Commit Graph

43 Commits (577d982b51670f7f68d6dad9d0bf08f8a01879ba)

Author SHA1 Message Date
Selva Nair d6775b9b71 Persistent connections: show an error msg when connect fails
If '--management' option cannot be parsed in the config file of a
persistent profile (due to missing option, unreadable password etc.),
connecting it from the GUI menu fails.
In such cases show an error message instead of silently failing.
The message is shown only during manual connect attempts,
not during auto-connect or resume.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
2022-10-19 09:49:15 -04:00
Selva Nair 170a9b9e76 Copy resources for persistent connections
Signed-off-by: Selva Nair <selva.nair@gmail.com>
2022-08-08 10:11:25 -04:00
Selva Nair 8f0dbbc8a3 Always check status of automatic service
- Remove service-only mode (start/stop service) which has not been in
  use since we moved to running the GUI as limited user.
  Also its not very useful as it does not allow any control of
  service-started daemons

- Keep CheckServiceStatus and always check the status of
automatic service.

The status of the service will be used to toggle supporting
control of persistent connections started by the service.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
2022-08-08 10:11:25 -04:00
Selva Nair 428ee29246 Add support for marking connections as persistent
Persistent connections have openvpn.exe daemon started
external to the GUI (e.g., by the automatic service).
This patch adds support for attaching to the management
i/f of such daemons from the GUI and control the connection.

The GUI never stops or starts the openvpn.exe process in this
case. Instead, connect and disconnect buttons signal the
management interface of a running openvpn.exe process to start
the tunnel by attaching to mgmt i/f and sending hold-release if
needed  or stop it and wait in management-hold state
(see DisconnectDaemon()).

When the GUI process exits, persistent connections are left in their
current state using DetachOpenVPN().

No connections are marked as persistent as yet. That is done
in a following commit.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
2022-08-08 10:11:25 -04:00
Selva Nair 4f0b94bf19 Copy new dialog and resources to all language files
Signed-off-by: Selva Nair <selva.nair@gmail.com>
2022-07-19 12:08:02 +02:00
Selva Nair e548259722 Copy IDS_ERR_URL_IMPORT_PROFILE resource to all language files
This was missed in an earlier commit.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
2022-07-19 12:08:02 +02:00
Selva Nair 3e37291e5d Set WS_EX_TOPMOST style on dialogs
This extended style makes the window topmost in z-order.
We currently set this for the user-auth and private-key
passphrase dialogs, but useful for any dialog that may popup
without user interaction.
(Eg., challenge response during a server-initiated restart
or reneg).

Trac: #1465

Signed-off-by: Selva Nair <selva.nair@gmail.com>
2022-06-20 09:08:54 -04:00
Lev Stipakov d60325acde Support for OpenVPN 3
This adds optional support for using OpenVPN3 client
as an alternative to openvpn2.

Just replacing one client with another will not work:

 - OpenVPN3 doesn't use interactive service, it uses
"agent" service with completely different protocol. OpenVPN GUI
needs to talk to agent using HTTP and JSON.

 - OpenVPN3 management interface realtime notifications must be
explicitly turned on in order for GUI to work.

To enable using openvpn3:

 - use any of *-ovpn3 presets (cmake build system)

 - ./configure --enable-ovpn3 (mingw)

To switch betweet openvpn2 and openvpn3, see "OpenVPN Engine"
radiobutton group in Settings -> Advanced dialog.

OnReady() implementation was slighly changed - "log all on"
replaced with "log on all" - according to management interface
documentation this is the right way to do it, and also OpenVPN3
only supports "on all" order.

Management interface - enabled OpenVPN3 client (omiclient.exe) and
agent (ovpnagent.exe) are now part of openvpn3 repo.

Co-authored-by: Christopher Ng <facboy@gmail.com>
Signed-off-by: Christopher Ng <facboy@gmail.com>
Signed-off-by: Lev Stipakov <lev@openvpn.net>
2022-06-15 10:32:36 -04:00
Selva Nair bb6b6e29fb
Provide more space for challenge dialog text (#469)
* Provide more space for challenge dialog text

We do use a re-sizeable dialog box for dynamic challenge-response
to cater for potentially long lines of challenge text. But the
space specified for the widget is enough for only a single short line
(~60 characters) of text.

Increase the horizontal and vertical space to allow for up to
two lines of ~120 characters per line.

The default size of the Window is not changed. But it is
automatically resized if the space required for the text
is longer than the window width minus some margin. The max
horizontal size of the window is capped at 640 nominal pixels
as longer text will be wrapped in to two lines.

Github issue #468

Signed-off-by: Selva Nair <selva.nair@gmail.com>
2021-11-29 11:44:13 -05:00
Selva Nair e8257d8672 Copy new string resource to all language files
Signed-off-by: Selva Nair <selva.nair@gmail.com>
2021-11-18 14:33:09 -05:00
Selva Nair 56ee704501 Use C standrad compliant printf specifications
%S --> %hs in wide format strings, %ls otherwise
%s --> %ls in wide format strings, unchanged otherwise
%c --> %lc in wide format strings

Resource files together have about 970 lines affected and
were edited by looping through all with
sed -i 's/%S/%hs/g' $file
sed -i 's/%s/%ls/g' $file
All other files were manually changed (about 85 lines).

Recent versions of mingw-w64 implicitly turns on __USE_MINGW_ANSI_STDIO
if _GNU_SOURCE, _XOPEN_SOURCE etc are defined (which we do usei).

This breaks non-standard spec such as %S. Anyway, we have been
gradually getting rid of those.

MSVC builds should not be affected.

v2: multiple occurrences in same line was missed in v1 (/g missing in
sed expression). Fixed.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
2021-11-03 16:20:17 -04:00
PlayDay b19965dd2b Fix typo in openvpn-gui-res-ua.rc 2021-11-02 09:33:01 -04:00
Selva Nair 4e223916ae Copy resource changes to all languages
Signed-off-by: Selva Nair <selva.nair@gmail.com>
2021-08-31 21:55:59 -04:00
Selva Nair 480d9e456b Copy changes to all language resource files
For openvpn-res-cs.rc, some missing help message
entries are also copied.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
2021-08-31 14:48:20 -04:00
Lev Stipakov 9ded7996ab URL profile import: add profile import dialog
This is the first patch from series which implemets
importing profile from URL, currently implemented
by OpenVPN Access Server.

Move "Import from file" menu item under new "Import"
item. Add "Import from AS..." item under "Import", which
opens new profile import dialog.

Signed-off-by: Lev Stipakov <lev@openvpn.net>
2021-08-23 12:07:18 -04:00
Selva Nair 41dd5ff7fb Copy settings dialog changes to all language files
Signed-off-by: Selva Nair <selva.nair@gmail.com>
2021-06-25 20:48:02 -04:00
Selva Nair 1c0c159d21 Have unique and non-zero IDs for all controls
Should fix duplicate control id warnings from resource
compiler.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
2021-05-24 07:52:29 -04:00
Selva Nair 56efcc6515 Make all resource files MSVC compliant
- Remove intermediate quotes in continued lines
- Remove macro substitutions in strings
- Split two long LTEXT (>256 characters) into two

All changes autogenerated using a sed script here
https://gist.github.com/selvanair/ae78c29869d7c1d15abcb909f04676c6

Signed-off-by: Selva Nair <selva.nair@gmail.com>
2021-05-19 20:58:06 -04:00
Selva Nair 6b1372d886 Update help message
Describe recently added command line options:
 - iservice_admin
 - disable_popup_messages
 - popup_mute_interval
 - management_port_offset
Added the default English text to all langauage files.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
2021-03-05 09:48:10 -05:00
Selva Nair 7c4494b005 Copy newly added resources to all language files
Signed-off-by: Selva Nair <selva.nair@gmail.com>
2021-02-24 09:26:05 +02:00
Lev Stipakov 1715746477 Introduce "Always use interactive service" option
We didn't use interactive service when gui was running
under admin because of some privilege escalation vulnerability in Vista.

Apparently this issue doesn't exist on Win7 and newer versions so
it is safe to use iservice on those systems.

Introduce "Always use interactive service" option,
which is "on" by default. This should enable users,
who by various reasons run gui as admin, use Wintun.

When gui is running as admin and interactive service
cannot be started or not installed, warn that wintun will not work.

Signed-off-by: Lev Stipakov <lev@openvpn.net>
2020-09-18 00:03:03 -04:00
Bohdan Hamulets 4bcee1eed1 Update openvpn-gui-res-ua.rc
Corrected initial pull request https://github.com/OpenVPN/openvpn-gui/pull/361 pull with correct Ukrainian grammar (I am a native speaker, and it's not just my thought on it, but a collaboration of other team members, the main contributor being Bohdan Kobilnyk)
2020-09-03 16:46:22 -04:00
Selva Nair 89509747f1 Remove service-only checkbox from settings menu
- This checkbox is inactive and does nothing.

  The service-only  usage can be still activated using the command
  line option --service_only  or by editing the registry, but its
  not a recommended use case for GUI version 11.0 and above.

See also issue: #264

Signed-off-by: Selva Nair <selva.nair@gmail.com>
2018-06-16 16:32:27 -04:00
Ilya Shipitsin 4a4a6ab52f remove unused resource
after https://github.com/OpenVPN/openvpn-gui/pull/188 that string
is not used anymore
2018-04-23 15:39:47 +03:00
Selva Nair b23c4c2736 Update year in the "About" tab
Signed-off-by: Selva Nair <selva.nair@gmail.com>
2018-04-02 20:59:25 -04:00
Ilya Shipitsin 1c020eee60 add EXSTYLE WS_EX_TOPMOST to login/auth window
(same way it is already done for key password dialog)
2018-03-10 11:00:02 -05:00
Ilya Shipitsin e7fd11812f simplify caption on user/password auth window
also add openvpn ico to auth window
2018-01-30 10:29:00 +02:00
Selva Nair ecb8e50c0f Display assigned IPs and connection stats on status window
- Show the assigned IP numbers, traffic stats (bytes in/out), and
  the GUI and OpenVPN core versions on the status window.

Note: IDS_TXT_BYTECOUNT = "Bytes in: %s out %s" needs translation.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
2018-01-30 10:20:58 +02:00
Ilya Shipitsin 0642cb8fe5 better alignment of warning message 2018-01-06 21:14:11 +05:00
Selva Nair d98ad55467 Change OK button style to BS_DEFPUSHBUTTON in auth-user-pass dialog
- Make the OK button appear highlighted as the default action so that
  the user can press enter and submit the form. This also gives a clearer
  indication of the default action when automatic submission of saved
  username/password activates.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
2017-12-26 13:41:55 -05:00
Pavel Zhovner 9c7a8af3d3 Ukranian translation for auth failure warnings
- Text width increased to avoid clipped text during commit
  by Selva Nair
2017-06-27 16:05:07 -04:00
Selva Nair 29a8bba38c Resize private key password dialog to avoid clipped text
Signed-off-by: Selva Nair <selva.nair@gmail.com>
2017-06-27 16:05:07 -04:00
Selva Nair 1bd5a6faa9 Add a warning message when authentication is retried due to wrong credentials
- "Wrong username or password" message shown in the auth userpass dialog after
  an auth failure
- "Wrong password" message shown in the private key password dialog after a
  password failure.

These message texts are colored red by default (TODO: make the color customizable)

Signed-off-by: Selva Nair <selva.nair@gmail.com>
2017-06-27 16:01:18 -04:00
Samuli Seppänen 8020ee1071 Merge pull request #91 from selvanair/pkcs11-pin-v3
pkcs11 pin prompt
2016-11-30 22:18:34 +02:00
Selva Nair 7033d5c1aa Copy updated copyright to language files
- Copy updates to copyright by commit 32c31ab942 in
  Englishc to all other language files.
- Change version displayed in About page to the form
  "a.b.c.d"
- General settings dialog is incomplete in chinese:
  copy from English version.

- Add the word "OpenVPN" in the About page of Norwegian
  mistakenly removed by commit d81b93d487..

Signed-off-by: Selva Nair <selva.nair@gmail.com>
2016-11-27 20:41:08 -05:00
Selva Nair 1a5ce44a99 Handle dynamic challenge/response
- Add a base64 decode function using Windows CyptoAPI
- Move multibyte to widechar conversions to a function
- Add config name to caption of password dialogs to help user
  identify the request
- Add new dialog template for generic password/PIN requests
  and use it to handle dynamic challenge

Note 1: if dynamic challenge response verification fails, an auth-failed
message is returned by the server causing the GUI to clear any saved
password even if the user-auth dialog itself succeeeded.

Note 2: Dialog template ID_DLG_CHALLENGE_RESPONSE added to language
files may require translation.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
2016-11-15 19:14:32 -05:00
Pavel Zhovner 3aafabf8f5 fix Ukrainian localization 2016-11-13 15:47:28 +03:00
Ilya Shipitsin 0f531dc3ee cleaned up unused resource 2016-09-24 17:17:23 +05:00
Selva Nair 5a47986ccb Make options saved in registry editable by user
Option ediitng dialogs are in two tabs: General and Advanced.
Proxy related options are left in the proxy tab. Options
config_dir, config_ext, log_dir, script timeouts and
service-only flag are in the Advanced tab. All other more commonly
used flags and options are in the General tab.

- As options are editable, save values in registry only when they differ
  from the default values. This leaves the registry clean and makes changing
  options and their defaults during updates easier.

- Entries for config_dir and log_dir must be absolute paths.
  Environemental variables such as %PROFILEDIR% may be used
  to construct these.

- Empty config_dir, config_ext and log_dir entries are silently
  ignored (i.e., the current values are left unchanged).

- Store all numeric and boolean parameters in registry as DWORD instead of
  strings.

- On startup, the default parameters are loaded, then the registry is read
  and finally command-line parameters parsedi.

- Out of range script timeout values in registry truncated with a
  warning instead of fatal error. This allows the user to access the
  settings dialog and make corrections.

- Save proxy and language settings under the same
  HKCU\Software\OpenVPN-GUI key as other options instead of under Nilings.

- Save the current version of the GUI in regsitry so that updates
  can be detected and any needed registry cleanup done.

- If no version info is present in the registry any values in OpenVPN-GUI
  key in HKCU are deleted for a clean start as this is the first version
  to save registry values in HKCU. Language and proxy data if present
  under Nilings is migrated.

Note: new controls in the General tab and newly added Advanced tab dialog
are copied to all language files from the English version. These need to
be translated.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
2016-08-06 11:46:15 -04:00
Selva Nair 5880fdcd02 Save username and optionally passwords
- Username and, optionally, password as well as the private
  key passphrase are saved in config-specific registry keys
- All saved data are kept encrypted using DPAPI
- The passphrase dialog is skipped if a valid saved private
  key password is available. However, the user-auth dialog
  is always presented, prefilled with the saved username
  and password.

Note: A text string "Save password" is added to three dialogs
in all language resource files. Additional text with ids
IDS_MENU_CLEARPASS and IDS_NFO_DELETE_PASS are added to the
STRINGTABLE only in the English language resource file.
All these need translations.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
2016-05-29 19:35:30 -04:00
Leonardo Basilio ece6aef6a6 Launch on startup setting 2016-05-22 22:05:42 -03:00
Soar Qin fe5a1c9b71 Adding static-challenge support 2016-02-27 13:51:13 +08:00
ValdikSS a0acaa1446 Add Ukrainian localization 2015-11-17 14:54:46 +03:00