Permalink
Browse files

openvpn: update to 2.2.2

Change-Id: I38327d829984314d199b31d72288501de2d786ce
  • Loading branch information...
1 parent 24a4870 commit c21e0fe6ee4be14c21ba9932e80210d850ef4602 @Kali- Kali- committed Jan 10, 2012
Showing with 12,857 additions and 15,559 deletions.
  1. +0 −1 Android.mk
  2. +194 −21 ChangeLog
  3. +2 −2 INSTALL
  4. +12 −11 INSTALL-win32.txt
  5. +15 −6 Makefile.am
  6. +68 −44 Makefile.in
  7. +23 −251 acinclude.m4
  8. +2 −2 aclocal.m4
  9. +2 −6 base64.c
  10. +1 −1 base64.h
  11. +3 −5 buffer.c
  12. +0 −1 buffer.h
  13. +1 −1 common.h
  14. +13 −11 config.h.in
  15. +5,295 −12,091 configure
  16. +49 −54 configure.ac
  17. +2 −0 configure.h
  18. +39 −0 configure_h.awk
  19. +33 −0 configure_log.awk
  20. +111 −0 contrib/OCSP_check/OCSP_check.sh
  21. +11 −40 contrib/pull-resolv-conf/client.down
  22. +57 −31 contrib/pull-resolv-conf/client.up
  23. +0 −3 crypto.c
  24. +2 −0 cryptoapi.c
  25. +1 −1 easy-rsa/2.0/Makefile
  26. +2 −2 easy-rsa/2.0/README
  27. +1 −1 easy-rsa/2.0/build-ca
  28. +1 −1 easy-rsa/2.0/build-dh
  29. +1 −1 easy-rsa/2.0/build-inter
  30. +1 −1 easy-rsa/2.0/build-key
  31. +1 −1 easy-rsa/2.0/build-key-pass
  32. +1 −1 easy-rsa/2.0/build-key-pkcs12
  33. +1 −1 easy-rsa/2.0/build-key-server
  34. +1 −1 easy-rsa/2.0/build-req
  35. +1 −1 easy-rsa/2.0/build-req-pass
  36. +1 −1 easy-rsa/2.0/clean-all
  37. +1 −1 easy-rsa/2.0/inherit-inter
  38. +1 −1 easy-rsa/2.0/list-crl
  39. +2 −3 easy-rsa/2.0/{openssl.cnf → openssl-0.9.8.cnf}
  40. +285 −0 easy-rsa/2.0/openssl-1.0.0.cnf
  41. +6 −0 easy-rsa/2.0/pkitool
  42. +1 −1 easy-rsa/2.0/revoke-full
  43. +1 −1 easy-rsa/2.0/sign-req
  44. +6 −0 easy-rsa/2.0/vars
  45. +18 −5 easy-rsa/2.0/whichopensslcnf
  46. +8 −8 easy-rsa/Windows/build-ca-pass.bat
  47. +8 −8 easy-rsa/Windows/build-key-pass.bat
  48. +8 −8 easy-rsa/Windows/build-key-server-pass.bat
  49. +0 −1 easy-rsa/Windows/init-config.bat
  50. +6 −1 easy-rsa/Windows/vars.bat.sample
  51. +1 −40 error.c
  52. +0 −17 error.h
  53. +5 −14 forward.c
  54. +143 −143 httpdigest.c
  55. +60 −60 httpdigest.h
  56. +2 −1 ieproxy.c
  57. +2 −8 images/Makefile.in
  58. +4 −52 init.c
  59. +3 −3 install-win32/Makefile.am
  60. +5 −11 install-win32/Makefile.in
  61. +24 −24 install-win32/openssl/openssl097.patch
  62. +17 −17 install-win32/openssl/openssl098.patch
  63. +2 −2 install-win32/openvpn.nsi
  64. +4 −20 list.c
  65. +4 −29 list.h
  66. +838 −0 management/management-notes.txt
  67. +2 −14 mbuf.c
  68. +1 −2 mbuf.h
  69. +194 −59 misc.c
  70. +46 −6 misc.h
  71. +6 −7 mroute.c
  72. +0 −13 mroute.h
  73. +1 −4 mtcp.c
  74. +0 −3 mudp.c
  75. +29 −29 multi.c
  76. +0 −2 multi.h
  77. +2 −1 openvpn-plugin.h
  78. +936 −841 openvpn.8
  79. +0 −3 openvpn.h
  80. +1 −1 openvpn.spec
  81. +120 −47 options.c
  82. +11 −5 options.h
  83. +0 −2 otime.c
  84. +0 −1 otime.h
  85. +2 −4 perf.c
  86. +23 −17 pf.c
  87. +2 −0 ping.c
  88. +4 −0 pkcs11.c
  89. +0 −4 plugin.c
  90. +35 −7 plugin/auth-pam/auth-pam.c
  91. +6 −0 plugin/examples/log_v3.def
  92. +0 −1 pool.h
  93. +4 −0 proxy.c
  94. +5 −12 ps.c
  95. +30 −3 push.c
  96. +2 −0 reliable.c
  97. +15 −27 route.c
  98. +1 −1 sample-config-files/firewall.sh
  99. +21 −0 sample-keys/ta.key
  100. +1 −1 sample-scripts/bridge-start
  101. +1 −1 sample-scripts/bridge-stop
  102. +4 −4 sample-scripts/openvpn.init
  103. +27 −15 sample-scripts/verify-cn
  104. +0 −4 schedule.c
  105. +0 −8 schedule.h
  106. +2 −8 service-win32/Makefile.in
  107. +30 −0 service-win32/msvc.mak
  108. +29 −17 service-win32/openvpnserv.c
  109. +0 −9 sig.c
  110. +2 −9 socket.c
  111. +6 −0 socket.h
  112. +135 −10 socks.c
  113. +2 −0 socks.h
  114. +218 −68 ssl.c
  115. +19 −8 ssl.h
  116. +3 −1 status.c
  117. +12 −22 syshead.h
  118. +298 −0 t_client.sh
  119. +298 −0 t_client.sh.in
  120. +1 −2 tap-win32/SOURCES.in
  121. +2 −0 tap-win32/common.h
  122. +60 −0 tap-win32/proto.h
  123. +194 −4 tap-win32/tapdrvr.c
  124. +1 −0 tap-win32/types.h
  125. +0 −156 thread.c
  126. +0 −235 thread.h
  127. +141 −48 tun.c
  128. +2 −2 version.m4
  129. +76 −0 win/access-fix.patch
  130. +31 −31 win/autodefs.h.in
  131. +23 −22 win/build.py
  132. +69 −18 win/build_all.py
  133. +55 −54 win/build_ddk.py
  134. +15 −15 win/build_exe.py
  135. +325 −0 win/config.h.in
  136. +21 −18 win/config.py
  137. +13 −13 win/config_all.py
  138. +35 −35 win/config_tap.py
  139. +18 −18 win/config_ti.py
  140. +10 −10 win/js.py
  141. +107 −56 win/make_dist.py
  142. +62 −57 win/msvc.mak.in
  143. +822 −0 win/openvpn.nsi
  144. +231 −0 win/setpath.nsi
  145. +39 −16 win/settings.in
  146. +9 −10 win/show.py
  147. +19 −19 win/sign.py
  148. +129 −129 win/tap_span.py
  149. +322 −215 win/wb.py
  150. +23 −1 win32.c
  151. +3 −0 win32.h
View
@@ -69,7 +69,6 @@ common_SRC_FILES:= \
ssl.c ssl.h \
status.c status.h \
syshead.h \
- thread.c thread.h \
tun.c tun.h \
win32.h win32.c \
cryptoapi.h cryptoapi.c \
View
@@ -1,25 +1,198 @@
OpenVPN Change Log
-Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
-
-2010.11.04 -- Version 2.1.4
-
-* Fix problem with special case route targets ('remote_host')
-
- The init_route() function will leave &netlist untouched for
- get_special_addr() routes ("remote_host" being one of them).
- netlist is on stack, contains random garbage, and
- netlist.len will not be 0 - thus, random stack data is copied from
- netlist.data[] until the route_list is full.
- Thanks to Teodo MICU and Gert Doering for finding and fixing this issue.
-
-2010.08.20 -- Version 2.1.3
-
-* Windows build fixes
- Attempt to fix issue where domake-win build system was not properly
- signing drivers and .exe files. This change is only affecting the
- Windows build scripts and not the OpenVPN code base.
-
-2010.08.09 -- Version 2.1.2
+Copyright (C) 2002-2011 OpenVPN Technologies, Inc. <sales@openvpn.net>
+
+2011.12.14 -- Version 2.2.2
+David Sommerseth (1):
+ Only warn about non-tackled IPv6 packets once
+
+Gert Doering (3):
+ add missing break between "case IPv4" and "case IPv6"
+ bump tap driver version from 9.8 to 9.9
+ log error message and exit for "win32, tun mode, tap driver version 9.8"
+
+Samuli Seppänen (1):
+ Backported pkcs11-related parts of 7a8d707237bb18 to 2.2 branch
+
+2011.07.01 -- Version 2.2.1
+David Sommerseth (4):
+ Don't define ENABLE_PUSH_PEER_INFO if SSL is not available
+ Fix compiling issues with pkcs11 when --disable-management is configured
+ Remove support for Linux 2.2 configuration fallback
+ Revert "Add new openssl.cnf to easy-rsa/Windows"
+ Prepared for releasing OpenVPN 2.2.1
+
+Gustavo Zacarias (1):
+ Fix compile issues when using --enable-small and --disable-ssl/--disable-crypto
+
+Matthew L. Creech (1):
+ Fix 2.2.0 build failure when management interface disabled
+
+Robert Fischer (2):
+ Added info about --show-proxy-settings
+ Documented --x509-username-field option
+
+Samuli Seppänen (5):
+ Fix a build-ca issue on Windows
+ Add new openssl.cnf to easy-rsa/Windows
+ Updated "easy-rsa" for OpenSSL 1.0.0
+ Made domake-win builds to use easy-rsa/2.0/openssl-1.0.0.cnf
+ Fixes to easy-rsa/2.0
+
+Simon Matter (1):
+ Fix issues with some older GCC compilers
+
+2011.04.21 -- Version 2.2.0
+David Sommerseth (4):
+ Fix the --client-cert-not-required feature
+ Change the default --tmp-dir path to a more suitable path
+ Improve the mysprintf() issue in openvpnserv.c
+ Add a simple comment regarding openvpn_snprintf() is duplicated
+
+Gert Doering (1):
+ Add more detailed explanation regarding the function of "--rdns-internal"
+
+Gisle Vanem (1):
+ Avoid re-defining uint32_t when using mingw compiler
+
+James Yonan (1):
+ Fixed bug in port-share that could cause port share process to crash with output like this:
+
+Robert Fischer / rf (4):
+ Update man page with info about --capath
+ Update man page with info about --connect-timeout
+ Update man page with info about --remote-random-hostname
+ Added man page entry for --management-client
+
+Samuli Seppänen (6):
+ Add man page entry for --redirect-private
+ Change all CRLF linefeeds to LF linefeeds
+ Fix a bug in devcon source code handling
+ Removed Win2k from supported platforms list in INSTALL and win/openvpn.nsi
+ Fixed copying of tapinstall.exe to dist/bin when using prebuilt TAP-drivers
+ Fixed a bug with GUI icon deletion on upgrade from 2.2-RC or earlier
+
+chantra (1):
+ Clarify --tmp-dir option
+
+2011.03.24 -- Version 2.2-RC2
+Alon Bar-Lev (1):
+ Windows cross-compile cleanup
+
+David Sommerseth (2):
+ Open log files as text files on Windows
+ Clarify default value for the --inactive option.
+
+Gert Doering (1):
+ Implement IPv6 in TUN mode for Windows TAP driver.
+
+Samuli Seppänen (6):
+ Added support for prebuilt TAP-drivers. Automated embedding manifests.
+ Fixes to win/openvpn.nsi
+ Replaced config-win32.h with win/config.h.in
+ Updated INSTALL-win32.txt
+ Fixes to Makefile.am
+ Clarified --client-config-dir section on the man-page.
+
+Ville Skyttä (1):
+ Fix line continuation in chkconfig init script description.
+
+2011.02.28 -- Version 2.2-RC
+David Sommerseth (3):
+ Make the --x509-username-field feature an opt-in feature
+ Fix compiler warning when compiling against OpenSSL 1.0.0
+ Fix packaging of config-win32.h and service-win32/msvc.mak
+
+James Yonan (1):
+ Minor addition of logging info before and after execution of Windows net commands.
+
+Matthias Andree (1):
+ Change variadic macros to C99 style.
+
+Samuli Seppänen (15):
+ Added ENABLE_PASSWORD_SAVE to config-win32.h
+ Added a nmake makefile for openvpnserv.exe building
+ Moved TAP-driver version info to version.m4. Cleaned up win/settings.in.
+ Added helper functionality to win/wb.py
+ Added support for viewing config-win32.h paramters to win/show.py
+ Added comments and made small modifications to win/msvc.mak.in
+ Added command-line switch to win/build_all.py to skip TAP driver building
+ Added configure.h and version.m4 variable parsing to win/config.py
+ Added openvpnserv.exe building to win/build.py
+ Added comments to win/build_ddk.py
+ Several modifications to win/make_dist.py to allow building the NSI installer
+ Copied install-win32/setpath.nsi to win/setpath.nsi
+ Added first version of NSI installer script to win/openvpn.nsi
+ Changes to buildsystem patchset
+ Temporary snprintf-related fix to service-win32/openvpnserv.c
+
+2010.11.25 -- Version 2.2-beta5
+
+Samuli Seppänen (1):
+ Fixed an issue causing a build failure with MS Visual Studio 2008.
+
+2010.11.18 -- Version 2.2-beta4
+
+David Sommerseth (10):
+ Clarified --explicit-exit-notify man page entry
+ Clean-up: Remove pthread and mutex locking code
+ Clean-up: Remove more dead and inactive code paths
+ Clean-up: Removing useless code - hash related functions
+ Use stricter snprintf() formatting in socks_username_password_auth() (v3)
+ Fix compiler warnings about not used dummy() functions
+ Fixed potential misinterpretation of boolean logic
+ Only add some functions when really needed
+ Removed functions not being used anywhere
+ Merged add_bypass_address() and add_host_route_if_nonlocal()
+
+Gert Doering (3):
+ Integrate support for TAP mode on Solaris, written by Kazuyoshi Aizawa <admin2@whiteboard.ne.jp>.
+ Make "topology subnet" work on Solaris
+ Improved man page entry for script_type
+
+James Yonan (5):
+ Fixed initialization bug in route_list_add_default_gateway (Gert Doering).
+ Implement challenge/response authentication support in client mode
+ Make base64.h have the same conditional compilation expression as base64.c.
+ Fixed compiling issues when using --disable-crypto
+ In verify_callback, the subject var should be freed by OPENSSL_free, not free
+
+Jesse Young (1):
+ Remove hardcoded path to resolvconf
+
+Lars Hupel (1):
+ Add HTTP/1.1 Host header
+
+Pierre Bourdon (1):
+ Adding support for SOCKS plain text authentication
+
+Samuli Seppänen (2):
+ Added check for variable CONFIGURE_DEFINES into options.c
+ Added command-line option parser and an unsigned build option to build_all.py
+
+2010.08.21 -- Version 2.2-beta3
+
+* Attempt to fix issue where domake-win build system was not properly
+ signing drivers and .exe files.
+
+ Added win/tap_span.py for building multiple versions of the TAP driver
+ and tapinstall binaries using different DDK versions to span from Win2K
+ to Win7 and beyond.
+
+* Community patches
+ David Sommerseth (2):
+ Test framework improvment - Do not FAIL if t_client.rc is missing
+ More t_client.sh updates - exit with SKIP when we want to skip
+
+ Gert Doering (4):
+ Fix compile problems on NetBSD and OpenBSD
+ Fix <net/if.h> compile time problems on OpenBSD for good
+ full "VPN client connect" test framework for OpenVPN
+ Build t_client.sh by configure at run-time.
+
+ chantra (1):
+ Fixes openssl-1.0.0 compilation warning
+
+2010.08.16 -- Version 2.2-beta2
* Windows security issue:
Fixed potential local privilege escalation vulnerability in
View
@@ -42,7 +42,7 @@ SUPPORTED PLATFORMS:
(4) Mac OS X Darwin
(5) FreeBSD
(6) NetBSD
- (7) Windows (Win 2K and higher)
+ (7) Windows (WinXP and higher)
SUPPORTED PROCESSOR ARCHITECTURES:
In general, OpenVPN is word size and endian independent, so
@@ -280,7 +280,7 @@ TUN/TAP Driver Configuration:
needs to be manually copied to /kernel/drv/sparcv9/ and then a
reconfiguration reboot. (boot -r).
-* Windows 2000/XP/2003/Vista
+* Windows XP/2003/Vista
See domake-win for building instructions.
See INSTALL-win32.txt for usage info.
View
@@ -1,4 +1,4 @@
-IMPORTANT NOTE FOR VISTA USERS
+IMPORTANT NOTE FOR WINDOWS VISTA/7 USERS
Note that on Windows Vista, you will need to run the OpenVPN
GUI with administrator privileges, so that it can add routes
@@ -9,14 +9,15 @@ desktop icon, and selecting "Run as administrator".
GENERAL QUICKSTART FOR WINDOWS
The OpenVPN Client requires a configuration file
-and key/certificate files. You should obtain
-these and save them to \Program Files\OpenVPN\config.
+and key/certificate files. You should obtain
+these and save them to OpenVPN's configuration
+directory, usually C:\Program Files\OpenVPN\config.
-To start OpenVPN, first run the OpenVPN GUI by double
-clicking on the desktop icon or start menu icon.
-
-The OpenVPN GUI is a system-tray applet, so an icon for the
-GUI will appear in the lower-right corner of the screen.
-Right click on the system tray icon, and a menu should appear
-showing the names of your OpenVPN configuration files, and
-giving you the option to connect.
+You can run OpenVPN as a Windows system service or by using
+the client GUI. To use the OpenVPN GUI, double click on the
+desktop icon or start menu icon. The OpenVPN GUI is a
+system-tray applet, so an icon for the GUI will appear in
+the lower-right corner of the screen. Right click on the
+system tray icon, and a menu should appear showing the names
+of your OpenVPN configuration files, and giving you the
+option to connect.
View
@@ -6,6 +6,7 @@
# packet compression.
#
# Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
+# Copyright (C) 2010 David Sommerseth <dazo@users.sourceforge.net>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
@@ -37,7 +38,7 @@ MAINTAINERCLEANFILES = \
$(srcdir)/depcomp $(srcdir)/aclocal.m4 \
$(srcdir)/config.guess $(srcdir)/config.sub \
$(srcdir)/openvpn.spec
-CLEANFILES = openvpn.8.html
+CLEANFILES = openvpn.8.html configure.h
EXTRA_DIST = \
easy-rsa \
@@ -56,22 +57,25 @@ SUBDIRS = \
service-win32 \
install-win32
-TESTS = t_lpback.sh t_cltsrv.sh
+TESTS = t_client.sh t_lpback.sh t_cltsrv.sh
sbin_PROGRAMS = openvpn
-dist_noinst_HEADERS =
+dist_doc_DATA = \
+ management/management-notes.txt
dist_noinst_SCRIPTS = \
$(TESTS) \
doclean \
domake-win \
- t_cltsrv-down.sh
+ t_cltsrv-down.sh \
+ configure_h.awk configure_log.awk
dist_noinst_DATA = \
openvpn.spec \
COPYRIGHT.GPL \
PORTS \
- INSTALL-win32.txt
+ INSTALL-win32.txt \
+ service-win32/msvc.mak
openvpn_SOURCES = \
base64.c base64.h \
@@ -136,11 +140,16 @@ openvpn_SOURCES = \
ssl.c ssl.h \
status.c status.h \
syshead.h \
- thread.c thread.h \
tun.c tun.h \
win32.h win32.c \
cryptoapi.h cryptoapi.c
+nodist_openvpn_SOURCES = configure.h
+options.$(OBJEXT): configure.h
+
+configure.h: Makefile
+ awk -f $(srcdir)/configure_h.awk config.h > $@
+ awk -f $(srcdir)/configure_log.awk config.log >> $@
dist-hook:
cd $(distdir) && for i in $(EXTRA_DIST) $(SUBDIRS) ; do find $$i -name .svn -type d -prune -exec rm -rf '{}' ';' ; rm -f `find $$i -type f | grep -E '(^|\/)\.?\#|\~$$|\.s?o$$'` ; done
Oops, something went wrong.

0 comments on commit c21e0fe

Please sign in to comment.