OpenVPN 3 Linux v7 (beta)
The highlights of this release are:
* Bugfix: openvpn3 log --session-path was misbehaving and returned a very
little helpful error message.
* Bugfix: Logging integration could crash due to a strict D-Bus policy for
the OpenVPN 3 log service.
* Bugfix: The VPN backend process cold crash if it lost contact with the
OpenVPN 3 Network Configuration service.
* Bugfix: The port-override setting in configuration profiles, available
via the OpenVPN 3 Configuration Manager service was not working.
* Bugfix: Improve validation of the D-Bus paths which can be given to
the various openvpn3 commands, which results in better error messages
when an incorrect path is given.
* Bugfix: Improved operational stability if a depending OpenVPN 3 D-Bus
service is interrupted or stops running, by ensuring the caller of the
D-Bus service has a valid connection to the D-Bus daemon and that the
needed service is available before accessing it.
* Enhancement: If compression is enabled on the VPN tunnel, either by
the local configuration profile or being pushed by the server, this is
now logged as a critical event in the log files.
* Enhancement: Provide the session name set inside the OpenVPN 3 Core
library by the library itself to the OpenVPN 3 Session Manager. This
information is exposed via the openvpn3 sessions-list command.
* Enhancement: Provide the virtual interface name used by the running
VPN sessions via the OpenVPN 3 Session Manager. This information is
exposed via the openvpn3 sessions-list command.
* Enhancement: Several openvpn3 commands can now take the --interface
option as an alternative to --path or --config. The command will now
lookup the interface name and find the appropriate D-Bus path for the
session this interface is tied to. Bash shell completion for --interface
has also been added.
* Enhancement: The output provided by openvpn3 sessions-list has been
reorganized and clean-up a little bit.
* Enhancement: A lot of the low level technical D-Bus related information
is now stripped from most of the error messages in the user front-end
applications (openvpn2, openvpn3, openvpn3-admin)
* Enhancement: Added support for --verify-x509-name
* Enhancement: The unified policy for all OpenVPN 3 D-Bus services has now
been split up into separate policy files per service.
* Enhancement: New command line utility, openvpn3-as. This can import
a configuration profile from an OpenVPN Access Server by just providing
the URL to the Access Server.
* Extended openvpn3-admin version with --services, to list version
information of all related D-Bus services
* Enhancement: The OpenVPN 3 Logger service has been extended to provide
a list of all services it has attached itself to for retrieving Log
events.
* Enhancement: Extended the Python openvpn3 module with methods to retrieve
information and lightly manage interfaces handled by the OpenVPN 3
Network Configuration service.
The complete overview of all changes:
David Sommerseth (72):
docs: Updated README file
python: Give better information when starting background VPN sessions
build: Ensure we really use the system liblz4 library
docs: Update the pre-built section in README
ovpn3cli: Fix misbehaving log --session-path
core: Update to latest OpenVPN 3 Core Library
tests: Adding unit-test framework
tests: Port a few simple unit tests
tests: Ported NetCfgChangeEvent unit test
tests: Ported StatusEvent selftest to unit test
tests: Ported LogEvent selftest to unit test
common/cmdargparser: Slight minor improvements
common: Make cmdargparser.hpp a separate compilation unit
client: Tackle better if NetCfgProxy object is lost
netcfg: Add version property to main service object
netcfg: Make proxy-netcfg a separate compilation unit
dbus/proxy: Ensure access denials exceptions are handled explicitly
log: Don't throw access denied exception during init
ovpn3cli/admin: Add --service argument to openvpn3-admin version
tests: Make Jenkins run unit tests and collect results
client: Expose session name via D-Bus
sessionmgr: Expose session name
ovpn3cli/session: Display session name
python: Add OpenVPN 3 version to Python constants
python: Add openvpn3-as - Access Server support utility
python/openvpn3-as: Fix trailing slashes in URLs
python/openvpn3-as: Extend with challenge/response auth support
tests: Fix failing unittest with --enable-debug-core-events
proxy: Add input validation on D-Bus paths
client: Proxy warning from Core when compression has been enabled
proxy: Provide method extracting proxy object path
client: Provide methods retrieving netcfg device path and name
client: Expose netcfg device path and name via D-Bus
sessionmgr: Expose NetCfg device path and name for VPN sessions
cli/session: Expose device name used by session in sessions-list
session/proxy: Fix memory leaks in GetConnectionStats()
sessionmgr: Add two new main manager methods
sessionmgr/proxy: Add proxy methods for interface lookups
ovpn3cli: Add argument helper for retrieving interface names
ovpn3cli/session: Add --interface option to some session commands
tests: Fix lookup unit-test with SUSE docker containers
log/proxy: Fix -Wcatch-value compiler warnings
core-ext: Replace hacky option string export
client: Fix incorrect processing of port override
netcfg: Fix inconsistent glib2 behaviour on Ubuntu
sessionmgr: Handle missing backend gracefully for device_name
tests: Add test program quering version property in services
Fix incorrect spelling of 'retrieving'
dbus/proxy: Strip "remote" part of GDBus errors
core: Update to latest OpenVPN 3 Core library
python: Add support for --verify-x509-name
proxy: Don't throw access denials in GetServiceVersion()
man: Update openvpn2
proxy: Fix incorrect error in DBusProxy::GetServiceVersion()
netcfg: Reorganize netcfg-changeevent.{cpp,hpp}
policy: Split up the D-Bus policy per service
proxy: Move the GDBus error message strip after AccessDenied check
dbus: Ensure the D-Bus connection still valid
sessionmgr/proxy: Verify session objects availability before calling it
dbus/idlecheck: Consider last_operation when executing idle exit
tests: Add simple connect/disconnect stress test
dbus/signals: Add getter methods for interface and object path
dbus/proxy: Ensure we have a valid D-Bus connection before proxy calls
log: Add new admin method retrieving attached subscriptions
log/proxy: Add C++ method for accessing GetSubscriberLog
ovpn3cli/log-service: Add --list-subscriptions mode
ovpn3cli/session: Minor overhaul of sessions-list
sessionmgr: Grant access to the device_path in a session
python/SessionManager: Add Introspection() and GetObjectPath() methods
python: Add NetCfgChangeType constants
python/NetCfgManager: New openvpn3 module for the netcfg service
build: Clean up *~ files in a few forgotten places