev).james9-33/+501
svn merge -r 995:998 https://svn.openvpn.net/projects/openvpn/contrib/alon/easy-rsa git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1006 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-13Temporarily backed out time backtrack handling codejames4-109/+81
due to issues on Windows. Rewrote gettimeofday function for Windows to be simpler and more efficient. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1005 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-12Version 2.1_beta13 releasedjames2-1/+7
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1004 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-12svn merge -r 999:1000 $SO/trunk/openvpn .james2-3/+17
(Fixed 64-bit counter bug on Windows) git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1002 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-12Added credit and CVE number to security vulnerability fix in 2.0.6.james1-1/+2
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1001 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-05Version 2.1_beta12 releasedjames2-1/+40
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@993 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-05svn merge -r 886:987 $SO/trunk/openvpn .james3-4/+25
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@991 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-05I've recently worked on a better version of pkcs11-helper. I've also mergedjames10-2353/+9422
it into QCA (Qt Cryptographic Architecture), so that KDE 4 will finally be able to use smartcards. The changes allows the following features: 1. Thread safe, is activated if USE_PTHREAD. 2. Slot event - Will allow us in the future to disconnect VPN when smartcard is removed. In order to support this OpenVPN must support threading... At least SIGUSR1 from a different thread. Threading should be supported in both Windows and Linux. -- currently disabled. When I talk about threading support it is just support in configuration script and that the method that SIGUSR1 self can be called from a different thread. I already handle the monitor threads. 3. Certificate enumeration - Will allow us to finally have one configuration file for all users! When you add the plugin GUI stuff you talked about, we will be able to display a list of available certificates for the user to select. -- currently disabled. 4. Data object manipulation - Will allow us to store tls-auth on the smartcard as well. -- currently disabled. 5. Many other minor improvements. Alon Bar-Lev git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@990 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-05Added man page entry for --setenv-safe.james1-0/+12
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@989 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-05"topology subnet" fix for FreeBSD (Benoit Bourdin).james1-2/+25
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@986 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-05Security Vulnerability -- An OpenVPN client connecting to ajames3-1/+15
malicious or compromised server could potentially receive "setenv" configuration directives from the server which could cause arbitrary code execution on the client via a LD_PRELOAD attack. A successful attack appears to require that (a) the client has agreed to allow the server to push configuration directives to it by including "pull" or the macro "client" in its configuration file, (b) the client configuration file uses a scripting directive such as "up" or "down", (c) the client succesfully authenticates the server, (d) the server is malicious or has been compromised and is under the control of the attacker, and (e) the attacker has at least some level of pre-existing control over files on the client (this might be accomplished by having the server respond to a client web request with a specially crafted file). The fix is to disallow "setenv" to be pushed to clients from the server, and to add a new directive "setenv-safe" which is pushable from the server, but which appends "OPENVPN_" to the name of each remotely set environmental variable. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@983 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-02-23Minor fixes for gcc (GCC) 4.0.2 warnings.james4-5/+3
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@905 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-02-19Version 2.1_beta11 releasedjames3-34/+41
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@904 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-02-18Port share proxy bug fixes.james2-99/+61
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@903 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-02-18ps.c debug codejames2-75/+155
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@902 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-02-18Added comments to ps.c (port share proxy code).james2-4/+64
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@901 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-02-17Version 2.1_beta10 releasedjames5-9/+36
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@899 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-02-16Version 2.1_beta9 releasedjames2-1/+2
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@896 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-02-16svn merge -r 888:889 ↵james3-6/+10
https://svn.openvpn.net/projects/openvpn/contrib/alon/BETA21 21 git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@894 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-02-16Added --port-share option for allowing OpenVPN and HTTPSjames24-42/+1122
server to share the same port number. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@893 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-02-10Added "bytecount" command to management interface.james5-2/+70
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@887 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-02-03Added feature to --management-client to confirm connectionjames10-24/+112
by writing IP addr and port to a file. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@885 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-01-23Added --management-client option to connect as a client tojames11-52/+155
management GUI app rather than be connected to as a server. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@884 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-01-14pkcs11 fixes.james1-47/+96
svn merge -r 879:881 https://svn.openvpn.net/projects/openvpn/contrib/alon/BETA21/openvpn . git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@882 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-01-07Small fixes:james4-3/+20
* Fixed variable declaration in crypto.c that is not at the head of a block. * Added library to Visual C makefile. * In server.conf config sample, add additional comment text on "dev tap" usage. * Added some short documentation on revoke-full script. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@877 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-01-03Version 2.1_beta8 releasedjames2-2/+2
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@874 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-01-03incremented version number to 2.1_beta7bjames1-1/+1
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@872 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-30Added patch to modify openvpn.nsi for buildingjames1-0/+76
a turnkey installer. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@866 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-29Fixed bug with tls-auth and key-direction parameterjames3-4/+6
which was introduced in r844. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@865 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-29svn merge -r 854:863 $SO/trunk/openvpnjames1-0/+8
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@864 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-28Added OPENVPN_PLUGIN_TLS_FINAL plugin callback.james3-2/+15
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@862 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-23Minor ChangeLog edit.james1-3/+0
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@861 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-23Some PKCS11-related code wasn't properly #ifdefed.james1-1/+5
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@860 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-22Man page and usage message changes to reflectjames2-3/+10
--ip-win32 adaptive and --route-method adaptive. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@859 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-22Added new option --route-method adaptive (Win32)james4-9/+38
which tries IP helper API first, then falls back to route.exe. Made --route-method adaptive the default. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@858 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-22--ip-win32 adaptive is now the default.james7-19/+252
--ip-win32 netsh (or --ip-win32 adaptive when in netsh mode) can now set DNS/WINS addresses on the TAP-Win32 adapter. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@857 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-17Fixed bug in automatic Win32 PATH setting code.james1-5/+17
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@856 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-14svn merge -r 845:854 $SO/trunk/openvpn .james12-52/+137
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@855 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-13Don't warn user if he uses user/group/chroot andjames1-2/+7
did not specify persist-key but uses PKCS#11. svn merge -r 847:848 https://svn.openvpn.net/projects/openvpn/contrib/alon/BETA21/openvpn . git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@853 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-12Added --auto-proxy directive to auto-detect HTTP or SOCKSjames17-242/+539
proxy settings (currently Windows only). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@850 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-08First attempt at automatic proxy detection,james8-13/+291
Windows-only at this point. Proxy settings are taken from IE. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@846 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-08Inline file capability now works forjames7-115/+215
--secret and --tls-auth. For example: <secret> [ascii key data] </secret> git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@844 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-08Fixed some gcc 4 warnings in misc.c.james1-2/+2
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@843 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-05Fixed segfault that occurred if remote_cert_eku is undefined and nojames2-1/+5
server certificate verification method was enabled. Don't declare pkcs11 variables in struct options unless pkcs11 support is enabled. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@833 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-05Patch to support --topology subnet on Mac OS X (Mathias Sundman).james4-10/+36
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@832 e7ae566f-a301-0410-adde-c780ea21d3b5
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-20 10:02:57 +0000