Nikos Mavrogiannopoulos [Thu, 21 Aug 2014 15:20:55 +0000 (17:20 +0200)]
use CreateProcess instead of system to run scripts.
That prevents the pop up of terminal windows.
[dwmw2: Use -ETIMEDOUT instead of -ETIME which doesn't seem to be present in
my Fedora 20 MinGW setup. Do not prepend 'cscript' to vpnc_script
string now that we invoke it that way unconditionally.]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Fri, 22 Aug 2014 17:15:30 +0000 (12:15 -0500)]
Use inet_pton() to provide inet_aton() functionality
This is cleaner and simpler than the original compat code, and avoids
the strange issues that Nikos was reporting on his Windows 7
installation with inet_addr() not working correctly.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Thu, 14 Aug 2014 10:30:48 +0000 (11:30 +0100)]
Reread token file in lock_token()
If someone else has used a HOTP token between the initial invocation of
openconnect and the time the token gets used, we want to use the current
value of the counter not the original value.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Tue, 12 Aug 2014 12:43:26 +0000 (13:43 +0100)]
Support writing back to token files from openconnect(8) itself
This is quite basic; we probably ought to re-read the file and call
openconnect_set_token_mode() again if it's changed, and we ought to
have locking on the file to prevent concurrent updates. But this is a
good start.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Tue, 12 Aug 2014 12:36:46 +0000 (13:36 +0100)]
Add openconnect_set_token_callbacks() API
This allows the application to lock the file (or other) storage when
a token is about to be generated, then to unlock it and write the new
counter back to the file when we're done.
This gives us a clean way to use HOTP tokens safely.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Thu, 7 Aug 2014 15:12:17 +0000 (16:12 +0100)]
Minor SSPI fixes
When using NTLM, the payload sometimes does get encrypted, so preserve it.
And after DecryptMessage() don't free the buffer. It'll have been decrypted
in-place.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Tue, 5 Aug 2014 23:40:00 +0000 (00:40 +0100)]
Fix endless loop when automatic NTLM auth fails
We never *do* actually fall back from automatic to manual NTLM auth since
our criteria for using each are mutually exclusive. So arguably we could
simplify things somewhat and just set the state to AUTH_FAILED if the SSO
version fails. But let's preserve the option to fall back later, if we do
start prompting for a password on demand.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Mon, 4 Aug 2014 11:20:49 +0000 (12:20 +0100)]
Fix UTF-8 handling of config file name
If we're going to convert the filename *from* UTF-8 when opening it, then
we really ought to be convert it *to* UTF-8 first. This would have shown
up if invoking openconnect in a non-UTF-8 locale, with a non-ASCII
filename.
On POSIX systems this whole thing is a no-op, since converting from any
arbitrary 8-bit charset to UTF-8 and back again effectively does nothing.
However, on Windows the convert_arg_to_utf8() function doesn't just work
on the input string; it looks aside with GetCommandLineW() to find the
*original* text on the command line, and uses that instead. So we really
do have to do the double "conversion" — even when it's simply converting to
UTF-8, *immediately* converting back again (in fopen_utf8()), and *never*
using it again.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Mon, 4 Aug 2014 11:19:36 +0000 (12:19 +0100)]
Fix NetBSD compile warnings with isspace()
As mentioned in the comment in openssl.c, we need to cast the arguments
for ctype functions first to (unsigned char) and then to (int) to make
NedBSD happy.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Kevin Cernekee [Sat, 2 Aug 2014 21:37:47 +0000 (14:37 -0700)]
auth: Refactor stoken form handling
Split the devid/pass form from the PIN form, to allow the use of new "v3"
tokens from the command line. On newer libstoken versions, query the
PIN status and token interval time; use this information to figure out
whether to request a PIN for concatenation (ala hard tokens) and whether
to use a 30- or 60-second delta in response to the next tokencode prompt.
Signed-off-by: Kevin Cernekee <cernekee@gmail.com>
Kevin Cernekee [Sat, 2 Aug 2014 20:09:06 +0000 (13:09 -0700)]
main: Allow reading --token-secret from a file
If the token string starts with '@' or '/', assume it refers to a
filename. None of the current token backends would recognize a string
starting with '@' or '/'.
The main use cases are:
- Keeping token secrets from showing up in "ps" output
- Allowing the use of SecurID SDTID XML files without import/conversion
This accepts "raw" HOTP/TOTP/SecurID tokens, not .stokenrc files.
Therefore it cannot use stoken_import_rcfile().
Signed-off-by: Kevin Cernekee <cernekee@gmail.com>
Kevin Cernekee [Sat, 2 Aug 2014 20:20:34 +0000 (13:20 -0700)]
main: Restore tty state if password prompt is aborted
On Linux, hitting ^C on any of the password prompts now leaves ECHO
disabled, so the user needs to run "stty sane". Restore the correct
settings prior to exiting.
Signed-off-by: Kevin Cernekee <cernekee@gmail.com>
Kevin Cernekee [Sat, 2 Aug 2014 22:44:45 +0000 (15:44 -0700)]
xml: Call openconnect_parse_url() on <HostAddress> entries
Per the Cisco docs[1] these should just contain a FQDN, not a full URL.
But calling openconnect_parse_url() populates other internal fields, like
protocol and port; the latter is misreported as 0 right now:
Host "MIT" has address "vpn.mit.edu"
POST https://vpn.mit.edu:0/
Attempting to connect to server 18.9.37.5:443
Kevin Cernekee [Sat, 2 Aug 2014 22:27:36 +0000 (15:27 -0700)]
xml: Trim whitespace from xmlconfig entries
The Cisco implementations seem to be more tolerant of extraneous
whitespace in these files; for us, it can break hostname resolution:
Host "MIT" has address "vpn.mit.edu "
POST https://vpn.mit.edu :0/
getaddrinfo failed for host 'vpn.mit.edu ': Name or service not known
Failed to open HTTPS connection to vpn.mit.edu
Failed to obtain WebVPN cookie
Signed-off-by: Kevin Cernekee <cernekee@gmail.com>
David Woodhouse [Thu, 31 Jul 2014 13:32:30 +0000 (14:32 +0100)]
Fix asprintf() handling in openconnect_passphrase_from_fsid()
It returns -1 on error. Not non-zero. We were always returning -ENOMEM but
nobody cared; if this fails they'll just ignore it and let us ask the user
for the passphrase anyway.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Thu, 31 Jul 2014 12:29:05 +0000 (13:29 +0100)]
Extend reload_pem_cert() to become load_cert_chain_file()
Because SSL_CTX_use_certificate_chain_file() doesn't cope with UTF-8
filenames, and we have a couple of other minor reasons for wanting to
reimplement it anyway (which is why we had reload_pem_cert() in the first
place).
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Thu, 31 Jul 2014 12:14:26 +0000 (13:14 +0100)]
Convert vpnc_script to legacy charset (or UTF-16 for Windows)
The script_config_tun() function ends up being *just* different enough
between the two implementations that it's not quite worth trying to
reduce the duplication.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Thu, 31 Jul 2014 12:03:58 +0000 (13:03 +0100)]
Add openconnect_utf8_to_legacy() helper function for charset conversion
In some cases, the library itself really is going to have to know about
legacy non-UTF8 locales — when opening files or setting environment
variables, for example.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Tue, 29 Jul 2014 14:57:24 +0000 (15:57 +0100)]
Use setlocale() unconditionally, complain if non-UTF8 locale and no iconv
Hopefully setlocale() is ubiquitous. Certainly nl_langinfo() seems to be
more often available than iconv(), so we can certainly complain if we are
run in a legacy non-UTF8 locale and we *don't* have conversion support.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Tue, 29 Jul 2014 14:01:35 +0000 (15:01 +0100)]
Add conversion to UTF-8 of command-line arguments
Hm, this isn't ideal in all cases; we end up converting filenames into
UTF-8 too, and we don't (yet) have facilities to convert *back* to the
local charset when trying to access them. And it's not entirely clear
we really want to have to.
But it does fix other things like '--interface=TAP♥', and is consistent
with the methodology of converting *everything* on the way in and out,
and being entirely consistent with UTF-8 internally.
We *might* want to add special-case hacks for keeping filenames in the
legacy charset internally, but then again we'd only have to convert *to*
UTF-8 for printing them if we did that.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Tue, 29 Jul 2014 10:22:38 +0000 (11:22 +0100)]
Use _wputenv() for Windows environment
This fixes the handling of non-ASCII (and out-of-codepage) tundev names.
It looks like cscript/vpnc-script-win.js/netsh all Just Work™ at least
here on Windows 7 with my 'TAP♥' device.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Tue, 29 Jul 2014 10:18:34 +0000 (11:18 +0100)]
Fixes for buf_append_utf16le()
Make it set buf_error() when it returns -EINVAL, to ensure callers will
catch the problem. Previously, ntlm_set_string_binary() and sspi_setup()
would not have noticed.
Also, NUL-terminate the buffer. Not accounting for it, but just putting
two zero bytes after the string so that it can be used as a
NUL-terminated (wchar_t *). Not entirely sure how sspi_setup() was
working before this, except perhaps pure luck.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
projects / users / dwmw2 / openconnect.git / log