github/OpenVPNAdapter
4
0
Fork 0
mirror of https://github.com/deneraraujo/OpenVPNAdapter.git synced 2026-02-11 00:00:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

Squashed 'OpenVPN Adapter/Vendors/openvpn/' changes from 4095565..3e002c8

Browse Source 
3e002c8 remove unused Jenkinsfile
16b1055 [OVPN3-140] Update company names in copyrights
6caca2c [OVPN3-140] Relicense back to AGPLv3
4f9ae74 cliproto: react to tls_warnings
546547b Proto: export tls_warnings attribute from SSL session
7cbaa26 SSLAPI: add tls_warning attribute
7ed93a3 clievent: add Warn event class
7a71ba1 win: get 'arch' param value from environment
61bb21b win: make parameter optional
15d66c4 [OVPN3-141] win: disable WPO
97d9c28 [OU-15] mbedtls: remove duplicated code
95aec32 [OU-15] mbedtls: refactor X509Cert to allow reuse der2pem
946753e [OVPN3-135] Win: remove unneeded default route
d7f8c47 nrpt: create separate policy per dns suffix
577b5ca cli.cpp: fix typ0 in define
fc8f89d [OVPN3-129] android: ensure all SWIG files are archived and saved
e143bc0 [OVPN3-129] android: improve build system in order to perform full build
06d23ec [OVPN3-129] build-system: let scripts download dependencies
76bb99c fix usage of to_string() in Android
44c183a time: mute type conversion warnings for UWP client
7d7490c transport: enable socket protect call for UWP
1c003ac transport: pass protocol type to external factory
c0de92c transport: add stop_requeueing method
e2c60c8 android: build core library with MD5 support
3928069 [OVPN3-119] mbedTLS: create INSECURE profile including MD5
4f99310 remove function accidentally duplicated by last merge
b91d841 self-test: add missing includes
19e33c4 [OA-14] mbedTLS: relax x509 date/time format check
f3cf645 [OVPN3-116] disable SSL_CBC_RECORD_SPLITTING
fca9ed2 [OVPN3-105] ParseClientConfig: avoid crash when not all key material is provided
7299fef [OC-42] Android: specify API level on command line
d3da3df android: build client lib for x86 (for emulator)
8e501c5 Update version for mbedTLS and lz4
e57676e ParseClientConfig: export config to json format
9aa715f ParseClientConfig: export configuration to ovpn file format
1eab4cb ParseClientConfig: add helper constructor
71a59e4 ParseClientConfig: store the entire ovpn profile
e0bb85a Transport: convert from transport protocol to config string
2fe56c3 Compress: convert from ctx type to config string
174ee25 OpenSSL: implement stub methods for new private_key_type/length() SSLAPIs
3d57708 mbedTLS: implement private_key_type/length() API
a3210f0 SSLAPI: add private_key_type/length() getter methods
8ffe888 OpenSSL: implement stub methods for new extract_* SSLAPIs
16e9160 mbedTLS: implement extended API for key material extraction
fe3d519 SSLAPI: extend API with methods to extract key material
2b4c850 Debugging: added header and build flag for valgrind run-time extensions.
b948cde ManClientInstance::Factory: added virtual stop() method.
121e975 client API: added portOverride
106981c JSON: allow alternative JSON library implementations
f206ae2 logging: added logdatetime.hpp which prepends date/time to log lines
49e933d Time: added to_double, delta_float, and delta_str methods
569b1da daemon.hpp: added class WritePid for managing pid files
63e9e04 ClientProto: reset CoarseTime object when AsioTimer is canceled
f64b501 Cleanup: allow functor to be passed by value.
ebe2560 RunContext: add configurable exit via EXIT_IN env var for debugging
1fbff4f tls-crypt: revised server-side validate_initial_packet() methods to use a BufferAllocated rather than a Buffer.
0090c51 SSLConst: added new ssl_flags() method which filters out non-ssl flags from given argument.
8379b0a CryptoDCInstance: added new RekeyType PRIMARY_SECONDARY_SWAP and use it in ProtoContext::promote_secondary_to_primary() since it more accurately reflects the underlying implementation.
18f45c2 ManClientInstance::Send: added AuthStatus::Type parameter to disconnect_user() method.
4bba803 Listen::List: added expand_ports() method.
5122e7d Listen::List: in port_offset(), set n_threads to 0 since number-of-threads data for port_offset items isn't really relevant.
4e11a6c StaticKey: added render_to_base64() and init_from_rng() methods.
190ece9 CryptoAlgs: added mode() method.
76e65cf CryptoAlgs: added AEAD_NONCE_TAIL_SIZE constant (set to 8 bytes) to represent the size in bytes of AEAD "nonce tail" normally taken from the HMAC key material.
2738718 compress: added method_to_string() method, i.e. the inverse of parse_method().
7b47f99 compress: since parse_method() performs a linear search on method, reorder so that more frequently used methods appear at the top of the list.
b428f74 library: added integer is_pow2() and log2() methods based on efficient __builtin_ffs and __builtin_clz intrinsics.
4926011 Android: adapt toolchain scripts to new SDK and move to API 26
ad4e995 mbedTLS: use mbedtls API to initialize cert object
908c611 transport: use socket_protect to communicate socket handle on UWP
92a6216 build win: read certain params from env
8166ea8 common: define uwp platform macro
0186bf6 common: report platform name as "uwp"
3f291b0 netconf: disable getting hwaddr for UWP
6365d26 transport: external factory
2ffa0c9 transport: synchronous DNS lookup
2c09c7c cliconnect.hpp: support for AsioWork always on
4f5a04d rand.hpp: allow external entropy source
b19c5da time.hpp: use GetTickCount64 on Vista and newer
712ccfc android: export DEP_DIR via vars files only if not already defined
1b5a784 asio: make sure to switch to DEP_DIR before building
4302651 changes to support android building
6f56b2b Merge pull request #21 from OpenVPN/make_test_proto_deterministic
3a5ef2b travis-ci: make testing binary deterministic
b76882d mbedtls: fix typ0 in exception message
40065a6 avoid "uninitialized variable warning"
f33e7c2 [OVPN3-5] tls-crypt: add tls-crypt support in proto.hpp test unit
74c5f4f [OVPN3-5] tls-crypt: introduce tls-crypt support
389353c proto.cpp: uninit process at the end of the execution
56a831f [OVPN3-5] crypto/ssl: add support for AES-256-CTR
7cbf539 [OVPN3-5] build script: allow user to specify its own mbedTLS folder and LDFLAGS
8ae2a3f Integrate Google Test framework
68ae101 Add swig build to jenkins pipeline
d496311 ovpncli.hpp: inline LogInfo constructor for clarity
96e0d89 Revert "Merged in OVPN3-21-prepend-log-record-with-unique- (pull request #7)"
7db95cc Make build fail on compilation errors
860129a TunBuilderCapture: make (to|from)_json methods public
2486494 random: added helper class Rand2 containing a crypto and non-crypto RNG
04175c2 appversion.hpp: Stringize VERSION -> MY_VERSION
81cb887 build script: added DPROF=1 flag
a3dd47f timestr.hpp: moved milliseconds_since_epoch() to time/epoch.hpp
59b9492 sslchoose.hpp: added SSL_LIB_NAME
8fcb797 ProtoContext::KeyContext::raw_recv() : fix state transition
e49e993 ProtoContext: comment edit
1d941aa VPNServerNetblock::Netblock refactor
7190495 Server-side renamings to break up long class names using namespaces.
3f74ec1 Listen::List: minor changes
79c789b RandomAPI: comment edit
5b5af36 Added SSLConst::SERVER_TO_SERVER flag
fe00df4 OpenSSLContext::Config::set_rng: call assert_crypto()
3ae0076 In sslchoose.hpp, move OPENVPN_LOG_SSL macro to new file ssllog.hpp
1502cf6 URL::Parse: made is_valid_uri_char() standalone and moved to validate_uri.hpp
2dcb189 Added HTTP::Status::SwitchingProtocols constant
2f57024 HTTP::HeaderList: added get_value_trim_lower() method
bee94d2 HTTP::HeaderList: get_value() and get_value_trim() should return std::string instead of const std::string
5debab1 Frame::Context: #define OPENVPN_NO_IO to allow building without i/o layer
faf8f8f StaticKey: added parse_from_base64() method
d11f250 HashString: added final_base64() method
c373bf8 CompressContext: use C++11 member initialization and remove explicit attribute on constructor
bd75cd7 RCPtr: added operator==() and operator!=() methods
7be33c5 PThreadBarrier: fixed incorrect comment
6f5f77b Link: use move semantics
17a5d89 inotify.hpp: no longer used
8ce39fc added render_hex() and render_hex_sep() methods that accept void* data
ddc8e8a Function: use std::forward
76ee587 write_binary_atomic(): added tmpdir (temporary directory) parameter
f366d55 base64: encode() now accepts void* data
462fe90 BufferType: added read(), write(), and prepend() variants that accept void* data
9ad1be4 IP::RouteType: added host_bits() method
3ebc8c7 IPv[46]::Addr::to_sockaddr() now accepts optional port number
ce0977b Support Cityhash.
fdbb0b9 IP::Addr: added validate_prefix_len()
25146d8 IP::Addr::from_ipv[4|6](): use move semantics
a264f99 Merge pull request #20 from OpenVPN/fix_travis_ci_coverity
966e212 travis: don't mess up the SSL libs for wget/curl
2b8f09d Merge pull request #19 from OpenVPN/antonio/travis-ci-to-coverity
127cbb0 travis.yml: send build to Coverity SCAN when building master
2bca49b Merge pull request #15 from OpenVPN/antonio/travis-ci
a5ce566 add basic support for Travis CI
f9b14e9 macOS: add basic logging support
2b9188d Remotelist: pass meaningful port value to resolve::async_resolve()
4ebdbd0 Merged in OVPN3-38-improve-jenkins-pipeline-script (pull request #8)
832cf7f Report build status to Bitbucket
62423c9 Merged in OVPN3-21-prepend-log-record-with-unique- (pull request #7)
cce2455 Prepend log string with unique reference.
f26b08b Merged in OVPN3-25-pipeline-build (pull request #4)
dc5ff1f Add OpenSSL version building.
c77e1d6 Add pipeline script for multiplatform build.
4fab9b0 Merged in OVPN3-18-vs-project (pull request #2)
8eb0d6c Add Visual Studio project info to README
67c4989 Visual Studio 2015 solution and project files
52bfcd3 Merged in OVPN3-17 (pull request #1)
5f648ce Document Windows build process
3213c48 Support for local build settings
b3ec01b Support for gpl version of mbedtls
903abc8 Support for zipballs
4029579 AsioPolySock: support bind to local address.
1e85566 Use openvpn::strerror_str() instead of std::strerror().
3ba37fc OpenVPN 3 client: added OPENVPN_OVPNCLI_ASYNC_SETUP flag.

git-subtree-dir: OpenVPN Adapter/Vendors/openvpn
git-subtree-split: 3e002c83ce2e9f9f40ddcee750d3cfa664238abe
This commit is contained in:
Sergey Abramchuk
2018-01-08 11:44:56 +03:00
parent 9b95600d06
commit 82fea30fcc
437 changed files with 7377 additions and 2864 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@@ -1 +1,4 @@
README.html
x64
*.vcxproj.user
*.ipch

60
.travis.yml Normal file
View File

@@ -0,0 +1,60 @@
dist: trusty
os: linux
language: cpp
env:
global:
- secure: "dqiLqbzug/xs6F4Q9ei1pGpNf9Q6H3+iKN1W+P0TtODbCXPr/mLWdvHGVMIMqr7H7rBrIUPFPrfqd80nu3jQuQonjcHK/XyJJfmf5hUdhGAszSaixhWnGfVmn/VSV7/5+9DGAU3l9S6YZg4lvi12+cOrlblNgx8GeI5VdN/6HBSHkEqKNI56qn3Y+ugSdLeL1opmzlY58vRsCCmpBH8Ronn4tmSyi85/WZXfF43o9FGGJcygdh6QVWA1CDdNMeLTCt9ld+oToUIiFLiUrhfS1JpSvzysz2xsuEntxZaTMDYPyL4+O8Mj/scl6ejLLXzxTNa7AZOgySLBahf+F4b+yhL1deSVuu40MfxPW6XiM1jKy3KPH/GlYgM8CZQ3D1hQIq1CIUg8DgnTa06RUzevsR5DqDvz+EcPanFHE7dHGrPy9Rs/0y59dNHp3qWKjWMoSA06GerbF61XFOb4mcE29053kV8uxqIa5ZShZ/ndoLeVpQ4mZ+/XSkUybysVl0gWrKnnNNEPtqrdmKf+jlmKY0jyRPdwf425Ldn+wcbGw9ZEnkosYzqAhDBDX4OETAKLi8G0FEYECKKQcd1OX+HNvsOIyOAoLOj7H30F8UkPsjR3ysdIEmc6702ly06gDYjWmwQaCigL/1ktRKgf7ePB0HS+8fOa5SML7619kQrGrWA="
- PREFIX="${HOME}/opt"
- ASIO_VERSION="862aed305dcf91387535519c9549c17630339a12"
- LZ4_VERSION="1.7.5"
- MBEDTLS_VERSION="2.5.1"
- MBEDTLS_CFLAGS="-I${PREFIX}/include"
- MBEDTLS_LIBS="-lmbedtls -lmbedx509 -lmbedcrypto"
- OPENSSL_VERSION="1.0.2l"
- OPENSSL_CFLAGS="-I${PREFIX}/include"
- OPENSSL_LIBS="-lssl -lcrypto"
- COVERITY_BRANCH="master"
matrix:
include:
- env: SSLLIB="openssl"
os: osx
osx_image: xcode8.3
compiler: clang
- env: SSLLIB="mbedtls"
os: osx
osx_image: xcode8.3
compiler: clang
- env: SSLLIB="openssl" RUN_COVERITY_SCAN="1"
os: linux
compiler: gcc
- env: SSLLIB="openssl"
os: linux
compiler: clang
- env: SSLLIB="mbedtls"
os: linux
compiler: gcc
- env: SSLLIB="mbedtls"
os: linux
compiler: clang
addons:
apt:
packages:
- libboost-all-dev
- linux-libc-dev
cache:
ccache: true
directories:
- download-cache
- ${HOME}/opt
install:
- .travis/build-deps.sh
script:
- .travis/build-check.sh

75
.travis/build-check.sh Executable file
View File

@@ -0,0 +1,75 @@
#!/bin/sh
set -eux
PREFIX="${PREFIX:-${HOME}/opt}"
RUN_COVERITY_SCAN="${RUN_COVERITY_SCAN:-0}"
if [ "${TRAVIS_OS_NAME}" = "linux" ]; then
export LD_LIBRARY_PATH="${PREFIX}/lib:${LD_LIBRARY_PATH:-}"
fi
if [ "${TRAVIS_OS_NAME}" = "osx" ]; then
export DYLD_LIBRARY_PATH="${PREFIX}/lib:${DYLD_LIBRARY_PATH:-}"
fi
if [ "${SSLLIB}" = "openssl" ]; then
SSL_LIBS="${OPENSSL_LIBS}"
SSL_CFLAGS="-DUSE_OPENSSL"
elif [ "${SSLLIB}" = "mbedtls" ]; then
SSL_LIBS="${MBEDTLS_LIBS}"
SSL_CFLAGS="-DUSE_MBEDTLS"
else
echo "Invalid crypto lib: ${SSLLIB}"
exit 1
fi
LIBS="${SSL_LIBS} -llz4"
CXXFLAGS="-O3 -std=c++11 -Wall -pthread \
-DOPENVPN_SHOW_SESSION_TOKEN -DHAVE_LZ4 \
-DUSE_ASIO -DASIO_STANDALONE -DASIO_NO_DEPRECATED ${SSL_CFLAGS}"
if [[ "${CC}" == "gcc"* ]]; then
CXXFLAGS="${CXXFLAGS} -fwhole-program -flto=4"
fi
INCLUDEDIRS="-I../../asio/asio/include -I${PREFIX}/include -I../../"
LDFLAGS="-L${PREFIX}/lib"
if [ "${TRAVIS_OS_NAME}" = "linux" ]; then
LDFLAGS="${LDFLAGS} -Wl,--no-as-needed"
fi
if [ "${TRAVIS_OS_NAME}" = "osx" ]; then
CXXFLAGS="${CXXFLAGS} -stdlib=libc++ -arch x86_64"
LIBS="${LIBS} -framework Security \
-framework CoreFoundation \
-framework SystemConfiguration \
-framework IOKit \
-framework ApplicationServices"
fi
(
cd test/ovpncli
${CXX} ${CXXFLAGS} ${INCLUDEDIRS} ${LDFLAGS} cli.cpp -o cli ${LIBS}
)
(
cd test/ssl
${CXX} ${CXXFLAGS} -DNOERR ${INCLUDEDIRS} ${LDFLAGS} proto.cpp -o proto ${LIBS}
./proto
)
if [ "${RUN_COVERITY_SCAN}" = "1" -a "${TRAVIS_BRANCH}" = "${COVERITY_BRANCH}" ]; then
unset LD_LIBRARY_PATH #don't mess up SSL for curl/wget
export COVERITY_SCAN_PROJECT_NAME="OpenVPN/openvpn3"
export COVERITY_SCAN_BRANCH_PATTERN="${COVERITY_BRANCH}"
export COVERITY_SCAN_NOTIFICATION_EMAIL="scan-reports@openvpn.net"
export COVERITY_SCAN_BUILD_COMMAND_PREPEND="cd test/ssl"
export COVERITY_SCAN_BUILD_COMMAND="${CXX} ${CXXFLAGS} ${INCLUDEDIRS} \
${LDFLAGS} proto.cpp -o proto ${LIBS}"
# Ignore exit code, script exits with 1 if we're not on the right branch
curl -s "https://scan.coverity.com/scripts/travisci_build_coverity_scan.sh" | bash || true
fi

133
.travis/build-deps.sh Executable file
View File

@@ -0,0 +1,133 @@
#!/bin/sh
set -eux
# Set defaults
PREFIX="${PREFIX:-${HOME}/opt}"
download_asio () {
if [ ! -d "download-cache/asio" ]; then
git clone https://github.com/chriskohlhoff/asio.git \
download-cache/asio
else
(
cd download-cache/asio
if [ "$(git log -1 --format=%H)" != "${ASIO_VERSION}" ]; then
git checkout master
git pull
git checkout ${ASIO_VERSION}
fi
)
fi
}
build_asio () {
(
if [ ! -L asio ]; then
rm -Rf asio
ln -s download-cache/asio asio
fi
)
}
download_lz4 () {
if [ ! -f "download-cache/lz4-${LZ4_VERSION}.tar.gz" ]; then
wget "https://github.com/lz4/lz4/archive/v${LZ4_VERSION}.tar.gz" \
-O download-cache/lz4-${LZ4_VERSION}.tar.gz
fi
}
build_lz4 () {
if [ "$(cat ${PREFIX}/.lz4-version)" != "${LZ4_VERSION}" ]; then
tar zxf download-cache/lz4-${LZ4_VERSION}.tar.gz
(
cd "lz4-${LZ4_VERSION}"
make default CC=$CC CXX=$CXX
make install PREFIX="${PREFIX}"
)
echo "${LZ4_VERSION}" > "${PREFIX}/.lz4-version"
fi
}
download_mbedtls () {
if [ ! -f "download-cache/mbedtls-${MBEDTLS_VERSION}-apache.tgz" ]; then
wget -P download-cache/ \
"https://tls.mbed.org/download/mbedtls-${MBEDTLS_VERSION}-apache.tgz"
fi
}
build_mbedtls () {
if [ "$(cat ${PREFIX}/.mbedtls-version)" != "${MBEDTLS_VERSION}" ]; then
tar zxf download-cache/mbedtls-${MBEDTLS_VERSION}-apache.tgz
(
cd "mbedtls-${MBEDTLS_VERSION}"
make CC=$CC CXX=$CXX
make install DESTDIR="${PREFIX}"
)
echo "${MBEDTLS_VERSION}" > "${PREFIX}/.mbedtls-version"
fi
}
download_openssl () {
if [ ! -f "download-cache/openssl-${OPENSSL_VERSION}.tar.gz" ]; then
wget -P download-cache/ \
"https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz"
fi
}
build_openssl_linux () {
(
cd "openssl-${OPENSSL_VERSION}/"
./config shared --prefix="${PREFIX}" --openssldir="${PREFIX}" -DPURIFY
make all install_sw
)
}
build_openssl_osx () {
(
cd "openssl-${OPENSSL_VERSION}/"
./Configure darwin64-x86_64-cc shared \
--prefix="${PREFIX}" --openssldir="${PREFIX}" -DPURIFY
make depend all install_sw
)
}
build_openssl () {
if [ "$(cat ${PREFIX}/.openssl-version)" != "${OPENSSL_VERSION}" ]; then
tar zxf "download-cache/openssl-${OPENSSL_VERSION}.tar.gz"
if [ "${TRAVIS_OS_NAME}" = "osx" ]; then
build_openssl_osx
elif [ "${TRAVIS_OS_NAME}" = "linux" ]; then
build_openssl_linux
fi
echo "${OPENSSL_VERSION}" > "${PREFIX}/.openssl-version"
fi
}
# Enable ccache
if [ "${TRAVIS_OS_NAME}" != "osx" ] && [ -z ${CHOST+x} ]; then
# ccache not available on osx, see:
# https://github.com/travis-ci/travis-ci/issues/5567
# also ccache not enabled for cross builds
mkdir -p "${HOME}/bin"
ln -s "$(which ccache)" "${HOME}/bin/${CXX}"
ln -s "$(which ccache)" "${HOME}/bin/${CC}"
PATH="${HOME}/bin:${PATH}"
fi
# Download and build crypto lib
if [ "${SSLLIB}" = "openssl" ]; then
download_openssl
build_openssl
elif [ "${SSLLIB}" = "mbedtls" ]; then
download_mbedtls
build_mbedtls
else
echo "Invalid crypto lib: ${SSLLIB}"
exit 1
fi
download_asio
build_asio
download_lz4
build_lz4

24
CLA.rst
View File

@@ -1,5 +1,5 @@
Contributor agreement for the OpenVPN project version 1.2 - March 2017
########################################################################
Contributor agreement for the OpenVPN project version 1.3 - December 2017
#########################################################################
This Contributor Agreement consists of two parts. Part I is the
Developer Certificate of Origin available at
@@ -8,7 +8,7 @@ http://developercertificate.org/.
In this contributor agreement, "This project" refers to the OpenVPN
project and
"open source license indicated in `the file <LICENSE.rst>`_" refers to
the GPLv3 license with an additional permission that allows linking
the AGPLv3 license with an additional permission that allows linking
the OpenSSL software, https://www.openssl.org/, with the OpenVPN
software.
@@ -50,16 +50,14 @@ the open source license(s) involved.
Part II
#######
Copyright (C) 2017 OpenVPN Technologies, Inc.
Copyright (C) 2017 OpenVPN Inc.
In addition:
(e) I understand that OpenVPN Technologies, Inc. may relicense this
project, this contribution, and any modification to it under any
license. I certify that I, or the person on whose behalf I am
submitting the contribution, have the right to grant and hereby grant
OpenVPN Technologies, Inc. a license to do so for this
contribution. My grant is made on the condition that OpenVPN
Technologies, Inc. will make any modification to this contribution
available to the OpenVPN project under the open source license
indicated in the file.
(e) I understand that OpenVPN Inc. may relicense this project, this
contribution, and any modification to it under any license. I certify that I,
or the person on whose behalf I am submitting the contribution, have the
right to grant and hereby grant OpenVPN Inc. a license to do so for this
contribution. My grant is made on the condition that OpenVPN Inc. will make
any modification to this contribution available to the OpenVPN project under
the open source license indicated in the file.

141
COPYRIGHT.GPLV3 → COPYRIGHT.AGPLV3
View File

@@ -1,5 +1,5 @@
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
GNU AFFERO GENERAL PUBLIC LICENSE
Version 3, 19 November 2007
Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies
@@ -7,17 +7,15 @@
Preamble
The GNU General Public License is a free, copyleft license for
software and other kinds of works.
The GNU Affero General Public License is a free, copyleft license for
software and other kinds of works, specifically designed to ensure
cooperation with the community in the case of network server software.
The licenses for most software and other practical works are designed
to take away your freedom to share and change the works. By contrast,
the GNU General Public License is intended to guarantee your freedom to
our General Public Licenses are intended to guarantee your freedom to
share and change all versions of a program--to make sure it remains free
software for all its users. We, the Free Software Foundation, use the
GNU General Public License for most of our software; it applies also to
any other work released this way by its authors. You can apply it to
your programs, too.
software for all its users.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
@@ -26,44 +24,34 @@ them if you wish), that you receive source code or can get it if you
want it, that you can change the software or use pieces of it in new
free programs, and that you know you can do these things.
To protect your rights, we need to prevent others from denying you
these rights or asking you to surrender the rights. Therefore, you have
certain responsibilities if you distribute copies of the software, or if
you modify it: responsibilities to respect the freedom of others.
Developers that use our General Public Licenses protect your rights
with two steps: (1) assert copyright on the software, and (2) offer
you this License which gives you legal permission to copy, distribute
and/or modify the software.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must pass on to the recipients the same
freedoms that you received. You must make sure that they, too, receive
or can get the source code. And you must show them these terms so they
know their rights.
A secondary benefit of defending all users' freedom is that
improvements made in alternate versions of the program, if they
receive widespread use, become available for other developers to
incorporate. Many developers of free software are heartened and
encouraged by the resulting cooperation. However, in the case of
software used on network servers, this result may fail to come about.
The GNU General Public License permits making a modified version and
letting the public access it on a server without ever releasing its
source code to the public.
Developers that use the GNU GPL protect your rights with two steps:
(1) assert copyright on the software, and (2) offer you this License
giving you legal permission to copy, distribute and/or modify it.
The GNU Affero General Public License is designed specifically to
ensure that, in such cases, the modified source code becomes available
to the community. It requires the operator of a network server to
provide the source code of the modified version running there to the
users of that server. Therefore, public use of a modified version, on
a publicly accessible server, gives the public access to the source
code of the modified version.
For the developers' and authors' protection, the GPL clearly explains
that there is no warranty for this free software. For both users' and
authors' sake, the GPL requires that modified versions be marked as
changed, so that their problems will not be attributed erroneously to
authors of previous versions.
Some devices are designed to deny users access to install or run
modified versions of the software inside them, although the manufacturer
can do so. This is fundamentally incompatible with the aim of
protecting users' freedom to change the software. The systematic
pattern of such abuse occurs in the area of products for individuals to
use, which is precisely where it is most unacceptable. Therefore, we
have designed this version of the GPL to prohibit the practice for those
products. If such problems arise substantially in other domains, we
stand ready to extend this provision to those domains in future versions
of the GPL, as needed to protect the freedom of users.
Finally, every program is threatened constantly by software patents.
States should not allow patents to restrict development and use of
software on general-purpose computers, but in those that do, we wish to
avoid the special danger that patents applied to a free program could
make it effectively proprietary. To prevent this, the GPL assures that
patents cannot be used to render the program non-free.
An older license, called the Affero General Public License and
published by Affero, was designed to accomplish similar goals. This is
a different license, not a version of the Affero GPL, but Affero has
released a new version of the Affero GPL which permits relicensing under
this license.
The precise terms and conditions for copying, distribution and
modification follow.
@@ -72,7 +60,7 @@ modification follow.
0. Definitions.
"This License" refers to version 3 of the GNU General Public License.
"This License" refers to version 3 of the GNU Affero General Public License.
"Copyright" also means copyright-like laws that apply to other kinds of
works, such as semiconductor masks.
@@ -549,35 +537,45 @@ to collect a royalty for further conveying from those to whom you convey
the Program, the only way you could satisfy both those terms and this
License would be to refrain entirely from conveying the Program.
13. Use with the GNU Affero General Public License.
13. Remote Network Interaction; Use with the GNU General Public License.
Notwithstanding any other provision of this License, if you modify the
Program, your modified version must prominently offer all users
interacting with it remotely through a computer network (if your version
supports such interaction) an opportunity to receive the Corresponding
Source of your version by providing access to the Corresponding Source
from a network server at no charge, through some standard or customary
means of facilitating copying of software. This Corresponding Source
shall include the Corresponding Source for any work covered by version 3
of the GNU General Public License that is incorporated pursuant to the
following paragraph.
Notwithstanding any other provision of this License, you have
permission to link or combine any covered work with a work licensed
under version 3 of the GNU Affero General Public License into a single
under version 3 of the GNU General Public License into a single
combined work, and to convey the resulting work. The terms of this
License will continue to apply to the part which is the covered work,
but the special requirements of the GNU Affero General Public License,
section 13, concerning interaction through a network will apply to the
combination as such.
but the work with which it is combined will remain governed by version
3 of the GNU General Public License.
14. Revised Versions of this License.
The Free Software Foundation may publish revised and/or new versions of
the GNU General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
the GNU Affero General Public License from time to time. Such new versions
will be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the
Program specifies that a certain numbered version of the GNU General
Program specifies that a certain numbered version of the GNU Affero General
Public License "or any later version" applies to it, you have the
option of following the terms and conditions either of that numbered
version or of any later version published by the Free Software
Foundation. If the Program does not specify a version number of the
GNU General Public License, you may choose any version ever published
GNU Affero General Public License, you may choose any version ever published
by the Free Software Foundation.
If the Program specifies that a proxy can decide which future
versions of the GNU General Public License can be used, that proxy's
versions of the GNU Affero General Public License can be used, that proxy's
public statement of acceptance of a version permanently authorizes you
to choose that version for the Program.
@@ -635,40 +633,29 @@ the "copyright" line and a pointer to where the full notice is found.
Copyright (C) <year> <name of author>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
it under the terms of the GNU Affero General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
GNU Affero General Public License for more details.
You should have received a copy of the GNU General Public License
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short
notice like this when it starts in an interactive mode:
<program> Copyright (C) <year> <name of author>
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, your program's commands
might be different; for a GUI interface, you would use an "about box".
If your software can interact with users remotely through a computer
network, you should also make sure that it provides a way for users to
get its source. For example, if your program is a web application, its
interface could display a "Source" link that leads users to an archive
of the code. There are many ways you could offer source, and different
solutions will be better for different programs; see section 13 for the
specific requirements.
You should also get your employer (if you work as a programmer) or school,
if any, to sign a "copyright disclaimer" for the program, if necessary.
For more information on this, and how to apply and follow the GNU GPL, see
For more information on this, and how to apply and follow the GNU AGPL, see
<http://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program
into proprietary programs. If your program is a subroutine library, you
may consider it more useful to permit linking proprietary applications with
the library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License. But first, please read
<http://www.gnu.org/philosophy/why-not-lgpl.html>.

4
LICENSE.rst
View File

@@ -1,10 +1,10 @@
OpenVPN 3 is distributed under
`GNU General Public License version 3 <COPYRIGHT.GPLV3>`_
`GNU Affero General Public License version 3 <COPYRIGHT.AGPLV3>`_
with a special permission to link against OpenSSL:
::
Additional permission under GNU GPL version 3 section 7
Additional permission under GNU AGPL version 3 section 7
If you modify this Program, or any covered work, by linking or combining
it with OpenSSL (or a modified version of that library), containing parts

90
README.rst
View File

@@ -145,6 +145,65 @@ To connect::
$ ./cli client.ovpn
Building the OpenVPN 3 client on Windows
----------------------------------------
Those instructions were tested with Git Bash.
Prerequisites:
- Visual Studio 2015
- Python 2.7
To make python interpreter work inside Git Bash terminal, add::
alias python='winpty python.exe'
to ``.bashrc``.
Clone the OpenVPN 3 source repo::
$ mkdir ovpn3
$ cd ovpn3
$ git clone https://github.com/OpenVPN/openvpn3.git core
Create ``parms_local.py`` inside ``~/ovpn3/core/win`` directory which overrides build settings from ``parms.py``. For example:
.. code-block:: python
PARMS = {
"OVPN3" : "c:\\Users\\user\\Projects\\ovpn3",
"TAP" : "c:\\Users\\user\\Projects\\tap-windows",
"DEP" : "c:\\Users\\user\\Downloads",
"BUILD" : "c:\\Users\\user\\Projects\\ovpn3-build",
"LIB_VERSIONS" : {
"asio" : "asio-cc1bd58f9ebb15afbebf53207015ff690b338195"
},
"GTEST_ROOT": "c:\\Users\\user\\Projects\\googletest"
}
Download dependencies as tar(zip)balls to DEP directory defined in previous step:
1. Asio — https://github.com/chriskohlhoff/asio
2. mbed TLS (2.3.0 or higher) — https://tls.mbed.org/
3. LZ4 — https://github.com/Cyan4973/lz4
Extract and build dependencies (assuming you are in ``~/ovpn3/core/win`` directory)::
$ python buildep.py
Build the OpenVPN 3 client executable:
$ python build.py
Visual Studio 2015 project and solution files are located in ``~/ovpn3/core/win`` directory.
Before opening project you need to build dependencies and define environmental variables:
- OVPN3_BUILD - path where dependencies are build (BUILD in parms.py)
- OVPN3_CORE - path where ovpn3-core was checked out (OVPN3 in parms.py)
- OVPN3_TAP_WINDOWS - path where tap-windows was checked out (TAP in parms.py)
Testing
-------
@@ -175,6 +234,36 @@ Run the test::
user 0m15.800s
sys 0m0.004s
The OpenVPN 3 core also includes unit tests, which are based on
Google Test framework. To run unit tests, you need to install
CMake and build Google Test.
Building Google Test on Linux::
$ git clone https://github.com/google/googletest.git
$ cd googletest
$ cmake . && cmake --build .
Building Google Test on Windows::
> git clone https://github.com/google/googletest.git
> cd googletest
> cmake -G "Visual Studio 14 2015 Win64" .
> cmake --build .
After Google Test is built you are ready to build and run unit tests.
Build and run tests on Linux::
$ cd ovpn3/core/test/unittests
$ GTEST_DIR=~/googletest ECHO=1 PROF=linux ASIO_DIR=~/asio MTLS_SYS=1 LZ4_SYS=1 NOSSL=1 $O3/core/scripts/build test_log
$ ./test_log
Build and run tests on Windows::
$ cd ovpn3/core/win
$ python build.py ../test/unittests/test_log.cpp unittest
$ test_log.exe
Developer Guide
---------------
@@ -553,3 +642,4 @@ License
-------
See `<LICENSE.rst>`_.

349
client/ovpncli.cpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.
@@ -406,11 +406,13 @@ namespace openvpn {
// extra settings submitted by API client
std::string server_override;
std::string port_override;
Protocol proto_override;
IPv6Setting ipv6;
int conn_timeout = 0;
bool tun_persist = false;
bool google_dns_fallback = false;
bool synchronous_dns_lookup = false;
bool autologin_sessions = false;
std::string private_key_password;
std::string external_pki_alias;
@@ -475,6 +477,8 @@ namespace openvpn {
~ClientState()
{
stop_scope_local.reset();
stop_scope_global.reset();
socket_protect.detach_from_parent();
reconnect_notify.detach_from_parent();
remote_override.detach_from_parent();
@@ -532,6 +536,17 @@ namespace openvpn {
clock_tick->cancel();
}
void setup_async_stop_scopes()
{
stop_scope_local.reset(new AsioStopScope(*io_context(), async_stop_local(), [this]() {
session->graceful_stop();
}));
stop_scope_global.reset(new AsioStopScope(*io_context(), async_stop_global(), [this]() {
trigger_async_stop_local();
}));
}
private:
ClientState(const ClientState&) = delete;
ClientState& operator=(const ClientState&) = delete;
@@ -541,6 +556,9 @@ namespace openvpn {
Stop async_stop_local_;
Stop* async_stop_global_ = nullptr;
std::unique_ptr<AsioStopScope> stop_scope_local;
std::unique_ptr<AsioStopScope> stop_scope_global;
openvpn_io::io_context* io_context_ = nullptr;
bool io_context_owned = false;
@@ -630,9 +648,11 @@ namespace openvpn {
{
try {
state->server_override = config.serverOverride;
state->port_override = config.portOverride;
state->conn_timeout = config.connTimeout;
state->tun_persist = config.tunPersist;
state->google_dns_fallback = config.googleDnsFallback;
state->synchronous_dns_lookup = config.synchronousDnsLookup;
state->autologin_sessions = config.autologinSessions;
state->private_key_password = config.privateKeyPassword;
if (!config.protoOverride.empty())
@@ -828,150 +848,194 @@ namespace openvpn {
OPENVPN_CLIENT_EXPORT Status OpenVPNClient::do_connect()
{
Status ret;
bool in_run = false;
connect_attach();
Status status;
bool session_started = false;
try {
// set global MbedTLS debug level
#if defined(USE_MBEDTLS) || defined(USE_MBEDTLS_APPLE_HYBRID)
mbedtls_debug_set_threshold(state->ssl_debug_level); // fixme -- using a global method for this seems wrong
#endif
// load options
ClientOptions::Config cc;
cc.cli_stats = state->stats;
cc.cli_events = state->events;
cc.server_override = state->server_override;
cc.proto_override = state->proto_override;
cc.ipv6 = state->ipv6;
cc.conn_timeout = state->conn_timeout;
cc.tun_persist = state->tun_persist;
cc.google_dns_fallback = state->google_dns_fallback;
cc.autologin_sessions = state->autologin_sessions;
cc.proto_context_options = state->proto_context_options;
cc.http_proxy_options = state->http_proxy_options;
cc.alt_proxy = state->alt_proxy;
cc.dco = state->dco;
cc.echo = state->echo;
cc.info = state->info;
cc.reconnect_notify = &state->reconnect_notify;
if (remote_override_enabled())
cc.remote_override = &state->remote_override;
cc.private_key_password = state->private_key_password;
cc.disable_client_cert = state->disable_client_cert;
cc.ssl_debug_level = state->ssl_debug_level;
cc.default_key_direction = state->default_key_direction;
cc.force_aes_cbc_ciphersuites = state->force_aes_cbc_ciphersuites;
cc.tls_version_min_override = state->tls_version_min_override;
cc.tls_cert_profile_override = state->tls_cert_profile_override;
cc.gui_version = state->gui_version;
cc.extra_peer_info = state->extra_peer_info;
cc.stop = state->async_stop_local();
#ifdef OPENVPN_GREMLIN
cc.gremlin_config = state->gremlin_config;
#endif
#if defined(USE_TUN_BUILDER)
cc.socket_protect = &state->socket_protect;
cc.builder = this;
#endif
#if defined(OPENVPN_EXTERNAL_TUN_FACTORY)
cc.extern_tun_factory = this;
#endif
// force Session ID use and disable password cache if static challenge is enabled
if (state->creds
&& !state->creds->get_replace_password_with_session_id()
&& !state->eval.autologin
&& !state->eval.staticChallenge.empty())
{
state->creds->set_replace_password_with_session_id(true);
state->creds->enable_password_cache(false);
}
// external PKI
#if !defined(USE_APPLE_SSL)
if (state->eval.externalPki && !state->disable_client_cert)
{
if (!state->external_pki_alias.empty())
{
ExternalPKICertRequest req;
req.alias = state->external_pki_alias;
external_pki_cert_request(req);
if (!req.error)
{
cc.external_pki = this;
process_epki_cert_chain(req);
}
else
{
external_pki_error(req, Error::EPKI_CERT_ERROR);
return ret;
}
}
else
{
ret.error = true;
ret.message = "Missing External PKI alias";
return ret;
}
}
#endif
// build client options object
ClientOptions::Ptr client_options = new ClientOptions(state->options, cc);
// configure creds in options
client_options->submit_creds(state->creds);
// instantiate top-level client session
state->session.reset(new ClientConnect(*state->io_context(), client_options));
// convenience clock tick
if (state->clock_tick_ms)
{
state->clock_tick.reset(new MyClockTick(*state->io_context(), this, state->clock_tick_ms));
state->clock_tick->schedule();
}
// raise an exception if app has expired
check_app_expired();
// start VPN
state->session->start(); // queue parallel async reads
// wire up async stop
AsioStopScope scope_local(*state->io_context(), state->async_stop_local(), [this]() {
state->session->graceful_stop();
connect_attach();
#if defined(OPENVPN_OVPNCLI_ASYNC_SETUP)
openvpn_io::post(*state->io_context(), [this]() {
do_connect_async();
});
AsioStopScope scope_global(*state->io_context(), state->async_stop_global(), [this]() {
state->trigger_async_stop_local();
});
// prepare to start reactor
connect_pre_run();
// run i/o reactor
state->enable_foreign_thread_access();
in_run = true;
#else
connect_setup(status, session_started);
#endif
connect_run();
return status;
}
catch (const std::exception& e)
{
if (in_run)
if (session_started)
connect_session_stop();
ret.error = true;
ret.message = Unicode::utf8_printable<std::string>(e.what(), 256);
// if exception is an ExceptionCode, translate the code
// to return status string
{
const ExceptionCode *ec = dynamic_cast<const ExceptionCode *>(&e);
if (ec && ec->code_defined())
ret.status = Error::name(ec->code());
}
return status_from_exception(e);
}
}
OPENVPN_CLIENT_EXPORT void OpenVPNClient::do_connect_async()
{
enum StopType {
NONE,
SESSION,
EXPLICIT,
};
StopType stop_type = NONE;
Status status;
bool session_started = false;
try {
connect_setup(status, session_started);
}
catch (const std::exception& e)
{
stop_type = session_started ? SESSION : EXPLICIT;
status = status_from_exception(e);
}
if (status.error)
{
ClientEvent::Base::Ptr ev = new ClientEvent::ClientSetup(status.status, status.message);
state->events->add_event(std::move(ev));
}
if (stop_type == SESSION)
connect_session_stop();
#ifdef OPENVPN_IO_REQUIRES_STOP
if (stop_type == EXPLICIT)
state->io_context()->stop();
#endif
}
OPENVPN_CLIENT_EXPORT void OpenVPNClient::connect_setup(Status& status, bool& session_started)
{
// set global MbedTLS debug level
#if defined(USE_MBEDTLS) || defined(USE_MBEDTLS_APPLE_HYBRID)
mbedtls_debug_set_threshold(state->ssl_debug_level); // fixme -- using a global method for this seems wrong
#endif
// load options
ClientOptions::Config cc;
cc.cli_stats = state->stats;
cc.cli_events = state->events;
cc.server_override = state->server_override;
cc.port_override = state->port_override;
cc.proto_override = state->proto_override;
cc.ipv6 = state->ipv6;
cc.conn_timeout = state->conn_timeout;
cc.tun_persist = state->tun_persist;
cc.google_dns_fallback = state->google_dns_fallback;
cc.synchronous_dns_lookup = state->synchronous_dns_lookup;
cc.autologin_sessions = state->autologin_sessions;
cc.proto_context_options = state->proto_context_options;
cc.http_proxy_options = state->http_proxy_options;
cc.alt_proxy = state->alt_proxy;
cc.dco = state->dco;
cc.echo = state->echo;
cc.info = state->info;
cc.reconnect_notify = &state->reconnect_notify;
if (remote_override_enabled())
cc.remote_override = &state->remote_override;
cc.private_key_password = state->private_key_password;
cc.disable_client_cert = state->disable_client_cert;
cc.ssl_debug_level = state->ssl_debug_level;
cc.default_key_direction = state->default_key_direction;
cc.force_aes_cbc_ciphersuites = state->force_aes_cbc_ciphersuites;
cc.tls_version_min_override = state->tls_version_min_override;
cc.tls_cert_profile_override = state->tls_cert_profile_override;
cc.gui_version = state->gui_version;
cc.extra_peer_info = state->extra_peer_info;
cc.stop = state->async_stop_local();
#ifdef OPENVPN_GREMLIN
cc.gremlin_config = state->gremlin_config;
#endif
#if defined(USE_TUN_BUILDER)
cc.socket_protect = &state->socket_protect;
cc.builder = this;
#endif
#if defined(OPENVPN_EXTERNAL_TUN_FACTORY)
cc.extern_tun_factory = this;
#endif
#if defined(OPENVPN_EXTERNAL_TRANSPORT_FACTORY)
cc.extern_transport_factory = this;
#endif
// force Session ID use and disable password cache if static challenge is enabled
if (state->creds
&& !state->creds->get_replace_password_with_session_id()
&& !state->eval.autologin
&& !state->eval.staticChallenge.empty())
{
state->creds->set_replace_password_with_session_id(true);
state->creds->enable_password_cache(false);
}
// external PKI
#if !defined(USE_APPLE_SSL)
if (state->eval.externalPki && !state->disable_client_cert)
{
if (!state->external_pki_alias.empty())
{
ExternalPKICertRequest req;
req.alias = state->external_pki_alias;
external_pki_cert_request(req);
if (!req.error)
{
cc.external_pki = this;
process_epki_cert_chain(req);
}
else
{
external_pki_error(req, Error::EPKI_CERT_ERROR);
return;
}
}
else
{
status.error = true;
status.message = "Missing External PKI alias";
return;
}
}
#endif
// build client options object
ClientOptions::Ptr client_options = new ClientOptions(state->options, cc);
// configure creds in options
client_options->submit_creds(state->creds);
// instantiate top-level client session
state->session.reset(new ClientConnect(*state->io_context(), client_options));
// convenience clock tick
if (state->clock_tick_ms)
{
state->clock_tick.reset(new MyClockTick(*state->io_context(), this, state->clock_tick_ms));
state->clock_tick->schedule();
}
// raise an exception if app has expired
check_app_expired();
// start VPN
state->session->start(); // queue reads on socket/tun
session_started = true;
// wire up async stop
state->setup_async_stop_scopes();
// prepare to start reactor
connect_pre_run();
state->enable_foreign_thread_access();
}
OPENVPN_CLIENT_EXPORT Status OpenVPNClient::status_from_exception(const std::exception& e)
{
Status ret;
ret.error = true;
ret.message = Unicode::utf8_printable<std::string>(e.what(), 256);
// if exception is an ExceptionCode, translate the code
// to return status string
{
const ExceptionCode *ec = dynamic_cast<const ExceptionCode *>(&e);
if (ec && ec->code_defined())
ret.status = Error::name(ec->code());
}
return ret;
}
@@ -1293,10 +1357,5 @@ namespace openvpn {
{
delete state;
}
OPENVPN_CLIENT_EXPORT LogInfo::LogInfo(std::string str)
: text(std::move(str))
{
}
}
}

27
client/ovpncli.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.
@@ -31,6 +31,7 @@
#include <openvpn/tun/builder/base.hpp>
#include <openvpn/tun/extern/fw.hpp>
#include <openvpn/pki/epkibase.hpp>
#include <openvpn/transport/client/extern/fw.hpp>
namespace openvpn {
class OptionList;
@@ -172,6 +173,10 @@ namespace openvpn {
// option of profile
std::string serverOverride;
// Use a different port than that specified in "remote"
// option of profile
std::string portOverride;
// Force a given transport protocol
// Should be tcp, udp, or adaptive.
std::string protoOverride;
@@ -192,6 +197,9 @@ namespace openvpn {
// DNS servers, use the standard Google DNS servers.
bool googleDnsFallback = false;
// if true, do synchronous DNS lookup.
bool synchronousDnsLookup = false;
// Enable autologin sessions
bool autologinSessions = true;
@@ -321,7 +329,8 @@ namespace openvpn {
struct LogInfo
{
LogInfo() {}
LogInfo(std::string str);
LogInfo(std::string str)
: text(std::move(str)) {}
std::string text; // log output (usually but not always one line)
};
@@ -412,6 +421,7 @@ namespace openvpn {
class OpenVPNClient : public TunBuilderBase, // expose tun builder virtual methods
public LogReceiver, // log message notification
public ExternalTun::Factory, // low-level tun override
public ExternalTransport::Factory,// low-level transport override
private ExternalPKIBase
{
public:
@@ -567,10 +577,13 @@ namespace openvpn {
Private::ClientState* state;
private:
void connect_setup(Status&, bool&);
void do_connect_async();
static Status status_from_exception(const std::exception&);
static void parse_config(const Config&, EvalConfig&, OptionList&);
void parse_extras(const Config&, EvalConfig&);
void external_pki_error(const ExternalPKIRequestBase&, const size_t err_type);
void process_epki_cert_chain(const ExternalPKICertRequest& req);
void external_pki_error(const ExternalPKIRequestBase&, const size_t);
void process_epki_cert_chain(const ExternalPKICertRequest&);
void check_app_expired();
static MergeConfig build_merge_config(const ProfileMerge&);

22
deps/asio/build-asio vendored
View File

@@ -5,11 +5,29 @@ if [ -z "$O3" ]; then
echo O3 var must point to ovpn3 tree
exit 1
fi
[ -z "$DL" ] && DL=~/Downloads
if [ -z "$DEP_DIR" ]; then
echo DEP_DIR var must point to dependency build folder
exit 1
fi
if [ -z "$DL" ]; then
echo DL var must point to the download folder
exit 1
fi
. $O3/core/deps/lib-versions
# source helper functions
. $O3/core/deps/functions.sh
PACKAGE=${ASIO_VERSION}
FNAME=${ASIO_VERSION}.tar.gz
PV=${ASIO_VERSION#*-}
URL=https://github.com/chriskohlhoff/asio/archive/${PV}.tar.gz
CSUM=${ASIO_CSUM}
download
cd $DEP_DIR
rm -rf asio*
tar xf $DL/$ASIO_VERSION.tar.gz
cp -a $ASIO_VERSION asio

30
deps/functions.sh vendored Normal file
View File

@@ -0,0 +1,30 @@
function check_download()
{
if [ -f $DL/$FNAME ]; then
CHECK=$(sha256sum $DL/$FNAME |awk '{printf $1};')
if [ "$CHECK" == "$CSUM" ]; then
return 0
else
echo "Checksum mismatch for $FNAME. Was $CHECK, expected $CSUM"
fi
else
echo "$FNAME not found."
fi
return -1
}
function download()
{
check_download && return 0
rm -f $DL/$FNAME
if [ -n "$URL" ]; then
wget $URL -O $DL/$FNAME
else
echo URL must be specified
exit 1
fi
check_download || return -1
}

12
deps/lib-versions vendored
View File

@@ -1,4 +1,10 @@
export ASIO_VERSION=asio-20170301
export LZ4_VERSION=lz4-1.7.5
export MBEDTLS_VERSION=mbedtls-2.4.0
export ASIO_VERSION=asio-862aed305dcf91387535519c9549c17630339a12
export ASIO_CSUM=65eb4e0997795e4c7c76325387311c3b9d211754615c275bfe5ca6e186dc322b
export LZ4_VERSION=lz4-1.8.0
export LZ4_CSUM=2ca482ea7a9bb103603108b5a7510b7592b90158c151ff50a28f1ca8389fccf6
export MBEDTLS_VERSION=mbedtls-2.6.0
export MBEDTLS_CSUM=99bc9d4212d3d885eeb96273bcde8ecc649a481404b8d7ea7bb26397c9909687
export OPENSSL_VERSION=openssl-1.0.2h

20
deps/lz4/build-lz4 vendored
View File

@@ -5,17 +5,33 @@ if [ -z "$O3" ]; then
echo O3 var must point to ovpn3 tree
exit 1
fi
if [ -z "$DEP_DIR" ]; then
echo DEP_DIR var must point to dependency build folder
exit 1
fi
if [ -z "$DL" ]; then
echo DL var must point to the download folder
exit 1
fi
if [ -z "$TARGET" ]; then
echo TARGET var must be defined
exit 1
fi
[ -z "$DL" ] && DL=~/Downloads
# source vars
. $O3/core/vars/vars-${TARGET}
. $O3/core/deps/lib-versions
# source helper functions
. $O3/core/deps/functions.sh
FNAME=${LZ4_VERSION}.tar.gz
PN=${LZ4_VERSION#*-}
URL=https://github.com/lz4/lz4/archive/v${PN}.tar.gz
CSUM=${LZ4_CSUM}
download
CC=cc
LD=ld

27
deps/mbedtls/build-mbedtls vendored
View File

@@ -5,6 +5,15 @@ if [ -z "$O3" ]; then
echo O3 var must point to ovpn3 tree
exit 1
fi
if [ -z "$DEP_DIR" ]; then
echo DEP_DIR var must point to dependency build folder
exit 1
fi
if [ -z "$DL" ]; then
echo DL var must point to the download folder
exit 1
fi
if [ -z "$TARGET" ]; then
echo TARGET var must be defined
exit 1
@@ -14,6 +23,16 @@ fi
. $O3/core/vars/vars-${TARGET}
. $O3/core/deps/lib-versions
# source helper functions
. $O3/core/deps/functions.sh
FNAME=${MBEDTLS_VERSION}-apache.tgz
PN=${MBEDTLS_VERSION#*-}
URL=https://tls.mbed.org/download/$MBEDTLS_VERSION-apache.tgz
CSUM=${MBEDTLS_CSUM}
download
# put build targets here
DIST=$(pwd)/mbedtls/mbedtls-$PLATFORM
rm -rf $DIST
@@ -31,6 +50,11 @@ else
# enable MD4 (needed for NTLM auth)
perl -pi -e 's/^\/\/// if /#define MBEDTLS_MD4_C/' include/mbedtls/config.h
# apply pre-generated patches
for file in $O3/core/deps/mbedtls/patches/*.patch; do
patch -p1 <$file
done
fi
# compiler vars
@@ -48,7 +72,8 @@ SRC=$(pwd)
cd library
rm -f *.o
for c in *.c ; do
CMD="$CC -I../include $PLATFORM_FLAGS $OTHER_COMPILER_FLAGS $LIB_OPT_LEVEL $LIB_FPIC -c $c"
CMD="$CC -I../include -DMBEDTLS_RELAXED_X509_DATE \
$PLATFORM_FLAGS $OTHER_COMPILER_FLAGS $LIB_OPT_LEVEL $LIB_FPIC -c $c"
echo $CMD
$CMD
done

41
deps/mbedtls/patches/0001-mbedtls-relaxed-x509-date-format.patch vendored Normal file
View File

@@ -0,0 +1,41 @@
diff -urw mbedtls-2.6.0.orig/library/x509.c mbedtls-2.6.0/library/x509.c
--- mbedtls-2.6.0.orig/library/x509.c 2017-11-03 11:46:21.403848065 +0800
+++ mbedtls-2.6.0/library/x509.c 2017-11-03 11:58:46.259817520 +0800
@@ -559,13 +559,20 @@
/*
* Parse seconds if present
*/
- if ( len >= 2 )
+ if ( len >= 2 && **p >= '0' && **p <= '9' )
{
CHECK( x509_parse_int( p, 2, &tm->sec ) );
len -= 2;
}
else
+ {
+#if defined(MBEDTLS_RELAXED_X509_DATE)
+ /* if relaxed mode, allow seconds to be absent */
+ tm->sec = 0;
+#else
return ( MBEDTLS_ERR_X509_INVALID_DATE );
+#endif
+ }
/*
* Parse trailing 'Z' if present
@@ -575,6 +582,15 @@
(*p)++;
len--;
}
+#if defined(MBEDTLS_RELAXED_X509_DATE)
+ else if ( len == 5 && **p == '+' )
+ {
+ int tz; /* throwaway timezone */
+ (*p)++;
+ CHECK( x509_parse_int( p, 4, &tz ) );
+ return 0;
+ }
+#endif
/*
* We should have parsed all characters at this point

8
javacli/Client.java
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
javacli/Main.java
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
javacli/OpenVPNClientThread.java
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
javacli/android/cpu.cpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
javacli/android/jellybean_hack.cpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

19
javacli/build-android
View File

@@ -31,8 +31,9 @@ fi
echo SWIG
swig -c++ -java -package $pkg -I$O3/core/client -I$O3/core ovpncli.i
# fixme: removed "android" from TARGET list due to compile failures in Asio
for TARGET in android-a8a android-a7a ; do
TARGETS=${TARGETS:-android-a7a android-a8a android-x86}
for TARGET in $TARGETS; do
if [ "$DEBUG_BUILD" = "1" ]; then
. ../vars/vars-${TARGET}-dbg
@@ -58,10 +59,13 @@ else
ssl_libdir="-L$DEP_DIR/mbedtls/mbedtls-$PLATFORM/library"
fi
[ -z "$GPP_CMD" ] && GPP_CMD=g++
echo CORE $ABI
g++ \
$GPP_CMD \
$CXX_COMPILER_FLAGS \
$PLATFORM_FLAGS \
$OTHER_COMPILER_FLAGS \
$LIB_OPT_LEVEL $LIB_FPIC \
-Wall -Wno-sign-compare -Wno-unused-parameter \
-Wno-unused-local-typedefs \
@@ -71,6 +75,7 @@ g++ \
-DASIO_STANDALONE \
-DASIO_NO_DEPRECATED \
-DHAVE_LZ4 \
-DOPENVPN_USE_TLS_MD5 \
-I$O3/core/client \
-I$O3/core \
$common \
@@ -80,9 +85,10 @@ g++ \
-c $O3/core/client/ovpncli.cpp
echo WRAP $ABI
g++ \
$GPP_CMD \
$CXX_COMPILER_FLAGS \
$PLATFORM_FLAGS \
$OTHER_COMPILER_FLAGS \
$opt2 $LIB_FPIC \
-fno-strict-aliasing \
-Wall \
@@ -112,5 +118,8 @@ mv libovpncli.so build/libs/$ABI/
rm ovpncli.o
done
mv ovpncli.java ovpncliJNI.java SWIGTYPE_*.java ClientAPI_*.java build/
mv ovpncli_wrap.cxx ovpncli_wrap.h ovpncli.java ovpncliJNI.java SWIGTYPE_*.java ClientAPI_*.java build/
git clean -q -fX .
tar -czf android-core-build.tgz build
mv android-core-build.tgz $O3/

4
javacli/build-linux
View File

@@ -54,7 +54,7 @@ g++ \
$CXX_COMPILER_FLAGS \
$PLATFORM_FLAGS \
$LIB_OPT_LEVEL $LIB_FPIC \
-Wall -Wno-sign-compare -Wno-unused-parameter \
-Wall -Werror -Wno-sign-compare -Wno-unused-parameter \
-Wno-unused-local-typedefs \
$vis1 \
$ssl_def \
@@ -75,7 +75,7 @@ g++ \
$PLATFORM_FLAGS \
$opt2 $LIB_FPIC \
-fno-strict-aliasing \
-Wall \
-Wall -Werror \
$vis1 $vis2 \
-I$O3/core/client \
-I$O3/core \

2
javacli/ovpncli.i
View File

@@ -15,6 +15,7 @@
// ignore these ClientAPI::OpenVPNClient bases
%ignore openvpn::ClientAPI::LogReceiver;
%ignore openvpn::ExternalTun::Factory;
%ignore openvpn::ExternalTransport::Factory;
// modify exported C++ class names to incorporate their enclosing namespace
%rename(ClientAPI_OpenVPNClient) OpenVPNClient;
@@ -49,4 +50,5 @@ namespace std {
%include "openvpn/pki/epkibase.hpp"
%include "openvpn/tun/builder/base.hpp"
%import "openvpn/tun/extern/fw.hpp" // ignored
%import "openvpn/transport/client/extern/fw.hpp" // ignored
%include "ovpncli.hpp"

8
openvpn/addr/addrlist.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/addr/addrpair.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

52
openvpn/addr/ip.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.
@@ -148,19 +148,19 @@ namespace openvpn {
throw ip_exception("address unspecified");
}
static Addr from_ipv4(const IPv4::Addr& addr)
static Addr from_ipv4(IPv4::Addr addr)
{
Addr a;
a.ver = V4;
a.u.v4 = addr;
a.u.v4 = std::move(addr);
return a;
}
static Addr from_ipv6(const IPv6::Addr& addr)
static Addr from_ipv6(IPv6::Addr addr)
{
Addr a;
a.ver = V6;
a.u.v6 = addr;
a.u.v6 = std::move(addr);
return a;
}
@@ -327,6 +327,22 @@ namespace openvpn {
throw ip_exception("address unspecified");
}
// validate the prefix length for the IP version
static bool validate_prefix_len(Version v, const unsigned int prefix_len)
{
if (v == V4)
{
if (prefix_len <= V4_SIZE)
return true;
}
else if (v == V6)
{
if (prefix_len <= V6_SIZE)
return true;
}
return false;
}
// build a netmask using given prefix_len
static Addr netmask_from_prefix_len(Version v, const unsigned int prefix_len)
{
@@ -837,23 +853,31 @@ namespace openvpn {
return 0;
}
std::size_t hashval() const
template <typename HASH>
void hash(HASH& h) const
{
std::size_t seed = 0;
switch (ver)
{
case Addr::V4:
Hash::combine(seed, 4, u.v4);
u.v4.hash(h);
break;
case Addr::V6:
Hash::combine(seed, 6, u.v6);
u.v6.hash(h);
break;
default:
break;
}
return seed;
}
#ifdef HAVE_CITYHASH
std::size_t hashval() const
{
HashSizeT h;
hash(h);
return h.value();
}
#endif
#ifdef OPENVPN_IP_IMMUTABLE
private:
#endif
@@ -951,6 +975,8 @@ namespace openvpn {
}
}
#ifdef HAVE_CITYHASH
OPENVPN_HASH_METHOD(openvpn::IP::Addr, hashval);
#endif
#endif

8
openvpn/addr/iperr.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

20
openvpn/addr/ipv4.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.
@@ -35,7 +35,6 @@
#include <openvpn/common/socktypes.hpp>
#include <openvpn/common/ffs.hpp>
#include <openvpn/common/hexstr.hpp>
#include <openvpn/common/hash.hpp>
#include <openvpn/addr/iperr.hpp>
namespace openvpn {
@@ -85,12 +84,12 @@ namespace openvpn {
return ret;
}
struct sockaddr_in to_sockaddr() const
struct sockaddr_in to_sockaddr(const unsigned short port=0) const
{
struct sockaddr_in ret;
std::memset(&ret, 0, sizeof(ret));
ret.sin_family = AF_INET;
ret.sin_port = 0;
ret.sin_port = htons(port);
ret.sin_addr.s_addr = htonl(u.addr);
return ret;
}
@@ -493,9 +492,10 @@ namespace openvpn {
return SIZE;
}
std::size_t hashval() const
template <typename HASH>
void hash(HASH& h) const
{
return Hash::value(u.addr);
h(u.addr);
}
#ifdef OPENVPN_IP_IMMUTABLE
@@ -566,6 +566,4 @@ namespace openvpn {
}
}
OPENVPN_HASH_METHOD(openvpn::IPv4::Addr, hashval);
#endif // OPENVPN_ADDR_IPV4_H

20
openvpn/addr/ipv6.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.
@@ -34,7 +34,6 @@
#include <openvpn/common/socktypes.hpp>
#include <openvpn/common/ffs.hpp>
#include <openvpn/common/hexstr.hpp>
#include <openvpn/common/hash.hpp>
#include <openvpn/addr/ipv4.hpp>
#include <openvpn/addr/iperr.hpp>
@@ -84,12 +83,12 @@ namespace openvpn {
return ret;
}
struct sockaddr_in6 to_sockaddr() const
struct sockaddr_in6 to_sockaddr(const unsigned short port=0) const
{
struct sockaddr_in6 ret;
std::memset(&ret, 0, sizeof(ret));
ret.sin6_family = AF_INET6;
ret.sin6_port = 0;
ret.sin6_port = htons(port);
host_to_network_order((union ipv6addr *)&ret.sin6_addr.s6_addr, &u);
ret.sin6_scope_id = scope_id_;
return ret;
@@ -535,9 +534,10 @@ namespace openvpn {
return SIZE;
}
std::size_t hashval() const
template <typename HASH>
void hash(HASH& h) const
{
return Hash::value(u.u32[0], u.u32[1], u.u32[2], u.u32[3]);
h(u.bytes, sizeof(u.bytes));
}
#ifdef OPENVPN_IP_IMMUTABLE
@@ -825,6 +825,4 @@ namespace openvpn {
}
}
OPENVPN_HASH_METHOD(openvpn::IPv6::Addr, hashval);
#endif // OPENVPN_ADDR_IPV6_H

8
openvpn/addr/macaddr.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/addr/pool.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/addr/range.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

21
openvpn/addr/regex.hpp
View File

@@ -1,3 +1,24 @@
// OpenVPN -- An application to securely tunnel IP networks
// over a single port, with support for SSL/TLS-based
// session authentication and key exchange,
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.
// Regular expressions for IPv4/v6
// Source: http://stackoverflow.com/questions/53497/regular-expression-that-matches-valid-ipv6-addresses

31
openvpn/addr/route.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.
@@ -123,6 +123,14 @@ namespace openvpn {
return addr.defined() && prefix_len == addr.size();
}
unsigned int host_bits() const
{
if (prefix_len < addr.size())
return addr.size() - prefix_len;
else
return 0;
}
bool contains(const ADDR& a) const // assumes canonical address/routes
{
if (addr.defined() && addr.version() == a.version())
@@ -167,10 +175,21 @@ namespace openvpn {
return prefix_len == other.prefix_len && addr == other.addr;
}
template <typename HASH>
void hash(HASH& h) const
{
addr.hash(h);
h(prefix_len);
}
#ifdef HAVE_CITYHASH
std::size_t hash_value() const
{
return Hash::value(addr, prefix_len);
HashSizeT h;
hash(h);
return h.value();
}
#endif
};
template <typename ADDR>
@@ -253,8 +272,10 @@ namespace openvpn {
}
}
#ifdef HAVE_CITYHASH
OPENVPN_HASH_METHOD(openvpn::IP::Route, hash_value);
OPENVPN_HASH_METHOD(openvpn::IP::Route4, hash_value);
OPENVPN_HASH_METHOD(openvpn::IP::Route6, hash_value);
#endif
#endif

8
openvpn/addr/routeinv.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/apple/cf/cf.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/apple/cf/cfhelper.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/apple/cf/cfhost.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/apple/cf/cfrunloop.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/apple/cf/cfsec.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/apple/cf/cfsocket.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/apple/cf/cfstream.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/apple/cf/cftimer.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/apple/cf/error.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/apple/iosactiveiface.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/apple/maclife.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/apple/macsleep.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/apple/macver.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/apple/reach.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/apple/reachable.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.
//

8
openvpn/apple/scdynstore.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/apple/ver.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/applecrypto/crypto/api.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

9
openvpn/applecrypto/crypto/cipher.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.
@@ -158,6 +158,7 @@ namespace openvpn {
case CryptoAlgs::AES_128_CBC:
case CryptoAlgs::AES_192_CBC:
case CryptoAlgs::AES_256_CBC:
case CryptoAlgs::AES_256_CTR:
return kCCAlgorithmAES128;
case CryptoAlgs::DES_CBC:
return kCCAlgorithmDES;

8
openvpn/applecrypto/crypto/digest.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/applecrypto/crypto/hmac.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/applecrypto/ssl/sslctx.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/applecrypto/util/rand.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

15
openvpn/asio/asioboundsock.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.
@@ -44,9 +44,11 @@ namespace openvpn {
{
}
void bind_local(const IP::Addr& addr)
// if port 0, kernel will dynamically allocate free port
void bind_local(const IP::Addr& addr, const unsigned short port=0)
{
bind_local_addr = addr;
bind_local_port = port;
}
private:
@@ -57,11 +59,12 @@ namespace openvpn {
set_option(openvpn_io::socket_base::reuse_address(true), ec);
if (ec)
return;
bind(openvpn_io::ip::tcp::endpoint(bind_local_addr.to_asio(), 0), ec); // port 0 -- kernel will choose port
bind(openvpn_io::ip::tcp::endpoint(bind_local_addr.to_asio(), bind_local_port), ec);
}
}
IP::Addr bind_local_addr;
unsigned short bind_local_port = 0;
};
}

8
openvpn/asio/asiocontext.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/asio/asioerr.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

16
openvpn/asio/asiopolysock.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.
@@ -36,6 +36,10 @@
#include <openvpn/common/sockopt.hpp>
#include <openvpn/addr/ip.hpp>
#ifdef OPENVPN_POLYSOCK_SUPPORTS_BIND
#include <openvpn/asio/asioboundsock.hpp>
#endif
#ifdef ASIO_HAS_LOCAL_SOCKETS
#include <openvpn/common/peercred.hpp>
#endif
@@ -160,7 +164,11 @@ namespace openvpn {
return false;
}
#ifdef OPENVPN_POLYSOCK_SUPPORTS_BIND
AsioBoundSocket::Socket socket;
#else
openvpn_io::ip::tcp::socket socket;
#endif
};
#ifdef ASIO_HAS_LOCAL_SOCKETS

8
openvpn/asio/asiosignal.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/asio/asiostop.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/asio/asiowork.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/asio/scoped_asio_stream.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/auth/authcert.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/auth/authcreds.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/auth/cr.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/auth/validatecreds.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/buffer/asiobuf.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/buffer/bufclamp.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/buffer/bufcomplete.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/buffer/bufcomposed.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

23
openvpn/buffer/buffer.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.
@@ -454,16 +454,31 @@ namespace openvpn {
std::memcpy(write_alloc(size), data, size * sizeof(T));
}
void write(const void* data, const size_t size)
{
write((const T*)data, size);
}
void prepend(const T* data, const size_t size)
{
std::memcpy(prepend_alloc(size), data, size * sizeof(T));
}
void prepend(const void* data, const size_t size)
{
prepend((const T*)data, size);
}
void read(T* data, const size_t size)
{
std::memcpy(data, read_alloc(size), size * sizeof(T));
}
void read(void* data, const size_t size)
{
read((T*)data, size);
}
T* write_alloc(const size_t size)
{
if (size > remaining())

8
openvpn/buffer/bufhex.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/buffer/buflimit.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/buffer/buflist.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

11
openvpn/buffer/bufread.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.
@@ -30,6 +30,7 @@
#include <openvpn/common/size.hpp>
#include <openvpn/common/exception.hpp>
#include <openvpn/common/strerror.hpp>
#include <openvpn/buffer/buflist.hpp>
namespace openvpn {
@@ -41,7 +42,7 @@ namespace openvpn {
if (status < 0)
{
const int eno = errno;
OPENVPN_THROW(buf_read_error, "on " << title << " : " << std::strerror(eno));
OPENVPN_THROW(buf_read_error, "on " << title << " : " << strerror_str(eno));
}
else if (!status)
return false;

8
openvpn/buffer/bufstr.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/buffer/bufstream.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/buffer/memq.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/buffer/safestr.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/buffer/zlib.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

13
openvpn/client/cliconnect.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.
@@ -562,7 +562,10 @@ namespace openvpn {
void new_client()
{
++generation;
asio_work.reset();
if (client_options->asio_work_always_on())
asio_work.reset(new AsioWork(io_context));
else
asio_work.reset();
if (client)
{
client->stop(false);

8
openvpn/client/cliconstants.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/client/clicreds.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/client/cliemuexr.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

37
openvpn/client/clievent.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.
@@ -50,6 +50,7 @@ namespace openvpn {
ADD_ROUTES,
ECHO_OPT,
INFO,
WARN,
PAUSE,
RESUME,
RELAY,
@@ -64,6 +65,7 @@ namespace openvpn {
CERT_VERIFY_FAIL,
TLS_VERSION_MIN,
CLIENT_HALT,
CLIENT_SETUP,
CONNECTION_TIMEOUT,
INACTIVE_TIMEOUT,
DYNAMIC_CHALLENGE,
@@ -99,6 +101,7 @@ namespace openvpn {
"ADD_ROUTES",
"ECHO",
"INFO",
"WARN",
"PAUSE",
"RESUME",
"RELAY",
@@ -113,6 +116,7 @@ namespace openvpn {
"CERT_VERIFY_FAIL",
"TLS_VERSION_MIN",
"CLIENT_HALT",
"CLIENT_SETUP",
"CONNECTION_TIMEOUT",
"INACTIVE_TIMEOUT",
"DYNAMIC_CHALLENGE",
@@ -395,6 +399,31 @@ namespace openvpn {
Info(std::string value) : ReasonBase(INFO, std::move(value)) {}
};
struct Warn : public ReasonBase
{
Warn(std::string value) : ReasonBase(WARN, std::move(value)) {}
};
class ClientSetup : public ReasonBase
{
public:
ClientSetup(const std::string& status, const std::string& message)
: ReasonBase(CLIENT_SETUP, make(status, message))
{
}
private:
static std::string make(const std::string& status, const std::string& message)
{
std::string ret;
ret += status;
if (!status.empty() && !message.empty())
ret += ": ";
ret += message;
return ret;
}
};
class Queue : public RC<thread_unsafe_refcount>
{
public:

8
openvpn/client/clihalt.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/client/clilife.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

63
openvpn/client/cliopt.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.
@@ -66,6 +66,11 @@
#include <openvpn/client/cliemuexr.hpp>
#endif
#if defined(OPENVPN_EXTERNAL_TRANSPORT_FACTORY)
#include <openvpn/transport/client/extern/config.hpp>
#include <openvpn/transport/client/extern/fw.hpp>
#endif
#if defined(OPENVPN_EXTERNAL_TUN_FACTORY)
// requires that client implements ExternalTun::Factory::new_tun_factory
#include <openvpn/tun/extern/config.hpp>
@@ -116,6 +121,7 @@ namespace openvpn {
{
std::string gui_version;
std::string server_override;
std::string port_override;
Protocol proto_override;
IPv6Setting ipv6;
int conn_timeout = 0;
@@ -129,6 +135,7 @@ namespace openvpn {
bool info = false;
bool tun_persist = false;
bool google_dns_fallback = false;
bool synchronous_dns_lookup = false;
std::string private_key_password;
bool disable_client_cert = false;
int ssl_debug_level = 0;
@@ -156,6 +163,10 @@ namespace openvpn {
#if defined(OPENVPN_EXTERNAL_TUN_FACTORY)
ExternalTun::Factory* extern_tun_factory = nullptr;
#endif
#if defined(OPENVPN_EXTERNAL_TRANSPORT_FACTORY)
ExternalTransport::Factory* extern_transport_factory = nullptr;
#endif
};
ClientOptions(const OptionList& opt, // only needs to remain in scope for duration of constructor call
@@ -167,6 +178,7 @@ namespace openvpn {
cli_events(config.cli_events),
server_poll_timeout_(10),
server_override(config.server_override),
port_override(config.port_override),
proto_override(config.proto_override),
conn_timeout_(config.conn_timeout),
tcp_queue_limit(64),
@@ -179,7 +191,12 @@ namespace openvpn {
info(config.info),
autologin(false),
autologin_sessions(false),
creds_locked(false)
creds_locked(false),
asio_work_always_on_(false),
synchronous_dns_lookup(false)
#ifdef OPENVPN_EXTERNAL_TRANSPORT_FACTORY
,extern_transport_factory(config.extern_transport_factory)
#endif
{
// parse general client options
const ParseClientConfig pcc(opt);
@@ -245,8 +262,9 @@ namespace openvpn {
// reconnections.
remote_list->set_enable_cache(config.tun_persist);
// process server override
// process server/port overrides
remote_list->set_server_override(config.server_override);
remote_list->set_port_override(config.port_override);
// process protocol override, should be called after set_enable_cache
remote_list->handle_proto_override(config.proto_override,
@@ -279,6 +297,13 @@ namespace openvpn {
if (opt.exists("fragment"))
throw option_error("sorry, 'fragment' directive is not supported, nor is connecting to a server that uses 'fragment' directive");
#ifdef OPENVPN_PLATFORM_UWP
// workaround for OVPN3-62 Busy loop in win_event.hpp
asio_work_always_on_ = true;
#endif
synchronous_dns_lookup = config.synchronous_dns_lookup;
// init transport config
const std::string session_name = load_transport_config();
@@ -580,6 +605,8 @@ namespace openvpn {
int conn_timeout() const { return conn_timeout_; }
bool asio_work_always_on() const { return asio_work_always_on_; }
RemoteList::Ptr remote_list_precache() const
{
RemoteList::Ptr r;
@@ -654,6 +681,7 @@ namespace openvpn {
cp->dc.set_factory(new CryptoDCSelect<SSLLib::CryptoAPI>(frame, cli_stats, prng));
cp->dc_deferred = true; // defer data channel setup until after options pull
cp->tls_auth_factory.reset(new CryptoOvpnHMACFactory<SSLLib::CryptoAPI>());
cp->tls_crypt_factory.reset(new CryptoTLSCryptFactory<SSLLib::CryptoAPI>());
cp->tlsprf_factory.reset(new CryptoTLSPRFFactory<SSLLib::CryptoAPI>());
cp->ssl_factory = cc->new_factory();
cp->load(opt, *proto_context_options, config.default_key_direction, false);
@@ -679,6 +707,22 @@ namespace openvpn {
// should have been caught earlier in RemoteList::handle_proto_override.
// construct transport object
#ifdef OPENVPN_EXTERNAL_TRANSPORT_FACTORY
ExternalTransport::Config transconf;
transconf.remote_list = remote_list;
transconf.frame = frame;
transconf.stats = cli_stats;
transconf.socket_protect = socket_protect;
transconf.server_addr_float = server_addr_float;
transconf.synchronous_dns_lookup = synchronous_dns_lookup;
transconf.protocol = transport_protocol;
transport_factory = extern_transport_factory->new_transport_factory(transconf);
#ifdef OPENVPN_GREMLIN
udpconf->gremlin_config = gremlin_config;
#endif
#else
if (dco)
{
DCO::TransportConfig transconf;
@@ -753,6 +797,7 @@ namespace openvpn {
else
throw option_error("internal error: unknown transport protocol");
}
#endif // OPENVPN_EXTERNAL_TRANSPORT_FACTORY
return remote_list->current_server_host();
}
@@ -774,6 +819,7 @@ namespace openvpn {
ClientCreds::Ptr creds;
unsigned int server_poll_timeout_;
std::string server_override;
std::string port_override;
Protocol proto_override;
int conn_timeout_;
unsigned int tcp_queue_limit;
@@ -788,11 +834,16 @@ namespace openvpn {
bool autologin;
bool autologin_sessions;
bool creds_locked;
bool asio_work_always_on_;
bool synchronous_dns_lookup;
PushOptionsBase::Ptr push_base;
OptionList::FilterBase::Ptr pushed_options_filter;
ClientLifeCycle::Ptr client_lifecycle;
AltProxy::Ptr alt_proxy;
DCO::Ptr dco;
#ifdef OPENVPN_EXTERNAL_TRANSPORT_FACTORY
ExternalTransport::Factory* extern_transport_factory;
#endif
};
}

233
openvpn/client/cliopthelper.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.
@@ -28,6 +28,10 @@
#include <string>
#include <sstream>
#ifdef HAVE_CONFIG_JSONCPP
#include "json/json.h"
#endif /* HAVE_CONFIG_JSONCPP */
#include <openvpn/common/size.hpp>
#include <openvpn/common/exception.hpp>
#include <openvpn/common/options.hpp>
@@ -38,6 +42,9 @@
#include <openvpn/client/remotelist.hpp>
#include <openvpn/client/cliconstants.hpp>
#include <openvpn/ssl/peerinfo.hpp>
#include <openvpn/ssl/proto.hpp>
#include <openvpn/ssl/proto_context_options.hpp>
#include <openvpn/ssl/sslchoose.hpp>
namespace openvpn {
class ParseClientConfig {
@@ -57,6 +64,11 @@ namespace openvpn {
std::string proto;
};
ParseClientConfig()
{
reset_pod();
}
ParseClientConfig(const OptionList& options)
{
try {
@@ -179,9 +191,9 @@ namespace openvpn {
}
// validate remote list
RemoteList rl(options, "", 0, nullptr);
remoteList.reset(new RemoteList(options, "", 0, nullptr));
{
const RemoteList::Item* ri = rl.first_item();
const RemoteList::Item* ri = remoteList->first_item();
if (ri)
{
firstRemoteListItem_.host = ri->server_host;
@@ -222,8 +234,8 @@ namespace openvpn {
}
else
{
if (rl.defined())
profileName_ = rl.first_server_host();
if (remoteList)
profileName_ = remoteList->first_server_host();
}
}
@@ -260,6 +272,31 @@ namespace openvpn {
if (pushPeerInfo_)
peerInfoUV_ = peer_info_uv;
}
// dev name
{
const Option *o = options.get_ptr("dev");
if (o)
{
dev = o->get(1, 256);
}
}
// protocol configuration
{
protoConfig.reset(new ProtoContext::Config());
protoConfig->tls_auth_factory.reset(new CryptoOvpnHMACFactory<SSLLib::CryptoAPI>());
protoConfig->tls_crypt_factory.reset(new CryptoTLSCryptFactory<SSLLib::CryptoAPI>());
protoConfig->load(options, ProtoContextOptions(), -1, false);
}
// ssl lib configuration
try {
sslConfig.reset(new SSLLib::SSLAPI::Config());
sslConfig->load(options, SSLConfigAPI::LF_PARSE_MODE);
} catch (...) {
sslConfig.reset();
}
}
catch (const std::exception& e)
{
@@ -268,6 +305,11 @@ namespace openvpn {
}
}
static ParseClientConfig parse(const std::string& content)
{
return parse(content, nullptr);
}
static ParseClientConfig parse(const std::string& content, OptionList::KeyValueList* content_list)
{
OptionList options;
@@ -397,7 +439,173 @@ namespace openvpn {
return os.str();
}
std::string to_string_config() const
{
std::ostringstream os;
os << "client" << std::endl;
os << "dev " << dev << std::endl;
os << "dev-type " << protoConfig->layer.dev_type() << std::endl;
for (size_t i = 0; i < remoteList->size(); i++)
{
const RemoteList::Item& item = remoteList->get_item(i);
os << "remote " << item.server_host << " " << item.server_port;
const char *proto = item.transport_protocol.protocol_to_string();
if (proto)
os << " " << proto;
os << std::endl;
}
if (protoConfig->tls_crypt_context)
{
os << "<tls-crypt>" << std::endl << protoConfig->tls_key.render() << "</tls-crypt>"
<< std::endl;
}
else if (protoConfig->tls_auth_context)
{
os << "<tls-auth>" << std::endl << protoConfig->tls_key.render() << "</tls-auth>"
<< std::endl;
os << "key_direction " << protoConfig->key_direction << std::endl;
}
// SSL parameters
if (sslConfig)
{
print_pem(os, "ca", sslConfig->extract_ca());
print_pem(os, "crl", sslConfig->extract_crl());
print_pem(os, "key", sslConfig->extract_private_key());
print_pem(os, "cert", sslConfig->extract_cert());
std::vector<std::string> extra_certs = sslConfig->extract_extra_certs();
if (extra_certs.size() > 0)
{
os << "<extra-certs>" << std::endl;
for (auto& cert : extra_certs)
{
os << cert;
}
os << "</extra-certs>" << std::endl;
}
}
os << "cipher " << CryptoAlgs::name(protoConfig->dc.cipher(), "none")
<< std::endl;
os << "auth " << CryptoAlgs::name(protoConfig->dc.digest(), "none")
<< std::endl;
const char *comp = protoConfig->comp_ctx.method_to_string();
if (comp)
os << "compress " << comp << std::endl;
os << "keepalive " << protoConfig->keepalive_ping.to_seconds() << " "
<< protoConfig->keepalive_timeout.to_seconds() << std::endl;
os << "tun-mtu " << protoConfig->tun_mtu << std::endl;
os << "reneg-sec " << protoConfig->renegotiate.to_seconds() << std::endl;
return os.str();
}
#ifdef HAVE_CONFIG_JSONCPP
std::string to_json_config() const
{
std::ostringstream os;
Json::Value root(Json::objectValue);
root["mode"] = Json::Value("client");
root["dev"] = Json::Value(dev);
root["dev-type"] = Json::Value(protoConfig->layer.dev_type());
root["remotes"] = Json::Value(Json::arrayValue);
for (size_t i = 0; i < remoteList->size(); i++)
{
const RemoteList::Item& item = remoteList->get_item(i);
Json::Value el = Json::Value(Json::objectValue);
el["address"] = Json::Value(item.server_host);
el["port"] = Json::Value((Json::UInt)std::stoi(item.server_port));
if (item.transport_protocol() == Protocol::NONE)
el["proto"] = Json::Value("adaptive");
else
el["proto"] = Json::Value(item.transport_protocol.str());
root["remotes"].append(el);
}
if (protoConfig->tls_crypt_context)
{
root["tls_wrap"] = Json::Value(Json::objectValue);
root["tls_wrap"]["mode"] = Json::Value("tls_crypt");
root["tls_wrap"]["key"] = Json::Value(protoConfig->tls_key.render());
}
else if (protoConfig->tls_auth_context)
{
root["tls_wrap"] = Json::Value(Json::objectValue);
root["tls_wrap"]["mode"] = Json::Value("tls_auth");
root["tls_wrap"]["key_direction"] = Json::Value((Json::UInt)protoConfig->key_direction);
root["tls_wrap"]["key"] = Json::Value(protoConfig->tls_key.render());
}
// SSL parameters
if (sslConfig)
{
json_pem(root, "ca", sslConfig->extract_ca());
json_pem(root, "crl", sslConfig->extract_crl());
json_pem(root, "cert", sslConfig->extract_cert());
// JSON config is aimed to users, therefore we do not export the raw private
// key, but only some basic info
SSLConfigAPI::PKType priv_key_type = sslConfig->private_key_type();
if (priv_key_type != SSLConfigAPI::PK_NONE)
{
root["key"] = Json::Value(Json::objectValue);
root["key"]["type"] = Json::Value(sslConfig->private_key_type_string());
root["key"]["length"] = Json::Value((Json::UInt)sslConfig->private_key_length());
}
std::vector<std::string> extra_certs = sslConfig->extract_extra_certs();
if (extra_certs.size() > 0)
{
root["extra_certs"] = Json::Value(Json::arrayValue);
for (auto cert = extra_certs.begin(); cert != extra_certs.end(); cert++)
{
if (!cert->empty())
root["extra_certs"].append(Json::Value(*cert));
}
}
}
root["cipher"] = Json::Value(CryptoAlgs::name(protoConfig->dc.cipher(), "none"));
root["auth"] = Json::Value(CryptoAlgs::name(protoConfig->dc.digest(), "none"));
if (protoConfig->comp_ctx.type() != CompressContext::NONE)
root["compression"] = Json::Value(protoConfig->comp_ctx.str());
root["keepalive"] = Json::Value(Json::objectValue);
root["keepalive"]["ping"] = Json::Value((Json::UInt)protoConfig->keepalive_ping.to_seconds());
root["keepalive"]["timeout"] = Json::Value((Json::UInt)protoConfig->keepalive_timeout.to_seconds());
root["tun_mtu"] = Json::Value((Json::UInt)protoConfig->tun_mtu);
root["reneg_sec"] = Json::Value((Json::UInt)protoConfig->renegotiate.to_seconds());
return root.toStyledString();
}
#endif /* HAVE_CONFIG_JSONCPP */
private:
static void print_pem(std::ostream& os, std::string label, std::string pem)
{
if (pem.empty())
return;
os << "<" << label << ">" << std::endl << pem << "</" << label << ">" << std::endl;
}
#ifdef HAVE_CONFIG_JSONCPP
static void json_pem(Json::Value& obj, std::string key, std::string pem)
{
if (pem.empty())
return;
obj[key] = Json::Value(pem);
}
#endif /* HAVE_CONFIG_JSONCPP */
static bool parse_auth_user_pass(const OptionList& options, std::vector<std::string>* user_pass)
{
return UserPass::parse(options, "auth-user-pass", 0, user_pass);
@@ -456,11 +664,6 @@ namespace openvpn {
}
}
ParseClientConfig()
{
reset_pod();
}
void reset_pod()
{
error_ = autologin_ = externalPki_ = staticChallengeEcho_ = false;
@@ -496,8 +699,12 @@ namespace openvpn {
ServerList serverList_;
bool hasEmbeddedPassword_;
std::string embeddedPassword_;
RemoteList::Ptr remoteList;
RemoteItem firstRemoteListItem_;
PeerInfo::Set::Ptr peerInfoUV_;
ProtoContext::Config::Ptr protoConfig;
SSLLib::SSLAPI::Config::Ptr sslConfig;
std::string dev;
};
}

22
openvpn/client/cliproto.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.
@@ -785,10 +785,23 @@ namespace openvpn {
}
}
// react to any tls warning triggered during the tls-handshake
virtual void check_tls_warnings()
{
uint32_t tls_warnings = get_tls_warnings();
if (tls_warnings & SSLAPI::TLS_WARN_SIG_MD5)
{
ClientEvent::Base::Ptr ev = new ClientEvent::Warn("TLS: received certificate signed with MD5. Please inform your admin to upgrade to a stronger algorithm. Support for MD5 will be dropped at end of Apr 2018");
cli_events->add_event(std::move(ev));
}
}
// base class calls here when primary session transitions to ACTIVE state
virtual void active()
{
OPENVPN_LOG("Session is ACTIVE");
check_tls_warnings();
schedule_push_request_callback(Time::Duration::seconds(0));
}
@@ -842,6 +855,7 @@ namespace openvpn {
else
{
housekeeping_timer.cancel();
housekeeping_schedule.reset();
}
}
}

8
openvpn/client/ipverflags.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/client/optfilt.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

39
openvpn/client/remotelist.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.
@@ -338,8 +338,8 @@ namespace openvpn {
else
{
// call into Asio to do the resolve operation
OPENVPN_LOG_REMOTELIST("*** PreResolve RESOLVE on " << item.server_host);
resolver.async_resolve(item.server_host, "",
OPENVPN_LOG_REMOTELIST("*** PreResolve RESOLVE on " << item.server_host << " : " << item.server_port);
resolver.async_resolve(item.server_host, item.server_port,
[self=Ptr(this)](const openvpn_io::error_code& error, openvpn_io::ip::tcp::resolver::results_type results)
{
self->resolve_callback(error, results);
@@ -517,16 +517,27 @@ namespace openvpn {
// override all server hosts to server_override
void set_server_override(const std::string& server_override)
{
if (!server_override.empty())
if (server_override.empty())
return;
for (auto &item : list)
{
for (std::vector<Item::Ptr>::iterator i = list.begin(); i != list.end(); ++i)
{
Item& item = **i;
item.server_host = server_override;
item.res_addr_list.reset(nullptr);
}
reset_cache();
item->server_host = server_override;
item->res_addr_list.reset();
}
reset_cache();
}
// override all server ports to port_override
void set_port_override(const std::string& port_override)
{
if (port_override.empty())
return;
for (auto &item : list)
{
item->server_port = port_override;
item->res_addr_list.reset();
}
reset_cache();
}
void set_random(const RandomAPI::Ptr& rng_arg)

8
openvpn/client/rgopt.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

8
openvpn/common/abort.hpp
View File

@@ -4,18 +4,18 @@
// packet encryption, packet authentication, and
// packet compression.
//
// Copyright (C) 2012-2017 OpenVPN Technologies, Inc.
// Copyright (C) 2012-2017 OpenVPN Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License Version 3
// it under the terms of the GNU Affero General Public License Version 3
// as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// You should have received a copy of the GNU Affero General Public License
// along with this program in the COPYING file.
// If not, see <http://www.gnu.org/licenses/>.

Some files were not shown because too many files have changed in this diff Show More