- Flag password and username input if these contain an invalid character
(currently only embedded '\n' is disallowed). Shows a popup when OK
is pressed so that the user can correct the input and resubmit.
- Add an error message to the log when the management i/f returns
ERROR for incorrectly parsed commands. Otherwise such errors go
unnoticed.
Note: IDS_ERR_INVALID_USERNAME/PASSWORD need translations.
Reported and tested by: Florian Beier (H4ndl3 on github)
Fixes Trac: #958
Signed-off-by: Selva Nair <selva.nair@gmail.com>
- Change text color of log lines with flags = W, N, F
v2: replace strchr with memchr to avoid modifying line
Signed-off-by: Selva Nair <selva.nair@gmail.com>
- "Wrong username or password" message shown in the auth userpass dialog after
an auth failure
- "Wrong password" message shown in the private key password dialog after a
password failure.
These message texts are colored red by default (TODO: make the color customizable)
Signed-off-by: Selva Nair <selva.nair@gmail.com>
When the username is filled automatically, set the focus to
the password field. This way you can enter the password
immedediately without having the press TAB (or even worst
users using the mouse to click on the password field).
- A new registry HKLM\Software\OpenVPN\disable_save_passwords
(32 bit DWORD value) may be set to a non-zero value to
disable password saving by users. Applies to both auth and
private key passwords. Usernames are always saved.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Support the following echo commands
- "echo forget-passwords": delete passwords internally saved by the GUI
but do not disable the password save feature. Useful when pushed
from the server so that it gets processed after authentication. Also see
management-notes.txt in openvpn docs.
- "echo save-passwords": enables private-key and auth-user-pass passwords
to be saved. Will be effective at startup only if present in the config
file. If pushed from the server, will get used for subsequent
password prompts. Essentially this has the effect of presenting the password
dialogs to the user with save-password checkbox selected. The user may still
uncheck it during the dialog.
Note: echo commands are processed as and when they are received and in the order
received.
TODO: support for "echo setenv name var", "echo disable-save-passwords" etc..
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Without this the service will continue to wait for input from GUI
and log pipe read errors to the event log.
Also fix a typo in the error messgae shown.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Avoid reporting a connection that completed with errors (state change
message = CONNECTED,ERROR) as successful.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
- Check system metric for large and small icon sizes and
try to load the correct size instaed of scaling from one size.
Scaling will still happen if the required size is not available
in the icon resource. As we add more icon sizes they will
get automatically used as needed.
LoadImage scales up from next smallest size available. Revisit this
when LoadIconWithScaleDown (Vista+) becomes available in mingw.
Resolves Trac: #772 (icon scaling issue)
Signed-off-by: Selva Nair <selva.nair@gmail.com>
- Set dpi-awareness to true in the manifest (i.e., "system-dpi aware")
- Check system dpi and scale and/or position widgets and windows
that depend on the system dpi (only components within the status
window are affected).
Note: Declaring dpi awareness eliminates automatic rescaling of
windows that causes blurred text on high dpi monitors.
Windows 8.1 and later allow per monitor dpi setting which is
not handled here.
Note: IDS_NFO_TOKEN_PASSWORD_CAPTION and IDS_NFO_TOKEN_PASSWORD_REQUEST
strings need translation.
TODO: support for selecting pkcs11-id from the GUI
Signed-off-by: Selva Nair <selva.nair@gmail.com>
- Add a base64 decode function using Windows CyptoAPI
- Move multibyte to widechar conversions to a function
- Add config name to caption of password dialogs to help user
identify the request
- Add new dialog template for generic password/PIN requests
and use it to handle dynamic challenge
Note 1: if dynamic challenge response verification fails, an auth-failed
message is returned by the server causing the GUI to clear any saved
password even if the user-auth dialog itself succeeeded.
Note 2: Dialog template ID_DLG_CHALLENGE_RESPONSE added to language
files may require translation.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
WINAPI is __stdcall in 32 bit windows (ignored in 64 bit) causing
this bug to show up in the 32 bit version only.
Also fix out-of-bounds write of ovpn_version[] in openvpn.c
Resolves Trac #758
Signed-off-by: Selva Nair <selva.nair@gmail.com>
When openvpn exits due to error, the GUI pops up a modal dialog and
waits on user to click OK before cleaning up resources and closing
the status window. During this phase if the user clicks "connect"
from the tray menu, a new thread is started overwriiting several
handles in the connection struct.
Fix: Refuse to start a connection when previous status thread is
still active. Instead, bring the exisiting status window to fore-ground.
Also make the modal dialog a child of the status window for better
visibility.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Sometimes gracefully stopping openvpn fails leaving the
process running in background. This causes restarting of
connections to fail until those processes are manually killed.
- Read process ID from interactive service to get process
handle when openvpn is started by the service.
- Add a last resort method to forcefully terminate openvpn
process that fails to exit aftier sending stop signal. Terminate
is triggered after a 3 second timeout following Stop.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Option ediitng dialogs are in two tabs: General and Advanced.
Proxy related options are left in the proxy tab. Options
config_dir, config_ext, log_dir, script timeouts and
service-only flag are in the Advanced tab. All other more commonly
used flags and options are in the General tab.
- As options are editable, save values in registry only when they differ
from the default values. This leaves the registry clean and makes changing
options and their defaults during updates easier.
- Entries for config_dir and log_dir must be absolute paths.
Environemental variables such as %PROFILEDIR% may be used
to construct these.
- Empty config_dir, config_ext and log_dir entries are silently
ignored (i.e., the current values are left unchanged).
- Store all numeric and boolean parameters in registry as DWORD instead of
strings.
- On startup, the default parameters are loaded, then the registry is read
and finally command-line parameters parsedi.
- Out of range script timeout values in registry truncated with a
warning instead of fatal error. This allows the user to access the
settings dialog and make corrections.
- Save proxy and language settings under the same
HKCU\Software\OpenVPN-GUI key as other options instead of under Nilings.
- Save the current version of the GUI in regsitry so that updates
can be detected and any needed registry cleanup done.
- If no version info is present in the registry any values in OpenVPN-GUI
key in HKCU are deleted for a clean start as this is the first version
to save registry values in HKCU. Language and proxy data if present
under Nilings is migrated.
Note: new controls in the General tab and newly added Advanced tab dialog
are copied to all language files from the English version. These need to
be translated.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
- Replace allow_password by a runtime check that enables password
change menu only when the user has write-access to the key file.
- Read exe_path and priority from HKLM and do not duplicate in HKCU.
- Always allow the user to view the config: edit will succeed if user
has write access.
- Always include the proxy settings tab which is the default.
- Remove the unused power event handling and disconnect_on_suspend key.
- Remove password_attempts -- user can stop the password dilaog
by clicking cancel.
- Remove allow_service: implicitly enabled if service_only is used.
- Deprecate removed options in cmd-line parser
- Update README.rst
- Close config file before exit in GetKeyFileName
- Close thread and dialog handles in passphrase.c
Signed-off-by: Selva Nair <selva.nair@gmail.com>
- Username and, optionally, password as well as the private
key passphrase are saved in config-specific registry keys
- All saved data are kept encrypted using DPAPI
- The passphrase dialog is skipped if a valid saved private
key password is available. However, the user-auth dialog
is always presented, prefilled with the saved username
and password.
Note: A text string "Save password" is added to three dialogs
in all language resource files. Additional text with ids
IDS_MENU_CLEARPASS and IDS_NFO_DELETE_PASS are added to the
STRINGTABLE only in the English language resource file.
All these need translations.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
PostThreadMessage used to trigger exit event gets lost while
in modal dialog loops such as auth dialog. Replace it by PostMessage
and handle it in the status window callback.
Fixes openvpn processes left behind if exit is pressed while
user-auth dialog is active.
Changes after feedback:
- Use PostMessage correctly in SuspendOpenVPN() (error pointed
out by leobasilio@gmail.com).
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Asynchronously read Input on the service pipe which are mostly
errors reported by the service. Display the errors on the status log
window and to the log file if its not opened by openvpn.
If/when openvpn fails to start or exits with error, close
the connection without waiting for management socket timeout.
v2:
- rebase to master
- fix a bug in setting manage.connected state
- ensure management socket is closed and resources freed before thread exit
Signed-off-by: Selva Nair <selva.nair@gmail.com>
When a connection is attempted using a config in a location
that would fail, offer an option to add the user to the "OpenVPN
Administrators" group. This is done using shell-execute which will
show a UAC prompt for elevation. If it fails (due to user chooses
NO or the UAC dialog fails) the connection is not started.
v2 Changes
- Rebase to master
- Automaticlaly add the admin group if it doesn't exist
- Allow unicode strings in debug output
- Use domain\username to identify user
- Fix the PrintDebug macro
Minor changes based on user feedback
- Bring the window back to foreground after UAC prompt completion
- Show a message if another connection is tried during authorization
- Do not add user to ovpn_admin_group if it is same as the built-in admin group
Signed-off-by: Selva Nair <selva.nair@gmail.com>
- Handle early errors (openvpn exits before management connection is up)
with a helpful error message that points the user to view log.
- Include only readable config files in the connection list
- Warn if no connection profiles found
TODO: handle startup errors from interactive service
This is needed to avoid early messages going to stdout leaving no
trace of errors when openvpn exits before management interface is up.
It also ensures that any --log directives in the config do not override
the log file location.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Connecting to a named pipe server while running with admin rights is not
secure in some windows versions. As the interactive service is not required
to set routes while running as admin, this looks like a safe compromise.
Fix based on feedback from Heiko Hund
- Move IsUserAdmin() check before opening the service pipe
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Proxy settings are fetched from the users Internet Options
for the active connection. If WPAD or a PAC script is configured
they are preferred and used for automatic proxy detection.
Proxy bypass configuration is completely ignored.
Selva Nair