- Split starting the status thread and launch of the
daemon process (openvpn.exe) into separate functions.
This is useful for implementing control of persistent connections
where the daemon is launched externally: e.g., by the
automatic service.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
enable hardware-enforced stack protection on
compatible hardware/software (/CETCOMPAT linker option)
enable QSpectre protection
enable Control Flow Guard
issues were found by Microsoft BinSkim
Add support for selecting pkcs11-id from the GUI.
Requires --management-pkcs11-id in the config file.
This option is not added by the GUI.
A list of all available pkcs11 certificates are presented to the
user with buttons OK, Cancel, Retry. OK submits the selected
entry, Cancel closes the connection, Retry reconstructs the
list of certificates by querying the daemon again. The latter
can be used to retry after inserting a token.
If no certificates are found, a message suggesting to insert
a token and press 'Retry' is displayed.
The list shows the "Issued-to", "Issued-by" names
(usually the subject & issuer common names) and valid-until
date in current locale for each certificate.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Bind a socket and then close to identify
a free port and use it when starting openvpn.exe.
Try port = offset + config-index is first, matching
the current usage, and fallback to a dynamic port if
the former fails.
Trac: #1051
Signed-off-by: Selva Nair <selva.nair@gmail.com>
In some cases the service may take a while to startup openvpn.exe,
causing connection to the management interface to timeout. This could
leave behind the OpenVPN process if/when it eventually starts up.
(Trac 905, 1050).
As errors in starting up the OpenVPN daemon are independently
handled, its better to keep retrying the management interface connection
until aborted due to errors or by the user.
- On timeout, log a message on the status window and retry the
management interface connection
- Eliminate the timed-out state that is no longer used
- Call StopOpenVPN() before abort so that OpenVPN daemon
is not left running in case it starts up later.
- In the unlikely event that OpenManagement() fails, show an error
- User can abort by pressing disconnect
A "retrying.." message is logged on to the status window every
15 seconds.
See Trac: #905, #1050
Signed-off-by: Selva Nair <selva.nair@gmail.com>
This extended style makes the window topmost in z-order.
We currently set this for the user-auth and private-key
passphrase dialogs, but useful for any dialog that may popup
without user interaction.
(Eg., challenge response during a server-initiated restart
or reneg).
Trac: #1465
Signed-off-by: Selva Nair <selva.nair@gmail.com>
This adds optional support for using OpenVPN3 client
as an alternative to openvpn2.
Just replacing one client with another will not work:
- OpenVPN3 doesn't use interactive service, it uses
"agent" service with completely different protocol. OpenVPN GUI
needs to talk to agent using HTTP and JSON.
- OpenVPN3 management interface realtime notifications must be
explicitly turned on in order for GUI to work.
To enable using openvpn3:
- use any of *-ovpn3 presets (cmake build system)
- ./configure --enable-ovpn3 (mingw)
To switch betweet openvpn2 and openvpn3, see "OpenVPN Engine"
radiobutton group in Settings -> Advanced dialog.
OnReady() implementation was slighly changed - "log all on"
replaced with "log on all" - according to management interface
documentation this is the right way to do it, and also OpenVPN3
only supports "on all" order.
Management interface - enabled OpenVPN3 client (omiclient.exe) and
agent (ovpnagent.exe) are now part of openvpn3 repo.
Co-authored-by: Christopher Ng <facboy@gmail.com>
Signed-off-by: Christopher Ng <facboy@gmail.com>
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Ninja makes build slightly faster but requires running
"x64" developer command prompt, not the "default" one.
Without that, cmake silenly produces x86 binaries and it might
take a while to find out the reason. To avoid confusion, switch back
to MSVC generator.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Manifest is a convenient way to automatically
install dependencies. Since we have to support
both OpenSSL 1.1.1 (for OpenVPN 2.5) and OpenSSL 3
(for coming OpenVPN 2.6) and manifest file name
is hardcoded, we create two manifests and put them
into different directories.
To simplify build process, define configuration presets
for arch (x86/x64/arm64), debug/release and oss1.1.1/ossl3.
This way building is greatly simplified:
cmake -S . --preset x64-debug-ossl3
cmake --build --preset x64-debug-ossl3
Update GitHub Actions script accordingly.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Escape the username string before passing to management
interface. For other dialogs this is already done.
Move string-escape to a function and process the username
through it.
Also escape space, single quote in addition to double quote
and backslash.
Reported by: Jakob Curdes <jc@info-systems.de>
Signed-off-by: Selva Nair <selva.nair@gmail.com>
- Support legacy algorithms while decrypting keys by loading
legacy provider unless default pros has fips enabled.
- Use the recommended PKCS8 format and AES-256-CBC cipher when
encrypting PEM keys.
For PKCS12, OpenSSL's default is used which is PBKDF2 with
AES-256-CBC in OpenSSL 3.0
Signed-off-by: Selva Nair <selva.nair@gmail.com>
- Set env variables such as OPENSSL_CONF and OPENSSL_MODULES
- Replace deprecated initialization (since OpenSSL 1.1.0)
by OpenSSL_init_crypto()
Signed-off-by: Selva Nair <selva.nair@gmail.com>
- remove vcpkg manifest and use whatever openssl
version is installed. To build with openssl3, one could
use openssl3 port from openvpn/contrib/vcpkg-ports.
- build with openssl1.1.1 and openssl3 in GitHub Actions
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Replace old wcstok signature with security-enhanced
version, which stores position information between calls in
"context" parameter instead of internal per-thread context.
This allows to get rid of _CRT_NON_CONFORMING_WCSTOK
define in CMakeLists.txt
Reported-by: Kai Schtrom
Signed-off-by: Lev Stipakov <lev@openvpn.net>
* Provide more space for challenge dialog text
We do use a re-sizeable dialog box for dynamic challenge-response
to cater for potentially long lines of challenge text. But the
space specified for the widget is enough for only a single short line
(~60 characters) of text.
Increase the horizontal and vertical space to allow for up to
two lines of ~120 characters per line.
The default size of the Window is not changed. But it is
automatically resized if the space required for the text
is longer than the window width minus some margin. The max
horizontal size of the window is capped at 640 nominal pixels
as longer text will be wrapped in to two lines.
Github issue #468
Signed-off-by: Selva Nair <selva.nair@gmail.com>
The user is prompted with a message showing the config
name that will be imported. The user can accept or cancel
the operation.
If the user was already prompted for over-write permission
because a config with the same name exists, no further dialog
is shown.
Import using the menu (Import File...) is not affected.
Rationale:
We want to set "Import" as the default verb for the context
menu of .ovpn files. This will allow import of configs by
double-click. Also when .ovpn file is downloaded using a browser,
setting the default bowser action to "open" will result in an import.
In such cases a silent import action could be surprising, and a
prompt showing what is being imported could provide a better UX.
On the flip-side, the prompt/dialog will also be shown when import
is done from the context menu of .ovpn by "right click and
choose import" or when "openvpn-gui.exe --import foo"
or "openvpn-gui.exe --command import foo" is executed. As import
is an action that does not result in an immediately visible result
(unlike, say, edit or print), a prompt requiring user action is of
some value even in these cases. At worst it's a minor annoyance.
See also: https://github.com/OpenVPN/openvpn-build/pull/227
and discussions there-in
Signed-off-by: Selva Nair <selva.nair@gmail.com>
When we link with natively-built OpenSSL .DLLs
(not cross compiled with MinGW), we are expected to include
applink.c, which provides glue between OpenSSL BIO layer
and compiler run-time. This doesn't apply to ARM64.
Failure to do that results in "no OPENSSL_Applink" fatal error
during password change.
See the corresponding fix in openvpn2:
https://sourceforge.net/p/openvpn/mailman/message/37361982/
Signed-off-by: Lev Stipakov <lev@openvpn.net>
When clicking on tray icon, menu items are deleted and then recreated.
Deletion uses o.num_config:
for (i = 0; i < o.num_configs; i++)
DestroyMenu(hMenuConn[i]);
Commit 8e4183f9 ("Add '--command import' command line option")
added BuildFileList() call which modifies o.num_configs
but doesn't touch menus. When clicking on tray icon after import,
abovementioned code attemps to access invalid item in hMenuConn array
and crashes when this is the first imported profile and hMenuConn is NULL.
In other DestryMenu is called with invalid argument.
Fix by recreating popup menus instead of just rescan file list -
this will first delete menus with correct o.num_config value.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
If the http header "Content-Disposition:" is present take the
filename specified in there as the name of the imported profile,
falling back to scanning the file contents for metadata.
If both filename= and filename*= attributes are present, the
latter takes precedence provided the character set is utf-8.
(Extended attributes as defined in RFC 5987).
In case of import from AS, the behaviour is unchanaged.
Issue: #450.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Less intrusive than a message box that user has
to close. Also the imported filename stub is now
included in the message.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
%S --> %hs in wide format strings, %ls otherwise
%s --> %ls in wide format strings, unchanged otherwise
%c --> %lc in wide format strings
Resource files together have about 970 lines affected and
were edited by looping through all with
sed -i 's/%S/%hs/g' $file
sed -i 's/%s/%ls/g' $file
All other files were manually changed (about 85 lines).
Recent versions of mingw-w64 implicitly turns on __USE_MINGW_ANSI_STDIO
if _GNU_SOURCE, _XOPEN_SOURCE etc are defined (which we do usei).
This breaks non-standard spec such as %S. Anyway, we have been
gradually getting rid of those.
MSVC builds should not be affected.
v2: multiple occurrences in same line was missed in v1 (/g missing in
sed expression). Fixed.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
- HTTP auth password appears to be cached and reused
unless replaced by a non-empty string. When user-supplied
password is empty, use some arbitrary string "x" as the
password.
- Make username required for generic URL as well.
- Also clear password buffers after use.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Download profile from AS or URL use blocking network calls
in the main thread. Set reasonable timeouts for connect
and receive.
TODO: This is not perfect as the download can still stall
in erratic links, and we have no way to abort. Ideally
we should either use Async calls and/or threads.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
For Import from URL, require that response
from server must have
content-type: application/x-openvpn-profile
This reduces chances of mistyped input causing
import of random html pages as connection profile.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
ParseUrl extended to parse generic URLs and parse
the path. DownloadProfile() function re-factored
for reuse with generic URL.
Also:
- INTERNET_FLAG_RELOAD added to the request
call to force reloading the data from server instead
of using possibly cached data.
- Input box for URL extended in length to about
50 characters wide.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Import a config file from command line as
`openvpn-gui.exe --command import <file-path>`
The command is send to a running instance if any.
Otherwise the GUI extecutable is started and
the import processed.
`openvpn-gui --import <file-path>`
is interpreted as the same command.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Currently we construct the destination path and check whether
it exists. This could miss a connection profile with same
name in another directory.
If a config with same name is found we set it as the destination,
and ask the user for permission to overwrite. However, if the duplicate
is in the global_config_dir, the behaviour is not changed -- that is,
the config is imported with no further prompts.
Also fix the use of same buffer as destination and source in
swprintf(). It seems to work, but is not 'legal'.
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Allow users to bypass HTTPS is not good, but may nevertheless be useful during development.
DEBUG macro is widely used in openvpn-gui code but was missing from CMakeLists.txt, so add it there.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Selva Nair