As we now allow users to set a management password (for persistent
connections), the max size of password should match what openvpn.exe
can handle (128 or 4096 bytes depending on build options).
Increase the buffer size to 4096 though such large passwords
may not work in practice. 127 bytes + NUL, may be a safe upper limit.
For the random password used for connections spawned by the GUI,
the current size of 15 bytes + NUL is retained.
Fixes: #567
Signed-off-by: Selva Nair <selva.nair@gmail.com>
New feature: any connection that is not disconnected on exit
will auto-connect when the GUi is started the next time.
There is no option to toggle auto-connect of any profile. Instead,
just connect normally and leave the connection open while closing the
GUI directly or indirectly (on logout, for example). Such a connection
will auto-connect when the GUI is started the next time.
If auto-connect is not desired for a particular connection, stop it
before exit. Or, the whole feature may be disabled in the setings menu
(implemented in next commit).
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Provide more room for some long strings in General and
Advanced settings dialogs in German localization.
fixes#244
Signed-off-by: Selva Nair <selva.nair@gmail.com>
WEB_AUTH is treated same way as OPEN_URL with no support
for optional flags in WEB_AUTH message. In particular
proxy is not supported.
Closes#414
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Since version 11.30, we scan config-auto folder and show them
in the menu of available connection profiles. To reduce user-confusion,
always group these configs under a submenu ("Persistent Connections")
even when nested config menu view is not in use.
ActivateConfigGroups() is now always called as Persistent and
System profile groups can now go from empty to non-empty
on rescan.
When nested config menu view is enabled, "persistent", "system"
and "user" configs are always shown in separate groups.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Create the parent groups for persistent and system profiles
in advance so that these always appear at the top when nested
config menu view is active.
Also, while rescanning with active connections present, newly
found configs in global config and auto-config folders are added
to their own parent groups instead of to the root groups.
No user-visible changes unless nested config menu view is enabled.
In that case, "Persistent Connections" followed by "System Profiles"
will always appear first in the connections list.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
PR 418 introduced repeatedly trying to connect to the
management interface on timeout. User can exit out of this loop
by "disconnect", but for this to work an explict
call to OnStop() is required. Normally OnStop() is triggered
by management disconnect which won't happen if not connected
in the first place.
Also call OnStop() on all iservice errors instead of waiting for
management timeout which may never happen.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
_wfopen requires ccs=<encoding> to support writing of
non-ascii text. This was missed in the initial commit.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
- Download link was outdated.
- Link to docs on configuration pointed to the main page of OpenVPN Inc.
which is hardly helpful -- point to the configuration section of the
HOW TO instead.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
- Add a function to check flow direction of currently selected
UI language
- Add MB_RIGHT|MB_RTLREADING to message boxes when language is RTL
Note: though we use MessageBoxEx() for popups, and pass langId to it,
buttons like OK/Cancel are not automatically localized. It seems these
get localized based on the current locale, not the langID passed in.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
In bidirectional text, neutral characters like parentheses
and slashes can get interpreted as RTL when not surrounded by
strong LTR characters. This leads to wrong formatting like
"<Copyright <foo@example.com" instead of "Copyright <foo@example.com>"
Workaround by adding explicit right-to-left embedding marker (U+202a).
(Ref: https://www.unicode.org/reports/tr9/)
For trailing slash in URLs, they are just omitted when not really
required.
Some other minor edits:
- Do not translate "OpenVPN Technologies Inc."
- SOCKES --> SOCKS
Signed-off-by: Selva Nair <selva.nair@gmail.com>
- Remove description about run-as-admin that is out-dated.
Simply state that the GUI is supposed to be run as a limited user.
- Document persistent connections support in the GUI.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
In case of persistent connections, openvpn.exe is still running
after a disconnect, and another user can restart it without needing
credentials using cached passwords. Avoid this by sending
"forget-passwords" to the management interface before disconnect.
Only persistent connections are affected.
In openvpn.exe versions >= 2.5.8, this will also clear cached
auth_token, if present.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Also remove related variables from configure.ac
as those are unused since we updated resources to be
MSVC compliant.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
CheckServiceStatus() return value is never used - the status
is set to global options_t struct.
While on it, remove unneccessary "false" argument
and reformat the code.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
- ShellExecute with runas is used to elevate
- This Option is hidden if PLAP dll is not found in the
install_path bin folder
- Depends on the presence of openvpn-plap-install.reg
and openvpn-plap-uninstall.reg in the install-path bin
folder.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Connection profiles shown on the login screen using PLAP
requires automatic service that starts openvpn.exe
processes for these profiles.
This commit adds an attempt to start the service from
PLAP dll. The service is started only if any PLAP enabled
profiles are found.
As starting the service can spawn up OpenVPN.exe processes and
the GUI may attach to them, auto-connect in the GUI is
suspended during session lock to leave the connections free to
be controlled from PLAP screen.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
If '--management' option cannot be parsed in the config file of a
persistent profile (due to missing option, unreadable password etc.),
connecting it from the GUI menu fails.
In such cases show an error message instead of silently failing.
The message is shown only during manual connect attempts,
not during auto-connect or resume.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
- instantiate OpenVPN PLAP provider which will enumerate configs
in config-auto directory.
- Attempt to connect each config found one after the other
The test program is deliberately written in C++ as that's how most
Windows programs (and likely, LogonUI.exe) may use the COM object.
Note that duplicate configs are ignored, so ensure that config
files in config-auto are not "shadowed" by identical named one's
in user's profile or in global config folder.
Additional notes:
The test program is not linked to the plap dll.
Instead it finds the module using CoGetClassObject,
so the plap dll must be registered in the system.
It also tests dynamically loading the dll from
C:\Program Files\OpenVPN\bin\libopenvpn_plap.dll
which should succeed even if the registration is not
proper.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
This header has been recently added to mingw-w64 on our
request. Until its available in released versions,
wget it from mingw-w64's github repo.
Only affects autotools-based builds -- MSVC builds will pick the
native header.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Selva Nair