openvpn-devel Mailing List for OpenVPN

On 03/05/12 20:49, Alon Bar-Lev wrote: > If source is located at git repository, acquire branch and > revision of head to be printed at --version output. > > Signed-off-by: Alon Bar-Lev <alo...@gm...> --- Makefile.am > | 25 ++++++++++++++++++++++++- configure.ac | 11 > +++++++++++ src/openvpn/options.c | 6 ++++++ 3 files changed, 41 > insertions(+), 1 deletions(-) Just a detail ... but isn't config-version.h.in lacking? Haven't tested it yet, just read through the patch - so I might have overlooked something. But this looks far closer to what I'd like from such a feature. Thanks for poking into this! kind regards, David Sommerseth 

If source is located at git repository, acquire branch and revision of head to be printed at --version output. Signed-off-by: Alon Bar-Lev <alo...@gm...> --- Makefile.am | 25 ++++++++++++++++++++++++- configure.ac | 11 +++++++++++ src/openvpn/options.c | 6 ++++++ 3 files changed, 41 insertions(+), 1 deletions(-) diff --git a/Makefile.am b/Makefile.am index ab3e3d2..d6dc2c5 100644 --- a/Makefile.am +++ b/Makefile.am @@ -40,11 +40,18 @@ MAINTAINERCLEANFILES = \	$(srcdir)/depcomp $(srcdir)/aclocal.m4 \	$(srcdir)/config.guess $(srcdir)/config.sub +CLEANFILES = \ +	config-version.h + EXTRA_DIST = \	contrib \	debug -SUBDIRS = build distro include src sample doc tests +if GIT_CHECKOUT +.PHONY: config-version.h +endif + +SUBDIRS = . build distro include src sample doc tests dist_doc_DATA = \	COPYRIGHT.GPL \ @@ -53,6 +60,7 @@ dist_doc_DATA = \ dist_noinst_DATA = \	.gitignore \	.gitattributes \ +	config-version.h.in \	PORTS \	README.IPv6 TODO.IPv6 \	README.polarssl \ @@ -75,3 +83,18 @@ if WIN32 rootdir=$(prefix) root_DATA = version.sh endif + +if GIT_CHECKOUT +nodist_noinst_HEADERS = \ +	config-version.h +config-version.h: +	@PACKAGE_VERSION_EXTRA_GIT_REVISION="`GIT_DIR=\"$(top_srcdir)/.git\" $(GIT) rev-parse --symbolic-full-name HEAD`/`GIT_DIR=\"$(top_srcdir)/.git\" $(GIT) rev-parse --short=16 HEAD`"; \ +	sed "s#@PACKAGE_VERSION_EXTRA_GIT_REVISION[@]#$${PACKAGE_VERSION_EXTRA_GIT_REVISION}#g" "$(srcdir)/config-version.h.in" > config-version.h.tmp +	@if ! [ -f config-version.h ] || ! cmp -s config-version.h.tmp config-version.h; then \ +	echo "replacing config-version.h"; \ +	mv config-version.h.tmp config-version.h; \ +	else \ +	rm config-version.h.tmp; \ +	fi +endif + diff --git a/configure.ac b/configure.ac index 399b4e7..dd94522 100644 --- a/configure.ac +++ b/configure.ac @@ -307,11 +307,13 @@ AC_ARG_VAR([ROUTE], [full path to route utility]) AC_ARG_VAR([IPROUTE], [full path to ip utility]) AC_ARG_VAR([NETSTAT], [path to netstat utility]) # tests AC_ARG_VAR([MAN2HTML], [path to man2html utility]) +AC_ARG_VAR([GIT], [path to git utility]) AC_PATH_PROGS([IFCONFIG], [ifconfig],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) AC_PATH_PROGS([ROUTE], [route],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) AC_PATH_PROGS([IPROUTE], [ip],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) AC_CHECK_PROGS([NETSTAT], [netstat], [netstat], [$PATH:/usr/local/sbin:/usr/sbin:/sbin:/etc]) # tests AC_CHECK_PROGS([MAN2HTML], [man2html]) +AC_CHECK_PROGS([GIT], [git]) # optional AC_DEFINE_UNQUOTED([IFCONFIG_PATH], ["$IFCONFIG"], [Path to ifconfig tool]) AC_DEFINE_UNQUOTED([IPROUTE_PATH], ["$IPROUTE"], [Path to iproute tool]) AC_DEFINE_UNQUOTED([ROUTE_PATH], ["$ROUTE"], [Path to route tool]) @@ -781,6 +783,14 @@ PKG_CHECK_MODULES(	[] ) +AC_MSG_CHECKING([git checkout]) +GIT_CHECKOUT="no" +if test -n "${GIT}" -a -d "${srcdir}/.git"; then +	AC_DEFINE([HAVE_CONFIG_VERSION_H], [1], [extra version available in config-version.h]) +	GIT_CHECKOUT="yes" +fi +AC_MSG_RESULT([${GIT_CHECKOUT}]) + if test -n "${SP_PLATFORM_WINDOWS}"; then	AC_DEFINE_UNQUOTED([PATH_SEPARATOR], ['\\\\'], [Path separator]) #"	AC_DEFINE_UNQUOTED([PATH_SEPARATOR_STR], ["\\\\"], [Path separator]) #" @@ -928,6 +938,7 @@ AC_SUBST([OPTIONAL_PKCS11_HELPER_CFLAGS]) AC_SUBST([OPTIONAL_PKCS11_HELPER_LIBS]) AM_CONDITIONAL([WIN32], [test "${WIN32}" = "yes"]) +AM_CONDITIONAL([GIT_CHECKOUT], [test "${GIT_CHECKOUT}" = "yes"]) sampledir="\$(docdir)/sample" AC_SUBST([sampledir]) diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 019be57..3717137 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -35,6 +35,9 @@ #elif defined(_MSC_VER) #include "config-msvc.h" #endif +#ifdef HAVE_CONFIG_VERSION_H +#include "config-version.h" +#endif #include "syshead.h" @@ -3430,6 +3433,9 @@ usage_version (void) #ifdef CONFIGURE_DEFINES msg (M_INFO|M_NOPREFIX, "Compile time defines: %s", CONFIGURE_DEFINES); #endif +#ifdef PACKAGE_VERSION_EXTRA_GIT_REVISION + msg (M_INFO|M_NOPREFIX, "git revision: %s", PACKAGE_VERSION_EXTRA_GIT_REVISION); +#endif #endif openvpn_exit (OPENVPN_EXIT_STATUS_USAGE); /* exit point */ } -- 1.7.3.4 

If source is located at git repository, acquire branch and revision of head to be printed at --version output. Signed-off-by: Alon Bar-Lev <alo...@gm...> --- Makefile.am | 25 ++++++++++++++++++++++++- configure.ac | 11 +++++++++++ src/openvpn/options.c | 6 ++++++ 3 files changed, 41 insertions(+), 1 deletions(-) diff --git a/Makefile.am b/Makefile.am index ab3e3d2..d6dc2c5 100644 --- a/Makefile.am +++ b/Makefile.am @@ -40,11 +40,18 @@ MAINTAINERCLEANFILES = \	$(srcdir)/depcomp $(srcdir)/aclocal.m4 \	$(srcdir)/config.guess $(srcdir)/config.sub +CLEANFILES = \ +	config-version.h + EXTRA_DIST = \	contrib \	debug -SUBDIRS = build distro include src sample doc tests +if GIT_CHECKOUT +.PHONY: config-version.h +endif + +SUBDIRS = . build distro include src sample doc tests dist_doc_DATA = \	COPYRIGHT.GPL \ @@ -53,6 +60,7 @@ dist_doc_DATA = \ dist_noinst_DATA = \	.gitignore \	.gitattributes \ +	config-version.h.in \	PORTS \	README.IPv6 TODO.IPv6 \	README.polarssl \ @@ -75,3 +83,18 @@ if WIN32 rootdir=$(prefix) root_DATA = version.sh endif + +if GIT_CHECKOUT +nodist_noinst_HEADERS = \ +	config-version.h +config-version.h: +	@PACKAGE_VERSION_EXTRA_GIT_REVISION="`GIT_DIR=\"$(top_srcdir)/.git\" $(GIT) rev-parse --symbolic-full-name HEAD`/`GIT_DIR=\"$(top_srcdir)/.git\" $(GIT) rev-parse --short=16 HEAD`"; \ +	sed "s#@PACKAGE_VERSION_EXTRA_GIT_REVISION[@]#$${PACKAGE_VERSION_EXTRA_GIT_REVISION}#g" "$(srcdir)/config-version.h.in" > config-version.h.tmp +	@if ! [ -f config-version.h ] || ! cmp -s config-version.h.tmp config-version.h; then \ +	echo "replacing config-version.h"; \ +	mv config-version.h.tmp config-version.h; \ +	else \ +	rm config-version.h.tmp; \ +	fi +endif + diff --git a/configure.ac b/configure.ac index 399b4e7..dd94522 100644 --- a/configure.ac +++ b/configure.ac @@ -307,11 +307,13 @@ AC_ARG_VAR([ROUTE], [full path to route utility]) AC_ARG_VAR([IPROUTE], [full path to ip utility]) AC_ARG_VAR([NETSTAT], [path to netstat utility]) # tests AC_ARG_VAR([MAN2HTML], [path to man2html utility]) +AC_ARG_VAR([GIT], [path to git utility]) AC_PATH_PROGS([IFCONFIG], [ifconfig],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) AC_PATH_PROGS([ROUTE], [route],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) AC_PATH_PROGS([IPROUTE], [ip],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) AC_CHECK_PROGS([NETSTAT], [netstat], [netstat], [$PATH:/usr/local/sbin:/usr/sbin:/sbin:/etc]) # tests AC_CHECK_PROGS([MAN2HTML], [man2html]) +AC_CHECK_PROGS([GIT], [git]) # optional AC_DEFINE_UNQUOTED([IFCONFIG_PATH], ["$IFCONFIG"], [Path to ifconfig tool]) AC_DEFINE_UNQUOTED([IPROUTE_PATH], ["$IPROUTE"], [Path to iproute tool]) AC_DEFINE_UNQUOTED([ROUTE_PATH], ["$ROUTE"], [Path to route tool]) @@ -781,6 +783,14 @@ PKG_CHECK_MODULES(	[] ) +AC_MSG_CHECKING([git checkout]) +GIT_CHECKOUT="no" +if test -n "${GIT}" -a -d "${srcdir}/.git"; then +	AC_DEFINE([HAVE_CONFIG_VERSION_H], [1], [extra version available in config-version.h]) +	GIT_CHECKOUT="yes" +fi +AC_MSG_RESULT([${GIT_CHECKOUT}]) + if test -n "${SP_PLATFORM_WINDOWS}"; then	AC_DEFINE_UNQUOTED([PATH_SEPARATOR], ['\\\\'], [Path separator]) #"	AC_DEFINE_UNQUOTED([PATH_SEPARATOR_STR], ["\\\\"], [Path separator]) #" @@ -928,6 +938,7 @@ AC_SUBST([OPTIONAL_PKCS11_HELPER_CFLAGS]) AC_SUBST([OPTIONAL_PKCS11_HELPER_LIBS]) AM_CONDITIONAL([WIN32], [test "${WIN32}" = "yes"]) +AM_CONDITIONAL([GIT_CHECKOUT], [test "${GIT_CHECKOUT}" = "yes"]) sampledir="\$(docdir)/sample" AC_SUBST([sampledir]) diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 019be57..3717137 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -35,6 +35,9 @@ #elif defined(_MSC_VER) #include "config-msvc.h" #endif +#ifdef HAVE_CONFIG_VERSION_H +#include "config-version.h" +#endif #include "syshead.h" @@ -3430,6 +3433,9 @@ usage_version (void) #ifdef CONFIGURE_DEFINES msg (M_INFO|M_NOPREFIX, "Compile time defines: %s", CONFIGURE_DEFINES); #endif +#ifdef PACKAGE_VERSION_EXTRA_GIT_REVISION + msg (M_INFO|M_NOPREFIX, "git revision: %s", PACKAGE_VERSION_EXTRA_GIT_REVISION); +#endif #endif openvpn_exit (OPENVPN_EXIT_STATUS_USAGE); /* exit point */ } -- 1.7.3.4 

On Thu, May 3, 2012 at 8:36 PM, Alon Bar-Lev <alo...@gm...> wrote: > If source is located at git repository, acquire branch and revision > of head to be printed at --version output. > > Signed-off-by: Alon Bar-Lev <alo...@gm...> Slowly I get what you need. How is this one? Alon. 

On Thu, May 3, 2012 at 1:53 PM, Samuli Seppänen <sa...@op...> wrote: > >> On Thu, May 3, 2012 at 10:26 AM, David Sommerseth >> <ope...@to...> wrote: >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> On 27/04/12 14:15, Alon Bar-Lev wrote: >>>> 2012/4/27 Samuli Seppänen <sa...@op...>: >>>>> Il 27.04.2012 12:18, Heiko Hund ha scritto: >>>>>> On Friday 27 April 2012 09:54:15 Samuli Seppänen wrote: >>>>>>> Anyways, I cross-compiled latest "master" with this patch >>>>>>> applied and "bin" and "lib" directories on top of an existing >>>>>>> openvpn-2.3-alpha1 install. The old "bin" directory was >>>>>>> renamed to make sure none of it was used. I then renamed >>>>>>> "openvpn.ovpn" to "ääliö.ovpn" and "ta.key" to "ääliö.key" >>>>>>> using Windows Explorer. Then I updated the configuration file >>>>>>> to point to these files using Notepad (and later Wordpad). >>>>>> Notepad saves UTF-8 files with BOM, which is very uncommon. >>>>>> Maybe that was the problem. I ran into that when I was testing >>>>>> my patch. You might want to try using Notepad++ and save it as >>>>>> UTF-8 without BOM. >>>>>> >>>>>> HTH Heiko >>>>> Saved the configuration file to UTF-8 without BOM - after this I >>>>> got no complaints from OpenVPN-GUI. Launching OpenVPN from the >>>>> command prompt also worked... tls-auth was undefined in the >>>>> config, and openvpn called like this: >>>> if bom is a problem we should handle it properly in options.c, as >>>> we cannot expect users to understand bom issues. >>>> >>>>>> openvpn --config ääliö.ovpn --tls-auth ääliö.key 1 >>>>> Only minor issue was that the command prompt displayed funky >>>>> characters instead of the proper ones: >>>>> >>>>> <http://users.utu.fi/sjsepp/cmd2.png> >>>> Yes. this is OK. >>> Just so that I understand this more properly.  The reason this is >>> okay, is that because cmd.exe is not UTF-8 capable when displaying the >>> log data? >> Yes. >> The cmd uses the plain old DOS code page, and needs special fonts. >> If you add --log parameter you will see this correctly. >> >> Alon. >> > Tested with --log parameter. The logfile[1] seems to use the UTF-8 > encoding, and with proper viewers/editors the Scandinavian characters > (a/o umlauts, ä/ö) look just fine. On Windows most editors/viewers[3] > display funky two-byte characters, but that's probably expected. > > [1] An example log file is available here, search for "tls_auth_file": > <http://users.utu.fi/sjsepp/openvpn-log.txt> > [2] E.g. less and vi (in Git Bash), Wordpad, etc. > So I guess now we are good. Is anything else missing? Alon. 

Hi, 2012/5/3 David Sommerseth <ope...@to...>: > What I would like to see is something more like what's found in TOR > projects' obfsproxy, where the Makefile generates a micro-version.i, > which is included.  As this file is forced to be (re-)created each > time, it will always be accurate. > > I don't say that obfsproxy have done the implementation correct, but > it can at least be a seed for inspiration: I agree that the Makefile-based approach is more useful. Regarding the implementation: Depending on compile vs link time it might be faster to move the re-compiled part into a dedicated version.c which only contains a const char *get_ovpn_version() { return PACKAGE_VERSION_EXTRA_GIT_REVISION; } Cheers Fabian 

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/05/12 12:21, Gauri Bhave wrote: > Well that's the legacy that i got from the previous developer. So > just wanted to know if it supports UTF8. And it will really help if > you can point out the exact version's of OpenVPN access server and > OpenVPN connect client which support UTF8 username's and > Passwords. OpenVPN Access Server and OpenVPN Connect Client are the commercial offerings from OpenVPN Technologies. We don't support them here, and the codebase there are somewhat different from the OpenVPN Community Edition we support here. However, the Community Edition have all the features as the Access Server/Connect Client have - and some more. For the commercial support, please contact the company directly. Otherwise, feel free to dig into the information about the Community Edition of OpenVPN here: <https://community.openvpn.net/openvpn> There are some on-going works to update the Access Server and Connect Clients to a newer codebase, based upon the community version. However, there are no publicly known schedules for when or how this will happen. And we on the community side are not involved into those decisions at all. Having all that said, there has been done a lot in the community edition to support UTF-8, especially on Windows. If the commercial versions have pulled in that support or not, or have implemented something else; that we don't know anything about at all. But I suspect that the Access Server and Connect Client is currently not UTF-8 capable on Windows. There should also be no issues using the Community Edition on the client side against an Access Server installation, if that is an alternative. I hope this answers your question better. kind regards, David Sommerseth > On Thu, May 3, 2012 at 12:44 PM, Gert Doering <ge...@gr... > <mailto:ge...@gr...>> wrote: > > Hi, > > On Thu, May 03, 2012 at 12:14:28PM +0530, Gauri Bhave wrote: >> Can you tell me which version of openvpn started supporting utf8. >> I am using openvpn-2.1_rc15 but all my utf8 characters get >> converted to '_' (underscores), when i see the log on the server >> side and AD gives > me an >> error authentication failed. > > 2.3_alpha1 > > (Just as a side remark - I don't understand why anyone would want > to use a release *candidate* of something that has been properly > released over 3 years(!) ago - and the 2.1 train is now up to > 2.1.4, and there is 2.2.2 as well...) > > gert > > -- USENET is *not* the non-clickable part of WWW! > > //www.muc.de/~gert/ <http://www.muc.de/%7Egert/> Gert Doering - > Munich, Germany ge...@gr... <mailto:ge...@gr...> > fax: +49-89-35655025 ge...@ne... > <mailto:ge...@ne...> > > > > > ------------------------------------------------------------------------------ > > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. > Discussions will include endpoint security, mobile security and the > latest in malware threats. > http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > > > _______________________________________________ Openvpn-devel > mailing list Ope...@li... > https://lists.sourceforge.net/lists/listinfo/openvpn-devel -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk+ieT4ACgkQDC186MBRfroaiwCfUNxdN7fRmgPx4Zphf1JkEmwu lKgAnR2E1MUZdU9qQLtaTvvt8uU+cDa3 =ZgFK -----END PGP SIGNATURE----- 

Hi, On Thu, May 03, 2012 at 03:51:27PM +0530, Gauri Bhave wrote: > Well that's the legacy that i got from the previous developer. So just > wanted to know if it supports UTF8. No, all versions before 2.3_alpha1 will convert anything non-7bit-ASCII to "_" (as you have observed). > And it will really help if you can > point out the exact version's of OpenVPN access server and OpenVPN connect > client which support UTF8 username's and Passwords. I have no idea. This list is mainly driven by the community developers, while OpenVPN Access Server is a commercial product with commercial support - sharing bits of the code base, but not all of it. My guess would be that AS doesn't do UTF8 yet, but you'd really need to ask that question to your support contacts. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany ge...@gr... fax: +49-89-35655025 ge...@ne... 

Access Server and OpenVPN Connect client are commercial offerings based on the OpenVPN 2.1.x tree. As such, they lack many of the features that came in later community versions (2.2.x+). I'd guess they don't support UTF-8, either. I would use OpenVPN 2.3-alpha1 as it should be very stable and has most of the latest features. You can use the with Access Server, too. -- Samuli Seppänen Community Manager OpenVPN Technologies, Inc irc freenode net: mattock > Well that's the legacy that i got from the previous developer. So just > wanted to know if it supports UTF8. And it will really help if you can > point out the exact version's of OpenVPN access server and OpenVPN > connect client which support UTF8 username's and Passwords. > > Thanks > Gauri Bhave > > On Thu, May 3, 2012 at 12:44 PM, Gert Doering <ge...@gr... > <mailto:ge...@gr...>> wrote: > > Hi, > > On Thu, May 03, 2012 at 12:14:28PM +0530, Gauri Bhave wrote: > > Can you tell me which version of openvpn started supporting utf8. > I am > > using openvpn-2.1_rc15 but all my utf8 characters get converted > to '_' > > (underscores), when i see the log on the server side and AD gives > me an > > error authentication failed. > > 2.3_alpha1 > > (Just as a side remark - I don't understand why anyone would want > to use > a release *candidate* of something that has been properly released > over > 3 years(!) ago - and the 2.1 train is now up to 2.1.4, and there is > 2.2.2 as well...) > > gert > > -- > USENET is *not* the non-clickable part of WWW! > > //www.muc.de/~gert/ <http://www.muc.de/%7Egert/> > Gert Doering - Munich, Germany > ge...@gr... <mailto:ge...@gr...> > fax: +49-89-35655025 > ge...@ne... > <mailto:ge...@ne...> > > 

 > On Thu, May 3, 2012 at 10:26 AM, David Sommerseth > <ope...@to...> wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> On 27/04/12 14:15, Alon Bar-Lev wrote: >>> 2012/4/27 Samuli Seppänen <sa...@op...>: >>>> Il 27.04.2012 12:18, Heiko Hund ha scritto: >>>>> On Friday 27 April 2012 09:54:15 Samuli Seppänen wrote: >>>>>> Anyways, I cross-compiled latest "master" with this patch >>>>>> applied and "bin" and "lib" directories on top of an existing >>>>>> openvpn-2.3-alpha1 install. The old "bin" directory was >>>>>> renamed to make sure none of it was used. I then renamed >>>>>> "openvpn.ovpn" to "ääliö.ovpn" and "ta.key" to "ääliö.key" >>>>>> using Windows Explorer. Then I updated the configuration file >>>>>> to point to these files using Notepad (and later Wordpad). >>>>> Notepad saves UTF-8 files with BOM, which is very uncommon. >>>>> Maybe that was the problem. I ran into that when I was testing >>>>> my patch. You might want to try using Notepad++ and save it as >>>>> UTF-8 without BOM. >>>>> >>>>> HTH Heiko >>>> Saved the configuration file to UTF-8 without BOM - after this I >>>> got no complaints from OpenVPN-GUI. Launching OpenVPN from the >>>> command prompt also worked... tls-auth was undefined in the >>>> config, and openvpn called like this: >>> if bom is a problem we should handle it properly in options.c, as >>> we cannot expect users to understand bom issues. >>> >>>>> openvpn --config ääliö.ovpn --tls-auth ääliö.key 1 >>>> Only minor issue was that the command prompt displayed funky >>>> characters instead of the proper ones: >>>> >>>> <http://users.utu.fi/sjsepp/cmd2.png> >>> Yes. this is OK. >> Just so that I understand this more properly. The reason this is >> okay, is that because cmd.exe is not UTF-8 capable when displaying the >> log data? > Yes. > The cmd uses the plain old DOS code page, and needs special fonts. > If you add --log parameter you will see this correctly. > > Alon. > Tested with --log parameter. The logfile[1] seems to use the UTF-8 encoding, and with proper viewers/editors the Scandinavian characters (a/o umlauts, ä/ö) look just fine. On Windows most editors/viewers[3] display funky two-byte characters, but that's probably expected. [1] An example log file is available here, search for "tls_auth_file": <http://users.utu.fi/sjsepp/openvpn-log.txt> [2] E.g. less and vi (in Git Bash), Wordpad, etc. -- Samuli Seppänen Community Manager OpenVPN Technologies, Inc irc freenode net: mattock 

Well that's the legacy that i got from the previous developer. So just wanted to know if it supports UTF8. And it will really help if you can point out the exact version's of OpenVPN access server and OpenVPN connect client which support UTF8 username's and Passwords. Thanks Gauri Bhave On Thu, May 3, 2012 at 12:44 PM, Gert Doering <ge...@gr...> wrote: > Hi, > > On Thu, May 03, 2012 at 12:14:28PM +0530, Gauri Bhave wrote: > > Can you tell me which version of openvpn started supporting utf8. I am > > using openvpn-2.1_rc15 but all my utf8 characters get converted to '_' > > (underscores), when i see the log on the server side and AD gives me an > > error authentication failed. > > 2.3_alpha1 > > (Just as a side remark - I don't understand why anyone would want to use > a release *candidate* of something that has been properly released over > 3 years(!) ago - and the 2.1 train is now up to 2.1.4, and there is > 2.2.2 as well...) > > gert > > -- > USENET is *not* the non-clickable part of WWW! > // > www.muc.de/~gert/ <http://www.muc.de/%7Egert/> > Gert Doering - Munich, Germany > ge...@gr... > fax: +49-89-35655025 > ge...@ne... > 

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/05/12 20:16, Alon Bar-Lev wrote: > Looks good. If you testing this one, please ensure symbolic links > also works properly... :) Just to confirm, as I forgot to mention that in the 'applied' message earlier on. This was tested with symlinks on Linux. Both with a symlink pointing to a non-existing file and to a file which does exist. It all behaved as expected - wrong symlink gave a "no such file" error, otherwise the proper script was executed. kind regards, David Sommerseth > On Wed, May 2, 2012 at 8:54 PM, David Sommerseth > <da...@re...> wrote: >> To avoid confusion between check_file_access() and >> check_cmd_access() in the future, remove unneeded arguments from >> check_cmd_access() >> >> As a command will always be a file, it should always check for >> CHKACC_FILE and nothing else. And as the commands always will >> need X_OK, check only for that. >> >> One change from earlier behaviour is that R_OK is not checked >> for. The reason is that only scripts require R_OK to work. >> However, a system might be installed with binaries with only >> X_OK set. If a script is missing R_OK, then the execution will >> fail due to lacking permissions. >> >> Signed-off-by: David Sommerseth <da...@re...> --- >> src/openvpn/options.c | 48 >> ++++++++++++++++++++++++++---------------------- 1 files >> changed, 26 insertions(+), 22 deletions(-) >> >> diff --git a/src/openvpn/options.c b/src/openvpn/options.c index >> 5da2eb6..7769625 100644 --- a/src/openvpn/options.c +++ >> b/src/openvpn/options.c @@ -2690,7 +2690,7 @@ >> check_file_access(const int type, const char *file, const int >> mode, const char * * check_file_access() arguments. */ static >> bool -check_cmd_access(const int type, const char *command, >> const int mode, const char *opt) +check_cmd_access(const char >> *command, const char *opt) { struct argv argv; bool return_code; >> @@ -2705,7 +2705,11 @@ check_cmd_access(const int type, const >> char *command, const int mode, const char >> >> /* if an executable is specified then check it; otherwise, >> complain */ if (argv.argv[0]) - return_code = >> check_file_access(type, argv.argv[0], mode, opt); + /* >> Scripts requires R_OK as well, but that might fail on binaries >> which + * only requires X_OK to function on Unix - a scenario >> not unlikely to + * be seen on suid binaries. + */ + >> return_code = check_file_access(CHKACC_FILE, argv.argv[0], X_OK, >> opt); else { msg (M_NOPREFIX|M_OPTERR, "%s fails with '%s': No >> path to executable.", @@ -2797,26 +2801,26 @@ >> options_postprocess_filechecks (struct options *options) >> >> /* ** Script hooks that accept an optionally quoted and/or >> escaped executable path, ** */ /* ** optionally followed by >> arguments ** */ - errs |= check_cmd_access (CHKACC_FILE, >> options->auth_user_pass_verify_script, - R_OK|X_OK, >> "--auth-user-pass-verify script"); - errs |= check_cmd_access >> (CHKACC_FILE, options->client_connect_script, - R_OK|X_OK, >> "--client-connect script"); - errs |= check_cmd_access >> (CHKACC_FILE, options->client_disconnect_script, - R_OK|X_OK, >> "--client-disconnect script"); - errs |= check_cmd_access >> (CHKACC_FILE, options->tls_verify, - R_OK|X_OK, "--tls-verify >> script"); - errs |= check_cmd_access (CHKACC_FILE, >> options->up_script, - R_OK|X_OK, "--up script"); - errs |= >> check_cmd_access (CHKACC_FILE, options->down_script, - R_OK|X_OK, >> "--down script"); - errs |= check_cmd_access (CHKACC_FILE, >> options->ipchange, - R_OK|X_OK, "--ipchange script"); - errs |= >> check_cmd_access (CHKACC_FILE, options->route_script, - >> R_OK|X_OK, "--route-up script"); - errs |= check_cmd_access >> (CHKACC_FILE, options->route_predown_script, - R_OK|X_OK, >> "--route-pre-down script"); - errs |= check_cmd_access >> (CHKACC_FILE, options->learn_address_script, - R_OK|X_OK, >> "--learn-address script"); + errs |= check_cmd_access >> (options->auth_user_pass_verify_script, + >> "--auth-user-pass-verify script"); + errs |= check_cmd_access >> (options->client_connect_script, + "--client-connect script"); + >> errs |= check_cmd_access (options->client_disconnect_script, + >> "--client-disconnect script"); + errs |= check_cmd_access >> (options->tls_verify, + "--tls-verify >> script"); + errs |= check_cmd_access (options->up_script, + >> "--up script"); + errs |= check_cmd_access >> (options->down_script, + "--down >> script"); + errs |= check_cmd_access (options->ipchange, + >> "--ipchange script"); + errs |= check_cmd_access >> (options->route_script, + "--route-up >> script"); + errs |= check_cmd_access >> (options->route_predown_script, + "--route-pre-down script"); + >> errs |= check_cmd_access (options->learn_address_script, + >> "--learn-address script"); #endif /* P2MP_SERVER */ >> >> if (errs) -- 1.7.4.4 >> >> >> ------------------------------------------------------------------------------ >> >> >> Live Security Virtual Conference >> Exclusive live event will cover all the ways today's security and >> threat landscape has changed and how IT managers can respond. >> Discussions will include endpoint security, mobile security and >> the latest in malware threats. >> http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >> _______________________________________________ Openvpn-devel >> mailing list Ope...@li... >> https://lists.sourceforge.net/lists/listinfo/openvpn-devel > > ------------------------------------------------------------------------------ > > > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. > Discussions will include endpoint security, mobile security and > the latest in malware threats. > http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ Openvpn-devel > mailing list Ope...@li... > https://lists.sourceforge.net/lists/listinfo/openvpn-devel > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk+iTTcACgkQDC186MBRfrrHowCePfFeXrX1XrvZ1kgWHyHxeUn/ 6n0Ani5Wc4jzQYPq68VswxbeN3LPBBfY =GQ81 -----END PGP SIGNATURE----- 

From: David Sommerseth <da...@re...> Both is_persist_option() and is_stateful_restart() functions where never used anywhere in the code. Remove them. Signed-off-by: David Sommerseth <da...@re...> --- src/openvpn/options.c | 16 ---------------- src/openvpn/options.h | 3 --- 2 files changed, 0 insertions(+), 19 deletions(-) diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 7769625..c182d12 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -1047,22 +1047,6 @@ string_substitute (const char *src, int from, int to, struct gc_arena *gc) return ret; } -bool -is_persist_option (const struct options *o) -{ - return o->persist_tun - || o->persist_key - || o->persist_local_ip - || o->persist_remote_ip - ; -} - -bool -is_stateful_restart (const struct options *o) -{ - return is_persist_option (o) || connection_list_defined (o); -} - #ifdef ENABLE_SSL static uint8_t * parse_hash_fingerprint(const char *str, int nbytes, int msglevel, struct gc_arena *gc) diff --git a/src/openvpn/options.h b/src/openvpn/options.h index 1be3dfa..cc3e47a 100644 --- a/src/openvpn/options.h +++ b/src/openvpn/options.h @@ -749,9 +749,6 @@ bool apply_push_options (struct options *options, unsigned int *option_types_found, struct env_set *es); -bool is_persist_option (const struct options *o); -bool is_stateful_restart (const struct options *o); - void options_detach (struct options *o); void options_server_import (struct options *o, -- 1.7.4.4 

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 28/04/12 20:00, Alon Bar-Lev wrote: > If configure is located at git repository, acquire branch and > revision of head to be printed at --version output. > > Signed-off-by: Alon Bar-Lev <alo...@gm...> --- > configure.ac | 11 +++++++++++ src/openvpn/options.c | > 3 +++ 2 files changed, 14 insertions(+), 0 deletions(-) This is definitely a step in the right direction. However, it depends on ./configure being run to get the updated git revision set. When developing and testing out changes, you don't always need to run ./configure for each build. Thus this may provide a false reference. Let me explain more carefully: $ ./configure $ make (test src/openvpn/openvpn) (hack more on source files in src/openvpn) $ make (test src/openvpn/openvpn) $ src/openvpn/openvpn src/openvpn/openvpn-test1 (hack more on source files in src/openvpn) $ make (test src/openvpn/openvpn and compare against openvpn-test1) If doing such an iteration over a day or two or maybe weeks (which is not uncommon for me, as I don't have time to dig into OpenVPN every day), the git revision reference provided with your patch will not help me much. And as I also work across several branches, testing different approaches for the same issue, I would need far better overview over what's git HEAD of 'make' and not the 'configure' run. What I would like to see is something more like what's found in TOR projects' obfsproxy, where the Makefile generates a micro-version.i, which is included. As this file is forced to be (re-)created each time, it will always be accurate. I don't say that obfsproxy have done the implementation correct, but it can at least be a seed for inspiration: Makefile.am part: <https://gitweb.torproject.org/obfsproxy.git/blob/94ebc4c3edf1e3e5f313444e59981ac557578df5:/Makefile.am#l106> main.c parts: <https://gitweb.torproject.org/obfsproxy.git/blob/94ebc4c3edf1e3e5f313444e59981ac557578df5:/src/main.c#l38> <https://gitweb.torproject.org/obfsproxy.git/blob/94ebc4c3edf1e3e5f313444e59981ac557578df5:/src/main.c#l57> Otherwise, that this git revision is not available when doing 'make dist' is no problem. In fact, that's fairly reasonable, as an official release is far easier to track back to a concrete commit. kind regards, David Sommerseth -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk+iOakACgkQDC186MBRfrp1ZQCfZwJ740HBH2wGOEK5lAEt2681 W/gAoKHlGzxG124aj+CrK6uqsjCEcqvc =lCZv -----END PGP SIGNATURE----- 

On Thu, May 3, 2012 at 10:26 AM, David Sommerseth <ope...@to...> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 27/04/12 14:15, Alon Bar-Lev wrote: > > 2012/4/27 Samuli Seppänen <sa...@op...>: > >> Il 27.04.2012 12:18, Heiko Hund ha scritto: > >>> On Friday 27 April 2012 09:54:15 Samuli Seppänen wrote: > >>>> Anyways, I cross-compiled latest "master" with this patch > >>>> applied and "bin" and "lib" directories on top of an existing > >>>> openvpn-2.3-alpha1 install. The old "bin" directory was > >>>> renamed to make sure none of it was used. I then renamed > >>>> "openvpn.ovpn" to "ääliö.ovpn" and "ta.key" to "ääliö.key" > >>>> using Windows Explorer. Then I updated the configuration file > >>>> to point to these files using Notepad (and later Wordpad). > >>> Notepad saves UTF-8 files with BOM, which is very uncommon. > >>> Maybe that was the problem. I ran into that when I was testing > >>> my patch. You might want to try using Notepad++ and save it as > >>> UTF-8 without BOM. > >>> > >>> HTH Heiko > >> Saved the configuration file to UTF-8 without BOM - after this I > >> got no complaints from OpenVPN-GUI. Launching OpenVPN from the > >> command prompt also worked... tls-auth was undefined in the > >> config, and openvpn called like this: > > > > if bom is a problem we should handle it properly in options.c, as > > we cannot expect users to understand bom issues. > > > >> > >>> openvpn --config ääliö.ovpn --tls-auth ääliö.key 1 > >> > >> Only minor issue was that the command prompt displayed funky > >> characters instead of the proper ones: > >> > >> <http://users.utu.fi/sjsepp/cmd2.png> > > > > Yes. this is OK. > > Just so that I understand this more properly.  The reason this is > okay, is that because cmd.exe is not UTF-8 capable when displaying the > log data? Yes. The cmd uses the plain old DOS code page, and needs special fonts. If you add --log parameter you will see this correctly. Alon. 

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/05/12 19:54, David Sommerseth wrote: > To avoid confusion between check_file_access() and > check_cmd_access() in the future, remove unneeded arguments from > check_cmd_access() > > As a command will always be a file, it should always check for > CHKACC_FILE and nothing else. And as the commands always will need > X_OK, check only for that. > > One change from earlier behaviour is that R_OK is not checked for. > The reason is that only scripts require R_OK to work. However, a > system might be installed with binaries with only X_OK set. If a > script is missing R_OK, then the execution will fail due to lacking > permissions. > > Signed-off-by: David Sommerseth <da...@re...> --- > src/openvpn/options.c | 48 > ++++++++++++++++++++++++++---------------------- 1 files changed, > 26 insertions(+), 22 deletions(-) Applied to master branches on -testing and -stable trees. commit 0576a9f2f8c8a7cf2d50579e6762df6c86b388c5 Author: David Sommerseth <da...@re...> Date: Wed May 2 19:54:12 2012 +0200 Simplify check_cmd_access() function Signed-off-by: David Sommerseth <da...@re...> Acked-by: Alon Bar-Lev <alo...@gm...> Message-Id: 133...@re... URL: http://article.gmane.org/gmane.network.openvpn.devel/6391 kind regards, David Sommerseth -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk+iNbgACgkQDC186MBRfrqS+QCgjAEP5G6I4ZuPIENYMZXSxMoo 3UQAn2jZpM5ufBNPimZLvd/XV5ahbKeI =Xyxv -----END PGP SIGNATURE----- 

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 28/04/12 20:29, Alon Bar-Lev wrote: > Visual Studio 2010 editor supports UTF-8 files, we can store files > in standard encoding. > > Signed-off-by: Alon Bar-Lev <alo...@gm...> --- > src/openvpn/openvpn_win32_resources.rc | 4 +++- > src/openvpnserv/openvpnserv_resources.rc | 4 +++- 2 files > changed, 6 insertions(+), 2 deletions(-) > ACK, based on discussion. Applied to master branches on -testing and - -stable trees. commit a0e8911bf3ce72178e72784f744556bef20727b3 Author: Alon Bar-Lev <alo...@gm...> Date: Sat Apr 28 21:29:01 2012 +0300 build: windows: convert resources to UTF-8 Signed-off-by: Alon Bar-Lev <alo...@gm...> Acked-by: David Sommerseth <da...@re...> Message-Id: 133...@gm... URL: http://article.gmane.org/gmane.network.openvpn.devel/6380 Signed-off-by: David Sommerseth <da...@re...> kind regards, David Sommerseth -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk+iNXcACgkQDC186MBRfrreGQCgpWfny+sCr9B/9wHc7wb+qB+w UvUAn1XCQx+hN6S5q1EGmpDV7uTZ22Ed =aq4f -----END PGP SIGNATURE----- 

On 31/03/12 13:47, Jonathan K. Bullard wrote: > On Wed, Mar 28, 2012 at 2:11 PM, David Sommerseth > <ope...@to... <mailto:ope...@to...>> > wrote: > <snip> > > > Attached is a heavily revised version of my original patch. It uses > > argv_printf() to __check__ an option's commands, so it accepts exactly > > the same input as the parts of OpenVPN that __use__ the options' > > commands. It also makes all the relevant changes suggested by Gert > > except having the argument following --iproute checked. The --iproute > > code is handled differently than the other options, and I think it is > > OK that we don't do checking in 2.3 on something that wasn't checked > > in 2.2 and (apparently) might go away sometime soon. > > Thanks a lot! I have one more comment to what Gert and Fabian has > already covered. > Instead of adding wrapper function, check_cmd_access(), would it be > possible to > integrate this with check_file_access() and add another type flag, f.ex: > > #define CHKACC_EXEC (1<<5) /** Filename is an executable, ignore exec > args */ > > Then you can just flip the type flag from CHKACC_FILE to > CHKACC_EXEC. If > this > type is checked for, enforcing an X_OK mode check in addition is > probably > reasonable > too. > > > Thanks for this suggestion, David, but I believe it is better to create > a separate routine for this: > > 1. The input is not a path, but a "command". A "command" is processed > (single- and double-quote and backslashes are processed and leading > spaces are removed), and it consists not only of a path, but may > include arguments. > 2. Having two separate functions makes two cleaner and more readable > (to me) functions, instead of a single function that accepts strings > with two different formats and is more complicated. > > The first attached patch incorporates Fabian's comments. But if the > consensus is that I should incorporate David's suggestion, I will do that. > > The first patch also updates the usage message to clarify what a "cmd" > is. (That is, it is /not/ a shell script or path.) > > The second patch updates the man page to: > > * Clarify what a "cmd" is; > * Change the descriptions of several options to note that they accept > a "command"; > * Change the description of --client-connect and --client-disconnect > indicate that the temporary file's path is passed as the /last/ > argument to the command, not the /first/ argument; and > * Adds a description of --route-pre-down to the descriptions of the > other --route options. > > Thanks again to Fabian, Gert, and David for their help. Sorry for the late response, but this got applied yesterday to the master branches on -stable and -testing trees. I took the freedom to re-arrange your patches and make the commits more related to each other and to quickly create a couple of commit messages. commit d62859980c30362b36b7338fc99fe76e4ecb2cbd Author: Jonathan K. Bullard <jkb...@gm...> Date: Sat Mar 31 07:47:34 2012 -0400 Clarified the docs and help screen about what a 'cmd' is This also changes the descriptions of several options to note that they accept a "command"; change the description of --client-connect and --client-disconnect indicate that the temporary file's path is passed as the last argument to the command, not the first argument; and Adds a description of --route-pre-down to the descriptions of the other --route options. [DS: This patch is based on parts of the options.c.diff and the complete openvpn.8.diff patch sent to the mailing list - where these docs changes are merged together into this patch] Signed-off-by: Jonathan K. Bullard <jkb...@gm...> Acked-by: Gert Doering <ge...@gr...> Message-Id: CAE...@ma... URL: http://article.gmane.org/gmane.network.openvpn.devel/6194 Signed-off-by: David Sommerseth <da...@re...> commit a050bcef9cf71e7479551677b116879e6c563bd5 Author: Jonathan K. Bullard <jkb...@gm...> Date: Sat Mar 31 07:47:34 2012 -0400 Fix file access checks on commands The current implementation of check_file_access() does not consider that some options take scripts and executables as input. When some of these commands are given arguments in the OpenVPN configuration, check_file_access() would take those arguments as a part of the file name to the command. Thus the file check would fail. This patch improves that by introducing a check_cmd_access() function which first splits out the arguments to the command before checking if the file with the command is available. [DS: This patch is splitted out from the options.c.diff patch sent to the mailing list - where only the function changes is included here] Signed-off-by: Jonathan K. Bullard <jkb...@gm...> Acked-by: Gert Doering <ge...@gr...> Message-Id: CAE...@ma... URL: http://article.gmane.org/gmane.network.openvpn.devel/6194 Signed-off-by: David Sommerseth <da...@re...> kind regards, David Sommerseth 

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 27/04/12 14:15, Alon Bar-Lev wrote: > 2012/4/27 Samuli Seppänen <sa...@op...>: >> Il 27.04.2012 12:18, Heiko Hund ha scritto: >>> On Friday 27 April 2012 09:54:15 Samuli Seppänen wrote: >>>> Anyways, I cross-compiled latest "master" with this patch >>>> applied and "bin" and "lib" directories on top of an existing >>>> openvpn-2.3-alpha1 install. The old "bin" directory was >>>> renamed to make sure none of it was used. I then renamed >>>> "openvpn.ovpn" to "ääliö.ovpn" and "ta.key" to "ääliö.key" >>>> using Windows Explorer. Then I updated the configuration file >>>> to point to these files using Notepad (and later Wordpad). >>> Notepad saves UTF-8 files with BOM, which is very uncommon. >>> Maybe that was the problem. I ran into that when I was testing >>> my patch. You might want to try using Notepad++ and save it as >>> UTF-8 without BOM. >>> >>> HTH Heiko >> Saved the configuration file to UTF-8 without BOM - after this I >> got no complaints from OpenVPN-GUI. Launching OpenVPN from the >> command prompt also worked... tls-auth was undefined in the >> config, and openvpn called like this: > > if bom is a problem we should handle it properly in options.c, as > we cannot expect users to understand bom issues. > >> >>> openvpn --config ääliö.ovpn --tls-auth ääliö.key 1 >> >> Only minor issue was that the command prompt displayed funky >> characters instead of the proper ones: >> >> <http://users.utu.fi/sjsepp/cmd2.png> > > Yes. this is OK. Just so that I understand this more properly. The reason this is okay, is that because cmd.exe is not UTF-8 capable when displaying the log data? kind regards, David Sommerseth -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEUEARECAAYFAk+iMy8ACgkQDC186MBRfrp8LACeNRzTrcdd8JWyzTEJ3B5Kv1ye iFsAmNM0T3LgxrlJeg3I+7F1aoMSqpw= =PhBy -----END PGP SIGNATURE----- 

Hi, On Thu, May 03, 2012 at 12:14:28PM +0530, Gauri Bhave wrote: > Can you tell me which version of openvpn started supporting utf8. I am > using openvpn-2.1_rc15 but all my utf8 characters get converted to '_' > (underscores), when i see the log on the server side and AD gives me an > error authentication failed. 2.3_alpha1 (Just as a side remark - I don't understand why anyone would want to use a release *candidate* of something that has been properly released over 3 years(!) ago - and the 2.1 train is now up to 2.1.4, and there is 2.2.2 as well...) gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany ge...@gr... fax: +49-89-35655025 ge...@ne... 

Hi, Can you tell me which version of openvpn started supporting utf8. I am using openvpn-2.1_rc15 but all my utf8 characters get converted to '_' (underscores), when i see the log on the server side and AD gives me an error authentication failed. Please help me Thanks Gauri Bhave On Wed, May 2, 2012 at 3:15 PM, Gauri Bhave <gau...@gm...> wrote: > Hi, > > Thanks for your prompt reply. I am currently using version > openvpn-2.1_rc15. But it changes all the non printable characters in the > hindi username to '_'. I am sending it a UTF8 username. > > Thanks > Gauri Bhave > > > > On Wed, May 2, 2012 at 2:45 PM, Alon Bar-Lev <alo...@gm...>wrote: > >> Hello, >> >> OpenVPN is basically UTF-8 enabled. >> There was a recent patch to fix some issue with the management >> interface in this regard. >> Most probably you will need to convert UCS-2 to UTF-8 when sending the >> user/password into openvpn. >> So you can try out the master branch and see if it works for you. >> >> Alon. >> >> On Wed, May 2, 2012 at 12:10 PM, Gauri Bhave <gau...@gm...> wrote: >> > Hi, >> > >> > I am customizing the openvpn GUI to support multiple languages. I want >> to >> > connect using a non ASCII username, Say a chinese or hindi user name. >> Is it >> > possible in Open VPN. >> > >> > Thanks >> > Gauri Bhave >> > >> > >> ------------------------------------------------------------------------------ >> > Live Security Virtual Conference >> > Exclusive live event will cover all the ways today's security and >> > threat landscape has changed and how IT managers can respond. >> Discussions >> > will include endpoint security, mobile security and the latest in >> malware >> > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >> > _______________________________________________ >> > Openvpn-devel mailing list >> > Ope...@li... >> > https://lists.sourceforge.net/lists/listinfo/openvpn-devel >> > >> > >