github
/
openvpn-gui
mirror of https://github.com/OpenVPN/openvpn-gui
1
0
Fork 0
Code Issues Releases Wiki Activity
837 Commits
7 Branches
114 Tags
3.7 MiB
Commit Graph

837 Commits (583e48b148ac19037e53a542fb21548ee685a9f0)

Author SHA1 Message Date
Selva Nair 4e223916ae Copy resource changes to all languages 
Signed-off-by: Selva Nair <selva.nair@gmail.com>
 2021-08-31 21:55:59 -04:00
Selva Nair 90cc9e3cdb Add content-type check for import from URL 
For Import from URL, require that response
from server must have
content-type: application/x-openvpn-profile

This reduces chances of mistyped input causing
import of random html pages as connection profile.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
 2021-08-31 21:55:59 -04:00
Selva Nair e80a39c825 Implement importing profile from a generic URL 
ParseUrl extended to parse generic URLs and parse
the path. DownloadProfile() function re-factored
for reuse with generic URL.

Also:
- INTERNET_FLAG_RELOAD added to the request
  call to force reloading the data from server instead
  of using possibly cached data.
- Input box for URL extended in length to about
   50 characters wide.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
 2021-08-31 21:55:59 -04:00
Selva Nair 480d9e456b Copy changes to all language resource files 
For openvpn-res-cs.rc, some missing help message
entries are also copied.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
 2021-08-31 14:48:20 -04:00
Selva Nair 8e4183f9a9 Add '--command import' command line option 
Import a config file from command line as

`openvpn-gui.exe --command import <file-path>`

The command is send to a running instance if any.
Otherwise the GUI extecutable is started and
the import processed.

`openvpn-gui --import <file-path>`

is interpreted as the same command.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
 2021-08-31 14:48:20 -04:00
Selva Nair e03ce9c5f1 During import check whether profile with same name exists 
Currently we construct the destination path and check whether
it exists. This could miss a connection profile with same
name in another directory.

If a config with same name is found we set it as the destination,
and ask the user for permission to overwrite. However, if the duplicate
is in the global_config_dir, the behaviour is not changed -- that is,
the config is imported with no further prompts.

Also fix the use of same buffer as destination and source in
swprintf(). It seems to work, but is not 'legal'.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
 2021-08-31 14:48:20 -04:00
Lev Stipakov 82d932a503 URL profile import: disable profile download in case of certificate errors 
Allow users to bypass HTTPS is not good, but may nevertheless be useful during development.

DEBUG macro is widely used in openvpn-gui code but was missing from CMakeLists.txt, so add it there.

Signed-off-by: Lev Stipakov <lev@openvpn.net>
 2021-08-23 12:07:18 -04:00
Lev Stipakov e3b06efcd2 URL profile import: support for 2FA 
When 2FA is enabled, server (such as AS)
replies with HTTP 401 and issues a challenge.

Use existing facilities to parse CRV message
and prompt user for a response, then call REST
method again with encoded response as HTTP auth password.

See https://github.com/OpenVPN/openvpn3/blob/master/doc/webauth.md#challengeresponse-authentication
for more information.

Signed-off-by: Lev Stipakov <lev@openvpn.net>
 2021-08-23 12:07:18 -04:00
Lev Stipakov c7beb04ff5 URL profile import: download and import profile 
Use WinInet to download profile into memory buffer.
If there are certain certificate errors (invalid CN,
wrong date, unknown CA, revocation check failed),
ask if user wants to continue.

Extract profile name from content, sanitize name and
save profile in temp directory. Then import profile
using existing facilities.

Signed-off-by: Lev Stipakov <lev@openvpn.net>
 2021-08-23 12:07:18 -04:00
Lev Stipakov d6a622a023 URL profile import: allow specifying owner window of message box 
This will be used later when parent window
needs to be disabled when message box is displayed.

Signed-off-by: Lev Stipakov <lev@openvpn.net>
 2021-08-23 12:07:18 -04:00
Lev Stipakov 78ee9b981d URL profile import: refactor ImportConfigFile 
Factor out importing part (everything except file open dialog)
into separate function, which can be used when importing
profile from URL.

Signed-off-by: Lev Stipakov <lev@openvpn.net>
 2021-08-23 12:07:18 -04:00
Lev Stipakov 9ded7996ab URL profile import: add profile import dialog 
This is the first patch from series which implemets
importing profile from URL, currently implemented
by OpenVPN Access Server.

Move "Import from file" menu item under new "Import"
item. Add "Import from AS..." item under "Import", which
opens new profile import dialog.

Signed-off-by: Lev Stipakov <lev@openvpn.net>
 2021-08-23 12:07:18 -04:00
Lev Stipakov 290906b8db openvpn.c: add missing calling convention 
Commit 131c75e5 ("Notify dialog windows when OpenVPN state changes") added callback
function, but forgot to specify __stdcall calling convention with CALLBACK keyword.

This is not an issue for x64 builds, but x86 requires __stdcall calling convention for callbacks,
otherwise compiler throws an error:

  Error: D:\a\openvpn-gui\openvpn-gui\openvpn.c(292): error C2440: 'function': cannot convert from 'BOOL (__cdecl *)(HWND,LPARAM)' to 'WNDENUMPROC'

Reported-by: Samuli Seppänen <samuli@openvpn.net>
Signed-off-by: Lev Stipakov <lev@openvpn.net>
 2021-08-19 13:48:49 +03:00
Lev Stipakov 014dc1a6c2 GitHub Actions: add x86 build 
Signed-off-by: Lev Stipakov <lev@openvpn.net>
 2021-08-19 13:48:49 +03:00
Selva Nair e6e65a4883 Handle state change message when repsonse is not required 
Currently we show a messagebox with OK/CANCEL when response is
not required but that cannot handle state change messages.
Instead, show the "GenericPass" dialog with input disabled.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
 2021-08-17 13:43:25 -04:00
Selva Nair 131c75e560 Notify dialog windows when OpenVPN state changes 
Use a custom message to pass state change notification from OpenVPN
to all top level windows in the thread.  Currently only the pending auth
dialog responds to this message by closing when the state changes.
The state change could be due to timeout, errors or success via
out-of-band authentication which makes the dialog no longer valid.

The case of CR_TEXT messages that do not require a response is handled
in the next commit.

See also issue #440 https://github.com/OpenVPN/openvpn-gui/issues/440

Signed-off-by: Selva Nair <selva.nair@gmail.com>
 2021-08-17 13:43:25 -04:00
Selva Nair fcc964bf95 Bug fix for challenge string parsing 
Fix parsing of the challenge text that could contain the
delimiter ':'

Signed-off-by: Selva Nair <selva.nair@gmail.com>
 2021-08-16 13:35:29 -04:00
Taro Yamazaki 04ce476a58 Change the font to Microsoft Sans Serif. 2021-07-15 01:09:20 -04:00
Taro Yamazaki ae1ee2d7a4 Update translation 2021-07-15 01:09:20 -04:00
Taro Yamazaki c6d5199c03 Fix translation 2021-07-15 01:09:20 -04:00
Taro Yamazaki f5bf568d5b Update Japanese translation 2021-07-15 01:09:20 -04:00
Taro Yamazaki 03d2f1c82d Update Japanese translation 2021-07-15 01:09:20 -04:00
Selva Nair 41dd5ff7fb Copy settings dialog changes to all language files 
Signed-off-by: Selva Nair <selva.nair@gmail.com>
 2021-06-25 20:48:02 -04:00
Selva Nair 7faa16846d Option to disable echo messages from settings menu 
- Also add an edit box for setting the mute interval for
  repeated echo messages. To be specified in hours
  >=0. A zero value disables muting.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
 2021-06-25 20:48:02 -04:00
Selva Nair 6b4e6d301a Delete old messages in the window when content grows beyond a limit 2021-06-25 20:48:02 -04:00
Selva Nair 8182a455bb Document new registry keys for echo-msg 
Signed-off-by: Selva Nair <selva.nair@gmail.com>
 2021-06-25 20:48:02 -04:00
Samuli Seppänen e7dc61c7a1 Bump version to 11.25.0.0 
Signed-off-by: Samuli Seppänen <samuli.seppanen@gmail.com>
 2021-06-17 12:16:05 +03:00
Selva Nair 86b86e6f7e Handling of CR_TEXT when no response is required 
As with CRV1, submit an empty string as the response.
Our base64-encode functiton can handle empty input to generate
an empty string as output.

Also make ensure the message box is shown in foreground,
and not dependent on the status window which may be hidden.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
 2021-06-04 12:42:05 -04:00
Lev Stipakov 5dcc584a7a Support for crtext 
This adds support for crtext method of pending authentication,
used by Access Server 2.7 and newer.

When enabled on the server side and on the client side (IV_SSO=crtext),
server returns AUTH_PENDING with Info command like:

    CR_TEXT:R,E:Enter Authenticator Code

Client prompts user for the response and sends base64-encoded response
to the server via management interface command:

    cr-response SGFsbG8gV2VsdCE=

See https://github.com/OpenVPN/openvpn/blob/master/doc/management-notes.txt (crtext part)
for more information.

Signed-off-by: Lev Stipakov <lev@openvpn.net>
 2021-06-02 00:49:08 -04:00
Lev Stipakov bb00d95f86 Web-based extra authentication 
This adds support for web-based extra authentication, which may be
used by OpenVPN Cloud. When enabled and client sends IV_SSO=openurl,
server pushes Info command OPEN_URL:<url>. The client opens that URL and
user authenticates.

Signed-off-by: Lev Stipakov <lev@openvpn.net>
 2021-06-02 00:49:08 -04:00
Selva Nair e14287e93e Apply transparency mask to the connecting-state checkmark image 
Use the image in the connecting state icon with background
color replaced by that of the menu for use as the checkmark.

MSDN docs on SetMenuItemBitmaps is unclear about the use of
color bitmaps for checkmarks, but this appears to display well.
(Tested on Windows 10 only).

The bitmap is recreated everytime the popup menus are made
although its sufficient to recreate it when system colours
change.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
 2021-06-02 00:48:41 -04:00
Lev Stipakov 8d878e8f7b CMake: read version from configure.ac 
Instead of using hardcoded major/minor version in config-msvc.h,
use the values from configure.ac.

Signed-off-by: Lev Stipakov <lev@openvpn.net>
 2021-05-24 09:01:33 -04:00
Selva Nair 438ea865c8 Remove repeated phrase and fix text truncation 
The About text is truncated in Spanish version when
compiled with MSVC as LTEXT can't exceed 256 characters.

Removing the repeated phrase fixes this for now. If future
translations increase the length, please consider breaking
the paragraph into two.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
 2021-05-24 08:11:26 -04:00
Selva Nair 1c0c159d21 Have unique and non-zero IDs for all controls 
Should fix duplicate control id warnings from resource
compiler.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
 2021-05-24 07:52:29 -04:00
Selva Nair 01bbd57e48 Enable all language resource files in MSVC build 
Also remove openvpn-gui-res-en-msvc.rc which is no
longer used.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
 2021-05-19 20:58:06 -04:00
Selva Nair 5d209f44cb Construct version string in About dialog at runtime 
Required to match the previous commit that removed macro
substitution in resource text strings.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
 2021-05-19 20:58:06 -04:00
Selva Nair 56efcc6515 Make all resource files MSVC compliant 
- Remove intermediate quotes in continued lines
- Remove macro substitutions in strings
- Split two long LTEXT (>256 characters) into two

All changes autogenerated using a sed script here
https://gist.github.com/selvanair/ae78c29869d7c1d15abcb909f04676c6

Signed-off-by: Selva Nair <selva.nair@gmail.com>
 2021-05-19 20:58:06 -04:00
Selva Nair c15fb27570 Allow clearing of key password in ChangePassphraseDialogFunc 
Use an empty password to clear any existing password in the
private key file. If not empty, the requirement of minimum 8
characters is retained.

For PEM key file, an empty password will clear encryption on
the key. For pkcs12 files it will set an empty password.
As use of an empty password is the default first try in
OpenVPN.exe when reading pkcs12 file, this effectively leads
to the user not prompted for a private key password during
connection setup.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
 2021-05-18 22:54:38 -04:00
Lev Stipakov 96d443a9d0 appveyor: remove msvc target 
It has been replaced by github actions.

Signed-off-by: Lev Stipakov <lev@openvpn.net>
 2021-05-14 17:20:00 -04:00
Lev Stipakov f22db17272 add github actions 
Signed-off-by: Lev Stipakov <lev@openvpn.net>
 2021-05-14 17:20:00 -04:00
Lev Stipakov 2d329a32d1 add vcpkg manifest 
Signed-off-by: Lev Stipakov <lev@openvpn.net>
 2021-05-14 17:20:00 -04:00
Lev Stipakov 4a483b029b replace msvc project with cmake 
Signed-off-by: Lev Stipakov <lev@openvpn.net>
 2021-05-14 17:20:00 -04:00
Lev Stipakov af72adf2ee fix log() confusion 
By some reasons Release build ignores _INC_MATH and includes math.h,
which conflicts with our own log definition. Rename it to log_.

While on it, also rename other enum names for consistency.

Signed-off-by: Lev Stipakov <lev@openvpn.net>
 2021-05-14 17:20:00 -04:00
Lev Stipakov a68341f021 main.c: trim whitespaces 
Signed-off-by: Lev Stipakov <lev@openvpn.net>
 2021-05-14 17:20:00 -04:00
Selva Nair 69e772d681 Fix handling of dynamic challenge when response is not required 
In this case, as per management-notes.txt, a CRV1 response with
an empty password should be submitted. Currently we ignore
such "challenges" causing the regular user-auth dialog to be shown
instead.

Fix by displaying the message received from the server. Depending
on user action (OK or CANCEL), a properly formatted reponse with an
empty password is returned or the connection is aborted.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
 2021-05-03 00:51:33 -04:00
Selva Nair 21e09d4603 In generic password dialogs require non-empty inputs 
In private key passphrase and dynamic-challenge/pkcs11 PIN
dialogs:

- Disable the OK button by default
- Require non-empty user input before the OK button is enabled

Signed-off-by: Selva Nair <selva.nair@gmail.com>
 2021-05-03 00:51:33 -04:00
Selva Nair e4252076cf In User-Auth dialog require non-empty password or PIN 
We had earlier supported blank passwords or OTPs to be submitted. Change
this by enabling the OK button only if some minimal inputs are present.

- In static challenge dialog require username and either password or
  challenge-reponse (OTP) fields to be non-empty
- In normal user-auth dialog require username and password to be non-empty

Signed-off-by: Selva Nair <selva.nair@gmail.com>
 2021-05-03 00:51:33 -04:00
Samuli Seppänen 0511236062 Bump version to 11.24.0.0 
Signed-off-by: Samuli Seppänen <samuli.seppanen@gmail.com>
 2021-04-21 07:03:24 +03:00
kauczu b978fb2fd3 Update Polish translation in openvpn-gui-res-pl.rc 
the style of the translation has been improved,
untranslated fields has been translated
 2021-04-04 18:11:27 -04:00
Selva Nair c47c3bf81a Remove MAX_CONFIGS limit using WM_MENUCOMMAND for menu messages 
We currently use WM_COMMAND message which is delivered with the
ID of the menu item requiring a unique ID for every command
(connect, disconnect etc..) for each connection profile. Instead,
use WM_MENUCOMMAND so that the message delivers a handle to the
menu and the position index of the menu item.

Connection menu array is now dynamically allocated. Yet, there
is still a limitation on the number of configs as the config
index + mgmt_port_offset must be < 65536 to be usable as a port
number. The error message shown for "too many configs" is reworded.
(English language file only).

Note: The current way of selecting the management port based on the
index of the config file increases chances of port conflicts
when the number of configs is large. It could be useful to change
this logic but that is beyond the cope of this PR.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
 2021-03-05 22:16:08 -05:00