github
/
openvpn-gui
mirror of https://github.com/OpenVPN/openvpn-gui
1
0
Fork 0
Code Issues Releases Wiki Activity

Parse fatal errors from OpenVPN and display them when connection fails 

If error is due to script security over-ridden by us, reword
the message to a localizable string that points the user
to the config specific script-security setting.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
pull/271/head
Selva Nair 2019-02-11 15:25:08 -05:00
parent dd1068ee13
commit c7462abfac
4 changed files with 43 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
openvpn-gui-res.h
View File

@ -130,6 +130,7 @@
#define ID_CMB_SCRIPT_SECURITY 296
#define IDS_SCRIPT_NO_OVERRIDE 297
#define IDS_ALLOW_SCRIPT_BUILT_IN 299
#define IDS_ERR_SCRIPT_OVERRIDE 300
/*
* String Table Resources

39
openvpn.c
View File

@ -136,6 +136,28 @@ OnHold(connection_t *c, UNUSED char *msg)
ManagementCommand(c, "hold release", NULL, regular);
}
/* Save last fatal error from OpenVPN -- possibly translated or reworded */
static void
SaveLastError(connection_t *c, const char *msg)
{
/* If we have enforced script security and there is script error, translate/re-word the error */
if (get_script_security(c) != SSEC_UNDEF
&& strstr(msg, "'--script-security 2' or higher is required to call user-defined scripts"))
{
_sntprintf_0(c->last_error, LoadLocalizedString(IDS_ERR_SCRIPT_OVERRIDE));
}
else
{
_sntprintf_0(c->last_error, L"%S", msg);
}
}
static void
ClearLastError(connection_t *c)
{
c->last_error[0] = L'\0';
}
/*
* Handle a log line from the OpenVPN management interface
* Format <TIMESTAMP>,<FLAGS>,<MESSAGE>
@ -198,6 +220,11 @@ OnLogLine(connection_t *c, char *line)
SendMessage(logWnd, EM_REPLACESEL, FALSE, (LPARAM) datetime);
SendMessage(logWnd, EM_SETTEXTEX, (WPARAM) &ste, (LPARAM) message);
SendMessage(logWnd, EM_REPLACESEL, FALSE, (LPARAM) _T("\n"));
if (memchr(flags, 'N', flag_size) || memchr(flags, 'F', flag_size))
{
SaveLastError(c, message);
}
}
/* expect ipv4,remote,port,,,ipv6 */
@ -1105,6 +1132,7 @@ OnStop(connection_t *c, UNUSED char *msg)
UINT txt_id, msg_id;
TCHAR *msg_xtra;
SetMenuStatus(c, disconnected);
wchar_t err_msg[512];
switch (c->state)
{
@ -1123,8 +1151,10 @@ OnStop(connection_t *c, UNUSED char *msg)
SetForegroundWindow(c->hwndStatus);
ShowWindow(c->hwndStatus, SW_SHOW);
}
MessageBox(c->hwndStatus, LoadLocalizedString(IDS_NFO_CONN_TERMINATED, c->config_file),
_T(PACKAGE_NAME), MB_OK);
_sntprintf_0(err_msg, L"%s\n\n%s",
LoadLocalizedString(IDS_NFO_CONN_TERMINATED, c->config_file), c->last_error);
MessageBox(c->hwndStatus, err_msg, _T(PACKAGE_NAME), MB_OK);
ClearLastError(c);
SendMessage(c->hwndStatus, WM_CLOSE, 0, 0);
break;
@ -1151,7 +1181,10 @@ OnStop(connection_t *c, UNUSED char *msg)
SetForegroundWindow(c->hwndStatus);
ShowWindow(c->hwndStatus, SW_SHOW);
}
MessageBox(c->hwndStatus, LoadLocalizedString(msg_id, msg_xtra), _T(PACKAGE_NAME), MB_OK);
_sntprintf_0(err_msg, L"%s\n\n%s",
LoadLocalizedString(msg_id, msg_xtra), c->last_error);
MessageBox(c->hwndStatus, err_msg, _T(PACKAGE_NAME), MB_OK);
ClearLastError(c);
SendMessage(c->hwndStatus, WM_CLOSE, 0, 0);
break;

1
options.h
View File

@ -156,6 +156,7 @@ struct connection {
unsigned long long int bytes_out;
struct env_item *es; /* Pointer to the head of config-specific env variables list */
HANDLE hfile; /* Config file handle used for locking */
wchar_t last_error[512];
};
/* All options used within OpenVPN GUI */

5
res/openvpn-gui-res-en.rc
View File

@ -505,5 +505,10 @@ BEGIN
/* script security related */
IDS_ALLOW_SCRIPT_BUILT_IN "Built-in commands only (recommended)"
IDS_SCRIPT_NO_OVERRIDE "Use config file setting (potentially unsafe)"
IDS_ERR_SCRIPT_OVERRIDE "External scripts are disabled for this connection as a security measure. "\
"If you must allow such scripts, open the connection specific ""Options"" " \
"menu and select to use config-file setting for ""Allow script execution"". "\
"Note that this is potentially unsafe unless you trust the origin of "\
"this connection profile."
END