Re: [Openvpn-devel] Summary of the IRC meeting (25th Nov 2010)

2010-11-26 Thread Heiko Hund
quot;Admin rights needed") if user lacks privileges to add routes. > This message should also be pushed to the Windows GUI using the > management API "echo" command. I think this should rather be reported in the "state" notification, at least that would be the best p

Re: [Openvpn-devel] OpenVPN GUI and ntlm Proxy password

2011-03-18 Thread Heiko Hund
see if it works for you. The GUI uses the OpenVPN management interface for communication and monitoring since a while now. So, there's a fair chance it'll work right away or won't be much work to make it work. =) Regards Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 A

Re: [Openvpn-devel] OpenVPN GUI and ntlm Proxy password

2011-03-18 Thread Heiko Hund
- When using 'Intenet Explorer' to determine the proxy, it > doesn't work with proxy pac but doesn't mention it (the > OpenVPN Gui 1.3 did mention that it doesn't work with proxy > pacs). How or where did it mention this? I can't recall removing anything like it. R

Re: [Openvpn-devel] OpenVPN GUI and ntlm Proxy password

2011-03-18 Thread Heiko Hund
openvpn community website[1] it > says 'Use Internet Explorer Settings (manually configured)'. Your > version says 'Use Internet Explorer Settings'. Yes, I remember removing this. Thought it had no additional information. Maybe a better solution would be to query the system for the right proxy. Poi

Re: [Openvpn-devel] Summary of the IRC meeting (30th June 2011)

2011-07-01 Thread Heiko Hund
e targets. I'm not sure if that would be more convenient for the majority of the people building openvpn for Windows, but it feels more like home to me. =) Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro GmbH & Co. KG | Amalienbadstraße 41/Bau 52 | 76

Re: [Openvpn-devel] First Windows installer snapshot now available

2011-07-19 Thread Heiko Hund
l. Hope I get time for it this quarter. I'll keep you posted. Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany Commercial Register: Mannheim HRA 702710 | Headquarter Location: Karls

Re: [Openvpn-devel] Allow to fill Details tab for exe files

2011-08-08 Thread Heiko Hund
format? > > Yes and check the format : > > $ file openvpn-res.o > openvpn-res.o: ACB archive data See http://msdn.microsoft.com/en-us/library/aa381055%28v=VS.85%29.aspx for information on how to invoke the Platform SDK Ressource Compiler. Heiko -- Heiko Hund | Software Engineer |

Re: [Openvpn-devel] Windows Auto-Proxy

2011-08-08 Thread Heiko Hund
, but t's probably unrelated to auto-proxy. Could you point me to the APIs. Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany Commercial Register: Mannheim HRA 702710 | Headquarter L

[Openvpn-devel] [PATCH 1/2] define IN6_ARE_ADDR_EQUAL macro for WIN32

2011-08-10 Thread Heiko Hund
Windows headers do not define the IN6_ARE_ADDR_EQUAL macro. It needs to be defined locally when building for WIN32 with IPv6 enabled. Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- win32.h | 13 + 1 files changed, 13 insertions(+), 0 deletions(-) diff --git a/win

[Openvpn-devel] [PATCH 2/2] don't use struct in6_addr s6_addr32 member anymore

2011-08-10 Thread Heiko Hund
The s6_addr32 member of struct in6_addr is not available when building for WIN32. To work around this, a local union is defined that allows accessing 32 bit chunks of the IPv6 address passed to add_in6_addr(). Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- socket.c

[Openvpn-devel] [PATCH 0/2] fix building for WIN32

2011-08-10 Thread Heiko Hund
in6_addr.s6_addr32 are not available there. While MinGW added both features to ws2tcpip.h, the Microsoft Platform SDK headers do not include them and they are (correctly) missing in the MinGW-w64 headers as well. Following are two patches that try to fix these issues. Heiko Hund (2): define

Re: [Openvpn-devel] [PATCH 1/2] define IN6_ARE_ADDR_EQUAL macro for WIN32

2011-08-10 Thread Heiko Hund
On Wednesday 10 August 2011 15:47:36 Gisle Vanem wrote: > "Heiko Hund" <heiko.h...@sophos.com> wrote: > > +#ifndef IN6_ARE_ADDR_EQUAL > > +#define IN6_ARE_ADDR_EQUAL(a,b) \ > > +__const uint32_t *) (a))[0] == ((__const uint32_t *) (b))[0]) \ &g

[Openvpn-devel] [PATCH 1/2] define IN6_ARE_ADDR_EQUAL macro for WIN32

2011-08-11 Thread Heiko Hund
Windows headers do not define the IN6_ARE_ADDR_EQUAL macro. It needs to be defined locally when building for WIN32 with IPv6 enabled. Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- win32.h | 10 ++ 1 files changed, 10 insertions(+), 0 deletions(-) diff --git a/win32.h b/w

[Openvpn-devel] [PATCH] remove legacy code to query IE proxy information

2011-08-11 Thread Heiko Hund
The code in ieproxy.[ch] is not used anywhere in OpenVPN anymore. So, there's no need to keep it. Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- Makefile.am |1 - ieproxy.c | 146 --- ieproxy.h | 24 -- p

[Openvpn-devel] [PATCH 0/3] better --auto-proxy support for Windows

2011-08-17 Thread Heiko Hund
, potentially changed settings are now fetched once every connect. Heiko Hund (3): add MinGW WinHTTP compatibility layer do automatic proxy detection on Windows right query auto-proxy information when connecting configure.ac | 30 ++ init.c | 23 ++- openvpn.8|9

[Openvpn-devel] [PATCH 1/3] add MinGW WinHTTP compatibility layer

2011-08-17 Thread Heiko Hund
API and call it with the arguments provided. To keep things managable and short in the source code two preprocessor macros are defined that do most of the work. Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- configure.ac | 30 win32.c

[Openvpn-devel] [PATCH 3/3] query auto-proxy information when connecting

2011-08-17 Thread Heiko Hund
it requeries the settings and uses them. Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- init.c| 23 +++ options.c |8 ++-- options.h |2 +- 3 files changed, 22 insertions(+), 11 deletions(-) diff --git a/init.c b/init.c index 4a16fba..8219a11 100644 --- a/

[Openvpn-devel] [PATCH 2/3] do automatic proxy detection on Windows right

2011-08-17 Thread Heiko Hund
Internet Options proxy settings from the Control Panel are taken into account. If those are unavailable as well, the default proxy configuration, set with proxycfg.exe, is used. Closes ticket #24. Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- openvpn.8 |9 ++-- options.c

Re: [Openvpn-devel] [PATCH 0/3] better --auto-proxy support for Windows

2011-08-17 Thread Heiko Hund
On Wednesday 17 August 2011 15:59:10 Alon Bar-Lev wrote: > Won't it make it harder to configure openvpn as service? I don't see how. Please elaborate. Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76

Re: [Openvpn-devel] [PATCH 0/3] better --auto-proxy support for Windows

2011-08-17 Thread Heiko Hund
penvpn directly for such setups. Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany Commercial Register: Mannheim HRA 702710 | Headquarter Location: Karlsruhe Represented by the General Partner Astaro V

[Openvpn-devel] [PATCH] remove function is_proto_tcp()

2011-08-18 Thread Heiko Hund
The implementation of is_proto_tcp() was invalid since the IPv6 stuff got merged into master. There's proto_is_tcp() that does the same job right. Remove is_proto_tcp() and make its only caller use proto_is_tcp() instead. Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- options.c

[Openvpn-devel] [PATCH] fix warnings in event.c when building for win32-64

2011-08-18 Thread Heiko Hund
When compiling for 64-bit Windows gcc warns about "cast from pointer to integer of different size" on two occasions in file event.c, due to invalid casting. This patch removes the type casts and uses the correct format specifier instead. Signed-off-by: Heiko Hund <heiko.h.

[Openvpn-devel] [PATCH] add .gitignore to official repository

2011-08-18 Thread Heiko Hund
This .gitignore make the output of git status a lot more readable. It was made from the dynamically generated files that showed after using both build system. Signed-off-by: Samuli Seppänen <sam...@openvpn.ne> Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- .giti

[Openvpn-devel] [PATCH-UPDATE] define IN6_ARE_ADDR_EQUAL macro for WIN32

2011-08-31 Thread Heiko Hund
Windows headers do not define the IN6_ARE_ADDR_EQUAL macro. It needs to be defined locally when building for WIN32. Signed-off-by: Heiko Hund <heiko.h...@sophos.com> Update: remove check for USE_PF_INET6 since commit eb23089183745853fac9414d45a559a478ef51d6 removed the definition of this

[Openvpn-devel] [PATCH] lowercase include header name in syshead.h

2011-08-31 Thread Heiko Hund
x does. So, lowercasing the filename will make openvpn build in both worlds. Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- syshead.h |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/syshead.h b/syshead.h index 87cc369..e208d4c 100644 --- a/syshead.h +++ b/sys

[Openvpn-devel] [PATCH] add --mark option to set SO_MARK sockopt

2011-08-31 Thread Heiko Hund
Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- init.c|1 + openvpn.8 |6 ++ options.c | 14 ++ options.h |3 +++ socket.c | 13 + socket.h |1 + 6 files changed, 38 insertions(+), 0 deletions(-) diff --git a/init.c b/init.c

Re: [Openvpn-devel] [PATCH 1/4] WIN32: Check for windres tool

2011-09-01 Thread Heiko Hund
On Sunday 07 August 2011 12:59:14 Bertrand Jacquin wrote: > + AC_CHECK_TOOL(WINDRES, windres) The values should be quoted in square brackets besides that ACK. Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau

Re: [Openvpn-devel] [PATCH 3/4] Win32: Fill "Details" properties for openvpn.exe

2011-09-01 Thread Heiko Hund
rical. Maybe we could define a WINDOWS_VERSION a,b,c,0 in version.m4 for this. Or even have separate major, minor and patch version definitions in there that could be used to build the versions in the .rc file itself. Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Ast

Re: [Openvpn-devel] [PATCH 1/3] Win32: Add OpenVPN RC file to add fill "Details" exe properties tabs

2011-09-01 Thread Heiko Hund
, PACKAGE_VERSION "\0" > + VALUE "LegalCopyright", "(C) 2002-2010 " PACKAGE_NAME " > Technologies, Inc.\0" The \0's are not needed here. > +VALUE "Translation", 0x409, 0x4b0 Same, no Unicode. Heiko -- Heiko Hund | Software Engi

[Openvpn-devel] [PATCH] add MinGW WinHTTP compatibility import library

2011-09-13 Thread Heiko Hund
-off-by: Heiko Hund <heiko.h...@sophos.com> --- Makefile.am | 15 + configure.ac | 53 ++ win32.c |2 + win32.h | 65 + winhttp32.def |8 +++ winhttp

Re: [Openvpn-devel] Summary of the IRC meeting / sprint (8th Sep 2011)

2011-09-14 Thread Heiko Hund
one from --auto-proxy. --http-proxy-fallback works as long as no proxy is configured via --http-proxy or --auto-proxy. In that case ">PROXY:NEED_NOW" can be answered with "http-proxy-fallback " via management interface and the fallback proxy entered is used. So

Re: [Openvpn-devel] Snapshot openvpn-2.x-20110909-master-install.exe fails

2011-09-20 Thread Heiko Hund
library on the build system overriding the symbols or maybe it's just that _MSC_VER was not defined. Samuli could you investigate? Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany Commerci

Re: [Openvpn-devel] Snapshot openvpn-2.x-20110909-master-install.exe fails

2011-09-20 Thread Heiko Hund
On Tuesday 20 September 2011 12:28:30 Heiko Hund wrote: > or maybe it's just that _MSC_VER was not defined Misread the code, it's an #ifndef. Could someone test if replacing the #ifndef _MSC_VER lines in socket.c and win32.h with #if WINVER < 0x0600 leads to a proble

Re: [Openvpn-devel] Snapshot openvpn-2.x-20110909-master-install.exe fails

2011-09-26 Thread Heiko Hund
if you include syshead.h in win32.h? In there WINVER is already defined to signal building for XP. If that doesn't help, you should also check in if the declaration of inet_ntop is #ifdef'd taking WINVER into account. Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200

Re: [Openvpn-devel] Management interface doesn't handle PKCS11 tokens with umlaut characters in the label

2011-10-17 Thread Heiko Hund
kind of smart-card > > authentication? > > James, who is responsible for the management interface, can probably fix > this easily. Have you checked with git master. I believe commit 2627335ac2605d0987a68ce97a0a2c4efbe25159 should have fixed most of the non- ASCII charset related problems.

[Openvpn-devel] [PATCH] add check for struct in_pktinfo.ipi_spec_dst

2011-11-04 Thread Heiko Hund
While Windows has struct in_pktinfo it's missing the ipi_spec_dst member. The current autoconf check needs to be extended to also check for availablity of ipi_spec_dst for openvpn to compile cleanly. Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- configure.ac |6 ++ so

Re: [Openvpn-devel] [PATCH 8/8] Fixed a typo when initialising cryptoapi certs

2011-11-11 Thread Heiko Hund
(M_SSLERR, "Cannot load certificate \"%s\" from Microsoft > Certificate Store", -options->cryptoapi_cert); > +cryptoapi_cert); > } > #endif /* WIN32 */ ACK, as this fixes building git master for Windows. -- Heiko Hund | Software Engineer | Phone +49-

[Openvpn-devel] [PATCH] UTF-8 X.509 distinguished names

2011-11-23 Thread Heiko Hund
A\xD0 \xB2\xD0\xB0/O=\xD0\x9A\xD1\x80\xD0\xB5\xD0\xBC\xD0\xBB\xD1\x8C/CN=kreml.ru" becomes "C=ru, L=Москва, O=Кремль, CN=kreml.ru". Since the specific character classes for X.509 names are removed, the "no-name-remapping" configuration option has no use anymore and is removed

[Openvpn-devel] [PATCH] Windows UTF-8 input/output

2011-11-23 Thread Heiko Hund
This patch makes openvpn read unicode from the console and convert the input to UTF-8. And then display UTF-8 output to the console correctly. Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- configure.ac |1 + openvpn.c|4 win32.c |8 +++- 3 files chang

Re: [Openvpn-devel] [PATCH] Windows UTF-8 input/output

2011-11-23 Thread Heiko Hund
On Wednesday 23 November 2011 14:55:57 Alon Bar-Lev wrote: > OpenVPN output is not always a console. What output are you concerned about? Log file is fine, as much as management interface. Regards Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sop

Re: [Openvpn-devel] [PATCH] UTF-8 X.509 distinguished names

2011-11-23 Thread Heiko Hund
't change any character < 128 non- ASCII DNs, user names and password will be passed to scripts just like in the good old days. Regards Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | German

Re: [Openvpn-devel] [PATCH] Windows UTF-8 input/output

2011-11-23 Thread Heiko Hund
On Wednesday 23 November 2011 15:43:04 Alon Bar-Lev wrote: > Pipes when run as service. Good one! I'll post an updated patch. Regards Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germ

[Openvpn-devel] [PATCHv2] Windows UTF-8 input/output

2011-11-23 Thread Heiko Hund
This patch makes openvpn read unicode from the console and convert the input to UTF-8. And then display UTF-8 output to the console correctly. Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- configure.ac |1 + openvpn.c|4 win32.c | 14 +- 3

Re: [Openvpn-devel] [PATCH] UTF-8 X.509 distinguished names

2011-11-24 Thread Heiko Hund
UCS-2. Why would that be useful? Does it make a difference if scripts in a latin-1 environment receive "j\C3\B6rn" or "jörn"? Both forms won't be recognizable without additional effort, while being equally harmless. Regards Heiko -- Heiko Hund | Software Engineer | Phone +49-72

Re: [Openvpn-devel] Japanese translation

2011-11-29 Thread Heiko Hund
er (check the attached image). Using "Microsoft Sans Serif" still displays the katakana correctly while preserving the original size. So, if that doesn't cause any problems on your side I'll use "Microsoft Sans Serif" instead. Regards Heiko -- Heiko Hund | Software Engineer | Ph

Re: [Openvpn-devel] Japanese translation

2011-12-01 Thread Heiko Hund
gui/files/Snapshot%20Binaries/ -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany Commercial Register: Mannheim HRA 702710 | Headquarter Location: Karlsruhe Represented by the General Partner Ast

Re: [Openvpn-devel] Japanese translation

2011-12-01 Thread Heiko Hund
Hi Taro On Thursday 01 December 2011 11:28:13 Taro Yamazaki wrote: > I checked a new snapshot, and I found the words that needed to be adjusted. > Please use an attached file. Thanks. Committed the change to the repository. It will be contained in the next snapshot. Heiko -- Heik

[Openvpn-devel] [PATCH] handle Windows unicode paths

2011-12-07 Thread Heiko Hund
openvpn read the command line in UCS-2 and convert it to UTF-8 internally. Windows stores names in the filesystem in UCS-2. When using a paths openvpn converts it from UTF-8 to UCS-2 and uses the wide character Windows API function. Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- bu

[Openvpn-devel] [PATCH] set Windows environment variables as UCS-2

2011-12-07 Thread Heiko Hund
Windows uses 16 bit wide characters to represent Unicode in the process environment. Convert UTF-8 to UCS-2 and use the wide character API to set environment variables. Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- misc.c |4 ++-- 1 files changed, 2 insertions(+), 2 del

Re: [Openvpn-devel] [PATCH] handle Windows unicode paths

2011-12-08 Thread Heiko Hund
On Wednesday 07 December 2011 17:58:51 Heiko Hund wrote: > This patch makes openvpn read the command line in UCS-2 and convert > it to UTF-8 internally. Windows stores names in the filesystem in UCS-2. > When using a paths openvpn converts it from UTF-8 to UCS-2 and uses the > wi

[Openvpn-devel] [PATCH] UTF-8 X.509 distinguished names

2012-02-04 Thread Heiko Hund
A\xD0 \xB2\xD0\xB0/O=\xD0\x9A\xD1\x80\xD0\xB5\xD0\xBC\xD0\xBB\xD1\x8C/CN=kreml.ru" becomes "C=ru, L=Москва, O=Кремль, CN=kreml.ru". Since the specific character classes for X.509 names are removed, the "no-name-remapping" configuration option has no use anymore and is removed

[Openvpn-devel] [PATCH] remove the --auto-proxy option from openvpn

2012-02-05 Thread Heiko Hund
During discussion on FOSDEM 2012 it was decided that proxy auto detection is best done in the GUI as it's highly platform specific and shouldn't be handled in openvpn itself for every supported platform in openvpn itself. This removes --auto-proxy from openvpn. Signed-off-by: Heiko Hund <heik

[Openvpn-devel] [PATCHv2] handle Windows unicode paths

2012-02-10 Thread Heiko Hund
openvpn read the command line in UCS-2 and convert it to UTF-8 internally. Windows stores names in the filesystem in UCS-2. When using a paths openvpn converts it from UTF-8 to UCS-2 and uses the wide character Windows API function. Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- This v

[Openvpn-devel] MSVC fixes

2012-02-16 Thread Heiko Hund
against shell32 as well For details check the commit messages of the individual patches. Regards Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany Commercial Register: Mannheim HRA 702710

[Openvpn-devel] [PATCH 2/4] do not use mode_t on Windows

2012-02-16 Thread Heiko Hund
The MSVC headers do not define mode_t. open() uses an int for the permissions instead. Fixes building with the MSVC based buildsystem. Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- misc.h |2 +- win32.c |2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/

[Openvpn-devel] [PATCH 4/4] make MSVC link against shell32 as well

2012-02-16 Thread Heiko Hund
Windows API CommandLineToArgvW(), introduced in Windows unicode path commit 71bbbd76c62630c88441237d72fe5b61f0b45b2a, is defined therein. Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- win/msvc.mak.in |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git

[Openvpn-devel] [PATCH 3/4] use the underscore version of stat on Windows

2012-02-16 Thread Heiko Hund
MSVC does not know wstat(). Instead _wstat() must be used here. Unfortunately _wstat() takes a 'struct _stat'. A type 'stat_t' is introduced to handle this situation in a portable way. Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- misc.h |6 -- pf.c|2 +- win32.c

[Openvpn-devel] [PATCH] move variable declaration to top of function

2012-02-17 Thread Heiko Hund
MSVC chokes on this as it's not according to C89. Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- buffer.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/buffer.c b/buffer.c index 6800e6e..391085b 100644 --- a/buffer.c +++ b/buffer.c @@ -321,9 +321,9 @@ gc_

Re: [Openvpn-devel] [PATCH 2/4] do not use mode_t on Windows

2012-02-17 Thread Heiko Hund
] would make the code prettier. I just don't feel enough itch to approach this scratching myself. Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany Commercial Register: Mannheim HRA 702710 |

Re: [Openvpn-devel] [PATCH 4/4] make MSVC link against shell32 as well

2012-02-17 Thread Heiko Hund
Alon, On Thursday 16 February 2012 18:37:21 Alon Bar-Lev wrote: > On Thu, Feb 16, 2012 at 7:30 PM, Heiko Hund <heiko.h...@sophos.com> wrote: > > Windows API CommandLineToArgvW(), introduced in Windows unicode path > > commit 71bbbd76c62630c88441237d72fe5b61f0b45b2

[Openvpn-devel] [PATCH] define access mode flag X_OK as 0 on Windows

2012-02-18 Thread Heiko Hund
The _access and _waccess functions in Windows don't know about X_OK (1). If you pass an uneven mode flag the C runtime's default invalid parameter handler ends execution of openvpn. Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- win/config.h.in |2 +- 1 files changed, 1 inse

Re: [Openvpn-devel] [PATCH] define access mode flag X_OK as 0 on Windows

2012-02-20 Thread Heiko Hund
es. See my commit message again and read the MSDN page about _access at http://msdn.microsoft.com/en-us/library/1w06ktdy%28v=vs.100%29.aspx Hence the change for the MSVC buildsystem only. Mingw handles the situation internally already. Hope that made it clear. Heiko -- Heiko Hund | Software Engin

Re: [Openvpn-devel] Better use ip -batch on adding/removing server pushed routes on Linux

2012-02-20 Thread Heiko Hund
ompletely and use rtnetlink directly for this. Has this already been discussed here? Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany Commercial Register: Mannheim HRA 702710 | Headquarter

[Openvpn-devel] [PATCH] mask out X_OK when calling WIN32 API _waccess()

2012-02-21 Thread Heiko Hund
/gmane.network.openvpn.devel/5452 Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- misc.c |2 +- win/config.h.in |2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/misc.c b/misc.c index a07780f..67345bc 100644 --- a/misc.c +++ b/misc.c @@ -629,7 +629,7 @@ openvpn_access (cons

Re: [Openvpn-devel] [build] Windows build test

2012-02-22 Thread Heiko Hund
doing something very standard like `./configure --host=i686-w64-mingw32 ...` followed by `make`. What the rationale behind moving away from this way? Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | G

Re: [Openvpn-devel] [build] Windows build test

2012-02-22 Thread Heiko Hund
On Wednesday 22 February 2012 10:32:23 Alon Bar-Lev wrote: > On Wed, Feb 22, 2012 at 12:27 PM, Heiko Hund <heiko.h...@sophos.com> wrote: > > I was cross compiling for Windows previously doing something very > > standard > > like `./configure --host=i686-w64-mingw32 ..

Re: [Openvpn-devel] [RFC][windows] gettimeofday()

2012-02-22 Thread Heiko Hund
gw does provide this function these days. > The question is if it is good enough. Since there's no gettimeofday() in MSVC this will break building with the python build system. Not sure if we're in the process of getting rid of it, which I would welcome, so this is just for additional information. He

Re: [Openvpn-devel] openvpn windows gui

2012-02-27 Thread Heiko Hund
m openvpn. The pragmatic way to do it would be to leave the GUI stuff in openvpn itself, but I guess you guys like the idea of bundling installers with other installers, right? Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 5

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

2012-02-29 Thread Heiko Hund
de and invest > resources at proper UI. The idea to have the service do the privileged operations instead of just starting openvpn as "Local System" (or whatever) came from the fear of privilege escalation in the scripts that are run by openvpn. So, at least I care that it's not running

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

2012-02-29 Thread Heiko Hund
t; and start the service. That's pretty much what the GUI is using at the moment. Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany Commercial Register: Mannheim HRA 702710 | Headquarter Location:

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

2012-02-29 Thread Heiko Hund
session. So you can connect to different server simultaneously. Of course this could be used by two different users at the same time or different impersonations in the same session, while still running ovpn with the credentials of the entity who started openvpn. So the point isn't really th

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

2012-02-29 Thread Heiko Hund
" section and you can get special licenses for the beta with limited lifetime there. This is getting too off topic now. Actually it's more an abuse of this list. So, please send private mail to me directly if further questions remain. Regards Heiko -- Heiko Hund | Software Engineer | Pho

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

2012-02-29 Thread Heiko Hund
he user that started it. If that user has enough privileges to set it's primary token you have a very unfortunate setup, securitywise. Regards Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 Karl

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

2012-02-29 Thread Heiko Hund
On Wednesday 29 February 2012 12:40:45 Alon Bar-Lev wrote: > 2012/2/29 Heiko Hund <heiko.h...@sophos.com> > This is way too complex solution for a simple problem. > A proper design and discussion should take place before advancing in > this route. And this was a way too simple

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

2012-02-29 Thread Heiko Hund
that one obviously. If you want to be part of it you should actually take an active part in the IRC meetings and not complain so much, really. Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany C

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

2012-02-29 Thread Heiko Hund
educe complexity. Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany Commercial Register: Mannheim HRA 702710 | Headquarter Location: Karlsruhe Represented by the General Partner Astaro Verwaltun

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

2012-02-29 Thread Heiko Hund
s and stop pulling up discussions into a meta layer. This leads to no solutions but only more discussions about stuff that doesn't get any things done. I hope you got my point. Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 B

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

2012-02-29 Thread Heiko Hund
er-propose on patches - as you do - and this project will go forward. Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany Commercial Register: Mannheim HRA 702710 | Headquarter Location: Ka

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

2012-02-29 Thread Heiko Hund
right, though. It could be used as such. Usually I#d say that stuff that can be setup before privileges are dropped should be done at that time. Setting of routes can only be done after privdrop and that's the main use for the new interface. Regards Heiko -- Heiko Hund | Software Engineer |

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

2012-02-29 Thread Heiko Hund
even her via ACLs. Guru input requested on this topic! Starting from Vista there's also a way to run GetNamedPipeClientProcessId() and compare that to the one of the openvpn process before processing messages. Any other ideas to restrict access are very welcome. Regards Heiko -- Heiko

Re: [Openvpn-devel] OpenVPN 2.3-alpha1 / GUI

2012-02-29 Thread Heiko Hund
s you want to see included, please. Obviously you have some nice charts in your GUI. What language did you code this in? I suppose it's not C with plain WIN32 API? Regards Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

2012-03-01 Thread Heiko Hund
On Wednesday 29 February 2012 18:43:18 Carsten Krüger wrote: > What operation could be in script that is usefull when it's executed > in user context. On Windows you could mount a CIFS share from the corporate LAN to the drive letter a user expects her data at, for example. Heiko -- Heik

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

2012-03-01 Thread Heiko Hund
ow up to Fabian about that. Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany Commercial Register: Mannheim HRA 702710 | Headquarter Location: Karlsruhe Represented by the General Partner Astaro Ve

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

2012-03-01 Thread Heiko Hund
dll injection is ONE example of how a user can manipulate his own > process. I'm no expert at hacking windows but you can trust me, it > exists 1001 possibilities to do the same. You have no chance to block > them. I file that under FUD until you're more explicit. Heiko -- Heiko Hund | Soft

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

2012-03-01 Thread Heiko Hund
On Thursday 01 March 2012 11:59:11 Carsten Krüger wrote: > No. If you start a process in users context the user can modify it. > There is nothing you could do against. I'll do some tests next week and post my findings here. Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237

[Openvpn-devel] GUI size

2012-03-02 Thread Heiko Hund
be linked statically if there a libeay32.dll lying next to it, really. Thanks Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany Commercial Register: Mannheim HRA 702710 | Headquarter Location

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

2012-03-09 Thread Heiko Hund
On Thursday 01 March 2012 12:11:37 Heiko Hund wrote: > On Thursday 01 March 2012 11:59:11 Carsten Krüger wrote: > > No. If you start a process in users context the user can modify it. > > There is nothing you could do against. > > I'll do some tests next week and post my

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

2012-03-12 Thread Heiko Hund
er integrity level has limited access to one with a higher level by taking away rights of the calling process on a call by call basis during runtime. Regards Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 K

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

2012-03-12 Thread Heiko Hund
process object, so that the user cannot sneak his way in by modifying the DACL." Regards Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany Commercial Register: Mannheim HRA 702710 | Headquarter Loca

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3-alpha1 released

2012-03-13 Thread Heiko Hund
mpromised in both scenarios there's not much room to argue IMO. Regards Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany Commercial Register: Mannheim HRA 702710 | Headquarter Location:

Re: [Openvpn-devel] [openvpn-gui 0/8] build rewrite

2012-03-28 Thread Heiko Hund
add a manual rule for the resource object to Makefile.am. Regards Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany Commercial Register: Mannheim HRA 702710 | Headquarter Location: Karlsruhe Represen

Re: [Openvpn-devel] [PATCH] OpenVPN GUI: Corrections to the Danish translation

2012-04-05 Thread Heiko Hund
r visibility. Thanks for the patch. I've forwarded it to the original translator for review. If he doesn't NACK it within the next week or so I'll merge it. If any Danish speaking person here ACKs it it's also good to go of course. Regards Heiko -- Heiko Hund | Software Engineer | Tel +49-721-255

Re: [Openvpn-devel] [Translation Question] Traditional Chinese

2012-04-12 Thread Heiko Hund
more sense after you looked at [1]). Heiko -- Heiko Hund | Software Engineer | Tel +49-721-25516-237 | Fax -200 SOPHOS NSG | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany

Re: [Openvpn-devel] [Translation Question] Traditional Chinese

2012-04-12 Thread Heiko Hund
On Thursday 12 April 2012 08:54:12 Heiko Hund wrote: > Great, thank you! I suppose you want to translate the Openvpn GUI for > Windows. If so, just fetch the English resource file from the repository at > [1], translate the strings in it and make sure you save it UTF-8 encoded. &g

Re: [Openvpn-devel] [PATCH] cleanup: windows: convert argv (UCS-2 to UTF-8) at earliest

2012-04-27 Thread Heiko Hund
UTF-8 files with BOM, which is very uncommon. Maybe that was the problem. I ran into that when I was testing my patch. You might want to try using Notepad++ and save it as UTF-8 without BOM. HTH Heiko -- Heiko Hund | Software Engineer | Tel +49-721-25516-237 | Fax -200 SOPHOS NSG | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany

Re: [Openvpn-devel] Does OpenVPN Support Unicode Username and Password

2012-05-02 Thread Heiko Hund
d further assistance feel free to ask. Regards Heiko -- Heiko Hund | Software Engineer | Tel +49-721-25516-237 | Fax -200 SOPHOS NSG | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany

Re: [Openvpn-devel] [Translation Question] Traditional Chinese

2012-05-14 Thread Heiko Hund
re done simply post the result here and I will add it to the official repository. Regards Heiko -- Heiko Hund | Software Engineer | Tel +49-721-25516-237 | Fax -200 SOPHOS NSG | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany

Re: [Openvpn-devel] [Translation Question] Traditional Chinese

2012-05-22 Thread Heiko Hund
sf.net/projects/openvpn-gui/files/Snapshot%20Binaries/2012-05-22/ Will you do the translation to Simplified Chinese as well? Is so, please base it on the openvpn-gui-res-zh-hant.rc file in the repository. I made some changes to the one you sent. Thanks again Heiko -- Heiko Hund | Software En

[Openvpn-devel] [PATCH] add option --management-query-proxy

2012-07-11 Thread Heiko Hund
handling to the GUI caring for such. Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- doc/management-notes.txt | 31 doc/openvpn.8|6 ++ src/openvpn/init.c | 185 +- src/openvpn/manage.c

[Openvpn-devel] [PATCH] remove unused show_connection_list debug function

2012-07-11 Thread Heiko Hund
Signed-off-by: Heiko Hund <heiko.h...@sophos.com> --- src/openvpn/init.c | 25 - 1 file changed, 25 deletions(-) diff --git a/src/openvpn/init.c b/src/openvpn/init.c index f86fc38..81800d3 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -316,30

  1   2   3   >