mirror of
https://github.com/SoftEtherVPN/SoftEtherVPN.git
synced 2024-11-10 03:30:39 +03:00
Some hacks to make Android VPN Client Pro working
This commit is contained in:
parent
723f38e72f
commit
39becfe4ab
@ -3063,6 +3063,22 @@ bool PPPProcessEAPTlsResponse(PPP_SESSION* p, PPP_EAP* eap_packet, UINT eapTlsSi
|
|||||||
ETHERIP_ID d;
|
ETHERIP_ID d;
|
||||||
UINT error_code;
|
UINT error_code;
|
||||||
|
|
||||||
|
/*if (!p->Eap_TlsCtx.SslPipe->IsDisconnected)
|
||||||
|
{
|
||||||
|
dataSize = FifoSize(p->Eap_TlsCtx.SslPipe->RawOut->RecvFifo);
|
||||||
|
lcp = BuildEAPTlsRequest(p->Eap_PacketId++, dataSize, 0);
|
||||||
|
eap = lcp->Data;
|
||||||
|
ReadFifo(p->Eap_TlsCtx.SslPipe->RawOut->RecvFifo, &(eap->Tls.TlsDataWithoutLength), dataSize);
|
||||||
|
if (!PPPSendAndRetransmitRequest(p, PPP_PROTOCOL_EAP, lcp))
|
||||||
|
{
|
||||||
|
PPPSetStatus(p, PPP_STATUS_FAIL);
|
||||||
|
WHERE;
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
Debug("Sent EAP-TLS size=%i type=%i flag=%i\n", lcp->DataSize, eap->Type, eap->Tls.Flags);
|
||||||
|
return true;
|
||||||
|
}*/
|
||||||
|
|
||||||
PPPParseUsername(p->Cedar, p->Eap_Identity, &d);
|
PPPParseUsername(p->Cedar, p->Eap_Identity, &d);
|
||||||
|
|
||||||
ipc = NewIPC(p->Cedar, p->ClientSoftwareName, p->Postfix, d.HubName, d.UserName, "",
|
ipc = NewIPC(p->Cedar, p->ClientSoftwareName, p->Postfix, d.HubName, d.UserName, "",
|
||||||
@ -3073,6 +3089,7 @@ bool PPPProcessEAPTlsResponse(PPP_SESSION* p, PPP_EAP* eap_packet, UINT eapTlsSi
|
|||||||
if (ipc != NULL)
|
if (ipc != NULL)
|
||||||
{
|
{
|
||||||
PPP_PACKET* pack;
|
PPP_PACKET* pack;
|
||||||
|
UINT identificator = p->Eap_PacketId - 1; // THIS IS A HACK TO SUPPORT VPN Client Pro on Android!!!
|
||||||
|
|
||||||
p->Ipc = ipc;
|
p->Ipc = ipc;
|
||||||
PPPSetStatus(p, PPP_STATUS_AUTH_SUCCESS);
|
PPPSetStatus(p, PPP_STATUS_AUTH_SUCCESS);
|
||||||
@ -3081,7 +3098,7 @@ bool PPPProcessEAPTlsResponse(PPP_SESSION* p, PPP_EAP* eap_packet, UINT eapTlsSi
|
|||||||
pack = ZeroMalloc(sizeof(PPP_PACKET));
|
pack = ZeroMalloc(sizeof(PPP_PACKET));
|
||||||
pack->IsControl = true;
|
pack->IsControl = true;
|
||||||
pack->Protocol = PPP_PROTOCOL_EAP;
|
pack->Protocol = PPP_PROTOCOL_EAP;
|
||||||
lcp = NewPPPLCP(PPP_EAP_CODE_SUCCESS, p->Eap_PacketId++);
|
lcp = NewPPPLCP(PPP_EAP_CODE_SUCCESS, identificator);
|
||||||
pack->Lcp = lcp;
|
pack->Lcp = lcp;
|
||||||
Debug("Sent EAP-TLS size=%i SUCCESS\n", lcp->DataSize);
|
Debug("Sent EAP-TLS size=%i SUCCESS\n", lcp->DataSize);
|
||||||
if (!PPPSendPacketAndFree(p, pack))
|
if (!PPPSendPacketAndFree(p, pack))
|
||||||
@ -3095,13 +3112,14 @@ bool PPPProcessEAPTlsResponse(PPP_SESSION* p, PPP_EAP* eap_packet, UINT eapTlsSi
|
|||||||
else
|
else
|
||||||
{
|
{
|
||||||
PPP_PACKET* pack;
|
PPP_PACKET* pack;
|
||||||
|
UINT identificator = p->Eap_PacketId - 1; // THIS IS A HACK TO SUPPORT VPN Client Pro on Android!!!
|
||||||
|
|
||||||
PPPSetStatus(p, PPP_STATUS_AUTH_FAIL);
|
PPPSetStatus(p, PPP_STATUS_AUTH_FAIL);
|
||||||
|
|
||||||
pack = ZeroMalloc(sizeof(PPP_PACKET));
|
pack = ZeroMalloc(sizeof(PPP_PACKET));
|
||||||
pack->IsControl = true;
|
pack->IsControl = true;
|
||||||
pack->Protocol = PPP_PROTOCOL_EAP;
|
pack->Protocol = PPP_PROTOCOL_EAP;
|
||||||
lcp = NewPPPLCP(PPP_EAP_CODE_FAILURE, p->Eap_PacketId++);
|
lcp = NewPPPLCP(PPP_EAP_CODE_FAILURE, identificator);
|
||||||
pack->Lcp = lcp;
|
pack->Lcp = lcp;
|
||||||
Debug("Sent EAP-TLS size=%i FAILURE\n", lcp->DataSize);
|
Debug("Sent EAP-TLS size=%i FAILURE\n", lcp->DataSize);
|
||||||
if (!PPPSendPacketAndFree(p, pack))
|
if (!PPPSendPacketAndFree(p, pack))
|
||||||
@ -3115,9 +3133,19 @@ bool PPPProcessEAPTlsResponse(PPP_SESSION* p, PPP_EAP* eap_packet, UINT eapTlsSi
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
Debug("Weird ACK for no reason at all...\n");
|
// Some clients needs a little help it seems - namely VPN Client Pro on Android
|
||||||
|
flags |= PPP_EAP_TLS_FLAG_SSLSTARTED;
|
||||||
|
lcp = BuildEAPTlsRequest(p->Eap_PacketId++, 0, flags);
|
||||||
|
PPPSetStatus(p, PPP_STATUS_AUTHENTICATING);
|
||||||
|
if (!PPPSendAndRetransmitRequest(p, PPP_PROTOCOL_EAP, lcp))
|
||||||
|
{
|
||||||
|
PPPSetStatus(p, PPP_STATUS_FAIL);
|
||||||
|
WHERE;
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
Debug("Sent EAP-TLS size=%i\n", lcp->DataSize);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
@ -5731,7 +5731,10 @@ SSL_PIPE *NewSslPipeEx(bool server_mode, X *x, K *k, DH_CTX *dh, bool verify_pee
|
|||||||
{
|
{
|
||||||
SSL_CTX_set_ssl_version(ssl_ctx, SSLv23_method());
|
SSL_CTX_set_ssl_version(ssl_ctx, SSLv23_method());
|
||||||
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2);
|
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2);
|
||||||
|
|
||||||
|
#ifdef SSL_OP_NO_SSLv3
|
||||||
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TLSv1_3); // For some reason pppd under linux doesn't like it
|
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TLSv1_3); // For some reason pppd under linux doesn't like it
|
||||||
|
#endif
|
||||||
|
|
||||||
AddChainSslCertOnDirectory(ssl_ctx);
|
AddChainSslCertOnDirectory(ssl_ctx);
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user