1
0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2025-07-06 07:44:57 +03:00

v4.07-9448-rtm

This commit is contained in:
dnobori
2014-06-06 06:53:20 +09:00
parent 7839d2939e
commit 719ee999d6
333 changed files with 1412 additions and 346 deletions

View File

@ -116,7 +116,7 @@
#define TAG_END "end"
#define TAG_ROOT "root"
#define TAG_CPYRIGHT "\xef\xbb\xbf# Software Configuration File\r\n# \r\n# You can edit this file when the program is not working.\r\n# \r\n"
#define TAG_CPYRIGHT "\xef\xbb\xbf# Software Configuration File\r\n# ---------------------------\r\n# \r\n# You may edit this file when the VPN Server / Client / Bridge program is not running.\r\n# \r\n# In prior to edit this file manually by your text editor,\r\n# shutdown the VPN Server / Client / Bridge background service.\r\n# Otherwise, all changes will be lost.\r\n# \r\n"
#define TAG_BINARY "SEVPN_DB"
// Data type

View File

@ -126,6 +126,8 @@
#include <openssl/aes.h>
#include <openssl/dh.h>
#include <openssl/pem.h>
#include <openssl/conf.h>
#include <openssl/x509v3.h>
#include <Mayaqua/Mayaqua.h>
#ifdef USE_INTEL_AESNI_LIBRARY
@ -1149,13 +1151,13 @@ void GetAllNameFromA(char *str, UINT size, X *x)
// Get the all name strings from NAME
void GetAllNameFromName(wchar_t *str, UINT size, NAME *name)
{
UniStrCpy(str, size, L"");
// Validate arguments
if (str == NULL || name == NULL)
{
return;
}
UniStrCpy(str, size, L"");
if (name->CommonName != NULL)
{
UniFormat(str, size, L"%sCN=%s, ", str, name->CommonName);
@ -1896,6 +1898,7 @@ X509 *NewRootX509(K *pub, K *priv, NAME *name, UINT days, X_SERIAL *serial)
UINT64 notBefore, notAfter;
ASN1_TIME *t1, *t2;
X509_NAME *subject_name, *issuer_name;
X509_EXTENSION *ex = NULL;
// Validate arguments
if (pub == NULL || name == NULL || priv == NULL)
{
@ -1981,6 +1984,11 @@ X509 *NewRootX509(K *pub, K *priv, NAME *name, UINT days, X_SERIAL *serial)
s->length = serial->size;
}
// Extensions
ex = X509V3_EXT_conf_nid(NULL, NULL, NID_basic_constraints, "critical,CA:TRUE");
X509_add_ext(x509, ex, -1);
X509_EXTENSION_free(ex);
Lock(openssl_lock);
{
// Set the public key
@ -2663,6 +2671,10 @@ bool RsaGen(K **priv, K **pub, UINT bit)
// Confirm whether the certificate X is signed by the issuer of the certificate x_issuer
bool CheckX(X *x, X *x_issuer)
{
return CheckXEx(x, x_issuer, false, false);
}
bool CheckXEx(X *x, X *x_issuer, bool check_name, bool check_date)
{
K *k;
bool ret;
@ -2679,6 +2691,26 @@ bool CheckX(X *x, X *x_issuer)
}
ret = CheckSignature(x, k);
if (ret)
{
if (check_name)
{
if (CompareName(x->issuer_name, x_issuer->subject_name) == false)
{
ret = false;
}
}
if (check_date)
{
if (CheckXDateNow(x_issuer) == false)
{
ret = false;
}
}
}
FreeK(k);
return ret;
@ -3680,6 +3712,43 @@ X *X509ToX(X509 *x509)
}
}
// Check whether there is basic constraints
if (X509_get_ext_by_NID(x509, NID_basic_constraints, -1) != -1)
{
x->has_basic_constraints = true;
}
// Get the "Certification Authority Issuer" (1.3.6.1.5.5.7.48.2) field value
if (x->root_cert == false)
{
AUTHORITY_INFO_ACCESS *ads = (AUTHORITY_INFO_ACCESS *)X509_get_ext_d2i(x509, NID_info_access, NULL, NULL);
if (ads != NULL)
{
int i;
for (i = 0; i < sk_ACCESS_DESCRIPTION_num(ads); i++)
{
ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(ads, i);
if (ad != NULL)
{
if (OBJ_obj2nid(ad->method) == NID_ad_ca_issuers && ad->location->type == GEN_URI)
{
char *uri = (char *)ASN1_STRING_data(ad->location->d.uniformResourceIdentifier);
if (IsEmptyStr(uri) == false)
{
StrCpy(x->issuer_url, sizeof(x->issuer_url), uri);
break;
}
}
}
}
AUTHORITY_INFO_ACCESS_free(ads);
}
}
// Get the Serial Number
x->serial = NewXSerial(x509->cert_info->serialNumber->data,
x509->cert_info->serialNumber->length);

View File

@ -197,6 +197,8 @@ struct X
bool do_not_free;
bool is_compatible_bit;
UINT bits;
bool has_basic_constraints;
char issuer_url[256];
};
// Key
@ -339,6 +341,7 @@ K *GetKFromX(X *x);
bool CheckSignature(X *x, K *k);
X *X509ToX(X509 *x509);
bool CheckX(X *x, X *x_issuer);
bool CheckXEx(X *x, X *x_issuer, bool check_name, bool check_date);
bool Asn1TimeToSystem(SYSTEMTIME *s, void *asn1_time);
bool StrToSystem(SYSTEMTIME *s, char *str);
UINT64 Asn1TimeToUINT64(void *asn1_time);

View File

@ -485,6 +485,7 @@ typedef struct ICMP_RESULT ICMP_RESULT;
typedef struct SSL_PIPE SSL_PIPE;
typedef struct SSL_BIO SSL_BIO;
typedef struct RUDP_STACK RUDP_STACK;
typedef struct RUDP_SOURCE_IP RUDP_SOURCE_IP;
typedef struct RUDP_SESSION RUDP_SESSION;
typedef struct RUDP_SEGMENT RUDP_SEGMENT;
typedef struct CONNECT_TCP_RUDP_PARAM CONNECT_TCP_RUDP_PARAM;

View File

@ -2005,6 +2005,41 @@ int CompareInt64(void *p1, void *p2)
return COMPARE_RET(*v1, *v2);
}
// Randomize the contents of the list
void RandomizeList(LIST *o)
{
LIST *o2;
UINT i;
// Validate arguments
if (o == NULL)
{
return;
}
o2 = NewListFast(NULL);
while (LIST_NUM(o) != 0)
{
UINT num = LIST_NUM(o);
UINT i = Rand32() % num;
void *p = LIST_DATA(o, i);
Add(o2, p);
Delete(o, p);
}
DeleteAll(o);
for (i = 0;i < LIST_NUM(o2);i++)
{
void *p = LIST_DATA(o2, i);
Add(o, p);
}
ReleaseList(o2);
}
// Add an integer to the list
void AddInt(LIST *o, UINT i)
{

View File

@ -387,6 +387,7 @@ void InsertInt(LIST *o, UINT i);
void InsertInt64(LIST *o, UINT64 i);
void InsertIntDistinct(LIST *o, UINT i);
void InsertInt64Distinct(LIST *o, UINT64 i);
void RandomizeList(LIST *o);
void *GetNext(QUEUE *q);
void *GetNextWithLock(QUEUE *q);

View File

@ -225,6 +225,7 @@ static UINT rand_port_numbers[256] = {0};
static bool g_use_privateip_file = false;
static bool g_source_ip_validation_force_disable = false;
typedef struct PRIVATE_IP_SUBNET
{
@ -1537,6 +1538,17 @@ void RUDPProcess_NatT_Recv(RUDP_STACK *r, UDPPACKET *udp)
// Save the IP address and port number at the time of registration
PackGetStr(p, "your_ip_and_port", r->NatT_Registered_IPAndPort, sizeof(r->NatT_Registered_IPAndPort));
if (g_source_ip_validation_force_disable == false)
{
// Enable the source IP address validation mechanism
r->NatT_EnableSourceIpValidation = PackGetBool(p, "enable_source_ip_validation");
}
else
{
// Force disable the source IP address validation mechanism
r->NatT_EnableSourceIpValidation = false;
}
// Global port of itself
my_global_port = PackGetInt(p, "your_port");
@ -1569,6 +1581,11 @@ void RUDPProcess_NatT_Recv(RUDP_STACK *r, UDPPACKET *udp)
UCHAR *rand_data;
UINT rand_size;
if (r->NatT_EnableSourceIpValidation)
{
RUDPAddIpToValidateList(r, &client_ip);
}
rand_size = Rand32() % 19;
rand_data = Malloc(rand_size);
@ -1588,6 +1605,12 @@ void RUDPProcess_NatT_Recv(RUDP_STACK *r, UDPPACKET *udp)
FreeBuf(b);
}
// Set the flag of the source IP address validation function
void RUDPSetSourceIpValidationForceDisable(bool b)
{
g_source_ip_validation_force_disable = b;
}
// Process such as packet transmission for NAT-T server
void RUDPDo_NatT_Interrupt(RUDP_STACK *r)
{
@ -1826,6 +1849,11 @@ void RUDPRecvProc(RUDP_STACK *r, UDPPACKET *p)
// Entire number of sessions exceeds the limit
ok = false;
}
else if (r->NatT_EnableSourceIpValidation && RUDPIsIpInValidateList(r, &p->SrcIP) == false)
{
// Invalid source IP address, which is not registered on the validated source IP address list
ok = false;
}
else
{
UINT i;
@ -1942,6 +1970,138 @@ void RUDPRecvProc(RUDP_STACK *r, UDPPACKET *p)
}
}
// Check whether the specificed IP address is in the validated source IP address list
bool RUDPIsIpInValidateList(RUDP_STACK *r, IP *ip)
{
UINT i;
UINT64 now = Tick64();
LIST *o = NULL;
bool ret = false;
// Validate arguments
if (r == NULL || ip == NULL)
{
return false;
}
for (i = 0;i < LIST_NUM(r->NatT_SourceIpList);i++)
{
RUDP_SOURCE_IP *s = (RUDP_SOURCE_IP *)LIST_DATA(r->NatT_SourceIpList, i);
if (s->ExpiresTick <= now)
{
if (o == NULL)
{
o = NewListFast(NULL);
}
Add(o, s);
}
}
if (o != NULL)
{
for (i = 0;i < LIST_NUM(o);i++)
{
RUDP_SOURCE_IP *s = (RUDP_SOURCE_IP *)LIST_DATA(o, i);
Delete(r->NatT_SourceIpList, s);
Free(s);
}
ReleaseList(o);
}
for (i = 0;i < LIST_NUM(r->NatT_SourceIpList);i++)
{
RUDP_SOURCE_IP *s = (RUDP_SOURCE_IP *)LIST_DATA(r->NatT_SourceIpList, i);
if (CmpIpAddr(&s->ClientIP, ip) == 0)
{
ret = true;
break;
}
}
Debug("RUDP: NAT-T: Validate IP: %r, ret=%u (current list len = %u)\n", ip, ret, LIST_NUM(r->NatT_SourceIpList));
return ret;
}
// Add an IP address to the validated source IP address list
void RUDPAddIpToValidateList(RUDP_STACK *r, IP *ip)
{
UINT i;
RUDP_SOURCE_IP *sip;
UINT64 now = Tick64();
LIST *o = NULL;
// Validate arguments
if (r == NULL || ip == NULL)
{
return;
}
if (LIST_NUM(r->NatT_SourceIpList) >= RUDP_MAX_VALIDATED_SOURCE_IP_ADDRESSES)
{
return;
}
for (i = 0;i < LIST_NUM(r->NatT_SourceIpList);i++)
{
RUDP_SOURCE_IP *s = (RUDP_SOURCE_IP *)LIST_DATA(r->NatT_SourceIpList, i);
if (s->ExpiresTick <= now)
{
if (o == NULL)
{
o = NewListFast(NULL);
}
Add(o, s);
}
}
if (o != NULL)
{
for (i = 0;i < LIST_NUM(o);i++)
{
RUDP_SOURCE_IP *s = (RUDP_SOURCE_IP *)LIST_DATA(o, i);
Delete(r->NatT_SourceIpList, s);
Free(s);
}
ReleaseList(o);
}
sip = NULL;
for (i = 0;i < LIST_NUM(r->NatT_SourceIpList);i++)
{
RUDP_SOURCE_IP *s = (RUDP_SOURCE_IP *)LIST_DATA(r->NatT_SourceIpList, i);
if (CmpIpAddr(&s->ClientIP, ip) == 0)
{
sip = s;
break;
}
}
if (sip == NULL)
{
sip = ZeroMalloc(sizeof(RUDP_SOURCE_IP));
Copy(&sip->ClientIP, ip, sizeof(IP));
Add(r->NatT_SourceIpList, sip);
}
sip->ExpiresTick = now + (UINT64)RUDP_VALIDATED_SOURCE_IP_ADDRESS_EXPIRES;
Debug("RUDP: NAT-T: Src IP added: %r (current list len = %u)\n", ip, LIST_NUM(r->NatT_SourceIpList));
}
// R-UDP interrupt processing procedure
void RUDPInterruptProc(RUDP_STACK *r)
{
@ -4759,6 +4919,7 @@ SOCK *NewRUDPClientNatT(char *svc_name, IP *ip, UINT *error_code, UINT timeout,
UINT result_port;
SOCK *ret = NULL;
UINT num_tries = 0;
UINT64 current_cookie = 0;
AddInterrupt(interrupt, giveup_tick);
@ -4832,6 +4993,12 @@ LABEL_TIMEOUT:
if (p != NULL)
{
UINT64 cookie = PackGetInt64(p, "cookie");
if (cookie != 0)
{
current_cookie = cookie;
}
// Compare tran_id
if (PackGetInt64(p, "tran_id") == tran_id)
{
@ -4901,6 +5068,7 @@ LABEL_TIMEOUT:
PackAddInt64(p, "tran_id", tran_id);
IPToStr(ip_str, sizeof(ip_str), ip);
PackAddStr(p, "dest_ip", ip_str);
PackAddInt64(p, "cookie", current_cookie);
if (IsEmptyStr(hint_str) == false)
{
PackAddStr(p, "hint", hint_str);
@ -5194,6 +5362,8 @@ RUDP_STACK *NewRUDP(bool server_mode, char *svc_name, RUDP_STACK_INTERRUPTS_PROC
r->NewSockQueue = NewQueue();
r->NatT_TranId = Rand64();
r->NatT_SourceIpList = NewListFast(NULL);
StrCpy(tmp, sizeof(tmp), r->SvcName);
Trim(tmp);
StrLower(tmp);
@ -5359,6 +5529,15 @@ void FreeRUDP(RUDP_STACK *r)
ReleaseSock(s);
}
for (i = 0;i < LIST_NUM(r->NatT_SourceIpList);i++)
{
RUDP_SOURCE_IP *sip = (RUDP_SOURCE_IP *)LIST_DATA(r->NatT_SourceIpList, i);
Free(sip);
}
ReleaseList(r->NatT_SourceIpList);
ReleaseQueue(r->NewSockQueue);
ReleaseList(r->SendPacketList);
@ -5559,7 +5738,7 @@ SSL_PIPE *NewSslPipe(bool server_mode, X *x, K *k, DH_CTX *dh)
{
SSL_PIPE *s;
SSL *ssl;
SSL_CTX *ssl_ctx = NewSSLCtx();
SSL_CTX *ssl_ctx = NewSSLCtx(server_mode);
Lock(openssl_lock);
{
@ -11473,7 +11652,7 @@ UINT RecvFrom(SOCK *sock, IP *src_addr, UINT *src_port, void *data, UINT size)
#ifdef OS_WIN32
if (WSAGetLastError() == WSAECONNRESET || WSAGetLastError() == WSAENETRESET || WSAGetLastError() == WSAEMSGSIZE || WSAGetLastError() == WSAENETUNREACH ||
WSAGetLastError() == WSAENOBUFS || WSAGetLastError() == WSAEHOSTUNREACH || WSAGetLastError() == WSAEUSERS)
WSAGetLastError() == WSAENOBUFS || WSAGetLastError() == WSAEHOSTUNREACH || WSAGetLastError() == WSAEUSERS || WSAGetLastError() == WSAEADDRNOTAVAIL || WSAGetLastError() == WSAEADDRNOTAVAIL)
{
sock->IgnoreRecvErr = true;
}
@ -11553,7 +11732,7 @@ UINT RecvFrom6(SOCK *sock, IP *src_addr, UINT *src_port, void *data, UINT size)
#ifdef OS_WIN32
if (WSAGetLastError() == WSAECONNRESET || WSAGetLastError() == WSAENETRESET || WSAGetLastError() == WSAEMSGSIZE || WSAGetLastError() == WSAENETUNREACH ||
WSAGetLastError() == WSAENOBUFS || WSAGetLastError() == WSAEHOSTUNREACH || WSAGetLastError() == WSAEUSERS)
WSAGetLastError() == WSAENOBUFS || WSAGetLastError() == WSAEHOSTUNREACH || WSAGetLastError() == WSAEUSERS || WSAGetLastError() == WSAEADDRNOTAVAIL || WSAGetLastError() == WSAEADDRNOTAVAIL)
{
sock->IgnoreRecvErr = true;
}
@ -11665,7 +11844,7 @@ UINT SendToEx(SOCK *sock, IP *dest_addr, UINT dest_port, void *data, UINT size,
#ifdef OS_WIN32
if (WSAGetLastError() == WSAECONNRESET || WSAGetLastError() == WSAENETRESET || WSAGetLastError() == WSAEMSGSIZE || WSAGetLastError() == WSAENETUNREACH ||
WSAGetLastError() == WSAENOBUFS || WSAGetLastError() == WSAEHOSTUNREACH || WSAGetLastError() == WSAEUSERS || WSAGetLastError() == WSAEINVAL)
WSAGetLastError() == WSAENOBUFS || WSAGetLastError() == WSAEHOSTUNREACH || WSAGetLastError() == WSAEUSERS || WSAGetLastError() == WSAEINVAL || WSAGetLastError() == WSAEADDRNOTAVAIL)
{
sock->IgnoreSendErr = true;
}
@ -11768,7 +11947,7 @@ UINT SendTo6Ex(SOCK *sock, IP *dest_addr, UINT dest_port, void *data, UINT size,
#ifdef OS_WIN32
if (WSAGetLastError() == WSAECONNRESET || WSAGetLastError() == WSAENETRESET || WSAGetLastError() == WSAEMSGSIZE || WSAGetLastError() == WSAENETUNREACH ||
WSAGetLastError() == WSAENOBUFS || WSAGetLastError() == WSAEHOSTUNREACH || WSAGetLastError() == WSAEUSERS || WSAGetLastError() == WSAEINVAL)
WSAGetLastError() == WSAENOBUFS || WSAGetLastError() == WSAEHOSTUNREACH || WSAGetLastError() == WSAEUSERS || WSAGetLastError() == WSAEINVAL || WSAGetLastError() == WSAEADDRNOTAVAIL)
{
sock->IgnoreSendErr = true;
}
@ -12354,6 +12533,7 @@ bool SendAll(SOCK *sock, void *data, UINT size, bool secure)
// Set the cipher algorithm name to want to use
void SetWantToUseCipher(SOCK *sock, char *name)
{
char tmp[254];
// Validate arguments
if (sock == NULL || name == NULL)
{
@ -12364,7 +12544,13 @@ void SetWantToUseCipher(SOCK *sock, char *name)
{
Free(sock->WaitToUseCipher);
}
sock->WaitToUseCipher = CopyStr(name);
Zero(tmp, sizeof(tmp));
StrCpy(tmp, sizeof(tmp), name);
StrCat(tmp, sizeof(tmp), " ");
StrCat(tmp, sizeof(tmp), cipher_list);
sock->WaitToUseCipher = CopyStr(tmp);
}
// Add all the chain certificates in the chain_certs directory
@ -12372,7 +12558,10 @@ void AddChainSslCertOnDirectory(struct ssl_ctx_st *ctx)
{
wchar_t dirname[MAX_SIZE];
wchar_t exedir[MAX_SIZE];
wchar_t txtname[MAX_SIZE];
DIRLIST *dir;
LIST *o;
UINT i;
// Validate arguments
if (ctx == NULL)
@ -12380,18 +12569,25 @@ void AddChainSslCertOnDirectory(struct ssl_ctx_st *ctx)
return;
}
o = NewListFast(NULL);
GetExeDirW(exedir, sizeof(exedir));
CombinePathW(dirname, sizeof(dirname), exedir, L"chain_certs");
MakeDirExW(dirname);
CombinePathW(txtname, sizeof(txtname), dirname, L"Readme_Chain_Certs.txt");
if (IsFileExistsW(txtname) == false)
{
FileCopyW(L"|chain_certs.txt", txtname);
}
dir = EnumDirW(dirname);
if (dir != NULL)
{
UINT i;
for (i = 0;i < dir->NumFiles;i++)
{
DIRENT *e = dir->File[i];
@ -12407,7 +12603,28 @@ void AddChainSslCertOnDirectory(struct ssl_ctx_st *ctx)
if (x != NULL)
{
AddChainSslCert(ctx, x);
UINT j;
bool exists = false;
UCHAR hash[SHA1_SIZE];
GetXDigest(x, hash, true);
for (j = 0;j < LIST_NUM(o);j++)
{
UCHAR *hash2 = LIST_DATA(o, j);
if (Cmp(hash, hash2, SHA1_SIZE) == 0)
{
exists = true;
}
}
if (exists == false)
{
AddChainSslCert(ctx, x);
Add(o, Clone(hash, SHA1_SIZE));
}
FreeX(x);
}
@ -12416,6 +12633,15 @@ void AddChainSslCertOnDirectory(struct ssl_ctx_st *ctx)
FreeDir(dir);
}
for (i = 0;i < LIST_NUM(o);i++)
{
UCHAR *hash = LIST_DATA(o, i);
Free(hash);
}
ReleaseList(o);
}
// Add the chain certificate
@ -12503,7 +12729,7 @@ bool StartSSLEx(SOCK *sock, X *x, K *priv, bool client_tls, UINT ssl_timeout, ch
return true;
}
ssl_ctx = NewSSLCtx();
ssl_ctx = NewSSLCtx(sock->ServerMode);
Lock(openssl_lock);
{
@ -16964,7 +17190,7 @@ void UnlockDnsCache()
}
// Create the SSL_CTX
struct ssl_ctx_st *NewSSLCtx()
struct ssl_ctx_st *NewSSLCtx(bool server_mode)
{
struct ssl_ctx_st *ctx = SSL_CTX_new(SSLv23_method());
@ -16972,6 +17198,13 @@ struct ssl_ctx_st *NewSSLCtx()
SSL_CTX_set_options(ctx, SSL_OP_NO_TICKET);
#endif // SSL_OP_NO_TICKET
#ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
if (server_mode)
{
SSL_CTX_set_options(ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
}
#endif // SSL_OP_CIPHER_SERVER_PREFERENCE
return ctx;
}

View File

@ -780,6 +780,16 @@ typedef bool (RUDP_STACK_RPC_RECV_PROC)(RUDP_STACK *r, UDPPACKET *p);
// Minimum time to wait for a trial to connect by ICMP and DNS in case failing to connect by TCP
#define SOCK_CONNECT_WAIT_FOR_ICMP_AND_DNS_AT_LEAST 5000
#define RUDP_MAX_VALIDATED_SOURCE_IP_ADDRESSES 512
#define RUDP_VALIDATED_SOURCE_IP_ADDRESS_EXPIRES (RUDP_TIMEOUT * 2)
// Validated Source IP Addresses for R-UDP
struct RUDP_SOURCE_IP
{
UINT64 ExpiresTick; // Expires
IP ClientIP; // Client IP address
};
// R-UDP stack
struct RUDP_STACK
{
@ -832,6 +842,8 @@ struct RUDP_STACK
UINT LastDDnsFqdnHash; // DNS FQDN hash value when last checked
volatile UINT *NatTGlobalUdpPort; // NAT-T global UDP port
UCHAR RandPortId; // Random UDP port ID
bool NatT_EnableSourceIpValidation; // Enable the source IP address validation mechanism
LIST *NatT_SourceIpList; // Authenticated source IP adddress list
// For Client
bool TargetIpAndPortInited; // The target IP address and the port number are initialized
@ -926,7 +938,7 @@ struct HTTP_HEADER
};
// HTTPS server / client related string constant
#define DEFAULT_USER_AGENT "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)"
#define DEFAULT_USER_AGENT "Mozilla/5.0 (Windows NT 6.3; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0"
#define DEFAULT_ACCEPT "image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/msword, application/vnd.ms-powerpoint, application/vnd.ms-excel, */*"
#define DEFAULT_ENCODING "gzip, deflate"
#define HTTP_CONTENT_TYPE "text/html; charset=iso-8859-1"
@ -1061,6 +1073,9 @@ bool RUDPProcessBulkRecvPacket(RUDP_STACK *r, RUDP_SESSION *se, void *recv_data,
UINT RUDPCalcBestMssForBulk(RUDP_STACK *r, RUDP_SESSION *se);
bool IsIPLocalHostOrMySelf(IP *ip);
UINT RUDPGetRandPortNumber(UCHAR rand_port_id);
void RUDPSetSourceIpValidationForceDisable(bool b);
bool RUDPIsIpInValidateList(RUDP_STACK *r, IP *ip);
void RUDPAddIpToValidateList(RUDP_STACK *r, IP *ip);
bool GetBestLocalIpForTarget(IP *local_ip, IP *target_ip);
SOCK *NewUDP4ForSpecificIp(IP *target_ip, UINT port);
@ -1558,7 +1573,7 @@ bool IsMacAddressLocalInner(LIST *o, void *addr);
bool IsMacAddressLocalFast(void *addr);
void RefreshLocalMacAddressList();
struct ssl_ctx_st *NewSSLCtx();
struct ssl_ctx_st *NewSSLCtx(bool server_mode);
void FreeSSLCtx(struct ssl_ctx_st *ctx);
void SetCurrentDDnsFqdn(char *name);

View File

@ -1409,11 +1409,11 @@ bool LoadTableMain(wchar_t *filename)
SaveUnicodeCache(filename, b->Size, hash);
Debug("Unicode Source: strtable.stb\n");
//Debug("Unicode Source: strtable.stb\n");
}
else
{
Debug("Unicode Source: unicode_cache\n");
//Debug("Unicode Source: unicode_cache\n");
}
FreeBuf(b);
@ -1434,7 +1434,7 @@ bool LoadTableMain(wchar_t *filename)
return false;
}
Debug("Unicode File Read Cost: %u (%u Lines)\n", (UINT)(t2 - t1), LIST_NUM(TableList));
//Debug("Unicode File Read Cost: %u (%u Lines)\n", (UINT)(t2 - t1), LIST_NUM(TableList));
return true;
}

View File

@ -1813,12 +1813,13 @@ PKT *ParsePacketEx4(UCHAR *buf, UINT size, bool no_l3, UINT vlan_type_id, bool b
if (no_http == false)
{
USHORT port_raw = Endian16(80);
USHORT port_raw2 = Endian16(8080);
// Analyze if the packet is a part of HTTP
if ((p->TypeL3 == L3_IPV4 || p->TypeL3 == L3_IPV6) && p->TypeL4 == L4_TCP)
{
TCP_HEADER *tcp = p->L4.TCPHeader;
if (tcp->DstPort == port_raw)
if (tcp->DstPort == port_raw || tcp->DstPort == port_raw2)
{
if (tcp != NULL && (!((tcp->Flag & TCP_SYN) || (tcp->Flag & TCP_RST) || (tcp->Flag & TCP_FIN))))
{