1
0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2024-11-25 02:49:52 +03:00

Merge pull request #1 from SoftEtherVPN/master

Pull in upstream changes
This commit is contained in:
Den Lesnov 2016-11-27 16:49:51 +03:00 committed by GitHub
commit 18ea605463
127 changed files with 1565 additions and 454 deletions

View File

@ -67,6 +67,57 @@ CONTRIBUTORS on GitHub:
- ygrek - ygrek
https://github.com/ygrek https://github.com/ygrek
- ajee cai
https://github.com/ajeecai
- NOKUBI Takatsugu
https://github.com/knok
- Den Lesnov
https://github.com/Leden
- Ilya Shipitsin
https://github.com/chipitsine
- Matt Lewandowsky
https://github.com/lewellyn
- Raymond Tau
https://github.com/rtau
- Luiz Eduardo Gava
https://github.com/LegDog
- Charles Surett
https://github.com/scj643
- Jeff Tang
https://github.com/mrjefftang
- Victor Salgado
https://github.com/mcsalgado
- micsell
https://github.com/micsell
- yehorov
https://github.com/yehorov
- dglushenok
https://github.com/dglushenok
- NoNameA 774
https://github.com/nna774
- Alexandre De Oliveira
https://github.com/yodresh
- Bernhard Rosenkraenzer
https://github.com/berolinux
- Sacha Bernstein
https://github.com/sacha
JOIN THE SOFTETHER VPN DEVELOPMENT JOIN THE SOFTETHER VPN DEVELOPMENT
---------------------------------- ----------------------------------

View File

@ -2,7 +2,7 @@ THE IMPORTANT NOTICES ABOUT SOFTETHER VPN
FUNCTIONS OF VPN COMMUNICATIONS EMBEDDED ON THIS SOFTWARE ARE VERY POWERFUL FUNCTIONS OF VPN COMMUNICATIONS EMBEDDED ON THIS SOFTWARE ARE VERY POWERFUL
THAN EVER. THIS STRONG VPN ABILITY WILL BRING YOU HUGE BENEFITS. HOWEVER, IF THAN EVER. THIS STRONG VPN ABILITY WILL BRING YOU HUGE BENEFITS. HOWEVER, IF
YOU MISUSE THIS SOFTWARE, IT MIGHT DAMAGES YOURSELF. IN ORDER TO AVOID SUCH YOU MISUSE THIS SOFTWARE, IT MIGHT DAMAGE YOURSELF. IN ORDER TO AVOID SUCH
RISKS, THIS DOCUMENT ACCOUNTS IMPORTANT NOTICES FOR CUSTOMERS WHO ARE WILLING RISKS, THIS DOCUMENT ACCOUNTS IMPORTANT NOTICES FOR CUSTOMERS WHO ARE WILLING
TO USE THIS SOFTWARE. THE FOLLOWING INSTRUCTIONS ARE VERY IMPORTANT. READ AND TO USE THIS SOFTWARE. THE FOLLOWING INSTRUCTIONS ARE VERY IMPORTANT. READ AND
UNDERSTAND IT CAREFULLY. ADDITIONALLY, IF YOU ARE PLANNING TO USE THE DYNAMIC UNDERSTAND IT CAREFULLY. ADDITIONALLY, IF YOU ARE PLANNING TO USE THE DYNAMIC

View File

@ -51,7 +51,7 @@ HEADERS_MAYAQUA=src/Mayaqua/Cfg.h src/Mayaqua/cryptoki.h src/Mayaqua/Encrypt.h s
HEADERS_CEDAR=src/Cedar/Account.h src/Cedar/Admin.h src/Cedar/AzureClient.h src/Cedar/AzureServer.h src/Cedar/Bridge.h src/Cedar/BridgeUnix.h src/Cedar/BridgeWin32.h src/Cedar/Cedar.h src/Cedar/CedarPch.h src/Cedar/CedarType.h src/Cedar/Client.h src/Cedar/CM.h src/Cedar/CMInner.h src/Cedar/Command.h src/Cedar/Connection.h src/Cedar/Console.h src/Cedar/Database.h src/Cedar/DDNS.h src/Cedar/EM.h src/Cedar/EMInner.h src/Cedar/EtherLog.h src/Cedar/Hub.h src/Cedar/Interop_OpenVPN.h src/Cedar/Interop_SSTP.h src/Cedar/IPsec.h src/Cedar/IPsec_EtherIP.h src/Cedar/IPsec_IKE.h src/Cedar/IPsec_IkePacket.h src/Cedar/IPsec_IPC.h src/Cedar/IPsec_L2TP.h src/Cedar/IPsec_PPP.h src/Cedar/IPsec_Win7.h src/Cedar/IPsec_Win7Inner.h src/Cedar/Layer3.h src/Cedar/Link.h src/Cedar/Listener.h src/Cedar/Logging.h src/Cedar/Nat.h src/Cedar/NativeStack.h src/Cedar/netcfgn.h src/Cedar/netcfgx.h src/Cedar/NM.h src/Cedar/NMInner.h src/Cedar/NullLan.h src/Cedar/Protocol.h src/Cedar/Radius.h src/Cedar/Remote.h src/Cedar/Sam.h src/Cedar/SecureInfo.h src/Cedar/SecureNAT.h src/Cedar/SeLowUser.h src/Cedar/Server.h src/Cedar/Session.h src/Cedar/SM.h src/Cedar/SMInner.h src/Cedar/SW.h src/Cedar/SWInner.h src/Cedar/UdpAccel.h src/Cedar/UT.h src/Cedar/VG.h src/Cedar/Virtual.h src/Cedar/VLan.h src/Cedar/VLanUnix.h src/Cedar/VLanWin32.h src/Cedar/WaterMark.h src/Cedar/WebUI.h src/Cedar/Win32Com.h src/Cedar/winpcap/bittypes.h src/Cedar/winpcap/bucket_lookup.h src/Cedar/winpcap/count_packets.h src/Cedar/winpcap/Devioctl.h src/Cedar/winpcap/Gnuc.h src/Cedar/winpcap/ip6_misc.h src/Cedar/winpcap/memory_t.h src/Cedar/winpcap/normal_lookup.h src/Cedar/winpcap/Ntddndis.h src/Cedar/winpcap/Ntddpack.h src/Cedar/winpcap/Packet32.h src/Cedar/winpcap/pcap.h src/Cedar/winpcap/pcap-bpf.h src/Cedar/winpcap/pcap-int.h src/Cedar/winpcap/pcap-stdinc.h src/Cedar/winpcap/pthread.h src/Cedar/winpcap/remote-ext.h src/Cedar/winpcap/sched.h src/Cedar/winpcap/semaphore.h src/Cedar/winpcap/tcp_session.h src/Cedar/winpcap/time_calls.h src/Cedar/winpcap/tme.h src/Cedar/winpcap/Win32-Extensions.h src/Cedar/WinUi.h src/Cedar/Wpc.h HEADERS_CEDAR=src/Cedar/Account.h src/Cedar/Admin.h src/Cedar/AzureClient.h src/Cedar/AzureServer.h src/Cedar/Bridge.h src/Cedar/BridgeUnix.h src/Cedar/BridgeWin32.h src/Cedar/Cedar.h src/Cedar/CedarPch.h src/Cedar/CedarType.h src/Cedar/Client.h src/Cedar/CM.h src/Cedar/CMInner.h src/Cedar/Command.h src/Cedar/Connection.h src/Cedar/Console.h src/Cedar/Database.h src/Cedar/DDNS.h src/Cedar/EM.h src/Cedar/EMInner.h src/Cedar/EtherLog.h src/Cedar/Hub.h src/Cedar/Interop_OpenVPN.h src/Cedar/Interop_SSTP.h src/Cedar/IPsec.h src/Cedar/IPsec_EtherIP.h src/Cedar/IPsec_IKE.h src/Cedar/IPsec_IkePacket.h src/Cedar/IPsec_IPC.h src/Cedar/IPsec_L2TP.h src/Cedar/IPsec_PPP.h src/Cedar/IPsec_Win7.h src/Cedar/IPsec_Win7Inner.h src/Cedar/Layer3.h src/Cedar/Link.h src/Cedar/Listener.h src/Cedar/Logging.h src/Cedar/Nat.h src/Cedar/NativeStack.h src/Cedar/netcfgn.h src/Cedar/netcfgx.h src/Cedar/NM.h src/Cedar/NMInner.h src/Cedar/NullLan.h src/Cedar/Protocol.h src/Cedar/Radius.h src/Cedar/Remote.h src/Cedar/Sam.h src/Cedar/SecureInfo.h src/Cedar/SecureNAT.h src/Cedar/SeLowUser.h src/Cedar/Server.h src/Cedar/Session.h src/Cedar/SM.h src/Cedar/SMInner.h src/Cedar/SW.h src/Cedar/SWInner.h src/Cedar/UdpAccel.h src/Cedar/UT.h src/Cedar/VG.h src/Cedar/Virtual.h src/Cedar/VLan.h src/Cedar/VLanUnix.h src/Cedar/VLanWin32.h src/Cedar/WaterMark.h src/Cedar/WebUI.h src/Cedar/Win32Com.h src/Cedar/winpcap/bittypes.h src/Cedar/winpcap/bucket_lookup.h src/Cedar/winpcap/count_packets.h src/Cedar/winpcap/Devioctl.h src/Cedar/winpcap/Gnuc.h src/Cedar/winpcap/ip6_misc.h src/Cedar/winpcap/memory_t.h src/Cedar/winpcap/normal_lookup.h src/Cedar/winpcap/Ntddndis.h src/Cedar/winpcap/Ntddpack.h src/Cedar/winpcap/Packet32.h src/Cedar/winpcap/pcap.h src/Cedar/winpcap/pcap-bpf.h src/Cedar/winpcap/pcap-int.h src/Cedar/winpcap/pcap-stdinc.h src/Cedar/winpcap/pthread.h src/Cedar/winpcap/remote-ext.h src/Cedar/winpcap/sched.h src/Cedar/winpcap/semaphore.h src/Cedar/winpcap/tcp_session.h src/Cedar/winpcap/time_calls.h src/Cedar/winpcap/tme.h src/Cedar/winpcap/Win32-Extensions.h src/Cedar/WinUi.h src/Cedar/Wpc.h
OBJECTS_MAYAQUA=tmp/objs/Mayaqua/Cfg.o tmp/objs/Mayaqua/Encrypt.o tmp/objs/Mayaqua/FileIO.o tmp/objs/Mayaqua/Internat.o tmp/objs/Mayaqua/Kernel.o tmp/objs/Mayaqua/Mayaqua.o tmp/objs/Mayaqua/Memory.o tmp/objs/Mayaqua/Microsoft.o tmp/objs/Mayaqua/Network.o tmp/objs/Mayaqua/Object.o tmp/objs/Mayaqua/OS.o tmp/objs/Mayaqua/Pack.o tmp/objs/Mayaqua/Secure.o tmp/objs/Mayaqua/Str.o tmp/objs/Mayaqua/Table.o tmp/objs/Mayaqua/TcpIp.o tmp/objs/Mayaqua/Tick64.o tmp/objs/Mayaqua/Tracking.o tmp/objs/Mayaqua/Unix.o tmp/objs/Mayaqua/Win32.o OBJECTS_MAYAQUA=tmp/objs/Mayaqua/Cfg.o tmp/objs/Mayaqua/Encrypt.o tmp/objs/Mayaqua/FileIO.o tmp/objs/Mayaqua/Internat.o tmp/objs/Mayaqua/Kernel.o tmp/objs/Mayaqua/Mayaqua.o tmp/objs/Mayaqua/Memory.o tmp/objs/Mayaqua/Microsoft.o tmp/objs/Mayaqua/Network.o tmp/objs/Mayaqua/Object.o tmp/objs/Mayaqua/OS.o tmp/objs/Mayaqua/Pack.o tmp/objs/Mayaqua/Secure.o tmp/objs/Mayaqua/Str.o tmp/objs/Mayaqua/Table.o tmp/objs/Mayaqua/TcpIp.o tmp/objs/Mayaqua/Tick64.o tmp/objs/Mayaqua/Tracking.o tmp/objs/Mayaqua/Unix.o tmp/objs/Mayaqua/Win32.o
OBJECTS_CEDAR=tmp/objs/Cedar/Account.o tmp/objs/Cedar/Admin.o tmp/objs/Cedar/AzureClient.o tmp/objs/Cedar/AzureServer.o tmp/objs/Cedar/Bridge.o tmp/objs/Cedar/BridgeUnix.o tmp/objs/Cedar/BridgeWin32.o tmp/objs/Cedar/Cedar.o tmp/objs/Cedar/CedarPch.o tmp/objs/Cedar/Client.o tmp/objs/Cedar/CM.o tmp/objs/Cedar/Command.o tmp/objs/Cedar/Connection.o tmp/objs/Cedar/Console.o tmp/objs/Cedar/Database.o tmp/objs/Cedar/DDNS.o tmp/objs/Cedar/EM.o tmp/objs/Cedar/EtherLog.o tmp/objs/Cedar/Hub.o tmp/objs/Cedar/Interop_OpenVPN.o tmp/objs/Cedar/Interop_SSTP.o tmp/objs/Cedar/IPsec.o tmp/objs/Cedar/IPsec_EtherIP.o tmp/objs/Cedar/IPsec_IKE.o tmp/objs/Cedar/IPsec_IkePacket.o tmp/objs/Cedar/IPsec_IPC.o tmp/objs/Cedar/IPsec_L2TP.o tmp/objs/Cedar/IPsec_PPP.o tmp/objs/Cedar/IPsec_Win7.o tmp/objs/Cedar/Layer3.o tmp/objs/Cedar/Link.o tmp/objs/Cedar/Listener.o tmp/objs/Cedar/Logging.o tmp/objs/Cedar/Nat.o tmp/objs/Cedar/NativeStack.o tmp/objs/Cedar/NM.o tmp/objs/Cedar/NullLan.o tmp/objs/Cedar/Protocol.o tmp/objs/Cedar/Radius.o tmp/objs/Cedar/Remote.o tmp/objs/Cedar/Sam.o tmp/objs/Cedar/SecureInfo.o tmp/objs/Cedar/SecureNAT.o tmp/objs/Cedar/SeLowUser.o tmp/objs/Cedar/Server.o tmp/objs/Cedar/Session.o tmp/objs/Cedar/SM.o tmp/objs/Cedar/SW.o tmp/objs/Cedar/UdpAccel.o tmp/objs/Cedar/UT.o tmp/objs/Cedar/VG.o tmp/objs/Cedar/Virtual.o tmp/objs/Cedar/VLan.o tmp/objs/Cedar/VLanUnix.o tmp/objs/Cedar/VLanWin32.o tmp/objs/Cedar/WaterMark.o tmp/objs/Cedar/WebUI.o tmp/objs/Cedar/WinUi.o tmp/objs/Cedar/Wpc.o OBJECTS_CEDAR=tmp/objs/Cedar/Account.o tmp/objs/Cedar/Admin.o tmp/objs/Cedar/AzureClient.o tmp/objs/Cedar/AzureServer.o tmp/objs/Cedar/Bridge.o tmp/objs/Cedar/BridgeUnix.o tmp/objs/Cedar/BridgeWin32.o tmp/objs/Cedar/Cedar.o tmp/objs/Cedar/CedarPch.o tmp/objs/Cedar/Client.o tmp/objs/Cedar/CM.o tmp/objs/Cedar/Command.o tmp/objs/Cedar/Connection.o tmp/objs/Cedar/Console.o tmp/objs/Cedar/Database.o tmp/objs/Cedar/DDNS.o tmp/objs/Cedar/EM.o tmp/objs/Cedar/EtherLog.o tmp/objs/Cedar/Hub.o tmp/objs/Cedar/Interop_OpenVPN.o tmp/objs/Cedar/Interop_SSTP.o tmp/objs/Cedar/IPsec.o tmp/objs/Cedar/IPsec_EtherIP.o tmp/objs/Cedar/IPsec_IKE.o tmp/objs/Cedar/IPsec_IkePacket.o tmp/objs/Cedar/IPsec_IPC.o tmp/objs/Cedar/IPsec_L2TP.o tmp/objs/Cedar/IPsec_PPP.o tmp/objs/Cedar/IPsec_Win7.o tmp/objs/Cedar/Layer3.o tmp/objs/Cedar/Link.o tmp/objs/Cedar/Listener.o tmp/objs/Cedar/Logging.o tmp/objs/Cedar/Nat.o tmp/objs/Cedar/NativeStack.o tmp/objs/Cedar/NM.o tmp/objs/Cedar/NullLan.o tmp/objs/Cedar/Protocol.o tmp/objs/Cedar/Radius.o tmp/objs/Cedar/Remote.o tmp/objs/Cedar/Sam.o tmp/objs/Cedar/SecureInfo.o tmp/objs/Cedar/SecureNAT.o tmp/objs/Cedar/SeLowUser.o tmp/objs/Cedar/Server.o tmp/objs/Cedar/Session.o tmp/objs/Cedar/SM.o tmp/objs/Cedar/SW.o tmp/objs/Cedar/UdpAccel.o tmp/objs/Cedar/UT.o tmp/objs/Cedar/VG.o tmp/objs/Cedar/Virtual.o tmp/objs/Cedar/VLan.o tmp/objs/Cedar/VLanUnix.o tmp/objs/Cedar/VLanWin32.o tmp/objs/Cedar/WaterMark.o tmp/objs/Cedar/WebUI.o tmp/objs/Cedar/WinUi.o tmp/objs/Cedar/Wpc.o
HAMCORE_FILES=src/bin/hamcore/backup_dir_readme.txt src/bin/hamcore/empty.config src/bin/hamcore/empty_sevpnclient.config src/bin/hamcore/eula.txt src/bin/hamcore/install_src.dat src/bin/hamcore/lang.config src/bin/hamcore/languages.txt src/bin/hamcore/legal.txt src/bin/hamcore/openvpn_readme.pdf src/bin/hamcore/openvpn_readme.txt src/bin/hamcore/openvpn_sample.ovpn src/bin/hamcore/SOURCES_OF_BINARY_FILES.TXT src/bin/hamcore/strtable_cn.stb src/bin/hamcore/strtable_en.stb src/bin/hamcore/strtable_ja.stb src/bin/hamcore/vpnweb_sample_cn.htm src/bin/hamcore/vpnweb_sample_en.htm src/bin/hamcore/vpnweb_sample_ja.htm src/bin/hamcore/warning_cn.txt src/bin/hamcore/warning_en.txt src/bin/hamcore/warning_ja.txt src/bin/hamcore/webui/cryptcom.cgi src/bin/hamcore/webui/edituser.cgi src/bin/hamcore/webui/error.cgi src/bin/hamcore/webui/hub.cgi src/bin/hamcore/webui/license.cgi src/bin/hamcore/webui/listener.cgi src/bin/hamcore/webui/localbridge.cgi src/bin/hamcore/webui/login.cgi src/bin/hamcore/webui/newhub.cgi src/bin/hamcore/webui/redirect.cgi src/bin/hamcore/webui/securenat.cgi src/bin/hamcore/webui/server.cgi src/bin/hamcore/webui/session.cgi src/bin/hamcore/webui/user.cgi src/bin/hamcore/webui/webui.css HAMCORE_FILES=src/bin/hamcore/authors.txt src/bin/hamcore/backup_dir_readme.txt src/bin/hamcore/empty.config src/bin/hamcore/empty_sevpnclient.config src/bin/hamcore/eula.txt src/bin/hamcore/install_src.dat src/bin/hamcore/lang.config src/bin/hamcore/languages.txt src/bin/hamcore/legal.txt src/bin/hamcore/openvpn_readme.pdf src/bin/hamcore/openvpn_readme.txt src/bin/hamcore/openvpn_sample.ovpn src/bin/hamcore/root_certs.dat src/bin/hamcore/SOURCES_OF_BINARY_FILES.TXT src/bin/hamcore/strtable_cn.stb src/bin/hamcore/strtable_en.stb src/bin/hamcore/strtable_ja.stb src/bin/hamcore/vpnweb_sample_cn.htm src/bin/hamcore/vpnweb_sample_en.htm src/bin/hamcore/vpnweb_sample_ja.htm src/bin/hamcore/warning_cn.txt src/bin/hamcore/warning_en.txt src/bin/hamcore/warning_ja.txt src/bin/hamcore/webui/cryptcom.cgi src/bin/hamcore/webui/edituser.cgi src/bin/hamcore/webui/error.cgi src/bin/hamcore/webui/hub.cgi src/bin/hamcore/webui/license.cgi src/bin/hamcore/webui/listener.cgi src/bin/hamcore/webui/localbridge.cgi src/bin/hamcore/webui/login.cgi src/bin/hamcore/webui/newhub.cgi src/bin/hamcore/webui/redirect.cgi src/bin/hamcore/webui/securenat.cgi src/bin/hamcore/webui/server.cgi src/bin/hamcore/webui/session.cgi src/bin/hamcore/webui/user.cgi src/bin/hamcore/webui/webui.css
# Build Action # Build Action
default: build default: build

View File

@ -51,7 +51,7 @@ HEADERS_MAYAQUA=src/Mayaqua/Cfg.h src/Mayaqua/cryptoki.h src/Mayaqua/Encrypt.h s
HEADERS_CEDAR=src/Cedar/Account.h src/Cedar/Admin.h src/Cedar/AzureClient.h src/Cedar/AzureServer.h src/Cedar/Bridge.h src/Cedar/BridgeUnix.h src/Cedar/BridgeWin32.h src/Cedar/Cedar.h src/Cedar/CedarPch.h src/Cedar/CedarType.h src/Cedar/Client.h src/Cedar/CM.h src/Cedar/CMInner.h src/Cedar/Command.h src/Cedar/Connection.h src/Cedar/Console.h src/Cedar/Database.h src/Cedar/DDNS.h src/Cedar/EM.h src/Cedar/EMInner.h src/Cedar/EtherLog.h src/Cedar/Hub.h src/Cedar/Interop_OpenVPN.h src/Cedar/Interop_SSTP.h src/Cedar/IPsec.h src/Cedar/IPsec_EtherIP.h src/Cedar/IPsec_IKE.h src/Cedar/IPsec_IkePacket.h src/Cedar/IPsec_IPC.h src/Cedar/IPsec_L2TP.h src/Cedar/IPsec_PPP.h src/Cedar/IPsec_Win7.h src/Cedar/IPsec_Win7Inner.h src/Cedar/Layer3.h src/Cedar/Link.h src/Cedar/Listener.h src/Cedar/Logging.h src/Cedar/Nat.h src/Cedar/NativeStack.h src/Cedar/netcfgn.h src/Cedar/netcfgx.h src/Cedar/NM.h src/Cedar/NMInner.h src/Cedar/NullLan.h src/Cedar/Protocol.h src/Cedar/Radius.h src/Cedar/Remote.h src/Cedar/Sam.h src/Cedar/SecureInfo.h src/Cedar/SecureNAT.h src/Cedar/SeLowUser.h src/Cedar/Server.h src/Cedar/Session.h src/Cedar/SM.h src/Cedar/SMInner.h src/Cedar/SW.h src/Cedar/SWInner.h src/Cedar/UdpAccel.h src/Cedar/UT.h src/Cedar/VG.h src/Cedar/Virtual.h src/Cedar/VLan.h src/Cedar/VLanUnix.h src/Cedar/VLanWin32.h src/Cedar/WaterMark.h src/Cedar/WebUI.h src/Cedar/Win32Com.h src/Cedar/winpcap/bittypes.h src/Cedar/winpcap/bucket_lookup.h src/Cedar/winpcap/count_packets.h src/Cedar/winpcap/Devioctl.h src/Cedar/winpcap/Gnuc.h src/Cedar/winpcap/ip6_misc.h src/Cedar/winpcap/memory_t.h src/Cedar/winpcap/normal_lookup.h src/Cedar/winpcap/Ntddndis.h src/Cedar/winpcap/Ntddpack.h src/Cedar/winpcap/Packet32.h src/Cedar/winpcap/pcap.h src/Cedar/winpcap/pcap-bpf.h src/Cedar/winpcap/pcap-int.h src/Cedar/winpcap/pcap-stdinc.h src/Cedar/winpcap/pthread.h src/Cedar/winpcap/remote-ext.h src/Cedar/winpcap/sched.h src/Cedar/winpcap/semaphore.h src/Cedar/winpcap/tcp_session.h src/Cedar/winpcap/time_calls.h src/Cedar/winpcap/tme.h src/Cedar/winpcap/Win32-Extensions.h src/Cedar/WinUi.h src/Cedar/Wpc.h HEADERS_CEDAR=src/Cedar/Account.h src/Cedar/Admin.h src/Cedar/AzureClient.h src/Cedar/AzureServer.h src/Cedar/Bridge.h src/Cedar/BridgeUnix.h src/Cedar/BridgeWin32.h src/Cedar/Cedar.h src/Cedar/CedarPch.h src/Cedar/CedarType.h src/Cedar/Client.h src/Cedar/CM.h src/Cedar/CMInner.h src/Cedar/Command.h src/Cedar/Connection.h src/Cedar/Console.h src/Cedar/Database.h src/Cedar/DDNS.h src/Cedar/EM.h src/Cedar/EMInner.h src/Cedar/EtherLog.h src/Cedar/Hub.h src/Cedar/Interop_OpenVPN.h src/Cedar/Interop_SSTP.h src/Cedar/IPsec.h src/Cedar/IPsec_EtherIP.h src/Cedar/IPsec_IKE.h src/Cedar/IPsec_IkePacket.h src/Cedar/IPsec_IPC.h src/Cedar/IPsec_L2TP.h src/Cedar/IPsec_PPP.h src/Cedar/IPsec_Win7.h src/Cedar/IPsec_Win7Inner.h src/Cedar/Layer3.h src/Cedar/Link.h src/Cedar/Listener.h src/Cedar/Logging.h src/Cedar/Nat.h src/Cedar/NativeStack.h src/Cedar/netcfgn.h src/Cedar/netcfgx.h src/Cedar/NM.h src/Cedar/NMInner.h src/Cedar/NullLan.h src/Cedar/Protocol.h src/Cedar/Radius.h src/Cedar/Remote.h src/Cedar/Sam.h src/Cedar/SecureInfo.h src/Cedar/SecureNAT.h src/Cedar/SeLowUser.h src/Cedar/Server.h src/Cedar/Session.h src/Cedar/SM.h src/Cedar/SMInner.h src/Cedar/SW.h src/Cedar/SWInner.h src/Cedar/UdpAccel.h src/Cedar/UT.h src/Cedar/VG.h src/Cedar/Virtual.h src/Cedar/VLan.h src/Cedar/VLanUnix.h src/Cedar/VLanWin32.h src/Cedar/WaterMark.h src/Cedar/WebUI.h src/Cedar/Win32Com.h src/Cedar/winpcap/bittypes.h src/Cedar/winpcap/bucket_lookup.h src/Cedar/winpcap/count_packets.h src/Cedar/winpcap/Devioctl.h src/Cedar/winpcap/Gnuc.h src/Cedar/winpcap/ip6_misc.h src/Cedar/winpcap/memory_t.h src/Cedar/winpcap/normal_lookup.h src/Cedar/winpcap/Ntddndis.h src/Cedar/winpcap/Ntddpack.h src/Cedar/winpcap/Packet32.h src/Cedar/winpcap/pcap.h src/Cedar/winpcap/pcap-bpf.h src/Cedar/winpcap/pcap-int.h src/Cedar/winpcap/pcap-stdinc.h src/Cedar/winpcap/pthread.h src/Cedar/winpcap/remote-ext.h src/Cedar/winpcap/sched.h src/Cedar/winpcap/semaphore.h src/Cedar/winpcap/tcp_session.h src/Cedar/winpcap/time_calls.h src/Cedar/winpcap/tme.h src/Cedar/winpcap/Win32-Extensions.h src/Cedar/WinUi.h src/Cedar/Wpc.h
OBJECTS_MAYAQUA=tmp/objs/Mayaqua/Cfg.o tmp/objs/Mayaqua/Encrypt.o tmp/objs/Mayaqua/FileIO.o tmp/objs/Mayaqua/Internat.o tmp/objs/Mayaqua/Kernel.o tmp/objs/Mayaqua/Mayaqua.o tmp/objs/Mayaqua/Memory.o tmp/objs/Mayaqua/Microsoft.o tmp/objs/Mayaqua/Network.o tmp/objs/Mayaqua/Object.o tmp/objs/Mayaqua/OS.o tmp/objs/Mayaqua/Pack.o tmp/objs/Mayaqua/Secure.o tmp/objs/Mayaqua/Str.o tmp/objs/Mayaqua/Table.o tmp/objs/Mayaqua/TcpIp.o tmp/objs/Mayaqua/Tick64.o tmp/objs/Mayaqua/Tracking.o tmp/objs/Mayaqua/Unix.o tmp/objs/Mayaqua/Win32.o OBJECTS_MAYAQUA=tmp/objs/Mayaqua/Cfg.o tmp/objs/Mayaqua/Encrypt.o tmp/objs/Mayaqua/FileIO.o tmp/objs/Mayaqua/Internat.o tmp/objs/Mayaqua/Kernel.o tmp/objs/Mayaqua/Mayaqua.o tmp/objs/Mayaqua/Memory.o tmp/objs/Mayaqua/Microsoft.o tmp/objs/Mayaqua/Network.o tmp/objs/Mayaqua/Object.o tmp/objs/Mayaqua/OS.o tmp/objs/Mayaqua/Pack.o tmp/objs/Mayaqua/Secure.o tmp/objs/Mayaqua/Str.o tmp/objs/Mayaqua/Table.o tmp/objs/Mayaqua/TcpIp.o tmp/objs/Mayaqua/Tick64.o tmp/objs/Mayaqua/Tracking.o tmp/objs/Mayaqua/Unix.o tmp/objs/Mayaqua/Win32.o
OBJECTS_CEDAR=tmp/objs/Cedar/Account.o tmp/objs/Cedar/Admin.o tmp/objs/Cedar/AzureClient.o tmp/objs/Cedar/AzureServer.o tmp/objs/Cedar/Bridge.o tmp/objs/Cedar/BridgeUnix.o tmp/objs/Cedar/BridgeWin32.o tmp/objs/Cedar/Cedar.o tmp/objs/Cedar/CedarPch.o tmp/objs/Cedar/Client.o tmp/objs/Cedar/CM.o tmp/objs/Cedar/Command.o tmp/objs/Cedar/Connection.o tmp/objs/Cedar/Console.o tmp/objs/Cedar/Database.o tmp/objs/Cedar/DDNS.o tmp/objs/Cedar/EM.o tmp/objs/Cedar/EtherLog.o tmp/objs/Cedar/Hub.o tmp/objs/Cedar/Interop_OpenVPN.o tmp/objs/Cedar/Interop_SSTP.o tmp/objs/Cedar/IPsec.o tmp/objs/Cedar/IPsec_EtherIP.o tmp/objs/Cedar/IPsec_IKE.o tmp/objs/Cedar/IPsec_IkePacket.o tmp/objs/Cedar/IPsec_IPC.o tmp/objs/Cedar/IPsec_L2TP.o tmp/objs/Cedar/IPsec_PPP.o tmp/objs/Cedar/IPsec_Win7.o tmp/objs/Cedar/Layer3.o tmp/objs/Cedar/Link.o tmp/objs/Cedar/Listener.o tmp/objs/Cedar/Logging.o tmp/objs/Cedar/Nat.o tmp/objs/Cedar/NativeStack.o tmp/objs/Cedar/NM.o tmp/objs/Cedar/NullLan.o tmp/objs/Cedar/Protocol.o tmp/objs/Cedar/Radius.o tmp/objs/Cedar/Remote.o tmp/objs/Cedar/Sam.o tmp/objs/Cedar/SecureInfo.o tmp/objs/Cedar/SecureNAT.o tmp/objs/Cedar/SeLowUser.o tmp/objs/Cedar/Server.o tmp/objs/Cedar/Session.o tmp/objs/Cedar/SM.o tmp/objs/Cedar/SW.o tmp/objs/Cedar/UdpAccel.o tmp/objs/Cedar/UT.o tmp/objs/Cedar/VG.o tmp/objs/Cedar/Virtual.o tmp/objs/Cedar/VLan.o tmp/objs/Cedar/VLanUnix.o tmp/objs/Cedar/VLanWin32.o tmp/objs/Cedar/WaterMark.o tmp/objs/Cedar/WebUI.o tmp/objs/Cedar/WinUi.o tmp/objs/Cedar/Wpc.o OBJECTS_CEDAR=tmp/objs/Cedar/Account.o tmp/objs/Cedar/Admin.o tmp/objs/Cedar/AzureClient.o tmp/objs/Cedar/AzureServer.o tmp/objs/Cedar/Bridge.o tmp/objs/Cedar/BridgeUnix.o tmp/objs/Cedar/BridgeWin32.o tmp/objs/Cedar/Cedar.o tmp/objs/Cedar/CedarPch.o tmp/objs/Cedar/Client.o tmp/objs/Cedar/CM.o tmp/objs/Cedar/Command.o tmp/objs/Cedar/Connection.o tmp/objs/Cedar/Console.o tmp/objs/Cedar/Database.o tmp/objs/Cedar/DDNS.o tmp/objs/Cedar/EM.o tmp/objs/Cedar/EtherLog.o tmp/objs/Cedar/Hub.o tmp/objs/Cedar/Interop_OpenVPN.o tmp/objs/Cedar/Interop_SSTP.o tmp/objs/Cedar/IPsec.o tmp/objs/Cedar/IPsec_EtherIP.o tmp/objs/Cedar/IPsec_IKE.o tmp/objs/Cedar/IPsec_IkePacket.o tmp/objs/Cedar/IPsec_IPC.o tmp/objs/Cedar/IPsec_L2TP.o tmp/objs/Cedar/IPsec_PPP.o tmp/objs/Cedar/IPsec_Win7.o tmp/objs/Cedar/Layer3.o tmp/objs/Cedar/Link.o tmp/objs/Cedar/Listener.o tmp/objs/Cedar/Logging.o tmp/objs/Cedar/Nat.o tmp/objs/Cedar/NativeStack.o tmp/objs/Cedar/NM.o tmp/objs/Cedar/NullLan.o tmp/objs/Cedar/Protocol.o tmp/objs/Cedar/Radius.o tmp/objs/Cedar/Remote.o tmp/objs/Cedar/Sam.o tmp/objs/Cedar/SecureInfo.o tmp/objs/Cedar/SecureNAT.o tmp/objs/Cedar/SeLowUser.o tmp/objs/Cedar/Server.o tmp/objs/Cedar/Session.o tmp/objs/Cedar/SM.o tmp/objs/Cedar/SW.o tmp/objs/Cedar/UdpAccel.o tmp/objs/Cedar/UT.o tmp/objs/Cedar/VG.o tmp/objs/Cedar/Virtual.o tmp/objs/Cedar/VLan.o tmp/objs/Cedar/VLanUnix.o tmp/objs/Cedar/VLanWin32.o tmp/objs/Cedar/WaterMark.o tmp/objs/Cedar/WebUI.o tmp/objs/Cedar/WinUi.o tmp/objs/Cedar/Wpc.o
HAMCORE_FILES=src/bin/hamcore/backup_dir_readme.txt src/bin/hamcore/empty.config src/bin/hamcore/empty_sevpnclient.config src/bin/hamcore/eula.txt src/bin/hamcore/install_src.dat src/bin/hamcore/lang.config src/bin/hamcore/languages.txt src/bin/hamcore/legal.txt src/bin/hamcore/openvpn_readme.pdf src/bin/hamcore/openvpn_readme.txt src/bin/hamcore/openvpn_sample.ovpn src/bin/hamcore/SOURCES_OF_BINARY_FILES.TXT src/bin/hamcore/strtable_cn.stb src/bin/hamcore/strtable_en.stb src/bin/hamcore/strtable_ja.stb src/bin/hamcore/vpnweb_sample_cn.htm src/bin/hamcore/vpnweb_sample_en.htm src/bin/hamcore/vpnweb_sample_ja.htm src/bin/hamcore/warning_cn.txt src/bin/hamcore/warning_en.txt src/bin/hamcore/warning_ja.txt src/bin/hamcore/webui/cryptcom.cgi src/bin/hamcore/webui/edituser.cgi src/bin/hamcore/webui/error.cgi src/bin/hamcore/webui/hub.cgi src/bin/hamcore/webui/license.cgi src/bin/hamcore/webui/listener.cgi src/bin/hamcore/webui/localbridge.cgi src/bin/hamcore/webui/login.cgi src/bin/hamcore/webui/newhub.cgi src/bin/hamcore/webui/redirect.cgi src/bin/hamcore/webui/securenat.cgi src/bin/hamcore/webui/server.cgi src/bin/hamcore/webui/session.cgi src/bin/hamcore/webui/user.cgi src/bin/hamcore/webui/webui.css HAMCORE_FILES=src/bin/hamcore/authors.txt src/bin/hamcore/backup_dir_readme.txt src/bin/hamcore/empty.config src/bin/hamcore/empty_sevpnclient.config src/bin/hamcore/eula.txt src/bin/hamcore/install_src.dat src/bin/hamcore/lang.config src/bin/hamcore/languages.txt src/bin/hamcore/legal.txt src/bin/hamcore/openvpn_readme.pdf src/bin/hamcore/openvpn_readme.txt src/bin/hamcore/openvpn_sample.ovpn src/bin/hamcore/root_certs.dat src/bin/hamcore/SOURCES_OF_BINARY_FILES.TXT src/bin/hamcore/strtable_cn.stb src/bin/hamcore/strtable_en.stb src/bin/hamcore/strtable_ja.stb src/bin/hamcore/vpnweb_sample_cn.htm src/bin/hamcore/vpnweb_sample_en.htm src/bin/hamcore/vpnweb_sample_ja.htm src/bin/hamcore/warning_cn.txt src/bin/hamcore/warning_en.txt src/bin/hamcore/warning_ja.txt src/bin/hamcore/webui/cryptcom.cgi src/bin/hamcore/webui/edituser.cgi src/bin/hamcore/webui/error.cgi src/bin/hamcore/webui/hub.cgi src/bin/hamcore/webui/license.cgi src/bin/hamcore/webui/listener.cgi src/bin/hamcore/webui/localbridge.cgi src/bin/hamcore/webui/login.cgi src/bin/hamcore/webui/newhub.cgi src/bin/hamcore/webui/redirect.cgi src/bin/hamcore/webui/securenat.cgi src/bin/hamcore/webui/server.cgi src/bin/hamcore/webui/session.cgi src/bin/hamcore/webui/user.cgi src/bin/hamcore/webui/webui.css
# Build Action # Build Action
default: build default: build

View File

@ -1,16 +1,18 @@
%define majorversion 4.04 %define majorversion 4
%define minorversion 9412 %define minorversion 19
%define dateversion 2014.01.15 %define buildversion 9582
%define dateversion 2015.10.06
%define buildrelease beta
Name: softethervpn Name: softethervpn
Version: %{majorversion}.%{minorversion} Version: %{majorversion}.%{minorversion}.%{buildversion}
Release: 2%{?dist} Release: 1%{?dist}
Summary: An Open-Source Free Cross-platform Multi-protocol VPN Program Summary: An Open-Source Free Cross-platform Multi-protocol VPN Program
Group: Applications/Internet Group: Applications/Internet
License: GPLv2 License: GPLv2
URL: http://www.softether.org/ URL: http://www.softether.org/
Source0: http://www.softether-download.com/files/softether/v%{majorversion}-%{minorversion}-rtm-%{dateversion}-tree/Source%20Code/softether-src-v%{majorversion}-%{minorversion}-rtm.tar.gz Source0: http://www.softether-download.com/files/softether/v%{majorversion}.%{minorversion}-%{buildversion}-%{buildrelease}-%{dateversion}-tree/Source_Code/softether-src-v%{majorversion}.%{minorversion}-%{buildversion}-%{buildrelease}.tar.gz
BuildRequires: ncurses-devel BuildRequires: ncurses-devel
BuildRequires: openssl-devel BuildRequires: openssl-devel
@ -25,7 +27,7 @@ Requires(preun): initscripts
SoftEther VPN is one of the world's most powerful and easy-to-use multi-protocol VPN software. It runs on Windows, Linux, Mac, FreeBSD, and Solaris. SoftEther VPN is one of the world's most powerful and easy-to-use multi-protocol VPN software. It runs on Windows, Linux, Mac, FreeBSD, and Solaris.
%prep %prep
%setup -q -n v%{majorversion}-%{minorversion} %setup -q -n v%{majorversion}.%{minorversion}-%{buildversion}
%build %build
%ifarch i386 i686 %ifarch i386 i686
@ -85,6 +87,12 @@ if [ $1 -eq 0 ]; then
fi fi
%changelog %changelog
* Wed Sep 30 2015 Jeff Tang <mrjefftang@gmail.com> - 4.19.9582-1
- Update upstream to 4.19.9582-beta
* Wed Sep 30 2015 Jeff Tang <mrjefftang@gmail.com> - 4.19.9577-1
- Update upstream to 4.19.9577
* Wed Jan 29 2014 Dexter Ang <thepoch@gmail.com> - 4.04.9412-2 * Wed Jan 29 2014 Dexter Ang <thepoch@gmail.com> - 4.04.9412-2
- Made initscript more Fedora/RH-like. - Made initscript more Fedora/RH-like.
- initscript currently using killall. Need to fix this. - initscript currently using killall. Need to fix this.
@ -92,4 +100,3 @@ fi
* Tue Jan 21 2014 Dexter Ang <thepoch@gmail.com> * Tue Jan 21 2014 Dexter Ang <thepoch@gmail.com>
- Initial release - Initial release

35
configure vendored
View File

@ -16,6 +16,25 @@ echo
echo 'Welcome to the corner-cutting configure script !' echo 'Welcome to the corner-cutting configure script !'
echo echo
OS=""
case "`uname -s`" in
Linux)
OS="linux"
;;
FreeBSD)
OS="freebsd"
;;
SunOS)
OS="solaris"
;;
Darwin)
OS="macos"
;;
OpenBSD)
OS="openbsd"
;;
*)
echo 'Select your operating system below:' echo 'Select your operating system below:'
echo ' 1: Linux' echo ' 1: Linux'
echo ' 2: FreeBSD' echo ' 2: FreeBSD'
@ -26,7 +45,6 @@ echo
echo -n 'Which is your operating system (1 - 5) ? : ' echo -n 'Which is your operating system (1 - 5) ? : '
read TMP read TMP
echo echo
OS=""
if test "$TMP" = "1" if test "$TMP" = "1"
then then
OS="linux" OS="linux"
@ -53,7 +71,18 @@ then
echo "Wrong number." echo "Wrong number."
exit 1 exit 1
fi fi
;;
esac
CPU=""
case "`uname -m`" in
x86_64|amd64|aarch64|arm64|armv8*|mips64|ppc64|sparc64|alpha|ia64)
CPU=64bit
;;
i?86|x86pc|i86pc|armv4*|armv5*|armv6*|armv7*)
CPU=32bit
;;
*)
echo 'Select your CPU bits below:' echo 'Select your CPU bits below:'
echo ' 1: 32-bit' echo ' 1: 32-bit'
echo ' 2: 64-bit' echo ' 2: 64-bit'
@ -61,7 +90,6 @@ echo
echo -n 'Which is the type of your CPU (1 - 2) ? : ' echo -n 'Which is the type of your CPU (1 - 2) ? : '
read TMP read TMP
echo echo
CPU=""
if test "$TMP" = "1" if test "$TMP" = "1"
then then
CPU="32bit" CPU="32bit"
@ -76,8 +104,9 @@ then
echo "Wrong number." echo "Wrong number."
exit 1 exit 1
fi fi
;;
esac
cp src/makefiles/${OS}_${CPU}.mak Makefile cp src/makefiles/${OS}_${CPU}.mak Makefile
echo "The Makefile is generated. Run 'make' to build SoftEther VPN." echo "The Makefile is generated. Run 'make' to build SoftEther VPN."

9
debian/rules vendored
View File

@ -18,7 +18,10 @@ override_dh_auto_install:
make install make install
configure_config: configure_config:
if [ $(shell uname -m) = 'x86_64' ]; then echo "1\n2\n" | ./configure; fi if [ $(shell uname -m) = 'x86_64' ]; then echo -e "1\n2\n" | ./configure; fi
if [ $(shell uname -m) = 'i686' ]; then echo "1\n1\n" | ./configure; fi if [ $(shell uname -m) = 'i686' ]; then echo -e "1\n1\n" | ./configure; fi
if [ $(shell uname -m) = 'armv6l' ]; then echo "1\n1\n" | ./configure; fi if [ $(shell uname -m) = 'armv6l' ]; then echo -e "1\n1\n" | ./configure; fi
if [ $(shell uname -m) = 'armv5tel' ]; then echo -e "1\n1\n" | ./configure; fi
if [ $(shell uname -m) = 'aarch64' ]; then echo -e "1\n2\n" | ./configure; fi
if [ $(shell uname -m) = 'armv7l' ]; then echo -e "1\n1\n" | ./configure; fi

View File

@ -1,4 +1,19 @@
#! /bin/sh #! /bin/sh
### BEGIN INIT INFO
# Provides: softether-vpnserver
# Required-Start: $network $remote_fs $syslog
# Required-Stop: $network $remote_fs $syslog
# Should-Start: network-manager
# Should-Stop: network-manager
# X-Start-Before: $x-display-manager gdm kdm xdm wdm ldm sdm nodm
# X-Interactive: true
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: SoftEther VPN service
### END INIT INFO
# #
# Author: Dmitry Orlov <me@mosquito.su> # Author: Dmitry Orlov <me@mosquito.su>
# From Debian skeleton (Tom deLombarde) # From Debian skeleton (Tom deLombarde)

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

View File

@ -430,7 +430,7 @@ namespace BuildUtil
{ {
// Windows // Windows
public static readonly OS Windows = new OS("windows", "Windows", public static readonly OS Windows = new OS("windows", "Windows",
"Windows 98 / 98 SE / ME / NT 4.0 SP6a / 2000 SP4 / XP SP2, SP3 / Vista SP1, SP2 / 7 SP1 / 8 / 8.1 / 10 / Server 2003 SP2 / Server 2008 SP1, SP2 / Hyper-V Server 2008 / Server 2008 R2 SP1 / Hyper-V Server 2008 R2 / Server 2012 / Hyper-V Server 2012 / Server 2012 R2 / Hyper-V Server 2012 R2", "Windows 98 / 98 SE / ME / NT 4.0 SP6a / 2000 SP4 / XP SP2, SP3 / Vista SP1, SP2 / 7 SP1 / 8 / 8.1 / 10 / Server 2003 SP2 / Server 2008 SP1, SP2 / Hyper-V Server 2008 / Server 2008 R2 SP1 / Hyper-V Server 2008 R2 / Server 2012 / Hyper-V Server 2012 / Server 2012 R2 / Hyper-V Server 2012 R2 / Server 2016",
new Cpu[] new Cpu[]
{ {
CpuList.intel, CpuList.intel,
@ -438,7 +438,7 @@ namespace BuildUtil
// Linux // Linux
public static readonly OS Linux = new OS("linux", "Linux", public static readonly OS Linux = new OS("linux", "Linux",
"Linux Kernel 2.4 / 2.6 / 3.x", "Linux Kernel 2.4 / 2.6 / 3.x / 4.x",
new Cpu[] new Cpu[]
{ {
CpuList.x86, CpuList.x86,

View File

@ -1166,7 +1166,7 @@ UINT StMakeOpenVpnConfigFile(ADMIN *a, RPC_READ_LOG_FILE *t)
name = NewName(cn, cn, cn, L"US", NULL, NULL); name = NewName(cn, cn, cn, L"US", NULL, NULL);
dummy_x = NewRootX(dummy_public_k, dummy_private_k, name, MAX(GetDaysUntil2038(), SERVER_DEFAULT_CERT_DAYS), NULL); dummy_x = NewRootX(dummy_public_k, dummy_private_k, name, GetDaysUntil2038Ex(), NULL);
FreeName(name); FreeName(name);
@ -11840,12 +11840,12 @@ void InRpcHubEnumCa(RPC_HUB_ENUM_CA *t, PACK *p)
void OutRpcHubEnumCa(PACK *p, RPC_HUB_ENUM_CA *t) void OutRpcHubEnumCa(PACK *p, RPC_HUB_ENUM_CA *t)
{ {
UINT i; UINT i;
PackAddStr(p, "HubName", t->HubName);
// Validate arguments // Validate arguments
if (t == NULL || p == NULL) if (t == NULL || p == NULL)
{ {
return; return;
} }
PackAddStr(p, "HubName", t->HubName);
for (i = 0;i < t->NumCa;i++) for (i = 0;i < t->NumCa;i++)
{ {
@ -12313,12 +12313,12 @@ void InRpcEnumAccessList(RPC_ENUM_ACCESS_LIST *a, PACK *p)
void OutRpcEnumAccessList(PACK *p, RPC_ENUM_ACCESS_LIST *a) void OutRpcEnumAccessList(PACK *p, RPC_ENUM_ACCESS_LIST *a)
{ {
UINT i; UINT i;
PackAddStr(p, "HubName", a->HubName);
// Validate arguments // Validate arguments
if (a == NULL || p == NULL) if (a == NULL || p == NULL)
{ {
return; return;
} }
PackAddStr(p, "HubName", a->HubName);
for (i = 0;i < a->NumAccess;i++) for (i = 0;i < a->NumAccess;i++)
{ {
@ -12573,12 +12573,12 @@ void InRpcEnumUser(RPC_ENUM_USER *t, PACK *p)
void OutRpcEnumUser(PACK *p, RPC_ENUM_USER *t) void OutRpcEnumUser(PACK *p, RPC_ENUM_USER *t)
{ {
UINT i; UINT i;
PackAddStr(p, "HubName", t->HubName);
// Validate arguments // Validate arguments
if (t == NULL || p == NULL) if (t == NULL || p == NULL)
{ {
return; return;
} }
PackAddStr(p, "HubName", t->HubName);
for (i = 0;i < t->NumUser;i++) for (i = 0;i < t->NumUser;i++)
{ {
@ -12787,12 +12787,12 @@ void InRpcEnumSession(RPC_ENUM_SESSION *t, PACK *p)
void OutRpcEnumSession(PACK *p, RPC_ENUM_SESSION *t) void OutRpcEnumSession(PACK *p, RPC_ENUM_SESSION *t)
{ {
UINT i; UINT i;
PackAddStr(p, "HubName", t->HubName);
// Validate arguments // Validate arguments
if (t == NULL || p == NULL) if (t == NULL || p == NULL)
{ {
return; return;
} }
PackAddStr(p, "HubName", t->HubName);
for (i = 0;i < t->NumSession;i++) for (i = 0;i < t->NumSession;i++)
{ {

View File

@ -274,6 +274,15 @@ bool IsSupportedWinVer(RPC_WINVER *v)
return true; return true;
} }
} }
else
{
// Windows Server 2016
if (v->ServicePack <= 0)
{
// SP0 only
return true;
}
}
} }
return false; return false;
@ -1750,7 +1759,7 @@ CEDAR *NewCedar(X *server_x, K *server_k)
c->TrafficDiffList = NewList(NULL); c->TrafficDiffList = NewList(NULL);
SetCedarCipherList(c, "RC4-MD5"); SetCedarCipherList(c, SERVER_DEFAULT_CIPHER_NAME);
c->ClientId = _II("CLIENT_ID"); c->ClientId = _II("CLIENT_ID");

View File

@ -135,10 +135,10 @@
// Version number // Version number
#define CEDAR_VER 421 #define CEDAR_VER 422
// Build Number // Build Number
#define CEDAR_BUILD 9613 #define CEDAR_BUILD 9634
// Beta number // Beta number
//#define BETA_NUMBER 3 //#define BETA_NUMBER 3
@ -158,11 +158,11 @@
// Specifies the build date // Specifies the build date
#define BUILD_DATE_Y 2016 #define BUILD_DATE_Y 2016
#define BUILD_DATE_M 4 #define BUILD_DATE_M 11
#define BUILD_DATE_D 24 #define BUILD_DATE_D 27
#define BUILD_DATE_HO 15 #define BUILD_DATE_HO 14
#define BUILD_DATE_MI 39 #define BUILD_DATE_MI 33
#define BUILD_DATE_SE 17 #define BUILD_DATE_SE 59
// Tolerable time difference // Tolerable time difference
#define ALLOW_TIMESTAMP_DIFF (UINT64)(3 * 24 * 60 * 60 * 1000) #define ALLOW_TIMESTAMP_DIFF (UINT64)(3 * 24 * 60 * 60 * 1000)
@ -670,7 +670,7 @@
#define ARP_ENTRY_EXPIRES (30 * 1000) // ARP table expiration date #define ARP_ENTRY_EXPIRES (30 * 1000) // ARP table expiration date
#define ARP_ENTRY_POLLING_TIME (1 * 1000) // ARP table cleaning timer #define ARP_ENTRY_POLLING_TIME (1 * 1000) // ARP table cleaning timer
#define ARP_REQUEST_TIMEOUT (200) // ARP request time-out period #define ARP_REQUEST_TIMEOUT (1000) // ARP request time-out period
#define ARP_REQUEST_GIVEUP (5 * 1000) // Time to give up sending the ARP request #define ARP_REQUEST_GIVEUP (5 * 1000) // Time to give up sending the ARP request
#define IP_WAIT_FOR_ARP_TIMEOUT (5 * 1000) // Total time that an IP packet waiting for ARP table #define IP_WAIT_FOR_ARP_TIMEOUT (5 * 1000) // Total time that an IP packet waiting for ARP table
#define IP_COMBINE_TIMEOUT (10 * 1000) // Time-out of IP packet combining #define IP_COMBINE_TIMEOUT (10 * 1000) // Time-out of IP packet combining
@ -1052,7 +1052,7 @@ typedef struct CEDAR
UINT QueueBudget; // Queue budget UINT QueueBudget; // Queue budget
LOCK *FifoBudgetLock; // Fifo budget lock LOCK *FifoBudgetLock; // Fifo budget lock
UINT FifoBudget; // Fifo budget UINT FifoBudget; // Fifo budget
bool AcceptOnlyTls; // Accept only TLS (Disable SSL) SSL_ACCEPT_SETTINGS SslAcceptSettings; // SSL Accept Settings
char OpenVPNDefaultClientOption[MAX_SIZE]; // OpenVPN Default Client Option String char OpenVPNDefaultClientOption[MAX_SIZE]; // OpenVPN Default Client Option String
} CEDAR; } CEDAR;

View File

@ -46,7 +46,7 @@
Name="VCCLCompilerTool" Name="VCCLCompilerTool"
Optimization="0" Optimization="0"
AdditionalIncludeDirectories="$(SolutionDir)Mayaqua\win32_inc;.;$(SolutionDir);WinPcap" AdditionalIncludeDirectories="$(SolutionDir)Mayaqua\win32_inc;.;$(SolutionDir);WinPcap"
PreprocessorDefinitions="WIN32;_DEBUG;_LIB;_USE_32BIT_TIME_T" PreprocessorDefinitions="WIN32;_DEBUG;_LIB"
MinimalRebuild="true" MinimalRebuild="true"
ExceptionHandling="0" ExceptionHandling="0"
BasicRuntimeChecks="3" BasicRuntimeChecks="3"
@ -188,7 +188,7 @@
EnableIntrinsicFunctions="false" EnableIntrinsicFunctions="false"
FavorSizeOrSpeed="0" FavorSizeOrSpeed="0"
AdditionalIncludeDirectories="$(SolutionDir)Mayaqua\win32_inc;.;$(SolutionDir);WinPcap" AdditionalIncludeDirectories="$(SolutionDir)Mayaqua\win32_inc;.;$(SolutionDir);WinPcap"
PreprocessorDefinitions="WIN32;NDEBUG;_LIB;_USE_32BIT_TIME_T;VPN_SPEED" PreprocessorDefinitions="WIN32;NDEBUG;_LIB;VPN_SPEED"
StringPooling="false" StringPooling="false"
ExceptionHandling="0" ExceptionHandling="0"
RuntimeLibrary="0" RuntimeLibrary="0"

View File

@ -2181,13 +2181,14 @@ BUF *CiAccountToCfg(RPC_CLIENT_CREATE_ACCOUNT *t)
// RPC dispatch routine // RPC dispatch routine
PACK *CiRpcDispatch(RPC *rpc, char *name, PACK *p) PACK *CiRpcDispatch(RPC *rpc, char *name, PACK *p)
{ {
CLIENT *c = rpc->Param;
PACK *ret; PACK *ret;
CLIENT *c;
// Validate arguments // Validate arguments
if (rpc == NULL || name == NULL || p == NULL) if (rpc == NULL || name == NULL || p == NULL)
{ {
return NULL; return NULL;
} }
c = rpc->Param;
ret = NewPack(); ret = NewPack();
@ -6029,12 +6030,13 @@ L_TRY:
ReleaseSock(s); ReleaseSock(s);
ret = ZeroMalloc(sizeof(REMOTE_CLIENT)); ret = ZeroMalloc(sizeof(REMOTE_CLIENT));
ret->Rpc = rpc;
rpc->Param = ret; rpc->Param = ret;
if (ret != NULL) if (ret != NULL)
{ {
RPC_CLIENT_VERSION t; RPC_CLIENT_VERSION t;
ret->Rpc = rpc;
Zero(&t, sizeof(t)); Zero(&t, sizeof(t));
CcGetClientVersion(ret, &t); CcGetClientVersion(ret, &t);
ret->OsType = t.OsType; ret->OsType = t.OsType;
@ -6487,7 +6489,7 @@ bool Win32CiSecureSign(SECURE_SIGN *sign)
// Success // Success
ret = true; ret = true;
sign->ClientCert = batch[0].OutputX; sign->ClientCert = batch[0].OutputX;
Copy(sign->Signature, batch[1].OutputSign, 128); Copy(sign->Signature, batch[1].OutputSign, MIN(sizeof(sign->Signature),sizeof(batch[1].OutputSign)));
} }
} }

View File

@ -1245,6 +1245,7 @@ void TtsWorkerThread(THREAD *thread, void *param)
if (ret != 0 && ret != SOCK_LATER) if (ret != 0 && ret != SOCK_LATER)
{ {
ts->State = 5; ts->State = 5;
ts->LastCommTime = now;
} }
break; break;
@ -1255,6 +1256,8 @@ void TtsWorkerThread(THREAD *thread, void *param)
{ {
UCHAR c; UCHAR c;
ts->LastCommTime = now;
// Direction of the data is in the first byte that is received // Direction of the data is in the first byte that is received
c = recv_buf_data[0]; c = recv_buf_data[0];
@ -1276,6 +1279,8 @@ void TtsWorkerThread(THREAD *thread, void *param)
// Span // Span
ts->Span = READ_UINT64(recv_buf_data + sizeof(UINT64) + 1); ts->Span = READ_UINT64(recv_buf_data + sizeof(UINT64) + 1);
ts->GiveupSpan = ts->Span * 3ULL + 180000ULL;
} }
} }
break; break;
@ -1289,6 +1294,8 @@ void TtsWorkerThread(THREAD *thread, void *param)
// Checking the first byte of received // Checking the first byte of received
UCHAR c = recv_buf_data[0]; UCHAR c = recv_buf_data[0];
ts->LastCommTime = now;
if (ts->FirstRecvTick == 0) if (ts->FirstRecvTick == 0)
{ {
// Record the time at which the data has been received for the first // Record the time at which the data has been received for the first
@ -1326,10 +1333,20 @@ void TtsWorkerThread(THREAD *thread, void *param)
if (ts->NoMoreSendData == false) if (ts->NoMoreSendData == false)
{ {
ret = Send(ts->Sock, send_buf_data, buf_size, false); ret = Send(ts->Sock, send_buf_data, buf_size, false);
if (ret != 0 && ret != SOCK_LATER)
{
ts->LastCommTime = now;
}
} }
else else
{ {
ret = Recv(ts->Sock, recv_buf_data, buf_size, false); ret = Recv(ts->Sock, recv_buf_data, buf_size, false);
if (ret != 0 && ret != SOCK_LATER)
{
ts->LastCommTime = now;
}
} }
if (ts->FirstSendTick == 0) if (ts->FirstSendTick == 0)
@ -1364,6 +1381,11 @@ void TtsWorkerThread(THREAD *thread, void *param)
{ {
ret = Send(ts->Sock, &tmp64, sizeof(tmp64), false); ret = Send(ts->Sock, &tmp64, sizeof(tmp64), false);
if (ret != 0 && ret != SOCK_LATER)
{
ts->LastCommTime = now;
}
if (ret != SOCK_LATER) if (ret != SOCK_LATER)
{ {
UINT j; UINT j;
@ -1390,6 +1412,12 @@ void TtsWorkerThread(THREAD *thread, void *param)
break; break;
} }
if (now > (ts->LastCommTime + ts->GiveupSpan))
{
// Timeout: disconnect orphan sessions
ret = 0;
}
if (ret == 0) if (ret == 0)
{ {
// Mark as deleting the socket because it is disconnected // Mark as deleting the socket because it is disconnected
@ -1514,7 +1542,7 @@ void TtsAcceptProc(TTS *tts, SOCK *listen_socket)
else else
{ {
// Connected from the client // Connected from the client
AcceptInit(s); AcceptInitEx(s, true);
tts->NewSocketArrived = true; tts->NewSocketArrived = true;
LockList(tts->TtsSockList); LockList(tts->TtsSockList);
{ {
@ -1523,6 +1551,9 @@ void TtsAcceptProc(TTS *tts, SOCK *listen_socket)
ts->Id = (++tts->IdSeed); ts->Id = (++tts->IdSeed);
ts->Sock = s; ts->Sock = s;
ts->GiveupSpan = (UINT64)(10 * 60 * 1000);
ts->LastCommTime = Tick64();
UniFormat(tmp, sizeof(tmp), _UU("TTS_ACCEPTED"), ts->Id, UniFormat(tmp, sizeof(tmp), _UU("TTS_ACCEPTED"), ts->Id,
s->RemoteHostname, s->RemotePort); s->RemoteHostname, s->RemotePort);
TtPrint(tts->Param, tts->Print, tmp); TtPrint(tts->Param, tts->Print, tmp);
@ -8079,7 +8110,7 @@ UINT PsServerCipherGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
RPC_STR t; RPC_STR t;
TOKEN_LIST *ciphers; TOKEN_LIST *ciphers;
UINT i; UINT i;
wchar_t tmp[MAX_SIZE]; wchar_t tmp[4096];
o = ParseCommandList(c, cmd_name, str, NULL, 0); o = ParseCommandList(c, cmd_name, str, NULL, 0);
if (o == NULL) if (o == NULL)
@ -10040,6 +10071,10 @@ UINT PsLogFileGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
} }
filename = GetParamStr(o, "SAVE"); filename = GetParamStr(o, "SAVE");
if (IsEmptyStr(filename))
{
filename = GetParamStr(o, "SAVEPATH");
}
c->Write(c, _UU("CMD_LogFileGet_START")); c->Write(c, _UU("CMD_LogFileGet_START"));

View File

@ -204,6 +204,8 @@ struct TTS_SOCK
UINT64 FirstRecvTick; // Time which the data has been received last UINT64 FirstRecvTick; // Time which the data has been received last
UINT64 FirstSendTick; // Time which the data has been sent last UINT64 FirstSendTick; // Time which the data has been sent last
UINT64 Span; // Period UINT64 Span; // Period
UINT64 GiveupSpan;
UINT64 LastCommTime;
}; };
// Traffic test server // Traffic test server

View File

@ -1030,7 +1030,7 @@ void ConnectionSend(CONNECTION *c, UINT64 now)
UINT size; UINT size;
SESSION *s; SESSION *s;
HUB *hub = NULL; HUB *hub = NULL;
bool use_qos; bool use_qos = false;
// Validate arguments // Validate arguments
if (c == NULL) if (c == NULL)
{ {
@ -1038,11 +1038,11 @@ void ConnectionSend(CONNECTION *c, UINT64 now)
} }
s = c->Session; s = c->Session;
use_qos = s->QoS;
if (s != NULL) if (s != NULL)
{ {
hub = s->Hub; hub = s->Hub;
use_qos = s->QoS;
} }
// Protocol // Protocol
@ -3137,10 +3137,7 @@ void ConnectionAccept(CONNECTION *c)
// Start the SSL communication // Start the SSL communication
Debug("StartSSL()\n"); Debug("StartSSL()\n");
if (c->Cedar->AcceptOnlyTls) Copy(&s->SslAcceptSettings, &c->Cedar->SslAcceptSettings, sizeof(SSL_ACCEPT_SETTINGS));
{
s->AcceptOnlyTls = true;
}
if (StartSSL(s, x, k) == false) if (StartSSL(s, x, k) == false)
{ {
// Failed // Failed

View File

@ -144,7 +144,7 @@ struct SECURE_SIGN
char SecurePrivateKeyName[MAX_SECURE_DEVICE_FILE_LEN + 1]; // Secure device secret key name char SecurePrivateKeyName[MAX_SECURE_DEVICE_FILE_LEN + 1]; // Secure device secret key name
X *ClientCert; // Client certificate X *ClientCert; // Client certificate
UCHAR Random[SHA1_SIZE]; // Random value for signature UCHAR Random[SHA1_SIZE]; // Random value for signature
UCHAR Signature[128]; // Signed data UCHAR Signature[4096 / 8]; // Signed data
UINT UseSecureDeviceId; UINT UseSecureDeviceId;
UINT BitmapId; // Bitmap ID UINT BitmapId; // Bitmap ID
}; };

View File

@ -670,9 +670,12 @@ UINT DCRegister(DDNS_CLIENT *c, bool ipv6, DDNS_REGISTER_PARAM *p, char *replace
if (ret == NULL) if (ret == NULL)
{ {
Debug("WpcCall: %s\n", url3); Debug("WpcCall: %s\n", url3);
ret = WpcCallEx(url3, &t, DDNS_CONNECT_TIMEOUT, DDNS_COMM_TIMEOUT, "register", req, ret = WpcCallEx2(url3, &t, DDNS_CONNECT_TIMEOUT, DDNS_COMM_TIMEOUT, "register", req,
NULL, NULL, ((cert_hash != NULL && cert_hash->Size == SHA1_SIZE) ? cert_hash->Buf : NULL), NULL, DDNS_RPC_MAX_RECV_SIZE, NULL, NULL, ((cert_hash != NULL && ((cert_hash->Size % SHA1_SIZE) == 0)) ? cert_hash->Buf : NULL),
add_header_name, add_header_value); (cert_hash != NULL ? cert_hash->Size / SHA1_SIZE : 0),
NULL, DDNS_RPC_MAX_RECV_SIZE,
add_header_name, add_header_value,
DDNS_SNI_VER_STRING);
Debug("WpcCall Ret: %u\n", ret); Debug("WpcCall Ret: %u\n", ret);
} }
@ -874,8 +877,11 @@ UINT DCGetMyIpMain(DDNS_CLIENT *c, bool ipv6, char *dst, UINT dst_size, bool use
} }
recv = HttpRequest(&data, (ipv6 ? NULL : &c->InternetSetting), DDNS_CONNECT_TIMEOUT, DDNS_COMM_TIMEOUT, &ret, false, NULL, NULL, StrCpy(data.SniString, sizeof(data.SniString), DDNS_SNI_VER_STRING);
NULL, ((cert_hash != NULL && cert_hash->Size == SHA1_SIZE) ? cert_hash->Buf : NULL));
recv = HttpRequestEx3(&data, (ipv6 ? NULL : &c->InternetSetting), DDNS_CONNECT_TIMEOUT, DDNS_COMM_TIMEOUT, &ret, false, NULL, NULL,
NULL, ((cert_hash != NULL && (cert_hash->Size % SHA1_SIZE) == 0) ? cert_hash->Buf : NULL),
(cert_hash != NULL ? cert_hash->Size / SHA1_SIZE : 0), NULL, 0, NULL, NULL);
FreeBuf(cert_hash); FreeBuf(cert_hash);

View File

@ -115,7 +115,14 @@
#define DDNS_H #define DDNS_H
// Certificate hash // Certificate hash
#define DDNS_CERT_HASH "EFAC5FA0CDD14E0F864EED58A73C35D7E33B62F3" #define DDNS_CERT_HASH "78BF0499A99396907C9F49DD13571C81FE26E6F5" \
"439BAFA75A6EE5671FC9F9A02D34FF29881761A0" \
"EFAC5FA0CDD14E0F864EED58A73C35D7E33B62F3" \
"74DF99D4B1B5F0488A388B50D347D26013DC67A5" \
"6EBB39AFCA8C900635CFC11218CF293A612457E4"
#define DDNS_SNI_VER_STRING "DDNS"
// Destination URL // Destination URL
#define DDNS_URL_V4_GLOBAL "https://x%c.x%c.servers.ddns.softether-network.net/ddns/ddns.aspx" #define DDNS_URL_V4_GLOBAL "https://x%c.x%c.servers.ddns.softether-network.net/ddns/ddns.aspx"

View File

@ -214,7 +214,7 @@ EAP_CLIENT *HubNewEapClient(CEDAR *cedar, char *hubname, char *client_ip_str, ch
if (GetIP(&ip, radius_servers_list->Token[i])) if (GetIP(&ip, radius_servers_list->Token[i]))
{ {
eap = NewEapClient(&ip, radius_port, radius_secret, radius_retry_interval, eap = NewEapClient(&ip, radius_port, radius_secret, radius_retry_interval,
RADIUS_INITIAL_EAP_TIMEOUT, client_ip_str, username); RADIUS_INITIAL_EAP_TIMEOUT, client_ip_str, username, hubname);
if (eap != NULL) if (eap != NULL)
{ {
@ -700,6 +700,8 @@ void DataToHubOptionStruct(HUB_OPTION *o, RPC_ADMIN_OPTION *ao)
GetHubAdminOptionDataAndSet(ao, "SecureNAT_RandomizeAssignIp", &o->SecureNAT_RandomizeAssignIp); GetHubAdminOptionDataAndSet(ao, "SecureNAT_RandomizeAssignIp", &o->SecureNAT_RandomizeAssignIp);
GetHubAdminOptionDataAndSet(ao, "DetectDormantSessionInterval", &o->DetectDormantSessionInterval); GetHubAdminOptionDataAndSet(ao, "DetectDormantSessionInterval", &o->DetectDormantSessionInterval);
GetHubAdminOptionDataAndSet(ao, "NoPhysicalIPOnPacketLog", &o->NoPhysicalIPOnPacketLog); GetHubAdminOptionDataAndSet(ao, "NoPhysicalIPOnPacketLog", &o->NoPhysicalIPOnPacketLog);
GetHubAdminOptionDataAndSet(ao, "UseHubNameAsDhcpUserClassOption", &o->UseHubNameAsDhcpUserClassOption);
GetHubAdminOptionDataAndSet(ao, "UseHubNameAsRadiusNasId", &o->UseHubNameAsRadiusNasId);
} }
// Convert the contents of the HUB_OPTION to data // Convert the contents of the HUB_OPTION to data
@ -771,6 +773,8 @@ void HubOptionStructToData(RPC_ADMIN_OPTION *ao, HUB_OPTION *o, char *hub_name)
Add(aol, NewAdminOption("SecureNAT_RandomizeAssignIp", o->SecureNAT_RandomizeAssignIp)); Add(aol, NewAdminOption("SecureNAT_RandomizeAssignIp", o->SecureNAT_RandomizeAssignIp));
Add(aol, NewAdminOption("DetectDormantSessionInterval", o->DetectDormantSessionInterval)); Add(aol, NewAdminOption("DetectDormantSessionInterval", o->DetectDormantSessionInterval));
Add(aol, NewAdminOption("NoPhysicalIPOnPacketLog", o->NoPhysicalIPOnPacketLog)); Add(aol, NewAdminOption("NoPhysicalIPOnPacketLog", o->NoPhysicalIPOnPacketLog));
Add(aol, NewAdminOption("UseHubNameAsDhcpUserClassOption", o->UseHubNameAsDhcpUserClassOption));
Add(aol, NewAdminOption("UseHubNameAsRadiusNasId", o->UseHubNameAsRadiusNasId));
Zero(ao, sizeof(RPC_ADMIN_OPTION)); Zero(ao, sizeof(RPC_ADMIN_OPTION));

View File

@ -281,6 +281,8 @@ struct HUB_OPTION
bool SecureNAT_RandomizeAssignIp; // Randomize the assignment IP address for new DHCP client bool SecureNAT_RandomizeAssignIp; // Randomize the assignment IP address for new DHCP client
UINT DetectDormantSessionInterval; // Interval (seconds) threshold to detect a dormant VPN session UINT DetectDormantSessionInterval; // Interval (seconds) threshold to detect a dormant VPN session
bool NoPhysicalIPOnPacketLog; // Disable saving physical IP address on the packet log bool NoPhysicalIPOnPacketLog; // Disable saving physical IP address on the packet log
bool UseHubNameAsDhcpUserClassOption; // Add HubName to DHCP request as User-Class option
bool UseHubNameAsRadiusNasId; // Add HubName to Radius request as NAS-Identifier attrioption
}; };
// MAC table entry // MAC table entry
@ -436,6 +438,7 @@ struct HUB
UINT RadiusRetryInterval; // Radius retry interval UINT RadiusRetryInterval; // Radius retry interval
BUF *RadiusSecret; // Radius shared key BUF *RadiusSecret; // Radius shared key
char RadiusSuffixFilter[MAX_SIZE]; // Radius suffix filter char RadiusSuffixFilter[MAX_SIZE]; // Radius suffix filter
char RadiusRealm[MAX_SIZE]; // Radius realm (optional)
bool RadiusConvertAllMsChapv2AuthRequestToEap; // Convert all MS-CHAPv2 auth request to EAP bool RadiusConvertAllMsChapv2AuthRequestToEap; // Convert all MS-CHAPv2 auth request to EAP
bool RadiusUsePeapInsteadOfEap; // Use PEAP instead of EAP bool RadiusUsePeapInsteadOfEap; // Use PEAP instead of EAP
volatile bool Halt; // Halting flag volatile bool Halt; // Halting flag

View File

@ -4725,6 +4725,8 @@ bool GetBestTransformSettingForIPsecSa(IKE_SERVER *ike, IKE_PACKET *pr, IPSEC_SA
IKE_PACKET_TRANSFORM_PAYLOAD *transform = &transform_payload->Payload.Transform; IKE_PACKET_TRANSFORM_PAYLOAD *transform = &transform_payload->Payload.Transform;
IPSEC_SA_TRANSFORM_SETTING set; IPSEC_SA_TRANSFORM_SETTING set;
Zero(&set, sizeof(set));
if (TransformPayloadToTransformSettingForIPsecSa(ike, transform, &set, server_ip)) if (TransformPayloadToTransformSettingForIPsecSa(ike, transform, &set, server_ip))
{ {
Copy(setting, &set, sizeof(IPSEC_SA_TRANSFORM_SETTING)); Copy(setting, &set, sizeof(IPSEC_SA_TRANSFORM_SETTING));

View File

@ -426,7 +426,6 @@ IPC *NewIPC(CEDAR *cedar, char *client_name, char *postfix, char *hubname, char
// Upload the authentication data // Upload the authentication data
p = PackLoginWithPlainPassword(hubname, username, password); p = PackLoginWithPlainPassword(hubname, username, password);
PackAddInt64(p, "timestamp", SystemTime64());
PackAddStr(p, "hello", client_name); PackAddStr(p, "hello", client_name);
PackAddInt(p, "client_ver", cedar->Version); PackAddInt(p, "client_ver", cedar->Version);
PackAddInt(p, "client_build", cedar->Build); PackAddInt(p, "client_build", cedar->Build);
@ -679,6 +678,24 @@ void FreeIPC(IPC *ipc)
Free(ipc); Free(ipc);
} }
// Set User Class option if corresponding Virtual Hub optin is set
void IPCDhcpSetConditionalUserClass(IPC *ipc, DHCP_OPTION_LIST *req)
{
HUB *hub;
hub = GetHub(ipc->Cedar, ipc->HubName);
if (hub == NULL)
{
return;
}
if (hub->Option && hub->Option->UseHubNameAsDhcpUserClassOption)
{
StrCpy(req->UserClass, sizeof(req->UserClass), ipc->HubName);
}
ReleaseHub(hub);
}
// Release the IP address from the DHCP server // Release the IP address from the DHCP server
void IPCDhcpFreeIP(IPC *ipc, IP *dhcp_server) void IPCDhcpFreeIP(IPC *ipc, IP *dhcp_server)
{ {
@ -693,6 +710,7 @@ void IPCDhcpFreeIP(IPC *ipc, IP *dhcp_server)
Zero(&req, sizeof(req)); Zero(&req, sizeof(req));
req.Opcode = DHCP_RELEASE; req.Opcode = DHCP_RELEASE;
req.ServerAddress = IPToUINT(dhcp_server); req.ServerAddress = IPToUINT(dhcp_server);
IPCDhcpSetConditionalUserClass(ipc, &req);
FreeDHCPv4Data(IPCSendDhcpRequest(ipc, NULL, tran_id, &req, 0, 0, NULL)); FreeDHCPv4Data(IPCSendDhcpRequest(ipc, NULL, tran_id, &req, 0, 0, NULL));
} }
@ -713,6 +731,7 @@ void IPCDhcpRenewIP(IPC *ipc, IP *dhcp_server)
req.Opcode = DHCP_REQUEST; req.Opcode = DHCP_REQUEST;
StrCpy(req.Hostname, sizeof(req.Hostname), ipc->ClientHostname); StrCpy(req.Hostname, sizeof(req.Hostname), ipc->ClientHostname);
req.RequestedIp = IPToUINT(&ipc->ClientIPAddress); req.RequestedIp = IPToUINT(&ipc->ClientIPAddress);
IPCDhcpSetConditionalUserClass(ipc, &req);
FreeDHCPv4Data(IPCSendDhcpRequest(ipc, dhcp_server, tran_id, &req, 0, 0, NULL)); FreeDHCPv4Data(IPCSendDhcpRequest(ipc, dhcp_server, tran_id, &req, 0, 0, NULL));
} }
@ -735,6 +754,7 @@ bool IPCDhcpRequestInformIP(IPC *ipc, DHCP_OPTION_LIST *opt, TUBE *discon_poll_t
req.Opcode = DHCP_INFORM; req.Opcode = DHCP_INFORM;
req.ClientAddress = IPToUINT(client_ip); req.ClientAddress = IPToUINT(client_ip);
StrCpy(req.Hostname, sizeof(req.Hostname), ipc->ClientHostname); StrCpy(req.Hostname, sizeof(req.Hostname), ipc->ClientHostname);
IPCDhcpSetConditionalUserClass(ipc, &req);
d = IPCSendDhcpRequest(ipc, NULL, tran_id, &req, DHCP_ACK, IPC_DHCP_TIMEOUT, discon_poll_tube); d = IPCSendDhcpRequest(ipc, NULL, tran_id, &req, DHCP_ACK, IPC_DHCP_TIMEOUT, discon_poll_tube);
if (d == NULL) if (d == NULL)
@ -799,6 +819,7 @@ LABEL_RETRY_FOR_OPENVPN:
req.RequestedIp = request_ip; req.RequestedIp = request_ip;
req.Opcode = DHCP_DISCOVER; req.Opcode = DHCP_DISCOVER;
StrCpy(req.Hostname, sizeof(req.Hostname), ipc->ClientHostname); StrCpy(req.Hostname, sizeof(req.Hostname), ipc->ClientHostname);
IPCDhcpSetConditionalUserClass(ipc, &req);
d = IPCSendDhcpRequest(ipc, NULL, tran_id, &req, DHCP_OFFER, IPC_DHCP_TIMEOUT, discon_poll_tube); d = IPCSendDhcpRequest(ipc, NULL, tran_id, &req, DHCP_OFFER, IPC_DHCP_TIMEOUT, discon_poll_tube);
if (d == NULL) if (d == NULL)
@ -909,6 +930,7 @@ LABEL_RETRY_FOR_OPENVPN:
StrCpy(req.Hostname, sizeof(req.Hostname), ipc->ClientHostname); StrCpy(req.Hostname, sizeof(req.Hostname), ipc->ClientHostname);
req.ServerAddress = d->ParsedOptionList->ServerAddress; req.ServerAddress = d->ParsedOptionList->ServerAddress;
req.RequestedIp = d->ParsedOptionList->ClientAddress; req.RequestedIp = d->ParsedOptionList->ClientAddress;
IPCDhcpSetConditionalUserClass(ipc, &req);
d2 = IPCSendDhcpRequest(ipc, NULL, tran_id, &req, DHCP_ACK, IPC_DHCP_TIMEOUT, discon_poll_tube); d2 = IPCSendDhcpRequest(ipc, NULL, tran_id, &req, DHCP_ACK, IPC_DHCP_TIMEOUT, discon_poll_tube);
if (d2 == NULL) if (d2 == NULL)
@ -1243,6 +1265,12 @@ BUF *IPCBuildDhcpRequestOptions(IPC *ipc, DHCP_OPTION_LIST *opt)
Add(o, NewDhcpOption(DHCP_ID_HOST_NAME, opt->Hostname, StrLen(opt->Hostname))); Add(o, NewDhcpOption(DHCP_ID_HOST_NAME, opt->Hostname, StrLen(opt->Hostname)));
} }
// User Class
if (IsEmptyStr(opt->UserClass) == false)
{
Add(o, NewDhcpOption(DHCP_ID_USER_CLASS, opt->UserClass, StrLen(opt->UserClass)));
}
// Vendor // Vendor
Add(o, NewDhcpOption(DHCP_ID_VENDOR_ID, IPC_DHCP_VENDOR_ID, StrLen(IPC_DHCP_VENDOR_ID))); Add(o, NewDhcpOption(DHCP_ID_VENDOR_ID, IPC_DHCP_VENDOR_ID, StrLen(IPC_DHCP_VENDOR_ID)));

View File

@ -540,6 +540,12 @@ void L3KnownArp(L3IF *f, UINT ip, UCHAR *mac)
return; return;
} }
if (!((f->IpAddress & f->SubnetMask) == (ip & f->SubnetMask)))
{
// Outside the subnet
return;
}
// Delete an ARP query entry to this IP address // Delete an ARP query entry to this IP address
Zero(&t, sizeof(t)); Zero(&t, sizeof(t));
t.IpAddress = ip; t.IpAddress = ip;

View File

@ -1396,13 +1396,15 @@ char *BuildHttpLogStr(HTTPLOG *h)
b = NewBuf(); b = NewBuf();
if (StartWith(h->Path, "http://")) if (StartWith(h->Path, "http://") || StartWith(h->Path, "https://"))
{ {
StrCpy(url, sizeof(url), h->Path); StrCpy(url, sizeof(url), h->Path);
} }
else else
{ {
// URL generation // URL generation
if (h->IsSsl == false)
{
if (h->Port == 80) if (h->Port == 80)
{ {
Format(url, sizeof(url), "http://%s%s", Format(url, sizeof(url), "http://%s%s",
@ -1414,6 +1416,20 @@ char *BuildHttpLogStr(HTTPLOG *h)
h->Hostname, h->Port, h->Path); h->Hostname, h->Port, h->Path);
} }
} }
else
{
if (h->Port == 443)
{
Format(url, sizeof(url), "https://%s/",
h->Hostname);
}
else
{
Format(url, sizeof(url), "https://%s:%u/",
h->Hostname, h->Port);
}
}
}
AddLogBufToStr(b, "HttpMethod", h->Method); AddLogBufToStr(b, "HttpMethod", h->Method);
AddLogBufToStr(b, "HttpUrl", url); AddLogBufToStr(b, "HttpUrl", url);

View File

@ -690,8 +690,11 @@ void UpdateClientThreadMain(UPDATE_CLIENT *c)
cert_hash = StrToBin(UPDATE_SERVER_CERT_HASH); cert_hash = StrToBin(UPDATE_SERVER_CERT_HASH);
recv = HttpRequestEx2(&data, NULL, UPDATE_CONNECT_TIMEOUT, UPDATE_COMM_TIMEOUT, &ret, false, NULL, NULL, StrCpy(data.SniString, sizeof(data.SniString), DDNS_SNI_VER_STRING);
NULL, ((cert_hash != NULL && cert_hash->Size == SHA1_SIZE) ? cert_hash->Buf : NULL),
recv = HttpRequestEx3(&data, NULL, UPDATE_CONNECT_TIMEOUT, UPDATE_COMM_TIMEOUT, &ret, false, NULL, NULL,
NULL, ((cert_hash != NULL && (cert_hash->Size % SHA1_SIZE) == 0) ? cert_hash->Buf : NULL),
(cert_hash != NULL ? (cert_hash->Size / SHA1_SIZE) : 0),
(bool *)&c->HaltFlag, 0, NULL, NULL); (bool *)&c->HaltFlag, 0, NULL, NULL);
FreeBuf(cert_hash); FreeBuf(cert_hash);
@ -1312,7 +1315,6 @@ bool ServerAccept(CONNECTION *c)
FARM_MEMBER *f = NULL; FARM_MEMBER *f = NULL;
SERVER *server = NULL; SERVER *server = NULL;
POLICY ticketed_policy; POLICY ticketed_policy;
UINT64 timestamp;
UCHAR unique[SHA1_SIZE], unique2[SHA1_SIZE]; UCHAR unique[SHA1_SIZE], unique2[SHA1_SIZE];
CEDAR *cedar; CEDAR *cedar;
RPC_WINVER winver; RPC_WINVER winver;
@ -1450,31 +1452,6 @@ bool ServerAccept(CONNECTION *c)
} }
} }
// Time inspection
timestamp = PackGetInt64(p, "timestamp");
if (timestamp != 0)
{
UINT64 now = SystemTime64();
UINT64 abs;
if (now >= timestamp)
{
abs = now - timestamp;
}
else
{
abs = timestamp - now;
}
if (abs > ALLOW_TIMESTAMP_DIFF)
{
// Time difference is too large
FreePack(p);
c->Err = ERR_BAD_CLOCK;
error_detail = "ERR_BAD_CLOCK";
goto CLEANUP;
}
}
// Get the client version // Get the client version
PackGetStr(p, "client_str", c->ClientStr, sizeof(c->ClientStr)); PackGetStr(p, "client_str", c->ClientStr, sizeof(c->ClientStr));
c->ClientVer = PackGetInt(p, "client_ver"); c->ClientVer = PackGetInt(p, "client_ver");
@ -1655,6 +1632,10 @@ bool ServerAccept(CONNECTION *c)
{ {
radius_login_opt.In_CheckVLanId = hub->Option->AssignVLanIdByRadiusAttribute; radius_login_opt.In_CheckVLanId = hub->Option->AssignVLanIdByRadiusAttribute;
radius_login_opt.In_DenyNoVlanId = hub->Option->DenyAllRadiusLoginWithNoVlanAssign; radius_login_opt.In_DenyNoVlanId = hub->Option->DenyAllRadiusLoginWithNoVlanAssign;
if (hub->Option->UseHubNameAsRadiusNasId)
{
StrCpy(radius_login_opt.NasId, sizeof(radius_login_opt.NasId), hubname);
}
} }
// Get the various flags // Get the various flags
@ -4574,7 +4555,7 @@ bool ClientSecureSign(CONNECTION *c, UCHAR *sign, UCHAR *random, X **x)
if (ret) if (ret)
{ {
Copy(sign, ss->Signature, 128); Copy(sign, ss->Signature, sizeof(ss->Signature));
*x = ss->ClientCert; *x = ss->ClientCert;
} }
@ -5853,7 +5834,7 @@ bool ClientUploadAuth(CONNECTION *c)
// Authentication by secure device // Authentication by secure device
if (ClientSecureSign(c, sign, c->Random, &x)) if (ClientSecureSign(c, sign, c->Random, &x))
{ {
p = PackLoginWithCert(o->HubName, a->Username, x, sign, 128); p = PackLoginWithCert(o->HubName, a->Username, x, sign, x->bits / 8);
c->ClientX = CloneX(x); c->ClientX = CloneX(x);
FreeX(x); FreeX(x);
} }
@ -5876,9 +5857,6 @@ bool ClientUploadAuth(CONNECTION *c)
PackAddData(p, "ticket", c->Ticket, SHA1_SIZE); PackAddData(p, "ticket", c->Ticket, SHA1_SIZE);
} }
// Current time
PackAddInt64(p, "timestamp", SystemTime64());
if (p == NULL) if (p == NULL)
{ {
// Error // Error

View File

@ -180,7 +180,7 @@ struct UPDATE_CLIENT
#define UPDATE_FAMILY_NAME _SS("PRODUCT_FAMILY_NAME") #define UPDATE_FAMILY_NAME _SS("PRODUCT_FAMILY_NAME")
// Software update server certificate hash // Software update server certificate hash
#define UPDATE_SERVER_CERT_HASH "EFAC5FA0CDD14E0F864EED58A73C35D7E33B62F3" #define UPDATE_SERVER_CERT_HASH DDNS_CERT_HASH
// URL // URL
#define UPDATE_SERVER_URL_GLOBAL "https://update-check.softether-network.net/update/update.aspx?family=%s&software=%s&mybuild=%u&lang=%s" #define UPDATE_SERVER_URL_GLOBAL "https://update-check.softether-network.net/update/update.aspx?family=%s&software=%s&mybuild=%u&lang=%s"

View File

@ -686,6 +686,11 @@ void EapSetRadiusGeneralAttributes(RADIUS_PACKET *r, EAP_CLIENT *e)
ui = Endian32(5); ui = Endian32(5);
Add(r->AvpList, NewRadiusAvp(RADIUS_ATTRIBUTE_NAS_PORT_TYPE, 0, 0, &ui, sizeof(UINT))); Add(r->AvpList, NewRadiusAvp(RADIUS_ATTRIBUTE_NAS_PORT_TYPE, 0, 0, &ui, sizeof(UINT)));
if (IsEmptyStr(e->CalledStationStr) == false)
{
Add(r->AvpList, NewRadiusAvp(RADIUS_ATTRIBUTE_CALLED_STATION_ID, 0, 0, e->CalledStationStr, StrLen(e->CalledStationStr)));
}
Add(r->AvpList, NewRadiusAvp(RADIUS_ATTRIBUTE_CALLING_STATION_ID, 0, 0, e->ClientIpStr, StrLen(e->ClientIpStr))); Add(r->AvpList, NewRadiusAvp(RADIUS_ATTRIBUTE_CALLING_STATION_ID, 0, 0, e->ClientIpStr, StrLen(e->ClientIpStr)));
Add(r->AvpList, NewRadiusAvp(RADIUS_ATTRIBUTE_TUNNEL_CLIENT_ENDPOINT, 0, 0, e->ClientIpStr, StrLen(e->ClientIpStr))); Add(r->AvpList, NewRadiusAvp(RADIUS_ATTRIBUTE_TUNNEL_CLIENT_ENDPOINT, 0, 0, e->ClientIpStr, StrLen(e->ClientIpStr)));
@ -1237,7 +1242,7 @@ bool EapSendPacket(EAP_CLIENT *e, RADIUS_PACKET *r)
} }
// New EAP client // New EAP client
EAP_CLIENT *NewEapClient(IP *server_ip, UINT server_port, char *shared_secret, UINT resend_timeout, UINT giveup_timeout, char *client_ip_str, char *username) EAP_CLIENT *NewEapClient(IP *server_ip, UINT server_port, char *shared_secret, UINT resend_timeout, UINT giveup_timeout, char *client_ip_str, char *username, char *hubname)
{ {
EAP_CLIENT *e; EAP_CLIENT *e;
if (server_ip == NULL) if (server_ip == NULL)
@ -1266,6 +1271,7 @@ EAP_CLIENT *NewEapClient(IP *server_ip, UINT server_port, char *shared_secret, U
e->GiveupTimeout = giveup_timeout; e->GiveupTimeout = giveup_timeout;
StrCpy(e->SharedSecret, sizeof(e->SharedSecret), shared_secret); StrCpy(e->SharedSecret, sizeof(e->SharedSecret), shared_secret);
StrCpy(e->CalledStationStr, sizeof(e->CalledStationStr), hubname);
StrCpy(e->ClientIpStr, sizeof(e->ClientIpStr), client_ip_str); StrCpy(e->ClientIpStr, sizeof(e->ClientIpStr), client_ip_str);
StrCpy(e->Username, sizeof(e->Username), username); StrCpy(e->Username, sizeof(e->Username), username);
e->LastRecvEapId = 0; e->LastRecvEapId = 0;
@ -1703,7 +1709,7 @@ LABEL_ERROR:
// Attempts Radius authentication (with specifying retry interval and multiple server) // Attempts Radius authentication (with specifying retry interval and multiple server)
bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT secret_size, wchar_t *username, char *password, UINT interval, UCHAR *mschap_v2_server_response_20, bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT secret_size, wchar_t *username, char *password, UINT interval, UCHAR *mschap_v2_server_response_20,
RADIUS_LOGIN_OPTION *opt) RADIUS_LOGIN_OPTION *opt, char *hubname)
{ {
UCHAR random[MD5_SIZE]; UCHAR random[MD5_SIZE];
UCHAR id; UCHAR id;
@ -1833,7 +1839,16 @@ bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT sec
{ {
// Generate a password packet // Generate a password packet
BUF *user_password = (is_mschap ? NULL : RadiusCreateUserPassword(encrypted_password->Buf, encrypted_password->Size)); BUF *user_password = (is_mschap ? NULL : RadiusCreateUserPassword(encrypted_password->Buf, encrypted_password->Size));
BUF *nas_id = RadiusCreateNasId(CEDAR_SERVER_STR); BUF *nas_id;
if (IsEmptyStr(opt->NasId))
{
nas_id = RadiusCreateNasId(CEDAR_SERVER_STR);
}
else
{
nas_id = RadiusCreateNasId(opt->NasId);
}
if (is_mschap || user_password != NULL) if (is_mschap || user_password != NULL)
{ {
@ -1881,6 +1896,12 @@ bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT sec
ui = Endian32(1); ui = Endian32(1);
RadiusAddValue(p, 65, 0, 0, &ui, sizeof(ui)); RadiusAddValue(p, 65, 0, 0, &ui, sizeof(ui));
// Called-Station-ID - VPN Hub Name
if (IsEmptyStr(hubname) == false)
{
RadiusAddValue(p, 30, 0, 0, hubname, StrLen(hubname));
}
// Calling-Station-Id // Calling-Station-Id
RadiusAddValue(p, 31, 0, 0, client_ip_str, StrLen(client_ip_str)); RadiusAddValue(p, 31, 0, 0, client_ip_str, StrLen(client_ip_str));
@ -1931,6 +1952,12 @@ bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT sec
ui = Endian32(1); ui = Endian32(1);
RadiusAddValue(p, 65, 0, 0, &ui, sizeof(ui)); RadiusAddValue(p, 65, 0, 0, &ui, sizeof(ui));
// Called-Station-ID - VPN Hub Name
if (IsEmptyStr(hubname) == false)
{
RadiusAddValue(p, 30, 0, 0, hubname, StrLen(hubname));
}
// Calling-Station-Id // Calling-Station-Id
RadiusAddValue(p, 31, 0, 0, client_ip_str, StrLen(client_ip_str)); RadiusAddValue(p, 31, 0, 0, client_ip_str, StrLen(client_ip_str));

View File

@ -142,6 +142,7 @@
#define RADIUS_ATTRIBUTE_EAP_MESSAGE 79 #define RADIUS_ATTRIBUTE_EAP_MESSAGE 79
#define RADIUS_ATTRIBUTE_EAP_AUTHENTICATOR 80 #define RADIUS_ATTRIBUTE_EAP_AUTHENTICATOR 80
#define RADIUS_ATTRIBUTE_VLAN_ID 81 #define RADIUS_ATTRIBUTE_VLAN_ID 81
#define RADIUS_MAX_NAS_ID_LEN 253
// RADIUS codes // RADIUS codes
#define RADIUS_CODE_ACCESS_REQUEST 1 #define RADIUS_CODE_ACCESS_REQUEST 1
@ -310,6 +311,7 @@ struct EAP_CLIENT
UINT ServerPort; UINT ServerPort;
char SharedSecret[MAX_SIZE]; char SharedSecret[MAX_SIZE];
char ClientIpStr[256]; char ClientIpStr[256];
char CalledStationStr[256];
char Username[MAX_USERNAME_LEN + 1]; char Username[MAX_USERNAME_LEN + 1];
UINT ResendTimeout; UINT ResendTimeout;
UINT GiveupTimeout; UINT GiveupTimeout;
@ -345,7 +347,7 @@ RADIUS_AVP *GetRadiusAvp(RADIUS_PACKET *p, UCHAR type);
void RadiusTest(); void RadiusTest();
EAP_CLIENT *NewEapClient(IP *server_ip, UINT server_port, char *shared_secret, UINT resend_timeout, UINT giveup_timeout, char *client_ip_str, char *username); EAP_CLIENT *NewEapClient(IP *server_ip, UINT server_port, char *shared_secret, UINT resend_timeout, UINT giveup_timeout, char *client_ip_str, char *username, char *hubname);
void ReleaseEapClient(EAP_CLIENT *e); void ReleaseEapClient(EAP_CLIENT *e);
void CleanupEapClient(EAP_CLIENT *e); void CleanupEapClient(EAP_CLIENT *e);
bool EapClientSendMsChapv2AuthRequest(EAP_CLIENT *e); bool EapClientSendMsChapv2AuthRequest(EAP_CLIENT *e);
@ -371,11 +373,12 @@ struct RADIUS_LOGIN_OPTION
bool In_DenyNoVlanId; bool In_DenyNoVlanId;
UINT Out_VLanId; UINT Out_VLanId;
bool Out_IsRadiusLogin; bool Out_IsRadiusLogin;
char NasId[RADIUS_MAX_NAS_ID_LEN + 1]; // NAS-Identifier
}; };
// Function prototype // Function prototype
bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT secret_size, wchar_t *username, char *password, UINT interval, UCHAR *mschap_v2_server_response_20, bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT secret_size, wchar_t *username, char *password, UINT interval, UCHAR *mschap_v2_server_response_20,
RADIUS_LOGIN_OPTION *opt); RADIUS_LOGIN_OPTION *opt, char *hubname);
BUF *RadiusEncryptPassword(char *password, UCHAR *random, UCHAR *secret, UINT secret_size); BUF *RadiusEncryptPassword(char *password, UCHAR *random, UCHAR *secret, UINT secret_size);
BUF *RadiusCreateUserName(wchar_t *username); BUF *RadiusCreateUserName(wchar_t *username);
BUF *RadiusCreateUserPassword(void *data, UINT size); BUF *RadiusCreateUserPassword(void *data, UINT size);

View File

@ -872,17 +872,19 @@ UINT SmDDnsDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param)
// Get the ddns key from the server configuration file // Get the ddns key from the server configuration file
static UINT SmDdnsGetKey(char *key, SM_DDNS *d){ static UINT SmDdnsGetKey(char *key, SM_DDNS *d){
RPC *rpc = d->s->Rpc;
RPC_CONFIG config; RPC_CONFIG config;
UINT err; UINT err;
BUF *buf; BUF *buf;
FOLDER *root, *ddnsfolder; FOLDER *root, *ddnsfolder;
RPC *rpc;
// Validate arguments // Validate arguments
if(d == NULL || d->s == NULL || key == NULL){ if(d == NULL || d->s == NULL || key == NULL){
return ERR_INTERNAL_ERROR; return ERR_INTERNAL_ERROR;
} }
rpc = d->s->Rpc;
Zero(&config, sizeof(config)); Zero(&config, sizeof(config));
err = ScGetConfig(d->s->Rpc, &config); err = ScGetConfig(d->s->Rpc, &config);
if(err != ERR_NO_ERROR){ if(err != ERR_NO_ERROR){
@ -17011,6 +17013,7 @@ void SmSslDlgInit(HWND hWnd, SM_SSL *s)
// Set the encryption algorithm list // Set the encryption algorithm list
cipher_list = GetCipherList(); cipher_list = GetCipherList();
SetFont(hWnd, C_CIPHER, GetFont("Tahoma", 8, false, false, false, false));
CbSetHeight(hWnd, C_CIPHER, 18); CbSetHeight(hWnd, C_CIPHER, 18);
for (i = 0;i < cipher_list->NumTokens;i++) for (i = 0;i < cipher_list->NumTokens;i++)
{ {

View File

@ -210,9 +210,20 @@ bool SamAuthUserByPlainPassword(CONNECTION *c, HUB *hub, char *username, char *p
// Radius authentication // Radius authentication
AUTHRADIUS *auth = (AUTHRADIUS *)u->AuthData; AUTHRADIUS *auth = (AUTHRADIUS *)u->AuthData;
if (ast || auth->RadiusUsername == NULL || UniStrLen(auth->RadiusUsername) == 0) if (ast || auth->RadiusUsername == NULL || UniStrLen(auth->RadiusUsername) == 0)
{
if( IsEmptyStr(h->RadiusRealm) == false )
{
char name_and_realm[MAX_SIZE];
StrCpy(name_and_realm, sizeof(name_and_realm), username);
StrCat(name_and_realm, sizeof(name_and_realm), "@");
StrCat(name_and_realm, sizeof(name_and_realm), h->RadiusRealm);
name = CopyStrToUni(name_and_realm);
}
else
{ {
name = CopyStrToUni(username); name = CopyStrToUni(username);
} }
}
else else
{ {
name = CopyUniStr(auth->RadiusUsername); name = CopyUniStr(auth->RadiusUsername);
@ -267,7 +278,7 @@ bool SamAuthUserByPlainPassword(CONNECTION *c, HUB *hub, char *username, char *p
// Attempt to login // Attempt to login
b = RadiusLogin(c, radius_server_addr, radius_server_port, b = RadiusLogin(c, radius_server_addr, radius_server_port,
radius_secret, StrLen(radius_secret), radius_secret, StrLen(radius_secret),
name, password, interval, mschap_v2_server_response_20, opt); name, password, interval, mschap_v2_server_response_20, opt, hub->Name);
if (b) if (b)
{ {

View File

@ -2152,7 +2152,7 @@ void SiGenerateDefaultCertEx(X **server_x, K **server_k, char *common_name)
name = NewName(cn, cn, cn, name = NewName(cn, cn, cn,
L"US", NULL, NULL); L"US", NULL, NULL);
x = NewRootX(public_key, private_key, name, MAX(GetDaysUntil2038(), SERVER_DEFAULT_CERT_DAYS), NULL); x = NewRootX(public_key, private_key, name, GetDaysUntil2038Ex(), NULL);
*server_x = x; *server_x = x;
*server_k = private_key; *server_k = private_key;
@ -2577,6 +2577,9 @@ void SiLoadInitialConfiguration(SERVER *s)
return; return;
} }
// Default to TLS only; mitigates CVE-2016-0800
s->Cedar->SslAcceptSettings.AcceptOnlyTls = true;
// Auto saving interval related // Auto saving interval related
s->AutoSaveConfigSpan = SERVER_FILE_SAVE_INTERVAL_DEFAULT; s->AutoSaveConfigSpan = SERVER_FILE_SAVE_INTERVAL_DEFAULT;
s->BackupConfigOnlyWhenModified = true; s->BackupConfigOnlyWhenModified = true;
@ -4108,6 +4111,8 @@ void SiLoadHubOptionCfg(FOLDER *f, HUB_OPTION *o)
o->SecureNAT_RandomizeAssignIp = CfgGetBool(f, "SecureNAT_RandomizeAssignIp"); o->SecureNAT_RandomizeAssignIp = CfgGetBool(f, "SecureNAT_RandomizeAssignIp");
o->DetectDormantSessionInterval = CfgGetInt(f, "DetectDormantSessionInterval"); o->DetectDormantSessionInterval = CfgGetInt(f, "DetectDormantSessionInterval");
o->NoPhysicalIPOnPacketLog = CfgGetBool(f, "NoPhysicalIPOnPacketLog"); o->NoPhysicalIPOnPacketLog = CfgGetBool(f, "NoPhysicalIPOnPacketLog");
o->UseHubNameAsDhcpUserClassOption = CfgGetBool(f, "UseHubNameAsDhcpUserClassOption");
o->UseHubNameAsRadiusNasId = CfgGetBool(f, "UseHubNameAsRadiusNasId");
// Enabled by default // Enabled by default
if (CfgIsItem(f, "ManageOnlyPrivateIP")) if (CfgIsItem(f, "ManageOnlyPrivateIP"))
@ -4208,6 +4213,8 @@ void SiWriteHubOptionCfg(FOLDER *f, HUB_OPTION *o)
CfgAddBool(f, "DisableUserModeSecureNAT", o->DisableUserModeSecureNAT); CfgAddBool(f, "DisableUserModeSecureNAT", o->DisableUserModeSecureNAT);
CfgAddBool(f, "DisableCheckMacOnLocalBridge", o->DisableCheckMacOnLocalBridge); CfgAddBool(f, "DisableCheckMacOnLocalBridge", o->DisableCheckMacOnLocalBridge);
CfgAddBool(f, "DisableCorrectIpOffloadChecksum", o->DisableCorrectIpOffloadChecksum); CfgAddBool(f, "DisableCorrectIpOffloadChecksum", o->DisableCorrectIpOffloadChecksum);
CfgAddBool(f, "UseHubNameAsDhcpUserClassOption", o->UseHubNameAsDhcpUserClassOption);
CfgAddBool(f, "UseHubNameAsRadiusNasId", o->UseHubNameAsRadiusNasId);
} }
// Write the user // Write the user
@ -5009,6 +5016,7 @@ void SiWriteHubCfg(FOLDER *f, HUB *h)
CfgAddInt(f, "RadiusServerPort", h->RadiusServerPort); CfgAddInt(f, "RadiusServerPort", h->RadiusServerPort);
CfgAddInt(f, "RadiusRetryInterval", h->RadiusRetryInterval); CfgAddInt(f, "RadiusRetryInterval", h->RadiusRetryInterval);
CfgAddStr(f, "RadiusSuffixFilter", h->RadiusSuffixFilter); CfgAddStr(f, "RadiusSuffixFilter", h->RadiusSuffixFilter);
CfgAddStr(f, "RadiusRealm", h->RadiusRealm);
CfgAddBool(f, "RadiusConvertAllMsChapv2AuthRequestToEap", h->RadiusConvertAllMsChapv2AuthRequestToEap); CfgAddBool(f, "RadiusConvertAllMsChapv2AuthRequestToEap", h->RadiusConvertAllMsChapv2AuthRequestToEap);
CfgAddBool(f, "RadiusUsePeapInsteadOfEap", h->RadiusUsePeapInsteadOfEap); CfgAddBool(f, "RadiusUsePeapInsteadOfEap", h->RadiusUsePeapInsteadOfEap);
@ -5177,6 +5185,7 @@ void SiLoadHubCfg(SERVER *s, FOLDER *f, char *name)
interval = CfgGetInt(f, "RadiusRetryInterval"); interval = CfgGetInt(f, "RadiusRetryInterval");
CfgGetStr(f, "RadiusSuffixFilter", h->RadiusSuffixFilter, sizeof(h->RadiusSuffixFilter)); CfgGetStr(f, "RadiusSuffixFilter", h->RadiusSuffixFilter, sizeof(h->RadiusSuffixFilter));
CfgGetStr(f, "RadiusRealm", h->RadiusRealm, sizeof(h->RadiusRealm));
h->RadiusConvertAllMsChapv2AuthRequestToEap = CfgGetBool(f, "RadiusConvertAllMsChapv2AuthRequestToEap"); h->RadiusConvertAllMsChapv2AuthRequestToEap = CfgGetBool(f, "RadiusConvertAllMsChapv2AuthRequestToEap");
h->RadiusUsePeapInsteadOfEap = CfgGetBool(f, "RadiusUsePeapInsteadOfEap"); h->RadiusUsePeapInsteadOfEap = CfgGetBool(f, "RadiusUsePeapInsteadOfEap");
@ -6156,7 +6165,18 @@ void SiLoadServerCfg(SERVER *s, FOLDER *f)
SetGlobalServerFlag(GSF_DISABLE_SESSION_RECONNECT, CfgGetBool(f, "DisableSessionReconnect")); SetGlobalServerFlag(GSF_DISABLE_SESSION_RECONNECT, CfgGetBool(f, "DisableSessionReconnect"));
// AcceptOnlyTls // AcceptOnlyTls
c->AcceptOnlyTls = CfgGetBool(f, "AcceptOnlyTls"); if (CfgIsItem(f, "AcceptOnlyTls"))
{
c->SslAcceptSettings.AcceptOnlyTls = CfgGetBool(f, "AcceptOnlyTls");
}
else
{
// Default to TLS only; mitigates CVE-2016-0800
c->SslAcceptSettings.AcceptOnlyTls = true;
}
c->SslAcceptSettings.Tls_Disable1_0 = CfgGetBool(f, "Tls_Disable1_0");
c->SslAcceptSettings.Tls_Disable1_1 = CfgGetBool(f, "Tls_Disable1_1");
c->SslAcceptSettings.Tls_Disable1_2 = CfgGetBool(f, "Tls_Disable1_2");
} }
Unlock(c->lock); Unlock(c->lock);
@ -6465,7 +6485,10 @@ void SiWriteServerCfg(FOLDER *f, SERVER *s)
CfgAddBool(f, "DisableGetHostNameWhenAcceptTcp", s->DisableGetHostNameWhenAcceptTcp); CfgAddBool(f, "DisableGetHostNameWhenAcceptTcp", s->DisableGetHostNameWhenAcceptTcp);
CfgAddBool(f, "DisableCoreDumpOnUnix", s->DisableCoreDumpOnUnix); CfgAddBool(f, "DisableCoreDumpOnUnix", s->DisableCoreDumpOnUnix);
CfgAddBool(f, "AcceptOnlyTls", c->AcceptOnlyTls); CfgAddBool(f, "AcceptOnlyTls", c->SslAcceptSettings.AcceptOnlyTls);
CfgAddBool(f, "Tls_Disable1_0", c->SslAcceptSettings.Tls_Disable1_0);
CfgAddBool(f, "Tls_Disable1_1", c->SslAcceptSettings.Tls_Disable1_1);
CfgAddBool(f, "Tls_Disable1_2", c->SslAcceptSettings.Tls_Disable1_2);
// Disable session reconnect // Disable session reconnect
CfgAddBool(f, "DisableSessionReconnect", GetGlobalServerFlag(GSF_DISABLE_SESSION_RECONNECT)); CfgAddBool(f, "DisableSessionReconnect", GetGlobalServerFlag(GSF_DISABLE_SESSION_RECONNECT));
@ -7542,6 +7565,8 @@ void SiCalledUpdateHub(SERVER *s, PACK *p)
o.DisableUserModeSecureNAT = PackGetBool(p, "DisableUserModeSecureNAT"); o.DisableUserModeSecureNAT = PackGetBool(p, "DisableUserModeSecureNAT");
o.DisableCheckMacOnLocalBridge = PackGetBool(p, "DisableCheckMacOnLocalBridge"); o.DisableCheckMacOnLocalBridge = PackGetBool(p, "DisableCheckMacOnLocalBridge");
o.DisableCorrectIpOffloadChecksum = PackGetBool(p, "DisableCorrectIpOffloadChecksum"); o.DisableCorrectIpOffloadChecksum = PackGetBool(p, "DisableCorrectIpOffloadChecksum");
o.UseHubNameAsDhcpUserClassOption = PackGetBool(p, "UseHubNameAsDhcpUserClassOption");
o.UseHubNameAsRadiusNasId = PackGetBool(p, "UseHubNameAsRadiusNasId");
save_packet_log = PackGetInt(p, "SavePacketLog"); save_packet_log = PackGetInt(p, "SavePacketLog");
packet_log_switch_type = PackGetInt(p, "PacketLogSwitchType"); packet_log_switch_type = PackGetInt(p, "PacketLogSwitchType");
@ -9394,6 +9419,8 @@ void SiPackAddCreateHub(PACK *p, HUB *h)
PackAddInt(p, "SecurityLogSwitchType", h->LogSetting.SecurityLogSwitchType); PackAddInt(p, "SecurityLogSwitchType", h->LogSetting.SecurityLogSwitchType);
PackAddData(p, "HashedPassword", h->HashedPassword, SHA1_SIZE); PackAddData(p, "HashedPassword", h->HashedPassword, SHA1_SIZE);
PackAddData(p, "SecurePassword", h->SecurePassword, SHA1_SIZE); PackAddData(p, "SecurePassword", h->SecurePassword, SHA1_SIZE);
PackAddBool(p, "UseHubNameAsDhcpUserClassOption", h->Option->UseHubNameAsDhcpUserClassOption);
PackAddBool(p, "UseHubNameAsRadiusNasId", h->Option->UseHubNameAsRadiusNasId);
SiAccessListToPack(p, h->AccessList); SiAccessListToPack(p, h->AccessList);

View File

@ -116,15 +116,17 @@
// Polling process // Polling process
void UdpAccelPoll(UDP_ACCEL *a) void UdpAccelPoll(UDP_ACCEL *a)
{ {
UCHAR *tmp = a->TmpBuf;
IP nat_t_ip; IP nat_t_ip;
UINT num_ignore_errors = 0; UINT num_ignore_errors = 0;
UCHAR *tmp;
// Validate arguments // Validate arguments
if (a == NULL) if (a == NULL)
{ {
return; return;
} }
tmp = a->TmpBuf;
Lock(a->NatT_Lock); Lock(a->NatT_Lock);
{ {
Copy(&nat_t_ip, &a->NatT_IP, sizeof(IP)); Copy(&nat_t_ip, &a->NatT_IP, sizeof(IP));

View File

@ -2386,7 +2386,6 @@ bool NnTestConnectivity(NATIVE_STACK *a, TUBE *halt_tube)
UINT64 next_send_tick = 0; UINT64 next_send_tick = 0;
UINT64 giveup_time; UINT64 giveup_time;
IPC *ipc; IPC *ipc;
UINT src_port = NnGenSrcPort(a->IsIpRawMode);
INTERRUPT_MANAGER *interrupt; INTERRUPT_MANAGER *interrupt;
TUBE *tubes[3]; TUBE *tubes[3];
UINT num_tubes = 0; UINT num_tubes = 0;
@ -2394,12 +2393,15 @@ bool NnTestConnectivity(NATIVE_STACK *a, TUBE *halt_tube)
IP my_priv_ip; IP my_priv_ip;
UINT num_send_dns = 0; UINT num_send_dns = 0;
IP using_dns; IP using_dns;
UINT src_port = 0;
// Validate arguments // Validate arguments
if (a == NULL) if (a == NULL)
{ {
return false; return false;
} }
src_port = NnGenSrcPort(a->IsIpRawMode);
Copy(&using_dns, &a->DnsServerIP, sizeof(IP)); Copy(&using_dns, &a->DnsServerIP, sizeof(IP));
// Get my physical IP // Get my physical IP
@ -3997,15 +3999,17 @@ bool NatTransactIcmp(VH *v, NAT_ENTRY *n)
void *buf; void *buf;
UINT recv_size; UINT recv_size;
BLOCK *block; BLOCK *block;
UINT dest_port = n->DestPort;
IP dest_ip; IP dest_ip;
UINT num_ignore_errors = 0; UINT num_ignore_errors = 0;
UINT dest_port = 0;
// Validate arguments // Validate arguments
if (v == NULL || n == NULL) if (v == NULL || n == NULL)
{ {
return true; return true;
} }
dest_port = n->DestPort;
if (n->DisconnectNow) if (n->DisconnectNow)
{ {
goto DISCONNECT; goto DISCONNECT;
@ -4200,15 +4204,17 @@ bool NatTransactUdp(VH *v, NAT_ENTRY *n)
void *buf; void *buf;
UINT recv_size; UINT recv_size;
BLOCK *block; BLOCK *block;
UINT dest_port = n->DestPort;
IP dest_ip; IP dest_ip;
UINT num_ignore_errors; UINT num_ignore_errors;
UINT dest_port = 0;
// Validate arguments // Validate arguments
if (v == NULL || n == NULL) if (v == NULL || n == NULL)
{ {
return true; return true;
} }
dest_port = n->DestPort;
if (n->DisconnectNow) if (n->DisconnectNow)
{ {
goto DISCONNECT; goto DISCONNECT;
@ -5429,7 +5435,7 @@ SCAN_FIRST:
void ParseTcpOption(TCP_OPTION *o, void *data, UINT size) void ParseTcpOption(TCP_OPTION *o, void *data, UINT size)
{ {
UCHAR *buf = (UCHAR *)data; UCHAR *buf = (UCHAR *)data;
UINT i; UINT i = 0;
UINT value_size = 0; UINT value_size = 0;
UINT value_id = 0; UINT value_id = 0;
UCHAR value[128]; UCHAR value[128];
@ -5441,13 +5447,18 @@ void ParseTcpOption(TCP_OPTION *o, void *data, UINT size)
Zero(o, sizeof(TCP_OPTION)); Zero(o, sizeof(TCP_OPTION));
for (i = 0;i < size;i++) while(i < size)
{ {
if (buf[i] == 0) if (buf[i] == 0)
{ {
return; return;
} }
if (buf[i] != 1) else if (buf[i] == 1)
{
i++;
continue;
}
else
{ {
value_id = buf[i]; value_id = buf[i];
i++; i++;
@ -5466,12 +5477,14 @@ void ParseTcpOption(TCP_OPTION *o, void *data, UINT size)
return; return;
} }
value_size -= 2; value_size -= 2;
Copy(value, &buf[i], value_size); Copy(value, &buf[i], value_size);
i += value_size; i += value_size;
if (i >= size) if (i > size)
{ {
return; return;
} }
switch (value_id) switch (value_id)
{ {
case 2: // MSS case 2: // MSS
@ -5486,14 +5499,13 @@ void ParseTcpOption(TCP_OPTION *o, void *data, UINT size)
if (value_size == 1) if (value_size == 1)
{ {
UCHAR *wss = (UCHAR *)value; UCHAR *wss = (UCHAR *)value;
o->WindowScaling = Endian16(*wss); o->WindowScaling = *wss;
} }
break; break;
} }
} }
} }
} }
// Create a new NAT TCP session // Create a new NAT TCP session

View File

@ -1725,13 +1725,15 @@ static wchar_t *WuUniReadFile(char *filename)
static void WuUniReplace(wchar_t **buf, wchar_t *from, wchar_t *to) static void WuUniReplace(wchar_t **buf, wchar_t *from, wchar_t *to)
{ {
UINT dstsize; UINT dstsize;
wchar_t *oldbuf = *buf; wchar_t *oldbuf;
if(buf == NULL || from == NULL || to == NULL) if(buf == NULL || from == NULL || to == NULL)
{ {
return; return;
} }
oldbuf = *buf;
dstsize = (UniCalcReplaceStrEx(*buf, from, to, true) + 1) * sizeof(wchar_t); dstsize = (UniCalcReplaceStrEx(*buf, from, to, true) + 1) * sizeof(wchar_t);
*buf = (wchar_t*)Malloc(dstsize); *buf = (wchar_t*)Malloc(dstsize);
UniReplaceStr(*buf, dstsize, oldbuf, from, to); UniReplaceStr(*buf, dstsize, oldbuf, from, to);

View File

@ -204,7 +204,7 @@ typedef struct WINUI_SECURE_BATCH
X *OutputX; // Output certificate X *OutputX; // Output certificate
K *InputK; // Input secret key K *InputK; // Input secret key
LIST *EnumList; // Enumerated list LIST *EnumList; // Enumerated list
UCHAR OutputSign[128]; // Output signature UCHAR OutputSign[4096 / 8]; // Output signature
bool Succeed; // Success flag bool Succeed; // Success flag
} WINUI_SECURE_BATCH; } WINUI_SECURE_BATCH;

View File

@ -163,6 +163,14 @@ PACK *WpcCall(char *url, INTERNET_SETTING *setting, UINT timeout_connect, UINT t
PACK *WpcCallEx(char *url, INTERNET_SETTING *setting, UINT timeout_connect, UINT timeout_comm, PACK *WpcCallEx(char *url, INTERNET_SETTING *setting, UINT timeout_connect, UINT timeout_comm,
char *function_name, PACK *pack, X *cert, K *key, void *sha1_cert_hash, bool *cancel, UINT max_recv_size, char *function_name, PACK *pack, X *cert, K *key, void *sha1_cert_hash, bool *cancel, UINT max_recv_size,
char *additional_header_name, char *additional_header_value) char *additional_header_name, char *additional_header_value)
{
return WpcCallEx2(url, setting, timeout_connect, timeout_comm, function_name, pack,
cert, key, sha1_cert_hash, (sha1_cert_hash == NULL ? 0 : 1),
cancel, max_recv_size, additional_header_name, additional_header_value, NULL);
}
PACK *WpcCallEx2(char *url, INTERNET_SETTING *setting, UINT timeout_connect, UINT timeout_comm,
char *function_name, PACK *pack, X *cert, K *key, void *sha1_cert_hash, UINT num_hashes, bool *cancel, UINT max_recv_size,
char *additional_header_name, char *additional_header_value, char *sni_string)
{ {
URL_DATA data; URL_DATA data;
BUF *b, *recv; BUF *b, *recv;
@ -197,8 +205,14 @@ PACK *WpcCallEx(char *url, INTERNET_SETTING *setting, UINT timeout_connect, UINT
StrCpy(data.AdditionalHeaderValue, sizeof(data.AdditionalHeaderValue), additional_header_value); StrCpy(data.AdditionalHeaderValue, sizeof(data.AdditionalHeaderValue), additional_header_value);
} }
recv = HttpRequestEx(&data, setting, timeout_connect, timeout_comm, &error, if (sni_string != NULL && IsEmptyStr(sni_string) == false)
false, b->Buf, NULL, NULL, sha1_cert_hash, cancel, max_recv_size); {
StrCpy(data.SniString, sizeof(data.SniString), sni_string);
}
recv = HttpRequestEx3(&data, setting, timeout_connect, timeout_comm, &error,
false, b->Buf, NULL, NULL, sha1_cert_hash, num_hashes, cancel, max_recv_size,
NULL, NULL);
FreeBuf(b); FreeBuf(b);
@ -693,6 +707,16 @@ BUF *HttpRequestEx2(URL_DATA *data, INTERNET_SETTING *setting,
UINT *error_code, bool check_ssl_trust, char *post_data, UINT *error_code, bool check_ssl_trust, char *post_data,
WPC_RECV_CALLBACK *recv_callback, void *recv_callback_param, void *sha1_cert_hash, WPC_RECV_CALLBACK *recv_callback, void *recv_callback_param, void *sha1_cert_hash,
bool *cancel, UINT max_recv_size, char *header_name, char *header_value) bool *cancel, UINT max_recv_size, char *header_name, char *header_value)
{
return HttpRequestEx3(data, setting, timeout_connect, timeout_comm, error_code, check_ssl_trust,
post_data, recv_callback, recv_callback_param, sha1_cert_hash, (sha1_cert_hash == NULL ? 0 : 1),
cancel, max_recv_size, header_name, header_value);
}
BUF *HttpRequestEx3(URL_DATA *data, INTERNET_SETTING *setting,
UINT timeout_connect, UINT timeout_comm,
UINT *error_code, bool check_ssl_trust, char *post_data,
WPC_RECV_CALLBACK *recv_callback, void *recv_callback_param, void *sha1_cert_hash, UINT num_hashes,
bool *cancel, UINT max_recv_size, char *header_name, char *header_value)
{ {
WPC_CONNECT con; WPC_CONNECT con;
SOCK *s; SOCK *s;
@ -728,6 +752,14 @@ BUF *HttpRequestEx2(URL_DATA *data, INTERNET_SETTING *setting,
{ {
timeout_comm = WPC_TIMEOUT; timeout_comm = WPC_TIMEOUT;
} }
if (sha1_cert_hash == NULL)
{
num_hashes = 0;
}
if (num_hashes == 0)
{
sha1_cert_hash = NULL;
}
// Connection // Connection
Zero(&con, sizeof(con)); Zero(&con, sizeof(con));
@ -773,7 +805,7 @@ BUF *HttpRequestEx2(URL_DATA *data, INTERNET_SETTING *setting,
if (data->Secure) if (data->Secure)
{ {
// Start the SSL communication // Start the SSL communication
if (StartSSLEx(s, NULL, NULL, true, 0, NULL) == false) if (StartSSLEx(s, NULL, NULL, true, 0, (IsEmptyStr(data->SniString) ? NULL : data->SniString)) == false)
{ {
// SSL connection failed // SSL connection failed
*error_code = ERR_PROTOCOL_ERROR; *error_code = ERR_PROTOCOL_ERROR;
@ -782,13 +814,28 @@ BUF *HttpRequestEx2(URL_DATA *data, INTERNET_SETTING *setting,
return NULL; return NULL;
} }
if (sha1_cert_hash != NULL) if (sha1_cert_hash != NULL && num_hashes >= 1)
{ {
UCHAR hash[SHA1_SIZE]; UCHAR hash[SHA1_SIZE];
UINT i;
bool ok = false;
Zero(hash, sizeof(hash)); Zero(hash, sizeof(hash));
GetXDigest(s->RemoteX, hash, true); GetXDigest(s->RemoteX, hash, true);
if (Cmp(hash, sha1_cert_hash, SHA1_SIZE) != 0) for (i = 0;i < num_hashes;i++)
{
UCHAR *a = (UCHAR *)sha1_cert_hash;
a += (SHA1_SIZE * i);
if (Cmp(hash, a, SHA1_SIZE) == 0)
{
ok = true;
break;
}
}
if (ok == false)
{ {
// Destination certificate hash mismatch // Destination certificate hash mismatch
*error_code = ERR_CERT_NOT_TRUSTED; *error_code = ERR_CERT_NOT_TRUSTED;

View File

@ -159,6 +159,7 @@ struct URL_DATA
char Referer[MAX_SIZE * 3]; // Referer char Referer[MAX_SIZE * 3]; // Referer
char AdditionalHeaderName[128]; // Additional header name char AdditionalHeaderName[128]; // Additional header name
char AdditionalHeaderValue[MAX_SIZE]; // Additional header value char AdditionalHeaderValue[MAX_SIZE]; // Additional header value
char SniString[MAX_SIZE]; // SNI String
}; };
// WPC entry // WPC entry
@ -204,6 +205,11 @@ BUF *HttpRequestEx2(URL_DATA *data, INTERNET_SETTING *setting,
UINT *error_code, bool check_ssl_trust, char *post_data, UINT *error_code, bool check_ssl_trust, char *post_data,
WPC_RECV_CALLBACK *recv_callback, void *recv_callback_param, void *sha1_cert_hash, WPC_RECV_CALLBACK *recv_callback, void *recv_callback_param, void *sha1_cert_hash,
bool *cancel, UINT max_recv_size, char *header_name, char *header_value); bool *cancel, UINT max_recv_size, char *header_name, char *header_value);
BUF *HttpRequestEx3(URL_DATA *data, INTERNET_SETTING *setting,
UINT timeout_connect, UINT timeout_comm,
UINT *error_code, bool check_ssl_trust, char *post_data,
WPC_RECV_CALLBACK *recv_callback, void *recv_callback_param, void *sha1_cert_hash, UINT num_hashes,
bool *cancel, UINT max_recv_size, char *header_name, char *header_value);
SOCK *WpcSockConnect(WPC_CONNECT *param, UINT *error_code, UINT timeout); SOCK *WpcSockConnect(WPC_CONNECT *param, UINT *error_code, UINT timeout);
SOCK *WpcSockConnectEx(WPC_CONNECT *param, UINT *error_code, UINT timeout, bool *cancel); SOCK *WpcSockConnectEx(WPC_CONNECT *param, UINT *error_code, UINT timeout, bool *cancel);
SOCK *WpcSockConnect2(char *hostname, UINT port, INTERNET_SETTING *t, UINT *error_code, UINT timeout); SOCK *WpcSockConnect2(char *hostname, UINT port, INTERNET_SETTING *t, UINT *error_code, UINT timeout);
@ -223,6 +229,9 @@ PACK *WpcCall(char *url, INTERNET_SETTING *setting, UINT timeout_connect, UINT t
PACK *WpcCallEx(char *url, INTERNET_SETTING *setting, UINT timeout_connect, UINT timeout_comm, PACK *WpcCallEx(char *url, INTERNET_SETTING *setting, UINT timeout_connect, UINT timeout_comm,
char *function_name, PACK *pack, X *cert, K *key, void *sha1_cert_hash, bool *cancel, UINT max_recv_size, char *function_name, PACK *pack, X *cert, K *key, void *sha1_cert_hash, bool *cancel, UINT max_recv_size,
char *additional_header_name, char *additional_header_value); char *additional_header_name, char *additional_header_value);
PACK *WpcCallEx2(char *url, INTERNET_SETTING *setting, UINT timeout_connect, UINT timeout_comm,
char *function_name, PACK *pack, X *cert, K *key, void *sha1_cert_hash, UINT num_hashes, bool *cancel, UINT max_recv_size,
char *additional_header_name, char *additional_header_value, char *sni_string);
bool IsProxyPrivateIp(INTERNET_SETTING *s); bool IsProxyPrivateIp(INTERNET_SETTING *s);
#endif // WPC_H #endif // WPC_H

View File

@ -1,4 +1,4 @@
BUILD_NUMBER 9613 BUILD_NUMBER 9634
VERSION 421 VERSION 422
BUILD_NAME beta BUILD_NAME beta
BUILD_DATE 20160424_153917 BUILD_DATE 20161127_143359

View File

@ -46,7 +46,7 @@
Name="VCCLCompilerTool" Name="VCCLCompilerTool"
Optimization="0" Optimization="0"
AdditionalIncludeDirectories="$(SolutionDir)Mayaqua\win32_inc;.;$(SolutionDir);$(SolutionDir)Mayaqua" AdditionalIncludeDirectories="$(SolutionDir)Mayaqua\win32_inc;.;$(SolutionDir);$(SolutionDir)Mayaqua"
PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE;_USE_32BIT_TIME_T" PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE"
MinimalRebuild="true" MinimalRebuild="true"
ExceptionHandling="0" ExceptionHandling="0"
BasicRuntimeChecks="3" BasicRuntimeChecks="3"
@ -232,7 +232,7 @@
EnableIntrinsicFunctions="false" EnableIntrinsicFunctions="false"
FavorSizeOrSpeed="0" FavorSizeOrSpeed="0"
AdditionalIncludeDirectories="$(SolutionDir)Mayaqua\win32_inc;.;$(SolutionDir);$(SolutionDir)Mayaqua" AdditionalIncludeDirectories="$(SolutionDir)Mayaqua\win32_inc;.;$(SolutionDir);$(SolutionDir)Mayaqua"
PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE;_USE_32BIT_TIME_T;VPN_SPEED" PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE;VPN_SPEED"
StringPooling="false" StringPooling="false"
ExceptionHandling="0" ExceptionHandling="0"
RuntimeLibrary="0" RuntimeLibrary="0"

View File

@ -385,6 +385,34 @@ bool FileCopyExW(wchar_t *src, wchar_t *dst, bool read_lock)
return ret; return ret;
} }
bool FileCopyExWithEofW(wchar_t *src, wchar_t *dst, bool read_lock)
{
BUF *b;
bool ret = false;
// Validate arguments
if (src == NULL || dst == NULL)
{
return false;
}
b = ReadDumpExW(src, false);
if (b == NULL)
{
return false;
}
SeekBuf(b, b->Size, 0);
WriteBufChar(b, 0x1A);
SeekBuf(b, 0, 0);
ret = DumpBufW(b, dst);
FreeBuf(b);
return ret;
}
// Save the settings to a file // Save the settings to a file
void CfgSave(FOLDER *f, char *name) void CfgSave(FOLDER *f, char *name)
@ -459,7 +487,8 @@ bool CfgSaveExW3(CFG_RW *rw, FOLDER *f, wchar_t *name, UINT *written_size, bool
// Generate a temporary file name // Generate a temporary file name
UniFormat(tmp, sizeof(tmp), L"%s.log", name); UniFormat(tmp, sizeof(tmp), L"%s.log", name);
// Copy the file that currently exist to a temporary file // Copy the file that currently exist to a temporary file
FileCopyW(name, tmp); // with appending the EOF
FileCopyExWithEofW(name, tmp, true);
// Save the new file // Save the new file
o = FileCreateW(name); o = FileCreateW(name);
@ -481,6 +510,7 @@ bool CfgSaveExW3(CFG_RW *rw, FOLDER *f, wchar_t *name, UINT *written_size, bool
{ {
// Successful saving file // Successful saving file
FileClose(o); FileClose(o);
// Delete the temporary file // Delete the temporary file
FileDeleteW(tmp); FileDeleteW(tmp);
} }
@ -528,6 +558,7 @@ FOLDER *CfgReadW(wchar_t *name)
bool binary_file = false; bool binary_file = false;
bool invalid_file = false; bool invalid_file = false;
UCHAR header[8]; UCHAR header[8];
bool has_eof = false;
// Validate arguments // Validate arguments
if (name == NULL) if (name == NULL)
{ {
@ -543,8 +574,31 @@ FOLDER *CfgReadW(wchar_t *name)
o = FileOpenW(newfile, false); o = FileOpenW(newfile, false);
if (o == NULL) if (o == NULL)
{ {
UINT size;
// Read the temporary file // Read the temporary file
o = FileOpenW(tmp, false); o = FileOpenW(tmp, false);
if (o != NULL)
{
// Check the EOF
size = FileSize(o);
if (size >= 2)
{
char c;
if (FileSeek(o, FILE_BEGIN, size - 1) && FileRead(o, &c, 1) && c == 0x1A && FileSeek(o, FILE_BEGIN, 0))
{
// EOF ok
has_eof = true;
}
else
{
// No EOF: file is corrupted
FileClose(o);
o = NULL;
}
}
}
} }
else else
{ {
@ -577,6 +631,11 @@ FOLDER *CfgReadW(wchar_t *name)
// Read into the buffer // Read into the buffer
size = FileSize(o); size = FileSize(o);
if (has_eof)
{
// Ignore EOF
size -= 1;
}
buf = Malloc(size); buf = Malloc(size);
FileRead(o, buf, size); FileRead(o, buf, size);
b = NewBuf(); b = NewBuf();

View File

@ -1818,6 +1818,40 @@ UINT GetDaysUntil2038()
return (UINT)((target - now) / (UINT64)(1000 * 60 * 60 * 24)); return (UINT)((target - now) / (UINT64)(1000 * 60 * 60 * 24));
} }
} }
UINT GetDaysUntil2038Ex()
{
SYSTEMTIME now;
Zero(&now, sizeof(now));
SystemTime(&now);
if (now.wYear >= 2030)
{
UINT64 now = SystemTime64();
UINT64 target;
SYSTEMTIME st;
Zero(&st, sizeof(st));
st.wYear = 2049;
st.wMonth = 12;
st.wDay = 30;
target = SystemToUINT64(&st);
if (now >= target)
{
return 0;
}
else
{
return (UINT)((target - now) / (UINT64)(1000 * 60 * 60 * 24));
}
}
else
{
return GetDaysUntil2038();
}
}
// Issue an X509 certificate // Issue an X509 certificate
X *NewX(K *pub, K *priv, X *ca, NAME *name, UINT days, X_SERIAL *serial) X *NewX(K *pub, K *priv, X *ca, NAME *name, UINT days, X_SERIAL *serial)
@ -4885,6 +4919,22 @@ bool DhCompute(DH_CTX *dh, void *dst_priv_key, void *src_pub_key, UINT key_size)
return ret; return ret;
} }
// Creating a DH 2048bit
DH_CTX *DhNew2048()
{
return DhNew(DH_SET_2048, 2);
}
// Creating a DH 3072bit
DH_CTX *DhNew3072()
{
return DhNew(DH_SET_3072, 2);
}
// Creating a DH 4096bit
DH_CTX *DhNew4096()
{
return DhNew(DH_SET_4096, 2);
}
// Creating a DH GROUP1 // Creating a DH GROUP1
DH_CTX *DhNewGroup1() DH_CTX *DhNewGroup1()
{ {

View File

@ -170,6 +170,61 @@ void RAND_Free_For_SoftEther();
#define DH_SIMPLE_160 "AEE7561459353C95DDA966AE1FD25D95CD46E935" #define DH_SIMPLE_160 "AEE7561459353C95DDA966AE1FD25D95CD46E935"
#define DH_SET_2048 \
"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
"29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \
"EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \
"E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \
"EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \
"C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \
"83655D23DCA3AD961C62F356208552BB9ED529077096966D" \
"670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \
"E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \
"DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \
"15728E5A8AACAA68FFFFFFFFFFFFFFFF"
#define DH_SET_3072 \
"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"\
"29024E088A67CC74020BBEA63B139B22514A08798E3404DD"\
"EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"\
"E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"\
"EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"\
"C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"\
"83655D23DCA3AD961C62F356208552BB9ED529077096966D"\
"670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"\
"E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"\
"DE2BCBF6955817183995497CEA956AE515D2261898FA0510"\
"15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"\
"ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"\
"ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"\
"F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"\
"BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"\
"43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF"
#define DH_SET_4096 \
"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
"29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \
"EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \
"E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \
"EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \
"C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \
"83655D23DCA3AD961C62F356208552BB9ED529077096966D" \
"670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \
"E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \
"DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \
"15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" \
"ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" \
"ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" \
"F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" \
"BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" \
"43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7" \
"88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA" \
"2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6" \
"287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED" \
"1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" \
"93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" \
"FFFFFFFFFFFFFFFF"
// Macro // Macro
#define HASHED_DATA(p) (((UCHAR *)p) + 15) #define HASHED_DATA(p) (((UCHAR *)p) + 15)
@ -376,6 +431,7 @@ X *NewRootX(K *pub, K *priv, NAME *name, UINT days, X_SERIAL *serial);
X509 *NewX509(K *pub, K *priv, X *ca, NAME *name, UINT days, X_SERIAL *serial); X509 *NewX509(K *pub, K *priv, X *ca, NAME *name, UINT days, X_SERIAL *serial);
X *NewX(K *pub, K *priv, X *ca, NAME *name, UINT days, X_SERIAL *serial); X *NewX(K *pub, K *priv, X *ca, NAME *name, UINT days, X_SERIAL *serial);
UINT GetDaysUntil2038(); UINT GetDaysUntil2038();
UINT GetDaysUntil2038Ex();
X_SERIAL *NewXSerial(void *data, UINT size); X_SERIAL *NewXSerial(void *data, UINT size);
void FreeXSerial(X_SERIAL *serial); void FreeXSerial(X_SERIAL *serial);
char *ByteToStr(BYTE *src, UINT src_size); char *ByteToStr(BYTE *src, UINT src_size);
@ -465,6 +521,9 @@ DH_CTX *DhNewGroup1();
DH_CTX *DhNewGroup2(); DH_CTX *DhNewGroup2();
DH_CTX *DhNewGroup5(); DH_CTX *DhNewGroup5();
DH_CTX *DhNewSimple160(); DH_CTX *DhNewSimple160();
DH_CTX *DhNew2048();
DH_CTX *DhNew3072();
DH_CTX *DhNew4096();
DH_CTX *DhNew(char *prime, UINT g); DH_CTX *DhNew(char *prime, UINT g);
void DhFree(DH_CTX *dh); void DhFree(DH_CTX *dh);
BUF *DhToBuf(DH_CTX *dh); BUF *DhToBuf(DH_CTX *dh);

View File

@ -380,13 +380,16 @@ void ZipAddFileStart(ZIP_PACKER *p, char *name, UINT size, UINT64 dt, UINT attri
// Add data to the file // Add data to the file
UINT ZipAddFileData(ZIP_PACKER *p, void *data, UINT pos, UINT len) UINT ZipAddFileData(ZIP_PACKER *p, void *data, UINT pos, UINT len)
{ {
UINT total_size = p->CurrentFile->CurrentSize + len;
UINT ret; UINT ret;
UINT total_size;
// Validate arguments // Validate arguments
if (p == NULL) if (p == NULL)
{ {
return 0; return 0;
} }
total_size = p->CurrentFile->CurrentSize + len;
if (total_size > p->CurrentFile->Size) if (total_size > p->CurrentFile->Size)
{ {
return 0; return 0;

View File

@ -172,6 +172,109 @@ static LOCALE current_locale;
LOCK *tick_manual_lock = NULL; LOCK *tick_manual_lock = NULL;
UINT g_zero = 0; UINT g_zero = 0;
#define MONSPERYEAR 12
#define DAYSPERNYEAR 365
#define DAYSPERLYEAR 366
#define SECSPERMIN 60
#define SECSPERHOUR (60*60)
#define SECSPERDAY (24*60*60)
#define DAYSPERWEEK 7
#define TM_SUNDAY 0
#define TM_MONDAY 1
#define TM_TUESDAY 2
#define TM_WEDNESDAY 3
#define TM_THURSDAY 4
#define TM_FRIDAY 5
#define TM_SATURDAY 6
#define TM_YEAR_BASE 1900
#define EPOCH_YEAR 1970
#define EPOCH_WDAY TM_THURSDAY
#define isleap(y) (((y) % 4) == 0 && (((y) % 100) != 0 || ((y) % 400) == 0))
static const int mon_lengths[2][MONSPERYEAR] = {
{ 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31 },
{ 31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31 }
};
static const int year_lengths[2] = {
DAYSPERNYEAR, DAYSPERLYEAR
};
/*
* Taken from FreeBSD src / lib / libc / stdtime / localtime.c 1.43 revision.
* localtime.c 7.78.
* tzfile.h 1.8
* adapted to be replacement gmtime_r.
*/
static void
c_timesub(timep, offset, tmp)
const time_64t * const timep;
const long offset;
struct tm * const tmp;
{
INT64 days;
INT64 rem;
INT64 y;
int yleap;
const int * ip;
days = *timep / SECSPERDAY;
rem = *timep % SECSPERDAY;
rem += (offset);
while (rem < 0) {
rem += SECSPERDAY;
--days;
}
while (rem >= SECSPERDAY) {
rem -= SECSPERDAY;
++days;
}
tmp->tm_hour = (int) (rem / SECSPERHOUR);
rem = rem % SECSPERHOUR;
tmp->tm_min = (int) (rem / SECSPERMIN);
/*
** A positive leap second requires a special
** representation. This uses "... ??:59:60" et seq.
*/
tmp->tm_sec = (int) (rem % SECSPERMIN) ;
tmp->tm_wday = (int) ((EPOCH_WDAY + days) % DAYSPERWEEK);
if (tmp->tm_wday < 0)
tmp->tm_wday += DAYSPERWEEK;
y = EPOCH_YEAR;
#define LEAPS_THRU_END_OF(y) ((y) / 4 - (y) / 100 + (y) / 400)
while (days < 0 || days >= (long) year_lengths[yleap = isleap(y)]) {
INT64 newy;
newy = y + days / DAYSPERNYEAR;
if (days < 0)
--newy;
days -= (newy - y) * DAYSPERNYEAR +
LEAPS_THRU_END_OF(newy - 1) -
LEAPS_THRU_END_OF(y - 1);
y = newy;
}
tmp->tm_year = (int)(y - TM_YEAR_BASE);
tmp->tm_yday = (int) days;
ip = mon_lengths[yleap];
for (tmp->tm_mon = 0; days >= (INT64) ip[tmp->tm_mon]; ++(tmp->tm_mon))
days = days - (INT64) ip[tmp->tm_mon];
tmp->tm_mday = (int) (days + 1);
tmp->tm_isdst = 0;
}
/*
* Re-entrant version of gmtime.
*/
struct tm * c_gmtime_r(const time_64t* timep, struct tm *tm)
{
c_timesub(timep, 0L, tm);
return tm;
}
// Get the real-time system timer // Get the real-time system timer
UINT TickRealtime() UINT TickRealtime()
{ {
@ -219,7 +322,14 @@ UINT64 TickGetRealtimeTickValue64()
gettimeofday(&tv, &tz); gettimeofday(&tv, &tz);
if (sizeof(tv.tv_sec) != 4)
{
ret = (UINT64)tv.tv_sec * 1000ULL + (UINT64)tv.tv_usec / 1000ULL; ret = (UINT64)tv.tv_sec * 1000ULL + (UINT64)tv.tv_usec / 1000ULL;
}
else
{
ret = (UINT64)((UINT64)((UINT32)tv.tv_sec)) * 1000ULL + (UINT64)tv.tv_usec / 1000ULL;
}
return ret; return ret;
} }
@ -815,7 +925,7 @@ void GetTimeStr64(char *str, UINT size, UINT64 sec64)
// Convert to a time to be used safely in the current POSIX implementation // Convert to a time to be used safely in the current POSIX implementation
UINT64 SafeTime64(UINT64 sec64) UINT64 SafeTime64(UINT64 sec64)
{ {
return MAKESURE(sec64, 0, 2115947647000ULL); return MAKESURE(sec64, 0, 4102243323123ULL);
} }
// Thread pool // Thread pool
@ -1694,7 +1804,7 @@ void TmToSystem(SYSTEMTIME *st, struct tm *t)
NormalizeTm(&tmp); NormalizeTm(&tmp);
Zero(st, sizeof(SYSTEMTIME)); Zero(st, sizeof(SYSTEMTIME));
st->wYear = MAKESURE(tmp.tm_year + 1900, 1970, 2037); st->wYear = MAKESURE(tmp.tm_year + 1900, 1970, 2099);
st->wMonth = MAKESURE(tmp.tm_mon + 1, 1, 12); st->wMonth = MAKESURE(tmp.tm_mon + 1, 1, 12);
st->wDay = MAKESURE(tmp.tm_mday, 1, 31); st->wDay = MAKESURE(tmp.tm_mday, 1, 31);
st->wDayOfWeek = MAKESURE(tmp.tm_wday, 0, 6); st->wDayOfWeek = MAKESURE(tmp.tm_wday, 0, 6);
@ -1714,7 +1824,7 @@ void SystemToTm(struct tm *t, SYSTEMTIME *st)
} }
Zero(t, sizeof(struct tm)); Zero(t, sizeof(struct tm));
t->tm_year = MAKESURE(st->wYear, 1970, 2037) - 1900; t->tm_year = MAKESURE(st->wYear, 1970, 2099) - 1900;
t->tm_mon = MAKESURE(st->wMonth, 1, 12) - 1; t->tm_mon = MAKESURE(st->wMonth, 1, 12) - 1;
t->tm_mday = MAKESURE(st->wDay, 1, 31); t->tm_mday = MAKESURE(st->wDay, 1, 31);
t->tm_hour = MAKESURE(st->wHour, 0, 23); t->tm_hour = MAKESURE(st->wHour, 0, 23);
@ -1726,7 +1836,7 @@ void SystemToTm(struct tm *t, SYSTEMTIME *st)
} }
// Convert the time_t to SYSTEMTIME // Convert the time_t to SYSTEMTIME
void TimeToSystem(SYSTEMTIME *st, time_t t) void TimeToSystem(SYSTEMTIME *st, time_64t t)
{ {
struct tm tmp; struct tm tmp;
// Validate arguments // Validate arguments
@ -1740,7 +1850,7 @@ void TimeToSystem(SYSTEMTIME *st, time_t t)
} }
// Convert the time_t to 64-bit SYSTEMTIME // Convert the time_t to 64-bit SYSTEMTIME
UINT64 TimeToSystem64(time_t t) UINT64 TimeToSystem64(time_64t t)
{ {
SYSTEMTIME st; SYSTEMTIME st;
@ -1750,7 +1860,7 @@ UINT64 TimeToSystem64(time_t t)
} }
// Convert the SYSTEMTIME to time_t // Convert the SYSTEMTIME to time_t
time_t SystemToTime(SYSTEMTIME *st) time_64t SystemToTime(SYSTEMTIME *st)
{ {
struct tm t; struct tm t;
// Validate arguments // Validate arguments
@ -1764,7 +1874,7 @@ time_t SystemToTime(SYSTEMTIME *st)
} }
// Convert a 64-bit SYSTEMTIME to a time_t // Convert a 64-bit SYSTEMTIME to a time_t
time_t System64ToTime(UINT64 i) time_64t System64ToTime(UINT64 i)
{ {
SYSTEMTIME st; SYSTEMTIME st;
@ -1774,9 +1884,9 @@ time_t System64ToTime(UINT64 i)
} }
// Convert the tm to time_t // Convert the tm to time_t
time_t TmToTime(struct tm *t) time_64t TmToTime(struct tm *t)
{ {
time_t tmp; time_64t tmp;
// Validate arguments // Validate arguments
if (t == NULL) if (t == NULL)
{ {
@ -1784,7 +1894,7 @@ time_t TmToTime(struct tm *t)
} }
tmp = c_mkgmtime(t); tmp = c_mkgmtime(t);
if (tmp == (time_t)-1) if (tmp == (time_64t)-1)
{ {
return 0; return 0;
} }
@ -1792,42 +1902,22 @@ time_t TmToTime(struct tm *t)
} }
// Convert time_t to tm // Convert time_t to tm
void TimeToTm(struct tm *t, time_t time) void TimeToTm(struct tm *t, time_64t time)
{ {
struct tm *ret;
// Validate arguments // Validate arguments
if (t == NULL) if (t == NULL)
{ {
return; return;
} }
#ifndef OS_UNIX
ret = gmtime(&time);
#else // OS_UNIX
ret = malloc(sizeof(struct tm));
memset(ret, 0, sizeof(struct tm));
gmtime_r(&time, ret);
#endif // OS_UNIX
if (ret == NULL)
{
Zero(t, sizeof(struct tm)); Zero(t, sizeof(struct tm));
} c_gmtime_r(&time, t);
else
{
Copy(t, ret, sizeof(struct tm));
}
#ifdef OS_UNIX
free(ret);
#endif // OS_UNIX
} }
// Normalize the tm // Normalize the tm
void NormalizeTm(struct tm *t) void NormalizeTm(struct tm *t)
{ {
struct tm *ret; time_64t tmp;
time_t tmp;
// Validate arguments // Validate arguments
if (t == NULL) if (t == NULL)
{ {
@ -1835,31 +1925,12 @@ void NormalizeTm(struct tm *t)
} }
tmp = c_mkgmtime(t); tmp = c_mkgmtime(t);
if (tmp == (time_t)-1) if (tmp == (time_64t)-1)
{ {
return; return;
} }
#ifndef OS_UNIX c_gmtime_r(&tmp, t);
ret = gmtime(&tmp);
#else // OS_UNIX
ret = malloc(sizeof(struct tm));
memset(ret, 0, sizeof(struct tm));
gmtime_r(&tmp, ret);
#endif // OS_UNIX
if (ret == NULL)
{
Zero(t, sizeof(struct tm));
}
else
{
Copy(t, ret, sizeof(struct tm));
}
#ifdef OS_UNIX
free(ret);
#endif // OS_UNIX
} }
// Normalize the SYSTEMTIME // Normalize the SYSTEMTIME
@ -1934,10 +2005,19 @@ INT64 GetTimeDiffEx(SYSTEMTIME *basetime, bool local_time)
Copy(&snow, basetime, sizeof(SYSTEMTIME)); Copy(&snow, basetime, sizeof(SYSTEMTIME));
if (sizeof(time_t) == 4)
{
if (snow.wYear >= 2038)
{
// For old systems: avoid the 2038-year problem
snow.wYear = 2037;
}
}
SystemToTm(&now, &snow); SystemToTm(&now, &snow);
if (local_time == false) if (local_time == false)
{ {
tmp = c_mkgmtime(&now); tmp = (time_t)c_mkgmtime(&now);
} }
else else
{ {
@ -1965,54 +2045,12 @@ INT64 GetTimeDiffEx(SYSTEMTIME *basetime, bool local_time)
return ret; return ret;
} }
// Get the time difference between the local time and system time
INT64 GetTimeDiff()
{
time_t tmp;
struct tm t1, t2;
SYSTEMTIME snow;
struct tm now;
SYSTEMTIME s1, s2;
INT64 ret;
static INT64 cache = INFINITE;
if (cache != INFINITE)
{
// Returns the cache data after measured once
return cache;
}
SystemTime(&snow);
SystemToTm(&now, &snow);
tmp = c_mkgmtime(&now);
if (tmp == (time_t)-1)
{
return 0;
}
#ifndef OS_UNIX
Copy(&t1, localtime(&tmp), sizeof(struct tm));
Copy(&t2, gmtime(&tmp), sizeof(struct tm));
#else // OS_UNIX
localtime_r(&tmp, &t1);
gmtime_r(&tmp, &t2);
#endif // OS_UNIX
TmToSystem(&s1, &t1);
TmToSystem(&s2, &t2);
cache = ret = (INT)SystemToUINT64(&s1) - (INT)SystemToUINT64(&s2);
return ret;
}
// Convert UINT64 to the SYSTEMTIME // Convert UINT64 to the SYSTEMTIME
void UINT64ToSystem(SYSTEMTIME *st, UINT64 sec64) void UINT64ToSystem(SYSTEMTIME *st, UINT64 sec64)
{ {
UINT64 tmp64; UINT64 tmp64;
UINT sec, millisec; UINT sec, millisec;
time_t time; time_64t time;
// Validate arguments // Validate arguments
if (st == NULL) if (st == NULL)
{ {
@ -2023,7 +2061,7 @@ void UINT64ToSystem(SYSTEMTIME *st, UINT64 sec64)
tmp64 = sec64 / (UINT64)1000; tmp64 = sec64 / (UINT64)1000;
millisec = (UINT)(sec64 - tmp64 * (UINT64)1000); millisec = (UINT)(sec64 - tmp64 * (UINT64)1000);
sec = (UINT)tmp64; sec = (UINT)tmp64;
time = (time_t)sec; time = (time_64t)sec;
TimeToSystem(st, time); TimeToSystem(st, time);
st->wMilliseconds = (WORD)millisec; st->wMilliseconds = (WORD)millisec;
} }
@ -2032,7 +2070,7 @@ void UINT64ToSystem(SYSTEMTIME *st, UINT64 sec64)
UINT64 SystemToUINT64(SYSTEMTIME *st) UINT64 SystemToUINT64(SYSTEMTIME *st)
{ {
UINT64 sec64; UINT64 sec64;
time_t time; time_64t time;
// Validate arguments // Validate arguments
if (st == NULL) if (st == NULL)
{ {
@ -2091,7 +2129,7 @@ void SystemTime(SYSTEMTIME *st)
KS_INC(KS_GETTIME_COUNT); KS_INC(KS_GETTIME_COUNT);
} }
time_t c_mkgmtime(struct tm *tm) time_64t c_mkgmtime(struct tm *tm)
{ {
int years, months, days, hours, minutes, seconds; int years, months, days, hours, minutes, seconds;
@ -2142,7 +2180,7 @@ time_t c_mkgmtime(struct tm *tm)
tm->tm_isdst = 0; tm->tm_isdst = 0;
if (years < 1970) if (years < 1970)
return (time_t)-1; return (time_64t)-1;
#if (defined(TM_YEAR_MAX) && defined(TM_MON_MAX) && defined(TM_MDAY_MAX)) #if (defined(TM_YEAR_MAX) && defined(TM_MON_MAX) && defined(TM_MDAY_MAX))
#if (defined(TM_HOUR_MAX) && defined(TM_MIN_MAX) && defined(TM_SEC_MAX)) #if (defined(TM_HOUR_MAX) && defined(TM_MIN_MAX) && defined(TM_SEC_MAX))
@ -2156,11 +2194,11 @@ time_t c_mkgmtime(struct tm *tm)
(hours == TM_HOUR_MAX && (hours == TM_HOUR_MAX &&
(minutes > TM_MIN_MAX || (minutes > TM_MIN_MAX ||
(minutes == TM_MIN_MAX && seconds > TM_SEC_MAX) ))))))) (minutes == TM_MIN_MAX && seconds > TM_SEC_MAX) )))))))
return (time_t)-1; return (time_64t)-1;
#endif #endif
#endif #endif
return (time_t)(86400L * (unsigned long)(unsigned)days + return (time_64t)(86400L * (unsigned long)(unsigned)days +
3600L * (unsigned long)hours + 3600L * (unsigned long)hours +
(unsigned long)(60 * minutes + seconds)); (unsigned long)(60 * minutes + seconds));
} }

View File

@ -194,15 +194,16 @@ void FreeThreading();
void ThreadPoolProc(THREAD *t, void *param); void ThreadPoolProc(THREAD *t, void *param);
void SetThreadName(UINT thread_id, char *name, void *param); void SetThreadName(UINT thread_id, char *name, void *param);
time_t c_mkgmtime(struct tm *tm); struct tm * c_gmtime_r(const time_64t* timep, struct tm *tm);
time_t System64ToTime(UINT64 i); time_64t c_mkgmtime(struct tm *tm);
time_64t System64ToTime(UINT64 i);
void TmToSystem(SYSTEMTIME *st, struct tm *t); void TmToSystem(SYSTEMTIME *st, struct tm *t);
void SystemToTm(struct tm *t, SYSTEMTIME *st); void SystemToTm(struct tm *t, SYSTEMTIME *st);
void TimeToSystem(SYSTEMTIME *st, time_t t); void TimeToSystem(SYSTEMTIME *st, time_64t t);
UINT64 TimeToSystem64(time_t t); UINT64 TimeToSystem64(time_64t t);
time_t SystemToTime(SYSTEMTIME *st); time_64t SystemToTime(SYSTEMTIME *st);
time_t TmToTime(struct tm *t); time_64t TmToTime(struct tm *t);
void TimeToTm(struct tm *t, time_t time); void TimeToTm(struct tm *t, time_64t time);
void NormalizeTm(struct tm *t); void NormalizeTm(struct tm *t);
void NormalizeSystem(SYSTEMTIME *st); void NormalizeSystem(SYSTEMTIME *st);
void LocalToSystem(SYSTEMTIME *system, SYSTEMTIME *local); void LocalToSystem(SYSTEMTIME *system, SYSTEMTIME *local);

View File

@ -145,7 +145,7 @@ typedef struct x509_crl_st X509_CRL;
#define BUF_SIZE 512 #define BUF_SIZE 512
// Support Windows OS list // Support Windows OS list
#define SUPPORTED_WINDOWS_LIST "Windows 98 / 98 SE / ME / NT 4.0 SP6a / 2000 SP4 / XP SP2, SP3 / Vista SP1, SP2 / 7 SP1 / 8 / 8.1 / 10 / Server 2003 SP2 / Server 2008 SP1, SP2 / Hyper-V Server 2008 / Server 2008 R2 SP1 / Hyper-V Server 2008 R2 / Server 2012 / Hyper-V Server 2012 / Server 2012 R2 / Hyper-V Server 2012 R2" #define SUPPORTED_WINDOWS_LIST "Windows 98 / 98 SE / ME / NT 4.0 SP6a / 2000 SP4 / XP SP2, SP3 / Vista SP1, SP2 / 7 SP1 / 8 / 8.1 / 10 / Server 2003 SP2 / Server 2008 SP1, SP2 / Hyper-V Server 2008 / Server 2008 R2 SP1 / Hyper-V Server 2008 R2 / Server 2012 / Hyper-V Server 2012 / Server 2012 R2 / Hyper-V Server 2012 R2 / Server 2016"
// Infinite // Infinite
#ifndef WINDOWS_H #ifndef WINDOWS_H
@ -299,6 +299,8 @@ typedef signed char CHAR;
typedef unsigned long long UINT64; typedef unsigned long long UINT64;
typedef signed long long INT64; typedef signed long long INT64;
typedef signed long long time_64t;
#ifdef OS_UNIX #ifdef OS_UNIX
// Avoiding compile error // Avoiding compile error
#define __cdecl #define __cdecl
@ -523,6 +525,7 @@ typedef struct SAFE_BLOCK SAFE_BLOCK;
typedef struct SAFE_REQUEST_LOG SAFE_REQUEST_LOG; typedef struct SAFE_REQUEST_LOG SAFE_REQUEST_LOG;
typedef struct DYN_VALUE DYN_VALUE; typedef struct DYN_VALUE DYN_VALUE;
typedef struct RELAY_PARAMETER RELAY_PARAMETER; typedef struct RELAY_PARAMETER RELAY_PARAMETER;
typedef struct SSL_ACCEPT_SETTINGS SSL_ACCEPT_SETTINGS;
// Tick64.h // Tick64.h
typedef struct ADJUST_TIME ADJUST_TIME; typedef struct ADJUST_TIME ADJUST_TIME;

View File

@ -46,7 +46,7 @@
Name="VCCLCompilerTool" Name="VCCLCompilerTool"
Optimization="0" Optimization="0"
AdditionalIncludeDirectories="$(SolutionDir)Mayaqua\win32_inc;.;$(SolutionDir)" AdditionalIncludeDirectories="$(SolutionDir)Mayaqua\win32_inc;.;$(SolutionDir)"
PreprocessorDefinitions="WIN32;_DEBUG;_LIB;_USE_32BIT_TIME_T" PreprocessorDefinitions="WIN32;_DEBUG;_LIB"
MinimalRebuild="true" MinimalRebuild="true"
ExceptionHandling="0" ExceptionHandling="0"
BasicRuntimeChecks="3" BasicRuntimeChecks="3"
@ -188,7 +188,7 @@
EnableIntrinsicFunctions="false" EnableIntrinsicFunctions="false"
FavorSizeOrSpeed="0" FavorSizeOrSpeed="0"
AdditionalIncludeDirectories="$(SolutionDir)Mayaqua\win32_inc;.;$(SolutionDir)" AdditionalIncludeDirectories="$(SolutionDir)Mayaqua\win32_inc;.;$(SolutionDir)"
PreprocessorDefinitions="WIN32;NDEBUG;_LIB;_USE_32BIT_TIME_T;VPN_SPEED" PreprocessorDefinitions="WIN32;NDEBUG;_LIB;VPN_SPEED"
StringPooling="false" StringPooling="false"
ExceptionHandling="0" ExceptionHandling="0"
RuntimeLibrary="0" RuntimeLibrary="0"

View File

@ -204,6 +204,7 @@ static SERVICE_FUNCTION *g_start, *g_stop;
static bool exiting = false; static bool exiting = false;
static bool wnd_end; static bool wnd_end;
static bool is_usermode = false; static bool is_usermode = false;
static bool wts_is_locked_flag = false;
static HICON tray_icon; static HICON tray_icon;
static NOTIFYICONDATA nid; static NOTIFYICONDATA nid;
static NOTIFYICONDATAW nid_nt; static NOTIFYICONDATAW nid_nt;
@ -9194,6 +9195,11 @@ bool MsCloseWarningWindow(NO_WARNING *nw, UINT thread_id)
{ {
HWND hWnd; HWND hWnd;
if (nw->Halt)
{
break;
}
if (MsIsVista() == false) if (MsIsVista() == false)
{ {
hWnd = LIST_DATA(o, i); hWnd = LIST_DATA(o, i);
@ -12341,6 +12347,175 @@ bool MsIsPasswordEmpty(wchar_t *username)
return false; return false;
} }
// Determine if the workstation is locked by using WTS API
bool MsDetermineIsLockedByWtsApi()
{
return wts_is_locked_flag;
}
// IsLocked Window Proc
LRESULT CALLBACK MsIsLockedWindowHandlerWindowProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam)
{
MS_ISLOCKED *d = NULL;
CREATESTRUCT *cs;
// Validate arguments
if (hWnd == NULL)
{
return 0;
}
d = (MS_ISLOCKED *)GetWindowLongPtrA(hWnd, GWLP_USERDATA);
if (d == NULL && msg != WM_CREATE)
{
goto LABEL_END;
}
switch (msg)
{
case WM_CREATE:
cs = (CREATESTRUCT *)lParam;
d = (MS_ISLOCKED *)cs->lpCreateParams;
SetWindowLongPtrA(hWnd, GWLP_USERDATA, (LONG_PTR)d);
ms->nt->WTSRegisterSessionNotification(hWnd, NOTIFY_FOR_THIS_SESSION);
wts_is_locked_flag = false;
break;
case WM_WTSSESSION_CHANGE:
{
char tmp[MAX_SIZE];
GetDateTimeStr64(tmp, sizeof(tmp), LocalTime64());
switch (wParam)
{
case WTS_SESSION_LOCK:
Debug("%s: Enter Lock\n", tmp);
d->IsLockedFlag = true;
wts_is_locked_flag = true;
break;
case WTS_SESSION_UNLOCK:
Debug("%s: Enter Unlock\n", tmp);
d->IsLockedFlag = false;
wts_is_locked_flag = false;
break;
}
}
break;
case WM_DESTROY:
Debug("Unregister\n");
ms->nt->WTSUnRegisterSessionNotification(hWnd);
PostQuitMessage(0);
break;
}
LABEL_END:
return DefWindowProc(hWnd, msg, wParam, lParam);
}
// IsLocked thread proc
void MsIsLockedThreadProc(THREAD *thread, void *param)
{
MS_ISLOCKED *d = (MS_ISLOCKED *)param;
char wndclass_name[MAX_PATH];
WNDCLASS wc;
HWND hWnd;
MSG msg;
// Validate arguments
if (d == NULL || thread == NULL)
{
return;
}
Format(wndclass_name, sizeof(wndclass_name), "WNDCLASS_%X", Rand32());
Zero(&wc, sizeof(wc));
wc.hbrBackground = (HBRUSH)GetStockObject(WHITE_BRUSH);
wc.hCursor = LoadCursor(NULL, IDC_ARROW);
wc.hIcon = NULL;
wc.hInstance = ms->hInst;
wc.lpfnWndProc = MsIsLockedWindowHandlerWindowProc;
wc.lpszClassName = wndclass_name;
if (RegisterClassA(&wc) == 0)
{
NoticeThreadInit(thread);
return;
}
hWnd = CreateWindowA(wndclass_name, wndclass_name, WS_OVERLAPPEDWINDOW,
CW_USEDEFAULT, CW_USEDEFAULT, CW_USEDEFAULT, CW_USEDEFAULT,
NULL, NULL, ms->hInst, d);
d->hWnd = hWnd;
NoticeThreadInit(thread);
if (hWnd == NULL)
{
UnregisterClassA(wndclass_name, ms->hInst);
return;
}
while (GetMessage(&msg, NULL, 0, 0))
{
TranslateMessage(&msg);
DispatchMessage(&msg);
}
DestroyWindow(hWnd);
UnregisterClassA(wndclass_name, ms->hInst);
}
// Create new IsLocked thread
MS_ISLOCKED *MsNewIsLocked()
{
MS_ISLOCKED *d;
THREAD *t;
SleepThread(5000);
if (IsNt() == false || ms->nt->WTSRegisterSessionNotification == NULL ||
ms->nt->WTSUnRegisterSessionNotification == NULL)
{
return NULL;
}
d = ZeroMalloc(sizeof(MS_ISLOCKED));
t = NewThread(MsIsLockedThreadProc, d);
WaitThreadInit(t);
d->Thread = t;
return d;
}
// Stop and free the IsLocked thread
void MsFreeIsLocked(MS_ISLOCKED *d)
{
if (d == NULL)
{
return;
}
if (d->hWnd != NULL)
{
PostMessageA(d->hWnd, WM_CLOSE, 0, 0);
}
WaitThread(d->Thread, INFINITE);
ReleaseThread(d->Thread);
Free(d);
}
// Execution of shutdown (NT) // Execution of shutdown (NT)
bool MsShutdownEx(bool reboot, bool force, UINT time_limit, char *message) bool MsShutdownEx(bool reboot, bool force, UINT time_limit, char *message)
{ {
@ -12689,6 +12864,12 @@ NT_API *MsLoadNtApiFunctions()
nt->WTSEnumerateSessionsA = nt->WTSEnumerateSessionsA =
(BOOL (__stdcall *)(HANDLE,DWORD,DWORD,PWTS_SESSION_INFOA *,DWORD *)) (BOOL (__stdcall *)(HANDLE,DWORD,DWORD,PWTS_SESSION_INFOA *,DWORD *))
GetProcAddress(nt->hWtsApi32, "WTSEnumerateSessionsA"); GetProcAddress(nt->hWtsApi32, "WTSEnumerateSessionsA");
nt->WTSRegisterSessionNotification =
(BOOL (__stdcall *)(HWND,DWORD))
GetProcAddress(nt->hWtsApi32, "WTSRegisterSessionNotification");
nt->WTSUnRegisterSessionNotification =
(BOOL (__stdcall *)(HWND))
GetProcAddress(nt->hWtsApi32, "WTSUnRegisterSessionNotification");
} }
// Service related API // Service related API

View File

@ -431,6 +431,8 @@ typedef struct NT_API
void (WINAPI *WTSFreeMemory)(void *); void (WINAPI *WTSFreeMemory)(void *);
BOOL (WINAPI *WTSDisconnectSession)(HANDLE, DWORD, BOOL); BOOL (WINAPI *WTSDisconnectSession)(HANDLE, DWORD, BOOL);
BOOL (WINAPI *WTSEnumerateSessions)(HANDLE, DWORD, DWORD, PWTS_SESSION_INFO *, DWORD *); BOOL (WINAPI *WTSEnumerateSessions)(HANDLE, DWORD, DWORD, PWTS_SESSION_INFO *, DWORD *);
BOOL (WINAPI *WTSRegisterSessionNotification)(HWND, DWORD);
BOOL (WINAPI *WTSUnRegisterSessionNotification)(HWND);
SC_HANDLE (WINAPI *OpenSCManager)(LPCTSTR, LPCTSTR, DWORD); SC_HANDLE (WINAPI *OpenSCManager)(LPCTSTR, LPCTSTR, DWORD);
SC_HANDLE (WINAPI *CreateServiceA)(SC_HANDLE, LPCTSTR, LPCTSTR, DWORD, DWORD, DWORD, DWORD, LPCTSTR, LPCTSTR, LPDWORD, LPCTSTR, LPCTSTR, LPCTSTR); SC_HANDLE (WINAPI *CreateServiceA)(SC_HANDLE, LPCTSTR, LPCTSTR, DWORD, DWORD, DWORD, DWORD, LPCTSTR, LPCTSTR, LPDWORD, LPCTSTR, LPCTSTR, LPCTSTR);
SC_HANDLE (WINAPI *CreateServiceW)(SC_HANDLE, LPCWSTR, LPCWSTR, DWORD, DWORD, DWORD, DWORD, LPCWSTR, LPCWSTR, LPDWORD, LPCWSTR, LPCWSTR, LPCWSTR); SC_HANDLE (WINAPI *CreateServiceW)(SC_HANDLE, LPCWSTR, LPCWSTR, DWORD, DWORD, DWORD, DWORD, LPCWSTR, LPCWSTR, LPDWORD, LPCWSTR, LPCWSTR, LPCWSTR);
@ -590,6 +592,13 @@ typedef struct MS_ADAPTER_LIST
MS_ADAPTER **Adapters; // Content MS_ADAPTER **Adapters; // Content
} MS_ADAPTER_LIST; } MS_ADAPTER_LIST;
typedef struct MS_ISLOCKED
{
HWND hWnd;
THREAD *Thread;
volatile bool IsLockedFlag;
} MS_ISLOCKED;
// TCP setting // TCP setting
typedef struct MS_TCP typedef struct MS_TCP
{ {
@ -741,6 +750,14 @@ char *MsGetExeFileName();
char *MsGetExeDirName(); char *MsGetExeDirName();
wchar_t *MsGetExeDirNameW(); wchar_t *MsGetExeDirNameW();
void MsIsLockedThreadProc(THREAD *thread, void *param);
MS_ISLOCKED *MsNewIsLocked();
void MsFreeIsLocked(MS_ISLOCKED *d);
void MsStartIsLockedThread();
void MsStopIsLockedThread();
bool MsDetermineIsLockedByWtsApi();
bool MsShutdown(bool reboot, bool force); bool MsShutdown(bool reboot, bool force);
bool MsShutdownEx(bool reboot, bool force, UINT time_limit, char *message); bool MsShutdownEx(bool reboot, bool force, UINT time_limit, char *message);
bool MsCheckLogon(wchar_t *username, char *password); bool MsCheckLogon(wchar_t *username, char *password);

View File

@ -233,7 +233,7 @@ static COUNTER *getip_thread_counter = NULL;
static UINT max_getip_thread = 0; static UINT max_getip_thread = 0;
static char *cipher_list = "RC4-MD5 RC4-SHA AES128-SHA AES256-SHA DES-CBC-SHA DES-CBC3-SHA DHE-RSA-AES128-SHA DHE-RSA-AES256-SHA"; static char *cipher_list = "RC4-MD5 RC4-SHA AES128-SHA AES256-SHA DES-CBC-SHA DES-CBC3-SHA DHE-RSA-AES128-SHA DHE-RSA-AES256-SHA AES128-GCM-SHA256 AES128-SHA256 AES256-GCM-SHA384 AES256-SHA256 DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384";
static LIST *ip_clients = NULL; static LIST *ip_clients = NULL;
static LIST *local_mac_list = NULL; static LIST *local_mac_list = NULL;
@ -245,7 +245,7 @@ static UINT rand_port_numbers[256] = {0};
static bool g_use_privateip_file = false; static bool g_use_privateip_file = false;
static bool g_source_ip_validation_force_disable = false; static bool g_source_ip_validation_force_disable = false;
static DH_CTX *dh_1024 = NULL; static DH_CTX *dh_2048 = NULL;
typedef struct PRIVATE_IP_SUBNET typedef struct PRIVATE_IP_SUBNET
{ {
@ -5821,7 +5821,8 @@ SSL_PIPE *NewSslPipe(bool server_mode, X *x, K *k, DH_CTX *dh)
{ {
if (server_mode) if (server_mode)
{ {
SSL_CTX_set_ssl_version(ssl_ctx, TLSv1_server_method()); SSL_CTX_set_ssl_version(ssl_ctx, SSLv23_method());
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2);
AddChainSslCertOnDirectory(ssl_ctx); AddChainSslCertOnDirectory(ssl_ctx);
@ -5832,7 +5833,7 @@ SSL_PIPE *NewSslPipe(bool server_mode, X *x, K *k, DH_CTX *dh)
} }
else else
{ {
SSL_CTX_set_ssl_version(ssl_ctx, TLSv1_client_method()); SSL_CTX_set_ssl_version(ssl_ctx, SSLv23_client_method());
} }
//SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, cb_test); //SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, cb_test);
@ -9157,12 +9158,23 @@ void UnixSetSockEvent(SOCK_EVENT *event)
} }
} }
// This is a helper function for select()
int safe_fd_set(int fd, fd_set* fds, int* max_fd) {
FD_SET(fd, fds);
if (fd > *max_fd) {
*max_fd = fd;
}
return 0;
}
// Execute 'select' for the socket // Execute 'select' for the socket
void UnixSelectInner(UINT num_read, UINT *reads, UINT num_write, UINT *writes, UINT timeout) void UnixSelectInner(UINT num_read, UINT *reads, UINT num_write, UINT *writes, UINT timeout)
{ {
#ifdef UNIX_MACOS #ifdef UNIX_MACOS
int kq; fd_set rfds; //read descriptors
struct kevent *kevents; fd_set wfds; //write descriptors
int max_fd = 0; //maximum descriptor id
struct timeval tv; //timeval for timeout
#else // UNIX_MACOS #else // UNIX_MACOS
struct pollfd *p; struct pollfd *p;
#endif // UNIX_MACOS #endif // UNIX_MACOS
@ -9203,8 +9215,8 @@ void UnixSelectInner(UINT num_read, UINT *reads, UINT num_write, UINT *writes, U
num = num_read_total + num_write_total; num = num_read_total + num_write_total;
#ifdef UNIX_MACOS #ifdef UNIX_MACOS
kq = kqueue(); FD_ZERO(&rfds); //zero out descriptor set for read descriptors
kevents = ZeroMallocFast(sizeof(struct kevent) * (num + num_write_total)); FD_ZERO(&wfds); //same for write
#else // UNIX_MACOS #else // UNIX_MACOS
p = ZeroMallocFast(sizeof(struct pollfd) * num); p = ZeroMallocFast(sizeof(struct pollfd) * num);
#endif // UNIX_MACOS #endif // UNIX_MACOS
@ -9216,7 +9228,7 @@ void UnixSelectInner(UINT num_read, UINT *reads, UINT num_write, UINT *writes, U
if (reads[i] != INVALID_SOCKET) if (reads[i] != INVALID_SOCKET)
{ {
#ifdef UNIX_MACOS #ifdef UNIX_MACOS
EV_SET(&kevents[n++], reads[i], EVFILT_READ, EV_ADD, 0, 0, NULL); safe_fd_set(reads[i], &rfds, &max_fd);
#else // UNIX_MACOS #else // UNIX_MACOS
struct pollfd *pfd = &p[n++]; struct pollfd *pfd = &p[n++];
pfd->fd = reads[i]; pfd->fd = reads[i];
@ -9230,8 +9242,7 @@ void UnixSelectInner(UINT num_read, UINT *reads, UINT num_write, UINT *writes, U
if (writes[i] != INVALID_SOCKET) if (writes[i] != INVALID_SOCKET)
{ {
#ifdef UNIX_MACOS #ifdef UNIX_MACOS
EV_SET(&kevents[n++], reads[i], EVFILT_READ, EV_ADD, 0, 0, NULL); safe_fd_set(writes[i], &wfds, &max_fd);
EV_SET(&kevents[n++], reads[i], EVFILT_WRITE, EV_ADD, 0, 0, NULL);
#else // UNIX_MACOS #else // UNIX_MACOS
struct pollfd *pfd = &p[n++]; struct pollfd *pfd = &p[n++];
pfd->fd = writes[i]; pfd->fd = writes[i];
@ -9243,15 +9254,14 @@ void UnixSelectInner(UINT num_read, UINT *reads, UINT num_write, UINT *writes, U
if (num != 0) if (num != 0)
{ {
#ifdef UNIX_MACOS #ifdef UNIX_MACOS
struct timespec kevent_timeout, *p_kevent_timeout;
if (timeout == INFINITE) { if (timeout == INFINITE) {
p_kevent_timeout = NULL; tv.tv_sec = 0;
tv.tv_usec = 0;
} else { } else {
kevent_timeout.tv_sec = timeout / 1000; tv.tv_sec = timeout / 1000;
kevent_timeout.tv_nsec = (timeout % 1000) * 1000000l; tv.tv_usec = (timeout % 1000) * 1000l;
p_kevent_timeout = &kevent_timeout;
} }
kevent(kq, kevents, n, kevents, n, p_kevent_timeout); select(max_fd + 1, &rfds, &wfds, NULL, &tv);
#else // UNIX_MACOS #else // UNIX_MACOS
poll(p, num, timeout == INFINITE ? -1 : (int)timeout); poll(p, num, timeout == INFINITE ? -1 : (int)timeout);
#endif // UNIX_MACOS #endif // UNIX_MACOS
@ -9261,12 +9271,9 @@ void UnixSelectInner(UINT num_read, UINT *reads, UINT num_write, UINT *writes, U
SleepThread(timeout); SleepThread(timeout);
} }
#ifdef UNIX_MACOS #ifndef UNIX_MACOS
Free(kevents);
close(kq);
#else // UNIX_MACOS
Free(p); Free(p);
#endif // UNIX_MACOS #endif // not UNIX_MACOS
} }
// Clean-up of the socket event // Clean-up of the socket event
@ -12764,7 +12771,7 @@ bool SendAll(SOCK *sock, void *data, UINT size, bool secure)
// Set the cipher algorithm name to want to use // Set the cipher algorithm name to want to use
void SetWantToUseCipher(SOCK *sock, char *name) void SetWantToUseCipher(SOCK *sock, char *name)
{ {
char tmp[254]; char tmp[1024];
// Validate arguments // Validate arguments
if (sock == NULL || name == NULL) if (sock == NULL || name == NULL)
{ {
@ -12904,7 +12911,7 @@ bool AddChainSslCert(struct ssl_ctx_st *ctx, X *x)
// Start a TCP-SSL communication // Start a TCP-SSL communication
bool StartSSL(SOCK *sock, X *x, K *priv) bool StartSSL(SOCK *sock, X *x, K *priv)
{ {
return StartSSLEx(sock, x, priv, false, 0, NULL); return StartSSLEx(sock, x, priv, true, 0, NULL);
} }
bool StartSSLEx(SOCK *sock, X *x, K *priv, bool client_tls, UINT ssl_timeout, char *sni_hostname) bool StartSSLEx(SOCK *sock, X *x, K *priv, bool client_tls, UINT ssl_timeout, char *sni_hostname)
{ {
@ -12965,14 +12972,39 @@ bool StartSSLEx(SOCK *sock, X *x, K *priv, bool client_tls, UINT ssl_timeout, ch
Lock(openssl_lock); Lock(openssl_lock);
{ {
if (sock->ServerMode) if (sock->ServerMode)
{
if (sock->AcceptOnlyTls == false)
{ {
SSL_CTX_set_ssl_version(ssl_ctx, SSLv23_method()); SSL_CTX_set_ssl_version(ssl_ctx, SSLv23_method());
}
else #ifdef SSL_OP_NO_SSLv2
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2);
#endif // SSL_OP_NO_SSLv2
if (sock->SslAcceptSettings.AcceptOnlyTls)
{ {
SSL_CTX_set_ssl_version(ssl_ctx, TLSv1_method()); #ifdef SSL_OP_NO_SSLv3
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv3);
#endif // SSL_OP_NO_SSLv3
}
if (sock->SslAcceptSettings.Tls_Disable1_0)
{
#ifdef SSL_OP_NO_TLSv1
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TLSv1);
#endif // SSL_OP_NO_TLSv1
}
if (sock->SslAcceptSettings.Tls_Disable1_1)
{
#ifdef SSL_OP_NO_TLSv1_1
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TLSv1_1);
#endif // SSL_OP_NO_TLSv1_1
}
if (sock->SslAcceptSettings.Tls_Disable1_2)
{
#ifdef SSL_OP_NO_TLSv1_2
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TLSv1_2);
#endif // SSL_OP_NO_TLSv1_2
} }
Unlock(openssl_lock); Unlock(openssl_lock);
@ -12987,7 +13019,7 @@ bool StartSSLEx(SOCK *sock, X *x, K *priv, bool client_tls, UINT ssl_timeout, ch
} }
else else
{ {
SSL_CTX_set_ssl_version(ssl_ctx, TLSv1_client_method()); SSL_CTX_set_ssl_version(ssl_ctx, SSLv23_client_method());
} }
} }
sock->ssl = SSL_new(ssl_ctx); sock->ssl = SSL_new(ssl_ctx);
@ -13003,6 +13035,7 @@ bool StartSSLEx(SOCK *sock, X *x, K *priv, bool client_tls, UINT ssl_timeout, ch
} }
} }
#endif // SSL_CTRL_SET_TLSEXT_HOSTNAME #endif // SSL_CTRL_SET_TLSEXT_HOSTNAME
} }
Unlock(openssl_lock); Unlock(openssl_lock);
@ -13188,6 +13221,8 @@ bool StartSSLEx(SOCK *sock, X *x, K *priv, bool client_tls, UINT ssl_timeout, ch
return true; return true;
} }
#ifdef ENABLE_SSL_LOGGING #ifdef ENABLE_SSL_LOGGING
// Enable SSL logging // Enable SSL logging
@ -13820,6 +13855,10 @@ void DisableGetHostNameWhenAcceptInit()
// Initialize the connection acceptance // Initialize the connection acceptance
void AcceptInit(SOCK *s) void AcceptInit(SOCK *s)
{
AcceptInitEx(s, false);
}
void AcceptInitEx(SOCK *s, bool no_lookup_hostname)
{ {
char tmp[MAX_SIZE]; char tmp[MAX_SIZE];
// Validate arguments // Validate arguments
@ -13830,7 +13869,7 @@ void AcceptInit(SOCK *s)
Zero(tmp, sizeof(tmp)); Zero(tmp, sizeof(tmp));
if (disable_gethostname_by_accept == false) if (disable_gethostname_by_accept == false && no_lookup_hostname == false)
{ {
if (GetHostName(tmp, sizeof(tmp), &s->RemoteIP) == false || if (GetHostName(tmp, sizeof(tmp), &s->RemoteIP) == false ||
IsEmptyStr(tmp)) IsEmptyStr(tmp))
@ -17742,9 +17781,9 @@ DH *TmpDhCallback(SSL *ssl, int is_export, int keylength)
{ {
DH *ret = NULL; DH *ret = NULL;
if (dh_1024 != NULL) if (dh_2048 != NULL)
{ {
ret = dh_1024->dh; ret = dh_2048->dh;
} }
return ret; return ret;
@ -17768,6 +17807,10 @@ struct ssl_ctx_st *NewSSLCtx(bool server_mode)
SSL_CTX_set_tmp_dh_callback(ctx, TmpDhCallback); SSL_CTX_set_tmp_dh_callback(ctx, TmpDhCallback);
#ifdef SSL_CTX_set_ecdh_auto
SSL_CTX_set_ecdh_auto(ctx, 1);
#endif // SSL_CTX_set_ecdh_auto
return ctx; return ctx;
} }
@ -17861,7 +17904,7 @@ void InitNetwork()
disable_cache = false; disable_cache = false;
dh_1024 = DhNewGroup2(); dh_2048 = DhNew2048();
Zero(rand_port_numbers, sizeof(rand_port_numbers)); Zero(rand_port_numbers, sizeof(rand_port_numbers));
@ -18295,10 +18338,10 @@ void SetCurrentGlobalIP(IP *ip, bool ipv6)
void FreeNetwork() void FreeNetwork()
{ {
if (dh_1024 != NULL) if (dh_2048 != NULL)
{ {
DhFree(dh_1024); DhFree(dh_2048);
dh_1024 = NULL; dh_2048 = NULL;
} }
// Release of thread-related // Release of thread-related
@ -22663,7 +22706,14 @@ bool GetSniNameFromSslPacket(UCHAR *packet_buf, UINT packet_size, char *sni, UIN
USHORT handshake_length; USHORT handshake_length;
// Validate arguments // Validate arguments
if (packet_buf == NULL || packet_size == 0) if (packet_buf == NULL || packet_size <= 11)
{
return false;
}
if (!(packet_buf[0] == 0x16 && packet_buf[1] >= 0x03 &&
packet_buf[5] == 0x01 && packet_buf[6] == 0x00 &&
packet_buf[9] >= 0x03))
{ {
return false; return false;
} }
@ -22677,7 +22727,7 @@ bool GetSniNameFromSslPacket(UCHAR *packet_buf, UINT packet_size, char *sni, UIN
version = Endian16(version); version = Endian16(version);
handshake_length = Endian16(handshake_length); handshake_length = Endian16(handshake_length);
if (version >= 0x0301) if (content_type == 0x16 && version >= 0x0301)
{ {
UCHAR *handshake_data = Malloc(handshake_length); UCHAR *handshake_data = Malloc(handshake_length);
@ -22793,11 +22843,14 @@ bool GetSniNameFromSslPacket(UCHAR *packet_buf, UINT packet_size, char *sni, UIN
name_buf = ZeroMalloc(name_len + 1); name_buf = ZeroMalloc(name_len + 1);
if (ReadBuf(dbuf, name_buf, name_len) == name_len) if (ReadBuf(dbuf, name_buf, name_len) == name_len)
{
if (StrLen(name_buf) >= 1)
{ {
ret = true; ret = true;
StrCpy(sni, sni_size, name_buf); StrCpy(sni, sni_size, name_buf);
} }
}
Free(name_buf); Free(name_buf);
} }

View File

@ -246,6 +246,15 @@ struct SOCK_EVENT
#define SOCK_RUDP_LISTEN 5 #define SOCK_RUDP_LISTEN 5
#define SOCK_REVERSE_LISTEN 6 #define SOCK_REVERSE_LISTEN 6
// SSL Accept Settings
struct SSL_ACCEPT_SETTINGS
{
bool AcceptOnlyTls;
bool Tls_Disable1_0;
bool Tls_Disable1_1;
bool Tls_Disable1_2;
};
// Socket // Socket
struct SOCK struct SOCK
{ {
@ -312,7 +321,7 @@ struct SOCK
IP Reverse_MyServerGlobalIp; // Self global IP address when using the reverse socket IP Reverse_MyServerGlobalIp; // Self global IP address when using the reverse socket
UINT Reverse_MyServerPort; // Self port number when using the reverse socket UINT Reverse_MyServerPort; // Self port number when using the reverse socket
UCHAR Ssl_Init_Async_SendAlert[2]; // Initial state of SSL send_alert UCHAR Ssl_Init_Async_SendAlert[2]; // Initial state of SSL send_alert
bool AcceptOnlyTls; // Accept only TLS (disable SSLv3) SSL_ACCEPT_SETTINGS SslAcceptSettings; // SSL Accept Settings
bool RawIP_HeaderIncludeFlag; bool RawIP_HeaderIncludeFlag;
#ifdef ENABLE_SSL_LOGGING #ifdef ENABLE_SSL_LOGGING
@ -1368,6 +1377,7 @@ bool GetDomainName(char *name, UINT size);
bool UnixGetDomainName(char *name, UINT size); bool UnixGetDomainName(char *name, UINT size);
void RenewDhcp(); void RenewDhcp();
void AcceptInit(SOCK *s); void AcceptInit(SOCK *s);
void AcceptInitEx(SOCK *s, bool no_lookup_hostname);
void DisableGetHostNameWhenAcceptInit(); void DisableGetHostNameWhenAcceptInit();
bool CheckCipherListName(char *name); bool CheckCipherListName(char *name);
TOKEN_LIST *GetCipherList(); TOKEN_LIST *GetCipherList();

View File

@ -424,12 +424,18 @@ bool SignSecByObject(SECURE *sec, SEC_OBJ *obj, void *dst, void *src, UINT size)
// Perform Signing // Perform Signing
size = 128; size = 128;
// First try with 1024 bit
ret = sec->Api->C_Sign(sec->SessionId, hash, sizeof(hash), dst, &size); ret = sec->Api->C_Sign(sec->SessionId, hash, sizeof(hash), dst, &size);
if (ret != CKR_OK || size != 128) if (ret != CKR_OK && 128 < size && size <= 4096/8)
{
// Retry with expanded bits
ret = sec->Api->C_Sign(sec->SessionId, hash, sizeof(hash), dst, &size);
}
if (ret != CKR_OK || size == 0 || size > 4096/8)
{ {
// Failure // Failure
sec->Error = SEC_ERROR_HARDWARE_ERROR; sec->Error = SEC_ERROR_HARDWARE_ERROR;
Debug("C_Sign Error: 0x%x\n", ret); Debug("C_Sign Error: 0x%x size:%d\n", ret, size);
return false; return false;
} }
@ -782,6 +788,11 @@ bool WriteSecCert(SECURE *sec, bool private_obj, char *name, X *x)
b_private_obj = false; b_private_obj = false;
} }
// CryptoID PKCS#11 requires CKA_ID attiribute instead of CKA_LABEL.
if(sec->Dev->Id == 22) {
a[7].type = CKA_ID;
}
// Remove objects which have the same name // Remove objects which have the same name
if (CheckSecObject(sec, name, SEC_X)) if (CheckSecObject(sec, name, SEC_X))
{ {
@ -2007,7 +2018,7 @@ void TestSecMain(SECURE *sec)
} }
Print("Generating Key...\n"); Print("Generating Key...\n");
if (RsaGen(&private_key, &public_key, 1024) == false) if (RsaGen(&private_key, &public_key, 2048) == false)
{ {
Print("RsaGen() Failed.\n"); Print("RsaGen() Failed.\n");
} }
@ -2077,9 +2088,10 @@ void TestSecMain(SECURE *sec)
} }
else else
{ {
UCHAR sign_cpu[128]; UCHAR sign_cpu[512];
UCHAR sign_sec[128]; UCHAR sign_sec[512];
K *pub = GetKFromX(cert); K *pub = GetKFromX(cert);
UINT keybtytes = (cert->bits)/8;
Print("Ok.\n"); Print("Ok.\n");
Print("Signing Data by CPU...\n"); Print("Signing Data by CPU...\n");
if (RsaSign(sign_cpu, test_str, StrLen(test_str), private_key) == false) if (RsaSign(sign_cpu, test_str, StrLen(test_str), private_key) == false)
@ -2090,7 +2102,7 @@ void TestSecMain(SECURE *sec)
{ {
Print("Ok.\n"); Print("Ok.\n");
Print("sign_cpu: "); Print("sign_cpu: ");
PrintBin(sign_cpu, sizeof(sign_cpu)); PrintBin(sign_cpu, keybtytes);
Print("Signing Data by %s..\n", sec->Dev->DeviceName); Print("Signing Data by %s..\n", sec->Dev->DeviceName);
if (SignSec(sec, "test_key", sign_sec, test_str, StrLen(test_str)) == false) if (SignSec(sec, "test_key", sign_sec, test_str, StrLen(test_str)) == false)
{ {
@ -2100,14 +2112,14 @@ void TestSecMain(SECURE *sec)
{ {
Print("Ok.\n"); Print("Ok.\n");
Print("sign_sec: "); Print("sign_sec: ");
PrintBin(sign_sec, sizeof(sign_sec)); PrintBin(sign_sec, keybtytes);
Print("Compare..."); Print("Compare...");
if (Cmp(sign_sec, sign_cpu, sizeof(sign_cpu)) == 0) if (Cmp(sign_sec, sign_cpu, keybtytes) == 0)
{ {
Print("Ok.\n"); Print("Ok.\n");
Print("Verify..."); Print("Verify...");
if (RsaVerify(test_str, StrLen(test_str), if (RsaVerifyEx(test_str, StrLen(test_str),
sign_sec, pub) == false) sign_sec, pub, cert->bits) == false)
{ {
Print("[FAILED]\n"); Print("[FAILED]\n");
} }

View File

@ -307,7 +307,8 @@ SECURE_DEVICE SupportedList[] =
{18, SECURE_IC_CARD, "Gemalto .NET", "Gemalto", "gtop11dotnet.dll"}, {18, SECURE_IC_CARD, "Gemalto .NET", "Gemalto", "gtop11dotnet.dll"},
{19, SECURE_IC_CARD, "Gemalto .NET 64bit", "Gemalto", "gtop11dotnet64.dll"}, {19, SECURE_IC_CARD, "Gemalto .NET 64bit", "Gemalto", "gtop11dotnet64.dll"},
{20, SECURE_USB_TOKEN, "ePass 2003", "Feitian Technologies", "eps2003csp11.dll"}, {20, SECURE_USB_TOKEN, "ePass 2003", "Feitian Technologies", "eps2003csp11.dll"},
{20, SECURE_USB_TOKEN, "ePass 1000ND/2000/3000", "Feitian Technologies", "ngp11v211.dll"}, {21, SECURE_USB_TOKEN, "ePass 1000ND/2000/3000", "Feitian Technologies", "ngp11v211.dll"},
{22, SECURE_USB_TOKEN, "CryptoID", "Longmai Technology", "cryptoida_pkcs11.dll"},
}; };
#ifdef OS_WIN32 #ifdef OS_WIN32

View File

@ -1829,20 +1829,27 @@ PKT *ParsePacketEx4(UCHAR *buf, UINT size, bool no_l3, UINT vlan_type_id, bool b
{ {
USHORT port_raw = Endian16(80); USHORT port_raw = Endian16(80);
USHORT port_raw2 = Endian16(8080); USHORT port_raw2 = Endian16(8080);
USHORT port_raw3 = Endian16(443);
// Analyze if the packet is a part of HTTP // Analyze if the packet is a part of HTTP
if ((p->TypeL3 == L3_IPV4 || p->TypeL3 == L3_IPV6) && p->TypeL4 == L4_TCP) if ((p->TypeL3 == L3_IPV4 || p->TypeL3 == L3_IPV6) && p->TypeL4 == L4_TCP)
{ {
TCP_HEADER *tcp = p->L4.TCPHeader; TCP_HEADER *tcp = p->L4.TCPHeader;
if (tcp->DstPort == port_raw || tcp->DstPort == port_raw2) if (tcp != NULL && (tcp->DstPort == port_raw || tcp->DstPort == port_raw2) &&
{ (!((tcp->Flag & TCP_SYN) || (tcp->Flag & TCP_RST) || (tcp->Flag & TCP_FIN))))
if (tcp != NULL && (!((tcp->Flag & TCP_SYN) || (tcp->Flag & TCP_RST) || (tcp->Flag & TCP_FIN))))
{ {
if (p->PayloadSize >= 1) if (p->PayloadSize >= 1)
{ {
p->HttpLog = ParseHttpAccessLog(p); p->HttpLog = ParseHttpAccessLog(p);
} }
} }
if (tcp != NULL && tcp->DstPort == port_raw3 &&
(!((tcp->Flag & TCP_SYN) || (tcp->Flag & TCP_RST) || (tcp->Flag & TCP_FIN))))
{
if (p->PayloadSize >= 1)
{
p->HttpLog = ParseHttpsAccessLog(p);
}
} }
} }
} }
@ -2014,6 +2021,33 @@ void CorrectChecksum(PKT *p)
} }
// Parse the HTTPS access log
HTTPLOG *ParseHttpsAccessLog(PKT *pkt)
{
HTTPLOG h;
char sni[MAX_PATH];
// Validate arguments
if (pkt == NULL)
{
return NULL;
}
if (GetSniNameFromSslPacket(pkt->Payload, pkt->PayloadSize, sni, sizeof(sni)) == false)
{
return NULL;
}
Zero(&h, sizeof(h));
StrCpy(h.Method, sizeof(h.Method), "SSL_Connect");
StrCpy(h.Hostname, sizeof(h.Hostname), sni);
h.Port = Endian16(pkt->L4.TCPHeader->DstPort);
StrCpy(h.Path, sizeof(h.Path), "/");
h.IsSsl = true;
return Clone(&h, sizeof(h));
}
// Parse the HTTP access log // Parse the HTTP access log
HTTPLOG *ParseHttpAccessLog(PKT *pkt) HTTPLOG *ParseHttpAccessLog(PKT *pkt)
{ {

View File

@ -623,6 +623,7 @@ struct ICMPV6_HEADER_INFO
#define DHCP_ID_CLIENT_ID 0x3d #define DHCP_ID_CLIENT_ID 0x3d
#define DHCP_ID_VENDOR_ID 0x3c #define DHCP_ID_VENDOR_ID 0x3c
#define DHCP_ID_REQ_PARAM_LIST 0x37 #define DHCP_ID_REQ_PARAM_LIST 0x37
#define DHCP_ID_USER_CLASS 0x4d
#define DHCP_ID_CLASSLESS_ROUTE 0x79 #define DHCP_ID_CLASSLESS_ROUTE 0x79
#define DHCP_ID_MS_CLASSLESS_ROUTE 0xF9 #define DHCP_ID_MS_CLASSLESS_ROUTE 0xF9
#define DHCP_ID_PRIVATE 0xFA #define DHCP_ID_PRIVATE 0xFA
@ -650,6 +651,7 @@ struct HTTPLOG
char Protocol[64]; // Protocol char Protocol[64]; // Protocol
char UserAgent[MAX_SIZE]; // User Agent value char UserAgent[MAX_SIZE]; // User Agent value
char Referer[MAX_SIZE]; // Referer char Referer[MAX_SIZE]; // Referer
bool IsSsl; // Is SSL
}; };
// Packet // Packet
@ -794,6 +796,8 @@ struct DHCP_CLASSLESS_ROUTE_TABLE
DHCP_CLASSLESS_ROUTE Entries[MAX_DHCP_CLASSLESS_ROUTE_ENTRIES]; // Entries DHCP_CLASSLESS_ROUTE Entries[MAX_DHCP_CLASSLESS_ROUTE_ENTRIES]; // Entries
}; };
#define MAX_USER_CLASS_LEN 255
// DHCP option list // DHCP option list
struct DHCP_OPTION_LIST struct DHCP_OPTION_LIST
{ {
@ -803,6 +807,10 @@ struct DHCP_OPTION_LIST
// Client request // Client request
UINT RequestedIp; // Requested IP address UINT RequestedIp; // Requested IP address
char Hostname[MAX_HOST_NAME_LEN + 1]; // Host name char Hostname[MAX_HOST_NAME_LEN + 1]; // Host name
char UserClass[MAX_USER_CLASS_LEN + 1]; // User class
// RFC3003 defines that User Class option is array of text strings,
// but the most popular DHCP clients and servers,
// i.e. ISC DHCP and Microsoft DHCP Server, consider it a text string
// Server response // Server response
UINT ClientAddress; // Client address UINT ClientAddress; // Client address
@ -912,6 +920,7 @@ void FreeDhcpOptions(LIST *o);
LIST *ParseDhcpOptions(void *data, UINT size); LIST *ParseDhcpOptions(void *data, UINT size);
BUF *BuildDhcpOptionsBuf(LIST *o); BUF *BuildDhcpOptionsBuf(LIST *o);
HTTPLOG *ParseHttpAccessLog(PKT *pkt); HTTPLOG *ParseHttpAccessLog(PKT *pkt);
HTTPLOG *ParseHttpsAccessLog(PKT *pkt);
BUF *DhcpModify(DHCP_MODIFY_OPTION *m, void *data, UINT size); BUF *DhcpModify(DHCP_MODIFY_OPTION *m, void *data, UINT size);
BUF *DhcpModifyIPv4(DHCP_MODIFY_OPTION *m, void *data, UINT size); BUF *DhcpModifyIPv4(DHCP_MODIFY_OPTION *m, void *data, UINT size);

View File

@ -2031,6 +2031,7 @@ void UnixInc32(UINT *value)
void UnixGetSystemTime(SYSTEMTIME *system_time) void UnixGetSystemTime(SYSTEMTIME *system_time)
{ {
time_t now = 0; time_t now = 0;
time_64t now2 = 0;
struct tm tm; struct tm tm;
struct timeval tv; struct timeval tv;
struct timezone tz; struct timezone tz;
@ -2048,7 +2049,16 @@ void UnixGetSystemTime(SYSTEMTIME *system_time)
time(&now); time(&now);
gmtime_r(&now, &tm); if (sizeof(time_t) == 4)
{
now2 = (time_64t)((UINT64)((UINT32)now));
}
else
{
now2 = now;
}
c_gmtime_r(&now2, &tm);
TmToSystem(system_time, &tm); TmToSystem(system_time, &tm);
@ -2087,7 +2097,7 @@ UINT64 UnixGetTick64()
#endif // CLOCK_MONOTONIC #endif // CLOCK_MONOTONIC
#endif // CLOCK_HIGHRES #endif // CLOCK_HIGHRES
ret = (UINT64)t.tv_sec * 1000LL + (UINT64)t.tv_nsec / 1000000LL; ret = ((UINT64)((UINT32)t.tv_sec)) * 1000LL + (UINT64)t.tv_nsec / 1000000LL;
if (akirame == false && ret == 0) if (akirame == false && ret == 0)
{ {
@ -2106,7 +2116,7 @@ UINT64 UnixGetTick64()
host_get_clock_service(mach_host_self(), SYSTEM_CLOCK, &clock_serv); host_get_clock_service(mach_host_self(), SYSTEM_CLOCK, &clock_serv);
} }
clock_get_time(clock_serv, &t); clock_get_time(clock_serv, &t);
ret = (UINT64)t.tv_sec * 1000LL + (UINT64)t.tv_nsec / 1000000LL; ret = ((UINT64)((UINT32)t.tv_sec)) * 1000LL + (UINT64)t.tv_nsec / 1000000LL;
return ret; return ret;
#else #else
return TickRealtimeManual(); return TickRealtimeManual();

View File

@ -1,4 +1,4 @@
/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */ /* crypto/aes/aes.h */
/* ==================================================================== /* ====================================================================
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
* *

View File

@ -291,7 +291,7 @@ void BIO_clear_flags(BIO *b, int flags);
* BIO_CB_RETURN flag indicates if it is after the call * BIO_CB_RETURN flag indicates if it is after the call
*/ */
# define BIO_CB_RETURN 0x80 # define BIO_CB_RETURN 0x80
# define BIO_CB_return(a) ((a)|BIO_CB_RETURN)) # define BIO_CB_return(a) ((a)|BIO_CB_RETURN)
# define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN)) # define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN))
# define BIO_cb_post(a) ((a)&BIO_CB_RETURN) # define BIO_cb_post(a) ((a)&BIO_CB_RETURN)
@ -479,11 +479,11 @@ struct bio_dgram_sctp_prinfo {
# define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0) # define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
# define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1) # define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
# define BIO_get_conn_ip(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2) # define BIO_get_conn_ip(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2)
# define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3,0) # define BIO_get_conn_int_port(b) BIO_ctrl(b,BIO_C_GET_CONNECT,3,NULL)
# define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) # define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
/* BIO_s_accept_socket() */ /* BIO_s_accept() */
# define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name) # define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
# define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0) # define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0)
/* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */ /* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
@ -496,6 +496,7 @@ struct bio_dgram_sctp_prinfo {
# define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL) # define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
# define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL) # define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
/* BIO_s_accept() and BIO_s_connect() */
# define BIO_do_connect(b) BIO_do_handshake(b) # define BIO_do_connect(b) BIO_do_handshake(b)
# define BIO_do_accept(b) BIO_do_handshake(b) # define BIO_do_accept(b) BIO_do_handshake(b)
# define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL) # define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
@ -515,12 +516,15 @@ struct bio_dgram_sctp_prinfo {
# define BIO_get_url(b,url) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url)) # define BIO_get_url(b,url) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url))
# define BIO_get_no_connect_return(b) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL) # define BIO_get_no_connect_return(b) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL)
/* BIO_s_datagram(), BIO_s_fd(), BIO_s_socket(), BIO_s_accept() and BIO_s_connect() */
# define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd) # define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
# define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c) # define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
/* BIO_s_file() */
# define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp) # define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp)
# define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp) # define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp)
/* BIO_s_fd() and BIO_s_file() */
# define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL) # define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL)
# define BIO_tell(b) (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL) # define BIO_tell(b) (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL)
@ -555,11 +559,11 @@ int BIO_read_filename(BIO *b, const char *name);
# define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp) # define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
# define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL) # define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
# define BIO_set_ssl_renegotiate_bytes(b,num) \ # define BIO_set_ssl_renegotiate_bytes(b,num) \
BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL); BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL)
# define BIO_get_num_renegotiates(b) \ # define BIO_get_num_renegotiates(b) \
BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL); BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL)
# define BIO_set_ssl_renegotiate_timeout(b,seconds) \ # define BIO_set_ssl_renegotiate_timeout(b,seconds) \
BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL); BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL)
/* defined in evp.h */ /* defined in evp.h */
/* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */ /* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */
@ -685,7 +689,7 @@ long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
long argl, long ret); long argl, long ret);
BIO_METHOD *BIO_s_mem(void); BIO_METHOD *BIO_s_mem(void);
BIO *BIO_new_mem_buf(void *buf, int len); BIO *BIO_new_mem_buf(const void *buf, int len);
BIO_METHOD *BIO_s_socket(void); BIO_METHOD *BIO_s_socket(void);
BIO_METHOD *BIO_s_connect(void); BIO_METHOD *BIO_s_connect(void);
BIO_METHOD *BIO_s_accept(void); BIO_METHOD *BIO_s_accept(void);

View File

@ -125,6 +125,7 @@
#ifndef HEADER_BN_H #ifndef HEADER_BN_H
# define HEADER_BN_H # define HEADER_BN_H
# include <limits.h>
# include <openssl/e_os2.h> # include <openssl/e_os2.h>
# ifndef OPENSSL_NO_FP_API # ifndef OPENSSL_NO_FP_API
# include <stdio.h> /* FILE */ # include <stdio.h> /* FILE */
@ -721,8 +722,17 @@ const BIGNUM *BN_get0_nist_prime_521(void);
/* library internal functions */ /* library internal functions */
# define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\ # define bn_expand(a,bits) \
(a):bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2)) ( \
bits > (INT_MAX - BN_BITS2 + 1) ? \
NULL \
: \
(((bits+BN_BITS2-1)/BN_BITS2) <= (a)->dmax) ? \
(a) \
: \
bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2) \
)
# define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words))) # define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
BIGNUM *bn_expand2(BIGNUM *a, int words); BIGNUM *bn_expand2(BIGNUM *a, int words);
# ifndef OPENSSL_NO_DEPRECATED # ifndef OPENSSL_NO_DEPRECATED
@ -779,6 +789,7 @@ int RAND_pseudo_bytes(unsigned char *buf, int num);
* wouldn't be constructed with top!=dmax. */ \ * wouldn't be constructed with top!=dmax. */ \
BN_ULONG *_not_const; \ BN_ULONG *_not_const; \
memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \ memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \
/* Debug only - safe to ignore error return */ \
RAND_pseudo_bytes(&_tmp_char, 1); \ RAND_pseudo_bytes(&_tmp_char, 1); \
memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \ memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \
(_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \ (_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \
@ -831,6 +842,8 @@ int RAND_pseudo_bytes(unsigned char *buf, int num);
if (*(ftl--)) break; \ if (*(ftl--)) break; \
(a)->top = tmp_top; \ (a)->top = tmp_top; \
} \ } \
if ((a)->top == 0) \
(a)->neg = 0; \
bn_pollute(a); \ bn_pollute(a); \
} }
@ -892,6 +905,7 @@ void ERR_load_BN_strings(void);
# define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 135 # define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 135
# define BN_F_BN_GF2M_MOD_SQR 136 # define BN_F_BN_GF2M_MOD_SQR 136
# define BN_F_BN_GF2M_MOD_SQRT 137 # define BN_F_BN_GF2M_MOD_SQRT 137
# define BN_F_BN_LSHIFT 145
# define BN_F_BN_MOD_EXP2_MONT 118 # define BN_F_BN_MOD_EXP2_MONT 118
# define BN_F_BN_MOD_EXP_MONT 109 # define BN_F_BN_MOD_EXP_MONT 109
# define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124 # define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124
@ -907,12 +921,14 @@ void ERR_load_BN_strings(void);
# define BN_F_BN_NEW 113 # define BN_F_BN_NEW 113
# define BN_F_BN_RAND 114 # define BN_F_BN_RAND 114
# define BN_F_BN_RAND_RANGE 122 # define BN_F_BN_RAND_RANGE 122
# define BN_F_BN_RSHIFT 146
# define BN_F_BN_USUB 115 # define BN_F_BN_USUB 115
/* Reason codes. */ /* Reason codes. */
# define BN_R_ARG2_LT_ARG3 100 # define BN_R_ARG2_LT_ARG3 100
# define BN_R_BAD_RECIPROCAL 101 # define BN_R_BAD_RECIPROCAL 101
# define BN_R_BIGNUM_TOO_LONG 114 # define BN_R_BIGNUM_TOO_LONG 114
# define BN_R_BITS_TOO_SMALL 118
# define BN_R_CALLED_WITH_EVEN_MODULUS 102 # define BN_R_CALLED_WITH_EVEN_MODULUS 102
# define BN_R_DIV_BY_ZERO 103 # define BN_R_DIV_BY_ZERO 103
# define BN_R_ENCODING_ERROR 104 # define BN_R_ENCODING_ERROR 104
@ -920,6 +936,7 @@ void ERR_load_BN_strings(void);
# define BN_R_INPUT_NOT_REDUCED 110 # define BN_R_INPUT_NOT_REDUCED 110
# define BN_R_INVALID_LENGTH 106 # define BN_R_INVALID_LENGTH 106
# define BN_R_INVALID_RANGE 115 # define BN_R_INVALID_RANGE 115
# define BN_R_INVALID_SHIFT 119
# define BN_R_NOT_A_SQUARE 111 # define BN_R_NOT_A_SQUARE 111
# define BN_R_NOT_INITIALIZED 107 # define BN_R_NOT_INITIALIZED 107
# define BN_R_NO_INVERSE 108 # define BN_R_NO_INVERSE 108

View File

@ -86,7 +86,13 @@ int BUF_MEM_grow(BUF_MEM *str, size_t len);
int BUF_MEM_grow_clean(BUF_MEM *str, size_t len); int BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
size_t BUF_strnlen(const char *str, size_t maxlen); size_t BUF_strnlen(const char *str, size_t maxlen);
char *BUF_strdup(const char *str); char *BUF_strdup(const char *str);
/*
* Like strndup, but in addition, explicitly guarantees to never read past the
* first |siz| bytes of |str|.
*/
char *BUF_strndup(const char *str, size_t siz); char *BUF_strndup(const char *str, size_t siz);
void *BUF_memdup(const void *data, size_t siz); void *BUF_memdup(const void *data, size_t siz);
void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz); void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz);

View File

@ -1,4 +1,4 @@
/* crypto/camellia/camellia.h -*- mode:C; c-file-style: "eay" -*- */ /* crypto/camellia/camellia.h */
/* ==================================================================== /* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved. * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
* *

View File

@ -4,13 +4,17 @@
# include <openssl/crypto.h> # include <openssl/crypto.h>
# ifdef OPENSSL_NO_COMP
# error COMP is disabled.
# endif
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
typedef struct comp_ctx_st COMP_CTX; typedef struct comp_ctx_st COMP_CTX;
typedef struct comp_method_st { struct comp_method_st {
int type; /* NID for compression library */ int type; /* NID for compression library */
const char *name; /* A text string to identify the library */ const char *name; /* A text string to identify the library */
int (*init) (COMP_CTX *ctx); int (*init) (COMP_CTX *ctx);
@ -26,7 +30,7 @@ typedef struct comp_method_st {
*/ */
long (*ctrl) (void); long (*ctrl) (void);
long (*callback_ctrl) (void); long (*callback_ctrl) (void);
} COMP_METHOD; };
struct comp_ctx_st { struct comp_ctx_st {
COMP_METHOD *meth; COMP_METHOD *meth;

View File

@ -628,7 +628,7 @@ void OPENSSL_init(void);
* into a defined order as the return value when a != b is undefined, other * into a defined order as the return value when a != b is undefined, other
* than to be non-zero. * than to be non-zero.
*/ */
int CRYPTO_memcmp(const void *a, const void *b, size_t len); int CRYPTO_memcmp(const volatile void *a, const volatile void *b, size_t len);
/* BEGIN ERROR CODES */ /* BEGIN ERROR CODES */
/* /*

View File

@ -1,4 +1,4 @@
/* crypto/des/des_old.h -*- mode:C; c-file-style: "eay" -*- */ /* crypto/des/des_old.h */
/*- /*-
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING

View File

@ -142,7 +142,7 @@ struct dh_st {
BIGNUM *p; BIGNUM *p;
BIGNUM *g; BIGNUM *g;
long length; /* optional */ long length; /* optional */
BIGNUM *pub_key; /* g^x */ BIGNUM *pub_key; /* g^x % p */
BIGNUM *priv_key; /* x */ BIGNUM *priv_key; /* x */
int flags; int flags;
BN_MONT_CTX *method_mont_p; BN_MONT_CTX *method_mont_p;
@ -174,6 +174,7 @@ struct dh_st {
/* DH_check_pub_key error codes */ /* DH_check_pub_key error codes */
# define DH_CHECK_PUBKEY_TOO_SMALL 0x01 # define DH_CHECK_PUBKEY_TOO_SMALL 0x01
# define DH_CHECK_PUBKEY_TOO_LARGE 0x02 # define DH_CHECK_PUBKEY_TOO_LARGE 0x02
# define DH_CHECK_PUBKEY_INVALID 0x04
/* /*
* primes p where (p-1)/2 is prime too are called "safe"; we define this for * primes p where (p-1)/2 is prime too are called "safe"; we define this for

View File

@ -1,4 +1,4 @@
/* dso.h -*- mode:C; c-file-style: "eay" -*- */ /* dso.h */
/* /*
* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
* 2000. * 2000.

View File

@ -109,6 +109,12 @@ extern "C" {
# undef OPENSSL_SYS_UNIX # undef OPENSSL_SYS_UNIX
# define OPENSSL_SYS_WIN32 # define OPENSSL_SYS_WIN32
# endif # endif
# if defined(_WIN64) || defined(OPENSSL_SYSNAME_WIN64)
# undef OPENSSL_SYS_UNIX
# if !defined(OPENSSL_SYS_WIN64)
# define OPENSSL_SYS_WIN64
# endif
# endif
# if defined(OPENSSL_SYSNAME_WINNT) # if defined(OPENSSL_SYSNAME_WINNT)
# undef OPENSSL_SYS_UNIX # undef OPENSSL_SYS_UNIX
# define OPENSSL_SYS_WINNT # define OPENSSL_SYS_WINNT
@ -121,7 +127,7 @@ extern "C" {
# endif # endif
/* Anything that tries to look like Microsoft is "Windows" */ /* Anything that tries to look like Microsoft is "Windows" */
# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE) # if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN64) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE)
# undef OPENSSL_SYS_UNIX # undef OPENSSL_SYS_UNIX
# define OPENSSL_SYS_WINDOWS # define OPENSSL_SYS_WINDOWS
# ifndef OPENSSL_SYS_MSDOS # ifndef OPENSSL_SYS_MSDOS
@ -325,4 +331,3 @@ extern "C" {
#undef OPENSSL_SYS_WIN32 #undef OPENSSL_SYS_WIN32
#undef OPENSSL_SYS_WINDOWS #undef OPENSSL_SYS_WINDOWS
#endif // _MSC_VER #endif // _MSC_VER

View File

@ -106,7 +106,7 @@ typedef enum {
/** the point is encoded as z||x, where the octet z specifies /** the point is encoded as z||x, where the octet z specifies
* which solution of the quadratic equation y is */ * which solution of the quadratic equation y is */
POINT_CONVERSION_COMPRESSED = 2, POINT_CONVERSION_COMPRESSED = 2,
/** the point is encoded as z||x||y, where z is the octet 0x02 */ /** the point is encoded as z||x||y, where z is the octet 0x04 */
POINT_CONVERSION_UNCOMPRESSED = 4, POINT_CONVERSION_UNCOMPRESSED = 4,
/** the point is encoded as z||x||y, where the octet z specifies /** the point is encoded as z||x||y, where the octet z specifies
* which solution of the quadratic equation y is */ * which solution of the quadratic equation y is */
@ -1097,6 +1097,12 @@ void ERR_load_EC_strings(void);
# define EC_F_ECPARAMETERS_PRINT_FP 148 # define EC_F_ECPARAMETERS_PRINT_FP 148
# define EC_F_ECPKPARAMETERS_PRINT 149 # define EC_F_ECPKPARAMETERS_PRINT 149
# define EC_F_ECPKPARAMETERS_PRINT_FP 150 # define EC_F_ECPKPARAMETERS_PRINT_FP 150
# define EC_F_ECP_NISTZ256_GET_AFFINE 240
# define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE 243
# define EC_F_ECP_NISTZ256_POINTS_MUL 241
# define EC_F_ECP_NISTZ256_PRE_COMP_NEW 244
# define EC_F_ECP_NISTZ256_SET_WORDS 245
# define EC_F_ECP_NISTZ256_WINDOWED_MUL 242
# define EC_F_ECP_NIST_MOD_192 203 # define EC_F_ECP_NIST_MOD_192 203
# define EC_F_ECP_NIST_MOD_224 204 # define EC_F_ECP_NIST_MOD_224 204
# define EC_F_ECP_NIST_MOD_256 205 # define EC_F_ECP_NIST_MOD_256 205
@ -1208,11 +1214,6 @@ void ERR_load_EC_strings(void);
# define EC_F_NISTP224_PRE_COMP_NEW 227 # define EC_F_NISTP224_PRE_COMP_NEW 227
# define EC_F_NISTP256_PRE_COMP_NEW 236 # define EC_F_NISTP256_PRE_COMP_NEW 236
# define EC_F_NISTP521_PRE_COMP_NEW 237 # define EC_F_NISTP521_PRE_COMP_NEW 237
# define EC_F_ECP_NISTZ256_GET_AFFINE 240
# define EC_F_ECP_NISTZ256_POINTS_MUL 241
# define EC_F_ECP_NISTZ256_WINDOWED_MUL 242
# define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE 243
# define EC_F_ECP_NISTZ256_PRE_COMP_NEW 244
# define EC_F_O2I_ECPUBLICKEY 152 # define EC_F_O2I_ECPUBLICKEY 152
# define EC_F_OLD_EC_PRIV_DECODE 222 # define EC_F_OLD_EC_PRIV_DECODE 222
# define EC_F_PKEY_EC_CTRL 197 # define EC_F_PKEY_EC_CTRL 197

View File

@ -233,7 +233,7 @@ void *ECDSA_get_ex_data(EC_KEY *d, int idx);
* \return pointer to a ECDSA_METHOD structure or NULL if an error occurred * \return pointer to a ECDSA_METHOD structure or NULL if an error occurred
*/ */
ECDSA_METHOD *ECDSA_METHOD_new(ECDSA_METHOD *ecdsa_method); ECDSA_METHOD *ECDSA_METHOD_new(const ECDSA_METHOD *ecdsa_method);
/** frees a ECDSA_METHOD structure /** frees a ECDSA_METHOD structure
* \param ecdsa_method pointer to the ECDSA_METHOD structure * \param ecdsa_method pointer to the ECDSA_METHOD structure

View File

@ -103,7 +103,6 @@
# define EVP_PKS_RSA 0x0100 # define EVP_PKS_RSA 0x0100
# define EVP_PKS_DSA 0x0200 # define EVP_PKS_DSA 0x0200
# define EVP_PKS_EC 0x0400 # define EVP_PKS_EC 0x0400
# define EVP_PKT_EXP 0x1000 /* <= 512 bit key */
# define EVP_PKEY_NONE NID_undef # define EVP_PKEY_NONE NID_undef
# define EVP_PKEY_RSA NID_rsaEncryption # define EVP_PKEY_RSA NID_rsaEncryption
@ -424,6 +423,9 @@ struct evp_cipher_st {
# define EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT 0x1b # define EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT 0x1b
# define EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE 0x1c # define EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE 0x1c
/* RFC 5246 defines additional data to be 13 bytes in length */
# define EVP_AEAD_TLS1_AAD_LEN 13
typedef struct { typedef struct {
unsigned char *out; unsigned char *out;
const unsigned char *inp; const unsigned char *inp;
@ -1121,6 +1123,19 @@ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth, void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
int (*pkey_ctrl) (EVP_PKEY *pkey, int op, int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
long arg1, void *arg2)); long arg1, void *arg2));
void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
int (*item_verify) (EVP_MD_CTX *ctx,
const ASN1_ITEM *it,
void *asn,
X509_ALGOR *a,
ASN1_BIT_STRING *sig,
EVP_PKEY *pkey),
int (*item_sign) (EVP_MD_CTX *ctx,
const ASN1_ITEM *it,
void *asn,
X509_ALGOR *alg1,
X509_ALGOR *alg2,
ASN1_BIT_STRING *sig));
# define EVP_PKEY_OP_UNDEFINED 0 # define EVP_PKEY_OP_UNDEFINED 0
# define EVP_PKEY_OP_PARAMGEN (1<<1) # define EVP_PKEY_OP_PARAMGEN (1<<1)

View File

@ -1,4 +1,4 @@
/* ssl/kssl.h -*- mode: C; c-file-style: "eay" -*- */ /* ssl/kssl.h */
/* /*
* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project * Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project
* 2000. project 2000. * 2000. project 2000.

View File

@ -41,12 +41,18 @@ extern "C" {
#ifndef OPENSSL_NO_SSL_TRACE #ifndef OPENSSL_NO_SSL_TRACE
# define OPENSSL_NO_SSL_TRACE # define OPENSSL_NO_SSL_TRACE
#endif #endif
#ifndef OPENSSL_NO_SSL2
# define OPENSSL_NO_SSL2
#endif
#ifndef OPENSSL_NO_STORE #ifndef OPENSSL_NO_STORE
# define OPENSSL_NO_STORE # define OPENSSL_NO_STORE
#endif #endif
#ifndef OPENSSL_NO_UNIT_TEST #ifndef OPENSSL_NO_UNIT_TEST
# define OPENSSL_NO_UNIT_TEST # define OPENSSL_NO_UNIT_TEST
#endif #endif
#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
# define OPENSSL_NO_WEAK_SSL_CIPHERS
#endif
#endif /* OPENSSL_DOING_MAKEDEPEND */ #endif /* OPENSSL_DOING_MAKEDEPEND */
@ -89,12 +95,18 @@ extern "C" {
# if defined(OPENSSL_NO_SSL_TRACE) && !defined(NO_SSL_TRACE) # if defined(OPENSSL_NO_SSL_TRACE) && !defined(NO_SSL_TRACE)
# define NO_SSL_TRACE # define NO_SSL_TRACE
# endif # endif
# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2)
# define NO_SSL2
# endif
# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
# define NO_STORE # define NO_STORE
# endif # endif
# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) # if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST)
# define NO_UNIT_TEST # define NO_UNIT_TEST
# endif # endif
# if defined(OPENSSL_NO_WEAK_SSL_CIPHERS) && !defined(NO_WEAK_SSL_CIPHERS)
# define NO_WEAK_SSL_CIPHERS
# endif
#endif #endif
#define OPENSSL_CPUID_OBJ #define OPENSSL_CPUID_OBJ
@ -203,7 +215,7 @@ extern "C" {
#endif #endif
#if defined(DES_RISC1) && defined(DES_RISC2) #if defined(DES_RISC1) && defined(DES_RISC2)
YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #error YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
#endif #endif
/* Unroll the inner loop, this sometimes helps, sometimes hinders. /* Unroll the inner loop, this sometimes helps, sometimes hinders.
@ -222,7 +234,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
optimization options. Older Sparc's work better with only UNROLL, but optimization options. Older Sparc's work better with only UNROLL, but
there's no way to tell at compile time what it is you're running on */ there's no way to tell at compile time what it is you're running on */
#if defined( sun ) /* Newer Sparc's */ #if defined( __sun ) || defined ( sun ) /* Newer Sparc's */
# define DES_PTR # define DES_PTR
# define DES_RISC1 # define DES_RISC1
# define DES_UNROLL # define DES_UNROLL

View File

@ -30,11 +30,11 @@ extern "C" {
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta) * major minor fix final patch/beta)
*/ */
# define OPENSSL_VERSION_NUMBER 0x1000201fL # define OPENSSL_VERSION_NUMBER 0x100020afL
# ifdef OPENSSL_FIPS # ifdef OPENSSL_FIPS
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2a-fips 19 Mar 2015" # define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2j-fips 26 Sep 2016"
# else # else
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2a 19 Mar 2015" # define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2j 26 Sep 2016"
# endif # endif
# define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT # define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT

View File

@ -178,6 +178,8 @@ typedef struct engine_st ENGINE;
typedef struct ssl_st SSL; typedef struct ssl_st SSL;
typedef struct ssl_ctx_st SSL_CTX; typedef struct ssl_ctx_st SSL_CTX;
typedef struct comp_method_st COMP_METHOD;
typedef struct X509_POLICY_NODE_st X509_POLICY_NODE; typedef struct X509_POLICY_NODE_st X509_POLICY_NODE;
typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL; typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL;
typedef struct X509_POLICY_TREE_st X509_POLICY_TREE; typedef struct X509_POLICY_TREE_st X509_POLICY_TREE;

View File

@ -531,6 +531,7 @@ int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
* The following lines are auto generated by the script mkerr.pl. Any changes * The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run. * made after this point may be overwritten when the script is next run.
*/ */
void ERR_load_PEM_strings(void); void ERR_load_PEM_strings(void);
/* Error codes for the PEM functions. */ /* Error codes for the PEM functions. */
@ -592,6 +593,7 @@ void ERR_load_PEM_strings(void);
# define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115 # define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115
# define PEM_R_EXPECTING_PRIVATE_KEY_BLOB 119 # define PEM_R_EXPECTING_PRIVATE_KEY_BLOB 119
# define PEM_R_EXPECTING_PUBLIC_KEY_BLOB 120 # define PEM_R_EXPECTING_PUBLIC_KEY_BLOB 120
# define PEM_R_HEADER_TOO_LONG 128
# define PEM_R_INCONSISTENT_HEADER 121 # define PEM_R_INCONSISTENT_HEADER 121
# define PEM_R_KEYBLOB_HEADER_PARSE_ERROR 122 # define PEM_R_KEYBLOB_HEADER_PARSE_ERROR 122
# define PEM_R_KEYBLOB_TOO_SHORT 123 # define PEM_R_KEYBLOB_TOO_SHORT 123

View File

@ -270,7 +270,7 @@ int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12);
int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12); int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12);
PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12); PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12);
PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12); PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass); int PKCS12_newpass(PKCS12 *p12, const char *oldpass, const char *newpass);
/* BEGIN ERROR CODES */ /* BEGIN ERROR CODES */
/* /*

View File

@ -82,16 +82,21 @@ typedef struct SRP_gN_cache_st {
DECLARE_STACK_OF(SRP_gN_cache) DECLARE_STACK_OF(SRP_gN_cache)
typedef struct SRP_user_pwd_st { typedef struct SRP_user_pwd_st {
/* Owned by us. */
char *id; char *id;
BIGNUM *s; BIGNUM *s;
BIGNUM *v; BIGNUM *v;
/* Not owned by us. */
const BIGNUM *g; const BIGNUM *g;
const BIGNUM *N; const BIGNUM *N;
/* Owned by us. */
char *info; char *info;
} SRP_user_pwd; } SRP_user_pwd;
DECLARE_STACK_OF(SRP_user_pwd) DECLARE_STACK_OF(SRP_user_pwd)
void SRP_user_pwd_free(SRP_user_pwd *user_pwd);
typedef struct SRP_VBASE_st { typedef struct SRP_VBASE_st {
STACK_OF(SRP_user_pwd) *users_pwd; STACK_OF(SRP_user_pwd) *users_pwd;
STACK_OF(SRP_gN_cache) *gN_cache; STACK_OF(SRP_gN_cache) *gN_cache;
@ -115,7 +120,12 @@ DECLARE_STACK_OF(SRP_gN)
SRP_VBASE *SRP_VBASE_new(char *seed_key); SRP_VBASE *SRP_VBASE_new(char *seed_key);
int SRP_VBASE_free(SRP_VBASE *vb); int SRP_VBASE_free(SRP_VBASE *vb);
int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file); int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file);
/* This method ignores the configured seed and fails for an unknown user. */
SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username); SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username);
/* NOTE: unlike in SRP_VBASE_get_by_user, caller owns the returned pointer.*/
SRP_user_pwd *SRP_VBASE_get1_by_user(SRP_VBASE *vb, char *username);
char *SRP_create_verifier(const char *user, const char *pass, char **salt, char *SRP_create_verifier(const char *user, const char *pass, char **salt,
char **verifier, const char *N, const char *g); char **verifier, const char *N, const char *g);
int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt, int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,

View File

@ -338,7 +338,7 @@ extern "C" {
* The following cipher list is used by default. It also is substituted when * The following cipher list is used by default. It also is substituted when
* an application-defined cipher list string starts with 'DEFAULT'. * an application-defined cipher list string starts with 'DEFAULT'.
*/ */
# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!aNULL:!eNULL:!SSLv2" # define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2"
/* /*
* As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
* starts with a reasonable order, and all we have to do for DEFAULT is * starts with a reasonable order, and all we have to do for DEFAULT is
@ -625,7 +625,7 @@ struct ssl_session_st {
# define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L # define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L
/* If set, always create a new key when using tmp_ecdh parameters */ /* If set, always create a new key when using tmp_ecdh parameters */
# define SSL_OP_SINGLE_ECDH_USE 0x00080000L # define SSL_OP_SINGLE_ECDH_USE 0x00080000L
/* If set, always create a new key when using tmp_dh parameters */ /* Does nothing: retained for compatibility */
# define SSL_OP_SINGLE_DH_USE 0x00100000L # define SSL_OP_SINGLE_DH_USE 0x00100000L
/* Does nothing: retained for compatibiity */ /* Does nothing: retained for compatibiity */
# define SSL_OP_EPHEMERAL_RSA 0x0 # define SSL_OP_EPHEMERAL_RSA 0x0
@ -1727,6 +1727,7 @@ extern "C" {
# define SSL_ST_BEFORE 0x4000 # define SSL_ST_BEFORE 0x4000
# define SSL_ST_OK 0x03 # define SSL_ST_OK 0x03
# define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT) # define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT)
# define SSL_ST_ERR 0x05
# define SSL_CB_LOOP 0x01 # define SSL_CB_LOOP 0x01
# define SSL_CB_EXIT 0x02 # define SSL_CB_EXIT 0x02
@ -2091,7 +2092,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
# define SSL_CTX_set1_sigalgs_list(ctx, s) \ # define SSL_CTX_set1_sigalgs_list(ctx, s) \
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)s) SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)s)
# define SSL_set1_sigalgs(ctx, slist, slistlen) \ # define SSL_set1_sigalgs(ctx, slist, slistlen) \
SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS,clistlen,(int *)slist) SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS,slistlen,(int *)slist)
# define SSL_set1_sigalgs_list(ctx, s) \ # define SSL_set1_sigalgs_list(ctx, s) \
SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)s) SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)s)
# define SSL_CTX_set1_client_sigalgs(ctx, slist, slistlen) \ # define SSL_CTX_set1_client_sigalgs(ctx, slist, slistlen) \
@ -2344,7 +2345,7 @@ const char *SSL_get_version(const SSL *s);
/* This sets the 'default' SSL version that SSL_new() will create */ /* This sets the 'default' SSL version that SSL_new() will create */
int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth); int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
# ifndef OPENSSL_NO_SSL2 # ifndef OPENSSL_NO_SSL2_METHOD
const SSL_METHOD *SSLv2_method(void); /* SSLv2 */ const SSL_METHOD *SSLv2_method(void); /* SSLv2 */
const SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */ const SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
const SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */ const SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
@ -2531,7 +2532,6 @@ void SSL_set_tmp_ecdh_callback(SSL *ssl,
int keylength)); int keylength));
# endif # endif
# ifndef OPENSSL_NO_COMP
const COMP_METHOD *SSL_get_current_compression(SSL *s); const COMP_METHOD *SSL_get_current_compression(SSL *s);
const COMP_METHOD *SSL_get_current_expansion(SSL *s); const COMP_METHOD *SSL_get_current_expansion(SSL *s);
const char *SSL_COMP_get_name(const COMP_METHOD *comp); const char *SSL_COMP_get_name(const COMP_METHOD *comp);
@ -2540,13 +2540,6 @@ STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP)
*meths); *meths);
void SSL_COMP_free_compression_methods(void); void SSL_COMP_free_compression_methods(void);
int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm); int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm);
# else
const void *SSL_get_current_compression(SSL *s);
const void *SSL_get_current_expansion(SSL *s);
const char *SSL_COMP_get_name(const void *comp);
void *SSL_COMP_get_compression_methods(void);
int SSL_COMP_add_compression_method(int id, void *cm);
# endif
const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr); const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
@ -2622,6 +2615,7 @@ void ERR_load_SSL_strings(void);
# define SSL_F_DTLS1_HEARTBEAT 305 # define SSL_F_DTLS1_HEARTBEAT 305
# define SSL_F_DTLS1_OUTPUT_CERT_CHAIN 255 # define SSL_F_DTLS1_OUTPUT_CERT_CHAIN 255
# define SSL_F_DTLS1_PREPROCESS_FRAGMENT 288 # define SSL_F_DTLS1_PREPROCESS_FRAGMENT 288
# define SSL_F_DTLS1_PROCESS_BUFFERED_RECORDS 424
# define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 256 # define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 256
# define SSL_F_DTLS1_PROCESS_RECORD 257 # define SSL_F_DTLS1_PROCESS_RECORD 257
# define SSL_F_DTLS1_READ_BYTES 258 # define SSL_F_DTLS1_READ_BYTES 258
@ -2640,6 +2634,7 @@ void ERR_load_SSL_strings(void);
# define SSL_F_GET_CLIENT_MASTER_KEY 107 # define SSL_F_GET_CLIENT_MASTER_KEY 107
# define SSL_F_GET_SERVER_FINISHED 108 # define SSL_F_GET_SERVER_FINISHED 108
# define SSL_F_GET_SERVER_HELLO 109 # define SSL_F_GET_SERVER_HELLO 109
# define SSL_F_GET_SERVER_STATIC_DH_KEY 340
# define SSL_F_GET_SERVER_VERIFY 110 # define SSL_F_GET_SERVER_VERIFY 110
# define SSL_F_I2D_SSL_SESSION 111 # define SSL_F_I2D_SSL_SESSION 111
# define SSL_F_READ_N 112 # define SSL_F_READ_N 112
@ -2670,6 +2665,7 @@ void ERR_load_SSL_strings(void);
# define SSL_F_SSL3_CHANGE_CIPHER_STATE 129 # define SSL_F_SSL3_CHANGE_CIPHER_STATE 129
# define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130 # define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
# define SSL_F_SSL3_CHECK_CLIENT_HELLO 304 # define SSL_F_SSL3_CHECK_CLIENT_HELLO 304
# define SSL_F_SSL3_CHECK_FINISHED 339
# define SSL_F_SSL3_CLIENT_HELLO 131 # define SSL_F_SSL3_CLIENT_HELLO 131
# define SSL_F_SSL3_CONNECT 132 # define SSL_F_SSL3_CONNECT 132
# define SSL_F_SSL3_CTRL 213 # define SSL_F_SSL3_CTRL 213
@ -2678,6 +2674,7 @@ void ERR_load_SSL_strings(void);
# define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC 292 # define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC 292
# define SSL_F_SSL3_ENC 134 # define SSL_F_SSL3_ENC 134
# define SSL_F_SSL3_GENERATE_KEY_BLOCK 238 # define SSL_F_SSL3_GENERATE_KEY_BLOCK 238
# define SSL_F_SSL3_GENERATE_MASTER_SECRET 388
# define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135 # define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135
# define SSL_F_SSL3_GET_CERT_STATUS 289 # define SSL_F_SSL3_GET_CERT_STATUS 289
# define SSL_F_SSL3_GET_CERT_VERIFY 136 # define SSL_F_SSL3_GET_CERT_VERIFY 136
@ -2784,6 +2781,7 @@ void ERR_load_SSL_strings(void);
# define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188 # define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188
# define SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT 320 # define SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT 320
# define SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT 321 # define SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT 321
# define SSL_F_SSL_SESSION_DUP 348
# define SSL_F_SSL_SESSION_NEW 189 # define SSL_F_SSL_SESSION_NEW 189
# define SSL_F_SSL_SESSION_PRINT_FP 190 # define SSL_F_SSL_SESSION_PRINT_FP 190
# define SSL_F_SSL_SESSION_SET1_ID_CONTEXT 312 # define SSL_F_SSL_SESSION_SET1_ID_CONTEXT 312
@ -2842,8 +2840,11 @@ void ERR_load_SSL_strings(void);
# define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106 # define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106
# define SSL_R_BAD_DECOMPRESSION 107 # define SSL_R_BAD_DECOMPRESSION 107
# define SSL_R_BAD_DH_G_LENGTH 108 # define SSL_R_BAD_DH_G_LENGTH 108
# define SSL_R_BAD_DH_G_VALUE 375
# define SSL_R_BAD_DH_PUB_KEY_LENGTH 109 # define SSL_R_BAD_DH_PUB_KEY_LENGTH 109
# define SSL_R_BAD_DH_PUB_KEY_VALUE 393
# define SSL_R_BAD_DH_P_LENGTH 110 # define SSL_R_BAD_DH_P_LENGTH 110
# define SSL_R_BAD_DH_P_VALUE 395
# define SSL_R_BAD_DIGEST_LENGTH 111 # define SSL_R_BAD_DIGEST_LENGTH 111
# define SSL_R_BAD_DSA_SIGNATURE 112 # define SSL_R_BAD_DSA_SIGNATURE 112
# define SSL_R_BAD_ECC_CERT 304 # define SSL_R_BAD_ECC_CERT 304
@ -2904,6 +2905,7 @@ void ERR_load_SSL_strings(void);
# define SSL_R_DATA_LENGTH_TOO_LONG 146 # define SSL_R_DATA_LENGTH_TOO_LONG 146
# define SSL_R_DECRYPTION_FAILED 147 # define SSL_R_DECRYPTION_FAILED 147
# define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 281 # define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 281
# define SSL_R_DH_KEY_TOO_SMALL 372
# define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148 # define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148
# define SSL_R_DIGEST_CHECK_FAILED 149 # define SSL_R_DIGEST_CHECK_FAILED 149
# define SSL_R_DTLS_MESSAGE_TOO_BIG 334 # define SSL_R_DTLS_MESSAGE_TOO_BIG 334
@ -3047,6 +3049,7 @@ void ERR_load_SSL_strings(void);
# define SSL_R_SERVERHELLO_TLSEXT 275 # define SSL_R_SERVERHELLO_TLSEXT 275
# define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277 # define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
# define SSL_R_SHORT_READ 219 # define SSL_R_SHORT_READ 219
# define SSL_R_SHUTDOWN_WHILE_IN_INIT 407
# define SSL_R_SIGNATURE_ALGORITHMS_ERROR 360 # define SSL_R_SIGNATURE_ALGORITHMS_ERROR 360
# define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220 # define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
# define SSL_R_SRP_A_CALC 361 # define SSL_R_SRP_A_CALC 361
@ -3104,6 +3107,7 @@ void ERR_load_SSL_strings(void);
# define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157 # define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
# define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233 # define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
# define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234 # define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
# define SSL_R_TOO_MANY_WARN_ALERTS 409
# define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235 # define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235
# define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236 # define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236
# define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS 313 # define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS 313

View File

@ -231,13 +231,12 @@ extern "C" {
/* ExtensionType value from RFC5620 */ /* ExtensionType value from RFC5620 */
# define TLSEXT_TYPE_heartbeat 15 # define TLSEXT_TYPE_heartbeat 15
/* ExtensionType value from draft-ietf-tls-applayerprotoneg-00 */ /* ExtensionType value from RFC7301 */
# define TLSEXT_TYPE_application_layer_protocol_negotiation 16 # define TLSEXT_TYPE_application_layer_protocol_negotiation 16
/* /*
* ExtensionType value for TLS padding extension. * ExtensionType value for TLS padding extension.
* http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml * http://tools.ietf.org/html/draft-agl-tls-padding
* http://tools.ietf.org/html/draft-agl-tls-padding-03
*/ */
# define TLSEXT_TYPE_padding 21 # define TLSEXT_TYPE_padding 21
@ -267,7 +266,7 @@ extern "C" {
/* status request value from RFC3546 */ /* status request value from RFC3546 */
# define TLSEXT_STATUSTYPE_ocsp 1 # define TLSEXT_STATUSTYPE_ocsp 1
/* ECPointFormat values from draft-ietf-tls-ecc-12 */ /* ECPointFormat values from RFC4492 */
# define TLSEXT_ECPOINTFORMAT_first 0 # define TLSEXT_ECPOINTFORMAT_first 0
# define TLSEXT_ECPOINTFORMAT_uncompressed 0 # define TLSEXT_ECPOINTFORMAT_uncompressed 0
# define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime 1 # define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime 1
@ -275,7 +274,6 @@ extern "C" {
# define TLSEXT_ECPOINTFORMAT_last 2 # define TLSEXT_ECPOINTFORMAT_last 2
/* Signature and hash algorithms from RFC5246 */ /* Signature and hash algorithms from RFC5246 */
# define TLSEXT_signature_anonymous 0 # define TLSEXT_signature_anonymous 0
# define TLSEXT_signature_rsa 1 # define TLSEXT_signature_rsa 1
# define TLSEXT_signature_dsa 2 # define TLSEXT_signature_dsa 2
@ -430,7 +428,6 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
# define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA 0x03000066 # define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA 0x03000066
/* AES ciphersuites from RFC3268 */ /* AES ciphersuites from RFC3268 */
# define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F # define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F
# define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030 # define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030
# define TLS1_CK_DH_RSA_WITH_AES_128_SHA 0x03000031 # define TLS1_CK_DH_RSA_WITH_AES_128_SHA 0x03000031
@ -595,7 +592,7 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
# define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AES256-SHA" # define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AES256-SHA"
# define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AES256-SHA" # define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AES256-SHA"
/* ECC ciphersuites from draft-ietf-tls-ecc-01.txt (Mar 15, 2001) */ /* ECC ciphersuites from RFC4492 */
# define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA "ECDH-ECDSA-NULL-SHA" # define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA "ECDH-ECDSA-NULL-SHA"
# define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA "ECDH-ECDSA-RC4-SHA" # define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA "ECDH-ECDSA-RC4-SHA"
# define TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA "ECDH-ECDSA-DES-CBC3-SHA" # define TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA "ECDH-ECDSA-DES-CBC3-SHA"

View File

@ -565,6 +565,9 @@ int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx,
/* At most we accept usec precision. */ /* At most we accept usec precision. */
# define TS_MAX_CLOCK_PRECISION_DIGITS 6 # define TS_MAX_CLOCK_PRECISION_DIGITS 6
/* Maximum status message length */
# define TS_MAX_STATUS_LENGTH (1024 * 1024)
/* No flags are set by default. */ /* No flags are set by default. */
void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags); void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags);

View File

@ -1,4 +1,4 @@
/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */ /* crypto/ui/ui.h */
/* /*
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
* 2001. * 2001.

View File

@ -1,4 +1,4 @@
/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */ /* crypto/ui/ui.h */
/* /*
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
* 2001. * 2001.

View File

@ -1234,6 +1234,7 @@ int X509_TRUST_get_trust(X509_TRUST *xp);
* The following lines are auto generated by the script mkerr.pl. Any changes * The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run. * made after this point may be overwritten when the script is next run.
*/ */
void ERR_load_X509_strings(void); void ERR_load_X509_strings(void);
/* Error codes for the X509 functions. */ /* Error codes for the X509 functions. */
@ -1241,6 +1242,7 @@ void ERR_load_X509_strings(void);
/* Function codes. */ /* Function codes. */
# define X509_F_ADD_CERT_DIR 100 # define X509_F_ADD_CERT_DIR 100
# define X509_F_BY_FILE_CTRL 101 # define X509_F_BY_FILE_CTRL 101
# define X509_F_CHECK_NAME_CONSTRAINTS 106
# define X509_F_CHECK_POLICY 145 # define X509_F_CHECK_POLICY 145
# define X509_F_DIR_CTRL 102 # define X509_F_DIR_CTRL 102
# define X509_F_GET_CERT_BY_SUBJECT 103 # define X509_F_GET_CERT_BY_SUBJECT 103
@ -1305,6 +1307,7 @@ void ERR_load_X509_strings(void);
# define X509_R_LOADING_CERT_DIR 103 # define X509_R_LOADING_CERT_DIR 103
# define X509_R_LOADING_DEFAULTS 104 # define X509_R_LOADING_DEFAULTS 104
# define X509_R_METHOD_NOT_SUPPORTED 124 # define X509_R_METHOD_NOT_SUPPORTED 124
# define X509_R_NAME_TOO_LONG 134
# define X509_R_NEWER_CRL_NOT_NEWER 132 # define X509_R_NEWER_CRL_NOT_NEWER 132
# define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105 # define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105
# define X509_R_NO_CRL_NUMBER 130 # define X509_R_NO_CRL_NUMBER 130

View File

@ -313,7 +313,7 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL) X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL)
# define X509_V_OK 0 # define X509_V_OK 0
/* illegal error (for uninitialized values, to avoid X509_V_OK): 1 */ # define X509_V_ERR_UNSPECIFIED 1
# define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2 # define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2
# define X509_V_ERR_UNABLE_TO_GET_CRL 3 # define X509_V_ERR_UNABLE_TO_GET_CRL 3
@ -368,6 +368,7 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
# define X509_V_ERR_PERMITTED_VIOLATION 47 # define X509_V_ERR_PERMITTED_VIOLATION 47
# define X509_V_ERR_EXCLUDED_VIOLATION 48 # define X509_V_ERR_EXCLUDED_VIOLATION 48
# define X509_V_ERR_SUBTREE_MINMAX 49 # define X509_V_ERR_SUBTREE_MINMAX 49
# define X509_V_ERR_APPLICATION_VERIFICATION 50
# define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51 # define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51
# define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52 # define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52
# define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53 # define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53
@ -386,8 +387,12 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
# define X509_V_ERR_EMAIL_MISMATCH 63 # define X509_V_ERR_EMAIL_MISMATCH 63
# define X509_V_ERR_IP_ADDRESS_MISMATCH 64 # define X509_V_ERR_IP_ADDRESS_MISMATCH 64
/* The application is not happy */ /* Caller error */
# define X509_V_ERR_APPLICATION_VERIFICATION 50 # define X509_V_ERR_INVALID_CALL 65
/* Issuer lookup error */
# define X509_V_ERR_STORE_LOOKUP 66
# define X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION 67
/* Certificate verify flags */ /* Certificate verify flags */
@ -432,6 +437,12 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
/* Allow partial chains if at least one certificate is in trusted store */ /* Allow partial chains if at least one certificate is in trusted store */
# define X509_V_FLAG_PARTIAL_CHAIN 0x80000 # define X509_V_FLAG_PARTIAL_CHAIN 0x80000
/*
* If the initial chain is not trusted, do not attempt to build an alternative
* chain. Alternate chain checking was introduced in 1.0.2b. Setting this flag
* will force the behaviour to match that of previous versions.
*/
# define X509_V_FLAG_NO_ALT_CHAINS 0x100000
# define X509_VP_FLAG_DEFAULT 0x1 # define X509_VP_FLAG_DEFAULT 0x1
# define X509_VP_FLAG_OVERWRITE 0x2 # define X509_VP_FLAG_OVERWRITE 0x2

View File

@ -46,7 +46,7 @@
EnableIntrinsicFunctions="false" EnableIntrinsicFunctions="false"
FavorSizeOrSpeed="0" FavorSizeOrSpeed="0"
AdditionalIncludeDirectories="$(SolutionDir)Mayaqua\win32_inc;.;$(SolutionDir)" AdditionalIncludeDirectories="$(SolutionDir)Mayaqua\win32_inc;.;$(SolutionDir)"
PreprocessorDefinitions="WIN32;NDEBUG;_WINDOWS;_USE_32BIT_TIME_T;VPN_SPEED" PreprocessorDefinitions="WIN32;NDEBUG;_WINDOWS;VPN_SPEED"
StringPooling="false" StringPooling="false"
ExceptionHandling="0" ExceptionHandling="0"
RuntimeLibrary="0" RuntimeLibrary="0"

View File

@ -49,7 +49,7 @@
EnableIntrinsicFunctions="false" EnableIntrinsicFunctions="false"
FavorSizeOrSpeed="0" FavorSizeOrSpeed="0"
AdditionalIncludeDirectories="$(SolutionDir)Mayaqua\win32_inc;.;$(SolutionDir)" AdditionalIncludeDirectories="$(SolutionDir)Mayaqua\win32_inc;.;$(SolutionDir)"
PreprocessorDefinitions="WIN32;NDEBUG;_WINDOWS;_USRDLL;_USE_32BIT_TIME_T;PCDDLL_EXPORTS" PreprocessorDefinitions="WIN32;NDEBUG;_WINDOWS;_USRDLL;PCDDLL_EXPORTS"
StringPooling="false" StringPooling="false"
ExceptionHandling="0" ExceptionHandling="0"
RuntimeLibrary="0" RuntimeLibrary="0"

Some files were not shown because too many files have changed in this diff Show More