mirror of
https://github.com/SoftEtherVPN/SoftEtherVPN.git
synced 2024-11-22 17:39:53 +03:00
Merge branch 'master' into add-sha2
This commit is contained in:
commit
056c322601
14
.github/PULL_REQUEST_TEMPLATE.md
vendored
Normal file
14
.github/PULL_REQUEST_TEMPLATE.md
vendored
Normal file
@ -0,0 +1,14 @@
|
||||
Changes proposed in this pull request:
|
||||
-
|
||||
-
|
||||
-
|
||||
|
||||
Your great patch is much appreciated. We are considering to apply your patch into the SoftEther VPN main tree.
|
||||
|
||||
SoftEther VPN Patch Acceptance Policy:
|
||||
http://www.softether.org/5-download/src/9.patch
|
||||
|
||||
You have two options which are described on the above policy.
|
||||
Could you please choose either option 1 or 2, and specify it clearly on the reply?
|
||||
|
||||
-
|
1
debian/softether-vpnserver.init
vendored
1
debian/softether-vpnserver.init
vendored
@ -1,4 +1,3 @@
|
||||
|
||||
#! /bin/sh
|
||||
|
||||
### BEGIN INIT INFO
|
||||
|
@ -6663,7 +6663,7 @@ bool CtConnect(CLIENT *c, RPC_CLIENT_CONNECT *connect)
|
||||
CiSetError(c, ERR_ACCOUNT_ACTIVE);
|
||||
}
|
||||
else if (r->ClientAuth->AuthType == CLIENT_AUTHTYPE_SECURE &&
|
||||
client->UseSecureDeviceId == 0)
|
||||
c->UseSecureDeviceId == 0)
|
||||
{
|
||||
// Secure device is not specified
|
||||
CiSetError(c, ERR_NO_SECURE_DEVICE_SPECIFIED);
|
||||
|
@ -2560,6 +2560,8 @@ IKE_ENGINE *NewIkeEngine()
|
||||
IKE_CRYPTO *des, *des3, *aes;
|
||||
IKE_HASH *sha1, *md5, *sha2_256, *sha2_384, *sha2_512;
|
||||
IKE_DH *dh1, *dh2, *dh5;
|
||||
IKE_HASH *sha1, *md5;
|
||||
IKE_DH *dh1, *dh2, *dh5, *dh2048, *dh3072, *dh4096;
|
||||
UINT des_key_sizes[] =
|
||||
{
|
||||
8,
|
||||
@ -2609,6 +2611,9 @@ IKE_ENGINE *NewIkeEngine()
|
||||
dh1 = NewIkeDh(e, IKE_DH_1_ID, IKE_DH_1_STRING, 96);
|
||||
dh2 = NewIkeDh(e, IKE_DH_2_ID, IKE_DH_2_STRING, 128);
|
||||
dh5 = NewIkeDh(e, IKE_DH_5_ID, IKE_DH_5_STRING, 192);
|
||||
dh2048 = NewIkeDh(e, IKE_DH_2048_ID, IKE_DH_2048_STRING, 256);
|
||||
dh3072 = NewIkeDh(e, IKE_DH_3072_ID, IKE_DH_3072_STRING, 384);
|
||||
dh4096 = NewIkeDh(e, IKE_DH_4096_ID, IKE_DH_4096_STRING, 512);
|
||||
|
||||
// Define the IKE algorithm
|
||||
e->IkeCryptos[IKE_P1_CRYPTO_DES_CBC] = des;
|
||||
@ -2632,6 +2637,9 @@ IKE_ENGINE *NewIkeEngine()
|
||||
e->IkeDhs[IKE_P1_DH_GROUP_768_MODP] = e->EspDhs[IKE_P2_DH_GROUP_768_MODP] = dh1;
|
||||
e->IkeDhs[IKE_P1_DH_GROUP_1024_MODP] = e->EspDhs[IKE_P2_DH_GROUP_1024_MODP] = dh2;
|
||||
e->IkeDhs[IKE_P1_DH_GROUP_1536_MODP] = e->EspDhs[IKE_P2_DH_GROUP_1536_MODP] = dh5;
|
||||
e->IkeDhs[IKE_P1_DH_GROUP_2048_MODP] = e->EspDhs[IKE_P2_DH_GROUP_2048_MODP] = dh2048;
|
||||
e->IkeDhs[IKE_P1_DH_GROUP_3072_MODP] = e->EspDhs[IKE_P2_DH_GROUP_3072_MODP] = dh3072;
|
||||
e->IkeDhs[IKE_P1_DH_GROUP_4096_MODP] = e->EspDhs[IKE_P2_DH_GROUP_4096_MODP] = dh4096;
|
||||
|
||||
return e;
|
||||
}
|
||||
@ -3183,6 +3191,15 @@ DH_CTX *IkeDhNewCtx(IKE_DH *d)
|
||||
|
||||
case IKE_DH_5_ID:
|
||||
return DhNewGroup5();
|
||||
|
||||
case IKE_DH_2048_ID:
|
||||
return DhNew2048();
|
||||
|
||||
case IKE_DH_3072_ID:
|
||||
return DhNew3072();
|
||||
|
||||
case IKE_DH_4096_ID:
|
||||
return DhNew4096();
|
||||
}
|
||||
|
||||
return NULL;
|
||||
|
@ -262,6 +262,9 @@ struct IKE_TRANSFORM_VALUE
|
||||
#define IKE_P1_DH_GROUP_768_MODP 1
|
||||
#define IKE_P1_DH_GROUP_1024_MODP 2
|
||||
#define IKE_P1_DH_GROUP_1536_MODP 5
|
||||
#define IKE_P1_DH_GROUP_2048_MODP 14
|
||||
#define IKE_P1_DH_GROUP_3072_MODP 15
|
||||
#define IKE_P1_DH_GROUP_4096_MODP 16
|
||||
|
||||
// Phase 1: The expiration date type in IKE transform value
|
||||
#define IKE_P1_LIFE_TYPE_SECONDS 1
|
||||
@ -275,6 +278,9 @@ struct IKE_TRANSFORM_VALUE
|
||||
#define IKE_P2_DH_GROUP_768_MODP 1
|
||||
#define IKE_P2_DH_GROUP_1024_MODP 2
|
||||
#define IKE_P2_DH_GROUP_1536_MODP 5
|
||||
#define IKE_P2_DH_GROUP_2048_MODP 14
|
||||
#define IKE_P2_DH_GROUP_3072_MODP 15
|
||||
#define IKE_P2_DH_GROUP_4096_MODP 16
|
||||
|
||||
// Phase 2: The encapsulation mode in IPsec transform value
|
||||
#define IKE_P2_CAPSULE_TUNNEL 1
|
||||
@ -552,6 +558,15 @@ struct IKE_P1_KEYSET
|
||||
#define IKE_DH_5_ID 2
|
||||
#define IKE_DH_5_STRING "MODP 1536 (Group 5)"
|
||||
|
||||
#define IKE_DH_2048_ID 14
|
||||
#define IKE_DH_2048_STRING "MODP 2048 (Group 14)"
|
||||
|
||||
#define IKE_DH_3072_ID 15
|
||||
#define IKE_DH_3072_STRING "MODP 3072 (Group 15)"
|
||||
|
||||
#define IKE_DH_4096_ID 16
|
||||
#define IKE_DH_4096_STRING "MODP 4096 (Group 16)"
|
||||
|
||||
|
||||
// Encryption algorithm for IKE
|
||||
struct IKE_CRYPTO
|
||||
|
@ -1749,8 +1749,12 @@ PPP_PACKET *PPPRecvResponsePacket(PPP_SESSION *p, PPP_PACKET *req, USHORT expect
|
||||
|
||||
if (pp->IsControl && PPP_CODE_IS_REQUEST(pp->Protocol, pp->Lcp->Code))
|
||||
{
|
||||
// Record current resend because next steps may take a while
|
||||
UINT64 currentresend = next_resend - now;
|
||||
// Process when the received packet is a request packet
|
||||
response = PPPProcessRequestPacket(p, pp);
|
||||
// Increase next resend because this may have taken a while
|
||||
next_resend = Tick64() + currentresend;
|
||||
FreePPPPacket(pp);
|
||||
|
||||
if (response == NULL)
|
||||
|
@ -1154,9 +1154,12 @@ UINT OvsParseKeyMethod2(OPENVPN_KEY_METHOD_2 *ret, UCHAR *data, UINT size, bool
|
||||
// String
|
||||
if (OvsReadStringFromBuf(b, ret->OptionString, sizeof(ret->OptionString)) &&
|
||||
OvsReadStringFromBuf(b, ret->Username, sizeof(ret->Username)) &&
|
||||
OvsReadStringFromBuf(b, ret->Password, sizeof(ret->Password)) &&
|
||||
OvsReadStringFromBuf(b, ret->PeerInfo, sizeof(ret->PeerInfo)))
|
||||
OvsReadStringFromBuf(b, ret->Password, sizeof(ret->Password)))
|
||||
{
|
||||
if (!OvsReadStringFromBuf(b, ret->PeerInfo, sizeof(ret->PeerInfo)))
|
||||
{
|
||||
Zero(ret->PeerInfo, sizeof(ret->PeerInfo));
|
||||
}
|
||||
read_size = b->Current;
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user