Age | Commit message (Collapse) | Author |
|
* Updated ChangeLog.
* Note in man page that clients connecting to a --multihome server
should always use the --nobind option.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5266 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5265 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5264 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
1. Fail gracefully rather than segfault if calloc returns NULL.
2. The openvpn_plugin_abort_v1 function can potentially be called
with handle == NULL. Add code to detect this case, and if
so, avoid dereferencing pointers derived from handle.
(Thanks to David Sommerseth for finding this bug).
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5261 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5169 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
or "dhcp-renew" options were combined with "route-gateway dhcp".
The problem is that the IP Helper functions for DHCP release and
renew are blocking, and so calling them from a single-threaded
client stops tunnel traffic forwarding, and hence breaks
"route-gateway dhcp" which requires an active tunnel. The fix is
to call the IP Helper functions for DHCP release and renew from
another process.
Version 2.1_rc21b.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5164 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
make it a hard failure, rather than just a warning.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5159 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5152 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5106 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
renegotiations -- this is similer to how the common name is also
locked.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5105 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
implied, so new usage is:
./doval [openvpn parms]
instead of:
./doval ./openvpn [openvpn parms]
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5104 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
renegotiations -- this is similer to how the common name is also
locked.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5098 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
that cannot directly be used as a config file. The directive
will simply cause OpenVPN to exit with an error if a generic
config file is used.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5077 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
included in the .tar.gz file built by make dist.
Re-released as Version 2.1_rc20
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5058 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5023 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
now send a RESTART message to client.
This feature is intended to make UDP clients respond the same as TCP
clients in the case where the server issues a RESTART message in
order to force the client to reconnect and pull a new options/route
list.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5021 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
log file.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5020 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
when an AUTH_FAILED message is returned to the client. This
string can be set by the server-side managment interface and read
by the client-side management interface.
For more info, see management/management-notes.txt, and look for
references to "client-reason-text".
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5012 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
redirect-gateway option by itself, without any extra parameters,
would cause the option to be ignored.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5011 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
servers to connect to in a round-robin fashion, spend no more than
n seconds waiting for a response before trying the next server.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5010 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
to clients, including routes. Previously, all pushed options needed
to fit within a 1024 byte options string.
Remember that to make use of this feature to allow many routes to
be pushed to clients, the client config file must specify the
max-routes option, and the number of pushed routes cannot exceed
this limit. Also, both server and client must include this commit.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4991 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
file or pulled from a server) can now be configured via the new
"max-routes" directive.
Previously, the limit was set to 100 and fixed by a compile-time
constant. Now the limit is dynamic and can be modified by the
"max-routes" directive. If max-routes is not specified, the default
limit is 100.
Note that this change does not address the maximum size of the
pushed options string sent from server to client, which is still
controlled by the TLS_CHANNEL_BUF_SIZE compile-time constant.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4967 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
after connection initiation rather than 0 seconds after.
Successive PUSH_REQUEST messages after the first will continue to be
sent at 5 second intervals until a response is received. This tends
to speed up the client connection sequence by 4 seconds because the
first PUSH_REQUEST message is usually sent too soon and is dropped,
causing a wait of 5 seconds until the next PUSH_REQUEST message is
sent.
Version 2.1_rc19d
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4965 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4946 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
(Sebastien Raveau).
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4932 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
--disable-def-auth Disable deferred authentication
--disable-pf Disable internal packet filter
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4852 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
in route.c to make it easier to spot them.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4851 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
server load statistics.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4844 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4843 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4837 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4836 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4712 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
use a DPC (deferred procedure call) to defer packet injection until
IRQL < DISPATCH_LEVEL, rather than calling NdisMEthIndicateReceive
in the context of AdapterTransmit. This is an attempt to reduce kernel
stack usage, and prevent EXCEPTION_DOUBLE_FAULT BSODs that have been
observed on Vista. Updated TAP driver version number to 9.6.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4606 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
building for multiple architectures causes the previous tapdrvr.cod to
be overwritten.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4604 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
with <autoconf-2.60.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4539 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4526 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
does not build on Windows on non-MINGW32.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4525 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4501 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4500 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4477 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
set correctly when the 'local' option is specifed.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4476 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
functionality (Alon Bar-Lev).
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4475 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
client will examine the routing table and determine whether (a) the
OpenVPN server is reachable via a locally connected interface, or (b)
traffic to the server must be forwarded through the default router.
Only add a special bypass route for the OpenVPN server if (b) is true.
If (a) is true, behave as if the 'local' flag is specified, and do not
add a bypass route.
The new 'autolocal' flag depends on the non-portable test_local_addr()
function in route.c, which is currently only implemented for Windows.
The 'autolocal' flag will act as a no-op on platforms that have not
yet defined a test_local_addr() function.
Increased TLS_CHANNEL_BUF_SIZE to 2048 from 1024 (this will allow for
more option content to be pushed from server to client).
Raised D_MULTI_DROPPED debug level to 4 from 3.
Version 2.1_rc16b.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4446 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
to be pushed to the client in such a way that they don't accidently
obscure critical local addresses such as the DHCP server address and
DNS server addresses.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4436 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
Windows, where sending a set of several commands to the
management interface in quick succession might cause the
latter commands in the set to be ignored.
Increased management interface input command buffer size
from 256 to 1024 bytes.
Minor tweaks to Windows build system.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4414 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
commands are echoed from 7 to 3. Passwords will be filtered.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4413 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4363 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
and to use the Server 2008 WDK (6001.18002).
In cryptoapi.c, renamed CryptAcquireCertificatePrivateKey to
OpenVPNCryptAcquireCertificatePrivateKey to work around
a symbol conflict in MinGW-5.1.4.exe.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4318 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
that result in the termination of the daemon will be written
to stderr.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4131 e7ae566f-a301-0410-adde-c780ea21d3b5
|
|
with unix domain sockets.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4128 e7ae566f-a301-0410-adde-c780ea21d3b5
|