AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2025-04-03 18:00:08 +03:00
Code Releases Activity

Merge remote-tracking branch 'fork/azure' into combine

Browse Source
This commit is contained in:
Yihong Wu 2023-02-25 14:12:43 +00:00
commit 17ef60b38e
28 changed files with 1086 additions and 150 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/Cedar/Account.c
View File

@ -553,7 +553,7 @@ void *NewUserCertAuthData(X *x)
}
// Hash the password
void HashPassword(void *dst, char *username, char *password)
void HashPassword(void *dst, char *username, char *password, bool sha1)
{
BUF *b;
char *username_upper;
@ -568,7 +568,15 @@ void HashPassword(void *dst, char *username, char *password)
StrUpper(username_upper);
WriteBuf(b, password, StrLen(password));
WriteBuf(b, username_upper, StrLen(username_upper));
Sha0(dst, b->Buf, b->Size);
if (sha1)
{
Sha1(dst, b->Buf, b->Size);
}
else
{
Sha0(dst, b->Buf, b->Size);
}
FreeBuf(b);
Free(username_upper);
@ -585,7 +593,7 @@ void *NewPasswordAuthData(char *username, char *password)
}
pw = ZeroMalloc(sizeof(AUTHPASSWORD));
HashPassword(pw->HashedKey, username, password);
HashPassword(pw->HashedKey, username, password, false);
GenerateNtPasswordHash(pw->NtLmSecureHash, password);
return pw;

2
src/Cedar/Account.h
View File

@ -193,7 +193,7 @@ void *NewUserCertAuthData(X *x);
void *NewRootCertAuthData(X_SERIAL *serial, wchar_t *common_name);
void *NewRadiusAuthData(wchar_t *username);
void *NewNTAuthData(wchar_t *username);
void HashPassword(void *dst, char *username, char *password);
void HashPassword(void *dst, char *username, char *password, bool sha1);
POLICY *GetDefaultPolicy();
POLICY *ClonePolicy(POLICY *policy);
void SetUserPolicy(USER *u, POLICY *policy);

159
src/Cedar/Admin.c
View File

@ -1644,6 +1644,8 @@ PACK *AdminDispatch(RPC *rpc, char *name, PACK *p)
DECLARE_RPC("GetSpecialListener", RPC_SPECIAL_LISTENER, StGetSpecialListener, InRpcSpecialListener, OutRpcSpecialListener)
DECLARE_RPC("GetAzureStatus", RPC_AZURE_STATUS, StGetAzureStatus, InRpcAzureStatus, OutRpcAzureStatus)
DECLARE_RPC("SetAzureStatus", RPC_AZURE_STATUS, StSetAzureStatus, InRpcAzureStatus, OutRpcAzureStatus)
DECLARE_RPC_EX("SetAzureCustom", RPC_AZURE_CUSTOM, StSetAzureCustom, InRpcAzureCustom, OutRpcAzureCustom, FreeRpcAzureCustom)
DECLARE_RPC_EX("GetAzureCustom", RPC_AZURE_CUSTOM, StGetAzureCustom, InRpcAzureCustom, OutRpcAzureCustom, FreeRpcAzureCustom)
DECLARE_RPC("GetDDnsInternetSettng", INTERNET_SETTING, StGetDDnsInternetSetting, InRpcInternetSetting, OutRpcInternetSetting)
DECLARE_RPC("SetDDnsInternetSettng", INTERNET_SETTING, StSetDDnsInternetSetting, InRpcInternetSetting, OutRpcInternetSetting)
// RPC function declaration: till here
@ -1831,6 +1833,8 @@ DECLARE_SC("SetSpecialListener", RPC_SPECIAL_LISTENER, ScSetSpecialListener, InR
DECLARE_SC("GetSpecialListener", RPC_SPECIAL_LISTENER, ScGetSpecialListener, InRpcSpecialListener, OutRpcSpecialListener)
DECLARE_SC("GetAzureStatus", RPC_AZURE_STATUS, ScGetAzureStatus, InRpcAzureStatus, OutRpcAzureStatus)
DECLARE_SC("SetAzureStatus", RPC_AZURE_STATUS, ScSetAzureStatus, InRpcAzureStatus, OutRpcAzureStatus)
DECLARE_SC_EX("GetAzureCustom", RPC_AZURE_CUSTOM, ScGetAzureCustom, InRpcAzureCustom, OutRpcAzureCustom, FreeRpcAzureCustom)
DECLARE_SC_EX("SetAzureCustom", RPC_AZURE_CUSTOM, ScSetAzureCustom, InRpcAzureCustom, OutRpcAzureCustom, FreeRpcAzureCustom)
DECLARE_SC("GetDDnsInternetSettng", INTERNET_SETTING, ScGetDDnsInternetSetting, InRpcInternetSetting, OutRpcInternetSetting)
DECLARE_SC("SetDDnsInternetSettng", INTERNET_SETTING, ScSetDDnsInternetSetting, InRpcInternetSetting, OutRpcInternetSetting)
// RPC call function declaration: till here
@ -1919,6 +1923,12 @@ UINT StGetAzureStatus(ADMIN *a, RPC_AZURE_STATUS *t)
{
t->IsConnected = ac->IsConnected;
t->IsEnabled = ac->IsEnabled;
t->UseCustom = ac->UseCustom;
if (ac->UseCustom && ac->CustomConfig != NULL)
{
StrCpy(t->CurrentHostname, sizeof(t->CurrentHostname), ac->CustomConfig->Hostname);
}
}
Unlock(ac->Lock);
@ -1940,7 +1950,90 @@ UINT StSetAzureStatus(ADMIN *a, RPC_AZURE_STATUS *t)
return ERR_NOT_SUPPORTED;
}
SiSetAzureEnable(s, t->IsEnabled);
SiSetAzureEnable(s, t->IsEnabled, t->UseCustom);
IncrementServerConfigRevision(s);
return ERR_NO_ERROR;
}
// Get Azure custom config
UINT StGetAzureCustom(ADMIN *a, RPC_AZURE_CUSTOM *t)
{
SERVER *s = a->Server;
CEDAR *c = s->Cedar;
UINT ret = ERR_NO_ERROR;
AZURE_CLIENT *ac;
SERVER_ADMIN_ONLY;
NO_SUPPORT_FOR_BRIDGE;
if (SiIsAzureSupported(s) == false)
{
return ERR_NOT_SUPPORTED;
}
ac = s->AzureClient;
if (ac == NULL)
{
return ERR_NOT_SUPPORTED;
}
Zero(t, sizeof(RPC_AZURE_CUSTOM));
Lock(ac->Lock);
{
if (ac->CustomConfig != NULL)
{
StrCpy(t->ServerName, sizeof(t->ServerName), ac->CustomConfig->ServerName);
t->ServerPort = ac->CustomConfig->ServerPort;
StrCpy(t->Hostname, sizeof(t->Hostname), ac->CustomConfig->Hostname);
Copy(t->HashedPassword, ac->CustomConfig->HashedPassword, SHA1_SIZE);
t->ClientX = CloneX(ac->CustomConfig->ClientX);
t->ClientK = CloneK(ac->CustomConfig->ClientK);
t->ServerCert = CloneX(ac->CustomConfig->ServerCert);
t->VerifyServer = ac->CustomConfig->VerifyServer;
t->AddDefaultCA = ac->CustomConfig->AddDefaultCA;
}
}
Unlock(ac->Lock);
return ERR_NO_ERROR;
}
// Set Azure custom config
UINT StSetAzureCustom(ADMIN *a, RPC_AZURE_CUSTOM *t)
{
SERVER *s = a->Server;
CEDAR *c = s->Cedar;
UINT ret = ERR_NO_ERROR;
SERVER_ADMIN_ONLY;
NO_SUPPORT_FOR_BRIDGE;
if (SiIsAzureSupported(s) == false)
{
return ERR_NOT_SUPPORTED;
}
AZURE_CUSTOM_CONFIG *config = ZeroMalloc(sizeof(AZURE_CUSTOM_CONFIG));
if (t->ClientX != NULL && t->ClientK != NULL && CheckXandK(t->ClientX, t->ClientK) == false)
{
return ERR_PROTOCOL_ERROR;
}
StrCpy(config->ServerName, sizeof(config->ServerName), t->ServerName);
config->ServerPort = t->ServerPort;
StrCpy(config->Hostname, sizeof(config->Hostname), t->Hostname);
Copy(config->HashedPassword, t->HashedPassword, SHA1_SIZE);
config->ClientX = CloneX(t->ClientX);
config->ClientK = CloneK(t->ClientK);
config->ServerCert = CloneX(t->ServerCert);
config->VerifyServer = t->VerifyServer;
config->AddDefaultCA = t->AddDefaultCA;
SiApplyAzureConfig(s, NULL, config);
IncrementServerConfigRevision(s);
@ -9107,7 +9200,7 @@ UINT StSetHub(ADMIN *a, RPC_CREATE_HUB *t)
if (StrLen(t->AdminPasswordPlainText) != 0)
{
Sha0(t->HashedPassword, t->AdminPasswordPlainText, StrLen(t->AdminPasswordPlainText));
HashPassword(t->SecurePassword, ADMINISTRATOR_USERNAME, t->AdminPasswordPlainText);
HashPassword(t->SecurePassword, ADMINISTRATOR_USERNAME, t->AdminPasswordPlainText, false);
}
if (IsZero(t->HashedPassword, sizeof(t->HashedPassword)) == false &&
@ -9123,7 +9216,7 @@ UINT StSetHub(ADMIN *a, RPC_CREATE_HUB *t)
// Is the password to be set blank
{
UCHAR hash1[SHA1_SIZE], hash2[SHA1_SIZE];
HashPassword(hash1, ADMINISTRATOR_USERNAME, "");
HashPassword(hash1, ADMINISTRATOR_USERNAME, "", false);
Sha0(hash2, "", 0);
if (Cmp(t->HashedPassword, hash2, SHA1_SIZE) == 0 || Cmp(t->SecurePassword, hash1, SHA1_SIZE) == 0)
@ -9290,7 +9383,7 @@ UINT StCreateHub(ADMIN *a, RPC_CREATE_HUB *t)
StrLen(t->AdminPasswordPlainText) != 0)
{
Sha0(t->HashedPassword, t->AdminPasswordPlainText, StrLen(t->AdminPasswordPlainText));
HashPassword(t->SecurePassword, ADMINISTRATOR_USERNAME, t->AdminPasswordPlainText);
HashPassword(t->SecurePassword, ADMINISTRATOR_USERNAME, t->AdminPasswordPlainText, false);
}
h = NewHub(c, t->HubName, &o);
@ -10545,6 +10638,8 @@ void InRpcAzureStatus(RPC_AZURE_STATUS *t, PACK *p)
t->IsConnected = PackGetBool(p, "IsConnected");
t->IsEnabled = PackGetBool(p, "IsEnabled");
t->UseCustom = PackGetBool(p, "UseCustom");
PackGetStr(p, "CurrentHostname", t->CurrentHostname, sizeof(t->CurrentHostname));
}
void OutRpcAzureStatus(PACK *p, RPC_AZURE_STATUS *t)
{
@ -10556,6 +10651,60 @@ void OutRpcAzureStatus(PACK *p, RPC_AZURE_STATUS *t)
PackAddBool(p, "IsConnected", t->IsConnected);
PackAddBool(p, "IsEnabled", t->IsEnabled);
PackAddBool(p, "UseCustom", t->UseCustom);
PackAddStr(p, "CurrentHostname", t->CurrentHostname);
}
// RPC_AZURE_CUSTOM
void InRpcAzureCustom(RPC_AZURE_CUSTOM *t, PACK *p)
{
// Validate arguments
if (t == NULL || p == NULL)
{
return;
}
Zero(t, sizeof(RPC_AZURE_CUSTOM));
PackGetStr(p, "ServerName", t->ServerName, sizeof(t->ServerName));
t->ServerPort = PackGetInt(p, "ServerPort");
PackGetStr(p, "Hostname", t->Hostname, sizeof(t->Hostname));
PackGetData2(p, "HashedPassword", t->HashedPassword, sizeof(t->HashedPassword));
t->ClientX = PackGetX(p, "ClientCert");
t->ClientK = PackGetK(p, "ClientKey");
t->ServerCert = PackGetX(p, "ServerCert");
t->VerifyServer = PackGetBool(p, "VerifyServer");
t->AddDefaultCA = PackGetBool(p, "AddDefaultCA");
}
void OutRpcAzureCustom(PACK *p, RPC_AZURE_CUSTOM *t)
{
// Validate arguments
if (t == NULL || p == NULL)
{
return;
}
PackAddStr(p, "ServerName", t->ServerName);
PackAddInt(p, "ServerPort", t->ServerPort);
PackAddStr(p, "Hostname", t->Hostname);
PackAddData(p, "HashedPassword", t->HashedPassword, sizeof(t->HashedPassword));
PackAddX(p, "ClientCert", t->ClientX);
PackAddK(p, "ClientKey", t->ClientK);
PackAddX(p, "ServerCert", t->ServerCert);
PackAddBool(p, "VerifyServer", t->VerifyServer);
PackAddBool(p, "AddDefaultCA", t->AddDefaultCA);
}
void FreeRpcAzureCustom(RPC_AZURE_CUSTOM *t)
{
// Validate arguments
if (t == NULL)
{
return;
}
FreeX(t->ServerCert);
FreeX(t->ClientX);
FreeK(t->ClientK);
}
// RPC_SPECIAL_LISTENER
@ -14070,7 +14219,7 @@ void *InRpcAuthData(PACK *p, UINT *authtype, char *username)
{
if (IsZero(pw->HashedKey, sizeof(pw->HashedKey)))
{
HashPassword(pw->HashedKey, username, plain_pw);
HashPassword(pw->HashedKey, username, plain_pw, false);
GenerateNtPasswordHash(pw->NtLmSecureHash, plain_pw);
}
}

23
src/Cedar/Admin.h
View File

@ -933,6 +933,22 @@ struct RPC_AZURE_STATUS
{
bool IsEnabled; // Whether enabled
bool IsConnected; // Whether it's connected
bool UseCustom; // Whether using custom service
char CurrentHostname[MAX_HOST_NAME_LEN + 1];
};
// Get / Set the custom Azure config
struct RPC_AZURE_CUSTOM
{
char ServerName[MAX_HOST_NAME_LEN + 1]; // VPN Azure server name
UINT ServerPort; // VPN Azure port number
char Hostname[MAX_HOST_NAME_LEN + 1]; // VPN Azure client hostname
UCHAR HashedPassword[SHA1_SIZE]; // Hashed passwords
X *ClientX; // VPN Azure client certificate
K *ClientK; // VPN Azure client private key
X *ServerCert; // VPN Azure server certificate
bool VerifyServer; // Verify server certificate
bool AddDefaultCA; // Use default trust store to verify server
};
// Ask user whether to continue RPC connect
@ -1143,6 +1159,8 @@ UINT StSetSpecialListener(ADMIN *a, RPC_SPECIAL_LISTENER *t);
UINT StGetSpecialListener(ADMIN *a, RPC_SPECIAL_LISTENER *t);
UINT StGetAzureStatus(ADMIN *a, RPC_AZURE_STATUS *t);
UINT StSetAzureStatus(ADMIN *a, RPC_AZURE_STATUS *t);
UINT StGetAzureCustom(ADMIN *a, RPC_AZURE_CUSTOM *t);
UINT StSetAzureCustom(ADMIN *a, RPC_AZURE_CUSTOM *t);
UINT StGetDDnsInternetSetting(ADMIN *a, INTERNET_SETTING *t);
UINT StSetDDnsInternetSetting(ADMIN *a, INTERNET_SETTING *t);
UINT StSetVgsConfig(ADMIN *a, VGS_CONFIG *t);
@ -1294,6 +1312,8 @@ UINT ScSetSpecialListener(RPC *r, RPC_SPECIAL_LISTENER *t);
UINT ScGetSpecialListener(RPC *r, RPC_SPECIAL_LISTENER *t);
UINT ScGetAzureStatus(RPC *r, RPC_AZURE_STATUS *t);
UINT ScSetAzureStatus(RPC *r, RPC_AZURE_STATUS *t);
UINT ScGetAzureCustom(RPC *r, RPC_AZURE_CUSTOM *t);
UINT ScSetAzureCustom(RPC *r, RPC_AZURE_CUSTOM *t);
UINT ScGetDDnsInternetSetting(RPC *r, INTERNET_SETTING *t);
UINT ScSetDDnsInternetSetting(RPC *r, INTERNET_SETTING *t);
UINT ScSetVgsConfig(RPC *r, VGS_CONFIG *t);
@ -1525,6 +1545,9 @@ void InRpcSpecialListener(RPC_SPECIAL_LISTENER *t, PACK *p);
void OutRpcSpecialListener(PACK *p, RPC_SPECIAL_LISTENER *t);
void InRpcAzureStatus(RPC_AZURE_STATUS *t, PACK *p);
void OutRpcAzureStatus(PACK *p, RPC_AZURE_STATUS *t);
void InRpcAzureCustom(RPC_AZURE_CUSTOM *t, PACK *p);
void OutRpcAzureCustom(PACK *p, RPC_AZURE_CUSTOM *t);
void FreeRpcAzureCustom(RPC_AZURE_CUSTOM *t);
void InRpcInternetSetting(INTERNET_SETTING *t, PACK *p);
void OutRpcInternetSetting(PACK *p, INTERNET_SETTING *t);

288
src/Cedar/AzureClient.c
View File

@ -39,7 +39,7 @@ void AcWaitForRequest(AZURE_CLIENT *ac, SOCK *s, AZURE_PARAM *param)
UCHAR uc;
// Receive 1 byte
if (RecvAll(s, &uc, 1, false) == 0)
if (RecvAll(s, &uc, 1, param->UseEncryption) == 0)
{
break;
}
@ -70,6 +70,7 @@ void AcWaitForRequest(AZURE_CLIENT *ac, SOCK *s, AZURE_PARAM *param)
UINT client_port;
UINT server_port;
UCHAR session_id[SHA1_SIZE];
UCHAR relay_cert_hash[SHA1_SIZE];
if (PackGetIp(p, "client_ip", &client_ip) &&
PackGetIp(p, "server_ip", &server_ip) &&
@ -87,15 +88,58 @@ void AcWaitForRequest(AZURE_CLIENT *ac, SOCK *s, AZURE_PARAM *param)
SLog(ac->Cedar, "LS_AZURE_START", ipstr, client_port);
// Create new socket and connect VPN Azure Server
if (ac->DDnsStatusCopy.InternetSetting.ProxyType == PROXY_DIRECT)
if (param->UseCustom)
{
ns = ConnectEx2(ac->DDnsStatusCopy.CurrentAzureIp, AZURE_SERVER_PORT,
0, (bool *)&ac->Halt);
// Get relay server info from pack
char relay_addr[MAX_HOST_NAME_LEN + 1];
UINT relay_port;
relay_port = PackGetInt(p, "relay_port");
if (PackGetStr(p, "relay_address", relay_addr, sizeof(relay_addr)) &&
PackGetData2(p, "cert_hash", relay_cert_hash, sizeof(relay_cert_hash)) &&
relay_port != 0)
{
ns = ConnectEx2(relay_addr, relay_port, 0, (bool *)&ac->Halt);
if (ns != NULL)
{
UINT ssl_err = 0;
Copy(&ns->SslAcceptSettings, &ac->Cedar->SslAcceptSettings, sizeof(SSL_ACCEPT_SETTINGS));
if (StartSSLEx3(ns, NULL, NULL, NULL, 0, relay_addr, NULL, &ssl_err) == false)
{
if (ssl_err != 0)
{
SLog(ac->Cedar, "LS_AZURE_SSL_ERROR", GetUniErrorStr(ssl_err), ssl_err);
}
Disconnect(ns);
ReleaseSock(ns);
ns = NULL;
}
}
}
}
else
{
ns = WpcSockConnect2(ac->DDnsStatusCopy.CurrentAzureIp, AZURE_SERVER_PORT,
&ac->DDnsStatusCopy.InternetSetting, NULL, AZURE_VIA_PROXY_TIMEOUT);
BUF *b = StrToBin(ac->DDnsStatus.AzureCertHash);
if (b->Size == SHA1_SIZE)
{
Copy(relay_cert_hash, b->Buf, SHA1_SIZE);
}
FreeBuf(b);
if (ac->DDnsStatusCopy.InternetSetting.ProxyType == PROXY_DIRECT)
{
ns = ConnectEx2(ac->DDnsStatusCopy.CurrentAzureIp, AZURE_SERVER_PORT,
0, (bool *)&ac->Halt);
}
else
{
ns = WpcSockConnect2(ac->DDnsStatusCopy.CurrentAzureIp, AZURE_SERVER_PORT,
&ac->DDnsStatusCopy.InternetSetting, NULL, AZURE_VIA_PROXY_TIMEOUT);
}
}
if (ns == NULL)
@ -114,17 +158,12 @@ void AcWaitForRequest(AZURE_CLIENT *ac, SOCK *s, AZURE_PARAM *param)
if (StartSSLEx3(ns, NULL, NULL, NULL, 0, NULL, NULL, &ssl_err))
{
// Check certification
char server_cert_hash_str[MAX_SIZE];
UCHAR server_cert_hash[SHA1_SIZE];
Zero(server_cert_hash, sizeof(server_cert_hash));
GetXDigest(ns->RemoteX, server_cert_hash, true);
BinToStr(server_cert_hash_str, sizeof(server_cert_hash_str),
server_cert_hash, SHA1_SIZE);
if (IsEmptyStr(ac->DDnsStatusCopy.AzureCertHash) || StrCmpi(server_cert_hash_str, ac->DDnsStatusCopy.AzureCertHash) == 0
|| StrCmpi(server_cert_hash_str, ac->DDnsStatus.AzureCertHash) == 0)
if (Cmp(relay_cert_hash, server_cert_hash, SHA1_SIZE) == 0)
{
if (SendAll(ns, AZURE_PROTOCOL_DATA_SIANGTURE, 24, true))
{
@ -185,7 +224,7 @@ void AcWaitForRequest(AZURE_CLIENT *ac, SOCK *s, AZURE_PARAM *param)
// Send 1 byte
uc = 0;
if (SendAll(s, &uc, 1, false) == 0)
if (SendAll(s, &uc, 1, param->UseEncryption) == 0)
{
break;
}
@ -219,29 +258,59 @@ void AcMainThread(THREAD *thread, void *param)
DDNS_CLIENT_STATUS st;
bool connect_now = false;
bool azure_ip_changed = false;
bool use_custom_azure = false;
bool use_encryption = false;
char hostname[MAX_HOST_NAME_LEN + 1];
UCHAR hashed_password[SHA1_SIZE];
char server_address[MAX_HOST_NAME_LEN + 1];
UINT server_port = AZURE_SERVER_PORT;
bool add_default_ca = false;
bool verify_server = false;
X *server_cert = NULL;
X *client_cert = NULL;
K *client_key = NULL;
Lock(ac->Lock);
{
Copy(&st, &ac->DDnsStatus, sizeof(DDNS_CLIENT_STATUS));
if (StrCmpi(st.CurrentAzureIp, ac->DDnsStatusCopy.CurrentAzureIp) != 0)
if (ac->UseCustom && ac->CustomConfig != NULL)
{
if (IsEmptyStr(st.CurrentAzureIp) == false)
use_custom_azure = true;
use_encryption = true;
StrCpy(hostname, sizeof(hostname), ac->CustomConfig->Hostname);
Copy(hashed_password, ac->CustomConfig->HashedPassword, SHA1_SIZE);
StrCpy(server_address, sizeof(server_address), ac->CustomConfig->ServerName);
server_port = ac->CustomConfig->ServerPort;
verify_server = ac->CustomConfig->VerifyServer;
add_default_ca = ac->CustomConfig->AddDefaultCA;
server_cert = CloneX(ac->CustomConfig->ServerCert);
client_cert = CloneX(ac->CustomConfig->ClientX);
client_key = CloneK(ac->CustomConfig->ClientK);
}
else
{
Copy(&st, &ac->DDnsStatus, sizeof(DDNS_CLIENT_STATUS));
StrCpy(server_address, sizeof(server_address), st.CurrentAzureIp);
StrCpy(hostname, sizeof(hostname), st.CurrentHostName);
if (StrCmpi(st.CurrentAzureIp, ac->DDnsStatusCopy.CurrentAzureIp) != 0)
{
// Destination IP address is changed
if (IsEmptyStr(st.CurrentAzureIp) == false)
{
// Destination IP address is changed
connect_now = true;
num_reconnect_retry = 0;
}
}
if (StrCmpi(st.CurrentHostName, ac->DDnsStatusCopy.CurrentHostName) != 0)
{
// DDNS host name is changed
connect_now = true;
num_reconnect_retry = 0;
}
}
if (StrCmpi(st.CurrentHostName, ac->DDnsStatusCopy.CurrentHostName) != 0)
{
// DDNS host name is changed
connect_now = true;
num_reconnect_retry = 0;
Copy(&ac->DDnsStatusCopy, &st, sizeof(DDNS_CLIENT_STATUS));
}
Copy(&ac->DDnsStatusCopy, &st, sizeof(DDNS_CLIENT_STATUS));
}
Unlock(ac->Lock);
@ -272,19 +341,49 @@ void AcMainThread(THREAD *thread, void *param)
connect_now = true;
}
if (IsEmptyStr(st.CurrentAzureIp) == false && IsEmptyStr(st.CurrentHostName) == false)
if (IsEmptyStr(server_address) == false && IsEmptyStr(hostname) == false)
{
if (connect_now)
{
SOCK *s;
char *host = NULL;
UINT port = AZURE_SERVER_PORT;
UINT port;
Debug("VPN Azure: Connecting to %s...\n", st.CurrentAzureIp);
Debug("VPN Azure: Connecting to %s...\n", server_address);
if (ParseHostPort(st.CurrentAzureIp, &host, &port, AZURE_SERVER_PORT))
if (ParseHostPort(server_address, &host, &port, server_port))
{
if (st.InternetSetting.ProxyType == PROXY_DIRECT)
if (use_custom_azure)
{
s = ConnectEx2(host, port, 0, (bool *)&ac->Halt);
if (s != NULL && use_encryption)
{
// Enable SSL peer verification if we have a server cert or trust system CA
SSL_VERIFY_OPTION ssl_option;
Zero(&ssl_option, sizeof(ssl_option));
ssl_option.VerifyPeer = verify_server;
ssl_option.AddDefaultCA = add_default_ca;
ssl_option.VerifyHostname = verify_server;
ssl_option.SavedCert = server_cert;
UINT ssl_err = 0;
Copy(&s->SslAcceptSettings, &ac->Cedar->SslAcceptSettings, sizeof(SSL_ACCEPT_SETTINGS));
if (StartSSLEx3(s, client_cert, client_key, NULL, 0, server_address, &ssl_option, &ssl_err) == false)
{
if (ssl_err != 0)
{
SLog(ac->Cedar, "LS_AZURE_SSL_ERROR", GetUniErrorStr(ssl_err), ssl_err);
}
Disconnect(s);
ReleaseSock(s);
s = NULL;
}
}
}
else if (st.InternetSetting.ProxyType == PROXY_DIRECT)
{
s = ConnectEx2(host, port, 0, (bool *)&ac->Halt);
}
@ -306,11 +405,11 @@ void AcMainThread(THREAD *thread, void *param)
{
ac->CurrentSock = s;
ac->IsConnected = true;
StrCpy(ac->ConnectingAzureIp, sizeof(ac->ConnectingAzureIp), st.CurrentAzureIp);
StrCpy(ac->ConnectingAzureIp, sizeof(ac->ConnectingAzureIp), server_address);
}
Unlock(ac->Lock);
SendAll(s, AZURE_PROTOCOL_CONTROL_SIGNATURE, StrLen(AZURE_PROTOCOL_CONTROL_SIGNATURE), false);
SendAll(s, AZURE_PROTOCOL_CONTROL_SIGNATURE, StrLen(AZURE_PROTOCOL_CONTROL_SIGNATURE), use_encryption);
// Receive parameter
p = RecvPackWithHash(s);
@ -326,6 +425,11 @@ void AcMainThread(THREAD *thread, void *param)
param.ControlTimeout = PackGetInt(p, "ControlTimeout");
param.DataTimeout = PackGetInt(p, "DataTimeout");
param.SslTimeout = PackGetInt(p, "SslTimeout");
param.UseCustom = use_custom_azure;
param.UseEncryption = use_encryption;
UCHAR random[SHA1_SIZE];
PackGetData2(p, "Random", random, sizeof(random));
FreePack(p);
@ -344,14 +448,29 @@ void AcMainThread(THREAD *thread, void *param)
// Send parameter
p = NewPack();
PackAddStr(p, "CurrentHostName", st.CurrentHostName);
PackAddStr(p, "CurrentAzureIp", st.CurrentAzureIp);
PackAddInt64(p, "CurrentAzureTimestamp", st.CurrentAzureTimestamp);
PackAddStr(p, "CurrentAzureSignature", st.CurrentAzureSignature);
PackAddStr(p, "CurrentHostName", hostname);
PackAddStr(p, "CurrentAzureIp", server_address);
if (use_custom_azure == false)
{
PackAddInt64(p, "CurrentAzureTimestamp", st.CurrentAzureTimestamp);
PackAddStr(p, "CurrentAzureSignature", st.CurrentAzureSignature);
}
else
{
BUF *b = NewBuf();
UCHAR hash[SHA1_SIZE];
WriteBuf(b, hashed_password, SHA1_SIZE);
WriteBuf(b, random, SHA1_SIZE);
Sha1(hash, b->Buf, b->Size);
PackAddData(p, "PasswordHash", hash, SHA1_SIZE);
FreeBuf(b);
}
Lock(ac->Lock);
{
if (StrCmpi(st.CurrentHostName, ac->DDnsStatus.CurrentHostName) != 0)
if (use_custom_azure == false && StrCmpi(hostname, ac->DDnsStatus.CurrentHostName) != 0)
{
hostname_changed = true;
}
@ -363,7 +482,7 @@ void AcMainThread(THREAD *thread, void *param)
if (SendPackWithHash(s, p))
{
// Receive result
if (RecvAll(s, &c, 1, false))
if (RecvAll(s, &c, 1, use_encryption))
{
if (c && ac->Halt == false)
{
@ -417,6 +536,10 @@ void AcMainThread(THREAD *thread, void *param)
}
}
}
FreeX(server_cert);
FreeX(client_cert);
FreeK(client_key);
}
else
{
@ -448,31 +571,45 @@ void AcMainThread(THREAD *thread, void *param)
}
// Enable or disable VPN Azure client
void AcSetEnable(AZURE_CLIENT *ac, bool enabled)
void AcSetEnable(AZURE_CLIENT *ac, bool enabled, bool use_custom)
{
bool old_status;
bool changed = false;
// Validate arguments
if (ac == NULL)
{
return;
}
old_status = ac->IsEnabled;
if (ac->IsEnabled != enabled)
{
ac->IsEnabled = enabled;
changed = true;
}
ac->IsEnabled = enabled;
if (ac->UseCustom != use_custom)
{
ac->UseCustom = use_custom;
changed = true;
}
if (ac->IsEnabled && (ac->IsEnabled != old_status))
if (ac->IsEnabled && ac->UseCustom == false && changed)
{
ac->DDnsTriggerInt++;
}
AcApplyCurrentConfig(ac, NULL);
if (ac->IsEnabled == false)
{
// If VPN Azure client is disabled, disconnect current data connection
changed = true;
}
AcApplyCurrentConfig(ac, NULL, NULL, changed);
}
// Set current configuration to VPN Azure client
void AcApplyCurrentConfig(AZURE_CLIENT *ac, DDNS_CLIENT_STATUS *ddns_status)
void AcApplyCurrentConfig(AZURE_CLIENT *ac, DDNS_CLIENT_STATUS *ddns_status, AZURE_CUSTOM_CONFIG *config, bool disconnect)
{
bool disconnect_now = false;
bool disconnect_now = disconnect;
SOCK *disconnect_sock = NULL;
// Validate arguments
if (ac == NULL)
@ -483,29 +620,48 @@ void AcApplyCurrentConfig(AZURE_CLIENT *ac, DDNS_CLIENT_STATUS *ddns_status)
// Get current DDNS configuration
Lock(ac->Lock);
{
if (ddns_status != NULL)
if (config != NULL)
{
if (StrCmpi(ac->DDnsStatus.CurrentHostName, ddns_status->CurrentHostName) != 0)
if (ac->UseCustom)
{
// If host name is changed, disconnect current data connection
disconnect_now = true;
}
if (Cmp(&ac->DDnsStatus.InternetSetting, &ddns_status->InternetSetting, sizeof(INTERNET_SETTING)) != 0)
if (ac->CustomConfig == NULL)
{
// If proxy setting is changed, disconnect current data connection
disconnect_now = true;
ac->CustomConfig = config;
}
else
{
FreeX(ac->CustomConfig->ServerCert);
FreeX(ac->CustomConfig->ClientX);
FreeK(ac->CustomConfig->ClientK);
Free(ac->CustomConfig);
ac->CustomConfig = config;
}
}
if (ddns_status != NULL)
{
if (ac->UseCustom == false)
{
if (StrCmpi(ac->DDnsStatus.CurrentHostName, ddns_status->CurrentHostName) != 0)
{
// If host name is changed, disconnect current data connection
disconnect_now = true;
}
if (Cmp(&ac->DDnsStatus.InternetSetting, &ddns_status->InternetSetting, sizeof(INTERNET_SETTING)) != 0)
{
// If proxy setting is changed, disconnect current data connection
disconnect_now = true;
}
}
Copy(&ac->DDnsStatus, ddns_status, sizeof(DDNS_CLIENT_STATUS));
}
if (ac->IsEnabled == false)
{
// If VPN Azure client is disabled, disconnect current data connection
disconnect_now = true;
}
if (disconnect_now)
{
if (ac->CurrentSock != NULL)
@ -555,6 +711,14 @@ void FreeAzureClient(AZURE_CLIENT *ac)
ReleaseSock(disconnect_sock);
}
if (ac->CustomConfig != NULL)
{
FreeX(ac->CustomConfig->ServerCert);
FreeX(ac->CustomConfig->ClientX);
FreeK(ac->CustomConfig->ClientK);
Free(ac->CustomConfig);
}
Set(ac->Event);
// Stop main thread
@ -569,7 +733,7 @@ void FreeAzureClient(AZURE_CLIENT *ac)
}
// Create new VPN Azure client
AZURE_CLIENT *NewAzureClient(CEDAR *cedar, SERVER *server)
AZURE_CLIENT *NewAzureClient(CEDAR *cedar, SERVER *server, AZURE_CUSTOM_CONFIG *config)
{
AZURE_CLIENT *ac;
// Validate arguments
@ -584,10 +748,14 @@ AZURE_CLIENT *NewAzureClient(CEDAR *cedar, SERVER *server)
ac->Server = server;
ac->CustomConfig = config;
ac->Lock = NewLock();
ac->IsEnabled = false;
ac->UseCustom = false;
ac->Event = NewEvent();
// Start main thread

24
src/Cedar/AzureClient.h
View File

@ -29,6 +29,20 @@
#define AZURE_VIA_PROXY_TIMEOUT 5000
// Azure custom configuration
struct AZURE_CUSTOM_CONFIG
{
char ServerName[MAX_HOST_NAME_LEN + 1]; // VPN Azure server name
UINT ServerPort; // VPN Azure port number
char Hostname[MAX_HOST_NAME_LEN + 1]; // VPN Azure client hostname
UCHAR HashedPassword[SHA1_SIZE]; // Hashed passwords
X *ClientX; // VPN Azure client certificate
K *ClientK; // VPN Azure client private key
X *ServerCert; // VPN Azure server certificate
bool VerifyServer; // Verify server certificate
bool AddDefaultCA; // Use default trust store to verify server
};
// Communications parameter
struct AZURE_PARAM
{
@ -36,6 +50,8 @@ struct AZURE_PARAM
UINT ControlTimeout;
UINT DataTimeout;
UINT SslTimeout;
bool UseCustom;
bool UseEncryption;
};
// VPN Azure Client
@ -46,6 +62,7 @@ struct AZURE_CLIENT
LOCK *Lock;
DDNS_CLIENT_STATUS DDnsStatus;
volatile bool IsEnabled;
volatile bool UseCustom;
EVENT *Event;
volatile bool Halt;
THREAD *MainThread;
@ -56,15 +73,16 @@ struct AZURE_CLIENT
AZURE_PARAM AzureParam;
volatile UINT DDnsTriggerInt;
volatile bool IsConnected;
AZURE_CUSTOM_CONFIG *CustomConfig;
};
// Function prototype
AZURE_CLIENT *NewAzureClient(CEDAR *cedar, SERVER *server);
AZURE_CLIENT *NewAzureClient(CEDAR *cedar, SERVER *server, AZURE_CUSTOM_CONFIG *config);
void FreeAzureClient(AZURE_CLIENT *ac);
void AcApplyCurrentConfig(AZURE_CLIENT *ac, DDNS_CLIENT_STATUS *ddns_status);
void AcApplyCurrentConfig(AZURE_CLIENT *ac, DDNS_CLIENT_STATUS *ddns_status, AZURE_CUSTOM_CONFIG *config, bool disconnect);
void AcMainThread(THREAD *thread, void *param);
void AcSetEnable(AZURE_CLIENT *ac, bool enabled);
void AcSetEnable(AZURE_CLIENT *ac, bool enabled, bool use_custom);
void AcWaitForRequest(AZURE_CLIENT *ac, SOCK *s, AZURE_PARAM *param);

2
src/Cedar/CM.c
View File

@ -6726,7 +6726,7 @@ void CmEditAccountDlgUpdate(HWND hWnd, CM_ACCOUNT *a)
GetTxtA(hWnd, E_PASSWORD, str, sizeof(str));
if (StrCmp(str, HIDDEN_PASSWORD) != 0)
{
HashPassword(a->ClientAuth->HashedPassword, a->ClientAuth->Username, str);
HashPassword(a->ClientAuth->HashedPassword, a->ClientAuth->Username, str, false);
}
break;
case CLIENT_AUTHTYPE_PLAIN_PASSWORD:

2
src/Cedar/CedarType.h
View File

@ -381,6 +381,7 @@ typedef struct RPC_ENUM_ETHERIP_ID RPC_ENUM_ETHERIP_ID;
typedef struct RPC_SPECIAL_LISTENER RPC_SPECIAL_LISTENER;
typedef struct RPC_AZURE_STATUS RPC_AZURE_STATUS;
typedef struct RPC_CONNECT_CONFIRM RPC_CONNECT_CONFIRM;
typedef struct RPC_AZURE_CUSTOM RPC_AZURE_CUSTOM;
// ==============================================================
@ -644,6 +645,7 @@ typedef struct DDNS_CLIENT_STATUS DDNS_CLIENT_STATUS;
// ==============================================================
typedef struct AZURE_CLIENT AZURE_CLIENT;
typedef struct AZURE_PARAM AZURE_PARAM;
typedef struct AZURE_CUSTOM_CONFIG AZURE_CUSTOM_CONFIG;
// ==============================================================

180
src/Cedar/Command.c
View File

@ -4757,7 +4757,7 @@ UINT PcAccountPasswordSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
{
t.ClientAuth->AuthType = CLIENT_AUTHTYPE_PASSWORD;
HashPassword(t.ClientAuth->HashedPassword, t.ClientAuth->Username,
GetParamStr(o, "PASSWORD"));
GetParamStr(o, "PASSWORD"), false);
}
else if (StartWith("radius", typestr) || StartWith("ntdomain", typestr))
{
@ -7749,6 +7749,8 @@ void PsMain(PS *ps)
{"DynamicDnsSetHostname", PsDynamicDnsSetHostname},
{"VpnAzureGetStatus", PsVpnAzureGetStatus},
{"VpnAzureSetEnable", PsVpnAzureSetEnable},
{"VpnAzureGetCustom", PsVpnAzureGetCustom},
{"VpnAzureSetCustom", PsVpnAzureSetCustom},
};
// Generate a prompt
@ -10895,7 +10897,7 @@ UINT PsHubCreate(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
}
Sha0(t.HashedPassword, pass, StrLen(pass));
HashPassword(t.SecurePassword, ADMINISTRATOR_USERNAME, pass);
HashPassword(t.SecurePassword, ADMINISTRATOR_USERNAME, pass, false);
t.Online = true;
// RPC call
@ -10947,7 +10949,7 @@ UINT PsHubCreateDynamic(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
}
Sha0(t.HashedPassword, pass, StrLen(pass));
HashPassword(t.SecurePassword, ADMINISTRATOR_USERNAME, pass);
HashPassword(t.SecurePassword, ADMINISTRATOR_USERNAME, pass, false);
t.Online = true;
// RPC call
@ -10999,7 +11001,7 @@ UINT PsHubCreateStatic(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
}
Sha0(t.HashedPassword, pass, StrLen(pass));
HashPassword(t.SecurePassword, ADMINISTRATOR_USERNAME, pass);
HashPassword(t.SecurePassword, ADMINISTRATOR_USERNAME, pass, false);
t.Online = true;
// RPC call
@ -11574,7 +11576,7 @@ UINT PsSetHubPassword(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
// Change the settings
pw = GetParamStr(o, "[password]");
HashPassword(t.SecurePassword, ADMINISTRATOR_USERNAME, pw);
HashPassword(t.SecurePassword, ADMINISTRATOR_USERNAME, pw, false);
Sha0(t.HashedPassword, pw, StrLen(pw));
// Write the configuration of Virtual HUB
@ -13549,7 +13551,7 @@ UINT PsCascadePasswordSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
{
t.ClientAuth->AuthType = CLIENT_AUTHTYPE_PASSWORD;
HashPassword(t.ClientAuth->HashedPassword, t.ClientAuth->Username,
GetParamStr(o, "PASSWORD"));
GetParamStr(o, "PASSWORD"), false);
}
else if (StartWith("radius", typestr) || StartWith("ntdomain", typestr))
{
@ -22239,7 +22241,8 @@ UINT PsVpnAzureSetEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
PARAM args[] =
{
// "name", prompt_proc, prompt_param, eval_proc, eval_param
{"[yes|no]", CmdPrompt, _UU("VpnAzureSetEnable_PROMPT"), CmdEvalNotEmpty, NULL},
{"[yes|no]", CmdPrompt, _UU("CMD_VpnAzureSetEnable_PROMPT"), CmdEvalNotEmpty, NULL},
{"CUSTOM", CmdPrompt, _UU("CMD_VpnAzureSetEnableCustom_PROMPT"), CmdEvalNotEmpty, NULL},
};
o = ParseCommandList(c, cmd_name, str, args, sizeof(args) / sizeof(args[0]));
@ -22250,6 +22253,7 @@ UINT PsVpnAzureSetEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
Zero(&t, sizeof(t));
t.IsEnabled = GetParamYes(o, "[yes|no]");
t.UseCustom = GetParamYes(o, "CUSTOM");
// RPC call
ret = ScSetAzureStatus(ps->Rpc, &t);
@ -22288,11 +22292,6 @@ UINT PsVpnAzureGetStatus(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
// RPC call
ret = ScGetAzureStatus(ps->Rpc, &t);
if (ret == ERR_NO_ERROR)
{
ret = ScGetDDnsClientStatus(ps->Rpc, &t2);
}
if (ret != ERR_NO_ERROR)
{
// An error has occured
@ -22309,9 +22308,23 @@ UINT PsVpnAzureGetStatus(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
if (t.IsEnabled)
{
wchar_t tmp[MAX_SIZE];
Zero(tmp, sizeof(tmp));
UniFormat(tmp, sizeof(tmp), L"%S%S", t2.CurrentHostName, AZURE_DOMAIN_SUFFIX);
if (t.UseCustom)
{
StrToUni(tmp, sizeof(tmp), t.CurrentHostname);
}
else
{
ret = ScGetDDnsClientStatus(ps->Rpc, &t2);
if (ret == ERR_NO_ERROR && IsEmptyStr(t2.CurrentHostName) == false)
{
UniFormat(tmp, sizeof(tmp), L"%S%S", t2.CurrentHostName, AZURE_DOMAIN_SUFFIX);
}
}
CtInsert(ct, _UU("CMD_VpnAzureGetStatus_PRINT_CUSTOM"), _UU(t.UseCustom ? "SEC_YES" : "SEC_NO"));
CtInsert(ct, _UU("CMD_VpnAzureGetStatus_PRINT_CONNECTED"), _UU(t.IsConnected ? "SEC_YES" : "SEC_NO"));
CtInsert(ct, _UU("CMD_VpnAzureGetStatus_PRINT_HOSTNAME"), tmp);
}
@ -22324,6 +22337,147 @@ UINT PsVpnAzureGetStatus(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
return 0;
}
// Set the custom VPN Azure service
UINT PsVpnAzureSetCustom(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
{
LIST *o;
PS *ps = (PS *)param;
UINT ret = 0;
RPC_AZURE_CUSTOM t;
char *server;
UINT port;
X *x;
K *k;
// Parameter list that can be specified
PARAM args[] =
{
{"SERVER", CmdPrompt, _UU("CMD_VpnAzureSetCustom_Prompt_Server"), CmdEvalHostAndPort, NULL},
{"HOSTNAME", CmdPrompt, _UU("CMD_VpnAzureSetCustom_Prompt_Hostname"), CmdEvalNotEmpty, NULL},
{"PASSWORD", CmdPromptChoosePassword, NULL, NULL, NULL},
{"LOADCERT", CmdPrompt, _UU("CMD_VpnAzureSetCustom_Prompt_ClientX"), NULL, NULL},
{"LOADKEY", CmdPrompt, _UU("CMD_VpnAzureSetCustom_Prompt_ClientK"), NULL, NULL},
{"VERIFY", CmdPrompt, _UU("CMD_VpnAzureSetCustom_Prompt_Verify"), CmdEvalNotEmpty, NULL},
{"TRUSTCA", CmdPrompt, _UU("CMD_VpnAzureSetCustom_Prompt_TrustCA"), CmdEvalNotEmpty, NULL},
{"SERVCERT", CmdPrompt, _UU("CMD_VpnAzureSetCustom_Prompt_ServerX"), NULL, NULL},
};
o = ParseCommandList(c, cmd_name, str, args, sizeof(args) / sizeof(args[0]));
if (o == NULL)
{
return ERR_INVALID_PARAMETER;
}
Zero(&t, sizeof(t));
ParseHostPort(GetParamStr(o, "SERVER"), &server, &port, 443);
StrCpy(t.ServerName, sizeof(t.ServerName), server);
t.ServerPort = port;
Free(server);
StrCpy(t.Hostname, sizeof(t.Hostname), GetParamStr(o, "HOSTNAME"));
HashPassword(t.HashedPassword, t.Hostname, GetParamStr(o, "PASSWORD"), true);
if (UniIsEmptyStr(GetParamUniStr(o, "LOADCERT")) == false && UniIsEmptyStr(GetParamUniStr(o, "LOADKEY")) == false &&
CmdLoadCertAndKey(c, &x, &k, GetParamUniStr(o, "LOADCERT"), GetParamUniStr(o, "LOADKEY")))
{
c->Write(c, _UU("CMD_VpnAzureSetCustom_MSG_ClientCertLoaded"));
t.ClientX = x;
t.ClientK = k;
}
x = FileToXW(GetParamUniStr(o, "SERVCERT"));
if (x != NULL)
{
c->Write(c, _UU("CMD_VpnAzureSetCustom_MSG_ServerCertLoaded"));
t.ServerCert = x;
}
t.VerifyServer = GetParamYes(o, "VERIFY");
t.AddDefaultCA = GetParamYes(o, "TRUSTCA");
// RPC call
ret = ScSetAzureCustom(ps->Rpc, &t);
if (ret != ERR_NO_ERROR)
{
// An error has occured
CmdPrintError(c, ret);
FreeParamValueList(o);
return ret;
}
FreeRpcAzureCustom(&t);
FreeParamValueList(o);
return 0;
}
// Get the current config of the custom VPN Azure function
UINT PsVpnAzureGetCustom(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
{
LIST *o;
PS *ps = (PS *)param;
UINT ret = 0;
RPC_AZURE_CUSTOM t;
o = ParseCommandList(c, cmd_name, str, NULL, 0);
if (o == NULL)
{
return ERR_INVALID_PARAMETER;
}
Zero(&t, sizeof(t));
// RPC call
ret = ScGetAzureCustom(ps->Rpc, &t);
if (ret != ERR_NO_ERROR)
{
// An error has occured
CmdPrintError(c, ret);
FreeParamValueList(o);
return ret;
}
else
{
CT *ct = CtNewStandard();
wchar_t tmp[MAX_SIZE];
StrToUni(tmp, sizeof(tmp), t.ServerName);
CtInsert(ct, _UU("CMD_VpnAzureGetCustom_PRINT_SERVERNAME"), tmp);
UniFormat(tmp, sizeof(tmp), _UU("CM_ST_PORT_TCP"), t.ServerPort);
CtInsert(ct, _UU("CMD_VpnAzureGetCustom_PRINT_SERVERPORT"), tmp);
StrToUni(tmp, sizeof(tmp), t.Hostname);
CtInsert(ct, _UU("CMD_VpnAzureGetCustom_PRINT_HOSTNAME"), tmp);
if (t.ClientX != NULL)
{
GetAllNameFromX(tmp, sizeof(tmp), t.ClientX);
CtInsert(ct, _UU("CMD_VpnAzureGetCustom_PRINT_CLIENTCERT"), tmp);
}
CtInsert(ct, _UU("CMD_VpnAzureGetCustom_PRINT_VERIFYSERVER"), _UU(t.VerifyServer ? "SEC_YES" : "SEC_NO"));
CtInsert(ct, _UU("CMD_VpnAzureGetCustom_PRINT_DEFAULTCA"), _UU(t.AddDefaultCA ? "SEC_YES" : "SEC_NO"));
if (t.ServerCert != NULL)
{
GetAllNameFromX(tmp, sizeof(tmp), t.ServerCert);
CtInsert(ct, _UU("CMD_VpnAzureGetCustom_PRINT_SERVERCERT"), tmp);
}
CtFree(ct, c);
FreeRpcAzureCustom(&t);
}
FreeParamValueList(o);
return 0;
}
// Get the current state of the dynamic DNS function
UINT PsDynamicDnsGetStatus(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
{

2
src/Cedar/Command.h
View File

@ -612,6 +612,8 @@ UINT PsDynamicDnsGetStatus(CONSOLE *c, char *cmd_name, wchar_t *str, void *param
UINT PsDynamicDnsSetHostname(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsVpnAzureSetEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsVpnAzureGetStatus(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsVpnAzureSetCustom(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsVpnAzureGetCustom(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
#endif // COMMAND_H

12
src/Cedar/DDNS.c
View File

@ -128,7 +128,7 @@ UINT DCChangeHostName(DDNS_CLIENT *c, char *hostname)
DCGetStatus(c, &st);
SiApplyAzureConfig(c->Cedar->Server, &st);
SiApplyAzureConfig(c->Cedar->Server, &st, NULL);
}
return ret;
@ -174,7 +174,7 @@ void DCThread(THREAD *thread, void *param)
bool vgs_server_triggered = false;
if (c->Cedar->Server != NULL && c->Cedar->Server->AzureClient != NULL)
if (c->Cedar->Server != NULL && c->Cedar->Server->AzureClient != NULL && c->Cedar->Server->UseCustomVpnAzure == false)
{
if (c->Cedar->Server->AzureClient->DDnsTriggerInt != last_azure_ddns_trigger_int)
{
@ -327,7 +327,7 @@ void DCThread(THREAD *thread, void *param)
DCGetStatus(c, &st);
SiApplyAzureConfig(c->Cedar->Server, &st);
SiApplyAzureConfig(c->Cedar->Server, &st, NULL);
}
AddInterrupt(interrupt, c->NextRegisterTick_IPv4);
@ -362,7 +362,7 @@ void DCThread(THREAD *thread, void *param)
DCGetStatus(c, &st);
SiApplyAzureConfig(c->Cedar->Server, &st);
SiApplyAzureConfig(c->Cedar->Server, &st, NULL);
}
AddInterrupt(interrupt, c->NextRegisterTick_IPv6);
@ -391,7 +391,7 @@ void DCThread(THREAD *thread, void *param)
if (last_time_ip_changed)
{
if (c->Cedar->Server != NULL && c->Cedar->Server->AzureClient != NULL)
if (c->Cedar->Server != NULL && c->Cedar->Server->AzureClient != NULL && c->Cedar->Server->UseCustomVpnAzure == false)
{
c->Cedar->Server->AzureClient->IpStatusRevision++;
}
@ -476,7 +476,7 @@ UINT DCRegister(DDNS_CLIENT *c, bool ipv6, DDNS_REGISTER_PARAM *p, char *replace
if (ipv6 == false)
{
// Get the current status of the VPN Azure Client
if (c->Cedar->Server != NULL)
if (c->Cedar->Server != NULL && c->Cedar->Server->UseCustomVpnAzure == false)
{
AZURE_CLIENT *ac = c->Cedar->Server->AzureClient;

2
src/Cedar/Hub.c
View File

@ -6923,7 +6923,7 @@ HUB *NewHub(CEDAR *cedar, char *HubName, HUB_OPTION *option)
h = ZeroMalloc(sizeof(HUB));
Sha0(h->HashedPassword, "", 0);
HashPassword(h->SecurePassword, ADMINISTRATOR_USERNAME, "");
HashPassword(h->SecurePassword, ADMINISTRATOR_USERNAME, "", false);
h->lock = NewLock();
h->lock_online = NewLock();
h->ref = NewRef();

8
src/Cedar/Protocol.c
View File

@ -990,9 +990,9 @@ UINT ChangePassword(CEDAR *cedar, CLIENT_OPTION *o, char *hubname, char *usernam
sock = s->Connection->FirstSock;
HashPassword(old_password, username, old_pass);
HashPassword(old_password, username, old_pass, false);
SecurePassword(secure_old_password, old_password, s->Connection->Random);
HashPassword(new_password, username, new_pass);
HashPassword(new_password, username, new_pass, false);
GenerateNtPasswordHash(new_password_ntlm, new_pass);
PackAddClientVersion(p, s->Connection);
@ -1864,7 +1864,7 @@ bool ServerAccept(CONNECTION *c)
// Check whether the password was empty
UCHAR hashed_empty_password[SHA1_SIZE];
UCHAR secure_empty_password[SHA1_SIZE];
HashPassword(hashed_empty_password, username, "");
HashPassword(hashed_empty_password, username, "", false);
SecurePassword(secure_empty_password, hashed_empty_password, c->Random);
if(Cmp(secure_password, secure_empty_password, SHA1_SIZE)==0){
is_empty_password = true;
@ -1893,7 +1893,7 @@ bool ServerAccept(CONNECTION *c)
UCHAR hash_password[SHA1_SIZE];
bool is_mschap = StartWith(plain_password, IPC_PASSWORD_MSCHAPV2_TAG);
HashPassword(hash_password, username, plain_password);
HashPassword(hash_password, username, plain_password, false);
SecurePassword(secure_password, hash_password, c->Random);
if (is_mschap == false)

86
src/Cedar/SM.c
View File

@ -260,6 +260,8 @@ void SmAzureSetStatus(HWND hWnd, SM_AZURE *a)
st.IsEnabled = IsChecked(hWnd, R_ENABLE);
st.UseCustom = a->UseCustom;
if (CALL(hWnd, ScSetAzureStatus(a->s->Rpc, &st)) == false)
{
EndDialog(hWnd, 0);
@ -342,7 +344,9 @@ void SmAzureDlgRefresh(HWND hWnd, SM_AZURE *a)
return;
}
if (CALL(hWnd, ScGetDDnsClientStatus(a->s->Rpc, &ddns)) == false)
a->UseCustom = st.UseCustom;
if (st.UseCustom == false && CALL(hWnd, ScGetDDnsClientStatus(a->s->Rpc, &ddns)) == false)
{
EndDialog(hWnd, 0);
return;
@ -360,21 +364,38 @@ void SmAzureDlgRefresh(HWND hWnd, SM_AZURE *a)
}
SetShow(hWnd, S_HOSTNAME_BORDER, st.IsEnabled);
SetShow(hWnd, S_HOSTNAME_INFO, st.IsEnabled);
SetShow(hWnd, S_HOSTNAME_INFO, st.IsEnabled && st.UseCustom == false);
SetShow(hWnd, S_HOSTNAME_CUSTOM, st.IsEnabled && st.UseCustom);
SetShow(hWnd, B_CHANGE, st.IsEnabled);
SetEnable(hWnd, B_CHANGE, st.IsEnabled && st.UseCustom == false);
if (st.IsEnabled == false || IsEmptyStr(ddns.CurrentHostName))
if (st.IsEnabled)
{
Hide(hWnd, E_HOST);
if (st.UseCustom && IsEmptyStr(st.CurrentHostname) == false)
{
StrCpy(tmp, sizeof(tmp), st.CurrentHostname);
SetTextA(hWnd, E_HOST, tmp);
Show(hWnd, E_HOST);
}
else if (st.UseCustom == false && IsEmptyStr(ddns.CurrentHostName) == false)
{
StrCpy(tmp, sizeof(tmp), ddns.CurrentHostName);
StrCat(tmp, sizeof(tmp), AZURE_DOMAIN_SUFFIX);
SetTextA(hWnd, E_HOST, tmp);
Show(hWnd, E_HOST);
}
else
{
Hide(hWnd, E_HOST);
}
}
else
{
StrCpy(tmp, sizeof(tmp), ddns.CurrentHostName);
StrCat(tmp, sizeof(tmp), AZURE_DOMAIN_SUFFIX);
SetTextA(hWnd, E_HOST, tmp);
Show(hWnd, E_HOST);
Hide(hWnd, E_HOST);
}
}
@ -3032,7 +3053,7 @@ bool SmSetupInit(HWND hWnd, SM_SETUP *s)
Zero(&t, sizeof(t));
Sha0(t.HashedPassword, password, StrLen(password));
HashPassword(t.SecurePassword, ADMINISTRATOR_USERNAME, password);
HashPassword(t.SecurePassword, ADMINISTRATOR_USERNAME, password, false);
StrCpy(t.HubName, sizeof(t.HubName), s->HubName);
t.HubType = HUB_TYPE_STANDALONE;
t.Online = true;
@ -14036,7 +14057,7 @@ void SmEditUserDlgUpdate(HWND hWnd, SM_EDIT_USER *s)
{
if (StrCmp(tmp1, HIDDEN_PASSWORD) != 0)
{
HashPassword(((AUTHPASSWORD *)u->AuthData)->HashedKey, u->Name, tmp1);
HashPassword(((AUTHPASSWORD *)u->AuthData)->HashedKey, u->Name, tmp1, false);
GenerateNtPasswordHash(((AUTHPASSWORD *)u->AuthData)->NtLmSecureHash, tmp1);
}
}
@ -17422,7 +17443,7 @@ void SmEditHubOnOk(HWND hWnd, SM_EDIT_HUB *s)
if (s->EditMode == false || StrCmp(pass1, HIDDEN_PASSWORD) != 0)
{
Sha0(t.HashedPassword, pass1, StrLen(pass1));
HashPassword(t.SecurePassword, ADMINISTRATOR_USERNAME, pass1);
HashPassword(t.SecurePassword, ADMINISTRATOR_USERNAME, pass1, false);
}
if (IsChecked(hWnd, R_LIMIT_MAX_SESSION))
@ -18309,11 +18330,11 @@ void SmServerDlgRefresh(HWND hWnd, SM_SERVER *p)
{
UniToStr3(s9, sizeof(s9),
e->Traffic.Recv.BroadcastBytes + e->Traffic.Recv.UnicastBytes +
e->Traffic.Send.BroadcastBytes + e->Traffic.Send.UnicastBytes);
e->Traffic.Send.BroadcastBytes + e->Traffic.Send.UnicastBytes);
UniToStr3(s10, sizeof(s10),
e->Traffic.Recv.BroadcastCount + e->Traffic.Recv.UnicastCount +
e->Traffic.Send.BroadcastCount + e->Traffic.Send.UnicastCount);
UniToStr3(s10, sizeof(s10),
e->Traffic.Recv.BroadcastCount + e->Traffic.Recv.UnicastCount +
e->Traffic.Send.BroadcastCount + e->Traffic.Send.UnicastCount);
}
LvInsertAdd(b,
@ -18334,7 +18355,7 @@ void SmServerDlgRefresh(HWND hWnd, SM_SERVER *p)
if (CALL(hWnd, ScEnumListener(p->Rpc, &t2)))
{
LVB *b = LvInsertStart();
for (i = 0;i < t2.NumPort;i++)
for (i = 0; i < t2.NumPort; i++)
{
wchar_t tmp[MAX_SIZE];
wchar_t *status;
@ -18403,17 +18424,34 @@ void SmServerDlgRefresh(HWND hWnd, SM_SERVER *p)
// VPN Azure client state acquisition
Zero(&sta, sizeof(sta));
if (ScGetAzureStatus(p->Rpc, &sta) == ERR_NO_ERROR && sta.IsEnabled && IsEmptyStr(st.CurrentFqdn) == false)
if (ScGetAzureStatus(p->Rpc, &sta) == ERR_NO_ERROR && sta.IsEnabled)
{
char tmp[MAX_SIZE];
StrCpy(tmp, sizeof(tmp), st.CurrentHostName);
StrCat(tmp, sizeof(tmp), AZURE_DOMAIN_SUFFIX);
if (sta.UseCustom && IsEmptyStr(sta.CurrentHostname) == false)
{
StrCpy(tmp, sizeof(tmp), sta.CurrentHostname);
SetTextA(hWnd, E_AZURE_HOST, tmp);
SetTextA(hWnd, E_AZURE_HOST, tmp);
Show(hWnd, S_AZURE);
Show(hWnd, E_AZURE_HOST);
Show(hWnd, S_AZURE);
Show(hWnd, E_AZURE_HOST);
}
else if (sta.UseCustom == false && IsEmptyStr(st.CurrentFqdn) == false)
{
StrCpy(tmp, sizeof(tmp), st.CurrentHostName);
StrCat(tmp, sizeof(tmp), AZURE_DOMAIN_SUFFIX);
SetTextA(hWnd, E_AZURE_HOST, tmp);
Show(hWnd, S_AZURE);
Show(hWnd, E_AZURE_HOST);
}
else
{
Hide(hWnd, S_AZURE);
Hide(hWnd, E_AZURE_HOST);
}
}
else
{

1
src/Cedar/SMInner.h
View File

@ -375,6 +375,7 @@ typedef struct SM_AZURE
{
SM_SERVER *s;
bool OnSetup;
bool UseCustom;
} SM_AZURE;

119
src/Cedar/Server.c
View File

@ -2450,6 +2450,14 @@ void SiLoadInitialConfiguration(SERVER *s)
{
// Create a DDNS client
s->DDnsClient = NewDDNSClient(s->Cedar, NULL, NULL);
// Create a default VPN Azure client
if (s->ServerType == SERVER_TYPE_STANDALONE)
{
s->AzureClient = NewAzureClient(s->Cedar, s, NULL);
AcSetEnable(s->AzureClient, s->EnableVpnAzure, s->UseCustomVpnAzure);
}
}
@ -2626,14 +2634,6 @@ void SiInitConfiguration(SERVER *s)
s->AutoSaveConfigSpanSaved = s->AutoSaveConfigSpan;
// Create a VPN Azure client
if (s->DDnsClient != NULL && s->Cedar->Bridge == false && s->ServerType == SERVER_TYPE_STANDALONE)
{
s->AzureClient = NewAzureClient(s->Cedar, s);
AcSetEnable(s->AzureClient, s->EnableVpnAzure);
}
// Reduce the storage interval in the case of user mode
#ifdef OS_WIN32
if (MsIsUserMode())
@ -2649,7 +2649,7 @@ void SiInitConfiguration(SERVER *s)
}
// Set the state of Enabled / Disabled of Azure Client
void SiSetAzureEnable(SERVER *s, bool enabled)
void SiSetAzureEnable(SERVER *s, bool enabled, bool use_custom)
{
// Validate arguments
if (s == NULL)
@ -2659,14 +2659,16 @@ void SiSetAzureEnable(SERVER *s, bool enabled)
if (s->AzureClient != NULL)
{
AcSetEnable(s->AzureClient, enabled);
AcSetEnable(s->AzureClient, enabled, use_custom);
}
s->EnableVpnAzure = enabled;
s->UseCustomVpnAzure = use_custom;
}
// Apply the Config to the Azure Client
void SiApplyAzureConfig(SERVER *s, DDNS_CLIENT_STATUS *ddns_status)
void SiApplyAzureConfig(SERVER *s, DDNS_CLIENT_STATUS *ddns_status, AZURE_CUSTOM_CONFIG *config)
{
// Validate arguments
if (s == NULL)
@ -2674,7 +2676,7 @@ void SiApplyAzureConfig(SERVER *s, DDNS_CLIENT_STATUS *ddns_status)
return;
}
AcApplyCurrentConfig(s->AzureClient, ddns_status);
AcApplyCurrentConfig(s->AzureClient, ddns_status, config, false);
}
// Get whether the Azure Client is enabled
@ -2714,7 +2716,7 @@ bool SiIsAzureSupported(SERVER *s)
// Read the server settings from the CFG
bool SiLoadConfigurationCfg(SERVER *s, FOLDER *root)
{
FOLDER *f1, *f2, *f3, *f4, *f5, *f6, *f7, *f8, *f9;
FOLDER *f1, *f2, *f3, *f4, *f5, *f6, *f7, *f8, *f9, *f10;
// Validate arguments
if (s == NULL || root == NULL)
{
@ -2730,6 +2732,7 @@ bool SiLoadConfigurationCfg(SERVER *s, FOLDER *root)
f7 = CfgGetFolder(root, "IPsec");
f8 = CfgGetFolder(root, "DDnsClient");
f9 = CfgGetFolder(root, "WireGuardKeyList");
f10 = CfgGetFolder(root, "VPNAzureClient");
if (f1 == NULL)
{
@ -2871,6 +2874,63 @@ bool SiLoadConfigurationCfg(SERVER *s, FOLDER *root)
}
}
}
if (f10 == NULL)
{
// Create a default VPN Azure client
if (s->ServerType == SERVER_TYPE_STANDALONE)
{
s->AzureClient = NewAzureClient(s->Cedar, s, NULL);
AcSetEnable(s->AzureClient, s->EnableVpnAzure, s->UseCustomVpnAzure);
}
}
else
{
if (s->ServerType == SERVER_TYPE_STANDALONE)
{
// Custom VPN Azure client
AZURE_CUSTOM_CONFIG *config = ZeroMalloc(sizeof(AZURE_CUSTOM_CONFIG));
CfgGetStr(f10, "ServerName", config->ServerName, sizeof(config->ServerName));
config->ServerPort = CfgGetInt(f10, "ServerPort");
CfgGetStr(f10, "Hostname", config->Hostname, sizeof(config->Hostname));
CfgGetByte(f10, "HashedPassword", config->HashedPassword, SHA1_SIZE);
config->VerifyServer = CfgGetBool(f10, "VerifyServer");
config->AddDefaultCA = CfgGetBool(f10, "AddDefaultCA");
BUF *b;
// VPN Azure server certificate
b = CfgGetBuf(f10, "ServerCert");
if (b != NULL)
{
config->ServerCert = BufToX(b, false);
FreeBuf(b);
}
// VPN Azure client certificate
b = CfgGetBuf(f10, "ClientCert");
if (b != NULL)
{
config->ClientX = BufToX(b, false);
FreeBuf(b);
}
// VPN Azure client private key
b = CfgGetBuf(f10, "ClientKey");
if (b != NULL)
{
config->ClientK = BufToK(b, true, false, NULL);
FreeBuf(b);
}
// Create a VPN Azure client
s->AzureClient = NewAzureClient(s->Cedar, s, config);
AcSetEnable(s->AzureClient, s->EnableVpnAzure, s->UseCustomVpnAzure);
}
}
}
s->IPsecMessageDisplayed = CfgGetBool(root, "IPsecMessageDisplayed");
@ -3226,6 +3286,35 @@ FOLDER *SiWriteConfigurationToCfg(SERVER *s)
CfgAddStr(ddns_folder, "CustomHttpHeader", t->CustomHttpHeader);
}
FOLDER *azure_folder = CfgCreateFolder(root, "VPNAzureClient");
if (s->AzureClient != NULL && s->AzureClient->CustomConfig != NULL)
{
CfgAddStr(azure_folder, "ServerName", s->AzureClient->CustomConfig->ServerName);
CfgAddInt(azure_folder, "ServerPort", s->AzureClient->CustomConfig->ServerPort);
CfgAddStr(azure_folder, "Hostname", s->AzureClient->CustomConfig->Hostname);
CfgAddByte(azure_folder, "HashedPassword", s->AzureClient->CustomConfig->HashedPassword, sizeof(s->AzureClient->CustomConfig->HashedPassword));
CfgAddBool(azure_folder, "VerifyServer", s->AzureClient->CustomConfig->VerifyServer);
CfgAddBool(azure_folder, "AddDefaultCA", s->AzureClient->CustomConfig->AddDefaultCA);
BUF *b;
// VPN Azure server certificate
b = XToBuf(s->AzureClient->CustomConfig->ServerCert, false);
CfgAddBuf(azure_folder, "ServerCert", b);
FreeBuf(b);
// VPN Azure client certificate
b = XToBuf(s->AzureClient->CustomConfig->ClientX, false);
CfgAddBuf(azure_folder, "ClientCert", b);
FreeBuf(b);
// VPN Azure client private key
b = KToBuf(s->AzureClient->CustomConfig->ClientK, false, NULL);
CfgAddBuf(azure_folder, "ClientKey", b);
FreeBuf(b);
}
}
CfgAddBool(root, "IPsecMessageDisplayed", s->IPsecMessageDisplayed);
@ -5046,7 +5135,7 @@ void SiLoadHubCfg(SERVER *s, FOLDER *f, char *name)
}
if (CfgGetByte(f, "SecurePassword", h->SecurePassword, sizeof(h->SecurePassword)) != sizeof(h->SecurePassword))
{
HashPassword(h->SecurePassword, ADMINISTRATOR_USERNAME, "");
HashPassword(h->SecurePassword, ADMINISTRATOR_USERNAME, "", false);
}
// Log Settings
@ -5996,6 +6085,7 @@ void SiLoadServerCfg(SERVER *s, FOLDER *f)
// Configuration of VPN Azure Client
s->EnableVpnAzure = CfgGetBool(f, "EnableVpnAzure");
s->UseCustomVpnAzure = CfgGetBool(f, "UseCustomVpnAzure");
// Disable GetHostName when accepting TCP
s->DisableGetHostNameWhenAcceptTcp = CfgGetBool(f, "DisableGetHostNameWhenAcceptTcp");
@ -6336,6 +6426,7 @@ void SiWriteServerCfg(FOLDER *f, SERVER *s)
if (s->AzureClient != NULL)
{
CfgAddBool(f, "EnableVpnAzure", s->EnableVpnAzure);
CfgAddBool(f, "UseCustomVpnAzure", s->UseCustomVpnAzure);
}
CfgAddBool(f, "DisableGetHostNameWhenAcceptTcp", s->DisableGetHostNameWhenAcceptTcp);

5
src/Cedar/Server.h
View File

@ -256,6 +256,7 @@ struct SERVER
AZURE_CLIENT *AzureClient; // VPN Azure client
bool EnableVpnAzure; // Flag whether VPN Azure client is enabled
bool UseCustomVpnAzure; // Use custom VPN Azure service
bool DisableGetHostNameWhenAcceptTcp; // Disable GetHostName when accepting TCP
bool DisableCoreDumpOnUnix; // Disable core dump on UNIX
@ -635,8 +636,8 @@ void SiApplySpecialListenerStatus(SERVER *s);
bool SiIsAzureEnabled(SERVER *s);
bool SiIsAzureSupported(SERVER *s);
void SiApplyAzureConfig(SERVER *s, DDNS_CLIENT_STATUS *ddns_status);
void SiSetAzureEnable(SERVER *s, bool enabled);
void SiApplyAzureConfig(SERVER *s, DDNS_CLIENT_STATUS *ddns_status, AZURE_CUSTOM_CONFIG *config);
void SiSetAzureEnable(SERVER *s, bool enabled, bool use_custom);
void SiUpdateCurrentRegion(CEDAR *c, char *region, bool force_update);
void SiGetCurrentRegion(CEDAR *c, char *region, UINT region_size);

2
src/Cedar/Session.c
View File

@ -1713,7 +1713,7 @@ void ClientThread(THREAD *t, void *param)
else
{
// Encrypted password authentication
HashPassword(s->ClientAuth->HashedPassword, s->ClientAuth->Username, p.Password);
HashPassword(s->ClientAuth->HashedPassword, s->ClientAuth->Username, p.Password, false);
}
}
}

2
src/Cedar/WebUI.c
View File

@ -642,7 +642,7 @@ static wchar_t *WpNewHub(WEBUI *wu, LIST *params)
Zero(&t, sizeof(t));
StrCpy(t.HubName, sizeof(t.HubName), hubname);
Sha0(t.HashedPassword, passwd, StrLen(passwd));
HashPassword(t.SecurePassword, ADMINISTRATOR_USERNAME, passwd);
HashPassword(t.SecurePassword, ADMINISTRATOR_USERNAME, passwd, false);
t.Online = true;
t.HubType = HUB_TYPE_STANDALONE;

1
src/PenCore/PenCore.rc
View File

@ -4498,6 +4498,7 @@ BEGIN
CONTROL "@R_DISABLE",R_DISABLE,"Button",BS_AUTORADIOBUTTON,13,297,101,12
GROUPBOX "@S_HOSTNAME_BORDER",S_HOSTNAME_BORDER,123,264,204,48
LTEXT "@S_HOSTNAME_INFO",S_HOSTNAME_INFO,129,275,191,19
LTEXT "@S_HOSTNAME_CUSTOM",S_HOSTNAME_CUSTOM,129,275,191,19
EDITTEXT E_HOST,129,295,118,13,ES_AUTOHSCROLL | ES_READONLY | NOT WS_BORDER
PUSHBUTTON "@B_CHANGE",B_CHANGE,252,293,67,15
PUSHBUTTON "@B_WEB",B_WEB,332,261,72,30,BS_MULTILINE

1
src/PenCore/resource.h
View File

@ -1030,6 +1030,7 @@
#define B_NEW 1521
#define R_TRUST_DEFAULT 1521
#define B_CLEAR 1522
#define S_HOSTNAME_CUSTOM 1523
#define B_ONLINE 1655
#define D_NM_CONNECT 1998
#define D_NM_MAIN 1999

44
src/bin/hamcore/strtable_cn.stb
View File

@ -4148,6 +4148,7 @@ R_ENABLE 启用 VPN Azure(&E)
R_DISABLE 禁用 VPN Azure(&D)
S_HOSTNAME_BORDER 当前 VPN Azure 主机名
S_HOSTNAME_INFO VPN Azure 主机名与动态 DNS 主机名相同但改变的域名后缀为“vpnazure.net”。
S_HOSTNAME_CUSTOM 自定义 VPN Azure 服务已启用。VPN Azure 主机名只能通过 vpncmd 命令更改。
B_CHANGE 变更主机名(&H)
B_WEB 如何使用 VPN Azure\r\n(访问网络)
IDCANCEL 确定(&O)
@ -4478,7 +4479,7 @@ CMD_SAVEKEYPATH 保存密钥到文件名:
CMD_SAVEKEY_FAILED 无法保存密钥文件。
CMD_SAVEFILE_FAILED 无法保存文件。
CMD_LOADFILE_FAILED 无法打开文件。
CMD_LOADCERTPATH 从……文件名读取 X.509 证书:
CMD_LOADCERTPATH 从文件名……读取 X.509 证书:
CMD_LOADCERT_FAILED 无法读取证书文件。
CMD_LOADKEYPATH 从文件名……读取私钥:
CMD_LOADKEY_FAILED 无法读取密钥文件。
@ -6490,6 +6491,7 @@ CMD_VpnAzureGetStatus 显示 VPN Azure 功能的当前状态
CMD_VpnAzureGetStatus_Help 获取和显示 VPN Azure 功能的当前状态。\n\nVPN Azure 可以更容易地从你家里的计算机到你办公室的计算机建立一个VPN会话。当一个 VPN 连接建立了您可以访问您公司专用网络上的任何其他服务器。在办公室的计算机VPN 服务器)上,你并不需要一个全球 IP 地址。它可以在防火墙或 NAT 后面工作。无需网络管理员的配置。您可以在您的家用电脑使用 Windows 内置的 SSTP VPN 客户端。\nVPN Azure 是一个云 VPN 服务由 SoftEther 公司经营。VPN Azure 是免费的,可提供给任何人。访问 http://www.vpnazure.net/ 查看详细信息和如何使用的说明。\n\nVPN Azure 主机名与动态 DNS 设置的主机名相同但改变的域名后缀为“vpnazure.net”。要改变主机名使用 DynamicDnsSetHostname 命令。\n\n要执行此命令你必须具有VPN 服务器管理员权限。\n此命令不能在 VPN 网桥上运行。\n以集群成员运行的 VPN 服务器的虚拟 HUB 不能执行此命令。
CMD_VpnAzureGetStatus_Args VpnAzureGetStatus
CMD_VpnAzureGetStatus_PRINT_ENABLED VPN Azure 功能已启用
CMD_VpnAzureGetStatus_PRINT_CUSTOM 使用自定义 VPN Azure 服务
CMD_VpnAzureGetStatus_PRINT_CONNECTED 至 VPN Azure 云服务器的连接建立
CMD_VpnAzureGetStatus_PRINT_HOSTNAME 在 VPN Azure 服务上的本 VPN 服务器的主机名
@ -6497,9 +6499,47 @@ CMD_VpnAzureGetStatus_PRINT_HOSTNAME 在 VPN Azure 服务上的本 VPN 服务器
# VpnAzureSetStatus command
CMD_VpnAzureSetEnable 启用/禁用 VPN Azure 功能
CMD_VpnAzureSetEnable_Help 启用或禁用 VPN Azure 功能。\n\nVPN Azure 可以更容易地从你家里的计算机到你办公室的计算机建立一个 VPN 会话。当一个 VPN 连接建立了,您可以访问您公司专用网络上的任何其他服务器。\n在办公室的计算机VPN 服务器)上,你并不需要一个全球 IP 地址。它可以在防火墙或 NAT 后面工作。无需网络管理员的配置。您可以在您的家用电脑使用 Windows 内置的 SSTP VPN 客户端。\nVPN Azure 是一个云 VPN 服务由 SoftEther 公司经营。VPN Azure 是免费的,可提供给任何人。访问 http://www.vpnazure.net/ 查看详细信息和如何使用的说明。\n\nVPN Azure 主机名与动态 DNS 设置的主机名相同但改变的域名后缀为“vpnazure.net”。要改变主机名使用 DynamicDnsSetHostname 命令。\n\n要执行此命令你必须具有 VPN 服务器管理员权限。\n此命令不能在 VPN 网桥上运行。\n以集群成员运行的 VPN 服务器的虚拟 HUB 不能执行此命令。
CMD_VpnAzureSetEnable_Args VpnAzureSetEnable [yes|no]
CMD_VpnAzureSetEnable_Args VpnAzureSetEnable [yes|no] [/CUSTOM:yes|no]
CMD_VpnAzureSetEnable_[yes|no] 指定“yes”启用 VPN Azure。“no”禁用它。
CMD_VpnAzureSetEnable_CUSTOM 指定“yes”以使用自定义 VPN Azure 服务。 “no”使用默认服务。
CMD_VpnAzureSetEnable_PROMPT 启用 VPN Azure (yes/no):
CMD_VpnAzureSetEnableCustom_PROMPT 使用自定义 VPN Azure 服务 (yes / no):
# VpnAzureGetCustom command
CMD_VpnAzureGetCustom 显示自定义 VPN Azure 服务的当前配置
CMD_VpnAzureGetCustom_Help 获取并显示自定义 VPN Azure 服务的当前配置。\n\n自定义 VPN Azure 不依赖于动态 DNS 服务,并允许您将 VPN Azure 功能与私人托管的中继服务器一起使用。
CMD_VpnAzureGetCustom_Args VpnAzureGetCustom
CMD_VpnAzureGetCustom_PRINT_SERVERNAME 服务器地址
CMD_VpnAzureGetCustom_PRINT_SERVERPORT 端口号
CMD_VpnAzureGetCustom_PRINT_HOSTNAME VPN Azure 主机名
CMD_VpnAzureGetCustom_PRINT_CLIENTCERT 已注册的客户端证书
CMD_VpnAzureGetCustom_PRINT_SERVERCERT 已注册的服务器证书
CMD_VpnAzureGetCustom_PRINT_VERIFYSERVER 验证服务器证书
CMD_VpnAzureGetCustom_PRINT_DEFAULTCA 信任系统证书存储
# VpnAzureSetCustom command
CMD_VpnAzureSetCustom 设置自定义 VPN Azure 服务的当前配置
CMD_VpnAzureSetCustom_Help 设置自定义 VPN Azure 服务的当前配置。\n\n自定义 VPN Azure 不依赖于动态 DNS 服务,并允许您将 VPN Azure 功能与私人托管的中继服务器一起使用。
CMD_VpnAzureSetCustom_Args VpnAzureSetCustom [/SERVER:server:port] [/HOSTNAME:hostname] [/PASSWORD:password] [/LOADCERT:path] [/LOADKEY:path] [/VERIFY:yes|no] [/TRUSTCA:yes|no] [/SERVCERT:path]
CMD_VpnAzureSetCustom_SERVER 指定 VPN Azure 服务器的主机名和端口号。
CMD_VpnAzureSetCustom_HOSTNAME 指定 VPN Azure 客户端主机名。
CMD_VpnAzureSetCustom_PASSWORD 指定 VPN Azure 客户端的密码。 如果不需要密码,请留空。
CMD_VpnAzureSetCustom_LOADCERT 指定用于客户端证书认证的 X.509 格式证书文件。 如果不需要,请留空。
CMD_VpnAzureSetCustom_LOADKEY 为证书指定 Base-64 编码的私钥文件名。 如果不需要,请留空。
CMD_VpnAzureSetCustom_VERIFY 指定是否验证 VPN Azure 服务器的证书。
CMD_VpnAzureSetCustom_TRUSTCA 指定在验证 VPN Azure 服务器时是否使用系统证书存储。
CMD_VpnAzureSetCustom_SERVCERT 指定用于服务器证书验证的X.509 格式证书文件。 如果不需要,请留空。
CMD_VpnAzureSetCustom_Prompt_Server VPN Azure 服务器地址和端口号:
CMD_VpnAzureSetCustom_Prompt_Hostname VPN Azure 客户端主机名(例如 vpn1234.myazure.net
CMD_VpnAzureSetCustom_Prompt_ClientX 从文件名……读取用于客户端身份验证的 X.509 证书:\n如果客户端不使用证书身份验证则留空。\n
CMD_VpnAzureSetCustom_Prompt_ClientK 从文件名……读取用于客户端身份验证的私钥:\n如果客户端不使用证书身份验证则留空。\n
CMD_VpnAzureSetCustom_Prompt_Verify 验证 VPN Azure 服务器的证书(是/否):
CMD_VpnAzureSetCustom_Prompt_TrustCA 验证 VPN Azure 服务器时使用系统证书存储(是/否):
CMD_VpnAzureSetCustom_Prompt_ServerX 从文件名……读取 X.509 证书以进行服务器验证:\n如果不需要请留空。\n
CMD_VpnAzureSetCustom_MSG_ClientCertLoaded 成功保存了一对证书和私钥,用于客户端身份验证。
CMD_VpnAzureSetCustom_MSG_ServerCertLoaded 已成功保存服务器证书以进行服务器验证。

42
src/bin/hamcore/strtable_en.stb
View File

@ -4136,6 +4136,7 @@ R_ENABLE &Enable VPN Azure
R_DISABLE &Disable VPN Azure
S_HOSTNAME_BORDER Current VPN Azure Hostname
S_HOSTNAME_INFO The VPN Azure hostname is same to the Dynamic DNS hostname, but altering the domain suffix to "vpnazure.net".
S_HOSTNAME_CUSTOM Custom VPN Azure service is enabled. The VPN Azure hostname can only be changed from the vpncmd command.
B_CHANGE Change &Hostname
B_WEB How to Use VPN Azure\r\n(Visit the Web)
IDCANCEL &OK
@ -6477,6 +6478,7 @@ CMD_VpnAzureGetStatus Show the current status of VPN Azure function
CMD_VpnAzureGetStatus_Help Get and show the current status of the VPN Azure function.\n\nVPN Azure makes it easier to establish a VPN Session from your home PC to your office PC. While a VPN connection is established, you can access to any other servers on the private network of your company.\nYou don't need a global IP address on the office PC (VPN Server). It can work behind firewalls or NATs. No network administrator's configuration required. You can use the built-in SSTP-VPN Client of Windows in your home PC.\nVPN Azure is a cloud VPN service operated by SoftEther VPN Project. VPN Azure is free of charge and available to anyone. Visit http://www.vpnazure.net/ to see details and how-to-use instructions.\n\nThe VPN Azure hostname is same to the hostname of the Dynamic DNS setting, but altering the domain suffix to "vpnazure.net". To change the hostname use the DynamicDnsSetHostname command.\n\nTo execute this command, you must have VPN Server administrator privileges. \nThis command cannot be run on VPN Bridge.\nYou cannot execute this command for Virtual Hubs of VPN Servers operating as a cluster.
CMD_VpnAzureGetStatus_Args VpnAzureGetStatus
CMD_VpnAzureGetStatus_PRINT_ENABLED VPN Azure Function is Enabled
CMD_VpnAzureGetStatus_PRINT_CUSTOM Use Custom VPN Azure Service
CMD_VpnAzureGetStatus_PRINT_CONNECTED Connection to VPN Azure Cloud Server is Established
CMD_VpnAzureGetStatus_PRINT_HOSTNAME Hostname of this VPN Server on VPN Azure Service
@ -6484,9 +6486,47 @@ CMD_VpnAzureGetStatus_PRINT_HOSTNAME Hostname of this VPN Server on VPN Azure Se
# VpnAzureSetStatus command
CMD_VpnAzureSetEnable Enable / Disable VPN Azure Function
CMD_VpnAzureSetEnable_Help Enable or disable the VPN Azure function.\n\nVPN Azure makes it easier to establish a VPN Session from your home PC to your office PC. While a VPN connection is established, you can access to any other servers on the private network of your company.\nYou don't need a global IP address on the office PC (VPN Server). It can work behind firewalls or NATs. No network administrator's configuration required. You can use the built-in SSTP-VPN Client of Windows in your home PC.\nVPN Azure is a cloud VPN service operated by SoftEther VPN Project. VPN Azure is free of charge and available to anyone. Visit http://www.vpnazure.net/ to see details and how-to-use instructions.\n\nThe VPN Azure hostname is same to the hostname of the Dynamic DNS setting, but altering the domain suffix to "vpnazure.net". To change the hostname use the DynamicDnsSetHostname command.\n\nTo execute this command, you must have VPN Server administrator privileges. \nThis command cannot be run on VPN Bridge.\nYou cannot execute this command for Virtual Hubs of VPN Servers operating as a cluster.
CMD_VpnAzureSetEnable_Args VpnAzureSetEnable [yes|no]
CMD_VpnAzureSetEnable_Args VpnAzureSetEnable [yes|no] [/CUSTOM:yes|no]
CMD_VpnAzureSetEnable_[yes|no] Specify 'yes' to enable VPN Azure. 'no' to disable it.
CMD_VpnAzureSetEnable_CUSTOM Specify 'yes' to use custom VPN Azure service. 'no' to use the default service.
CMD_VpnAzureSetEnable_PROMPT Enable VPN Azure (yes / no):
CMD_VpnAzureSetEnableCustom_PROMPT Use custom VPN Azure service (yes / no):
# VpnAzureGetCustom command
CMD_VpnAzureGetCustom Show the current configuration of custom VPN Azure service
CMD_VpnAzureGetCustom_Help Get and show the current configuration of the custom VPN Azure service.\n\nCustom VPN Azure does not rely on Dynamic DNS service and lets you use VPN Azure function with a privately hosted relay server.
CMD_VpnAzureGetCustom_Args VpnAzureGetCustom
CMD_VpnAzureGetCustom_PRINT_SERVERNAME Server Address
CMD_VpnAzureGetCustom_PRINT_SERVERPORT Port Number
CMD_VpnAzureGetCustom_PRINT_HOSTNAME VPN Azure Hostname
CMD_VpnAzureGetCustom_PRINT_CLIENTCERT Registered Client Individual Certificate
CMD_VpnAzureGetCustom_PRINT_SERVERCERT Registered Server Individual Certificate
CMD_VpnAzureGetCustom_PRINT_VERIFYSERVER Verify Server Certificate
CMD_VpnAzureGetCustom_PRINT_DEFAULTCA Trust System Certificate Store
# VpnAzureSetCustom command
CMD_VpnAzureSetCustom Set the current configuration of custom VPN Azure service
CMD_VpnAzureSetCustom_Help Set the current configuration of the custom VPN Azure service.\n\nCustom VPN Azure does not rely on Dynamic DNS service and lets you use VPN Azure function with a privately hosted relay server.
CMD_VpnAzureSetCustom_Args VpnAzureSetCustom [/SERVER:server:port] [/HOSTNAME:hostname] [/PASSWORD:password] [/LOADCERT:path] [/LOADKEY:path] [/VERIFY:yes|no] [/TRUSTCA:yes|no] [/SERVCERT:path]
CMD_VpnAzureSetCustom_SERVER Specify the hostname and port number of the VPN Azure server.
CMD_VpnAzureSetCustom_HOSTNAME Specify the VPN Azure client hostname in FQDN.
CMD_VpnAzureSetCustom_PASSWORD Specify the password for VPN Azure client. Leave blank if password is not needed.
CMD_VpnAzureSetCustom_LOADCERT Specify the X.509 format certificate file for client certificate authentication. Leave blank if not needed.
CMD_VpnAzureSetCustom_LOADKEY Specify the Base-64-encoded private key file name for the certificate. Leave blank if not needed.
CMD_VpnAzureSetCustom_VERIFY Specify whether to verify the VPN Azure server's certificate.
CMD_VpnAzureSetCustom_TRUSTCA Specify whether to use the system trust store when verifying the VPN Azure server.
CMD_VpnAzureSetCustom_SERVCERT Specify the X.509 format certificate file for server certificate verification. Leave blank if not needed.
CMD_VpnAzureSetCustom_Prompt_Server VPN Azure Server Address and Port Number:
CMD_VpnAzureSetCustom_Prompt_Hostname VPN Azure Client Hostname (e.g. vpn1234.myazure.net):
CMD_VpnAzureSetCustom_Prompt_ClientX Read X.509 certificate from file name for client authentication:\nLeave blank if the client does not use certificate authentication.\n
CMD_VpnAzureSetCustom_Prompt_ClientK Read private key from file name for client authentication:\nLeave blank if the client does not use certificate authentication.\n
CMD_VpnAzureSetCustom_Prompt_Verify Verify the VPN Azure server's certificate (yes / no):
CMD_VpnAzureSetCustom_Prompt_TrustCA Use the system trust store when verifying the VPN Azure server (yes / no):
CMD_VpnAzureSetCustom_Prompt_ServerX Read X.509 certificate from file name for server verification:\nLeave blank if not needed.\n
CMD_VpnAzureSetCustom_MSG_ClientCertLoaded A pair of certificate and private key were saved successfully for client authentication.
CMD_VpnAzureSetCustom_MSG_ServerCertLoaded A server certificate was saved successfully for server verification.

42
src/bin/hamcore/strtable_ja.stb
View File

@ -4141,6 +4141,7 @@ R_ENABLE VPN Azure を有効にする(&E)
R_DISABLE VPN Azure を無効にする(&D)
S_HOSTNAME_BORDER 現在の VPN Azure ホスト名
S_HOSTNAME_INFO VPN Azure ホスト名はダイナミック DNS サービスのホスト名のドメイン部分を "vpnazure.net" に変更したものが使用されます。
S_HOSTNAME_CUSTOM カスタム VPN Azure サービスが有効になっています。VPN Azure ホスト名は、vpncmd コマンドからのみ変更できます。
B_CHANGE ホスト名の変更(&H)
B_WEB VPN Azure の使い方\r\n(Web サイトを表示)
IDCANCEL &OK
@ -6484,6 +6485,7 @@ CMD_VpnAzureGetStatus VPN Azure 機能の現在の状態の取得
CMD_VpnAzureGetStatus_Help VPN Azure 機能の現在の状態を取得します。\n\nVPN Azure により、会社のパソコンに自宅や外出先のパソコンから非常に簡単に VPN 接続できるようになります。VPN 接続中は会社のパソコンを経由して、社内 LAN の他のサーバーにもアクセスできます。\n会社のパソコン (VPN Server) にはグローバル IP アドレスは不要です。ファイアウォールや NAT の内側であっても動作し、ネットワーク管理者による設定は一切必要ありません。VPN クライアントとなる自宅のパソコンでは、Windows に標準付属の SSTP VPN クライアントを使用できます。\nVPN Azure は、SoftEther VPN Server をお使いの方はどなたでも無料で利用できるクラウド VPN サービスです。ソフトイーサ株式会社によって運営されています。使い方は http://www.vpnazure.net/ に掲載されています。\n\nVPN Azure ホスト名はダイナミック DNS サービスのホスト名のドメイン部分を "vpnazure.net" に変更したものが使用されます。ホスト名を変更するには DynamicDnsSetHostname コマンドを使用してください。\n\nこのコマンドを実行するには、VPN Server の管理者権限が必要です。\nこのコマンドは、VPN Bridge では実行できません。\nこのコマンドは、クラスタとして動作している VPN Server の仮想 HUB では実行できません。
CMD_VpnAzureGetStatus_Args VpnAzureGetStatus
CMD_VpnAzureGetStatus_PRINT_ENABLED VPN Azure 機能が有効
CMD_VpnAzureGetStatus_PRINT_CUSTOM カスタム VPN Azure サービスを使用
CMD_VpnAzureGetStatus_PRINT_CONNECTED VPN Azure クラウドサーバーへ接続完了
CMD_VpnAzureGetStatus_PRINT_HOSTNAME VPN Azure サービス上でのホスト名
@ -6491,9 +6493,47 @@ CMD_VpnAzureGetStatus_PRINT_HOSTNAME VPN Azure サービス上でのホスト名
# VpnAzureSetStatus コマンド
CMD_VpnAzureSetEnable VPN Azure 機能の有効化 / 無効化
CMD_VpnAzureSetEnable_Help VPN Azure 機能を有効または無効にします。\n\nVPN Azure により、会社のパソコンに自宅や外出先のパソコンから非常に簡単に VPN 接続できるようになります。VPN 接続中は会社のパソコンを経由して、社内 LAN の他のサーバーにもアクセスできます。\n会社のパソコン (VPN Server) にはグローバル IP アドレスは不要です。ファイアウォールや NAT の内側であっても動作し、ネットワーク管理者による設定は一切必要ありません。VPN クライアントとなる自宅のパソコンでは、Windows に標準付属の SSTP VPN クライアントを使用できます。\nVPN Azure は、SoftEther VPN Server をお使いの方はどなたでも無料で利用できるクラウド VPN サービスです。ソフトイーサ株式会社によって運営されています。使い方は http://www.vpnazure.net/ に掲載されています。\n\nVPN Azure ホスト名はダイナミック DNS サービスのホスト名のドメイン部分を "vpnazure.net" に変更したものが使用されます。ホスト名を変更するには DynamicDnsSetHostname コマンドを使用してください。\n\nこのコマンドを実行するには、VPN Server の管理者権限が必要です。\nこのコマンドは、VPN Bridge では実行できません。\nこのコマンドは、クラスタとして動作している VPN Server の仮想 HUB では実行できません。
CMD_VpnAzureSetEnable_Args VpnAzureSetEnable [yes|no]
CMD_VpnAzureSetEnable_Args VpnAzureSetEnable [yes|no] [/CUSTOM:yes|no]
CMD_VpnAzureSetEnable_[yes|no] VPN Azure 機能を有効にするには yes、無効にするには no を指定します。
CMD_VpnAzureSetEnable_CUSTOM カスタム VPN Azure サービスを使用するには yes 、デフォルトのサービスを使用するには no を指定します。
CMD_VpnAzureSetEnable_PROMPT VPN Azure 機能を有効 (yes / no):
CMD_VpnAzureSetEnableCustom_PROMPT カスタム VPN Azure サービスを使用 (yes / no):
# VpnAzureGetCustom command
CMD_VpnAzureGetCustom カスタム VPN Azure サービスの構成の表示
CMD_VpnAzureGetCustom_Help カスタム VPN Azure サービスの現在の構成を取得して表示します。\n\nカスタム VPN Azure は動的 DNS サービスに依存せず、プライベートにホストされたリレー サーバーで VPN Azure 機能を使用できます。
CMD_VpnAzureGetCustom_Args VpnAzureGetCustom
CMD_VpnAzureGetCustom_PRINT_SERVERNAME サーバーアドレス
CMD_VpnAzureGetCustom_PRINT_SERVERPORT ポート番号
CMD_VpnAzureGetCustom_PRINT_HOSTNAME VPN Azure ホスト名
CMD_VpnAzureGetCustom_PRINT_CLIENTCERT 登録済みクライアント証明書
CMD_VpnAzureGetCustom_PRINT_SERVERCERT 登録済みサーバー証明書
CMD_VpnAzureGetCustom_PRINT_VERIFYSERVER サーバー証明書の検証
CMD_VpnAzureGetCustom_PRINT_DEFAULTCA システム証明書ストアを信頼する
# VpnAzureSetCustom command
CMD_VpnAzureSetCustom カスタム VPN Azure サービスの構成の設定
CMD_VpnAzureSetCustom_Help カスタム VPN Azure サービスの現在の構成を設定します。\n\nカスタム VPN Azure は動的 DNS サービスに依存せず、プライベートにホストされたリレー サーバーで VPN Azure 機能を使用できます。
CMD_VpnAzureSetCustom_Args VpnAzureSetCustom [/SERVER:server:port] [/HOSTNAME:hostname] [/PASSWORD:password] [/LOADCERT:path] [/LOADKEY:path] [/VERIFY:yes|no] [/TRUSTCA:yes|no] [/SERVCERT:path]
CMD_VpnAzureSetCustom_SERVER VPN Azure サーバーのホスト名とポート番号を指定します。
CMD_VpnAzureSetCustom_HOSTNAME VPN Azure クライアントのホスト名を指定します。
CMD_VpnAzureSetCustom_PASSWORD VPN Azure クライアントのパスワードを指定します。 パスワードが不要な場合は空白のままにします。
CMD_VpnAzureSetCustom_LOADCERT クライアント証明書認証用の X.509 形式の証明書ファイルを指定します。 不要な場合は空欄にしてください。
CMD_VpnAzureSetCustom_LOADKEY 証明書の Base-64 エンコードされた秘密鍵ファイル名を指定します。 不要な場合は空欄にしてください。
CMD_VpnAzureSetCustom_VERIFY VPN Azure サーバーの証明書を検証するかどうかを指定します。
CMD_VpnAzureSetCustom_TRUSTCA VPN Azure サーバーを検証するときにシステム証明書ストアを使用するかどうかを指定します。
CMD_VpnAzureSetCustom_SERVCERT サーバー証明書検証用の X.509 形式の証明書ファイルを指定します。 不要な場合は空欄にしてください。
CMD_VpnAzureSetCustom_Prompt_Server VPN Azure サーバーのアドレスとポート番号:
CMD_VpnAzureSetCustom_Prompt_Hostname VPN Azure クライアントのホスト名 (例: vpn1234.myazure.net):
CMD_VpnAzureSetCustom_Prompt_ClientX 読み込むクライアント証明書認証用の X.509 証明書のファイル名:\nクライアントが証明書認証を使用しない場合は空白のままにします。\n
CMD_VpnAzureSetCustom_Prompt_ClientK 読み込むクライアント証明書認証用の秘密鍵のファイル名:\nクライアントが証明書認証を使用しない場合は空白のままにします。\n
CMD_VpnAzureSetCustom_Prompt_Verify VPN Azure サーバーの証明書を検証します (yes / no):
CMD_VpnAzureSetCustom_Prompt_TrustCA VPN Azure サーバーを検証するときにシステム証明書ストアを使用します (yes / no):
CMD_VpnAzureSetCustom_Prompt_ServerX 読み込むサーバー証明書検証用の X.509 証明書のファイル名:\n不要な場合は空白のままにします。\n
CMD_VpnAzureSetCustom_MSG_ClientCertLoaded クライアント認証用の証明書と秘密鍵のペアが正常に保存されました。
CMD_VpnAzureSetCustom_MSG_ServerCertLoaded サーバー検証のためにサーバー証明書が正常に保存されました。

41
src/bin/hamcore/strtable_ko.stb
View File

@ -4119,6 +4119,7 @@ R_ENABLE VPN Azure를 사용 (&E)
R_DISABLE VPN Azure를 비활성화 (&D)
S_HOSTNAME_BORDER 현재 VPN Azure 호스트 이름
S_HOSTNAME_INFO VPN Azure 호스트 이름은 동적 DNS 서비스 호스트 이름의 도메인 부분을 "vpnazure.net"로 변경 한 것이 사용됩니다.
S_HOSTNAME_CUSTOM Custom VPN Azure service is enabled. The VPN Azure hostname can only be changed from the vpncmd command.
B_CHANGE 호스트 이름 변경 (&H)
B_WEB VPN Azure 사용 \r\n (Web 사이트보기)
IDCANCEL & OK
@ -6459,6 +6460,7 @@ CMD_VpnAzureGetStatus VPN Azure 기능의 현재 상태의 취득
CMD_VpnAzureGetStatus_Help VPN Azure 기능의 현재 상태를 가져옵니다. \n \nVPN Azure하여 회사의 PC에 가정이나 이동 PC에서 매우 쉽게 VPN 연결 할 수 있습니다. VPN 연결 중에 회사의 컴퓨터를 통해 사내 LAN의 다른 서버에 액세스 할 수 있습니다. \n 회사 컴퓨터 (VPN Server)는 글로벌 IP 주소는 필요하지 않습니다. 방화벽이나 NAT 뒤에라도 작동하고 네트워크 관리자의 설정은 필요하지 않습니다. VPN 클라이언트가 될 자택의 PC에서는 Windows에 표준 부속의 SSTP VPN 클라이언트를 사용할 수 있습니다. \nVPN Azure는 SoftEther VPN Server를 사용하시는 분들은 누구나 무료로 이용할 수 클라우드 VPN 서비스입니다. 소프트 이사 회사에 의해 운영되고 있습니다. 사용법은 http://www.vpnazure.net/에 게재되어 있습니다. \n \nVPN Azure 호스트 이름은 동적 DNS 서비스 호스트 이름의 도메인 부분을 "vpnazure.net"로 변경 한 것이 사용됩니다. 호스트 이름을 변경하려면 DynamicDnsSetHostname 명령을 사용하십시오. \n \n이 명령을 실행하려면 VPN Server 관리자 권한이 있어야합니다. \n이 명령은 VPN Bridge에서는 실행되지 않습니다. \n이 명령은 클러스터로 작동하는 VPN Server의 가상 HUB에서는 실행되지 않습니다.
CMD_VpnAzureGetStatus_Args VpnAzureGetStatus
CMD_VpnAzureGetStatus_PRINT_ENABLED VPN Azure 기능이 활성화
CMD_VpnAzureGetStatus_PRINT_CUSTOM Use Custom VPN Azure Service
CMD_VpnAzureGetStatus_PRINT_CONNECTED VPN Azure 클라우드 서버에 연결 완료
CMD_VpnAzureGetStatus_PRINT_HOSTNAME VPN Azure 서비스에서 호스트 이름
@ -6466,9 +6468,46 @@ CMD_VpnAzureGetStatus_PRINT_HOSTNAME VPN Azure 서비스에서 호스트 이름
# VpnAzureSetStatus 명령
CMD_VpnAzureSetEnable VPN Azure 기능의 활성화/비활성화
CMD_VpnAzureSetEnable_Help VPN Azure 기능을 활성화하거나 비활성화합니다. \n \nVPN Azure하여 회사의 PC에 가정이나 이동 PC에서 매우 쉽게 VPN 연결 할 수 있습니다. VPN 연결 중에 회사의 컴퓨터를 통해 사내 LAN의 다른 서버에 액세스 할 수 있습니다. \n 회사 컴퓨터 (VPN Server)는 글로벌 IP 주소는 필요하지 않습니다. 방화벽이나 NAT 뒤에라도 작동하고 네트워크 관리자의 설정은 필요하지 않습니다. VPN 클라이언트가 될 자택의 PC에서는 Windows에 표준 부속의 SSTP VPN 클라이언트를 사용할 수 있습니다. \nVPN Azure는 SoftEther VPN Server를 사용하시는 분들은 누구나 무료로 이용할 수 클라우드 VPN 서비스입니다. 소프트 이사 회사에 의해 운영되고 있습니다. 사용법은 http://www.vpnazure.net/에 게재되어 있습니다. \n \nVPN Azure 호스트 이름은 동적 DNS 서비스 호스트 이름의 도메인 부분을 "vpnazure.net"로 변경 한 것이 사용됩니다. 호스트 이름을 변경하려면 DynamicDnsSetHostname 명령을 사용하십시오. \n \n이 명령을 실행하려면 VPN Server 관리자 권한이 있어야합니다. \n이 명령은 VPN Bridge에서는 실행되지 않습니다. \n이 명령은 클러스터로 작동하는 VPN Server의 가상 HUB에서는 실행되지 않습니다.
CMD_VpnAzureSetEnable_Args VpnAzureSetEnable [yes|no]
CMD_VpnAzureSetEnable_Args VpnAzureSetEnable [yes|no] [/CUSTOM:yes|no]
CMD_VpnAzureSetEnable_[yes|no] VPN Azure 기능을 활성화하려면 yes 비활성화하려면 no를 지정합니다.
CMD_VpnAzureSetEnable_PROMPT VPN Azure 기능을 활성화 (yes/no):
CMD_VpnAzureSetEnable_CUSTOM Specify 'yes' to use custom VPN Azure service. 'no' to use the default service.
CMD_VpnAzureSetEnableCustom_PROMPT Use custom VPN Azure service (yes / no):
# VpnAzureGetCustom command
CMD_VpnAzureGetCustom Show the current configuration of custom VPN Azure service
CMD_VpnAzureGetCustom_Help Get and show the current configuration of the custom VPN Azure service.\n\nCustom VPN Azure does not rely on Dynamic DNS service and lets you use VPN Azure function with a privately hosted relay server.
CMD_VpnAzureGetCustom_Args VpnAzureGetCustom
CMD_VpnAzureGetCustom_PRINT_SERVERNAME Server Address
CMD_VpnAzureGetCustom_PRINT_SERVERPORT Port Number
CMD_VpnAzureGetCustom_PRINT_HOSTNAME VPN Azure Hostname
CMD_VpnAzureGetCustom_PRINT_CLIENTCERT Registered Client Individual Certificate
CMD_VpnAzureGetCustom_PRINT_SERVERCERT Registered Server Individual Certificate
CMD_VpnAzureGetCustom_PRINT_VERIFYSERVER Verify Server Certificate
CMD_VpnAzureGetCustom_PRINT_DEFAULTCA Trust System Certificate Store
# VpnAzureSetCustom command
CMD_VpnAzureSetCustom Set the current configuration of custom VPN Azure service
CMD_VpnAzureSetCustom_Help Set the current configuration of the custom VPN Azure service.\n\nCustom VPN Azure does not rely on Dynamic DNS service and lets you use VPN Azure function with a privately hosted relay server.
CMD_VpnAzureSetCustom_Args VpnAzureSetCustom [/SERVER:server:port] [/HOSTNAME:hostname] [/PASSWORD:password] [/LOADCERT:path] [/LOADKEY:path] [/VERIFY:yes|no] [/TRUSTCA:yes|no] [/SERVCERT:path]
CMD_VpnAzureSetCustom_SERVER Specify the hostname and port number of the VPN Azure server.
CMD_VpnAzureSetCustom_HOSTNAME Specify the VPN Azure client hostname in FQDN.
CMD_VpnAzureSetCustom_PASSWORD Specify the password for VPN Azure client. Leave blank if password is not needed.
CMD_VpnAzureSetCustom_LOADCERT Specify the X.509 format certificate file for client certificate authentication. Leave blank if not needed.
CMD_VpnAzureSetCustom_LOADKEY Specify the Base-64-encoded private key file name for the certificate. Leave blank if not needed.
CMD_VpnAzureSetCustom_VERIFY Specify whether to verify the VPN Azure server's certificate.
CMD_VpnAzureSetCustom_TRUSTCA Specify whether to use the system trust store when verifying the VPN Azure server.
CMD_VpnAzureSetCustom_SERVCERT Specify the X.509 format certificate file for server certificate verification. Leave blank if not needed.
CMD_VpnAzureSetCustom_Prompt_Server VPN Azure Server Address and Port Number:
CMD_VpnAzureSetCustom_Prompt_Hostname VPN Azure Client Hostname (e.g. vpn1234.myazure.net):
CMD_VpnAzureSetCustom_Prompt_ClientX Read X.509 certificate from file name for client authentication:\nLeave blank if the client does not use certificate authentication.\n
CMD_VpnAzureSetCustom_Prompt_ClientK Read private key from file name for client authentication:\nLeave blank if the client does not use certificate authentication.\n
CMD_VpnAzureSetCustom_Prompt_Verify Verify the VPN Azure server's certificate (yes / no):
CMD_VpnAzureSetCustom_Prompt_TrustCA Use the system trust store when verifying the VPN Azure server (yes / no):
CMD_VpnAzureSetCustom_Prompt_ServerX Read X.509 certificate from file name for server verification:\nLeave blank if not needed.\n
CMD_VpnAzureSetCustom_MSG_ClientCertLoaded A pair of certificate and private key were saved successfully for client authentication.
CMD_VpnAzureSetCustom_MSG_ServerCertLoaded A server certificate was saved successfully for server verification.

46
src/bin/hamcore/strtable_pt_br.stb
View File

@ -3865,6 +3865,7 @@ R_ENABLE &Ativar VPN Azure
R_DISABLE &Desativar VPN Azure
S_HOSTNAME_BORDER Nome do host atual da VPN Azure
S_HOSTNAME_INFO O nome do host da VPN do Azure é igual ao nome do host do DNS dinâmico, mas alterando o sufixo do domínio para "vpnazure.net".
S_HOSTNAME_CUSTOM Custom VPN Azure service is enabled. The VPN Azure hostname can only be changed from the vpncmd command.
B_CHANGE Mudar &Hostname
B_WEB Como usar o VPN Azure\r\n (Visite o site)
IDCANCEL &OK
@ -6205,16 +6206,55 @@ CMD_VpnAzureGetStatus Show the current status of VPN Azure function
CMD_VpnAzureGetStatus_Help Get and show the current status of the VPN Azure function.\n\nVPN Azure makes it easier to establish a VPN Session from your home PC to your office PC. While a VPN connection is established, you can access to any other servers on the private network of your company.\nYou don't need a global IP address on the office PC (VPN Server). It can work behind firewalls or NATs. No network administrator's configuration required. You can use the built-in SSTP-VPN Client of Windows in your home PC.\nVPN Azure is a cloud VPN service operated by SoftEther VPN Project. VPN Azure is free of charge and available to anyone. Visit http://www.vpnazure.net/ to see details and how-to-use instructions.\n\nThe VPN Azure hostname is same to the hostname of the Dynamic DNS setting, but altering the domain suffix to "vpnazure.net". To change the hostname use the DynamicDnsSetHostname command.\n\nTo execute this command, you must have VPN Server administrator privileges. \nThis command cannot be run on VPN Bridge.\nYou cannot execute this command for Virtual Hubs of VPN Servers operating as a cluster.
CMD_VpnAzureGetStatus_Args VpnAzureGetStatus
CMD_VpnAzureGetStatus_PRINT_ENABLED VPN Azure Function is Enabled
CMD_VpnAzureGetStatus_PRINT_CUSTOM Use Custom VPN Azure Service
CMD_VpnAzureGetStatus_PRINT_CONNECTED Connection to VPN Azure Cloud Server is Established
CMD_VpnAzureGetStatus_PRINT_HOSTNAME Hostname of this VPN Server on VPN Azure Service
# VpnAzureSetStatus command
CMD_VpnAzureSetEnable Enable / Disable VPN Azure Function
CMD_VpnAzureSetEnable_Help Enable or disable the VPN Azure function.\n\nVPN Azure makes it easier to establish a VPN Session from your home PC to your office PC. While a VPN connection is established, you can access to any other servers on the private network of your company.\nYou don't need a global IP address on the office PC (VPN Server). It can work behind firewalls or NATs. No network administrator's configuration required. You can use the built-in SSTP-VPN Client of Windows in your home PC.\nVPN Azure is a cloud VPN service operated by SoftEther VPN Project. VPN Azure is free of charge and available to anyone. Visit http://www.vpnazure.net/ to see details and how-to-use instructions.\n\nThe VPN Azure hostname is same to the hostname of the Dynamic DNS setting, but altering the domain suffix to "vpnazure.net". To change the hostname use the DynamicDnsSetHostname command.\n\nTo execute this command, you must have VPN Server administrator privileges. \nThis command cannot be run on VPN Bridge.\nYou cannot execute this command for Virtual Hubs of VPN Servers operating as a cluster.
CMD_VpnAzureSetEnable_Args VpnAzureSetEnable [yes|no]
CMD_VpnAzureSetEnable Enable / Disable VPN Azure Function
CMD_VpnAzureSetEnable_Help Enable or disable the VPN Azure function.\n\nVPN Azure makes it easier to establish a VPN Session from your home PC to your office PC. While a VPN connection is established, you can access to any other servers on the private network of your company.\nYou don't need a global IP address on the office PC (VPN Server). It can work behind firewalls or NATs. No network administrator's configuration required. You can use the built-in SSTP-VPN Client of Windows in your home PC.\nVPN Azure is a cloud VPN service operated by SoftEther VPN Project. VPN Azure is free of charge and available to anyone. Visit http://www.vpnazure.net/ to see details and how-to-use instructions.\n\nThe VPN Azure hostname is same to the hostname of the Dynamic DNS setting, but altering the domain suffix to "vpnazure.net". To change the hostname use the DynamicDnsSetHostname command.\n\nTo execute this command, you must have VPN Server administrator privileges. \nThis command cannot be run on VPN Bridge.\nYou cannot execute this command for Virtual Hubs of VPN Servers operating as a cluster.
CMD_VpnAzureSetEnable_Args VpnAzureSetEnable [yes|no] [/CUSTOM:yes|no]
CMD_VpnAzureSetEnable_[yes|no] Specify 'yes' to enable VPN Azure. 'no' to disable it.
CMD_VpnAzureSetEnable_CUSTOM Specify 'yes' to use custom VPN Azure service. 'no' to use the default service.
CMD_VpnAzureSetEnable_PROMPT Enable VPN Azure (yes / no):
CMD_VpnAzureSetEnableCustom_PROMPT Use custom VPN Azure service (yes / no):
# VpnAzureGetCustom command
CMD_VpnAzureGetCustom Show the current configuration of custom VPN Azure service
CMD_VpnAzureGetCustom_Help Get and show the current configuration of the custom VPN Azure service.\n\nCustom VPN Azure does not rely on Dynamic DNS service and lets you use VPN Azure function with a privately hosted relay server.
CMD_VpnAzureGetCustom_Args VpnAzureGetCustom
CMD_VpnAzureGetCustom_PRINT_SERVERNAME Server Address
CMD_VpnAzureGetCustom_PRINT_SERVERPORT Port Number
CMD_VpnAzureGetCustom_PRINT_HOSTNAME VPN Azure Hostname
CMD_VpnAzureGetCustom_PRINT_CLIENTCERT Registered Client Individual Certificate
CMD_VpnAzureGetCustom_PRINT_SERVERCERT Registered Server Individual Certificate
CMD_VpnAzureGetCustom_PRINT_VERIFYSERVER Verify Server Certificate
CMD_VpnAzureGetCustom_PRINT_DEFAULTCA Trust System Certificate Store
# VpnAzureSetCustom command
CMD_VpnAzureSetCustom Set the current configuration of custom VPN Azure service
CMD_VpnAzureSetCustom_Help Set the current configuration of the custom VPN Azure service.\n\nCustom VPN Azure does not rely on Dynamic DNS service and lets you use VPN Azure function with a privately hosted relay server.
CMD_VpnAzureSetCustom_Args VpnAzureSetCustom [/SERVER:server:port] [/HOSTNAME:hostname] [/PASSWORD:password] [/LOADCERT:path] [/LOADKEY:path] [/VERIFY:yes|no] [/TRUSTCA:yes|no] [/SERVCERT:path]
CMD_VpnAzureSetCustom_SERVER Specify the hostname and port number of the VPN Azure server.
CMD_VpnAzureSetCustom_HOSTNAME Specify the VPN Azure client hostname in FQDN.
CMD_VpnAzureSetCustom_PASSWORD Specify the password for VPN Azure client. Leave blank if password is not needed.
CMD_VpnAzureSetCustom_LOADCERT Specify the X.509 format certificate file for client certificate authentication. Leave blank if not needed.
CMD_VpnAzureSetCustom_LOADKEY Specify the Base-64-encoded private key file name for the certificate. Leave blank if not needed.
CMD_VpnAzureSetCustom_VERIFY Specify whether to verify the VPN Azure server's certificate.
CMD_VpnAzureSetCustom_TRUSTCA Specify whether to use the system trust store when verifying the VPN Azure server.
CMD_VpnAzureSetCustom_SERVCERT Specify the X.509 format certificate file for server certificate verification. Leave blank if not needed.
CMD_VpnAzureSetCustom_Prompt_Server VPN Azure Server Address and Port Number:
CMD_VpnAzureSetCustom_Prompt_Hostname VPN Azure Client Hostname (e.g. vpn1234.myazure.net):
CMD_VpnAzureSetCustom_Prompt_ClientX Read X.509 certificate from file name for client authentication:\nLeave blank if the client does not use certificate authentication.\n
CMD_VpnAzureSetCustom_Prompt_ClientK Read private key from file name for client authentication:\nLeave blank if the client does not use certificate authentication.\n
CMD_VpnAzureSetCustom_Prompt_Verify Verify the VPN Azure server's certificate (yes / no):
CMD_VpnAzureSetCustom_Prompt_TrustCA Use the system trust store when verifying the VPN Azure server (yes / no):
CMD_VpnAzureSetCustom_Prompt_ServerX Read X.509 certificate from file name for server verification:\nLeave blank if not needed.\n
CMD_VpnAzureSetCustom_MSG_ClientCertLoaded A pair of certificate and private key were saved successfully for client authentication.
CMD_VpnAzureSetCustom_MSG_ServerCertLoaded A server certificate was saved successfully for server verification.
#######################################################

42
src/bin/hamcore/strtable_ru.stb
View File

@ -4135,6 +4135,7 @@ R_ENABLE &Enable VPN Azure
R_DISABLE &Disable VPN Azure
S_HOSTNAME_BORDER Current VPN Azure Hostname
S_HOSTNAME_INFO The VPN Azure hostname is same to the Dynamic DNS hostname, but altering the domain suffix to "vpnazure.net".
S_HOSTNAME_CUSTOM Custom VPN Azure service is enabled. The VPN Azure hostname can only be changed from the vpncmd command.
B_CHANGE Change &Hostname
B_WEB How to Use VPN Azure\r\n(Visit the Web)
IDCANCEL &OK
@ -6477,6 +6478,7 @@ CMD_VpnAzureGetStatus Show the current status of VPN Azure function
CMD_VpnAzureGetStatus_Help Get and show the current status of the VPN Azure function.\n\nVPN Azure makes it easier to establish a VPN Session from your home PC to your office PC. While a VPN connection is established, you can access to any other servers on the private network of your company.\nYou don't need a global IP address on the office PC (VPN Server). It can work behind firewalls or NATs. No network administrator's configuration required. You can use the built-in SSTP-VPN Client of Windows in your home PC.\nVPN Azure is a cloud VPN service operated by SoftEther VPN Project. VPN Azure is free of charge and available to anyone. Visit http://www.vpnazure.net/ to see details and how-to-use instructions.\n\nThe VPN Azure hostname is same to the hostname of the Dynamic DNS setting, but altering the domain suffix to "vpnazure.net". To change the hostname use the DynamicDnsSetHostname command.\n\nTo execute this command, you must have VPN Server administrator privileges. \nThis command cannot be run on VPN Bridge.\nYou cannot execute this command for Virtual Hubs of VPN Servers operating as a cluster.
CMD_VpnAzureGetStatus_Args VpnAzureGetStatus
CMD_VpnAzureGetStatus_PRINT_ENABLED VPN Azure Function is Enabled
CMD_VpnAzureGetStatus_PRINT_CUSTOM Use Custom VPN Azure Service
CMD_VpnAzureGetStatus_PRINT_CONNECTED Connection to VPN Azure Cloud Server is Established
CMD_VpnAzureGetStatus_PRINT_HOSTNAME Hostname of this VPN Server on VPN Azure Service
@ -6484,9 +6486,47 @@ CMD_VpnAzureGetStatus_PRINT_HOSTNAME Hostname of this VPN Server on VPN Azure Se
# VpnAzureSetStatus command
CMD_VpnAzureSetEnable Enable / Disable VPN Azure Function
CMD_VpnAzureSetEnable_Help Enable or disable the VPN Azure function.\n\nVPN Azure makes it easier to establish a VPN Session from your home PC to your office PC. While a VPN connection is established, you can access to any other servers on the private network of your company.\nYou don't need a global IP address on the office PC (VPN Server). It can work behind firewalls or NATs. No network administrator's configuration required. You can use the built-in SSTP-VPN Client of Windows in your home PC.\nVPN Azure is a cloud VPN service operated by SoftEther VPN Project. VPN Azure is free of charge and available to anyone. Visit http://www.vpnazure.net/ to see details and how-to-use instructions.\n\nThe VPN Azure hostname is same to the hostname of the Dynamic DNS setting, but altering the domain suffix to "vpnazure.net". To change the hostname use the DynamicDnsSetHostname command.\n\nTo execute this command, you must have VPN Server administrator privileges. \nThis command cannot be run on VPN Bridge.\nYou cannot execute this command for Virtual Hubs of VPN Servers operating as a cluster.
CMD_VpnAzureSetEnable_Args VpnAzureSetEnable [yes|no]
CMD_VpnAzureSetEnable_Args VpnAzureSetEnable [yes|no] [/CUSTOM:yes|no]
CMD_VpnAzureSetEnable_[yes|no] Specify 'yes' to enable VPN Azure. 'no' to disable it.
CMD_VpnAzureSetEnable_CUSTOM Specify 'yes' to use custom VPN Azure service. 'no' to use the default service.
CMD_VpnAzureSetEnable_PROMPT Enable VPN Azure (yes / no):
CMD_VpnAzureSetEnableCustom_PROMPT Use custom VPN Azure service (yes / no):
# VpnAzureGetCustom command
CMD_VpnAzureGetCustom Show the current configuration of custom VPN Azure service
CMD_VpnAzureGetCustom_Help Get and show the current configuration of the custom VPN Azure service.\n\nCustom VPN Azure does not rely on Dynamic DNS service and lets you use VPN Azure function with a privately hosted relay server.
CMD_VpnAzureGetCustom_Args VpnAzureGetCustom
CMD_VpnAzureGetCustom_PRINT_SERVERNAME Server Address
CMD_VpnAzureGetCustom_PRINT_SERVERPORT Port Number
CMD_VpnAzureGetCustom_PRINT_HOSTNAME VPN Azure Hostname
CMD_VpnAzureGetCustom_PRINT_CLIENTCERT Registered Client Individual Certificate
CMD_VpnAzureGetCustom_PRINT_SERVERCERT Registered Server Individual Certificate
CMD_VpnAzureGetCustom_PRINT_VERIFYSERVER Verify Server Certificate
CMD_VpnAzureGetCustom_PRINT_DEFAULTCA Trust System Certificate Store
# VpnAzureSetCustom command
CMD_VpnAzureSetCustom Set the current configuration of custom VPN Azure service
CMD_VpnAzureSetCustom_Help Set the current configuration of the custom VPN Azure service.\n\nCustom VPN Azure does not rely on Dynamic DNS service and lets you use VPN Azure function with a privately hosted relay server.
CMD_VpnAzureSetCustom_Args VpnAzureSetCustom [/SERVER:server:port] [/HOSTNAME:hostname] [/PASSWORD:password] [/LOADCERT:path] [/LOADKEY:path] [/VERIFY:yes|no] [/TRUSTCA:yes|no] [/SERVCERT:path]
CMD_VpnAzureSetCustom_SERVER Specify the hostname and port number of the VPN Azure server.
CMD_VpnAzureSetCustom_HOSTNAME Specify the VPN Azure client hostname in FQDN.
CMD_VpnAzureSetCustom_PASSWORD Specify the password for VPN Azure client. Leave blank if password is not needed.
CMD_VpnAzureSetCustom_LOADCERT Specify the X.509 format certificate file for client certificate authentication. Leave blank if not needed.
CMD_VpnAzureSetCustom_LOADKEY Specify the Base-64-encoded private key file name for the certificate. Leave blank if not needed.
CMD_VpnAzureSetCustom_VERIFY Specify whether to verify the VPN Azure server's certificate.
CMD_VpnAzureSetCustom_TRUSTCA Specify whether to use the system trust store when verifying the VPN Azure server.
CMD_VpnAzureSetCustom_SERVCERT Specify the X.509 format certificate file for server certificate verification. Leave blank if not needed.
CMD_VpnAzureSetCustom_Prompt_Server VPN Azure Server Address and Port Number:
CMD_VpnAzureSetCustom_Prompt_Hostname VPN Azure Client Hostname (e.g. vpn1234.myazure.net):
CMD_VpnAzureSetCustom_Prompt_ClientX Read X.509 certificate from file name for client authentication:\nLeave blank if the client does not use certificate authentication.\n
CMD_VpnAzureSetCustom_Prompt_ClientK Read private key from file name for client authentication:\nLeave blank if the client does not use certificate authentication.\n
CMD_VpnAzureSetCustom_Prompt_Verify Verify the VPN Azure server's certificate (yes / no):
CMD_VpnAzureSetCustom_Prompt_TrustCA Use the system trust store when verifying the VPN Azure server (yes / no):
CMD_VpnAzureSetCustom_Prompt_ServerX Read X.509 certificate from file name for server verification:\nLeave blank if not needed.\n
CMD_VpnAzureSetCustom_MSG_ClientCertLoaded A pair of certificate and private key were saved successfully for client authentication.
CMD_VpnAzureSetCustom_MSG_ServerCertLoaded A server certificate was saved successfully for server verification.

44
src/bin/hamcore/strtable_tw.stb
View File

@ -4148,6 +4148,7 @@ R_ENABLE 啟用 VPN Azure(&E)
R_DISABLE 禁用 VPN Azure(&D)
S_HOSTNAME_BORDER 當前 VPN Azure 主機名稱
S_HOSTNAME_INFO VPN Azure 主機名稱與動態 DNS 主機名稱相同但改變的功能變數名稱尾碼為“vpnazure.net”。
S_HOSTNAME_CUSTOM 自定義 VPN Azure 服務已啟用。VPN Azure 主機名稱只能通過 vpncmd 命令更改。
B_CHANGE 變更主機名稱(&H)
B_WEB 如何使用 VPN Azure\r\n(訪問網路)
IDCANCEL 確定(&O)
@ -4478,7 +4479,7 @@ CMD_SAVEKEYPATH 保存金鑰到檔案名:
CMD_SAVEKEY_FAILED 無法保存金鑰檔案。
CMD_SAVEFILE_FAILED 無法保存檔案。
CMD_LOADFILE_FAILED 無法打開檔案。
CMD_LOADCERTPATH 從……檔案名讀取 X.509 證書:
CMD_LOADCERTPATH 從檔案名……讀取 X.509 證書:
CMD_LOADCERT_FAILED 無法讀取證書檔案。
CMD_LOADKEYPATH 從檔案名……讀取私密金鑰:
CMD_LOADKEY_FAILED 無法讀取金鑰文件。
@ -6491,6 +6492,7 @@ CMD_VpnAzureGetStatus 顯示 VPN Azure 功能的當前狀態
CMD_VpnAzureGetStatus_Help 獲取和顯示 VPN Azure 功能的當前狀態。\n\nVPN Azure 可以更容易地從你家裡的電腦到你辦公室的電腦建立一個VPN會話。當一個 VPN 連接建立了您可以訪問您公司私人網路上的任何其他伺服器。在辦公室的電腦VPN 伺服器)上,你並不需要一個全球 IP 位址。它可以在防火牆或 NAT 後面工作。無需網路系統管理員的配置。您可以在您的家用電腦使用 Windows 內置的 SSTP VPN 用戶端。\nVPN Azure 是一個雲 VPN 服務由 SoftEther 公司經營。VPN Azure 是免費的,可提供給任何人。訪問 http://www.vpnazure.net/ 查看詳細資訊和如何使用的說明。\n\nVPN Azure 主機名稱與動態 DNS 設置的主機名稱相同但改變的功能變數名稱尾碼為“vpnazure.net”。要改變主機名稱使用 DynamicDnsSetHostname 命令。\n\n要執行此命令你必須具有VPN 伺服器管理員許可權。\n此命令不能在 VPN 橋接器上運行。\n以集群成員運行的 VPN 伺服器的虛擬 HUB 不能執行此命令。
CMD_VpnAzureGetStatus_Args VpnAzureGetStatus
CMD_VpnAzureGetStatus_PRINT_ENABLED VPN Azure 功能已啟用
CMD_VpnAzureGetStatus_PRINT_CUSTOM 使用自定義 VPN Azure 服務
CMD_VpnAzureGetStatus_PRINT_CONNECTED 至 VPN Azure 雲伺服器的連接建立
CMD_VpnAzureGetStatus_PRINT_HOSTNAME 在 VPN Azure 服務上的本 VPN 伺服器的主機名稱
@ -6498,9 +6500,47 @@ CMD_VpnAzureGetStatus_PRINT_HOSTNAME 在 VPN Azure 服務上的本 VPN 伺服器
# VpnAzureSetStatus command
CMD_VpnAzureSetEnable 啟用/禁用 VPN Azure 功能
CMD_VpnAzureSetEnable_Help 啟用或禁用 VPN Azure 功能。\n\nVPN Azure 可以更容易地從你家裡的電腦到你辦公室的電腦建立一個 VPN 會話。當一個 VPN 連接建立了,您可以訪問您公司私人網路絡上的任何其他伺服器。\n在辦公室的電腦VPN 伺服器)上,你並不需要一個全球 IP 位址。它可以在防火牆或 NAT 後面工作。無需網路系統管理員的配置。您可以在您的家用電腦使用 Windows 內置的 SSTP VPN 用戶端。\nVPN Azure 是一個雲 VPN 服務由 SoftEther 公司經營。VPN Azure 是免費的,可提供給任何人。訪問 http://www.vpnazure.net/ 查看詳細資訊和如何使用的說明。\n\nVPN Azure 主機名稱與動態 DNS 設置的主機名稱相同但改變的功能變數名稱尾碼為“vpnazure.net”。要改變主機名稱使用 DynamicDnsSetHostname 命令。\n\n要執行此命令你必須具有 VPN 伺服器管理員許可權。\n此命令不能在 VPN 橋接器上運行。\n以集群成員運行的 VPN 伺服器的虛擬 HUB 不能執行此命令。
CMD_VpnAzureSetEnable_Args VpnAzureSetEnable [yes|no]
CMD_VpnAzureSetEnable_Args VpnAzureSetEnable [yes|no] [/CUSTOM:yes|no]
CMD_VpnAzureSetEnable_[yes|no] 指定“yes”啟用 VPN Azure。“no”禁用它。
CMD_VpnAzureSetEnable_CUSTOM 指定“yes”以使用自定義 VPN Azure 服務。 “no”使用默認服務。
CMD_VpnAzureSetEnable_PROMPT 啟用 VPN Azure (yes/no):
CMD_VpnAzureSetEnableCustom_PROMPT 使用自定義 VPN Azure 服務 (yes / no):
# VpnAzureGetCustom command
CMD_VpnAzureGetCustom 顯示自定義 VPN Azure 服務的當前配置
CMD_VpnAzureGetCustom_Help 獲取並顯示自定義 VPN Azure 服務的當前配置。\n\n自定義 VPN Azure 不依賴於動態 DNS 服務,並允許您將 VPN Azure 功能與私人託管的中繼服務器一起使用。
CMD_VpnAzureGetCustom_Args VpnAzureGetCustom
CMD_VpnAzureGetCustom_PRINT_SERVERNAME 伺服器地址
CMD_VpnAzureGetCustom_PRINT_SERVERPORT 埠號
CMD_VpnAzureGetCustom_PRINT_HOSTNAME VPN Azure 主機名稱
CMD_VpnAzureGetCustom_PRINT_CLIENTCERT 已註冊的客戶端證書
CMD_VpnAzureGetCustom_PRINT_SERVERCERT 已註冊的伺服器證書
CMD_VpnAzureGetCustom_PRINT_VERIFYSERVER 驗證伺服器證書
CMD_VpnAzureGetCustom_PRINT_DEFAULTCA 信任系統憑證存放區
# VpnAzureSetCustom command
CMD_VpnAzureSetCustom 設置自定義 VPN Azure 服務的當前配置
CMD_VpnAzureSetCustom_Help 設置自定義 VPN Azure 服務的當前配置。\n\n自定義 VPN Azure 不依賴於動態 DNS 服務,並允許您將 VPN Azure 功能與私人託管的中繼服務器一起使用。
CMD_VpnAzureSetCustom_Args VpnAzureSetCustom [/SERVER:server:port] [/HOSTNAME:hostname] [/PASSWORD:password] [/LOADCERT:path] [/LOADKEY:path] [/VERIFY:yes|no] [/TRUSTCA:yes|no] [/SERVCERT:path]
CMD_VpnAzureSetCustom_SERVER 指定 VPN Azure 伺服器的主機名稱和端口號。
CMD_VpnAzureSetCustom_HOSTNAME 指定 VPN Azure 客戶端主機名稱。
CMD_VpnAzureSetCustom_PASSWORD 指定 VPN Azure 客戶端的密碼。 如果不需要密碼,請留空。
CMD_VpnAzureSetCustom_LOADCERT 指定用於客戶端證書認證的 X.509 格式證書文件。 如果不需要,請留空。
CMD_VpnAzureSetCustom_LOADKEY 為證書指定 Base-64 編碼的私鑰文件名。 如果不需要,請留空。
CMD_VpnAzureSetCustom_VERIFY 指定是否驗證 VPN Azure 伺服器的證書。
CMD_VpnAzureSetCustom_TRUSTCA 指定在驗證 VPN Azure 伺服器時是否使用系統憑證存放區。
CMD_VpnAzureSetCustom_SERVCERT 指定用於伺服器證書驗證的 X.509 格式證書文件。 如果不需要,請留空。
CMD_VpnAzureSetCustom_Prompt_Server VPN Azure 伺服器地址和端口號:
CMD_VpnAzureSetCustom_Prompt_Hostname VPN Azure 客戶端主機名稱(例如 vpn1234.myazure.net
CMD_VpnAzureSetCustom_Prompt_ClientX 從檔案名……讀取用於客戶端身份驗證的 X.509 證書:\n如果客戶端不使用證書身份驗證則留空。\n
CMD_VpnAzureSetCustom_Prompt_ClientK 從檔案名……讀取用於客戶端身份驗證的私密金鑰:\n如果客戶端不使用證書身份驗證則留空。\n
CMD_VpnAzureSetCustom_Prompt_Verify 驗證 VPN Azure 伺服器的證書(是/否):
CMD_VpnAzureSetCustom_Prompt_TrustCA 驗證 VPN Azure 伺服器時使用系統憑證存放區(是/否):
CMD_VpnAzureSetCustom_Prompt_ServerX 從檔案名……讀取用於伺服器身份驗證的 X.509 證書:\n如果不需要請留空。\n
CMD_VpnAzureSetCustom_MSG_ClientCertLoaded 成功保存了一對證書和私鑰,用於客戶端身份驗證。
CMD_VpnAzureSetCustom_MSG_ServerCertLoaded 已成功保存伺服器證書以進行伺服器驗證。