jkito authored 8 months ago and jkito committed 8 months ago

the $APPNAME is a template variable and replace by the gen-qt-installer
script at build time, which allows to have the correct name of the app
on the error message during uninstall

jkito authored 8 months ago and jkito committed 8 months ago

this adds a custom installer page with a checkbox to allow users to
choose to install the app for all users, when its enabled installer
will create a group called 'OpenVPN Administrator'

local users except the admin, guest and default account are added to
the group, and upon uninstall the group is removed

this allows non-admin users that are added to the group to use the app
and successfully start a vpn connection

Pea Nut authored 9 months ago and jkito committed 9 months ago

It is not needed. It's also not available on Ubuntu 22.04.

jkito authored 10 months ago and jkito committed 9 months ago

osx was the old name, nowadays its called macos installation
was successful but the helper's launchd service was not setup
as post-install was not running due to the faulty check, this
was missed in 9666f8bd

ref: https://doc.qt.io/qtinstallerframework/scripting-systeminfo.html#productType-prop

after few of the qml components were modified in gui/components
the patch had to be updated or else it wasn't getting applied

jkito authored 10 months ago and jkito committed 10 months ago

update golang version for debian package

Pea Nut authored 1 year ago and jkito committed 11 months ago

- vendor.conf now has a default api version:
    - apiVersion = 3 is set for all current providers
- provider.py (called during `make vendor`) now supports api version
  and writes it to providers.json
- the desktop client logs the used api version. Currently v5 is not yet implement.
  This is just the preparation for it
- this is only a temporary solution. In the future, we want to get the
  api version during runtime by parsing $api/provider.json

fixes #786

the tasks are now handled by the post-install.go program the
plist template is in the program source code

the python script needed python to be installed on the user's machine
to be able to successfully install

this is changed to use a statically compiled go binary for performing
the post-install tasks

fixes #775

the debian source archive name contains the
version of only the upstream source the part
after the last '-' is ommitted if it contains

e.g: source-version: 0.24.03-rc.1-1-ga34h566
     archive-version: 0.24.03-rc.1-1
     archive-name: bitmask-vpn_0.24.03-rc.1-1.orig.tar.gz

python3 is now more likely to be found instead of python, although
macos doesn't ship python pre-installed, we should try to remove
python dependency from the installers

updates the Priority in control file and updates
the License in copyright file

- this updates the .desktop template file to support multiple
provider icons
- adds a .png instead of the .svg icon file and adds it to sources/include-binaries

this fixes #744

kali authored 3 years ago and Kali Kaneko committed 2 years ago

- Resolves: #339

kali authored 3 years ago and Kali Kaneko committed 3 years ago

A vulnerability in QtIFW produces improper ACLs to be set when
installing in custom locations. This can lead to privilege escalation if
a non-privileged user overwrites the openvpn binary. Thanks to
researchers at Tenable for finding and reporting this!

Impact is considered low-medium, since an installation outside of the
suggested path is needed to trigger the issue.

Privileged execution of openvpn should be abandoned in next release, in
favor of the interactive service.

A bug upstream should be filed since other projects could be affected by
this vulnerability too.

-Resolves: #569

some refactor, plus fix docs