From 2b7b72807782644c8c88fe0b46aadb07fcffbbdc Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Mon, 27 Feb 2023 20:51:23 +0600 Subject: [PATCH 1/7] CI: bump Ubuntu to newer version, install missing DCO dependencies --- .appveyor.yml | 4 ++-- .ci/azure-pipelines/linux.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.appveyor.yml b/.appveyor.yml index 761e3e4d..9c2bc8cb 100644 --- a/.appveyor.yml +++ b/.appveyor.yml @@ -1,6 +1,6 @@ version: '{build}' -image: Ubuntu1804 +image: Ubuntu2004 configuration: Release @@ -28,7 +28,7 @@ build_script: - .ci/memory-leak-test.sh test_script: - .ci/appveyor-deb-install-test.sh - - sudo apt-get update && sudo apt-get -y install autoconf libtool liblzo2-dev libpam-dev fping unzip liblz4-dev # openvpn build deps + - sudo apt-get update && sudo apt-get -y install autoconf libtool liblzo2-dev libpam-dev fping unzip liblz4-dev libnl-genl-3-dev # openvpn build deps - sudo .ci/start-se-openvpn.sh - sudo .ci/run-openvpn-tests.sh diff --git a/.ci/azure-pipelines/linux.yml b/.ci/azure-pipelines/linux.yml index 56574f2d..fbb8aeb5 100644 --- a/.ci/azure-pipelines/linux.yml +++ b/.ci/azure-pipelines/linux.yml @@ -1,12 +1,12 @@ jobs: - job: Ubuntu_x64 pool: - vmImage: ubuntu-18.04 + vmImage: ubuntu-22.04 steps: - checkout: self submodules: true persistCredentials: true - - script: sudo apt update && sudo apt-get -y install cmake gcc g++ ninja-build libncurses5-dev libreadline-dev libsodium-dev libssl-dev make zlib1g-dev liblz4-dev + - script: sudo apt update && sudo apt-get -y install cmake gcc g++ ninja-build libncurses5-dev libreadline-dev libsodium-dev libssl-dev make zlib1g-dev liblz4-dev libnl-genl-3-dev displayName: 'Prepare environment' - script: "$(Build.SourcesDirectory)/.ci/azure-pipelines/linux_build.sh" env: From bedf1cd7e98daa1a3786d5859601790344597bde Mon Sep 17 00:00:00 2001 From: Koichiro IWAO Date: Tue, 28 Feb 2023 17:22:08 +0900 Subject: [PATCH 2/7] Mayaqua/Unix: Make VM detection work on FreeBSD This is just a cosmetic problem in the result of "Caps" command which gets the list of server functions/capability. There's no behavioural change in SoftEtherVPN whether running on VM so far. --- src/Mayaqua/Unix.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/src/Mayaqua/Unix.c b/src/Mayaqua/Unix.c index 922d705f..07d4ebbb 100755 --- a/src/Mayaqua/Unix.c +++ b/src/Mayaqua/Unix.c @@ -295,16 +295,25 @@ void UnixDisableInterfaceOffload(char *name) #endif // UNIX_LINUX } -// Validate whether the UNIX is running in a VM +// Validate whether the Linux/FreeBSD is running in a VM +// Not implemented yet on other OS bool UnixIsInVmMain() { TOKEN_LIST *t = NULL; bool ret = false; +#if defined(UNIX_LINUX) char *vm_str_list = "Hypervisor detected,VMware Virtual Platform,VMware Virtual USB,qemu,xen,paravirtualized,virtual hd,virtualhd,virtual pc,virtualpc,kvm,oracle vm,oraclevm,parallels,xvm,bochs"; +#elif defined(__FreeBSD__) + char *vm_str_list = "generic,xen,hv,vmware,kvm,bhyve"; +#endif -#ifdef UNIX_LINUX +#if defined(UNIX_LINUX) t = UnixExec("/bin/dmesg"); +#elif defined(__FreeBSD__) + t = UnixExec("/sbin/sysctl -n kern.vm_guest"); +#endif +#if defined(UNIX_LINUX) || defined(__FreeBSD__) if (t != NULL) { BUF *b = NewBuf(); @@ -327,10 +336,11 @@ bool UnixIsInVmMain() FreeBuf(b); FreeToken(t); } -#endif // UNIX_LINUX +#endif // defined(UNIX_LINUX) || defined(__FreeBSD) return ret; } + bool UnixIsInVm() { static bool is_in_vm_flag = false; From 1fe26ccb6c5c84ef5c1ef1b1e4b3b01b0c650e8a Mon Sep 17 00:00:00 2001 From: Koichiro IWAO Date: Tue, 28 Feb 2023 22:06:49 +0900 Subject: [PATCH 3/7] Cedar: Trim contiguous whitespaces in version string Before change, contiguous whitespaces appeared in version string. This room is for beta string (such as Alpha, Beta) and beta number but it looks a bit odd if the build is not alpha/beta/RC. > Version 5.02 Build 5180 Alpha 3 (Japanese) > Version 5.02 Build 5180 Beta 3 (Japanese) > Version 5.02 Build 5180 Release Candidate 3 (Japanese) > Version 5.02 Build 5180 (Japanese) > ^^^ Now version string looks neat like this: > Version 5.02 Build 5180 (Japanese) > Version 5.02 Build 5180 Release Candidate 3 (Japanese) --- src/Cedar/Cedar.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/src/Cedar/Cedar.c b/src/Cedar/Cedar.c index fc234217..02b4ee2b 100644 --- a/src/Cedar/Cedar.c +++ b/src/Cedar/Cedar.c @@ -1564,11 +1564,14 @@ CEDAR *NewCedar(X *server_x, K *server_k) #endif // ALPHA_VERSION ToStr(tmp2, c->Beta); + Format(tmp2, sizeof(tmp2), " %s %s ", beta_str, tmp2); - Format(tmp, sizeof(tmp), "Version %u.%02u Build %u %s %s (%s)", + Format(tmp, sizeof(tmp), + "Version %u.%02u Build %u" + "%s" // Alpha, Beta, Release Candidate or nothing + "(%s)", // Language CEDAR_VERSION_MAJOR, CEDAR_VERSION_MINOR, CEDAR_VERSION_BUILD, - c->Beta == 0 ? "" : beta_str, - c->Beta == 0 ? "" : tmp2, + c->Beta == 0 ? " " : tmp2, _SS("LANGSTR")); Trim(tmp); From f7d33568f3110f80475535f53c60be72dff779e4 Mon Sep 17 00:00:00 2001 From: Koichiro IWAO Date: Thu, 2 Mar 2023 18:11:56 +0900 Subject: [PATCH 4/7] README: SEvsDE: document AES-NI hardware acceleration support Stable Edition requires intel_aes_lib to enable AES-NI [1]. Developer Edition depends on OpeSSL to use AES-NI. It is enabled by default as long as processor supports it. [1] https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/blob/bf23fe0/src/Mayaqua/Encrypt.c#L145-L147 --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 120d83fb..f94c520f 100644 --- a/README.md +++ b/README.md @@ -172,6 +172,7 @@ https://github.com/domosekai | ECDSA Certificates Import | ❌ | ✅ | | | Runs on Windows XP and Earlier | ✅ | ❌ | | | Compatible with SoftEther VPN 1.0 | ✅ | ❌ | | +| AES-NI Hardware Acceleration | ⚠️ | ✅ | SE requires [intel_aes_lib](https://software.intel.com/sites/default/files/article/181731/intel-aesni-sample-library-v1.2.zip) to enable AES-NI, so x86 only. In DE, enabled by default as long as processor supports it (at least x86 and ARM). | # Installation From 91053622ab7fc0cc6df1d1e3a6ebefc22a39887f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 3 Mar 2023 01:26:17 +0000 Subject: [PATCH 5/7] Bump minimist and mkdirp in /src/bin/hamcore/wwwroot/admin/default Bumps [minimist](https://github.com/minimistjs/minimist) and [mkdirp](https://github.com/isaacs/node-mkdirp). These dependencies needed to be updated together. Updates `minimist` from 0.0.8 to 1.2.8 - [Release notes](https://github.com/minimistjs/minimist/releases) - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](https://github.com/minimistjs/minimist/compare/v0.0.8...v1.2.8) Updates `mkdirp` from 0.5.1 to 0.5.6 - [Release notes](https://github.com/isaacs/node-mkdirp/releases) - [Changelog](https://github.com/isaacs/node-mkdirp/blob/main/CHANGELOG.md) - [Commits](https://github.com/isaacs/node-mkdirp/compare/0.5.1...v0.5.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect - dependency-name: mkdirp dependency-type: indirect ... Signed-off-by: dependabot[bot] --- .../wwwroot/admin/default/package-lock.json | 22 ++++++++++--------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/src/bin/hamcore/wwwroot/admin/default/package-lock.json b/src/bin/hamcore/wwwroot/admin/default/package-lock.json index 1c517c77..148efd5c 100644 --- a/src/bin/hamcore/wwwroot/admin/default/package-lock.json +++ b/src/bin/hamcore/wwwroot/admin/default/package-lock.json @@ -875,19 +875,21 @@ "brace-expansion": "^1.1.7" } }, - "minimist": { - "version": "0.0.8", - "resolved": "https://registry.npmjs.org/minimist/-/minimist-0.0.8.tgz", - "integrity": "sha1-hX/Kv8M5fSYluCKCYuhqp6ARsF0=", - "dev": true - }, "mkdirp": { - "version": "0.5.1", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.1.tgz", - "integrity": "sha1-MAV0OOrGz3+MR2fzhkjWaX11yQM=", + "version": "0.5.6", + "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.6.tgz", + "integrity": "sha512-FP+p8RB8OWpF3YZBCrP5gtADmtXApB5AMLn+vdyA+PyxCjrCs00mjyUozssO33cwDeT3wNGdLxJ5M//YqtHAJw==", "dev": true, "requires": { - "minimist": "0.0.8" + "minimist": "^1.2.6" + }, + "dependencies": { + "minimist": { + "version": "1.2.8", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz", + "integrity": "sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==", + "dev": true + } } }, "neo-async": { From fb83ac08f21ac98cbd8f6bbecd16f2a2cf19e996 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 15 Mar 2023 09:35:00 +0000 Subject: [PATCH 6/7] Bump webpack in /src/bin/hamcore/wwwroot/admin/default Bumps [webpack](https://github.com/webpack/webpack) from 5.75.0 to 5.76.0. - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](https://github.com/webpack/webpack/compare/v5.75.0...v5.76.0) --- updated-dependencies: - dependency-name: webpack dependency-type: direct:development ... Signed-off-by: dependabot[bot] --- .../wwwroot/admin/default/package-lock.json | 86 +++++++++---------- 1 file changed, 43 insertions(+), 43 deletions(-) diff --git a/src/bin/hamcore/wwwroot/admin/default/package-lock.json b/src/bin/hamcore/wwwroot/admin/default/package-lock.json index 148efd5c..65ae50a8 100644 --- a/src/bin/hamcore/wwwroot/admin/default/package-lock.json +++ b/src/bin/hamcore/wwwroot/admin/default/package-lock.json @@ -80,9 +80,9 @@ } }, "@types/eslint": { - "version": "8.4.10", - "resolved": "https://registry.npmjs.org/@types/eslint/-/eslint-8.4.10.tgz", - "integrity": "sha512-Sl/HOqN8NKPmhWo2VBEPm0nvHnu2LL3v9vKo8MEq0EtbJ4eVzGPl41VNPvn5E1i5poMk4/XD8UriLHpJvEP/Nw==", + "version": "8.21.2", + "resolved": "https://registry.npmjs.org/@types/eslint/-/eslint-8.21.2.tgz", + "integrity": "sha512-EMpxUyystd3uZVByZap1DACsMXvb82ypQnGn89e1Y0a+LYu3JJscUd/gqhRsVFDkaD2MIiWo0MT8EfXr3DGRKw==", "dev": true, "requires": { "@types/estree": "*", @@ -121,9 +121,9 @@ "dev": true }, "@types/node": { - "version": "18.11.18", - "resolved": "https://registry.npmjs.org/@types/node/-/node-18.11.18.tgz", - "integrity": "sha512-DHQpWGjyQKSHj3ebjFI/wRKcqQcdR+MoFBygntYOZytCqNfkd2ZC4ARDJ2DQqhjH5p85Nnd3jhUJIXrszFX/JA==", + "version": "18.15.3", + "resolved": "https://registry.npmjs.org/@types/node/-/node-18.15.3.tgz", + "integrity": "sha512-p6ua9zBxz5otCmbpb5D3U4B5Nanw6Pk3PPyX05xnxbB/fRv71N7CPmORg7uAD5P70T0xmx1pzAx/FUfa5X+3cw==", "dev": true }, "@types/sizzle": { @@ -309,9 +309,9 @@ "dev": true }, "acorn": { - "version": "8.8.1", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.8.1.tgz", - "integrity": "sha512-7zFpHzhnqYKrkYdUjF1HI1bzd0VygEGX8lFk4k5zVMqHEoES+P+7TKI+EvLO9WVMJ8eekdO0aDEK044xTXwPPA==", + "version": "8.8.2", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.8.2.tgz", + "integrity": "sha512-xjIYgE8HBrkpd/sJqOGNspf8uHG+NOHGOw6a/Urj8taM2EXfdNAH2oFcPeIFfsv3+kz/mJrS5VuMqbNLjCa2vw==", "dev": true }, "acorn-import-assertions": { @@ -382,15 +382,15 @@ } }, "browserslist": { - "version": "4.21.4", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.4.tgz", - "integrity": "sha512-CBHJJdDmgjl3daYjN5Cp5kbTf1mUhZoS+beLklHIvkOWscs83YAhLlF3Wsh/lciQYAcbBJgTOD44VtG31ZM4Hw==", + "version": "4.21.5", + "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.5.tgz", + "integrity": "sha512-tUkiguQGW7S3IhB7N+c2MV/HZPSCPAAiYBZXLsBhFB/PCy6ZKKsZrmBayHV9fdGV/ARIfJ14NkxKzRDjvp7L6w==", "dev": true, "requires": { - "caniuse-lite": "^1.0.30001400", - "electron-to-chromium": "^1.4.251", - "node-releases": "^2.0.6", - "update-browserslist-db": "^1.0.9" + "caniuse-lite": "^1.0.30001449", + "electron-to-chromium": "^1.4.284", + "node-releases": "^2.0.8", + "update-browserslist-db": "^1.0.10" } }, "buffer-from": { @@ -406,9 +406,9 @@ "dev": true }, "caniuse-lite": { - "version": "1.0.30001441", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001441.tgz", - "integrity": "sha512-OyxRR4Vof59I3yGWXws6i908EtGbMzVUi3ganaZQHmydk1iwDhRnvaPG2WaR0KcqrDFKrxVZHULT396LEPhXfg==", + "version": "1.0.30001466", + "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001466.tgz", + "integrity": "sha512-ewtFBSfWjEmxUgNBSZItFSmVtvk9zkwkl1OfRZlKA8slltRN+/C/tuGVrF9styXkN36Yu3+SeJ1qkXxDEyNZ5w==", "dev": true }, "chalk": { @@ -495,9 +495,9 @@ "dev": true }, "electron-to-chromium": { - "version": "1.4.284", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.284.tgz", - "integrity": "sha512-M8WEXFuKXMYMVr45fo8mq0wUrrJHheiKZf6BArTKk9ZBYCKJEOU5H8cdWgDT+qCVZf7Na4lVUaZsA+h6uA9+PA==", + "version": "1.4.330", + "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.330.tgz", + "integrity": "sha512-PqyefhybrVdjAJ45HaPLtuVaehiSw7C3ya0aad+rvmV53IVyXmYRk3pwIOb2TxTDTnmgQdn46NjMMaysx79/6Q==", "dev": true }, "enhanced-resolve": { @@ -899,9 +899,9 @@ "dev": true }, "node-releases": { - "version": "2.0.8", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.8.tgz", - "integrity": "sha512-dFSmB8fFHEH/s81Xi+Y/15DQY6VHW81nXRj86EMSL3lmuTmK1e+aT4wrFCkTbm+gSwkw4KpX+rT/pMM2c1mF+A==", + "version": "2.0.10", + "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.10.tgz", + "integrity": "sha512-5GFldHPXVG/YZmFzJvKK2zDSzPKhEp0+ZR5SVaoSag9fsL5YgHbUHDfnG5494ISANDcK4KwPXAx2xqVEydmd7w==", "dev": true }, "once": { @@ -983,9 +983,9 @@ } }, "punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.0.tgz", + "integrity": "sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA==", "dev": true }, "randombytes": { @@ -1067,9 +1067,9 @@ "dev": true }, "serialize-javascript": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-6.0.0.tgz", - "integrity": "sha512-Qr3TosvguFt8ePWqsvRfrKyQXIiW+nGbYpy8XK24NQHE83caxWt+mIymTT19DGFbNWNLfEwsrkSmN64lVWB9ag==", + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-6.0.1.tgz", + "integrity": "sha512-owoXEFjWRllis8/M1Q+Cw5k8ZH40e3zhp/ovX+Xr/vi1qj6QesbyXXViFbpNvWvPNAD62SutwEXavefrLJWj7w==", "dev": true, "requires": { "randombytes": "^2.1.0" @@ -1143,9 +1143,9 @@ "dev": true }, "terser": { - "version": "5.16.1", - "resolved": "https://registry.npmjs.org/terser/-/terser-5.16.1.tgz", - "integrity": "sha512-xvQfyfA1ayT0qdK47zskQgRZeWLoOQ8JQ6mIgRGVNwZKdQMU+5FkCBjmv4QjcrTzyZquRw2FVtlJSRUmMKQslw==", + "version": "5.16.6", + "resolved": "https://registry.npmjs.org/terser/-/terser-5.16.6.tgz", + "integrity": "sha512-IBZ+ZQIA9sMaXmRZCUMDjNH0D5AQQfdn4WUjHL0+1lF4TP1IHRJbrhb6fNaXWikrYQTSkb7SLxkeXAiy1p7mbg==", "dev": true, "requires": { "@jridgewell/source-map": "^0.3.2", @@ -1155,16 +1155,16 @@ } }, "terser-webpack-plugin": { - "version": "5.3.6", - "resolved": "https://registry.npmjs.org/terser-webpack-plugin/-/terser-webpack-plugin-5.3.6.tgz", - "integrity": "sha512-kfLFk+PoLUQIbLmB1+PZDMRSZS99Mp+/MHqDNmMA6tOItzRt+Npe3E+fsMs5mfcM0wCtrrdU387UnV+vnSffXQ==", + "version": "5.3.7", + "resolved": "https://registry.npmjs.org/terser-webpack-plugin/-/terser-webpack-plugin-5.3.7.tgz", + "integrity": "sha512-AfKwIktyP7Cu50xNjXF/6Qb5lBNzYaWpU6YfoX3uZicTx0zTy0stDDCsvjDapKsSDvOeWo5MEq4TmdBy2cNoHw==", "dev": true, "requires": { - "@jridgewell/trace-mapping": "^0.3.14", + "@jridgewell/trace-mapping": "^0.3.17", "jest-worker": "^27.4.5", "schema-utils": "^3.1.1", - "serialize-javascript": "^6.0.0", - "terser": "^5.14.1" + "serialize-javascript": "^6.0.1", + "terser": "^5.16.5" } }, "to-regex-range": { @@ -1326,9 +1326,9 @@ } }, "webpack": { - "version": "5.75.0", - "resolved": "https://registry.npmjs.org/webpack/-/webpack-5.75.0.tgz", - "integrity": "sha512-piaIaoVJlqMsPtX/+3KTTO6jfvrSYgauFVdt8cr9LTHKmcq/AMd4mhzsiP7ZF/PGRNPGA8336jldh9l2Kt2ogQ==", + "version": "5.76.0", + "resolved": "https://registry.npmjs.org/webpack/-/webpack-5.76.0.tgz", + "integrity": "sha512-l5sOdYBDunyf72HW8dF23rFtWq/7Zgvt/9ftMof71E/yUb1YLOBmTgA2K4vQthB3kotMrSj609txVE0dnr2fjA==", "dev": true, "requires": { "@types/eslint-scope": "^3.7.3", From df7ea3c54a9513525f0a2a3ec73f27ec972a00fe Mon Sep 17 00:00:00 2001 From: Yihong Wu Date: Fri, 31 Mar 2023 09:14:39 +0000 Subject: [PATCH 7/7] Mayaqua/Memory: Fix memory corruption in base64 --- src/Mayaqua/Memory.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Mayaqua/Memory.c b/src/Mayaqua/Memory.c index 315f89c0..96ff994a 100644 --- a/src/Mayaqua/Memory.c +++ b/src/Mayaqua/Memory.c @@ -3463,7 +3463,7 @@ void *Base64ToBin(UINT *out_size, const void *src, const UINT size) return NULL; } - void *bin = Malloc(bin_size); + void *bin = ZeroMalloc(bin_size + 1); bin_size = Base64Decode(bin, src, size); if (bin_size == 0) {