AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2025-07-07 16:25:01 +03:00
Code Releases Activity

v4.22-9634-beta

Browse Source
This commit is contained in:
dnobori
2016-11-27 17:43:14 +09:00
parent 0978e1a016
commit 4df2eb4f9c
122 changed files with 1265 additions and 562 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
src/Cedar/Protocol.c
View File

@ -690,8 +690,11 @@ void UpdateClientThreadMain(UPDATE_CLIENT *c)
cert_hash = StrToBin(UPDATE_SERVER_CERT_HASH);
recv = HttpRequestEx2(&data, NULL, UPDATE_CONNECT_TIMEOUT, UPDATE_COMM_TIMEOUT, &ret, false, NULL, NULL,
NULL, ((cert_hash != NULL && cert_hash->Size == SHA1_SIZE) ? cert_hash->Buf : NULL),
StrCpy(data.SniString, sizeof(data.SniString), DDNS_SNI_VER_STRING);
recv = HttpRequestEx3(&data, NULL, UPDATE_CONNECT_TIMEOUT, UPDATE_COMM_TIMEOUT, &ret, false, NULL, NULL,
NULL, ((cert_hash != NULL && (cert_hash->Size % SHA1_SIZE) == 0) ? cert_hash->Buf : NULL),
(cert_hash != NULL ? (cert_hash->Size / SHA1_SIZE) : 0),
(bool *)&c->HaltFlag, 0, NULL, NULL);
FreeBuf(cert_hash);
@ -1312,7 +1315,6 @@ bool ServerAccept(CONNECTION *c)
FARM_MEMBER *f = NULL;
SERVER *server = NULL;
POLICY ticketed_policy;
UINT64 timestamp;
UCHAR unique[SHA1_SIZE], unique2[SHA1_SIZE];
CEDAR *cedar;
RPC_WINVER winver;
@ -1450,31 +1452,6 @@ bool ServerAccept(CONNECTION *c)
}
}
// Time inspection
timestamp = PackGetInt64(p, "timestamp");
if (timestamp != 0)
{
UINT64 now = SystemTime64();
UINT64 abs;
if (now >= timestamp)
{
abs = now - timestamp;
}
else
{
abs = timestamp - now;
}
if (abs > ALLOW_TIMESTAMP_DIFF)
{
// Time difference is too large
FreePack(p);
c->Err = ERR_BAD_CLOCK;
error_detail = "ERR_BAD_CLOCK";
goto CLEANUP;
}
}
// Get the client version
PackGetStr(p, "client_str", c->ClientStr, sizeof(c->ClientStr));
c->ClientVer = PackGetInt(p, "client_ver");
@ -1655,7 +1632,7 @@ bool ServerAccept(CONNECTION *c)
{
radius_login_opt.In_CheckVLanId = hub->Option->AssignVLanIdByRadiusAttribute;
radius_login_opt.In_DenyNoVlanId = hub->Option->DenyAllRadiusLoginWithNoVlanAssign;
if (hub->Option->UseHubNameAsRadiusNasId == true)
if (hub->Option->UseHubNameAsRadiusNasId)
{
StrCpy(radius_login_opt.NasId, sizeof(radius_login_opt.NasId), hubname);
}
@ -4578,7 +4555,7 @@ bool ClientSecureSign(CONNECTION *c, UCHAR *sign, UCHAR *random, X **x)
if (ret)
{
Copy(sign, ss->Signature, 128);
Copy(sign, ss->Signature, sizeof(ss->Signature));
*x = ss->ClientCert;
}
@ -5857,7 +5834,7 @@ bool ClientUploadAuth(CONNECTION *c)
// Authentication by secure device
if (ClientSecureSign(c, sign, c->Random, &x))
{
p = PackLoginWithCert(o->HubName, a->Username, x, sign, 128);
p = PackLoginWithCert(o->HubName, a->Username, x, sign, x->bits / 8);
c->ClientX = CloneX(x);
FreeX(x);
}
@ -5880,9 +5857,6 @@ bool ClientUploadAuth(CONNECTION *c)
PackAddData(p, "ticket", c->Ticket, SHA1_SIZE);
}
// Current time
PackAddInt64(p, "timestamp", SystemTime64());
if (p == NULL)
{
// Error
@ -6073,9 +6047,8 @@ bool ServerDownloadSignature(CONNECTION *c, char **error_detail_str)
SOCK *s;
UINT num = 0, max = 19;
SERVER *server;
char hostname[64];
char *vpn_http_target = HTTP_VPN_TARGET2;
bool check_hostname = true;
bool check_hostname = false;
// Validate arguments
if (c == NULL)
{
@ -6083,7 +6056,7 @@ bool ServerDownloadSignature(CONNECTION *c, char **error_detail_str)
}
strcpy(hostname, "");
server = c->Cedar->Server;
s = c->FirstSock;
@ -6113,6 +6086,7 @@ bool ServerDownloadSignature(CONNECTION *c, char **error_detail_str)
if (check_hostname && (StrCmpi(h->Version, "HTTP/1.1") == 0 || StrCmpi(h->Version, "HTTP/1.2") == 0))
{
HTTP_VALUE *v;
char hostname[64];
Zero(hostname, sizeof(hostname));
@ -6347,12 +6321,6 @@ bool ServerDownloadSignature(CONNECTION *c, char **error_detail_str)
}
}
if ((b == false) && (StartWith(h->Target, "/wiki")))
{
HttpSendRedirect(s, h->Target, hostname);
b = true;
}
if (b == false)
{
// Not Found