Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

On 29/02/12 11:47, Carsten Krüger wrote: > I found that openvpn.exe is extremly unstable on non perfectly > friendly behaving client ... Now I use the Non-Sucking Service Manager > ( http://nssm.cc/ ) instead of openvpnserv.exe to spawn openvpn.exe It > restarts openvpn.exe automatically if it's cr

Re: [Openvpn-devel] openvpn windows gui

Il 28.02.2012 14:55, Jan Just Keijser ha scritto: > Samuli Seppänen wrote: We should probably write an installer. >>> I'm not sure if it's the best idea to make each and every GUI project out >>> there write it's own installer, when it's mostly a single executable that >>> needs

Re: [Openvpn-devel] OpenVPN 2.3-alpha1 released

>> * Improved plug-in API (v3) which can more easily be expanded in the >>future: includes support for direct access to X.509 certificate data in >>plug-ins >> [...] >> * One-to-one NAT to circumvent IP address conflicts between local and >>remote networks >> > Is there any help/d

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

On Tuesday 28 February 2012 18:38:57 Alon Bar-Lev wrote: > > Even though, the new communication pipe between the "helper service" and > > openvpn.exe might gain more features with time, which might cover much > > of what the management interface provides today too. But we're _not_ > > trying to k

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

On Tuesday 28 February 2012 20:34:18 Carsten Krüger wrote: > Add the following lines to client.ovpn > > management localhost 1000 > management-query-passwords > auth-retry interact > management-hold > > and start the service. That's

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

On Wed, Feb 29, 2012 at 12:16 PM, Heiko Hund wrote: > > On Tuesday 28 February 2012 18:38:57 Alon Bar-Lev wrote: > > > Even though, the new communication pipe between the "helper service" > > > and > > > openvpn.exe  might gain more features with time, which might cover > > > much > > > of what th

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

On Tuesday 28 February 2012 22:47:56 Carsten Krüger wrote: > For example Astaro has a windows client that seems to be not aware of > the management interface. That's untrue for a while now. We ship the new GUI using the mgmt itf since ASG 7.505 which was released in May 2010. > @openvpn officia

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

Hello Heiko, > The idea to have the service do the privileged operations instead of just > starting openvpn as "Local System" (or whatever) came from the fear of > privilege escalation in the scripts that are run by openvpn. Scripting is a point, but as long as the administrator installs openvpn

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

On Tuesday 28 February 2012 722:09:13 Carsten Krüger wrote: > DS> Heiko can probably give a much better answer, but if I remember right, > DS> the argument was this: Think of a multi-user setup (like a Terminal > DS> Server), the management interface will be accessible for all users on > DS> that

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

Hello Heiko, > That's untrue for a while now. We ship the new GUI using the mgmt itf since > ASG 7.505 which was released in May 2010. Great to hear! I'm in medicine business it needs long time to propagate new versions. I'm only useing astaro to connect to a lab. > [Advertisement] Maybe you wan

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

On Wednesday 29 February 2012 11:05:36 Carsten Krüger wrote: > > [Advertisement] Maybe you want to take a look at UTM9, beta starts > > tomorrow. > Definitely! > > Is Beta available to non customers? Yes, it will be announced at http://astaro.org in the "Beta Versions" section and you can get sp

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

Hello Heiko, > However it was only an example and thus > didn't have to make any practical sense. =) :-) > You forgot the GUI in this picture. If the service is connected to the > management interface the GUI can't connect anymore. ? If I understand you correctly it works this way: openvpnserv

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

Hello Alon, > I use [1], a simple perl/kde UI for Linux. > I deleted the .net as I did not maintain it, but it should be simple > for you to convert, or simply run the perl, and write kdialog > replacement. perfect, the gnome variant works with windows, too. http://www.placella.com/software/zenit

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

On Wednesday 29 February 2012 11:38:17 Carsten Krüger wrote: > > You forgot the GUI in this picture. If the service is connected to the > > management interface the GUI can't connect anymore. > > ? > If I understand you correctly it works this way: > > openvpnserv.exe spawns openvpn.exe > openvpn

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

2012/2/29 Heiko Hund > > On Wednesday 29 February 2012 11:38:17 Carsten Krüger wrote: > > > You forgot the GUI in this picture. If the service is connected to the > > > management interface the GUI can't connect anymore. > > > > ? > > If I understand you correctly it works this way: > > > > openvp

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

On Wednesday 29 February 2012 12:40:45 Alon Bar-Lev wrote: > 2012/2/29 Heiko Hund > This is way too complex solution for a simple problem. > A proper design and discussion should take place before advancing in > this route. And this was a way too simple explanation on why you think it is too comp

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

> This is way too complex solution for a simple problem. > A proper design and discussion should take place before advancing in > this route. ACK greetings Carsten

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

On Wed, Feb 29, 2012 at 2:49 PM, Heiko Hund wrote: > On Wednesday 29 February 2012 12:40:45 Alon Bar-Lev wrote: >> 2012/2/29 Heiko Hund >> This is way too complex solution for a simple problem. >> A proper design and discussion should take place before advancing in >> this route. > > And this was

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

Hi, On Wed, Feb 29, 2012 at 01:18:05PM +0100, Heiko Hund wrote: > or can one pass FDs through unix sockets? On most modern unixes, you can. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

On Wednesday 29 February 2012 12:54:18 Alon Bar-Lev wrote: > What I wrote is simple. Wrote where? In this thread or C code that tackles the issue? I'm confused. > In order to push a project in coherent direction, a proper design > discussion stage should be done. Yeah, you missed that one obviou

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

On Wednesday 29 February 2012 12:51:41 Carsten Krüger wrote: > > This is way too complex solution for a simple problem. > > A proper design and discussion should take place before advancing in > > this route. > > ACK Same here, please share your thoughts on how to reduce complexity. Heiko -- He

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

On Wed, Feb 29, 2012 at 3:05 PM, Heiko Hund wrote: > On Wednesday 29 February 2012 12:54:18 Alon Bar-Lev wrote: >> What I wrote is simple. > > Wrote where? In this thread or C code that tackles the issue? I'm confused. > >> In order to push a project in coherent direction, a proper design >> discu

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

On Wednesday 29 February 2012 13:15:16 Alon Bar-Lev wrote: > IRC is synchronous way of communication, it is no suitable for distributed > volunteer team. > Proper discussion of design is done differently, perfecting a design > document and interface specifications. > > If there was such process,

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

On Wed, Feb 29, 2012 at 3:25 PM, Heiko Hund wrote: >> Anyway, if there was a design process, I will appreciate if you can send a >> design document, as this is not a small/niche feature, it will effect >> the majority of Windows users. > > Yeah, like the design project phase for the build system r

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

On Wednesday 29 February 2012 13:45:49 Alon Bar-Lev wrote: > I don't understand you attitude, I am not trying to take anything from you, > and I don't think you can find anything in my record that had negative > impact on this (or any other) project. And I do know one or two things in > security an

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

Hi Heiko, Am 29. Februar 2012 13:18 schrieb Heiko Hund : > [...] There will be a new service, I called it > interactive service. The GUI/client connects to a named pipe of that service. > It passes the working directory, command line options and stdin input for > openpvn to the service. The servic

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

On Wed, Feb 29, 2012 at 4:01 PM, Heiko Hund wrote: > On Wednesday 29 February 2012 13:45:49 Alon Bar-Lev wrote: >> I don't understand you attitude, I am not trying to take anything from you, >> and I don't think you can find anything in my record that had negative >> impact on this (or any other)

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

I disagree, open source project is not different than any other software project. OK, I'll bite. I disagree with the above entirely. Open-source project *is* different "from any other project" - vastly so - not least because it is open for scrutiny by the whole community, not just individ

Re: [Openvpn-devel] OpenVPN 2.3-alpha1 released

The one-to-one NAT feature seems to be described on the man-page in the "--client-nat" section. The new management features are James' handywork, so they're probably described here: If not, then

Re: [Openvpn-devel] OpenVPN 2.3-alpha1 released

For the plug-in API ... look at openvpn-plugin.h ... look for openvpn_plugin_*_v3. Especially openvpn_plugin_open_v3() and openvpn_plugin_func_v3(). If fact, most of the openvpn-plugin.h is a pretty comprehensive reference for the plugin API. For a working example, look at plugin/examples/log

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

Hi Fabian On Wednesday 29 February 2012 14:07:01 Fabian Knittel wrote: > Let's see whether I understood the design. After initial setup, the > GUI has a connection via the mgmt interface to OpenVPN and OpenVPN has > a connection via the "privilege interface" to the "interactive > service". OpenVPN

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

Hi Heiko, 2012/2/29 Heiko Hund : > On Wednesday 29 February 2012 14:07:01 Fabian Knittel wrote: [...] >> (There must be something missing, otherwise >> I don't get why you call it "interactive service" ...?) > > It's interactive in contrast to the other already existing service, that just > starts

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

Hi, On Wed, Feb 29, 2012 at 04:28:31PM +0100, Fabian Knittel wrote: > To ensure this in classic Linux this would mean that the OpenVPN > process needs to run as a _different_ user than the GUI user or else > the GUI user could freely manipulate the program using, e.g. ptrace. I > know that similar

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

On Wednesday 29 February 2012 15:28:31 Fabian Knittel wrote: > To ensure this in classic Linux this would mean that the OpenVPN > process needs to run as a _different_ user than the GUI user or else > the GUI user could freely manipulate the program using, e.g. ptrace. I > know that similar manipul

Re: [Openvpn-devel] OpenVPN 2.3-alpha1 released

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 29/02/12 16:01, Mr Dash Four wrote: > >> For the plug-in API ... look at openvpn-plugin.h ... look for >> openvpn_plugin_*_v3. Especially openvpn_plugin_open_v3() and >> openvpn_plugin_func_v3(). If fact, most of the openvpn-plugin.h is >> a pr

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

Hi Gert, 2012/2/29 Gert Doering : > The model we follow is "openvpn.exe has the same permissions that you > already have, so there is no benefit in manipulating anything". That was my initial assumption, which would imply that there's no reason to restrict access to the named pipe (apart from mak

Re: [Openvpn-devel] [PATCH 00/35] build revolution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 28/02/12 22:31, Alon Bar-Lev wrote: > Hello, > > I think I finished. David, tell me if you want me to send the patches > to the list. I think these are way too long. Great! Thank you very much for digging deep into this. I must admit, I didn't e

Re: [Openvpn-devel] [PATCH 00/35] build revolution

On Wed, Feb 29, 2012 at 7:31 PM, David Sommerseth wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 28/02/12 22:31, Alon Bar-Lev wrote: >> Hello, >> >> I think I finished. David, tell me if you want me to send the patches >> to the list. I think these are way too long. > > Great!  Th

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

Hello Fabian, > Why does the "interactive service" need to start OpenVPN? Yeah, I can't understand that, too. > Why not let the GUI start OpenVPN and let OpenVPN connect to the "interactive > service"? Exactly. If openvpn.exe startet in users context the user can manipulate it in ram arbitrar

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

Hello Gert, > Part of the assumption here is "the user controls the openvpn config", > and as such, he can make openvpn.exe run arbitrary scripts anyway - and > to stop this from being a problem, just run openvpn.exe with your uid. What operation could be in script that is usefull when it's execu

[Openvpn-devel] [DISCUSSION] OpenVPN privilege separation (Windows)

Hello, Following recent discussion on Windows platform, I open a new thread. I don't think this topic is Windows specific as the security principals are the same. VPN client product has [at least] two different type of configuration. 1. Standalone configuration. 2. Enterprise configuration. Th

Re: [Openvpn-devel] OpenVPN 2.3-alpha1 / GUI

Russell On Wednesday 29 February 2012 17:26:46 Russell Morris wrote: > 1) I know that someone (Heiko?) was looking at auto-proxy a while back. Is > this now working? Is there a way to test it (if it's now working), to see > what it determines for a proxy? During discussion of the Windows --auto-p

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

Hello, > If openvpn.exe startet in users context the user can manipulate it in > ram arbitrarily. Example: http://blog.didierstevens.com/2009/06/25/bpmtk-injecting-vbscript/ (great blog about process manipulation :-) ) I think there is absolutly no benefit from starting openvpn.exe in user conte

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

Hello Heiko, > Same here, please share your thoughts on how to reduce complexity. Dismiss the hole service starts openvpn in user context. It makes no sense. see: Message-ID: <1957833067.20120229194...@gmxpro.de> Message-ID: <1787326494.20120229201...@gmxpro.de> greetings Carsten

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 29/02/12 19:40, Carsten Krüger wrote: > > I think it would be good to rethink the hole script idea. Maybe > scripts could be only server pushable. How will you handle that some users use OpenVPN from Windows, Linux and maybe even a mobile phone (l

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

Hello, > How will you handle that some users use OpenVPN from Windows, Linux and > maybe even a mobile phone (like N900)? ... where paths are different, > depending on OS and/or distribution. And some paths on Linux (probably > *BSD too?) are different if it is a 32bit architecture or 64bit. Do

[Openvpn-devel] [PATCH 00/52] build revolution

1. Many cleanups. 2. New directory layout. 3. Remove easy-rsa, install-win32, windows build, tap-win32. 4. Standard autotools build system. 5. msbuild build system. 6. Split out most of platform specific code. After review I suggest you pull my repository[1], much safer than doing the MIME magic.

[Openvpn-devel] [PATCH 01/52] build: version should not contain '-'

Signed-off-by: Alon Bar-Lev --- version.m4 |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/version.m4 b/version.m4 index 9f15247..ff9b35f 100644 --- a/version.m4 +++ b/version.m4 @@ -1,5 +1,5 @@ dnl define the OpenVPN version -define(PRODUCT_VERSION,[2.3-alpha1]) +defi

[Openvpn-devel] [PATCH 02/52] package: rpm: strip should be handled by package management

Signed-off-by: Alon Bar-Lev --- openvpn.spec.in |1 - 1 files changed, 0 insertions(+), 1 deletions(-) diff --git a/openvpn.spec.in b/openvpn.spec.in index c5178e9..c42e7c6 100644 --- a/openvpn.spec.in +++ b/openvpn.spec.in @@ -101,7 +101,6 @@ and portability to most major OS platforms. %b

[Openvpn-devel] [PATCH 08/52] cleanup: tun.c: fix incorrect option in message (ip-win32)

Signed-off-by: Alon Bar-Lev --- tun.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/tun.c b/tun.c index c92c0d7..81b66fb 100644 --- a/tun.c +++ b/tun.c @@ -4492,7 +4492,7 @@ dhcp_masq_addr (const in_addr_t local, const in_addr_t netmask, const int offset msg (M_

[Openvpn-devel] [PATCH 03/52] cleanup: options.c: remove redundant include

Signed-off-by: Alon Bar-Lev --- options.c |1 - 1 files changed, 0 insertions(+), 1 deletions(-) diff --git a/options.c b/options.c index a596ffe..3d8085c 100644 --- a/options.c +++ b/options.c @@ -50,7 +50,6 @@ #include "manage.h" #include "forward.h" #include "configure.h" -#include "f

[Openvpn-devel] [PATCH 05/52] cleanup: win32.c: wrong printf format

Signed-off-by: Alon Bar-Lev --- win32.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/win32.c b/win32.c index 2ba97fc..acf5ebc 100644 --- a/win32.c +++ b/win32.c @@ -1012,12 +1012,12 @@ openvpn_execve (const struct argv *a, const struct env_set *es, const unsigned

[Openvpn-devel] [PATCH 10/52] fixup: init.c: add missing conditional for ENABLE_CLIENT_CR

Signed-off-by: Alon Bar-Lev --- init.c |2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/init.c b/init.c index d2ad318..b8f57b2 100644 --- a/init.c +++ b/init.c @@ -2282,9 +2282,11 @@ do_init_crypto_tls (struct context *c, const unsigned int flags) to.x509_track = opt

[Openvpn-devel] [PATCH 04/52] cleanup: remove C++ warnings

Signed-off-by: Alon Bar-Lev --- httpdigest.c |4 ++-- init.c |2 +- misc.c |6 +++--- options.c |4 ++-- socket.c |4 ++-- ssl_polarssl.c |6 -- 6 files changed, 14 insertions(+), 12 deletions(-) diff --git a/httpdigest.c b/httpdigest.c i

[Openvpn-devel] [PATCH 11/52] build: correct place to alter WINVER is at build system

Signed-off-by: Alon Bar-Lev --- configure.ac|2 +- syshead.h |4 win/msvc.mak.in |2 +- 3 files changed, 2 insertions(+), 6 deletions(-) diff --git a/configure.ac b/configure.ac index 1c4d66c..aa1d509 100644 --- a/configure.ac +++ b/configure.ac @@ -342,7 +342,7 @@ ca

[Openvpn-devel] [PATCH 09/52] cleanup: memcmp.c: remove unused source

Signed-off-by: Alon Bar-Lev --- configure.ac |3 --- memcmp.c | 43 --- 2 files changed, 0 insertions(+), 46 deletions(-) delete mode 100644 memcmp.c diff --git a/configure.ac b/configure.ac index 25dcc37..1c4d66c 100644 --- a/configure.ac +++

[Openvpn-devel] [PATCH 07/52] cleanup: crypto_openssl.c: remove support for pre-openssl-0.9.6

autoconf rejecting this anyway: --- AC_MSG_CHECKING([that OpenSSL Library is at least version 0.9.6]) AC_MSG_ERROR([OpenSSL crypto Library is too old.]) --- Signed-off-by: Alon Bar-Lev --- crypto_openssl.c | 49 - 1 files changed, 0 insertions(+

[Openvpn-devel] [PATCH 12/52] Update .gitignore

Signed-off-by: Alon Bar-Lev --- .gitignore |1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/.gitignore b/.gitignore index 3d12f5d..8cc07de 100644 --- a/.gitignore +++ b/.gitignore @@ -5,6 +5,7 @@ *.obj *.pyc *.so +*~ .deps Makefile Makefile.in -- 1.7.3.4

[Openvpn-devel] [PATCH 06/52] cleanup: remove redundant ';'

Signed-off-by: Alon Bar-Lev --- misc.h |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/misc.h b/misc.h index bdada42..dd6bd5a 100644 --- a/misc.h +++ b/misc.h @@ -145,7 +145,7 @@ openvpn_run_script (const struct argv *a, const struct env_set *es, const unsign openv

[Openvpn-devel] [PATCH 13/52] build: handle printf style format in mingw

Signed-off-by: Alon Bar-Lev --- buffer.h | 12 ++-- error.h |6 +- misc.h | 12 ++-- status.h |6 +- 4 files changed, 30 insertions(+), 6 deletions(-) diff --git a/buffer.h b/buffer.h index 6c79007..9bc33db 100644 --- a/buffer.h +++ b/buffer.h @@ -312,7 +3

[Openvpn-devel] [PATCH 15/52] build: plugins: properly use CC, CFLAGS and LDFLAGS

Signed-off-by: Alon Bar-Lev --- plugins/auth-pam/Makefile | 14 -- plugins/defer/build|9 + plugins/down-root/Makefile | 11 ++- plugins/examples/build |9 + 4 files changed, 24 insertions(+), 19 deletions(-) diff --git a/plugins/auth

[Openvpn-devel] [PATCH 16/52] build: we need the sample.ovpn in future

Signed-off-by: Alon Bar-Lev --- install-win32/sample.ovpn | 103 sample-windows/sample.ovpn | 103 2 files changed, 103 insertions(+), 103 deletions(-) delete mode 100755 install-win32/sample.ovpn crea

[Openvpn-devel] [PATCH 17/52] Remove install-win32

Signed-off-by: Alon Bar-Lev --- Makefile.am|5 +- configure.ac |3 - images/.svnignore |2 - images/Makefile.am | 41 -- images/icon.ico| Bin 22486 -> 0 bytes im

[Openvpn-devel] [PATCH 14/52] build: rename plugin directory to plugins

This to avoid conflit with plugin.c rules Signed-off-by: Alon Bar-Lev --- Makefile.am |3 +- openvpn.spec.in | 16 +- plugin/README | 47 --- plugin/auth-pam/.svnignore|1 - plugin/auth-pam/Makefile | 30 -- plugin/auth-pam/R

[Openvpn-devel] [PATCH 18/52] Remove easy-rsa

Signed-off-by: Alon Bar-Lev --- Makefile.am|1 - easy-rsa/1.0/README| 161 easy-rsa/1.0/build-ca | 13 - easy-rsa/1.0/build-dh | 12 - easy-rsa/1.0/build-inter

[Openvpn-devel] [PATCH 20/52] cleanup: rename tap-windows function from win32 to win

Signed-off-by: Alon Bar-Lev --- configure.ac| 18 +++--- errlevel.h |2 +- error.c |6 +- forward.c |2 +- options.c |8 +- service-win32/service.h |2 +- sig.c |2 +- tap-windows.h

[Openvpn-devel] [PATCH 22/52] build: split acinclude.m4 into m4/*

ax_emptyarray.m4 ax_openvpn_lib.m4 ax_socklen_t.m4 ax_varargs.m4 Signed-off-by: Alon Bar-Lev --- Makefile.am |1 + acinclude.m4 | 131 -- configure.ac |1 + m4/ax_emptyarray.m4 | 27 ++ m4/ax_openvpn_

[Openvpn-devel] [PATCH 23/52] build: m4/ax_varargs.m4: cleanup

Signed-off-by: Alon Bar-Lev --- m4/ax_varargs.m4 | 78 ++ 1 files changed, 55 insertions(+), 23 deletions(-) diff --git a/m4/ax_varargs.m4 b/m4/ax_varargs.m4 index fd5e8b0..37cdebe 100644 --- a/m4/ax_varargs.m4 +++ b/m4/ax_varargs.m4 @@ -6,1

[Openvpn-devel] [PATCH 21/52] build: remove windows specific build system

It will be completely re-written in future Signed-off-by: Alon Bar-Lev --- Makefile.am|8 +- doclean| 73 - domake-win | 138 msvc/autodefs.h.in | 20 -- msvc/config.py | 93 -- msvc/msvc.mak | 52 --- ser

[Openvpn-devel] [PATCH 19/52] Remove tap-win32

Introduce tap-windows.h which is modified tap-win32/common.h. Except of function rename, it is the same without the tap_id. This file should be provided as part of tap-win32 MSI. For now we hold a copy. Signed-off-by: Alon Bar-Lev --- Makefile.am|3 +- configure.ac

[Openvpn-devel] [PATCH 24/52] build: m4/ax_emptyarray.m4: cleanup

Signed-off-by: Alon Bar-Lev --- m4/ax_emptyarray.m4 | 49 +++-- 1 files changed, 31 insertions(+), 18 deletions(-) diff --git a/m4/ax_emptyarray.m4 b/m4/ax_emptyarray.m4 index 0a8755c..c6781c1 100644 --- a/m4/ax_emptyarray.m4 +++ b/m4/ax_emptyarray.

[Openvpn-devel] [PATCH 25/52] build: m4/ax_socklen_t.m4: cleanup

Signed-off-by: Alon Bar-Lev --- configure.ac |2 +- m4/ax_socklen_t.m4 | 97 ++-- 2 files changed, 57 insertions(+), 42 deletions(-) diff --git a/configure.ac b/configure.ac index fbed6bf..69a3736 100644 --- a/configure.ac +++ b/config

[Openvpn-devel] [PATCH 27/52] build: autoconf: remove OPENVPN_ADD_LIBS useless macro

Signed-off-by: Alon Bar-Lev --- configure.ac | 26 ++ m4/ax_openvpn_lib.m4 |4 2 files changed, 10 insertions(+), 20 deletions(-) delete mode 100644 m4/ax_openvpn_lib.m4 diff --git a/configure.ac b/configure.ac index 07b2e1a..81bf933 100644 --- a/conf

[Openvpn-devel] [PATCH 26/52] build: autotools: first pass of trivial autotools changes

Signed-off-by: Alon Bar-Lev --- Makefile.am | 22 +- compat.m4 | 70 +++ configure.ac| 1249 ++- lladdr.c|2 +- misc.c | 30 +-- misc.h |2 +- openvpn.spec.in | 11 +- options.c |

[Openvpn-devel] [PATCH 28/52] build: remove awk and non-standard autoconf output processing

Replace with simpler environment solution. Signed-off-by: Alon Bar-Lev --- Makefile.am | 12 ++-- configure.ac |3 +++ configure_h.awk | 39 --- configure_log.awk | 33 - options.c |4 -

[Openvpn-devel] [PATCH 30/52] build: add libtool + windows resources for executables

Signed-off-by: Alon Bar-Lev --- .gitignore |6 Makefile.am |5 +++- build/Makefile.am| 15 +++ build/ltrc.inc | 23 configure.ac

[Openvpn-devel] [PATCH 32/52] build: libdl usage

1. properly detect. 2. Link only required components. 3. No way we don't have LoadLibrary on Windows. 4. ENABLE_PLUGIN should be controlled in autoconf. Signed-off-by: Alon Bar-Lev --- configure.ac| 50 --- src/openvpn/Makefile.am |4

[Openvpn-devel] [PATCH 33/52] build: properly detect and use socket libs

Signed-off-by: Alon Bar-Lev --- configure.ac| 27 +-- src/openvpn/Makefile.am |1 + 2 files changed, 18 insertions(+), 10 deletions(-) diff --git a/configure.ac b/configure.ac index a0dc462..c540f82 100644 --- a/configure.ac +++ b/configure.ac @@ -442,1

[Openvpn-devel] [PATCH 39/52] build: proper lzo detection and usage

Signed-off-by: Alon Bar-Lev --- configure.ac | 101 - distro/rpm/openvpn.spec.in|2 +- doc/doxygen/doc_compression.h |2 +- src/openvpn/Makefile.am |2 + src/openvpn/forward.c |4 +- src/openvpn/init.c

[Openvpn-devel] [PATCH 31/52] build: autoconf: commands as environment

Signed-off-by: Alon Bar-Lev --- configure.ac | 66 - 1 files changed, 28 insertions(+), 38 deletions(-) diff --git a/configure.ac b/configure.ac index 6b5cf71..ed98464 100644 --- a/configure.ac +++ b/configure.ac @@ -267,37 +267,6 @@ AC_

[Openvpn-devel] [PATCH 36/52] build: distribute pkg.m4

RHEL and others do not install this globally, so we provide our own copy. Signed-off-by: Alon Bar-Lev --- m4/pkg.m4 | 159 + 1 files changed, 159 insertions(+), 0 deletions(-) create mode 100644 m4/pkg.m4 diff --git a/m4/pkg.m4 b/m4/

[Openvpn-devel] [PATCH 34/52] build: autoconf: minor cleanups

Signed-off-by: Alon Bar-Lev --- configure.ac | 145 +- 1 files changed, 72 insertions(+), 73 deletions(-) diff --git a/configure.ac b/configure.ac index c540f82..98615c6 100644 --- a/configure.ac +++ b/configure.ac @@ -400,6 +400,16 @@ AC

[Openvpn-devel] [PATCH 37/52] build: proper pkcs11-helper detection and usage

Signed-off-by: Alon Bar-Lev --- configure.ac | 49 --- distro/rpm/openvpn.spec.in |5 ++- src/openvpn/Makefile.am|4 +++ src/openvpn/ssl.c |2 +- src/openvpn/syshead.h |7 -- 5 files changed, 26 inserti

[Openvpn-devel] [PATCH 41/52] build: autoconf: update defaults for options

Signed-off-by: Alon Bar-Lev --- configure.ac | 56 1 files changed, 28 insertions(+), 28 deletions(-) diff --git a/configure.ac b/configure.ac index 57d294d..9ffcc68 100644 --- a/configure.ac +++ b/configure.ac @@ -41,195 +41,195 @@ AC_

[Openvpn-devel] [PATCH 38/52] build: properly process lzo-stub

Signed-off-by: Alon Bar-Lev --- configure.ac | 12 +++- src/openvpn/lzo.c | 20 ++-- src/openvpn/lzo.h | 20 ++-- src/openvpn/ssl.c |2 +- src/openvpn/syshead.h | 12 5 files changed, 28 insertions(+), 38 delet

[Openvpn-devel] [PATCH 35/52] build: proper selinux detection and usage

Signed-off-by: Alon Bar-Lev --- configure.ac| 35 +++ src/openvpn/Makefile.am |1 + src/openvpn/init.c |4 ++-- src/openvpn/options.c |6 +++--- src/openvpn/options.h |2 +- src/openvpn/syshead.h |2 +- 6 files changed,

[Openvpn-devel] [PATCH 42/52] build: win-msvc: msbuild format

Signed-off-by: Alon Bar-Lev --- .gitignore| 11 +- Makefile.am | 10 +- build/Makefile.am |2 + build/msvc/Makefile.am| 15 + build/msvc/msvc-generate/Makefile.am

[Openvpn-devel] [PATCH 44/52] build: split out compat

compat should not use any of the main project headers or conventions, it should be a standalone library that provides missing library functions. Signed-off-by: Alon Bar-Lev --- configure.ac |3 +- openvpn.sln |7 ++ src/Makefile.am |2 +-

[Openvpn-devel] [PATCH 40/52] build: proper crypto detection and usage

Signed-off-by: Alon Bar-Lev --- configure.ac | 227 ++--- distro/rpm/openvpn.spec.in|6 +- doc/doxygen/doc_data_crypto.h |2 +- include/openvpn-plugin.h | 31 -- src/openvpn/Makefile.am |2 + s

[Openvpn-devel] [PATCH 43/52] build: move out config.h include from syshead

Yet another step in reducing the syshead.h content. Conditional compilation of sources needs to be based on a minimum program prefix (config.h only). Signed-off-by: Alon Bar-Lev --- src/openvpn/base64.c |6 ++ src/openvpn/buffer.c |6 ++ src/openvpn/cli

[Openvpn-devel] [PATCH 46/52] build: move daemon() emulation into compat

Signed-off-by: Alon Bar-Lev --- src/compat/Makefile.am |3 +- src/compat/compat-daemon.c | 100 src/compat/compat.h|4 ++ src/compat/compat.vcproj |4 ++ src/openvpn/init.c |2 +- src/openvpn/misc.c | 3

[Openvpn-devel] [PATCH 45/52] build: move gettimeofday() emulation to compat

Remove all references to gettimeofday() from main project. SIDE EFFECT: mingw will use its own internal gettimeofday(). Signed-off-by: Alon Bar-Lev --- config-msvc.h|1 - configure.ac |1 - src/compat/Makefile.am |3 +- src/compat/co

[Openvpn-devel] [PATCH 48/52] cleanup: move console related function into its own module

Signed-off-by: Alon Bar-Lev --- src/openvpn/Makefile.am|1 + src/openvpn/console.c | 238 src/openvpn/console.h | 33 ++ src/openvpn/misc.c | 125 +--- src/openvpn/misc.h |3 +- src/ope

[Openvpn-devel] [PATCH 49/52] build: move wrappers into platform module

+ Some fixups within the platform.c functions. - need to check environment set on Windows. Signed-off-by: Alon Bar-Lev --- src/openvpn/Makefile.am|1 + src/openvpn/buffer.c |2 +- src/openvpn/crypto.c |6 +- src/openvpn/error.c|2 +- src/openvpn/init.c

[Openvpn-devel] [PATCH 47/52] build: move inet_ntop(), inet_pton() emulation into compat

Signed-off-by: Alon Bar-Lev --- configure.ac |2 +- src/compat/Makefile.am|4 ++- src/compat/compat-inet_ntop.c | 76 +++ src/compat/compat-inet_pton.c | 79 + src/compat/compat.h

[Openvpn-devel] [PATCH 50/52] build: windows: install version.sh to allow installer read version

Signed-off-by: Alon Bar-Lev --- .gitignore|1 + Makefile.am |5 + configure.ac |1 + version.sh.in |4 4 files changed, 11 insertions(+), 0 deletions(-) create mode 100644 version.sh.in diff --git a/.gitignore b/.gitignore index e7232cf..2f72ed8 100644 --- a/.gi

[Openvpn-devel] [PATCH 51/52] build: distribute samples in windows

Signed-off-by: Alon Bar-Lev --- configure.ac |3 +++ sample/Makefile.am | 14 ++ 2 files changed, 17 insertions(+), 0 deletions(-) diff --git a/configure.ac b/configure.ac index 0f2a62e..2b095a3 100644 --- a/configure.ac +++ b/configure.ac @@ -903,6 +903,9 @@ AC_SUBST([O

[Openvpn-devel] [PATCH 52/52] build: use tap-windows.h as external dependency

tap-windows.h is provided by the tap project Signed-off-by: Alon Bar-Lev --- configure.ac | 12 include/Makefile.am|2 - include/tap-windows.h | 68 msvc-env.bat |2 + src/openvpn/Makefile.

[Openvpn-devel] [openvpn-gui 1/8] cleanup: resolve unused parameter warnings

Signed-off-by: Alon Bar-Lev --- localization.c |6 ++ main.c |2 ++ openvpn.c |5 + 3 files changed, 13 insertions(+), 0 deletions(-) diff --git a/localization.c b/localization.c index 8e86b50..eb541fc 100644 --- a/localization.c +++ b/localization.c @@ -296,6 +

[Openvpn-devel] [openvpn-gui 2/8] cleanup: resolve warnings missing malloc include

Signed-off-by: Alon Bar-Lev --- localization.c |1 + manage.c |1 + 2 files changed, 2 insertions(+), 0 deletions(-) diff --git a/localization.c b/localization.c index eb541fc..3a6be38 100644 --- a/localization.c +++ b/localization.c @@ -28,6 +28,7 @@ #include #include #inclu

  1   2   >