├── README.md ├── SECURITY ├── db └── init.sql ├── payment └── web │ ├── db.sql │ └── payment │ ├── class │ ├── alipay_function.php │ ├── alipay_notify.php │ └── alipay_service.php │ ├── db-config.php │ ├── header.php │ ├── img │ ├── Thumbs.db │ └── alipay.gif │ ├── index.php │ ├── log.txt │ ├── login.html │ ├── login.php │ ├── new-order.php │ ├── notify_url.php │ ├── return_url.php │ ├── transactions.php │ └── view.php ├── scripts ├── etc │ └── init.d │ │ └── pptpd-iptables └── opt │ └── pardiff │ └── scripts │ ├── .list │ ├── check-status-coupon.pl │ ├── connections_st.pl │ ├── data_acq.pl │ ├── draw │ ├── draw-traffic │ ├── expire.pl │ ├── generate-coupons.pl │ ├── mysql-ip-down │ ├── mysql-ip-up │ ├── openvpn-refresh.pl │ ├── report.pl │ ├── traffic_st.pl │ └── update_traffic.pl ├── src ├── Net-OpenVPN-Manage-0.02 │ ├── META.yml │ ├── Makefile.PL │ ├── README │ ├── eg │ │ ├── OpenVPN_Status.cgi │ │ ├── manage.pl │ │ ├── openvpn.cgi │ │ └── testing.html │ └── lib │ │ └── Net │ │ └── OpenVPN │ │ ├── Manage.html │ │ └── Manage.pm ├── myopenvpn │ ├── build │ ├── dump.sql │ ├── myopenvpn.c │ ├── note.txt │ └── openvpn-plugin.h ├── openvpn-2.1.1 │ ├── AUTHORS │ ├── COPYING │ ├── COPYRIGHT.GPL │ ├── ChangeLog │ ├── INSTALL │ ├── INSTALL-win32.txt │ ├── Makefile.am │ ├── Makefile.in │ ├── NEWS │ ├── PORTS │ ├── README │ ├── acinclude.m4 │ ├── aclocal.m4 │ ├── base64.c │ ├── base64.h │ ├── basic.h │ ├── buffer.c │ ├── buffer.h │ ├── circ_list.h │ ├── common.h │ ├── config-win32.h │ ├── config-win32.h.in │ ├── config.guess │ ├── config.h.in │ ├── config.sub │ ├── configure │ ├── configure.ac │ ├── contrib │ │ ├── README │ │ ├── multilevel-init.patch │ │ ├── openvpn-fwmarkroute-1.00 │ │ │ ├── README │ │ │ ├── fwmarkroute.down │ │ │ └── fwmarkroute.up │ │ └── pull-resolv-conf │ │ │ ├── client.down │ │ │ └── client.up │ ├── crypto.c │ ├── crypto.h │ ├── cryptoapi.c │ ├── cryptoapi.h │ ├── debug │ │ └── valgrind-suppress │ ├── depcomp │ ├── dhcp.c │ ├── dhcp.h │ ├── doclean │ ├── domake-win │ ├── easy-rsa │ │ ├── 1.0 │ │ │ ├── README │ │ │ ├── build-ca │ │ │ ├── build-dh │ │ │ ├── build-inter │ │ │ ├── build-key │ │ │ ├── build-key-pass │ │ │ ├── build-key-pkcs12 │ │ │ ├── build-key-server │ │ │ ├── build-req │ │ │ ├── build-req-pass │ │ │ ├── clean-all │ │ │ ├── list-crl │ │ │ ├── make-crl │ │ │ ├── openssl.cnf │ │ │ ├── revoke-crt │ │ │ ├── revoke-full │ │ │ ├── sign-req │ │ │ └── vars │ │ ├── 2.0 │ │ │ ├── Makefile │ │ │ ├── README │ │ │ ├── build-ca │ │ │ ├── build-dh │ │ │ ├── build-inter │ │ │ ├── build-key │ │ │ ├── build-key-pass │ │ │ ├── build-key-pkcs12 │ │ │ ├── build-key-server │ │ │ ├── build-req │ │ │ ├── build-req-pass │ │ │ ├── clean-all │ │ │ ├── inherit-inter │ │ │ ├── keys │ │ │ │ ├── 01.pem │ │ │ │ ├── 02.pem │ │ │ │ ├── 03.pem │ │ │ │ ├── ca.crt │ │ │ │ ├── ca.key │ │ │ │ ├── client.crt │ │ │ │ ├── client.csr │ │ │ │ ├── client.key │ │ │ │ ├── dh1024.pem │ │ │ │ ├── index.txt │ │ │ │ ├── index.txt.attr │ │ │ │ ├── index.txt.attr.old │ │ │ │ ├── index.txt.old │ │ │ │ ├── serial │ │ │ │ ├── serial.old │ │ │ │ ├── server.crt │ │ │ │ ├── server.csr │ │ │ │ ├── server.key │ │ │ │ ├── test-user.crt │ │ │ │ ├── test-user.csr │ │ │ │ └── test-user.key │ │ │ ├── list-crl │ │ │ ├── openssl-0.9.6.cnf │ │ │ ├── openssl.cnf │ │ │ ├── pkitool │ │ │ ├── revoke-full │ │ │ ├── sign-req │ │ │ ├── vars │ │ │ └── whichopensslcnf │ │ └── Windows │ │ │ ├── README.txt │ │ │ ├── build-ca-pass.bat │ │ │ ├── build-ca.bat │ │ │ ├── build-dh.bat │ │ │ ├── build-key-pass.bat │ │ │ ├── build-key-pkcs12.bat │ │ │ ├── build-key-server-pass.bat │ │ │ ├── build-key-server.bat │ │ │ ├── build-key.bat │ │ │ ├── clean-all.bat │ │ │ ├── index.txt.start │ │ │ ├── init-config.bat │ │ │ ├── revoke-full.bat │ │ │ ├── serial.start │ │ │ └── vars.bat.sample │ ├── errlevel.h │ ├── error.c │ ├── error.h │ ├── event.c │ ├── event.h │ ├── fdmisc.c │ ├── fdmisc.h │ ├── forward-inline.h │ ├── forward.c │ ├── forward.h │ ├── fragment.c │ ├── fragment.h │ ├── gremlin.c │ ├── gremlin.h │ ├── helper.c │ ├── helper.h │ ├── ieproxy.c │ ├── ieproxy.h │ ├── images │ │ ├── Makefile.am │ │ ├── Makefile.in │ │ ├── icon.ico │ │ └── install-whirl.bmp │ ├── init.c │ ├── init.h │ ├── install-sh │ ├── install-win32 │ │ ├── GetWindowsVersion.nsi │ │ ├── Makefile.am │ │ ├── Makefile.in │ │ ├── build-pkcs11-helper.sh │ │ ├── buildinstaller │ │ ├── ddk-common │ │ ├── doclean │ │ ├── dosname.pl │ │ ├── getgui │ │ ├── getopenssl │ │ ├── getpkcs11helper │ │ ├── getprebuilt │ │ ├── getxgui │ │ ├── ifdef.pl │ │ ├── m4todef.pl │ │ ├── macro.pl │ │ ├── makeopenvpn │ │ ├── maketap │ │ ├── maketapinstall │ │ ├── maketext │ │ ├── openssl │ │ │ ├── README.txt │ │ │ ├── openssl097.patch │ │ │ └── openssl098.patch │ │ ├── openvpn.nsi │ │ ├── sample.ovpn │ │ ├── setpath.nsi │ │ ├── settings.in │ │ ├── trans.pl │ │ ├── u2d.c │ │ └── winconfig │ ├── integer.h │ ├── interval.c │ ├── interval.h │ ├── list.c │ ├── list.h │ ├── lladdr.c │ ├── lladdr.h │ ├── lzo.c │ ├── lzo.h │ ├── manage.c │ ├── manage.h │ ├── mbuf.c │ ├── mbuf.h │ ├── memcmp.c │ ├── memdbg.h │ ├── misc.c │ ├── misc.h │ ├── missing │ ├── mroute.c │ ├── mroute.h │ ├── mss.c │ ├── mss.h │ ├── mtcp.c │ ├── mtcp.h │ ├── mtu.c │ ├── mtu.h │ ├── mudp.c │ ├── mudp.h │ ├── multi.c │ ├── multi.h │ ├── ntlm.c │ ├── ntlm.h │ ├── occ-inline.h │ ├── occ.c │ ├── occ.h │ ├── openvpn-plugin.h │ ├── openvpn.8 │ ├── openvpn.c │ ├── openvpn.h │ ├── openvpn.spec │ ├── openvpn.spec.in │ ├── options.c │ ├── options.h │ ├── otime.c │ ├── otime.h │ ├── packet_id.c │ ├── packet_id.h │ ├── perf.c │ ├── perf.h │ ├── pf-inline.h │ ├── pf.c │ ├── pf.h │ ├── ping-inline.h │ ├── ping.c │ ├── ping.h │ ├── pkcs11.c │ ├── pkcs11.h │ ├── plugin.c │ ├── plugin.h │ ├── plugin │ │ ├── README │ │ ├── auth-pam │ │ │ ├── .svnignore │ │ │ ├── Makefile │ │ │ ├── README │ │ │ ├── auth-pam.c │ │ │ ├── pamdl.c │ │ │ └── pamdl.h │ │ ├── defer │ │ │ ├── README │ │ │ ├── build │ │ │ ├── simple.c │ │ │ ├── simple.def │ │ │ └── winbuild │ │ ├── down-root │ │ │ ├── Makefile │ │ │ ├── README │ │ │ └── down-root.c │ │ └── examples │ │ │ ├── README │ │ │ ├── build │ │ │ ├── log.c │ │ │ ├── simple.c │ │ │ ├── simple.def │ │ │ └── winbuild │ ├── pool.c │ ├── pool.h │ ├── proto.c │ ├── proto.h │ ├── proxy.c │ ├── proxy.h │ ├── ps.c │ ├── ps.h │ ├── push.c │ ├── push.h │ ├── pushlist.h │ ├── reliable.c │ ├── reliable.h │ ├── route.c │ ├── route.h │ ├── sample-config-files │ │ ├── README │ │ ├── client.conf │ │ ├── firewall.sh │ │ ├── home.up │ │ ├── loopback-client │ │ ├── loopback-server │ │ ├── office.up │ │ ├── openvpn-shutdown.sh │ │ ├── openvpn-startup.sh │ │ ├── server.conf │ │ ├── static-home.conf │ │ ├── static-office.conf │ │ ├── tls-home.conf │ │ ├── tls-office.conf │ │ ├── xinetd-client-config │ │ └── xinetd-server-config │ ├── sample-keys │ │ ├── README │ │ ├── ca.crt │ │ ├── ca.key │ │ ├── client.crt │ │ ├── client.key │ │ ├── dh1024.pem │ │ ├── pass.crt │ │ ├── pass.key │ │ ├── pkcs12.p12 │ │ ├── server.crt │ │ └── server.key │ ├── sample-scripts │ │ ├── auth-pam.pl │ │ ├── bridge-start │ │ ├── bridge-stop │ │ ├── bs │ │ ├── openvpn.init │ │ ├── ucn.pl │ │ └── verify-cn │ ├── schedule.c │ ├── schedule.h │ ├── service-win32 │ │ ├── Makefile.am │ │ ├── Makefile.in │ │ ├── openvpnserv.c │ │ ├── service.c │ │ └── service.h │ ├── session_id.c │ ├── session_id.h │ ├── shaper.c │ ├── shaper.h │ ├── sig.c │ ├── sig.h │ ├── socket.c │ ├── socket.h │ ├── socks.c │ ├── socks.h │ ├── ssl.c │ ├── ssl.h │ ├── status.c │ ├── status.h │ ├── suse │ │ └── openvpn.init │ ├── syshead.h │ ├── t_cltsrv-down.sh │ ├── t_cltsrv.sh │ ├── t_lpback.sh │ ├── tap-win32 │ │ ├── MAKEFILE │ │ ├── SOURCES.in │ │ ├── common.h │ │ ├── constants.h │ │ ├── dhcp.c │ │ ├── dhcp.h │ │ ├── endian.h │ │ ├── error.c │ │ ├── error.h │ │ ├── filt.py │ │ ├── hexdump.c │ │ ├── hexdump.h │ │ ├── i386 │ │ │ └── OemWin2k.inf.in │ │ ├── instance.c │ │ ├── lock.h │ │ ├── macinfo.c │ │ ├── macinfo.h │ │ ├── mem.c │ │ ├── proto.h │ │ ├── prototypes.h │ │ ├── resource.rc │ │ ├── tapdrvr.c │ │ ├── tmp │ │ │ ├── common.h │ │ │ ├── constants.h │ │ │ ├── dhcp.c │ │ │ ├── dhcp.h │ │ │ ├── endian.h │ │ │ ├── error.c │ │ │ ├── error.h │ │ │ ├── hexdump.c │ │ │ ├── hexdump.h │ │ │ ├── instance.c │ │ │ ├── lock.h │ │ │ ├── macinfo.c │ │ │ ├── macinfo.h │ │ │ ├── mem.c │ │ │ ├── proto.h │ │ │ ├── prototypes.h │ │ │ ├── tapdrvr.c │ │ │ └── types.h │ │ └── types.h │ ├── thread.c │ ├── thread.h │ ├── tun.c │ ├── tun.h │ ├── version.m4 │ ├── win32.c │ └── win32.h └── pppd-sql-0.8.0 │ ├── AUTHORS │ ├── COPYING │ ├── ChangeLog │ ├── FAQ │ ├── INSTALL │ ├── Makefile │ ├── Makefile.am │ ├── Makefile.in │ ├── NEWS │ ├── README │ ├── README.encryption │ ├── README.scripts │ ├── THANKS │ ├── TODO │ ├── aclocal.m4 │ ├── autogen.sh │ ├── compile │ ├── config.guess │ ├── config.h │ ├── config.h.in │ ├── config.log │ ├── config.status │ ├── config.sub │ ├── configure │ ├── configure.ac │ ├── doc │ ├── Makefile │ ├── Makefile.am │ ├── Makefile.in │ ├── pppd-mysql.8 │ └── pppd-pgsql.8 │ ├── install-sh │ ├── libtool │ ├── ltmain.sh │ ├── missing │ ├── scripts │ ├── ppp-login-mysql.sql │ └── ppp-login-postgresql.sql │ ├── src │ ├── Makefile │ ├── Makefile.am │ ├── Makefile.in │ ├── auth-mysql.c │ ├── auth-mysql.h │ ├── auth-pgsql.c │ ├── auth-pgsql.h │ ├── plugin-mysql.c │ ├── plugin-mysql.h │ ├── plugin-pgsql.c │ ├── plugin-pgsql.h │ ├── plugin.c │ ├── plugin.h │ ├── str.c │ └── str.h │ └── stamp-h1 └── web ├── admin ├── .list ├── admin.tmpl ├── config.ini ├── index.html └── main.cgi └── user ├── .list ├── config.ini ├── coupon ├── config.ini ├── coupon_credit.cgi ├── index.html └── validate.cgi ├── cp ├── change_password.cgi ├── config.ini ├── index.html └── query.cgi ├── create.cgi ├── create.html ├── css ├── pardiff.css └── reset.css ├── help.html ├── images ├── advantage-bottom.gif ├── advantage-bottom.gif.zip ├── advantage-content.gif ├── advantage-top.gif ├── button.gif ├── footer.gif ├── menu-padding-left.gif ├── menu-padding-right.gif ├── pardiff_03.gif ├── pardiff_04.gif ├── pardiff_05.gif ├── pardiff_06.gif ├── pardiff_07.gif ├── pardiff_08.gif ├── pardiff_09.gif ├── pardiff_10.gif ├── pardiff_11.gif ├── pardiff_12.gif ├── pardiff_13.gif ├── pardiff_14.gif ├── pardiff_15.gif ├── pardiff_16.gif ├── pardiff_17.gif ├── pardiff_19.gif ├── pardiff_22.gif ├── pardiff_23.gif ├── pardiff_25.gif ├── pardiff_27.gif ├── price-bottom.gif ├── price-content.gif ├── price-top.gif └── spacer.gif ├── index.html ├── js └── function.js ├── style ├── main.css └── reset.css ├── ticket ├── config.ini ├── create.cgi ├── create.tmpl ├── index.cgi ├── index.tmpl ├── view.cgi └── view.tmpl └── tutorial ├── AndroidVPN.pdf ├── AndroidVPN.zip ├── index.html ├── macos-1.zip ├── manual.doc ├── manual.pdf ├── vpn.pardiff.com.gif └── windows-1.zip /README.md: -------------------------------------------------------------------------------- 1 | # 请注意,这个Pardiff VPN是很多年前我不是很懂web的时候做的,我觉得不是很适合作为生产环境使用,小心谨慎 2 | 3 | 4 | # ParDiff VPN source code 5 | 6 | Features of ParDiff VPN includes, 7 | * Generic password for OpenVPN, PPTP, Web Login 8 | * Charge users by traffic 9 | * Detailed recording system 10 | * Price/Usage separated 11 | * Usage can be sold as voucher/SN, xtremely easy to manage 12 | * Graphic report system 13 | * Massive mail-out system 14 | * Support system (ticket system) 15 | 16 | It is consisted of the following several components, 17 | * static web site 18 | * database schema - store all billing information 19 | * cronjobs - generate usage accounting, aggregation, reporting, monitoring traffic 20 | * init scripts - mainly security settings, protect system from hacker attack or inappropriate user activities 21 | * cgi interfaces 22 | - admin interface 23 | - user interface 24 | * interface with AliPay API (not released yet) 25 | * scripts to generate/remove/manage credit points 26 | 27 | To be functioning, administrators are required to install the following packages. They are packaged separately to avoid license issue. They are *NOT* part of this software. 28 | * modified openvpn and pptp plugins 29 | 30 | -------------------------------------------------------------------------------- /SECURITY: -------------------------------------------------------------------------------- 1 | SECURITY NOTES 2 | 3 | Goal of ParDiff VPN system is to be generic and easy to 4 | use/configure. *ParDiff VPN is not designed to be secure.* 5 | 6 | Risk issue includes all users' passwords are stored as clear text in 7 | database. This is because pptp CHAP requires password to be known both 8 | at server side and client side. 9 | -------------------------------------------------------------------------------- /payment/web/db.sql: -------------------------------------------------------------------------------- 1 | drop table payment_transactions; 2 | 3 | create table payment_transactions ( 4 | id int not null auto_increment, 5 | subject varchar(200) not null, 6 | body varchar(2000) not null, 7 | total int(10) not null, 8 | traffic int(10) not null COMMENT 'gigabytes', 9 | username varchar(200) not null, 10 | status ENUM ('UNPAID', 'PAID', 'CHARGED', 'REVOKED'), 11 | `type` ENUM('VPN'), 12 | alipay_trarde_no VARCHAR(2000) default NULL, 13 | alipay_buyer_email VARCHAR(2000) default NULL, 14 | primary key (id)) ENGINE=InnoDB CHARSET=utf8; 15 | 16 | 17 | insert into payment_transactions (subject, body, total, traffic, username, status, `type`) values ('从前有座山', '山上有座庙', 1, 10, 'test', 'UNPAID', 'VPN'); 18 | -------------------------------------------------------------------------------- /payment/web/payment/db-config.php: -------------------------------------------------------------------------------- 1 | prepare("SELECT password FROM login WHERE username = ?")) { 16 | $stmt->bind_param("s", $username); 17 | $stmt->execute(); 18 | $stmt->bind_result($password); 19 | 20 | $ret_ref = $stmt->fetch(); 21 | if ($ret_ref) { 22 | return array('username' => $username, 23 | 'password' => $password); 24 | } 25 | } 26 | 27 | return false; 28 | } 29 | 30 | function require_login() 31 | { 32 | global $config; 33 | global $mysqli; 34 | global $current_user; 35 | 36 | session_start(); 37 | 38 | $given_password = $_SESSION['password']; 39 | $given_username = $_SESSION['username']; 40 | 41 | $user = get_user($given_username); 42 | if ($user && $given_password == sha1($given_username + $user['password'] + $given_username)) { 43 | 44 | $current_user = $given_username; 45 | return $current_user; 46 | } 47 | 48 | header("Location: {$config[login_page]}"); 49 | exit(0); 50 | } 51 | 52 | 53 | ?> -------------------------------------------------------------------------------- /payment/web/payment/header.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /payment/web/payment/img/Thumbs.db: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/payment/web/payment/img/Thumbs.db -------------------------------------------------------------------------------- /payment/web/payment/img/alipay.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/payment/web/payment/img/alipay.gif -------------------------------------------------------------------------------- /payment/web/payment/log.txt: -------------------------------------------------------------------------------- 1 |  -------------------------------------------------------------------------------- /payment/web/payment/login.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 请登录 5 | 6 | 7 | 8 |

请登录

9 | 10 |
11 |

用户名:

12 |

密码:

13 |

14 |
15 | 16 | 17 | 18 |
19 |
20 | Last modified: Sun Jun 13 20:54:51 EST 2010 21 | 22 | -------------------------------------------------------------------------------- /payment/web/payment/login.php: -------------------------------------------------------------------------------- 1 | prepare("SELECT * FROM login WHERE username = ? AND password = ?")) { 16 | $stmt->bind_param("ss", $username, $password); 17 | $stmt->execute(); 18 | if ($stmt->fetch()) { 19 | session_start(); 20 | $_SESSION['username'] = $username; 21 | $_SESSION['password'] = sha1($username + $password + $username); 22 | header("Location: {$config[view_page]}"); 23 | exit(0); 24 | } 25 | } 26 | 27 | // check password ref 28 | // check the trasaction 29 | // if there is, show to user 30 | 31 | header("Location: {$config[login_page]}"); 32 | ?> 33 | 34 | -------------------------------------------------------------------------------- /payment/web/payment/notify_url.php: -------------------------------------------------------------------------------- 1 | notify_verify(); //计算得出通知验证结果 25 | 26 | if($verify_result) { 27 | //验证成功 28 | //获取支付宝的反馈参数 29 | $dingdan = $_POST['out_trade_no']; //获取支付宝传递过来的订单号 30 | $total = $_POST['total_fee']; //获取支付宝传递过来的总价格 31 | $sOld_trade_status = "1"; //获取商户数据库中查询得到该笔交易当前的交易状态 32 | /*假设: 33 | sOld_trade_status="0";表示订单未处理; 34 | sOld_trade_status="1";表示交易成功(TRADE_FINISHED/TRADE_SUCCESS); 35 | */ 36 | if($_POST['trade_status'] == 'TRADE_FINISHED' ||$_POST['trade_status'] == 'TRADE_SUCCESS') { //交易成功结束 37 | //放入订单交易完成后的数据库更新程序代码,请务必保证echo输出的信息只有 success 38 | //为了保证不被重复发送通知,或重复执行数据库更新程序,请判断该笔交易状态是否是订单未处理状态 39 | if($sOld_trade_status < 1) { 40 | //根据订单号更新订单,把订单处理成交易成功 41 | } 42 | echo "success"; 43 | 44 | //调试用,写文本函数记录程序运行情况是否正常 45 | log_result("这里写入想要调试的代码变量值,或其他运行的结果记录"); 46 | } 47 | else { 48 | echo "success"; //其他状态判断。普通即时到帐中,其他状态不用判断,直接打印success。 49 | 50 | //调试用,写文本函数记录程序运行情况是否正常 51 | //log_result ("这里写入想要调试的代码变量值,或其他运行的结果记录"); 52 | } 53 | } 54 | else { 55 | //验证失败 56 | echo "fail"; 57 | 58 | //调试用,写文本函数记录程序运行情况是否正常 59 | //log_result ("这里写入想要调试的代码变量值,或其他运行的结果记录"); 60 | } 61 | ?> -------------------------------------------------------------------------------- /scripts/etc/init.d/pptpd-iptables: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | echo 1 > /proc/sys/net/ipv4/ip_forward 4 | 5 | iptables -F 6 | iptables -F -t nat 7 | iptables -t nat -A POSTROUTING -s 10.1.1.1/24 -o eth0 -j MASQUERADE 8 | iptables -t nat -A POSTROUTING -s 10.9.0.1/24 -o eth0 -j MASQUERADE 9 | iptables -t nat -A POSTROUTING -s 10.8.0.1/24 -o eth0 -j MASQUERADE 10 | 11 | # database security settings 12 | iptables -A INPUT -s 10.1.1.1/24 -p tcp --dport 3306 -j DROP 13 | iptables -A INPUT -s 10.8.0.1/24 -p tcp --dport 3306 -j DROP 14 | iptables -A INPUT -s 10.9.0.1/24 -p tcp --dport 3306 -j DROP 15 | iptables -A INPUT -s 127.0.0.1 -p tcp --dport 3306 -j ACCEPT 16 | iptables -A INPUT -p tcp --dport 3306 -j DROP 17 | 18 | # do now allow port 25, no outbound spam 19 | iptables -A INPUT -p tcp --dport 25 -j DROP 20 | 21 | # no ebay access 22 | iptables -A INPUT -j DROP -d 66.211.160.88 23 | iptables -A INPUT -j DROP -d 66.135.205.13 24 | iptables -A INPUT -j DROP -d 66.135.205.14 25 | iptables -A INPUT -j DROP -d 66.211.160.87 26 | iptables -A INPUT -j DROP -d 64.4.241.45 27 | iptables -A INPUT -j DROP -d 66.211.169.66 28 | iptables -A INPUT -j DROP -d 64.4.241.61 29 | iptables -A INPUT -j DROP -d 66.211.169.3 30 | iptables -A INPUT -j DROP -d 66.135.215.61 31 | iptables -A INPUT -j DROP -d 66.135.200.23 32 | 33 | # 443 -> 1194 port forwarding, in case ISP bans 1194 openvpn 34 | iptables -t nat -I PREROUTING -p udp -d 67.223.233.193 --dport 443 -j REDIRECT --to-ports 1194 35 | iptables -t nat -I PREROUTING -p udp -d 173.230.156.83 --dport 443 -j REDIRECT --to-ports 1194 36 | -------------------------------------------------------------------------------- /scripts/opt/pardiff/scripts/.list: -------------------------------------------------------------------------------- 1 | script list 2 | 3 | -- [M] utility script, called by admin manually 4 | -- [C] cronjob script, called from crontab 5 | -- [P] gnuplot script, called by gnuplot 6 | -- [S] generic script, called by program 7 | 8 | [M] generate-coupons.pl - generate coupons 9 | [M] check-status-coupon.pl - check if a coupon is already used or not 10 | 11 | [C] connections_st.pl - record concurrent TCP/UDP connections number periodically, can be treated as system health indicator 12 | [C] traffic_st.pl - record network usage information (traffic) periodically 13 | [C] data_acq.pl - retrieve and format system status from database and output to corresponding files 14 | [C] expire.pl - close/warn expired accounts 15 | [C] openvpn-refresh.pl - log openvpn users' usage situation and write back to database 16 | [C] update_traffic.pl - terminate all connections without positive credit 17 | 18 | [P] draw - draw connections chart 19 | [P] draw-traffic - draw traffic chart 20 | 21 | [S] mysql-ip-{down,up} - scripts called by pppd, check if user's billing info 22 | -------------------------------------------------------------------------------- /scripts/opt/pardiff/scripts/check-status-coupon.pl: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | 3 | use strict; 4 | use warnings; 5 | 6 | use DBI; 7 | use Data::Dumper; 8 | use Digest::MD5 qw(md5 md5_hex); 9 | 10 | my $dsn = "DBI:mysql:database=ppp;host=127.0.0.1;port=3306"; 11 | my $dbh = DBI->connect($dsn, 'vpn', 'vpn'); 12 | 13 | if (scalar(@ARGV) != 1) { 14 | die 'check-status-coupon.pl coupon'; 15 | } 16 | 17 | my ($coupon) = @ARGV; 18 | 19 | my $part_token = substr($coupon, 0,16) . '%'; 20 | my $part_pass = '%' . substr($coupon, 16, 16); 21 | 22 | my $sth = $dbh->prepare("SELECT * FROM coupons WHERE token LIKE ? AND pass LIKE ?"); 23 | $sth->execute($part_token, $part_pass); 24 | 25 | my $ref = $sth->fetchrow_hashref(); 26 | if ($ref && $ref->{status} eq 'N') { 27 | print "OK\n"; 28 | } 29 | else { 30 | print "wrong!\n"; 31 | } 32 | 33 | -------------------------------------------------------------------------------- /scripts/opt/pardiff/scripts/connections_st.pl: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | 3 | use strict; 4 | use warnings; 5 | 6 | use DBI; 7 | 8 | my $dsn = "DBI:mysql:database=ppp;host=127.0.0.1;port=3306"; 9 | my $dbh = DBI->connect($dsn, 'vpn', 'vpn'); 10 | 11 | open CFH, ") { 15 | $count++; 16 | } 17 | 18 | my $sth = $dbh->prepare("INSERT INTO connection_logs (ts, connections) VALUES (NOW(), ?)"); 19 | $sth->execute($count); 20 | -------------------------------------------------------------------------------- /scripts/opt/pardiff/scripts/data_acq.pl: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | 3 | use strict; 4 | use warnings; 5 | 6 | use DBI; 7 | 8 | my $dsn = "DBI:mysql:database=ppp;host=127.0.0.1;port=3306"; 9 | my $dbh = DBI->connect($dsn, 'vpn', 'vpn'); 10 | 11 | 12 | open TRAFFIC_FH, ">/tmp/traffic-stat" or die 'Can not open /tmp/traffic-stat for writing'; 13 | 14 | my $sth = $dbh->prepare('SELECT * FROM traffic_logs WHERE ts > DATE_SUB(NOW(), interval 2 day) ORDER BY id DESC'); 15 | $sth->execute(); 16 | while (my $ref = $sth->fetchrow_hashref()) 17 | { 18 | print TRAFFIC_FH "$ref->{id} $ref->{traffic}\n"; 19 | } 20 | close TRAFFIC_FH; 21 | 22 | open CONN_FH, ">/tmp/conn-stat" or die 'Can not open /tmp/conn-stat for writing.'; 23 | $sth = $dbh->prepare('SELECT * FROM connection_logs WHERE ts > DATE_SUB(NOW(), interval 2 day) ORDER BY id DESC'); 24 | $sth->execute(); 25 | while (my $ref = $sth->fetchrow_hashref()) 26 | { 27 | print CONN_FH "$ref->{id} $ref->{connections}\n"; 28 | } 29 | close CONN_FH; 30 | 31 | 32 | -------------------------------------------------------------------------------- /scripts/opt/pardiff/scripts/draw: -------------------------------------------------------------------------------- 1 | set terminal png 2 | set output "/var/www/vpn.pardiff.com/admin/ccconnections.png" 3 | 4 | plot "/tmp/conn-stat" 5 | -------------------------------------------------------------------------------- /scripts/opt/pardiff/scripts/draw-traffic: -------------------------------------------------------------------------------- 1 | set terminal png 2 | set output "/var/www/vpn.pardiff.com/admin/trafficc.png" 3 | 4 | plot "/tmp/traffic-stat" 5 | -------------------------------------------------------------------------------- /scripts/opt/pardiff/scripts/generate-coupons.pl: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | 3 | use strict; 4 | use warnings; 5 | 6 | use DBI; 7 | use Data::Dumper; 8 | use Digest::MD5 qw(md5 md5_hex); 9 | 10 | my $dsn = "DBI:mysql:database=ppp;host=127.0.0.1;port=3306"; 11 | my $dbh = DBI->connect($dsn, 'vpn', 'vpn'); 12 | 13 | if (scalar(@ARGV) != 5) { 14 | die 'generate-coupons.pl credit(in MB) amount expire_days filename notes'; 15 | } 16 | 17 | my ($credit, $amount, $expire_days, $filename, $notes) = @ARGV; 18 | $credit = $credit * 1024 * 1024; 19 | 20 | open COUPON_FH, ">${filename}" or die "Can not open ${filename} for write\n"; 21 | 22 | sub _generate_salt() 23 | { 24 | my $salt = ''; 25 | foreach (1..5) { 26 | $salt .= md5_hex(rand(100000)); 27 | } 28 | 29 | return $salt; 30 | } 31 | 32 | my $sth = $dbh->prepare("INSERT INTO coupons (status, credit, generator, token, pass, salt, ts, expire, notes ) VALUES ('N', ?, 'console', ?, ?, ?, NOW(), ?, ?)"); 33 | foreach (1..$amount) { 34 | my $salt = _generate_salt(); 35 | my $token = md5_hex($salt); 36 | my $pass = md5_hex($token . $salt); 37 | 38 | $sth->execute($credit, $token, $pass, $salt, $expire_days, $notes); 39 | 40 | print COUPON_FH substr($token, 0, 16), substr($pass, 16, 16), "\n"; 41 | } 42 | 43 | close COUPON_FH; 44 | -------------------------------------------------------------------------------- /scripts/opt/pardiff/scripts/mysql-ip-down: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | use warnings; 3 | use strict; 4 | 5 | use Data::Dumper; 6 | 7 | use DBI; 8 | 9 | my $dsn = "DBI:mysql:database=ppp;host=127.0.0.1;port=3306"; 10 | my $dbh = DBI->connect($dsn, 'vpn', 'vpn'); 11 | 12 | 13 | # $VAR1 = 'ppp0'; 14 | # $VAR2 = '/dev/pts/1'; 15 | # $VAR3 = '115200'; 16 | # $VAR4 = '10.1.1.1'; 17 | # $VAR5 = '10.1.1.10'; 18 | # $VAR6 = '114.78.118.213'; 19 | # $VAR7 = 'qsun'; 20 | # $VAR8 = '1424'; 21 | # $VAR9 = '0'; 22 | # $VAR10 = '6'; 23 | 24 | if (scalar(@ARGV) != 10) { 25 | open FH, '>/tmp/mysql-ip-down'; 26 | print FH 'we are fucked.', "\n"; 27 | 28 | print FH Dumper(@ARGV); 29 | 30 | exit(1); 31 | } 32 | 33 | my ($interface, $dev, $bps, $server_ip, $client_ip, $ip, $username, $send, $recv, $duration) = @ARGV; 34 | 35 | my $sth = $dbh->prepare("UPDATE connections SET connection_traffic = ?, end_time = now() WHERE username = ? AND end_time < start_time AND interface = ?"); 36 | $sth->execute($send + $recv, $username, $interface); 37 | 38 | $sth = $dbh->prepare("UPDATE login SET credit = credit - ? WHERE username = ? LIMIT 1"); 39 | $sth->execute($send + $recv, $username); 40 | 41 | 42 | $sth = $dbh->prepare("INSERT INTO logs (ts, event) VALUES (NOW(), ?)"); 43 | $sth->execute("[logout] User: ${username}, IP: ${ip}, traffic: " . ($send + $recv) . ' bytes'); 44 | -------------------------------------------------------------------------------- /scripts/opt/pardiff/scripts/mysql-ip-up: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | use warnings; 3 | use strict; 4 | 5 | use Data::Dumper; 6 | 7 | use DBI; 8 | 9 | my $dsn = "DBI:mysql:database=ppp;host=127.0.0.1;port=3306"; 10 | my $dbh = DBI->connect($dsn, 'vpn', 'vpn'); 11 | 12 | # li144-65:/tmp# cat mysql-ip-up 13 | # $VAR1 = 'ppp0'; 14 | # $VAR2 = '/dev/pts/1'; 15 | # $VAR3 = '115200'; 16 | # $VAR4 = '10.1.1.1'; 17 | # $VAR5 = '10.1.1.10'; 18 | # $VAR6 = '114.78.118.213'; 19 | # $VAR7 = 'qsun'; 20 | 21 | if (scalar(@ARGV) != 7) { 22 | open FH, '>/tmp/mysql-ip-up'; 23 | print FH 'we are fucked.', "\n"; 24 | 25 | print FH Dumper(@ARGV); 26 | 27 | exit(1); 28 | } 29 | 30 | my ($interface, $dev, $bps, $server_ip, $client_ip, $ip, $username) = @ARGV; 31 | my $ppid = getppid(); 32 | 33 | # close old connection 34 | my $sth = $dbh->prepare("UPDATE connections SET end_time = NOW() where interface = ? AND (end_time < start_time OR end_time IS NULL)"); 35 | $sth->execute($interface); 36 | 37 | $sth = $dbh->prepare("INSERT INTO connections (username, ip, interface, ppid) VALUES (?, ?, ?, ?)"); 38 | $sth->execute($username, $ip, $interface, $ppid); 39 | 40 | $sth = $dbh->prepare("INSERT INTO logs (ts, event) VALUES (NOW(), ?)"); 41 | $sth->execute("[login] User: ${username}, IP: ${ip}"); 42 | -------------------------------------------------------------------------------- /scripts/opt/pardiff/scripts/report.pl: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | 3 | use strict; 4 | use warnings; 5 | use DBI; 6 | use Email::Valid; 7 | 8 | my $dsn = "DBI:mysql:database=ppp;host=127.0.0.1;port=3306"; 9 | my $dbh = DBI->connect($dsn, 'vpn', 'vpn'); 10 | 11 | 12 | sub email_to_address($$$) 13 | { 14 | my ($email, $subject, $content) = @_; 15 | # print $content, "\n"; 16 | # return; 17 | if (Email::Valid->address($email)) { 18 | open MAIL_FH, "|mail -a 'From: support\@pardiff.com' -s '${subject}' ${email}"; 19 | print MAIL_FH $content; 20 | close MAIL_FH; 21 | } 22 | } 23 | 24 | my ($Second, $Minute, $Hour, $Day, $Month, $Year, $WeekDay, $DayOfYear, $IsDST) = localtime(time); 25 | 26 | my $subject = '今日流量报告 - ' . $Month .'月' . $Day . '日'; 27 | 28 | my $sth = $dbh->prepare("SELECT DISTINCT(connections.username) AS username, login.email AS email FROM login JOIN connections ON connections.username = login.username WHERE report = 'DAILY' AND connections.start_time > DATE_SUB(NOW(), interval 1 day) "); 29 | $sth->execute(); 30 | 31 | while (my $ref = $sth->fetchrow_hashref()) { 32 | my $user_sth = $dbh->prepare("SELECT * FROM connections WHERE username = ? AND start_time > DATE_SUB(NOW(), interval 1 day)"); 33 | $user_sth->execute($ref->{username}); 34 | 35 | my $content = $ref->{username} . ' 今日连接状况:' ."\n"; 36 | 37 | my $traffic = 0; 38 | 39 | while (my $cref = $user_sth->fetchrow_hashref()) { 40 | $content .= "From " . $cref->{start_time} . " to " . $cref->{end_time} . " traffic: " . ($cref->{connection_traffic} > 1024 * 1024 ? int($cref->{connection_traffic} / 1024 / 1024) . ' MB' : $cref->{connection_traffic} . ' B') . " IP: " . $cref->{ip} . "\n"; 41 | $traffic += $cref->{connection_traffic}; 42 | } 43 | 44 | $content .= '共计' . ($traffic > 1024 * 1024 ? int($traffic/1024/1024) . ' MB' : $traffic . ' B') . "\n"; 45 | 46 | email_to_address($ref->{email}, $subject, $content); 47 | } 48 | -------------------------------------------------------------------------------- /scripts/opt/pardiff/scripts/traffic_st.pl: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | 3 | use strict; 4 | use warnings; 5 | 6 | use DBI; 7 | 8 | my $dsn = "DBI:mysql:database=ppp;host=127.0.0.1;port=3306"; 9 | my $dbh = DBI->connect($dsn, 'vpn', 'vpn'); 10 | 11 | my $sth = $dbh->prepare("SELECT sum(connection_traffic) AS traffic FROM connections"); 12 | $sth->execute; 13 | 14 | my $ref = $sth->fetchrow_hashref(); 15 | my $traffic = $ref->{traffic}; 16 | 17 | $sth = $dbh->prepare("INSERT INTO traffic_logs (ts, traffic) VALUES (NOW(), ?)"); 18 | $sth->execute($traffic); 19 | -------------------------------------------------------------------------------- /src/Net-OpenVPN-Manage-0.02/META.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Net-OpenVPN-Manage 3 | version: 0.01 4 | author: Aaron Meyer 5 | abstract: A perl module to manage an OpenVPN instance via it's network management port. 6 | license: perl 7 | requires: 8 | Net::Telnet 9 | provides: 10 | Net::OpenVPN::Manage: 11 | file: lib/Net/OpenVPN/Manage.pm 12 | version: 0.01 13 | -------------------------------------------------------------------------------- /src/Net-OpenVPN-Manage-0.02/Makefile.PL: -------------------------------------------------------------------------------- 1 | use ExtUtils::MakeMaker; 2 | 3 | WriteMakefile( 4 | NAME => 'Net::OpenVPN::Manage', 5 | VERSION_FROM => 'lib/Net/OpenVPN/Manage.pm', 6 | PREREQ_PM => { Test::More => 0 }, 7 | PL_FILES => {}, 8 | ABSTRACT_FROM => 'lib/Net/OpenVPN/Manage.pm', 9 | AUTHOR => 'Aaron Meyer ', 10 | ); -------------------------------------------------------------------------------- /src/Net-OpenVPN-Manage-0.02/README: -------------------------------------------------------------------------------- 1 | Net::OpenVPN::Manage 2 | 3 | Interact with a running OpenVPN 2.0.X process 4 | via it's management interface. 5 | 6 | Perl Version: 7 | 5.6.x or 5.8.x both work fine. 8 | 9 | Requirements: 10 | Net::Telnet - I use version 3.03, but any should do. 11 | 12 | Installation: 13 | Un-tar-gzip the archive, this is pure perl so no compiler needed 14 | Win32 systems will need the free nmake tool from microsoft per usual. 15 | There really isn't anything to test against when installing so no testing is available. 16 | 17 | Unix/Linux: 18 | perl ./Makefile.PL 19 | make 20 | make install 21 | 22 | Win32: 23 | perl .\Makefile.PL 24 | nmake 25 | nmake install 26 | 27 | 28 | Note: 29 | This module is fairly rudimentary, if you have any problems give it a quick 30 | look through. I have tested it against beta 2.0 OpenVPN releases and am using it now 31 | with the 2.0.7 release. I have NOT tried this with the current BETA 2.1 release. 32 | 33 | For information on how to use the supplied methods do a `perldoc Net::OpenVPN::Manage` -------------------------------------------------------------------------------- /src/Net-OpenVPN-Manage-0.02/eg/OpenVPN_Status.cgi: -------------------------------------------------------------------------------- 1 | use strict; 2 | use CGI; 3 | use Net::OpenVPN::Manage; 4 | 5 | my $cgi=CGI->new(); 6 | print $cgi->header(); 7 | 8 | my $vpn=Net::OpenVPN::Manage->new({host=>'10.250.8.2', port=>'6000', password=>'password', timeout=>'5'}); 9 | unless ($vpn->connect()){ 10 | print $vpn->{error_msg}."\n\n"; 11 | exit 0; 12 | } 13 | 14 | my $r=$vpn->status_ref(); 15 | print qq||; 16 | foreach my $heading ( @{$r->{HEADER}{CLIENT_LIST}} ){ 17 | print qq||; 18 | } 19 | print qq||; 20 | foreach my $aref ( @{$r->{CLIENT_LIST}} ){ 21 | print qq||; 22 | foreach my $r ( @{$aref} ){ 23 | print qq||; 24 | } 25 | print qq||; 26 | } 27 | print qq|
$heading
$r
|; 28 | 29 | -------------------------------------------------------------------------------- /src/Net-OpenVPN-Manage-0.02/eg/manage.pl: -------------------------------------------------------------------------------- 1 | #!/usr/local/bin/perl 2 | 3 | use Net::OpenVPN::Manage; 4 | use strict; 5 | 6 | # This is a very simple comand line tool 7 | # using the Net::OpenVPN::Mange module 8 | # to control an OpenVPN process via it's management interface. 9 | 10 | my $host = $ARGV[0]; 11 | my $port = $ARGV[1]; 12 | my $password = $ARGV[2]; 13 | my $cmd = $ARGV[3]; 14 | my $arg = $ARGV[4]; 15 | my $return; 16 | 17 | if ( ! $host || ! $port || ! $password || ! $cmd ){ 18 | print < [argument] 21 | 22 | Commands: auth-retry, echo, help, hold, kill, log, mute, signal, state, verb, version 23 | 24 | END_HELP 25 | ; 26 | exit 1; 27 | } 28 | 29 | my $vpn = Net::OpenVPN::Manage->new({host=>$host, port=>$port, password=>$password, timeout=>5}); 30 | unless ($vpn->connect()){ 31 | print $vpn->{error_msg}."\n\n"; 32 | exit 0; 33 | } 34 | 35 | # Here is the if block to process the method desired with the argument. 36 | if ( $cmd eq 'auth-retry' ){ 37 | $return = $vpn->auth_retry($arg); 38 | } elsif ( $cmd eq 'echo' ){ 39 | $return = $vpn->echo($arg); 40 | } elsif (($cmd eq 'help')||($cmd eq '')){ 41 | $return = $vpn->help(); 42 | } elsif ( $cmd eq 'hold' ){ 43 | $return = $vpn->hold($arg); 44 | } elsif ( $cmd eq 'kill' ){ 45 | $return = $vpn->kill($arg); 46 | } elsif ( $cmd eq 'log' ){ 47 | $return = $vpn->log($arg); 48 | } elsif ( $cmd eq 'mute' ){ 49 | $return = $vpn->mute($arg); 50 | } elsif ( $cmd eq 'signal' ){ 51 | $return = $vpn->signal($arg); 52 | } elsif ( $cmd eq 'state' ){ 53 | $return = $vpn->state($arg); 54 | } elsif ( $cmd eq 'status' ){ 55 | $return = $vpn->status($arg); 56 | } elsif ( $cmd eq 'test' ){ 57 | $return = $vpn->test($arg); 58 | } elsif ( $cmd eq 'verb' ){ 59 | $return = $vpn->verb($arg); 60 | } elsif ( $cmd eq 'version' ){ 61 | $return = $vpn->version(); 62 | } 63 | 64 | # The Net::OpenVPN::Manage methods return false or '0' on any error. 65 | # Catch the false return, and print the returned error message from the object. 66 | if ($return){ 67 | print $return; 68 | } else { 69 | print $vpn->{error_msg}."\n\n"; 70 | exit 0; 71 | } -------------------------------------------------------------------------------- /src/Net-OpenVPN-Manage-0.02/eg/testing.html: -------------------------------------------------------------------------------- 1 | Content-Type: text/html; charset=ISO-8859-1 2 | 3 |
Common NameReal AddressVirtual AddressBytes ReceivedBytes SentConnected SinceConnected Since (time_t) 4 |
meyera65.165.4.68:3013010.250.3.6368603450290543Mon Jul 10 08:11:03 20061152537063 5 |
-------------------------------------------------------------------------------- /src/myopenvpn/build: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # gcc -s mysql-ovpn.c -o mysql-ovpn.o -I /usr/include/mysql/ -lmysqlclient 4 | gcc -O2 -Wall -fPIC -c -I../.. -I/usr/include/mysql $1.c 5 | gcc -fPIC -shared -Wl,-soname,$1.so -lmysqlclient -o $1.so $1.o -lc 6 | -------------------------------------------------------------------------------- /src/myopenvpn/dump.sql: -------------------------------------------------------------------------------- 1 | -- MySQL dump 10.9 2 | -- 3 | -- Host: localhost Database: openvpn 4 | -- ------------------------------------------------------ 5 | -- Server version 4.1.14-log 6 | 7 | /*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */; 8 | /*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */; 9 | /*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */; 10 | /*!40101 SET NAMES latin1 */; 11 | /*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */; 12 | /*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */; 13 | /*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */; 14 | /*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */; 15 | 16 | -- 17 | -- Current Database: `openvpn` 18 | -- 19 | 20 | CREATE DATABASE /*!32312 IF NOT EXISTS*/ `openvpn` /*!40100 DEFAULT CHARACTER SET latin1 */; 21 | 22 | USE `openvpn`; 23 | 24 | -- 25 | -- Table structure for table `utenti` 26 | -- 27 | 28 | DROP TABLE IF EXISTS `utenti`; 29 | CREATE TABLE `utenti` ( 30 | `id` int(255) NOT NULL auto_increment, 31 | `user` varchar(255) NOT NULL default '', 32 | `pass` varchar(255) NOT NULL default '', 33 | `active` char(1) NOT NULL default '1', 34 | PRIMARY KEY (`id`) 35 | ) ENGINE=MyISAM DEFAULT CHARSET=latin1; 36 | 37 | -- 38 | -- Dumping data for table `utenti` 39 | -- 40 | 41 | 42 | /*!40000 ALTER TABLE `utenti` DISABLE KEYS */; 43 | LOCK TABLES `utenti` WRITE; 44 | INSERT INTO `utenti` VALUES (5,'test','378b243e220ca493','1'); 45 | UNLOCK TABLES; 46 | /*!40000 ALTER TABLE `utenti` ENABLE KEYS */; 47 | 48 | /*!40101 SET SQL_MODE=@OLD_SQL_MODE */; 49 | /*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */; 50 | /*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */; 51 | /*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */; 52 | /*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */; 53 | /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */; 54 | /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */; 55 | 56 | -------------------------------------------------------------------------------- /src/myopenvpn/note.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/src/myopenvpn/note.txt -------------------------------------------------------------------------------- /src/openvpn-2.1.1/AUTHORS: -------------------------------------------------------------------------------- 1 | James Yonan 2 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/INSTALL-win32.txt: -------------------------------------------------------------------------------- 1 | IMPORTANT NOTE FOR VISTA USERS 2 | 3 | Note that on Windows Vista, you will need to run the OpenVPN 4 | GUI with administrator privileges, so that it can add routes 5 | to the routing table that are pulled from the OpenVPN server. 6 | You can do this by right-clicking on the OpenVPN GUI 7 | desktop icon, and selecting "Run as administrator". 8 | 9 | GENERAL QUICKSTART FOR WINDOWS 10 | 11 | The OpenVPN Client requires a configuration file 12 | and key/certificate files. You should obtain 13 | these and save them to \Program Files\OpenVPN\config. 14 | 15 | To start OpenVPN, first run the OpenVPN GUI by double 16 | clicking on the desktop icon or start menu icon. 17 | 18 | The OpenVPN GUI is a system-tray applet, so an icon for the 19 | GUI will appear in the lower-right corner of the screen. 20 | Right click on the system tray icon, and a menu should appear 21 | showing the names of your OpenVPN configuration files, and 22 | giving you the option to connect. 23 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/NEWS: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/src/openvpn-2.1.1/NEWS -------------------------------------------------------------------------------- /src/openvpn-2.1.1/base64.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/src/openvpn-2.1.1/base64.c -------------------------------------------------------------------------------- /src/openvpn-2.1.1/base64.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/src/openvpn-2.1.1/base64.h -------------------------------------------------------------------------------- /src/openvpn-2.1.1/basic.h: -------------------------------------------------------------------------------- 1 | /* 2 | * OpenVPN -- An application to securely tunnel IP networks 3 | * over a single UDP port, with support for SSL/TLS-based 4 | * session authentication and key exchange, 5 | * packet encryption, packet authentication, and 6 | * packet compression. 7 | * 8 | * Copyright (C) 2002-2009 OpenVPN Technologies, Inc. 9 | * 10 | * This program is free software; you can redistribute it and/or modify 11 | * it under the terms of the GNU General Public License version 2 12 | * as published by the Free Software Foundation. 13 | * 14 | * This program is distributed in the hope that it will be useful, 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | * GNU General Public License for more details. 18 | * 19 | * You should have received a copy of the GNU General Public License 20 | * along with this program (see the file COPYING included with this 21 | * distribution); if not, write to the Free Software Foundation, Inc., 22 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23 | */ 24 | 25 | #ifndef BASIC_H 26 | #define BASIC_H 27 | 28 | /* bool definitions */ 29 | #ifndef bool 30 | #define bool int 31 | #endif 32 | 33 | #ifndef true 34 | #define true 1 35 | #endif 36 | 37 | #ifndef false 38 | #define false 0 39 | #endif 40 | 41 | #define BOOL_CAST(x) ((x) ? (true) : (false)) 42 | 43 | /* size of an array */ 44 | #define SIZE(x) (sizeof(x)/sizeof(x[0])) 45 | 46 | /* clear an object */ 47 | #define CLEAR(x) memset(&(x), 0, sizeof(x)) 48 | 49 | #endif 50 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/contrib/README: -------------------------------------------------------------------------------- 1 | This directory contains scripts and patches contributed 2 | by users. 3 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/contrib/openvpn-fwmarkroute-1.00/README: -------------------------------------------------------------------------------- 1 | OpenVPN fwmark Routing 2 | Sean Reifschneider, 3 | Thursday November 27, 2003 4 | ========================== 5 | 6 | These scripts can be used with OpenVPN up and down scripts to set up 7 | routing on a Linux system such that the VPN traffic is sent via normal 8 | network connectivity, but other traffic to that network runs over the VPN. 9 | The idea is to allow encryption of data to the network the remote host is 10 | on, without interfering with the VPN traffic. You can't simply add a route 11 | to the remote network, becaues that will cause the VPN traffic to also try 12 | to run over the VPN, and breaks the VPN. 13 | 14 | These scripts use the Linux "fwmark" iptables rules to specify routing 15 | based not only on IP address, but also by port and protocol. This allows 16 | you to effectively say "if the packet is to this IP address on this port 17 | using this protocol, then use the normal default gateway, otherwise use the 18 | VPN gateway. 19 | 20 | This is set up on the client VPN system, not the VPN server. These scripts 21 | also set up all ICMP echo-responses to run across the VPN. You can 22 | comment the lines in the scripts to disable this, but I find this useful 23 | at coffee shops which have networks that block ICMP. 24 | 25 | To configure this, you need to set up these scripts as your up and down 26 | scripts in the config file. You will need to set these values in the 27 | config file: 28 | 29 | up /etc/openvpn/fwmarkroute.up 30 | down /etc/openvpn/fwmarkroute.down 31 | up-restart 32 | up-delay 33 | 34 | setenv remote_netmask_bits 24 35 | 36 | Note: For this to work, you can't set the "user" or "group" config options, 37 | because then the scripts will not run as root. 38 | 39 | The last setting allows you to control the size of the network the remote 40 | system is on. The remote end has to be set up to route, probably with 41 | masquerading or NAT. The network this netmask relates to is calculated 42 | using the value of "remote" in the conf file. 43 | 44 | Sean 45 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/contrib/openvpn-fwmarkroute-1.00/fwmarkroute.down: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Bring down vpn routing. 4 | 5 | # calculate the network address 6 | remote_network=`ipcalc -n "$remote"/"$remote_netmask_bits"` 7 | remote_network="${remote_network#*=}" 8 | 9 | # clear routing via VPN 10 | ip route del "$remote_network"/"$remote_netmask_bits" via "$5" table vpn.out 11 | ip route del table vpnonly.out via "$5" 12 | iptables -D OUTPUT -t mangle -p "$proto" \ 13 | -d "$remote_network"/"$remote_netmask_bits" \ 14 | --dport "$remote_port" -j ACCEPT 15 | iptables -D OUTPUT -t mangle -d "$remote" -j MARK --set-mark 2 16 | 17 | # undo the ICMP ping tunneling 18 | iptables -D OUTPUT -t mangle --protocol icmp --icmp-type echo-request \ 19 | -j MARK --set-mark 3 20 | 21 | # flush route cache 22 | ip route flush cache 23 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/contrib/openvpn-fwmarkroute-1.00/fwmarkroute.up: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Bring up vpn routing. 4 | 5 | # calculate the network address 6 | remote_network=`ipcalc -n "$remote"/"$remote_netmask_bits"` 7 | remote_network="${remote_network#*=}" 8 | 9 | # add the stuff that doesn't change if it's not already there 10 | grep -q '^202 ' /etc/iproute2/rt_tables 11 | if [ "$?" -ne 0 ] 12 | then 13 | echo 202 vpn.out >> /etc/iproute2/rt_tables 14 | fi 15 | grep -q '^203 ' /etc/iproute2/rt_tables 16 | if [ "$?" -ne 0 ] 17 | then 18 | echo 203 vpnonly.out >> /etc/iproute2/rt_tables 19 | fi 20 | ip rule ls | grep -q 'lookup vpn.out *$' 21 | if [ "$?" -ne 0 ] 22 | then 23 | ip rule add fwmark 2 table vpn.out 24 | fi 25 | ip rule ls | grep -q 'lookup vpnonly.out *$' 26 | if [ "$?" -ne 0 ] 27 | then 28 | ip rule add fwmark 3 table vpnonly.out 29 | fi 30 | 31 | # route VPN traffic using the normal table 32 | iptables -A OUTPUT -t mangle -p "$proto" -d "$remote" --dport "$remote_port" \ 33 | -j ACCEPT 34 | 35 | # route all other traffic to that host via VPN 36 | iptables -A OUTPUT -t mangle -d "$remote_network"/"$remote_netmask_bits" \ 37 | -j MARK --set-mark 2 38 | 39 | # route all ICMP pings over the VPN 40 | iptables -A OUTPUT -t mangle --protocol icmp --icmp-type echo-request \ 41 | -j MARK --set-mark 3 42 | 43 | # NAT traffic going over the VPN, so it doesn't have an unknown address 44 | iptables -t nat -A POSTROUTING -o "$1" -j SNAT --to-source "$4" 45 | 46 | # add routing commands 47 | ip route add "$remote_network"/"$remote_netmask_bits" via "$5" table vpn.out 48 | ip route add table vpnonly.out via "$5" 49 | ip route flush cache 50 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/contrib/pull-resolv-conf/client.down: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Copyright (c) 2005-2009 OpenVPN Technologies, Inc. 4 | # Licensed under the GPL version 2 5 | 6 | # First version by Jesse Adelman 7 | # someone at boldandbusted dink com 8 | # http://www.boldandbusted.com/ 9 | 10 | # PURPOSE: This script automatically removes the /etc/resolv.conf entries previously 11 | # set by the companion script "client.up". 12 | 13 | # INSTALL NOTES: 14 | # Place this in /etc/openvpn/client.down 15 | # Then, add the following to your /etc/openvpn/.conf: 16 | # client 17 | # pull dhcp-options 18 | # up /etc/openvpn/client.up 19 | # down /etc/openvpn/client.down 20 | # Next, "chmod a+x /etc/openvpn/client.down" 21 | 22 | # USAGE NOTES: 23 | # Note that this script is best served with the companion "client.up" 24 | # script. 25 | 26 | # Only tested on Gentoo Linux 2005.0 with OpenVPN 2.0 27 | # It should work with any GNU/Linux with /etc/resolv.conf 28 | 29 | # This runs with the context of the OpenVPN UID/GID 30 | # at the time of execution. This generally means that 31 | # the client "up" script will run fine, but the "down" script 32 | # will require the use of the OpenVPN "down-root" plugin 33 | # which is in the plugins/ directory of the OpenVPN source tree 34 | 35 | # A horrid work around, from a security perspective, 36 | # is to run OpenVPN as root. THIS IS NOT RECOMMENDED. You have 37 | # been WARNED. 38 | 39 | # init variables 40 | 41 | i=1 42 | j=1 43 | unset fopt 44 | unset dns 45 | unset opt 46 | 47 | # Convert ENVs to an array 48 | 49 | while fopt=foreign_option_$i; [ -n "${!fopt}" ]; do 50 | { 51 | opt[i-1]=${!fopt} 52 | case ${opt[i-1]} in 53 | *DOMAIN* ) domain=`echo ${opt[i-1]} | \ 54 | sed -e 's/dhcp-option DOMAIN //g'` ;; 55 | *DNS* ) dns[j-1]=`echo ${opt[i-1]} | \ 56 | sed -e 's/dhcp-option DNS //g'` 57 | let j++ ;; 58 | esac 59 | let i++ 60 | } 61 | done 62 | 63 | # Now, do the work 64 | 65 | if [ -n "${dns[*]}" ]; then 66 | for i in "${dns[@]}"; do 67 | sed -i -e "/nameserver ${i}/D" /etc/resolv.conf || die 68 | done 69 | fi 70 | 71 | if [ -n "${domain}" ]; then 72 | sed -i -e "/search ${domain}/D" /etc/resolv.conf || die 73 | fi 74 | 75 | # all done... 76 | exit 0 77 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/contrib/pull-resolv-conf/client.up: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Copyright (c) 2005-2009 OpenVPN Technologies, Inc. 4 | # Licensed under the GPL version 2 5 | 6 | # First version by Jesse Adelman 7 | # someone at boldandbusted dink com 8 | # http://www.boldandbusted.com/ 9 | 10 | # PURPOSE: This script automatically sets the proper /etc/resolv.conf entries 11 | # as pulled down from an OpenVPN server. 12 | 13 | # INSTALL NOTES: 14 | # Place this in /etc/openvpn/client.up 15 | # Then, add the following to your /etc/openvpn/.conf: 16 | # client 17 | # pull dhcp-options 18 | # up /etc/openvpn/client.up 19 | # Next, "chmod a+x /etc/openvpn/client.up" 20 | 21 | # USAGE NOTES: 22 | # Note that this script is best served with the companion "client.down" 23 | # script. 24 | 25 | # Only tested on Gentoo Linux 2005.0 with OpenVPN 2.0 26 | # It should work with any GNU/Linux with /etc/resolv.conf 27 | 28 | # This runs with the context of the OpenVPN UID/GID 29 | # at the time of execution. This generally means that 30 | # the client "up" script will run fine, but the "down" script 31 | # will require the use of the OpenVPN "down-root" plugin 32 | # which is in the plugins/ directory of the OpenVPN source tree 33 | 34 | # A horrid work around, from a security perspective, 35 | # is to run OpenVPN as root. THIS IS NOT RECOMMENDED. You have 36 | # been WARNED. 37 | 38 | # init variables 39 | 40 | i=1 41 | j=1 42 | unset fopt 43 | unset dns 44 | unset opt 45 | 46 | # Convert ENVs to an array 47 | 48 | while fopt=foreign_option_$i; [ -n "${!fopt}" ]; do 49 | { 50 | opt[i-1]=${!fopt} 51 | case ${opt[i-1]} in 52 | *DOMAIN* ) domain=`echo ${opt[i-1]} | \ 53 | sed -e 's/dhcp-option DOMAIN //g'` ;; 54 | *DNS* ) dns[j-1]=`echo ${opt[i-1]} | \ 55 | sed -e 's/dhcp-option DNS //g'` 56 | let j++ ;; 57 | esac 58 | let i++ 59 | } 60 | done 61 | 62 | # Now, do the work 63 | 64 | if [ -n "${dns[*]}" ]; then 65 | for i in "${dns[@]}"; do 66 | sed -i -e "1,1 i nameserver ${i}" /etc/resolv.conf || die 67 | done 68 | fi 69 | 70 | if [ -n "${domain}" ]; then 71 | sed -i -e "$j,1 i search ${domain}" /etc/resolv.conf || die 72 | fi 73 | 74 | # all done... 75 | exit 0 76 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/cryptoapi.h: -------------------------------------------------------------------------------- 1 | #ifndef _CRYPTOAPI_H_ 2 | #define _CRYPTOAPI_H_ 3 | 4 | int SSL_CTX_use_CryptoAPI_certificate(SSL_CTX *ssl_ctx, const char *cert_prop); 5 | 6 | 7 | #endif /* !_CRYPTOAPI_H_ */ 8 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/doclean: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # Let's have a fresh start. Remove all 4 | # generated files. 5 | # 6 | # Run this script, then: 7 | # autoreconf -i -v 8 | # ./configure 9 | # make 10 | # make install 11 | 12 | if ! [ "$KEEPAUTODEFS" = "yes" ]; then 13 | rm -rf autodefs 14 | fi 15 | 16 | rm -f \ 17 | *.o \ 18 | service-win32/*.o \ 19 | service-win32/*.exe \ 20 | *.exe \ 21 | openvpn \ 22 | config.cache \ 23 | configure \ 24 | Makefile \ 25 | Makefile.in \ 26 | stamp-h* \ 27 | config.guess \ 28 | config.sub \ 29 | depcomp \ 30 | missing \ 31 | mkinstalldirs \ 32 | config.log \ 33 | config.status \ 34 | config.h \ 35 | config.h.in \ 36 | aclocal.m4 \ 37 | openvpn.spec \ 38 | install-sh \ 39 | openvpn.8.html \ 40 | config-win32.h \ 41 | install-win32/*.exe \ 42 | install-win32/makensis.log \ 43 | install-win32/settings \ 44 | install-win32/Makefile \ 45 | install-win32/Makefile.in \ 46 | images/Makefile \ 47 | images/Makefile.in \ 48 | service-win32/Makefile \ 49 | service-win32/Makefile.in 50 | 51 | rm -rf \ 52 | autom4te*.cache \ 53 | .deps \ 54 | */.deps \ 55 | windest \ 56 | gen \ 57 | tapinstall \ 58 | install-win32/tmp 59 | 60 | rm -rf \ 61 | tap-win32/objfre_w2k_x86 \ 62 | tap-win32/dist \ 63 | tap-win32/SOURCES \ 64 | tap-win32/tapdrvr.cod \ 65 | tap-win32/buildfre_wnet_amd64.wrn \ 66 | tap-win32/buildfre_w2k_x86.wrn \ 67 | tap-win32/objfre_wnet_amd64 \ 68 | tap-win32/buildfre_wnet_amd64.log \ 69 | tap-win32/buildfre_w2k_x86.log \ 70 | tap-win32/amd64 \ 71 | tap-win32/i386/tap0901.pdb \ 72 | tap-win32/i386/OemWin2k.inf \ 73 | tap-win32/i386/tap0901.map \ 74 | tap-win32/i386/tap0901.sys 75 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/1.0/build-ca: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # Build a root certificate 5 | # 6 | 7 | if test $KEY_DIR; then 8 | cd $KEY_DIR && \ 9 | openssl req -days 3650 -nodes -new -x509 -keyout ca.key -out ca.crt -config $KEY_CONFIG && \ 10 | chmod 0600 ca.key 11 | else 12 | echo you must define KEY_DIR 13 | fi 14 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/1.0/build-dh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # Build Diffie-Hellman parameters for the server side 5 | # of an SSL/TLS connection. 6 | # 7 | 8 | if test $KEY_DIR; then 9 | openssl dhparam -out ${KEY_DIR}/dh${KEY_SIZE}.pem ${KEY_SIZE} 10 | else 11 | echo you must define KEY_DIR 12 | fi 13 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/1.0/build-inter: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # Make an intermediate CA certificate/private key pair using a locally generated 5 | # root certificate. 6 | # 7 | 8 | if test $# -ne 1; then 9 | echo "usage: build-inter "; 10 | exit 1 11 | fi 12 | 13 | if test $KEY_DIR; then 14 | cd $KEY_DIR && \ 15 | openssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \ 16 | openssl ca -extensions v3_ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG 17 | else 18 | echo you must define KEY_DIR 19 | fi 20 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/1.0/build-key: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # Make a certificate/private key pair using a locally generated 5 | # root certificate. 6 | # 7 | 8 | if test $# -ne 1; then 9 | echo "usage: build-key "; 10 | exit 1 11 | fi 12 | 13 | if test $KEY_DIR; then 14 | cd $KEY_DIR && \ 15 | openssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \ 16 | openssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG && \ 17 | chmod 0600 $1.key 18 | else 19 | echo you must define KEY_DIR 20 | fi 21 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/1.0/build-key-pass: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # Similar to build-key, but protect the private key 5 | # with a password. 6 | # 7 | 8 | if test $# -ne 1; then 9 | echo "usage: build-key-pass "; 10 | exit 1 11 | fi 12 | 13 | if test $KEY_DIR; then 14 | cd $KEY_DIR && \ 15 | openssl req -days 3650 -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \ 16 | openssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG && \ 17 | chmod 0600 $1.key 18 | else 19 | echo you must define KEY_DIR 20 | fi 21 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/1.0/build-key-pkcs12: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # Make a certificate/private key pair using a locally generated 5 | # root certificate and convert it to a PKCS #12 file including the 6 | # the CA certificate as well. 7 | 8 | if test $# -ne 1; then 9 | echo "usage: build-key-pkcs12 "; 10 | exit 1 11 | fi 12 | 13 | if test $KEY_DIR; then 14 | cd $KEY_DIR && \ 15 | openssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \ 16 | openssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG && \ 17 | openssl pkcs12 -export -inkey $1.key -in $1.crt -certfile ca.crt -out $1.p12 && \ 18 | chmod 0600 $1.key $1.p12 19 | else 20 | echo you must define KEY_DIR 21 | fi 22 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/1.0/build-key-server: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # Make a certificate/private key pair using a locally generated 5 | # root certificate. 6 | # 7 | # Explicitly set nsCertType to server using the "server" 8 | # extension in the openssl.cnf file. 9 | 10 | if test $# -ne 1; then 11 | echo "usage: build-key-server "; 12 | exit 1 13 | fi 14 | 15 | if test $KEY_DIR; then 16 | cd $KEY_DIR && \ 17 | openssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -extensions server -config $KEY_CONFIG && \ 18 | openssl ca -days 3650 -out $1.crt -in $1.csr -extensions server -config $KEY_CONFIG && \ 19 | chmod 0600 $1.key 20 | else 21 | echo you must define KEY_DIR 22 | fi 23 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/1.0/build-req: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # Build a certificate signing request and private key. Use this 5 | # when your root certificate and key is not available locally. 6 | # 7 | 8 | if test $# -ne 1; then 9 | echo "usage: build-req "; 10 | exit 1 11 | fi 12 | 13 | if test $KEY_DIR; then 14 | cd $KEY_DIR && \ 15 | openssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -config $KEY_CONFIG 16 | else 17 | echo you must define KEY_DIR 18 | fi 19 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/1.0/build-req-pass: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # Like build-req, but protect your private key 5 | # with a password. 6 | # 7 | 8 | if test $# -ne 1; then 9 | echo "usage: build-req-pass "; 10 | exit 1 11 | fi 12 | 13 | if test $KEY_DIR; then 14 | cd $KEY_DIR && \ 15 | openssl req -days 3650 -new -keyout $1.key -out $1.csr -config $KEY_CONFIG 16 | else 17 | echo you must define KEY_DIR 18 | fi 19 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/1.0/clean-all: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # Initialize the $KEY_DIR directory. 5 | # Note that this script does a 6 | # rm -rf on $KEY_DIR so be careful! 7 | # 8 | 9 | d=$KEY_DIR 10 | 11 | if test $d; then 12 | rm -rf $d 13 | mkdir $d && \ 14 | chmod go-rwx $d && \ 15 | touch $d/index.txt && \ 16 | echo 01 >$d/serial 17 | else 18 | echo you must define KEY_DIR 19 | fi 20 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/1.0/list-crl: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # list revoked certificates 5 | # 6 | # 7 | 8 | if test $# -ne 1; then 9 | echo "usage: list-crl "; 10 | exit 1 11 | fi 12 | 13 | if test $KEY_DIR; then 14 | cd $KEY_DIR && \ 15 | openssl crl -text -noout -in $1 16 | else 17 | echo you must define KEY_DIR 18 | fi 19 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/1.0/make-crl: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # generate a CRL 5 | # 6 | # 7 | 8 | if test $# -ne 1; then 9 | echo "usage: make-crl "; 10 | exit 1 11 | fi 12 | 13 | if test $KEY_DIR; then 14 | cd $KEY_DIR && \ 15 | openssl ca -gencrl -out $1 -config $KEY_CONFIG 16 | else 17 | echo you must define KEY_DIR 18 | fi 19 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/1.0/revoke-crt: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # revoke a certificate 5 | # 6 | # 7 | 8 | if test $# -ne 1; then 9 | echo "usage: revoke-crt "; 10 | exit 1 11 | fi 12 | 13 | if test $KEY_DIR; then 14 | cd $KEY_DIR && \ 15 | openssl ca -revoke $1 -config $KEY_CONFIG 16 | else 17 | echo you must define KEY_DIR 18 | fi 19 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/1.0/revoke-full: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # revoke a certificate, regenerate CRL, 4 | # and verify revocation 5 | 6 | CRL=crl.pem 7 | RT=revoke-test.pem 8 | 9 | if test $# -ne 1; then 10 | echo "usage: revoke-full "; 11 | exit 1 12 | fi 13 | 14 | if test $KEY_DIR; then 15 | cd $KEY_DIR 16 | rm -f $RT 17 | 18 | # revoke key and generate a new CRL 19 | openssl ca -revoke $1.crt -config $KEY_CONFIG 20 | 21 | # generate a new CRL 22 | openssl ca -gencrl -out $CRL -config $KEY_CONFIG 23 | cat ca.crt $CRL >$RT 24 | 25 | # verify the revocation 26 | openssl verify -CAfile $RT -crl_check $1.crt 27 | else 28 | echo you must define KEY_DIR 29 | fi 30 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/1.0/sign-req: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # Sign a certificate signing request (a .csr file) 5 | # with a local root certificate and key. 6 | # 7 | 8 | if test $# -ne 1; then 9 | echo "usage: sign-req "; 10 | exit 1 11 | fi 12 | 13 | if test $KEY_DIR; then 14 | cd $KEY_DIR && \ 15 | openssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG 16 | else 17 | echo you must define KEY_DIR 18 | fi 19 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/1.0/vars: -------------------------------------------------------------------------------- 1 | # easy-rsa parameter settings 2 | 3 | # NOTE: If you installed from an RPM, 4 | # don't edit this file in place in 5 | # /usr/share/openvpn/easy-rsa -- 6 | # instead, you should copy the whole 7 | # easy-rsa directory to another location 8 | # (such as /etc/openvpn) so that your 9 | # edits will not be wiped out by a future 10 | # OpenVPN package upgrade. 11 | 12 | # This variable should point to 13 | # the top level of the easy-rsa 14 | # tree. 15 | export D=`pwd` 16 | 17 | # This variable should point to 18 | # the openssl.cnf file included 19 | # with easy-rsa. 20 | export KEY_CONFIG=$D/openssl.cnf 21 | 22 | # Edit this variable to point to 23 | # your soon-to-be-created key 24 | # directory. 25 | # 26 | # WARNING: clean-all will do 27 | # a rm -rf on this directory 28 | # so make sure you define 29 | # it correctly! 30 | export KEY_DIR=$D/keys 31 | 32 | # Issue rm -rf warning 33 | echo NOTE: when you run ./clean-all, I will be doing a rm -rf on $KEY_DIR 34 | 35 | # Increase this to 2048 if you 36 | # are paranoid. This will slow 37 | # down TLS negotiation performance 38 | # as well as the one-time DH parms 39 | # generation process. 40 | export KEY_SIZE=1024 41 | 42 | # These are the default values for fields 43 | # which will be placed in the certificate. 44 | # Don't leave any of these fields blank. 45 | export KEY_COUNTRY=KG 46 | export KEY_PROVINCE=NA 47 | export KEY_CITY=BISHKEK 48 | export KEY_ORG="OpenVPN-TEST" 49 | export KEY_EMAIL="me@myhost.mydomain" 50 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/Makefile: -------------------------------------------------------------------------------- 1 | 2 | DESTDIR= 3 | PREFIX= 4 | 5 | all: 6 | echo "All done." 7 | echo "Run make install DESTDIR=/usr/share/somewhere" 8 | 9 | install: 10 | install -d "${DESTDIR}/${PREFIX}" 11 | install -m 0755 build-* "${DESTDIR}/${PREFIX}" 12 | install -m 0755 clean-all list-crl inherit-inter pkitool revoke-full sign-req whichopensslcnf "${DESTDIR}/${PREFIX}" 13 | install -m 0644 openssl-0.9.6.cnf openssl.cnf README vars "${DESTDIR}/${PREFIX}" 14 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/build-ca: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # 4 | # Build a root certificate 5 | # 6 | 7 | export EASY_RSA="${EASY_RSA:-.}" 8 | "$EASY_RSA/pkitool" --interact --initca $* 9 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/build-dh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Build Diffie-Hellman parameters for the server side 4 | # of an SSL/TLS connection. 5 | 6 | if [ -d $KEY_DIR ] && [ $KEY_SIZE ]; then 7 | $OPENSSL dhparam -out ${KEY_DIR}/dh${KEY_SIZE}.pem ${KEY_SIZE} 8 | else 9 | echo 'Please source the vars script first (i.e. "source ./vars")' 10 | echo 'Make sure you have edited it to reflect your configuration.' 11 | fi 12 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/build-inter: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Make an intermediate CA certificate/private key pair using a locally generated 4 | # root certificate. 5 | 6 | export EASY_RSA="${EASY_RSA:-.}" 7 | "$EASY_RSA/pkitool" --interact --inter $* 8 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/build-key: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Make a certificate/private key pair using a locally generated 4 | # root certificate. 5 | 6 | export EASY_RSA="${EASY_RSA:-.}" 7 | "$EASY_RSA/pkitool" --interact $* 8 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/build-key-pass: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Similar to build-key, but protect the private key 4 | # with a password. 5 | 6 | export EASY_RSA="${EASY_RSA:-.}" 7 | "$EASY_RSA/pkitool" --interact --pass $* 8 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/build-key-pkcs12: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Make a certificate/private key pair using a locally generated 4 | # root certificate and convert it to a PKCS #12 file including the 5 | # the CA certificate as well. 6 | 7 | export EASY_RSA="${EASY_RSA:-.}" 8 | "$EASY_RSA/pkitool" --interact --pkcs12 $* 9 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/build-key-server: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Make a certificate/private key pair using a locally generated 4 | # root certificate. 5 | # 6 | # Explicitly set nsCertType to server using the "server" 7 | # extension in the openssl.cnf file. 8 | 9 | export EASY_RSA="${EASY_RSA:-.}" 10 | "$EASY_RSA/pkitool" --interact --server $* 11 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/build-req: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Build a certificate signing request and private key. Use this 4 | # when your root certificate and key is not available locally. 5 | 6 | export EASY_RSA="${EASY_RSA:-.}" 7 | "$EASY_RSA/pkitool" --interact --csr $* 8 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/build-req-pass: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Like build-req, but protect your private key 4 | # with a password. 5 | 6 | export EASY_RSA="${EASY_RSA:-.}" 7 | "$EASY_RSA/pkitool" --interact --csr --pass $* 8 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/clean-all: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Initialize the $KEY_DIR directory. 4 | # Note that this script does a 5 | # rm -rf on $KEY_DIR so be careful! 6 | 7 | if [ "$KEY_DIR" ]; then 8 | rm -rf "$KEY_DIR" 9 | mkdir "$KEY_DIR" && \ 10 | chmod go-rwx "$KEY_DIR" && \ 11 | touch "$KEY_DIR/index.txt" && \ 12 | echo 01 >"$KEY_DIR/serial" 13 | else 14 | echo 'Please source the vars script first (i.e. "source ./vars")' 15 | echo 'Make sure you have edited it to reflect your configuration.' 16 | fi 17 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/inherit-inter: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Build a new PKI which is rooted on an intermediate certificate generated 4 | # by ./build-inter or ./pkitool --inter from a parent PKI. The new PKI should 5 | # have independent vars settings, and must use a different KEY_DIR directory 6 | # from the parent. This tool can be used to generate arbitrary depth 7 | # certificate chains. 8 | # 9 | # To build an intermediate CA, follow the same steps for a regular PKI but 10 | # replace ./build-key or ./pkitool --initca with this script. 11 | 12 | # The EXPORT_CA file will contain the CA certificate chain and should be 13 | # referenced by the OpenVPN "ca" directive in config files. The ca.crt file 14 | # will only contain the local intermediate CA -- it's needed by the easy-rsa 15 | # scripts but not by OpenVPN directly. 16 | EXPORT_CA="export-ca.crt" 17 | 18 | if [ $# -ne 2 ]; then 19 | echo "usage: $0 " 20 | echo "parent-key-dir: the KEY_DIR directory of the parent PKI" 21 | echo "common-name: the common name of the intermediate certificate in the parent PKI" 22 | exit 1; 23 | fi 24 | 25 | if [ "$KEY_DIR" ]; then 26 | cp "$1/$2.crt" "$KEY_DIR/ca.crt" 27 | cp "$1/$2.key" "$KEY_DIR/ca.key" 28 | 29 | if [ -e "$1/$EXPORT_CA" ]; then 30 | PARENT_CA="$1/$EXPORT_CA" 31 | else 32 | PARENT_CA="$1/ca.crt" 33 | fi 34 | cp "$PARENT_CA" "$KEY_DIR/$EXPORT_CA" 35 | cat "$KEY_DIR/ca.crt" >> "$KEY_DIR/$EXPORT_CA" 36 | else 37 | echo 'Please source the vars script first (i.e. "source ./vars")' 38 | echo 'Make sure you have edited it to reflect your configuration.' 39 | fi 40 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/keys/ca.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDQDCCAqmgAwIBAgIJANQxOHsL8XlCMA0GCSqGSIb3DQEBBQUAMHQxCzAJBgNV 3 | BAYTAkFVMQwwCgYDVQQIEwNOU1cxDzANBgNVBAcTBlN5ZG5leTEMMAoGA1UEChMD 4 | U0lTMRQwEgYDVQQDEwtwYXJkaWZmLmNvbTEiMCAGCSqGSIb3DQEJARYTc3VwcG9y 5 | dEBwYXJkaWZmLmNvbTAeFw0xMDAyMTUxMTIzNDVaFw0yMDAyMTMxMTIzNDVaMHQx 6 | CzAJBgNVBAYTAkFVMQwwCgYDVQQIEwNOU1cxDzANBgNVBAcTBlN5ZG5leTEMMAoG 7 | A1UEChMDU0lTMRQwEgYDVQQDEwtwYXJkaWZmLmNvbTEiMCAGCSqGSIb3DQEJARYT 8 | c3VwcG9ydEBwYXJkaWZmLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA 9 | vwHw09RmB15+TsVrj3ehQI8rieZpsAvfEpPJ+irTf88vA3nEp5NXp8Y+9S7YVRQ/ 10 | 19jwuz/9fdMdrrJ4mpg+/wjKto/Z7BI3H5v2n8cjR543i1Geg1zy6hu+xZAvQm4M 11 | GxellBRwIPCWvmlz0kNfy6GRcqNZQ9DAmRzJWzNUZk0CAwEAAaOB2TCB1jAdBgNV 12 | HQ4EFgQUvzu+J9WPkegEkjQaM3uRUMRjPsIwgaYGA1UdIwSBnjCBm4AUvzu+J9WP 13 | kegEkjQaM3uRUMRjPsKheKR2MHQxCzAJBgNVBAYTAkFVMQwwCgYDVQQIEwNOU1cx 14 | DzANBgNVBAcTBlN5ZG5leTEMMAoGA1UEChMDU0lTMRQwEgYDVQQDEwtwYXJkaWZm 15 | LmNvbTEiMCAGCSqGSIb3DQEJARYTc3VwcG9ydEBwYXJkaWZmLmNvbYIJANQxOHsL 16 | 8XlCMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAhh8gN9N6sU62aouD 17 | SXcguBgaNDunw/8hpyXV7f3zt5TMcGJXivR+7yvC70dlbSGvpemyKnGxK7lCiPBq 18 | xAkX7uvd3vdnK1ZLzi/vlMFnK5DxO2r1Xe5BZ+X3xWAfUwH/azlrF4YGxlIizIg+ 19 | R2Tvij3Lxhp5zWCi8x68gSZoUM0= 20 | -----END CERTIFICATE----- 21 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/keys/ca.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIICXgIBAAKBgQC/AfDT1GYHXn5OxWuPd6FAjyuJ5mmwC98Sk8n6KtN/zy8DecSn 3 | k1enxj71LthVFD/X2PC7P/190x2usniamD7/CMq2j9nsEjcfm/afxyNHnjeLUZ6D 4 | XPLqG77FkC9CbgwbF6WUFHAg8Ja+aXPSQ1/LoZFyo1lD0MCZHMlbM1RmTQIDAQAB 5 | AoGASEGbsQawcik07ueQAP3oalu+xLP9VzOmd4ig55o72CWwS0hNNHdwuW8tceL+ 6 | w3CdljHjH3LdmjO7DtNE/HaLnZd2bmcO3UwAkpIEjnaYmHS2DoS+UydbLjvj2Ga1 7 | /9nWTmr5dTg2VOwT5s+VIanOxjR2055vZ00WFjHvwM+vOKECQQDk5ZoAV7EpA750 8 | /0jf+kiF/MweFKv3JO2Azdf+sk0JoWexx/IUETQ8Gnh0Y4Qe2lTWSGcLJUVjOBor 9 | tQRZbx6bAkEA1Z/TeqMlPPyLAeJvUnoLRAbWDfwWnb85lDp8niS/sv7QIcxy0MCY 10 | lf6uK/TzCathcq2o/V2mvDPKHTaCo4opNwJBANFIQLtJcnjOrIfqlaX7/+1KCxMB 11 | 0Y2BnQnkqzV7rsY8ZkP9TZAdfsXpafL4vmc7NtBJmLVvGXczZ3JI6rYezDsCQQCq 12 | uzPvvdgTJ9uJRAmopzW9xqDpSGJi7OP93cifM8uqKRD7EkVpJaRNrOBS7VAYmEon 13 | tzdqV6DcpZ+RPXGndtJ9AkEAlKlD39cx1JbElbMAxGToWqVyWnVDq8K/HVVDFba7 14 | 5tqzRpI37kUwxLwd/0lEtPNbVV86uDu3ShRZMXOK1C63OQ== 15 | -----END RSA PRIVATE KEY----- 16 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/keys/client.csr: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE REQUEST----- 2 | MIIBvDCCASUCAQAwfDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRUwEwYDVQQH 3 | EwxTYW5GcmFuY2lzY28xFTATBgNVBAoTDEZvcnQtRnVuc3RvbjEPMA0GA1UEAxMG 4 | Y2xpZW50MSEwHwYJKoZIhvcNAQkBFhJtZUBteWhvc3QubXlkb21haW4wgZ8wDQYJ 5 | KoZIhvcNAQEBBQADgY0AMIGJAoGBAKYPXVa9W+sTh2fY8UL1vTbL9N0Sx2NWZHcy 6 | OEuvaHGOVbMmwZVS5i9ic221JK1OAfhc2+lwmb8j3jEE7JxzE8UpoUFrR5l2QKLr 7 | Q/NrhJKxcMVafzqdmnwXTfV1+v0pnJLj23CC7gA32U+BESkwW4iQ1qVBoXusRAgq 8 | H7Cv2ZQVAgMBAAGgADANBgkqhkiG9w0BAQQFAAOBgQByZ/wS6Ugq/W2MmFg7rlXf 9 | wWo7PyUYo5RLSigfsAZ9CXlRzidllcSEl3yIyjLFqs13yE/+GEKEF0FUYHTIYlA5 10 | J6xNskN16iJuzohJQ4DqbPjC1bTiMcAWdCgyVvSyijfYxBoj5gajtGE+XimzeXcu 11 | AHizbSaF4LS8XNVdXh0bBg== 12 | -----END CERTIFICATE REQUEST----- 13 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/keys/client.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIICXQIBAAKBgQCmD11WvVvrE4dn2PFC9b02y/TdEsdjVmR3MjhLr2hxjlWzJsGV 3 | UuYvYnNttSStTgH4XNvpcJm/I94xBOyccxPFKaFBa0eZdkCi60Pza4SSsXDFWn86 4 | nZp8F031dfr9KZyS49twgu4AN9lPgREpMFuIkNalQaF7rEQIKh+wr9mUFQIDAQAB 5 | AoGAUUPjobc5bGk6Mo/wQZyQ5GgbhLTT7sEwmURyWFeW/TtypSGqSrEvBLFhW6by 6 | M/2g6TJITI1WMDwVWFfYkxed7GzqdfU7bucyLie6cvfU00KODy6Y7bQdU+rcxjZt 7 | KTqgNY2M94klqNEplhuWGmVnoivjQ9TWte1ShX6pzW0qqwECQQDV5iFSo+WXZ+eW 8 | o726LgTsaSvI/BXT7GVWPW1XJzE0ouLTcw4Ene/BYuQ4AzUbQvYNTN8J8KhLKyXZ 9 | bsJE4bhJAkEAxr6+A/BcbiGtRFZvJSzUuA5rK+p+JXsx9JdS5w3H74k8PyFmVv/o 10 | sI16H2L2Wm2BLj8g5IeNbKbQbQyIUd81bQJAEE5O1AHyiqw9F1q8J+lCLtOFpviw 11 | oUswHnboUvCF68FPEVeABhIUKOXlB/AWqFFeeH0Xs6ZI7hIH/J9Y5+9dIQJBAI8x 12 | ClJoMRAgL2gXJkkQfcqGiOzBLFXw5tMk29Qg97Y7mC6b79Iq2wmpRR2r/Xa1gudB 13 | EH/WsixgG7cV2nmyahkCQQCp3kjtSUzivLTWRti+PeDvUpQlrz7FVUws0YWsQ8FS 14 | ammsApqXPuG4VFPI7RfydarNWkeh0ZfdWKF/QEIScdON 15 | -----END RSA PRIVATE KEY----- 16 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/keys/dh1024.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN DH PARAMETERS----- 2 | MIGHAoGBAMcdRaAkk3noI1vr6y4AjydUfz+8owtfyIUW9VKrK3ysJpUqdOfIXlmf 3 | HAAVQZAaw7E9Y+b5hOpO0Oy6KNxnZcZPywipd1Tmj2/injHfFjHm/Lbd9HL9+/b6 4 | V1qfjjg5nBgmPd5MSoDRHbNbt88V1Y9hOb9CFNE5OBqjiWmyFstzAgEC 5 | -----END DH PARAMETERS----- 6 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/keys/index.txt: -------------------------------------------------------------------------------- 1 | V 200213112425Z 01 unknown /C=AU/ST=NSW/L=SanFrancisco/O=Fort-Funston/CN=server/emailAddress=me@myhost.mydomain 2 | V 200213124837Z 02 unknown /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=test-user/emailAddress=me@myhost.mydomain 3 | V 200213124921Z 03 unknown /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=test-user/emailAddress=me@myhost.mydomain 4 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/keys/index.txt.attr: -------------------------------------------------------------------------------- 1 | unique_subject = no 2 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/keys/index.txt.attr.old: -------------------------------------------------------------------------------- 1 | unique_subject = no 2 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/keys/index.txt.old: -------------------------------------------------------------------------------- 1 | V 200213112425Z 01 unknown /C=AU/ST=NSW/L=SanFrancisco/O=Fort-Funston/CN=server/emailAddress=me@myhost.mydomain 2 | V 200213124837Z 02 unknown /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=test-user/emailAddress=me@myhost.mydomain 3 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/keys/serial: -------------------------------------------------------------------------------- 1 | 04 2 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/keys/serial.old: -------------------------------------------------------------------------------- 1 | 03 2 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/keys/server.csr: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE REQUEST----- 2 | MIIBvTCCASYCAQAwfTELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEVMBMGA1UE 3 | BxMMU2FuRnJhbmNpc2NvMRUwEwYDVQQKEwxGb3J0LUZ1bnN0b24xDzANBgNVBAMT 4 | BnNlcnZlcjEhMB8GCSqGSIb3DQEJARYSbWVAbXlob3N0Lm15ZG9tYWluMIGfMA0G 5 | CSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgG0XdMYcvAoJeugEe1UvNKvmTZMgXbWmC 6 | Ll2q5w9bCtDMpVF8wdAoKCWeZ9Z8I486L2XC3FRrMORSwAetYhZNkyA4RqN20KKK 7 | mQdaZKkkN/IU5E+j21OZf5HP/53fktbFvPdIDf9vPX0KUta8Bbq2cQ/N9R8xLC7X 8 | 5rFNGCdmaQIDAQABoAAwDQYJKoZIhvcNAQEFBQADgYEAuXi3L0RIjoOl1xTnPG+D 9 | u/HHbcDR0CkZ/IzCQBolCR+L/YDGEVU2r1yKVy/CoFQFbec6wvzmtUiCxCFICUyb 10 | hbQalsu9cv+qMHsSLN+NESY7C9SaEwQ7XB+VcF5+lrLW6T0I5JkUsoUEDUaFoO17 11 | F+JBzX/O3A7YGSj3bzHUiGA= 12 | -----END CERTIFICATE REQUEST----- 13 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/keys/server.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIICXwIBAAKBgQDgG0XdMYcvAoJeugEe1UvNKvmTZMgXbWmCLl2q5w9bCtDMpVF8 3 | wdAoKCWeZ9Z8I486L2XC3FRrMORSwAetYhZNkyA4RqN20KKKmQdaZKkkN/IU5E+j 4 | 21OZf5HP/53fktbFvPdIDf9vPX0KUta8Bbq2cQ/N9R8xLC7X5rFNGCdmaQIDAQAB 5 | AoGBALqhu9LzljLuEgg1Ow2kcBYSvfmjqoboFT/WwSa8eitFnJFw86XD+kgW9w0u 6 | SI7lRjgclNBskNkbxGmthjc8QnkUYJt8eIILTY5tL3A1fJS+ZxlU18uwq375SSnV 7 | fcfP7+vtR/bERQn58VlO6T4vHwTWLTGiCfJXb/0fHehvRTXJAkEA/tlKnqfoMIsm 8 | +emK1Mm/jYheIPENMCp2An2YqdSvsgRCoMnVIlLcNn0d6JVIify5t3QORR5UeW6F 9 | OWJY1Ezq6wJBAOEebk//ZD4ZPQ1wPr36FM80y+rxY/FmjHy7MaWoen8epkiPVKzI 10 | ypsG2ak80jPLBu93CDwjxtMRR2odykKutvsCQQD+jqFAdMsyoeweuS6ZeaPChbIw 11 | CVd5AxC5UCcLjIyqriK3ZKNmE4ovSy5ywZqhajU/j8cpNzB90u1z8k50URhdAkEA 12 | qpaixSAk2CHL7+kEwnVFW5cIh2qQb5dkEgjQIFZBLR8OpqFmauBlF4DjY6lhKDpL 13 | cR7kMJ5zxfGsCi+02z8GDQJBAKzw67BcIcgL6m9YQAsnxbIFDPChgfLRR/OgdhYK 14 | lKFxG8SUpN3Rrr6/babI1rJD1YG80ursupaUZGsKfS/cBZs= 15 | -----END RSA PRIVATE KEY----- 16 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/keys/test-user.csr: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE REQUEST----- 2 | MIIBvzCCASgCAQAwfzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRUwEwYDVQQH 3 | EwxTYW5GcmFuY2lzY28xFTATBgNVBAoTDEZvcnQtRnVuc3RvbjESMBAGA1UEAxMJ 4 | dGVzdC11c2VyMSEwHwYJKoZIhvcNAQkBFhJtZUBteWhvc3QubXlkb21haW4wgZ8w 5 | DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMfs3pWhyNK97ofeHUKyclpWiEyOAqtc 6 | Gnzf3SBsIV9ESVUgh6SEPGXThlFObK5Gp14+Vl+/J7KFhBIttH1iz33v75HpqK2O 7 | 2jtW7wU/9RWAS16Fn3AVQxvofcaH3KdDsZPEpOyDPqcq0guEBvPMldehTHlwkUvO 8 | 3ZccpUsbSpurAgMBAAGgADANBgkqhkiG9w0BAQUFAAOBgQAq9AtAqn5kJGOqdRC7 9 | czGtTDhpa9HLHnb7obnUjU5CXB8xZD456jgJxUeajpQNjxy8vDqcQajwsPzE34A3 10 | Dk2Ge10WpfKso2KndL/ll95cPgnkccpL3YAq0fC0ws7Ywz7NMDAqk8IXCYotEcYw 11 | w4ZWCCOUVAfTCBfJenFoI+1y0w== 12 | -----END CERTIFICATE REQUEST----- 13 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/keys/test-user.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIICXAIBAAKBgQDH7N6VocjSve6H3h1CsnJaVohMjgKrXBp8390gbCFfRElVIIek 3 | hDxl04ZRTmyuRqdePlZfvyeyhYQSLbR9Ys997++R6aitjto7Vu8FP/UVgEtehZ9w 4 | FUMb6H3Gh9ynQ7GTxKTsgz6nKtILhAbzzJXXoUx5cJFLzt2XHKVLG0qbqwIDAQAB 5 | AoGASoNkKkzUNoeHoagNK9CqgjUCM9Yx9IAtdyFQn0bt4T3oPwwSwiRvBlyiESez 6 | pfi7ZIrDUohCWW0d3lCelqT/Q/1DMPHbBObQlvgNY4lkkiDKEW3e7APV8R++n/vt 7 | ehk5FrTtchKplE3KG3kudP+aY0wOSjNjE+39vlkZ6vE2QFECQQD8fvGCf9gF3XZu 8 | fwVQldM1oc0ydEfVq1BOqMd8Wu9SN2v2IWb77rL3PWP1Xz0wTDEuAtK0S9PkNEwx 9 | gB+FKc7NAkEAyrMnzUMh8NBawNve6bDC6q28lu7E3PMdD0fYjeQ3G6OIpcjPH1ka 10 | lpOSf6XIcqpAUoeRdo/N43maKgwURAKkVwJAWK6VUIpqaxTvhbujODyHJC0iDvh8 11 | SnWTDS2GcwzVRYElsBrnOtEJloC/XO0IZrA8Dbb8HksLrvkXUcN4TqLyeQJAK59S 12 | uYHxE/pDDa5D0tcPm6G4LGNGSqanYlp76E1s7q3LAqKssHpklnM72+y5rrOlFB3I 13 | 2FMqZAIPg20GD3ziEQJBAM0cbBVDQsy8R+kl5wRutqjhAZpkC47uSC3SZvMbnLMB 14 | m96vDdISRPa0PvAYcoggxQcdE9+utTFhAfcrmDSUBYw= 15 | -----END RSA PRIVATE KEY----- 16 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/list-crl: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # list revoked certificates 4 | 5 | CRL="${1:-crl.pem}" 6 | 7 | if [ "$KEY_DIR" ]; then 8 | cd "$KEY_DIR" && \ 9 | $OPENSSL crl -text -noout -in "$CRL" 10 | else 11 | echo 'Please source the vars script first (i.e. "source ./vars")' 12 | echo 'Make sure you have edited it to reflect your configuration.' 13 | fi 14 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/revoke-full: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # revoke a certificate, regenerate CRL, 4 | # and verify revocation 5 | 6 | CRL="crl.pem" 7 | RT="revoke-test.pem" 8 | 9 | if [ $# -ne 1 ]; then 10 | echo "usage: revoke-full "; 11 | exit 1 12 | fi 13 | 14 | if [ "$KEY_DIR" ]; then 15 | cd "$KEY_DIR" 16 | rm -f "$RT" 17 | 18 | # set defaults 19 | export KEY_CN="" 20 | export KEY_OU="" 21 | export KEY_NAME="" 22 | 23 | # revoke key and generate a new CRL 24 | $OPENSSL ca -revoke "$1.crt" -config "$KEY_CONFIG" 25 | 26 | # generate a new CRL -- try to be compatible with 27 | # intermediate PKIs 28 | $OPENSSL ca -gencrl -out "$CRL" -config "$KEY_CONFIG" 29 | if [ -e export-ca.crt ]; then 30 | cat export-ca.crt "$CRL" >"$RT" 31 | else 32 | cat ca.crt "$CRL" >"$RT" 33 | fi 34 | 35 | # verify the revocation 36 | $OPENSSL verify -CAfile "$RT" -crl_check "$1.crt" 37 | else 38 | echo 'Please source the vars script first (i.e. "source ./vars")' 39 | echo 'Make sure you have edited it to reflect your configuration.' 40 | fi 41 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/sign-req: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Sign a certificate signing request (a .csr file) 4 | # with a local root certificate and key. 5 | 6 | export EASY_RSA="${EASY_RSA:-.}" 7 | "$EASY_RSA/pkitool" --interact --sign $* 8 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/vars: -------------------------------------------------------------------------------- 1 | # easy-rsa parameter settings 2 | 3 | # NOTE: If you installed from an RPM, 4 | # don't edit this file in place in 5 | # /usr/share/openvpn/easy-rsa -- 6 | # instead, you should copy the whole 7 | # easy-rsa directory to another location 8 | # (such as /etc/openvpn) so that your 9 | # edits will not be wiped out by a future 10 | # OpenVPN package upgrade. 11 | 12 | # This variable should point to 13 | # the top level of the easy-rsa 14 | # tree. 15 | export EASY_RSA="`pwd`" 16 | 17 | # 18 | # This variable should point to 19 | # the requested executables 20 | # 21 | export OPENSSL="openssl" 22 | export PKCS11TOOL="pkcs11-tool" 23 | export GREP="grep" 24 | 25 | 26 | # This variable should point to 27 | # the openssl.cnf file included 28 | # with easy-rsa. 29 | export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA` 30 | 31 | # Edit this variable to point to 32 | # your soon-to-be-created key 33 | # directory. 34 | # 35 | # WARNING: clean-all will do 36 | # a rm -rf on this directory 37 | # so make sure you define 38 | # it correctly! 39 | export KEY_DIR="$EASY_RSA/keys" 40 | 41 | # Issue rm -rf warning 42 | echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR 43 | 44 | # PKCS11 fixes 45 | export PKCS11_MODULE_PATH="dummy" 46 | export PKCS11_PIN="dummy" 47 | 48 | # Increase this to 2048 if you 49 | # are paranoid. This will slow 50 | # down TLS negotiation performance 51 | # as well as the one-time DH parms 52 | # generation process. 53 | export KEY_SIZE=1024 54 | 55 | # In how many days should the root CA key expire? 56 | export CA_EXPIRE=3650 57 | 58 | # In how many days should certificates expire? 59 | export KEY_EXPIRE=3650 60 | 61 | # These are the default values for fields 62 | # which will be placed in the certificate. 63 | # Don't leave any of these fields blank. 64 | export KEY_COUNTRY="US" 65 | export KEY_PROVINCE="CA" 66 | export KEY_CITY="SanFrancisco" 67 | export KEY_ORG="Fort-Funston" 68 | export KEY_EMAIL="me@myhost.mydomain" 69 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/2.0/whichopensslcnf: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | if [ "$OPENSSL" ]; then 4 | if $OPENSSL version | grep 0.9.6 > /dev/null; then 5 | echo "$1/openssl-0.9.6.cnf" 6 | else 7 | echo "$1/openssl.cnf" 8 | fi 9 | else 10 | echo "$1/openssl.cnf" 11 | fi 12 | 13 | exit 0 14 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/Windows/README.txt: -------------------------------------------------------------------------------- 1 | Extract all zip'd files to the OpenVPN home directory, 2 | including the openssl.cnf file from the top-level 3 | "easy-rsa" directory. 4 | 5 | First run init-config.bat 6 | 7 | Next, edit vars.bat to adapt it to your environment, and 8 | create the directory that will hold your key files. 9 | 10 | To generate TLS keys: 11 | 12 | Create new empty index and serial files (once only) 13 | 1. vars 14 | 2. clean-all 15 | 16 | Build a CA key (once only) 17 | 1. vars 18 | 2. build-ca 19 | 20 | Build a DH file (for server side, once only) 21 | 1. vars 22 | 2. build-dh 23 | 24 | Build a private key/certficate for the openvpn server 25 | 1. vars 26 | 2. build-key-server 27 | 28 | Build key files in PEM format (for each client machine) 29 | 1. vars 30 | 2. build-key 31 | (use for specific name within script) 32 | 33 | or 34 | 35 | Build key files in PKCS #12 format (for each client machine) 36 | 1. vars 37 | 2. build-key-pkcs12 38 | (use for specific name within script) 39 | 40 | To revoke a TLS certificate and generate a CRL file: 41 | 1. vars 42 | 2. revoke-full 43 | 3. verify last line of output confirms revokation 44 | 4. copy crl.pem to server directory and ensure config file uses "crl-verify " 45 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/Windows/build-ca-pass.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | cd %HOME% 3 | rem build a request for a cert that will be valid for ten years 4 | openssl req -days 3650 -new -keyout %KEY_DIR%\%1.key -out %KEY_DIR%\%1.csr -config %KEY_CONFIG% 5 | rem sign the cert request with our ca, creating a cert/key pair 6 | openssl ca -days 3650 -out %KEY_DIR%\%1.crt -in %KEY_DIR%\%1.csr -config %KEY_CONFIG% 7 | rem delete any .old files created in this process, to avoid future file creation errors 8 | del /q %KEY_DIR%\*.old 9 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/Windows/build-ca.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | cd %HOME% 3 | rem build a cert authority valid for ten years, starting now 4 | openssl req -days 3650 -nodes -new -x509 -keyout %KEY_DIR%\ca.key -out %KEY_DIR%\ca.crt -config %KEY_CONFIG% 5 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/Windows/build-dh.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | cd %HOME% 3 | rem build a dh file for the server side 4 | openssl dhparam -out %KEY_DIR%/dh%KEY_SIZE%.pem %KEY_SIZE% 5 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/Windows/build-key-pass.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | cd %HOME% 3 | rem build a request for a cert that will be valid for ten years 4 | openssl req -days 3650 -new -keyout %KEY_DIR%\%1.key -out %KEY_DIR%\%1.csr -config %KEY_CONFIG% 5 | rem sign the cert request with our ca, creating a cert/key pair 6 | openssl ca -days 3650 -out %KEY_DIR%\%1.crt -in %KEY_DIR%\%1.csr -config %KEY_CONFIG% 7 | rem delete any .old files created in this process, to avoid future file creation errors 8 | del /q %KEY_DIR%\*.old 9 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/Windows/build-key-pkcs12.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | cd %HOME% 3 | rem build a request for a cert that will be valid for ten years 4 | openssl req -days 3650 -nodes -new -keyout %KEY_DIR%\%1.key -out %KEY_DIR%\%1.csr -config %KEY_CONFIG% 5 | rem sign the cert request with our ca, creating a cert/key pair 6 | openssl ca -days 3650 -out %KEY_DIR%\%1.crt -in %KEY_DIR%\%1.csr -config %KEY_CONFIG% 7 | rem convert the key/cert and embed the ca cert into a pkcs12 file. 8 | openssl pkcs12 -export -inkey %KEY_DIR%\%1.key -in %KEY_DIR%\%1.crt -certfile %KEY_DIR%\ca.crt -out %KEY_DIR%\%1.p12 9 | rem delete any .old files created in this process, to avoid future file creation errors 10 | del /q %KEY_DIR%\*.old 11 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/Windows/build-key-server-pass.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | cd %HOME% 3 | rem build a request for a cert that will be valid for ten years 4 | openssl req -days 3650 -new -keyout %KEY_DIR%\%1.key -out %KEY_DIR%\%1.csr -config %KEY_CONFIG% 5 | rem sign the cert request with our ca, creating a cert/key pair 6 | openssl ca -days 3650 -out %KEY_DIR%\%1.crt -in %KEY_DIR%\%1.csr -extensions server -config %KEY_CONFIG% 7 | rem delete any .old files created in this process, to avoid future file creation errors 8 | del /q %KEY_DIR%\*.old 9 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/Windows/build-key-server.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | cd %HOME% 3 | rem build a request for a cert that will be valid for ten years 4 | openssl req -days 3650 -nodes -new -keyout %KEY_DIR%\%1.key -out %KEY_DIR%\%1.csr -config %KEY_CONFIG% 5 | rem sign the cert request with our ca, creating a cert/key pair 6 | openssl ca -days 3650 -out %KEY_DIR%\%1.crt -in %KEY_DIR%\%1.csr -extensions server -config %KEY_CONFIG% 7 | rem delete any .old files created in this process, to avoid future file creation errors 8 | del /q %KEY_DIR%\*.old 9 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/Windows/build-key.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | cd %HOME% 3 | rem build a request for a cert that will be valid for ten years 4 | openssl req -days 3650 -nodes -new -keyout %KEY_DIR%\%1.key -out %KEY_DIR%\%1.csr -config %KEY_CONFIG% 5 | rem sign the cert request with our ca, creating a cert/key pair 6 | openssl ca -days 3650 -out %KEY_DIR%\%1.crt -in %KEY_DIR%\%1.csr -config %KEY_CONFIG% 7 | rem delete any .old files created in this process, to avoid future file creation errors 8 | del /q %KEY_DIR%\*.old 9 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/Windows/clean-all.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | rem move to the HOME directory specified in VARS script 3 | cd %HOME% 4 | rem set a temporary KEY_DIR variable 5 | set d=%KEY_DIR% 6 | rem delete the KEY_DIR and any subdirs quietly 7 | rmdir /s /q %d% 8 | rem make a new KEY_DIR 9 | mkdir %d% 10 | rem copy in a fesh index file so we begin with an empty database 11 | copy index.txt.start %d%\index.txt 12 | rem copy in a fresh serial file so we begin generating keys at index 01 13 | copy serial.start %d%\serial. 14 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/Windows/index.txt.start: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/src/openvpn-2.1.1/easy-rsa/Windows/index.txt.start -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/Windows/init-config.bat: -------------------------------------------------------------------------------- 1 | copy vars.bat.sample vars.bat 2 | copy openssl.cnf.sample openssl.cnf 3 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/Windows/revoke-full.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | cd %HOME% 3 | rem revoke cert 4 | openssl ca -revoke %KEY_DIR%\%1.crt -config %KEY_CONFIG% 5 | rem generate new crl 6 | openssl ca -gencrl -out %KEY_DIR%\crl.pem -config %KEY_CONFIG% 7 | rem test revocation 8 | rem first concatinate ca cert with newly generated crl 9 | copy %KEY_DIR%\ca.crt+%KEY_DIR%\crl.pem %KEY_DIR%\revoke_test_file.pem 10 | rem now verify the revocation 11 | openssl verify -CAfile %KEY_DIR%\revoke_test_file.pem -crl_check %KEY_DIR%\%1.crt 12 | rem delete temporary test file 13 | del /q %KEY_DIR%\revoke_test_file.pem 14 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/Windows/serial.start: -------------------------------------------------------------------------------- 1 | 01 2 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/easy-rsa/Windows/vars.bat.sample: -------------------------------------------------------------------------------- 1 | @echo off 2 | rem Edit this variable to point to 3 | rem the openssl.cnf file included 4 | rem with easy-rsa. 5 | 6 | set HOME=%ProgramFiles%\OpenVPN\easy-rsa 7 | set KEY_CONFIG=openssl.cnf 8 | 9 | rem Edit this variable to point to 10 | rem your soon-to-be-created key 11 | rem directory. 12 | rem 13 | rem WARNING: clean-all will do 14 | rem a rm -rf on this directory 15 | rem so make sure you define 16 | rem it correctly! 17 | set KEY_DIR=keys 18 | 19 | rem Increase this to 2048 if you 20 | rem are paranoid. This will slow 21 | rem down TLS negotiation performance 22 | rem as well as the one-time DH parms 23 | rem generation process. 24 | set KEY_SIZE=1024 25 | 26 | rem These are the default values for fields 27 | rem which will be placed in the certificate. 28 | rem Change these to reflect your site. 29 | rem Don't leave any of these parms blank. 30 | 31 | set KEY_COUNTRY=US 32 | set KEY_PROVINCE=CA 33 | set KEY_CITY=SanFrancisco 34 | set KEY_ORG=OpenVPN 35 | set KEY_EMAIL=mail@host.domain 36 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/fdmisc.h: -------------------------------------------------------------------------------- 1 | /* 2 | * OpenVPN -- An application to securely tunnel IP networks 3 | * over a single UDP port, with support for SSL/TLS-based 4 | * session authentication and key exchange, 5 | * packet encryption, packet authentication, and 6 | * packet compression. 7 | * 8 | * Copyright (C) 2002-2009 OpenVPN Technologies, Inc. 9 | * 10 | * This program is free software; you can redistribute it and/or modify 11 | * it under the terms of the GNU General Public License version 2 12 | * as published by the Free Software Foundation. 13 | * 14 | * This program is distributed in the hope that it will be useful, 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | * GNU General Public License for more details. 18 | * 19 | * You should have received a copy of the GNU General Public License 20 | * along with this program (see the file COPYING included with this 21 | * distribution); if not, write to the Free Software Foundation, Inc., 22 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23 | */ 24 | 25 | #include "basic.h" 26 | 27 | bool set_nonblock_action (int fd); 28 | bool set_cloexec_action (int fd); 29 | 30 | void set_nonblock (int fd); 31 | void set_cloexec (int fd); 32 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/helper.h: -------------------------------------------------------------------------------- 1 | /* 2 | * OpenVPN -- An application to securely tunnel IP networks 3 | * over a single TCP/UDP port, with support for SSL/TLS-based 4 | * session authentication and key exchange, 5 | * packet encryption, packet authentication, and 6 | * packet compression. 7 | * 8 | * Copyright (C) 2002-2009 OpenVPN Technologies, Inc. 9 | * 10 | * This program is free software; you can redistribute it and/or modify 11 | * it under the terms of the GNU General Public License version 2 12 | * as published by the Free Software Foundation. 13 | * 14 | * This program is distributed in the hope that it will be useful, 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | * GNU General Public License for more details. 18 | * 19 | * You should have received a copy of the GNU General Public License 20 | * along with this program (see the file COPYING included with this 21 | * distribution); if not, write to the Free Software Foundation, Inc., 22 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23 | */ 24 | 25 | /* 26 | * Process helper directives such as server, client, and keepalive. 27 | */ 28 | 29 | #ifndef HELPER_H 30 | #define HELPER_H 31 | 32 | #include "options.h" 33 | 34 | void helper_keepalive (struct options *o); 35 | void helper_client_server (struct options *o); 36 | void helper_tcp_nodelay (struct options *o); 37 | 38 | #endif 39 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/ieproxy.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2004 Ewan Bhamrah Harley 3 | * 4 | * This program is free software; you can redistribute it and/or modify 5 | * it under the terms of the GNU General Public License as published by 6 | * the Free Software Foundation; either version 2 of the License, or 7 | * (at your option) any later version. 8 | * 9 | * This program is distributed in the hope that it will be useful, 10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 | * GNU General Public License for more details. 13 | * 14 | * You should have received a copy of the GNU General Public License 15 | * along with this program (see the file COPYING included with this 16 | * distribution); if not, write to the Free Software Foundation, Inc., 17 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 18 | */ 19 | 20 | #ifndef __GETIEHTTPPROXY__ 21 | #define __GETIEHTTPPROXY__ 22 | extern LPTSTR getIeHttpProxyError; 23 | LPCTSTR getIeHttpProxy(); 24 | #endif 25 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/images/Makefile.am: -------------------------------------------------------------------------------- 1 | # 2 | # OpenVPN -- An application to securely tunnel IP networks 3 | # over a single UDP port, with support for SSL/TLS-based 4 | # session authentication and key exchange, 5 | # packet encryption, packet authentication, and 6 | # packet compression. 7 | # 8 | # Copyright (C) 2002-2009 OpenVPN Technologies, Inc. 9 | # 10 | # This program is free software; you can redistribute it and/or modify 11 | # it under the terms of the GNU General Public License version 2 12 | # as published by the Free Software Foundation. 13 | # 14 | # This program is distributed in the hope that it will be useful, 15 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | # GNU General Public License for more details. 18 | # 19 | # You should have received a copy of the GNU General Public License 20 | # along with this program (see the file COPYING included with this 21 | # distribution); if not, write to the Free Software Foundation, Inc., 22 | # 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23 | # 24 | 25 | MAINTAINERCLEANFILES = $(srcdir)/Makefile.in 26 | 27 | images = \ 28 | install-whirl.bmp \ 29 | icon.ico 30 | 31 | if WIN32 32 | 33 | imagedir = $(win32datadir)/images 34 | dist_image_DATA = $(images) 35 | 36 | else 37 | 38 | dist_noinst_DATA = $(images) 39 | 40 | endif 41 | 42 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/images/icon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/src/openvpn-2.1.1/images/icon.ico -------------------------------------------------------------------------------- /src/openvpn-2.1.1/images/install-whirl.bmp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/src/openvpn-2.1.1/images/install-whirl.bmp -------------------------------------------------------------------------------- /src/openvpn-2.1.1/install-win32/build-pkcs11-helper.sh: -------------------------------------------------------------------------------- 1 | F=pkcs11-helper-1.06-beta1 2 | OPENSSL_DIR=`pwd`/openssl-0.9.8h 3 | 4 | PKCS11_HELPER_DIR=`pwd`/pkcs11-helper 5 | rm -rf $PKCS11_HELPER_DIR 6 | mkdir $PKCS11_HELPER_DIR 7 | tbz=$F.tar.bz2 8 | 9 | rm -rf $F 10 | tar xfj $tbz 11 | 12 | cd $F 13 | ./configure \ 14 | MAN2HTML=true \ 15 | --disable-crypto-engine-gnutls \ 16 | --disable-crypto-engine-nss \ 17 | PKG_CONFIG=true \ 18 | OPENSSL_CFLAGS="-I${OPENSSL_DIR}/include" \ 19 | OPENSSL_LIBS="-L${OPENSSL_DIR}/out -leay32" 20 | 21 | make 22 | make install DESTDIR="${PKCS11_HELPER_DIR}" 23 | 24 | # ./configure doesn't need this any more: ac_cv_type_size_t=no 25 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/install-win32/buildinstaller: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # load version.nsi definitions 4 | . autodefs/defs.sh 5 | 6 | # build the installer 7 | rm -f $GENOUT/*.exe 8 | '/c/Program Files/NSIS/makensis' $GENOUT/nsi/openvpn.nsi &>makensis.log 9 | tail -20 makensis.log 10 | 11 | # sign the installer 12 | if [ -d "$SIGNTOOL" ]; then 13 | TARGET_EXE="$(echo $(pwd)/$GENOUT/*.exe)" $SIGNTOOL/signexe 14 | fi 15 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/install-win32/ddk-common: -------------------------------------------------------------------------------- 1 | # DDKs <= 5600 use "AMD64", later use "x64" 2 | x64_tag=x64 3 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/install-win32/doclean: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # get version.nsi definitions 4 | . autodefs/defs.sh 5 | 6 | [ "$CLEAN" = "yes" ] && rm -rf $GENOUT && KEEPAUTODEFS="yes" ./doclean 7 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/install-win32/dosname.pl: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | 3 | # convert a unix filename to a DOS filename 4 | 5 | while ($unixname = shift(@ARGV)) { 6 | $unixname =~ s#^/([a-zA-Z])(/|$)#$1:\\#g; 7 | $unixname =~ s#/#\\#g; 8 | print "$unixname\n"; 9 | } 10 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/install-win32/getgui: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # Get and sign the OpenVPN GUI 4 | 5 | # load version.nsi definitions 6 | . autodefs/defs.sh 7 | 8 | GUI="$OPENVPN_GUI_DIR/$OPENVPN_GUI" 9 | 10 | if [ -f "$GUI" ]; then 11 | mkdir -p $GENOUT/bin &>/dev/null 12 | cp $GUI $GENOUT/bin 13 | if [ -d "$SIGNTOOL" ]; then 14 | TARGET_EXE="$GENOUT/bin/$OPENVPN_GUI" $SIGNTOOL/signexe 15 | fi 16 | fi 17 | 18 | if [ -f "$GENOUT/bin/$OPENVPN_GUI" ]; then 19 | echo '!define OPENVPN_GUI_DEFINED' >autodefs/guidefs.nsi 20 | else 21 | cat /dev/null >autodefs/guidefs.nsi 22 | fi 23 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/install-win32/getopenssl: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # get version.nsi definitions 4 | . autodefs/defs.sh 5 | 6 | # Get OpenSSL binaries 7 | if [ -d "$OPENSSL_DIR" ] ; then 8 | mkdir -p $GENOUT/lib &>/dev/null 9 | mkdir -p $GENOUT/bin &>/dev/null 10 | for f in libeay32.dll libssl32.dll out/openssl.exe ; do 11 | cp $OPENSSL_DIR/$f $GENOUT/lib 12 | if [ -z "$NO_STRIP" ]; then 13 | strip $GENOUT/lib/`basename $f` 14 | fi 15 | done 16 | mv $GENOUT/lib/openssl.exe $GENOUT/bin 17 | else 18 | echo OpenSSL DIR $OPENSSL_DIR NOT FOUND 19 | fi 20 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/install-win32/getpkcs11helper: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # get version.nsi definitions 4 | . autodefs/defs.sh 5 | 6 | # Get PKCS11-helper libraries 7 | if [ -d "$PKCS11_HELPER_DIR" ] ; then 8 | mkdir -p $GENOUT/lib &>/dev/null 9 | for f in libpkcs11-helper-1.dll ; do 10 | cp $PKCS11_HELPER_DIR/usr/local/bin/$f $GENOUT/lib 11 | if [ -z "$NO_STRIP" ]; then 12 | strip $GENOUT/lib/$f 13 | fi 14 | done 15 | else 16 | echo PKCS11-helper DIR $PKCS11_HELPER_DIR NOT FOUND 17 | fi 18 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/install-win32/getprebuilt: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # get version.nsi definitions 4 | . autodefs/defs.sh 5 | 6 | # Get PKCS11-helper libraries 7 | if [ -d "$GENOUT_PREBUILT" ] && ! [ -d "$GENOUT" ]; then 8 | echo LOADING prebuilt binaries from $GENOUT_PREBUILT 9 | cp -a $GENOUT_PREBUILT $GENOUT 10 | fi 11 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/install-win32/getxgui: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # Get and sign the OpenVPN XML-based GUI 4 | 5 | # load version.nsi definitions 6 | . autodefs/defs.sh 7 | 8 | if [ -d "$OPENVPN_XGUI_DIR" ]; then 9 | SIGNED_EXES="gui/ovpn-xgui-en.exe sta/ovpn-tray.exe" 10 | UNSIGNED_EXES="xmlserv/ovpn-xmlserv.exe" 11 | EXES="$SIGNED_EXES $UNSIGNED_EXES" 12 | 13 | mkdir -p $GENOUT/bin &>/dev/null 14 | 15 | if [ -z "$NO_STRIP" ]; then 16 | for f in $EXES; do 17 | cp $OPENVPN_XGUI_DIR/$f $GENOUT/bin 18 | strip $GENOUT/bin/`basename $f` 19 | done 20 | fi 21 | 22 | for f in $SIGNED_EXES; do 23 | if [ -d "$SIGNTOOL" ]; then 24 | TARGET_EXE="$GENOUT/bin/`basename $f`" $SIGNTOOL/signexe 25 | fi 26 | done 27 | 28 | rm -rf $GENOUT/htdocs 29 | cp -a $OPENVPN_XGUI_DIR/ajax/htdocs $GENOUT/htdocs 30 | 31 | echo '!define OPENVPN_XGUI_DEFINED' >autodefs/xguidefs.nsi 32 | else 33 | cat /dev/null >autodefs/xguidefs.nsi 34 | fi 35 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/install-win32/ifdef.pl: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | 3 | # Simple ifdef/else/endif processor. 4 | 5 | die "usage: ifdef [-C] [-Dname ...] [control-file ...] " if (@ARGV[0] =~ /^(-h|--help)$/); 6 | 7 | %Parms = (); 8 | 9 | $pre = "!"; 10 | while ($arg=shift(@ARGV)) { 11 | if ($arg =~ /^-/) { 12 | if ($arg =~ /^-D(\w+)$/) { 13 | $Parms{$1} = 1; 14 | } elsif ($arg =~ /-C(.*)$/) { 15 | $pre = $1; 16 | } else { 17 | die "unrecognized option: $arg"; 18 | } 19 | } else { 20 | open(CONTROL, "< $arg") or die "cannot open $arg"; 21 | while () { 22 | if (/^!define\s+(\w+)/) { 23 | $Parms{$1} = 1; 24 | } 25 | } 26 | } 27 | } 28 | 29 | sub ifdef { 30 | my ($var, $enabled) = @_; 31 | my $def = 0; 32 | $def = 1 if (defined $Parms{$var}) || ($var eq "true"); 33 | $def = 0 if $var eq "false"; 34 | while () { 35 | if (/^\s*\Q$pre\Eifdef\s+(\w+)\s*$/) { 36 | return 1 if ifdef ($1, $def & $enabled); 37 | } elsif (/^\s*\Q$pre\Eelseif\s+(\w+)\s*$/) { 38 | $def = $def ^ 1; 39 | return ifdef ($1, $def & $enabled); 40 | } elsif (/^\s*\Q$pre\Eelse\s*$/) { 41 | $def = $def ^ 1; 42 | } elsif (/^\s*\Q$pre\Eendif\s*$/) { 43 | return 0; 44 | } elsif (/^\s*\Q$pre\E/) { 45 | die "unrecognized command: $_"; 46 | } else { 47 | print if $def && $enabled; 48 | } 49 | } 50 | return 1; 51 | } 52 | 53 | ifdef("true", 1); 54 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/install-win32/m4todef.pl: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | 3 | # used to convert version.m4 to simple 4 | # definition format 5 | 6 | while () { 7 | chomp; 8 | if (/^\s*$/) { 9 | print "\n"; 10 | } elsif (/^define\((\w+),\[(.*?)\]\)/) { 11 | print "!define $1 \"$2\"\n"; 12 | } elsif (/^dnl(.*)$/) { 13 | print "#$1\n"; 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/install-win32/macro.pl: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | 3 | # Simple macro processor. 4 | 5 | # Macros are defined in a control file that follows 6 | # a simple definition-based grammar as documented in the 7 | # trans script. Stdin is then copied to stdout, and any 8 | # occurrence of @@MACRO@@ is substituted. Macros can also 9 | # be specified on the command line. 10 | 11 | die "usage: macro [-O] [-C] [-Dname=var ...] [control-file ...] " if (@ARGV < 1); 12 | 13 | %Parms = (); 14 | $open_quote = "@@"; 15 | $close_quote = "@@"; 16 | 17 | while ($arg=shift(@ARGV)) { 18 | if ($arg =~ /^-/) { 19 | if ($arg =~ /^-D(\w+)(?:=(.*))?$/) { 20 | $Parms{$1} = $2 21 | } elsif ($arg =~ /-O(.*)$/) { 22 | $open_quote = $1; 23 | } elsif ($arg =~ /-C(.*)$/) { 24 | $close_quote = $1; 25 | } else { 26 | die "unrecognized option: $arg"; 27 | } 28 | } else { 29 | open(CONTROL, "< $arg") or die "cannot open $arg"; 30 | while () { 31 | if (/^!define\s+(\w+)(?:\s+['"]?(.*?)['"]?)?\s*$/) { 32 | $Parms{$1} = $2; 33 | } 34 | } 35 | } 36 | } 37 | 38 | sub print_symbol_table { 39 | foreach my $k (sort (keys(%Parms))) { 40 | my $v = $Parms{$k}; 41 | print "[$k] -> \"$v\"\n"; 42 | } 43 | } 44 | 45 | #print_symbol_table (); 46 | #exit 0; 47 | 48 | while () { 49 | s{ 50 | \Q$open_quote\E 51 | \s* 52 | ( 53 | \w+ 54 | ) 55 | \s* 56 | \Q$close_quote\E 57 | }{ 58 | $Parms{$1} 59 | }xge; 60 | print; 61 | } 62 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/install-win32/makeopenvpn: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | H=`pwd` 4 | 5 | # get version.nsi definitions 6 | . autodefs/defs.sh 7 | 8 | if gcc --version &>/dev/null && [ -d "$OPENSSL_DIR" ] && [ -d "$LZO_DIR" ] && [ -d "$PKCS11_HELPER_DIR" ]; then 9 | # build OpenVPN binary 10 | 11 | if ! [ -f Makefile ]; then 12 | autoreconf -i -v \ 13 | && ./configure \ 14 | --enable-strict \ 15 | --prefix=$H/windest \ 16 | MAN2HTML=true \ 17 | --with-ssl-headers=$H/$OPENSSL_DIR/include \ 18 | --with-ssl-lib=$H/$OPENSSL_DIR/out \ 19 | --with-lzo-headers=$H/$LZO_DIR/include \ 20 | --with-lzo-lib=$H/$LZO_DIR \ 21 | --with-pkcs11-helper-headers=$H/$PKCS11_HELPER_DIR/usr/local/include \ 22 | --with-pkcs11-helper-lib=$H/$PKCS11_HELPER_DIR/usr/local/lib 23 | fi 24 | 25 | make -j $MAKE_JOBS && make install 26 | 27 | # copy OpenVPN and service executables to GENOUT/bin 28 | mkdir -p $GENOUT/bin &>/dev/null 29 | cp windest/sbin/openvpn.exe $GENOUT/bin 30 | cp windest/sbin/openvpnserv.exe $GENOUT/bin 31 | if [ -z "$NO_STRIP" ]; then 32 | strip $GENOUT/bin/openvpn.exe 33 | strip $GENOUT/bin/openvpnserv.exe 34 | fi 35 | else 36 | echo DID NOT BUILD openvpn.exe and openvpnserv.exe because one or more of gcc, OPENSSL_DIR, LZO_DIR, or PKCS11_HELPER_DIR directories were missing 37 | fi 38 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/install-win32/maketext: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # get version.nsi definitions 4 | . autodefs/defs.sh 5 | 6 | mkdir -p $GENOUT/text &>/dev/null 7 | 8 | # build license file 9 | cat COPYING COPYRIGHT.GPL >$GENOUT/text/license.txt 10 | 11 | # copy install file 12 | cp INSTALL-win32.txt $GENOUT/text/INSTALL-win32.txt 13 | 14 | # copy sample configuration files and docs 15 | s=$GENOUT/samples 16 | mkdir -p $s &>/dev/null 17 | cp sample-config-files/client.conf $s/client.$PRODUCT_FILE_EXT 18 | cp sample-config-files/server.conf $s/server.$PRODUCT_FILE_EXT 19 | cp install-win32/sample.ovpn $s/sample.$PRODUCT_FILE_EXT 20 | 21 | # get easy-rsa (Windows) 22 | e=$GENOUT/easy-rsa 23 | mkdir -p $e &>/dev/null 24 | cp easy-rsa/1.0/openssl.cnf $e/openssl.cnf.sample 25 | cp easy-rsa/Windows/* $e 26 | 27 | # get images 28 | i=$GENOUT/images 29 | mkdir -p $i &>/dev/null 30 | cp images/*.ico $i 31 | cp images/*.bmp $i 32 | 33 | # get NSI files 34 | n=$GENOUT/nsi 35 | mkdir -p $n &>/dev/null 36 | cp autodefs/defs.nsi $n 37 | cp autodefs/guidefs.nsi $n 38 | cp autodefs/xguidefs.nsi $n 39 | cp install-win32/openvpn.nsi $n 40 | cp install-win32/setpath.nsi $n 41 | cp install-win32/GetWindowsVersion.nsi $n 42 | 43 | if [ -n "$EXTRACT_FILES" ]; then 44 | cp "$EXTRACT_FILES/MultiFileExtract.nsi" $n 45 | fi 46 | 47 | # get OpenVPN client config files 48 | if [ -n "$SAMPCONF_DIR" ]; then 49 | c=$GENOUT/conf 50 | mkdir -p $c &>/dev/null 51 | test -n "$SAMPCONF_CONF" && cp "../$SAMPCONF_DIR/$SAMPCONF_CONF" $c 52 | test -n "$SAMPCONF_CONF2" && cp "../$SAMPCONF_DIR/$SAMPCONF_CONF2" $c 53 | test -n "$SAMPCONF_P12" && cp "../$SAMPCONF_DIR/$SAMPCONF_P12" $c 54 | test -n "$SAMPCONF_TA" && cp "../$SAMPCONF_DIR/$SAMPCONF_TA" $c 55 | test -n "$SAMPCONF_CA" && cp "../$SAMPCONF_DIR/$SAMPCONF_CA" $c 56 | test -n "$SAMPCONF_CRT" && cp "../$SAMPCONF_DIR/$SAMPCONF_CRT" $c 57 | test -n "$SAMPCONF_KEY" && cp "../$SAMPCONF_DIR/$SAMPCONF_KEY" $c 58 | test -n "$SAMPCONF_DH" && cp "../$SAMPCONF_DIR/$SAMPCONF_DH" $c 59 | fi 60 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/install-win32/openssl/README.txt: -------------------------------------------------------------------------------- 1 | Rebuild OpenSSL tarball without symbolic links, so 2 | it can be extracted on Windows (run on Unix): 3 | 4 | [download tarball and .asc sig] 5 | gpg --verify openssl-0.9.8k.tar.gz.asc 6 | tar xfz openssl-0.9.8k.tar.gz 7 | tar cfzh openssl-0.9.8k-nolinks.tar.gz openssl-0.9.8k 8 | 9 | To apply patch (in MSYS shell): 10 | 11 | cd /c/src/openssl-0.9.8k 12 | patch -p1 <../21/install-win32/openssl/openssl098.patch 13 | 14 | To build OpenSSL, open a command prompt window, then: 15 | 16 | cd \src\openssl-0.9.8k 17 | ms\mw 18 | 19 | To build a new patch (optional): 20 | 21 | diff -urw openssl-0.9.8k.orig openssl-0.9.8k | grep -v '^Only in' >openssl098.patch 22 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/install-win32/openssl/openssl098.patch: -------------------------------------------------------------------------------- 1 | diff -urw tmp/openssl-0.9.8h/crypto/pqueue/pqueue.c openssl-0.9.8h/crypto/pqueue/pqueue.c 2 | --- tmp/openssl-0.9.8h/crypto/pqueue/pqueue.c Tue Jun 28 06:53:34 2005 3 | +++ openssl-0.9.8h/crypto/pqueue/pqueue.c Wed Jun 4 02:52:42 2008 4 | @@ -199,10 +199,10 @@ 5 | return found; 6 | } 7 | 8 | -#if PQ_64BIT_IS_INTEGER 9 | void 10 | pqueue_print(pqueue_s *pq) 11 | { 12 | +#if PQ_64BIT_IS_INTEGER 13 | pitem *item = pq->items; 14 | 15 | while(item != NULL) 16 | @@ -210,8 +210,8 @@ 17 | printf("item\t" PQ_64BIT_PRINT "\n", item->priority); 18 | item = item->next; 19 | } 20 | - } 21 | #endif 22 | + } 23 | 24 | pitem * 25 | pqueue_iterator(pqueue_s *pq) 26 | diff -urw tmp/openssl-0.9.8h/ms/mw.bat openssl-0.9.8h/ms/mw.bat 27 | --- tmp/openssl-0.9.8h/ms/mw.bat Sat Feb 22 11:00:10 2003 28 | +++ openssl-0.9.8h/ms/mw.bat Wed Jun 4 02:56:54 2008 29 | @@ -1,17 +1,23 @@ 30 | @rem OpenSSL with Mingw32 31 | @rem -------------------- 32 | 33 | +@rem Include MinGW, MSYS, and ActiveState Perl in path 34 | +set PATH=c:\bin;C:\Perl\bin\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\MinGW\bin;c:\msys\1.0\bin 35 | + 36 | @rem Makefile 37 | perl util\mkfiles.pl >MINFO 38 | -perl util\mk1mf.pl Mingw32 >ms\mingw32.mak 39 | +perl util\mk1mf.pl no-idea no-mdc2 no-rc5 Mingw32 >ms\mingw32.mak 40 | + 41 | @rem DLL definition files 42 | -perl util\mkdef.pl 32 libeay >ms\libeay32.def 43 | +perl util\mkdef.pl no-idea no-mdc2 no-rc5 32 libeay >ms\libeay32.def 44 | if errorlevel 1 goto end 45 | -perl util\mkdef.pl 32 ssleay >ms\ssleay32.def 46 | +perl util\mkdef.pl no-idea no-mdc2 no-rc5 32 ssleay >ms\ssleay32.def 47 | if errorlevel 1 goto end 48 | 49 | @rem Build the libraries 50 | -make -f ms/mingw32.mak 51 | + 52 | +@rem JY added --win32 53 | +make --win32 -f ms/mingw32.mak 54 | if errorlevel 1 goto end 55 | 56 | @rem Generate the DLLs and input libraries 57 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/install-win32/u2d.c: -------------------------------------------------------------------------------- 1 | #include 2 | 3 | int 4 | main (int argc, char *argv[]) 5 | { 6 | int c; 7 | int enable = 1; 8 | 9 | while ((c = getchar()) != EOF) 10 | { 11 | #if 0 12 | if (c == '\r') 13 | enable = 0; 14 | if (enable && c == '\n') 15 | putchar ('\r'); 16 | #endif 17 | putchar (c); 18 | } 19 | return 0; 20 | } 21 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/install-win32/winconfig: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # prepare files for building on Windows 4 | # run from top directory: install-win32/winconfig 5 | 6 | rm -rf autodefs 7 | mkdir autodefs 8 | 9 | # build multi-grammar definition files 10 | perl install-win32/m4todef.pl autodefs/version.in 11 | for g in "h" "sh" "nsi" "in" ; do 12 | perl install-win32/trans.pl $g install-win32/settings.in >autodefs/defs.$g 13 | done 14 | 15 | cat /dev/null >autodefs/guidefs.nsi 16 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/lladdr.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Support routine for configuring link layer address 3 | */ 4 | 5 | #include "syshead.h" 6 | #include "error.h" 7 | #include "misc.h" 8 | 9 | int set_lladdr(const char *ifname, const char *lladdr, 10 | const struct env_set *es) 11 | { 12 | struct argv argv = argv_new (); 13 | int r; 14 | 15 | if (!ifname || !lladdr) 16 | return -1; 17 | 18 | #if defined(TARGET_LINUX) 19 | #ifdef CONFIG_FEATURE_IPROUTE 20 | argv_printf (&argv, 21 | "%s link set addr %s dev %s", 22 | iproute_path, lladdr, ifname); 23 | #else 24 | argv_printf (&argv, 25 | "%s %s hw ether %s", 26 | IFCONFIG_PATH, 27 | ifname, lladdr); 28 | #endif 29 | #elif defined(TARGET_SOLARIS) 30 | argv_printf (&argv, 31 | "%s %s ether %s", 32 | IFCONFIG_PATH, 33 | ifname, lladdr); 34 | #elif defined(TARGET_OPENBSD) 35 | argv_printf (&argv, 36 | "%s %s lladdr %s", 37 | IFCONFIG_PATH, 38 | ifname, lladdr); 39 | #elif defined(TARGET_DARWIN) 40 | argv_printf (&argv, 41 | "%s %s lladdr %s", 42 | IFCONFIG_PATH, 43 | ifname, lladdr); 44 | #elif defined(TARGET_FREEBSD) 45 | argv_printf (&argv, 46 | "%s %s ether %s", 47 | IFCONFIG_PATH, 48 | ifname, lladdr); 49 | #else 50 | msg (M_WARN, "Sorry, but I don't know how to configure link layer addresses on this operating system."); 51 | return -1; 52 | #endif 53 | 54 | argv_msg (M_INFO, &argv); 55 | r = openvpn_execve_check (&argv, es, M_WARN, "ERROR: Unable to set link layer address."); 56 | if (r) 57 | msg (M_INFO, "TUN/TAP link layer address set to %s", lladdr); 58 | 59 | argv_reset (&argv); 60 | return r; 61 | } 62 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/lladdr.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Support routine for configuring link layer address 3 | */ 4 | 5 | #include "misc.h" 6 | 7 | int set_lladdr(const char *ifname, const char *lladdr, 8 | const struct env_set *es); 9 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/memcmp.c: -------------------------------------------------------------------------------- 1 | /* 2 | * OpenVPN -- An application to securely tunnel IP networks 3 | * over a single TCP/UDP port, with support for SSL/TLS-based 4 | * session authentication and key exchange, 5 | * packet encryption, packet authentication, and 6 | * packet compression. 7 | * 8 | * Copyright (C) 2002-2009 OpenVPN Technologies, Inc. 9 | * 10 | * This program is free software; you can redistribute it and/or modify 11 | * it under the terms of the GNU General Public License version 2 12 | * as published by the Free Software Foundation. 13 | * 14 | * This program is distributed in the hope that it will be useful, 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | * GNU General Public License for more details. 18 | * 19 | * You should have received a copy of the GNU General Public License 20 | * along with this program (see the file COPYING included with this 21 | * distribution); if not, write to the Free Software Foundation, Inc., 22 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23 | */ 24 | 25 | #include "syshead.h" 26 | 27 | #include "memdbg.h" 28 | 29 | int 30 | memcmp (const void *s1, const void *s2, size_t n) 31 | { 32 | unsigned const char *p1 = s1, *p2 = s2; 33 | int d; 34 | 35 | if (n) 36 | while (n-- > 0) 37 | { 38 | d = *p1++ - *p2++; 39 | if (d != 0) 40 | return d; 41 | } 42 | return 0; 43 | } 44 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/mss.h: -------------------------------------------------------------------------------- 1 | /* 2 | * OpenVPN -- An application to securely tunnel IP networks 3 | * over a single TCP/UDP port, with support for SSL/TLS-based 4 | * session authentication and key exchange, 5 | * packet encryption, packet authentication, and 6 | * packet compression. 7 | * 8 | * Copyright (C) 2002-2009 OpenVPN Technologies, Inc. 9 | * 10 | * This program is free software; you can redistribute it and/or modify 11 | * it under the terms of the GNU General Public License version 2 12 | * as published by the Free Software Foundation. 13 | * 14 | * This program is distributed in the hope that it will be useful, 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | * GNU General Public License for more details. 18 | * 19 | * You should have received a copy of the GNU General Public License 20 | * along with this program (see the file COPYING included with this 21 | * distribution); if not, write to the Free Software Foundation, Inc., 22 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23 | */ 24 | 25 | #ifndef MSS_H 26 | #define MSS_H 27 | 28 | #include "proto.h" 29 | #include "error.h" 30 | 31 | void mss_fixup (struct buffer *buf, int maxmss); 32 | void mss_fixup_dowork (struct buffer *buf, uint16_t maxmss); 33 | 34 | #endif 35 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/mudp.h: -------------------------------------------------------------------------------- 1 | /* 2 | * OpenVPN -- An application to securely tunnel IP networks 3 | * over a single TCP/UDP port, with support for SSL/TLS-based 4 | * session authentication and key exchange, 5 | * packet encryption, packet authentication, and 6 | * packet compression. 7 | * 8 | * Copyright (C) 2002-2009 OpenVPN Technologies, Inc. 9 | * 10 | * This program is free software; you can redistribute it and/or modify 11 | * it under the terms of the GNU General Public License version 2 12 | * as published by the Free Software Foundation. 13 | * 14 | * This program is distributed in the hope that it will be useful, 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | * GNU General Public License for more details. 18 | * 19 | * You should have received a copy of the GNU General Public License 20 | * along with this program (see the file COPYING included with this 21 | * distribution); if not, write to the Free Software Foundation, Inc., 22 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23 | */ 24 | 25 | /* 26 | * UDP specific code for --mode server 27 | */ 28 | 29 | #ifndef MUDP_H 30 | #define MUDP_H 31 | 32 | #if P2MP_SERVER 33 | 34 | struct context; 35 | struct multi_context; 36 | 37 | void tunnel_server_udp (struct context *top); 38 | 39 | struct multi_instance *multi_get_create_instance_udp (struct multi_context *m); 40 | 41 | #endif 42 | #endif 43 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/ntlm.h: -------------------------------------------------------------------------------- 1 | #ifndef NTLM_H 2 | #define NTLM_H 3 | 4 | #if NTLM 5 | 6 | const char *ntlm_phase_1 (const struct http_proxy_info *p, struct gc_arena *gc); 7 | const char *ntlm_phase_3 (const struct http_proxy_info *p, const char *phase_2, struct gc_arena *gc); 8 | 9 | #endif 10 | 11 | #endif 12 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/ping-inline.h: -------------------------------------------------------------------------------- 1 | /* 2 | * OpenVPN -- An application to securely tunnel IP networks 3 | * over a single TCP/UDP port, with support for SSL/TLS-based 4 | * session authentication and key exchange, 5 | * packet encryption, packet authentication, and 6 | * packet compression. 7 | * 8 | * Copyright (C) 2002-2009 OpenVPN Technologies, Inc. 9 | * 10 | * This program is free software; you can redistribute it and/or modify 11 | * it under the terms of the GNU General Public License version 2 12 | * as published by the Free Software Foundation. 13 | * 14 | * This program is distributed in the hope that it will be useful, 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | * GNU General Public License for more details. 18 | * 19 | * You should have received a copy of the GNU General Public License 20 | * along with this program (see the file COPYING included with this 21 | * distribution); if not, write to the Free Software Foundation, Inc., 22 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23 | */ 24 | 25 | #ifndef PING_INLINE_H 26 | #define PING_INLINE_H 27 | 28 | /* 29 | * Should we exit or restart due to ping (or other authenticated packet) 30 | * not received in n seconds? 31 | */ 32 | static inline void 33 | check_ping_restart (struct context *c) 34 | { 35 | void check_ping_restart_dowork (struct context *c); 36 | if (c->options.ping_rec_timeout 37 | && event_timeout_trigger (&c->c2.ping_rec_interval, 38 | &c->c2.timeval, 39 | (!c->options.ping_timer_remote 40 | || link_socket_actual_defined (&c->c1.link_socket_addr.actual)) 41 | ? ETT_DEFAULT : 15)) 42 | check_ping_restart_dowork (c); 43 | } 44 | 45 | /* 46 | * Should we ping the remote? 47 | */ 48 | static inline void 49 | check_ping_send (struct context *c) 50 | { 51 | void check_ping_send_dowork (struct context *c); 52 | if (c->options.ping_send_timeout 53 | && event_timeout_trigger (&c->c2.ping_send_interval, 54 | &c->c2.timeval, 55 | !TO_LINK_DEF(c) ? ETT_DEFAULT : 1)) 56 | check_ping_send_dowork (c); 57 | } 58 | 59 | #endif 60 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/ping.h: -------------------------------------------------------------------------------- 1 | /* 2 | * OpenVPN -- An application to securely tunnel IP networks 3 | * over a single TCP/UDP port, with support for SSL/TLS-based 4 | * session authentication and key exchange, 5 | * packet encryption, packet authentication, and 6 | * packet compression. 7 | * 8 | * Copyright (C) 2002-2009 OpenVPN Technologies, Inc. 9 | * 10 | * This program is free software; you can redistribute it and/or modify 11 | * it under the terms of the GNU General Public License version 2 12 | * as published by the Free Software Foundation. 13 | * 14 | * This program is distributed in the hope that it will be useful, 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | * GNU General Public License for more details. 18 | * 19 | * You should have received a copy of the GNU General Public License 20 | * along with this program (see the file COPYING included with this 21 | * distribution); if not, write to the Free Software Foundation, Inc., 22 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23 | */ 24 | 25 | #ifndef PING_H 26 | #define PING_H 27 | 28 | #include "init.h" 29 | #include "forward.h" 30 | 31 | /* 32 | * Initial default --ping-restart before --pull 33 | */ 34 | #define PRE_PULL_INITIAL_PING_RESTART 120 /* in seconds */ 35 | 36 | extern const uint8_t ping_string[]; 37 | 38 | /* PING_STRING_SIZE must be sizeof (ping_string) */ 39 | #define PING_STRING_SIZE 16 40 | 41 | static inline bool 42 | is_ping_msg (const struct buffer* buf) 43 | { 44 | return buf_string_match (buf, ping_string, PING_STRING_SIZE); 45 | } 46 | 47 | #endif 48 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/plugin/README: -------------------------------------------------------------------------------- 1 | OpenVPN Plugins 2 | --------------- 3 | 4 | Starting with OpenVPN 2.0-beta17, compiled plugin modules are 5 | supported on any *nix OS which includes libdl or on Windows. 6 | One or more modules may be loaded into OpenVPN using 7 | the --plugin directive, and each plugin module is capable of 8 | intercepting any of the script callbacks which OpenVPN supports: 9 | 10 | (1) up 11 | (2) down 12 | (3) route-up 13 | (4) ipchange 14 | (5) tls-verify 15 | (6) auth-user-pass-verify 16 | (7) client-connect 17 | (8) client-disconnect 18 | (9) learn-address 19 | 20 | See the openvpn-plugin.h file in the top-level directory of the 21 | OpenVPN source distribution for more detailed information 22 | on the plugin interface. 23 | 24 | Included Plugins 25 | ---------------- 26 | 27 | auth-pam -- Authenticate using PAM and a split privilege 28 | execution model which functions even if 29 | root privileges or the execution environment 30 | have been altered with --user/--group/--chroot. 31 | Tested on Linux only. 32 | 33 | down-root -- Enable the running of down scripts with root privileges 34 | even if --user/--group/--chroot have been used 35 | to drop root privileges or change the execution 36 | environment. Not applicable on Windows. 37 | 38 | examples -- A simple example that demonstrates a portable 39 | plugin, i.e. one which can be built for *nix 40 | or Windows from the same source. 41 | 42 | Building Plugins 43 | ---------------- 44 | 45 | cd to the top-level directory of a plugin, and use the 46 | "make" command to build it. The examples plugin is 47 | built using a build script, not a makefile. 48 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/plugin/auth-pam/.svnignore: -------------------------------------------------------------------------------- 1 | *.so 2 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/plugin/auth-pam/Makefile: -------------------------------------------------------------------------------- 1 | # 2 | # Build the OpenVPN auth-pam plugin module. 3 | # 4 | 5 | # If PAM modules are not linked against libpam.so, set DLOPEN_PAM to 1. This 6 | # must be done on SUSE 9.1, at least. 7 | DLOPEN_PAM=0 8 | 9 | ifeq ($(DLOPEN_PAM),1) 10 | LIBPAM=-ldl 11 | else 12 | LIBPAM=-lpam 13 | endif 14 | 15 | # This directory is where we will look for openvpn-plugin.h 16 | INCLUDE=-I../.. 17 | 18 | CC_FLAGS=-O2 -Wall -DDLOPEN_PAM=$(DLOPEN_PAM) 19 | 20 | openvpn-auth-pam.so : auth-pam.o pamdl.o 21 | gcc ${CC_FLAGS} -fPIC -shared -Wl,-soname,openvpn-auth-pam.so -o openvpn-auth-pam.so auth-pam.o pamdl.o -lc $(LIBPAM) 22 | 23 | auth-pam.o : auth-pam.c pamdl.h 24 | gcc ${CC_FLAGS} -fPIC -c ${INCLUDE} auth-pam.c 25 | 26 | pamdl.o : pamdl.c pamdl.h 27 | gcc ${CC_FLAGS} -fPIC -c ${INCLUDE} pamdl.c 28 | 29 | clean : 30 | rm -f *.o *.so 31 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/plugin/auth-pam/pamdl.h: -------------------------------------------------------------------------------- 1 | #if DLOPEN_PAM 2 | #include 3 | 4 | /* Dynamically load and unload the PAM library */ 5 | int dlopen_pam (const char *so); 6 | void dlclose_pam (void); 7 | #endif 8 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/plugin/defer/README: -------------------------------------------------------------------------------- 1 | OpenVPN plugin examples. 2 | 3 | Examples provided: 4 | 5 | simple.c -- using the --auth-user-pass-verify callback, 6 | test deferred authentication. 7 | 8 | To build: 9 | 10 | ./build simple (Linux/BSD/etc.) 11 | ./winbuild simple (MinGW on Windows) 12 | 13 | To use in OpenVPN, add to config file: 14 | 15 | plugin simple.so (Linux/BSD/etc.) 16 | plugin simple.dll (MinGW on Windows) 17 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/plugin/defer/build: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # Build an OpenVPN plugin module on *nix. The argument should 5 | # be the base name of the C source file (without the .c). 6 | # 7 | 8 | # This directory is where we will look for openvpn-plugin.h 9 | INCLUDE="-I../.." 10 | 11 | CC_FLAGS="-O2 -Wall -g" 12 | 13 | gcc $CC_FLAGS -fPIC -c $INCLUDE $1.c && \ 14 | gcc $CC_FLAGS -fPIC -shared -Wl,-soname,$1.so -o $1.so $1.o -lc 15 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/plugin/defer/simple.def: -------------------------------------------------------------------------------- 1 | LIBRARY OpenVPN_PLUGIN_SAMPLE 2 | DESCRIPTION "Sample OpenVPN plug-in module." 3 | EXPORTS 4 | openvpn_plugin_open_v1 @1 5 | openvpn_plugin_func_v1 @2 6 | openvpn_plugin_close_v1 @3 7 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/plugin/defer/winbuild: -------------------------------------------------------------------------------- 1 | # 2 | # Build an OpenVPN plugin module on Windows/MinGW. 3 | # The argument should be the base name of the C source file 4 | # (without the .c). 5 | # 6 | 7 | # This directory is where we will look for openvpn-plugin.h 8 | INCLUDE="-I.." 9 | 10 | CC_FLAGS="-O2 -Wall" 11 | 12 | gcc -DBUILD_DLL $CC_FLAGS $INCLUDE -c $1.c 13 | gcc --disable-stdcall-fixup -mdll -DBUILD_DLL -o junk.tmp -Wl,--base-file,base.tmp $1.o 14 | rm junk.tmp 15 | dlltool --dllname $1.dll --base-file base.tmp --output-exp temp.exp --input-def $1.def 16 | rm base.tmp 17 | gcc --enable-stdcall-fixup -mdll -DBUILD_DLL -o $1.dll $1.o -Wl,temp.exp 18 | rm temp.exp 19 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/plugin/down-root/Makefile: -------------------------------------------------------------------------------- 1 | # 2 | # Build the OpenVPN down-root plugin module. 3 | # 4 | 5 | # This directory is where we will look for openvpn-plugin.h 6 | INCLUDE=-I../.. 7 | 8 | CC_FLAGS=-O2 -Wall 9 | 10 | down-root.so : down-root.o 11 | gcc ${CC_FLAGS} -fPIC -shared -Wl,-soname,openvpn-down-root.so -o openvpn-down-root.so down-root.o -lc 12 | 13 | down-root.o : down-root.c 14 | gcc ${CC_FLAGS} -fPIC -c ${INCLUDE} down-root.c 15 | 16 | clean : 17 | rm -f *.o *.so 18 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/plugin/down-root/README: -------------------------------------------------------------------------------- 1 | down-root -- an OpenVPN Plugin Module 2 | 3 | SYNOPSIS 4 | 5 | The down-root module allows an OpenVPN configuration to 6 | call a down script with root privileges, even when privileges 7 | have been dropped using --user/--group/--chroot. 8 | 9 | This module uses a split privilege execution model which will 10 | fork() before OpenVPN drops root privileges, at the point where 11 | the --up script is usually called. The module will then remain 12 | in a wait state until it receives a message from OpenVPN via 13 | pipe to execute the down script. Thus, the down script will be 14 | run in the same execution environment as the up script. 15 | 16 | BUILD 17 | 18 | Build this module with the "make" command. The plugin 19 | module will be named openvpn-down-root.so 20 | 21 | USAGE 22 | 23 | To use this module, add to your OpenVPN config file: 24 | 25 | plugin openvpn-down-root.so "command ..." 26 | 27 | CAVEATS 28 | 29 | This module will only work on *nix systems, not Windows. 30 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/plugin/examples/README: -------------------------------------------------------------------------------- 1 | OpenVPN plugin examples. 2 | 3 | Examples provided: 4 | 5 | simple.c -- using the --auth-user-pass-verify callback, verify 6 | that the username/password is "foo"/"bar". 7 | 8 | To build: 9 | 10 | ./build simple (Linux/BSD/etc.) 11 | ./winbuild simple (MinGW on Windows) 12 | 13 | To use in OpenVPN, add to config file: 14 | 15 | plugin simple.so (Linux/BSD/etc.) 16 | plugin simple.dll (MinGW on Windows) 17 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/plugin/examples/build: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | # Build an OpenVPN plugin module on *nix. The argument should 5 | # be the base name of the C source file (without the .c). 6 | # 7 | 8 | # This directory is where we will look for openvpn-plugin.h 9 | INCLUDE="-I../.." 10 | 11 | CC_FLAGS="-O2 -Wall -g" 12 | 13 | gcc $CC_FLAGS -fPIC -c $INCLUDE $1.c && \ 14 | gcc $CC_FLAGS -fPIC -shared -Wl,-soname,$1.so -o $1.so $1.o -lc 15 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/plugin/examples/simple.def: -------------------------------------------------------------------------------- 1 | LIBRARY OpenVPN_PLUGIN_SAMPLE 2 | DESCRIPTION "Sample OpenVPN plug-in module." 3 | EXPORTS 4 | openvpn_plugin_open_v1 @1 5 | openvpn_plugin_func_v1 @2 6 | openvpn_plugin_close_v1 @3 7 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/plugin/examples/winbuild: -------------------------------------------------------------------------------- 1 | # 2 | # Build an OpenVPN plugin module on Windows/MinGW. 3 | # The argument should be the base name of the C source file 4 | # (without the .c). 5 | # 6 | 7 | # This directory is where we will look for openvpn-plugin.h 8 | INCLUDE="-I.." 9 | 10 | CC_FLAGS="-O2 -Wall" 11 | 12 | gcc -DBUILD_DLL $CC_FLAGS $INCLUDE -c $1.c 13 | gcc --disable-stdcall-fixup -mdll -DBUILD_DLL -o junk.tmp -Wl,--base-file,base.tmp $1.o 14 | rm junk.tmp 15 | dlltool --dllname $1.dll --base-file base.tmp --output-exp temp.exp --input-def $1.def 16 | rm base.tmp 17 | gcc --enable-stdcall-fixup -mdll -DBUILD_DLL -o $1.dll $1.o -Wl,temp.exp 18 | rm temp.exp 19 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/ps.h: -------------------------------------------------------------------------------- 1 | /* 2 | * OpenVPN -- An application to securely tunnel IP networks 3 | * over a single TCP/UDP port, with support for SSL/TLS-based 4 | * session authentication and key exchange, 5 | * packet encryption, packet authentication, and 6 | * packet compression. 7 | * 8 | * Copyright (C) 2002-2009 OpenVPN Technologies, Inc. 9 | * 10 | * This program is free software; you can redistribute it and/or modify 11 | * it under the terms of the GNU General Public License version 2 12 | * as published by the Free Software Foundation. 13 | * 14 | * This program is distributed in the hope that it will be useful, 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | * GNU General Public License for more details. 18 | * 19 | * You should have received a copy of the GNU General Public License 20 | * along with this program (see the file COPYING included with this 21 | * distribution); if not, write to the Free Software Foundation, Inc., 22 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23 | */ 24 | 25 | #ifndef PS_H 26 | #define PS_H 27 | 28 | #if PORT_SHARE 29 | 30 | #include "basic.h" 31 | #include "buffer.h" 32 | #include "ssl.h" 33 | 34 | typedef void (*post_fork_cleanup_func_t)(void *arg); 35 | 36 | struct port_share { 37 | /* Foreground's socket to background process */ 38 | socket_descriptor_t foreground_fd; 39 | 40 | /* Process ID of background process */ 41 | pid_t background_pid; 42 | }; 43 | 44 | extern struct port_share *port_share; 45 | 46 | struct port_share *port_share_open (const char *host, 47 | const int port); 48 | 49 | void port_share_close (struct port_share *ps); 50 | void port_share_abort (struct port_share *ps); 51 | 52 | bool is_openvpn_protocol (const struct buffer *buf); 53 | 54 | void port_share_redirect (struct port_share *ps, const struct buffer *head, socket_descriptor_t sd); 55 | 56 | #endif 57 | #endif 58 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/pushlist.h: -------------------------------------------------------------------------------- 1 | /* 2 | * OpenVPN -- An application to securely tunnel IP networks 3 | * over a single TCP/UDP port, with support for SSL/TLS-based 4 | * session authentication and key exchange, 5 | * packet encryption, packet authentication, and 6 | * packet compression. 7 | * 8 | * Copyright (C) 2002-2009 OpenVPN Technologies, Inc. 9 | * 10 | * This program is free software; you can redistribute it and/or modify 11 | * it under the terms of the GNU General Public License version 2 12 | * as published by the Free Software Foundation. 13 | * 14 | * This program is distributed in the hope that it will be useful, 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | * GNU General Public License for more details. 18 | * 19 | * You should have received a copy of the GNU General Public License 20 | * along with this program (see the file COPYING included with this 21 | * distribution); if not, write to the Free Software Foundation, Inc., 22 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23 | */ 24 | 25 | #if !defined(PUSHLIST_H) && P2MP && P2MP_SERVER 26 | #define PUSHLIST_H 27 | 28 | /* parameters to be pushed to peer */ 29 | 30 | struct push_entry { 31 | struct push_entry *next; 32 | bool enable; 33 | const char *option; 34 | }; 35 | 36 | struct push_list { 37 | struct push_entry *head; 38 | struct push_entry *tail; 39 | }; 40 | 41 | 42 | #endif 43 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/sample-config-files/README: -------------------------------------------------------------------------------- 1 | Sample OpenVPN Configuration Files. 2 | 3 | These files are part of the OpenVPN HOWTO 4 | which is located at: 5 | 6 | http://openvpn.net/howto.html 7 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/sample-config-files/home.up: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | route add -net 10.0.0.0 netmask 255.255.255.0 gw $5 3 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/sample-config-files/loopback-client: -------------------------------------------------------------------------------- 1 | # Perform a TLS loopback test -- client side. 2 | # 3 | # This test performs a TLS negotiation once every 10 seconds, 4 | # and will terminate after 2 minutes. 5 | # 6 | # From the root directory of the OpenVPN distribution, 7 | # after openvpn has been built, run: 8 | # 9 | # ./openvpn --config sample-config-files/loopback-client (In one window) 10 | # ./openvpn --config sample-config-files/loopback-server (Simultaneously in another window) 11 | 12 | rport 16000 13 | lport 16001 14 | remote localhost 15 | local localhost 16 | dev null 17 | verb 3 18 | reneg-sec 10 19 | tls-client 20 | ca sample-keys/ca.crt 21 | key sample-keys/client.key 22 | cert sample-keys/client.crt 23 | cipher DES-EDE3-CBC 24 | ping 1 25 | inactive 120 10000000 26 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/sample-config-files/loopback-server: -------------------------------------------------------------------------------- 1 | # Perform a TLS loopback test -- server side. 2 | # 3 | # This test performs a TLS negotiation once every 10 seconds, 4 | # and will terminate after 2 minutes. 5 | # 6 | # From the root directory of the OpenVPN distribution, 7 | # after openvpn has been built, run: 8 | # 9 | # ./openvpn --config sample-config-files/loopback-client (In one window) 10 | # ./openvpn --config sample-config-files/loopback-server (Simultaneously in another window) 11 | 12 | rport 16001 13 | lport 16000 14 | remote localhost 15 | local localhost 16 | dev null 17 | verb 3 18 | reneg-sec 10 19 | tls-server 20 | dh sample-keys/dh1024.pem 21 | ca sample-keys/ca.crt 22 | key sample-keys/server.key 23 | cert sample-keys/server.crt 24 | cipher DES-EDE3-CBC 25 | ping 1 26 | inactive 120 10000000 27 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/sample-config-files/office.up: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | route add -net 10.0.1.0 netmask 255.255.255.0 gw $5 3 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/sample-config-files/openvpn-shutdown.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # stop all openvpn processes 4 | 5 | killall -TERM openvpn 6 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/sample-config-files/openvpn-startup.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # A sample OpenVPN startup script 4 | # for Linux. 5 | 6 | # openvpn config file directory 7 | dir=/etc/openvpn 8 | 9 | # load the firewall 10 | $dir/firewall.sh 11 | 12 | # load TUN/TAP kernel module 13 | modprobe tun 14 | 15 | # enable IP forwarding 16 | echo 1 > /proc/sys/net/ipv4/ip_forward 17 | 18 | # Invoke openvpn for each VPN tunnel 19 | # in daemon mode. Alternatively, 20 | # you could remove "--daemon" from 21 | # the command line and add "daemon" 22 | # to the config file. 23 | # 24 | # Each tunnel should run on a separate 25 | # UDP port. Use the "port" option 26 | # to control this. Like all of 27 | # OpenVPN's options, you can 28 | # specify "--port 8000" on the command 29 | # line or "port 8000" in the config 30 | # file. 31 | 32 | openvpn --cd $dir --daemon --config vpn1.conf 33 | openvpn --cd $dir --daemon --config vpn2.conf 34 | openvpn --cd $dir --daemon --config vpn2.conf 35 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/sample-config-files/static-home.conf: -------------------------------------------------------------------------------- 1 | # 2 | # Sample OpenVPN configuration file for 3 | # home using a pre-shared static key. 4 | # 5 | # '#' or ';' may be used to delimit comments. 6 | 7 | # Use a dynamic tun device. 8 | # For Linux 2.2 or non-Linux OSes, 9 | # you may want to use an explicit 10 | # unit number such as "tun1". 11 | # OpenVPN also supports virtual 12 | # ethernet "tap" devices. 13 | dev tun 14 | 15 | # Our OpenVPN peer is the office gateway. 16 | remote 1.2.3.4 17 | 18 | # 10.1.0.2 is our local VPN endpoint (home). 19 | # 10.1.0.1 is our remote VPN endpoint (office). 20 | ifconfig 10.1.0.2 10.1.0.1 21 | 22 | # Our up script will establish routes 23 | # once the VPN is alive. 24 | up ./home.up 25 | 26 | # Our pre-shared static key 27 | secret static.key 28 | 29 | # OpenVPN 2.0 uses UDP port 1194 by default 30 | # (official port assignment by iana.org 11/04). 31 | # OpenVPN 1.x uses UDP port 5000 by default. 32 | # Each OpenVPN tunnel must use 33 | # a different port number. 34 | # lport or rport can be used 35 | # to denote different ports 36 | # for local and remote. 37 | ; port 1194 38 | 39 | # Downgrade UID and GID to 40 | # "nobody" after initialization 41 | # for extra security. 42 | ; user nobody 43 | ; group nobody 44 | 45 | # If you built OpenVPN with 46 | # LZO compression, uncomment 47 | # out the following line. 48 | ; comp-lzo 49 | 50 | # Send a UDP ping to remote once 51 | # every 15 seconds to keep 52 | # stateful firewall connection 53 | # alive. Uncomment this 54 | # out if you are using a stateful 55 | # firewall. 56 | ; ping 15 57 | 58 | # Uncomment this section for a more reliable detection when a system 59 | # loses its connection. For example, dial-ups or laptops that 60 | # travel to other locations. 61 | ; ping 15 62 | ; ping-restart 45 63 | ; ping-timer-rem 64 | ; persist-tun 65 | ; persist-key 66 | 67 | # Verbosity level. 68 | # 0 -- quiet except for fatal errors. 69 | # 1 -- mostly quiet, but display non-fatal network errors. 70 | # 3 -- medium output, good for normal operation. 71 | # 9 -- verbose, good for troubleshooting 72 | verb 3 73 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/sample-config-files/static-office.conf: -------------------------------------------------------------------------------- 1 | # 2 | # Sample OpenVPN configuration file for 3 | # office using a pre-shared static key. 4 | # 5 | # '#' or ';' may be used to delimit comments. 6 | 7 | # Use a dynamic tun device. 8 | # For Linux 2.2 or non-Linux OSes, 9 | # you may want to use an explicit 10 | # unit number such as "tun1". 11 | # OpenVPN also supports virtual 12 | # ethernet "tap" devices. 13 | dev tun 14 | 15 | # 10.1.0.1 is our local VPN endpoint (office). 16 | # 10.1.0.2 is our remote VPN endpoint (home). 17 | ifconfig 10.1.0.1 10.1.0.2 18 | 19 | # Our up script will establish routes 20 | # once the VPN is alive. 21 | up ./office.up 22 | 23 | # Our pre-shared static key 24 | secret static.key 25 | 26 | # OpenVPN 2.0 uses UDP port 1194 by default 27 | # (official port assignment by iana.org 11/04). 28 | # OpenVPN 1.x uses UDP port 5000 by default. 29 | # Each OpenVPN tunnel must use 30 | # a different port number. 31 | # lport or rport can be used 32 | # to denote different ports 33 | # for local and remote. 34 | ; port 1194 35 | 36 | # Downgrade UID and GID to 37 | # "nobody" after initialization 38 | # for extra security. 39 | ; user nobody 40 | ; group nobody 41 | 42 | # If you built OpenVPN with 43 | # LZO compression, uncomment 44 | # out the following line. 45 | ; comp-lzo 46 | 47 | # Send a UDP ping to remote once 48 | # every 15 seconds to keep 49 | # stateful firewall connection 50 | # alive. Uncomment this 51 | # out if you are using a stateful 52 | # firewall. 53 | ; ping 15 54 | 55 | # Uncomment this section for a more reliable detection when a system 56 | # loses its connection. For example, dial-ups or laptops that 57 | # travel to other locations. 58 | ; ping 15 59 | ; ping-restart 45 60 | ; ping-timer-rem 61 | ; persist-tun 62 | ; persist-key 63 | 64 | # Verbosity level. 65 | # 0 -- quiet except for fatal errors. 66 | # 1 -- mostly quiet, but display non-fatal network errors. 67 | # 3 -- medium output, good for normal operation. 68 | # 9 -- verbose, good for troubleshooting 69 | verb 3 70 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/sample-config-files/xinetd-client-config: -------------------------------------------------------------------------------- 1 | # This OpenVPN config file 2 | # is the client side counterpart 3 | # of xinetd-server-config 4 | 5 | dev tun 6 | ifconfig 10.4.0.1 10.4.0.2 7 | remote my-server 8 | port 1194 9 | user nobody 10 | secret /root/openvpn/key 11 | inactive 600 12 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/sample-config-files/xinetd-server-config: -------------------------------------------------------------------------------- 1 | # An xinetd configuration file for OpenVPN. 2 | # 3 | # This file should be renamed to openvpn or something suitably 4 | # descriptive and copied to the /etc/xinetd.d directory. 5 | # xinetd can then be made aware of this file by restarting 6 | # it or sending it a SIGHUP signal. 7 | # 8 | # For each potential incoming client, create a separate version 9 | # of this configuration file on a unique port number. Also note 10 | # that the key file and ifconfig endpoints should be unique for 11 | # each client. This configuration assumes that the OpenVPN 12 | # executable and key live in /root/openvpn. Change this to fit 13 | # your environment. 14 | 15 | service openvpn_1 16 | { 17 | type = UNLISTED 18 | port = 1194 19 | socket_type = dgram 20 | protocol = udp 21 | wait = yes 22 | user = root 23 | server = /root/openvpn/openvpn 24 | server_args = --inetd --dev tun --ifconfig 10.4.0.2 10.4.0.1 --secret /root/openvpn/key --inactive 600 --user nobody 25 | } 26 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/sample-keys/README: -------------------------------------------------------------------------------- 1 | Sample RSA keys. 2 | 3 | See the examples section of the man page 4 | for usage examples. 5 | 6 | NOTE: THESE KEYS ARE FOR TESTING PURPOSES ONLY. 7 | DON'T USE THEM FOR ANY REAL WORK BECAUSE 8 | THEY ARE TOTALLY INSECURE! 9 | 10 | ca.{crt,key} -- sample CA key/cert 11 | client.{crt,key} -- sample client key/cert 12 | server.{crt,key} -- sample server key/cert (nsCertType=server) 13 | pass.{crt,key} -- sample client key/cert with password-encrypted key 14 | password = "password" 15 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/sample-keys/ca.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDBjCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQQFADBmMQswCQYDVQQGEwJLRzEL 3 | MAkGA1UECBMCTkExEDAOBgNVBAcTB0JJU0hLRUsxFTATBgNVBAoTDE9wZW5WUE4t 4 | VEVTVDEhMB8GCSqGSIb3DQEJARYSbWVAbXlob3N0Lm15ZG9tYWluMB4XDTA0MTEy 5 | NTE0NDA1NVoXDTE0MTEyMzE0NDA1NVowZjELMAkGA1UEBhMCS0cxCzAJBgNVBAgT 6 | Ak5BMRAwDgYDVQQHEwdCSVNIS0VLMRUwEwYDVQQKEwxPcGVuVlBOLVRFU1QxITAf 7 | BgkqhkiG9w0BCQEWEm1lQG15aG9zdC5teWRvbWFpbjCBnzANBgkqhkiG9w0BAQEF 8 | AAOBjQAwgYkCgYEAqPjWJnesPu6bR/iec4FMz3opVaPdBHxg+ORKNmrnVZPh0t8/ 9 | ZT34KXkYoI9B82scurp8UlZVXG8JdUsz+yai8ti9+g7vcuyKUtcCIjn0HLgmdPu5 10 | gFX25lB0pXw+XIU031dOfPvtROdG5YZN5yCErgCy7TE7zntLnkEDuRmyU6cCAwEA 11 | AaOBwzCBwDAdBgNVHQ4EFgQUiaZg47rqPq/8ZH9MvYzSSI3gzEYwgZAGA1UdIwSB 12 | iDCBhYAUiaZg47rqPq/8ZH9MvYzSSI3gzEahaqRoMGYxCzAJBgNVBAYTAktHMQsw 13 | CQYDVQQIEwJOQTEQMA4GA1UEBxMHQklTSEtFSzEVMBMGA1UEChMMT3BlblZQTi1U 14 | RVNUMSEwHwYJKoZIhvcNAQkBFhJtZUBteWhvc3QubXlkb21haW6CAQAwDAYDVR0T 15 | BAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBfJoiWYrYdjM0mKPEzUQk0nLYTovBP 16 | I0es/2rfGrin1zbcFY+4dhVBd1E/StebnG+CP8r7QeEIwu7x8gYDdOLLsZn+2vBL 17 | e4jNU1ClI6Q0L7jrzhhunQ5mAaZztVyYwFB15odYcdN2iO0tP7jtEsvrRqxICNy3 18 | 8itzViPTf5W4sA== 19 | -----END CERTIFICATE----- 20 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/sample-keys/ca.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIICXQIBAAKBgQCo+NYmd6w+7ptH+J5zgUzPeilVo90EfGD45Eo2audVk+HS3z9l 3 | PfgpeRigj0Hzaxy6unxSVlVcbwl1SzP7JqLy2L36Du9y7IpS1wIiOfQcuCZ0+7mA 4 | VfbmUHSlfD5chTTfV058++1E50blhk3nIISuALLtMTvOe0ueQQO5GbJTpwIDAQAB 5 | AoGAQuVREyWp4bhhbZr2UFBOco2ws6EOLWp4kdD/uI+WSoEjlHKiDJj+GJ1CrL5K 6 | o+4yD5MpCQf4/4FOQ0ukprfjJpDwDinTG6vzuWSLTHNiTgvksW3vy7IsNMJx97hT 7 | 4D2QOOl9HhA50Qqg70teMPYXOgLRMVsdCIV7p7zDNy4nM+ECQQDX8m5ZcQmPtUDA 8 | 38dPTfpL4U7kMB94FItJYH/Lk5kMW1/J33xymNhL+BHaG064ol9n2ubGW4XEO5t2 9 | qE1IOsVpAkEAyE/x/OBVSI1s75aYGlEwMd87p3qaDdtXT7WzujjRY7r8Y1ynkMU6 10 | GtMeneBX/lk4BY/6I+5bhAzce+hqhaXejwJBAL5Wg+c4GApf41xdogqHm7doNyYw 11 | OHyZ9w9NDDc+uGbI30xLPSCxEe0cEXgiG6foDpm2uzRZFTWaqHPU8pFYpAkCQGNX 12 | cpWM0/7VVK9Fqk1y8knpgfY/UWOJ4jU/0dCLGR0ywLSuYNPlXDmtdkOp3TnhGW14 13 | x/9F2NEWZ8pzq1B4wHUCQQC5ztD4m/rpiIpinoewUJODoeBJXYBKqx1+mdrALCq6 14 | ESvK1WRiusMaY3xmsdv4J2TB5iUPryELbn3jU12WGcQc 15 | -----END RSA PRIVATE KEY----- 16 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/sample-keys/client.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIICXAIBAAKBgQDSElzGTRM0rs/6q/7L3ozxS0qVKGCHgiy4weWOxl0RWGGkpfFC 3 | 14Z0bJ2cevA6XCnmUztebdjwRQYsI+4JvAKPDrjVMx/DShECSAvMS61udOCiU7HW 4 | zIm54m/bFbMZHlcEeUg62nYx/L/TNCHnMtieBk6+8+N5sFT90UIyqj56wQIDAQAB 5 | AoGBAK8RoIGekCfym99DYYfTg9A/t/tQeAnWYaDj7oSrKbqf1lgZ91OGPEZgkoVr 6 | KzLnxf9uU+bhUs8CJx+4HdO8/L9rAJA+oD9QNuMp0elN4AKuEGE1Eq3a0e3cmgPI 7 | +VIoXM6WVAGgK9I03Zu/UerYQ/DdXWGOIsKhFe8qyQoG9pKxAkEA9ld6O9MHQt3d 8 | JAjJkgCNn4psozxjrfLWy2huXd3H3CRqGMjLITDGzdkVSgXjHokBYroi0+TZTu4M 9 | ulJSJaWwBQJBANpO2DAexH2zRHw5Z6QyeEVxz7B3/FzU4GgJx9BH+FSBh+F0G5Ln 10 | ir5Vst8vZ/LGcgpYjHQLNAvZVgUjiQ4Y6I0CQGvwMJL+CHR4GmmroAblTyjU0n1D 11 | /Lk/anZ+L73Za7U+D28ErFzCrpmLwRRKOBYtGfpUbOZDpCQ9kj4hy/TLALECQCcL 12 | 9ysUNbzt9Y/qjJkX1d9F7gn4TBEmmkTBixW76bTjvjQbGlt6Qpyso2O8DPGlgPxM 13 | vkJ7RoHgC7y7kGYPGnkCQBVxSNGIjLx4NQBgN4HD0y4+fars1PTUGnckBcS4npb9 14 | onLNyerBlWdBwbARyBS7WPIbyyf5VCrn3yIqWxaARO0= 15 | -----END RSA PRIVATE KEY----- 16 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/sample-keys/dh1024.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN DH PARAMETERS----- 2 | MIGHAoGBAJ419DBEOgmQTzo5qXl5fQcN9TN455wkOL7052HzxxRVMyhYmwQcgJvh 3 | 1sa18fyfR9OiVEMYglOpkqVoGLN7qd5aQNNi5W7/C+VBdHTBJcGZJyyP5B3qcz32 4 | 9mLJKudlVudV0Qxk5qUJaPZ/xupz0NyoVpviuiBOI1gNi8ovSXWzAgEC 5 | -----END DH PARAMETERS----- 6 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/sample-keys/pass.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | Proc-Type: 4,ENCRYPTED 3 | DEK-Info: DES-EDE3-CBC,959F7365DBBFDB77 4 | 5 | nGm57l+rR/8dAZOHL/1x/6dt11zUca7rphjsgw6XRnSf3M/CWmHvHVjApWcNLEs5 6 | SWNMp1xfUogtGzsKoMBbnlZLDA7RVHUYD6dVMyCpc64UjzT08LmdZhtQYLAKmlUC 7 | PT1VXS4Ae+SrqCPUqJkw1xP3kr0F1EVCXNu0nhOBAuuTGOS7PPEyW2N+k4nRHtsR 8 | IaPp8GCuIeoR6CdymTFTq6d/GeCiEcyrUM4BNrG4GtRRrURxxOrzQFEOS5sjBPSg 9 | Km1lwa6zBQFRLg9dKjRBL4teKuPY5Z2Nmpcml/aN4CkdkVEso4lW6/UHLE/joOMQ 10 | 0MdpdYtu8wnt1WI/Z4immQfl3MF+QcPMkqXXzCEhGG/5SbAo89KC46UXvu1Z5OhS 11 | 8XFHhvYBivOYWgZ3XUQqyZ0ulF60mFX7aE1Ph/eEbhWBHmU39hGjxzop1UoPwqLx 12 | ahvtfvCkR3ZeqlWO9SHzCA3MlrKwQ1p1UL6nG6AJhNN9jSevH6by+8wr07NBZOqX 13 | fJx+J/8EdVsUCFG2UJxPwM83ZSwAsvKRqph6CuWEl9ndUb7rw6khmRIoY0Iz3LbU 14 | 1MlcDoJNcJas6lYDr1UeFSk86g0SiGCHXZIqsjyUgq6HIy4YrAYiQUthnlF8tp2Q 15 | nNQBPLo1GsHf0dC2MqKfDFASu7ST+Bl+yajHcIiUXvUJPxWbjkWYG9Q2p2ZBLzZD 16 | uqeRr66OKxTzUS4go/QbHDNsAulXl61gQIEOdZw5uy/Jl11kyAI6EQbzmehagKdH 17 | EshTgKp8ks62y0bBHgy3FMKyidJ5Hm58ZDhBxrwN0w+vhRoTGOepTA== 18 | -----END RSA PRIVATE KEY----- 19 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/sample-keys/pkcs12.p12: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/src/openvpn-2.1.1/sample-keys/pkcs12.p12 -------------------------------------------------------------------------------- /src/openvpn-2.1.1/sample-keys/server.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIICXgIBAAKBgQDLTqz5g1f2adIyKbS8reb3JiGJMzBDQKM12d4mAda08LwKGVWZ 3 | O/FMkWC2/XQ0jVrHYuzO8tYCzlcy9DWMcaBtZSrngK4pWc82c/h8SnOQ/DAo1UZ9 4 | NaROyZ+Qe+IJITbFqOyFgpoytJE7wdZPn9H4b2j0HdIGkTLMmkj9zZh/LwIDAQAB 5 | AoGBAKP1ljA/iY/zNY447kZ/5NWKzd7tBk4mcbl7M9no/7O6tZtbZRoIKoi6cYoC 6 | C1ZabUyBbkNTud5XdCFmq0zRUjOWvoFMZ9VZfd2kRPvl4TGczBtJAq65b+EYMGui 7 | q6T9p61xPdtzu0vM+Ecj127pAMk5XcJyxu8XQK7lZWmG5UoJAkEA8CxXNZN+A3qD 8 | bMBPI3VdwKCNSjNVEQEnygMbNgw7VLdxPpspzZziqJEGdzsM4dsnOBwKxIWFLN2h 9 | lbGBOquAswJBANi0atGWM8VUxDjvqqHCTS9RUXWgnvYhee4/xraJBQPBSivjC9P0 10 | vKT7PjBHU6djtKSLKGaHn1vHqmyY7PCMjZUCQQCNVSqExqSzG1dXmdt4PErNXi2G 11 | 6qo2dX2arTVIGu6XLdQgSWLSMm5XT/CEHWW5SyPLKwVTHFeATXQXCPvJML9tAkEA 12 | k0yXax0g1ZoXwufN4SQUmPw6Va03P/BjU/nP1ZVvbiz9gLVU/d7WN4J7tA9XomkY 13 | idv5OzAmtxkSE70jGSNAvQJAWhCf9+iHkzOHRyKKOYlh1DHUwDfSEp+hlZYg9H03 14 | P2sraQzUxgWDY/DIY63KvW78ny863baFz7onz21MYGgJXg== 15 | -----END RSA PRIVATE KEY----- 16 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/sample-scripts/bridge-start: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ################################# 4 | # Set up Ethernet bridge on Linux 5 | # Requires: bridge-utils 6 | ################################# 7 | 8 | # Define Bridge Interface 9 | br="br0" 10 | 11 | # Define list of TAP interfaces to be bridged, 12 | # for example tap="tap0 tap1 tap2". 13 | tap="tap0" 14 | 15 | # Define physical ethernet interface to be bridged 16 | # with TAP interface(s) above. 17 | eth="eth0" 18 | eth_ip="192.168.8.4" 19 | eth_netmask="255.255.255.0" 20 | eth_broadcast="192.168.8.255" 21 | 22 | for t in $tap; do 23 | openvpn --mktun --dev $t 24 | done 25 | 26 | brctl addbr $br 27 | brctl addif $br $eth 28 | 29 | for t in $tap; do 30 | brctl addif $br $t 31 | done 32 | 33 | for t in $tap; do 34 | ifconfig $t 0.0.0.0 promisc up 35 | done 36 | 37 | ifconfig $eth 0.0.0.0 promisc up 38 | 39 | ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast 40 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/sample-scripts/bridge-stop: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | #################################### 4 | # Tear Down Ethernet bridge on Linux 5 | #################################### 6 | 7 | # Define Bridge Interface 8 | br="br0" 9 | 10 | # Define list of TAP interfaces to be bridged together 11 | tap="tap0" 12 | 13 | ifconfig $br down 14 | brctl delbr $br 15 | 16 | for t in $tap; do 17 | openvpn --rmtun --dev $t 18 | done 19 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/sample-scripts/bs: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ################################# 4 | # Set up Ethernet bridge on Linux 5 | # Requires: bridge-utils 6 | ################################# 7 | 8 | # Define Bridge Interface 9 | br="br0" 10 | 11 | # Define list of TAP interfaces to be bridged, 12 | # for example tap="tap0 tap1 tap2". 13 | tap="tap7" 14 | 15 | # Define physical ethernet interface to be bridged 16 | # with TAP interface(s) above. 17 | eth="eth0" 18 | eth_ip="172.16.37.131" 19 | eth_netmask="255.255.255.0" 20 | eth_broadcast="172.16.37.255" 21 | 22 | for t in $tap; do 23 | openvpn --mktun --dev $t --lladdr fe:ff:ff:ff:01:02 24 | done 25 | 26 | brctl addbr $br 27 | brctl addif $br $eth 28 | 29 | for t in $tap; do 30 | brctl addif $br $t 31 | done 32 | 33 | for t in $tap; do 34 | ifconfig $t 0.0.0.0 promisc up 35 | done 36 | 37 | ifconfig $eth 0.0.0.0 promisc up 38 | 39 | ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast 40 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/sample-scripts/ucn.pl: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl -t 2 | 3 | # OpenVPN --auth-user-pass-verify script. 4 | # Only authenticate if username equals common_name. 5 | # In OpenVPN config file: 6 | # auth-user-pass-verify ./ucn.pl via-env 7 | 8 | $username = $ENV{'username'}; 9 | $common_name = $ENV{'common_name'}; 10 | 11 | exit !(length($username) > 0 && length($common_name) > 0 && $username eq $common_name); 12 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/sample-scripts/verify-cn: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | 3 | # verify-cn -- a sample OpenVPN tls-verify script 4 | # 5 | # Return 0 if cn matches the common name component of 6 | # X509_NAME_oneline, 1 otherwise. 7 | # 8 | # For example in OpenVPN, you could use the directive: 9 | # 10 | # tls-verify "./verify-cn Test-Client" 11 | # 12 | # This would cause the connection to be dropped unless 13 | # the client common name is "Test-Client" 14 | 15 | die "usage: verify-cn cn certificate_depth X509_NAME_oneline" if (@ARGV != 3); 16 | 17 | # Parse out arguments: 18 | # cn -- The common name which the client is required to have, 19 | # taken from the argument to the tls-verify directive 20 | # in the OpenVPN config file. 21 | # depth -- The current certificate chain depth. In a typical 22 | # bi-level chain, the root certificate will be at level 23 | # 1 and the client certificate will be at level 0. 24 | # This script will be called separately for each level. 25 | # x509 -- the X509 subject string as extracted by OpenVPN from 26 | # the client's provided certificate. 27 | ($cn, $depth, $x509) = @ARGV; 28 | 29 | if ($depth == 0) { 30 | # If depth is zero, we know that this is the final 31 | # certificate in the chain (i.e. the client certificate), 32 | # and the one we are interested in examining. 33 | # If so, parse out the common name substring in 34 | # the X509 subject string. 35 | 36 | if ($x509 =~ /\/CN=([^\/]+)/) { 37 | # Accept the connection if the X509 common name 38 | # string matches the passed cn argument. 39 | if ($cn eq $1) { 40 | exit 0; 41 | } 42 | } 43 | 44 | # Authentication failed -- Either we could not parse 45 | # the X509 subject string, or the common name in the 46 | # subject string didn't match the passed cn argument. 47 | exit 1; 48 | } 49 | 50 | # If depth is nonzero, tell OpenVPN to continue processing 51 | # the certificate chain. 52 | exit 0; 53 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/service-win32/Makefile.am: -------------------------------------------------------------------------------- 1 | # 2 | # OpenVPN -- An application to securely tunnel IP networks 3 | # over a single UDP port, with support for SSL/TLS-based 4 | # session authentication and key exchange, 5 | # packet encryption, packet authentication, and 6 | # packet compression. 7 | # 8 | # Copyright (C) 2002-2009 OpenVPN Technologies, Inc. 9 | # 10 | # This program is free software; you can redistribute it and/or modify 11 | # it under the terms of the GNU General Public License version 2 12 | # as published by the Free Software Foundation. 13 | # 14 | # This program is distributed in the hope that it will be useful, 15 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | # GNU General Public License for more details. 18 | # 19 | # You should have received a copy of the GNU General Public License 20 | # along with this program (see the file COPYING included with this 21 | # distribution); if not, write to the Free Software Foundation, Inc., 22 | # 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23 | # 24 | 25 | MAINTAINERCLEANFILES = $(srcdir)/Makefile.in 26 | 27 | if WIN32 28 | 29 | sbin_PROGRAMS = openvpnserv 30 | 31 | openvpnserv_SOURCES = \ 32 | openvpnserv.c \ 33 | service.h service.c 34 | 35 | else 36 | 37 | dist_noinst_DATA = \ 38 | openvpnserv.c \ 39 | service.h service.c 40 | 41 | endif 42 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/session_id.c: -------------------------------------------------------------------------------- 1 | /* 2 | * OpenVPN -- An application to securely tunnel IP networks 3 | * over a single UDP port, with support for SSL/TLS-based 4 | * session authentication and key exchange, 5 | * packet encryption, packet authentication, and 6 | * packet compression. 7 | * 8 | * Copyright (C) 2002-2009 OpenVPN Technologies, Inc. 9 | * 10 | * This program is free software; you can redistribute it and/or modify 11 | * it under the terms of the GNU General Public License version 2 12 | * as published by the Free Software Foundation. 13 | * 14 | * This program is distributed in the hope that it will be useful, 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | * GNU General Public License for more details. 18 | * 19 | * You should have received a copy of the GNU General Public License 20 | * along with this program (see the file COPYING included with this 21 | * distribution); if not, write to the Free Software Foundation, Inc., 22 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23 | */ 24 | 25 | /* 26 | * Each session is identified by a random 8-byte session identifier. 27 | * 28 | * For efficiency, the session id is only transmitted over the control 29 | * channel (which only sees traffic occasionally when keys are being 30 | * negotiated). The data channel sees a smaller version of the session-id -- 31 | * it is called the key_id and is currently 2 bits long. 32 | */ 33 | 34 | #include "syshead.h" 35 | 36 | #if defined(USE_CRYPTO) && defined(USE_SSL) 37 | 38 | #include "error.h" 39 | #include "common.h" 40 | #include "crypto.h" 41 | #include "session_id.h" 42 | 43 | #include "memdbg.h" 44 | 45 | const struct session_id x_session_id_zero; 46 | 47 | void 48 | session_id_random (struct session_id *sid) 49 | { 50 | prng_bytes (sid->id, SID_SIZE); 51 | } 52 | 53 | const char * 54 | session_id_print (const struct session_id *sid, struct gc_arena *gc) 55 | { 56 | return format_hex (sid->id, SID_SIZE, 0, gc); 57 | } 58 | 59 | #else 60 | static void dummy(void) {} 61 | #endif /* USE_CRYPTO && USE_SSL*/ 62 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/t_cltsrv-down.sh: -------------------------------------------------------------------------------- 1 | #! /bin/sh 2 | echo "${role}:${signal}" >&3 3 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/t_lpback.sh: -------------------------------------------------------------------------------- 1 | #! /bin/sh 2 | # 3 | # t_lpback.sh - script to test OpenVPN's crypto loopback 4 | # Copyright (C) 2005 Matthias Andree 5 | # 6 | # This program is free software; you can redistribute it and/or 7 | # modify it under the terms of the GNU General Public License 8 | # as published by the Free Software Foundation; either version 2 9 | # of the License, or (at your option) any later version. 10 | # 11 | # This program is distributed in the hope that it will be useful, 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | # GNU General Public License for more details. 15 | # 16 | # You should have received a copy of the GNU General Public License 17 | # along with this program; if not, write to the Free Software 18 | # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 19 | # 02110-1301, USA. 20 | 21 | set -e 22 | trap "rm -f key.$$ log.$$ ; trap 0 ; exit 77" 1 2 15 23 | trap "rm -f key.$$ log.$$ ; exit 1" 0 3 24 | ./openvpn --genkey --secret key.$$ 25 | set +e 26 | ( ./openvpn --test-crypto --secret key.$$ ) >log.$$ 2>&1 27 | e=$? 28 | if [ $e != 0 ] ; then cat log.$$ ; fi 29 | rm key.$$ log.$$ 30 | trap 0 31 | exit $e 32 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/tap-win32/MAKEFILE: -------------------------------------------------------------------------------- 1 | # 2 | # DO NOT EDIT THIS FILE!!! Edit .\sources. if you want to add a new source 3 | # file to this component. This file merely indirects to the real make file 4 | # that is shared by all the components of NT OS/2 5 | # 6 | !INCLUDE $(NTMAKEENV)\makefile.def 7 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/tap-win32/endian.h: -------------------------------------------------------------------------------- 1 | /* 2 | * TAP-Win32/TAP-Win64 -- A kernel driver to provide virtual tap 3 | * device functionality on Windows. 4 | * 5 | * This code was inspired by the CIPE-Win32 driver by Damion K. Wilson. 6 | * 7 | * This source code is Copyright (C) 2002-2009 OpenVPN Technologies, Inc., 8 | * and is released under the GPL version 2 (see below). 9 | * 10 | * This program is free software; you can redistribute it and/or modify 11 | * it under the terms of the GNU General Public License version 2 12 | * as published by the Free Software Foundation. 13 | * 14 | * This program is distributed in the hope that it will be useful, 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | * GNU General Public License for more details. 18 | * 19 | * You should have received a copy of the GNU General Public License 20 | * along with this program (see the file COPYING included with this 21 | * distribution); if not, write to the Free Software Foundation, Inc., 22 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23 | */ 24 | 25 | #ifdef TAP_LITTLE_ENDIAN 26 | #define ntohs(x) RtlUshortByteSwap(x) 27 | #define htons(x) RtlUshortByteSwap(x) 28 | #define ntohl(x) RtlUlongByteSwap(x) 29 | #define htonl(x) RtlUlongByteSwap(x) 30 | #else 31 | #define ntohs(x) ((USHORT)(x)) 32 | #define htons(x) ((USHORT)(x)) 33 | #define ntohl(x) ((ULONG)(x)) 34 | #define htonl(x) ((ULONG)(x)) 35 | #endif 36 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/tap-win32/filt.py: -------------------------------------------------------------------------------- 1 | import sys 2 | import re 3 | 4 | start_re = "(^.*released under the GPL version 2 \(see below\)).*however due" 5 | skip = 0 6 | while True: 7 | line = sys.stdin.readline() 8 | if not line: 9 | break 10 | m = re.match (start_re, line) 11 | if m: 12 | g = m.groups() 13 | print g[0] + '.' 14 | skip = 5 15 | if skip > 0: 16 | skip -= 1 17 | else: 18 | print line, 19 | 20 | sys.exit(0) 21 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/tap-win32/macinfo.h: -------------------------------------------------------------------------------- 1 | /* 2 | * TAP-Win32/TAP-Win64 -- A kernel driver to provide virtual tap 3 | * device functionality on Windows. 4 | * 5 | * This code was inspired by the CIPE-Win32 driver by Damion K. Wilson. 6 | * 7 | * This source code is Copyright (C) 2002-2009 OpenVPN Technologies, Inc., 8 | * and is released under the GPL version 2 (see below). 9 | * 10 | * This program is free software; you can redistribute it and/or modify 11 | * it under the terms of the GNU General Public License version 2 12 | * as published by the Free Software Foundation. 13 | * 14 | * This program is distributed in the hope that it will be useful, 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | * GNU General Public License for more details. 18 | * 19 | * You should have received a copy of the GNU General Public License 20 | * along with this program (see the file COPYING included with this 21 | * distribution); if not, write to the Free Software Foundation, Inc., 22 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23 | */ 24 | 25 | #ifndef MacInfoDefined 26 | #define MacInfoDefined 27 | 28 | //=================================================================================== 29 | // Macros 30 | //=================================================================================== 31 | #define IsMacDelimiter(a) (a == ':' || a == '-' || a == '.') 32 | #define IsHexDigit(c) ((c >= '0' && c <= '9') || (c >= 'A' && c <= 'F') || (c >= 'a' && c <= 'f')) 33 | 34 | #define COPY_MAC(dest, src) NdisMoveMemory ((dest), (src), sizeof (MACADDR)) 35 | #define CLEAR_MAC(dest) NdisZeroMemory ((dest), sizeof (MACADDR)) 36 | #define MAC_EQUAL(a,b) (memcmp ((a), (b), sizeof (MACADDR)) == 0) 37 | 38 | #endif 39 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/tap-win32/resource.rc: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | 4 | /* get VERSION */ 5 | #include "../config-win32.h" 6 | #include "common.h" 7 | 8 | /* VER_FILETYPE, VER_FILESUBTYPE, VER_FILEDESCRIPTION_STR 9 | * and VER_INTERNALNAME_STR must be defined before including COMMON.VER 10 | * The strings don't need a '\0', since common.ver has them. 11 | */ 12 | 13 | #define VER_FILETYPE VFT_DRV 14 | /* possible values: VFT_UNKNOWN 15 | VFT_APP 16 | VFT_DLL 17 | VFT_DRV 18 | VFT_FONT 19 | VFT_VXD 20 | VFT_STATIC_LIB 21 | */ 22 | #define VER_FILESUBTYPE VFT2_DRV_NETWORK 23 | /* possible values VFT2_UNKNOWN 24 | VFT2_DRV_PRINTER 25 | VFT2_DRV_KEYBOARD 26 | VFT2_DRV_LANGUAGE 27 | VFT2_DRV_DISPLAY 28 | VFT2_DRV_MOUSE 29 | VFT2_DRV_NETWORK 30 | VFT2_DRV_SYSTEM 31 | VFT2_DRV_INSTALLABLE 32 | VFT2_DRV_SOUND 33 | VFT2_DRV_COMM 34 | */ 35 | 36 | #define VER_COMPANYNAME_STR "The OpenVPN Project" 37 | #define VER_FILEDESCRIPTION_STR "TAP-Win32 Virtual Network Driver" 38 | #define VER_ORIGINALFILENAME_STR TAP_COMPONENT_ID ".sys" 39 | #define VER_LEGALCOPYRIGHT_YEARS "2003-2009" 40 | #define VER_LEGALCOPYRIGHT_STR "OpenVPN Technologies, Inc." 41 | 42 | 43 | #define VER_PRODUCTNAME_STR VER_FILEDESCRIPTION_STR 44 | #define VER_PRODUCTVERSION TAP_DRIVER_MAJOR_VERSION,00,00,TAP_DRIVER_MINOR_VERSION 45 | 46 | #define XSTR(s) STR(s) 47 | #define STR(s) #s 48 | 49 | #define VSTRING VERSION " " XSTR(TAP_DRIVER_MAJOR_VERSION) "/" XSTR(TAP_DRIVER_MINOR_VERSION) 50 | 51 | #ifdef DBG 52 | #define VER_PRODUCTVERSION_STR VSTRING " (DEBUG)" 53 | #else 54 | #define VER_PRODUCTVERSION_STR VSTRING 55 | #endif 56 | 57 | #define VER_INTERNALNAME_STR VER_ORIGINALFILENAME_STR 58 | 59 | #include "common.ver" 60 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/tap-win32/tmp/endian.h: -------------------------------------------------------------------------------- 1 | /* 2 | * TAP-Win32/TAP-Win64 -- A kernel driver to provide virtual tap 3 | * device functionality on Windows. 4 | * 5 | * This code was inspired by the CIPE-Win32 driver by Damion K. Wilson. 6 | * 7 | * This source code is Copyright (C) 2002-2009 OpenVPN Technologies, Inc., 8 | * and is released under the GPL version 2 (see below), however due 9 | * to the extra costs of supporting Windows Vista, OpenVPN Solutions 10 | * LLC reserves the right to change the terms of the TAP-Win32/TAP-Win64 11 | * license for versions 9.1 and higher prior to the official release of 12 | * OpenVPN 2.1. 13 | * 14 | * This program is free software; you can redistribute it and/or modify 15 | * it under the terms of the GNU General Public License version 2 16 | * as published by the Free Software Foundation. 17 | * 18 | * This program is distributed in the hope that it will be useful, 19 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 20 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 21 | * GNU General Public License for more details. 22 | * 23 | * You should have received a copy of the GNU General Public License 24 | * along with this program (see the file COPYING included with this 25 | * distribution); if not, write to the Free Software Foundation, Inc., 26 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 27 | */ 28 | 29 | #ifdef TAP_LITTLE_ENDIAN 30 | #define ntohs(x) RtlUshortByteSwap(x) 31 | #define htons(x) RtlUshortByteSwap(x) 32 | #define ntohl(x) RtlUlongByteSwap(x) 33 | #define htonl(x) RtlUlongByteSwap(x) 34 | #else 35 | #define ntohs(x) ((USHORT)(x)) 36 | #define htons(x) ((USHORT)(x)) 37 | #define ntohl(x) ((ULONG)(x)) 38 | #define htonl(x) ((ULONG)(x)) 39 | #endif 40 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/tap-win32/tmp/macinfo.h: -------------------------------------------------------------------------------- 1 | /* 2 | * TAP-Win32/TAP-Win64 -- A kernel driver to provide virtual tap 3 | * device functionality on Windows. 4 | * 5 | * This code was inspired by the CIPE-Win32 driver by Damion K. Wilson. 6 | * 7 | * This source code is Copyright (C) 2002-2009 OpenVPN Technologies, Inc., 8 | * and is released under the GPL version 2 (see below), however due 9 | * to the extra costs of supporting Windows Vista, OpenVPN Solutions 10 | * LLC reserves the right to change the terms of the TAP-Win32/TAP-Win64 11 | * license for versions 9.1 and higher prior to the official release of 12 | * OpenVPN 2.1. 13 | * 14 | * This program is free software; you can redistribute it and/or modify 15 | * it under the terms of the GNU General Public License version 2 16 | * as published by the Free Software Foundation. 17 | * 18 | * This program is distributed in the hope that it will be useful, 19 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 20 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 21 | * GNU General Public License for more details. 22 | * 23 | * You should have received a copy of the GNU General Public License 24 | * along with this program (see the file COPYING included with this 25 | * distribution); if not, write to the Free Software Foundation, Inc., 26 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 27 | */ 28 | 29 | #ifndef MacInfoDefined 30 | #define MacInfoDefined 31 | 32 | //=================================================================================== 33 | // Macros 34 | //=================================================================================== 35 | #define IsMacDelimiter(a) (a == ':' || a == '-' || a == '.') 36 | #define IsHexDigit(c) ((c >= '0' && c <= '9') || (c >= 'A' && c <= 'F') || (c >= 'a' && c <= 'f')) 37 | 38 | #define COPY_MAC(dest, src) NdisMoveMemory ((dest), (src), sizeof (MACADDR)) 39 | #define CLEAR_MAC(dest) NdisZeroMemory ((dest), sizeof (MACADDR)) 40 | #define MAC_EQUAL(a,b) (memcmp ((a), (b), sizeof (MACADDR)) == 0) 41 | 42 | #endif 43 | -------------------------------------------------------------------------------- /src/openvpn-2.1.1/version.m4: -------------------------------------------------------------------------------- 1 | dnl define the OpenVPN version 2 | define(PRODUCT_VERSION,[2.1.1]) 3 | dnl define the TAP version 4 | define(PRODUCT_TAP_ID,[tap0901]) 5 | define(PRODUCT_TAP_WIN32_MIN_MAJOR,[9]) 6 | define(PRODUCT_TAP_WIN32_MIN_MINOR,[1]) 7 | -------------------------------------------------------------------------------- /src/pppd-sql-0.8.0/AUTHORS: -------------------------------------------------------------------------------- 1 | Project Initiator & Lead Programmer: 2 | 3 | * Maik Broemme 4 | -------------------------------------------------------------------------------- /src/pppd-sql-0.8.0/FAQ: -------------------------------------------------------------------------------- 1 | FAQ - Frequently Asked Questions 2 | ================================ 3 | 4 | Q: What is 'pppd-sql'? 5 | A: 'pppd-sql' is a plugin for the Point-to-Point server (pppd) 6 | which adds PAP and CHAP authentication via a MySQL or PostgreSQL 7 | database. 8 | 9 | Q: What is needed? 10 | A: You need a running PPP Server >= 2.4.4 which allows runtime load 11 | of plugins. Almost every latest distribution comes with a PPP 12 | Server which provide this functionality. 13 | 14 | Q: Why did you start this project? 15 | A: I was seeking a solution for doing MS-PPTP authentication with 16 | MySQL for my employer the PlusServer AG. 17 | 18 | Q: Why did not extend old 'pppd-mysql' itself? 19 | A: Simple answer: It is a very small project and almost every piece 20 | of code was rewrittten, so it doesn't make sense. But of course 21 | it was a great application to learn. 22 | 23 | Q: Is it working with MS-CHAPv1 and MS-CHAPv2? 24 | A: Yes it is, this was the main reason for creating this plugin. 25 | 26 | Q: Can PAP passwords stored in database using an 'one-way' hash? 27 | A: Yes they can, because with PAP the passwords are transferred in 28 | plaintext, so the plugin can create a hash from it and compare it 29 | with the hash stored in database. 30 | 31 | Q: Can CHAP, MS-CHAPv1 and MS-CHAPv2 passwords stored in database 32 | using an 'one-way' hash? 33 | A: No they can't, please take a look into 'README.encryption' for an 34 | explanation. 35 | 36 | Q: Why should I use the symmetric encryption for CHAP, MS-CHAPv1 or 37 | MS-CHAPv2 and a 'one-way' hash for PAP? 38 | A: Even to secure the storage place of your passwords, please take a 39 | look into 'README.encryption' too. 40 | 41 | Q: Why did you remove the failover functionality? 42 | A: To implement the concurrent connection handler with multiple 43 | tunnel servers, I need to store the login status inside the 44 | database. If you use multiple database servers, the write access 45 | may result in asynchronous data. 46 | 47 | Q: I have a cool idea for 'pppd-sql' but don't know C. 48 | A: No problem, i started this utility to enhance the PPP Server 49 | with some cool features. So look at the authors file and send me 50 | an email. 51 | -------------------------------------------------------------------------------- /src/pppd-sql-0.8.0/Makefile.am: -------------------------------------------------------------------------------- 1 | # minimum required automake 1.6 2 | AUTOMAKE_OPTIONS = 1.6 3 | 4 | # any directories which should be built and installed. 5 | SUBDIRS = doc src 6 | 7 | # the directories which are part of the distribution. 8 | DIST_SUBDIRS = $(SUBDIRS) 9 | 10 | # extra stuff. 11 | EXTRA_DIST = \ 12 | AUTHORS \ 13 | COPYING \ 14 | FAQ \ 15 | INSTALL \ 16 | NEWS \ 17 | README \ 18 | THANKS \ 19 | TODO 20 | -------------------------------------------------------------------------------- /src/pppd-sql-0.8.0/README: -------------------------------------------------------------------------------- 1 | Introduction 2 | ============ 3 | 4 | 'pppd-sql' is a plugin for the Point-to-Point server (pppd) on Linux 5 | and Solaris which adds an authentication backend using a MySQL or 6 | PostgreSQL database for Challenge Handshake Authentication Protocol 7 | (CHAP) and Password Authentication Protocol (PAP). It supports 8 | MS-CHAPv1 and MS-CHAPv2 too. The IPCP negotiation after authentication 9 | handshake is also supported. 10 | 11 | 'pppd-sql' supports a flexible configuration scheme, has concurrent 12 | connection handling for one single user across multiple tunnel servers 13 | and comes with easy and handy documentation. 14 | 15 | 'pppd-sql' is based on some parts of 'pppd-mysql' which is a good tool 16 | to see how pppd can work with mysql, but lacks flexible configuration 17 | functionality. 18 | 19 | Why another "new" sql plugin for pppd? 20 | ====================================== 21 | 22 | Well the 'pppd-mysql' plugin looks unmaintained now since three years 23 | (last release is from september 2005) and for my employer the 24 | PlusServer AG, I was seeking for a common way to integrate poptop 25 | with ppp and MySQL. Also there was no PostgreSQL plugin available 26 | until 'pppd-sql' and I want to change this. 27 | 28 | Why another "way" of adding sql support for pppd? 29 | ================================================= 30 | 31 | There exist at least two other ways doing this: First using freeradius 32 | with radiusclient-ng via pppd-radius plugin and second NTLM with Samba 33 | via pppd-winbind plugin. Both solutions creates to much overhead for me, 34 | single points of failures and are heavy to debug. 35 | 36 | Manual 37 | ====== 38 | 39 | It is a good idea to read the `FAQ' file. 40 | 41 | Reporting Bugs 42 | ============== 43 | 44 | Bug reports for 'pppd-sql' can be send to me directly. 45 | 46 | * Maik Broemme 47 | 48 | Enjoy! 49 | 50 | Maik Broemme 51 | http://www.babelize.org/ 52 | -------------------------------------------------------------------------------- /src/pppd-sql-0.8.0/README.scripts: -------------------------------------------------------------------------------- 1 | Introduction 2 | ============ 3 | 4 | The first support for any kind of importable SQL-Dumps was introduced 5 | in version 0.5.0 of 'pppd-sql' to simplify the installation process. 6 | 7 | Which empty SQL-Dumps are currently included? 8 | ============================================= 9 | 10 | The list below includes a list of included empty SQL-Dumps and an 11 | example how to import them. All dumps are using UTF-8 as charset 12 | encoding. 13 | 14 | * MySQL 15 | - File = ppp-login-mysql.sql 16 | - Command = mysql -u root -p < ppp-login-mysql.sql 17 | 18 | * PostgreSQL 19 | - File = ppp-login-postgresql.sql 20 | - Command = psql -U root -d postgres -f ppp-login-postgresql.sql 21 | 22 | The result will be a database with the name 'ppp' and one table 'login'. 23 | 24 | * login 25 | - id 26 | contains auto increment value. 27 | - username 28 | contains the username of the tunnel client. 29 | - password 30 | contains the password of the tunnel client. 31 | - status 32 | contains the login status of the client. 33 | - clientip 34 | contains the client ip address for the connection. 35 | - serverip 36 | contains the server ip address for the connection. 37 | 38 | Which permissions are required for the SQL User? 39 | ================================================ 40 | 41 | The list below includes a bunch of commands which should be executed at 42 | the SQL-Server to give the user the required privileges. 43 | 44 | * MySQL 45 | - GRANT SELECT, UPDATE ON 46 | ppp.login TO ''@'' IDENTIFIED BY '' 47 | 48 | * PostgreSQL 49 | - CREATE USER '' WITH PASSWORD '' 50 | - GRANT SELECT, UPDATE ON login TO '' 51 | -------------------------------------------------------------------------------- /src/pppd-sql-0.8.0/THANKS: -------------------------------------------------------------------------------- 1 | 'pppd-sql' was originaly created by Maik Broemme 2 | and i want to thank some people which helped by supplying knowledge, code 3 | or something else. 4 | 5 | * Romy Trompke 6 | - my lovely girlfriend for her patience 7 | 8 | * David Ananian-Cooper 9 | - pppd-mysql creator 10 | -------------------------------------------------------------------------------- /src/pppd-sql-0.8.0/TODO: -------------------------------------------------------------------------------- 1 | Features and functionality which should be added in the future. 2 | 3 | * Well no real feature but needs to be done. Testing, testing and 4 | more testing. Maybe there exist unknown bugs. :) 5 | 6 | * Add support for other database backends. (Firebird/InterBase, 7 | Ingres and SQLite) 8 | 9 | Look at the AUTHORS file if you want help me with 'pppd-sql', or 10 | if you have other interesting features which should be added. 11 | -------------------------------------------------------------------------------- /src/pppd-sql-0.8.0/autogen.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | echo "Generating build information using aclocal, autoheader, automake and autoconf" 3 | echo "This may take a while ..." 4 | 5 | # touch the timestamps on all the files since cvs or svn messes them up. 6 | directory=`dirname $0` 7 | touch $directory/configure.ac 8 | 9 | # regenerate configuration files. 10 | libtoolize --copy 11 | aclocal 12 | autoheader 13 | automake --foreign --add-missing --copy 14 | autoconf 15 | 16 | # configure created and ready. 17 | echo "Now you are ready to run ./configure" 18 | -------------------------------------------------------------------------------- /src/pppd-sql-0.8.0/config.h.in: -------------------------------------------------------------------------------- 1 | /* config.h.in. Generated from configure.ac by autoheader. */ 2 | 3 | /* Define to 1 if you have the header file. */ 4 | #undef HAVE_DLFCN_H 5 | 6 | /* Define to 1 if you have the header file. */ 7 | #undef HAVE_INTTYPES_H 8 | 9 | /* Define to 1 if you have the `crypto' library (-lcrypto). */ 10 | #undef HAVE_LIBCRYPTO 11 | 12 | /* Define to 1 if you have the header file. */ 13 | #undef HAVE_MEMORY_H 14 | 15 | /* Define to 1 if you have the header file. */ 16 | #undef HAVE_STDINT_H 17 | 18 | /* Define to 1 if you have the header file. */ 19 | #undef HAVE_STDLIB_H 20 | 21 | /* Define to 1 if you have the header file. */ 22 | #undef HAVE_STRINGS_H 23 | 24 | /* Define to 1 if you have the header file. */ 25 | #undef HAVE_STRING_H 26 | 27 | /* Define to 1 if you have the header file. */ 28 | #undef HAVE_SYS_STAT_H 29 | 30 | /* Define to 1 if you have the header file. */ 31 | #undef HAVE_SYS_TYPES_H 32 | 33 | /* Define to 1 if you have the header file. */ 34 | #undef HAVE_UNISTD_H 35 | 36 | /* Name of package */ 37 | #undef PACKAGE 38 | 39 | /* Define to the address where bug reports for this package should be sent. */ 40 | #undef PACKAGE_BUGREPORT 41 | 42 | /* Define to the full name of this package. */ 43 | #undef PACKAGE_NAME 44 | 45 | /* Define to the full name and version of this package. */ 46 | #undef PACKAGE_STRING 47 | 48 | /* Define to the one symbol short name of this package. */ 49 | #undef PACKAGE_TARNAME 50 | 51 | /* Define to the version of this package. */ 52 | #undef PACKAGE_VERSION 53 | 54 | /* Plugin name as Prefix. */ 55 | #undef PLUGIN_NAME_MYSQL 56 | 57 | /* Plugin name as Prefix. */ 58 | #undef PLUGIN_NAME_PGSQL 59 | 60 | /* Plugin version for MySQL. */ 61 | #undef PLUGIN_VERSION_MYSQL 62 | 63 | /* Plugin version for PostgreSQL. */ 64 | #undef PLUGIN_VERSION_PGSQL 65 | 66 | /* Define to 1 if you have the ANSI C header files. */ 67 | #undef STDC_HEADERS 68 | 69 | /* Version number of package */ 70 | #undef VERSION 71 | -------------------------------------------------------------------------------- /src/pppd-sql-0.8.0/doc/Makefile.am: -------------------------------------------------------------------------------- 1 | # minimum required automake 1.6 2 | AUTOMAKE_OPTIONS = 1.6 3 | 4 | # architecture-independent manpages 5 | man_MANS = 6 | if HAVE_MYSQL 7 | man_MANS += pppd-mysql.8 8 | endif 9 | if HAVE_PGSQL 10 | man_MANS += pppd-pgsql.8 11 | endif 12 | -------------------------------------------------------------------------------- /src/pppd-sql-0.8.0/scripts/ppp-login-mysql.sql: -------------------------------------------------------------------------------- 1 | -- MySQL dump 10.11 2 | -- 3 | -- Host: localhost Database: ppp 4 | -- ------------------------------------------------------ 5 | -- Server version 5.0.45 6 | 7 | /*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */; 8 | /*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */; 9 | /*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */; 10 | /*!40101 SET NAMES utf8 */; 11 | /*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */; 12 | /*!40103 SET TIME_ZONE='+00:00' */; 13 | /*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */; 14 | /*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */; 15 | /*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */; 16 | /*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */; 17 | 18 | -- 19 | -- Current Database: `ppp` 20 | -- 21 | 22 | CREATE DATABASE /*!32312 IF NOT EXISTS*/ `ppp` /*!40100 DEFAULT CHARACTER SET utf8 */; 23 | 24 | USE `ppp`; 25 | 26 | -- 27 | -- Table structure for table `login` 28 | -- 29 | 30 | DROP TABLE IF EXISTS `login`; 31 | CREATE TABLE `login` ( 32 | `id` int(11) NOT NULL auto_increment, 33 | `username` varchar(16) NOT NULL, 34 | `password` varchar(32) NOT NULL, 35 | `status` int(11) NOT NULL default '0', 36 | `clientip` varchar(15) NOT NULL, 37 | `serverip` varchar(15) NOT NULL, 38 | PRIMARY KEY (`id`), 39 | KEY `username` (`username`) 40 | ) ENGINE=InnoDB DEFAULT CHARSET=utf8; 41 | 42 | -- 43 | -- Dumping data for table `login` 44 | -- 45 | 46 | LOCK TABLES `login` WRITE; 47 | /*!40000 ALTER TABLE `login` DISABLE KEYS */; 48 | /*!40000 ALTER TABLE `login` ENABLE KEYS */; 49 | UNLOCK TABLES; 50 | /*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */; 51 | 52 | /*!40101 SET SQL_MODE=@OLD_SQL_MODE */; 53 | /*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */; 54 | /*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */; 55 | /*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */; 56 | /*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */; 57 | /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */; 58 | /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */; 59 | 60 | -- Dump completed on 2009-01-16 15:31:38 61 | -------------------------------------------------------------------------------- /src/pppd-sql-0.8.0/src/Makefile.am: -------------------------------------------------------------------------------- 1 | # minimum required automake 1.6 2 | AUTOMAKE_OPTIONS = 1.6 3 | 4 | # library information and headers which should not be installed. 5 | lib_LTLIBRARIES = 6 | if HAVE_MYSQL 7 | lib_LTLIBRARIES += mysql.la 8 | endif 9 | if HAVE_PGSQL 10 | lib_LTLIBRARIES += pgsql.la 11 | endif 12 | 13 | # headers which are only for internal use. 14 | noinst_HEADERS = auth-mysql.h auth-pgsql.h plugin.h plugin-mysql.h plugin-pgsql.h str.h 15 | 16 | if HAVE_MYSQL 17 | # sources to compile. 18 | mysql_la_SOURCES = auth-mysql.c \ 19 | plugin.c \ 20 | plugin-mysql.c \ 21 | str.c 22 | # compile flags. 23 | mysql_la_CFLAGS = @MYSQL_CFLAGS@ 24 | 25 | # linker options. 26 | mysql_la_LDFLAGS = @MYSQL_LDFLAGS@ \ 27 | -module \ 28 | -avoid-version 29 | endif 30 | 31 | if HAVE_PGSQL 32 | # sources to compile. 33 | pgsql_la_SOURCES = auth-pgsql.c \ 34 | plugin.c \ 35 | plugin-pgsql.c \ 36 | str.c 37 | 38 | # compile flags. 39 | pgsql_la_CFLAGS = @PGSQL_CFLAGS@ 40 | 41 | # linker options. 42 | pgsql_la_LDFLAGS = @PGSQL_LDFLAGS@ \ 43 | -module \ 44 | -avoid-version 45 | endif 46 | 47 | # avoid installation of .la files. 48 | install-exec-hook: 49 | if HAVE_MYSQL 50 | $(rmpath) ${DESTDIR}${libdir}/mysql.la 51 | endif 52 | if HAVE_PGSQL 53 | $(rmpath) ${DESTDIR}${libdir}/pgsql.la 54 | endif 55 | 56 | # remove modules on uninstallation. 57 | uninstall-hook: 58 | if HAVE_MYSQL 59 | $(rmpath) -f ${DESTDIR}${libdir}/mysql.so 60 | endif 61 | if HAVE_PGSQL 62 | $(rmpath) -f ${DESTDIR}${libdir}/pgsql.so 63 | endif 64 | -------------------------------------------------------------------------------- /src/pppd-sql-0.8.0/src/str.h: -------------------------------------------------------------------------------- 1 | /* 2 | * str.h -- String handling functions for the Plugin. 3 | * 4 | * Copyright (c) 2008-2009 Maik Broemme 5 | * 6 | * This program is free software; you can redistribute it and/or modify 7 | * it under the terms of the GNU General Public License as published by 8 | * the Free Software Foundation; either version 3 of the License, or 9 | * (at your option) any later version. 10 | * 11 | * This program is distributed in the hope that it will be useful, 12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | * GNU General Public License for more details. 15 | * 16 | * You should have received a copy of the GNU General Public License 17 | * along with this program. If not, see . 18 | */ 19 | 20 | #ifndef _STR_H 21 | #define _STR_H 22 | 23 | /* generic includes. */ 24 | #include 25 | 26 | /* this function split the given string into tokens separated by delimiter. */ 27 | uint8_t *pppd__strsep( 28 | uint8_t **string_p, 29 | const uint8_t *delim 30 | ); 31 | 32 | /* this function convert a given hex value to an integer. */ 33 | int32_t pppd__htoi( 34 | uint8_t character 35 | ); 36 | 37 | #endif /* _STR_H */ 38 | -------------------------------------------------------------------------------- /src/pppd-sql-0.8.0/stamp-h1: -------------------------------------------------------------------------------- 1 | timestamp for config.h 2 | -------------------------------------------------------------------------------- /web/admin/.list: -------------------------------------------------------------------------------- 1 | admin.tmpl - admin interface template 2 | config.ini - database access configuration 3 | index.html - login interface 4 | main.cgi - the main cgi 5 | 6 | steps 7 | modify config.ini 8 | modify main.cgi for recaptcha settings -------------------------------------------------------------------------------- /web/admin/admin.tmpl: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | <TMPL_VAR NAME=TITLE> | 管理员控制面板 7 | 8 | 9 | 10 |
11 | 22 | 23 |
24 |
25 | 26 |
27 |
28 | 29 | 32 |
33 | 34 | 35 | 36 | 37 | -------------------------------------------------------------------------------- /web/admin/config.ini: -------------------------------------------------------------------------------- 1 | [mysql] 2 | dsn = 'DBI:mysql:database=ppp;host=db.someafile.com' 3 | username = vpn 4 | password = vpn 5 | -------------------------------------------------------------------------------- /web/admin/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 管理员登录 6 | 7 | 8 | 9 |
10 |
11 |

欢迎来到ParDiff VPN

12 |
13 |
14 | 15 |

管理员登录

16 | 17 |
18 | 在此输入验证码: 19 | 20 | 21 | 22 | 用户名:
23 | 密码:
24 | 25 |
26 |
27 | 30 |
31 | 32 | -------------------------------------------------------------------------------- /web/user/.list: -------------------------------------------------------------------------------- 1 | config.ini - database configuration 2 | 3 | create.{html,cgi} - interface to create a new user 4 | 5 | help.html, index.html, images/, style/, css/, js/ - ordinary website file 6 | tutorial/ - tutorials on how to use vpn client 7 | ticket/ - ticket system 8 | cp/ - user control panel 9 | coupon/ - coupon code (SN) charging system 10 | -------------------------------------------------------------------------------- /web/user/config.ini: -------------------------------------------------------------------------------- 1 | [mysql] 2 | dsn = 'DBI:mysql:database=ppp;host=ip' 3 | username = vpn 4 | password = vpn 5 | -------------------------------------------------------------------------------- /web/user/coupon/config.ini: -------------------------------------------------------------------------------- 1 | ../config.ini -------------------------------------------------------------------------------- /web/user/coupon/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | ParDiff 充值卡 5 | 6 | 7 | 8 | 9 | 10 |
11 |
12 |

欢迎来到ParDiff VPN,在此您可以进行充值卡验证、充值操作

13 |
14 |
15 | 16 |

输入您的的充值卡卡号进行验证

17 | 18 |
19 | 23 | 卡号/sn:
24 | 25 |
26 | 27 |
28 |
29 | 33 | 38 | 39 | -------------------------------------------------------------------------------- /web/user/cp/change_password.cgi: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | 3 | use strict; 4 | use warnings; 5 | 6 | use CGI qw/:standard/; 7 | use DBI; 8 | use Data::Dumper; 9 | 10 | my %config; 11 | 12 | use Config::Simple; 13 | Config::Simple->import_from('config.ini', \%config); 14 | 15 | my $dsn = $config{'mysql.dsn'}; 16 | my $dbh = DBI->connect($dsn, $config{'mysql.username'}, $config{'mysql.password'}); 17 | 18 | use Captcha::reCAPTCHA; 19 | # Your reCAPTCHA keys from 20 | # https://admin.recaptcha.net/recaptcha/createsite/ 21 | use constant PUBLIC_KEY => '6LdHVwsAAAAAAJf562_qCaDHPtqEv2jOF--ml5Ao'; 22 | use constant PRIVATE_KEY => '6LdHVwsAAAAAAKBvGCIJuX6vwvVA5fquW3kkt1Dv'; 23 | 24 | 25 | my $captcha = Captcha::reCAPTCHA->new; 26 | my $result = $captcha->check_answer(PRIVATE_KEY, $ENV{'REMOTE_ADDR'}, 27 | param( 'recaptcha_challenge_field' ), 28 | param( 'recaptcha_response_field' )); 29 | 30 | #if (!$result->{is_valid}) { 31 | # print header(-charset => 'utf-8'); 32 | # print start_html(-title => '验证码不正确!'); 33 | # print '

验证码不正确,你被判定为机器人!

'; 34 | # print end_html; 35 | # exit 0; 36 | #} 37 | 38 | my $password = param('password'); 39 | my $password_1 = param('password_1'); 40 | my $password_2 = param('password_2'); 41 | my $username = param('username'); 42 | 43 | if ($password && $username) { 44 | my $sth = $dbh->prepare("SELECT * FROM login WHERE username = ? AND password =?"); 45 | $sth->execute($username, $password); 46 | 47 | my $ref = $sth->fetchrow_hashref(); 48 | if ($ref) { 49 | if ($password_1 && $password_2 && $password_1 eq $password_2) { 50 | $sth = $dbh->prepare("UPDATE login SET password = ? WHERE username = ? LIMIT 1"); 51 | $sth->execute($password_2, $username); 52 | } 53 | else { 54 | print header(-charset=>'utf-8'), start_html('两次密码输入不符'); 55 | print '

两次密码输入不符

', end_html; 56 | exit 0; 57 | } 58 | } 59 | } 60 | 61 | print redirect('index.html'); 62 | 63 | -------------------------------------------------------------------------------- /web/user/cp/config.ini: -------------------------------------------------------------------------------- 1 | ../config.ini -------------------------------------------------------------------------------- /web/user/cp/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | ParDiff 用户控制面板 5 | 6 | 7 | 8 | 9 | 10 |
11 |
12 |

欢迎来到ParDiff VPN

13 |
14 |
15 | 16 |

输入您的用户名与密码,登录控制面板

17 | 18 | 19 |
20 | 24 | 用户名/username:
25 | 密码/password:
26 | 27 |
28 | 29 |
30 |
31 | 35 | 40 | 41 | -------------------------------------------------------------------------------- /web/user/create.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 建立新用户 5 | 6 | 7 | 8 |
9 |
10 |

欢迎来到ParDiff VPN

11 |
12 | 13 |
14 |

建立VPN新用户

15 |
16 | 在此输入验证码: 17 | 18 | 19 | 请输入用户名:
20 | 请输入密码:
21 | 请再次输入密码:
22 | 请输入邮箱地址:
23 | 24 |

点击确认即代表您同意与本站达成用户协议,您允许本站使用您的电子邮件给您发送定期或不定期的本站新功能介绍与您的流量报告。

25 |
26 |
27 |
28 | 31 |
32 | 33 | 34 | -------------------------------------------------------------------------------- /web/user/css/reset.css: -------------------------------------------------------------------------------- 1 | /* http://meyerweb.com/eric/tools/css/reset/ */ 2 | /* v1.0 | 20080212 */ 3 | 4 | html, body, div, span, applet, object, iframe, 5 | h1, h2, h3, h4, h5, h6, p, blockquote, pre, 6 | a, abbr, acronym, address, big, cite, code, 7 | del, dfn, em, font, img, ins, kbd, q, s, samp, 8 | small, strike, strong, sub, sup, tt, var, 9 | b, u, i, center, 10 | dl, dt, dd, ol, ul, li, 11 | fieldset, form, label, legend, 12 | table, caption, tbody, tfoot, thead, tr, th, td { 13 | margin: 0; 14 | padding: 0; 15 | border: 0; 16 | outline: 0; 17 | font-size: 100%; 18 | vertical-align: baseline; 19 | background: transparent; 20 | } 21 | body { 22 | line-height: 1; 23 | } 24 | ol, ul { 25 | list-style: none; 26 | } 27 | blockquote, q { 28 | quotes: none; 29 | } 30 | blockquote:before, blockquote:after, 31 | q:before, q:after { 32 | content: ''; 33 | content: none; 34 | } 35 | 36 | /* remember to define focus styles! */ 37 | :focus { 38 | outline: 0; 39 | } 40 | 41 | /* remember to highlight inserts somehow! */ 42 | ins { 43 | text-decoration: none; 44 | } 45 | del { 46 | text-decoration: line-through; 47 | } 48 | 49 | /* tables still need 'cellspacing="0"' in the markup */ 50 | table { 51 | border-collapse: collapse; 52 | border-spacing: 0; 53 | } 54 | -------------------------------------------------------------------------------- /web/user/help.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | ParDiff 用户控制面板 5 | 51 | 52 | 53 | 54 |
55 |
56 |

欢迎来到ParDiff VPN

57 |
58 |
59 |

60 | 使用指南 61 |

62 | 63 |

正在完善

64 |
65 |
66 | 70 | 75 | 76 | -------------------------------------------------------------------------------- /web/user/images/advantage-bottom.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/advantage-bottom.gif -------------------------------------------------------------------------------- /web/user/images/advantage-bottom.gif.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/advantage-bottom.gif.zip -------------------------------------------------------------------------------- /web/user/images/advantage-content.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/advantage-content.gif -------------------------------------------------------------------------------- /web/user/images/advantage-top.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/advantage-top.gif -------------------------------------------------------------------------------- /web/user/images/button.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/button.gif -------------------------------------------------------------------------------- /web/user/images/footer.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/footer.gif -------------------------------------------------------------------------------- /web/user/images/menu-padding-left.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/menu-padding-left.gif -------------------------------------------------------------------------------- /web/user/images/menu-padding-right.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/menu-padding-right.gif -------------------------------------------------------------------------------- /web/user/images/pardiff_03.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/pardiff_03.gif -------------------------------------------------------------------------------- /web/user/images/pardiff_04.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/pardiff_04.gif -------------------------------------------------------------------------------- /web/user/images/pardiff_05.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/pardiff_05.gif -------------------------------------------------------------------------------- /web/user/images/pardiff_06.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/pardiff_06.gif -------------------------------------------------------------------------------- /web/user/images/pardiff_07.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/pardiff_07.gif -------------------------------------------------------------------------------- /web/user/images/pardiff_08.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/pardiff_08.gif -------------------------------------------------------------------------------- /web/user/images/pardiff_09.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/pardiff_09.gif -------------------------------------------------------------------------------- /web/user/images/pardiff_10.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/pardiff_10.gif -------------------------------------------------------------------------------- /web/user/images/pardiff_11.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/pardiff_11.gif -------------------------------------------------------------------------------- /web/user/images/pardiff_12.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/pardiff_12.gif -------------------------------------------------------------------------------- /web/user/images/pardiff_13.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/pardiff_13.gif -------------------------------------------------------------------------------- /web/user/images/pardiff_14.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/pardiff_14.gif -------------------------------------------------------------------------------- /web/user/images/pardiff_15.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/pardiff_15.gif -------------------------------------------------------------------------------- /web/user/images/pardiff_16.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/pardiff_16.gif -------------------------------------------------------------------------------- /web/user/images/pardiff_17.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/pardiff_17.gif -------------------------------------------------------------------------------- /web/user/images/pardiff_19.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/pardiff_19.gif -------------------------------------------------------------------------------- /web/user/images/pardiff_22.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/pardiff_22.gif -------------------------------------------------------------------------------- /web/user/images/pardiff_23.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/pardiff_23.gif -------------------------------------------------------------------------------- /web/user/images/pardiff_25.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/pardiff_25.gif -------------------------------------------------------------------------------- /web/user/images/pardiff_27.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/pardiff_27.gif -------------------------------------------------------------------------------- /web/user/images/price-bottom.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/price-bottom.gif -------------------------------------------------------------------------------- /web/user/images/price-content.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/price-content.gif -------------------------------------------------------------------------------- /web/user/images/price-top.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/price-top.gif -------------------------------------------------------------------------------- /web/user/images/spacer.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/images/spacer.gif -------------------------------------------------------------------------------- /web/user/js/function.js: -------------------------------------------------------------------------------- 1 | $(document).ready(function() { 2 | $("#menu-frontpage").click(function(id, ev) { 3 | $(".content_show").removeClass("content_show").addClass("content_hidden").hide(); 4 | $("#frontpage").removeClass("content_hidden").addClass("content_show").fadeTo("slow", 1.0);; 5 | }); 6 | $("#menu-login").click(function(id, ev) { 7 | $(".content_show").removeClass("content_show").addClass("content_hidden").hide(); 8 | $("#login").removeClass("content_hidden").addClass("content_show").fadeTo("slow", 1.0); 9 | }); 10 | $("#menu-tutorial").click(function(id, ev) { 11 | $(".content_show").removeClass("content_show").addClass("content_hidden").hide(); 12 | $("#tutorial").removeClass("content_hidden").addClass("content_show").fadeTo("slow", 1.0);; 13 | }); 14 | $("#menu-sale").click(function(id, ev) { 15 | $(".content_show").removeClass("content_show").addClass("content_hidden").hide(); 16 | $("#sale").removeClass("content_hidden").addClass("content_show").fadeTo("slow", 1.0);; 17 | }); 18 | }); -------------------------------------------------------------------------------- /web/user/style/reset.css: -------------------------------------------------------------------------------- 1 | /********************************** 2 | 3 | Use: Reset Styles for all browsers 4 | 5 | ***********************************/ 6 | 7 | body, p, blockquote { 8 | margin: 0; 9 | padding: 0; 10 | } 11 | 12 | a img, iframe { border: none; } 13 | 14 | /* Headers 15 | ------------------------------*/ 16 | 17 | h1, h2, h3, h4, h5, h6 { 18 | margin: 0; 19 | padding: 0; 20 | } 21 | 22 | h1 { font-size: 150%; } 23 | h2 { font-size: 140%; } 24 | h3 { font-size: 130%; } 25 | h4 { font-size: 120%; } 26 | h5 { font-size: 110%; } 27 | 28 | /* Lists 29 | ------------------------------*/ 30 | 31 | ul, ol, dl, li, dt, dd { 32 | margin: 0; 33 | padding: 0; 34 | } 35 | 36 | /* Links 37 | ------------------------------*/ 38 | 39 | a, a:link {} 40 | a:visited {} 41 | a:hover {} 42 | a:active {} 43 | 44 | /* Forms 45 | ------------------------------*/ 46 | 47 | form, fieldset { 48 | margin: 0; 49 | padding: 0; 50 | } 51 | 52 | fieldset { border: 1px solid #000; } 53 | 54 | legend { 55 | padding: 0; 56 | color: #000; 57 | } 58 | 59 | input, textarea, select { 60 | margin: 0; 61 | padding: 1px; 62 | font-size: 100%; 63 | font-family: inherit; 64 | } 65 | 66 | select { padding: 0; } -------------------------------------------------------------------------------- /web/user/ticket/config.ini: -------------------------------------------------------------------------------- 1 | ../config.ini -------------------------------------------------------------------------------- /web/user/ticket/create.tmpl: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | <TMPL_VAR NAME=PAGE_TITLE> 7 | 8 | 9 | 10 |
11 | 13 | 14 |
15 |
16 | 17 |

错误发生,原因:

18 |
19 | 20 |

以下内容已记录,您会收到下列信息的确认函,登录信息也会包含其中。

21 |

类别:

22 |

标题:

23 |

用户名:

24 |

电子邮箱:

25 |

内容:

26 | 27 |
28 |
29 |
30 | 31 | 32 | -------------------------------------------------------------------------------- /web/user/ticket/index.cgi: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | 3 | use strict; 4 | use warnings; 5 | 6 | use CGI qw/:standard/; 7 | use HTML::Template; 8 | 9 | my $username = param('username') || '请输入用户名'; 10 | my $email = param('email') || '请输入电子邮箱地址'; 11 | 12 | 13 | my $template = HTML::Template->new(filename => 'index.tmpl'); 14 | $template->param(USERNAME => $username); 15 | $template->param(EMAIL => $email); 16 | 17 | print header(-charset => 'utf-8'); 18 | print $template->output(); 19 | -------------------------------------------------------------------------------- /web/user/ticket/view.tmpl: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | <TMPL_VAR NAME=PAGE_TITLE> 7 | 8 | 9 | 10 |
11 | 13 | 14 |
15 |
16 | 17 |

错误发生,原因:

18 |
19 | 20 | 21 | 22 |
23 | 24 | 25 | 26 | 29 |
30 | 31 | 请输入验证码: 32 | 33 | 34 |
35 | 36 | 37 |
38 | 39 | 40 | 41 |
42 |
43 |
44 | 45 | 46 | -------------------------------------------------------------------------------- /web/user/tutorial/AndroidVPN.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/tutorial/AndroidVPN.pdf -------------------------------------------------------------------------------- /web/user/tutorial/AndroidVPN.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/tutorial/AndroidVPN.zip -------------------------------------------------------------------------------- /web/user/tutorial/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | ParDiff VPN 使用说明 7 | 8 | 9 | 10 |
11 |
12 |

ParDiff VPN 设置方法

13 |
14 | 15 |
16 |
17 |

OpenVPN配置文件下载

18 | 26 | 27 | 28 |

ParDiff VPN使用说明

29 | 33 |

DNS设置为
34 | 67.223.233.193 或者 8.8.8.8

35 | 36 |
37 |
38 |
39 | 40 | 41 | -------------------------------------------------------------------------------- /web/user/tutorial/macos-1.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/tutorial/macos-1.zip -------------------------------------------------------------------------------- /web/user/tutorial/manual.doc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/tutorial/manual.doc -------------------------------------------------------------------------------- /web/user/tutorial/manual.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/tutorial/manual.pdf -------------------------------------------------------------------------------- /web/user/tutorial/vpn.pardiff.com.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/tutorial/vpn.pardiff.com.gif -------------------------------------------------------------------------------- /web/user/tutorial/windows-1.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/qsun/ParDiff-VPN/79b39f97cd2ebc0f9393c55ff505ee9550abe109/web/user/tutorial/windows-1.zip --------------------------------------------------------------------------------