diff --git a/README.rst b/README.rst index b56edfa..d22b4a0 100644 --- a/README.rst +++ b/README.rst @@ -59,8 +59,9 @@ There are three ways to do this: Using OpenVPN GUI ################# -When OpenVPN GUI is started your OpenVPN config folder -(*C:\\Program Files\\OpenVPN\\config*) will be scanned for .ovpn files and the +When OpenVPN GUI is started your OpenVPN config folders +(*C:\\Users\\username\\OpenVPN\\config* and +*C:\\Program Files\\OpenVPN\\config*) will be scanned for .ovpn files and the OpenVPN GUI icon will appear in the system tray. Each OpenVPN configuration file shows up as a separate menu item in the OpenVPN GUI tray, allowing you to selectively connect to and disconnect to your VPNs. The config dir will be @@ -124,15 +125,41 @@ Disconnect If a file named "xxx_down.bat" exist in the config folder Registry Values affecting the OpenVPN GUI operation *************************************************** -All OpenVPN GUI registry values are located below the -*HKEY_LOCAL_MACHINE\\SOFTWARE\\OpenVPN-GUI\\* key - -The follow keys are used to control the OpenVPN GUI +Parameters taken from the global registry values in +*HKEY_LOCAL_MACHINE\\SOFTWARE\\OpenVPN\\* key config_dir - the system-wide configuration file directory, defaults to - *C:\\Program Files\\OpenVPN\\config*; the user-specific configuration file - directory is hardcoded to *C:\\Users\\username\\OpenVPN\\config**. + The global configuration file directory. Defaults to + *C:\\Program Files\\OpenVPN\\config* + +exe_path + path to openvpn.exe, defaults to *C:\\Program Files\\OpenVPN\\bin\\openvpn.exe* + +priority + the windows priority class for each instantiated OpenVPN process, + can be one of: + + * IDLE_PRIORITY_CLASS + * BELOW_NORMAL_PRIORITY_CLASS + * NORMAL_PRIORITY_CLASS (default) + * ABOVE_NORMAL_PRIORITY_CLASS + * HIGH_PRIORITY_CLASS + +ovpn_admin_group + The windows group whose membership allows the user to start any configuration file + in their profile (not just those installed by the administrator in the global + config directory). Default: "OpenVPN Administrators". + +All other OpenVPN GUI registry values are located below the +*HKEY_CURRENT_USER\\SOFTWARE\\OpenVPN-GUI\\* key + +The following keys are used to control the OpenVPN GUI + +config_dir + The user-specific configuration file directory: defaults to + *C:\\Users\\username\\OpenVPN\\config*. + The GUI parses this directory for configuration files before + parsing the global config_dir. config_ext file extension on configuration files, defaults to *ovpn* @@ -149,38 +176,13 @@ preconnectscript_timeout Time in seconds to wait for the preconnect script to finish. Must be a value between 1-99. -exe_path - path to openvpn.exe, defaults to *C:\\Program Files\\OpenVPN\\bin\\openvpn.exe* - log_dir - log file directory, defaults to *C:\\Program Files\\OpenVPN\\log* + log file directory, defaults to *C:\\Users\\username\\OpenVPN\\log* log_append if set to "0", the log file will be truncated every time you start a connection. If set to "1", the log will be appended to the log file. -priority - the windows priority class for each instantiated OpenVPN process, - can be one of: - - * IDLE_PRIORITY_CLASS - * BELOW_NORMAL_PRIORITY_CLASS - * NORMAL_PRIORITY_CLASS (default) - * ABOVE_NORMAL_PRIORITY_CLASS - * HIGH_PRIORITY_CLASS - -allow_edit - If set to "1", the Edit config menu will be showed. - -allow_password - If set to "1", the Change Password menu will be showed. - -allow_proxy - If set to "1", the Proxy Settings menu will be showed. - -allow_service - If set to "1", the Service control menu will be showed. - silent_connection If set to "1", the status window with the OpenVPN log output will not be showed while connecting. @@ -197,18 +199,7 @@ show_balloon 2: Show balloon even after re-connects -log_viewer - The program used to view your log files, defaults to - *C:\\Windows\\System32\\notepad.exe* - -editor - The program used to edit your config files, defaults to - *C:\\Windows\\System32\\notepad.exe* - -passphrase_attempts - Number of attempts to enter the passphrase to allow. - -All these registry options is also available as cmd-line options. +All of these registry options are also available as cmd-line options. Use "openvpn-gui --help" for more info about cmd-line options. Building OpenVPN GUI from source diff --git a/main.c b/main.c index e115ea8..eb95b38 100644 --- a/main.c +++ b/main.c @@ -307,7 +307,6 @@ ResumeConnections() LRESULT CALLBACK WindowProcedure (HWND hwnd, UINT message, WPARAM wParam, LPARAM lParam) { static UINT s_uTaskbarRestart; - int i; switch (message) { case WM_CREATE: @@ -328,7 +327,7 @@ LRESULT CALLBACK WindowProcedure (HWND hwnd, UINT message, WPARAM wParam, LPARAM CreatePopupMenus(); /* Create popup menus */ ShowTrayIcon(); - if (o.allow_service[0]=='1' || o.service_only[0]=='1') + if (o.service_only[0]=='1') CheckServiceStatus(); // Check if service is running or not if (!AutoStartConnections()) { SendMessage(hwnd, WM_CLOSE, 0, 0); @@ -414,31 +413,6 @@ LRESULT CALLBACK WindowProcedure (HWND hwnd, UINT message, WPARAM wParam, LPARAM } break; - case WM_POWERBROADCAST: - switch (wParam) { - case PBT_APMSUSPEND: - if (o.disconnect_on_suspend[0] == '1') - { - /* Suspend running connections */ - for (i=0; ifailed_psw_attempts++; - if (c->failed_psw_attempts >= o.psw_attempts - 1) - ManagementCommand(c, "auth-retry none", NULL, regular); if (strcmp(message, "auth-failure") == 0 && (c->flags & FLAG_SAVE_AUTH_PASS)) SaveAuthPass(c->config_name, L""); else if (strcmp(message, "private-key-password-failure") == 0 && (c->flags & FLAG_SAVE_KEY_PASS)) @@ -388,7 +386,7 @@ PrivKeyPassDialogFunc(HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) case IDCANCEL: EndDialog(hwndDlg, LOWORD(wParam)); - StopOpenVPN(c); + StopOpenVPN (c); return TRUE; } break; diff --git a/openvpn_config.c b/openvpn_config.c index 7ee90e9..8d95a00 100644 --- a/openvpn_config.c +++ b/openvpn_config.c @@ -31,6 +31,8 @@ #include "options.h" #include "localization.h" #include "save_pass.h" +#include "misc.h" +#include "passphrase.h" typedef enum { @@ -65,21 +67,11 @@ match(const WIN32_FIND_DATA *find, const TCHAR *ext) static bool CheckReadAccess (const TCHAR *dir, const TCHAR *file) { - HANDLE h; - bool ret = FALSE; TCHAR path[MAX_PATH]; _sntprintf_0 (path, _T("%s\\%s"), dir, file); - h = CreateFile (path, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, - FILE_ATTRIBUTE_NORMAL, NULL); - if ( h != INVALID_HANDLE_VALUE ) - { - ret = TRUE; - CloseHandle (h); - } - - return ret; + return CheckFileAccess (path, GENERIC_READ); } static int @@ -112,6 +104,9 @@ AddConfigFileToList(int config, const TCHAR *filename, const TCHAR *config_dir) c->manage.skaddr.sin_addr.s_addr = inet_addr("127.0.0.1"); c->manage.skaddr.sin_port = htons(25340 + config); + if (CheckKeyFileWriteAccess (c)) + c->flags |= ALLOW_CHANGE_PASSPHRASE; + /* Check if connection should be autostarted */ for (i = 0; i < MAX_CONFIGS && o.auto_connect[i]; ++i) { diff --git a/options.c b/options.c index 8325dc3..87efe46 100644 --- a/options.c +++ b/options.c @@ -105,22 +105,22 @@ add_option(options_t *options, int i, TCHAR **p) else if (streq(p[0], _T("allow_edit")) && p[1]) { ++i; - _tcsncpy(options->allow_edit, p[1], _countof(options->allow_edit) - 1); + PrintDebug (L"Deprecated option: '%s' ignored.", p[0]); } else if (streq(p[0], _T("allow_service")) && p[1]) { ++i; - _tcsncpy(options->allow_service, p[1], _countof(options->allow_service) - 1); + PrintDebug (L"Deprecated option: '%s' ignored.", p[0]); } else if (streq(p[0], _T("allow_password")) && p[1]) { ++i; - _tcsncpy(options->allow_password, p[1], _countof(options->allow_password) - 1); + PrintDebug (L"Deprecated option: '%s' ignored.", p[0]); } else if (streq(p[0], _T("allow_proxy")) && p[1]) { ++i; - _tcsncpy(options->allow_proxy, p[1], _countof(options->allow_proxy) - 1); + PrintDebug (L"Deprecated option: '%s' ignored.", p[0]); } else if (streq(p[0], _T("show_balloon")) && p[1]) { @@ -145,7 +145,7 @@ add_option(options_t *options, int i, TCHAR **p) else if (streq(p[0], _T("passphrase_attempts")) && p[1]) { ++i; - _tcsncpy(options->psw_attempts_string, p[1], _countof(options->psw_attempts_string) - 1); + PrintDebug (L"Deprecated option: '%s' ignored.", p[0]); } else if (streq(p[0], _T("connectscript_timeout")) && p[1]) { diff --git a/options.h b/options.h index e38f833..19904ef 100644 --- a/options.h +++ b/options.h @@ -84,6 +84,7 @@ typedef struct { #define FLAG_SAVE_KEY_PASS 1<<4 #define FLAG_SAVE_AUTH_PASS 1<<5 +#define ALLOW_CHANGE_PASSPHRASE (1<<1) /* Connections parameters */ struct connection { @@ -128,7 +129,6 @@ typedef struct { int num_configs; /* Number of configs */ service_state_t service_state; /* State of the OpenVPN Service */ - int psw_attempts; /* Number of psw attemps to allow */ int connectscript_timeout; /* Connect Script execution timeout (sec) */ int disconnectscript_timeout; /* Disconnect Script execution timeout (sec) */ int preconnectscript_timeout; /* Preconnect Script execution timeout (sec) */ @@ -141,30 +141,25 @@ typedef struct { TCHAR proxy_socks_address[100]; /* SOCKS Proxy Address */ TCHAR proxy_socks_port[6]; /* SOCKS Proxy Address */ - /* Registry values */ + /* HKLM Registry values */ TCHAR exe_path[MAX_PATH]; - TCHAR config_dir[MAX_PATH]; TCHAR global_config_dir[MAX_PATH]; + TCHAR priority_string[64]; + TCHAR ovpn_admin_group[MAX_NAME]; + /* HKCU registry values */ + TCHAR config_dir[MAX_PATH]; TCHAR ext_string[16]; TCHAR log_dir[MAX_PATH]; - TCHAR priority_string[64]; TCHAR append_string[2]; TCHAR log_viewer[MAX_PATH]; TCHAR editor[MAX_PATH]; - TCHAR allow_edit[2]; - TCHAR allow_service[2]; - TCHAR allow_password[2]; - TCHAR allow_proxy[2]; TCHAR silent_connection[2]; TCHAR service_only[2]; TCHAR show_balloon[2]; TCHAR show_script_window[2]; - TCHAR psw_attempts_string[2]; - TCHAR disconnect_on_suspend[2]; TCHAR connectscript_timeout_string[4]; TCHAR disconnectscript_timeout_string[4]; TCHAR preconnectscript_timeout_string[4]; - TCHAR ovpn_admin_group[MAX_NAME]; #ifdef DEBUG FILE *debug_fp; diff --git a/passphrase.c b/passphrase.c index b8064fe..0a0a7ac 100644 --- a/passphrase.c +++ b/passphrase.c @@ -40,6 +40,7 @@ #include "openvpn-gui-res.h" #include "chartable.h" #include "localization.h" +#include "misc.h" extern options_t o; @@ -567,15 +568,15 @@ ParseKeyFilenameLine(connection_t *c, TCHAR *keyfilename, size_t keyfilenamesize return(1); } - static int -GetKeyFilename(connection_t *c, TCHAR *keyfilename, size_t keyfilenamesize, int *keyfile_format) +GetKeyFilename(connection_t *c, TCHAR *keyfilename, size_t keyfilenamesize, int *keyfile_format, bool silent) { - FILE *fp; + FILE *fp = NULL; char line[256]; int found_key=0; int found_pkcs12=0; TCHAR configfile_path[MAX_PATH]; + int ret = 0; _tcsncpy(configfile_path, c->config_dir, _countof(configfile_path)); if (!(configfile_path[_tcslen(configfile_path)-1] == '\\')) @@ -586,8 +587,9 @@ GetKeyFilename(connection_t *c, TCHAR *keyfilename, size_t keyfilenamesize, int if (!(fp=_tfopen(configfile_path, _T("r")))) { /* can't open config file */ - ShowLocalizedMsg(IDS_ERR_OPEN_CONFIG, configfile_path); - return(0); + if (!silent) + ShowLocalizedMsg(IDS_ERR_OPEN_CONFIG, configfile_path); + goto out; } while (fgets(line, sizeof (line), fp)) @@ -597,49 +599,57 @@ GetKeyFilename(connection_t *c, TCHAR *keyfilename, size_t keyfilenamesize, int if (found_key) { /* only one key option */ - ShowLocalizedMsg(IDS_ERR_ONLY_ONE_KEY_OPTION); - return(0); + if (!silent) + ShowLocalizedMsg(IDS_ERR_ONLY_ONE_KEY_OPTION); + goto out; } if (found_pkcs12) { /* key XOR pkcs12 */ - ShowLocalizedMsg(IDS_ERR_ONLY_KEY_OR_PKCS12); - return(0); + if (!silent) + ShowLocalizedMsg(IDS_ERR_ONLY_KEY_OR_PKCS12); + goto out; } found_key=1; *keyfile_format = KEYFILE_FORMAT_PEM; if (!ParseKeyFilenameLine(c, keyfilename, keyfilenamesize, &line[4])) - return(0); + goto out; } if (LineBeginsWith(line, "pkcs12", 6)) { if (found_pkcs12) { /* only one pkcs12 option */ - ShowLocalizedMsg(IDS_ERR_ONLY_ONE_PKCS12_OPTION); - return(0); + if (!silent) + ShowLocalizedMsg(IDS_ERR_ONLY_ONE_PKCS12_OPTION); + goto out; } if (found_key) { /* only key XOR pkcs12 */ - ShowLocalizedMsg(IDS_ERR_ONLY_KEY_OR_PKCS12); - return(0); + if (!silent) + ShowLocalizedMsg(IDS_ERR_ONLY_KEY_OR_PKCS12); + goto out; } found_pkcs12=1; *keyfile_format = KEYFILE_FORMAT_PKCS12; if (!ParseKeyFilenameLine(c, keyfilename, keyfilenamesize, &line[7])) - return(0); + goto out; } } if ((!found_key) && (!found_pkcs12)) { /* must have key or pkcs12 option */ - ShowLocalizedMsg(IDS_ERR_HAVE_KEY_OR_PKCS12); - return(0); + if (!silent) + ShowLocalizedMsg(IDS_ERR_HAVE_KEY_OR_PKCS12); + goto out; } - - return(1); + ret = 1; +out: + if (fp) + fclose(fp); + return ret; } @@ -658,7 +668,7 @@ ChangePassphraseThread(LPVOID data) conn_name[_tcslen(conn_name) - (_tcslen(o.ext_string)+1)]=0; /* Get Key filename from config file */ - if (!GetKeyFilename(c, keyfilename, _countof(keyfilename), &keyfile_format)) + if (!GetKeyFilename(c, keyfilename, _countof(keyfilename), &keyfile_format, false)) { ExitThread(1); } @@ -685,6 +695,7 @@ ChangePassphraseThread(LPVOID data) } } + CloseHandle (hwndChangePSW); ExitThread(0); } @@ -703,8 +714,18 @@ ShowChangePassphraseDialog(connection_t *c) ShowLocalizedMsg(IDS_ERR_CREATE_PASS_THREAD); return; } - + CloseHandle (hThread); } +bool +CheckKeyFileWriteAccess (connection_t *c) +{ + TCHAR keyfile[MAX_PATH]; + int format = 0; + if (!GetKeyFilename (c, keyfile, _countof(keyfile), &format, true)) + return FALSE; + else + return CheckFileAccess (keyfile, GENERIC_WRITE); +} #endif diff --git a/passphrase.h b/passphrase.h index 5aac913..df10678 100644 --- a/passphrase.h +++ b/passphrase.h @@ -30,5 +30,6 @@ BOOL GetRandomPassword(char *, size_t); #ifndef DISABLE_CHANGE_PASSWORD void ShowChangePassphraseDialog(connection_t *); #endif +BOOL CheckKeyFileWriteAccess (connection_t *); #endif diff --git a/registry.c b/registry.c index c59d5be..27ebb33 100644 --- a/registry.c +++ b/registry.c @@ -36,6 +36,20 @@ extern options_t o; +static void +ExpandString (WCHAR *str, int max_len) +{ + WCHAR expanded_string[MAX_PATH]; + int len = ExpandEnvironmentStringsW(str, expanded_string, _countof(expanded_string)); + + if (len > max_len || len > (int) _countof(expanded_string)) + { + PrintDebug (L"Failed to expanded env vars in '%s'. String too long", str); + return; + } + wcsncpy(str, expanded_string, max_len); +} + int GetRegistryKeys() { @@ -80,32 +94,40 @@ GetRegistryKeys() /* use default = openvpnpath\config */ _sntprintf_0(o.global_config_dir, _T("%sconfig"), openvpn_path); } + if (!GetRegistryValue(regkey, _T("ovpn_admin_group"), o.ovpn_admin_group, _countof(o.ovpn_admin_group))) { - _tcsncpy(o.ovpn_admin_group, OVPN_ADMIN_GROUP, _countof(o.ovpn_admin_group)); + _tcsncpy(o.ovpn_admin_group, OVPN_ADMIN_GROUP, _countof(o.ovpn_admin_group)-1); + } + + if (o.exe_path[0] != L'\0') /* set by cmd-line */ + ExpandString (o.exe_path, _countof(o.exe_path)); + else if (!GetRegistryValue(regkey, _T("exe_path"), o.exe_path, _countof(o.exe_path))) + { + _sntprintf_0(o.exe_path, _T("%sbin\\openvpn.exe"), openvpn_path); + } + + if (o.priority_string[0] != L'\0') /* set by cmd-line */ + ExpandString (o.priority_string, _countof(o.priority_string)); + if (!GetRegistryValue(regkey, _T("priority"), o.priority_string, _countof(o.priority_string))) + { + _tcsncpy(o.priority_string, _T("NORMAL_PRIORITY_CLASS"), _countof(o.priority_string)-1); } RegCloseKey(regkey); - /* config_dir in user's profile by default */ + /* user-sepcific config_dir in user's profile by default */ _sntprintf_0(temp_path, _T("%s\\OpenVPN\\config"), profile_dir); if (!GetRegKey(_T("config_dir"), o.config_dir, temp_path, _countof(o.config_dir))) return(false); if (!GetRegKey(_T("config_ext"), o.ext_string, _T("ovpn"), _countof(o.ext_string))) return(false); - _sntprintf_0(temp_path, _T("%sbin\\openvpn.exe"), openvpn_path); - if (!GetRegKey(_T("exe_path"), o.exe_path, - temp_path, _countof(o.exe_path))) return(false); - _sntprintf_0(temp_path, _T("%s\\OpenVPN\\log"), profile_dir); if (!GetRegKey(_T("log_dir"), o.log_dir, temp_path, _countof(o.log_dir))) return(false); if (!GetRegKey(_T("log_append"), o.append_string, _T("0"), _countof(o.append_string))) return(false); - if (!GetRegKey(_T("priority"), o.priority_string, - _T("NORMAL_PRIORITY_CLASS"), _countof(o.priority_string))) return(false); - _sntprintf_0(temp_path, _T("%s\\system32\\notepad.exe"), windows_dir); if (!GetRegKey(_T("log_viewer"), o.log_viewer, temp_path, _countof(o.log_viewer))) return(false); @@ -114,14 +136,6 @@ GetRegistryKeys() if (!GetRegKey(_T("editor"), o.editor, temp_path, _countof(o.editor))) return(false); - if (!GetRegKey(_T("allow_edit"), o.allow_edit, _T("1"), _countof(o.allow_edit))) return(false); - - if (!GetRegKey(_T("allow_service"), o.allow_service, _T("0"), _countof(o.allow_service))) return(false); - - if (!GetRegKey(_T("allow_password"), o.allow_password, _T("1"), _countof(o.allow_password))) return(false); - - if (!GetRegKey(_T("allow_proxy"), o.allow_proxy, _T("1"), _countof(o.allow_proxy))) return(false); - if (!GetRegKey(_T("service_only"), o.service_only, _T("0"), _countof(o.service_only))) return(false); if (!GetRegKey(_T("show_balloon"), o.show_balloon, _T("1"), _countof(o.show_balloon))) return(false); @@ -130,19 +144,6 @@ GetRegistryKeys() if (!GetRegKey(_T("show_script_window"), o.show_script_window, _T("1"), _countof(o.show_script_window))) return(false); - if (!GetRegKey(_T("disconnect_on_suspend"), o.disconnect_on_suspend, _T("0"), - _countof(o.disconnect_on_suspend))) return(false); - - if (!GetRegKey(_T("passphrase_attempts"), o.psw_attempts_string, _T("3"), - _countof(o.psw_attempts_string))) return(false); - o.psw_attempts = _ttoi(o.psw_attempts_string); - if ((o.psw_attempts < 1) || (o.psw_attempts > 9)) - { - /* 0 <= passphrase_attempts <= 9 */ - ShowLocalizedMsg(IDS_ERR_PASSPHRASE_ATTEMPTS); - return(false); - } - if (!GetRegKey(_T("connectscript_timeout"), o.connectscript_timeout_string, _T("15"), _countof(o.connectscript_timeout_string))) return(false); o.connectscript_timeout = _ttoi(o.connectscript_timeout_string); @@ -184,16 +185,13 @@ int GetRegKey(const TCHAR name[], TCHAR *data, const TCHAR default_data[], DWORD HKEY openvpn_key; HKEY openvpn_key_write; DWORD dwDispos; - TCHAR expanded_string[MAX_PATH]; DWORD size = len * sizeof(*data); DWORD max_len = len - 1; /* If option is already set via cmd-line, return */ if (data[0] != 0) { - // Expand environment variables inside the string. - ExpandEnvironmentStrings(data, expanded_string, _countof(expanded_string)); - _tcsncpy(data, expanded_string, max_len); + ExpandString (data, len); return(true); } @@ -256,8 +254,7 @@ int GetRegKey(const TCHAR name[], TCHAR *data, const TCHAR default_data[], DWORD RegCloseKey(openvpn_key); // Expand environment variables inside the string. - ExpandEnvironmentStrings(data, expanded_string, _countof(expanded_string)); - _tcsncpy(data, expanded_string, max_len); + ExpandString (data, len); return(true); } diff --git a/res/openvpn-gui-res-en.rc b/res/openvpn-gui-res-en.rc index e1520fb..0180e96 100644 --- a/res/openvpn-gui-res-en.rc +++ b/res/openvpn-gui-res-en.rc @@ -86,7 +86,7 @@ END /* Change Passphrase Dialog */ ID_DLG_CHGPASS DIALOG 6, 18, 193, 82 STYLE WS_POPUP | WS_VISIBLE | WS_CAPTION | WS_SYSMENU | DS_CENTER -CAPTION "OpenVPN - Change Passphrase" +CAPTION "OpenVPN - Change Private Key Passphrase" FONT 8, "Microsoft Sans Serif" LANGUAGE LANG_ENGLISH, SUBLANG_DEFAULT BEGIN @@ -313,7 +313,7 @@ BEGIN /* passphrase - Resources */ IDS_ERR_CREATE_PASS_THREAD "CreateThread to show ChangePassphrase dialog failed." - IDS_NFO_CHANGE_PWD "Change Password (%s)" + IDS_NFO_CHANGE_PWD "Change Private Key Password (%s)" IDS_ERR_PWD_DONT_MATCH "The passwords you typed do not match. Try again." IDS_ERR_PWD_TO_SHORT "Your new password must be at least %d characters long." IDS_NFO_EMPTY_PWD "Are you sure you want to set an EMPTY password?" diff --git a/tray.c b/tray.c index 976a3b7..bcc75b6 100644 --- a/tray.c +++ b/tray.c @@ -75,23 +75,16 @@ CreatePopupMenus() AppendMenu(hMenu, MF_STRING, IDM_VIEWLOGMENU, LoadLocalizedString(IDS_MENU_VIEWLOG)); - if (o.allow_edit[0] == '1') - AppendMenu(hMenu, MF_STRING, IDM_EDITMENU, LoadLocalizedString(IDS_MENU_EDITCONFIG)); + AppendMenu(hMenu, MF_STRING, IDM_EDITMENU, LoadLocalizedString(IDS_MENU_EDITCONFIG)); AppendMenu(hMenu, MF_STRING, IDM_CLEARPASSMENU, LoadLocalizedString(IDS_MENU_CLEARPASS)); #ifndef DISABLE_CHANGE_PASSWORD - if (o.allow_password[0] == '1') + if (o.conn[0].flags & ALLOW_CHANGE_PASSPHRASE) AppendMenu(hMenu, MF_STRING, IDM_PASSPHRASEMENU, LoadLocalizedString(IDS_MENU_PASSPHRASE)); #endif AppendMenu(hMenu, MF_SEPARATOR, 0, 0); - if (o.allow_service[0] == '1' && o.service_only[0] == '0') - { - AppendMenu(hMenu, MF_POPUP, (UINT_PTR) hMenuService, LoadLocalizedString(IDS_MENU_SERVICE)); - AppendMenu(hMenu, MF_SEPARATOR, 0, 0); - } - AppendMenu(hMenu, MF_STRING, IDM_IMPORT, LoadLocalizedString(IDS_MENU_IMPORT)); AppendMenu(hMenu, MF_STRING ,IDM_SETTINGS, LoadLocalizedString(IDS_MENU_SETTINGS)); AppendMenu(hMenu, MF_STRING ,IDM_CLOSE, LoadLocalizedString(IDS_MENU_CLOSE)); @@ -107,11 +100,7 @@ CreatePopupMenus() if (o.num_configs > 0) AppendMenu(hMenu, MF_SEPARATOR, 0, 0); - if (o.service_only[0] == '0' && o.allow_service[0] == '1') { - AppendMenu(hMenu, MF_POPUP, (UINT_PTR) hMenuService, LoadLocalizedString(IDS_MENU_SERVICE)); - AppendMenu(hMenu, MF_SEPARATOR, 0, 0); - } - else if (o.service_only[0] == '1') { + if (o.service_only[0] == '1') { AppendMenu(hMenu, MF_STRING, IDM_SERVICE_START, LoadLocalizedString(IDS_MENU_SERVICEONLY_START)); AppendMenu(hMenu, MF_STRING, IDM_SERVICE_STOP, LoadLocalizedString(IDS_MENU_SERVICEONLY_STOP)); AppendMenu(hMenu, MF_STRING, IDM_SERVICE_RESTART, LoadLocalizedString(IDS_MENU_SERVICEONLY_RESTART)); @@ -134,12 +123,11 @@ CreatePopupMenus() AppendMenu(hMenuConn[i], MF_STRING, IDM_VIEWLOGMENU + i, LoadLocalizedString(IDS_MENU_VIEWLOG)); - if (o.allow_edit[0] == '1') - AppendMenu(hMenuConn[i], MF_STRING, IDM_EDITMENU + i, LoadLocalizedString(IDS_MENU_EDITCONFIG)); + AppendMenu(hMenuConn[i], MF_STRING, IDM_EDITMENU + i, LoadLocalizedString(IDS_MENU_EDITCONFIG)); AppendMenu(hMenuConn[i], MF_STRING, IDM_CLEARPASSMENU + i, LoadLocalizedString(IDS_MENU_CLEARPASS)); #ifndef DISABLE_CHANGE_PASSWORD - if (o.allow_password[0] == '1') + if (o.conn[i].flags & ALLOW_CHANGE_PASSPHRASE) AppendMenu(hMenuConn[i], MF_STRING, IDM_PASSPHRASEMENU + i, LoadLocalizedString(IDS_MENU_PASSPHRASE)); #endif @@ -147,14 +135,6 @@ CreatePopupMenus() } } - /* Create service menu */ - if (o.allow_service[0] == '1' && o.service_only[0] == '0') - { - AppendMenu(hMenuService, MF_STRING, IDM_SERVICE_START, LoadLocalizedString(IDS_MENU_SERVICE_START)); - AppendMenu(hMenuService, MF_STRING, IDM_SERVICE_STOP, LoadLocalizedString(IDS_MENU_SERVICE_STOP)); - AppendMenu(hMenuService, MF_STRING, IDM_SERVICE_RESTART, LoadLocalizedString(IDS_MENU_SERVICE_RESTART)); - } - SetServiceMenuStatus(); } @@ -431,7 +411,7 @@ SetServiceMenuStatus() { HMENU hMenuHandle; - if (o.allow_service[0] == '0' && o.service_only[0] == '0') + if (o.service_only[0] == '0') return; if (o.service_only[0] == '1')