1. 10 Sep, 2021 1 commit
  2. 25 Jul, 2021 1 commit
  3. 08 Jun, 2021 2 commits
    • Beniamino Galvani's avatar
      helper: fix parsing of IPv6 configuration · f9286da9
      Beniamino Galvani authored
      If the server pushes, for example:
      
        ifconfig-ipv6 2001:db8:f00:bebe::1003/64 2001:db8:f00:bebe::1
      
      NetworkManager considers the first argument as the subnet and the
      second as the peer, and so it does something equivalent to:
      
        ip addr add dev tun0 2001:db8:f00:bebe::1003/64 peer 2001:db8:f00:bebe::1
      
      which appears in the "ip -6 addr" output as:
      
          inet6 2001:db8:f00:bebe::1003 peer 2001:db8:f00:bebe::1/128 scope global
             valid_lft forever preferred_lft forever
      
      Instead, according to 'man openvpn', NM should simply add address
      2001:db8:f00:bebe::1003/64 and use the second argument as a fallback
      gateway for the routes specified by '--route-ipv6':
      
            --ifconfig-ipv6 ipv6addr/bits ipv6remote
                  configure IPv6 address ipv6addr/bits on the ``tun'' device.  The
                  second parameter is used as route target for --route-ipv6 if  no
                  gateway is specified.
      
           --route-ipv6 ipv6addr/bits [gateway] [metric]
                  setup IPv6 routing in the system to send the specified IPv6 net-
                  work into OpenVPN's ``tun''.  The gateway parameter is only used
                  for  IPv6  routes  across  ``tap''  devices, and if missing, the
                  ``ipv6remote'' field from --ifconfig-ipv6 is used.
      
      #71
      https://mail.gnome.org/archives/networkmanager-list/2021-June/msg00000.html
      f9286da9
    • Beniamino Galvani's avatar
  4. 07 Jun, 2021 4 commits
  5. 31 May, 2021 1 commit
  6. 11 May, 2021 1 commit
  7. 25 Apr, 2021 1 commit
  8. 02 Apr, 2021 1 commit
  9. 30 Mar, 2021 4 commits
  10. 16 Mar, 2021 1 commit
  11. 15 Mar, 2021 1 commit
  12. 13 Mar, 2021 1 commit
  13. 08 Mar, 2021 1 commit
  14. 26 Feb, 2021 1 commit
  15. 16 Feb, 2021 1 commit
  16. 13 Feb, 2021 1 commit
  17. 10 Feb, 2021 1 commit
    • Beniamino Galvani's avatar
      helper: ignore IPv6 configuration without an address · 56bb08f2
      Beniamino Galvani authored
      OpenVPN 2.5.0 started to pass incomplete IPv6 configurations when the
      server is not fully configured for IPv6 but has some IPv6
      directives. For example, it is enough to add 'push "route-ipv6 ::/0"'
      to a IPv4-only setup to trigger this behavior.
      
      As a result, NetworkManager rejects the configuration as invalid and
      the connection fails.
      
      Fix this by ignoring IPv6 configurations without an address.
      
      #64
      56bb08f2
  18. 05 Feb, 2021 2 commits
  19. 31 Jan, 2021 1 commit
  20. 28 Jan, 2021 1 commit
  21. 27 Jan, 2021 1 commit
  22. 26 Jan, 2021 1 commit
    • Ernestas Kulik's avatar
      Handle tls-crypt-v2 keys · 717a1d41
      Ernestas Kulik authored
      OpenVPN 2.5.0 adds client-specific tls-crypt keys under the tls-crypt-v2
      option, which is currently not supported. This commit adds the necessary
      import/export machinery to support it.
      717a1d41
  23. 20 Jan, 2021 1 commit
  24. 17 Jan, 2021 1 commit
  25. 11 Jan, 2021 1 commit
  26. 05 Jan, 2021 1 commit
  27. 30 Dec, 2020 2 commits
  28. 27 Dec, 2020 1 commit
  29. 25 Dec, 2020 2 commits
    • Yuri Chornoivan's avatar
      Update Ukrainian translation · af82acc9
      Yuri Chornoivan authored and Administrator's avatar Administrator committed
      af82acc9
    • Katelyn Schiesser's avatar
      Handle the various pkcs12/cert/key/ca combinations. · 34a0c925
      Katelyn Schiesser authored and Thomas Haller's avatar Thomas Haller committed
      OpenVPN allows supplying PKCS#12 client cert/key *or* PEM client cert/key, as
      well as a PEM CA cert in either case. When supplying --pkcs12, the args --cert
      and --key can not be used. So, you can have one of the following:
      
          - PKCS#12 combined cert/key/ca (one file): --pkcs12
          - PKCS#12 combined cert/key/ca with PEM CA: --pkcs12, --ca
          - PEM cert/key, PEM CA: --cert, --key, --ca
      
      If a user tries to import an invalid config, they will be met with the appropriate
      error message. The editor dialog also enforces the PKCS#12/PEM restrictions.
      
      !29
      34a0c925
  30. 29 Nov, 2020 1 commit