github
/
openvpn-gui
mirror of https://github.com/OpenVPN/openvpn-gui
1
0
Fork 0
Code Issues Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
857 Commits
3 Branches
112 Tags
18 MiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
openvpn-gui/openvpn.h

126 lines
3.8 KiB
Raw Permalink Normal View History Unescape

import of openvpn-gui-1.0.3.zip git-svn-id: https://openvpn-gui.svn.sourceforge.net/svnroot/openvpn-gui/trunk@2 43a1345a-9c20-4331-951f-9845fc178312
16 years ago
/*
* OpenVPN-GUI -- A Windows GUI for OpenVPN.
*
* Copyright (C) 2004 Mathias Sundman <mathias@nilings.se>
use managment interface
14 years ago
* 2010 Heiko Hund <heikoh@users.sf.net>
import of openvpn-gui-1.0.3.zip git-svn-id: https://openvpn-gui.svn.sourceforge.net/svnroot/openvpn-gui/trunk@2 43a1345a-9c20-4331-951f-9845fc178312
16 years ago
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program (see the file COPYING included with this
* distribution); if not, write to the Free Software Foundation, Inc.,
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
Changed typo in include guard.
9 years ago
#ifndef OPENVPN_H
use managment interface
14 years ago
#define OPENVPN_H
import of openvpn-gui-1.0.3.zip git-svn-id: https://openvpn-gui.svn.sourceforge.net/svnroot/openvpn-gui/trunk@2 43a1345a-9c20-4331-951f-9845fc178312
16 years ago
URL profile import: add profile import dialog This is the first patch from series which implemets importing profile from URL, currently implemented by OpenVPN Access Server. Move "Import from file" menu item under new "Import" item. Add "Import from AS..." item under "Import", which opens new profile import dialog. Signed-off-by: Lev Stipakov <lev@openvpn.net>
3 years ago
#include "options.h"
Check return value of SetProp() (#591) * Check return value of SetProp - If SetProp() is unsuccessful, we'll crash later when GetProp() returns null. Add a check, log the error and close the dialog. We could abort here, but closing the current dialog and possibly the corresponding connection, provides a chance for the user to fix the OOM condition which is the most likely cause of SetProp() failure. - In pkcs11.c if SetProp() fails just do not use bold font for header instead of leaking the font resource. Also correct a bad fixup in commit 80697ecae6: hfontProp was not set! Github: Fixes OpenVPN/openvpn-gui#577 Signed-off-by: Selva Nair <selva.nair@gmail.com>
2 years ago
#define TRY_SETPROP(hwnd, name, p) \
Reformat source code with uncrustify Closes: #445 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
1 year ago
do { if (SetPropW(hwnd, name, p)) break; \
MsgToEventLog(EVENTLOG_ERROR_TYPE, L"%hs:%d GetProp returned null", \
__func__, __LINE__); \
EndDialog(hwnd, IDABORT); \
return false; \
} while(0)
Check return value of SetProp() (#591) * Check return value of SetProp - If SetProp() is unsuccessful, we'll crash later when GetProp() returns null. Add a check, log the error and close the dialog. We could abort here, but closing the current dialog and possibly the corresponding connection, provides a chance for the user to fix the OOM condition which is the most likely cause of SetProp() failure. - In pkcs11.c if SetProp() fails just do not use bold font for header instead of leaking the font resource. Also correct a bad fixup in commit 80697ecae6: hfontProp was not set! Github: Fixes OpenVPN/openvpn-gui#577 Signed-off-by: Selva Nair <selva.nair@gmail.com>
2 years ago
use managment interface
14 years ago
BOOL StartOpenVPN(connection_t *);
Reformat source code with uncrustify Closes: #445 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
1 year ago
use managment interface
14 years ago
void StopOpenVPN(connection_t *);
Reformat source code with uncrustify Closes: #445 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
1 year ago
Add support for marking connections as persistent Persistent connections have openvpn.exe daemon started external to the GUI (e.g., by the automatic service). This patch adds support for attaching to the management i/f of such daemons from the GUI and control the connection. The GUI never stops or starts the openvpn.exe process in this case. Instead, connect and disconnect buttons signal the management interface of a running openvpn.exe process to start the tunnel by attaching to mgmt i/f and sending hold-release if needed or stop it and wait in management-hold state (see DisconnectDaemon()). When the GUI process exits, persistent connections are left in their current state using DetachOpenVPN(). No connections are marked as persistent as yet. That is done in a following commit. Signed-off-by: Selva Nair <selva.nair@gmail.com>
2 years ago
void DetachOpenVPN(connection_t *);
Reformat source code with uncrustify Closes: #445 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
1 year ago
import of openvpn-gui-1.0.3.zip git-svn-id: https://openvpn-gui.svn.sourceforge.net/svnroot/openvpn-gui/trunk@2 43a1345a-9c20-4331-951f-9845fc178312
16 years ago
void SuspendOpenVPN(int config);
Reformat source code with uncrustify Closes: #445 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
1 year ago
Add restart button to connection menus - This works the same way as restart button in the status window but is more conveniently accessible from the tray menu. Signed-off-by: Selva Nair <selva.nair@gmail.com>
8 years ago
void RestartOpenVPN(connection_t *);
Reformat source code with uncrustify Closes: #445 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
1 year ago
Add support for marking connections as persistent Persistent connections have openvpn.exe daemon started external to the GUI (e.g., by the automatic service). This patch adds support for attaching to the management i/f of such daemons from the GUI and control the connection. The GUI never stops or starts the openvpn.exe process in this case. Instead, connect and disconnect buttons signal the management interface of a running openvpn.exe process to start the tunnel by attaching to mgmt i/f and sending hold-release if needed or stop it and wait in management-hold state (see DisconnectDaemon()). When the GUI process exits, persistent connections are left in their current state using DetachOpenVPN(). No connections are marked as persistent as yet. That is done in a following commit. Signed-off-by: Selva Nair <selva.nair@gmail.com>
2 years ago
void ReleaseOpenVPN(connection_t *);
Reformat source code with uncrustify Closes: #445 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
1 year ago
remove support for openvpn version < 2.0
15 years ago
BOOL CheckVersion();
Reformat source code with uncrustify Closes: #445 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
1 year ago
import of openvpn-gui-1.0.3.zip git-svn-id: https://openvpn-gui.svn.sourceforge.net/svnroot/openvpn-gui/trunk@2 43a1345a-9c20-4331-951f-9845fc178312
16 years ago
void SetStatusWinIcon(HWND hwndDlg, int IconID);
use managment interface
14 years ago
void OnReady(connection_t *, char *);
Reformat source code with uncrustify Closes: #445 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
1 year ago
use managment interface
14 years ago
void OnHold(connection_t *, char *);
Reformat source code with uncrustify Closes: #445 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
1 year ago
use managment interface
14 years ago
void OnLogLine(connection_t *, char *);
Reformat source code with uncrustify Closes: #445 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
1 year ago
use managment interface
14 years ago
void OnStateChange(connection_t *, char *);
Reformat source code with uncrustify Closes: #445 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
1 year ago
use managment interface
14 years ago
void OnPassword(connection_t *, char *);
Reformat source code with uncrustify Closes: #445 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
1 year ago
use managment interface
14 years ago
void OnStop(connection_t *, char *);
Reformat source code with uncrustify Closes: #445 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
1 year ago
Support pkcs11 token insertion request and pin input Note: IDS_NFO_TOKEN_PASSWORD_CAPTION and IDS_NFO_TOKEN_PASSWORD_REQUEST strings need translation. TODO: support for selecting pkcs11-id from the GUI Signed-off-by: Selva Nair <selva.nair@gmail.com>
8 years ago
void OnNeedOk(connection_t *, char *);
Reformat source code with uncrustify Closes: #445 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
1 year ago
Support pkcs11 token insertion request and pin input Note: IDS_NFO_TOKEN_PASSWORD_CAPTION and IDS_NFO_TOKEN_PASSWORD_REQUEST strings need translation. TODO: support for selecting pkcs11-id from the GUI Signed-off-by: Selva Nair <selva.nair@gmail.com>
8 years ago
void OnNeedStr(connection_t *, char *);
Reformat source code with uncrustify Closes: #445 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
1 year ago
Parse ECHO directives from openvpn Support the following echo commands - "echo forget-passwords": delete passwords internally saved by the GUI but do not disable the password save feature. Useful when pushed from the server so that it gets processed after authentication. Also see management-notes.txt in openvpn docs. - "echo save-passwords": enables private-key and auth-user-pass passwords to be saved. Will be effective at startup only if present in the config file. If pushed from the server, will get used for subsequent password prompts. Essentially this has the effect of presenting the password dialogs to the user with save-password checkbox selected. The user may still uncheck it during the dialog. Note: echo commands are processed as and when they are received and in the order received. TODO: support for "echo setenv name var", "echo disable-save-passwords" etc.. Signed-off-by: Selva Nair <selva.nair@gmail.com>
8 years ago
void OnEcho(connection_t *, char *);
Reformat source code with uncrustify Closes: #445 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
1 year ago
Subscribe to bytecount message from management interface Signed-off-by: Selva Nair <selva.nair@gmail.com>
7 years ago
void OnByteCount(connection_t *, char *);
Reformat source code with uncrustify Closes: #445 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
1 year ago
void OnInfoMsg(connection_t *, char *);
Retry on management timeout instead of aborting In some cases the service may take a while to startup openvpn.exe, causing connection to the management interface to timeout. This could leave behind the OpenVPN process if/when it eventually starts up. (Trac 905, 1050). As errors in starting up the OpenVPN daemon are independently handled, its better to keep retrying the management interface connection until aborted due to errors or by the user. - On timeout, log a message on the status window and retry the management interface connection - Eliminate the timed-out state that is no longer used - Call StopOpenVPN() before abort so that OpenVPN daemon is not left running in case it starts up later. - In the unlikely event that OpenManagement() fails, show an error - User can abort by pressing disconnect A "retrying.." message is logged on to the status window every 15 seconds. See Trac: #905, #1050 Signed-off-by: Selva Nair <selva.nair@gmail.com>
7 years ago
void OnTimeout(connection_t *, char *);
use managment interface
14 years ago
Add a system-wide option to disable the password save feature - A new registry HKLM\Software\OpenVPN\disable_save_passwords (32 bit DWORD value) may be set to a non-zero value to disable password saving by users. Applies to both auth and private key passwords. Usernames are always saved. Signed-off-by: Selva Nair <selva.nair@gmail.com>
8 years ago
void ResetSavePasswords(connection_t *);
Save username and optionally passwords - Username and, optionally, password as well as the private key passphrase are saved in config-specific registry keys - All saved data are kept encrypted using DPAPI - The passphrase dialog is skipped if a valid saved private key password is available. However, the user-auth dialog is always presented, prefilled with the saved username and password. Note: A text string "Save password" is added to three dialogs in all language resource files. Additional text with ids IDS_MENU_CLEARPASS and IDS_NFO_DELETE_PASS are added to the STRINGTABLE only in the English language resource file. All these need translations. Signed-off-by: Selva Nair <selva.nair@gmail.com>
9 years ago
ask for HTTP proxy credentials on demand * use "auto" parameter for --http-proxy option * pass proxy credentialsls via management interface * also closes #3223163
14 years ago
extern const TCHAR *cfgProp;
Read errors from the service pipe and handle fatal ones Asynchronously read Input on the service pipe which are mostly errors reported by the service. Display the errors on the status log window and to the log file if its not opened by openvpn. If/when openvpn fails to start or exits with error, close the connection without waiting for management socket timeout. v2: - rebase to master - fix a bug in setting manage.connected state - ensure management socket is closed and resources freed before thread exit Signed-off-by: Selva Nair <selva.nair@gmail.com>
9 years ago
/* These error codes are from openvpn service sources */
#define ERROR_OPENVPN_STARTUP 0x20000000
#define ERROR_STARTUP_DATA 0x20000001
#define ERROR_MESSAGE_DATA 0x20000002
#define ERROR_MESSAGE_TYPE 0x20000003
Support for 'setenv name var' using echo - Implement connection specific env variables. These are merged with the process environment strings and passed to scripts. - To set an env variable, use 'echo setenv name value' in the config or push from the server. This will set "OPENVPN_name=value" in the connections's env set. Note that "name" is mangled as "OPENVPN_name" to avoid servers overwriting sensitive variables such as PATH. Names are set in the order received and same name overwrites any previously set value. - Environment variable names are allowed to contain only alpha numeric characters and underscore as in openvpn.exe. But, unlike openvpn.exe, invalid names are ignored, not sanitized. v2 changes (Dec 16, 2017): - If value is missing, the directive is interpreted as a delete command and the env var with matching name in the connection's env set is removed. - Windows needs env block to be ordered: While merging connection specific env vars with process env block, order the entries 'alphabetically' (locale independent, case insensitive unicode ordinal order). In case of duplicates, the value in connection env set replaces the one in process env. Signed-off-by: Selva Nair <selva.nair@gmail.com>
8 years ago
/* Write a line to status window and optionally to the log file */
Reformat source code with uncrustify Closes: #445 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
1 year ago
void WriteStatusLog(connection_t *c, const WCHAR *prefix, const WCHAR *line, BOOL fileio);
Support for 'setenv name var' using echo - Implement connection specific env variables. These are merged with the process environment strings and passed to scripts. - To set an env variable, use 'echo setenv name value' in the config or push from the server. This will set "OPENVPN_name=value" in the connections's env set. Note that "name" is mangled as "OPENVPN_name" to avoid servers overwriting sensitive variables such as PATH. Names are set in the order received and same name overwrites any previously set value. - Environment variable names are allowed to contain only alpha numeric characters and underscore as in openvpn.exe. But, unlike openvpn.exe, invalid names are ignored, not sanitized. v2 changes (Dec 16, 2017): - If value is missing, the directive is interpreted as a delete command and the env var with matching name in the connection's env set is removed. - Windows needs env block to be ordered: While merging connection specific env vars with process env block, order the entries 'alphabetically' (locale independent, case insensitive unicode ordinal order). In case of duplicates, the value in connection env set replaces the one in process env. Signed-off-by: Selva Nair <selva.nair@gmail.com>
8 years ago
URL profile import: support for 2FA When 2FA is enabled, server (such as AS) replies with HTTP 401 and issues a challenge. Use existing facilities to parse CRV message and prompt user for a response, then call REST method again with encoded response as HTTP auth password. See https://github.com/OpenVPN/openvpn3/blob/master/doc/webauth.md#challengeresponse-authentication for more information. Signed-off-by: Lev Stipakov <lev@openvpn.net>
3 years ago
#define FLAG_CR_TYPE_SCRV1 0x1 /* static challenege */
#define FLAG_CR_TYPE_CRV1 0x2 /* dynamic challenege */
#define FLAG_CR_ECHO 0x4 /* echo the response */
#define FLAG_CR_RESPONSE 0x8 /* response needed */
#define FLAG_PASS_TOKEN 0x10 /* PKCS11 token password needed */
#define FLAG_STRING_PKCS11 0x20 /* PKCS11 id needed */
#define FLAG_PASS_PKEY 0x40 /* Private key password needed */
#define FLAG_CR_TYPE_CRTEXT 0x80 /* crtext */
Support concatenating response with password Static challenge response and password are optionally concatenated and submitted instead of using the SCRV1 protocol. The code is activated in the next commit. Signed-off-by: Selva Nair <selva.nair@gmail.com>
5 months ago
#define FLAG_CR_TYPE_CONCAT 0x100 /* concatenate otp with password */
URL profile import: support for 2FA When 2FA is enabled, server (such as AS) replies with HTTP 401 and issues a challenge. Use existing facilities to parse CRV message and prompt user for a response, then call REST method again with encoded response as HTTP auth password. See https://github.com/OpenVPN/openvpn3/blob/master/doc/webauth.md#challengeresponse-authentication for more information. Signed-off-by: Lev Stipakov <lev@openvpn.net>
3 years ago
typedef struct {
Reformat source code with uncrustify Closes: #445 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
1 year ago
connection_t *c;
URL profile import: support for 2FA When 2FA is enabled, server (such as AS) replies with HTTP 401 and issues a challenge. Use existing facilities to parse CRV message and prompt user for a response, then call REST method again with encoded response as HTTP auth password. See https://github.com/OpenVPN/openvpn3/blob/master/doc/webauth.md#challengeresponse-authentication for more information. Signed-off-by: Lev Stipakov <lev@openvpn.net>
3 years ago
unsigned int flags;
Reformat source code with uncrustify Closes: #445 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
1 year ago
char *str;
char *id;
char *user;
char *cr_response;
URL profile import: support for 2FA When 2FA is enabled, server (such as AS) replies with HTTP 401 and issues a challenge. Use existing facilities to parse CRV message and prompt user for a response, then call REST method again with encoded response as HTTP auth password. See https://github.com/OpenVPN/openvpn3/blob/master/doc/webauth.md#challengeresponse-authentication for more information. Signed-off-by: Lev Stipakov <lev@openvpn.net>
3 years ago
} auth_param_t;
/*
* Parse dynamic challenge string received from the server. Returns
* true on success. The caller must free param->str and param->id
* even on error.
*/
BOOL
Reformat source code with uncrustify Closes: #445 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
1 year ago
parse_dynamic_cr(const char *str, auth_param_t *param);
URL profile import: support for 2FA When 2FA is enabled, server (such as AS) replies with HTTP 401 and issues a challenge. Use existing facilities to parse CRV message and prompt user for a response, then call REST method again with encoded response as HTTP auth password. See https://github.com/OpenVPN/openvpn3/blob/master/doc/webauth.md#challengeresponse-authentication for more information. Signed-off-by: Lev Stipakov <lev@openvpn.net>
3 years ago
void
Reformat source code with uncrustify Closes: #445 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
1 year ago
free_auth_param(auth_param_t *param);
URL profile import: support for 2FA When 2FA is enabled, server (such as AS) replies with HTTP 401 and issues a challenge. Use existing facilities to parse CRV message and prompt user for a response, then call REST method again with encoded response as HTTP auth password. See https://github.com/OpenVPN/openvpn3/blob/master/doc/webauth.md#challengeresponse-authentication for more information. Signed-off-by: Lev Stipakov <lev@openvpn.net>
3 years ago
Enable localization of openvpn daemon state names These strings are displayed in the PLAP progress window. Signed-off-by: Selva Nair <selva.nair@gmail.com>
2 years ago
/*
* Given an OpenVPN state as reported by the management interface
* return the correspnding resource id for translation.
*/
int daemon_state_resid(const char *name);
Reformat source code with uncrustify Closes: #445 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
1 year ago
#endif /* ifndef OPENVPN_H */