From 055bb04c14f30cc627492680d1cf486d7b9b0f79 Mon Sep 17 00:00:00 2001 From: Sergey Abramchuk Date: Fri, 23 Feb 2018 12:14:04 +0300 Subject: [PATCH] Squashed 'OpenVPN Adapter/Vendors/openvpn/' changes from 3e002c83c..098fd412a 098fd412a [OVPN3-182] mac: add XCode project fd5fa9403 [OI-29] Report IV_HWADDR on iOS d3dd348c0 [OVPN3-165] send keydir opt string only when tls-auth is enabled d0532df66 mbedTLS: add support for ECDSA fa872c4ff [OVPN3-146] build: switch from sha256sum to shasum -a 256 git-subtree-dir: OpenVPN Adapter/Vendors/openvpn git-subtree-split: 098fd412a26b681e55e8c3de924d133f5547fd2f --- deps/functions.sh | 2 +- mac/.gitignore | 1 + .../ovpn3-core.xcodeproj/project.pbxproj | 326 ++++++++++++++++++ .../contents.xcworkspacedata | 7 + openvpn/mbedtls/ssl/sslctx.hpp | 18 + openvpn/netconf/hwaddr.hpp | 9 + openvpn/ssl/proto.hpp | 2 +- 7 files changed, 363 insertions(+), 2 deletions(-) create mode 100644 mac/.gitignore create mode 100644 mac/ovpn3-core/ovpn3-core.xcodeproj/project.pbxproj create mode 100644 mac/ovpn3-core/ovpn3-core.xcodeproj/project.xcworkspace/contents.xcworkspacedata diff --git a/deps/functions.sh b/deps/functions.sh index 65dadb6..7890445 100644 --- a/deps/functions.sh +++ b/deps/functions.sh @@ -1,7 +1,7 @@ function check_download() { if [ -f $DL/$FNAME ]; then - CHECK=$(sha256sum $DL/$FNAME |awk '{printf $1};') + CHECK=$(shasum -a 256 $DL/$FNAME |awk '{printf $1};') if [ "$CHECK" == "$CSUM" ]; then return 0 else diff --git a/mac/.gitignore b/mac/.gitignore new file mode 100644 index 0000000..14ce7f3 --- /dev/null +++ b/mac/.gitignore @@ -0,0 +1 @@ +**/xcuserdata/ diff --git a/mac/ovpn3-core/ovpn3-core.xcodeproj/project.pbxproj b/mac/ovpn3-core/ovpn3-core.xcodeproj/project.pbxproj new file mode 100644 index 0000000..642a62b --- /dev/null +++ b/mac/ovpn3-core/ovpn3-core.xcodeproj/project.pbxproj @@ -0,0 +1,326 @@ +// !$*UTF8*$! +{ + archiveVersion = 1; + classes = { + }; + objectVersion = 48; + objects = { + +/* Begin PBXBuildFile section */ + DF380AE2201F0A2F0003272D /* cli.cpp in Sources */ = {isa = PBXBuildFile; fileRef = DF380AE1201F0A2F0003272D /* cli.cpp */; }; + DF380AE5201F0D4F0003272D /* CoreFoundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = DF380AE4201F0D4F0003272D /* CoreFoundation.framework */; }; + DF380AE7201F0D910003272D /* SystemConfiguration.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = DF380AE6201F0D910003272D /* SystemConfiguration.framework */; }; + DF380AE9201F0DB80003272D /* IOKit.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = DF380AE8201F0DB80003272D /* IOKit.framework */; }; + DF380AEB201F0DDC0003272D /* CoreServices.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = DF380AEA201F0DDC0003272D /* CoreServices.framework */; }; + DF380AED201F0E0E0003272D /* libmbedtls.a in Frameworks */ = {isa = PBXBuildFile; fileRef = DF380AEC201F0E0E0003272D /* libmbedtls.a */; }; +/* End PBXBuildFile section */ + +/* Begin PBXCopyFilesBuildPhase section */ + DF380AD4201F07AE0003272D /* CopyFiles */ = { + isa = PBXCopyFilesBuildPhase; + buildActionMask = 2147483647; + dstPath = /usr/share/man/man1/; + dstSubfolderSpec = 0; + files = ( + ); + runOnlyForDeploymentPostprocessing = 1; + }; +/* End PBXCopyFilesBuildPhase section */ + +/* Begin PBXFileReference section */ + DF380AD6201F07AE0003272D /* ovpn3-core */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = "ovpn3-core"; sourceTree = BUILT_PRODUCTS_DIR; }; + DF380AE0201F09B70003272D /* openvpn */ = {isa = PBXFileReference; lastKnownFileType = folder; name = openvpn; path = ../../../openvpn; sourceTree = ""; }; + DF380AE1201F0A2F0003272D /* cli.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = cli.cpp; path = ../../../test/ovpncli/cli.cpp; sourceTree = ""; }; + DF380AE4201F0D4F0003272D /* CoreFoundation.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = CoreFoundation.framework; path = System/Library/Frameworks/CoreFoundation.framework; sourceTree = SDKROOT; }; + DF380AE6201F0D910003272D /* SystemConfiguration.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = SystemConfiguration.framework; path = System/Library/Frameworks/SystemConfiguration.framework; sourceTree = SDKROOT; }; + DF380AE8201F0DB80003272D /* IOKit.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = IOKit.framework; path = System/Library/Frameworks/IOKit.framework; sourceTree = SDKROOT; }; + DF380AEA201F0DDC0003272D /* CoreServices.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = CoreServices.framework; path = System/Library/Frameworks/CoreServices.framework; sourceTree = SDKROOT; }; + DF380AEC201F0E0E0003272D /* libmbedtls.a */ = {isa = PBXFileReference; lastKnownFileType = archive.ar; name = libmbedtls.a; path = "../../../deps/mbedtls/mbedtls-osx/library/libmbedtls.a"; sourceTree = ""; }; +/* End PBXFileReference section */ + +/* Begin PBXFrameworksBuildPhase section */ + DF380AD3201F07AE0003272D /* Frameworks */ = { + isa = PBXFrameworksBuildPhase; + buildActionMask = 2147483647; + files = ( + DF380AED201F0E0E0003272D /* libmbedtls.a in Frameworks */, + DF380AEB201F0DDC0003272D /* CoreServices.framework in Frameworks */, + DF380AE9201F0DB80003272D /* IOKit.framework in Frameworks */, + DF380AE7201F0D910003272D /* SystemConfiguration.framework in Frameworks */, + DF380AE5201F0D4F0003272D /* CoreFoundation.framework in Frameworks */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; +/* End PBXFrameworksBuildPhase section */ + +/* Begin PBXGroup section */ + DF380ACD201F07AE0003272D = { + isa = PBXGroup; + children = ( + DF380AD8201F07AE0003272D /* ovpn3-core */, + DF380AD7201F07AE0003272D /* Products */, + DF380AE3201F0D4F0003272D /* Frameworks */, + ); + sourceTree = ""; + }; + DF380AD7201F07AE0003272D /* Products */ = { + isa = PBXGroup; + children = ( + DF380AD6201F07AE0003272D /* ovpn3-core */, + ); + name = Products; + sourceTree = ""; + }; + DF380AD8201F07AE0003272D /* ovpn3-core */ = { + isa = PBXGroup; + children = ( + DF380AE1201F0A2F0003272D /* cli.cpp */, + DF380AE0201F09B70003272D /* openvpn */, + ); + path = "ovpn3-core"; + sourceTree = ""; + }; + DF380AE3201F0D4F0003272D /* Frameworks */ = { + isa = PBXGroup; + children = ( + DF380AEC201F0E0E0003272D /* libmbedtls.a */, + DF380AEA201F0DDC0003272D /* CoreServices.framework */, + DF380AE8201F0DB80003272D /* IOKit.framework */, + DF380AE6201F0D910003272D /* SystemConfiguration.framework */, + DF380AE4201F0D4F0003272D /* CoreFoundation.framework */, + ); + name = Frameworks; + sourceTree = ""; + }; +/* End PBXGroup section */ + +/* Begin PBXNativeTarget section */ + DF380AD5201F07AE0003272D /* ovpn3-core */ = { + isa = PBXNativeTarget; + buildConfigurationList = DF380ADD201F07AE0003272D /* Build configuration list for PBXNativeTarget "ovpn3-core" */; + buildPhases = ( + DF380AD2201F07AE0003272D /* Sources */, + DF380AD3201F07AE0003272D /* Frameworks */, + DF380AD4201F07AE0003272D /* CopyFiles */, + ); + buildRules = ( + ); + dependencies = ( + ); + name = "ovpn3-core"; + productName = "ovpn3-core"; + productReference = DF380AD6201F07AE0003272D /* ovpn3-core */; + productType = "com.apple.product-type.tool"; + }; +/* End PBXNativeTarget section */ + +/* Begin PBXProject section */ + DF380ACE201F07AE0003272D /* Project object */ = { + isa = PBXProject; + attributes = { + LastUpgradeCheck = 0920; + ORGANIZATIONNAME = "Lev Stipakov"; + TargetAttributes = { + DF380AD5201F07AE0003272D = { + CreatedOnToolsVersion = 9.2; + ProvisioningStyle = Automatic; + }; + }; + }; + buildConfigurationList = DF380AD1201F07AE0003272D /* Build configuration list for PBXProject "ovpn3-core" */; + compatibilityVersion = "Xcode 8.0"; + developmentRegion = en; + hasScannedForEncodings = 0; + knownRegions = ( + en, + ); + mainGroup = DF380ACD201F07AE0003272D; + productRefGroup = DF380AD7201F07AE0003272D /* Products */; + projectDirPath = ""; + projectRoot = ""; + targets = ( + DF380AD5201F07AE0003272D /* ovpn3-core */, + ); + }; +/* End PBXProject section */ + +/* Begin PBXSourcesBuildPhase section */ + DF380AD2201F07AE0003272D /* Sources */ = { + isa = PBXSourcesBuildPhase; + buildActionMask = 2147483647; + files = ( + DF380AE2201F0A2F0003272D /* cli.cpp in Sources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; +/* End PBXSourcesBuildPhase section */ + +/* Begin XCBuildConfiguration section */ + DF380ADB201F07AE0003272D /* Debug */ = { + isa = XCBuildConfiguration; + buildSettings = { + ALWAYS_SEARCH_USER_PATHS = NO; + CLANG_ANALYZER_NONNULL = YES; + CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE; + CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; + CLANG_CXX_LIBRARY = "libc++"; + CLANG_ENABLE_MODULES = YES; + CLANG_ENABLE_OBJC_ARC = YES; + CLANG_WARN_BLOCK_CAPTURE_AUTORELEASING = YES; + CLANG_WARN_BOOL_CONVERSION = YES; + CLANG_WARN_COMMA = YES; + CLANG_WARN_CONSTANT_CONVERSION = YES; + CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR; + CLANG_WARN_DOCUMENTATION_COMMENTS = YES; + CLANG_WARN_EMPTY_BODY = YES; + CLANG_WARN_ENUM_CONVERSION = YES; + CLANG_WARN_INFINITE_RECURSION = YES; + CLANG_WARN_INT_CONVERSION = YES; + CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES; + CLANG_WARN_OBJC_LITERAL_CONVERSION = YES; + CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR; + CLANG_WARN_RANGE_LOOP_ANALYSIS = YES; + CLANG_WARN_STRICT_PROTOTYPES = YES; + CLANG_WARN_SUSPICIOUS_MOVE = YES; + CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; + CLANG_WARN_UNREACHABLE_CODE = YES; + CLANG_WARN__DUPLICATE_METHOD_MATCH = YES; + CODE_SIGN_IDENTITY = "-"; + COPY_PHASE_STRIP = NO; + DEBUG_INFORMATION_FORMAT = dwarf; + ENABLE_STRICT_OBJC_MSGSEND = YES; + ENABLE_TESTABILITY = YES; + GCC_C_LANGUAGE_STANDARD = gnu11; + GCC_DYNAMIC_NO_PIC = NO; + GCC_NO_COMMON_BLOCKS = YES; + GCC_OPTIMIZATION_LEVEL = 0; + GCC_PREPROCESSOR_DEFINITIONS = ( + "DEBUG=1", + "$(inherited)", + ); + GCC_WARN_64_TO_32_BIT_CONVERSION = YES; + GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR; + GCC_WARN_UNDECLARED_SELECTOR = YES; + GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; + GCC_WARN_UNUSED_FUNCTION = YES; + GCC_WARN_UNUSED_VARIABLE = YES; + MACOSX_DEPLOYMENT_TARGET = 10.13; + MTL_ENABLE_DEBUG_INFO = YES; + ONLY_ACTIVE_ARCH = YES; + SDKROOT = macosx; + }; + name = Debug; + }; + DF380ADC201F07AE0003272D /* Release */ = { + isa = XCBuildConfiguration; + buildSettings = { + ALWAYS_SEARCH_USER_PATHS = NO; + CLANG_ANALYZER_NONNULL = YES; + CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE; + CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; + CLANG_CXX_LIBRARY = "libc++"; + CLANG_ENABLE_MODULES = YES; + CLANG_ENABLE_OBJC_ARC = YES; + CLANG_WARN_BLOCK_CAPTURE_AUTORELEASING = YES; + CLANG_WARN_BOOL_CONVERSION = YES; + CLANG_WARN_COMMA = YES; + CLANG_WARN_CONSTANT_CONVERSION = YES; + CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR; + CLANG_WARN_DOCUMENTATION_COMMENTS = YES; + CLANG_WARN_EMPTY_BODY = YES; + CLANG_WARN_ENUM_CONVERSION = YES; + CLANG_WARN_INFINITE_RECURSION = YES; + CLANG_WARN_INT_CONVERSION = YES; + CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES; + CLANG_WARN_OBJC_LITERAL_CONVERSION = YES; + CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR; + CLANG_WARN_RANGE_LOOP_ANALYSIS = YES; + CLANG_WARN_STRICT_PROTOTYPES = YES; + CLANG_WARN_SUSPICIOUS_MOVE = YES; + CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; + CLANG_WARN_UNREACHABLE_CODE = YES; + CLANG_WARN__DUPLICATE_METHOD_MATCH = YES; + CODE_SIGN_IDENTITY = "-"; + COPY_PHASE_STRIP = NO; + DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; + ENABLE_NS_ASSERTIONS = NO; + ENABLE_STRICT_OBJC_MSGSEND = YES; + GCC_C_LANGUAGE_STANDARD = gnu11; + GCC_NO_COMMON_BLOCKS = YES; + GCC_WARN_64_TO_32_BIT_CONVERSION = YES; + GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR; + GCC_WARN_UNDECLARED_SELECTOR = YES; + GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; + GCC_WARN_UNUSED_FUNCTION = YES; + GCC_WARN_UNUSED_VARIABLE = YES; + MACOSX_DEPLOYMENT_TARGET = 10.13; + MTL_ENABLE_DEBUG_INFO = NO; + SDKROOT = macosx; + }; + name = Release; + }; + DF380ADE201F07AE0003272D /* Debug */ = { + isa = XCBuildConfiguration; + buildSettings = { + CODE_SIGN_STYLE = Automatic; + GCC_PREPROCESSOR_DEFINITIONS = ( + USE_ASIO, + ASIO_STANDALONE, + USE_MBEDTLS, + ); + HEADER_SEARCH_PATHS = ( + "\"$(SRCROOT)/../..\"", + "\"$(SRCROOT)/../../../deps/asio/asio/include\"", + "\"$(SRCROOT)/../../../deps/mbedtls/mbedtls-osx/include\"", + ); + LIBRARY_SEARCH_PATHS = "\"$(SRCROOT)/../../../deps/mbedtls/mbedtls-osx/library\""; + PRODUCT_NAME = "$(TARGET_NAME)"; + STRINGS_FILE_OUTPUT_ENCODING = "UTF-8"; + }; + name = Debug; + }; + DF380ADF201F07AE0003272D /* Release */ = { + isa = XCBuildConfiguration; + buildSettings = { + CODE_SIGN_STYLE = Automatic; + GCC_PREPROCESSOR_DEFINITIONS = ( + USE_ASIO, + ASIO_STANDALONE, + USE_MBEDTLS, + ); + HEADER_SEARCH_PATHS = ( + "\"$(SRCROOT)/../..\"", + "\"$(SRCROOT)/../../../deps/asio/asio/include\"", + "\"$(SRCROOT)/../../../deps/mbedtls/mbedtls-osx/include\"", + ); + LIBRARY_SEARCH_PATHS = "\"$(SRCROOT)/../../../deps/mbedtls/mbedtls-osx/library\""; + PRODUCT_NAME = "$(TARGET_NAME)"; + STRINGS_FILE_OUTPUT_ENCODING = "UTF-8"; + }; + name = Release; + }; +/* End XCBuildConfiguration section */ + +/* Begin XCConfigurationList section */ + DF380AD1201F07AE0003272D /* Build configuration list for PBXProject "ovpn3-core" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + DF380ADB201F07AE0003272D /* Debug */, + DF380ADC201F07AE0003272D /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; + DF380ADD201F07AE0003272D /* Build configuration list for PBXNativeTarget "ovpn3-core" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + DF380ADE201F07AE0003272D /* Debug */, + DF380ADF201F07AE0003272D /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; +/* End XCConfigurationList section */ + }; + rootObject = DF380ACE201F07AE0003272D /* Project object */; +} diff --git a/mac/ovpn3-core/ovpn3-core.xcodeproj/project.xcworkspace/contents.xcworkspacedata b/mac/ovpn3-core/ovpn3-core.xcodeproj/project.xcworkspace/contents.xcworkspacedata new file mode 100644 index 0000000..1595398 --- /dev/null +++ b/mac/ovpn3-core/ovpn3-core.xcodeproj/project.xcworkspace/contents.xcworkspacedata @@ -0,0 +1,7 @@ + + + + + diff --git a/openvpn/mbedtls/ssl/sslctx.hpp b/openvpn/mbedtls/ssl/sslctx.hpp index 9ad8c88..897e0bb 100644 --- a/openvpn/mbedtls/ssl/sslctx.hpp +++ b/openvpn/mbedtls/ssl/sslctx.hpp @@ -85,16 +85,24 @@ namespace openvpn { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, + /* Selected AES-128 ephemeral suites */ MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, + /* Selected remaining >= 128-bit ephemeral suites */ MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, + /* Selected AES-256 suites */ MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, @@ -103,6 +111,10 @@ namespace openvpn { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, + MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, + MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, + MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, + /* Selected AES-128 suites */ MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, @@ -111,10 +123,16 @@ namespace openvpn { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, + MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, + MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, + MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, + /* Selected remaining >= 128-bit suites */ MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, + 0 }; diff --git a/openvpn/netconf/hwaddr.hpp b/openvpn/netconf/hwaddr.hpp index b2b2e60..f7b8435 100644 --- a/openvpn/netconf/hwaddr.hpp +++ b/openvpn/netconf/hwaddr.hpp @@ -33,6 +33,8 @@ #include #elif defined(OPENVPN_PLATFORM_MAC) #include +#elif defined(TARGET_OS_IPHONE) +#include #endif namespace openvpn { @@ -57,6 +59,13 @@ namespace openvpn { const MACAddr& mac = gw.hwaddr(); return mac.to_string(); } +#elif defined(TARGET_OS_IPHONE) + // as reported at https://developer.apple.com/library/content/releasenotes/General/WhatsNewIniOS/Articles/iOS7.html#//apple_ref/doc/uid/TP40013162-SW34 + // we can't get the MAC address from iOS for privacy reasons, but we can + // use the UUID as unique identifier. It is unique among the App domain, + // meaning that a different app will get a different UUID from this call + const NSString *uuid = [[[UIDevice currentDevice] identifierForVendor] UUIDString]; + return std::string([uuid UTF8String]); #endif return std::string(); } diff --git a/openvpn/ssl/proto.hpp b/openvpn/ssl/proto.hpp index 8f096e5..2f0d482 100644 --- a/openvpn/ssl/proto.hpp +++ b/openvpn/ssl/proto.hpp @@ -687,7 +687,7 @@ namespace openvpn { out << ',' << compstr; } - if (key_direction >= 0) + if (tls_auth_context && (key_direction >= 0)) out << ",keydir " << key_direction; out << ",cipher " << CryptoAlgs::name(dc.cipher(), "[null-cipher]");