We didn't use interactive service when gui was running
under admin because of some privilege escalation vulnerability in Vista.
Apparently this issue doesn't exist on Win7 and newer versions so
it is safe to use iservice on those systems.
Introduce "Always use interactive service" option,
which is "on" by default. This should enable users,
who by various reasons run gui as admin, use Wintun.
When gui is running as admin and interactive service
cannot be started or not installed, warn that wintun will not work.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Some users want to use more deeply nested folders than currently
supported. Increase the max depth to 20 which should be plenty for
all.
See also issue: # 364
Signed-off-by: Selva Nair <selva.nair@gmail.com>
The help message is truncated in some languages with
recent increases in textual information in the
usage string. Eg., see "openvpn-gui --help" with
Dutch selected as the language where the text
is about 2300 characters while the buffer is only 2048.
The window still fits on typical screen sizes, so
just increase the buffer size to 3000.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
- All missing strings are copied from the English version
which is the default.
- Description of "--command cmd" is also copied from the
English version where missing.
- Some whitespace changes for consistent formatting of all files
No user-visible changes except for the --help output
which will now include a description of the "--command cmd"
option in English when a translation is not available.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Corrected initial pull request https://github.com/OpenVPN/openvpn-gui/pull/361 pull with correct Ukrainian grammar (I am a native speaker, and it's not just my thought on it, but a collaboration of other team members, the main contributor being Bohdan Kobilnyk)
Strings passed to the management interface should escape characters
such as " and \ that have special meaning for the parser.
But, static-challenge password and response are base64 encoded
before passing to the management interface and get literally
transported to the server in that form. Escape processing of
these strings could result in altering the password and/or response.
Reported by: macskas https://github.com/OpenVPN/openvpn-gui/issues/351
Signed-off-by: Selva Nair <selva.nair@gmail.com>
- Prompt the user for permission if import may overwrite
an existing config.
- Also raise an error if the import file source matches the
global or local config directory. Reimporting a config on to
itself is not supported. This also avoids ERROR_SHARING_VIOLATION
in CopyFile() when source and destination are the same.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Also if install_path read from registry is an empty string, illegal
memory access may result. Fix by using the default value in this
case as well.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
The current code re-issues the next read request in the I/O
completion routine before the previous message is fully handled.
This could potentially lead to lost messages as the message buffer
is reused.
Fix by re-queuing the next read from OnService() after duplicating
the previous message.
The length check of the read message is omitted as it is implicitly
checked when scanning the message. Makes the logic simpler.
Reported by Lev Stipakov <lstipakov@gmail.com>
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Add an new command 'rescan' that may be sent to a running
instance of the GUI to force it rescan the config folders.
Use case: with an instance of the is GUI running, one can
manually copy a config file to the config folder and start
it using "openvpn-gui --command rescan" followed by
"openvpn-gui --command connect foo"
v2: The calls to rebuild config file list and recreate
menus is refactored into a function.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
This adds msvc project files and tiny code changes,
required to build this project with msvc.
Microsoft resource compiler, unlike mingw's windres,
doesn't fully support macros and multi-line strings,
so I had to create a separate resource file for msvc.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
By default CryptBinaryToString used for base64 encoding
adds CRLF every 76 characters or so. As LF is used as
the message delimiter by the management interface, this breaks
handling of static challenge.
Fix by setting CRYPT_STRING_NOCRLF in the flags. With this
change, the trailing '\r\n' removal is no longer required.
Fixes Issue 317: https://github.com/OpenVPN/openvpn-gui/issues/317
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Parent keeping the handle to write end of child's stdout will
cause ERROR_BROKEN_PIPE not signalled if/when the child exits.
Also add a wrapper for CloseHandle()
Fixes the GUI process hanging in read from child
if the latter unexpectedly dies due to some error.
Trac #1203
Signed-off-by: Selva Nair <selva.nair@gmail.com>
When a resource is not found in user's preferred language, first
try the primary language with SUBLANG set to default before
falling back to English.
See: https://github.com/OpenVPN/openvpn-gui/issues/216
Signed-off-by: Selva Nair <selva.nair@gmail.com>
found by cppcheck
[env_set.c:332] -> [env_set.c:333]: (warning) Either the condition '!msg' is redundant or there is possible null pointer dereference: msg.
found by cppcheck
[main.c:457] -> [main.c:457]: (warning) Either the condition 'copy_data->dwData==(WM_APP+15)&&c->hwndStatus&&c' is redundant or there is possible null pointer dereference: c.
As config group is reallocated when full, do not store the pointer to the
parent group. Instead use the id of the group which is invariant across
reallocs. Similarly in connection array store the id of the group
instead of a pointer.
Also
- Do not call ActivateConfigGroups() -- when connections are active:
in this case we want preserve config data structures during rescan.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
fixup
The number of configs is now unlimited. But there is a limit
of 2^16 menu items which permits only about 2^12 configs to be
displayed in the menu. A warning is shown if the number of
configs exceeds this value.
For a responsive menu keep the number of configs under ~1000.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Add a new registry key (DWORD): config_menu_vew
possible values: 0 (auto), 1 (flat), 2 (nested).
Default value is 0 which renders nested menu if the number of
configs is > 50, else displays the current flat view. To force
the flat menu view set it to 1. A value of 2 forces the nested
view even if there are only a few configs.
A new command line option "--config_menu_view n" does the same.
Command line options take precedence over any value set in the
registry.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Frank Fesevur