AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2026-04-22 14:59:26 +03:00
Code Releases Activity

v4.03-9408-rtm

Browse Source
This commit is contained in:
dnobori
2014-01-04 22:00:08 +09:00
parent d433e567a5
commit 749497dde0
986 changed files with 487216 additions and 339 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/Cedar/Account.c
+1419
View File
File diff suppressed because it is too large Load Diff
src/Cedar/Account.h
+293
View File
@@ -0,0 +1,293 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Account.h
// Header of Account.c
#ifndef ACCOUNT_H
#define ACCOUNT_H
// Policy item
struct POLICY_ITEM
{
UINT Index;
bool TypeInt;
bool AllowZero;
UINT MinValue;
UINT MaxValue;
UINT DefaultValue;
char *FormatStr;
};
// Policy
struct POLICY
{
// For Ver 2.0
bool Access; // Grant access
bool DHCPFilter; // Filter DHCP packets (IPv4)
bool DHCPNoServer; // Prohibit the behavior of the DHCP server (IPv4)
bool DHCPForce; // Force DHCP-assigned IP address (IPv4)
bool NoBridge; // Prohibit the bridge behavior
bool NoRouting; // Prohibit the router behavior (IPv4)
bool CheckMac; // Prohibit the duplicate MAC address
bool CheckIP; // Prohibit a duplicate IP address (IPv4)
bool ArpDhcpOnly; // Prohibit the broadcast other than ARP, DHCP, ICMPv6
bool PrivacyFilter; // Privacy filter mode
bool NoServer; // Prohibit to operate as a TCP/IP server (IPv4)
bool NoBroadcastLimiter; // Not to limit the number of broadcast
bool MonitorPort; // Allow monitoring mode
UINT MaxConnection; // Maximum number of TCP connections
UINT TimeOut; // Communication time-out period
UINT MaxMac; // Maximum number of MAC address
UINT MaxIP; // Maximum number of IP address (IPv4)
UINT MaxUpload; // Upload bandwidth
UINT MaxDownload; // Download bandwidth
bool FixPassword; // User can not change password
UINT MultiLogins; // Multiple logins limit
bool NoQoS; // Prohibit the use of VoIP / QoS features
// For Ver 3.0
bool RSandRAFilter; // Filter the Router Solicitation / Advertising packet (IPv6)
bool RAFilter; // Filter the router advertisement packet (IPv6)
bool DHCPv6Filter; // Filter DHCP packets (IPv6)
bool DHCPv6NoServer; // Prohibit the behavior of the DHCP server (IPv6)
bool NoRoutingV6; // Prohibit the router behavior (IPv6)
bool CheckIPv6; // Prohibit the duplicate IP address (IPv6)
bool NoServerV6; // Prohibit to operate as a TCP/IP server (IPv6)
UINT MaxIPv6; // Maximum number of IP address (IPv6)
bool NoSavePassword; // Prohibit to save the password in the VPN Client
UINT AutoDisconnect; // Disconnect the VPN Client automatically at a certain period of time
bool FilterIPv4; // Filter all IPv4 packets
bool FilterIPv6; // Filter all IPv6 packets
bool FilterNonIP; // Filter all non-IP packets
bool NoIPv6DefaultRouterInRA; // Delete the default router specification from the IPv6 router advertisement
bool NoIPv6DefaultRouterInRAWhenIPv6; // Delete the default router specification from the IPv6 router advertisement (Enable IPv6 connection)
UINT VLanId; // Specify the VLAN ID
bool Ver3; // Whether version 3.0
};
// Group
struct USERGROUP
{
LOCK *lock; // Lock
REF *ref; // Reference counter
char *Name; // Group name
wchar_t *RealName; // Display name
wchar_t *Note; // Note
POLICY *Policy; // Policy
TRAFFIC *Traffic; // Traffic data
};
// User
struct USER
{
LOCK *lock; // Lock
REF *ref; // Reference counter
char *Name; // User name
wchar_t *RealName; // Real name
wchar_t *Note; // Note
char *GroupName; // Group name
USERGROUP *Group; // Group
UINT AuthType; // Authentication type
void *AuthData; // Authentication data
UINT64 CreatedTime; // Creation date and time
UINT64 UpdatedTime; // Updating date
UINT64 ExpireTime; // Expiration date
UINT64 LastLoginTime; // Last login time
UINT NumLogin; // Total number of logins
POLICY *Policy; // Policy
TRAFFIC *Traffic; // Traffic data
};
// Password authentication data
struct AUTHPASSWORD
{
UCHAR HashedKey[SHA1_SIZE]; // Hashed passwords
UCHAR NtLmSecureHash[MD5_SIZE]; // Encrypted password for the NTLM
};
// User certificate authentication data
struct AUTHUSERCERT
{
X *UserX; // X509 certificate for the user
};
// Root certification authority authentication data
struct AUTHROOTCERT
{
X_SERIAL *Serial; // Serial number
wchar_t *CommonName; // CommonName
};
// Radius authentication data
struct AUTHRADIUS
{
wchar_t *RadiusUsername; // User name in the Radius
};
// Windows NT authentication data
struct AUTHNT
{
wchar_t *NtUsername; // User name on NT
};
// Macro
#define POLICY_CURRENT_VERSION 3
#define NUM_POLICY_ITEM ((sizeof(POLICY) / sizeof(UINT)) - 1)
#define NUM_POLICY_ITEM_FOR_VER2 22
#define NUM_POLICY_ITEM_FOR_VER3 38
#define IS_POLICY_FOR_VER2(index) (((index) >= 0) && ((index) < NUM_POLICY_ITEM_FOR_VER2))
#define IS_POLICY_FOR_VER3(index) (((index) >= 0) && ((index) < NUM_POLICY_ITEM_FOR_VER3))
#define IS_POLICY_FOR_CURRENT_VER(index, ver) ((ver) >= 3 ? IS_POLICY_FOR_VER3(index) : IS_POLICY_FOR_VER2(index))
#define POLICY_BOOL(p, i) (((bool *)(p))[(i)])
#define POLICY_INT(p, i) (((UINT *)(p))[(i)])
extern POLICY_ITEM policy_item[];
// Function prototype
int CompareUserName(void *p1, void *p2);
int CompareGroupName(void *p1, void *p2);
void AcLock(HUB *h);
void AcUnlock(HUB *h);
USERGROUP *NewGroup(char *name, wchar_t *realname, wchar_t *note);
void ReleaseGroup(USERGROUP *g);
void CleanupGroup(USERGROUP *g);
USER *NewUser(char *name, wchar_t *realname, wchar_t *note, UINT authtype, void *authdata);
void ReleaseUser(USER *u);
void CleanupUser(USER *u);
void FreeAuthData(UINT authtype, void *authdata);
bool AcAddUser(HUB *h, USER *u);
bool AcAddGroup(HUB *h, USERGROUP *g);
USER *AcGetUser(HUB *h, char *name);
USERGROUP *AcGetGroup(HUB *h, char *name);
bool AcIsUser(HUB *h, char *name);
bool AcIsGroup(HUB *h, char *name);
bool AcDeleteUser(HUB *h, char *name);
bool AcDeleteGroup(HUB *h, char *name);
void JoinUserToGroup(USER *u, USERGROUP *g);
void SetUserTraffic(USER *u, TRAFFIC *t);
void SetGroupTraffic(USERGROUP *g, TRAFFIC *t);
void AddUserTraffic(USER *u, TRAFFIC *diff);
void AddGroupTraffic(USERGROUP *g, TRAFFIC *diff);
void SetUserAuthData(USER *u, UINT authtype, void *authdata);
void *NewPasswordAuthData(char *username, char *password);
void *NewPasswordAuthDataRaw(UCHAR *hashed_password, UCHAR *ntlm_secure_hash);
void *NewUserCertAuthData(X *x);
void *NewRootCertAuthData(X_SERIAL *serial, wchar_t *common_name);
void *NewRadiusAuthData(wchar_t *username);
void *NewNTAuthData(wchar_t *username);
void HashPassword(void *dst, char *username, char *password);
POLICY *GetDefaultPolicy();
POLICY *ClonePolicy(POLICY *policy);
void SetUserPolicy(USER *u, POLICY *policy);
void OverwritePolicy(POLICY **target, POLICY *p);
POLICY *GetUserPolicy(USER *u);
void SetGroupPolicy(USERGROUP *g, POLICY *policy);
POLICY *GetGroupPolicy(USERGROUP *g);
wchar_t *GetPolicyTitle(UINT id);
wchar_t *GetPolicyDescription(UINT id);
bool IsUserName(char *name);
void *CopyAuthData(void *authdata, UINT authtype);
UINT PolicyNum();
bool PolicyIsSupportedForCascade(UINT i);
UINT PolicyStrToId(char *name);
char *PolicyIdToStr(UINT i);
POLICY_ITEM *GetPolicyItem(UINT id);
void GetPolicyValueRangeStr(wchar_t *str, UINT size, UINT id);
void FormatPolicyValue(wchar_t *str, UINT size, UINT id, UINT value);
char *NormalizePolicyName(char *name);
#endif // ACCOUNT_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Admin.c
+13742
View File
File diff suppressed because it is too large Load Diff
src/Cedar/Admin.h
+1505
View File
File diff suppressed because it is too large Load Diff
src/Cedar/AzureClient.c
+658
View File
@@ -0,0 +1,658 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// AzureClient.c
// VPN Azure Client
#include "CedarPch.h"
// Wait for connection request
void AcWaitForRequest(AZURE_CLIENT *ac, SOCK *s, AZURE_PARAM *param)
{
// Validate arguments
if (ac == NULL || s == NULL || param == NULL)
{
return;
}
while (ac->Halt == false)
{
UCHAR uc;
// Receive 1 byte
if (RecvAll(s, &uc, 1, false) == 0)
{
break;
}
if (uc != 0)
{
// Receive a Pack
PACK *p = RecvPackWithHash(s);
if (p == NULL)
{
break;
}
else
{
// Verify contents of Pack
char opcode[MAX_SIZE];
char cipher_name[MAX_SIZE];
char hostname[MAX_SIZE];
PackGetStr(p, "opcode", opcode, sizeof(opcode));
PackGetStr(p, "cipher_name", cipher_name, sizeof(cipher_name));
PackGetStr(p, "hostname", hostname, sizeof(hostname));
if (StrCmpi(opcode, "relay") == 0)
{
IP client_ip, server_ip;
UINT client_port;
UINT server_port;
UCHAR session_id[SHA1_SIZE];
if (PackGetIp(p, "client_ip", &client_ip) &&
PackGetIp(p, "server_ip", &server_ip) &&
PackGetData2(p, "session_id", session_id, sizeof(session_id)))
{
client_port = PackGetInt(p, "client_port");
server_port = PackGetInt(p, "server_port");
if (client_port != 0 && server_port != 0)
{
SOCK *ns;
Debug("Connect Request from %r:%u\n", &client_ip, client_port);
// Create new socket and connect VPN Azure Server
if (ac->DDnsStatusCopy.InternetSetting.ProxyType == PROXY_DIRECT)
{
ns = ConnectEx2(ac->DDnsStatusCopy.CurrentAzureIp, AZURE_SERVER_PORT,
0, (bool *)&ac->Halt);
}
else
{
ns = WpcSockConnect2(ac->DDnsStatusCopy.CurrentAzureIp, AZURE_SERVER_PORT,
&ac->DDnsStatusCopy.InternetSetting, NULL, AZURE_VIA_PROXY_TIMEOUT);
}
if (ns == NULL)
{
Debug("Connect Error.\n");
}
else
{
Debug("Connected to the relay server.\n");
SetTimeout(ns, param->DataTimeout);
if (StartSSLEx(ns, NULL, NULL, true, 0, NULL))
{
// Check certification
char server_cert_hash_str[MAX_SIZE];
UCHAR server_cert_hash[SHA1_SIZE];
Zero(server_cert_hash, sizeof(server_cert_hash));
GetXDigest(ns->RemoteX, server_cert_hash, true);
BinToStr(server_cert_hash_str, sizeof(server_cert_hash_str),
server_cert_hash, SHA1_SIZE);
if (IsEmptyStr(ac->DDnsStatusCopy.AzureCertHash) || StrCmpi(server_cert_hash_str, ac->DDnsStatusCopy.AzureCertHash) == 0)
{
if (SendAll(ns, AZURE_PROTOCOL_DATA_SIANGTURE, 24, true))
{
PACK *p2 = NewPack();
PackAddStr(p2, "hostname", hostname);
PackAddData(p2, "session_id", session_id, sizeof(session_id));
if (SendPackWithHash(ns, p2))
{
UCHAR uc;
if (RecvAll(ns, &uc, 1, true) != false)
{
if (uc != 0)
{
SOCK *accept_sock = GetReverseListeningSock(ac->Cedar);
if (accept_sock != NULL)
{
AddRef(ns->ref);
SetTimeout(ns, INFINITE);
Copy(&ns->Reverse_MyServerGlobalIp, &server_ip, sizeof(IP));
ns->Reverse_MyServerPort = server_port;
InjectNewReverseSocketToAccept(accept_sock, ns,
&client_ip, client_port);
ReleaseSock(accept_sock);
}
}
}
}
FreePack(p2);
}
}
}
ReleaseSock(ns);
}
}
}
}
FreePack(p);
}
}
// Send 1 byte
uc = 0;
if (SendAll(s, &uc, 1, false) == 0)
{
break;
}
}
}
// VPN Azure client main thread
void AcMainThread(THREAD *thread, void *param)
{
AZURE_CLIENT *ac = (AZURE_CLIENT *)param;
UINT last_ip_revision = INFINITE;
UINT64 last_reconnect_tick = 0;
UINT64 next_reconnect_interval = AZURE_CONNECT_INITIAL_RETRY_INTERVAL;
UINT num_reconnect_retry = 0;
UINT64 next_ddns_retry_tick = 0;
bool last_connect_ok = false;
// Validate arguments
if (ac == NULL || thread == NULL)
{
return;
}
while (ac->Halt == false)
{
UINT64 now = Tick64();
bool connect_was_ok = false;
// Wait for enabling VPN Azure function
if (ac->IsEnabled)
{
// VPN Azure is enabled
DDNS_CLIENT_STATUS st;
bool connect_now = false;
bool azure_ip_changed = false;
Lock(ac->Lock);
{
Copy(&st, &ac->DDnsStatus, sizeof(DDNS_CLIENT_STATUS));
if (StrCmpi(st.CurrentAzureIp, ac->DDnsStatusCopy.CurrentAzureIp) != 0)
{
if (IsEmptyStr(st.CurrentAzureIp) == false)
{
// Destination IP address is changed
connect_now = true;
num_reconnect_retry = 0;
}
}
if (StrCmpi(st.CurrentHostName, ac->DDnsStatusCopy.CurrentHostName) != 0)
{
// DDNS host name is changed
connect_now = true;
num_reconnect_retry = 0;
}
Copy(&ac->DDnsStatusCopy, &st, sizeof(DDNS_CLIENT_STATUS));
}
Unlock(ac->Lock);
if (last_ip_revision != ac->IpStatusRevision)
{
last_ip_revision = ac->IpStatusRevision;
connect_now = true;
num_reconnect_retry = 0;
}
if (last_reconnect_tick == 0 || (now >= (last_reconnect_tick + next_reconnect_interval)))
{
UINT r;
last_reconnect_tick = now;
num_reconnect_retry++;
next_reconnect_interval = (UINT64)num_reconnect_retry * AZURE_CONNECT_INITIAL_RETRY_INTERVAL;
next_reconnect_interval = MIN(next_reconnect_interval, AZURE_CONNECT_MAX_RETRY_INTERVAL);
r = (UINT)next_reconnect_interval;
r = GenRandInterval(r / 2, r);
next_reconnect_interval = r;
connect_now = true;
}
if (IsEmptyStr(st.CurrentAzureIp) == false && IsEmptyStr(st.CurrentHostName) == false)
{
if (connect_now)
{
SOCK *s;
char *host = NULL;
UINT port = AZURE_SERVER_PORT;
Debug("VPN Azure: Connecting to %s...\n", st.CurrentAzureIp);
if (ParseHostPort(st.CurrentAzureIp, &host, &port, AZURE_SERVER_PORT))
{
if (st.InternetSetting.ProxyType == PROXY_DIRECT)
{
s = ConnectEx2(host, port, 0, (bool *)&ac->Halt);
}
else
{
s = WpcSockConnect2(host, port, &st.InternetSetting, NULL, AZURE_VIA_PROXY_TIMEOUT);
}
if (s != NULL)
{
PACK *p;
UINT64 established_tick = 0;
Debug("VPN Azure: Connected.\n");
SetTimeout(s, AZURE_PROTOCOL_CONTROL_TIMEOUT_DEFAULT);
Lock(ac->Lock);
{
ac->CurrentSock = s;
ac->IsConnected = true;
StrCpy(ac->ConnectingAzureIp, sizeof(ac->ConnectingAzureIp), st.CurrentAzureIp);
}
Unlock(ac->Lock);
SendAll(s, AZURE_PROTOCOL_CONTROL_SIGNATURE, StrLen(AZURE_PROTOCOL_CONTROL_SIGNATURE), false);
// Receive parameter
p = RecvPackWithHash(s);
if (p != NULL)
{
UCHAR c;
AZURE_PARAM param;
bool hostname_changed = false;
Zero(&param, sizeof(param));
param.ControlKeepAlive = PackGetInt(p, "ControlKeepAlive");
param.ControlTimeout = PackGetInt(p, "ControlTimeout");
param.DataTimeout = PackGetInt(p, "DataTimeout");
param.SslTimeout = PackGetInt(p, "SslTimeout");
FreePack(p);
param.ControlKeepAlive = MAKESURE(param.ControlKeepAlive, 1000, AZURE_SERVER_MAX_KEEPALIVE);
param.ControlTimeout = MAKESURE(param.ControlTimeout, 1000, AZURE_SERVER_MAX_TIMEOUT);
param.DataTimeout = MAKESURE(param.DataTimeout, 1000, AZURE_SERVER_MAX_TIMEOUT);
param.SslTimeout = MAKESURE(param.SslTimeout, 1000, AZURE_SERVER_MAX_TIMEOUT);
Lock(ac->Lock);
{
Copy(&ac->AzureParam, &param, sizeof(AZURE_PARAM));
}
Unlock(ac->Lock);
SetTimeout(s, param.ControlTimeout);
// Send parameter
p = NewPack();
PackAddStr(p, "CurrentHostName", st.CurrentHostName);
PackAddStr(p, "CurrentAzureIp", st.CurrentAzureIp);
PackAddInt64(p, "CurrentAzureTimestamp", st.CurrentAzureTimestamp);
PackAddStr(p, "CurrentAzureSignature", st.CurrentAzureSignature);
Lock(ac->Lock);
{
if (StrCmpi(st.CurrentHostName, ac->DDnsStatus.CurrentHostName) != 0)
{
hostname_changed = true;
}
}
Unlock(ac->Lock);
if (hostname_changed == false)
{
if (SendPackWithHash(s, p))
{
// Receive result
if (RecvAll(s, &c, 1, false))
{
if (c && ac->Halt == false)
{
connect_was_ok = true;
established_tick = Tick64();
AcWaitForRequest(ac, s, &param);
}
}
}
}
FreePack(p);
}
else
{
WHERE;
}
Debug("VPN Azure: Disconnected.\n");
Lock(ac->Lock);
{
ac->IsConnected = false;
ac->CurrentSock = NULL;
ClearStr(ac->ConnectingAzureIp, sizeof(ac->ConnectingAzureIp));
}
Unlock(ac->Lock);
if (established_tick != 0)
{
if ((established_tick + (UINT64)AZURE_CONNECT_MAX_RETRY_INTERVAL) <= Tick64())
{
// If the connected time exceeds the AZURE_CONNECT_MAX_RETRY_INTERVAL, reset the retry counter.
last_reconnect_tick = 0;
num_reconnect_retry = 0;
next_reconnect_interval = AZURE_CONNECT_INITIAL_RETRY_INTERVAL;
}
}
Disconnect(s);
ReleaseSock(s);
}
else
{
Debug("VPN Azure: Error: Connect Failed.\n");
}
Free(host);
}
}
}
}
else
{
last_reconnect_tick = 0;
num_reconnect_retry = 0;
next_reconnect_interval = AZURE_CONNECT_INITIAL_RETRY_INTERVAL;
}
if (ac->Halt)
{
break;
}
if (connect_was_ok)
{
// If connection goes out after connected, increment connection success count to urge DDNS client query
next_ddns_retry_tick = Tick64() + MIN((UINT64)DDNS_VPN_AZURE_CONNECT_ERROR_DDNS_RETRY_TIME_DIFF * (UINT64)(num_reconnect_retry + 1), (UINT64)DDNS_VPN_AZURE_CONNECT_ERROR_DDNS_RETRY_TIME_DIFF_MAX);
}
if ((next_ddns_retry_tick != 0) && (Tick64() >= next_ddns_retry_tick))
{
next_ddns_retry_tick = 0;
ac->DDnsTriggerInt++;
}
Wait(ac->Event, rand() % 1000);
}
}
// Get enabled or disabled VPN Azure client
bool AcGetEnable(AZURE_CLIENT *ac)
{
// Validate arguments
if (ac == NULL)
{
return false;
}
return ac->IsEnabled;
}
// Enable or disable VPN Azure client
void AcSetEnable(AZURE_CLIENT *ac, bool enabled)
{
bool old_status;
// Validate arguments
if (ac == NULL)
{
return;
}
old_status = ac->IsEnabled;
ac->IsEnabled = enabled;
if (ac->IsEnabled && (ac->IsEnabled != old_status))
{
ac->DDnsTriggerInt++;
}
AcApplyCurrentConfig(ac, NULL);
}
// Set current configuration to VPN Azure client
void AcApplyCurrentConfig(AZURE_CLIENT *ac, DDNS_CLIENT_STATUS *ddns_status)
{
bool disconnect_now = false;
SOCK *disconnect_sock = NULL;
// Validate arguments
if (ac == NULL)
{
return;
}
// Get current DDNS configuration
Lock(ac->Lock);
{
if (ddns_status != NULL)
{
if (StrCmpi(ac->DDnsStatus.CurrentHostName, ddns_status->CurrentHostName) != 0)
{
// If host name is changed, disconnect current data connection
disconnect_now = true;
}
if (Cmp(&ac->DDnsStatus.InternetSetting, &ddns_status->InternetSetting, sizeof(INTERNET_SETTING)) != 0)
{
// If proxy setting is changed, disconnect current data connection
disconnect_now = true;
}
Copy(&ac->DDnsStatus, ddns_status, sizeof(DDNS_CLIENT_STATUS));
}
if (ac->IsEnabled == false)
{
// If VPN Azure client is disabled, disconnect current data connection
disconnect_now = true;
}
if (disconnect_now)
{
if (ac->CurrentSock != NULL)
{
disconnect_sock = ac->CurrentSock;
AddRef(disconnect_sock->ref);
}
}
}
Unlock(ac->Lock);
if (disconnect_sock != NULL)
{
Disconnect(disconnect_sock);
ReleaseSock(disconnect_sock);
}
Set(ac->Event);
}
// Free VPN Azure client
void FreeAzureClient(AZURE_CLIENT *ac)
{
SOCK *disconnect_sock = NULL;
// Validate arguments
if (ac == NULL)
{
return;
}
ac->Halt = true;
Lock(ac->Lock);
{
if (ac->CurrentSock != NULL)
{
disconnect_sock = ac->CurrentSock;
AddRef(disconnect_sock->ref);
}
}
Unlock(ac->Lock);
if (disconnect_sock != NULL)
{
Disconnect(disconnect_sock);
ReleaseSock(disconnect_sock);
}
Set(ac->Event);
// Stop main thread
WaitThread(ac->MainThread, INFINITE);
ReleaseThread(ac->MainThread);
ReleaseEvent(ac->Event);
DeleteLock(ac->Lock);
Free(ac);
}
// Create new VPN Azure client
AZURE_CLIENT *NewAzureClient(CEDAR *cedar, SERVER *server)
{
AZURE_CLIENT *ac;
// Validate arguments
if (cedar == NULL || server == NULL)
{
return NULL;
}
ac = ZeroMalloc(sizeof(AZURE_CLIENT));
ac->Cedar = cedar;
ac->Server = server;
ac->Lock = NewLock();
ac->IsEnabled = false;
ac->Event = NewEvent();
// Start main thread
ac->MainThread = NewThread(AcMainThread, ac);
return ac;
}
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/AzureClient.h
+149
View File
@@ -0,0 +1,149 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// AzureClient.h
// Header of AzureClient.c
#ifndef AZURE_CLIENT_H
#define AZURE_CLIENT_H
// Constants
#define AZURE_SERVER_PORT 443
#define AZURE_PROTOCOL_CONTROL_SIGNATURE "ACTL"
#define AZURE_PROTOCOL_DATA_SIANGTURE "AZURE_CONNECT_SIGNATURE!"
#define AZURE_PROTOCOL_CONTROL_TIMEOUT_DEFAULT (5 * 1000) // Default timeout
#define AZURE_CONNECT_INITIAL_RETRY_INTERVAL (1 * 1000) // Initial re-connection interval (15 * 1000)
#define AZURE_CONNECT_MAX_RETRY_INTERVAL (60 * 60 * 1000) // Maximum re-connection interval
#define AZURE_DOMAIN_SUFFIX ".vpnazure.net"
#define AZURE_SERVER_MAX_KEEPALIVE (5 * 60 * 1000)
#define AZURE_SERVER_MAX_TIMEOUT (10 * 60 * 1000)
#define AZURE_VIA_PROXY_TIMEOUT 5000
// Communications parameter
struct AZURE_PARAM
{
UINT ControlKeepAlive;
UINT ControlTimeout;
UINT DataTimeout;
UINT SslTimeout;
};
// VPN Azure Client
struct AZURE_CLIENT
{
CEDAR *Cedar;
SERVER *Server;
LOCK *Lock;
DDNS_CLIENT_STATUS DDnsStatus;
volatile bool IsEnabled;
EVENT *Event;
volatile bool Halt;
THREAD *MainThread;
volatile UINT IpStatusRevision;
DDNS_CLIENT_STATUS DDnsStatusCopy;
SOCK *CurrentSock;
char ConnectingAzureIp[MAX_SIZE];
AZURE_PARAM AzureParam;
volatile UINT DDnsTriggerInt;
volatile bool IsConnected;
};
// Function prototype
AZURE_CLIENT *NewAzureClient(CEDAR *cedar, SERVER *server);
void FreeAzureClient(AZURE_CLIENT *ac);
void AcApplyCurrentConfig(AZURE_CLIENT *ac, DDNS_CLIENT_STATUS *ddns_status);
void AcMainThread(THREAD *thread, void *param);
void AcSetEnable(AZURE_CLIENT *ac, bool enabled);
bool AcGetEnable(AZURE_CLIENT *ac);
void AcWaitForRequest(AZURE_CLIENT *ac, SOCK *s, AZURE_PARAM *param);
#endif // AZURE_CLIENT_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/AzureServer.c
+90
View File
@@ -0,0 +1,90 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// AzureServer.c
// VPN Azure Server
#include "CedarPch.h"
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/AzureServer.h
+94
View File
@@ -0,0 +1,94 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// AzureServer.h
// Header of AzureServer.c
#ifndef AZURE_SERVER_H
#define AZURE_SERVER_H
#endif // AZURE_SERVER_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Bridge.c
+532
View File
@@ -0,0 +1,532 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Bridge.c
// Ethernet Bridge Program (Local Bridge)
#include <GlobalConst.h>
#define BRIDGE_C
#ifdef WIN32
#define OS_WIN32
#endif
#ifdef OS_WIN32
// Win32
#include "BridgeWin32.c"
#else
// Unix
#include "BridgeUnix.c"
#endif // OS_WIN32
// Hash the list of current Ethernet devices
UINT GetEthDeviceHash()
{
#ifdef OS_UNIX
// UNIX
UINT num;
UINT i;
char tmp[4096];
UCHAR hash[SHA1_SIZE];
TOKEN_LIST *t = GetEthList();
num = t->NumTokens;
tmp[0] = 0;
for (i = 0;i < t->NumTokens;i++)
{
StrCat(tmp, sizeof(tmp), t->Token[i]);
}
FreeToken(t);
Hash(hash, tmp, StrLen(tmp), true);
Copy(&num, hash, sizeof(UINT));
return num;
#else // OS_UNIX
// Win32
UINT ret = 0;
MS_ADAPTER_LIST *a = MsCreateAdapterListEx(true);
UINT num;
UINT i;
char tmp[4096];
UCHAR hash[SHA1_SIZE];
tmp[0] = 0;
if (a != NULL)
{
for (i = 0;i < a->Num;i++)
{
StrCat(tmp, sizeof(tmp), a->Adapters[i]->Title);
}
}
MsFreeAdapterList(a);
Hash(hash, tmp, StrLen(tmp), true);
Copy(&num, hash, sizeof(UINT));
return num;
#endif // OS_UNIX
}
// Get whether WinPcap is needed
bool IsNeedWinPcap()
{
if (IsBridgeSupported() == false)
{
// Not in Windows
return false;
}
else
{
// Windows
if (IsEthSupported())
{
// Already success to access the Ethernet device
return false;
}
else
{
// Failed to access the Ethernet device
return true;
}
}
}
// Get whether the local-bridging is supported by current OS
bool IsBridgeSupported()
{
UINT type = GetOsInfo()->OsType;
if (OS_IS_WINDOWS(type))
{
if (IsEthSupported())
{
return true;
}
else
{
bool ret = false;
#ifdef OS_WIN32
ret = MsIsAdmin();
#endif // OS_WIN32
return ret;
}
}
else
{
return IsEthSupported();
}
}
// Delete a local-bridge
bool DeleteLocalBridge(CEDAR *c, char *hubname, char *devicename)
{
bool ret = false;
// Validate arguments
if (c == NULL || hubname == NULL || devicename == NULL)
{
return false;
}
LockList(c->HubList);
{
LockList(c->LocalBridgeList);
{
UINT i;
for (i = 0;i < LIST_NUM(c->LocalBridgeList);i++)
{
LOCALBRIDGE *br = LIST_DATA(c->LocalBridgeList, i);
if (StrCmpi(br->HubName, hubname) == 0)
{
if (StrCmpi(br->DeviceName, devicename) == 0)
{
if (br->Bridge != NULL)
{
BrFreeBridge(br->Bridge);
br->Bridge = NULL;
}
Delete(c->LocalBridgeList, br);
Free(br);
ret = true;
break;
}
}
}
}
UnlockList(c->LocalBridgeList);
}
UnlockList(c->HubList);
return ret;
}
// Add a local-bridge
void AddLocalBridge(CEDAR *c, char *hubname, char *devicename, bool local, bool monitor, bool tapmode, char *tapaddr, bool limit_broadcast)
{
UINT i;
HUB *h = NULL;
LOCALBRIDGE *br = NULL;
// Validate arguments
if (c == NULL || hubname == NULL || devicename == NULL)
{
return;
}
if (OS_IS_UNIX(GetOsInfo()->OsType) == false)
{
tapmode = false;
}
LockList(c->HubList);
{
LockList(c->LocalBridgeList);
{
bool exists = false;
// Ensure that the same configuration local-bridge doesn't exist already
for (i = 0;i < LIST_NUM(c->LocalBridgeList);i++)
{
LOCALBRIDGE *br = LIST_DATA(c->LocalBridgeList, i);
if (StrCmpi(br->DeviceName, devicename) == 0)
{
if (StrCmpi(br->HubName, hubname) == 0)
{
if (br->TapMode == tapmode)
{
exists = true;
}
}
}
}
if (exists == false)
{
// Add configuration
br = ZeroMalloc(sizeof(LOCALBRIDGE));
StrCpy(br->HubName, sizeof(br->HubName), hubname);
StrCpy(br->DeviceName, sizeof(br->DeviceName), devicename);
br->Bridge = NULL;
br->Local = local;
br->TapMode = tapmode;
br->LimitBroadcast = limit_broadcast;
br->Monitor = monitor;
if (br->TapMode)
{
if (tapaddr != NULL && IsZero(tapaddr, 6) == false)
{
Copy(br->TapMacAddress, tapaddr, 6);
}
else
{
GenMacAddress(br->TapMacAddress);
}
}
Add(c->LocalBridgeList, br);
// Find the hub
for (i = 0;i < LIST_NUM(c->HubList);i++)
{
HUB *hub = LIST_DATA(c->HubList, i);
if (StrCmpi(hub->Name, br->HubName) == 0)
{
h = hub;
AddRef(h->ref);
break;
}
}
}
}
UnlockList(c->LocalBridgeList);
}
UnlockList(c->HubList);
// Start the local-bridge immediately
if (h != NULL && br != NULL && h->Type != HUB_TYPE_FARM_DYNAMIC)
{
Lock(h->lock_online);
{
if (h->Offline == false)
{
LockList(c->LocalBridgeList);
{
if (IsInList(c->LocalBridgeList, br))
{
if (br->Bridge == NULL)
{
br->Bridge = BrNewBridge(h, br->DeviceName, NULL, br->Local, br->Monitor, br->TapMode, br->TapMacAddress, br->LimitBroadcast, br);
}
}
}
UnlockList(c->LocalBridgeList);
}
}
Unlock(h->lock_online);
}
ReleaseHub(h);
}
// Initialize the local-bridge list
void InitLocalBridgeList(CEDAR *c)
{
// Validate arguments
if (c == NULL)
{
return;
}
c->LocalBridgeList = NewList(NULL);
}
// Free the local-bridge list
void FreeLocalBridgeList(CEDAR *c)
{
UINT i;
// Validate arguments
if (c == NULL)
{
return;
}
for (i = 0;i < LIST_NUM(c->LocalBridgeList);i++)
{
LOCALBRIDGE *br = LIST_DATA(c->LocalBridgeList, i);
Free(br);
}
ReleaseList(c->LocalBridgeList);
c->LocalBridgeList = NULL;
}
// Bridging thread
void BrBridgeThread(THREAD *thread, void *param)
{
BRIDGE *b;
CONNECTION *c;
SESSION *s;
HUB *h;
char name[MAX_SIZE];
// Validate arguments
if (thread == NULL || param == NULL)
{
return;
}
b = (BRIDGE *)param;
// Create a connection object
c = NewServerConnection(b->Cedar, NULL, thread);
c->Protocol = CONNECTION_HUB_BRIDGE;
// Create a session object
s = NewServerSession(b->Cedar, c, b->Hub, BRIDGE_USER_NAME, b->Policy);
HLog(b->Hub, "LH_START_BRIDGE", b->Name, s->Name);
StrCpy(name, sizeof(name), b->Name);
h = b->Hub;
AddRef(h->ref);
s->BridgeMode = true;
s->Bridge = b;
c->Session = s;
ReleaseConnection(c);
// Dummy user name for local-bridge
s->Username = CopyStr(BRIDGE_USER_NAME_PRINT);
b->Session = s;
AddRef(s->ref);
// Notify completion
NoticeThreadInit(thread);
// Main procedure of the session
Debug("Bridge %s Start.\n", b->Name);
SessionMain(s);
Debug("Bridge %s Stop.\n", b->Name);
HLog(h, "LH_STOP_BRIDGE", name);
ReleaseHub(h);
ReleaseSession(s);
}
// Free the local-bridge object
void BrFreeBridge(BRIDGE *b)
{
// Validate arguments
if (b == NULL)
{
return;
}
if (b->ParentLocalBridge != NULL)
{
b->ParentLocalBridge = NULL;
}
// Stop session thread
StopSession(b->Session);
ReleaseSession(b->Session);
Free(b);
}
// Create new local-bridge
BRIDGE *BrNewBridge(HUB *h, char *name, POLICY *p, bool local, bool monitor, bool tapmode, char *tapaddr, bool limit_broadcast, LOCALBRIDGE *parent_local_bridge)
{
BRIDGE *b;
POLICY *policy;
THREAD *t;
// Validate arguments
if (h == NULL || name == NULL || parent_local_bridge == NULL)
{
return NULL;
}
if (p == NULL)
{
policy = ClonePolicy(GetDefaultPolicy());
}
else
{
policy = ClonePolicy(p);
}
b = ZeroMalloc(sizeof(BRIDGE));
b->Cedar = h->Cedar;
b->Hub = h;
StrCpy(b->Name, sizeof(b->Name), name);
b->Policy = policy;
b->Local = local;
b->Monitor = monitor;
b->TapMode = tapmode;
b->LimitBroadcast = limit_broadcast;
b->ParentLocalBridge = parent_local_bridge;
if (b->TapMode)
{
if (tapaddr != NULL && IsZero(tapaddr, 6) == false)
{
Copy(b->TapMacAddress, tapaddr, 6);
}
else
{
GenMacAddress(b->TapMacAddress);
}
}
if (monitor)
{
// Enabling monitoring mode
policy->MonitorPort = true;
}
if (b->LimitBroadcast == false)
{
// Disable broadcast limiter
policy->NoBroadcastLimiter = true;
}
// Start thread
t = NewThread(BrBridgeThread, b);
WaitThreadInit(t);
ReleaseThread(t);
return b;
}
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Bridge.h
+152
View File
@@ -0,0 +1,152 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Bridge.h
// Header of Bridge.c
#ifndef BRIDGE_H
#define BRIDGE_H
#ifdef OS_WIN32
// For Win32
#include <Cedar/BridgeWin32.h>
#else
// For Unix
#include <Cedar/BridgeUnix.h>
#endif // OS_WIN32
// Bridge
struct BRIDGE
{
bool Active; // Status
CEDAR *Cedar; // Cedar
HUB *Hub; // HUB
SESSION *Session; // Session
POLICY *Policy; // Policy
ETH *Eth; // Ethernet
char Name[MAX_SIZE]; // Device name
UINT64 LastBridgeTry; // Time to try to bridge at last
bool Local; // Local mode
bool Monitor; // Monitor mode
bool TapMode; // Tap mode
bool LimitBroadcast; // Broadcasts limiting mode
UCHAR TapMacAddress[6]; // MAC address of the tap
UINT LastNumDevice; // Number of device (Number of last checked)
UINT64 LastNumDeviceCheck; // Time at which to check the number of devices at last
UINT64 LastChangeMtuError; // Time that recorded the error to change the MTU at last
LOCALBRIDGE *ParentLocalBridge; // Parent Local Bridge
};
// Local bridge
struct LOCALBRIDGE
{
char HubName[MAX_HUBNAME_LEN + 1]; // Virtual HUB name
char DeviceName[MAX_SIZE]; // Device name
bool Local; // Local mode
bool Monitor; // Monitor mode
bool TapMode; // Tap mode
bool LimitBroadcast; // Broadcast packets limiting mode
UCHAR TapMacAddress[6]; // MAC address of the tap
BRIDGE *Bridge; // Bridge
};
BRIDGE *BrNewBridge(HUB *h, char *name, POLICY *p, bool local, bool monitor, bool tapmode, char *tapaddr, bool limit_broadcast, LOCALBRIDGE *parent_local_bridge);
void BrBridgeThread(THREAD *thread, void *param);
void BrFreeBridge(BRIDGE *b);
void InitLocalBridgeList(CEDAR *c);
void FreeLocalBridgeList(CEDAR *c);
void AddLocalBridge(CEDAR *c, char *hubname, char *devicename, bool local, bool monitor, bool tapmode, char *tapaddr, bool limit_broadcast);
bool DeleteLocalBridge(CEDAR *c, char *hubname, char *devicename);
bool IsBridgeSupported();
bool IsNeedWinPcap();
UINT GetEthDeviceHash();
#endif // BRIDGE_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/BridgeUnix.c
+1813
View File
File diff suppressed because it is too large Load Diff
src/Cedar/BridgeUnix.h
+191
View File
@@ -0,0 +1,191 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// BridgeUnix.h
// Header of BridgeUnix.c
#ifndef BRIDGEUNIX_H
#define BRIDGEUNIX_H
// Macro
#ifndef SOL_PACKET
#define SOL_PACKET 263
#endif
#ifndef ifr_newname
#define ifr_newname ifr_ifru.ifru_slave
#endif
// Constants
#define UNIX_ETH_TMP_BUFFER_SIZE (2000)
#define SOLARIS_MAXDLBUF (32768)
#define BRIDGE_MAX_QUEUE_SIZE (4096*1500)
// ETH structure
struct ETH
{
char *Name; // Adapter name
char *Title; // Adapter title
CANCEL *Cancel; // Cancel object
int IfIndex; // Index
int Socket; // Socket
UINT InitialMtu; // Initial MTU value
UINT CurrentMtu; // Current MTU value
int SocketBsdIf; // BSD interface operation socket
UCHAR MacAddress[6]; // MAC address
#ifdef BRIDGE_PCAP
void *Pcap; // Pcap descriptor
QUEUE *Queue; // Queue of the relay thread
UINT QueueSize; // Number of bytes in Queue
THREAD *CaptureThread; // Pcap relay thread
#endif // BRIDGE_PCAP
#ifdef BRIDGE_BPF
UINT BufSize; // Buffer size to read the BPF (error for other)
#ifdef BRIDGE_BPF_THREAD
QUEUE *Queue; // Queue of the relay thread
UINT QueueSize; // Number of bytes in Queue
THREAD *CaptureThread; // BPF relay thread
#else // BRIDGE_BPF_THREAD
UCHAR *Buffer; // Buffer to read the BPF
UCHAR *Next;
int Rest;
#endif // BRIDGE_BPF_THREAD
#endif // BRIDGE_BPF
VLAN *Tap; // tap
};
#if defined( BRIDGE_BPF ) || defined( BRIDGE_PCAP )
struct CAPTUREBLOCK{
UINT Size;
UCHAR *Buf;
};
#endif // BRIDGE_BPF
// Function prototype
void InitEth();
void FreeEth();
bool IsEthSupported();
bool IsEthSupportedLinux();
bool IsEthSupportedSolaris();
bool IsEthSupportedPcap();
TOKEN_LIST *GetEthList();
TOKEN_LIST *GetEthListLinux();
TOKEN_LIST *GetEthListSolaris();
TOKEN_LIST *GetEthListPcap();
ETH *OpenEth(char *name, bool local, bool tapmode, char *tapaddr);
ETH *OpenEthLinux(char *name, bool local, bool tapmode, char *tapaddr);
ETH *OpenEthSolaris(char *name, bool local, bool tapmode, char *tapaddr);
ETH *OpenEthPcap(char *name, bool local, bool tapmode, char *tapaddr);
bool ParseUnixEthDeviceName(char *dst_devname, UINT dst_devname_size, UINT *dst_devid, char *src_name);
void CloseEth(ETH *e);
CANCEL *EthGetCancel(ETH *e);
UINT EthGetPacket(ETH *e, void **data);
UINT EthGetPacketLinux(ETH *e, void **data);
UINT EthGetPacketSolaris(ETH *e, void **data);
UINT EthGetPacketPcap(ETH *e, void **data);
UINT EthGetPacketBpf(ETH *e, void **data);
void EthPutPacket(ETH *e, void *data, UINT size);
void EthPutPackets(ETH *e, UINT num, void **datas, UINT *sizes);
UINT EthGetMtu(ETH *e);
bool EthSetMtu(ETH *e, UINT mtu);
bool EthIsChangeMtuSupported(ETH *e);
bool EthGetInterfaceDescriptionUnix(char *name, char *str, UINT size);
bool EthIsInterfaceDescriptionSupportedUnix();
#ifdef UNIX_SOLARIS
// Function prototype for Solaris
bool DlipAttatchRequest(int fd, UINT devid);
bool DlipReceiveAck(int fd);
bool DlipPromiscuous(int fd, UINT level);
bool DlipBindRequest(int fd);
#endif // OS_SOLARIS
int UnixEthOpenRawSocket();
#endif // BRIDGEUNIX_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/BridgeWin32.c
+2217
View File
File diff suppressed because it is too large Load Diff
src/Cedar/BridgeWin32.h
+238
View File
@@ -0,0 +1,238 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// BridgeWin32.h
// Header of BridgeWin32.c
#ifndef BRIDGEWIN32_H
#define BRIDGEWIN32_H
#define BRIDGE_WIN32_PACKET_DLL "Packet.dll"
#define BRIDGE_WIN32_PCD_DLL "|see.dll"
#define BRIDGE_WIN32_PCD_SYS "|see.sys"
#define BRIDGE_WIN32_PCD_DLL_X64 "|see_x64.dll"
#define BRIDGE_WIN32_PCD_SYS_X64 "|see_x64.sys"
#define BRIDGE_WIN32_PCD_DLL_IA64 "|see_ia64.dll"
#define BRIDGE_WIN32_PCD_SYS_IA64 "|see_ia64.sys"
#define BRIDGE_WIN32_PCD_REGKEY "SYSTEM\\CurrentControlSet\\services\\SEE"
#define BRIDGE_WIN32_PCD_BUILDVALUE "CurrentInstalledBuild"
#define BRIDGE_WIN32_ETH_BUFFER (1048576)
typedef void *HANDLE;
#ifdef BRIDGE_C
// Header for Internal function (for BridgeWin32.c)
typedef struct WP
{
bool Inited;
HINSTANCE hPacketDll;
PCHAR (*PacketGetVersion)();
PCHAR (*PacketGetDriverVersion)();
BOOLEAN (*PacketSetMinToCopy)(LPADAPTER AdapterObject,int nbytes);
BOOLEAN (*PacketSetNumWrites)(LPADAPTER AdapterObject,int nwrites);
BOOLEAN (*PacketSetMode)(LPADAPTER AdapterObject,int mode);
BOOLEAN (*PacketSetReadTimeout)(LPADAPTER AdapterObject,int timeout);
BOOLEAN (*PacketSetBpf)(LPADAPTER AdapterObject,struct bpf_program *fp);
INT (*PacketSetSnapLen)(LPADAPTER AdapterObject,int snaplen);
BOOLEAN (*PacketGetStats)(LPADAPTER AdapterObject,struct bpf_stat *s);
BOOLEAN (*PacketGetStatsEx)(LPADAPTER AdapterObject,struct bpf_stat *s);
BOOLEAN (*PacketSetBuff)(LPADAPTER AdapterObject,int dim);
BOOLEAN (*PacketGetNetType)(LPADAPTER AdapterObject,NetType *type);
LPADAPTER (*PacketOpenAdapter)(PCHAR AdapterName);
BOOLEAN (*PacketSendPacket)(LPADAPTER AdapterObject,LPPACKET pPacket,BOOLEAN Sync);
INT (*PacketSendPackets)(LPADAPTER AdapterObject,PVOID PacketBuff,ULONG Size, BOOLEAN Sync);
LPPACKET (*PacketAllocatePacket)(void);
VOID (*PacketInitPacket)(LPPACKET lpPacket,PVOID Buffer,UINT Length);
VOID (*PacketFreePacket)(LPPACKET lpPacket);
BOOLEAN (*PacketReceivePacket)(LPADAPTER AdapterObject,LPPACKET lpPacket,BOOLEAN Sync);
BOOLEAN (*PacketSetHwFilter)(LPADAPTER AdapterObject,ULONG Filter);
BOOLEAN (*PacketGetAdapterNames)(PTSTR pStr,PULONG BufferSize);
BOOLEAN (*PacketGetNetInfoEx)(PCHAR AdapterName, npf_if_addr* buffer, PLONG NEntries);
BOOLEAN (*PacketRequest)(LPADAPTER AdapterObject,BOOLEAN Set,PPACKET_OID_DATA OidData);
HANDLE (*PacketGetReadEvent)(LPADAPTER AdapterObject);
BOOLEAN (*PacketSetDumpName)(LPADAPTER AdapterObject, void *name, int len);
BOOLEAN (*PacketSetDumpLimits)(LPADAPTER AdapterObject, UINT maxfilesize, UINT maxnpacks);
BOOLEAN (*PacketIsDumpEnded)(LPADAPTER AdapterObject, BOOLEAN sync);
BOOL (*PacketStopDriver)();
VOID (*PacketCloseAdapter)(LPADAPTER lpAdapter);
BOOLEAN (*PacketSetLoopbackBehavior)(LPADAPTER AdapterObject, UINT LoopbackBehavior);
} WP;
// Adapter list
typedef struct WP_ADAPTER
{
char Name[MAX_SIZE];
char Title[MAX_SIZE];
char Guid[MAX_SIZE];
UINT Id;
} WP_ADAPTER;
// Internal function prototype
void InitEthAdaptersList();
void FreeEthAdaptersList();
int CompareWpAdapter(void *p1, void *p2);
LIST *GetEthAdapterList();
LIST *GetEthAdapterListInternal();
bool InitWpWithLoadLibrary(WP *wp, HINSTANCE h);
bool IsPcdSupported();
HINSTANCE InstallPcdDriver();
HINSTANCE InstallPcdDriverInternal();
UINT LoadPcdDriverBuild();
void SavePcdDriverBuild(UINT build);
#endif // BRIDGE_C
typedef struct _ADAPTER ADAPTER;
typedef struct _PACKET PACKET;
// ETH structure
struct ETH
{
char *Name; // Adapter name
char *Title; // Adapter title
ADAPTER *Adapter; // Adapter
CANCEL *Cancel; // Cancel object
UCHAR *Buffer; // Buffer
UINT BufferSize; // Buffer size
PACKET *Packet; // Packet
PACKET *PutPacket; // Write packet
QUEUE *PacketQueue; // Packet queue
UINT64 LastSetSingleCpu; // Date and time set to a single CPU to last
bool LoopbackBlock; // Whether to block the loop back packet
bool Empty; // It is empty
UCHAR MacAddress[6]; // MAC address
bool HasFatalError; // A fatal error occurred on the transmission side
SU *Su; // SeLow handle
SU_ADAPTER *SuAdapter; // SeLow adapter handle
};
// Function prototype
void InitEth();
void FreeEth();
bool IsEthSupported();
bool IsEthSupportedInner();
TOKEN_LIST *GetEthList();
TOKEN_LIST *GetEthListEx(UINT *total_num_including_hidden);
ETH *OpenEth(char *name, bool local, bool tapmode, char *tapaddr);
ETH *OpenEthInternal(char *name, bool local, bool tapmode, char *tapaddr);
void CloseEth(ETH *e);
CANCEL *EthGetCancel(ETH *e);
UINT EthGetPacket(ETH *e, void **data);
void EthPutPacket(ETH *e, void *data, UINT size);
void EthPutPackets(ETH *e, UINT num, void **datas, UINT *sizes);
void GetEthNetworkConnectionName(wchar_t *dst, UINT size, char *device_name);
bool IsWin32BridgeWithSee();
UINT EthGetMtu(ETH *e);
bool EthSetMtu(ETH *e, UINT mtu);
bool EthIsChangeMtuSupported(ETH *e);
bool Win32EthIsSuSupported();
void Win32EthSetShowAllIf(bool b);
bool Win32EthGetShowAllIf();
bool EnumEthVLanWin32(RPC_ENUM_ETH_VLAN *t);
bool GetClassRegKeyWin32(char *key, UINT key_size, char *short_key, UINT short_key_size, char *guid);
int CmpRpcEnumEthVLan(void *p1, void *p2);
void GetVLanSupportStatus(RPC_ENUM_ETH_VLAN_ITEM *e);
void GetVLanEnableStatus(RPC_ENUM_ETH_VLAN_ITEM *e);
bool SetVLanEnableStatus(char *title, bool enable);
RPC_ENUM_ETH_VLAN_ITEM *FindEthVLanItem(RPC_ENUM_ETH_VLAN *t, char *name);
char *SearchDeviceInstanceIdFromShortKey(char *short_key);
void Win32EthMakeCombinedName(char *dst, UINT dst_size, char *nicname, char *guid);
UINT Win32EthGenIdFromGuid(char *guid);
UINT Win32EthGetNameAndIdFromCombinedName(char *name, UINT name_size, char *str);
struct WP_ADAPTER *Win32EthSearch(char *name);
bool Win32IsUsingSeLow();
void Win32SetEnableSeLow(bool b);
bool Win32GetEnableSeLow();
#endif // BRIDGEWIN32_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/CM.c
+12394
View File
File diff suppressed because it is too large Load Diff
src/Cedar/CM.h
+132
View File
@@ -0,0 +1,132 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// CM.h
// Header of CM.c
#ifndef CM_H
#define CM_H
// Constants
#define CM_REG_KEY "Software\\" GC_REG_COMPANY_NAME "\\" CEDAR_PRODUCT_STR " VPN\\Client Manager"
#define SECURE_MANAGER_KEY "Software\\" GC_REG_COMPANY_NAME "\\" CEDAR_PRODUCT_STR " VPN\\SmartCard Manager"
#define CM_TRAFFIC_REG_KEY "Software\\" GC_REG_COMPANY_NAME "\\" CEDAR_PRODUCT_STR " VPN\\Traffic Test Tool"
#define CM_VGC_REG_KEY "Software\\University of Tsukuba\\VPN Gate Client Plugin"
#define CM_TRY_EXEC_UI_HELPER_INTERVAL 5000
#define CM_DEFAULT_WIDTH 800
#define CM_DEFAULT_HEIGHT 600
#define WM_CM_NOTIFY (WM_APP + 999)
#define CM_IMPORT_FILENAME_MSG 1267
#define CM_IMPORT_FILENAME_MSG_OVERWRITE 1268
#define CM_NUM_RECENT 8
#define PUBLIC_SERVER_HTML "http://www.softether.com/jp/special/se2hub.aspx"
#define PUBLIC_SERVER_HTML_EN "http://www.softether.com/jp/special/se2hub_en.aspx"
#define PUBLIC_SERVER_TAG L"help:no; status:no; DialogWidth:600px; dialogHeight=700px"
#define PUBLIC_SERVER_NAME "public.softether.com"
#define VOICE_SSK 0 // ssk
#define VOICE_AHO 1 // aho
// The code for external export
// Structure
// Function prototype
void CMExec();
void CmTraffic(HWND hWnd);
void *CmStartUacHelper();
void CmStopUacHelper(void *p);
void *CmExecUiHelperMain();
UINT CmGetSecureBitmapId(char *dest_hostname);
#endif // CM_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/CMInner.h
+612
View File
@@ -0,0 +1,612 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// CMInner.h
// Internal header for the CM.c
#define STARTUP_MUTEX_NAME GC_SW_SOFTETHER_PREFIX "vpncmgr_startup_mutex"
#define NAME_OF_VPN_CLIENT_MANAGER "vpncmgr"
void CmVoice(char *name);
typedef struct CM_UAC_HELPER
{
THREAD *Thread;
volatile bool Halt;
EVENT *HaltEvent;
} CM_UAC_HELPER;
typedef struct CM_VOICE
{
UINT voice_id;
char *perfix;
} CM_VOICE;
static CM_VOICE cm_voice[] =
{
{VOICE_SSK, "ssk" },
{VOICE_AHO, "aho" },
};
typedef struct CM_ENUM_HUB
{
HWND hWnd;
THREAD *Thread;
SESSION *Session;
CLIENT_OPTION *ClientOption;
TOKEN_LIST *Hub;
} CM_ENUM_HUB;
#define CM_SETTING_INIT_NONE 0
#define CM_SETTING_INIT_EASY 1 // Transition to the simple mode
#define CM_SETTING_INIT_NORMAL 2 // Transition to the normal mode
#define CM_SETTING_INIT_SELECT 3 // Show a selection screen
#define CM_SETTING_INIT_CONNECT 4 // Import process by the simple installer
typedef struct CM
{
HWND hMainWnd;
HWND hStatusBar;
REMOTE_CLIENT *Client;
char *server_name;
wchar_t *import_file_name;
bool HideStatusBar;
bool HideTrayIcon;
bool ShowGrid;
bool VistaStyle;
bool ShowPort;
wchar_t StatudBar1[MAX_SIZE];
wchar_t StatudBar2[MAX_SIZE];
wchar_t StatudBar3[MAX_SIZE];
HICON Icon2, Icon3;
bool IconView;
THREAD *NotifyClientThread;
NOTIFY_CLIENT *NotifyClient;
volatile bool Halt;
bool OnCloseDispatched;
LIST *StatusWindowList;
CEDAR *Cedar;
LIST *EnumHubList;
UINT WindowCount;
bool DisableVoice;
UINT VoiceId;
UINT OldConnectedNum;
bool UpdateConnectedNumFlag;
UCHAR ShortcutKey[SHA1_SIZE];
bool TrayInited;
bool TraySucceed;
bool TrayAnimation;
bool TraySpeedAnimation;
UINT TrayAnimationCounter;
bool StartupMode;
THREAD *TryExecUiHelperThread;
volatile bool TryExecUiHelperHalt;
HANDLE TryExecUiHelperProcessHandle;
EVENT *TryExecUiHelperHaltEvent;
bool WindowsShutdowning;
bool CmSettingSupported;
bool CmEasyModeSupported;
bool CmSettingInitialFlag;
CM_SETTING CmSetting;
HWND hEasyWnd;
bool StartupFinished;
bool ConnectStartedFlag;
bool PositiveDisconnectFlag;
wchar_t EasyLastSelectedAccountName[MAX_ACCOUNT_NAME_LEN + 1];
WINDOWPLACEMENT FakeWindowPlacement;
bool CheckedAndShowedAdminPackMessage;
INSTANCE *StartupMutex;
bool BadProcessChecked;
bool MenuPopuping;
WINUI_UPDATE *Update;
} CM;
typedef struct CM_STATUS
{
wchar_t AccountName[MAX_ACCOUNT_NAME_LEN + 1]; // Account name
HWND hWndPolicy; // Policy dialog
} CM_STATUS;
typedef struct CM_POLICY
{
HWND hWnd;
wchar_t AccountName[MAX_ACCOUNT_NAME_LEN + 1]; // Account name
POLICY *Policy; // Policy dialog
CM_STATUS *CmStatus; // CM_STATUS
bool Extension; // Extension
} CM_POLICY;
typedef struct CM_ACCOUNT
{
bool EditMode; // Edit mode (false: New mode)
bool LinkMode; // Link mode
bool NatMode; // NAT mode
CLIENT_OPTION *ClientOption; // Client option
CLIENT_AUTH *ClientAuth; // Authentication data
bool Startup; // Startup account
bool CheckServerCert; // Check the server certificate
X *ServerCert; // Server certificate
char old_server_name[MAX_HOST_NAME_LEN + 1]; // Old server name
bool Inited; // Initialization flag
POLICY Policy; // Policy (only link mode)
struct SM_HUB *Hub; // HUB
RPC *Rpc; // RPC
bool OnlineFlag; // Online flag
bool Flag1; // Flag 1
bool HideClientCertAuth; // Hide the client authentication
bool HideSecureAuth; // Hide the smart card authentication
bool HideTrustCert; // Hide the trusted certificate authority button
UCHAR ShortcutKey[SHA1_SIZE]; // Shortcut key
bool LockMode; // Setting lock mode
bool Link_ConnectNow; // Start the connection immediately
UINT PolicyVer; // Policy version
} CM_ACCOUNT;
typedef struct CM_CHANGE_PASSWORD
{
CLIENT_OPTION *ClientOption; // Client Option
char Username[MAX_USERNAME_LEN + 1]; // User name
char HubName[MAX_HUBNAME_LEN + 1]; // HUB name
} CM_CHANGE_PASSWORD;
typedef struct CM_TRAFFIC
{
bool ServerMode; // Server mode
bool Double; // 2x mode
bool Raw; // Raw data mode
UINT Port; // Port number
char Host[MAX_HOST_NAME_LEN + 1]; // Host name
UINT NumTcp; // Number of TCP connections
UINT Type; // Type
UINT Span; // Period
} CM_TRAFFIC;
typedef struct CM_TRAFFIC_DLG
{
HWND hWnd; // Window handle
CM_TRAFFIC *Setting; // Setting
TTS *Tts; // Measurement server
TTC *Ttc; // Measurement client
THREAD *HaltThread; // Thread for stopping
THREAD *ClientEndWaitThread; // Thread to wait for the client to finish
bool Started; // Started flag
bool Stopping; // Stopping
UINT RetCode; // Return value
TT_RESULT Result; // Result
EVENT *ResultShowEvent; // Display result event
bool CloseDialogAfter; // Flag of whether or not to close the dialog
} CM_TRAFFIC_DLG;
// Internet connection settings
typedef struct CM_INTERNET_SETTING
{
UINT ProxyType; // Type of proxy server
char ProxyHostName[MAX_HOST_NAME_LEN + 1]; // Proxy server host name
UINT ProxyPort; // Proxy server port number
char ProxyUsername[MAX_USERNAME_LEN + 1]; // Proxy server user name
char ProxyPassword[MAX_USERNAME_LEN + 1]; // Proxy server password
} CM_INTERNET_SETTING;
static CM *cm = NULL;
void CmFreeTrayExternal(void *hWnd);
// Normal RPC call macro
__forceinline static bool CALL(HWND hWnd, UINT code)
{
UINT ret = code;
if (ret != ERR_NO_ERROR)
{
if (ret == ERR_DISCONNECTED)
{
if (cm != NULL)
{
Close(cm->hMainWnd);
}
else
{
MsgBox(hWnd, MB_ICONSTOP, _UU("SM_DISCONNECTED"));
}
if (cm != NULL)
{
CmFreeTrayExternal((void *)cm->hMainWnd);
}
exit(0);
}
else
{
UINT flag = MB_ICONEXCLAMATION;
if (ret == ERR_VLAN_IS_USED)
{
CmVoice("using_vlan");
}
if (hWnd != NULL && cm != NULL && cm->hEasyWnd != NULL)
{
hWnd = cm->hEasyWnd;
}
if (hWnd != NULL && cm != NULL && hWnd == cm->hEasyWnd)
{
flag |= MB_SETFOREGROUND | MB_TOPMOST;
}
MsgBox(hWnd, flag, _E(ret));
}
}
if (ret == ERR_NO_ERROR)
{
return true;
}
else
{
return false;
}
}
// Extended RPC call macro (get an error value)
__forceinline static UINT CALLEX(HWND hWnd, UINT code)
{
UINT ret = code;
if (ret != ERR_NO_ERROR)
{
if (ret == ERR_DISCONNECTED)
{
if (cm != NULL)
{
Close(cm->hMainWnd);
}
else
{
MsgBox(hWnd, MB_ICONSTOP, _UU("SM_DISCONNECTED"));
}
if (cm != NULL)
{
CmFreeTrayExternal((void *)cm->hMainWnd);
}
exit(0);
}
}
return ret;
}
typedef struct CM_LOADX
{
X *x;
} CM_LOADX;
typedef struct CM_SETTING_DLG
{
bool CheckPassword;
UCHAR HashedPassword[SHA1_SIZE];
} CM_SETTING_DLG;
typedef struct CM_EASY_DLG
{
bool EndDialogCalled;
} CM_EASY_DLG;
// Task tray related
#define WM_CM_TRAY_MESSAGE (WM_APP + 44)
#define WM_CM_SETTING_CHANGED_MESSAGE (WM_APP + 45)
#define WM_CM_EASY_REFRESH (WM_APP + 46)
#define WM_CM_SHOW (WM_APP + 47)
#define CMD_EASY_DBLCLICK 40697
#define CMD_VGC_CONNECT 40698
#define CM_TRAY_ANIMATION_INTERVAL 3000
#define CM_TRAY_MAX_ITEMS 4096
#define CM_TRAY_MENU_ID_START 12000
#define CM_TRAY_MENU_CONNECT_ID_START (CM_TRAY_MENU_ID_START + CM_TRAY_MAX_ITEMS)
#define CM_TRAY_MENU_STATUS_ID_START (CM_TRAY_MENU_CONNECT_ID_START + CM_TRAY_MAX_ITEMS)
#define CM_TRAY_MENU_DISCONNECT_ID_START (CM_TRAY_MENU_STATUS_ID_START + CM_TRAY_MAX_ITEMS)
#define CM_TRAY_MENU_RECENT_ID_START (CM_TRAY_MENU_DISCONNECT_ID_START + CM_TRAY_MAX_ITEMS)
#define CM_TRAY_IS_CONNECT_ID(id) (((id) >= CM_TRAY_MENU_CONNECT_ID_START) && (id) < CM_TRAY_MENU_STATUS_ID_START)
#define CM_TRAY_IS_STATUS_ID(id) (((id) >= CM_TRAY_MENU_STATUS_ID_START) && (id) < CM_TRAY_MENU_DISCONNECT_ID_START)
#define CM_TRAY_IS_DISCONNECT_ID(id) (((id) >= CM_TRAY_MENU_DISCONNECT_ID_START) && (id) < (CM_TRAY_MENU_DISCONNECT_ID_START + CM_TRAY_MAX_ITEMS))
#define CM_TRAY_IS_RECENT_ID(id) (((id) >= CM_TRAY_MENU_RECENT_ID_START) && (id) < (CM_TRAY_MENU_RECENT_ID_START + CM_TRAY_MAX_ITEMS))
// Function prototype
void InitCM(bool set_app_id);
void FreeCM();
void MainCM();
bool LoginCM();
void LogoutCM();
UINT CmLoginDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void MainCMWindow();
void CmSendImportMessage(HWND hWnd, wchar_t *filename, UINT msg);
UINT CmMainWindowProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void CmMainWindowOnSize(HWND hWnd);
void CmMainWindowOnInit(HWND hWnd);
void CmMainWindowOnQuit(HWND hWnd);
void CmSaveMainWindowPos(HWND hWnd);
void CmMainWindowOnCommand(HWND hWnd, WPARAM wParam, LPARAM lParam);
void CmMainWindowOnCommandEx(HWND hWnd, WPARAM wParam, LPARAM lParam, bool easy);
bool CmIsEnabled(HWND hWnd, UINT id);
bool CmIsChecked(UINT id);
bool CmIsBold(UINT id);
void CmMainWindowOnPopupMenu(HWND hWnd, HMENU hMenu, UINT pos);
void CmSaveMainWindowPos(HWND hWnd);
void CmRedrawStatusBar(HWND hWnd);
void CmRefresh(HWND hWnd);
void CmRefreshEx(HWND hWnd, bool style_changed);
void CmSetForegroundProcessToCnService();
void CmInitAccountList(HWND hWnd);
void CmInitAccountListEx(HWND hWnd, bool easy);
void CmInitVLanList(HWND hWnd);
void CmRefreshAccountList(HWND hWnd);
void CmRefreshAccountListEx(HWND hWnd, bool easy);
void CmRefreshAccountListEx2(HWND hWnd, bool easy, bool style_changed);
void CmRefreshVLanList(HWND hWnd);
void CmRefreshVLanListEx(HWND hWnd, bool style_changed);
void CmSaveAccountListPos(HWND hWnd);
void CmSaveVLanListPos(HWND hWnd);
wchar_t *CmGetProtocolName(UINT n);
void CmVLanNameToPrintName(char *str, UINT size, char *name);
bool CmPrintNameToVLanName(char *name, UINT size, char *str);
void CmMainWindowOnNotify(HWND hWnd, NMHDR *n);
void CmOnKey(HWND hWnd, bool ctrl, bool alt, UINT key);
void CmAccountListRightClick(HWND hWnd);
void CmVLanListRightClick(HWND hWnd);
void CmConnect(HWND hWnd, wchar_t *account_name);
void CmDisconnect(HWND hWnd, wchar_t *account_name);
void CmInitNotifyClientThread();
void CmFreeNotifyClientThread();
void CmNotifyClientThread(THREAD *thread, void *param);
void CmDeleteAccount(HWND hWnd, wchar_t *account_name);
void CmStatus(HWND hWnd, wchar_t *account_name);
void CmStatusDlg(HWND hWnd, wchar_t *account_name);
UINT CmStatusDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void CmStatusDlgPrint(HWND hWnd, CM_STATUS *cmst);
void CmPrintStatusToListView(LVB *b, RPC_CLIENT_GET_CONNECTION_STATUS *s);
void CmPrintStatusToListViewEx(LVB *b, RPC_CLIENT_GET_CONNECTION_STATUS *s, bool server_mode);
void CmStatusDlgPrintCert(HWND hWnd, CM_STATUS *st, bool server);
void CmPolicyDlg(HWND hWnd, CM_STATUS *st);
UINT CmPolicyDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void CmPolicyDlgPrint(HWND hWnd, CM_POLICY *p);
void CmPolicyDlgPrintEx(HWND hWnd, CM_POLICY *p, bool cascade_mode);
void CmPolicyDlgPrintEx2(HWND hWnd, CM_POLICY *p, bool cascade_mode, bool ver);
void CmNewAccount(HWND hWnd);
void CmEditAccount(HWND hWnd, wchar_t *account_name);
void CmGenerateNewAccountName(HWND hWnd, wchar_t *name, UINT size);
void CmGenerateCopyName(HWND hWnd, wchar_t *name, UINT size, wchar_t *old_name);
void CmGenerateImportName(HWND hWnd, wchar_t *name, UINT size, wchar_t *old_name);
CM_ACCOUNT *CmCreateNewAccountObject(HWND hWnd);
CM_ACCOUNT *CmGetExistAccountObject(HWND hWnd, wchar_t *account_name);
void CmEnumHubStart(HWND hWnd, CLIENT_OPTION *o);
void CmInitEnumHub();
void CmFreeEnumHub();
void CmFreeAccountObject(HWND hWnd, CM_ACCOUNT *a);
bool CmEditAccountDlg(HWND hWnd, CM_ACCOUNT *a);
UINT CmEditAccountDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void CmEditAccountDlgUpdate(HWND hWnd, CM_ACCOUNT *a);
void CmEditAccountDlgInit(HWND hWnd, CM_ACCOUNT *a);
void CmEditAccountDlgOnOk(HWND hWnd, CM_ACCOUNT *a);
void CmEditAccountDlgStartEnumHub(HWND hWnd, CM_ACCOUNT *a);
bool CmLoadXAndK(HWND hWnd, X **x, K **k);
bool CmLoadK(HWND hWnd, K **k);
bool CmLoadKEx(HWND hWnd, K **k, char *filename, UINT size);
bool CmLoadKExW(HWND hWnd, K **k, wchar_t *filename, UINT size);
bool CmLoadXFromFileOrSecureCard(HWND hWnd, X **x);
void CmLoadXFromFileOrSecureCardDlgInit(HWND hWnd, CM_LOADX *p);
void CmLoadXFromFileOrSecureCardDlgUpdate(HWND hWnd, CM_LOADX *p);
UINT CmLoadXFromFileOrSecureCardDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
bool CmLoadX(HWND hWnd, X **x);
bool CmLoadXEx(HWND hWnd, X **x, char *filename, UINT size);
bool CmLoadXExW(HWND hWnd, X **x, wchar_t *filename, UINT size);
X *CmGetIssuer(X *x);
bool CmProxyDlg(HWND hWnd, CLIENT_OPTION *a);
void CmProxyDlgUpdate(HWND hWnd, CLIENT_OPTION *a);
UINT CmProxyDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
bool CmDetailDlg(HWND hWnd, CM_ACCOUNT *a);
UINT CmDetailDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
char *CmNewVLanDlg(HWND hWnd);
UINT CmNewVLanDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void CmCopyAccount(HWND hWnd, wchar_t *account_name);
void CmExportAccount(HWND hWnd, wchar_t *account_name);
void CmSortcut(HWND hWnd, wchar_t *account_name);
void CmImportAccount(HWND hWnd);
void CmImportAccountMain(HWND hWnd, wchar_t *filename);
void CmImportAccountMainEx(HWND hWnd, wchar_t *filename, bool overwrite);
void CmTrustDlg(HWND hWnd);
UINT CmTrustDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void CmTrustDlgUpdate(HWND hWnd);
void CmTrustDlgRefresh(HWND hWnd);
void CmTrustImport(HWND hWnd);
void CmTrustExport(HWND hWnd);
void CmTrustView(HWND hWnd);
void CmPassword(HWND hWnd);
UINT CmPasswordProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void CmPasswordRefresh(HWND hWnd);
void CmRefreshStatusBar(HWND hWnd);
UINT CmGetNumConnected(HWND hWnd);
void CmDisconnectAll(HWND hWnd);
wchar_t *CmGenerateMainWindowTitle();
void CmConfigDlg(HWND hWnd);
UINT CmConfigDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void CmConfigDlgInit(HWND hWnd);
void CmConfigDlgRefresh(HWND hWnd);
void CmConfigDlgOnOk(HWND hWnd);
bool CmWarningDesktop(HWND hWnd, wchar_t *account_name);
UINT CmDesktopDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void CmDesktopDlgInit(HWND hWnd, wchar_t *account_name);
bool CmStopInstallVLan(HWND hWnd);
void CmChangePassword(HWND hWnd, CLIENT_OPTION *o, char *hubname, char *username);
UINT CmChangePasswordProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void CmChangePasswordUpdate(HWND hWnd, CM_CHANGE_PASSWORD *p);
void SmShowPublicVpnServerHtml(HWND hWnd);
void CmConnectShortcut(UCHAR *key);
UINT CmSelectSecure(HWND hWnd, UINT current_id);
void CmClientSecureManager(HWND hWnd);
UINT CmClientSelectSecure(HWND hWnd);
UINT CmSelectSecureDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void CmSelectSecureDlgInit(HWND hWnd, UINT default_id);
void CmSelectSecureDlgUpdate(HWND hWnd);
void CmSecureManager(HWND hWnd, UINT id);
void CmSecureManagerEx(HWND hWnd, UINT id, bool no_new_cert);
UINT CmSecureManagerDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void CmSecureManagerDlgInit(HWND hWnd, UINT id);
void CmSecureManagerDlgUpdate(HWND hWnd, UINT id);
void CmSecureManagerDlgRefresh(HWND hWnd, UINT id);
void CmSecureManagerDlgPrintList(HWND hWnd, LIST *o);
void CmSecureManagerDlgPrintListEx(HWND hWnd, UINT id, LIST *o, UINT type);
wchar_t *CmSecureObjTypeToStr(UINT type);
UINT CmSecureType(HWND hWnd);
UINT CmSecureTypeDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void CmSecureManagerDlgImport(HWND hWnd, UINT id);
void CmSecureManagerDlgDelete(HWND hWnd, UINT id);
void CmSecureManagerDlgExport(HWND hWnd, UINT id);
void CmSecureManagerDlgNewCert(HWND hWnd, UINT id);
void CmSecurePin(HWND hWnd, UINT id);
UINT CmSecurePinDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void CmSecurePinDlgUpdate(HWND hWnd);
void CmInitTray(HWND hWnd);
void CmPollingTray(HWND hWnd);
void CmFreeTray(HWND hWnd);
void CmChangeTrayString(HWND hWnd, wchar_t *str);
UINT CmGetTrayIconId(bool animation, UINT animation_counter);
void CmShowOrHideWindow(HWND hWnd);
void CmShowTrayMenu(HWND hWnd);
HMENU CmCreateTraySubMenu(HWND hWnd, bool flag, UINT start_id);
HMENU CmCreateRecentSubMenu(HWND hWnd, UINT start_id);
bool CmCheckPkcsEula(HWND hWnd, UINT id);
UINT CmPkcsEulaDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void CmDeleteOldStartupTrayFile();
UINT CmTrafficDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void CmTrafficDlgInit(HWND hWnd);
bool CmTrafficDlgUpdate(HWND hWnd);
void CmTrafficDlgOnOk(HWND hWnd);
bool CmTrafficLoadFromReg(CM_TRAFFIC *t);
void CmTrafficGetDefaultSetting(CM_TRAFFIC *t);
void CmTrafficSaveToReg(CM_TRAFFIC *t);
void CmTrafficDlgToStruct(HWND hWnd, CM_TRAFFIC *t);
void CmExecTraffic(HWND hWnd, CM_TRAFFIC *t);
UINT CmTrafficRunDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void CmTrafficRunDlgInit(HWND hWnd, CM_TRAFFIC_DLG *d);
void CmTrafficRunDlgStart(HWND hWnd, CM_TRAFFIC_DLG *d);
void CmTrafficRunDlgPrintProc(void *param, wchar_t *str);
void CmTrafficRunDlgAddStr(HWND hWnd, wchar_t *str);
void CmTrafficRunDlgHalt(HWND hWnd, CM_TRAFFIC_DLG *d);
void CmTrafficRunDlgHaltThread(THREAD *t, void *param);
void CmTrafficRunDlgClientWaitThread(THREAD *t, void *param);
void CmTrafficResult(HWND hWnd, TT_RESULT *r);
UINT CmTrafficResultDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void CmTrafficResultDlgInit(HWND hWnd, TT_RESULT *res);
void CmTryToExecUiHelper();
void CmInitTryToExecUiHelper();
void CmFreeTryToExecUiHelper();
void CmTryToExecUiHelperThread(THREAD *thread, void *param);
bool CmSetting(HWND hWnd);
UINT CmSettingDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void CmSettingDlgInit(HWND hWnd, CM_SETTING_DLG *d);
void CmSettingDlgUpdate(HWND hWnd, CM_SETTING_DLG *d);
void CmSettingDlgOnOk(HWND hWnd, CM_SETTING_DLG *d);
void CmApplyCmSetting();
void CmMainWindowOnTrayClicked(HWND hWnd, WPARAM wParam, LPARAM lParam);
void CmShowEasy();
void CmCloseEasy();
void CmMainWindowOnShowEasy(HWND hWnd);
UINT CmEasyDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void CmEasyDlgInit(HWND hWnd, CM_EASY_DLG *d);
void CmEasyDlgUpdate(HWND hWnd, CM_EASY_DLG *d);
void CmEasyDlgRefresh(HWND hWnd, CM_EASY_DLG *d);
void CmRefreshEasy();
void CmEasyDlgOnNotify(HWND hWnd, CM_EASY_DLG *d, NMHDR *n);
void CmEasyDlgOnKey(HWND hWnd, CM_EASY_DLG *d, bool ctrl, bool alt, UINT key);
void CmEasyDlgOnCommand(HWND hWnd, CM_EASY_DLG *d, WPARAM wParam, LPARAM lParam);
bool CmStartStartupMutex();
void CmEndStartupMutex();
void CmSetUacWindowActive();
void CmUacHelperThread(THREAD *thread, void *param);
void CmProxyDlgUseForIE(HWND hWnd, CLIENT_OPTION *o);
void CmGetSystemInternetSetting(CM_INTERNET_SETTING *setting);
void CmProxyDlgSet(HWND hWnd, CLIENT_OPTION *o, CM_INTERNET_SETTING *setting);
bool CmGetProxyServerNameAndPortFromIeProxyRegStr(char *name, UINT name_size, UINT *port, char *str, char *server_type);
void *CmUpdateJumpList(UINT start_id);
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Cedar.c
+1708
View File
File diff suppressed because it is too large Load Diff
src/Cedar/Cedar.h
+1194
View File
File diff suppressed because it is too large Load Diff
src/Cedar/Cedar.vcproj
+1529
View File
File diff suppressed because it is too large Load Diff
src/Cedar/CedarPch.c
+89
View File
@@ -0,0 +1,89 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// CedarPch.c
// Cedar Pre-compile Header Generating Code
#include "CedarPch.h"
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/CedarPch.h
+100
View File
@@ -0,0 +1,100 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// CedarPch.h
// Header file for grecompile header generation for Cedar
#include <GlobalConst.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <wchar.h>
#include <stdarg.h>
#include <time.h>
#include <errno.h>
#include <Mayaqua/Mayaqua.h>
#include <Cedar/Cedar.h>
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/CedarType.h
+720
View File
@@ -0,0 +1,720 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// CedarType.h
// List of types that Cedar using
#ifndef CEDARTYPE_H
#define CEDARTYPE_H
// ==============================================================
// Remote Procedure Call
// ==============================================================
typedef struct RPC RPC;
// ==============================================================
// Account
// ==============================================================
typedef struct POLICY_ITEM POLICY_ITEM;
typedef struct POLICY POLICY;
typedef struct USERGROUP USERGROUP;
typedef struct USER USER;
typedef struct AUTHPASSWORD AUTHPASSWORD;
typedef struct AUTHUSERCERT AUTHUSERCERT;
typedef struct AUTHROOTCERT AUTHROOTCERT;
typedef struct AUTHRADIUS AUTHRADIUS;
typedef struct AUTHNT AUTHNT;
// ==============================================================
// Listener
// ==============================================================
typedef struct DOS DOS;
typedef struct LISTENER LISTENER;
typedef struct TCP_ACCEPTED_PARAM TCP_ACCEPTED_PARAM;
typedef struct UDP_ENTRY UDP_ENTRY;
typedef struct DYNAMIC_LISTENER DYNAMIC_LISTENER;
// ==============================================================
// Logging
// ==============================================================
typedef struct PACKET_LOG PACKET_LOG;
typedef struct HUB_LOG HUB_LOG;
typedef struct RECORD RECORD;
typedef struct LOG LOG;
typedef struct ERASER ERASER;
typedef struct SLOG SLOG;
// ==============================================================
// Connection
// ==============================================================
typedef struct KEEP KEEP;
typedef struct SECURE_SIGN SECURE_SIGN;
typedef struct RC4_KEY_PAIR RC4_KEY_PAIR;
typedef struct CLIENT_OPTION CLIENT_OPTION;
typedef struct CLIENT_AUTH CLIENT_AUTH;
typedef struct TCPSOCK TCPSOCK;
typedef struct TCP TCP;
typedef struct UDP UDP;
typedef struct BLOCK BLOCK;
typedef struct CONNECTION CONNECTION;
// ==============================================================
// Session
// ==============================================================
typedef struct NODE_INFO NODE_INFO;
typedef struct PACKET_ADAPTER PACKET_ADAPTER;
typedef struct SESSION SESSION;
typedef struct UI_PASSWORD_DLG UI_PASSWORD_DLG;
typedef struct UI_MSG_DLG UI_MSG_DLG;
typedef struct UI_NICINFO UI_NICINFO;
typedef struct UI_CONNECTERROR_DLG UI_CONNECTERROR_DLG;
typedef struct UI_CHECKCERT UI_CHECKCERT;
// ==============================================================
// Hub
// ==============================================================
typedef struct SE_LINK SE_LINK;
typedef struct TEST_HISTORY TEST_HISTORY;
typedef struct SE_TEST SE_TEST;
typedef struct HUBDB HUBDB;
typedef struct TRAFFIC_LIMITER TRAFFIC_LIMITER;
typedef struct STORM STORM;
typedef struct HUB_PA HUB_PA;
typedef struct HUB_OPTION HUB_OPTION;
typedef struct MAC_TABLE_ENTRY MAC_TABLE_ENTRY;
typedef struct IP_TABLE_ENTRY IP_TABLE_ENTRY;
typedef struct LOOP_LIST LOOP_LIST;
typedef struct ACCESS ACCESS;
typedef struct TICKET TICKET;
typedef struct TRAFFIC_DIFF TRAFFIC_DIFF;
typedef struct HUB HUB;
typedef struct ADMIN_OPTION ADMIN_OPTION;
typedef struct CRL CRL;
typedef struct AC AC;
typedef struct USERLIST USERLIST;
// ==============================================================
// Protocol
// ==============================================================
typedef struct CHECK_CERT_THREAD_PROC CHECK_CERT_THREAD_PROC;
typedef struct SECURE_SIGN_THREAD_PROC SECURE_SIGN_THREAD_PROC;
typedef struct RAND_CACHE RAND_CACHE;
typedef struct BLACK BLACK;
typedef struct SEND_SIGNATURE_PARAM SEND_SIGNATURE_PARAM;
typedef struct UPDATE_CLIENT UPDATE_CLIENT;
typedef struct UPDATE_CLIENT_SETTING UPDATE_CLIENT_SETTING;
// ==============================================================
// Link
// ==============================================================
typedef struct LINK LINK;
// ==============================================================
// Virtual
// ==============================================================
typedef struct ARP_ENTRY ARP_ENTRY;
typedef struct ARP_WAIT ARP_WAIT;
typedef struct IP_WAIT IP_WAIT;
typedef struct IP_PART IP_PART;
typedef struct IP_COMBINE IP_COMBINE;
typedef struct NAT_ENTRY NAT_ENTRY;
typedef struct TCP_OPTION TCP_OPTION;
typedef struct VH VH;
typedef struct VH_OPTION VH_OPTION;
typedef struct DHCP_LEASE DHCP_LEASE;
typedef struct NATIVE_NAT NATIVE_NAT;
typedef struct NATIVE_NAT_ENTRY NATIVE_NAT_ENTRY;
typedef struct DNS_PARSED_PACKET DNS_PARSED_PACKET;
// ==============================================================
// WPC
// ==============================================================
typedef struct INTERNET_SETTING INTERNET_SETTING;
typedef struct URL_DATA URL_DATA;
typedef struct WPC_ENTRY WPC_ENTRY;
typedef struct WPC_PACKET WPC_PACKET;
typedef struct WPC_CONNECT WPC_CONNECT;
// ==============================================================
// VLAN
// ==============================================================
typedef struct ROUTE_TRACKING ROUTE_TRACKING;
typedef struct VLAN VLAN;
typedef struct INSTANCE_LIST INSTANCE_LIST;
typedef struct VLAN_PARAM VLAN_PARAM;
#ifdef OS_UNIX
typedef struct UNIX_VLAN_LIST UNIX_VLAN_LIST;
#endif // OS_UNIX
// ==============================================================
// Null LAN
// ==============================================================
typedef struct NULL_LAN NULL_LAN;
// ==============================================================
// Bridge
// ==============================================================
typedef struct ETH ETH;
typedef struct BRIDGE BRIDGE;
typedef struct LOCALBRIDGE LOCALBRIDGE;
// ==============================================================
// Layer-3 Switch
// ==============================================================
typedef struct L3IF L3IF;
typedef struct L3SW L3SW;
typedef struct L3TABLE L3TABLE;
typedef struct L3ARPENTRY L3ARPENTRY;
typedef struct L3ARPWAIT L3ARPWAIT;
typedef struct L3PACKET L3PACKET;
// ==============================================================
// Client
// ==============================================================
typedef struct ACCOUNT ACCOUNT;
typedef struct CLIENT_CONFIG CLIENT_CONFIG;
typedef struct RPC_CLIENT_VERSION RPC_CLIENT_VERSION;
typedef struct RPC_CLIENT_PASSWORD RPC_CLIENT_PASSWORD;
typedef struct RPC_CLIENT_PASSWORD_SETTING RPC_CLIENT_PASSWORD_SETTING;
typedef struct RPC_CLIENT_ENUM_CA_ITEM RPC_CLIENT_ENUM_CA_ITEM;
typedef struct RPC_CLIENT_ENUM_CA RPC_CLIENT_ENUM_CA;
typedef struct RPC_CERT RPC_CERT;
typedef struct RPC_CLIENT_DELETE_CA RPC_CLIENT_DELETE_CA;
typedef struct RPC_GET_CA RPC_GET_CA;
typedef struct RPC_GET_ISSUER RPC_GET_ISSUER;
typedef struct RPC_CLIENT_ENUM_SECURE_ITEM RPC_CLIENT_ENUM_SECURE_ITEM;
typedef struct RPC_CLIENT_ENUM_SECURE RPC_CLIENT_ENUM_SECURE;
typedef struct RPC_USE_SECURE RPC_USE_SECURE;
typedef struct RPC_ENUM_OBJECT_IN_SECURE RPC_ENUM_OBJECT_IN_SECURE;
typedef struct RPC_CLIENT_CREATE_VLAN RPC_CLIENT_CREATE_VLAN;
typedef struct RPC_CLIENT_GET_VLAN RPC_CLIENT_GET_VLAN;
typedef struct RPC_CLIENT_SET_VLAN RPC_CLIENT_SET_VLAN;
typedef struct RPC_CLIENT_ENUM_VLAN_ITEM RPC_CLIENT_ENUM_VLAN_ITEM;
typedef struct RPC_CLIENT_ENUM_VLAN RPC_CLIENT_ENUM_VLAN;
typedef struct RPC_CLIENT_CREATE_ACCOUNT RPC_CLIENT_CREATE_ACCOUNT;
typedef struct RPC_CLIENT_ENUM_ACCOUNT_ITEM RPC_CLIENT_ENUM_ACCOUNT_ITEM;
typedef struct RPC_CLIENT_ENUM_ACCOUNT RPC_CLIENT_ENUM_ACCOUNT;
typedef struct RPC_CLIENT_DELETE_ACCOUNT RPC_CLIENT_DELETE_ACCOUNT;
typedef struct RPC_RENAME_ACCOUNT RPC_RENAME_ACCOUNT;
typedef struct RPC_CLIENT_GET_ACCOUNT RPC_CLIENT_GET_ACCOUNT;
typedef struct RPC_CLIENT_CONNECT RPC_CLIENT_CONNECT;
typedef struct RPC_CLIENT_GET_CONNECTION_STATUS RPC_CLIENT_GET_CONNECTION_STATUS;
typedef struct CLIENT_RPC_CONNECTION CLIENT_RPC_CONNECTION;
typedef struct CLIENT CLIENT;
typedef struct RPC_CLIENT_NOTIFY RPC_CLIENT_NOTIFY;
typedef struct REMOTE_CLIENT REMOTE_CLIENT;
typedef struct NOTIFY_CLIENT NOTIFY_CLIENT;
typedef struct UNIX_VLAN UNIX_VLAN;
typedef struct CM_SETTING CM_SETTING;
// ==============================================================
// Server
// ==============================================================
typedef struct HUB_LIST HUB_LIST;
typedef struct FARM_TASK FARM_TASK;
typedef struct FARM_MEMBER FARM_MEMBER;
typedef struct FARM_CONTROLLER FARM_CONTROLLER;
typedef struct SERVER_LISTENER SERVER_LISTENER;
typedef struct SERVER SERVER;
typedef struct RPC_ENUM_SESSION RPC_ENUM_SESSION;
typedef struct RPC_SESSION_STATUS RPC_SESSION_STATUS;
typedef struct CAPS CAPS;
typedef struct CAPSLIST CAPSLIST;
typedef struct LOG_FILE LOG_FILE;
typedef struct SYSLOG_SETTING SYSLOG_SETTING;
typedef struct HUB_SNAPSHOT HUB_SNAPSHOT;
typedef struct SERVER_SNAPSHOT SERVER_SNAPSHOT;
typedef struct SERVER_HUB_CREATE_HISTORY SERVER_HUB_CREATE_HISTORY;
typedef struct OPENVPN_SSTP_CONFIG OPENVPN_SSTP_CONFIG;
// ==============================================================
// Server Admin Tool
// ==============================================================
typedef struct ADMIN ADMIN;
typedef struct RPC_TEST RPC_TEST;
typedef struct RPC_SERVER_INFO RPC_SERVER_INFO;
typedef struct RPC_SERVER_STATUS RPC_SERVER_STATUS;
typedef struct RPC_LISTENER RPC_LISTENER;
typedef struct RPC_LISTENER_LIST RPC_LISTENER_LIST;
typedef struct RPC_STR RPC_STR;
typedef struct RPC_SET_PASSWORD RPC_SET_PASSWORD;
typedef struct RPC_FARM RPC_FARM;
typedef struct RPC_FARM_HUB RPC_FARM_HUB;
typedef struct RPC_FARM_INFO RPC_FARM_INFO;
typedef struct RPC_ENUM_FARM_ITEM RPC_ENUM_FARM_ITEM;
typedef struct RPC_ENUM_FARM RPC_ENUM_FARM;
typedef struct RPC_FARM_CONNECTION_STATUS RPC_FARM_CONNECTION_STATUS;
typedef struct RPC_KEY_PAIR RPC_KEY_PAIR;
typedef struct RPC_HUB_OPTION RPC_HUB_OPTION;
typedef struct RPC_RADIUS RPC_RADIUS;
typedef struct RPC_HUB RPC_HUB;
typedef struct RPC_CREATE_HUB RPC_CREATE_HUB;
typedef struct RPC_ENUM_HUB_ITEM RPC_ENUM_HUB_ITEM;
typedef struct RPC_ENUM_HUB RPC_ENUM_HUB;
typedef struct RPC_DELETE_HUB RPC_DELETE_HUB;
typedef struct RPC_ENUM_CONNECTION_ITEM RPC_ENUM_CONNECTION_ITEM;
typedef struct RPC_ENUM_CONNECTION RPC_ENUM_CONNECTION;
typedef struct RPC_DISCONNECT_CONNECTION RPC_DISCONNECT_CONNECTION;
typedef struct RPC_CONNECTION_INFO RPC_CONNECTION_INFO;
typedef struct RPC_SET_HUB_ONLINE RPC_SET_HUB_ONLINE;
typedef struct RPC_HUB_STATUS RPC_HUB_STATUS;
typedef struct RPC_HUB_LOG RPC_HUB_LOG;
typedef struct RPC_HUB_ADD_CA RPC_HUB_ADD_CA;
typedef struct RPC_HUB_ENUM_CA_ITEM RPC_HUB_ENUM_CA_ITEM;
typedef struct RPC_HUB_ENUM_CA RPC_HUB_ENUM_CA;
typedef struct RPC_HUB_GET_CA RPC_HUB_GET_CA;
typedef struct RPC_HUB_DELETE_CA RPC_HUB_DELETE_CA;
typedef struct RPC_CREATE_LINK RPC_CREATE_LINK;
typedef struct RPC_ENUM_LINK_ITEM RPC_ENUM_LINK_ITEM;
typedef struct RPC_ENUM_LINK RPC_ENUM_LINK;
typedef struct RPC_LINK_STATUS RPC_LINK_STATUS;
typedef struct RPC_LINK RPC_LINK;
typedef struct RPC_ENUM_ACCESS_LIST RPC_ENUM_ACCESS_LIST;
typedef struct RPC_ADD_ACCESS RPC_ADD_ACCESS;
typedef struct RPC_DELETE_ACCESS RPC_DELETE_ACCESS;
typedef struct RPC_SET_USER RPC_SET_USER;
typedef struct RPC_ENUM_USER_ITEM RPC_ENUM_USER_ITEM;
typedef struct RPC_ENUM_USER RPC_ENUM_USER;
typedef struct RPC_SET_GROUP RPC_SET_GROUP;
typedef struct RPC_ENUM_GROUP_ITEM RPC_ENUM_GROUP_ITEM;
typedef struct RPC_ENUM_GROUP RPC_ENUM_GROUP;
typedef struct RPC_DELETE_USER RPC_DELETE_USER;
typedef struct RPC_ENUM_SESSION_ITEM RPC_ENUM_SESSION_ITEM;
typedef struct RPC_DELETE_SESSION RPC_DELETE_SESSION;
typedef struct RPC_ENUM_MAC_TABLE_ITEM RPC_ENUM_MAC_TABLE_ITEM;
typedef struct RPC_ENUM_MAC_TABLE RPC_ENUM_MAC_TABLE;
typedef struct RPC_ENUM_IP_TABLE_ITEM RPC_ENUM_IP_TABLE_ITEM;
typedef struct RPC_ENUM_IP_TABLE RPC_ENUM_IP_TABLE;
typedef struct RPC_DELETE_TABLE RPC_DELETE_TABLE;
typedef struct RPC_KEEP RPC_KEEP;
typedef struct RPC_ENUM_ETH_ITEM RPC_ENUM_ETH_ITEM;
typedef struct RPC_ENUM_ETH RPC_ENUM_ETH;
typedef struct RPC_LOCALBRIDGE RPC_LOCALBRIDGE;
typedef struct RPC_ENUM_LOCALBRIDGE RPC_ENUM_LOCALBRIDGE;
typedef struct RPC_BRIDGE_SUPPORT RPC_BRIDGE_SUPPORT;
typedef struct RPC_CONFIG RPC_CONFIG;
typedef struct RPC_ADMIN_OPTION RPC_ADMIN_OPTION;
typedef struct RPC_L3SW RPC_L3SW;
typedef struct RPC_L3IF RPC_L3IF;
typedef struct RPC_L3TABLE RPC_L3TABLE;
typedef struct RPC_ENUM_L3SW_ITEM RPC_ENUM_L3SW_ITEM;
typedef struct RPC_ENUM_L3SW RPC_ENUM_L3SW;
typedef struct RPC_ENUM_L3IF RPC_ENUM_L3IF;
typedef struct RPC_ENUM_L3TABLE RPC_ENUM_L3TABLE;
typedef struct RPC_CRL RPC_CRL;
typedef struct RPC_ENUM_CRL_ITEM RPC_ENUM_CRL_ITEM;
typedef struct RPC_ENUM_CRL RPC_ENUM_CRL;
typedef struct RPC_INT RPC_INT;
typedef struct RPC_AC_LIST RPC_AC_LIST;
typedef struct RPC_ENUM_LOG_FILE_ITEM RPC_ENUM_LOG_FILE_ITEM;
typedef struct RPC_ENUM_LOG_FILE RPC_ENUM_LOG_FILE;
typedef struct RPC_READ_LOG_FILE RPC_READ_LOG_FILE;
typedef struct DOWNLOAD_PROGRESS DOWNLOAD_PROGRESS;
typedef struct RPC_RENAME_LINK RPC_RENAME_LINK;
typedef struct RPC_ENUM_LICENSE_KEY RPC_ENUM_LICENSE_KEY;
typedef struct RPC_ENUM_LICENSE_KEY_ITEM RPC_ENUM_LICENSE_KEY_ITEM;
typedef struct RPC_LICENSE_STATUS RPC_LICENSE_STATUS;
typedef struct RPC_ENUM_ETH_VLAN_ITEM RPC_ENUM_ETH_VLAN_ITEM;
typedef struct RPC_ENUM_ETH_VLAN RPC_ENUM_ETH_VLAN;
typedef struct RPC_MSG RPC_MSG;
typedef struct RPC_WINVER RPC_WINVER;
typedef struct RPC_ENUM_ETHERIP_ID RPC_ENUM_ETHERIP_ID;
typedef struct RPC_SPECIAL_LISTENER RPC_SPECIAL_LISTENER;
typedef struct RPC_AZURE_STATUS RPC_AZURE_STATUS;
// ==============================================================
// NAT
// ==============================================================
typedef struct NAT NAT;
typedef struct NAT_ADMIN NAT_ADMIN;
typedef struct RPC_DUMMY RPC_DUMMY;
typedef struct RPC_NAT_STATUS RPC_NAT_STATUS;
typedef struct RPC_NAT_INFO RPC_NAT_INFO;
typedef struct RPC_ENUM_NAT_ITEM RPC_ENUM_NAT_ITEM;
typedef struct RPC_ENUM_NAT RPC_ENUM_NAT;
typedef struct RPC_ENUM_DHCP_ITEM RPC_ENUM_DHCP_ITEM;
typedef struct RPC_ENUM_DHCP RPC_ENUM_DHCP;
// ==============================================================
// SecureNAT
// ==============================================================
typedef struct SNAT SNAT;
// ==============================================================
// WinUI
// ==============================================================
typedef struct LED LED;
typedef struct WIZARD WIZARD;
typedef struct WIZARD_PAGE WIZARD_PAGE;
typedef struct WINUI_UPDATE WINUI_UPDATE;
typedef struct WINUI_UPDATE_DLG_PARAM WINUI_UPDATE_DLG_PARAM;
// ==============================================================
// Console
// ==============================================================
typedef struct PARAM PARAM;
typedef struct PARAM_VALUE PARAM_VALUE;
typedef struct CONSOLE CONSOLE;
typedef struct LOCAL_CONSOLE_PARAM LOCAL_CONSOLE_PARAM;
typedef struct CMD CMD;
typedef struct CMD_EVAL_MIN_MAX CMD_EVAL_MIN_MAX;
// ==============================================================
// Command
// ==============================================================
typedef struct PS PS;
typedef struct PC PC;
typedef struct CT CT;
typedef struct CTC CTC;
typedef struct CTR CTR;
typedef struct TTC TTC;
typedef struct TTS TTS;
typedef struct TT_RESULT TT_RESULT;
typedef struct TTS_SOCK TTS_SOCK;
typedef struct TTC_SOCK TTC_SOCK;
typedef struct PT PT;
// ==============================================================
// EtherLogger
// ==============================================================
typedef struct EL EL;
typedef struct EL_DEVICE EL_DEVICE;
typedef struct EL_LICENSE_STATUS EL_LICENSE_STATUS;
typedef struct RPC_ADD_DEVICE RPC_ADD_DEVICE;
typedef struct RPC_DELETE_DEVICE RPC_DELETE_DEVICE;
typedef struct RPC_ENUM_DEVICE_ITEM RPC_ENUM_DEVICE_ITEM;
typedef struct RPC_ENUM_DEVICE RPC_ENUM_DEVICE;
typedef struct RPC_EL_LICENSE_STATUS RPC_EL_LICENSE_STATUS;
// ==============================================================
// Database
// ==============================================================
typedef struct LICENSE_PRODUCT LICENSE_PRODUCT;
typedef struct LICENSE_SYSTEM LICENSE_SYSTEM;
typedef struct LICENSE_DATA LICENSE_DATA;
typedef struct LICENSE LICENSE;
typedef struct LICENSE_STATUS LICENSE_STATUS;
typedef struct SECURE_PACK_FOLDER SECURE_PACK_FOLDER;
typedef struct WIDE_MACHINE_ID WIDE_MACHINE_ID;
typedef struct TRIAL_INFO TRIAL_INFO;
// ==============================================================
// IPsec
// ==============================================================
typedef struct IPSEC_SERVER IPSEC_SERVER;
typedef struct IPSEC_SERVICES IPSEC_SERVICES;
typedef struct ETHERIP_ID ETHERIP_ID;
// ==============================================================
// L2TP
// ==============================================================
typedef struct L2TP_SERVER L2TP_SERVER;
typedef struct L2TP_TUNNEL L2TP_TUNNEL;
typedef struct L2TP_SESSION L2TP_SESSION;
typedef struct L2TP_PACKET L2TP_PACKET;
typedef struct L2TP_AVP L2TP_AVP;
typedef struct L2TP_QUEUE L2TP_QUEUE;
// ==============================================================
// PPP
// ==============================================================
typedef struct PPP_SESSION PPP_SESSION;
typedef struct PPP_OPTION PPP_OPTION;
typedef struct PPP_LCP PPP_LCP;
typedef struct PPP_PACKET PPP_PACKET;
typedef struct PPP_IPOPTION PPP_IPOPTION;
// ==============================================================
// EtherIP
// ==============================================================
typedef struct ETHERIP_SERVER ETHERIP_SERVER;
// ==============================================================
// IKE
// ==============================================================
typedef struct IKE_SERVER IKE_SERVER;
typedef struct IKE_SA IKE_SA;
typedef struct IKE_SA_TRANSFORM_SETTING IKE_SA_TRANSFORM_SETTING;
typedef struct IKE_CLIENT IKE_CLIENT;
typedef struct IPSECSA IPSECSA;
typedef struct IKE_CAPS IKE_CAPS;
// ==============================================================
// IPSec Packet
// ==============================================================
typedef struct IKE_COMMON_HEADER IKE_COMMON_HEADER;
typedef struct IKE_SA_HEADER IKE_SA_HEADER;
typedef struct IKE_PROPOSAL_HEADER IKE_PROPOSAL_HEADER;
typedef struct IKE_TRANSFORM_HEADER IKE_TRANSFORM_HEADER;
typedef struct IKE_TRANSFORM_VALUE IKE_TRANSFORM_VALUE;
typedef struct IKE_ID_HEADER IKE_ID_HEADER;
typedef struct IKE_CERT_HEADER IKE_CERT_HEADER;
typedef struct IKE_CERT_REQUEST_HEADER IKE_CERT_REQUEST_HEADER;
typedef struct IKE_NOTICE_HEADER IKE_NOTICE_HEADER;
typedef struct IKE_DELETE_HEADER IKE_DELETE_HEADER;
typedef struct IKE_NAT_OA_HEADER IKE_NAT_OA_HEADER;
typedef struct IPSEC_SA_TRANSFORM_SETTING IPSEC_SA_TRANSFORM_SETTING;
typedef struct IKE_PACKET_SA_PAYLOAD IKE_PACKET_SA_PAYLOAD;
typedef struct IKE_PACKET_PROPOSAL_PAYLOAD IKE_PACKET_PROPOSAL_PAYLOAD;
typedef struct IKE_PACKET_TRANSFORM_PAYLOAD IKE_PACKET_TRANSFORM_PAYLOAD;
typedef struct IKE_PACKET_TRANSFORM_VALUE IKE_PACKET_TRANSFORM_VALUE;
typedef struct IKE_PACKET_DATA_PAYLOAD IKE_PACKET_DATA_PAYLOAD;
typedef struct IKE_PACKET_ID_PAYLOAD IKE_PACKET_ID_PAYLOAD;
typedef struct IKE_PACKET_CERT_PAYLOAD IKE_PACKET_CERT_PAYLOAD;
typedef struct IKE_PACKET_CERT_REQUEST_PAYLOAD IKE_PACKET_CERT_REQUEST_PAYLOAD;
typedef struct IKE_PACKET_NOTICE_PAYLOAD IKE_PACKET_NOTICE_PAYLOAD;
typedef struct IKE_PACKET_DELETE_PAYLOAD IKE_PACKET_DELETE_PAYLOAD;
typedef struct IKE_PACKET_NAT_OA_PAYLOAD IKE_PACKET_NAT_OA_PAYLOAD;
typedef struct IKE_PACKET_PAYLOAD IKE_PACKET_PAYLOAD;
typedef struct IKE_PACKET IKE_PACKET;
typedef struct IKE_P1_KEYSET IKE_P1_KEYSET;
typedef struct IKE_CRYPTO IKE_CRYPTO;
typedef struct IKE_HASH IKE_HASH;
typedef struct IKE_DH IKE_DH;
typedef struct IKE_ENGINE IKE_ENGINE;
typedef struct IKE_CRYPTO_KEY IKE_CRYPTO_KEY;
typedef struct IKE_CRYPTO_PARAM IKE_CRYPTO_PARAM;
// ==============================================================
// IPSec for Windows 7 / Vista / 2008 / 2008 R2
// ==============================================================
typedef struct IPSEC_WIN7 IPSEC_WIN7;
// ==============================================================
// In-Process VPN Client
// ==============================================================
typedef struct IPC IPC;
typedef struct IPC_ARP IPC_ARP;
typedef struct IPC_ASYNC IPC_ASYNC;
typedef struct IPC_PARAM IPC_PARAM;
typedef struct IPC_DHCP_RELESAE_QUEUE IPC_DHCP_RELESAE_QUEUE;
typedef struct IPC_MSCHAP_V2_AUTHINFO IPC_MSCHAP_V2_AUTHINFO;
// ==============================================================
// UDP Acceleration
// ==============================================================
typedef struct UDP_ACCEL UDP_ACCEL;
// ==============================================================
// SSTP (Microsoft Secure Socket Tunneling Protocol) Stack
// ==============================================================
typedef struct SSTP_SERVER SSTP_SERVER;
typedef struct SSTP_PACKET SSTP_PACKET;
typedef struct SSTP_ATTRIBUTE SSTP_ATTRIBUTE;
// ==============================================================
// OpenVPN Protocol Stack
// ==============================================================
typedef struct OPENVPN_SERVER OPENVPN_SERVER;
typedef struct OPENVPN_SERVER_UDP OPENVPN_SERVER_UDP;
typedef struct OPENVPN_SESSION OPENVPN_SESSION;
typedef struct OPENVPN_CHANNEL OPENVPN_CHANNEL;
typedef struct OPENVPN_PACKET OPENVPN_PACKET;
typedef struct OPENVPN_CONTROL_PACKET OPENVPN_CONTROL_PACKET;
typedef struct OPENVPN_KEY_METHOD_2 OPENVPN_KEY_METHOD_2;
// ==============================================================
// Dynamic DNS Client
// ==============================================================
typedef struct DDNS_CLIENT DDNS_CLIENT;
typedef struct DDNS_REGISTER_PARAM DDNS_REGISTER_PARAM;
typedef struct DDNS_CLIENT_STATUS DDNS_CLIENT_STATUS;
// ==============================================================
// VPN Azure Client
// ==============================================================
typedef struct AZURE_CLIENT AZURE_CLIENT;
typedef struct AZURE_PARAM AZURE_PARAM;
// ==============================================================
// VPN Gate Service
// ==============================================================
typedef struct VGS VGS;
typedef struct VGS_CONFIG VGS_CONFIG;
typedef struct VGC VGC;
typedef struct VGHOST VGHOST;
typedef struct VGHOSTLIST VGHOSTLIST;
typedef struct VGHOSTDAT VGHOSTDAT;
typedef struct VGCPOLLTASK VGCPOLLTASK;
typedef struct VGS_LOG VGS_LOG;
typedef struct VGC_UDPHOST VGC_UDPHOST;
typedef struct MIRROR_SERVER MIRROR_SERVER;
// ==============================================================
// Native Stack
// ==============================================================
typedef struct NATIVE_STACK NATIVE_STACK;
// ==============================================================
// SeLow User-mode
// ==============================================================
typedef struct SU SU;
typedef struct SU_ADAPTER SU_ADAPTER;
typedef struct SU_ADAPTER_LIST SU_ADAPTER_LIST;
#endif // CEDARTYPE_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Client.c
+11005
View File
File diff suppressed because it is too large Load Diff
src/Cedar/Client.h
+849
View File
@@ -0,0 +1,849 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Client.h
// Header of Client.c
#ifndef CLIENT_H
#define CLIENT_H
#define CLIENT_CONFIG_PORT GC_CLIENT_CONFIG_PORT // Client port number
#define CLIENT_NOTIFY_PORT GC_CLIENT_NOTIFY_PORT // Client notification port number
#define CLIENT_WAIT_CN_READY_TIMEOUT (10 * 1000) // Standby time to start the client notification service
// Check whether the client can run on the specified OS_TYPE
#define IS_CLIENT_SUPPORTED_OS(t) \
((OS_IS_WINDOWS_NT(t) && GET_KETA(t, 100) >= 2) || (OS_IS_WINDOWS_9X(t)))
// Constants
#define CLIENT_CONFIG_FILE_NAME "@vpn_client.config"
#define CLIENT_DEFAULT_KEEPALIVE_HOST "keepalive.softether.org"
#define CLIENT_DEFAULT_KEEPALIVE_PORT 80
#define CLIENT_DEFAULT_KEEPALIVE_INTERVAL KEEP_INTERVAL_DEFAULT
#define CLIENT_RPC_MODE_NOTIFY 0
#define CLIENT_RPC_MODE_MANAGEMENT 1
#define CLIENT_RPC_MODE_SHORTCUT 2
#define CLIENT_RPC_MODE_SHORTCUT_DISCONNECT 3
#define CLIENT_MACOS_TAP_NAME "tap0"
#define CLIENT_SAVER_INTERVAL (30 * 1000)
#define CLIENT_NOTIFY_SERVICE_INSTANCENAME GC_SW_SOFTETHER_PREFIX "vpnclient_uihelper"
#define CLIENT_WIN32_EXE_FILENAME "vpnclient.exe"
#define CLIENT_WIN32_EXE_FILENAME_X64 "vpnclient_x64.exe"
#define CLIENT_WIN32_EXE_FILENAME_IA64 "vpnclient_ia64.exe"
#define CLIENT_CUSTOM_INI_FILENAME "@custom.ini"
#define CLIENT_GLOBAL_PULSE_NAME "clientglobalpulse"
// List of virtual LAN cards in UNIX
struct UNIX_VLAN
{
bool Enabled; // Enable flag
char Name[MAX_SIZE]; // Name
UCHAR MacAddress[6]; // MAC address
UCHAR Padding[2];
};
// Account
struct ACCOUNT
{
// Static data
CLIENT_OPTION *ClientOption; // Client Option
CLIENT_AUTH *ClientAuth; // Client authentication data
bool CheckServerCert; // Check the server certificate
X *ServerCert; // Server certificate
bool StartupAccount; // Start-up account
UCHAR ShortcutKey[SHA1_SIZE]; // Key
UINT64 CreateDateTime; // Creation date and time
UINT64 UpdateDateTime; // Updating date
UINT64 LastConnectDateTime; // Last connection date and time
// Dynamic data
LOCK *lock; // Lock
SESSION *ClientSession; // Client session
CLIENT_STATUS_PRINTER *StatusPrinter; // Status indicator
SOCK *StatusWindow; // Status window
};
// Client Settings
struct CLIENT_CONFIG
{
bool AllowRemoteConfig; // Allow the remote configuration
bool UseKeepConnect; // Keep connected to the Internet
char KeepConnectHost[MAX_HOST_NAME_LEN + 1]; // Host name
UINT KeepConnectPort; // Port number
UINT KeepConnectProtocol; // Protocol
UINT KeepConnectInterval; // Interval
bool NoChangeWcmNetworkSettingOnWindows8; // Don't change the WCM network settings on Windows 8
};
// Version acquisition
struct RPC_CLIENT_VERSION
{
char ClientProductName[128]; // Client product name
char ClientVersionString[128]; // Client version string
char ClientBuildInfoString[128]; // Build client information string
UINT ClientVerInt; // Client version integer value
UINT ClientBuildInt; // Client build number integer value
UINT ProcessId; // Process ID
UINT OsType; // OS type
bool IsVLanNameRegulated; // Whether a virtual LAN card name must be "VLAN" + number
bool IsVgcSupported; // Whether the VPN Gate Client is supported
bool ShowVgcLink; // Display a VPN Gate Client link
char ClientId[128]; // Client OD
};
// Password Setting
struct RPC_CLIENT_PASSWORD
{
char Password[MAX_PASSWORD_LEN + 1]; // Password
bool PasswordRemoteOnly; // The password is required only remote access
};
// Get the password setting
struct RPC_CLIENT_PASSWORD_SETTING
{
bool IsPasswordPresented; // Password exists
bool PasswordRemoteOnly; // The password is required only remote access
};
// Certificate enumeration item
struct RPC_CLIENT_ENUM_CA_ITEM
{
UINT Key; // Certificate key
wchar_t SubjectName[MAX_SIZE]; // Issued to
wchar_t IssuerName[MAX_SIZE]; // Issuer
UINT64 Expires; // Expiration date
};
// Certificate enumeration
struct RPC_CLIENT_ENUM_CA
{
UINT NumItem; // Number of items
RPC_CLIENT_ENUM_CA_ITEM **Items; // Item
};
// Certificate item
struct RPC_CERT
{
X *x; // Certificate
};
// Delete the certificate
struct RPC_CLIENT_DELETE_CA
{
UINT Key; // Certificate key
};
// Get the certificate
struct RPC_GET_CA
{
UINT Key; // Certificate key
X *x; // Certificate
};
// Get the issuer
struct RPC_GET_ISSUER
{
X *x; // Certificate
X *issuer_x; // Issuer
};
// Secure device enumeration item
struct RPC_CLIENT_ENUM_SECURE_ITEM
{
UINT DeviceId; // Device ID
UINT Type; // Type
char DeviceName[MAX_SIZE]; // Device name
char Manufacturer[MAX_SIZE]; // Manufacturer
};
// Enumeration of secure devices
struct RPC_CLIENT_ENUM_SECURE
{
UINT NumItem; // Number of items
RPC_CLIENT_ENUM_SECURE_ITEM **Items; // Item
};
// Specify a secure device
struct RPC_USE_SECURE
{
UINT DeviceId; // Device ID
};
// Enumerate objects in the secure device
struct RPC_ENUM_OBJECT_IN_SECURE
{
UINT hWnd; // Window handle
UINT NumItem; // Number of items
char **ItemName; // Item name
bool *ItemType; // Type (true = secret key, false = public key)
};
// Create a virtual LAN
struct RPC_CLIENT_CREATE_VLAN
{
char DeviceName[MAX_SIZE]; // Device name
};
// Get a Virtual LAN information
struct RPC_CLIENT_GET_VLAN
{
char DeviceName[MAX_SIZE]; // Device name
bool Enabled; // Flag of whether it works or not
char MacAddress[MAX_SIZE]; // MAC address
char Version[MAX_SIZE]; // Version
char FileName[MAX_SIZE]; // Driver file name
char Guid[MAX_SIZE]; // GUID
};
// Set the virtual LAN information
struct RPC_CLIENT_SET_VLAN
{
char DeviceName[MAX_SIZE]; // Device name
char MacAddress[MAX_SIZE]; // MAC address
};
// Virtual LAN enumeration item
struct RPC_CLIENT_ENUM_VLAN_ITEM
{
char DeviceName[MAX_SIZE]; // Device name
bool Enabled; // Operation flag
char MacAddress[MAX_SIZE]; // MAC address
char Version[MAX_SIZE]; // Version
};
// Enumerate the virtual LANs
struct RPC_CLIENT_ENUM_VLAN
{
UINT NumItem; // Item count
RPC_CLIENT_ENUM_VLAN_ITEM **Items; // Item
};
// Create an account
struct RPC_CLIENT_CREATE_ACCOUNT
{
CLIENT_OPTION *ClientOption; // Client Option
CLIENT_AUTH *ClientAuth; // Client authentication data
bool StartupAccount; // Startup account
bool CheckServerCert; // Checking of the server certificate
X *ServerCert; // Server certificate
UCHAR ShortcutKey[SHA1_SIZE]; // Shortcut Key
};
// Enumeration item of account
struct RPC_CLIENT_ENUM_ACCOUNT_ITEM
{
wchar_t AccountName[MAX_ACCOUNT_NAME_LEN + 1]; // Account name
char UserName[MAX_USERNAME_LEN + 1]; // User name
char ServerName[MAX_HOST_NAME_LEN + 1]; // Server name
char DeviceName[MAX_DEVICE_NAME_LEN + 1]; // Device name
UINT ProxyType; // Type of proxy connection
char ProxyName[MAX_HOST_NAME_LEN + 1]; // Host name
bool Active; // Operation flag
bool Connected; // Connection completion flag
bool StartupAccount; // Startup account
UINT Port; // Port number (Ver 3.0 or later)
char HubName[MAX_HUBNAME_LEN + 1]; // Virtual HUB name (Ver 3.0 or later)
UINT64 CreateDateTime; // Creation date and time (Ver 3.0 or later)
UINT64 UpdateDateTime; // Modified date (Ver 3.0 or later)
UINT64 LastConnectDateTime; // Last connection date and time (Ver 3.0 or later)
UINT tmp1; // Temporary data
};
// Enumeration of accounts
struct RPC_CLIENT_ENUM_ACCOUNT
{
UINT NumItem; // Item count
RPC_CLIENT_ENUM_ACCOUNT_ITEM **Items; // Items
};
// Delete the Account
struct RPC_CLIENT_DELETE_ACCOUNT
{
wchar_t AccountName[MAX_ACCOUNT_NAME_LEN + 1]; // Account name
};
// Change the account name
struct RPC_RENAME_ACCOUNT
{
wchar_t OldName[MAX_ACCOUNT_NAME_LEN + 1]; // Old name
wchar_t NewName[MAX_ACCOUNT_NAME_LEN + 1]; // New Name
};
// Get the account
struct RPC_CLIENT_GET_ACCOUNT
{
wchar_t AccountName[MAX_ACCOUNT_NAME_LEN + 1]; // Account name
CLIENT_OPTION *ClientOption; // Client Option
CLIENT_AUTH *ClientAuth; // Client authentication data
bool StartupAccount; // Startup account
bool CheckServerCert; // Check the server certificate
X *ServerCert; // Server certificate
UCHAR ShortcutKey[SHA1_SIZE]; // Shortcut Key
UINT64 CreateDateTime; // Creation date and time (Ver 3.0 or later)
UINT64 UpdateDateTime; // Modified date (Ver 3.0 or later)
UINT64 LastConnectDateTime; // Last connection date and time (Ver 3.0 or later)
};
// Connection
struct RPC_CLIENT_CONNECT
{
wchar_t AccountName[MAX_ACCOUNT_NAME_LEN + 1]; // Account name
};
// Get the Connection status
struct RPC_CLIENT_GET_CONNECTION_STATUS
{
wchar_t AccountName[MAX_ACCOUNT_NAME_LEN + 1]; // Account name
bool Active; // Operation flag
bool Connected; // Connected flag
UINT SessionStatus; // Session status
char ServerName[MAX_HOST_NAME_LEN + 1]; // Server name
UINT ServerPort; // Port number of the server
char ServerProductName[MAX_SIZE]; // Server product name
UINT ServerProductVer; // Server product version
UINT ServerProductBuild; // Server product build number
X *ServerX; // Server certificate
X *ClientX; // Client certificate
UINT64 StartTime; // Connection start time
UINT64 FirstConnectionEstablisiedTime; // Connection completion time of the first connection
UINT64 CurrentConnectionEstablishTime; // Connection completion time of this connection
UINT NumConnectionsEatablished; // Number of connections have been established so far
bool HalfConnection; // Half-connection
bool QoS; // VoIP / QoS
UINT MaxTcpConnections; // Maximum number of the TCP connections
UINT NumTcpConnections; // Number of current TCP connections
UINT NumTcpConnectionsUpload; // Number of inbound connections
UINT NumTcpConnectionsDownload; // Number of outbound connections
bool UseEncrypt; // Use of encryption
char CipherName[32]; // Cipher algorithm name
char ProtocolName[64]; // Protocol name
bool UseCompress; // Use of compression
bool IsRUDPSession; // R-UDP session
char UnderlayProtocol[64]; // Physical communication protocol
bool IsUdpAccelerationEnabled; // The UDP acceleration is enabled
bool IsUsingUdpAcceleration; // Using the UDP acceleration function
char SessionName[MAX_SESSION_NAME_LEN + 1]; // Session name
char ConnectionName[MAX_CONNECTION_NAME_LEN + 1]; // Connection name
UCHAR SessionKey[SHA1_SIZE]; // Session key
POLICY Policy; // Policy
UINT64 TotalSendSize; // Total transmitted data size
UINT64 TotalRecvSize; // Total received data size
UINT64 TotalSendSizeReal; // Total transmitted data size (no compression)
UINT64 TotalRecvSizeReal; // Total received data size (no compression)
TRAFFIC Traffic; // Traffic data
bool IsBridgeMode; // Bridge Mode
bool IsMonitorMode; // Monitor mode
UINT VLanId; // VLAN ID
};
// RPC connection
struct CLIENT_RPC_CONNECTION
{
struct CLIENT *Client; // Client
bool RpcMode; // True: RPC mode, false: notification mode
THREAD *Thread; // Processing thread
SOCK *Sock; // Socket
};
// Client object
struct CLIENT
{
LOCK *lock; // Lock
LOCK *lockForConnect; // Lock to be used in the CtConnect
REF *ref; // Reference counter
CEDAR *Cedar; // Cedar
volatile bool Halt; // Halting flag
UINT Err; // Error code
CFG_RW *CfgRw; // Configuration file R/W
LIST *AccountList; // Account list
UCHAR EncryptedPassword[SHA1_SIZE]; // Password
bool PasswordRemoteOnly; // Password is required only remote access
UINT UseSecureDeviceId; // Secure device ID to be used
CLIENT_CONFIG Config; // Client Settings
LIST *RpcConnectionList; // RPC connection list
SOCK *RpcListener; // RPC listener
THREAD *RpcThread; // RPC thread
LOCK *HelperLock; // Auxiliary lock
THREAD *SaverThread; // Saver thread
EVENT *SaverHalter; // The event to stop the Saver thread
LIST *NotifyCancelList; // Notification event list
KEEP *Keep; // Keep Connection
LIST *UnixVLanList; // List of virtual LAN cards in UNIX
LOG *Logger; // Logger
bool DontSavePassword; // Flag for not to save the password
ERASER *Eraser; // Eraser
SOCKLIST *SockList; // Socket list
CM_SETTING *CmSetting; // CM configuration
void *GlobalPulse; // Global pulse
THREAD *PulseRecvThread; // Pulse reception thread
volatile bool HaltPulseThread; // Stop flag for the pulse reception thread
bool NoSaveLog; // Do not save the log
bool NoSaveConfig; // Do not save the settings
INTERNET_SETTING CommonProxySetting; // Common proxy settings
};
// Notification to the remote client
struct RPC_CLIENT_NOTIFY
{
UINT NotifyCode; // Code
};
// Type of notification
#define CLIENT_NOTIFY_ACCOUNT_CHANGED 1 // Account change notification
#define CLIENT_NOTIFY_VLAN_CHANGED 2 // Virtual LAN card change notification
// Remote client
struct REMOTE_CLIENT
{
RPC *Rpc;
UINT OsType;
bool Unix;
bool Win9x;
UINT ProcessId;
UINT ClientBuildInt;
bool IsVgcSupported;
bool ShowVgcLink;
char ClientId[128];
};
// Notification client
struct NOTIFY_CLIENT
{
SOCK *Sock;
};
// CM configuration
struct CM_SETTING
{
bool EasyMode; // Simple mode
bool LockMode; // Setting lock mode
UCHAR HashedPassword[SHA1_SIZE]; // Password
};
// Function prototype
REMOTE_CLIENT *CcConnectRpc(char *server_name, char *password, bool *bad_pass, bool *no_remote, UINT wait_retry);
REMOTE_CLIENT *CcConnectRpcEx(char *server_name, char *password, bool *bad_pass, bool *no_remote, UCHAR *key, UINT *key_error_code, bool shortcut_disconnect, UINT wait_retry);
UINT CcShortcut(UCHAR *key);
UINT CcShortcutDisconnect(UCHAR *key);
void CcDisconnectRpc(REMOTE_CLIENT *rc);
NOTIFY_CLIENT *CcConnectNotify(REMOTE_CLIENT *rc);
void CcDisconnectNotify(NOTIFY_CLIENT *n);
void CcStopNotify(NOTIFY_CLIENT *n);
bool CcWaitNotify(NOTIFY_CLIENT *n);
UINT CcGetClientVersion(REMOTE_CLIENT *r, RPC_CLIENT_VERSION *a);
UINT CcSetCmSetting(REMOTE_CLIENT *r, CM_SETTING *a);
UINT CcGetCmSetting(REMOTE_CLIENT *r, CM_SETTING *a);
UINT CcSetPassword(REMOTE_CLIENT *r, RPC_CLIENT_PASSWORD *pass);
UINT CcGetPasswordSetting(REMOTE_CLIENT *r, RPC_CLIENT_PASSWORD_SETTING *a);
UINT CcEnumCa(REMOTE_CLIENT *r, RPC_CLIENT_ENUM_CA *e);
UINT CcAddCa(REMOTE_CLIENT *r, RPC_CERT *cert);
UINT CcDeleteCa(REMOTE_CLIENT *r, RPC_CLIENT_DELETE_CA *p);
UINT CcGetCa(REMOTE_CLIENT *r, RPC_GET_CA *get);
UINT CcEnumSecure(REMOTE_CLIENT *r, RPC_CLIENT_ENUM_SECURE *e);
UINT CcUseSecure(REMOTE_CLIENT *r, RPC_USE_SECURE *sec);
UINT CcGetUseSecure(REMOTE_CLIENT *r, RPC_USE_SECURE *sec);
UINT CcEnumObjectInSecure(REMOTE_CLIENT *r, RPC_ENUM_OBJECT_IN_SECURE *e);
UINT CcCreateVLan(REMOTE_CLIENT *r, RPC_CLIENT_CREATE_VLAN *create);
UINT CcUpgradeVLan(REMOTE_CLIENT *r, RPC_CLIENT_CREATE_VLAN *create);
UINT CcGetVLan(REMOTE_CLIENT *r, RPC_CLIENT_GET_VLAN *get);
UINT CcSetVLan(REMOTE_CLIENT *r, RPC_CLIENT_SET_VLAN *set);
UINT CcEnumVLan(REMOTE_CLIENT *r, RPC_CLIENT_ENUM_VLAN *e);
UINT CcDeleteVLan(REMOTE_CLIENT *r, RPC_CLIENT_CREATE_VLAN *d);
UINT CcEnableVLan(REMOTE_CLIENT *r, RPC_CLIENT_CREATE_VLAN *vlan);
UINT CcDisableVLan(REMOTE_CLIENT *r, RPC_CLIENT_CREATE_VLAN *vlan);
UINT CcCreateAccount(REMOTE_CLIENT *r, RPC_CLIENT_CREATE_ACCOUNT *a);
UINT CcEnumAccount(REMOTE_CLIENT *r, RPC_CLIENT_ENUM_ACCOUNT *e);
UINT CcDeleteAccount(REMOTE_CLIENT *r, RPC_CLIENT_DELETE_ACCOUNT *a);
UINT CcSetAccount(REMOTE_CLIENT *r, RPC_CLIENT_CREATE_ACCOUNT *a);
UINT CcGetAccount(REMOTE_CLIENT *r, RPC_CLIENT_GET_ACCOUNT *a);
UINT CcRenameAccount(REMOTE_CLIENT *r, RPC_RENAME_ACCOUNT *rename);
UINT CcSetClientConfig(REMOTE_CLIENT *r, CLIENT_CONFIG *o);
UINT CcGetClientConfig(REMOTE_CLIENT *r, CLIENT_CONFIG *o);
UINT CcConnect(REMOTE_CLIENT *r, RPC_CLIENT_CONNECT *connect);
UINT CcDisconnect(REMOTE_CLIENT *r, RPC_CLIENT_CONNECT *connect);
UINT CcGetAccountStatus(REMOTE_CLIENT *r, RPC_CLIENT_GET_CONNECTION_STATUS *st);
UINT CcSetStartupAccount(REMOTE_CLIENT *r, RPC_CLIENT_DELETE_ACCOUNT *a);
UINT CcRemoveStartupAccount(REMOTE_CLIENT *r, RPC_CLIENT_DELETE_ACCOUNT *a);
UINT CcGetIssuer(REMOTE_CLIENT *r, RPC_GET_ISSUER *a);
UINT CcGetCommonProxySetting(REMOTE_CLIENT *r, INTERNET_SETTING *a);
UINT CcSetCommonProxySetting(REMOTE_CLIENT *r, INTERNET_SETTING *a);
void CcSetServiceToForegroundProcess(REMOTE_CLIENT *r);
char *CiGetFirstVLan(CLIENT *c);
void CiNormalizeAccountVLan(CLIENT *c);
bool CompareInternetSetting(INTERNET_SETTING *s1, INTERNET_SETTING *s2);
void CnStart();
void CnListenerProc(THREAD *thread, void *param);
void CnReleaseSocket(SOCK *s, PACK *p);
void CnStatusPrinter(SOCK *s, PACK *p);
void Win32CnStatusPrinter(SOCK *s, PACK *p);
void CnConnectErrorDlg(SOCK *s, PACK *p);
void Win32CnConnectErrorDlg(SOCK *s, PACK *p);
void Win32CnConnectErrorDlgThreadProc(THREAD *thread, void *param);
void CnPasswordDlg(SOCK *s, PACK *p);
void Win32CnPasswordDlg(SOCK *s, PACK *p);
void Win32CnPasswordDlgThreadProc(THREAD *thread, void *param);
void CnMsgDlg(SOCK *s, PACK *p);
void Win32CnMsgDlg(SOCK *s, PACK *p);
void Win32CnMsgDlgThreadProc(THREAD *thread, void *param);
void CnNicInfo(SOCK *s, PACK *p);
void Win32CnNicInfo(SOCK *s, PACK *p);
void Win32CnNicInfoThreadProc(THREAD *thread, void *param);
void CnCheckCert(SOCK *s, PACK *p);
void Win32CnCheckCert(SOCK *s, PACK *p);
void Win32CnCheckCertThreadProc(THREAD *thread, void *param);
void CnExecDriverInstaller(SOCK *s, PACK *p);
void Win32CnExecDriverInstaller(SOCK *s, PACK *p);
bool CnCheckAlreadyExists(bool lock);
bool CnIsCnServiceReady();
void CnWaitForCnServiceReady();
void CnSecureSign(SOCK *s, PACK *p);
SOCK *CncConnect();
SOCK *CncConnectEx(UINT timeout);
void CncReleaseSocket();
void CncExit();
UINT CncGetSessionId();
bool CncExecDriverInstaller(char *arg);
SOCK *CncStatusPrinterWindowStart(SESSION *s);
void CncStatusPrinterWindowPrint(SOCK *s, wchar_t *str);
void CncStatusPrinterWindowStop(SOCK *s);
void CncStatusPrinterWindowThreadProc(THREAD *thread, void *param);
bool CncConnectErrorDlg(SESSION *session, UI_CONNECTERROR_DLG *dlg);
void CncConnectErrorDlgHaltThread(THREAD *thread, void *param);
bool CncPasswordDlg(SESSION *session, UI_PASSWORD_DLG *dlg);
void CncPasswordDlgHaltThread(THREAD *thread, void *param);
void CncCheckCert(SESSION *session, UI_CHECKCERT *dlg);
void CncCheckCertHaltThread(THREAD *thread, void *param);
bool CncSecureSignDlg(SECURE_SIGN *sign);
SOCK *CncMsgDlg(UI_MSG_DLG *dlg);
void CndMsgDlgFree(SOCK *s);
SOCK *CncNicInfo(UI_NICINFO *info);
void CncNicInfoFree(SOCK *s);
void CtStartClient();
void CtStopClient();
CLIENT *CtGetClient();
void CtReleaseClient(CLIENT *c);
bool CtGetClientVersion(CLIENT *c, RPC_CLIENT_VERSION *ver);
bool CtGetCmSetting(CLIENT *c, CM_SETTING *s);
bool CtSetCmSetting(CLIENT *c, CM_SETTING *s);
bool CtSetPassword(CLIENT *c, RPC_CLIENT_PASSWORD *pass);
bool CtGetPasswordSetting(CLIENT *c, RPC_CLIENT_PASSWORD_SETTING *a);
bool CtEnumCa(CLIENT *c, RPC_CLIENT_ENUM_CA *e);
bool CtAddCa(CLIENT *c, RPC_CERT *cert);
bool CtDeleteCa(CLIENT *c, RPC_CLIENT_DELETE_CA *p);
bool CtGetCa(CLIENT *c, RPC_GET_CA *get);
bool CtEnumSecure(CLIENT *c, RPC_CLIENT_ENUM_SECURE *e);
bool CtUseSecure(CLIENT *c, RPC_USE_SECURE *sec);
bool CtGetUseSecure(CLIENT *c, RPC_USE_SECURE *sec);
bool CtEnumObjectInSecure(CLIENT *c, RPC_ENUM_OBJECT_IN_SECURE *e);
bool CtCreateVLan(CLIENT *c, RPC_CLIENT_CREATE_VLAN *create);
bool CtUpgradeVLan(CLIENT *c, RPC_CLIENT_CREATE_VLAN *create);
bool CtGetVLan(CLIENT *c, RPC_CLIENT_GET_VLAN *get);
bool CtSetVLan(CLIENT *c, RPC_CLIENT_SET_VLAN *set);
bool CtEnumVLan(CLIENT *c, RPC_CLIENT_ENUM_VLAN *e);
bool CtDeleteVLan(CLIENT *c, RPC_CLIENT_CREATE_VLAN *d);
bool CtEnableVLan(CLIENT *c, RPC_CLIENT_CREATE_VLAN *vlan);
bool CtDisableVLan(CLIENT *c, RPC_CLIENT_CREATE_VLAN *vlan);
bool CtCreateAccount(CLIENT *c, RPC_CLIENT_CREATE_ACCOUNT *a, bool inner);
bool CtEnumAccount(CLIENT *c, RPC_CLIENT_ENUM_ACCOUNT *e);
bool CtDeleteAccount(CLIENT *c, RPC_CLIENT_DELETE_ACCOUNT *a, bool inner);
bool CtSetAccount(CLIENT *c, RPC_CLIENT_CREATE_ACCOUNT *a, bool inner);
bool CtGetAccount(CLIENT *c, RPC_CLIENT_GET_ACCOUNT *a);
bool CtRenameAccount(CLIENT *c, RPC_RENAME_ACCOUNT *rename, bool inner);
bool CtSetClientConfig(CLIENT *c, CLIENT_CONFIG *o);
bool CtGetClientConfig(CLIENT *c, CLIENT_CONFIG *o);
bool CtConnect(CLIENT *c, RPC_CLIENT_CONNECT *connect);
bool CtDisconnect(CLIENT *c, RPC_CLIENT_CONNECT *connect, bool inner);
bool CtGetAccountStatus(CLIENT *c, RPC_CLIENT_GET_CONNECTION_STATUS *st);
bool CtSetStartupAccount(CLIENT *c, RPC_CLIENT_DELETE_ACCOUNT *a, bool inner);
bool CtRemoveStartupAccount(CLIENT *c, RPC_CLIENT_DELETE_ACCOUNT *a);
bool CtGetIssuer(CLIENT *c, RPC_GET_ISSUER *a);
bool CtGetCommonProxySetting(CLIENT *c, INTERNET_SETTING *a);
bool CtSetCommonProxySetting(CLIENT *c, INTERNET_SETTING *a);
// Internal function prototype
void CiSendGlobalPulse(CLIENT *c);
void CiPulseRecvThread(THREAD *thread, void *param);
char *CiGetVpnClientExeFileName();
void CiServerThread(THREAD *t, void *param);
void CiInitSaver(CLIENT *c);
void CiFreeSaver(CLIENT *c);
void CiGetSessionStatus(RPC_CLIENT_GET_CONNECTION_STATUS *st, SESSION *s);
PACK *CiRpcDispatch(RPC *rpc, char *name, PACK *p);
void CiRpcAccepted(CLIENT *c, SOCK *s);
void CiNotifyMain(CLIENT *c, SOCK *s);
void CiRpcAcceptThread(THREAD *thread, void *param);
void CiRpcServerThread(THREAD *thread, void *param);
void CiStartRpcServer(CLIENT *c);
void CiStopRpcServer(CLIENT *c);
CLIENT_OPTION *CiLoadClientOption(FOLDER *f);
CLIENT_AUTH *CiLoadClientAuth(FOLDER *f);
ACCOUNT *CiLoadClientAccount(FOLDER *f);
void CiLoadClientConfig(CLIENT_CONFIG *c, FOLDER *f);
void CiLoadAccountDatabase(CLIENT *c, FOLDER *f);
void CiLoadCAList(CLIENT *c, FOLDER *f);
void CiLoadCACert(CLIENT *c, FOLDER *f);
void CiLoadVLanList(CLIENT *c, FOLDER *f);
void CiLoadVLan(CLIENT *c, FOLDER *f);
bool CiReadSettingFromCfg(CLIENT *c, FOLDER *root);
void CiWriteAccountDatabase(CLIENT *c, FOLDER *f);
void CiWriteAccountData(FOLDER *f, ACCOUNT *a);
void CiWriteClientOption(FOLDER *f, CLIENT_OPTION *o);
void CiWriteClientAuth(FOLDER *f, CLIENT_AUTH *a);
void CiWriteClientConfig(FOLDER *cc, CLIENT_CONFIG *config);
void CiWriteSettingToCfg(CLIENT *c, FOLDER *root);
void CiWriteCAList(CLIENT *c, FOLDER *f);
void CiWriteCACert(CLIENT *c, FOLDER *f, X *x);
void CiWriteVLanList(CLIENT *c, FOLDER *f);
void CiWriteVLan(CLIENT *c, FOLDER *f, UNIX_VLAN *v);
void CiFreeClientGetConnectionStatus(RPC_CLIENT_GET_CONNECTION_STATUS *st);
bool CiCheckCertProc(SESSION *s, CONNECTION *c, X *server_x, bool *expired);
bool CiSecureSignProc(SESSION *s, CONNECTION *c, SECURE_SIGN *sign);
bool Win32CiSecureSign(SECURE_SIGN *sign);
void CiFreeClientAuth(CLIENT_AUTH *auth);
void CiFreeClientCreateAccount(RPC_CLIENT_CREATE_ACCOUNT *a);
void CiFreeClientGetAccount(RPC_CLIENT_GET_ACCOUNT *a);
void CiFreeClientEnumVLan(RPC_CLIENT_ENUM_VLAN *e);
void CiFreeClientEnumSecure(RPC_CLIENT_ENUM_SECURE *e);
void CiFreeClientEnumCa(RPC_CLIENT_ENUM_CA *e);
void CiFreeEnumObjectInSecure(RPC_ENUM_OBJECT_IN_SECURE *a);
void CiFreeGetCa(RPC_GET_CA *a);
void CiFreeGetIssuer(RPC_GET_ISSUER *a);
void CiFreeClientEnumAccount(RPC_CLIENT_ENUM_ACCOUNT *a);
void CiSetError(CLIENT *c, UINT err);
void CiCheckOs();
CLIENT *CiNewClient();
void CiCleanupClient(CLIENT *c);
bool CiLoadConfigurationFile(CLIENT *c);
void CiSaveConfigurationFile(CLIENT *c);
void CiInitConfiguration(CLIENT *c);
void CiSetVLanToDefault(CLIENT *c);
bool CiIsVLan(CLIENT *c, char *name);
void CiFreeConfiguration(CLIENT *c);
int CiCompareAccount(void *p1, void *p2);
void CiFreeAccount(ACCOUNT *a);
void CiNotify(CLIENT *c);
void CiNotifyInternal(CLIENT *c);
void CiClientStatusPrinter(SESSION *s, wchar_t *status);
void CiInitKeep(CLIENT *c);
void CiFreeKeep(CLIENT *c);
int CiCompareUnixVLan(void *p1, void *p2);
BUF *CiAccountToCfg(RPC_CLIENT_CREATE_ACCOUNT *t);
RPC_CLIENT_CREATE_ACCOUNT *CiCfgToAccount(BUF *b);
void CiChangeAllVLanMacAddressIfCleared(CLIENT *c);
void CiChangeAllVLanMacAddress(CLIENT *c);
void CiChangeAllVLanMacAddressIfMachineChanged(CLIENT *c);
bool CiReadLastMachineHash(void *data);
bool CiWriteLastMachineHash(void *data);
void CiGetCurrentMachineHash(void *data);
void CiGetCurrentMachineHashOld(void *data);
void CiGetCurrentMachineHashNew(void *data);
LIST *CiLoadIni();
void CiFreeIni(LIST *o);
void CiLoadIniSettings(CLIENT *c);
bool CiLoadConfigFilePathFromIni(char *path, UINT size);
int CiCompareClientAccountEnumItemByLastConnectDateTime(void *p1, void *p2);
bool CiIsValidVLanRegulatedName(char *name);
void CiGenerateVLanRegulatedName(char *name, UINT size, UINT i);
bool CiGetNextRecommendedVLanName(REMOTE_CLIENT *r, char *name, UINT size);
void CiDisableWcmNetworkMinimize(CLIENT *c);
bool CiTryToParseAccount(BUF *b);
bool CiTryToParseAccountFile(wchar_t *name);
bool CiEraseSensitiveInAccount(BUF *b);
bool CiHasAccountSensitiveInformation(BUF *b);
bool CiHasAccountSensitiveInformationFile(wchar_t *name);
void CiApplyInnerVPNServerConfig(CLIENT *c);
SERVER *CiNewInnerVPNServer(CLIENT *c);
void CiFreeInnerVPNServer(CLIENT *c, SERVER *s);
void CiIncrementNumActiveSessions();
void CiDecrementNumActiveSessions();
UINT CiGetNumActiveSessions();
BUF *EncryptPassword(char *password);
BUF *EncryptPassword2(char *password);
char *DecryptPassword(BUF *b);
char *DecryptPassword2(BUF *b);
void InRpcGetIssuer(RPC_GET_ISSUER *c, PACK *p);
void OutRpcGetIssuer(PACK *p, RPC_GET_ISSUER *c);
void InRpcClientVersion(RPC_CLIENT_VERSION *ver, PACK *p);
void OutRpcClientVersion(PACK *p, RPC_CLIENT_VERSION *ver);
void InRpcClientPassword(RPC_CLIENT_PASSWORD *pw, PACK *p);
void OutRpcClientPassword(PACK *p, RPC_CLIENT_PASSWORD *pw);
void InRpcClientEnumCa(RPC_CLIENT_ENUM_CA *e, PACK *p);
void OutRpcClientEnumCa(PACK *p, RPC_CLIENT_ENUM_CA *e);
void InRpcCert(RPC_CERT *c, PACK *p);
void OutRpcCert(PACK *p, RPC_CERT *c);
void InRpcClientDeleteCa(RPC_CLIENT_DELETE_CA *c, PACK *p);
void OutRpcClientDeleteCa(PACK *p, RPC_CLIENT_DELETE_CA *c);
void InRpcGetCa(RPC_GET_CA *c, PACK *p);
void OutRpcGetCa(PACK *p, RPC_GET_CA *c);
void InRpcClientEnumSecure(RPC_CLIENT_ENUM_SECURE *e, PACK *p);
void OutRpcClientEnumSecure(PACK *p, RPC_CLIENT_ENUM_SECURE *e);
void InRpcUseSecure(RPC_USE_SECURE *u, PACK *p);
void OutRpcUseSecure(PACK *p, RPC_USE_SECURE *u);
void InRpcEnumObjectInSecure(RPC_ENUM_OBJECT_IN_SECURE *e, PACK *p);
void OutRpcEnumObjectInSecure(PACK *p, RPC_ENUM_OBJECT_IN_SECURE *e);
void InRpcCreateVLan(RPC_CLIENT_CREATE_VLAN *v, PACK *p);
void OutRpcCreateVLan(PACK *p, RPC_CLIENT_CREATE_VLAN *v);
void InRpcClientGetVLan(RPC_CLIENT_GET_VLAN *v, PACK *p);
void OutRpcClientGetVLan(PACK *p, RPC_CLIENT_GET_VLAN *v);
void InRpcClientSetVLan(RPC_CLIENT_SET_VLAN *v, PACK *p);
void OutRpcClientSetVLan(PACK *p, RPC_CLIENT_SET_VLAN *v);
void InRpcClientEnumVLan(RPC_CLIENT_ENUM_VLAN *v, PACK *p);
void OutRpcClientEnumVLan(PACK *p, RPC_CLIENT_ENUM_VLAN *v);
void InRpcClientOption(CLIENT_OPTION *c, PACK *p);
void OutRpcClientOption(PACK *p, CLIENT_OPTION *c);
void InRpcClientAuth(CLIENT_AUTH *c, PACK *p);
void OutRpcClientAuth(PACK *p, CLIENT_AUTH *c);
void InRpcClientCreateAccount(RPC_CLIENT_CREATE_ACCOUNT *c, PACK *p);
void OutRpcClientCreateAccount(PACK *p, RPC_CLIENT_CREATE_ACCOUNT *c);
void InRpcClientEnumAccount(RPC_CLIENT_ENUM_ACCOUNT *e, PACK *p);
void OutRpcClientEnumAccount(PACK *p, RPC_CLIENT_ENUM_ACCOUNT *e);
void InRpcClientDeleteAccount(RPC_CLIENT_DELETE_ACCOUNT *a, PACK *p);
void OutRpcClientDeleteAccount(PACK *p, RPC_CLIENT_DELETE_ACCOUNT *a);
void InRpcRenameAccount(RPC_RENAME_ACCOUNT *a, PACK *p);
void OutRpcRenameAccount(PACK *p, RPC_RENAME_ACCOUNT *a);
void InRpcClientGetAccount(RPC_CLIENT_GET_ACCOUNT *c, PACK *p);
void OutRpcClientGetAccount(PACK *p, RPC_CLIENT_GET_ACCOUNT *c);
void InRpcClientConnect(RPC_CLIENT_CONNECT *c, PACK *p);
void OutRpcClientConnect(PACK *p, RPC_CLIENT_CONNECT *c);
void InRpcPolicy(POLICY *o, PACK *p);
void OutRpcPolicy(PACK *p, POLICY *o);
void InRpcClientGetConnectionStatus(RPC_CLIENT_GET_CONNECTION_STATUS *s, PACK *p);
void OutRpcClientGetConnectionStatus(PACK *p, RPC_CLIENT_GET_CONNECTION_STATUS *c);
void InRpcClientNotify(RPC_CLIENT_NOTIFY *n, PACK *p);
void OutRpcClientNotify(PACK *p, RPC_CLIENT_NOTIFY *n);
void InRpcClientConfig(CLIENT_CONFIG *c, PACK *p);
void OutRpcClientConfig(PACK *p, CLIENT_CONFIG *c);
void InRpcClientPasswordSetting(RPC_CLIENT_PASSWORD_SETTING *a, PACK *p);
void OutRpcClientPasswordSetting(PACK *p, RPC_CLIENT_PASSWORD_SETTING *a);
void InRpcTraffic(TRAFFIC *t, PACK *p);
void OutRpcTraffic(PACK *p, TRAFFIC *t);
void InRpcTrafficEx(TRAFFIC *t, PACK *p, UINT i);
void OutRpcTrafficEx(TRAFFIC *t, PACK *p, UINT i, UINT num);
void OutRpcCmSetting(PACK *p, CM_SETTING *c);
void InRpcCmSetting(CM_SETTING *c, PACK *p);
#ifdef OS_WIN32
void CiInitDriverVerStruct(MS_DRIVER_VER *ver);
#endif // OS_EIN32
#endif // CLIENT_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Command.c
+23538
View File
File diff suppressed because it is too large Load Diff
src/Cedar/Command.h
+648
View File
@@ -0,0 +1,648 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Command.h
// Header of Command.c
#ifndef COMMAND_H
#define COMMAND_H
// Constants
#define TRAFFIC_DEFAULT_PORT 9821
#define TRAFFIC_NUMTCP_MAX 32
#define TRAFFIC_NUMTCP_DEFAULT 32
#define TRAFFIC_SPAN_DEFAULT 15
#define TRAFFIC_TYPE_DOWNLOAD 1
#define TRAFFIC_TYPE_UPLOAD 2
#define TRAFFIC_TYPE_FULL 0
#define TRAFFIC_BUF_SIZE 65535
#define TRAFFIC_VER_STR_SIZE 16
#define TRAFFIC_VER_STR "TrafficServer\r\n"
// Constants for Win32
#define VPNCMD_BOOTSTRAP_REG_KEYNAME "Software\\" GC_REG_COMPANY_NAME "\\VPN Command Line Utility"
#define VPNCMD_BOOTSTRAP_REG_VALUENAME_VER "InstalledVersion"
#define VPNCMD_BOOTSTRAP_REG_VALUENAME_PATH "InstalledPath"
#define VPNCMD_BOOTSTRAP_FILENAME "|vpncmdsys.exe"
#define VPNCMD_BOOTSTRAP_FILENAME_X64 "|vpncmdsys_x64.exe"
#define VPNCMD_BOOTSTRAP_FILENAME_IA64 "|vpncmdsys_ia64.exe"
// Traffic test results
struct TT_RESULT
{
bool Raw; // Whether raw data
bool Double; // Whether it is doubled
UINT64 NumBytesUpload; // Uploaded size
UINT64 NumBytesDownload; // Downloaded size
UINT64 NumBytesTotal; // Total size
UINT64 Span; // Period (in milliseconds)
UINT64 BpsUpload; // Upload throughput
UINT64 BpsDownload; // Download throughput
UINT64 BpsTotal; // Total throughput
};
// Text display function
typedef void (TT_PRINT_PROC)(void *param, wchar_t *str);
// Client side socket
struct TTC_SOCK
{
SOCK *Sock; // Socket
UINT State; // State
UINT64 NumBytes; // Transmitted bytes
bool Download; // Download socket
bool ServerUploadReportReceived; // Complete to receive the report of upload amount from the server
UINT64 NextSendRequestReportTick; // Time to request a next report
UINT Id;
bool HideErrMsg;
};
// Traffic test Client
struct TTC
{
TT_PRINT_PROC *Print; // Text display function
void *Param; // Any parameters
bool Double; // Double mode
bool Raw; // Raw data mode
UINT Port; // Port number
char Host[MAX_HOST_NAME_LEN + 1]; // Host name
UINT NumTcp; // Number of TCP connections
UINT Type; // Type
UINT64 Span; // Period
UINT64 RealSpan; // The actual span
THREAD *Thread; // Thread
volatile bool Halt; // Halting flag
bool *Cancel; // Halting flag 2
SOCK_EVENT *SockEvent; // Socket event
LIST *ItcSockList; // Client socket list
TT_RESULT Result; // Result
UINT ErrorCode; // Error code
bool AbnormalTerminated; // Abnormal termination
EVENT *StartEvent; // Start event
EVENT *InitedEvent; // Initialize completion notification event
};
// Server side socket
struct TTS_SOCK
{
SOCK *Sock; // Socket
UINT State; // State
UINT64 NumBytes; // Transmitted bytes
bool SockJoined; // Whether it has been added to the event
UINT Id; // ID
UINT64 LastWaitTick; // Retry waiting time to notify the size information to the client
UINT64 SessionId; // Session ID
bool NoMoreSendData; // Flag not to send more data
UINT64 FirstRecvTick; // Time which the data has been received last
UINT64 Span; // Period
};
// Traffic test server
struct TTS
{
TT_PRINT_PROC *Print; // Text display function
void *Param; // Any parameters
volatile bool Halt; // Halting flag
UINT Port; // Port number
THREAD *Thread; // Thread
THREAD *WorkThread; // Worker thread
THREAD *IPv6AcceptThread; // IPv6 Accept thread
SOCK *ListenSocket; // Socket to wait
SOCK *ListenSocketV6; // Socket to wait (IPv6)
UINT ErrorCode; // Error code
SOCK_EVENT *SockEvent; // Socket event
LIST *TtsSockList; // Server socket list
bool NewSocketArrived; // New socket has arrived
UINT IdSeed; // ID value
};
// VPN Tools context
struct PT
{
CONSOLE *Console; // Console
UINT LastError; // Last error
wchar_t *CmdLine; // Command line to execute
};
// Server management context
struct PS
{
bool ConsoleForServer; // Console for the server (always true)
CONSOLE *Console; // Console
RPC *Rpc; // RPC
char *ServerName; // Server name
UINT ServerPort; // Port number
char *HubName; // Virtual HUB name in the currently managed
UINT LastError; // Last error
char *AdminHub; // Virtual HUB to be managed by default
wchar_t *CmdLine; // Command line to execute
CAPSLIST *CapsList; // Caps list
};
// Client management context
struct PC
{
bool ConsoleForServer; // Console for the server (always false)
CONSOLE *Console; // Console
REMOTE_CLIENT *RemoteClient; // Remote client
char *ServerName; // Server name
UINT LastError; // Last error
wchar_t *CmdLine; // Command line
};
// A column of the table
struct CTC
{
wchar_t *String; // String
bool Right; // Right justification
};
// A row of the table
struct CTR
{
wchar_t **Strings; // String list
};
// Table for console
struct CT
{
LIST *Columns; // Column list
LIST *Rows; // Row list
};
UINT CommandMain(wchar_t *command_line);
UINT VpnCmdProc(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
bool ParseHostPort(char *src, char **host, UINT *port, UINT default_port);
bool ParseHostPortAtmark(char *src, char **host, UINT *port, UINT default_port);
CT *CtNew();
void CtFree(CT *ct, CONSOLE *c);
void CtFreeEx(CT *ct, CONSOLE *c, bool standard_view);
void CtInsertColumn(CT *ct, wchar_t *str, bool right);
CT *CtNewStandard();
CT *CtNewStandardEx();
void CtInsert(CT *ct, ...);
void CtPrint(CT *ct, CONSOLE *c);
void CtPrintStandard(CT *ct, CONSOLE *c);
void CtPrintRow(CONSOLE *c, UINT num, UINT *widths, wchar_t **strings, bool *rights, char separate_char);
void VpnCmdInitBootPath();
void OutRpcTtResult(PACK *p, TT_RESULT *t);
void InRpcTtResult(PACK *p, TT_RESULT *t);
void CmdPrintError(CONSOLE *c, UINT err);
void CmdPrintAbout(CONSOLE *c);
void CmdPrintRow(CONSOLE *c, wchar_t *title, wchar_t *tag, ...);
wchar_t *CmdPromptPort(CONSOLE *c, void *param);
wchar_t *CmdPromptChoosePassword(CONSOLE *c, void *param);
bool CmdEvalPort(CONSOLE *c, wchar_t *str, void *param);
void CmdInsertTrafficInfo(CT *ct, TRAFFIC *t);
wchar_t *GetHubTypeStr(UINT type);
wchar_t *GetServerTypeStr(UINT type);
char *CmdPasswordPrompt(CONSOLE *c);
bool CmdEvalIp(CONSOLE *c, wchar_t *str, void *param);
wchar_t *PsClusterSettingMemberPromptIp(CONSOLE *c, void *param);
bool CmdEvalHostAndPort(CONSOLE *c, wchar_t *str, void *param);
LIST *StrToPortList(char *str);
bool CmdEvalPortList(CONSOLE *c, wchar_t *str, void *param);
wchar_t *PsClusterSettingMemberPromptPorts(CONSOLE *c, void *param);
K *CmdLoadKey(CONSOLE *c, wchar_t *filename);
bool CmdLoadCertAndKey(CONSOLE *c, X **xx, K **kk, wchar_t *cert_filename, wchar_t *key_filename);
bool CmdEvalTcpOrUdp(CONSOLE *c, wchar_t *str, void *param);
wchar_t *GetConnectionTypeStr(UINT type);
bool CmdEvalHostAndSubnetMask4(CONSOLE *c, wchar_t *str, void *param);
bool CmdEvalNetworkAndSubnetMask4(CONSOLE *c, wchar_t *str, void *param);
bool CmdEvalNetworkAndSubnetMask6(CONSOLE *c, wchar_t *str, void *param);
bool CmdEvalNetworkAndSubnetMask46(CONSOLE *c, wchar_t *str, void *param);
bool CmdEvalIpAndMask4(CONSOLE *c, wchar_t *str, void *param);
bool CmdEvalIpAndMask6(CONSOLE *c, wchar_t *str, void *param);
bool CmdEvalIpAndMask46(CONSOLE *c, wchar_t *str, void *param);
wchar_t *GetLogSwitchStr(UINT i);
wchar_t *GetPacketLogNameStr(UINT i);
UINT StrToLogSwitchType(char *str);
UINT StrToPacketLogType(char *str);
UINT StrToPacketLogSaveInfoType(char *str);
wchar_t *GetProxyTypeStr(UINT i);
wchar_t *GetClientAuthTypeStr(UINT i);
void PrintPolicyList(CONSOLE *c, char *name);
void PrintPolicy(CONSOLE *c, POLICY *pol, bool cascade_mode);
bool EditPolicy(CONSOLE *c, POLICY *pol, char *name, char *value, bool cascade_mode);
void CmdPrintStatusToListView(CT *ct, RPC_CLIENT_GET_CONNECTION_STATUS *s);
void CmdPrintStatusToListViewEx(CT *ct, RPC_CLIENT_GET_CONNECTION_STATUS *s, bool server_mode);
bool CmdEvalPassOrDiscard(CONSOLE *c, wchar_t *str, void *param);
bool StrToPassOrDiscard(char *str);
bool CmdEvalProtocol(CONSOLE *c, wchar_t *str, void *param);
UINT StrToProtocol(char *str);
bool CmdEvalPortRange(CONSOLE *c, wchar_t *str, void *param);
bool ParsePortRange(char *str, UINT *start, UINT *end);
wchar_t *GetAuthTypeStr(UINT id);
UINT64 StrToDateTime64(char *str);
bool CmdEvalDateTime(CONSOLE *c, wchar_t *str, void *param);
void CmdPrintNodeInfo(CT *ct, NODE_INFO *info);
wchar_t *GetProtocolName(UINT n);
void CmdGenerateImportName(REMOTE_CLIENT *r, wchar_t *name, UINT size, wchar_t *old_name);
bool CmdIsAccountName(REMOTE_CLIENT *r, wchar_t *name);
wchar_t *GetSyslogSettingName(UINT n);
void TtPrint(void *param, TT_PRINT_PROC *print_proc, wchar_t *str);
void TtGenerateRandomData(UCHAR **buf, UINT *size);
void TtsWorkerThread(THREAD *thread, void *param);
void TtsListenThread(THREAD *thread, void *param);
void TtsAcceptProc(TTS *tts, SOCK *listen_socket);
void TtsIPv6AcceptThread(THREAD *thread, void *param);
wchar_t *GetTtcTypeStr(UINT type);
void TtcPrintSummary(TTC *ttc);
void StopTtc(TTC *ttc);
void TtcGenerateResult(TTC *ttc);
void TtcThread(THREAD *thread, void *param);
TTC *NewTtcEx(char *host, UINT port, UINT numtcp, UINT type, UINT64 span, bool dbl, bool raw, TT_PRINT_PROC *print_proc, void *param, EVENT *start_event, bool *cancel);
TTC *NewTtc(char *host, UINT port, UINT numtcp, UINT type, UINT64 span, bool dbl, bool raw, TT_PRINT_PROC *print_proc, void *param);
UINT FreeTtc(TTC *ttc, TT_RESULT *result);
TTS *NewTts(UINT port, void *param, TT_PRINT_PROC *print_proc);
UINT FreeTts(TTS *tts);
void PtTrafficPrintProc(void *param, wchar_t *str);
void TtcPrintResult(CONSOLE *c, TT_RESULT *res);
bool SystemCheck();
bool CheckKernel();
bool CheckMemory();
bool CheckStrings();
bool CheckFileSystem();
bool CheckThread();
bool CheckNetwork();
void InputToNull(void *p);
UINT RetZero();
void Win32CmdDebug(bool is_uac);
UINT PtConnect(CONSOLE *c, wchar_t *cmdline);
PT *NewPt(CONSOLE *c, wchar_t *cmdline);
void FreePt(PT *pt);
void PtMain(PT *pt);
UINT PtMakeCert(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PtTrafficClient(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PtTrafficServer(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PtCheck(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcConnect(CONSOLE *c, char *target, wchar_t *cmdline, char *password);
PC *NewPc(CONSOLE *c, REMOTE_CLIENT *remote_client, char *servername, wchar_t *cmdline);
void FreePc(PC *pc);
void PcMain(PC *pc);
UINT PcAbout(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcVersionGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcPasswordSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcPasswordGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcCertList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcCertAdd(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcCertDelete(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcCertGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcSecureList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcSecureSelect(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcSecureGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcNicCreate(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcNicDelete(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcNicUpgrade(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcNicGetSetting(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcNicSetSetting(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcNicEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcNicDisable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcNicList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountCreate(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountDelete(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountUsernameSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountAnonymousSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountPasswordSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountCertSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountCertGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountEncryptDisable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountEncryptEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountCompressEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountCompressDisable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountProxyNone(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountProxyHttp(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountProxySocks(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountServerCertEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountServerCertDisable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountServerCertSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountServerCertDelete(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountServerCertGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountDetailSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountRename(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountConnect(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountDisconnect(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountStatusGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountNicSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountStatusShow(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountStatusHide(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountSecureCertSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountRetrySet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountStartupSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountStartupRemove(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountExport(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcAccountImport(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcRemoteEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcRemoteDisable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcKeepEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcKeepDisable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcKeepSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PcKeepGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
PS *NewPs(CONSOLE *c, RPC *rpc, char *servername, UINT serverport, char *hubname, char *adminhub, wchar_t *cmdline);
void FreePs(PS *ps);
UINT PsConnect(CONSOLE *c, char *host, UINT port, char *hub, char *adminhub, wchar_t *cmdline, char *password);
void PsMain(PS *ps);
UINT PsAbout(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsServerInfoGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsServerStatusGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsListenerCreate(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsListenerDelete(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsListenerList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsListenerEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsListenerDisable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsServerPasswordSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsClusterSettingGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsClusterSettingStandalone(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsClusterSettingController(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsClusterSettingMember(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsClusterMemberList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsClusterMemberInfoGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsClusterMemberCertGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsClusterConnectionStatusGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCrash(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsFlush(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsDebug(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsServerCertGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsServerKeyGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsServerCertSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsServerCipherGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsServerCipherSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsKeepEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsKeepDisable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsKeepSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsKeepGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsSyslogGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsSyslogDisable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsSyslogEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsConnectionList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsConnectionGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsConnectionDisconnect(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsBridgeDeviceList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsBridgeList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsBridgeCreate(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsBridgeDelete(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCaps(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsReboot(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsConfigGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsConfigSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsRouterList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsRouterAdd(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsRouterDelete(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsRouterStart(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsRouterStop(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsRouterIfList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsRouterIfAdd(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsRouterIfDel(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsRouterTableList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsRouterTableAdd(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsRouterTableDel(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsLogFileList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsLogFileGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsHubCreate(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsHubCreateDynamic(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsHubCreateStatic(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsHubDelete(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsHubSetStatic(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsHubSetDynamic(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsHubList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsHub(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsOnline(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsOffline(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsSetMaxSession(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsSetHubPassword(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsSetEnumAllow(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsSetEnumDeny(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsOptionsGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsRadiusServerSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsRadiusServerDelete(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsRadiusServerGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsStatusGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsLogGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsLogEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsLogDisable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsLogSwitchSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsLogPacketSaveType(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCAList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCAAdd(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCADelete(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCAGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeCreate(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeDelete(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeUsernameSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeAnonymousSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadePasswordSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeCertSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeCertGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeEncryptEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeEncryptDisable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeCompressEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeCompressDisable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeProxyNone(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeProxyHttp(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeProxySocks(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeServerCertEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeServerCertDisable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeServerCertSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeServerCertDelete(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeServerCertGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeDetailSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadePolicyRemove(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadePolicySet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsPolicyList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeStatusGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeRename(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeOnline(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCascadeOffline(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsAccessAdd(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsAccessAddEx(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsAccessAdd6(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsAccessAddEx6(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsAccessList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsAccessDelete(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsAccessEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsAccessDisable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsUserList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsUserCreate(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsUserSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsUserDelete(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsUserGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsUserAnonymousSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsUserPasswordSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsUserCertSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsUserCertGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsUserSignedSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsUserRadiusSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsUserNTLMSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsUserPolicyRemove(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsUserPolicySet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsUserExpiresSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsGroupList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsGroupCreate(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsGroupSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsGroupDelete(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsGroupGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsGroupJoin(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsGroupUnjoin(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsGroupPolicyRemove(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsGroupPolicySet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsSessionList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsSessionGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsSessionDisconnect(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsMacTable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsMacDelete(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsIpTable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsIpDelete(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsSecureNatEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsSecureNatDisable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsSecureNatStatusGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsSecureNatHostGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsSecureNatHostSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsNatGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsNatEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsNatDisable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsNatSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsNatTable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsDhcpGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsDhcpEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsDhcpDisable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsDhcpSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsDhcpTable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsAdminOptionList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsAdminOptionSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsExtOptionList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsExtOptionSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCrlList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCrlAdd(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCrlDel(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsCrlGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsAcList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsAcAdd(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsAcAdd6(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsAcGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsAcDel(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsLicenseAdd(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsLicenseDel(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsLicenseList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsLicenseStatus(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsIPsecEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsIPsecGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsEtherIpClientAdd(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsEtherIpClientDelete(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsEtherIpClientList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsOpenVpnEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsOpenVpnGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsOpenVpnMakeConfig(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsSstpEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsSstpGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsServerCertRegenerate(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsVpnOverIcmpDnsEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsVpnOverIcmpDnsGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsDynamicDnsGetStatus(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsDynamicDnsSetHostname(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsVpnAzureSetEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
UINT PsVpnAzureGetStatus(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
#endif // COMMAND_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Connection.c
+3457
View File
File diff suppressed because it is too large Load Diff
src/Cedar/Connection.h
+341
View File
@@ -0,0 +1,341 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Connection.h
// Header of Connection.c
#ifndef CONNECTION_H
#define CONNECTION_H
// Magic number indicating that the packet is compressed
#define CONNECTION_BULK_COMPRESS_SIGNATURE 0xDEADBEEFCAFEFACEULL
#define KEEP_ALIVE_STRING "Internet Connection Keep Alive Packet"
// KEEP CONNECT structure
struct KEEP
{
LOCK *lock; // Lock
bool Server; // Server mode
volatile bool Halt; // Stop flag
bool Enable; // Enable flag
char ServerName[MAX_HOST_NAME_LEN + 1]; // Server name
UINT ServerPort; // Server port number
bool UdpMode; // UDP mode
UINT Interval; // Packet transmission interval
THREAD *Thread; // Connection thread
EVENT *HaltEvent; // Stop event
CANCEL *Cancel; // Cancel
};
// SECURE_SIGN Structure
struct SECURE_SIGN
{
char SecurePublicCertName[MAX_SECURE_DEVICE_FILE_LEN + 1]; // Secure device certificate name
char SecurePrivateKeyName[MAX_SECURE_DEVICE_FILE_LEN + 1]; // Secure device secret key name
X *ClientCert; // Client certificate
UCHAR Random[SHA1_SIZE]; // Random value for signature
UCHAR Signature[128]; // Signed data
UINT UseSecureDeviceId;
UINT BitmapId; // Bitmap ID
};
// Function type declaration
typedef bool (CHECK_CERT_PROC)(SESSION *s, CONNECTION *c, X *server_x, bool *expired);
typedef bool (SECURE_SIGN_PROC)(SESSION *s, CONNECTION *c, SECURE_SIGN *sign);
// RC4 key pair
struct RC4_KEY_PAIR
{
UCHAR ServerToClientKey[16];
UCHAR ClientToServerKey[16];
};
// Client Options
struct CLIENT_OPTION
{
wchar_t AccountName[MAX_ACCOUNT_NAME_LEN + 1]; // Connection setting name
char Hostname[MAX_HOST_NAME_LEN + 1]; // Host name
UINT Port; // Port number
UINT PortUDP; // UDP port number (0: Use only TCP)
UINT ProxyType; // Type of proxy
char ProxyName[MAX_HOST_NAME_LEN + 1]; // Proxy server name
UINT ProxyPort; // Port number of the proxy server
char ProxyUsername[MAX_PROXY_USERNAME_LEN + 1]; // Maximum user name length
char ProxyPassword[MAX_PROXY_PASSWORD_LEN + 1]; // Maximum password length
UINT NumRetry; // Automatic retries
UINT RetryInterval; // Retry interval
char HubName[MAX_HUBNAME_LEN + 1]; // HUB name
UINT MaxConnection; // Maximum number of concurrent TCP connections
bool UseEncrypt; // Use encrypted communication
bool UseCompress; // Use data compression
bool HalfConnection; // Use half connection in TCP
bool NoRoutingTracking; // Disable the routing tracking
char DeviceName[MAX_DEVICE_NAME_LEN + 1]; // VLAN device name
UINT AdditionalConnectionInterval; // Connection attempt interval when additional connection establish
UINT ConnectionDisconnectSpan; // Disconnection interval
bool HideStatusWindow; // Hide the status window
bool HideNicInfoWindow; // Hide the NIC status window
bool RequireMonitorMode; // Monitor port mode
bool RequireBridgeRoutingMode; // Bridge or routing mode
bool DisableQoS; // Disable the VoIP / QoS function
bool FromAdminPack; // For Administration Pack
bool NoTls1; // Do not use TLS 1.0
bool NoUdpAcceleration; // Do not use UDP acceleration mode
UCHAR HostUniqueKey[SHA1_SIZE]; // Host unique key
};
// Client authentication data
struct CLIENT_AUTH
{
UINT AuthType; // Authentication type
char Username[MAX_USERNAME_LEN + 1]; // User name
UCHAR HashedPassword[SHA1_SIZE]; // Hashed passwords
char PlainPassword[MAX_PASSWORD_LEN + 1]; // Password
X *ClientX; // Client certificate
K *ClientK; // Client private key
char SecurePublicCertName[MAX_SECURE_DEVICE_FILE_LEN + 1]; // Secure device certificate name
char SecurePrivateKeyName[MAX_SECURE_DEVICE_FILE_LEN + 1]; // Secure device secret key name
CHECK_CERT_PROC *CheckCertProc; // Server certificate confirmation procedure
SECURE_SIGN_PROC *SecureSignProc; // Security signing procedure
};
// TCP socket data structure
struct TCPSOCK
{
SOCK *Sock; // Socket
FIFO *RecvFifo; // Reception buffer
FIFO *SendFifo; // Transmission buffer
UINT Mode; // Read mode
UINT WantSize; // Requested data size
UINT NextBlockNum; // Total number of blocks that can be read next
UINT NextBlockSize; // Block size that is planned to read next
UINT CurrentPacketNum; // Current packet number
UINT64 LastCommTime; // Last communicated time
UINT64 LastRecvTime; // Time the last data received
UINT LateCount; // The number of delay occurences
UINT Direction; // Direction
UINT64 NextKeepAliveTime; // Next time to send a KeepAlive packet
RC4_KEY_PAIR Rc4KeyPair; // RC4 key pair
CRYPT *SendKey; // Transmission key
CRYPT *RecvKey; // Reception key
UINT64 DisconnectTick; // Time to disconnect this connection
UINT64 EstablishedTick; // Establishment time
};
// TCP communication data structure
struct TCP
{
LIST *TcpSockList; // TCP socket list
};
// UDP communication data structure
struct UDP
{
SOCK *s; // UDP socket (for transmission)
IP ip; // Destination IP address
UINT port; // Destination port number
UINT64 NextKeepAliveTime; // Next time to send a KeepAlive packet
UINT64 Seq; // Packet sequence number
UINT64 RecvSeq;
QUEUE *BufferQueue; // Queue of buffer to be sent
};
// Data block
struct BLOCK
{
BOOL Compressed; // Compression flag
UINT Size; // Block size
UINT SizeofData; // Data size
UCHAR *Buf; // Buffer
bool PriorityQoS; // Priority packet for VoIP / QoS function
UINT Ttl; // TTL value (Used only in ICMP NAT of Virtual.c)
UINT Param1; // Parameter 1
};
// Connection structure
struct CONNECTION
{
LOCK *lock; // Lock
REF *ref; // Reference counter
CEDAR *Cedar; // Cedar
struct SESSION *Session; // Session
UINT Protocol; // Protocol
SOCK *FirstSock; // Socket for negotiation
SOCK *TubeSock; // Socket for in-process communication
TCP *Tcp; // TCP communication data structure
UDP *Udp; // UDP communication data structure
bool ServerMode; // Server mode
UINT Status; // Status
char *Name; // Connection name
THREAD *Thread; // Thread
volatile bool Halt; // Stop flag
UCHAR Random[SHA1_SIZE]; // Random number for Authentication
UINT ServerVer; // Server version
UINT ServerBuild; // Server build number
UINT ClientVer; // Client version
UINT ClientBuild; // Client build number
char ServerStr[MAX_SERVER_STR_LEN + 1]; // Server string
char ClientStr[MAX_CLIENT_STR_LEN + 1]; // Client string
UINT Err; // Error value
bool ClientConnectError_NoSavePassword; // Don't save the password for the specified user name
QUEUE *ReceivedBlocks; // Block queue that is received
QUEUE *SendBlocks; // Block queue planned to be sent
QUEUE *SendBlocks2; // Send queue (high priority)
COUNTER *CurrentNumConnection; // Counter of the number of current connections
LIST *ConnectingThreads; // List of connected threads
LIST *ConnectingSocks; // List of the connected sockets
bool flag1; // Flag 1
UCHAR *RecvBuf; // Receive buffer
char ServerName[MAX_HOST_NAME_LEN + 1]; // Server name
UINT ServerPort; // Port number
bool RestoreServerNameAndPort; // Flag to restore the server name and port number to original
bool UseTicket; // Ticket using flag
UCHAR Ticket[SHA1_SIZE]; // Ticket
UINT CurrentSendQueueSize; // Total size of the transmission queue
X *ServerX; // Server certificate
X *ClientX; // Client certificate
char *CipherName; // Encryption algorithm name
UINT64 ConnectedTick; // Time it is connected
IP ClientIp; // Client IP address
char ClientHostname[MAX_HOST_NAME_LEN + 1]; // Client host name
UINT Type; // Type
bool DontUseTls1; // Do not use TLS 1.0
void *hWndForUI; // Parent window
bool IsInProc; // In-process
char InProcPrefix[64]; // Prefix
UINT AdditionalConnectionFailedCounter; // Additional connection failure counter
UINT64 LastCounterResetTick; // Time the counter was reset finally
bool WasSstp; // Processed the SSTP
bool WasDatProxy; // DAT proxy processed
UCHAR CToken_Hash[SHA1_SIZE]; // CTOKEN_HASH
};
// Function prototypes
CONNECTION *NewClientConnection(SESSION *s);
CONNECTION *NewClientConnectionEx(SESSION *s, char *client_str, UINT client_ver, UINT client_build);
CONNECTION *NewServerConnection(CEDAR *cedar, SOCK *s, THREAD *t);
void ReleaseConnection(CONNECTION *c);
void CleanupConnection(CONNECTION *c);
int CompareConnection(void *p1, void *p2);
void StopConnection(CONNECTION *c, bool no_wait);
void ConnectionAccept(CONNECTION *c);
void StartTunnelingMode(CONNECTION *c);
void EndTunnelingMode(CONNECTION *c);
void DisconnectTcpSockets(CONNECTION *c);
void ConnectionReceive(CONNECTION *c, CANCEL *c1, CANCEL *c2);
void ConnectionSend(CONNECTION *c);
TCPSOCK *NewTcpSock(SOCK *s);
void FreeTcpSock(TCPSOCK *ts);
BLOCK *NewBlock(void *data, UINT size, int compress);
void FreeBlock(BLOCK *b);
void StopAllAdditionalConnectThread(CONNECTION *c);
UINT GenNextKeepAliveSpan(CONNECTION *c);
void SendKeepAlive(CONNECTION *c, TCPSOCK *ts);
void DisconnectUDPSockets(CONNECTION *c);
void PutUDPPacketData(CONNECTION *c, void *data, UINT size);
void SendDataWithUDP(SOCK *s, CONNECTION *c);
void InsertReveicedBlockToQueue(CONNECTION *c, BLOCK *block);
void InitTcpSockRc4Key(TCPSOCK *ts, bool server_mode);
UINT TcpSockRecv(SESSION *s, TCPSOCK *ts, void *data, UINT size);
UINT TcpSockSend(SESSION *s, TCPSOCK *ts, void *data, UINT size);
void WriteSendFifo(SESSION *s, TCPSOCK *ts, void *data, UINT size);
void WriteRecvFifo(SESSION *s, TCPSOCK *ts, void *data, UINT size);
CLIENT_AUTH *CopyClientAuth(CLIENT_AUTH *a);
BUF *NewKeepPacket(bool server_mode);
void KeepThread(THREAD *thread, void *param);
KEEP *StartKeep();
void StopKeep(KEEP *k);
void InRpcSecureSign(SECURE_SIGN *t, PACK *p);
void OutRpcSecureSign(PACK *p, SECURE_SIGN *t);
void FreeRpcSecureSign(SECURE_SIGN *t);
void NormalizeEthMtu(BRIDGE *b, CONNECTION *c, UINT packet_size);
UINT GetMachineRand();
#endif // CONNECTION_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Console.c
+2510
View File
File diff suppressed because it is too large Load Diff
src/Cedar/Console.h
+222
View File
@@ -0,0 +1,222 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Console.h
// Header of Console.c
#ifndef CONSOLE_H
#define CONSOLE_H
// Constant
#define MAX_PROMPT_STRSIZE 65536
#define WIN32_DEFAULT_CONSOLE_WIDTH 100
// Types of console
#define CONSOLE_LOCAL 0 // Local console
#define CONSOLE_CSV 1 // CSV output mode
// Parameters completion prompt function
typedef wchar_t *(PROMPT_PROC)(CONSOLE *c, void *param);
// Parameter validation prompt function
typedef bool (EVAL_PROC)(CONSOLE *c, wchar_t *str, void *param);
// Definition of the parameter item
struct PARAM
{
char *Name; // Parameter name
PROMPT_PROC *PromptProc; // Prompt function that automatically invoked if the parameter is not specified
// (This is not called in the case of NULL)
void *PromptProcParam; // Any pointers to pass to the prompt function
EVAL_PROC *EvalProc; // Parameter string validation function
void *EvalProcParam; // Any pointers to be passed to the validation function
char *Tmp; // Temporary variable
};
// Parameter value of the internal data
struct PARAM_VALUE
{
char *Name; // Name
char *StrValue; // String value
wchar_t *UniStrValue; // Unicode string value
UINT IntValue; // Integer value
};
// Console service structure
struct CONSOLE
{
UINT ConsoleType; // Type of console
UINT RetCode; // The last exit code
void *Param; // Data of any
void (*Free)(CONSOLE *c); // Release function
wchar_t *(*ReadLine)(CONSOLE *c, wchar_t *prompt, bool nofile); // Function to read one line
char *(*ReadPassword)(CONSOLE *c, wchar_t *prompt); // Function to read the password
bool (*Write)(CONSOLE *c, wchar_t *str); // Function to write a string
UINT (*GetWidth)(CONSOLE *c); // Get the width of the screen
};
// Local console parameters
struct LOCAL_CONSOLE_PARAM
{
IO *InFile; // Input file
BUF *InBuf; // Input buffer
IO *OutFile; // Output file
UINT Win32_OldConsoleWidth; // Previous console size
};
// Command procedure
typedef UINT (COMMAND_PROC)(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
// Definition of command
struct CMD
{
char *Name; // Command name
COMMAND_PROC *Proc; // Procedure function
};
// Evaluate the minimum / maximum value of the parameter
struct CMD_EVAL_MIN_MAX
{
char *StrName;
UINT MinValue, MaxValue;
};
// Function prototype
wchar_t *Prompt(wchar_t *prompt_str);
char *PromptA(wchar_t *prompt_str);
bool PasswordPrompt(char *password, UINT size);
void *SetConsoleRaw();
void RestoreConsole(void *p);
wchar_t *ParseCommandEx(wchar_t *str, wchar_t *name, TOKEN_LIST **param_list);
wchar_t *ParseCommand(wchar_t *str, wchar_t *name);
TOKEN_LIST *GetCommandNameList(wchar_t *str);
char *ParseCommandA(wchar_t *str, char *name);
LIST *NewParamValueList();
int CmpParamValue(void *p1, void *p2);
void FreeParamValueList(LIST *o);
PARAM_VALUE *FindParamValue(LIST *o, char *name);
char *GetParamStr(LIST *o, char *name);
wchar_t *GetParamUniStr(LIST *o, char *name);
UINT GetParamInt(LIST *o, char *name);
bool GetParamYes(LIST *o, char *name);
LIST *ParseCommandList(CONSOLE *c, char *cmd_name, wchar_t *command, PARAM param[], UINT num_param);
bool IsNameInRealName(char *input_name, char *real_name);
void GetOmissionName(char *dst, UINT size, char *src);
bool IsOmissionName(char *input_name, char *real_name);
TOKEN_LIST *GetRealnameCandidate(char *input_name, TOKEN_LIST *real_name_list);
bool SeparateCommandAndParam(wchar_t *src, char **cmd, wchar_t **param);
UINT GetConsoleWidth(CONSOLE *c);
bool DispatchNextCmd(CONSOLE *c, char *prompt, CMD cmd[], UINT num_cmd, void *param);
bool DispatchNextCmdEx(CONSOLE *c, wchar_t *exec_command, char *prompt, CMD cmd[], UINT num_cmd, void *param);
void PrintCandidateHelp(CONSOLE *c, char *cmd_name, TOKEN_LIST *candidate_list, UINT left_space);
UNI_TOKEN_LIST *SeparateStringByWidth(wchar_t *str, UINT width);
UINT GetNextWordWidth(wchar_t *str);
bool IsWordChar(wchar_t c);
void GetCommandHelpStr(char *command_name, wchar_t **description, wchar_t **args, wchar_t **help);
void GetCommandParamHelpStr(char *command_name, char *param_name, wchar_t **description);
bool CmdEvalMinMax(CONSOLE *c, wchar_t *str, void *param);
wchar_t *CmdPrompt(CONSOLE *c, void *param);
bool CmdEvalNotEmpty(CONSOLE *c, wchar_t *str, void *param);
bool CmdEvalInt1(CONSOLE *c, wchar_t *str, void *param);
bool CmdEvalIsFile(CONSOLE *c, wchar_t *str, void *param);
bool CmdEvalSafe(CONSOLE *c, wchar_t *str, void *param);
void PrintCmdHelp(CONSOLE *c, char *cmd_name, TOKEN_LIST *param_list);
int CompareCandidateStr(void *p1, void *p2);
bool IsHelpStr(char *str);
CONSOLE *NewLocalConsole(wchar_t *infile, wchar_t *outfile);
void ConsoleLocalFree(CONSOLE *c);
wchar_t *ConsoleLocalReadLine(CONSOLE *c, wchar_t *prompt, bool nofile);
char *ConsoleLocalReadPassword(CONSOLE *c, wchar_t *prompt);
bool ConsoleLocalWrite(CONSOLE *c, wchar_t *str);
void ConsoleWriteOutFile(CONSOLE *c, wchar_t *str, bool add_last_crlf);
wchar_t *ConsoleReadNextFromInFile(CONSOLE *c);
UINT ConsoleLocalGetWidth(CONSOLE *c);
#endif // CONSOLE_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/DDNS.c
+984
View File
@@ -0,0 +1,984 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// DDNS.c
// Dynamic DNS Client
#include "CedarPch.h"
// Get the current status of the DDNS client
void DCGetStatus(DDNS_CLIENT *c, DDNS_CLIENT_STATUS *st)
{
// Validate arguments
if (c == NULL || st == NULL)
{
return;
}
Zero(st, sizeof(DDNS_CLIENT_STATUS));
Lock(c->Lock);
{
st->Err_IPv4 = c->Err_IPv4;
st->Err_IPv6 = c->Err_IPv6;
StrCpy(st->CurrentHostName, sizeof(st->CurrentHostName), c->CurrentHostName);
StrCpy(st->CurrentFqdn, sizeof(st->CurrentFqdn), c->CurrentFqdn);
StrCpy(st->DnsSuffix, sizeof(st->DnsSuffix), c->DnsSuffix);
StrCpy(st->CurrentIPv4, sizeof(st->CurrentIPv4), c->CurrentIPv4);
StrCpy(st->CurrentIPv6, sizeof(st->CurrentIPv6), c->CurrentIPv6);
StrCpy(st->CurrentAzureIp, sizeof(st->CurrentAzureIp), c->CurrentAzureIp);
st->CurrentAzureTimestamp = c->CurrentAzureTimestamp;
StrCpy(st->CurrentAzureSignature, sizeof(st->CurrentAzureSignature), c->CurrentAzureSignature);
StrCpy(st->AzureCertHash, sizeof(st->AzureCertHash), c->AzureCertHash);
Copy(&st->InternetSetting, &c->InternetSetting, sizeof(INTERNET_SETTING));
}
Unlock(c->Lock);
}
// Set the Internet settings
void DCSetInternetSetting(DDNS_CLIENT *c, INTERNET_SETTING *t)
{
// Validate arguments
if (c == NULL || t == NULL)
{
return;
}
Copy(&c->InternetSetting, t, sizeof(INTERNET_SETTING));
}
// Get the Internet settings
void DCGetInternetSetting(DDNS_CLIENT *c, INTERNET_SETTING *t)
{
// Validate arguments
if (c == NULL || t == NULL)
{
return;
}
Copy(t, &c->InternetSetting, sizeof(INTERNET_SETTING));
}
// Changing the host name
UINT DCChangeHostName(DDNS_CLIENT *c, char *hostname)
{
UINT ret;
DDNS_REGISTER_PARAM p;
// Validate arguments
if (c == NULL || hostname == NULL)
{
return ERR_INTERNAL_ERROR;
}
if (StrLen(hostname) > 32)
{
// The host name is too long
return ERR_DDNS_HOSTNAME_TOO_LONG;
}
Zero(&p, sizeof(p));
StrCpy(p.NewHostname, sizeof(p.NewHostname), hostname);
// Use one of IPv4 or IPv6 if it seems to be communication
if (c->Err_IPv4 == ERR_NO_ERROR)
{
// IPv4
ret = DCRegister(c, false, &p, NULL);
}
else if (c->Err_IPv6 == ERR_NO_ERROR)
{
// IPv6
ret = DCRegister(c, true, &p, NULL);
}
else
{
// Try both
ret = DCRegister(c, true, &p, NULL);
if (ret != ERR_NO_ERROR)
{
ret = DCRegister(c, false, &p, NULL);
}
}
if (ret == ERR_NO_ERROR)
{
DDNS_CLIENT_STATUS st;
DCGetStatus(c, &st);
SiApplyAzureConfig(c->Cedar->Server, &st);
}
return ret;
}
// DDNS client thread
void DCThread(THREAD *thread, void *param)
{
DDNS_CLIENT *c;
INTERRUPT_MANAGER *interrput;
UINT last_ip_hash = 0;
void *route_change_poller = NULL;
bool last_time_ip_changed = false;
UINT last_azure_ddns_trigger_int = 0;
UINT last_vgs_ddns_trigger_int = 0;
UINT n;
INTERNET_SETTING last_t;
// Validate arguments
if (thread == NULL || param == NULL)
{
return;
}
c = (DDNS_CLIENT *)param;
interrput = NewInterruptManager();
route_change_poller = NewRouteChange();
IsRouteChanged(route_change_poller);
Zero(&last_t, sizeof(last_t));
n = 0;
while (c->Halt == false)
{
UINT ip_hash = GetHostIPAddressHash32();
UINT interval;
UINT64 now = Tick64();
bool ip_changed = false;
bool azure_client_triggered = false;
bool internet_setting_changed = false;
bool vgs_server_triggered = false;
if (c->Cedar->Server != NULL && c->Cedar->Server->AzureClient != NULL)
{
if (c->Cedar->Server->AzureClient->DDnsTriggerInt != last_azure_ddns_trigger_int)
{
azure_client_triggered = true;
last_azure_ddns_trigger_int = c->Cedar->Server->AzureClient->DDnsTriggerInt;
last_time_ip_changed = false;
Debug("DDNS Thread Triggered by AzureClient.\n");
}
}
if (Cmp(&last_t, &c->InternetSetting, sizeof(INTERNET_SETTING)) != 0)
{
Copy(&last_t, &c->InternetSetting, sizeof(INTERNET_SETTING));
internet_setting_changed = true;
last_time_ip_changed = false;
}
if (ip_hash != last_ip_hash)
{
last_time_ip_changed = false;
Debug("DDNS Thread Triggered by IP Hash Changed.\n");
}
if ((ip_hash != last_ip_hash) || (IsRouteChanged(route_change_poller)) || azure_client_triggered || internet_setting_changed || vgs_server_triggered)
{
if (last_time_ip_changed == false)
{
// Call all getting functions from the beginning if the routing
// table or the IP address of this host has changed
c->NextRegisterTick_IPv4 = 0;
c->NextRegisterTick_IPv6 = 0;
c->NextGetMyIpTick_IPv4 = 0;
c->NextGetMyIpTick_IPv6 = 0;
last_ip_hash = ip_hash;
last_time_ip_changed = true;
ip_changed = true;
Debug("DDNS Internet Condition Changed.\n");
}
}
else
{
last_time_ip_changed = false;
}
if ((n++) >= 1)
{
// Self IPv4 address acquisition
if (c->NextGetMyIpTick_IPv4 == 0 || now >= c->NextGetMyIpTick_IPv4)
{
UINT next_interval;
char ip[MAX_SIZE];
Zero(ip, sizeof(ip));
c->Err_IPv4_GetMyIp = DCGetMyIp(c, false, ip, sizeof(ip), NULL);
if (c->Err_IPv4_GetMyIp == ERR_NO_ERROR)
{
if (StrCmpi(c->LastMyIPv4, ip) != 0)
{
ip_changed = true;
StrCpy(c->LastMyIPv4, sizeof(c->LastMyIPv4), ip);
}
next_interval = GenRandInterval(DDNS_GETMYIP_INTERVAL_OK_MIN, DDNS_GETMYIP_INTERVAL_OK_MAX);
}
else
{
if (IsEmptyStr(c->LastMyIPv4) == false)
{
ip_changed = true;
}
Zero(c->LastMyIPv4, sizeof(c->LastMyIPv4));
next_interval = GenRandInterval(DDNS_GETMYIP_INTERVAL_NG_MIN, DDNS_GETMYIP_INTERVAL_NG_MAX);
}
c->NextGetMyIpTick_IPv4 = Tick64() + (UINT64)next_interval;
AddInterrupt(interrput, c->NextGetMyIpTick_IPv4);
}
// Self IPv6 address acquisition
if (c->NextGetMyIpTick_IPv6 == 0 || now >= c->NextGetMyIpTick_IPv6)
{
UINT next_interval;
char ip[MAX_SIZE];
Zero(ip, sizeof(ip));
c->Err_IPv6_GetMyIp = DCGetMyIp(c, true, ip, sizeof(ip), NULL);
if (c->Err_IPv6_GetMyIp == ERR_NO_ERROR)
{
if (StrCmpi(c->LastMyIPv6, ip) != 0)
{
ip_changed = true;
StrCpy(c->LastMyIPv6, sizeof(c->LastMyIPv6), ip);
}
next_interval = GenRandInterval(DDNS_GETMYIP_INTERVAL_OK_MIN, DDNS_GETMYIP_INTERVAL_OK_MAX);
}
else
{
if (IsEmptyStr(c->LastMyIPv6) == false)
{
ip_changed = true;
}
Zero(c->LastMyIPv6, sizeof(c->LastMyIPv6));
next_interval = GenRandInterval(DDNS_GETMYIP_INTERVAL_NG_MIN, DDNS_GETMYIP_INTERVAL_NG_MAX);
}
c->NextGetMyIpTick_IPv6 = Tick64() + (UINT64)next_interval;
AddInterrupt(interrput, c->NextGetMyIpTick_IPv6);
}
}
if (ip_changed)
{
c->NextRegisterTick_IPv4 = 0;
c->NextRegisterTick_IPv6 = 0;
}
// IPv4 host registration
if (c->NextRegisterTick_IPv4 == 0 || now >= c->NextRegisterTick_IPv4)
{
UINT next_interval;
c->Err_IPv4 = DCRegister(c, false, NULL, NULL);
if (c->Err_IPv4 == ERR_NO_ERROR)
{
next_interval = GenRandInterval(DDNS_REGISTER_INTERVAL_OK_MIN, DDNS_REGISTER_INTERVAL_OK_MAX);
}
else
{
next_interval = GenRandInterval(DDNS_REGISTER_INTERVAL_NG_MIN, DDNS_REGISTER_INTERVAL_NG_MAX);
}
//next_interval = 0;
c->NextRegisterTick_IPv4 = Tick64() + (UINT64)next_interval;
if (true)
{
DDNS_CLIENT_STATUS st;
DCGetStatus(c, &st);
SiApplyAzureConfig(c->Cedar->Server, &st);
}
AddInterrupt(interrput, c->NextRegisterTick_IPv4);
}
if (c->Halt)
{
break;
}
// IPv6 host registration
if (c->NextRegisterTick_IPv6 == 0 || now >= c->NextRegisterTick_IPv6)
{
UINT next_interval;
c->Err_IPv6 = DCRegister(c, true, NULL, NULL);
if (c->Err_IPv6 == ERR_NO_ERROR)
{
next_interval = GenRandInterval(DDNS_REGISTER_INTERVAL_OK_MIN, DDNS_REGISTER_INTERVAL_OK_MAX);
}
else
{
next_interval = GenRandInterval(DDNS_REGISTER_INTERVAL_NG_MIN, DDNS_REGISTER_INTERVAL_NG_MAX);
}
c->NextRegisterTick_IPv6 = Tick64() + (UINT64)next_interval;
if (true)
{
DDNS_CLIENT_STATUS st;
DCGetStatus(c, &st);
SiApplyAzureConfig(c->Cedar->Server, &st);
}
AddInterrupt(interrput, c->NextRegisterTick_IPv6);
}
interval = GetNextIntervalForInterrupt(interrput);
interval = MIN(interval, 1234);
if (n == 1)
{
interval = MIN(interval, 0);
}
if (c->Halt)
{
break;
}
if (c->KeyChanged)
{
c->KeyChanged = false;
c->NextRegisterTick_IPv4 = c->NextRegisterTick_IPv6 = 0;
interval = 0;
}
if (last_time_ip_changed)
{
if (c->Cedar->Server != NULL && c->Cedar->Server->AzureClient != NULL)
{
c->Cedar->Server->AzureClient->IpStatusRevision++;
}
}
Wait(c->Event, interval);
}
FreeRouteChange(route_change_poller);
FreeInterruptManager(interrput);
}
// Command to update immediately
void DCUpdateNow(DDNS_CLIENT *c)
{
// Validate arguments
if (c == NULL)
{
return;
}
c->NextRegisterTick_IPv4 = c->NextRegisterTick_IPv6 = 0;
Set(c->Event);
}
// Execution of registration
UINT DCRegister(DDNS_CLIENT *c, bool ipv6, DDNS_REGISTER_PARAM *p, char *replace_v6)
{
char *url;
char url2[MAX_SIZE];
char url3[MAX_SIZE];
PACK *req, *ret;
char key_str[MAX_SIZE];
UCHAR machine_key[SHA1_SIZE];
char machine_key_str[MAX_SIZE];
char machine_name[MAX_SIZE];
BUF *cert_hash;
UINT err = ERR_INTERNAL_ERROR;
UCHAR key_hash[SHA1_SIZE];
char key_hash_str[MAX_SIZE];
bool use_azure = false;
char current_azure_ip[MAX_SIZE];
INTERNET_SETTING t;
UINT build = 0;
bool use_https = false;
bool use_vgs = false;
// Validate arguments
if (c == NULL)
{
return ERR_INTERNAL_ERROR;
}
Zero(current_azure_ip, sizeof(current_azure_ip));
GetCurrentMachineIpProcessHash(machine_key);
BinToStr(machine_key_str, sizeof(machine_key_str), machine_key, sizeof(machine_key));
GetMachineHostName(machine_name, sizeof(machine_name));
StrLower(machine_name);
if (ipv6 == false)
{
url = DDNS_URL_V4_GLOBAL;
if (IsUseAlternativeHostname())
{
url = DDNS_URL_V4_ALT;
}
}
else
{
url = DDNS_URL_V6_GLOBAL;
if (IsUseAlternativeHostname())
{
url = DDNS_URL_V6_ALT;
}
if (replace_v6)
{
url = replace_v6;
}
}
Zero(&t, sizeof(t));
if (ipv6 == false)
{
// Proxy Setting
Copy(&t, &c->InternetSetting, sizeof(INTERNET_SETTING));
}
if (ipv6 == false)
{
// Get the current status of the VPN Azure Client
if (c->Cedar->Server != NULL)
{
AZURE_CLIENT *ac = c->Cedar->Server->AzureClient;
if (ac != NULL)
{
use_azure = SiIsAzureEnabled(c->Cedar->Server);
if (use_azure)
{
Lock(ac->Lock);
{
StrCpy(current_azure_ip, sizeof(current_azure_ip), ac->ConnectingAzureIp);
}
Unlock(ac->Lock);
}
}
}
}
req = NewPack();
BinToStr(key_str, sizeof(key_str), c->Key, sizeof(c->Key));
StrUpper(key_str);
PackAddStr(req, "key", key_str);
// Build Number
build = c->Cedar->Build;
PackAddInt(req, "build", build);
PackAddInt(req, "osinfo", GetOsInfo()->OsType);
PackAddInt(req, "is_64bit", Is64());
#ifdef OS_WIN32
PackAddInt(req, "is_windows_64bit", MsIs64BitWindows());
#endif // OS_WIN32
PackAddBool(req, "is_softether", true);
PackAddBool(req, "is_packetix", false);
PackAddStr(req, "machine_key", machine_key_str);
PackAddStr(req, "machine_name", machine_name);
PackAddInt(req, "lasterror_ipv4", c->Err_IPv4_GetMyIp);
PackAddInt(req, "lasterror_ipv6", c->Err_IPv6_GetMyIp);
PackAddBool(req, "use_azure", use_azure);
PackAddStr(req, "product_str", CEDAR_PRODUCT_STR);
PackAddInt(req, "ddns_protocol_version", DDNS_VERSION);
if (use_azure)
{
Debug("current_azure_ip = %s\n", current_azure_ip);
PackAddStr(req, "current_azure_ip", current_azure_ip);
}
HashSha1(key_hash, key_str, StrLen(key_str));
BinToStr(key_hash_str, sizeof(key_hash_str), key_hash, sizeof(key_hash));
StrLower(key_hash_str);
if (p != NULL)
{
if (IsEmptyStr(p->NewHostname) == false)
{
PackAddStr(req, "new_hostname", p->NewHostname);
}
}
cert_hash = StrToBin(DDNS_CERT_HASH);
Format(url2, sizeof(url2), "%s?v=%I64u", url, Rand64());
Format(url3, sizeof(url3), url2, key_hash_str[0], key_hash_str[1], key_hash_str[2], key_hash_str[3]);
if (use_https == false)
{
ReplaceStr(url3, sizeof(url3), url3, "https://", "http://");
}
ReplaceStr(url3, sizeof(url3), url3, ".servers", ".open.servers");
Debug("WpcCall: %s\n", url3);
ret = WpcCallEx(url3, &t, DDNS_CONNECT_TIMEOUT, DDNS_COMM_TIMEOUT, "register", req,
NULL, NULL, ((cert_hash != NULL && cert_hash->Size == SHA1_SIZE) ? cert_hash->Buf : NULL), NULL, DDNS_RPC_MAX_RECV_SIZE);
Debug("WpcCall Ret: %u\n", ret);
FreeBuf(cert_hash);
FreePack(req);
err = GetErrorFromPack(ret);
ExtractAndApplyDynList(ret);
// Status update
Lock(c->Lock);
{
if (err == ERR_NO_ERROR)
{
char snat_t[MAX_SIZE];
// Current host name
PackGetStr(ret, "current_hostname", c->CurrentHostName, sizeof(c->CurrentHostName));
PackGetStr(ret, "current_fqdn", c->CurrentFqdn, sizeof(c->CurrentFqdn));
PackGetStr(ret, "current_ipv4", c->CurrentIPv4, sizeof(c->CurrentIPv4));
PackGetStr(ret, "current_ipv6", c->CurrentIPv6, sizeof(c->CurrentIPv6));
PackGetStr(ret, "dns_suffix", c->DnsSuffix, sizeof(c->DnsSuffix));
// SecureNAT connectivity check parameters
Zero(snat_t, sizeof(snat_t));
PackGetStr(ret, "snat_t", snat_t, sizeof(snat_t));
NnSetSecureNatTargetHostname(snat_t);
if (ipv6 == false)
{
char cert_hash[MAX_SIZE];
PackGetStr(ret, "current_azure_ip", c->CurrentAzureIp, sizeof(c->CurrentAzureIp));
c->CurrentAzureTimestamp = PackGetInt64(ret, "current_azure_timestamp");
PackGetStr(ret, "current_azure_signature", c->CurrentAzureSignature, sizeof(c->CurrentAzureSignature));
Zero(cert_hash, sizeof(cert_hash));
PackGetStr(ret, "azure_cert_hash", cert_hash, sizeof(cert_hash));
if (IsEmptyStr(cert_hash) == false)
{
StrCpy(c->AzureCertHash, sizeof(c->AzureCertHash), cert_hash);
}
}
StrCpy(c->Cedar->CurrentDDnsFqdn, sizeof(c->Cedar->CurrentDDnsFqdn), c->CurrentFqdn);
Debug("current_hostname=%s, current_fqdn=%s, current_ipv4=%s, current_ipv6=%s, current_azure_ip=%s, CurrentAzureTimestamp=%I64u, CurrentAzureSignature=%s, CertHash=%s\n",
c->CurrentHostName, c->CurrentFqdn,
c->CurrentIPv4, c->CurrentIPv6,
c->CurrentAzureIp, c->CurrentAzureTimestamp, c->CurrentAzureSignature, c->AzureCertHash);
}
}
Unlock(c->Lock);
if (IsEmptyStr(c->CurrentFqdn) == false)
{
SetCurrentDDnsFqdn(c->CurrentFqdn);
}
FreePack(ret);
UniDebug(L"DCRegister Error: %s\n", _E(err));
if (err == ERR_DUPLICATE_DDNS_KEY)
{
// Key duplication
DCGenNewKey(c->Key);
c->KeyChanged = true;
}
if (err == ERR_DISCONNECTED)
{
err = ERR_DDNS_DISCONNECTED;
}
if (IsUseAlternativeHostname() == false)
{
if (err == ERR_CONNECT_FAILED)
{
if (ipv6 && replace_v6 == NULL)
{
UINT type = DetectFletsType();
if (type & FLETS_DETECT_TYPE_EAST_BFLETS_PRIVATE && err != ERR_NO_ERROR)
{
err = DCRegister(c, ipv6, p, DDNS_REPLACE_URL_FOR_EAST_BFLETS);
}
if (type & FLETS_DETECT_TYPE_EAST_NGN_PRIVATE && err != ERR_NO_ERROR)
{
err = DCRegister(c, ipv6, p, DDNS_REPLACE_URL_FOR_EAST_NGN);
}
if (type & FLETS_DETECT_TYPE_WEST_NGN_PRIVATE && err != ERR_NO_ERROR)
{
err = DCRegister(c, ipv6, p, DDNS_REPLACE_URL_FOR_WEST_NGN);
}
}
}
}
return err;
}
// Get the self IP address
UINT DCGetMyIp(DDNS_CLIENT *c, bool ipv6, char *dst, UINT dst_size, char *replace_v6)
{
UINT ret = ERR_INTERNAL_ERROR;
ret = DCGetMyIpMain(c, ipv6, dst, dst_size, false, replace_v6);
if (ret == ERR_NO_ERROR)
{
IP ip;
if (StrToIP(&ip, dst))
{
if (ipv6 == false && IsIP4(&ip))
{
SetCurrentGlobalIP(&ip, false);
}
else if (ipv6 && IsIP6(&ip))
{
SetCurrentGlobalIP(&ip, true);
}
}
}
return ret;
}
UINT DCGetMyIpMain(DDNS_CLIENT *c, bool ipv6, char *dst, UINT dst_size, bool use_ssl, char *replace_v6)
{
char *url;
char url2[MAX_SIZE];
UINT ret = ERR_INTERNAL_ERROR;
URL_DATA data;
BUF *recv;
BUF *cert_hash;
// Validate arguments
if (dst == NULL || c == NULL)
{
return ERR_INTERNAL_ERROR;
}
if (ipv6 == false)
{
url = DDNS_URL2_V4_GLOBAL;
if (IsUseAlternativeHostname())
{
url = DDNS_URL2_V4_ALT;
}
}
else
{
url = DDNS_URL2_V6_GLOBAL;
if (IsUseAlternativeHostname())
{
url = DDNS_URL2_V6_ALT;
}
if (replace_v6)
{
url = replace_v6;
}
}
Format(url2, sizeof(url2), "%s?v=%I64u", url, Rand64());
if (use_ssl)
{
ReplaceStr(url2, sizeof(url2), url2, "http://", "https://");
}
if (ParseUrl(&data, url2, false, NULL) == false)
{
return ERR_INTERNAL_ERROR;
}
cert_hash = StrToBin(DDNS_CERT_HASH);
recv = HttpRequest(&data, (ipv6 ? NULL : &c->InternetSetting), DDNS_CONNECT_TIMEOUT, DDNS_COMM_TIMEOUT, &ret, false, NULL, NULL,
NULL, ((cert_hash != NULL && cert_hash->Size == SHA1_SIZE) ? cert_hash->Buf : NULL));
FreeBuf(cert_hash);
if (recv != NULL)
{
char *str = ZeroMalloc(recv->Size + 1);
Copy(str, recv->Buf, recv->Size);
if (StartWith(str, "IP=") == false)
{
ret = ERR_PROTOCOL_ERROR;
}
else
{
StrCpy(dst, dst_size, str + 3);
ret = ERR_NO_ERROR;
}
Free(str);
FreeBuf(recv);
}
if (IsUseAlternativeHostname() == false)
{
if (ret == ERR_CONNECT_FAILED)
{
if (ipv6 && replace_v6 == NULL && use_ssl == false)
{
UINT type = DetectFletsType();
if (type & FLETS_DETECT_TYPE_EAST_BFLETS_PRIVATE && ret != ERR_NO_ERROR)
{
ret = DCGetMyIpMain(c, ipv6, dst, dst_size, use_ssl, DDNS_REPLACE_URL2_FOR_EAST_BFLETS);
}
if (type & FLETS_DETECT_TYPE_EAST_NGN_PRIVATE && ret != ERR_NO_ERROR)
{
ret = DCGetMyIpMain(c, ipv6, dst, dst_size, use_ssl, DDNS_REPLACE_URL2_FOR_EAST_NGN);
}
if (type & FLETS_DETECT_TYPE_WEST_NGN_PRIVATE && ret != ERR_NO_ERROR)
{
ret = DCGetMyIpMain(c, ipv6, dst, dst_size, use_ssl, DDNS_REPLACE_URL2_FOR_WEST_NGN);
}
}
}
}
return ret;
}
// Creating a DDNS client
DDNS_CLIENT *NewDDNSClient(CEDAR *cedar, UCHAR *key, INTERNET_SETTING *t)
{
DDNS_CLIENT *c;
UCHAR key_hash[SHA1_SIZE];
// Validate arguments
if (cedar == NULL)
{
return NULL;
}
c = ZeroMalloc(sizeof(DDNS_CLIENT));
c->Cedar = cedar;
AddRef(c->Cedar->ref);
c->Err_IPv4 = c->Err_IPv6 = ERR_TRYING_TO_CONNECT;
if (key == NULL)
{
// Create a new key
DCGenNewKey(c->Key);
}
else
{
// Set the key
Copy(c->Key, key, SHA1_SIZE);
}
HashSha1(key_hash, c->Key, sizeof(c->Key));
if (t != NULL)
{
Copy(&c->InternetSetting, t, sizeof(INTERNET_SETTING));
}
c->Lock = NewLock();
// Thread creation
c->Event = NewEvent();
c->Thread = NewThread(DCThread, c);
return c;
}
// Release of DDNS client
void FreeDDNSClient(DDNS_CLIENT *c)
{
// Validate arguments
if (c == NULL)
{
return;
}
// Stop the thread
c->Halt = true;
Set(c->Event);
WaitThread(c->Thread, INFINITE);
ReleaseThread(c->Thread);
ReleaseEvent(c->Event);
ReleaseCedar(c->Cedar);
DeleteLock(c->Lock);
Free(c);
}
// Create a new key
void DCGenNewKey(UCHAR *key)
{
BUF *b;
UINT64 tick;
UCHAR hash[SHA1_SIZE];
UCHAR rand[SHA1_SIZE];
UINT i;
// Validate arguments
if (key == NULL)
{
return;
}
b = NewBuf();
Rand(rand, sizeof(rand));
WriteBuf(b, rand, sizeof(rand));
tick = TickHighres64();
WriteBufInt64(b, tick);
tick = Tick64();
WriteBufInt64(b, tick);
tick = SystemTime64();
WriteBufInt64(b, tick);
GetCurrentMachineIpProcessHash(hash);
WriteBuf(b, hash, sizeof(hash));
HashSha1(key, b->Buf, b->Size);
Rand(rand, sizeof(rand));
for (i = 0;i < SHA1_SIZE;i++)
{
key[i] = key[i] ^ rand[i];
}
FreeBuf(b);
}
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/DDNS.h
+215
View File
@@ -0,0 +1,215 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// DDNS.h
// Header of DDNS.c
#ifndef DDNS_H
#define DDNS_H
// Certificate hash
#define DDNS_CERT_HASH "EFAC5FA0CDD14E0F864EED58A73C35D7E33B62F3"
// Destination URL
#define DDNS_URL_V4_GLOBAL "https://x%c.x%c.x%c.x%c.servers.ddns.softether-network.net/ddns/ddns.aspx"
#define DDNS_URL_V6_GLOBAL "https://x%c.x%c.x%c.x%c.servers-v6.ddns.softether-network.net/ddns/ddns.aspx"
#define DDNS_URL2_V4_GLOBAL "http://get-my-ip.ddns.softether-network.net/ddns/getmyip.ashx"
#define DDNS_URL2_V6_GLOBAL "http://get-my-ip-v6.ddns.softether-network.net/ddns/getmyip.ashx"
#define DDNS_REPLACE_URL_FOR_EAST_BFLETS "https://senet-flets.v6.softether.co.jp/ddns/ddns.aspx"
#define DDNS_REPLACE_URL_FOR_EAST_NGN "https://senet.aoi.flets-east.jp/ddns/ddns.aspx"
#define DDNS_REPLACE_URL_FOR_WEST_NGN "https://senet.p-ns.flets-west.jp/ddns/ddns.aspx"
#define DDNS_REPLACE_URL2_FOR_EAST_BFLETS "http://senet-flets.v6.softether.co.jp/ddns/getmyip.ashx"
#define DDNS_REPLACE_URL2_FOR_EAST_NGN "http://senet.aoi.flets-east.jp/ddns/getmyip.ashx"
#define DDNS_REPLACE_URL2_FOR_WEST_NGN "http://senet.p-ns.flets-west.jp/ddns/getmyip.ashx"
// For China: Free version
#define DDNS_URL_V4_ALT "https://x%c.x%c.x%c.x%c.servers.ddns.uxcom.jp/ddns/ddns.aspx"
#define DDNS_URL_V6_ALT "https://x%c.x%c.x%c.x%c.servers-v6.ddns.uxcom.jp/ddns/ddns.aspx"
#define DDNS_URL2_V4_ALT "http://get-my-ip.ddns.uxcom.jp/ddns/getmyip.ashx"
#define DDNS_URL2_V6_ALT "http://get-my-ip-v6.ddns.uxcom.jp/ddns/getmyip.ashx"
#define DDNS_RPC_MAX_RECV_SIZE DYN32(DDNS_RPC_MAX_RECV_SIZE, (128 * 1024 * 1024))
// Connection Timeout
#define DDNS_CONNECT_TIMEOUT DYN32(DDNS_CONNECT_TIMEOUT, (15 * 1000))
// Communication time-out
#define DDNS_COMM_TIMEOUT DYN32(DDNS_COMM_TIMEOUT, (60 * 1000))
// Maximum length of the host name
#define DDNS_MAX_HOSTNAME 31
// DDNS Version
#define DDNS_VERSION 1
// Period until the next registration in case of success
#define DDNS_REGISTER_INTERVAL_OK_MIN DYN32(DDNS_REGISTER_INTERVAL_OK_MIN, (1 * 60 * 60 * 1000))
#define DDNS_REGISTER_INTERVAL_OK_MAX DYN32(DDNS_REGISTER_INTERVAL_OK_MAX, (2 * 60 * 60 * 1000))
// Period until the next registration in case of failure
#define DDNS_REGISTER_INTERVAL_NG_MIN DYN32(DDNS_REGISTER_INTERVAL_NG_MIN, (1 * 60 * 1000))
#define DDNS_REGISTER_INTERVAL_NG_MAX DYN32(DDNS_REGISTER_INTERVAL_NG_MAX, (5 * 60 * 1000))
// The self IP address acquisition interval (If last trial succeeded)
#define DDNS_GETMYIP_INTERVAL_OK_MIN DYN32(DDNS_GETMYIP_INTERVAL_OK_MIN, (10 * 60 * 1000))
#define DDNS_GETMYIP_INTERVAL_OK_MAX DYN32(DDNS_GETMYIP_INTERVAL_OK_MAX, (20 * 60 * 1000))
// The self IP address acquisition interval (If last trial failed)
#define DDNS_GETMYIP_INTERVAL_NG_MIN DYN32(DDNS_GETMYIP_INTERVAL_NG_MIN, (1 * 60 * 1000))
#define DDNS_GETMYIP_INTERVAL_NG_MAX DYN32(DDNS_GETMYIP_INTERVAL_NG_MAX, (5 * 60 * 1000))
// Time difference to communicate with the DDNS server after a predetermined time has elapsed since the VPN Azure is disconnected
#define DDNS_VPN_AZURE_CONNECT_ERROR_DDNS_RETRY_TIME_DIFF DYN32(DDNS_VPN_AZURE_CONNECT_ERROR_DDNS_RETRY_TIME_DIFF, (120 * 1000))
#define DDNS_VPN_AZURE_CONNECT_ERROR_DDNS_RETRY_TIME_DIFF_MAX DYN32(DDNS_VPN_AZURE_CONNECT_ERROR_DDNS_RETRY_TIME_DIFF_MAX, (10 * 60 * 1000))
// DDNS Client
struct DDNS_CLIENT
{
CEDAR *Cedar; // Cedar
THREAD *Thread; // Thread
UCHAR Key[SHA1_SIZE]; // Key
LOCK *Lock; // Lock
volatile bool Halt; // Halt flag
EVENT *Event; // Halt event
char CurrentHostName[DDNS_MAX_HOSTNAME + 1]; // Current host name
char CurrentFqdn[MAX_SIZE]; // Current FQDN
char DnsSuffix[MAX_SIZE]; // DNS suffix
char CurrentIPv4[MAX_SIZE]; // Current IPv4 address
char CurrentIPv6[MAX_SIZE]; // Current IPv6 address
UINT Err_IPv4, Err_IPv6; // Last error
UINT Err_IPv4_GetMyIp, Err_IPv6_GetMyIp; // Last error (obtaining self IP address)
bool KeyChanged; // Flag to indicate that the key has been changed
char LastMyIPv4[MAX_SIZE]; // Self IPv4 address that were acquired on last
char LastMyIPv6[MAX_SIZE]; // Self IPv6 address that were acquired on last
char CurrentAzureIp[MAX_SIZE]; // IP address of Azure Server to be used
UINT64 CurrentAzureTimestamp; // Time stamp to be presented to the Azure Server
char CurrentAzureSignature[MAX_SIZE]; // Signature to be presented to the Azure Server
char AzureCertHash[MAX_SIZE]; // Azure Server certificate hash
INTERNET_SETTING InternetSetting; // Internet connection settings
UINT64 NextRegisterTick_IPv4, NextRegisterTick_IPv6; // Next register time
UINT64 NextGetMyIpTick_IPv4, NextGetMyIpTick_IPv6; // Next self IP acquisition time
};
// DDNS Register Param
struct DDNS_REGISTER_PARAM
{
char NewHostname[DDNS_MAX_HOSTNAME + 1]; // Host name after the change
};
// The current status of the DDNS
struct DDNS_CLIENT_STATUS
{
UINT Err_IPv4, Err_IPv6; // Last error
char CurrentHostName[DDNS_MAX_HOSTNAME + 1]; // Current host name
char CurrentFqdn[MAX_SIZE]; // Current FQDN
char DnsSuffix[MAX_SIZE]; // DNS suffix
char CurrentIPv4[MAX_SIZE]; // Current IPv4 address
char CurrentIPv6[MAX_SIZE]; // Current IPv6 address
char CurrentAzureIp[MAX_SIZE]; // IP address of Azure Server to be used
UINT64 CurrentAzureTimestamp; // Time stamp to be presented to the Azure Server
char CurrentAzureSignature[MAX_SIZE]; // Signature to be presented to the Azure Server
char AzureCertHash[MAX_SIZE]; // Azure Server certificate hash
INTERNET_SETTING InternetSetting; // Internet settings
};
// Function prototype
DDNS_CLIENT *NewDDNSClient(CEDAR *cedar, UCHAR *key, INTERNET_SETTING *t);
void FreeDDNSClient(DDNS_CLIENT *c);
void DCGenNewKey(UCHAR *key);
void DCThread(THREAD *thread, void *param);
UINT DCRegister(DDNS_CLIENT *c, bool ipv6, DDNS_REGISTER_PARAM *p, char *replace_v6);
UINT DCGetMyIpMain(DDNS_CLIENT *c, bool ipv6, char *dst, UINT dst_size, bool use_ssl, char *replace_v6);
UINT DCGetMyIp(DDNS_CLIENT *c, bool ipv6, char *dst, UINT dst_size, char *replace_v6);
void DCUpdateNow(DDNS_CLIENT *c);
void DCGetStatus(DDNS_CLIENT *c, DDNS_CLIENT_STATUS *st);
UINT DCChangeHostName(DDNS_CLIENT *c, char *hostname);
void DCSetInternetSetting(DDNS_CLIENT *c, INTERNET_SETTING *t);
void DCGetInternetSetting(DDNS_CLIENT *c, INTERNET_SETTING *t);
#endif // DDNS_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Database.c
+239
View File
@@ -0,0 +1,239 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Database.c
// License database
#include "CedarPch.h"
// Get the License status string
wchar_t *LiGetLicenseStatusStr(UINT i)
{
wchar_t *ret = _UU("LICENSE_STATUS_OTHERERROR");
switch (i)
{
case LICENSE_STATUS_OK:
ret = _UU("LICENSE_STATUS_OK");
break;
case LICENSE_STATUS_EXPIRED:
ret = _UU("LICENSE_STATUS_EXPIRED");
break;
case LICENSE_STATUS_ID_DIFF:
ret = _UU("LICENSE_STATUS_ID_DIFF");
break;
case LICENSE_STATUS_DUP:
ret = _UU("LICENSE_STATUS_DUP");
break;
case LICENSE_STATUS_INSUFFICIENT:
ret = _UU("LICENSE_STATUS_INSUFFICIENT");
break;
case LICENSE_STATUS_COMPETITION:
ret = _UU("LICENSE_STATUS_COMPETITION");
break;
case LICENSE_STATUS_NONSENSE:
ret = _UU("LICENSE_STATUS_NONSENSE");
break;
case LICENSE_STATUS_CPU:
ret = _UU("LICENSE_STATUS_CPU");
break;
}
return ret;
}
static char *li_keybit_chars = "ABCDEFGHJKLMNPQRSTUVWXYZ12345678";
// Convert the string to a key bit
bool LiStrToKeyBit(UCHAR *keybit, char *keystr)
{
UINT x[36];
UINT i, wp;
char *str;
// Validate arguments
if (keybit == NULL || keystr == NULL)
{
return false;
}
str = CopyStr(keystr);
Trim(str);
wp = 0;
if (StrLen(str) != 41)
{
Free(str);
return false;
}
for (i = 0;i < 36;i++)
{
char c = str[wp++];
UINT j;
if (((i % 6) == 5) && (i != 35))
{
if (str[wp++] != '-')
{
Free(str);
return false;
}
}
x[i] = INFINITE;
for (j = 0;j < 32;j++)
{
if (ToUpper(c) == li_keybit_chars[j])
{
x[i] = j;
}
}
if (x[i] == INFINITE)
{
Free(str);
return false;
}
}
Zero(keybit, 23);
keybit[0] = x[0] << 1 | x[1] >> 4;
keybit[1] = x[1] << 4 | x[2] >> 1;
keybit[2] = x[2] << 7 | x[3] << 2 | x[4] >> 3;
keybit[3] = x[4] << 5 | x[5];
keybit[4] = x[6] << 3 | x[7] >> 2;
keybit[5] = x[7] << 6 | x[8] << 1 | x[9] >> 4;
keybit[6] = x[9] << 4 | x[10] >> 1;
keybit[7] = x[10] << 7 | x[11] << 2 | x[12] >> 3;
keybit[8] = x[12] << 5 | x[13];
keybit[9] = x[14] << 3 | x[15] >> 2;
keybit[10] = x[15] << 6 | x[16] << 1 | x[17] >> 4;
keybit[11] = x[17] << 4 | x[18] >> 1;
keybit[12] = x[18] << 7 | x[19] << 2 | x[20] >> 3;
keybit[13] = x[20] << 5 | x[21];
keybit[14] = x[22] << 3 | x[23] >> 2;
keybit[15] = x[23] << 6 | x[24] << 1 | x[25] >> 4;
keybit[16] = x[25] << 4 | x[26] >> 1;
keybit[17] = x[26] << 7 | x[27] << 2 | x[28] >> 3;
keybit[18] = x[28] << 5 | x[29];
keybit[19] = x[30] << 3 | x[31] >> 2;
keybit[20] = x[31] << 6 | x[32] << 1 | x[33] >> 4;
keybit[21] = x[33] << 4 | x[34] >> 1;
keybit[22] = x[34] << 7 | x[35] << 2;
Free(str);
return true;
}
// Determine whether the string is a license key
bool LiIsLicenseKey(char *str)
{
UCHAR keybit[23];
// Validate arguments
if (str == NULL)
{
return false;
}
if (LiStrToKeyBit(keybit, str) == false)
{
return false;
}
return true;
}
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Database.h
+98
View File
@@ -0,0 +1,98 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Database.h
// Header of Database.c
#ifndef DATABASE_H
#define DATABASE_H
wchar_t *LiGetLicenseStatusStr(UINT i);
bool LiIsLicenseKey(char *str);
bool LiStrToKeyBit(UCHAR *keybit, char *keystr);
#endif // DATABASE_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/EM.c
+1476
View File
File diff suppressed because it is too large Load Diff
src/Cedar/EM.h
+96
View File
@@ -0,0 +1,96 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// EM.h
// Header of EM.c
#ifndef EM_H
#define EM_H
// Public function
void EMExec();
#endif // EM_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/EMInner.h
+122
View File
@@ -0,0 +1,122 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// EMInner.h
// Inner header of EM.c
// Constants
#define EM_REG_KEY "Software\\" GC_REG_COMPANY_NAME "\\EtherLogger\\Manager"
// Innner structure
typedef struct EM_ADD
{
RPC *Rpc;
bool NewMode;
char DeviceName[MAX_SIZE];
} EM_ADD;
// Inner functions
void EMMain(RPC *r);
UINT EmMainDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void EmMainInit(HWND hWnd, RPC *r);
void EmMainUpdate(HWND hWnd, RPC *r);
void EmMainRefresh(HWND hWnd, RPC *r);
void EmAdd(HWND hWnd, RPC *r, char *device_name);
UINT EmAddDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void EmAddInit(HWND hWnd, EM_ADD *p);
void EmDlgToHubLog(HWND hWnd, HUB_LOG *g);
void EmHubLogToDlg(HWND hWnd, HUB_LOG *g);
void EmAddOk(HWND hWnd, EM_ADD *p);
void EmAddUpdate(HWND hWnd, EM_ADD *p);
UINT EmPasswordDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
UINT EmLicenseDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void EmLicenseDlgInit(HWND hWnd, RPC *s);
void EmLicenseDlgRefresh(HWND hWnd, RPC *s);
void EmLicenseDlgUpdate(HWND hWnd, RPC *s);
bool EmLicenseAdd(HWND hWnd, RPC *s);
UINT EmLicenseAddDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void EmLicenseAddDlgInit(HWND hWnd, RPC *s);
void EmLicenseAddDlgUpdate(HWND hWnd, RPC *s);
void EmLicenseAddDlgShiftTextItem(HWND hWnd, UINT id1, UINT id2, UINT *next_focus);
void EmLicenseAddDlgGetText(HWND hWnd, char *str, UINT size);
void EmLicenseAddDlgOnOk(HWND hWnd, RPC *s);
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/EtherLog.c
+1356
View File
File diff suppressed because it is too large Load Diff
src/Cedar/EtherLog.h
+255
View File
@@ -0,0 +1,255 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// EtherLog.h
// Header of EtherLog.c
#ifndef ETHERLOG_H
#define ETHERLOG_H
// Whether this is a beta version
#define ELOG_IS_BETA true
// Beta expiration date
#define ELOG_BETA_EXPIRES_YEAR 2008
#define ELOG_BETA_EXPIRES_MONTH 12
#define ELOG_BETA_EXPIRES_DAY 2
// Version information
//#define EL_VER 201
//#define EL_BUILD 1600
//#define EL_BETA 1
#define MAX_LOGGING_QUEUE_LEN 100000
// RPC related
struct RPC_ADD_DEVICE
{
char DeviceName[MAX_SIZE]; // Device name
HUB_LOG LogSetting; // Log settings
bool NoPromiscus; // Without promiscuous mode
};
struct RPC_DELETE_DEVICE
{
char DeviceName[MAX_SIZE]; // Device name
};
struct RPC_ENUM_DEVICE_ITEM
{
char DeviceName[MAX_SIZE]; // Device name
bool Active; // Running flag
};
struct RPC_ENUM_DEVICE
{
UINT NumItem; // Number of items
RPC_ENUM_DEVICE_ITEM *Items; // Items
bool IsLicenseSupported; // Whether the license system is supported
};
// License status of the service
struct RPC_EL_LICENSE_STATUS
{
BOOL Valid; // Enable flag
UINT64 SystemId; // System ID
UINT64 SystemExpires; // System expiration date
};
// Device
struct EL_DEVICE
{
EL *el; // EL
char DeviceName[MAX_SIZE]; // Device name
HUB_LOG LogSetting; // Log settings
THREAD *Thread; // Thread
CANCEL *Cancel1; // Cancel 1
CANCEL *Cancel2; // Cancel 2
volatile bool Halt; // Halting flag
bool Active; // Running flag
bool NoPromiscus; // Without promiscuous mode
LOG *Logger; // Logger
};
// License status
struct EL_LICENSE_STATUS
{
BOOL Valid; // Enable flag
UINT64 SystemId; // System ID
UINT64 Expires; // Expiration date
};
// EtherLogger
struct EL
{
LOCK *lock; // Lock
REF *ref; // Reference counter
CEDAR *Cedar; // Cedar
LIST *DeviceList; // Device list
CFG_RW *CfgRw; // Config R/W
UINT Port; // Port number
LISTENER *Listener; // Listener
UCHAR HashedPassword[SHA1_SIZE]; // Password
LIST *AdminThreadList; // Management thread list
LIST *AdminSockList; // Management socket list
LICENSE_SYSTEM *LicenseSystem; // License system
EL_LICENSE_STATUS *LicenseStatus; // License status
UINT64 AutoDeleteCheckDiskFreeSpaceMin; // Minimum free disk space
ERASER *Eraser; // Eraser
};
// Function prototype
void ElInit();
void ElFree();
void ElStart();
void ElStop();
EL *NewEl();
void ReleaseEl(EL *e);
void CleanupEl(EL *e);
void ElInitConfig(EL *e);
void ElFreeConfig(EL *e);
bool ElLoadConfig(EL *e);
void ElLoadConfigFromFolder(EL *e, FOLDER *root);
void ElSaveConfig(EL *e);
void ElSaveConfigToFolder(EL *e, FOLDER *root);
int ElCompareDevice(void *p1, void *p2);
bool ElAddCaptureDevice(EL *e, char *name, HUB_LOG *log, bool no_promiscus);
bool ElDeleteCaptureDevice(EL *e, char *name);
bool ElSetCaptureDeviceLogSetting(EL *e, char *name, HUB_LOG *log);
void ElCaptureThread(THREAD *thread, void *param);
void ElStartListener(EL *e);
void ElStopListener(EL *e);
void ElListenerProc(THREAD *thread, void *param);
PACK *ElRpcServer(RPC *r, char *name, PACK *p);
void ElCheckLicense(EL_LICENSE_STATUS *st, LICENSE *e);
void ElParseCurrentLicenseStatus(LICENSE_SYSTEM *s, EL_LICENSE_STATUS *st);
bool ElIsBetaExpired();
UINT EtAddDevice(EL *e, RPC_ADD_DEVICE *t);
UINT EtDelDevice(EL *e, RPC_DELETE_DEVICE *t);
UINT EtSetDevice(EL *e, RPC_ADD_DEVICE *t);
UINT EtGetDevice(EL *e, RPC_ADD_DEVICE *t);
UINT EtEnumDevice(EL *e, RPC_ENUM_DEVICE *t);
UINT EtEnumAllDevice(EL *e, RPC_ENUM_DEVICE *t);
UINT EtSetPassword(EL *e, RPC_SET_PASSWORD *t);
UINT EtAddLicenseKey(EL *a, RPC_TEST *t);
UINT EtDelLicenseKey(EL *a, RPC_TEST *t);
UINT EtEnumLicenseKey(EL *a, RPC_ENUM_LICENSE_KEY *t);
UINT EtGetLicenseStatus(EL *a, RPC_EL_LICENSE_STATUS *t);
UINT EtGetBridgeSupport(EL *a, RPC_BRIDGE_SUPPORT *t);
UINT EtRebootServer(EL *a, RPC_TEST *t);
UINT EcAddDevice(RPC *r, RPC_ADD_DEVICE *t);
UINT EcDelDevice(RPC *r, RPC_DELETE_DEVICE *t);
UINT EcSetDevice(RPC *r, RPC_ADD_DEVICE *t);
UINT EcGetDevice(RPC *r, RPC_ADD_DEVICE *t);
UINT EcEnumDevice(RPC *r, RPC_ENUM_DEVICE *t);
UINT EcEnumAllDevice(RPC *r, RPC_ENUM_DEVICE *t);
UINT EcSetPassword(RPC *r, RPC_SET_PASSWORD *t);
UINT EcAddLicenseKey(RPC *r, RPC_TEST *t);
UINT EcDelLicenseKey(RPC *r, RPC_TEST *t);
UINT EcEnumLicenseKey(RPC *r, RPC_ENUM_LICENSE_KEY *t);
UINT EcGetLicenseStatus(RPC *r, RPC_EL_LICENSE_STATUS *t);
UINT EcGetBridgeSupport(RPC *r, RPC_BRIDGE_SUPPORT *t);
UINT EcRebootServer(RPC *r, RPC_TEST *t);
UINT EcConnect(char *host, UINT port, char *password, RPC **rpc);
void EcDisconnect(RPC *rpc);
void InRpcAddDevice(RPC_ADD_DEVICE *t, PACK *p);
void OutRpcAddDevice(PACK *p, RPC_ADD_DEVICE *t);
void InRpcDeleteDevice(RPC_DELETE_DEVICE *t, PACK *p);
void OutRpcDeleteDevice(PACK *p, RPC_DELETE_DEVICE *t);
void InRpcEnumDevice(RPC_ENUM_DEVICE *t, PACK *p);
void OutRpcEnumDevice(PACK *p, RPC_ENUM_DEVICE *t);
void FreeRpcEnumDevice(RPC_ENUM_DEVICE *t);
void InRpcEnumLicenseKey(RPC_ENUM_LICENSE_KEY *t, PACK *p);
void OutRpcEnumLicenseKey(PACK *p, RPC_ENUM_LICENSE_KEY *t);
void FreeRpcEnumLicenseKey(RPC_ENUM_LICENSE_KEY *t);
void InRpcElLicenseStatus(RPC_EL_LICENSE_STATUS *t, PACK *p);
void OutRpcElLicenseStatus(PACK *p, RPC_EL_LICENSE_STATUS *t);
#endif // ETHERLOG_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Hub.c
+7123
View File
File diff suppressed because it is too large Load Diff
src/Cedar/Hub.h
+598
View File
@@ -0,0 +1,598 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Hub.h
// Header of Hub.c
#ifndef HUB_H
#define HUB_H
// Prefix in the access list for investigating whether the user name which is contained in a particular file
#define ACCESS_LIST_INCLUDED_PREFIX "include:" // Included
#define ACCESS_LIST_EXCLUDED_PREFIX "exclude:" // Not included
// The default value for the cache expiration of the user name reference file of the access list (in seconds)
#define ACCESS_LIST_INCLUDE_FILE_CACHE_LIFETIME 30
// The maximum length of the include file in the access list
#define ACCESS_LIST_INCLUDE_FILE_MAX_SIZE (1024 * 1024)
// <INFO> tags of the URL in the access list
#define ACCESS_LIST_URL_INFO_TAG "<INFO>"
// SoftEther link control packet
struct SE_LINK
{
UCHAR DestMacAddress[6]; // Destination MAC address
UCHAR SrcMacAddress[6]; // Source MAC address
UCHAR SignatureS; // 'S'
UCHAR SignatureE; // 'E'
UCHAR Padding[2]; // Padding
UINT Type; // Type
UCHAR HubSignature[16]; // HUB signature
UINT TransactionId; // Transaction ID
UINT Data; // Data
UCHAR Dummy[20]; // Dummy
UCHAR Checksum[SHA1_SIZE]; // Checksum
};
// Test packet reception record
struct TEST_HISTORY
{
SESSION *s1;
SESSION *s2;
};
// State machine for link test
struct SE_TEST
{
LOCK *lock; // Lock
UINT64 LastTestPacketSentTime; // Time that sent the test packet at the last
UINT NextTestPacketSendInterval; // Next test packet transmission interval
bool CurrentTesting; // Test by sending a test packet currently
UINT TransactionId; // Transaction ID
LIST *TestHistory; // Reception history
};
// Macro
#define NO_ACCOUNT_DB(h) ((h)->FarmMember)
// Database in the case of a stand-alone or a farm master HUB
struct HUBDB
{
LIST *UserList; // User List
LIST *GroupList; // Group List
LIST *RootCertList; // Certificate list to trust
LIST *CrlList; // CRL list
LIST *AcList; // AC List
};
// Traffic limiter
struct TRAFFIC_LIMITER
{
UINT64 LastTime; // Time of last measured
UINT64 Value; // The current value
};
// Record the number of broadcast of each endpoint
struct STORM
{
UCHAR MacAddress[6]; // MAC address
UCHAR Padding[2]; // Padding
IP SrcIp; // Source IP address
IP DestIp; // Destination IP address
UINT64 CheckStartTick; // Time that checking is started
UINT CurrentBroadcastNum; // The current number of broadcasts
UINT DiscardValue; // Ratio to discard the broadcast packet
bool StrictMode; // Strict mode
};
// Packet adapter information structure for HUB
struct HUB_PA
{
CANCEL *Cancel; // Cancel object
QUEUE *PacketQueue; // Packet queue
bool MonitorPort; // Monitor port
UINT64 Now; // Current time
TRAFFIC_LIMITER UploadLimiter; // Upload bandwidth limit
TRAFFIC_LIMITER DownloadLimiter; // Download bandwidth limitation
SESSION *Session; // Session
LIST *StormList; // Broadcast storm recording list
UINT64 UsernameHash; // User name hash
UINT64 UsernameHashSimple; // User name hash (simple)
UINT64 GroupnameHash; // Group name hash
};
// HUB options
struct HUB_OPTION
{
// Standard options
UINT MaxSession; // Maximum number of simultaneous connections
bool NoEnum; // Excluded from the enumeration
// Advanced options
bool NoArpPolling; // No ARP polling
bool NoIPv6AddrPolling; // No IPv6 address polling
bool NoIpTable; // Do not generate an IP address table
bool NoMacAddressLog; // Not to write the registration log of the MAC address
bool ManageOnlyPrivateIP; // Manage only private IP
bool ManageOnlyLocalUnicastIPv6; // Manage only local unicast IPv6 addresses
bool DisableIPParsing; // Disable the IP interpretation
bool YieldAfterStorePacket; // Yield after the packet is stored
bool NoSpinLockForPacketDelay; // Do not use the spin lock
UINT BroadcastStormDetectionThreshold; // Broadcast number limit threshold
bool FilterPPPoE; // Filtering the PPPoE (0x8863, 0x8864)
bool FilterOSPF; // Filtering the OSPF (ip_proto = 89)
bool FilterIPv4; // Filter IPv4 packets
bool FilterIPv6; // Filter IPv6 packets
bool FilterNonIP; // Filter all non-IP packets
bool FilterBPDU; // Filter the BPDU packets
UINT ClientMinimumRequiredBuild; // If the build number of the client is lower than a certain value, deny it
bool NoIPv6DefaultRouterInRAWhenIPv6; // Delete the default router specification from the IPv6 router advertisement (only in the case of IPv6 physical connection)
bool NoIPv4PacketLog; // Do not save the packet log for the IPv4 packet
bool NoIPv6PacketLog; // Do not save the packet log of IPv6 packets
bool NoLookBPDUBridgeId; // Don't look the BPDU bridge ID for switching
bool NoManageVlanId; // Don't manage the VLAN ID
UINT VlanTypeId; // Type ID of VLAN packets (usually 0x8100)
bool FixForDLinkBPDU; // Apply the fix for the BPDU of the strange behavior of the D-Link
UINT RequiredClientId; // Client ID
UINT AdjustTcpMssValue; // TCP MSS adjustment value
bool DisableAdjustTcpMss; // Completely disable the TCP MSS adjustment function
bool NoDhcpPacketLogOutsideHub; // Suppress DHCP unrelated log
bool DisableHttpParsing; // Prohibit the HTTP interpretation
bool DisableUdpAcceleration; // Prohibit the UDP acceleration function
bool DisableUdpFilterForLocalBridgeNic; // Not to perform filtering DHCP packets associated with local bridge NIC
bool ApplyIPv4AccessListOnArpPacket; // Apply an IPv4 access list to the ARP packet
bool RemoveDefGwOnDhcpForLocalhost; // Remove the designation of the DHCP server from the DHCP response packet addressed to localhost
UINT SecureNAT_MaxTcpSessionsPerIp; // Maximum number of TCP sessions per IP address
UINT SecureNAT_MaxTcpSynSentPerIp; // Maximum number of TCP sessions of SYN_SENT state per IP address
UINT SecureNAT_MaxUdpSessionsPerIp; // Maximum number of UDP sessions per IP address
UINT SecureNAT_MaxDnsSessionsPerIp; // Maximum number of DNS sessions per IP address
UINT SecureNAT_MaxIcmpSessionsPerIp; // Maximum number of ICMP sessions per IP address
UINT AccessListIncludeFileCacheLifetime; // Expiration of the access list external file (in seconds)
bool DisableKernelModeSecureNAT; // Disable the kernel mode NAT
bool DisableUserModeSecureNAT; // Disable the user mode NAT
bool DisableCheckMacOnLocalBridge; // Disable the MAC address verification in local bridge
bool DisableCorrectIpOffloadChecksum; // Disable the correction of checksum that is IP-Offloaded
bool BroadcastLimiterStrictMode; // Strictly broadcast packets limiting mode
UINT MaxLoggedPacketsPerMinute; // Maximum number of logging target packets per minute
bool DoNotSaveHeavySecurityLogs; // Do not take heavy security log
};
// MAC table entry
struct MAC_TABLE_ENTRY
{
UCHAR MacAddress[6]; // MAC address
UCHAR Padding[2];
UINT VlanId; // VLAN ID
SESSION *Session; // Session
HUB_PA *HubPa; // HUB packet adapter
UINT64 CreatedTime; // Creation date and time
UINT64 UpdatedTime; // Updating date
};
// IP table entry
struct IP_TABLE_ENTRY
{
IP Ip; // IP address
SESSION *Session; // Session
bool DhcpAllocated; // Assigned by DHCP
UINT64 CreatedTime; // Creation date and time
UINT64 UpdatedTime; // Updating date
UCHAR MacAddress[6]; // MAC address
};
// Loop List
struct LOOP_LIST
{
UINT NumSessions;
SESSION **Session;
};
// Access list
struct ACCESS
{
// IPv4
UINT Id; // ID
wchar_t Note[MAX_ACCESSLIST_NOTE_LEN + 1]; // Note
// --- Please add items to the bottom of here for enhancements ---
bool Active; // Enable flag
UINT Priority; // Priority
bool Discard; // Discard flag
UINT SrcIpAddress; // Source IP address
UINT SrcSubnetMask; // Source subnet mask
UINT DestIpAddress; // Destination IP address
UINT DestSubnetMask; // Destination subnet mask
UINT Protocol; // Protocol
UINT SrcPortStart; // Source port number starting point
UINT SrcPortEnd; // Source port number end point
UINT DestPortStart; // Destination port number starting point
UINT DestPortEnd; // Destination port number end point
UINT64 SrcUsernameHash; // Source user name hash
bool IsSrcUsernameIncludeOrExclude; // The source user name is formed as the "include:" or "exclude:"
char SrcUsername[MAX_USERNAME_LEN + 1];
bool IsDestUsernameIncludeOrExclude; // The destination user name is formed as "include:" or "exclude:"
UINT64 DestUsernameHash; // Destination user name hash
char DestUsername[MAX_USERNAME_LEN + 1];
bool CheckSrcMac; // Presence of a source MAC address setting
UCHAR SrcMacAddress[6]; // Source MAC address
UCHAR SrcMacMask[6]; // Source MAC address mask
bool CheckDstMac; // Whether the setting of the destination MAC address exists
UCHAR DstMacAddress[6]; // Destination MAC address
UCHAR DstMacMask[6]; // Destination MAC address mask
bool CheckTcpState; // The state of the TCP connection
bool Established; // Establieshed(TCP)
UINT Delay; // Delay
UINT Jitter; // Jitter
UINT Loss; // Packet loss
char RedirectUrl[MAX_REDIRECT_URL_LEN + 1]; // URL to redirect to
// IPv6
bool IsIPv6; // Whether it's an IPv6
IPV6_ADDR SrcIpAddress6; // The source IP address (IPv6)
IPV6_ADDR SrcSubnetMask6; // Source subnet mask (IPv6)
IPV6_ADDR DestIpAddress6; // Destination IP address (IPv6)
IPV6_ADDR DestSubnetMask6; // Destination subnet mask (IPv6)
// --- Please add items to the above of here for enhancements ---
// For management
UINT UniqueId; // Unique ID
};
// Ticket
struct TICKET
{
UINT64 CreatedTick; // Creation date and time
UCHAR Ticket[SHA1_SIZE]; // Ticket
char Username[MAX_USERNAME_LEN + 1]; // User name
char UsernameReal[MAX_USERNAME_LEN + 1]; // Real user name
char GroupName[MAX_USERNAME_LEN + 1]; // Group name
char SessionName[MAX_SESSION_NAME_LEN + 1]; // Session name
POLICY Policy; // Policy
};
// Traffic difference
struct TRAFFIC_DIFF
{
UINT Type; // Type
TRAFFIC Traffic; // Traffic
char *HubName; // HUB name
char *Name; // Name
};
// Administration options
struct ADMIN_OPTION
{
char Name[MAX_ADMIN_OPTION_NAME_LEN + 1]; // Name
UINT Value; // Data
};
// Certificate Revocation List entry
struct CRL
{
X_SERIAL *Serial; // Serial number
NAME *Name; // Name information
UCHAR DigestMD5[MD5_SIZE]; // MD5 hash
UCHAR DigestSHA1[SHA1_SIZE]; // SHA-1 hash
};
// Access control
struct AC
{
UINT Id; // ID
UINT Priority; // Priority
bool Deny; // Deny access
bool Masked; // Is masked
IP IpAddress; // IP address
IP SubnetMask; // Subnet mask
};
// User List
struct USERLIST
{
char Filename[MAX_PATH]; // File name
LIST *UserHashList; // Hash list of user names
};
// HUB structure
struct HUB
{
LOCK *lock; // Lock
LOCK *lock_online; // Lock for Online
REF *ref; // Reference counter
CEDAR *Cedar; // Cedar
UINT Type; // Type
HUBDB *HubDb; // Database
char *Name; // The name of the HUB
LOCK *RadiusOptionLock; // Lock for Radius option
char *RadiusServerName; // Radius server name
UINT RadiusServerPort; // Radius server port number
UINT RadiusRetryInterval; // Radius retry interval
BUF *RadiusSecret; // Radius shared key
char RadiusSuffixFilter[MAX_SIZE]; // Radius suffix filter
volatile bool Halt; // Halting flag
bool Offline; // Offline
bool BeingOffline; // Be Doing Offline
LIST *SessionList; // Session list
COUNTER *SessionCounter; // Session number generation counter
TRAFFIC *Traffic; // Traffic information
TRAFFIC *OldTraffic; // Old traffic information
LOCK *TrafficLock; // Traffic lock
COUNTER *NumSessions; // The current number of sessions
COUNTER *NumSessionsClient; // The current number of sessions (client)
COUNTER *NumSessionsBridge; // The current number of sessions (bridge)
HUB_OPTION *Option; // HUB options
LIST *MacTable; // MAC address table
LIST *IpTable; // IP address table
LIST *MonitorList; // Monitor port session list
LIST *LinkList; // Linked list
UCHAR HubSignature[16]; // HUB signature
UCHAR HubMacAddr[6]; // MAC address of the HUB
IP HubIp; // IP address of the HUB (IPv4)
IPV6_ADDR HubIpV6; // IP address of the HUB (IPv6)
UINT HubIP6Id; // IPv6 packet ID of the HUB
UCHAR Padding[2]; // Padding
LOCK *LoopListLock; // Lock for the loop list
UINT NumLoopList; // Number of loop lists
LOOP_LIST **LoopLists; // Loop List
LIST *AccessList; // Access list
HUB_LOG LogSetting; // Log Settings
LOG *PacketLogger; // Packet logger
LOG *SecurityLogger; // Security logger
UCHAR HashedPassword[SHA1_SIZE]; // Password
UCHAR SecurePassword[SHA1_SIZE]; // Secure password
LIST *TicketList; // Ticket list
bool FarmMember; // Farm member
UINT64 LastIncrementTraffic; // Traffic reporting time
UINT64 LastSendArpTick; // ARP transmission time of the last
SNAT *SecureNAT; // SecureNAT
bool EnableSecureNAT; // SecureNAT enable / disable flag
VH_OPTION *SecureNATOption; // SecureNAT Option
THREAD *WatchDogThread; // Watchdog thread
EVENT *WatchDogEvent; // Watchdog event
bool WatchDogStarted; // Whether the watchdog thread is used
volatile bool HaltWatchDog; // Stop the watchdog thread
LIST *AdminOptionList; // Administration options list
UINT64 CreatedTime; // Creation date and time
UINT64 LastCommTime; // Last communication date and time
UINT64 LastLoginTime; // Last login date and time
UINT NumLogin; // Number of logins
bool HubIsOnlineButHalting; // Virtual HUB is really online, but it is in offline state to stop
UINT FarmMember_MaxSessionClient; // Maximum client connection sessions for cluster members
UINT FarmMember_MaxSessionBridge; // Maximum bridge connection sessions for cluster members
bool FarmMember_MaxSessionClientBridgeApply; // Apply the FarmMember_MaxSession*
UINT CurrentVersion; // The current version
UINT LastVersion; // Version of when the update notification is issued at the last
wchar_t *Msg; // Message to be displayed when the client is connected
LIST *UserList; // Cache of the user list file
bool IsVgsHub; // Whether it's a VGS Virtual HUB
};
// Global variable
extern ADMIN_OPTION admin_options[];
extern UINT num_admin_options;
// Function prototype
HUBDB *NewHubDb();
void DeleteHubDb(HUBDB *d);
HUB *NewHub(CEDAR *cedar, char *HubName, HUB_OPTION *option);
void SetHubMsg(HUB *h, wchar_t *msg);
wchar_t *GetHubMsg(HUB *h);
void GenHubMacAddress(UCHAR *mac, char *name);
void GenHubIpAddress(IP *ip, char *name);
bool IsHubIpAddress(IP *ip);
bool IsHubIpAddress32(UINT ip32);
bool IsHubIpAddress64(IPV6_ADDR *addr);
bool IsHubMacAddress(UCHAR *mac);
void ReleaseHub(HUB *h);
void CleanupHub(HUB *h);
int CompareHub(void *p1, void *p2);
void LockHubList(CEDAR *cedar);
void UnlockHubList(CEDAR *cedar);
HUB *GetHub(CEDAR *cedar, char *name);
bool IsHub(CEDAR *cedar, char *name);
void StopHub(HUB *h);
void AddSession(HUB *h, SESSION *s);
void DelSession(HUB *h, SESSION *s);
SESSION *SearchSessionByUniqueId(HUB *h, UINT id);
UINT GetNewUniqueId(HUB *h);
void StopAllSession(HUB *h);
bool HubPaInit(SESSION *s);
void HubPaFree(SESSION *s);
CANCEL *HubPaGetCancel(SESSION *s);
UINT HubPaGetNextPacket(SESSION *s, void **data);
bool HubPaPutPacket(SESSION *s, void *data, UINT size);
PACKET_ADAPTER *GetHubPacketAdapter();
int CompareMacTable(void *p1, void *p2);
void StorePacket(HUB *hub, SESSION *s, PKT *packet);
bool StorePacketFilter(SESSION *s, PKT *packet);
void StorePacketToHubPa(HUB_PA *dest, SESSION *src, void *data, UINT size, PKT *packet);
void SetHubOnline(HUB *h);
void SetHubOffline(HUB *h);
SESSION *GetSessionByPtr(HUB *hub, void *ptr);
SESSION *GetSessionByName(HUB *hub, char *name);
int CompareIpTable(void *p1, void *p2);
bool StorePacketFilterByPolicy(SESSION *s, PKT *p);
bool DeleteIPv6DefaultRouterInRA(PKT *p);
bool StorePacketFilterByTrafficLimiter(SESSION *s, PKT *p);
void IntoTrafficLimiter(TRAFFIC_LIMITER *tr, PKT *p);
bool IsMostHighestPriorityPacket(SESSION *s, PKT *p);
bool IsPriorityPacketForQoS(PKT *p);
int CompareStormList(void *p1, void *p2);
STORM *SearchStormList(HUB_PA *pa, UCHAR *mac_address, IP *src_ip, IP *dest_ip, bool strict);
STORM *AddStormList(HUB_PA *pa, UCHAR *mac_address, IP *src_ip, IP *dest_ip, bool strict);
bool CheckBroadcastStorm(HUB *hub, SESSION *s, PKT *p);
void AddRootCert(HUB *hub, X *x);
int CmpAccessList(void *p1, void *p2);
void InitAccessList(HUB *hub);
void FreeAccessList(HUB *hub);
void AddAccessList(HUB *hub, ACCESS *a);
void AddAccessListEx(HUB *hub, ACCESS *a, bool no_sort, bool no_reassign_id);
bool SetSessionFirstRedirectHttpUrl(SESSION *s, char *url);
bool IsTcpPacketNcsiHttpAccess(PKT *p);
UINT64 UsernameToInt64(char *name);
void MakeSimpleUsernameRemoveNtDomain(char *dst, UINT dst_size, char *src);
bool ApplyAccessListToStoredPacket(HUB *hub, SESSION *s, PKT *p);
void ForceRedirectToUrl(HUB *hub, SESSION *src_session, PKT *p, char *redirect_url);
BUF *BuildRedirectToUrlPayload(HUB *hub, SESSION *s, char *redirect_url);
bool ApplyAccessListToForwardPacket(HUB *hub, SESSION *src_session, SESSION *dest_session, PKT *p);
bool IsPacketMaskedByAccessList(SESSION *s, PKT *p, ACCESS *a, UINT64 dest_username, UINT64 dest_groupname, SESSION *dest_session);
void GetAccessListStr(char *str, UINT size, ACCESS *a);
void DeleteOldIpTableEntry(LIST *o);
void SetRadiusServer(HUB *hub, char *name, UINT port, char *secret);
void SetRadiusServerEx(HUB *hub, char *name, UINT port, char *secret, UINT interval);
bool GetRadiusServer(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size);
bool GetRadiusServerEx(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size, UINT *interval);
bool GetRadiusServerEx2(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size, UINT *interval, char *suffix_filter, UINT suffix_filter_size);
int CompareCert(void *p1, void *p2);
void GetHubLogSetting(HUB *h, HUB_LOG *setting);
void SetHubLogSetting(HUB *h, HUB_LOG *setting);
void SetHubLogSettingEx(HUB *h, HUB_LOG *setting, bool no_change_switch_type);
void DeleteExpiredIpTableEntry(LIST *o);
void DeleteExpiredMacTableEntry(LIST *o);
void AddTrafficDiff(HUB *h, char *name, UINT type, TRAFFIC *traffic);
void IncrementHubTraffic(HUB *h);
void EnableSecureNAT(HUB *h, bool enable);
void EnableSecureNATEx(HUB *h, bool enable, bool no_change);
void StartHubWatchDog(HUB *h);
void StopHubWatchDog(HUB *h);
void HubWatchDogThread(THREAD *t, void *param);
int CompareAdminOption(void *p1, void *p2);
UINT GetHubAdminOptionEx(HUB *h, char *name, UINT default_value);
UINT GetHubAdminOption(HUB *h, char *name);
void DeleteAllHubAdminOption(HUB *h, bool lock);
void AddHubAdminOptionsDefaults(HUB *h, bool lock);
bool IsCertMatchCrl(X *x, CRL *crl);
bool IsCertMatchCrlList(X *x, LIST *o);
wchar_t *GenerateCrlStr(CRL *crl);
bool IsValidCertInHub(HUB *h, X *x);
void FreeCrl(CRL *crl);
CRL *CopyCrl(CRL *crl);
int CmpAc(void *p1, void *p2);
LIST *NewAcList();
void AddAc(LIST *o, AC *ac);
bool DelAc(LIST *o, UINT id);
AC *GetAc(LIST *o, UINT id);
void SetAc(LIST *o, UINT id, AC *ac);
void DelAllAc(LIST *o);
void SetAcList(LIST *o, LIST *src);
void NormalizeAcList(LIST *o);
bool IsIpMaskedByAc(IP *ip, AC *ac);
bool IsIpDeniedByAcList(IP *ip, LIST *o);
char *GenerateAcStr(AC *ac);
void FreeAcList(LIST *o);
LIST *CloneAcList(LIST *o);
bool IsIPManagementTargetForHUB(IP *ip, HUB *hub);
wchar_t *GetHubAdminOptionHelpString(char *name);
void HubOptionStructToData(RPC_ADMIN_OPTION *ao, HUB_OPTION *o, char *hub_name);
ADMIN_OPTION *NewAdminOption(char *name, UINT value);
void DataToHubOptionStruct(HUB_OPTION *o, RPC_ADMIN_OPTION *ao);
UINT GetHubAdminOptionData(RPC_ADMIN_OPTION *ao, char *name);
void GetHubAdminOptionDataAndSet(RPC_ADMIN_OPTION *ao, char *name, UINT *dest);
bool IsURLMsg(wchar_t *str, char *url, UINT url_size);
LIST *NewUserList();
void DeleteAllUserListCache(LIST *o);
void FreeUserList(LIST *o);
void FreeUserListEntry(USERLIST *u);
int CompareUserList(void *p1, void *p2);
USERLIST *LoadUserList(LIST *o, char *filename);
USERLIST *FindUserList(LIST *o, char *filename);
bool IsUserMatchInUserList(LIST *o, char *filename, UINT64 user_hash);
bool IsUserMatchInUserListWithCacheExpires(LIST *o, char *filename, UINT64 user_hash, UINT64 lifetime);
bool IsUserMatchInUserListWithCacheExpiresAcl(LIST *o, char *name_in_acl, UINT64 user_hash, UINT64 lifetime);
void CalcTrafficEntryDiff(TRAFFIC_ENTRY *diff, TRAFFIC_ENTRY *old, TRAFFIC_ENTRY *current);
void CalcTrafficDiff(TRAFFIC *diff, TRAFFIC *old, TRAFFIC *current);
bool CheckMaxLoggedPacketsPerMinute(SESSION *s, UINT max_packets, UINT64 now);
void VgsSetUserAgentValue(char *str);
void VgsSetEmbTag(bool b);
#endif // HUB_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/IPsec.c
+767
View File
@@ -0,0 +1,767 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// IPsec.c
// IPsec module
#include "CedarPch.h"
static bool ipsec_disable = false;
// Disabling whole IPsec
void IPSecSetDisable(bool b)
{
ipsec_disable = b;
}
// Monitor the IPsec service of the OS, and stop it if it will conflict
void IPsecOsServiceCheckThread(THREAD *t, void *p)
{
UINT interval = IPSEC_CHECK_OS_SERVICE_INTERVAL_INITIAL;
IPSEC_SERVER *s = (IPSEC_SERVER *)p;
// Validate arguments
if (t == NULL || p == NULL)
{
return;
}
s->HostIPAddressListChanged = true;
s->OsServiceStoped = false;
while (s->Halt == false)
{
if (IPsecCheckOsService(s))
{
interval = IPSEC_CHECK_OS_SERVICE_INTERVAL_INITIAL;
}
if (Wait(s->OsServiceCheckThreadEvent, interval) == false)
{
interval = MIN(interval * 2, IPSEC_CHECK_OS_SERVICE_INTERVAL_MAX);
}
else
{
interval = IPSEC_CHECK_OS_SERVICE_INTERVAL_INITIAL;
}
}
IPsecCheckOsService(s);
}
// Monitoring process main
bool IPsecCheckOsService(IPSEC_SERVER *s)
{
bool b_ipsec;
IPSEC_SERVICES sl;
bool ret = false;
// Validate arguments
if (s == NULL)
{
return false;
}
IPsecServerGetServices(s, &sl);
b_ipsec = (sl.EtherIP_IPsec || sl.L2TP_IPsec);
if (b_ipsec != s->Check_LastEnabledStatus)
{
s->Check_LastEnabledStatus = b_ipsec;
if (b_ipsec)
{
// Use of IPsec has been started
#ifdef OS_WIN32
if (s->Win7 == NULL)
{
s->Win7 = IPsecWin7Init();
s->HostIPAddressListChanged = true;
}
s->OsServiceStoped = false;
#else // OS_WIN32
#endif // OS_WIN32
}
else
{
// Use of IPsec is stopped
#ifdef OS_WIN32
if (s->Win7 != NULL)
{
IPsecWin7Free(s->Win7);
s->Win7 = NULL;
}
if (s->OsServiceStoped)
{
MsStartIPsecService();
s->OsServiceStoped = false;
}
#else // OS_WIN32
UnixSetEnableKernelEspProcessing(true);
#endif // OS_WIN32
}
}
if (b_ipsec)
{
#ifdef OS_WIN32
if (MsStopIPsecService())
{
s->OsServiceStoped = true;
ret = true;
}
#else // OS_WIN32
UnixSetEnableKernelEspProcessing(false);
#endif // OS_WIN32
}
#ifdef OS_WIN32
if (s->Win7 != NULL)
{
IPsecWin7UpdateHostIPAddressList(s->Win7);
s->HostIPAddressListChanged = false;
}
#endif // OS_WIN32
return ret;
}
// Processing of UDP packets (one by one)
void IPsecProcPacket(IPSEC_SERVER *s, UDPPACKET *p)
{
L2TP_SERVER *l2tp;
IKE_SERVER *ike;
void *old_data_ptr;
UINT old_data_size;
bool proc_this_packet = true;
// Validate arguments
if (s == NULL || p == NULL)
{
return;
}
old_data_ptr = p->Data;
old_data_size = p->Size;
l2tp = s->L2TP;
ike = s->Ike;
// UDP decapsulation process
if (p->DestPort == IPSEC_PORT_IPSEC_ESP_UDP)
{
#ifdef OS_WIN32
if (p->Size >= 12 && IsZero(p->Data, 4))
{
if (((*((UINT *)(((UCHAR *)p->Data) + sizeof(UINT) * 1))) == WFP_ESP_PACKET_TAG_1) &&
((*((UINT *)(((UCHAR *)p->Data) + sizeof(UINT) * 2))) == WFP_ESP_PACKET_TAG_2))
{
// Truncate the head because the packet was modified by WFP
p->Data = ((UCHAR *)p->Data) + 12;
p->Size -= 12;
}
}
#endif // OS_WIN32
if (p->Size >= 4 && IsZero(p->Data, 4))
{
// Truncate the Non-ESP Marker
p->Data = ((UCHAR *)p->Data) + 4;
p->Size -= 4;
p->Type = IKE_UDP_TYPE_ISAKMP;
}
else
{
p->Type = IKE_UDP_TYPE_ESP;
}
}
else if (p->DestPort == IPSEC_PORT_IPSEC_ISAKMP)
{
if (p->Size >= 8 && IsZero(p->Data, 8))
{
// Truncate the Non-IKE Maker
p->Data = ((UCHAR *)p->Data) + 8;
p->Size -= 8;
p->Type = IKE_UDP_TYPE_ESP;
}
else
{
p->Type = IKE_UDP_TYPE_ISAKMP;
}
}
else if (p->DestPort == IPSEC_PORT_IPSEC_ESP_RAW)
{
// Raw ESP
p->Type = IKE_UDP_TYPE_ESP;
}
if (proc_this_packet)
{
switch (p->DestPort)
{
case IPSEC_PORT_L2TP:
// L2TP
ProcL2TPPacketRecv(l2tp, p);
break;
case IPSEC_PORT_IPSEC_ISAKMP:
case IPSEC_PORT_IPSEC_ESP_UDP:
case IPSEC_PORT_IPSEC_ESP_RAW:
// IPsec
ProcIKEPacketRecv(ike, p);
break;
}
}
p->Data = old_data_ptr;
p->Size = old_data_size;
}
// Packet reception procedure of UDP listener
void IPsecServerUdpPacketRecvProc(UDPLISTENER *u, LIST *packet_list)
{
UINT i;
IPSEC_SERVER *s;
L2TP_SERVER *l2tp;
IKE_SERVER *ike;
UINT64 now;
static UCHAR zero8[8] = {0, 0, 0, 0, 0, 0, 0, 0, };
// Validate arguments
if (u == NULL || packet_list == NULL)
{
return;
}
s = (IPSEC_SERVER *)u->Param;
if (s == NULL)
{
return;
}
if (u->HostIPAddressListChanged)
{
u->HostIPAddressListChanged = false;
s->HostIPAddressListChanged = true;
Set(s->OsServiceCheckThreadEvent);
}
now = Tick64();
// Adjustment about L2TP server timing
l2tp = s->L2TP;
if (l2tp->Interrupts == NULL)
{
l2tp->Interrupts = u->Interrupts;
}
if (l2tp->SockEvent == NULL)
{
SetL2TPServerSockEvent(l2tp, u->Event);
}
l2tp->Now = now;
// Adjustment about IKE server timing
ike = s->Ike;
if (ike->Interrupts == NULL)
{
ike->Interrupts = u->Interrupts;
}
if (ike->SockEvent == NULL)
{
SetIKEServerSockEvent(ike, u->Event);
}
ike->Now = now;
if (ipsec_disable == false)
{
// Process the received packet
for (i = 0;i < LIST_NUM(packet_list);i++)
{
UDPPACKET *p = LIST_DATA(packet_list, i);
IPsecProcPacket(s, p);
}
}
// Interrupt processing of L2TP server
L2TPProcessInterrupts(l2tp);
// L2TP packet transmission processing
UdpListenerSendPackets(u, l2tp->SendPacketList);
DeleteAll(l2tp->SendPacketList);
// Interrupt processing of IKE server
ProcessIKEInterrupts(ike);
// UDP encapsulation process of IKE server packet scheduled for transmission
for (i = 0;i < LIST_NUM(ike->SendPacketList);i++)
{
UDPPACKET *p = LIST_DATA(ike->SendPacketList, i);
if (p->Type == IKE_UDP_TYPE_ISAKMP && p->SrcPort == IPSEC_PORT_IPSEC_ESP_UDP)
{
// Add the Non-ESP Marker
void *old_data = p->Data;
p->Data = AddHead(p->Data, p->Size, zero8, 4);
p->Size += 4;
Free(old_data);
}
else if (p->Type == IKE_UDP_TYPE_ESP && p->SrcPort == IPSEC_PORT_IPSEC_ISAKMP)
{
// Add the Non-IKE Marker
void *old_data = p->Data;
p->Data = AddHead(p->Data, p->Size, zero8, 8);
p->Size += 8;
Free(old_data);
}
}
// IKE server packet transmission processing
UdpListenerSendPackets(u, ike->SendPacketList);
DeleteAll(ike->SendPacketList);
}
// Get the service list
void IPsecServerGetServices(IPSEC_SERVER *s, IPSEC_SERVICES *sl)
{
// Validate arguments
if (s == NULL || sl == NULL)
{
return;
}
Lock(s->LockSettings);
{
IPsecNormalizeServiceSetting(s);
Copy(sl, &s->Services, sizeof(IPSEC_SERVICES));
}
Unlock(s->LockSettings);
}
// Normalize the IPsec service setttings
void IPsecNormalizeServiceSetting(IPSEC_SERVER *s)
{
CEDAR *c;
// Validate arguments
if (s == NULL)
{
return;
}
c = s->Cedar;
Lock(s->LockSettings);
{
bool reset_hub_setting = false;
if (IsEmptyStr(s->Services.IPsec_Secret))
{
// If the secret is not set, set the default one
StrCpy(s->Services.IPsec_Secret, sizeof(s->Services.IPsec_Secret), IPSEC_DEFAULT_SECRET);
}
LockList(c->HubList);
{
if (IsEmptyStr(s->Services.L2TP_DefaultHub))
{
reset_hub_setting = true;
}
else
{
if (IsHub(c, s->Services.L2TP_DefaultHub) == false)
{
reset_hub_setting = true;
}
}
if (reset_hub_setting)
{
// Select the first Virtual HUB if there is no HUB
HUB *h = NULL;
if (LIST_NUM(c->HubList) >= 1)
{
h = LIST_DATA(c->HubList, 0);
}
if (h != NULL)
{
StrCpy(s->Services.L2TP_DefaultHub, sizeof(s->Services.L2TP_DefaultHub), h->Name);
}
else
{
StrCpy(s->Services.L2TP_DefaultHub, sizeof(s->Services.L2TP_DefaultHub), "");
}
}
}
UnlockList(c->HubList);
}
Unlock(s->LockSettings);
}
// Set the service list
void IPsecServerSetServices(IPSEC_SERVER *s, IPSEC_SERVICES *sl)
{
// Validate arguments
if (s == NULL || sl == NULL)
{
return;
}
if (IsZero(sl, sizeof(IPSEC_SERVICES)) == false)
{
if (s->NoMoreChangeSettings)
{
return;
}
}
Lock(s->LockSettings);
{
Copy(&s->Services, sl, sizeof(IPSEC_SERVICES));
if (sl->L2TP_Raw)
{
AddPortToUdpListener(s->UdpListener, IPSEC_PORT_L2TP);
}
else
{
DeletePortFromUdpListener(s->UdpListener, IPSEC_PORT_L2TP);
}
if (sl->L2TP_IPsec || sl->EtherIP_IPsec)
{
AddPortToUdpListener(s->UdpListener, IPSEC_PORT_IPSEC_ISAKMP);
AddPortToUdpListener(s->UdpListener, IPSEC_PORT_IPSEC_ESP_UDP);
AddPortToUdpListener(s->UdpListener, IPSEC_PORT_IPSEC_ESP_RAW);
AddPortToUdpListener(s->UdpListener, IPSEC_PORT_IPSEC_ESP_RAW_WPF);
}
else
{
DeletePortFromUdpListener(s->UdpListener, IPSEC_PORT_IPSEC_ISAKMP);
DeletePortFromUdpListener(s->UdpListener, IPSEC_PORT_IPSEC_ESP_UDP);
DeletePortFromUdpListener(s->UdpListener, IPSEC_PORT_IPSEC_ESP_RAW);
DeletePortFromUdpListener(s->UdpListener, IPSEC_PORT_IPSEC_ESP_RAW_WPF);
}
if (IsEmptyStr(sl->IPsec_Secret) == false)
{
StrCpy(s->Ike->Secret, sizeof(s->Ike->Secret), sl->IPsec_Secret);
}
IPsecNormalizeServiceSetting(s);
}
Unlock(s->LockSettings);
Set(s->OsServiceCheckThreadEvent);
}
// Add the EtherIP key
void AddEtherIPId(IPSEC_SERVER *s, ETHERIP_ID *id)
{
// Validate arguments
if (s == NULL || id == NULL)
{
return;
}
Lock(s->LockSettings);
{
// If there is the same key, remove them
ETHERIP_ID t, *k;
Zero(&t, sizeof(t));
StrCpy(t.Id, sizeof(t.Id), id->Id);
k = Search(s->EtherIPIdList, &t);
if (k != NULL)
{
Delete(s->EtherIPIdList, k);
Free(k);
}
// Add
k = Clone(id, sizeof(ETHERIP_ID));
Insert(s->EtherIPIdList, k);
s->EtherIPIdListSettingVerNo++;
}
Unlock(s->LockSettings);
}
// Delete the EtherIP key
bool DeleteEtherIPId(IPSEC_SERVER *s, char *id_str)
{
bool ret = false;
// Validate arguments
if (s == NULL || id_str == NULL)
{
return false;
}
Lock(s->LockSettings);
{
// If there is the same key, remove them
ETHERIP_ID t, *k;
Zero(&t, sizeof(t));
StrCpy(t.Id, sizeof(t.Id), id_str);
k = Search(s->EtherIPIdList, &t);
if (k != NULL)
{
Delete(s->EtherIPIdList, k);
Free(k);
ret = true;
s->EtherIPIdListSettingVerNo++;
}
}
Unlock(s->LockSettings);
return ret;
}
// Search the EtherIP key
bool SearchEtherIPId(IPSEC_SERVER *s, ETHERIP_ID *id, char *id_str)
{
bool ret = false;
// Validate arguments
if (s == NULL || id == NULL || id_str == NULL)
{
return false;
}
Lock(s->LockSettings);
{
ETHERIP_ID t, *k;
Zero(&t, sizeof(t));
StrCpy(t.Id, sizeof(t.Id), id_str);
k = Search(s->EtherIPIdList, &t);
if (k != NULL)
{
Copy(id, k, sizeof(ETHERIP_ID));
ret = true;
}
}
Unlock(s->LockSettings);
return ret;
}
// Comparison of key EtherIP list entries
int CmpEtherIPId(void *p1, void *p2)
{
ETHERIP_ID *k1, *k2;
// Validate arguments
if (p1 == NULL || p2 == NULL)
{
return 0;
}
k1 = *(ETHERIP_ID **)p1;
k2 = *(ETHERIP_ID **)p2;
if (k1 == NULL || k2 == NULL)
{
return 0;
}
return StrCmpi(k1->Id, k2->Id);
}
// Release and stop the IPsec server
void FreeIPsecServer(IPSEC_SERVER *s)
{
UINT i;
IPSEC_SERVICES sl;
// Validate arguments
if (s == NULL)
{
return;
}
s->NoMoreChangeSettings = true;
// Stopp the L2TP server
StopL2TPServer(s->L2TP, false);
// Stop the IKE server
StopIKEServer(s->Ike);
// Stop all the services explicitly
Zero(&sl, sizeof(sl));
IPsecServerSetServices(s, &sl);
// Releasing process
FreeUdpListener(s->UdpListener);
ReleaseCedar(s->Cedar);
FreeL2TPServer(s->L2TP);
FreeIKEServer(s->Ike);
for (i = 0;i < LIST_NUM(s->EtherIPIdList);i++)
{
ETHERIP_ID *k = LIST_DATA(s->EtherIPIdList, i);
Free(k);
}
ReleaseList(s->EtherIPIdList);
// Stop the OS monitoring thread
s->Halt = true;
Set(s->OsServiceCheckThreadEvent);
WaitThread(s->OsServiceCheckThread, INFINITE);
ReleaseThread(s->OsServiceCheckThread);
ReleaseEvent(s->OsServiceCheckThreadEvent);
DeleteLock(s->LockSettings);
Free(s);
}
// Initialize the IPsec server
IPSEC_SERVER *NewIPsecServer(CEDAR *cedar)
{
IPSEC_SERVER *s;
// Validate arguments
if (cedar == NULL)
{
return NULL;
}
s = ZeroMalloc(sizeof(IPSEC_SERVER));
s->LockSettings = NewLock();
s->Cedar = cedar;
AddRef(s->Cedar->ref);
s->L2TP = NewL2TPServer(cedar);
s->Ike = NewIKEServer(cedar, s);
StrCpy(s->Ike->Secret, sizeof(s->Ike->Secret), IPSEC_DEFAULT_SECRET);
s->UdpListener = NewUdpListener(IPsecServerUdpPacketRecvProc, s);
s->EtherIPIdList = NewList(CmpEtherIPId);
// Start an OS service monitoring thread
s->OsServiceCheckThreadEvent = NewEvent();
s->OsServiceCheckThread = NewThread(IPsecOsServiceCheckThread, s);
return s;
}
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/IPsec.h
+179
View File
@@ -0,0 +1,179 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// IPsec.h
// Header of IPsec.c
#ifndef IPSEC_H
#define IPSEC_H
//// Constants
// UDP port number
#define IPSEC_PORT_L2TP 1701 // L2TP
#define IPSEC_PORT_IPSEC_ISAKMP 500 // ISAKMP
#define IPSEC_PORT_IPSEC_ESP_UDP 4500 // IPsec ESP over UDP
#define IPSEC_PORT_IPSEC_ESP_RAW MAKE_SPECIAL_PORT(50) // Raw mode ESP Protocol No: 50
#define IPSEC_PORT_IPSEC_ESP_RAW_WPF MAKE_SPECIAL_PORT(52) // Raw mode ESP Protocol No: 52 (WPF)
#define IPSEC_PORT_L2TPV3_VIRTUAL 1000001 // L2TPv3 virtual port
// IP protocol number
#define IPSEC_IP_PROTO_ETHERIP IP_PROTO_ETHERIP // EtherIP
#define IPSEC_IP_PROTO_L2TPV3 IP_PROTO_L2TPV3 // L2TPv3
// WFP tag
#define WFP_ESP_PACKET_TAG_1 0x19841117
#define WFP_ESP_PACKET_TAG_2 0x1accafe1
// Monitoring interval of OS service
#define IPSEC_CHECK_OS_SERVICE_INTERVAL_INITIAL 1024
#define IPSEC_CHECK_OS_SERVICE_INTERVAL_MAX (5 * 60 * 1000)
// Default IPsec pre-shared key
#define IPSEC_DEFAULT_SECRET "vpn"
//// Type
// List of services provided by IPsec server
struct IPSEC_SERVICES
{
bool L2TP_Raw; // Raw L2TP
bool L2TP_IPsec; // L2TP over IPsec
bool EtherIP_IPsec; // EtherIP over IPsec
char IPsec_Secret[MAX_SIZE]; // IPsec pre-shared key
char L2TP_DefaultHub[MAX_SIZE]; // Default Virtual HUB name for L2TP connection
};
// EtherIP key list entry
struct ETHERIP_ID
{
char Id[MAX_SIZE]; // ID
char HubName[MAX_HUBNAME_LEN + 1]; // Virtual HUB name
char UserName[MAX_USERNAME_LEN + 1]; // User name
char Password[MAX_USERNAME_LEN + 1]; // Password
};
// IPsec server
struct IPSEC_SERVER
{
CEDAR *Cedar;
UDPLISTENER *UdpListener;
bool Halt;
bool NoMoreChangeSettings;
LOCK *LockSettings;
IPSEC_SERVICES Services;
L2TP_SERVER *L2TP; // L2TP server
IKE_SERVER *Ike; // IKE server
LIST *EtherIPIdList; // EtherIP setting list
UINT EtherIPIdListSettingVerNo; // EtherIP setting list version number
THREAD *OsServiceCheckThread; // OS Service monitoring thread
EVENT *OsServiceCheckThreadEvent; // Event for OS Service monitoring thread
IPSEC_WIN7 *Win7; // Helper module for Windows Vista / 7
bool Check_LastEnabledStatus;
bool HostIPAddressListChanged;
bool OsServiceStoped;
};
//// Function prototype
IPSEC_SERVER *NewIPsecServer(CEDAR *cedar);
void FreeIPsecServer(IPSEC_SERVER *s);
void IPsecServerUdpPacketRecvProc(UDPLISTENER *u, LIST *packet_list);
void IPsecServerSetServices(IPSEC_SERVER *s, IPSEC_SERVICES *sl);
void IPsecNormalizeServiceSetting(IPSEC_SERVER *s);
void IPsecServerGetServices(IPSEC_SERVER *s, IPSEC_SERVICES *sl);
void IPsecProcPacket(IPSEC_SERVER *s, UDPPACKET *p);
int CmpEtherIPId(void *p1, void *p2);
bool SearchEtherIPId(IPSEC_SERVER *s, ETHERIP_ID *id, char *id_str);
void AddEtherIPId(IPSEC_SERVER *s, ETHERIP_ID *id);
bool DeleteEtherIPId(IPSEC_SERVER *s, char *id_str);
void IPsecOsServiceCheckThread(THREAD *t, void *p);
bool IPsecCheckOsService(IPSEC_SERVER *s);
void IPSecSetDisable(bool b);
#endif // IPSEC_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/IPsec_EtherIP.c
+539
View File
@@ -0,0 +1,539 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// IPsec_EtherIP.c
// EtherIP protocol stack
#include "CedarPch.h"
// IPC connection processing thread
void EtherIPIpcConnectThread(THREAD *t, void *p)
{
ETHERIP_SERVER *s;
IPC *ipc = NULL;
UINT error_code = 0;
char tmp[MAX_SIZE];
ETHERIP_ID id;
// Validate arguments
if (t == NULL || p == NULL)
{
return;
}
s = (ETHERIP_SERVER *)p;
GetHostName(tmp, sizeof(tmp), &s->ClientIP);
// Get the setting of the virtual HUB to be connected based on the client ID presented
if (SearchEtherIPId(s->Ike->IPsec, &id, s->ClientId) == false &&
SearchEtherIPId(s->Ike->IPsec, &id, "*") == false)
{
// Failed to get the settings for the virtual HUB
Debug("Not Found: EtherIP Settings for Client ID \"%s\".\n", s->ClientId);
EtherIPLog(s, "LE_NO_SETTING", s->ClientId);
}
else
{
UINT mss = CalcEtherIPTcpMss(s);
char client_name[MAX_SIZE];
if (s->L2TPv3 == false)
{
StrCpy(client_name, sizeof(client_name), ETHERIP_CLIENT_NAME);
}
else
{
if (IsEmptyStr(s->VendorName))
{
StrCpy(client_name, sizeof(client_name), ETHERIP_L2TPV3_CLIENT_NAME);
}
else
{
Format(client_name, sizeof(client_name), ETHERIP_L2TPV3_CLIENT_NAME_EX, s->VendorName);
}
}
// Execution of IPC connection process
EtherIPLog(s, "LE_START_IPC", id.HubName, id.UserName, mss);
ipc = NewIPC(s->Cedar, client_name,
(s->L2TPv3 ? ETHERIP_L2TPV3_POSTFIX : ETHERIP_POSTFIX),
id.HubName, id.UserName, id.Password,
&error_code,
&s->ClientIP, s->ClientPort,
&s->ServerIP, s->ServerPort,
tmp,
s->CryptName, true, mss);
if (ipc != NULL)
{
Copy(&s->CurrentEtherIPIdSetting, &id, sizeof(ETHERIP_ID));
EtherIPLog(s, "LE_IPC_CONNECT_OK", id.HubName);
}
else
{
EtherIPLog(s, "LE_IPC_CONNECT_ERROR", id.HubName, error_code, _E(error_code));
}
}
Lock(s->Lock);
{
// Set the results
ReleaseThread(s->IpcConnectThread);
s->IpcConnectThread = NULL;
s->Ipc = ipc;
s->LastConnectFailedTick = Tick64();
}
Unlock(s->Lock);
// Hit the event to cause interrupt
SetSockEvent(s->SockEvent);
// Release the EtherIP object that is hold by this thread
ReleaseEtherIPServer(s);
}
// Processing of the interrupt
void EtherIPProcInterrupts(ETHERIP_SERVER *s)
{
// Validate arguments
if (s == NULL)
{
return;
}
// If EtherIP settings have been changed, and the change may effect to this connection, disconnect
if (s->Ipc != NULL)
{
if (s->Ike->IPsec->EtherIPIdListSettingVerNo != s->LastEtherIPSettingVerNo)
{
ETHERIP_ID id;
bool ok = true;
s->LastEtherIPSettingVerNo = s->Ike->IPsec->EtherIPIdListSettingVerNo;
if (SearchEtherIPId(s->IPsec, &id, s->ClientId) == false &&
SearchEtherIPId(s->IPsec, &id, "*") == false)
{
ok = false;
}
else
{
if (StrCmpi(s->CurrentEtherIPIdSetting.HubName, id.HubName) != 0 ||
StrCmpi(s->CurrentEtherIPIdSetting.UserName, id.UserName) != 0 ||
StrCmp(s->CurrentEtherIPIdSetting.Password, id.Password) != 0)
{
ok = false;
}
}
if (ok == false)
{
// Disconnect immediately since setting of EtherIP seems to have been changed
FreeIPC(s->Ipc);
s->Ipc = NULL;
EtherIPLog(s, "LE_RECONNECT");
}
}
}
// Connect if IPC connection is not completed
Lock(s->Lock);
{
if (s->Ipc == NULL)
{
if (s->IpcConnectThread == NULL)
{
if ((s->LastConnectFailedTick == 0) || ((s->LastConnectFailedTick + (UINT64)ETHERIP_VPN_CONNECT_RETRY_INTERVAL) <= s->Now))
{
Lock(s->IPsec->LockSettings);
{
Copy(&s->CurrentIPSecServiceSetting, &s->IPsec->Services, sizeof(IPSEC_SERVICES));
}
Unlock(s->IPsec->LockSettings);
s->IpcConnectThread = NewThread(EtherIPIpcConnectThread, s);
AddThreadToThreadList(s->Ike->ThreadList, s->IpcConnectThread);
AddRef(s->Ref);
}
}
}
}
Unlock(s->Lock);
if (s->Ipc != NULL)
{
// Set to get hit the SockEvent when a packet arrives via the IPC
IPCSetSockEventWhenRecvL2Packet(s->Ipc, s->SockEvent);
// IPC interrupt processing
IPCProcessInterrupts(s->Ipc);
// Receive the MAC frame which arrived via the IPC
while (true)
{
BLOCK *b = IPCRecvL2(s->Ipc);
UCHAR *dst;
UINT dst_size;
if (b == NULL)
{
break;
}
if (b->Size >= 14)
{
BLOCK *block;
// Store the arrived MAC frame by adding an EtherIP header to the reception packet queue
if (s->L2TPv3 == false)
{
dst_size = b->Size + 2;
dst = Malloc(dst_size);
dst[0] = 0x30;
dst[1] = 0x00;
Copy(dst + 2, b->Buf, b->Size);
}
else
{
dst = Clone(b->Buf, b->Size);
dst_size = b->Size;
}
block = NewBlock(dst, dst_size, 0);
Add(s->SendPacketList, block);
}
FreeBlock(b);
}
if (IsIPCConnected(s->Ipc) == false)
{
// IPC connection is disconnected
FreeIPC(s->Ipc);
s->Ipc = NULL;
}
}
}
// Process the received packet
void EtherIPProcRecvPackets(ETHERIP_SERVER *s, BLOCK *b)
{
UCHAR *src;
UINT src_size;
// Validate arguments
if (s == NULL || b == NULL)
{
return;
}
if (s->Ipc == NULL)
{
// Not connected to the Virtual HUB
return;
}
src = b->Buf;
src_size = b->Size;
if (s->L2TPv3 == false)
{
// EtherIP header confirmation
if (src_size < 2)
{
return;
}
if ((src[0] & 0xf0) != 0x30)
{
return;
}
src += 2;
src_size -= 2;
}
if (src_size < 14)
{
// The size of the MAC frame is less than 14 bytes
return;
}
// Send by IPC since a MAC frame has been received
IPCSendL2(s->Ipc, src, src_size);
}
// Create a new EtherIP server
ETHERIP_SERVER *NewEtherIPServer(CEDAR *cedar, IPSEC_SERVER *ipsec, IKE_SERVER *ike,
IP *client_ip, UINT client_port, IP *server_ip, UINT server_port, char *crypt_name,
bool is_tunnel_mode, UINT crypt_block_size,
char *client_id, UINT id)
{
ETHERIP_SERVER *s;
// Validate arguments
if (cedar == NULL || ipsec == NULL || ike == NULL || client_ip == NULL || server_ip == NULL || client_id == NULL)
{
return NULL;
}
s = ZeroMalloc(sizeof(ETHERIP_SERVER));
s->Ref = NewRef();
s->Id = id;
s->Cedar = cedar;
AddRef(s->Cedar->ref);
s->IPsec = ipsec;
s->Ike = ike;
s->IsTunnelMode = is_tunnel_mode;
StrCpy(s->ClientId, sizeof(s->ClientId), client_id);
s->SendPacketList = NewList(NULL);
s->Now = Tick64();
s->Lock = NewLock();
Copy(&s->ClientIP, client_ip, sizeof(IP));
s->ClientPort = client_port;
Copy(&s->ServerIP, server_ip, sizeof(IP));
s->ServerPort = server_port;
StrCpy(s->CryptName, sizeof(s->CryptName), crypt_name);
s->CryptBlockSize = crypt_block_size;
EtherIPLog(s, "LE_START_MODULE");
return s;
}
// Release the EtherIP server
void ReleaseEtherIPServer(ETHERIP_SERVER *s)
{
// Validate arguments
if (s == NULL)
{
return;
}
if (Release(s->Ref) == 0)
{
CleanupEtherIPServer(s);
}
}
void CleanupEtherIPServer(ETHERIP_SERVER *s)
{
UINT i;
// Validate arguments
if (s == NULL)
{
return;
}
EtherIPLog(s, "LE_STOP");
if (s->IpcConnectThread != NULL)
{
ReleaseThread(s->IpcConnectThread);
}
if (s->Ipc != NULL)
{
FreeIPC(s->Ipc);
}
for (i = 0;i < LIST_NUM(s->SendPacketList);i++)
{
BLOCK *b = LIST_DATA(s->SendPacketList, i);
FreeBlock(b);
}
ReleaseList(s->SendPacketList);
ReleaseSockEvent(s->SockEvent);
ReleaseCedar(s->Cedar);
DeleteLock(s->Lock);
Free(s);
}
// Set SockEvent to EtherIP server
void SetEtherIPServerSockEvent(ETHERIP_SERVER *s, SOCK_EVENT *e)
{
// Validate arguments
if (s == NULL)
{
return;
}
if (e != NULL)
{
AddRef(e->ref);
}
if (s->SockEvent != NULL)
{
ReleaseSockEvent(s->SockEvent);
s->SockEvent = NULL;
}
s->SockEvent = e;
}
// Calculate the proper TCP MSS in EtherIP communication
UINT CalcEtherIPTcpMss(ETHERIP_SERVER *s)
{
UINT ret = MTU_FOR_PPPOE;
// Validate arguments
if (s == NULL)
{
return 0;
}
// IPv4 / IPv6
if (IsIP4(&s->ClientIP))
{
ret -= 20;
}
else
{
ret -= 40;
}
// IPsec UDP
ret -= 8;
// IPsec ESP
ret -= 20;
ret -= s->CryptBlockSize * 2;
// IPsec Tunnel Mode IPv4 / IPv6 Header
if (s->IsTunnelMode)
{
if (IsIP4(&s->ClientIP))
{
ret -= 20;
}
else
{
ret -= 40;
}
}
if (s->L2TPv3 == false)
{
// EtherIP
ret -= 2;
}
else
{
// L2TPv3
ret -= 2;
}
// Ethernet
ret -= 14;
// IPv4
ret -= 20;
// TCP
ret -= 20;
return ret;
}
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/IPsec_EtherIP.h
+150
View File
@@ -0,0 +1,150 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// IPsec_EtherIP.h
// Header of IPsec_EtherIP.c
#ifndef IPSEC_ETHERIP_H
#define IPSEC_ETHERIP_H
//// Macro
//// Constants
#define ETHERIP_VPN_CONNECT_RETRY_INTERVAL (15 * 1000) // VPN connection retry interval
#define ETHERIP_CLIENT_NAME "EtherIP Client"
#define ETHERIP_POSTFIX "ETHERIP"
#define ETHERIP_L2TPV3_CLIENT_NAME "L2TPv3 Client"
#define ETHERIP_L2TPV3_CLIENT_NAME_EX "L2TPv3 Client - %s"
#define ETHERIP_L2TPV3_POSTFIX "L2TPV3"
//// Type
// EtherIP server
struct ETHERIP_SERVER
{
REF *Ref;
CEDAR *Cedar;
IPSEC_SERVER *IPsec;
LOCK *Lock;
UINT Id;
IKE_SERVER *Ike;
UINT64 Now; // Current time
INTERRUPT_MANAGER *Interrupts; // Interrupt manager
SOCK_EVENT *SockEvent; // SockEvent
char CryptName[MAX_SIZE]; // Cipher algorithm name
LIST *SendPacketList; // Transmission packet list
UINT64 LastConnectFailedTick; // Time that it fails to connect at the last
IPC *Ipc; // IPC
THREAD *IpcConnectThread; // IPC connection thread
IPSEC_SERVICES CurrentIPSecServiceSetting; // Copy of the current IPsec service settings
IP ClientIP, ServerIP;
UINT ClientPort, ServerPort;
bool IsTunnelMode; // Whether the IPsec is in the tunnel mode
UINT CryptBlockSize; // Encryption block size of IPsec
char ClientId[MAX_SIZE]; // Client ID has been presented by the IPsec connection
UINT LastEtherIPSettingVerNo; // Version number of EtherIP settings last checked
ETHERIP_ID CurrentEtherIPIdSetting; // Current EtherIP ID settings
bool L2TPv3; // L2TPv3 mode
char VendorName[MAX_SIZE]; // Vendor name
};
//// Function prototype
ETHERIP_SERVER *NewEtherIPServer(CEDAR *cedar, IPSEC_SERVER *ipsec, IKE_SERVER *ike,
IP *client_ip, UINT client_port, IP *server_ip, UINT server_port, char *crypt_name,
bool is_tunnel_mode, UINT crypt_block_size,
char *client_id, UINT id);
void ReleaseEtherIPServer(ETHERIP_SERVER *s);
void CleanupEtherIPServer(ETHERIP_SERVER *s);
void SetEtherIPServerSockEvent(ETHERIP_SERVER *s, SOCK_EVENT *e);
void EtherIPProcInterrupts(ETHERIP_SERVER *s);
void EtherIPProcRecvPackets(ETHERIP_SERVER *s, BLOCK *b);
void EtherIPIpcConnectThread(THREAD *t, void *p);
UINT CalcEtherIPTcpMss(ETHERIP_SERVER *s);
#endif // IPSEC_ETHERIP_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/IPsec_IKE.c
+5947
View File
File diff suppressed because it is too large Load Diff
src/Cedar/IPsec_IKE.h
+450
View File
@@ -0,0 +1,450 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// IPsec_IKE.h
// Header of IPsec_IKE.c
#ifndef IPSEC_IKE_H
#define IPSEC_IKE_H
//// Macro
//// Constants
// State
#define IKE_SA_MAIN_MODE 0 // Main mode
#define IKE_SA_AGRESSIVE_MODE 1 // Aggressive mode
#define IKE_SA_MM_STATE_1_SA 0 // Main mode state 1 (SA exchange is complete. Wait for key exchange)
#define IKE_SA_MM_STATE_2_KEY 1 // Main mode state 2 (Key exchange is complete. Wait for exchange ID)
#define IKE_SA_MM_STATE_3_ESTABLISHED 2 // Main mode state 3 (ID exchange is complete. Established)
#define IKE_SA_AM_STATE_1_SA 0 // Aggressive mode state 1 (SA exchange is completed. Wait for hash)
#define IKE_SA_AM_STATE_2_ESTABLISHED 1 // Aggressive mode state 2 (Hash exchange is completed. Established)
#define IKE_SA_RESEND_INTERVAL (2 * 1000) // IKE SA packet retransmission interval
#define IKE_SA_RAND_SIZE 16 // Size of the random number
// ESP
#define IKE_ESP_HASH_SIZE 12 // The hash size for the ESP packet
// Type of UDP packet
#define IKE_UDP_TYPE_ISAKMP 0 // ISAKMP packet (destination 500)
#define IKE_UDP_TYPE_ESP 1 // ESP packet (destination 4500)
#define IKE_UDP_KEEPALIVE 2 // KeepAlive packet
#define IKE_UDP_SPECIAL 3 // Special packet
// String for Vendor ID
#define IKE_VENDOR_ID_RFC3947_NAT_T "0x4a131c81070358455c5728f20e95452f"
#define IKE_VENDOR_ID_IPSEC_NAT_T_IKE_03 "0x7d9419a65310ca6f2c179d9215529d56"
#define IKE_VENDOR_ID_IPSEC_NAT_T_IKE_02 "0x90cb80913ebb696e086381b5ec427b1f"
#define IKE_VENDOR_ID_IPSEC_NAT_T_IKE_02_2 "0xcd60464335df21f87cfdb2fc68b6a448"
#define IKE_VENDOR_ID_IPSEC_NAT_T_IKE_00 "0x4485152d18b6bbcd0be8a8469579ddcc"
#define IKE_VENDOR_ID_RFC3706_DPD "0xafcad71368a1f1c96b8696fc77570100"
#define IKE_VENDOR_ID_MICROSOFT_L2TP "0x4048b7d56ebce88525e7de7f00d6c2d3"
#define IKE_VENDOR_ID_MS_NT5_ISAKMPOAKLEY "0x1e2b516905991c7d7c96fcbfb587e461"
#define IKE_VENDOR_ID_MS_VID_INITIALCONTACT "0x26244d38eddb61b3172a36e3d0cfb819"
// Quota
#define IKE_QUOTA_MAX_NUM_CLIENTS_PER_IP 1000 // The number of IKE_CLIENT per IP address
#define IKE_QUOTA_MAX_NUM_CLIENTS 30000 // Limit number of IKE_CLIENT
#define IKE_QUOTA_MAX_SA_PER_CLIENT 100 // The limit number of SA for each IKE_CLIENT
// Time-out
#define IKE_TIMEOUT_FOR_IKE_CLIENT 150000 // IKE_CLIENT non-communication disconnect time
#define IKE_TIMEOUT_FOR_IKE_CLIENT_FOR_NOT_ESTABLISHED 10000 // IKE_CLIENT non-communication disconnect time (connection incomplete)
#define IKE_INTERVAL_UDP_KEEPALIVE 5000 // UDP KeepAlive transmission interval
#define IKE_QUICKMODE_START_INTERVAL 2000 // QuickMode start interval
#define IKE_QUICKMODE_FAILED_TIMEOUT 10000 // Maximum time to tolerant that to fail to establish a QuickMode
#define IKE_INTERVAL_DPD_KEEPALIVE 10000 // DPD KeepAlive transmission interval
// Expiration margin
#define IKE_SOFT_EXPIRES_MARGIN 1000 // Expiration margin
//// Type
// IKE SA transform data
struct IKE_SA_TRANSFORM_SETTING
{
IKE_CRYPTO *Crypto;
UINT CryptoKeySize;
IKE_HASH *Hash;
IKE_DH *Dh;
UINT CryptoId;
UINT HashId;
UINT DhId;
UINT LifeKilobytes;
UINT LifeSeconds;
};
// IPsec SA transforms data
struct IPSEC_SA_TRANSFORM_SETTING
{
IKE_CRYPTO *Crypto;
UINT CryptoKeySize;
IKE_HASH *Hash;
IKE_DH *Dh;
UINT CryptoId;
UINT HashId;
UINT DhId;
UINT LifeKilobytes;
UINT LifeSeconds;
UINT SpiServerToClient;
UINT CapsuleMode;
bool OnlyCapsuleModeIsInvalid;
};
// Function support information
struct IKE_CAPS
{
// Support Information
bool NatTraversalRfc3947; // RFC 3947 Negotiation of NAT-Traversal in the IKE
bool NatTraversalDraftIetf; // draft-ietf-ipsec-nat-t-ike
bool DpdRfc3706; // RFC 3706 A Traffic-Based Method of Detecting Dead Internet Key Exchange (IKE) Peers
bool MS_L2TPIPSecVPNClient; // Vendor ID: Microsoft L2TP/IPSec VPN Client
bool MS_NT5_ISAKMP_OAKLEY; // Vendor ID: MS NT5 ISAKMPOAKLEY
bool MS_Vid_InitialContact; // Vendor ID: Microsoft Vid-Initial-Contact
// Use information
bool UsingNatTraversalRfc3947;
bool UsingNatTraversalDraftIetf;
};
// IKE / IPsec client
struct IKE_CLIENT
{
UINT Id;
IP ClientIP;
UINT ClientPort;
IP ServerIP;
UINT ServerPort;
IKE_SA *CurrentIkeSa; // IKE SA to be used currently
IPSECSA *CurrentIpSecSaRecv; // IPsec SA to be used currently (receive direction)
IPSECSA *CurrentIpSecSaSend; // IPsec SA to be currently in use (transmit direction)
UINT64 FirstCommTick; // Time the first data communication
UINT64 LastCommTick; // Time that made the last communication (received data) time
bool Deleting; // Deleting
UINT64 NextKeepAliveSendTick; // Time to send the next KeepAlive
UINT64 NextDpdSendTick; // Time to send the next DPD
UINT DpdSeqNo; // DPD sequence number
char ClientId[128]; // ID presented by the client
char Secret[MAX_SIZE]; // Secret value of the authentication is successful
bool IsMicrosoft; // Whether the client is Microsoft's
IPSEC_SA_TRANSFORM_SETTING CachedTransformSetting; // Cached transform attribute value
UINT64 CurrentExpiresSoftTick_StoC; // The maximum value of the flexible expiration date of the current (server -> client)
UINT64 CurrentExpiresSoftTick_CtoS; // The maximum value of the flexible expiration date of the current (client -> server)
UINT CurrentNumEstablishedIPsecSA_StoC; // The number of IPsec SA currently active (server -> client)
UINT CurrentNumEstablishedIPsecSA_CtoS; // The number of IPsec SA currently active (client -> server)
UINT CurrentNumHealtyIPsecSA_CtoS; // The number of currently available IPsec SA which expiration well within (client -> server)
UINT CurrentNumHealtyIPsecSA_StoC; // The number of currently available IPsec SA which expiration well within (server -> client)
bool SendID1andID2; // Whether to send the ID in QM
UCHAR SendID1_Type, SendID2_Type;
UCHAR SendID1_Protocol, SendID2_Protocol;
USHORT SendID1_Port, SendID2_Port;
BUF *SendID1_Buf, *SendID2_Buf;
bool SendNatOaDraft1, SendNatOaDraft2, SendNatOaRfc; // Whether to send the NAT-OA in QM
bool StartQuickModeAsSoon; // Flag to indicate to the start of the Quick Mode as soon as possible
UINT64 LastQuickModeStartTick; // Time which the last QuickMode started
UINT64 NeedQmBeginTick; // Time which a start-up of QuickMode is required
// L2TP related
L2TP_SERVER *L2TP; // L2TP server
UINT L2TPClientPort; // Client-side port number of L2TP
IP L2TPServerIP, L2TPClientIP; // IP address used by the L2TP processing
bool IsL2TPOnIPsecTunnelMode; // Whether the L2TP is working on IPsec tunnel mode
// EtherIP related
ETHERIP_SERVER *EtherIP; // EtherIP server
bool IsEtherIPOnIPsecTunnelMode; // Whether the EtherIP is working on IPsec tunnel mode
// Transport mode related
IP TransportModeServerIP;
IP TransportModeClientIP;
bool ShouldCalcChecksumForUDP; // Flag to calculate the checksum for the UDP packet
// Tunnel mode related
IP TunnelModeServerIP; // Server-side internal IP address
IP TunnelModeClientIP; // Client-side internal IP address
USHORT TunnelSendIpId; // ID of the transmission IP header
};
// IKE SA
struct IKE_SA
{
UINT Id;
IKE_CLIENT *IkeClient; // Pointer to the IKE client
UINT64 InitiatorCookie, ResponderCookie; // Cookie
UINT Mode; // Mode
UINT State; // State
BUF *SendBuffer; // Buffer during transmission
UINT64 NextSendTick; // Next transmission time
UINT64 FirstCommTick; // Time that the first data communication
UINT64 EstablishedTick; // Time that the SA has been established
UINT64 LastCommTick; // Time that made the last communication (received data) time
IKE_SA_TRANSFORM_SETTING TransformSetting; // Transform Configuration
IKE_CAPS Caps; // IKE Caps
BUF *InitiatorRand, *ResponderRand; // Random number
BUF *DhSharedKey; // DH common key
BUF *GXi, *GXr; // DH exchange data
BUF *SAi_b; // Data needed for authentication
BUF *YourIDPayloadForAM; // Copy the ID payload of the client-side
UCHAR SKEYID[IKE_MAX_HASH_SIZE]; // Key set
UCHAR SKEYID_d[IKE_MAX_HASH_SIZE];
UCHAR SKEYID_a[IKE_MAX_HASH_SIZE];
UCHAR SKEYID_e[IKE_MAX_HASH_SIZE];
UCHAR InitiatorHashForAM[IKE_MAX_HASH_SIZE];
IKE_CRYPTO_KEY *CryptoKey; // Common encryption key
UINT HashSize; // Hash size
UINT KeySize; // Key size
UINT BlockSize; // Block size
UCHAR Iv[IKE_MAX_BLOCK_SIZE]; // IV
bool IsIvExisting; // Whether an IV exists
bool Established; // Established flag
bool Deleting; // Deleting
UINT NumResends; // The number of retransmissions
char Secret[MAX_SIZE]; // Secret value of the authentication is successful
};
// IPsec SA
struct IPSECSA
{
UINT Id;
IKE_CLIENT *IkeClient; // Pointer to the IKE client
IKE_SA *IkeSa; // Pointer to IKE_SA to use for transmission
UCHAR Iv[IKE_MAX_BLOCK_SIZE]; // IV used in the Quick Mode exchange
bool IsIvExisting; // Whether the IV exists
UINT MessageId; // Message ID used in Quick Mode exchange
UINT Spi; // SPI
UINT CurrentSeqNo; // Send sequence number
BUF *SendBuffer; // Buffer during transmission
UINT NumResends; // The number of retransmissions
UINT64 NextSendTick; // Next transmission date and time
UINT64 FirstCommTick; // Time the last data sent
UINT64 EstablishedTick; // Time that the SA has been established
UINT64 LastCommTick; // Time that made the last communication (received data) time
UINT64 ExpiresHardTick; // Exact expiration time
UINT64 ExpiresSoftTick; // Flexible expiration time
UINT64 TotalSize; // Size sent to and received
IPSEC_SA_TRANSFORM_SETTING TransformSetting; // Transform Configuration
bool ServerToClient; // Whether is upload direction
IPSECSA *PairIPsecSa; // IPsec SA that are paired
bool Established; // Established flag
BUF *InitiatorRand, *ResponderRand; // Random number
BUF *SharedKey; // PFS shared key
UCHAR Hash3[IKE_MAX_HASH_SIZE]; // Hash 3
UCHAR KeyMat[IKE_MAX_KEY_SIZE + IKE_MAX_HASH_SIZE]; // Encryption key
UCHAR HashKey[IKE_MAX_HASH_SIZE]; // Hash key
IKE_CRYPTO_KEY *CryptoKey; // Key data
bool Deleting; // Deleting
UCHAR EspIv[IKE_MAX_BLOCK_SIZE]; // IV for ESP communication
bool Initiated; // The server-side is initiator
DH_CTX *Dh; // DH (only if the server-side is initiator)
bool StartQM_FlagSet; // Whether the flag to indicate to do the QM is set to the IKE_CLIENT
UCHAR SKEYID_d[IKE_MAX_HASH_SIZE];
UCHAR SKEYID_a[IKE_MAX_HASH_SIZE];
IKE_HASH *SKEYID_Hash;
};
// IKE server
struct IKE_SERVER
{
CEDAR *Cedar;
IPSEC_SERVER *IPsec;
UINT64 Now; // Current time
LIST *SendPacketList; // Transmission packet
INTERRUPT_MANAGER *Interrupts; // Interrupt manager
SOCK_EVENT *SockEvent; // SockEvent
IKE_ENGINE *Engine; // Encryption engine
LIST *ClientList; // Client list
LIST *IkeSaList; // SA list
LIST *IPsecSaList; // IPsec SA list
LIST *ThreadList; // L2TP thread list
bool StateHasChanged; // Flag whether the state has changed
UINT CurrentIkeSaId, CurrentIPsecSaId, CurrentIkeClientId, CurrentEtherId; // Serial number ID
// Setting data
char Secret[MAX_SIZE]; // Pre-shared key
};
//// Function prototype
IKE_SERVER *NewIKEServer(CEDAR *cedar, IPSEC_SERVER *ipsec);
void FreeIKEServer(IKE_SERVER *ike);
void SetIKEServerSockEvent(IKE_SERVER *ike, SOCK_EVENT *e);
void ProcIKEPacketRecv(IKE_SERVER *ike, UDPPACKET *p);
void StopIKEServer(IKE_SERVER *ike);
void ProcessIKEInterrupts(IKE_SERVER *ike);
IKE_PACKET *ParseIKEPacketHeader(UDPPACKET *p);
void ProcIkeMainModePacketRecv(IKE_SERVER *ike, UDPPACKET *p, IKE_PACKET *header);
void ProcIkeQuickModePacketRecv(IKE_SERVER *ike, UDPPACKET *p, IKE_PACKET *header);
void ProcIkeAggressiveModePacketRecv(IKE_SERVER *ike, UDPPACKET *p, IKE_PACKET *header);
void ProcIkeInformationalExchangePacketRecv(IKE_SERVER *ike, UDPPACKET *p, IKE_PACKET *header);
void FreeIkeSa(IKE_SA *sa);
void FreeIkeClient(IKE_SERVER *ike, IKE_CLIENT *c);
UINT64 GenerateNewResponserCookie(IKE_SERVER *ike);
bool GetBestTransformSettingForIkeSa(IKE_SERVER *ike, IKE_PACKET *pr, IKE_SA_TRANSFORM_SETTING *setting);
bool TransformPayloadToTransformSettingForIkeSa(IKE_SERVER *ike, IKE_PACKET_TRANSFORM_PAYLOAD *transform, IKE_SA_TRANSFORM_SETTING *setting);
IKE_CLIENT *SearchIkeClientForIkePacket(IKE_SERVER *ike, IP *client_ip, UINT client_port, IP *server_ip, UINT server_port, IKE_PACKET *pr);
IKE_CLIENT *SearchOrCreateNewIkeClientForIkePacket(IKE_SERVER *ike, IP *client_ip, UINT client_port, IP *server_ip, UINT server_port, IKE_PACKET *pr);
UINT GetNumberOfIkeClientsFromIP(IKE_SERVER *ike, IP *client_ip);
UINT GetNumberOfIPsecSaOfIkeClient(IKE_SERVER *ike, IKE_CLIENT *c);
UINT GetNumberOfIkeSaOfIkeClient(IKE_SERVER *ike, IKE_CLIENT *c);
int CmpIkeClient(void *p1, void *p2);
int CmpIkeSa(void *p1, void *p2);
int CmpIPsecSa(void *p1, void *p2);
IKE_SA *FindIkeSaByEndPointAndInitiatorCookie(IKE_SERVER *ike, IP *client_ip, UINT client_port, IP *server_ip, UINT server_port, UINT64 init_cookie, UINT mode);
IKE_SA *FindIkeSaByResponderCookie(IKE_SERVER *ike, UINT64 responder_cookie);
IKE_SA *FindIkeSaByResponderCookieAndClient(IKE_SERVER *ike, UINT64 responder_cookie, IKE_CLIENT *c);
IKE_CLIENT *NewIkeClient(IKE_SERVER *ike, IP *client_ip, UINT client_port, IP *server_ip, UINT server_port);
IKE_CLIENT *SetIkeClientEndpoint(IKE_SERVER *ike, IKE_CLIENT *c, IP *client_ip, UINT client_port, IP *server_ip, UINT server_port);
IKE_SA *NewIkeSa(IKE_SERVER *ike, IKE_CLIENT *c, UINT64 init_cookie, UINT mode, IKE_SA_TRANSFORM_SETTING *setting);
IKE_PACKET_PAYLOAD *TransformSettingToTransformPayloadForIke(IKE_SERVER *ike, IKE_SA_TRANSFORM_SETTING *setting);
void IkeSaSendPacket(IKE_SERVER *ike, IKE_SA *sa, IKE_PACKET *p);
IKE_PACKET *IkeSaRecvPacket(IKE_SERVER *ike, IKE_SA *sa, void *data, UINT size);
void IkeSendUdpPacket(IKE_SERVER *ike, UINT type, IP *server_ip, UINT server_port, IP *client_ip, UINT client_port, void *data, UINT size);
void IkeAddVendorIdPayloads(IKE_PACKET *p);
BUF *IkeStrToVendorId(char *str);
void IkeAddVendorId(IKE_PACKET *p, char *str);
bool IkeIsVendorIdExists(IKE_PACKET *p, char *str);
void IkeCheckCaps(IKE_CAPS *caps, IKE_PACKET *p);
BUF *IkeCalcNatDetectHash(IKE_SERVER *ike, IKE_HASH *hash, UINT64 initiator_cookie, UINT64 responder_cookie, IP *ip, UINT port);
void IkeCalcSaKeySet(IKE_SERVER *ike, IKE_SA *sa, char *secret);
IKE_CRYPTO_KEY *IkeNewCryptoKeyFromK(IKE_SERVER *ike, void *k, UINT k_size, IKE_HASH *h, IKE_CRYPTO *c, UINT crypto_key_size);
BUF *IkeExpandKeySize(IKE_HASH *h, void *k, UINT k_size, UINT target_size);
void IkeSaUpdateIv(IKE_SA *sa, void *iv, UINT iv_size);
IPSECSA *NewIPsecSa(IKE_SERVER *ike, IKE_CLIENT *c, IKE_SA *ike_sa, bool initiate, UINT message_id, bool server_to_client, void *iv, UINT spi, void *init_rand_data, UINT init_rand_size, void *res_rand_data, UINT res_rand_size, IPSEC_SA_TRANSFORM_SETTING *setting, void *shared_key_data, UINT shared_key_size);
void IkeCalcPhase2InitialIv(void *iv, IKE_SA *sa, UINT message_id);
bool GetBestTransformSettingForIPsecSa(IKE_SERVER *ike, IKE_PACKET *pr, IPSEC_SA_TRANSFORM_SETTING *setting, IP *server_ip);
bool TransformPayloadToTransformSettingForIPsecSa(IKE_SERVER *ike, IKE_PACKET_TRANSFORM_PAYLOAD *transform, IPSEC_SA_TRANSFORM_SETTING *setting, IP *server_ip);
IKE_PACKET_PAYLOAD *TransformSettingToTransformPayloadForIPsec(IKE_SERVER *ike, IPSEC_SA_TRANSFORM_SETTING *setting);
UINT GenerateNewIPsecSaSpi(IKE_SERVER *ike, UINT counterpart_spi);
IPSECSA *SearchClientToServerIPsecSaBySpi(IKE_SERVER *ike, UINT spi);
IPSECSA *SearchIPsecSaBySpi(IKE_SERVER *ike, IKE_CLIENT *c, UINT spi);
IPSECSA *SearchIPsecSaByMessageId(IKE_SERVER *ike, IKE_CLIENT *c, UINT message_id);
void IPsecSaSendPacket(IKE_SERVER *ike, IPSECSA *sa, IKE_PACKET *p);
IKE_PACKET *IPsecSaRecvPacket(IKE_SERVER *ike, IPSECSA *sa, void *data, UINT size);
void IPsecSaUpdateIv(IPSECSA *sa, void *iv, UINT iv_size);
void ProcDeletePayload(IKE_SERVER *ike, IKE_CLIENT *c, IKE_PACKET_DELETE_PAYLOAD *d);
void MarkIPsecSaAsDeleted(IKE_SERVER *ike, IPSECSA *sa);
void MarkIkeSaAsDeleted(IKE_SERVER *ike, IKE_SA *sa);
void PurgeDeletingSAsAndClients(IKE_SERVER *ike);
void PurgeIPsecSa(IKE_SERVER *ike, IPSECSA *sa);
void PurgeIkeSa(IKE_SERVER *ike, IKE_SA *sa);
void PurgeIkeClient(IKE_SERVER *ike, IKE_CLIENT *c);
void FreeIPsecSa(IPSECSA *sa);
void MarkIkeClientAsDeleted(IKE_SERVER *ike, IKE_CLIENT *c);
IKE_SA *GetOtherLatestIkeSa(IKE_SERVER *ike, IKE_SA *sa);
IPSECSA *GetOtherLatestIPsecSa(IKE_SERVER *ike, IPSECSA *sa);
void SendInformationalExchangePacket(IKE_SERVER *ike, IKE_CLIENT *c, IKE_PACKET_PAYLOAD *payload);
void SendInformationalExchangePacketEx(IKE_SERVER *ike, IKE_CLIENT *c, IKE_PACKET_PAYLOAD *payload, bool force_plain, UINT64 init_cookie, UINT64 resp_cookie);
void SendDeleteIkeSaPacket(IKE_SERVER *ike, IKE_CLIENT *c, UINT64 init_cookie, UINT64 resp_cookie);
void SendDeleteIPsecSaPacket(IKE_SERVER *ike, IKE_CLIENT *c, UINT spi);
void IPsecCalcKeymat(IKE_SERVER *ike, IKE_HASH *h, void *dst, UINT dst_size, void *skeyid_d_data, UINT skeyid_d_size, UCHAR protocol, UINT spi, void *rand_init_data, UINT rand_init_size,
void *rand_resp_data, UINT rand_resp_size, void *df_key_data, UINT df_key_size);
void ProcIPsecEspPacketRecv(IKE_SERVER *ike, UDPPACKET *p);
void ProcIPsecUdpPacketRecv(IKE_SERVER *ike, IKE_CLIENT *c, UCHAR *data, UINT data_size);
void IPsecSendPacketByIPsecSa(IKE_SERVER *ike, IPSECSA *sa, UCHAR *data, UINT data_size, UCHAR protocol_id);
void IPsecSendPacketByIPsecSaInner(IKE_SERVER *ike, IPSECSA *sa, UCHAR *data, UINT data_size, UCHAR protocol_id);
void IPsecSendPacketByIkeClient(IKE_SERVER *ike, IKE_CLIENT *c, UCHAR *data, UINT data_size, UCHAR protocol_id);
void IPsecSendUdpPacket(IKE_SERVER *ike, IKE_CLIENT *c, UINT src_port, UINT dst_port, UCHAR *data, UINT data_size);
void IPsecIkeClientManageL2TPServer(IKE_SERVER *ike, IKE_CLIENT *c);
void IPsecIkeClientSendL2TPPackets(IKE_SERVER *ike, IKE_CLIENT *c, L2TP_SERVER *l2tp);
void IPsecIkeSendUdpForDebug(UINT dst_port, UINT dst_ip, void *data, UINT size);
void StartQuickMode(IKE_SERVER *ike, IKE_CLIENT *c);
UINT GenerateNewMessageId(IKE_SERVER *ike);
void IPsecIkeClientManageEtherIPServer(IKE_SERVER *ike, IKE_CLIENT *c);
void IPsecIkeClientSendEtherIPPackets(IKE_SERVER *ike, IKE_CLIENT *c, ETHERIP_SERVER *s);
void ProcIPsecEtherIPPacketRecv(IKE_SERVER *ike, IKE_CLIENT *c, UCHAR *data, UINT data_size, bool is_tunnel_mode);
bool IsIPsecSaTunnelMode(IPSECSA *sa);
void ProcL2TPv3PacketRecv(IKE_SERVER *ike, IKE_CLIENT *c, UCHAR *data, UINT data_size, bool is_tunnel_mode);
IKE_SA *SearchIkeSaByCookie(IKE_SERVER *ike, UINT64 init_cookie, UINT64 resp_cookie);
#endif // IPSEC_IKE_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/IPsec_IPC.c
+2028
View File
File diff suppressed because it is too large Load Diff
src/Cedar/IPsec_IPC.h
+243
View File
@@ -0,0 +1,243 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// IPsec_IPC.h
// Header of IPsec_IPC.c
#ifndef IPSEC_IPC
#define IPSEC_IPC
// Constants
#define IPC_ARP_LIFETIME (3 * 60 * 1000)
#define IPC_ARP_GIVEUPTIME (1 * 1000)
#define IPC_DHCP_TIMEOUT (5 * 1000)
#define IPC_DHCP_TIMEOUT_TOTAL_GIVEUP (20 * 1000)
#define IPC_DHCP_MIN_LEASE 5
#define IPC_DHCP_DEFAULT_LEASE 3600
#define IPC_MAX_PACKET_QUEUE_LEN 10000
#define IPC_DHCP_VENDOR_ID "MSFT 5.0"
#define IPC_PASSWORD_MSCHAPV2_TAG "xH7DiNlurDhcYV4a:"
// ARP table entry
struct IPC_ARP
{
IP Ip; // IP address
bool Resolved; // Whether the MAC address have been resolved
UCHAR MacAddress[6]; // MAC address
UINT64 GiveupTime; // Time to give up (in the case of unresolved)
UINT64 ExpireTime; // Expiration date (If resolved)
QUEUE *PacketQueue; // Transmission packet queue
};
// DHCP release queue
struct IPC_DHCP_RELESAE_QUEUE
{
DHCP_OPTION_LIST Req;
UINT TranId;
UCHAR MacAddress[6];
};
// IPC_PARAM
struct IPC_PARAM
{
char ClientName[MAX_SIZE];
char Postfix[MAX_SIZE];
char HubName[MAX_HUBNAME_LEN + 1];
char UserName[MAX_USERNAME_LEN + 1];
char Password[MAX_PASSWORD_LEN + 1];
IP ClientIp;
UINT ClientPort;
IP ServerIp;
UINT ServerPort;
char ClientHostname[MAX_SIZE];
char CryptName[MAX_SIZE];
bool BridgeMode;
UINT Mss;
bool IsL3Mode;
bool IsOpenVPN;
};
// IPC_ASYNC object
struct IPC_ASYNC
{
CEDAR *Cedar; // Cedar
IPC_PARAM Param; // Parameters for creating IPC
THREAD *Thread; // Thread
SOCK_EVENT *SockEvent; // Socket events that is set when the connection is completed
bool Done; // Processing completion flag
IPC *Ipc; // IPC object (if it fails to connect, the value is NULL)
TUBE *TubeForDisconnect; // Tube for disconnection notification
UINT ErrorCode; // Error code in the case of failing to connect
DHCP_OPTION_LIST L3ClientAddressOption; // Client IP address option (Only in the case of L3 mode)
UINT64 L3DhcpRenewInterval; // DHCP update interval
UINT64 L3NextDhcpRenewTick; // DHCP renewal time of the next
bool DhcpAllocFailed; // Failed to get IP address from the DHCP server
};
// IPC object
struct IPC
{
CEDAR *Cedar;
char HubName[MAX_HUBNAME_LEN + 1];
char UserName[MAX_USERNAME_LEN + 1];
char Password[MAX_PASSWORD_LEN + 1];
char ClientHostname[MAX_SIZE];
UCHAR random[SHA1_SIZE];
char SessionName[MAX_SESSION_NAME_LEN + 1];
char ConnectionName[MAX_CONNECTION_NAME_LEN + 1];
POLICY *Policy;
SOCK *Sock;
INTERRUPT_MANAGER *Interrupt; // Interrupt manager
IP ClientIPAddress; // IP address of the client
IP SubnetMask; // Subnet mask of the client
IP DefaultGateway; // Default gateway address
IP BroadcastAddress; // Broadcast address
UCHAR MacAddress[6]; // MAC address
UCHAR Padding[2];
LIST *ArpTable; // ARP table
QUEUE *IPv4RecviedQueue; // IPv4 reception queue
TUBE_FLUSH_LIST *FlushList; // Tube Flush List
UCHAR MsChapV2_ServerResponse[20]; // Server response
};
// MS-CHAPv2 authentication information
struct IPC_MSCHAP_V2_AUTHINFO
{
char MsChapV2_PPPUsername[MAX_SIZE]; // MS-CHAPv2 Username
UCHAR MsChapV2_ServerChallenge[16]; // MS-CHAPv2 Server Challenge
UCHAR MsChapV2_ClientChallenge[16]; // MS-CHAPv2 Client Challenge
UCHAR MsChapV2_ClientResponse[24]; // MS-CHAPv2 Client Response
};
IPC *NewIPC(CEDAR *cedar, char *client_name, char *postfix, char *hubname, char *username, char *password,
UINT *error_code, IP *client_ip, UINT client_port, IP *server_ip, UINT server_port,
char *client_hostname, char *crypt_name,
bool bridge_mode, UINT mss);
IPC *NewIPCByParam(CEDAR *cedar, IPC_PARAM *param, UINT *error_code);
IPC *NewIPCBySock(CEDAR *cedar, SOCK *s, void *mac_address);
void FreeIPC(IPC *ipc);
bool IsIPCConnected(IPC *ipc);
void IPCSetSockEventWhenRecvL2Packet(IPC *ipc, SOCK_EVENT *e);
void IPCSendL2(IPC *ipc, void *data, UINT size);
void IPCSendIPv4(IPC *ipc, void *data, UINT size);
BLOCK *IPCRecvL2(IPC *ipc);
BLOCK *IPCRecvIPv4(IPC *ipc);
void IPCProcessInterrupts(IPC *ipc);
void IPCProcessL3Events(IPC *ipc);
void IPCProcessL3EventsEx(IPC *ipc, UINT64 now);
bool IPCSetIPv4Parameters(IPC *ipc, IP *ip, IP *subnet, IP *gw);
IPC_ARP *IPCNewARP(IP *ip, UCHAR *mac_address);
void IPCFreeARP(IPC_ARP *a);
int IPCCmpArpTable(void *p1, void *p2);
void IPCSendIPv4Unicast(IPC *ipc, void *data, UINT size, IP *next_ip);
IPC_ARP *IPCSearchArpTable(IPC *ipc, IP *ip);
void IPCSendIPv4WithDestMacAddr(IPC *ipc, void *data, UINT size, UCHAR *dest_mac_addr);
void IPCFlushArpTable(IPC *ipc);
void IPCFlushArpTableEx(IPC *ipc, UINT64 now);
void IPCProcessArp(IPC *ipc, BLOCK *b);
void IPCAssociateOnArpTable(IPC *ipc, IP *ip, UCHAR *mac_address);
bool IsValidUnicastMacAddress(UCHAR *mac);
bool IsValidUnicastIPAddress4(IP *ip);
bool IsValidUnicastIPAddressUINT4(UINT ip);
DHCPV4_DATA *IPCSendDhcpRequest(IPC *ipc, IP *dest_ip, UINT tran_id, DHCP_OPTION_LIST *opt, UINT expecting_code, UINT timeout, TUBE *discon_poll_tube);
BUF *IPCBuildDhcpRequest(IPC *ipc, IP *dest_ip, UINT tran_id, DHCP_OPTION_LIST *opt);
BUF *IPCBuildDhcpRequestOptions(IPC *ipc, DHCP_OPTION_LIST *opt);
bool IPCDhcpAllocateIP(IPC *ipc, DHCP_OPTION_LIST *opt, TUBE *discon_poll_tube);
bool IPCDhcpAllocateIPEx(IPC *ipc, DHCP_OPTION_LIST *opt, TUBE *discon_poll_tube, bool openvpn_compatible);
bool IPCDhcpRequestInformIP(IPC *ipc, DHCP_OPTION_LIST *opt, TUBE *discon_poll_tube, IP *client_ip);
void IPCDhcpRenewIP(IPC *ipc, IP *dhcp_server);
void IPCDhcpFreeIP(IPC *ipc, IP *dhcp_server);
IPC_ASYNC *NewIPCAsync(CEDAR *cedar, IPC_PARAM *param, SOCK_EVENT *sock_event);
void IPCAsyncThreadProc(THREAD *thread, void *param);
void FreeIPCAsync(IPC_ASYNC *a);
bool ParseAndExtractMsChapV2InfoFromPassword(IPC_MSCHAP_V2_AUTHINFO *d, char *password);
#endif // IPSEC_IPC
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/IPsec_IkePacket.c
+3129
View File
File diff suppressed because it is too large Load Diff
src/Cedar/IPsec_IkePacket.h
+711
View File
@@ -0,0 +1,711 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// IPsec_IkePacket.h
// Header of IPsec_IkePacket.c
#ifndef IPSEC_PACKET_H
#define IPSEC_PACKET_H
// Constants
#ifdef OS_WIN32
#pragma pack(push, 1)
#endif // OS_WIN32
// Maximum hash size
#define IKE_MAX_HASH_SIZE 20 // Size of SHA-1 is the maximum for now
// Maximum block size
#define IKE_MAX_BLOCK_SIZE 16 // Size of AES is maximum at the moment
// Maximum key size
#define IKE_MAX_KEY_SIZE 32 // Size of AES-256 is the maximum for now
// IKE version
#define IKE_VERSION 0x10 // 1.0
// IKE payload type
#define IKE_PAYLOAD_NONE 0 // No payload
#define IKE_PAYLOAD_SA 1 // SA payload
#define IKE_PAYLOAD_PROPOSAL 2 // Proposal payload
#define IKE_PAYLOAD_TRANSFORM 3 // Transform payload
#define IKE_PAYLOAD_KEY_EXCHANGE 4 // Key exchange payload
#define IKE_PAYLOAD_ID 5 // ID payload
#define IKE_PAYLOAD_CERT 6 // Certificate payload
#define IKE_PAYLOAD_CERT_REQUEST 7 // Certificate request payload
#define IKE_PAYLOAD_HASH 8 // Hash payload
#define IKE_PAYLOAD_SIGN 9 // Signature payload
#define IKE_PAYLOAD_RAND 10 // Random number payload
#define IKE_PAYLOAD_NOTICE 11 // Notification Payload
#define IKE_PAYLOAD_DELETE 12 // Deletion payload
#define IKE_PAYLOAD_VENDOR_ID 13 // Vendor ID payload
#define IKE_PAYLOAD_NAT_D 20 // NAT-D payload
#define IKE_PAYLOAD_NAT_OA 21 // NAT-OA payload
#define IKE_PAYLOAD_NAT_D_DRAFT 130 // NAT-D payload draft
#define IKE_PAYLOAD_NAT_OA_DRAFT 16 // NAT-OA payload draft
#define IKE_PAYLOAD_NAT_OA_DRAFT_2 131 // NAT-OA payload draft 2
// Macro to check whether the payload type is supported
#define IKE_IS_SUPPORTED_PAYLOAD_TYPE(i) ((((i) >= IKE_PAYLOAD_SA) && ((i) <= IKE_PAYLOAD_VENDOR_ID)) || ((i) == IKE_PAYLOAD_NAT_D) || ((i) == IKE_PAYLOAD_NAT_OA) || ((i) == IKE_PAYLOAD_NAT_OA_DRAFT) || ((i) == IKE_PAYLOAD_NAT_OA_DRAFT_2) || ((i) == IKE_PAYLOAD_NAT_D_DRAFT))
// IKE header flag
#define IKE_HEADER_FLAG_ENCRYPTED 1 // Encryption
#define IKE_HEADER_FLAG_COMMIT 2 // Commit
#define IKE_HEADER_FLAG_AUTH_ONLY 4 // Only authentication
// IKE payload common header
struct IKE_COMMON_HEADER
{
UCHAR NextPayload;
UCHAR Reserved;
USHORT PayloadSize;
} GCC_PACKED;
// IKE SA payload header
struct IKE_SA_HEADER
{
UINT DoI; // DOI value
UINT Situation; // Situation value
} GCC_PACKED;
// DOI value in the IKE SA payload
#define IKE_SA_DOI_IPSEC 1 // IPsec
// Situation value in the IKE SA payload
#define IKE_SA_SITUATION_IDENTITY 1 // Only authentication
// IKE proposal payload header
struct IKE_PROPOSAL_HEADER
{
UCHAR Number; // Number
UCHAR ProtocolId; // Protocol ID
UCHAR SpiSize; // Length of SPI
UCHAR NumTransforms; // Transform number
} GCC_PACKED;
// Protocol ID in the IKE proposal payload header
#define IKE_PROTOCOL_ID_IKE 1 // IKE
#define IKE_PROTOCOL_ID_IPSEC_AH 2 // AH
#define IKE_PROTOCOL_ID_IPSEC_ESP 3 // ESP
#define IKE_PROTOCOL_ID_IPV4 4 // IP
#define IKE_PROTOCOL_ID_IPV6 41 // IPv6
// IKE transform payload header
struct IKE_TRANSFORM_HEADER
{
UCHAR Number; // Number
UCHAR TransformId; // Transform ID
USHORT Reserved; // Reserved
} GCC_PACKED;
// Transform ID (Phase 1) in IKE transform payload header
#define IKE_TRANSFORM_ID_P1_KEY_IKE 1 // IKE
// Transform ID (Phase 2) in IKE transform payload header
#define IKE_TRANSFORM_ID_P2_ESP_DES 2 // DES-CBC
#define IKE_TRANSFORM_ID_P2_ESP_3DES 3 // 3DES-CBC
#define IKE_TRANSFORM_ID_P2_ESP_CAST 6 // CAST
#define IKE_TRANSFORM_ID_P2_ESP_BLOWFISH 7 // BLOWFISH
#define IKE_TRANSFORM_ID_P2_ESP_AES 12 // AES
// IKE transform value (fixed length)
struct IKE_TRANSFORM_VALUE
{
UCHAR AfBit; // AF bit (0: Fixed length, 1: Variable length)
UCHAR Type; // Type
USHORT Value; // Value data (16bit)
} GCC_PACKED;
// The Type value in IKE transform value (Phase 1)
#define IKE_TRANSFORM_VALUE_P1_CRYPTO 1 // Encryption algorithm
#define IKE_TRANSFORM_VALUE_P1_HASH 2 // Hash algorithm
#define IKE_TRANSFORM_VALUE_P1_AUTH_METHOD 3 // Authentication method
#define IKE_TRANSFORM_VALUE_P1_DH_GROUP 4 // DH group number
#define IKE_TRANSFORM_VALUE_P1_LIFE_TYPE 11 // Expiration date type
#define IKE_TRANSFORM_VALUE_P1_LIFE_VALUE 12 // Expiration date
#define IKE_TRANSFORM_VALUE_P1_KET_SIZE 14 // Key size
// The Type value in IKE transform values (Phase 2)
#define IKE_TRANSFORM_VALUE_P2_LIFE_TYPE 1 // Expiration date type
#define IKE_TRANSFORM_VALUE_P2_LIFE_VALUE 2 // Expiration date
#define IKE_TRANSFORM_VALUE_P2_DH_GROUP 3 // DH group number
#define IKE_TRANSFORM_VALUE_P2_CAPSULE 4 // Encapsulation mode
#define IKE_TRANSFORM_VALUE_P2_HMAC 5 // HMAC algorithm
#define IKE_TRANSFORM_VALUE_P2_KEY_SIZE 6 // Key size
// Phase 1: The encryption algorithm in the IKE transform value
#define IKE_P1_CRYPTO_DES_CBC 1
#define IKE_P1_CRYPTO_BLOWFISH 3
#define IKE_P1_CRYPTO_3DES_CBC 5
#define IKE_P1_CRYPTO_CAST_CBC 6
#define IKE_P1_CRYPTO_AES_CBC 7
// Phase 1: The hash algorithm in IKE transform value
#define IKE_P1_HASH_MD5 1
#define IKE_P1_HASH_SHA1 2
// Phase 1: The authentication method in the IKE transform value
#define IKE_P1_AUTH_METHOD_PRESHAREDKEY 1
#define IKE_P1_AUTH_METHOD_RSA_SIGN 3
// Phase 1: The DH group number in the IKE transform value
#define IKE_P1_DH_GROUP_768_MODP 1
#define IKE_P1_DH_GROUP_1024_MODP 2
#define IKE_P1_DH_GROUP_1536_MODP 5
// Phase 1: The expiration date type in IKE transform value
#define IKE_P1_LIFE_TYPE_SECONDS 1
#define IKE_P1_LIFE_TYPE_KILOBYTES 2
// Phase 2: The HMAC algorithm in IPsec transform value
#define IKE_P2_HMAC_MD5_96 1
#define IKE_P2_HMAC_SHA1_96 2
// Phase 2: The DH group number in the IPsec transform value
#define IKE_P2_DH_GROUP_768_MODP 1
#define IKE_P2_DH_GROUP_1024_MODP 2
#define IKE_P2_DH_GROUP_1536_MODP 5
// Phase 2: The encapsulation mode in IPsec transform value
#define IKE_P2_CAPSULE_TUNNEL 1
#define IKE_P2_CAPSULE_TRANSPORT 2
#define IKE_P2_CAPSULE_NAT_TUNNEL_1 3
#define IKE_P2_CAPSULE_NAT_TUNNEL_2 61443
#define IKE_P2_CAPSULE_NAT_TRANSPORT_1 4
#define IKE_P2_CAPSULE_NAT_TRANSPORT_2 61444
// Phase 2: The expiration date type in IPsec transform value
#define IKE_P2_LIFE_TYPE_SECONDS 1
#define IKE_P2_LIFE_TYPE_KILOBYTES 2
// IKE ID payload header
struct IKE_ID_HEADER
{
UCHAR IdType; // Type of ID
UCHAR ProtocolId; // Protocol ID
USHORT Port; // Port
} GCC_PACKED;
// Type of ID in the IKE ID payload header
#define IKE_ID_IPV4_ADDR 1 // IPv4 address (32 bit)
#define IKE_ID_FQDN 2 // FQDN
#define IKE_ID_USER_FQDN 3 // User FQDN
#define IKE_ID_IPV4_ADDR_SUBNET 4 // IPv4 + subnet (64 bit)
#define IKE_ID_IPV6_ADDR 5 // IPv6 address (128 bit)
#define IKE_ID_IPV6_ADDR_SUBNET 6 // IPv6 + subnet (256 bit)
#define IKE_ID_DER_ASN1_DN 9 // X.500 Distinguished Name
#define IKE_ID_DER_ASN1_GN 10 // X.500 General Name
#define IKE_ID_KEY_ID 11 // Key
// The protocol ID in the IKE ID payload
#define IKE_ID_PROTOCOL_UDP IP_PROTO_UDP // UDP
// IKE certificate payload header
struct IKE_CERT_HEADER
{
UCHAR CertType; // Certificate Type
} GCC_PACKED;
// The certificate type in IKE certificate payload header
#define IKE_CERT_TYPE_X509 4 // X.509 certificate (for digital signature)
// IKE certificate payload header
struct IKE_CERT_REQUEST_HEADER
{
UCHAR CertType; // Certificate Type
} GCC_PACKED;
// IKE notification payload header
struct IKE_NOTICE_HEADER
{
UINT DoI; // DOI value
UCHAR ProtocolId; // Protocol ID
// Same to the protocol ID in the IKE proposal payload header
UCHAR SpiSize; // SPI size
USHORT MessageType; // Message type
} GCC_PACKED;
// IKE Deletion payload header
struct IKE_DELETE_HEADER
{
UINT DoI; // DOI value
UCHAR ProtocolId; // Protocol ID
// Same to the protocol ID in the IKE proposal payload header
UCHAR SpiSize; // SPI size
USHORT NumSpis; // SPI number
} GCC_PACKED;
// IKE NAT-OA payload header
struct IKE_NAT_OA_HEADER
{
UCHAR IdType; // Type of ID
UCHAR Reserved1;
USHORT Reserved2;
} GCC_PACKED;
#ifdef OS_WIN32
#pragma pack(pop)
#endif // OS_WIN32
//
// IKE internal data structure
//
// IKE packet SA payload
struct IKE_PACKET_SA_PAYLOAD
{
LIST *PayloadList; // Proposal payload list
};
// IKE proposal packet payload
struct IKE_PACKET_PROPOSAL_PAYLOAD
{
UCHAR Number; // Number
UCHAR ProtocolId; // Protocol ID
BUF *Spi; // SPI data
LIST *PayloadList; // Payload list
};
// IKE packet transform payload
struct IKE_PACKET_TRANSFORM_PAYLOAD
{
UCHAR Number; // Number
UCHAR TransformId; // Transform ID
LIST *ValueList; // Value list
};
// IKE packet transform value
struct IKE_PACKET_TRANSFORM_VALUE
{
UCHAR Type; // Type
UINT Value; // Value
};
// IKE generic data payload
struct IKE_PACKET_DATA_PAYLOAD
{
BUF *Data; // Generic data
};
// IKE packet ID payload
struct IKE_PACKET_ID_PAYLOAD
{
UCHAR Type; // Type
UCHAR ProtocolId; // Protocol ID
USHORT Port; // Port number
BUF *IdData; // ID data
char StrData[128]; // Data of the result of converting to a string
};
// IKE packet certificate payload
struct IKE_PACKET_CERT_PAYLOAD
{
UCHAR CertType; // Certificate type
BUF *CertData; // Certificate data
};
// IKE packet certificate request payload
struct IKE_PACKET_CERT_REQUEST_PAYLOAD
{
UCHAR CertType; // Certificate type
BUF *Data; // Request data
};
// IKE packet notification payload
struct IKE_PACKET_NOTICE_PAYLOAD
{
UCHAR ProtocolId; // Protocol ID
USHORT MessageType; // Message type
BUF *Spi; // SPI data
BUF *MessageData; // Message data
};
// IKE notification message type
// Error
#define IKE_NOTICE_ERROR_INVALID_COOKIE 4 // Invalid cookie
#define IKE_NOTICE_ERROR_INVALID_EXCHANGE_TYPE 7 // Invalid exchange type
#define IKE_NOTICE_ERROR_INVALID_SPI 11 // Invalid SPI
#define IKE_NOTICE_ERROR_NO_PROPOSAL_CHOSEN 14 // There is nothing worth mentioning in the presented proposal
// DPD
#define IKE_NOTICE_DPD_REQUEST 36136 // R-U-THERE
#define IKE_NOTICE_DPD_RESPONSE 36137 // R-U-THERE-ACK
// IKE packet deletion payload
struct IKE_PACKET_DELETE_PAYLOAD
{
UCHAR ProtocolId; // Protocol ID
LIST *SpiList; // SPI list
};
// IKE NAT-OA payload
struct IKE_PACKET_NAT_OA_PAYLOAD
{
IP IpAddress; // IP address
};
// IKE packet payload
struct IKE_PACKET_PAYLOAD
{
UCHAR PayloadType; // Payload type
UCHAR Padding[3];
BUF *BitArray; // Bit array
union
{
IKE_PACKET_SA_PAYLOAD Sa; // SA payload
IKE_PACKET_PROPOSAL_PAYLOAD Proposal; // Proposal payload
IKE_PACKET_TRANSFORM_PAYLOAD Transform; // Transform payload
IKE_PACKET_DATA_PAYLOAD KeyExchange; // Key exchange payload
IKE_PACKET_ID_PAYLOAD Id; // ID payload
IKE_PACKET_CERT_PAYLOAD Cert; // Certificate payload
IKE_PACKET_CERT_REQUEST_PAYLOAD CertRequest; // Certificate request payload
IKE_PACKET_DATA_PAYLOAD Hash; // Hash payload
IKE_PACKET_DATA_PAYLOAD Sign; // Signature payload
IKE_PACKET_DATA_PAYLOAD Rand; // Random number payload
IKE_PACKET_NOTICE_PAYLOAD Notice; // Notification Payload
IKE_PACKET_DELETE_PAYLOAD Delete; // Deletion payload
IKE_PACKET_DATA_PAYLOAD VendorId; // Vendor ID payload
IKE_PACKET_NAT_OA_PAYLOAD NatOa; // NAT-OA payload
IKE_PACKET_DATA_PAYLOAD GeneralData; // Generic data payload
} Payload;
};
struct IKE_PACKET
{
UINT64 InitiatorCookie; // Initiator cookie
UINT64 ResponderCookie; // Responder cookie
UCHAR ExchangeType; // Exchange type
bool FlagEncrypted; // Encryption flag
bool FlagCommit; // Commit flag
bool FlagAuthOnly; // Flag only authentication
UINT MessageId; // Message ID
LIST *PayloadList; // Payload list
BUF *DecryptedPayload; // Decrypted payload
UINT MessageSize; // Original size
};
// IKE P1 key set
struct IKE_P1_KEYSET
{
BUF *SKEYID_d; // IPsec SA key
BUF *SKEYID_a; // IKE SA authentication key
BUF *SKEYID_e; // IKE SA encryption key
};
// Number and name of the encryption algorithm for IKE
#define IKE_CRYPTO_DES_ID 0
#define IKE_CRYPTO_DES_STRING "DES-CBC"
#define IKE_CRYPTO_3DES_ID 1
#define IKE_CRYPTO_3DES_STRING "3DES-CBC"
#define IKE_CRYPTO_AES_ID 2
#define IKE_CRYPTO_AES_STRING "AES-CBC"
#define IKE_CRYPTO_BLOWFISH_ID 3
#define IKE_CRYPTO_BLOWFISH_STRING "Blowfish-CBC"
#define IKE_CRYPTO_CAST_ID 4
#define IKE_CRYPTO_CAST_STRING "CAST-128-CBC"
// Number and name of the IKE hash algorithm
#define IKE_HASH_MD5_ID 0
#define IKE_HASH_MD5_STRING "MD5"
#define IKE_HASH_SHA1_ID 1
#define IKE_HASH_SHA1_STRING "SHA-1"
// Number and name of DH algorithm for IKE
#define IKE_DH_1_ID 0
#define IKE_DH_1_STRING "MODP 768 (Group 1)"
#define IKE_DH_2_ID 1
#define IKE_DH_2_STRING "MODP 1024 (Group 2)"
#define IKE_DH_5_ID 2
#define IKE_DH_5_STRING "MODP 1536 (Group 5)"
// Encryption algorithm for IKE
struct IKE_CRYPTO
{
UINT CryptoId; // ID
char *Name; // Name
UINT KeySizes[16]; // Key size candidate
UINT BlockSize; // Block size
bool VariableKeySize; // Whether the key size is variable
};
// IKE encryption key
struct IKE_CRYPTO_KEY
{
IKE_CRYPTO *Crypto;
void *Data; // Key data
UINT Size; // Key size
DES_KEY_VALUE *DesKey1, *DesKey2, *DesKey3; // DES key
AES_KEY_VALUE *AesKey; // AES key
};
// IKE hash algorithm
struct IKE_HASH
{
UINT HashId; // ID
char *Name; // Name
UINT HashSize; // Output size
};
// DH algorithm for IKE
struct IKE_DH
{
UINT DhId; // ID
char *Name; // Name
UINT KeySize; // Key size
};
#define MAX_IKE_ENGINE_ELEMENTS 16
// Encryption engine for IKE
struct IKE_ENGINE
{
IKE_CRYPTO *IkeCryptos[MAX_IKE_ENGINE_ELEMENTS]; // Encryption algorithm list that is used in the IKE
IKE_HASH *IkeHashes[MAX_IKE_ENGINE_ELEMENTS]; // Hash algorithm list that is used in the IKE
IKE_DH *IkeDhs[MAX_IKE_ENGINE_ELEMENTS]; // DH algorithm list that is used in the IKE
IKE_CRYPTO *EspCryptos[MAX_IKE_ENGINE_ELEMENTS]; // Encryption algorithm list that is used by ESP
IKE_HASH *EspHashes[MAX_IKE_ENGINE_ELEMENTS]; // Hash algorithm list that is used by ESP
IKE_DH *EspDhs[MAX_IKE_ENGINE_ELEMENTS]; // DH algorithm list that is used by ESP
LIST *CryptosList;
LIST *HashesList;
LIST *DhsList;
};
// IKE encryption parameters
struct IKE_CRYPTO_PARAM
{
IKE_CRYPTO_KEY *Key; // Key
UCHAR Iv[IKE_MAX_BLOCK_SIZE]; // IV
UCHAR NextIv[IKE_MAX_BLOCK_SIZE]; // IV to be used next
};
// Function prototype
IKE_PACKET *IkeParseHeader(void *data, UINT size, IKE_CRYPTO_PARAM *cparam);
IKE_PACKET *IkeParse(void *data, UINT size, IKE_CRYPTO_PARAM *cparam);
IKE_PACKET *IkeParseEx(void *data, UINT size, IKE_CRYPTO_PARAM *cparam, bool header_only);
void IkeFree(IKE_PACKET *p);
IKE_PACKET *IkeNew(UINT64 init_cookie, UINT64 resp_cookie, UCHAR exchange_type,
bool encrypted, bool commit, bool auth_only, UINT msg_id,
LIST *payload_list);
void IkeDebugPrintPayloads(LIST *o, UINT depth);
void IkeDebugUdpSendRawPacket(IKE_PACKET *p);
BUF *IkeEncrypt(void *data, UINT size, IKE_CRYPTO_PARAM *cparam);
BUF *IkeEncryptWithPadding(void *data, UINT size, IKE_CRYPTO_PARAM *cparam);
BUF *IkeDecrypt(void *data, UINT size, IKE_CRYPTO_PARAM *cparam);
LIST *IkeParsePayloadList(void *data, UINT size, UCHAR first_payload);
LIST *IkeParsePayloadListEx(void *data, UINT size, UCHAR first_payload, UINT *total_read_size);
void IkeFreePayloadList(LIST *o);
UINT IkeGetPayloadNum(LIST *o, UINT payload_type);
IKE_PACKET_PAYLOAD *IkeGetPayload(LIST *o, UINT payload_type, UINT index);
IKE_PACKET_PAYLOAD *IkeParsePayload(UINT payload_type, BUF *b);
void IkeFreePayload(IKE_PACKET_PAYLOAD *p);
bool IkeParseDataPayload(IKE_PACKET_DATA_PAYLOAD *t, BUF *b);
void IkeFreeDataPayload(IKE_PACKET_DATA_PAYLOAD *t);
bool IkeParseSaPayload(IKE_PACKET_SA_PAYLOAD *t, BUF *b);
void IkeFreeSaPayload(IKE_PACKET_SA_PAYLOAD *t);
bool IkeParseProposalPayload(IKE_PACKET_PROPOSAL_PAYLOAD *t, BUF *b);
void IkeFreeProposalPayload(IKE_PACKET_PROPOSAL_PAYLOAD *t);
bool IkeParseTransformPayload(IKE_PACKET_TRANSFORM_PAYLOAD *t, BUF *b);
void IkeFreeTransformPayload(IKE_PACKET_TRANSFORM_PAYLOAD *t);
LIST *IkeParseTransformValueList(BUF *b);
void IkeFreeTransformValueList(LIST *o);
bool IkeParseIdPayload(IKE_PACKET_ID_PAYLOAD *t, BUF *b);
void IkeFreeIdPayload(IKE_PACKET_ID_PAYLOAD *t);
bool IkeParseCertPayload(IKE_PACKET_CERT_PAYLOAD *t, BUF *b);
void IkeFreeCertPayload(IKE_PACKET_CERT_PAYLOAD *t);
bool IkeParseCertRequestPayload(IKE_PACKET_CERT_REQUEST_PAYLOAD *t, BUF *b);
void IkeFreeCertRequestPayload(IKE_PACKET_CERT_REQUEST_PAYLOAD *t);
bool IkeParseNoticePayload(IKE_PACKET_NOTICE_PAYLOAD *t, BUF *b);
void IkeFreeNoticePayload(IKE_PACKET_NOTICE_PAYLOAD *t);
bool IkeParseDeletePayload(IKE_PACKET_DELETE_PAYLOAD *t, BUF *b);
void IkeFreeDeletePayload(IKE_PACKET_DELETE_PAYLOAD *t);
bool IkeParseNatOaPayload(IKE_PACKET_NAT_OA_PAYLOAD *t, BUF *b);
bool IkeCompareHash(IKE_PACKET_PAYLOAD *hash_payload, void *hash_data, UINT hash_size);
IKE_PACKET_PAYLOAD *IkeNewPayload(UINT payload_type);
IKE_PACKET_PAYLOAD *IkeNewDataPayload(UCHAR payload_type, void *data, UINT size);
IKE_PACKET_PAYLOAD *IkeNewNatOaPayload(UCHAR payload_type, IP *ip);
IKE_PACKET_PAYLOAD *IkeNewSaPayload(LIST *payload_list);
IKE_PACKET_PAYLOAD *IkeNewProposalPayload(UCHAR number, UCHAR protocol_id, void *spi, UINT spi_size, LIST *payload_list);
IKE_PACKET_PAYLOAD *IkeNewTransformPayload(UCHAR number, UCHAR transform_id, LIST *value_list);
IKE_PACKET_TRANSFORM_VALUE *IkeNewTransformValue(UCHAR type, UINT value);
IKE_PACKET_PAYLOAD *IkeNewIdPayload(UCHAR id_type, UCHAR protocol_id, USHORT port, void *id_data, UINT id_size);
IKE_PACKET_PAYLOAD *IkeNewCertPayload(UCHAR cert_type, void *cert_data, UINT cert_size);
IKE_PACKET_PAYLOAD *IkeNewCertRequestPayload(UCHAR cert_type, void *data, UINT size);
IKE_PACKET_PAYLOAD *IkeNewNoticePayload(UCHAR protocol_id, USHORT message_type,
void *spi, UINT spi_size,
void *message, UINT message_size);
IKE_PACKET_PAYLOAD *IkeNewDeletePayload(UCHAR protocol_id, LIST *spi_list);
IKE_PACKET_PAYLOAD *IkeNewNoticeErrorInvalidCookiePayload(UINT64 init_cookie, UINT64 resp_cookie);
IKE_PACKET_PAYLOAD *IkeNewNoticeErrorInvalidExchangeTypePayload(UINT64 init_cookie, UINT64 resp_cookie, UCHAR exchange_type);
IKE_PACKET_PAYLOAD *IkeNewNoticeErrorInvalidSpiPayload(UINT spi);
IKE_PACKET_PAYLOAD *IkeNewNoticeErrorNoProposalChosenPayload(bool quick_mode, UINT64 init_cookie, UINT64 resp_cookie);
IKE_PACKET_PAYLOAD *IkeNewNoticeDpdPayload(bool ack, UINT64 init_cookie, UINT64 resp_cookie, UINT seq_no);
UCHAR IkeGetFirstPayloadType(LIST *o);
BUF *IkeBuild(IKE_PACKET *p, IKE_CRYPTO_PARAM *cparam);
BUF *IkeBuildEx(IKE_PACKET *p, IKE_CRYPTO_PARAM *cparam, bool use_original_decrypted);
BUF *IkeBuildPayloadList(LIST *o);
BUF *IkeBuildPayload(IKE_PACKET_PAYLOAD *p);
BUF *IkeBuildDataPayload(IKE_PACKET_DATA_PAYLOAD *t);
BUF *IkeBuildSaPayload(IKE_PACKET_SA_PAYLOAD *t);
BUF *IkeBuildProposalPayload(IKE_PACKET_PROPOSAL_PAYLOAD *t);
BUF *IkeBuildTransformPayload(IKE_PACKET_TRANSFORM_PAYLOAD *t);
BUF *IkeBuildTransformValue(IKE_PACKET_TRANSFORM_VALUE *v);
BUF *IkeBuildTransformValueList(LIST *o);
BUF *IkeBuildIdPayload(IKE_PACKET_ID_PAYLOAD *t);
BUF *IkeBuildCertPayload(IKE_PACKET_CERT_PAYLOAD *t);
BUF *IkeBuildCertRequestPayload(IKE_PACKET_CERT_REQUEST_PAYLOAD *t);
BUF *IkeBuildNoticePayload(IKE_PACKET_NOTICE_PAYLOAD *t);
BUF *IkeBuildDeletePayload(IKE_PACKET_DELETE_PAYLOAD *t);
BUF *IkeBuildTransformPayload(IKE_PACKET_TRANSFORM_PAYLOAD *t);
UINT IkeGetTransformValue(IKE_PACKET_TRANSFORM_PAYLOAD *t, UINT type, UINT index);
UINT IkeGetTransformValueNum(IKE_PACKET_TRANSFORM_PAYLOAD *t, UINT type);
UCHAR IkeStrToPhase1CryptId(char *name);
UCHAR IkeStrToPhase1HashId(char *name);
UCHAR IkeStrToPhase2CryptId(char *name);
UCHAR IkeStrToPhase2HashId(char *name);
BUF *IkeStrToPassword(char *str);
UINT IkePhase1CryptIdToKeySize(UCHAR id);
UINT IkePhase2CryptIdToKeySize(UCHAR id);
UINT IkeNewSpi();
IKE_ENGINE *NewIkeEngine();
IKE_CRYPTO *NewIkeCrypto(IKE_ENGINE *e, UINT crypto_id, char *name, UINT *key_sizes, UINT num_key_sizes, UINT block_size);
IKE_HASH *NewIkeHash(IKE_ENGINE *e, UINT hash_id, char *name, UINT size);
IKE_DH *NewIkeDh(IKE_ENGINE *e, UINT dh_id, char *name, UINT key_size);
void FreeIkeEngine(IKE_ENGINE *e);
void FreeIkeCrypto(IKE_CRYPTO *c);
void FreeIkeHash(IKE_HASH *h);
void FreeIkeDh(IKE_DH *d);
IKE_CRYPTO *GetIkeCrypto(IKE_ENGINE *e, bool for_esp, UINT i);
IKE_HASH *GetIkeHash(IKE_ENGINE *e, bool for_esp, UINT i);
IKE_DH *GetIkeDh(IKE_ENGINE *e, bool for_esp, UINT i);
void IkeHash(IKE_HASH *h, void *dst, void *src, UINT size);
void IkeHMac(IKE_HASH *h, void *dst, void *key, UINT key_size, void *data, UINT data_size);
void IkeHMacBuf(IKE_HASH *h, void *dst, BUF *key, BUF *data);
IKE_CRYPTO_KEY *IkeNewKey(IKE_CRYPTO *c, void *data, UINT size);
bool IkeCheckKeySize(IKE_CRYPTO *c, UINT size);
void IkeFreeKey(IKE_CRYPTO_KEY *k);
void IkeCryptoEncrypt(IKE_CRYPTO_KEY *k, void *dst, void *src, UINT size, void *ivec);
void IkeCryptoDecrypt(IKE_CRYPTO_KEY *k, void *dst, void *src, UINT size, void *ivec);
DH_CTX *IkeDhNewCtx(IKE_DH *d);
void IkeDhFreeCtx(DH_CTX *dh);
#endif // IPSEC_PACKET_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/IPsec_L2TP.c
+2498
View File
File diff suppressed because it is too large Load Diff
src/Cedar/IPsec_L2TP.h
+347
View File
@@ -0,0 +1,347 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// IPsec_L2TP.h
// Header of IPsec_L2TP.c
#ifndef IPSEC_L2TP_H
#define IPSEC_L2TP_H
//// Macro
// Check the sequence number
#define L2TP_SEQ_LT(a, b) (((USHORT)(((USHORT)(a)) - ((USHORT)(b)))) & 0x8000)
#define L2TP_SEQ_EQ(a, b) ((USHORT)(a) == (USHORT)(b))
//// Constants
// Client string
#define L2TP_IPC_CLIENT_NAME_TAG "L2TP VPN Client - %s"
#define L2TP_IPC_CLIENT_NAME_NO_TAG "L2TP VPN Client"
#define L2TP_IPC_POSTFIX "L2TP"
// L2TP vendor name
#define L2TP_VENDOR_NAME "L2TP"
// L2TP packet retransmission interval
#define L2TP_PACKET_RESEND_INTERVAL 500
// Timeout for L2TP tunnel disconnecting completion
#define L2TP_TUNNEL_DISCONNECT_TIMEOUT 3000
// Timeout for L2TP session disconnection completion
#define L2TP_SESSION_DISCONNECT_TIMEOUT 3000
// Time-out interval of L2TP tunnel
#define L2TP_TUNNEL_TIMEOUT (60 * 1000)
// Transmission interval of L2TP Hello
#define L2TP_HELLO_INTERVAL (8801)
// Threshold number of registered items in the transmission queue for suppressing the L2TP Hello transmission
#define L2TP_HELLO_SUPRESS_MAX_THRETHORD_NUM_SEND_QUEUE 32
// L2TP window size
#define L2TP_WINDOW_SIZE 16
// L2TP packet header bit mask
#define L2TP_HEADER_BIT_TYPE 0x80 // Type
#define L2TP_HEADER_BIT_LENGTH 0x40 // Length
#define L2TP_HEADER_BIT_SEQUENCE 0x08 // Sequence
#define L2TP_HEADER_BIT_OFFSET 0x02 // Offset
#define L2TP_HEADER_BIT_PRIORITY 0x01 // Priority
#define L2TP_HEADER_BIT_VER 0x0F // Version
// L2TP AVP header bit mask
#define L2TP_AVP_BIT_MANDATORY 0x80 // Mandatory
#define L2TP_AVP_BIT_HIDDEN 0x40 // Hidden
#define L2TP_AVP_LENGTH 0x3FF // Length
// AVP value
#define L2TP_AVP_TYPE_MESSAGE_TYPE 0 // Message Type
#define L2TP_AVP_TYPE_RESULT_CODE 1 // Result Code
#define L2TP_AVP_TYPE_PROTOCOL_VERSION 2 // Protocol Version
#define L2TP_AVP_TYPE_FRAME_CAP 3 // Framing Capabilities
#define L2TP_AVP_TYPE_BEARER_CAP 4 // Bearer Capabilities
#define L2TP_AVP_TYPE_TIE_BREAKER 5 // Tie Breaker
#define L2TP_AVP_TYPE_HOST_NAME 7 // Host Name
#define L2TP_AVP_TYPE_VENDOR_NAME 8 // Vendor Name
#define L2TP_AVP_TYPE_ASSIGNED_TUNNEL 9 // Assigned Tunnel
#define L2TP_AVP_TYPE_RECV_WINDOW_SIZE 10 // Receive Window Size
#define L2TP_AVP_TYPE_ASSIGNED_SESSION 14 // Assigned Session ID
#define L2TP_AVP_TYPE_CALL_SERIAL 15 // Call Serial Number
#define L2TP_AVP_TYPE_PPP_DISCONNECT_CAUSE 46 // PPP Disconnect Cause Code
#define L2TP_AVP_TYPE_V3_ROUTER_ID 60 // Router ID
#define L2TP_AVP_TYPE_V3_TUNNEL_ID 61 // Assigned Control Connection ID
#define L2TP_AVP_TYPE_V3_PW_CAP_LIST 62 // Pseudowire Capabilities List
#define L2TP_AVP_TYPE_V3_SESSION_ID_LOCAL 63 // Local Session ID
#define L2TP_AVP_TYPE_V3_SESSION_ID_REMOTE 64 // Remote Session ID
#define L2TP_AVP_TYPE_V3_PW_TYPE 68 // Pseudowire Type
// Message Type value
#define L2TP_MESSAGE_TYPE_SCCRQ 1 // Start-Control-Connection-Request
#define L2TP_MESSAGE_TYPE_SCCRP 2 // Start-Control-Connection-Reply
#define L2TP_MESSAGE_TYPE_SCCCN 3 // Start-Control-Connection-Connected
#define L2TP_MESSAGE_TYPE_STOPCCN 4 // Stop-Control-Connection-Notification
#define L2TP_MESSAGE_TYPE_HELLO 6 // Hello
#define L2TP_MESSAGE_TYPE_ICRQ 10 // Incoming-Call-Request
#define L2TP_MESSAGE_TYPE_ICRP 11 // Incoming-Call-Reply
#define L2TP_MESSAGE_TYPE_ICCN 12 // Incoming-Call-Connected
#define L2TP_MESSAGE_TYPE_CDN 14 // Call-Disconnect-Notify
// Type of L2TPv3 virtual network
#define L2TPV3_PW_TYPE_ETHERNET 5 // Ethernet
#define L2TPV3_PW_TYPE_ETHERNET_VLAN 4 // Ethernet VLAN
// L2TPv3 vendor unique value
#define L2TP_AVP_VENDOR_ID_CISCO 9 // Cisco Systems
#define L2TPV3_CISCO_AVP_TUNNEL_ID 1 // Assigned Connection ID
#define L2TPV3_CISCO_AVP_PW_CAP_LIST 2 // Pseudowire Capabilities List
#define L2TPV3_CISCO_AVP_SESSION_ID_LOCAL 3 // Local Session ID
#define L2TPV3_CISCO_AVP_SESSION_ID_REMOTE 4 // Remote Session ID
#define L2TPV3_CISCO_AVP_PW_TYPE 7 // Pseudowire Type
#define L2TPV3_CISCO_AVP_DRAFT_AVP_VERSION 10 // Draft AVP Version
//// Types
// L2TP queue
struct L2TP_QUEUE
{
BUF *Buf; // Data
USHORT Ns; // Sequence number
UINT64 NextSendTick; // Scheduled time to be sent next
L2TP_PACKET *L2TPPacket; // L2TP packet data
};
// L2TP AVP value
struct L2TP_AVP
{
bool Mandatory; // Force bit
UINT Length; // Overall length
USHORT VendorID; // Vendor ID
USHORT Type; // Type
UINT DataSize; // Data size
void *Data; // Data body
};
// L2TP packet
struct L2TP_PACKET
{
bool IsControl; // Whether it's a control message
bool HasLength; // Whether there is length bit
bool HasSequence; // Whether there is sequence bit
bool HasOffset; // Whether there is offset bit
bool IsPriority; // Whether priority packet
bool IsZLB; // Zero Length Bit
UINT Ver; // Version
UINT Length; // Length
UINT TunnelId; // Tunnel ID
UINT SessionId; // Session ID
USHORT Ns, Nr; // Sequence number
UINT OffsetSize; // Offset size
UINT DataSize; // Data size
void *Data; // Data body
LIST *AvpList; // AVP list
UINT MessageType; // Message type
};
// L2TP session
struct L2TP_SESSION
{
L2TP_TUNNEL *Tunnel; // Parent L2TP tunnel
bool IsV3; // L2TPv3
bool IsCiscoV3; // L2TPv3 for Cisco
UINT SessionId1; // Session ID (server -> client direction)
UINT SessionId2; // Session ID (client -> server direction)
bool Established; // Established
bool WantToDisconnect; // Whether to want to disconnect
bool Disconnecting; // Whether disconnected
UINT64 DisconnectTimeout; // Disconnection completion time-out
bool HasThread; // Whether have a thread
THREAD *Thread; // Thread
TUBE *TubeSend; // Tube of PPP to L2TP direction
TUBE *TubeRecv; // Tube of L2TP to PPP direction
UINT PseudowireType; // Type of L2TPv3 virtual line
ETHERIP_SERVER *EtherIP; // EtherIP server
};
// L2TP tunnel
struct L2TP_TUNNEL
{
bool IsV3; // L2TPv3
bool IsCiscoV3; // L2TPv3 for Cisco
IP ClientIp; // Client IP address
UINT ClientPort; // Client port number
IP ServerIp; // Server IP address
UINT ServerPort; // Server port number
UINT TunnelId1; // Tunnel ID (server -> client direction)
UINT TunnelId2; // Tunnel ID (client -> server direction)
char HostName[MAX_SIZE]; // Destination host name
char VendorName[MAX_SIZE]; // Destination vendor name
LIST *SessionList; // L2TP session list
LIST *SendQueue; // Transmission queue
LIST *RecvQueue; // Reception queue
USHORT NextNs; // Value of Ns of the packet to be sent next
USHORT LastNr; // Value of NR received in the last
bool Established; // Whether the tunnel is established
bool StateChanged; // Whether the state have changed
bool WantToDisconnect; // Whether to want to disconnect
bool Disconnecting; // Whether disconnected
UINT64 DisconnectTimeout; // Disconnection completion time-out
UINT64 LastRecvTick; // Time which the data has been received at last
bool Timedout; // Whether the time-out
UINT64 LastHelloSent; // Time which the data has been sent at last
};
// L2TP server
struct L2TP_SERVER
{
CEDAR *Cedar;
UINT64 Now; // Current time
LIST *SendPacketList; // Transmission packet
LIST *TunnelList; // Tunnel list
INTERRUPT_MANAGER *Interrupts; // Interrupt manager
SOCK_EVENT *SockEvent; // SockEvent
bool Halt; // Start the shutdown
bool Halting; // During shutdown
bool HaltCompleted; // Shutdown is complete
EVENT *HaltCompletedEvent; // Stopping completion event
LIST *ThreadList; // Thread list
char CryptName[MAX_SIZE]; // Cipher algorithm name
IKE_SERVER *IkeServer; // IKE server (Only if associated)
IKE_CLIENT *IkeClient; // IKE client (Only if associated)
bool IsIPsecIPv6; // Whether it's IPv6
UINT CryptBlockSize; // Cipher block size of the upper layer
TUBE_FLUSH_LIST *FlushList; // Tube Flush List
};
//// Function prototype
L2TP_SERVER *NewL2TPServer(CEDAR *cedar);
L2TP_SERVER *NewL2TPServerEx(CEDAR *cedar, IKE_SERVER *ike, bool is_ipv6, UINT crypt_block_size);
void SetL2TPServerSockEvent(L2TP_SERVER *l2tp, SOCK_EVENT *e);
void FreeL2TPServer(L2TP_SERVER *l2tp);
void StopL2TPServer(L2TP_SERVER *l2tp, bool no_wait);
void ProcL2TPPacketRecv(L2TP_SERVER *l2tp, UDPPACKET *p);
L2TP_PACKET *ParseL2TPPacket(UDPPACKET *p);
BUF *BuildL2TPPacketData(L2TP_PACKET *pp);
L2TP_AVP *GetAVPValue(L2TP_PACKET *p, UINT type);
L2TP_AVP *GetAVPValueEx(L2TP_PACKET *p, UINT type, UINT vendor_id);
L2TP_TUNNEL *NewL2TPTunnel(L2TP_SERVER *l2tp, L2TP_PACKET *p, UDPPACKET *udp);
UINT GenerateNewTunnelId(L2TP_SERVER *l2tp, IP *client_ip);
UINT GenerateNewTunnelIdEx(L2TP_SERVER *l2tp, IP *client_ip, bool is_32bit);
void FreeL2TPTunnel(L2TP_TUNNEL *t);
L2TP_TUNNEL *GetTunnelFromId(L2TP_SERVER *l2tp, IP *client_ip, UINT tunnel_id, bool is_v3);
L2TP_TUNNEL *GetTunnelFromIdOfAssignedByClient(L2TP_SERVER *l2tp, IP *client_ip, UINT tunnel_id);
void SendL2TPControlPacket(L2TP_SERVER *l2tp, L2TP_TUNNEL *t, UINT session_id, L2TP_PACKET *p);
void SendL2TPControlPacketMain(L2TP_SERVER *l2tp, L2TP_TUNNEL *t, L2TP_QUEUE *q);
void SendL2TPDataPacket(L2TP_SERVER *l2tp, L2TP_TUNNEL *t, L2TP_SESSION *s, void *data, UINT size);
void FreeL2TPQueue(L2TP_QUEUE *q);
void L2TPAddInterrupt(L2TP_SERVER *l2tp, UINT64 next_tick);
void L2TPSendUDP(L2TP_SERVER *l2tp, UDPPACKET *p);
void L2TPProcessInterrupts(L2TP_SERVER *l2tp);
L2TP_PACKET *NewL2TPControlPacket(UINT message_type, bool is_v3);
L2TP_AVP *NewAVP(USHORT type, bool mandatory, USHORT vendor_id, void *data, UINT data_size);
int CmpL2TPQueueForRecv(void *p1, void *p2);
void L2TPProcessRecvControlPacket(L2TP_SERVER *l2tp, L2TP_TUNNEL *t, L2TP_PACKET *p);
L2TP_SESSION *GetSessionFromId(L2TP_TUNNEL *t, UINT session_id);
L2TP_SESSION *GetSessionFromIdAssignedByClient(L2TP_TUNNEL *t, UINT session_id);
L2TP_SESSION *NewL2TPSession(L2TP_SERVER *l2tp, L2TP_TUNNEL *t, UINT session_id_by_client);
UINT GenerateNewSessionId(L2TP_TUNNEL *t);
UINT GenerateNewSessionIdEx(L2TP_TUNNEL *t, bool is_32bit);
void FreeL2TPSession(L2TP_SESSION *s);
void DisconnectL2TPSession(L2TP_TUNNEL *t, L2TP_SESSION *s);
void DisconnectL2TPTunnel(L2TP_TUNNEL *t);
void StartL2TPThread(L2TP_SERVER *l2tp, L2TP_TUNNEL *t, L2TP_SESSION *s);
void StopL2TPThread(L2TP_SERVER *l2tp, L2TP_TUNNEL *t, L2TP_SESSION *s);
UINT CalcL2TPMss(L2TP_SERVER *l2tp, L2TP_TUNNEL *t, L2TP_SESSION *s);
UINT GenerateNewSessionIdForL2TPv3(L2TP_SERVER *l2tp);
L2TP_SESSION *SearchL2TPSessionById(L2TP_SERVER *l2tp, bool is_v3, UINT id);
void L2TPSessionManageEtherIPServer(L2TP_SERVER *l2tp, L2TP_SESSION *s);
#endif // IPSEC_L2TP_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/IPsec_PPP.c
+2689
View File
File diff suppressed because it is too large Load Diff
src/Cedar/IPsec_PPP.h
+311
View File
@@ -0,0 +1,311 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// IPsec_PPP.h
// Header of IPsec_PPP.c
#ifndef IPSEC_PPP_H
#define IPSEC_PPP_H
//// Macro
#define PPP_LCP_CODE_IS_NEGATIVE(c) ((c) == PPP_LCP_CODE_NAK || (c) == PPP_LCP_CODE_REJECT || (c) == PPP_LCP_CODE_CODE_REJECT || (c) == PPP_LCP_CODE_PROTOCOL_REJECT)
#define PPP_LCP_CODE_IS_REQUEST(c) ((c) == PPP_LCP_CODE_REQ)
#define PPP_LCP_CODE_IS_RESPONSE(c) ((c) == PPP_LCP_CODE_ACK || (c) == PPP_LCP_CODE_NAK || (c) == PPP_LCP_CODE_REJECT || (c) == PPP_LCP_CODE_PROTOCOL_REJECT)
#define PPP_LCP_CODE_IS_WITH_OPTION_LIST(c) ((c) == PPP_LCP_CODE_REQ || (c) == PPP_LCP_CODE_ACK || (c) == PPP_LCP_CODE_NAK)
#define PPP_PAP_CODE_IS_REQUEST(c) ((c) == PPP_PAP_CODE_REQ)
#define PPP_PAP_CODE_IS_RESPONSE(c) ((c) == PPP_PAP_CODE_ACK || (c) == PPP_PAP_CODE_NAK)
#define PPP_CODE_IS_RESPONSE(protocol, c) ((((protocol) == PPP_PROTOCOL_LCP || (protocol) == PPP_PROTOCOL_IPCP) && PPP_LCP_CODE_IS_RESPONSE(c)) || (((protocol) == PPP_PROTOCOL_PAP) && PPP_PAP_CODE_IS_RESPONSE(c)))
#define PPP_CODE_IS_REQUEST(protocol, c) ((((protocol) == PPP_PROTOCOL_LCP || (protocol) == PPP_PROTOCOL_IPCP) && PPP_LCP_CODE_IS_REQUEST(c)) || (((protocol) == PPP_PROTOCOL_PAP) && PPP_PAP_CODE_IS_REQUEST(c)) || ((protocol) == PPP_PROTOCOL_CHAP))
#define PPP_CODE_IS_WITH_OPTION_LIST(protocol, c) ((((protocol) == PPP_PROTOCOL_LCP || (protocol) == PPP_PROTOCOL_IPCP) && PPP_LCP_CODE_IS_WITH_OPTION_LIST(c)) || false)
#define PPP_IS_SUPPORTED_PROTOCOL(p) ((p) == PPP_PROTOCOL_LCP || (p) == PPP_PROTOCOL_PAP || (p) == PPP_PROTOCOL_CHAP || (p) == PPP_PROTOCOL_IPCP || (p) == PPP_PROTOCOL_IP)
//// Constants
// Time-out value
#define PPP_PACKET_RECV_TIMEOUT 10000 // Timeout until the next packet is received
#define PPP_PACKET_RESEND_INTERVAL 1000 // Retransmission interval of the last packet
#define PPP_TERMINATE_TIMEOUT 2000 // Timeout value to complete disconnection after requesting to disconnect in the PPP
#define PPP_ECHO_SEND_INTERVAL 4792 // Transmission interval of PPP Echo Request
#define PPP_DATA_TIMEOUT (20 * 1000) // Communication time-out
// MRU
#define PPP_MRU_DEFAULT 1500 // Default value
#define PPP_MRU_MIN 100 // Minimum value
#define PPP_MRU_MAX 1500 // Maximum value
// PPP protocol (for control)
#define PPP_PROTOCOL_LCP 0xc021
#define PPP_PROTOCOL_PAP 0xc023
#define PPP_PROTOCOL_IPCP 0x8021
#define PPP_PROTOCOL_CHAP 0xc223
// PPP protocol (for transfer)
#define PPP_PROTOCOL_IP 0x0021
// LCP code
#define PPP_LCP_CODE_REQ 1
#define PPP_LCP_CODE_ACK 2
#define PPP_LCP_CODE_NAK 3
#define PPP_LCP_CODE_REJECT 4
#define PPP_LCP_CODE_TERMINATE_REQ 5
#define PPP_LCP_CODE_TERMINATE_ACK 6
#define PPP_LCP_CODE_CODE_REJECT 7
#define PPP_LCP_CODE_PROTOCOL_REJECT 8
#define PPP_LCP_CODE_ECHO_REQUEST 9
#define PPP_LCP_CODE_ECHO_RESPONSE 10
#define PPP_LCP_CODE_DROP 11
#define PPP_LCP_CODE_IDENTIFICATION 12
// PAP Code
#define PPP_PAP_CODE_REQ 1
#define PPP_PAP_CODE_ACK 2
#define PPP_PAP_CODE_NAK 3
// CHAP code
#define PPP_CHAP_CODE_CHALLENGE 1
#define PPP_CHAP_CODE_RESPONSE 2
#define PPP_CHAP_CODE_SUCCESS 3
#define PPP_CHAP_CODE_FAILURE 4
// LCP Option Type
#define PPP_LCP_OPTION_MRU 1
#define PPP_LCP_OPTION_AUTH 3
// IPCP option type
#define PPP_IPCP_OPTION_IP 3
#define PPP_IPCP_OPTION_DNS1 129
#define PPP_IPCP_OPTION_DNS2 131
#define PPP_IPCP_OPTION_WINS1 130
#define PPP_IPCP_OPTION_WINS2 132
// Authentication protocol
#define PPP_LCP_AUTH_PAP PPP_PROTOCOL_PAP
#define PPP_LCP_AUTH_CHAP PPP_PROTOCOL_CHAP
// Algorithm of CHAP
#define PPP_CHAP_ALG_MS_CHAP_V2 0x81
//// Type
// IP options used in the PPP
struct PPP_IPOPTION
{
IP IpAddress; // IP address
IP DnsServer1, DnsServer2; // DNS server address
IP WinsServer1, WinsServer2; // WINS server address
};
// PPP packet
struct PPP_PACKET
{
USHORT Protocol; // Protocol
bool IsControl; // Whether or not the control packet
PPP_LCP *Lcp; // LCP packet data
UINT DataSize; // Data size
void *Data; // Data body
};
// PPP LCP packet
struct PPP_LCP
{
UCHAR Code; // Code
UCHAR Id; // ID
UCHAR MagicNumber[4]; // Magic number
LIST *OptionList; // PPP options list
void *Data; // Data
UINT DataSize; // Data size
};
// PPP Options
struct PPP_OPTION
{
UCHAR Type; // Type of option
UINT DataSize; // Data size
UCHAR Data[254]; // Data
bool IsSupported; // Flag of whether it is supported
bool IsAccepted; // Flag for whether accepted
UCHAR AltData[254]; // Alternate data when it isn't accepted
UINT AltDataSize; // Alternate data size
};
// PPP session
struct PPP_SESSION
{
CEDAR *Cedar; // Cedar
IP ClientIP; // Client IP address
UINT ClientPort; // Client port
IP ServerIP; // Server IP address
UINT ServerPort; // Server port
TUBE *TubeSend; // Sending tube
TUBE *TubeRecv; // Receiving tube
UCHAR NextId; // ID to be used next
UINT Mru1; // MRU (server -> client)
UINT Mru2; // MRU (client -> server)
LIST *RecvPacketList; // Received packet list
PPP_PACKET *LastStoredPacket; // Packet that is stored at the last
bool IsTerminateReceived; // Whether a Terminate has been received
UINT DisconnectCauseCode; // L2TP disconnect cause code
UINT DisconnectCauseDirection; // L2TP disconnect cause direction code
IPC *Ipc; // IPC
bool ClientLCPOptionDetermined; // LCP option from the client has been determined
char Postfix[MAX_SIZE]; // Postfix of the session name
char ClientHostname[MAX_SIZE]; // Client host name
char ClientSoftwareName[MAX_SIZE]; // Client software name
UINT64 NextEchoSendTime; // Time to send Echo Request next
UINT64 LastRecvTime; // Time which the data has been received last
DHCP_OPTION_LIST ClientAddressOption; // Client address option
bool DhcpIpAllocTried; // Whether the request for an IP address is already attempted by DHCP
bool DhcpIpInformTried; // Whether the acquirement for an IP information is already attempted by DHCP
bool DhcpAllocated; // IP address is assigned by DHCP
bool UseStaticIPAddress; // Use a static IP address that is specified by the client
UINT64 DhcpRenewInterval; // DHCP update interval
UINT64 DhcpNextRenewTime; // DHCP renewal time of the next
char CryptName[MAX_SIZE]; // Cipher algorithm name
UINT AdjustMss; // MSS value
TUBE_FLUSH_LIST *FlushList; // Tube Flush List
bool EnableMSCHAPv2; // Enable the MS-CHAP v2
USHORT AuthProtocol; // Authentication protocol
bool AuthOk; // Flag for whether the authentication was successful
UCHAR MsChapV2_ServerChallenge[16]; // MS-CHAPv2 Server Challenge
UCHAR MsChapV2_ClientChallenge[16]; // MS-CHAPv2 Client Challenge
UCHAR MsChapV2_ClientResponse[24]; // MS-CHAPv2 Client Response
UCHAR MsChapV2_ServerResponse[20]; // MS-CHAPv2 Server Response
UINT MsChapV2_ErrorCode; // Authentication failure error code of MS-CHAPv2
};
// Function prototype
THREAD *NewPPPSession(CEDAR *cedar, IP *client_ip, UINT client_port, IP *server_ip, UINT server_port, TUBE *send_tube, TUBE *recv_tube, char *postfix, char *client_software_name, char *client_hostname, char *crypt_name, UINT adjust_mss);
void PPPThread(THREAD *thread, void *param);
void FreePPPSession(PPP_SESSION *p);
void FreePPPOptionList(LIST *o);
void FreePPPLCP(PPP_LCP *c);
PPP_LCP *NewPPPLCP(UCHAR code, UCHAR id);
PPP_LCP *ParseLCP(USHORT protocol, void *data, UINT size);
BUF *BuildLCPData(PPP_LCP *c);
PPP_OPTION *GetOptionValue(PPP_LCP *c, UCHAR type);
PPP_PACKET *ParsePPPPacket(void *data, UINT size);
void FreePPPPacket(PPP_PACKET *pp);
void FreePPPPacketEx(PPP_PACKET *pp, bool no_free_struct);
BUF *BuildPPPPacketData(PPP_PACKET *pp);
PPP_OPTION *NewPPPOption(UCHAR type, void *data, UINT size);
bool PPPSendPacket(PPP_SESSION *p, PPP_PACKET *pp);
bool PPPSendPacketEx(PPP_SESSION *p, PPP_PACKET *pp, bool no_flush);
PPP_PACKET *PPPRecvPacket(PPP_SESSION *p, bool async);
PPP_PACKET *PPPRecvPacketWithLowLayerProcessing(PPP_SESSION *p, bool async);
PPP_PACKET *PPPRecvPacketForCommunication(PPP_SESSION *p);
void PPPStoreLastPacket(PPP_SESSION *p, PPP_PACKET *pp);
void PPPCleanTerminate(PPP_SESSION *p);
bool PPPGetIPOptionFromLCP(PPP_IPOPTION *o, PPP_LCP *c);
bool PPPSetIPOptionToLCP(PPP_IPOPTION *o, PPP_LCP *c, bool only_modify);
bool PPPGetIPAddressValueFromLCP(PPP_LCP *c, UINT type, IP *ip);
bool PPPSetIPAddressValueToLCP(PPP_LCP *c, UINT type, IP *ip, bool only_modify);
bool PPPSendRequest(PPP_SESSION *p, USHORT protocol, PPP_LCP *c);
USHORT PPPContinueCurrentProtocolRequestListening(PPP_SESSION *p, USHORT protocol);
bool PPPContinueUntilFinishAllLCPOptionRequestsDetermined(PPP_SESSION *p);
PPP_PACKET *PPPRecvResponsePacket(PPP_SESSION *p, PPP_PACKET *req, USHORT expected_protocol, USHORT *received_protocol, bool finish_when_all_lcp_acked);
PPP_PACKET *PPPProcessRequestPacket(PPP_SESSION *p, PPP_PACKET *req);
void PPPSendEchoRequest(PPP_SESSION *p);
bool PPPParseUsername(CEDAR *cedar, char *src, ETHERIP_ID *dst);
bool IsHubExistsWithLock(CEDAR *cedar, char *hubname);
void GenerateNtPasswordHash(UCHAR *dst, char *password);
void GenerateNtPasswordHashHash(UCHAR *dst_hash, UCHAR *src_hash);
void MsChapV2Server_GenerateChallenge(UCHAR *dst);
void MsChapV2Client_GenerateChallenge(UCHAR *dst);
void MsChapV2_GenerateChallenge8(UCHAR *dst, UCHAR *client_challenge, UCHAR *server_challenge, char *username);
void MsChapV2Client_GenerateResponse(UCHAR *dst, UCHAR *challenge8, UCHAR *nt_password_hash);
void MsChapV2Server_GenerateResponse(UCHAR *dst, UCHAR *nt_password_hash_hash, UCHAR *client_response, UCHAR *challenge8);
bool MsChapV2VerityPassword(IPC_MSCHAP_V2_AUTHINFO *d, char *password);
char *MsChapV2DoBruteForce(IPC_MSCHAP_V2_AUTHINFO *d, LIST *password_list);
#endif // IPSEC_PPP_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/IPsec_Win7.c
+530
View File
@@ -0,0 +1,530 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// IPsec_Win7.c
// Initialize the helper module for Windows 7 / Windows 8 / Windows Vista / Windows Server 2008 / Windows Server 2008 R2 / Windows Server 2012
#include <GlobalConst.h>
#ifdef WIN32
#define _WIN32_WINNT 0x0600
#define WINVER 0x0600
#define INITGUID
#include <winsock2.h>
#include <Ws2tcpip.h>
#include <windows.h>
#include <wincrypt.h>
#include <wininet.h>
#include <shlobj.h>
#include <commctrl.h>
#include <Dbghelp.h>
#include <Fwpmu.h>
#include <Fwpmtypes.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <wchar.h>
#include <stdarg.h>
#include <time.h>
#include <errno.h>
#include <Mayaqua/Mayaqua.h>
#include <Cedar/Cedar.h>
#include "IPsec_Win7Inner.h"
#include <Wfp/Wfp.h>
static IPSEC_WIN7_FUNCTIONS *api = NULL;
static HINSTANCE hDll = NULL;
// Initialize the IPsec helper module for Windows 7
IPSEC_WIN7 *IPsecWin7Init()
{
IPSEC_WIN7 *w;
FWPM_SESSION0 session;
UINT ret;
FWPM_FILTER0 filter;
UINT64 weight = MAXUINT64;
Debug("IPsecWin7Init()\n");
if (MsIsVista() == false)
{
return NULL;
}
if (MsIsAdmin() == false)
{
return NULL;
}
if (IPsecWin7InitApi() == false)
{
return NULL;
}
// Driver Initialization
if (IPsecWin7InitDriver() == false)
{
return NULL;
}
// Open the WFP (Dynamic Session)
Zero(&session, sizeof(session));
session.flags = FWPM_SESSION_FLAG_DYNAMIC;
w = ZeroMalloc(sizeof(IPSEC_WIN7));
ret = api->FwpmEngineOpen0(NULL, RPC_C_AUTHN_DEFAULT, NULL, &session, &w->hEngine);
if (ret)
{
Debug("FwpmEngineOpen0 Failed.\n");
IPsecWin7Free(w);
return NULL;
}
// Create the Filter (IPv4)
Zero(&filter, sizeof(filter));
filter.flags = FWPM_FILTER_FLAG_PERMIT_IF_CALLOUT_UNREGISTERED;
filter.layerKey = FWPM_LAYER_INBOUND_IPPACKET_V4;
filter.weight.type = FWP_UINT64;
filter.weight.uint64 = &weight;
filter.action.type = FWP_ACTION_CALLOUT_UNKNOWN;
filter.action.calloutKey = GUID_WFP_CALLOUT_DRIVER_V4;
filter.displayData.name = IPSEC_WIN7_FILTER_TITLE_V4;
ret = api->FwpmFilterAdd0(w->hEngine, &filter, NULL, &w->FilterIPv4Id);
if (ret)
{
Debug("FwpmFilterAdd0 for IPv4 Failed: 0x%X\n", ret);
}
else
{
Debug("FwpmFilterAdd0 for IPv4 Ok.\n");
}
// Create the Filter (IPv6)
Zero(&filter, sizeof(filter));
filter.flags = FWPM_FILTER_FLAG_PERMIT_IF_CALLOUT_UNREGISTERED;
filter.layerKey = FWPM_LAYER_INBOUND_IPPACKET_V6;
filter.weight.type = FWP_UINT64;
filter.weight.uint64 = &weight;
filter.action.type = FWP_ACTION_CALLOUT_UNKNOWN;
filter.action.calloutKey = GUID_WFP_CALLOUT_DRIVER_V6;
filter.displayData.name = IPSEC_WIN7_FILTER_TITLE_V6;
ret = api->FwpmFilterAdd0(w->hEngine, &filter, NULL, &w->FilterIPv6Id);
if (ret)
{
Debug("FwpmFilterAdd0 for IPv6 Failed: 0x%X\n", ret);
}
else
{
Debug("FwpmFilterAdd0 for IPv6 Ok.\n");
}
// Open the device of the driver as a file
w->hDriverFile = CreateFileA(WFP_DEVICE_FILE_NAME, GENERIC_READ | GENERIC_WRITE,
FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL);
if (w->hDriverFile == NULL || w->hDriverFile == INVALID_HANDLE_VALUE)
{
Debug("CreateFileA(\"%s\") Failed.\n", WFP_DEVICE_FILE_NAME);
IPsecWin7Free(w);
return NULL;
}
IPsecWin7UpdateHostIPAddressList(w);
Debug("IPsecWin7Init() Ok.\n");
return w;
}
// Update the IP address list of the host
void IPsecWin7UpdateHostIPAddressList(IPSEC_WIN7 *w)
{
LIST *o;
UINT i;
BUF *buf;
UINT retsize;
// Validate arguments
if (w == NULL)
{
return;
}
o = GetHostIPAddressList();
if (o == NULL)
{
return;
}
buf = NewBuf();
for (i = 0;i < LIST_NUM(o);i++)
{
IP *ip = LIST_DATA(o, i);
WFP_LOCAL_IP a;
Zero(&a, sizeof(a));
// Exclude any IPs or localhost IP
if (IsZeroIP(ip) == false && IsLocalHostIP(ip) == false)
{
if (IsIP4(ip))
{
a.IpVersion = 4;
Copy(a.IpAddress.IPv4Address, ip->addr, 4);
}
else
{
a.IpVersion = 6;
Copy(a.IpAddress.IPv6Address, ip->ipv6_addr, 16);
}
WriteBuf(buf, &a, sizeof(WFP_LOCAL_IP));
}
}
if (WriteFile(w->hDriverFile, buf->Buf, buf->Size, &retsize, NULL) == false)
{
Debug("WriteFile to the driver failed. %u\n", GetLastError());
}
FreeHostIPAddressList(o);
FreeBuf(buf);
}
// Release the module
void IPsecWin7Free(IPSEC_WIN7 *w)
{
// Validate arguments
if (w == NULL)
{
return;
}
if (w->hEngine != NULL)
{
api->FwpmEngineClose0(w->hEngine);
}
if (w->hDriverFile != NULL && w->hDriverFile != INVALID_HANDLE_VALUE)
{
CloseHandle(w->hDriverFile);
}
Free(w);
}
// Initialize and start the driver
bool IPsecWin7InitDriver()
{
bool ret;
void *lock = MsInitGlobalLock("IPsecWin7InitDriver", false);
void *p = MsDisableWow64FileSystemRedirection();
MsGlobalLock(lock);
{
ret = IPsecWin7InitDriverInner();
}
MsGlobalUnlock(lock);
MsFreeGlobalLock(lock);
MsRestoreWow64FileSystemRedirection(p);
Debug("IPsecWin7InitDriver: %u\n", ret);
return ret;
}
bool IPsecWin7InitDriverInner()
{
char sys_filename[MAX_PATH];
bool install_driver = true;
HANDLE hEngine;
UINT ret;
FWPM_SESSION0 session;
UINT id;
FWPM_CALLOUT0 callout;
Format(sys_filename, sizeof(sys_filename), IPSEC_WIN7_DST_SYS, MsGetSystem32Dir());
if (IsFileExists(sys_filename) && MsIsServiceInstalled(IPSEC_WIN7_DRIVER_NAME))
{
if (GetCurrentIPsecWin7DriverBuild() >= CEDAR_BUILD)
{
// Not to install since the latest version has been already installed
install_driver = false;
}
}
if (install_driver)
{
char *src_filename = IPSEC_WIN7_SRC_SYS_X86;
if (MsIsX64())
{
src_filename = IPSEC_WIN7_SRC_SYS_X64;
}
// Copy the driver
if (FileCopy(src_filename, sys_filename) == false)
{
Debug("%s copy failed.\n", sys_filename);
return false;
}
Debug("%s copied.\n", sys_filename);
// Set the build number
SetCurrentIPsecWin7DriverBuild();
}
// Get whether the device drivers is already installed
if (MsIsServiceInstalled(IPSEC_WIN7_DRIVER_NAME) == false)
{
wchar_t sys_filename_w[MAX_PATH];
StrToUni(sys_filename_w, sizeof(sys_filename_w), sys_filename);
// Run a new installation
if (MsInstallDeviceDriverW(IPSEC_WIN7_DRIVER_NAME, IPSEC_WIN7_DRIVER_TITLE,
sys_filename_w, NULL) == false)
{
// Installation failed
Debug("MsInstallDeviceDriverW failed.\n");
return false;
}
}
// Start if the device driver is stopped
if (MsIsServiceRunning(IPSEC_WIN7_DRIVER_NAME) == false)
{
if (MsStartService(IPSEC_WIN7_DRIVER_NAME) == false)
{
// Start failure
Debug("MsStartService failed.\n");
return false;
}
Debug("%s service started.\n", IPSEC_WIN7_DRIVER_NAME);
}
else
{
Debug("%s service was already started.\n", IPSEC_WIN7_DRIVER_NAME);
}
// Open the WFP
Zero(&session, sizeof(session));
ret = api->FwpmEngineOpen0(NULL, RPC_C_AUTHN_DEFAULT, NULL, &session, &hEngine);
if (ret)
{
Debug("FwpmEngineOpen0 failed.\n");
return false;
}
// Create the Callout Driver (IPv4)
Zero(&callout, sizeof(callout));
callout.calloutKey = GUID_WFP_CALLOUT_DRIVER_V4;
callout.applicableLayer = FWPM_LAYER_INBOUND_IPPACKET_V4;
callout.displayData.name = IPSEC_WIN7_DRIVER_TITLE_V4;
ret = api->FwpmCalloutAdd0(hEngine, &callout, NULL, &id);
if (ret)
{
Debug("FwpmCalloutAdd0 for IPv4 Failed: 0x%X\n", ret);
}
else
{
Debug("FwpmCalloutAdd0 for IPv4 Ok.\n");
}
// Create the Callout Driver (IPv6)
Zero(&callout, sizeof(callout));
callout.calloutKey = GUID_WFP_CALLOUT_DRIVER_V6;
callout.applicableLayer = FWPM_LAYER_INBOUND_IPPACKET_V6;
callout.displayData.name = IPSEC_WIN7_DRIVER_TITLE_V6;
ret = api->FwpmCalloutAdd0(hEngine, &callout, NULL, &id);
if (ret)
{
Debug("FwpmCalloutAdd0 for IPv6 Failed: 0x%X\n", ret);
}
else
{
Debug("FwpmCalloutAdd0 for IPv6 Ok.\n");
}
api->FwpmEngineClose0(hEngine);
return true;
}
// Write the build number of the current driver
void SetCurrentIPsecWin7DriverBuild()
{
MsRegWriteInt(REG_LOCAL_MACHINE, IPSEC_WIN7_DRIVER_REGKEY, IPSEC_WIN7_DRIVER_BUILDNUMBER, CEDAR_BUILD);
}
// Get the build number of the current driver
UINT GetCurrentIPsecWin7DriverBuild()
{
return MsRegReadInt(REG_LOCAL_MACHINE, IPSEC_WIN7_DRIVER_REGKEY, IPSEC_WIN7_DRIVER_BUILDNUMBER);
}
// Initialization of the API
bool IPsecWin7InitApi()
{
if (api != NULL)
{
return true;
}
if (hDll == NULL)
{
hDll = LoadLibraryA("FWPUCLNT.DLL");
}
if (hDll == NULL)
{
return false;
}
api = malloc(sizeof(IPSEC_WIN7_FUNCTIONS));
Zero(api, sizeof(IPSEC_WIN7_FUNCTIONS));
api->FwpmEngineOpen0 =
(DWORD (__stdcall *)(const wchar_t *,UINT32,SEC_WINNT_AUTH_IDENTITY_W *,const FWPM_SESSION0 *,HANDLE *))
GetProcAddress(hDll, "FwpmEngineOpen0");
api->FwpmEngineClose0 =
(DWORD (__stdcall *)(HANDLE))
GetProcAddress(hDll, "FwpmEngineClose0");
api->FwpmFreeMemory0 =
(void (__stdcall *)(void **))
GetProcAddress(hDll, "FwpmFreeMemory0");
api->FwpmFilterAdd0 =
(DWORD (__stdcall *)(HANDLE,const FWPM_FILTER0 *,PSECURITY_DESCRIPTOR,UINT64 *))
GetProcAddress(hDll, "FwpmFilterAdd0");
api->IPsecSaContextCreate0 =
(DWORD (__stdcall *)(HANDLE,const IPSEC_TRAFFIC0 *,UINT64 *,UINT64 *))
GetProcAddress(hDll, "IPsecSaContextCreate0");
api->IPsecSaContextGetSpi0 =
(DWORD (__stdcall *)(HANDLE,UINT64,const IPSEC_GETSPI0 *,IPSEC_SA_SPI *))
GetProcAddress(hDll, "IPsecSaContextGetSpi0");
api->IPsecSaContextAddInbound0 =
(DWORD (__stdcall *)(HANDLE,UINT64,const IPSEC_SA_BUNDLE0 *))
GetProcAddress(hDll, "IPsecSaContextAddInbound0");
api->IPsecSaContextAddOutbound0 =
(DWORD (__stdcall *)(HANDLE,UINT64,const IPSEC_SA_BUNDLE0 *))
GetProcAddress(hDll, "IPsecSaContextAddOutbound0");
api->FwpmCalloutAdd0 =
(DWORD (__stdcall *)(HANDLE,const FWPM_CALLOUT0 *,PSECURITY_DESCRIPTOR,UINT32 *))
GetProcAddress(hDll, "FwpmCalloutAdd0");
if (api->FwpmEngineOpen0 == NULL ||
api->FwpmEngineClose0 == NULL ||
api->FwpmFreeMemory0 == NULL ||
api->FwpmFilterAdd0 == NULL ||
api->IPsecSaContextCreate0 == NULL ||
api->IPsecSaContextGetSpi0 == NULL ||
api->IPsecSaContextAddInbound0 == NULL ||
api->IPsecSaContextAddOutbound0 == NULL ||
api->FwpmCalloutAdd0 == NULL)
{
free(api);
api = NULL;
return false;
}
return true;
}
#endif // WIN32
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/IPsec_Win7.h
+121
View File
@@ -0,0 +1,121 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// IPsec_Win7.h
// Header of IPsec_Win7.c
#ifndef IPSEC_WIN7_H
#define IPSEC_WIN7_H
// Constants
#define IPSEC_WIN7_SRC_SYS_X86 "|pxwfp_x86.sys"
#define IPSEC_WIN7_SRC_SYS_X64 "|pxwfp_x64.sys"
#define IPSEC_WIN7_DST_SYS "%s\\drivers\\pxwfp.sys"
#define IPSEC_WIN7_DRIVER_NAME "pxwfp"
#define IPSEC_WIN7_DRIVER_TITLE L"SoftEther PacketiX VPN IPsec WFP Callout Driver"
#define IPSEC_WIN7_DRIVER_TITLE_V4 L"SoftEther PacketiX VPN IPsec WFP Callout for IPv4"
#define IPSEC_WIN7_DRIVER_TITLE_V6 L"SoftEther PacketiX VPN IPsec WFP Callout for IPv6"
#define IPSEC_WIN7_FILTER_TITLE_V4 CEDAR_PRODUCT_STR_W L" VPN IPsec Filter for IPv4"
#define IPSEC_WIN7_FILTER_TITLE_V6 CEDAR_PRODUCT_STR_W L" VPN IPsec Filter for IPv6"
#define IPSEC_WIN7_DRIVER_REGKEY "SYSTEM\\CurrentControlSet\\services\\pxwfp"
#define IPSEC_WIN7_DRIVER_BUILDNUMBER "CurrentInstalledBuild"
// Function prototype
IPSEC_WIN7 *IPsecWin7Init();
void IPsecWin7Free(IPSEC_WIN7 *w);
void IPsecWin7UpdateHostIPAddressList(IPSEC_WIN7 *w);
bool IPsecWin7InitDriver();
bool IPsecWin7InitDriverInner();
UINT GetCurrentIPsecWin7DriverBuild();
void SetCurrentIPsecWin7DriverBuild();
bool IPsecWin7InitApi();
#endif // IPSEC_WIN7_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/IPsec_Win7Inner.h
+160
View File
@@ -0,0 +1,160 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// IPsec_Win7.h
// Internal header of IPsec_Win7.c
#ifndef IPSEC_WIN7_INNER_H
#define IPSEC_WIN7_INNER_H
// API function
typedef struct IPSEC_WIN7_FUNCTIONS
{
DWORD (WINAPI *FwpmEngineOpen0)(
IN OPTIONAL const wchar_t* serverName,
IN UINT32 authnService,
IN OPTIONAL SEC_WINNT_AUTH_IDENTITY_W* authIdentity,
IN OPTIONAL const FWPM_SESSION0* session,
OUT HANDLE* engineHandle
);
DWORD (WINAPI *FwpmEngineClose0)(IN HANDLE engineHandle);
void (WINAPI *FwpmFreeMemory0)(IN OUT void** p);
DWORD (WINAPI *FwpmFilterAdd0)(
IN HANDLE engineHandle,
IN const FWPM_FILTER0* filter,
IN OPTIONAL PSECURITY_DESCRIPTOR sd,
OUT OPTIONAL UINT64* id
);
DWORD (WINAPI *IPsecSaContextCreate0)(
IN HANDLE engineHandle,
IN const IPSEC_TRAFFIC0* outboundTraffic,
OUT OPTIONAL UINT64* inboundFilterId,
OUT UINT64* id
);
DWORD (WINAPI *IPsecSaContextGetSpi0)(
IN HANDLE engineHandle,
IN UINT64 id,
IN const IPSEC_GETSPI0* getSpi,
OUT IPSEC_SA_SPI* inboundSpi
);
DWORD (WINAPI *IPsecSaContextAddInbound0)(
IN HANDLE engineHandle,
IN UINT64 id,
IN const IPSEC_SA_BUNDLE0* inboundBundle
);
DWORD (WINAPI *IPsecSaContextAddOutbound0)(
IN HANDLE engineHandle,
IN UINT64 id,
IN const IPSEC_SA_BUNDLE0* outboundBundle
);
DWORD (WINAPI *FwpmCalloutAdd0)(
IN HANDLE engineHandle,
IN const FWPM_CALLOUT0* callout,
IN OPTIONAL PSECURITY_DESCRIPTOR sd,
OUT OPTIONAL UINT32* id
);
} IPSEC_WIN7_FUNCTIONS;
// Instance
struct IPSEC_WIN7
{
HANDLE hEngine;
HANDLE hDriverFile;
UINT64 FilterIPv4Id, FilterIPv6Id;
};
#endif // IPSEC_WIN7_INNER_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Interop_OpenVPN.c
+2942
View File
File diff suppressed because it is too large Load Diff
src/Cedar/Interop_OpenVPN.h
+362
View File
@@ -0,0 +1,362 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Interop_OpenVPN.h
// Header of Interop_OpenVPN.c
#ifndef INTEROP_OPENVPN_H
#define INTEROP_OPENVPN_H
//// Constants
#define OPENVPN_UDP_PORT 1194 // OpenVPN default UDP port number
#define OPENVPN_UDP_PORT_INCLUDE 1195 // OpenVPN default UDP port number (Operating within the client)
#define OPENVPN_MAX_NUMACK 4 // The maximum number of ACKs
#define OPENVPN_NUM_CHANNELS 8 // Maximum number of channels during a session
#define OPENVPN_CONTROL_PACKET_RESEND_INTERVAL 500 // Control packet retransmission interval
#define OPENVPN_CONTROL_PACKET_MAX_DATASIZE 1200 // Maximum data size that can be stored in one control packet
#define OPENVPN_MAX_SSL_RECV_BUF_SIZE (256 * 1024) // SSL receive buffer maximum length
#define OPENVPN_MAX_KEY_SIZE 64 // Maximum key size
#define OPENVPN_TMP_BUFFER_SIZE (65536 + 256) // Temporary buffer size
#define OPENVPN_PING_SEND_INTERVAL 3000 // Transmission interval of Ping
#define OPENVPN_RECV_TIMEOUT 10000 // Communication time-out
#define OPENVPN_NEW_SESSION_DEADLINE_TIMEOUT 30000 // Grace time to complete new VPN session connection since it was created
#define OPENVPN_MAX_PACKET_ID_FOR_TRIGGER_REKEY 0xFF000000 // Packet ID that is a trigger to start the re-key
#define OPENVPN_TCP_MAX_PACKET_SIZE 2000 // The maximum packet size allowed in TCP mode
// The default algorithm
#define OPENVPN_DEFAULT_CIPHER "AES-128-CBC"
#define OPENVPN_DEFAULT_MD "SHA1"
// Encryption related
#define OPENVPN_PREMASTER_LABEL "OpenVPN master secret"
#define OPENVPN_EXPANSION_LABEL "OpenVPN key expansion"
// IPC related
#define OPENVPN_IPC_CLIENT_NAME "OpenVPN Client"
#define OPENVPN_IPC_POSTFIX_L2 "OPENVPN_L2"
#define OPENVPN_IPC_POSTFIX_L3 "OPENVPN_L3"
// List of supported encryption algorithms
#define OPENVPN_CIPHER_LIST "[NULL-CIPHER] NULL AES-128-CBC AES-192-CBC AES-256-CBC BF-CBC CAST-CBC CAST5-CBC DES-CBC DES-EDE-CBC DES-EDE3-CBC DESX-CBC RC2-40-CBC RC2-64-CBC RC2-CBC"
// List of the supported hash algorithm
#define OPENVPN_MD_LIST "SHA SHA1 MD5 MD4 RMD160"
// MTU
#define OPENVPN_MTU_LINK 1514 // Ethernet MTU
#define OPENVPN_MTU_TUN 1500 // Tun MTU
// Protocol
#define OPENVPN_PROTOCOL_UDP 0 // UDP
#define OPENVPN_PROTOCOL_TCP 1 // TCP
// Op-code
#define OPENVPN_P_CONTROL_SOFT_RESET_V1 3 // Soft reset request
#define OPENVPN_P_CONTROL_V1 4 // SSL negotiation packet
#define OPENVPN_P_ACK_V1 5 // Acknowledgment
#define OPENVPN_P_DATA_V1 6 // Data packet
#define OPENVPN_P_CONTROL_HARD_RESET_CLIENT_V2 7 // Connection request from client
#define OPENVPN_P_CONTROL_HARD_RESET_SERVER_V2 8 // Connection response from server
// State of OpenVPN channel
#define OPENVPN_CHANNEL_STATUS_INIT 0 // Initialization phase
#define OPENVPN_CHANNEL_STATUS_TLS_WAIT_CLIENT_KEY 1 // Waiting for the key information from the client
#define OPENVPN_CHANNEL_STATUS_TLS_WAIT_CLIENT_PUSH_REQUEST 2 // Waiting for PUSH_REQUEST from the client
#define OPENVPN_CHANNEL_STATUS_TLS_VPN_CONNECTING 3 // VPN connecting process is running
#define OPENVPN_CHANNEL_STATUS_ESTABLISHED 4 // VPN connection established
#define OPENVPN_CHANNEL_STATUS_DISCONNECTED 5 // Disconnected
// Quota
#define OPENVPN_QUOTA_MAX_NUM_SESSIONS_PER_IP 1000 // Number of OpenVPN sessions per IP address
#define OPENVPN_QUOTA_MAX_NUM_SESSIONS 30000 // Limit of the number of sessions
// Mode
#define OPENVPN_MODE_UNKNOWN 0 // Unknown
#define OPENVPN_MODE_L2 1 // TAP (Ethernet)
#define OPENVPN_MODE_L3 2 // TUN (IP)
//// Type
// Data of OpenVPN Key Method 2
struct OPENVPN_KEY_METHOD_2
{
UCHAR PreMasterSecret[48]; // Pre Master Secret (client only)
UCHAR Random1[32]; // Random 1
UCHAR Random2[32]; // Random 2
char OptionString[512]; // Option string
char Username[512]; // User name
char Password[512]; // Password
char PeerInfo[1536]; // PeerInfo
};
// OpenVPN sending control packet
struct OPENVPN_CONTROL_PACKET
{
UCHAR OpCode; // Op-code
UINT PacketId; // Packet ID
UINT DataSize; // Data size
UCHAR *Data; // Data body
UINT64 NextSendTime; // Scheduled next transmission time
};
// OpenVPN packet
struct OPENVPN_PACKET
{
UCHAR OpCode; // Op-code
UCHAR KeyId; // Key ID
UINT64 MySessionId; // Channel ID of the sender
UCHAR NumAck; // Number of ACK
UINT AckPacketId[OPENVPN_MAX_NUMACK]; // ACK packet ID list
UINT64 YourSessionId; // Destination Channel ID (If there are one or more ACK)
UINT PacketId; // Packet ID
UINT DataSize; // Data size
UCHAR *Data; // Data body
};
// OpenVPN channel
struct OPENVPN_CHANNEL
{
OPENVPN_SERVER *Server;
OPENVPN_SESSION *Session;
UINT Status; // State
LIST *AckReplyList; // Response ACK list
UINT MaxRecvPacketId; // The maximum value of the arrived packet ID
UINT NextSendPacketId; // The value of a packet ID to be transmitted next
LIST *SendControlPacketList; // Sending control packet list
SSL_PIPE *SslPipe; // SSL pipe
OPENVPN_KEY_METHOD_2 ClientKey; // Key sent from the client
OPENVPN_KEY_METHOD_2 ServerKey; // Key sent from the server
char Proto[64]; // Protocol
CIPHER *CipherEncrypt; // Encryption algorithm
CIPHER *CipherDecrypt; // Decryption algorithm
MD *MdSend; // Transmission MD algorithm
MD *MdRecv; // Reception MD algorithm
UCHAR MasterSecret[48]; // Master Secret
UCHAR ExpansionKey[256]; // Expansion Key
UCHAR NextIv[64]; // Next IV
UINT LastDataPacketId; // Previous Data Packet ID
UINT64 EstablishedTick; // Established time
UCHAR KeyId; // KEY ID
bool IsRekeyChannel; // Whether it is a channel for key update
bool IsInitiatorServer; // Whether the channel was started from the server side
bool RekeyInitiated; // Whether re-keying has already started
UINT64 NextRekey;
};
// OpenVPN session
struct OPENVPN_SESSION
{
UINT Id; // ID
OPENVPN_SERVER *Server;
UINT64 ServerSessionId; // The session ID of the server-side
UINT64 ClientSessionId; // Session ID of the client side
UINT Protocol; // Protocol
IP ClientIp; // Client IP address
UINT ClientPort; // Client port number
IP ServerIp; // Server IP address
UINT ServerPort; // Server port number
OPENVPN_CHANNEL *Channels[OPENVPN_NUM_CHANNELS]; // Channels (up to 8)
UINT LastCreatedChannelIndex; // Channel number that is created in the last
UINT Mode; // Mode (L3 or L2)
UINT LinkMtu; // link-mtu
UINT TunMtu; // tun-mtu
IPC_ASYNC *IpcAsync; // Asynchronous IPC connection
IPC *Ipc; // Connected IPC connection
char PushReplyStr[MAX_SIZE]; // PUSH_REPLY string
UINT64 NextPingSendTick; // Next time to send a Ping
bool Established; // VPN communication established flag
UINT64 CreatedTick; // Creation date and time
UINT64 LastCommTick; // Last communication date and time
};
// OpenVPN server
struct OPENVPN_SERVER
{
CEDAR *Cedar;
INTERRUPT_MANAGER *Interrupt; // Interrupt manager
LIST *SendPacketList; // Transmission packet list
LIST *SessionList; // Session list
UINT64 Now; // Current time
SOCK_EVENT *SockEvent; // Socket event
UCHAR TmpBuf[OPENVPN_TMP_BUFFER_SIZE]; // Temporary buffer
UINT DisconnectCount; // The number of session lost that have occurred so far
bool SupressSendPacket; // Packet transmission suppression flag
UINT NextSessionId; // Next session ID
DH_CTX *Dh; // DH key
UINT SessionEstablishedCount; // Number of session establishment
};
// OpenVPN server (UDP mode)
struct OPENVPN_SERVER_UDP
{
CEDAR *Cedar;
UDPLISTENER *UdpListener; // UDP listener
OPENVPN_SERVER *OpenVpnServer; // OpenVPN server
UINT64 VgsNextGetPublicPortsTick;
};
//// Function prototype
OPENVPN_SERVER_UDP *NewOpenVpnServerUdp(CEDAR *cedar);
void FreeOpenVpnServerUdp(OPENVPN_SERVER_UDP *u);
void OpenVpnServerUdpListenerProc(UDPLISTENER *u, LIST *packet_list);
void OvsApplyUdpPortList(OPENVPN_SERVER_UDP *u, char *port_list);
OPENVPN_SERVER *NewOpenVpnServer(CEDAR *cedar, INTERRUPT_MANAGER *interrupt, SOCK_EVENT *sock_event);
void FreeOpenVpnServer(OPENVPN_SERVER *s);
void OvsRecvPacket(OPENVPN_SERVER *s, LIST *recv_packet_list, UINT protocol);
void OvsProceccRecvPacket(OPENVPN_SERVER *s, UDPPACKET *p, UINT protocol);
int OvsCompareSessionList(void *p1, void *p2);
OPENVPN_SESSION *OvsSearchSession(OPENVPN_SERVER *s, IP *server_ip, UINT server_port, IP *client_ip, UINT client_port, UINT protocol);
OPENVPN_SESSION *OvsNewSession(OPENVPN_SERVER *s, IP *server_ip, UINT server_port, IP *client_ip, UINT client_port, UINT protocol);
OPENVPN_SESSION *OvsFindOrCreateSession(OPENVPN_SERVER *s, IP *server_ip, UINT server_port, IP *client_ip, UINT client_port, UINT protocol);
void OvsFreeSession(OPENVPN_SESSION *se);
UINT OvsGetNumSessionByClientIp(OPENVPN_SERVER *s, IP *ip);
OPENVPN_PACKET *OvsParsePacket(UCHAR *data, UINT size);
void OvsFreePacket(OPENVPN_PACKET *p);
BUF *OvsBuildPacket(OPENVPN_PACKET *p);
OPENVPN_PACKET *OvsNewControlPacket(UCHAR opcode, UCHAR key_id, UINT64 my_channel_id, UINT num_ack,
UINT *ack_packet_ids, UINT64 your_channel_id, UINT packet_id,
UINT data_size, UCHAR *data);
void OvsSendDataPacket(OPENVPN_CHANNEL *c, UCHAR key_id, UINT data_packet_id, void *data, UINT data_size);
OPENVPN_CHANNEL *OvsNewChannel(OPENVPN_SESSION *se, UCHAR key_id);
void OvsFreeChannel(OPENVPN_CHANNEL *c);
UINT64 OvsNewServerSessionId(OPENVPN_SERVER *s);
UINT OvsGetAckReplyList(OPENVPN_CHANNEL *c, UINT *ret);
void OvsSendPacketNow(OPENVPN_SERVER *s, OPENVPN_SESSION *se, OPENVPN_PACKET *p);
void OvsSendPacketRawNow(OPENVPN_SERVER *s, OPENVPN_SESSION *se, void *data, UINT size);
void OvsProcessRecvControlPacket(OPENVPN_SERVER *s, OPENVPN_SESSION *se, OPENVPN_CHANNEL *c, OPENVPN_PACKET *p);
void OvsSendControlPacket(OPENVPN_CHANNEL *c, UCHAR opcode, UCHAR *data, UINT data_size);
void OvsSendControlPacketWithAutoSplit(OPENVPN_CHANNEL *c, UCHAR opcode, UCHAR *data, UINT data_size);
void OvsFreeControlPacket(OPENVPN_CONTROL_PACKET *p);
void OvsDeleteFromSendingControlPacketList(OPENVPN_CHANNEL *c, UINT num_acks, UINT *acks);
UINT OvsParseKeyMethod2(OPENVPN_KEY_METHOD_2 *ret, UCHAR *data, UINT size, bool client_mode);
bool OvsReadStringFromBuf(BUF *b, char *str, UINT str_size);
void OvsSetupSessionParameters(OPENVPN_SERVER *s, OPENVPN_SESSION *se, OPENVPN_CHANNEL *c, OPENVPN_KEY_METHOD_2 *data);
BUF *OvsBuildKeyMethod2(OPENVPN_KEY_METHOD_2 *d);
void OvsWriteStringToBuf(BUF *b, char *str, UINT max_size);
LIST *OvsParseOptions(char *str);
void OvsFreeOptions(LIST *o);
LIST *OvsNewOptions();
void OvsAddOption(LIST *o, char *key, char *value);
bool OvsHasOption(LIST *o, char *key);
UINT OvsPeekStringFromFifo(FIFO *f, char *str, UINT str_size);
void OvsBeginIPCAsyncConnectionIfEmpty(OPENVPN_SERVER *s, OPENVPN_SESSION *se, OPENVPN_CHANNEL *c);
bool OvsIsCompatibleL3IP(UINT ip);
UINT OvsGetCompatibleL3IPNext(UINT ip);
UINT OvsCalcTcpMss(OPENVPN_SERVER *s, OPENVPN_SESSION *se, OPENVPN_CHANNEL *c);
CIPHER *OvsGetCipher(char *name);
MD *OvsGetMd(char *name);
bool OvsCheckTcpRecvBufIfOpenVPNProtocol(UCHAR *buf, UINT size);
bool OvsPerformTcpServer(CEDAR *cedar, SOCK *sock);
void OvsSetReplyForVgsPollEnable(bool b);
void OvsSetNoOpenVpnTcp(bool b);
bool OvsGetNoOpenVpnTcp();
void OvsSetNoOpenVpnUdp(bool b);
#endif // INTEROP_OPENVPN_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Interop_SSTP.c
+1222
View File
File diff suppressed because it is too large Load Diff
src/Cedar/Interop_SSTP.h
+238
View File
@@ -0,0 +1,238 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Interop_SSTP.h
// Header of Interop_SSTP.c
#ifndef INTEROP_SSTP_H
#define INTEROP_SSTP_H
//// Constants
#define SSTP_URI "/sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/" // SSTP HTTPS URI
#define SSTP_VERSION_1 0x10 // SSTP Version 1.0
#define MAX_SSTP_PACKET_SIZE 4096 // Maximum packet size
#define SSTP_IPC_CLIENT_NAME "Microsoft SSTP VPN Client"
#define SSTP_IPC_POSTFIX "SSTP"
#define SSTP_ECHO_SEND_INTERVAL_MIN 2500 // Transmission interval of Echo Request (minimum)
#define SSTP_ECHO_SEND_INTERVAL_MAX 4792 // Transmission interval of Echo Request (maximum)
#define SSTP_TIMEOUT 10000 // Communication time-out of SSTP
// SSTP Message Type
#define SSTP_MSG_CALL_CONNECT_REQUEST 0x0001
#define SSTP_MSG_CALL_CONNECT_ACK 0x0002
#define SSTP_MSG_CALL_CONNECT_NAK 0x0003
#define SSTP_MSG_CALL_CONNECTED 0x0004
#define SSTP_MSG_CALL_ABORT 0x0005
#define SSTP_MSG_CALL_DISCONNECT 0x0006
#define SSTP_MSG_CALL_DISCONNECT_ACK 0x0007
#define SSTP_MSG_ECHO_REQUEST 0x0008
#define SSTP_MSG_ECHO_RESPONSE 0x0009
// SSTP Attribute ID
#define SSTP_ATTRIB_NO_ERROR 0x00
#define SSTP_ATTRIB_ENCAPSULATED_PROTOCOL_ID 0x01
#define SSTP_ATTRIB_STATUS_INFO 0x02
#define SSTP_ATTRIB_CRYPTO_BINDING 0x03
#define SSTP_ATTRIB_CRYPTO_BINDING_REQ 0x04
// Protocol ID
#define SSTP_ENCAPSULATED_PROTOCOL_PPP 0x0001
// Hash Protocol Bitmask
#define CERT_HASH_PROTOCOL_SHA1 0x01
#define CERT_HASH_PROTOCOL_SHA256 0x02
// Status
#define ATTRIB_STATUS_NO_ERROR 0x00000000
#define ATTRIB_STATUS_DUPLICATE_ATTRIBUTE 0x00000001
#define ATTRIB_STATUS_UNRECOGNIZED_ATTRIBUTE 0x00000002
#define ATTRIB_STATUS_INVALID_ATTRIB_VALUE_LENGTH 0x00000003
#define ATTRIB_STATUS_VALUE_NOT_SUPPORTED 0x00000004
#define ATTRIB_STATUS_UNACCEPTED_FRAME_RECEIVED 0x00000005
#define ATTRIB_STATUS_RETRY_COUNT_EXCEEDED 0x00000006
#define ATTRIB_STATUS_INVALID_FRAME_RECEIVED 0x00000007
#define ATTRIB_STATUS_NEGOTIATION_TIMEOUT 0x00000008
#define ATTRIB_STATUS_ATTRIB_NOT_SUPPORTED_IN_MSG 0x00000009
#define ATTRIB_STATUS_REQUIRED_ATTRIBUTE_MISSING 0x0000000A
#define ATTRIB_STATUS_STATUS_INFO_NOT_SUPPORTED_IN_MSG 0x0000000B
// State of SSTP Server
#define SSTP_SERVER_STATUS_REQUEST_PENGING 0 // Connection incomplete
#define SSTP_SERVER_STATUS_CONNECTED_PENDING 1 // Connection completed. Authentication incomplete
#define SSTP_SERVER_STATUS_ESTABLISHED 2 // Connection completed. Communication available
// Length of Nonce
#define SSTP_NONCE_SIZE 32 // 256 bits
//// Type
// SSTP Attibute
struct SSTP_ATTRIBUTE
{
UCHAR AttributeId;
UCHAR *Data;
UINT DataSize;
UINT TotalLength;
};
// SSTP Packet
struct SSTP_PACKET
{
UCHAR Version;
bool IsControl;
UCHAR *Data;
UINT DataSize;
USHORT MessageType;
LIST *AttibuteList;
};
// SSTP Server
struct SSTP_SERVER
{
CEDAR *Cedar;
UINT64 Now;
IP ClientIp, ServerIp;
UINT ClientPort, ServerPort;
char ClientHostName[MAX_HOST_NAME_LEN + 1];
char ClientCipherName[MAX_SIZE];
SOCK_EVENT *SockEvent;
QUEUE *RecvQueue; // Receive queue
QUEUE *SendQueue; // Transmission queue
INTERRUPT_MANAGER *Interrupt; // Interrupt manager
bool Aborting; // Forced disconnection flag
bool AbortSent; // Flag of whether to send the Abort
bool AbortReceived; // Flag of whether the Abort has been received
bool Disconnecting; // Disconnecting flag
bool DisconnectSent; // Flag of whether to send a Disconnect
bool DisconnectRecved; // Flag of whether a Disconnect has been received
bool Disconnected; // Flag as to disconnect
UINT Status; // State
UCHAR SentNonce[SSTP_NONCE_SIZE]; // Random data sent
TUBE *TubeRecv, *TubeSend; // Delivery tube of packets to PPP module
THREAD *PPPThread; // PPP module thread
UINT64 NextSendEchoRequestTick; // Time to send the next Echo Request
UINT64 LastRecvTick; // Tick when some data has received at the end
bool FlushRecvTube; // Flag whether to flush the reception tube
UINT EstablishedCount; // Number of session establishment
};
//// Function prototype
bool AcceptSstp(CONNECTION *c);
bool ProcessSstpHttps(CEDAR *cedar, SOCK *s, SOCK_EVENT *se);
SSTP_SERVER *NewSstpServer(CEDAR *cedar, IP *client_ip, UINT client_port, IP *server_ip,
UINT server_port, SOCK_EVENT *se,
char *client_host_name, char *crypt_name);
void FreeSstpServer(SSTP_SERVER *s);
void SstpProcessInterrupt(SSTP_SERVER *s);
SSTP_PACKET *SstpParsePacket(UCHAR *data, UINT size);
LIST *SstpParseAttributeList(UCHAR *data, UINT size, SSTP_PACKET *p);
SSTP_ATTRIBUTE *SstpParseAttribute(UCHAR *data, UINT size);
void SstpFreeAttribute(SSTP_ATTRIBUTE *a);
void SstpFreeAttributeList(LIST *o);
void SstpFreePacket(SSTP_PACKET *p);
BUF *SstpBuildPacket(SSTP_PACKET *p);
BUF *SstpBuildAttributeList(LIST *o, USHORT message_type);
BUF *SstpBuildAttribute(SSTP_ATTRIBUTE *a);
void SstpAbort(SSTP_SERVER *s);
void SstpDisconnect(SSTP_SERVER *s);
void SstpProcessPacket(SSTP_SERVER *s, SSTP_PACKET *p);
void SstpProcessControlPacket(SSTP_SERVER *s, SSTP_PACKET *p);
void SstpProcessDataPacket(SSTP_SERVER *s, SSTP_PACKET *p);
SSTP_ATTRIBUTE *SstpFindAttribute(SSTP_PACKET *p, UCHAR attribute_id);
SSTP_ATTRIBUTE *SstpNewAttribute(UCHAR attribute_id, UCHAR *data, UINT data_size);
SSTP_ATTRIBUTE *SstpNewStatusInfoAttribute(UCHAR attrib_id, UINT status);
SSTP_ATTRIBUTE *SstpNewCryptoBindingRequestAttribute(UCHAR hash_protocol_bitmask, UCHAR *nonce_32bytes);
SSTP_PACKET *SstpNewDataPacket(UCHAR *data, UINT size);
SSTP_PACKET *SstpNewControlPacket(USHORT message_type);
SSTP_PACKET *SstpNewControlPacketWithAnAttribute(USHORT message_type, SSTP_ATTRIBUTE *a);
void SstpSendPacket(SSTP_SERVER *s, SSTP_PACKET *p);
bool GetNoSstp();
void SetNoSstp(bool b);
#endif // INTEROP_SSTP_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Layer3.c
+2173
View File
File diff suppressed because it is too large Load Diff
src/Cedar/Layer3.h
+229
View File
@@ -0,0 +1,229 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Layer3.h
// Header of Layer3.c
#ifndef LAYER3_H
#define LAYER3_H
// Constants
#define L3_USERNAME "L3SW_"
// L3 ARP table entry
struct L3ARPENTRY
{
UINT IpAddress; // IP address
UCHAR MacAddress[6]; // MAC address
UCHAR Padding[2];
UINT64 Expire; // Expiration date
};
// L3 ARP resolution waiting list entry
struct L3ARPWAIT
{
UINT IpAddress; // IP address
UINT64 LastSentTime; // Time which the data has been sent last
UINT64 Expire; // Expiration date
};
// L3 IP packet table
struct L3PACKET
{
PKT *Packet; // Packet data body
UINT64 Expire; // Expiration date
UINT NextHopIp; // Local delivery destination IP address
};
// L3 routing table definition
struct L3TABLE
{
UINT NetworkAddress; // Network address
UINT SubnetMask; // Subnet mask
UINT GatewayAddress; // Gateway address
UINT Metric; // Metric
};
// L3 interface definition
struct L3IF
{
L3SW *Switch; // Layer-3 switch
char HubName[MAX_HUBNAME_LEN + 1]; // Virtual HUB name
UINT IpAddress; // IP address
UINT SubnetMask; // Subnet mask
HUB *Hub; // Virtual HUB
SESSION *Session; // Session
LIST *ArpTable; // ARP table
LIST *ArpWaitTable; // ARP waiting table
QUEUE *IpPacketQueue; // IP packet queue (for reception from other interfaces)
LIST *IpWaitList; // IP waiting list
QUEUE *SendQueue; // Transmission queue
UCHAR MacAddress[6]; // MAC address
UCHAR Padding[2];
UINT64 LastDeleteOldArpTable; // Time that old ARP table entries are cleared
LIST *CancelList; // Cancellation list
UINT64 LastBeaconSent; // Time which the beacon has been sent last
};
// L3 switch definition
struct L3SW
{
char Name[MAX_HUBNAME_LEN + 1]; // Name
LOCK *lock; // Lock
REF *ref; // Reference counter
CEDAR *Cedar; // Cedar
bool Active; // During operation flag
bool Online; // Online flag
volatile bool Halt; // Halting flag
LIST *IfList; // Interface list
LIST *TableList; // Routing table list
THREAD *Thread; // Thread
};
// Function prototype
int CmpL3Sw(void *p1, void *p2);
int CmpL3ArpEntry(void *p1, void *p2);
int CmpL3ArpWaitTable(void *p1, void *p2);
int CmpL3Table(void *p1, void *p2);
int CmpL3If(void *p1, void *p2);
void InitCedarLayer3(CEDAR *c);
void FreeCedarLayer3(CEDAR *c);
L3SW *NewL3Sw(CEDAR *c, char *name);
void ReleaseL3Sw(L3SW *s);
void CleanupL3Sw(L3SW *s);
bool L3AddIf(L3SW *s, char *hubname, UINT ip, UINT subnet);
bool L3DelIf(L3SW *s, char *hubname);
bool L3AddTable(L3SW *s, L3TABLE *tbl);
bool L3DelTable(L3SW *s, L3TABLE *tbl);
L3IF *L3SearchIf(L3SW *s, char *hubname);
L3SW *L3GetSw(CEDAR *c, char *name);
L3SW *L3AddSw(CEDAR *c, char *name);
bool L3DelSw(CEDAR *c, char *name);
void L3FreeAllSw(CEDAR *c);
void L3SwStart(L3SW *s);
void L3SwStop(L3SW *s);
void L3SwThread(THREAD *t, void *param);
void L3Test(SERVER *s);
void L3InitAllInterfaces(L3SW *s);
void L3FreeAllInterfaces(L3SW *s);
void L3IfThread(THREAD *t, void *param);
void L3InitInterface(L3IF *f);
void L3FreeInterface(L3IF *f);
L3IF *L3GetNextIf(L3SW *s, UINT ip, UINT *next_hop);
L3TABLE *L3GetBestRoute(L3SW *s, UINT ip);
UINT L3GetNextPacket(L3IF *f, void **data);
void L3Polling(L3IF *f);
void L3PollingBeacon(L3IF *f);
void L3DeleteOldArpTable(L3IF *f);
void L3DeleteOldIpWaitList(L3IF *f);
void L3PollingArpWaitTable(L3IF *f);
void L3SendL2Now(L3IF *f, UCHAR *dest_mac, UCHAR *src_mac, USHORT protocol, void *data, UINT size);
void L3SendArpRequestNow(L3IF *f, UINT dest_ip);
void L3SendArpResponseNow(L3IF *f, UCHAR *dest_mac, UINT dest_ip, UINT src_ip);
void L3GenerateMacAddress(L3IF *f);
L3ARPENTRY *L3SearchArpTable(L3IF *f, UINT ip);
void L3SendIpNow(L3IF *f, L3ARPENTRY *a, L3PACKET *p);
void L3SendIp(L3IF *f, L3PACKET *p);
void L3RecvArp(L3IF *f, PKT *p);
void L3RecvArpRequest(L3IF *f, PKT *p);
void L3RecvArpResponse(L3IF *f, PKT *p);
void L3KnownArp(L3IF *f, UINT ip, UCHAR *mac);
void L3SendArp(L3IF *f, UINT ip);
void L3InsertArpTable(L3IF *f, UINT ip, UCHAR *mac);
void L3SendWaitingIp(L3IF *f, UCHAR *mac, UINT ip, L3ARPENTRY *a);
void L3PutPacket(L3IF *f, void *data, UINT size);
void L3RecvL2(L3IF *f, PKT *p);
void L3StoreIpPacketToIf(L3IF *src_if, L3IF *dst_if, L3PACKET *p);
void L3RecvIp(L3IF *f, PKT *p, bool self);
void L3PollingIpQueue(L3IF *f);
#endif // LAYER3_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Link.c
+655
View File
@@ -0,0 +1,655 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Link.c
// Inter-HUB Link
#include "CedarPch.h"
// Link server thread
void LinkServerSessionThread(THREAD *t, void *param)
{
LINK *k = (LINK *)param;
CONNECTION *c;
SESSION *s;
POLICY *policy;
wchar_t name[MAX_SIZE];
// Validate arguments
if (t == NULL || param == NULL)
{
return;
}
// Create a server connection
c = NewServerConnection(k->Cedar, NULL, t);
c->Protocol = CONNECTION_HUB_LINK_SERVER;
// Create a policy
policy = ZeroMalloc(sizeof(POLICY));
Copy(policy, k->Policy, sizeof(POLICY));
// Create a server session
s = NewServerSession(k->Cedar, c, k->Hub, LINK_USER_NAME, policy);
s->LinkModeServer = true;
s->Link = k;
c->Session = s;
ReleaseConnection(c);
// User name
s->Username = CopyStr(LINK_USER_NAME_PRINT);
k->ServerSession = s;
AddRef(k->ServerSession->ref);
// Notify the initialization completion
NoticeThreadInit(t);
UniStrCpy(name, sizeof(name), k->Option->AccountName);
HLog(s->Hub, "LH_LINK_START", name, s->Name);
// Main function of session
SessionMain(s);
HLog(s->Hub, "LH_LINK_STOP", name);
ReleaseSession(s);
}
// Initialize the packet adapter
bool LinkPaInit(SESSION *s)
{
LINK *k;
THREAD *t;
// Validate arguments
if (s == NULL || (k = (LINK *)s->PacketAdapter->Param) == NULL)
{
return false;
}
// Create a transmission packet queue
k->SendPacketQueue = NewQueue();
// Creat a link server thread
t = NewThread(LinkServerSessionThread, (void *)k);
WaitThreadInit(t);
ReleaseThread(t);
return true;
}
// Get the cancel object
CANCEL *LinkPaGetCancel(SESSION *s)
{
LINK *k;
// Validate arguments
if (s == NULL || (k = (LINK *)s->PacketAdapter->Param) == NULL)
{
return NULL;
}
return NULL;
}
// Get the next packet
UINT LinkPaGetNextPacket(SESSION *s, void **data)
{
LINK *k;
UINT ret = 0;
// Validate arguments
if (s == NULL || data == NULL || (k = (LINK *)s->PacketAdapter->Param) == NULL)
{
return INFINITE;
}
// Examine whether there are packets in the queue
LockQueue(k->SendPacketQueue);
{
BLOCK *block = GetNext(k->SendPacketQueue);
if (block != NULL)
{
// There was a packet
*data = block->Buf;
ret = block->Size;
// Discard the memory for the structure
Free(block);
}
}
UnlockQueue(k->SendPacketQueue);
return ret;
}
// Write the received packet
bool LinkPaPutPacket(SESSION *s, void *data, UINT size)
{
LINK *k;
BLOCK *block;
SESSION *server_session;
CONNECTION *server_connection;
// Validate arguments
if (s == NULL || (k = (LINK *)s->PacketAdapter->Param) == NULL)
{
return false;
}
server_session = k->ServerSession;
server_connection = server_session->Connection;
// Since the packet arrives from the HUB of the link destination,
// deliver it to the ReceivedBlocks of the server session
if (data != NULL)
{
block = NewBlock(data, size, 0);
LockQueue(server_connection->ReceivedBlocks);
{
InsertQueue(server_connection->ReceivedBlocks, block);
}
UnlockQueue(server_connection->ReceivedBlocks);
}
else
{
// Issue the Cancel, since finished store all packets when the data == NULL
Cancel(server_session->Cancel1);
if (k->Hub != NULL && k->Hub->Option != NULL && k->Hub->Option->YieldAfterStorePacket)
{
YieldCpu();
}
}
return true;
}
// Release the packet adapter
void LinkPaFree(SESSION *s)
{
LINK *k;
// Validate arguments
if (s == NULL || (k = (LINK *)s->PacketAdapter->Param) == NULL)
{
return;
}
// Stop the server session
StopSession(k->ServerSession);
ReleaseSession(k->ServerSession);
// Release the transmission packet queue
LockQueue(k->SendPacketQueue);
{
BLOCK *block;
while (block = GetNext(k->SendPacketQueue))
{
FreeBlock(block);
}
}
UnlockQueue(k->SendPacketQueue);
ReleaseQueue(k->SendPacketQueue);
}
// Packet adapter
PACKET_ADAPTER *LinkGetPacketAdapter()
{
return NewPacketAdapter(LinkPaInit, LinkPaGetCancel, LinkPaGetNextPacket,
LinkPaPutPacket, LinkPaFree);
}
// Release all links
void ReleaseAllLink(HUB *h)
{
LINK **kk;
UINT num, i;
// Validate arguments
if (h == NULL)
{
return;
}
LockList(h->LinkList);
{
num = LIST_NUM(h->LinkList);
kk = ToArray(h->LinkList);
DeleteAll(h->LinkList);
}
UnlockList(h->LinkList);
for (i = 0;i < num;i++)
{
LINK *k = kk[i];
ReleaseLink(k);
}
Free(kk);
}
// Release the link
void ReleaseLink(LINK *k)
{
// Validate arguments
if (k == NULL)
{
return;
}
if (Release(k->ref) == 0)
{
CleanupLink(k);
}
}
// Clean-up the link
void CleanupLink(LINK *k)
{
// Validate arguments
if (k == NULL)
{
return;
}
DeleteLock(k->lock);
if (k->ClientSession)
{
ReleaseSession(k->ClientSession);
}
Free(k->Option);
CiFreeClientAuth(k->Auth);
Free(k->Policy);
if (k->ServerCert != NULL)
{
FreeX(k->ServerCert);
}
Free(k);
}
// Make the link on-line
void SetLinkOnline(LINK *k)
{
// Validate arguments
if (k == NULL)
{
return;
}
if (k->Offline == false)
{
return;
}
k->Offline = false;
StartLink(k);
}
// Make the link off-line
void SetLinkOffline(LINK *k)
{
// Validate arguments
if (k == NULL)
{
return;
}
if (k->Offline)
{
return;
}
StopLink(k);
k->Offline = true;
}
// Delete the link
void DelLink(HUB *hub, LINK *k)
{
// Validate arguments
if (hub == NULL || k == NULL)
{
return;
}
LockList(hub->LinkList);
{
if (Delete(hub->LinkList, k))
{
ReleaseLink(k);
}
}
UnlockList(hub->LinkList);
}
// Start all links
void StartAllLink(HUB *h)
{
// Validate arguments
if (h == NULL)
{
return;
}
LockList(h->LinkList);
{
UINT i;
for (i = 0;i < LIST_NUM(h->LinkList);i++)
{
LINK *k = (LINK *)LIST_DATA(h->LinkList, i);
if (k->Offline == false)
{
StartLink(k);
}
}
}
UnlockList(h->LinkList);
}
// Stop all links
void StopAllLink(HUB *h)
{
LINK **link_list;
UINT num_link;
UINT i;
// Validate arguments
if (h == NULL)
{
return;
}
LockList(h->LinkList);
{
link_list = ToArray(h->LinkList);
num_link = LIST_NUM(h->LinkList);
for (i = 0;i < num_link;i++)
{
AddRef(link_list[i]->ref);
}
}
UnlockList(h->LinkList);
for (i = 0;i < num_link;i++)
{
StopLink(link_list[i]);
ReleaseLink(link_list[i]);
}
Free(link_list);
}
// Start the link
void StartLink(LINK *k)
{
PACKET_ADAPTER *pa;
// Validate arguments
if (k == NULL)
{
return;
}
LockLink(k);
{
if (k->Started || k->Halting)
{
UnlockLink(k);
return;
}
k->Started = true;
}
UnlockLink(k);
// Connect the client session
pa = LinkGetPacketAdapter();
pa->Param = (void *)k;
LockLink(k);
{
k->ClientSession = NewClientSession(k->Cedar, k->Option, k->Auth, pa);
}
UnlockLink(k);
}
// Stop the link
void StopLink(LINK *k)
{
// Validate arguments
if (k == NULL)
{
return;
}
LockLink(k);
{
if (k->Started == false)
{
UnlockLink(k);
return;
}
k->Started = false;
k->Halting = true;
}
UnlockLink(k);
if (k->ClientSession != NULL)
{
// Disconnect the client session
StopSession(k->ClientSession);
LockLink(k);
{
ReleaseSession(k->ClientSession);
k->ClientSession = NULL;
}
UnlockLink(k);
}
LockLink(k);
{
k->Halting = false;
}
UnlockLink(k);
}
// Lock the link
void LockLink(LINK *k)
{
// Validate arguments
if (k == NULL)
{
return;
}
Lock(k->lock);
}
// Unlock the link
void UnlockLink(LINK *k)
{
// Validate arguments
if (k == NULL)
{
return;
}
Unlock(k->lock);
}
// Normalize the policy for the link
void NormalizeLinkPolicy(POLICY *p)
{
// Validate arguments
if (p == NULL)
{
return;
}
p->Access = true;
p->NoBridge = p->NoRouting = p->PrivacyFilter =
p->MonitorPort = false;
p->MaxConnection = 32;
p->TimeOut = 20;
p->FixPassword = false;
}
// Create a Link
LINK *NewLink(CEDAR *cedar, HUB *hub, CLIENT_OPTION *option, CLIENT_AUTH *auth, POLICY *policy)
{
CLIENT_OPTION *o;
LINK *k;
CLIENT_AUTH *a;
// Validate arguments
if (cedar == NULL || hub == NULL || option == NULL || auth == NULL || policy == NULL)
{
return NULL;
}
if (hub->Halt)
{
return NULL;
}
if (LIST_NUM(hub->LinkList) >= MAX_HUB_LINKS)
{
return NULL;
}
if (UniIsEmptyStr(option->AccountName))
{
return NULL;
}
// Limitation of authentication method
if (auth->AuthType != CLIENT_AUTHTYPE_ANONYMOUS && auth->AuthType != CLIENT_AUTHTYPE_PASSWORD &&
auth->AuthType != CLIENT_AUTHTYPE_PLAIN_PASSWORD && auth->AuthType != CLIENT_AUTHTYPE_CERT)
{
// Authentication method other than anonymous authentication, password authentication, plain password, certificate authentication cannot be used
return NULL;
}
// Copy of the client options (for modification)
o = ZeroMalloc(sizeof(CLIENT_OPTION));
Copy(o, option, sizeof(CLIENT_OPTION));
StrCpy(o->DeviceName, sizeof(o->DeviceName), LINK_DEVICE_NAME);
o->RequireBridgeRoutingMode = true; // Request the bridge mode
o->RequireMonitorMode = false; // Not to require the monitor mode
o->NumRetry = INFINITE; // Retry the connection infinitely
o->RetryInterval = 10; // Retry interval is 10 seconds
o->NoRoutingTracking = true; // Stop the routing tracking
// Copy the authentication data
a = CopyClientAuth(auth);
a->SecureSignProc = NULL;
a->CheckCertProc = NULL;
// Link object
k = ZeroMalloc(sizeof(LINK));
k->lock = NewLock();
k->ref = NewRef();
k->Cedar = cedar;
k->Option = o;
k->Auth = a;
k->Hub = hub;
// Copy the policy
k->Policy = ZeroMalloc(sizeof(POLICY));
Copy(k->Policy, policy, sizeof(POLICY));
// Normalize the policy
NormalizeLinkPolicy(k->Policy);
// Register in the link list of the HUB
LockList(hub->LinkList);
{
Add(hub->LinkList, k);
AddRef(k->ref);
}
UnlockList(hub->LinkList);
return k;
}
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Link.h
+139
View File
@@ -0,0 +1,139 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Link.h
// Header of Link.c
#ifndef LINK_H
#define LINK_H
struct LINK
{
bool Started; // Running flag
volatile bool Halting; // Halting flag
bool Offline; // Offline
REF *ref; // Reference counter
LOCK *lock; // Lock
CEDAR *Cedar; // Cedar
HUB *Hub; // HUB
SESSION *ClientSession; // Client session
SESSION *ServerSession; // Server session
CLIENT_OPTION *Option; // Client Option
CLIENT_AUTH *Auth; // Authentication data
POLICY *Policy; // Policy
QUEUE *SendPacketQueue; // Transmission packet queue
UINT LastError; // Last error
bool CheckServerCert; // To check the server certificate
X *ServerCert; // Server certificate
};
PACKET_ADAPTER *LinkGetPacketAdapter();
bool LinkPaInit(SESSION *s);
CANCEL *LinkPaGetCancel(SESSION *s);
UINT LinkPaGetNextPacket(SESSION *s, void **data);
bool LinkPaPutPacket(SESSION *s, void *data, UINT size);
void LinkPaFree(SESSION *s);
void LinkServerSessionThread(THREAD *t, void *param);
LINK *NewLink(CEDAR *cedar, HUB *hub, CLIENT_OPTION *option, CLIENT_AUTH *auth, POLICY *policy);
void StartLink(LINK *k);
void StopLink(LINK *k);
void DelLink(HUB *hub, LINK *k);
void LockLink(LINK *k);
void UnlockLink(LINK *k);
void StopAllLink(HUB *h);
void StartAllLink(HUB *h);
void SetLinkOnline(LINK *k);
void SetLinkOffline(LINK *k);
void ReleaseLink(LINK *k);
void CleanupLink(LINK *k);
void ReleaseAllLink(HUB *h);
void NormalizeLinkPolicy(POLICY *p);
#endif // LINK_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Listener.c
+1079
View File
File diff suppressed because it is too large Load Diff
src/Cedar/Listener.h
+188
View File
@@ -0,0 +1,188 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Listener.h
// Header of Listener.c
#ifndef LISTENER_H
#define LISTENER_H
// Function to call when receiving a new connection
typedef void (NEW_CONNECTION_PROC)(CONNECTION *c);
// Listener structure
struct LISTENER
{
LOCK *lock; // Lock
REF *ref; // Reference counter
CEDAR *Cedar; // Cedar
UINT Protocol; // Protocol
UINT Port; // Port number
THREAD *Thread; // Operating thread
SOCK *Sock; // Socket
EVENT *Event; // Event
volatile bool Halt; // Halting flag
UINT Status; // State
THREAD_PROC *ThreadProc; // Thread procedure
void *ThreadParam; // Thread parameters
bool LocalOnly; // Can be connected only from localhost
bool ShadowIPv6; // Flag indicating that the shadow IPv6 listener
LISTENER *ShadowListener; // Reference to managing shadow IPv6 listener
bool DisableDos; // Disable the DoS attack detection
volatile UINT *NatTGlobalUdpPort; // NAT-T global UDP port number
UCHAR RandPortId; // NAT-T UDP random port ID
bool EnableConditionalAccept; // The flag of whether to enable the Conditional Accept
};
// Parameters of TCPAcceptedThread
struct TCP_ACCEPTED_PARAM
{
LISTENER *r;
SOCK *s;
};
// UDP entry
struct UDP_ENTRY
{
UINT SessionKey32; // 32bit session key
SESSION *Session; // Reference to the session
};
// Dynamic listener
struct DYNAMIC_LISTENER
{
UINT Protocol; // Protocol
UINT Port; // Port
LOCK *Lock; // Lock
CEDAR *Cedar; // Cedar
bool *EnablePtr; // A pointer to the flag of the valid / invalid state
LISTENER *Listener; // Listener
};
// Function prototype
LISTENER *NewListener(CEDAR *cedar, UINT proto, UINT port);
LISTENER *NewListenerEx(CEDAR *cedar, UINT proto, UINT port, THREAD_PROC *proc, void *thread_param);
LISTENER *NewListenerEx2(CEDAR *cedar, UINT proto, UINT port, THREAD_PROC *proc, void *thread_param, bool local_only);
LISTENER *NewListenerEx3(CEDAR *cedar, UINT proto, UINT port, THREAD_PROC *proc, void *thread_param, bool local_only, bool shadow_ipv6);
LISTENER *NewListenerEx4(CEDAR *cedar, UINT proto, UINT port, THREAD_PROC *proc, void *thread_param, bool local_only, bool shadow_ipv6,
volatile UINT *natt_global_udp_port, UCHAR rand_port_id);
LISTENER *NewListenerEx5(CEDAR *cedar, UINT proto, UINT port, THREAD_PROC *proc, void *thread_param, bool local_only, bool shadow_ipv6,
volatile UINT *natt_global_udp_port, UCHAR rand_port_id, bool enable_ca);
void ReleaseListener(LISTENER *r);
void CleanupListener(LISTENER *r);
void ListenerThread(THREAD *thread, void *param);
void ListenerTCPMainLoop(LISTENER *r);
void StopListener(LISTENER *r);
int CompareListener(void *p1, void *p2);
void TCPAccepted(LISTENER *r, SOCK *s);
void EnableDosProtect();
void DisableDosProtect();
void TCPAcceptedThread(THREAD *t, void *param);
void ListenerUDPMainLoop(LISTENER *r);
void UDPReceivedPacket(CEDAR *cedar, SOCK *s, IP *ip, UINT port, void *data, UINT size);
int CompareUDPEntry(void *p1, void *p2);
void CleanupUDPEntry(CEDAR *cedar);
void AddUDPEntry(CEDAR *cedar, SESSION *session);
void DelUDPEntry(CEDAR *cedar, SESSION *session);
SESSION *GetSessionFromUDPEntry(CEDAR *cedar, UINT key32);
UINT GetMaxConnectionsPerIp();
void SetMaxConnectionsPerIp(UINT num);
UINT GetMaxUnestablishedConnections();
void SetMaxUnestablishedConnections(UINT num);
DYNAMIC_LISTENER *NewDynamicListener(CEDAR *c, bool *enable_ptr, UINT protocol, UINT port);
void ApplyDynamicListener(DYNAMIC_LISTENER *d);
void FreeDynamicListener(DYNAMIC_LISTENER *d);
bool ListenerRUDPRpcRecvProc(RUDP_STACK *r, UDPPACKET *p);
void ListenerSetProcRecvRpcEnable(bool b);
#endif // LISTENER_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Logging.c
+2054
View File
File diff suppressed because it is too large Load Diff
src/Cedar/Logging.h
+248
View File
@@ -0,0 +1,248 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Logging.h
// Header of Logging.c
#ifndef LOGGING_H
#define LOGGING_H
// Port number for HTTP monitoring
#define LOG_HTTP_PORT 80
#define MAX_LOG_SIZE 1073741823ULL
typedef char *(RECORD_PARSE_PROC)(RECORD *rec);
// Packet log structure
struct PACKET_LOG
{
CEDAR *Cedar;
struct PKT *Packet;
char *SrcSessionName;
char *DestSessionName;
bool PurePacket; // Packet not cloned
bool PurePacketNoPayload; // Packet not cloned (without payload)
SESSION *SrcSession;
bool NoLog; // Not to write a log
};
// Log save options of the HUB
struct HUB_LOG
{
bool SaveSecurityLog; // To save the security log
UINT SecurityLogSwitchType; // Switching type of security log
bool SavePacketLog; // To save the packet log
UINT PacketLogSwitchType; // Switching type of packet log
UINT PacketLogConfig[NUM_PACKET_LOG]; // Packet log settings
};
// Record
struct RECORD
{
UINT64 Tick; // Time
RECORD_PARSE_PROC *ParseProc; // Parsing procedure
void *Data; // Data
};
// LOG object
struct LOG
{
LOCK *lock; // Lock
THREAD *Thread; // Thread
char *DirName; // Destination directory name
char *Prefix; // File name
UINT SwitchType; // Switching type of log file
QUEUE *RecordQueue; // Record queue
volatile bool Halt; // Halting flag
EVENT *Event; // Event for Log
EVENT *FlushEvent; // Flash completion event
bool CacheFlag;
UINT64 LastTick;
UINT LastSwitchType;
char LastStr[MAX_SIZE];
UINT64 CurrentFilePointer; // The current file pointer
UINT64 MaxLogFileSize; // Maximum log file size
UINT CurrentLogNumber; // Log file number of the current
bool log_number_incremented;
};
// ERASER object
struct ERASER
{
LOG *Log; // Logger
UINT64 MinFreeSpace; // Disk space to start deleting files
char *DirName; // Directory name
volatile bool Halt; // Halting flag
THREAD *Thread; // Thread
bool LastFailed; // Whether deletion of the file failed at the end
EVENT *HaltEvent; // Halting event
};
// List of files that can be deleted
typedef struct ERASE_FILE
{
char *FullPath; // Full path
UINT64 UpdateTime; // Updating date
} ERASE_FILE;
// SYSLOG object
struct SLOG
{
LOCK *lock; // Lock
SOCK *Udp; // UDP socket
IP DestIp; // Destination IP address
UINT DestPort; // Destination port number
char HostName[MAX_HOST_NAME_LEN + 1]; // Host name
UINT64 NextPollIp; // Time of examination of the IP address at the end
};
// Function prototype
LOG *NewLog(char *dir, char *prefix, UINT switch_type);
void FreeLog(LOG *g);
void LogThread(THREAD *thread, void *param);
void WaitLogFlush(LOG *g);
void LockLog(LOG *g);
void UnlockLog(LOG *g);
void InsertRecord(LOG *g, void *data, RECORD_PARSE_PROC *proc);
void InsertStringRecord(LOG *g, char *str);
void InsertUnicodeRecord(LOG *g, wchar_t *unistr);
char *StringRecordParseProc(RECORD *rec);
bool MakeLogFileName(LOG *g, char *name, UINT size, char *dir, char *prefix, UINT64 tick, UINT switch_type, UINT num, char *old_datestr);
void MakeLogFileNameStringFromTick(LOG *g, char *str, UINT size, UINT64 tick, UINT switch_type);
void WriteRecordToBuffer(BUF *b, RECORD *r);
void SetLogDirName(LOG *g, char *dir);
void SetLogPrefix(LOG *g, char *prefix);
void SetLogSwitchType(LOG *g, UINT switch_type);
bool PacketLog(HUB *hub, SESSION *src_session, SESSION *dest_session, PKT *packet, UINT64 now);
char *PacketLogParseProc(RECORD *rec);
UINT CalcPacketLoggingLevel(HUB *hub, PKT *packet);
UINT CalcPacketLoggingLevelEx(HUB_LOG *g, PKT *packet);
char *GenCsvLine(TOKEN_LIST *t);
void ReplaceForCsv(char *str);
char *PortStr(CEDAR *cedar, UINT port, bool udp);
char *TcpFlagStr(UCHAR flag);
void WriteSecurityLog(HUB *h, char *str);
void SecLog(HUB *h, char *fmt, ...);
void SiSetDefaultLogSetting(HUB_LOG *g);
void DebugLog(CEDAR *c, char *fmt, ...);
void HubLog(HUB *h, wchar_t *fmt, ...);
void ServerLog(CEDAR *c, wchar_t *fmt, ...);
void SLog(CEDAR *c, char *name, ...);
void WriteHubLog(HUB *h, wchar_t *str);
void HLog(HUB *h, char *name, ...);
void NLog(VH *v, char *name, ...);
void IPCLog(IPC *ipc, char *name, ...);
void PPPLog(PPP_SESSION *p, char *name, ...);
void IPsecLog(IKE_SERVER *ike, IKE_CLIENT *c, IKE_SA *ike_sa, IPSECSA *ipsec_sa, char *name, ...);
void EtherIPLog(ETHERIP_SERVER *s, char *name, ...);
void WriteServerLog(CEDAR *c, wchar_t *str);
void ALog(ADMIN *a, HUB *h, char *name, ...);
void CLog(CLIENT *c, char *name, ...);
void WriteClientLog(CLIENT *c, wchar_t *str);
ERASER *NewEraser(LOG *log, UINT64 min_size);
void FreeEraser(ERASER *e);
void ELog(ERASER *e, char *name, ...);
void EraserThread(THREAD *t, void *p);
void EraserMain(ERASER *e);
bool CheckEraserDiskFreeSpace(ERASER *e);
int CompareEraseFile(void *p1, void *p2);
LIST *GenerateEraseFileList(ERASER *e);
void FreeEraseFileList(LIST *o);
void PrintEraseFileList(LIST *o);
void EnumEraseFile(LIST *o, char *dirname);
SLOG *NewSysLog(char *hostname, UINT port);
void SetSysLog(SLOG *g, char *hostname, UINT port);
void FreeSysLog(SLOG *g);
void SendSysLog(SLOG *g, wchar_t *str);
void WriteMultiLineLog(LOG *g, BUF *b);
char *BuildHttpLogStr(HTTPLOG *h);
void MakeSafeLogStr(char *str);
void AddLogBufToStr(BUF *b, char *name, char *value);
#endif // LOGGING_G
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/NM.c
+1516
View File
File diff suppressed because it is too large Load Diff
src/Cedar/NM.h
+96
View File
@@ -0,0 +1,96 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// NM.h
// Header of NM.c
#ifndef NM_H
#define NM_H
// External function
void NMExec();
#endif // NM_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/NMInner.h
+148
View File
@@ -0,0 +1,148 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// NMInner.h
// The internal header of NM.c
// Constants
#define NM_REG_KEY "Software\\" GC_REG_COMPANY_NAME "\\PacketiX VPN\\User-mode Router Manager"
#define NM_SETTING_REG_KEY "Software\\" GC_REG_COMPANY_NAME "\\PacketiX VPN\\User-mode Router Manager\\Settings"
#define NM_REFRESH_TIME 1000
#define NM_NAT_REFRESH_TIME 1000
#define NM_DHCP_REFRESH_TIME 1000
// Nat Admin structure
typedef struct NM
{
CEDAR *Cedar; // Cedar
} NM;
// Connection structure
typedef struct NM_CONNECT
{
RPC *Rpc; // RPC
char *Hostname;
UINT Port;
} NM_CONNECT;
// Login
typedef struct NM_LOGIN
{
char *Hostname;
UINT Port;
UCHAR hashed_password[SHA1_SIZE];
} NM_LOGIN;
// Internal function
void InitNM();
void FreeNM();
void MainNM();
RPC *NmConnect(char *hostname, UINT port);
UINT NmConnectDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
UINT NmLogin(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void NmMainDlg(RPC *r);
UINT NmMainDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void NmMainDlgInit(HWND hWnd, RPC *r);
void NmMainDlgRefresh(HWND hWnd, RPC *r);
void NmEditClientConfig(HWND hWnd, RPC *r);
void NmEditVhOption(HWND hWnd, SM_HUB *r);
UINT NmEditVhOptionProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void NmEditVhOptionInit(HWND hWnd, SM_HUB *r);
void NmEditVhOptionUpdate(HWND hWnd, SM_HUB *r);
void NmEditVhOptionOnOk(HWND hWnd, SM_HUB *r);
void NmEditVhOptionFormToVH(HWND hWnd, VH_OPTION *t);
bool NmStatus(HWND hWnd, SM_SERVER *s, void *param);
bool NmInfo(HWND hWnd, SM_SERVER *s, void *param);
void NmNat(HWND hWnd, SM_HUB *r);
UINT NmNatProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void NmNatInit(HWND hWnd, SM_HUB *r);
void NmNatRefresh(HWND hWnd, SM_HUB *r);
void NmDhcp(HWND hWnd, SM_HUB *r);
UINT NmDhcpProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void NmDhcpRefresh(HWND hWnd, SM_HUB *r);
void NmDhcpInit(HWND hWnd, SM_HUB *r);
void NmChangePassword(HWND hWnd, RPC *r);
UINT NmChangePasswordProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Nat.c
+1876
View File
File diff suppressed because it is too large Load Diff
src/Cedar/Nat.h
+291
View File
@@ -0,0 +1,291 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Nat.h
// Header of Nat.c
#ifndef NAT_H
#define NAT_H
// Constants
#define NAT_CONFIG_FILE_NAME "@vpn_router.config" // NAT configuration file
#define DEFAULT_NAT_ADMIN_PORT 2828 // Default port number for management
#define NAT_ADMIN_PORT_LISTEN_INTERVAL 1000 // Interval for trying to open a port for management
#define NAT_FILE_SAVE_INTERVAL (30 * 1000) // Interval to save
// NAT object
struct NAT
{
LOCK *lock; // Lock
UCHAR HashedPassword[SHA1_SIZE]; // Administrative password
VH_OPTION Option; // Option
CEDAR *Cedar; // Cedar
UINT AdminPort; // Management port number
bool Online; // Online flag
VH *Virtual; // Virtual host object
CLIENT_OPTION *ClientOption; // Client Option
CLIENT_AUTH *ClientAuth; // Client authentication data
CFG_RW *CfgRw; // Config file R/W
THREAD *AdminAcceptThread; // Management connection reception thread
SOCK *AdminListenSock; // Management port socket
EVENT *HaltEvent; // Halting event
volatile bool Halt; // Halting flag
LIST *AdminList; // Management thread list
X *AdminX; // Server certificate for management
K *AdminK; // Server private key for management
SNAT *SecureNAT; // SecureNAT object
};
// NAT management connection
struct NAT_ADMIN
{
NAT *Nat; // NAT
SOCK *Sock; // Socket
THREAD *Thread; // Thread
};
// RPC_DUMMY
struct RPC_DUMMY
{
UINT DummyValue;
};
// RPC_NAT_STATUS
struct RPC_NAT_STATUS
{
char HubName[MAX_HUBNAME_LEN + 1]; // HUB name
UINT NumTcpSessions; // Number of TCP sessions
UINT NumUdpSessions; // Ntmber of UDP sessions
UINT NumIcmpSessions; // Nymber of ICMP sessions
UINT NumDnsSessions; // Number of DNS sessions
UINT NumDhcpClients; // Number of DHCP clients
bool IsKernelMode; // Whether kernel mode
};
// RPC_NAT_INFO *
struct RPC_NAT_INFO
{
char NatProductName[128]; // Server product name
char NatVersionString[128]; // Server version string
char NatBuildInfoString[128]; // Server build information string
UINT NatVerInt; // Server version integer value
UINT NatBuildInt; // Server build number integer value
char NatHostName[MAX_HOST_NAME_LEN + 1]; // Server host name
OS_INFO OsInfo; // OS information
MEMINFO MemInfo; // Memory information
};
// RPC_ENUM_NAT_ITEM
struct RPC_ENUM_NAT_ITEM
{
UINT Id; // ID
UINT Protocol; // Protocol
UINT SrcIp; // Source IP address
char SrcHost[MAX_HOST_NAME_LEN + 1]; // Source host name
UINT SrcPort; // Source port number
UINT DestIp; // Destination IP address
char DestHost[MAX_HOST_NAME_LEN + 1]; // Destination host name
UINT DestPort; // Destination port number
UINT64 CreatedTime; // Connection time
UINT64 LastCommTime; // Last communication time
UINT64 SendSize; // Transmission size
UINT64 RecvSize; // Receive size
UINT TcpStatus; // TCP state
};
// RPC_ENUM_NAT *
struct RPC_ENUM_NAT
{
char HubName[MAX_HUBNAME_LEN + 1]; // HUB name
UINT NumItem; // Number of items
RPC_ENUM_NAT_ITEM *Items; // Item
};
// RPC_ENUM_DHCP_ITEM
struct RPC_ENUM_DHCP_ITEM
{
UINT Id; // ID
UINT64 LeasedTime; // Lease time
UINT64 ExpireTime; // Expiration date
UCHAR MacAddress[6]; // MAC address
UCHAR Padding[2]; // Padding
UINT IpAddress; // IP address
UINT Mask; // Subnet mask
char Hostname[MAX_HOST_NAME_LEN + 1]; // Host name
};
// RPC_ENUM_DHCP *
struct RPC_ENUM_DHCP
{
char HubName[MAX_HUBNAME_LEN + 1]; // HUB name
UINT NumItem; // Number of items
RPC_ENUM_DHCP_ITEM *Items; // Item
};
// Function prototype
NAT *NiNewNat();
NAT *NiNewNatEx(SNAT *snat, VH_OPTION *o);
void NiFreeNat(NAT *n);
void NiInitConfig(NAT *n);
void NiFreeConfig(NAT *n);
void NiInitDefaultConfig(NAT *n);
void NiSetDefaultVhOption(NAT *n, VH_OPTION *o);
void NiClearUnsupportedVhOptionForDynamicHub(VH_OPTION *o, bool initial);
void NiWriteConfig(NAT *n);
void NiWriteVhOption(NAT *n, FOLDER *root);
void NiWriteVhOptionEx(VH_OPTION *o, FOLDER *root);
void NiWriteClientData(NAT *n, FOLDER *root);
void NiLoadVhOption(NAT *n, FOLDER *root);
void NiLoadVhOptionEx(VH_OPTION *o, FOLDER *root);
bool NiLoadConfig(NAT *n, FOLDER *root);
void NiLoadClientData(NAT *n, FOLDER *root);
void NiInitAdminAccept(NAT *n);
void NiFreeAdminAccept(NAT *n);
void NiListenThread(THREAD *thread, void *param);
void NiAdminThread(THREAD *thread, void *param);
void NiAdminMain(NAT *n, SOCK *s);
PACK *NiRpcServer(RPC *r, char *name, PACK *p);
RPC *NatAdminConnect(CEDAR *cedar, char *hostname, UINT port, void *hashed_password, UINT *err);
void NatAdminDisconnect(RPC *r);
void NtStartNat();
void NtStopNat();
void NtInit();
void NtFree();
UINT NtOnline(NAT *n, RPC_DUMMY *t);
UINT NtOffline(NAT *n, RPC_DUMMY *t);
UINT NtSetHostOption(NAT *n, VH_OPTION *t);
UINT NtGetHostOption(NAT *n, VH_OPTION *t);
UINT NtSetClientConfig(NAT *n, RPC_CREATE_LINK *t);
UINT NtGetClientConfig(NAT *n, RPC_CREATE_LINK *t);
UINT NtGetStatus(NAT *n, RPC_NAT_STATUS *t);
UINT NtGetInfo(NAT *n, RPC_NAT_INFO *t);
UINT NtEnumNatList(NAT *n, RPC_ENUM_NAT *t);
UINT NtEnumDhcpList(NAT *n, RPC_ENUM_DHCP *t);
UINT NtSetPassword(NAT *n, RPC_SET_PASSWORD *t);
UINT NcOnline(RPC *r, RPC_DUMMY *t);
UINT NcOffline(RPC *r, RPC_DUMMY *t);
UINT NcSetHostOption(RPC *r, VH_OPTION *t);
UINT NcGetHostOption(RPC *r, VH_OPTION *t);
UINT NcSetClientConfig(RPC *r, RPC_CREATE_LINK *t);
UINT NcGetClientConfig(RPC *r, RPC_CREATE_LINK *t);
UINT NcGetStatus(RPC *r, RPC_NAT_STATUS *t);
UINT NcGetInfo(RPC *r, RPC_NAT_INFO *t);
UINT NcEnumNatList(RPC *r, RPC_ENUM_NAT *t);
UINT NcEnumDhcpList(RPC *r, RPC_ENUM_DHCP *t);
UINT NcSetPassword(RPC *r, RPC_SET_PASSWORD *t);
void InRpcEnumDhcp(RPC_ENUM_DHCP *t, PACK *p);
void OutRpcEnumDhcp(PACK *p, RPC_ENUM_DHCP *t);
void FreeRpcEnumDhcp(RPC_ENUM_DHCP *t);
void InRpcEnumNat(RPC_ENUM_NAT *t, PACK *p);
void OutRpcEnumNat(PACK *p, RPC_ENUM_NAT *t);
void FreeRpcEnumNat(RPC_ENUM_NAT *t);
void InRpcNatInfo(RPC_NAT_INFO *t, PACK *p);
void OutRpcNatInfo(PACK *p, RPC_NAT_INFO *t);
void FreeRpcNatInfo(RPC_NAT_INFO *t);
void InRpcNatStatus(RPC_NAT_STATUS *t, PACK *p);
void OutRpcNatStatus(PACK *p, RPC_NAT_STATUS *t);
void FreeRpcNatStatus(RPC_NAT_STATUS *t);
void InVhOption(VH_OPTION *t, PACK *p);
void OutVhOption(PACK *p, VH_OPTION *t);
void InRpcDummy(RPC_DUMMY *t, PACK *p);
void OutRpcDummy(PACK *p, RPC_DUMMY *t);
#endif // NAT_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/NativeStack.c
+417
View File
@@ -0,0 +1,417 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// NativeStack.c
// Native IP stack
#include "CedarPch.h"
// Stack main thread
void NsMainThread(THREAD *thread, void *param)
{
NATIVE_STACK *a = (NATIVE_STACK *)param;
// Validate arguments
if (thread == NULL || param == NULL)
{
return;
}
while (true)
{
SOCKSET set;
bool err = false;
bool flush_tube;
LIST *recv_packets;
bool state_changed = false;
InitSockSet(&set);
AddSockSet(&set, a->Sock1);
if (a->Halt)
{
break;
}
// Pass to the IPC by receiving from the bridge
LABEL_RESTART:
state_changed = false;
flush_tube = false;
while (true)
{
void *data;
UINT size;
size = EthGetPacket(a->Eth, &data);
if (size == INFINITE)
{
// Device error
err = true;
break;
}
else if (size == 0)
{
// Can not get any more
break;
}
else
{
// Pass the IPC socket
TubeSendEx(a->Sock1->SendTube, data, size, NULL, true);
Free(data);
flush_tube = true;
state_changed = true;
}
}
if (flush_tube)
{
TubeFlush(a->Sock1->SendTube);
}
// Pass to the bridge by receiving from IPC
recv_packets = NULL;
while (true)
{
TUBEDATA *d = TubeRecvAsync(a->Sock1->RecvTube);
if (d == NULL)
{
break;
}
if (recv_packets == NULL)
{
recv_packets = NewListFast(NULL);
}
Add(recv_packets, d);
state_changed = true;
}
if (recv_packets != NULL)
{
UINT i;
UINT num = LIST_NUM(recv_packets);
void **data_array;
UINT *size_array;
data_array = Malloc(sizeof(void *) * num);
size_array = Malloc(sizeof(UINT) * num);
for (i = 0;i < num;i++)
{
TUBEDATA *d = LIST_DATA(recv_packets, i);
data_array[i] = d->Data;
size_array[i] = d->DataSize;
}
EthPutPackets(a->Eth, num, data_array, size_array);
for (i = 0;i < num;i++)
{
TUBEDATA *d = LIST_DATA(recv_packets, i);
// Because the data buffer has been already released, not to release twice
d->Data = NULL;
FreeTubeData(d);
}
Free(data_array);
Free(size_array);
ReleaseList(recv_packets);
}
if (IsTubeConnected(a->Sock1->SendTube) == false || IsTubeConnected(a->Sock1->RecvTube) == false)
{
err = true;
}
if (err)
{
// An error has occured
Debug("Native Stack: Error !\n");
a->Halt = true;
continue;
}
if (state_changed)
{
goto LABEL_RESTART;
}
Select(&set, 1234, a->Cancel, NULL);
}
Disconnect(a->Sock1);
Disconnect(a->Sock2);
}
// Release the stack
void FreeNativeStack(NATIVE_STACK *a)
{
// Validate arguments
if (a == NULL)
{
return;
}
if (a->Ipc != NULL && IsZero(&a->CurrentDhcpOptionList, sizeof(a->CurrentDhcpOptionList)) == false)
{
IP dhcp_server;
UINTToIP(&dhcp_server, a->CurrentDhcpOptionList.ServerAddress);
IPCDhcpFreeIP(a->Ipc, &dhcp_server);
SleepThread(200);
}
a->Halt = true;
Cancel(a->Cancel);
Disconnect(a->Sock1);
Disconnect(a->Sock2);
WaitThread(a->MainThread, INFINITE);
ReleaseThread(a->MainThread);
CloseEth(a->Eth);
FreeIPC(a->Ipc);
ReleaseCancel(a->Cancel);
ReleaseSock(a->Sock1);
ReleaseSock(a->Sock2);
ReleaseCedar(a->Cedar);
Free(a);
}
// Create a new stack
NATIVE_STACK *NewNativeStack(CEDAR *cedar, char *device_name, char *mac_address_seed)
{
ETH *eth;
NATIVE_STACK *a;
IP localhost;
char tmp[64];
bool release_cedar = false;
// Validate arguments
if (device_name == NULL || mac_address_seed == NULL)
{
return NULL;
}
if (cedar == NULL)
{
cedar = NewCedar(NULL, NULL);
release_cedar = true;
}
GetLocalHostIP4(&localhost);
// Open the Eth device
eth = OpenEth(device_name, false, false, NULL);
if (eth == NULL)
{
return NULL;
}
a = ZeroMalloc(sizeof(NATIVE_STACK));
NewSocketPair(&a->Sock1, &a->Sock2, &localhost, 1, &localhost, 1);
a->Cedar = cedar;
AddRef(a->Cedar->ref);
NsGenMacAddress(a->MacAddress, mac_address_seed, device_name);
BinToStr(tmp, sizeof(tmp), a->MacAddress, sizeof(a->MacAddress));
Debug("NewNativeStack: MAC Address = %s\n", tmp);
a->Ipc = NewIPCBySock(cedar, a->Sock2, a->MacAddress);
StrCpy(a->DeviceName, sizeof(a->DeviceName), device_name);
a->Eth = eth;
a->Cancel = EthGetCancel(eth);
a->MainThread = NewThread(NsMainThread, a);
if (release_cedar)
{
ReleaseCedar(cedar);
}
return a;
}
// Identify whether the specified MAC address is for the Native Stack which operate on the same host
bool NsIsMacAddressOnLocalhost(UCHAR *mac)
{
UCHAR tmp[2];
// Validate arguments
if (mac == NULL)
{
return false;
}
if (mac[0] != NS_MAC_ADDRESS_BYTE_1)
{
return false;
}
NsGenMacAddressSignatureForMachine(tmp, mac);
if (Cmp(mac + 4, tmp, 2) == 0)
{
return true;
}
return false;
}
// Determine the last two bytes of the MAC address
void NsGenMacAddressSignatureForMachine(UCHAR *dst_last_2, UCHAR *src_mac_addr_4)
{
char machine_name[MAX_SIZE];
BUF *b;
UCHAR hash[SHA1_SIZE];
// Validate arguments
if (dst_last_2 == NULL || src_mac_addr_4 == NULL)
{
return;
}
GetMachineHostName(machine_name, sizeof(machine_name));
Trim(machine_name);
StrUpper(machine_name);
b = NewBuf();
WriteBuf(b, src_mac_addr_4, 4);
WriteBufStr(b, machine_name);
HashSha1(hash, b->Buf, b->Size);
FreeBuf(b);
Copy(dst_last_2, hash, 2);
}
// Generate the MAC address
void NsGenMacAddress(void *dest, char *mac_address_seed, char *device_name)
{
char tmp[MAX_SIZE];
UCHAR mac[6];
UCHAR hash[SHA1_SIZE];
Zero(tmp, sizeof(tmp));
StrCat(tmp, sizeof(tmp), mac_address_seed);
StrCat(tmp, sizeof(tmp), "@");
StrCat(tmp, sizeof(tmp), device_name);
Trim(tmp);
StrLower(tmp);
HashSha1(hash, tmp, StrLen(tmp));
mac[0] = NS_MAC_ADDRESS_BYTE_1;
mac[1] = hash[1];
mac[2] = hash[2];
mac[3] = hash[3];
mac[4] = hash[4];
mac[5] = hash[5];
NsGenMacAddressSignatureForMachine(mac + 4, mac);
Copy(dest, mac, 6);
}
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/NativeStack.h
+123
View File
@@ -0,0 +1,123 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// NativeStack.h
// Header of NativeStack.c
#ifndef NATIVESTACK_H
#define NATIVESTACK_H
//// Constants
#define NS_MAC_ADDRESS_BYTE_1 0xDA // First byte of the MAC address
//// Type
struct NATIVE_STACK
{
CEDAR *Cedar;
IPC *Ipc; // IPC object
char DeviceName[MAX_SIZE]; // Ethernet device name
THREAD *MainThread; // Main thread
bool Halt; // Halting flag
CANCEL *Cancel; // Cancel
UCHAR MacAddress[6]; // MAC address of the virtual host
ETH *Eth; // Eth device
SOCK *Sock1; // Sock1 (To be used in the bridge side)
SOCK *Sock2; // Sock2 (Used in the IPC side)
DHCP_OPTION_LIST CurrentDhcpOptionList; // Current DHCP options list
IP DnsServerIP; // IP address of the DNS server
};
//// Function prototype
NATIVE_STACK *NewNativeStack(CEDAR *cedar, char *device_name, char *mac_address_seed);
void FreeNativeStack(NATIVE_STACK *a);
void NsGenMacAddress(void *dest, char *mac_address_seed, char *device_name);
void NsMainThread(THREAD *thread, void *param);
void NsGenMacAddressSignatureForMachine(UCHAR *dst_last_2, UCHAR *src_mac_addr_4);
bool NsIsMacAddressOnLocalhost(UCHAR *mac);
#endif // NATIVESTACK_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/NullLan.c
+256
View File
@@ -0,0 +1,256 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// NullLan.c
// Virtual LAN card device driver for testing
#include "CedarPch.h"
static UCHAR null_lan_broadcast_address[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
// Get the packet adapter
PACKET_ADAPTER *NullGetPacketAdapter()
{
PACKET_ADAPTER *pa = NewPacketAdapter(NullPaInit, NullPaGetCancel, NullPaGetNextPacket,
NullPaPutPacket, NullPaFree);
return pa;
}
// Packet generation thread
void NullPacketGenerateThread(THREAD *t, void *param)
{
NULL_LAN *n = (NULL_LAN *)param;
// Validate arguments
if (t == NULL || param == NULL)
{
return;
}
while (true)
{
Wait(n->Event, Rand32() % NULL_PACKET_GENERATE_INTERVAL);
if (n->Halt)
{
break;
}
LockQueue(n->PacketQueue);
{
UCHAR *data;
BLOCK *b;
UINT size = Rand32() % 1500 + 14;
data = Malloc(size);
Copy(data, null_lan_broadcast_address, 6);
Copy(data + 6, n->MacAddr, 6);
b = NewBlock(data, size, 0);
InsertQueue(n->PacketQueue, b);
}
UnlockQueue(n->PacketQueue);
Cancel(n->Cancel);
}
}
// Initialize the packet adapter
bool NullPaInit(SESSION *s)
{
NULL_LAN *n;
// Validate arguments
if (s == NULL)
{
return false;
}
n = ZeroMalloc(sizeof(NULL_LAN));
s->PacketAdapter->Param = (void *)n;
n->Cancel = NewCancel();
n->PacketQueue = NewQueue();
n->Event = NewEvent();
GenMacAddress(n->MacAddr);
n->PacketGeneratorThread = NewThread(NullPacketGenerateThread, n);
return true;
}
// Get the cancel object
CANCEL *NullPaGetCancel(SESSION *s)
{
// Validate arguments
NULL_LAN *n;
if (s == NULL || (n = s->PacketAdapter->Param) == NULL)
{
return NULL;
}
AddRef(n->Cancel->ref);
return n->Cancel;
}
// Get the next packet
UINT NullPaGetNextPacket(SESSION *s, void **data)
{
UINT size = 0;
// Validate arguments
NULL_LAN *n;
if (s == NULL || (n = s->PacketAdapter->Param) == NULL)
{
return INFINITE;
}
LockQueue(n->PacketQueue);
{
BLOCK *b = GetNext(n->PacketQueue);
if (b != NULL)
{
*data = b->Buf;
size = b->Size;
Free(b);
}
}
UnlockQueue(n->PacketQueue);
return size;
}
// Write the packet
bool NullPaPutPacket(SESSION *s, void *data, UINT size)
{
// Validate arguments
if (s == NULL)
{
return false;
}
if (data == NULL)
{
return true;
}
// Packet ignored
Free(data);
return true;
}
// Release
void NullPaFree(SESSION *s)
{
// Validate arguments
NULL_LAN *n;
BLOCK *b;
if (s == NULL || (n = s->PacketAdapter->Param) == NULL)
{
return;
}
n->Halt = true;
Set(n->Event);
WaitThread(n->PacketGeneratorThread, INFINITE);
ReleaseThread(n->PacketGeneratorThread);
LockQueue(n->PacketQueue);
{
while (b = GetNext(n->PacketQueue))
{
FreeBlock(b);
}
}
UnlockQueue(n->PacketQueue);
ReleaseQueue(n->PacketQueue);
ReleaseCancel(n->Cancel);
ReleaseEvent(n->Event);
s->PacketAdapter->Param = NULL;
Free(n);
}
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/NullLan.h
+117
View File
@@ -0,0 +1,117 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// NullLan.h
// Header of NullLan.c
#ifndef NULLLAN_H
#define NULLLAN_H
#define NULL_PACKET_GENERATE_INTERVAL 100000000 // Packet generation interval
// NULL device structure
struct NULL_LAN
{
THREAD *PacketGeneratorThread;
CANCEL *Cancel;
QUEUE *PacketQueue;
volatile bool Halt;
EVENT *Event;
UCHAR MacAddr[6];
UCHAR Padding[2];
};
PACKET_ADAPTER *NullGetPacketAdapter();
bool NullPaInit(SESSION *s);
CANCEL *NullPaGetCancel(SESSION *s);
UINT NullPaGetNextPacket(SESSION *s, void **data);
bool NullPaPutPacket(SESSION *s, void *data, UINT size);
void NullPaFree(SESSION *s);
void NullPacketGenerateThread(THREAD *t, void *param);
#endif // NULLAN_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Protocol.c
+6535
View File
File diff suppressed because it is too large Load Diff
src/Cedar/Protocol.h
+270
View File
@@ -0,0 +1,270 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Protocol.h
// Header of Protocol.c
#ifndef PROTOCOL_H
#define PROTOCOL_H
// The parameters that will be passed to the certificate confirmation thread
struct CHECK_CERT_THREAD_PROC
{
CONNECTION *Connection;
X *ServerX;
CHECK_CERT_PROC *CheckCertProc;
bool UserSelected;
bool Exipred;
bool Ok;
};
// The parameters that will be passed to the secure device signature thread
struct SECURE_SIGN_THREAD_PROC
{
SECURE_SIGN_PROC *SecureSignProc;
CONNECTION *Connection;
SECURE_SIGN *SecureSign;
bool UserFinished;
bool Ok;
};
// Signature sending thread parameters
struct SEND_SIGNATURE_PARAM
{
char Hostname[MAX_PATH]; // Host name
UINT Port; // Port number
BUF *Buffer; // Packet contents
};
// Software update client callback
typedef void (UPDATE_NOTIFY_PROC)(UPDATE_CLIENT *c, UINT latest_build, UINT64 latest_date, char *latest_ver, char *url, volatile bool *halt_flag, void *param);
typedef bool (UPDATE_ISFOREGROUND_PROC)(UPDATE_CLIENT *c, void *param);
// Configure the software update client
struct UPDATE_CLIENT_SETTING
{
bool DisableCheck; // Disable the update check
UINT LatestIgnoreBuild; // Ignore for earlier or identical to this build number
};
// Software update client
struct UPDATE_CLIENT
{
char FamilyName[MAX_SIZE]; // Product family name
char SoftwareName[MAX_SIZE]; // Software Name
wchar_t SoftwareTitle[MAX_SIZE]; // Software display name
char ClientId[128]; // Client ID
UINT MyBuild; // Build number of myself
UINT64 MyDate; // Build date of myself
char MyLanguage[MAX_SIZE]; // My language
UPDATE_CLIENT_SETTING Setting; // Setting
UINT LatestBuild; // Latest build number that was successfully acquired
volatile bool HaltFlag; // Halting flag
EVENT *HaltEvent; // Halting event
void *Param; // Any parameters
THREAD *Thread; // Thread
UPDATE_NOTIFY_PROC *Callback; // Callback function
UPDATE_ISFOREGROUND_PROC *IsForegroundCb; // Callback function for retrieving whether foreground
};
//// Constant related to updating of the software
// Family
#define UPDATE_FAMILY_NAME _SS("PRODUCT_FAMILY_NAME")
// Software update server certificate hash
#define UPDATE_SERVER_CERT_HASH "EFAC5FA0CDD14E0F864EED58A73C35D7E33B62F3"
// URL
#define UPDATE_SERVER_URL_GLOBAL "https://update-check.softether-network.net/update/update.aspx?family=%s&software=%s&mybuild=%u&lang=%s"
#define UPDATE_SERVER_URL_CHINA "https://update-check.uxcom.jp/update/update.aspx?family=%s&software=%s&mybuild=%u&lang=%s"
// Update check interval
#define UPDATE_CHECK_INTERVAL_MIN (12 * 3600 * 1000)
#define UPDATE_CHECK_INTERVAL_MAX (24 * 7200 * 1000)
// Connection parameters
#define UPDATE_CONNECT_TIMEOUT 5000
#define UPDATE_COMM_TIMEOUT 5000
// Function prototype
UPDATE_CLIENT *NewUpdateClient(UPDATE_NOTIFY_PROC *cb, UPDATE_ISFOREGROUND_PROC *isforeground_cb, void *param, char *family_name, char *software_name, wchar_t *software_title, UINT my_build, UINT64 my_date, char *my_lang, UPDATE_CLIENT_SETTING *current_setting, char *client_id);
void FreeUpdateClient(UPDATE_CLIENT *c);
void UpdateClientThreadProc(THREAD *thread, void *param);
void UpdateClientThreadMain(UPDATE_CLIENT *c);
void UpdateClientThreadProcessResults(UPDATE_CLIENT *c, BUF *b);
void SetUpdateClientSetting(UPDATE_CLIENT *c, UPDATE_CLIENT_SETTING *s);
UINT64 ShortStrToDate64(char *str);
bool ServerAccept(CONNECTION *c);
bool ClientConnect(CONNECTION *c);
SOCK *ClientConnectToServer(CONNECTION *c);
SOCK *TcpIpConnect(char *hostname, UINT port, bool try_start_ssl, bool ssl_no_tls);
SOCK *TcpIpConnectEx(char *hostname, UINT port, bool *cancel_flag, void *hWnd, UINT *nat_t_error_code, bool no_nat_t, bool try_start_ssl, bool ssl_no_tls);
bool ClientUploadSignature(SOCK *s);
bool ClientDownloadHello(CONNECTION *c, SOCK *s);
bool ServerDownloadSignature(CONNECTION *c, char **error_detail_str);
bool ServerUploadHello(CONNECTION *c);
bool ClientUploadAuth(CONNECTION *c);
SOCK *ClientConnectGetSocket(CONNECTION *c, bool additional_connect, bool no_tls);
SOCK *TcpConnectEx2(char *hostname, UINT port, UINT timeout, bool *cancel_flag, void *hWnd, bool try_start_ssl, bool ssl_no_tls);
SOCK *TcpConnectEx3(char *hostname, UINT port, UINT timeout, bool *cancel_flag, void *hWnd, bool no_nat_t, UINT *nat_t_error_code, bool try_start_ssl, bool ssl_no_tls);
void InitProtocol();
void FreeProtocol();
POLICY *PackGetPolicy(PACK *p);
void PackAddPolicy(PACK *p, POLICY *y);
PACK *PackWelcome(SESSION *s);
PACK *PackHello(void *random, UINT ver, UINT build, char *server_str);
bool GetHello(PACK *p, void *random, UINT *ver, UINT *build, char *server_str, UINT server_str_size);
PACK *PackLoginWithAnonymous(char *hubname, char *username);
PACK *PackLoginWithPassword(char *hubname, char *username, void *secure_password);
PACK *PackLoginWithPlainPassword(char *hubname, char *username, void *plain_password);
PACK *PackLoginWithCert(char *hubname, char *username, X *x, void *sign, UINT sign_size);
bool GetMethodFromPack(PACK *p, char *method, UINT size);
bool GetHubnameAndUsernameFromPack(PACK *p, char *username, UINT username_size,
char *hubname, UINT hubname_size);
PACK *PackAdditionalConnect(UCHAR *session_key);
UINT GetAuthTypeFromPack(PACK *p);
UINT GetProtocolFromPack(PACK *p);
bool ParseWelcomeFromPack(PACK *p, char *session_name, UINT session_name_size,
char *connection_name, UINT connection_name_size,
POLICY **policy);
bool ClientAdditionalConnect(CONNECTION *c, THREAD *t);
SOCK *ClientAdditionalConnectToServer(CONNECTION *c);
bool ClientUploadAuth2(CONNECTION *c, SOCK *s);
bool GetSessionKeyFromPack(PACK *p, UCHAR *session_key, UINT *session_key_32);
void GenerateRC4KeyPair(RC4_KEY_PAIR *k);
SOCK *ProxyConnect(CONNECTION *c, char *proxy_host_name, UINT proxy_port,
char *server_host_name, UINT server_port,
char *username, char *password, bool additional_connect);
SOCK *ProxyConnectEx(CONNECTION *c, char *proxy_host_name, UINT proxy_port,
char *server_host_name, UINT server_port,
char *username, char *password, bool additional_connect,
bool *cancel_flag, void *hWnd);
SOCK *ProxyConnectEx2(CONNECTION *c, char *proxy_host_name, UINT proxy_port,
char *server_host_name, UINT server_port,
char *username, char *password, bool additional_connect,
bool *cancel_flag, void *hWnd, UINT timeout);
SOCK *SocksConnect(CONNECTION *c, char *proxy_host_name, UINT proxy_port,
char *server_host_name, UINT server_port,
char *username, bool additional_connect);
SOCK *SocksConnectEx(CONNECTION *c, char *proxy_host_name, UINT proxy_port,
char *server_host_name, UINT server_port,
char *username, bool additional_connect,
bool *cancel_flag, void *hWnd);
SOCK *SocksConnectEx2(CONNECTION *c, char *proxy_host_name, UINT proxy_port,
char *server_host_name, UINT server_port,
char *username, bool additional_connect,
bool *cancel_flag, void *hWnd, UINT timeout);
bool SocksSendRequestPacket(CONNECTION *c, SOCK *s, UINT dest_port, IP *dest_ip, char *userid);
bool SocksRecvResponsePacket(CONNECTION *c, SOCK *s);
void CreateNodeInfo(NODE_INFO *info, CONNECTION *c);
UINT SecureSign(SECURE_SIGN *sign, UINT device_id, char *pin);
void ClientUploadNoop(CONNECTION *c);
bool ClientCheckServerCert(CONNECTION *c, bool *expired);
void ClientCheckServerCertThread(THREAD *thread, void *param);
bool ClientSecureSign(CONNECTION *c, UCHAR *sign, UCHAR *random, X **x);
void ClientSecureSignThread(THREAD *thread, void *param);
UINT SecureWrite(UINT device_id, char *cert_name, X *x, char *key_name, K *k, char *pin);
UINT SecureEnum(UINT device_id, char *pin, TOKEN_LIST **cert_list, TOKEN_LIST **key_list);
UINT SecureDelete(UINT device_id, char *pin, char *cert_name, char *key_name);
TOKEN_LIST *EnumHub(SESSION *s);
UINT ChangePasswordAccept(CONNECTION *c, PACK *p);
UINT ChangePassword(CEDAR *cedar, CLIENT_OPTION *o, char *hubname, char *username, char *old_pass, char *new_pass);
void PackAddClientVersion(PACK *p, CONNECTION *c);
void NodeInfoToStr(wchar_t *str, UINT size, NODE_INFO *info);
void GenerateMachineUniqueHash(void *data);
#endif // PROTOCOL_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Radius.c
+90
View File
@@ -0,0 +1,90 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Radius.c
// Radius authentication module
#include "CedarPch.h"
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Radius.h
+99
View File
@@ -0,0 +1,99 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Radius.h
// Header of Radius.c
#ifndef RADIUS_H
#define RADIUS_H
#define RADIUS_DEFAULT_PORT 1812 // The default port number
#define RADIUS_RETRY_INTERVAL 500 // Retransmission interval
#define RADIUS_RETRY_TIMEOUT (10 * 1000) // Time-out period
#endif // RADIUS_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Remote.c
+448
View File
@@ -0,0 +1,448 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Remote.c
// Remote Procedure Call
#include "CedarPch.h"
// End of RPC
void EndRpc(RPC *rpc)
{
RpcFree(rpc);
}
// Release the RPC
void RpcFree(RPC *rpc)
{
// Validate arguments
if (rpc == NULL)
{
return;
}
Disconnect(rpc->Sock);
ReleaseSock(rpc->Sock);
DeleteLock(rpc->Lock);
Free(rpc);
}
// Get error
UINT RpcGetError(PACK *p)
{
// Validate arguments
if (p == NULL)
{
return ERR_DISCONNECTED;
}
return PackGetInt(p, "error_code");
}
// Error checking
bool RpcIsOk(PACK *p)
{
// Validate arguments
if (p == NULL)
{
return false;
}
if (PackGetInt(p, "error") == 0)
{
return true;
}
else
{
return false;
}
}
// Error code setting
void RpcError(PACK *p, UINT err)
{
// Validate arguments
if (p == NULL)
{
return;
}
PackAddInt(p, "error", 1);
PackAddInt(p, "error_code", err);
}
// Start the RPC dispatcher
PACK *CallRpcDispatcher(RPC *r, PACK *p)
{
char func_name[MAX_SIZE];
// Validate arguments
if (r == NULL || p == NULL)
{
return NULL;
}
if (PackGetStr(p, "function_name", func_name, sizeof(func_name)) == false)
{
return NULL;
}
return r->Dispatch(r, func_name, p);
}
// Wait for the next RPC call
bool RpcRecvNextCall(RPC *r)
{
UINT size;
void *tmp;
SOCK *s;
BUF *b;
PACK *p;
PACK *ret;
// Validate arguments
if (r == NULL)
{
return false;
}
s = r->Sock;
if (RecvAll(s, &size, sizeof(UINT), s->SecureMode) == false)
{
return false;
}
size = Endian32(size);
if (size > MAX_PACK_SIZE)
{
return false;
}
tmp = MallocEx(size, true);
if (RecvAll(s, tmp, size, s->SecureMode) == false)
{
Free(tmp);
return false;
}
b = NewBuf();
WriteBuf(b, tmp, size);
SeekBuf(b, 0, 0);
Free(tmp);
p = BufToPack(b);
FreeBuf(b);
if (p == NULL)
{
return false;
}
ret = CallRpcDispatcher(r, p);
FreePack(p);
if (ret == NULL)
{
ret = PackError(ERR_NOT_SUPPORTED);
}
b = PackToBuf(ret);
FreePack(ret);
size = Endian32(b->Size);
SendAdd(s, &size, sizeof(UINT));
SendAdd(s, b->Buf, b->Size);
if (SendNow(s, s->SecureMode) == false)
{
FreeBuf(b);
return false;
}
FreeBuf(b);
return true;
}
// RPC server operation
void RpcServer(RPC *r)
{
SOCK *s;
// Validate arguments
if (r == NULL)
{
return;
}
s = r->Sock;
while (true)
{
// Wait for the next RPC call
if (RpcRecvNextCall(r) == false)
{
// Communication error
break;
}
}
}
// RPC call
PACK *RpcCall(RPC *r, char *function_name, PACK *p)
{
PACK *ret;
UINT num_retry = 0;
UINT err = 0;
// Validate arguments
if (r == NULL || function_name == NULL)
{
return NULL;
}
// Debug("RpcCall: %s\n", function_name);
Lock(r->Lock);
{
if (p == NULL)
{
p = NewPack();
}
PackAddStr(p, "function_name", function_name);
RETRY:
err = 0;
ret = RpcCallInternal(r, p);
if (ret == NULL)
{
if (r->IsVpnServer && r->Sock != NULL)
{
if (num_retry < 1)
{
num_retry++;
// Attempt to reconnect the RPC to the VPN Server
err = AdminReconnect(r);
if (err == ERR_NO_ERROR)
{
goto RETRY;
}
}
}
}
FreePack(p);
if (ret == NULL)
{
if (err == 0)
{
err = ERR_DISCONNECTED;
}
ret = PackError(err);
PackAddInt(ret, "error_code", err);
}
}
Unlock(r->Lock);
return ret;
}
// RPC internal call
PACK *RpcCallInternal(RPC *r, PACK *p)
{
BUF *b;
UINT size;
PACK *ret;
void *tmp;
// Validate arguments
if (r == NULL || p == NULL)
{
return NULL;
}
if (r->Sock == NULL)
{
return NULL;
}
b = PackToBuf(p);
size = Endian32(b->Size);
SendAdd(r->Sock, &size, sizeof(UINT));
SendAdd(r->Sock, b->Buf, b->Size);
FreeBuf(b);
if (SendNow(r->Sock, r->Sock->SecureMode) == false)
{
return NULL;
}
if (RecvAll(r->Sock, &size, sizeof(UINT), r->Sock->SecureMode) == false)
{
return NULL;
}
size = Endian32(size);
if (size > MAX_PACK_SIZE)
{
return NULL;
}
tmp = MallocEx(size, true);
if (RecvAll(r->Sock, tmp, size, r->Sock->SecureMode) == false)
{
Free(tmp);
return NULL;
}
b = NewBuf();
WriteBuf(b, tmp, size);
SeekBuf(b, 0, 0);
Free(tmp);
ret = BufToPack(b);
if (ret == NULL)
{
FreeBuf(b);
return NULL;
}
FreeBuf(b);
return ret;
}
// Start the RPC server
RPC *StartRpcServer(SOCK *s, RPC_DISPATCHER *dispatch, void *param)
{
RPC *r;
// Validate arguments
if (s == NULL)
{
return NULL;
}
r = ZeroMallocEx(sizeof(RPC), true);
r->Sock = s;
r->Param = param;
r->Lock = NewLock();
AddRef(s->ref);
r->ServerMode = true;
r->Dispatch = dispatch;
// Name generation
Format(r->Name, sizeof(r->Name), "RPC-%u", s->socket);
return r;
}
// Start the RPC client
RPC *StartRpcClient(SOCK *s, void *param)
{
RPC *r;
// Validate arguments
if (s == NULL)
{
return NULL;
}
r = ZeroMalloc(sizeof(RPC));
r->Sock = s;
r->Param = param;
r->Lock = NewLock();
AddRef(s->ref);
r->ServerMode = false;
return r;
}
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Remote.h
+127
View File
@@ -0,0 +1,127 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Remote.h
// Header of Remote.c
#ifndef REMOTE_H
#define REMOTE_H
// RPC execution function
typedef PACK *(RPC_DISPATCHER)(RPC *r, char *function_name, PACK *p);
// RPC object
struct RPC
{
SOCK *Sock; // Socket
bool ServerMode; // Server mode
RPC_DISPATCHER *Dispatch; // Execution routine
void *Param; // Parameters
bool ServerAdminMode; // Server management mode
char HubName[MAX_HUBNAME_LEN + 1]; // Managing HUB name
char Name[MAX_SIZE]; // RPC session name
LOCK *Lock; // Lock
bool IsVpnServer; // Whether VPN Server management RPC
CLIENT_OPTION VpnServerClientOption;
char VpnServerHubName[MAX_HUBNAME_LEN + 1];
UCHAR VpnServerHashedPassword[SHA1_SIZE];
char VpnServerClientName[MAX_PATH];
};
// Function prototype
RPC *StartRpcClient(SOCK *s, void *param);
RPC *StartRpcServer(SOCK *s, RPC_DISPATCHER *dispatch, void *param);
PACK *RpcCallInternal(RPC *r, PACK *p);
PACK *RpcCall(RPC *r, char *function_name, PACK *p);
void RpcServer(RPC *r);
bool RpcRecvNextCall(RPC *r);
PACK *CallRpcDispatcher(RPC *r, PACK *p);
void RpcError(PACK *p, UINT err);
bool RpcIsOk(PACK *p);
UINT RpcGetError(PACK *p);
void EndRpc(RPC *rpc);
void RpcFree(RPC *rpc);
#endif // REMOTE_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/SM.c
+20505
View File
File diff suppressed because it is too large Load Diff
src/Cedar/SM.h
+95
View File
@@ -0,0 +1,95 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// SM.h
// Header of SM.c
#ifndef SM_H
#define SM_H
void SMExec();
#endif // SM_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/SMInner.h
+801
View File
@@ -0,0 +1,801 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// SMInner.h
// The internal header of SM.c
// Constants
#define SM_REG_KEY "Software\\SoftEther Corporation\\PacketiX VPN\\Server Manager"
#define SM_CERT_REG_KEY "Software\\SoftEther Corporation\\PacketiX VPN\\Server Manager\\Cert Tool"
#define SM_SETTING_REG_KEY "Software\\SoftEther Corporation\\PacketiX VPN\\Server Manager\\Settings"
#define SM_LASTHUB_REG_KEY "Software\\SoftEther Corporation\\PacketiX VPN\\Server Manager\\Last HUB Name"
#define NAME_OF_VPN_SERVER_MANAGER "vpnsmgr"
#define NAME_OF_VPN_SERVER_TARGET "vpnserver@%s"
#define NAME_OF_VPN_BRIDGE_TARGET "vpnbridge@%s"
// Constants (Old value)
#define SM_SETTING_REG_KEY_OLD "Software\\SoftEther Corporation\\SoftEther VPN 2.0\\Server Manager\\Settings"
// Connection setting
typedef struct SETTING
{
wchar_t Title[MAX_SIZE]; // Setting Name
bool ServerAdminMode; // Server management mode
char HubName[MAX_HUBNAME_LEN + 1]; // HUB name
UCHAR HashedPassword[SHA1_SIZE]; // Password
CLIENT_OPTION ClientOption; // Client Option
UCHAR Reserved[10240 - sizeof(bool) * 8 - SHA1_SIZE]; // Reserved area
} SETTING;
// Structure declaration
typedef struct SM
{
CEDAR *Cedar; // Cedar
LIST *SettingList; // Setting List
SETTING *TempSetting; // Temporaly setting
HWND hParentWnd; // Parent window handle
WINUI_UPDATE *Update; // Updater
} SM;
// Edit connection settings
typedef struct SM_EDIT_SETTING
{
bool EditMode; // Edit mode
SETTING *OldSetting; // Pointer to the previous settings
SETTING *Setting; // Pointer to the configuration
bool Inited; // Initialized flag
} SM_EDIT_SETTING;
// Server management dialog
typedef struct SM_SERVER
{
RPC *Rpc; // RPC
char ServerName[MAX_HOST_NAME_LEN + 1]; // Server name
wchar_t Title[MAX_SIZE]; // Title
bool ServerAdminMode; // Server management mode
char HubName[MAX_HUBNAME_LEN + 1]; // HUB name
UINT ServerType; // Type of server
bool Bridge; // VPN Bridge product
UINT PolicyVer; // Policy version
RPC_SERVER_STATUS ServerStatus; // Server status
RPC_SERVER_INFO ServerInfo; // Server Information
CAPSLIST *CapsList; // Caps list
SETTING *CurrentSetting; // The current connection settings
wchar_t *AdminMsg; // Message for Administrators
bool IPsecMessageDisplayed; // Whether to have already displayed a message about IPsec
bool VgsMessageDisplayed; // Whether to have already displayed a message about VGS
WINUI_UPDATE *Update; // Update notification
bool IsInClient; // Within VPN Client mode
} SM_SERVER;
typedef void (SM_STATUS_INIT_PROC)(HWND hWnd, SM_SERVER *p, void *param);
typedef bool (SM_STATUS_REFRESH_PROC)(HWND hWnd, SM_SERVER *p, void *param);
// Information display dialog
typedef struct SM_STATUS
{
SM_SERVER *p; // Pointer to the P
void *Param; // Parameter
UINT Icon; // Icon
wchar_t *Caption; // Title
bool show_refresh_button; // Show Updates button
bool NoImage; // No image
SM_STATUS_INIT_PROC *InitProc;
SM_STATUS_REFRESH_PROC *RefreshProc;
} SM_STATUS;
// Virtual HUB edit dialog
typedef struct SM_EDIT_HUB
{
SM_SERVER *p; // P
bool EditMode; // Edit mode
char HubName[MAX_HUBNAME_LEN + 1]; // HUB name
} SM_EDIT_HUB;
// SSL related
typedef struct SM_SSL
{
SM_SERVER *p; // P
X *Cert; // Certificate
K *Key; // Secret key
bool SetCertAndKey; // Set the key
} SM_SSL;
// Save the certificate
typedef struct SM_SAVE_KEY_PAIR
{
X *Cert; // Certificate
K *Key; // Secret key
char *Pass; // Passphrase
} SM_SAVE_KEY_PAIR;
// Connection information
typedef struct SM_CONNECTION_INFO
{
SM_SERVER *p; // P
char *ConnectionName; // Connection name
} SM_CONNECTION_INFO;
// Management of HUB
typedef struct SM_HUB
{
SM_SERVER *p; // P
RPC *Rpc; // RPC
char *HubName; // HUB name
} SM_HUB;
// Show the User list
typedef struct SM_USER
{
SM_SERVER *p; // P
RPC *Rpc; // RPC
SM_HUB *Hub; // HUB
char *GroupName; // Filter by group name
bool SelectMode; // Selection mode
char *SelectedName; // User name of the selected
bool AllowGroup; // Allow selection of group
bool CreateNow; // Create a user immediately
} SM_USER;
// Edit the User
typedef struct SM_EDIT_USER
{
bool Inited; // Initialized flag
bool EditMode; // Edit mode
SM_SERVER *p; // P
RPC *Rpc; // RPC
SM_HUB *Hub; // HUB
RPC_SET_USER SetUser; // Configure the User
} SM_EDIT_USER;
// User information
typedef struct SM_USER_INFO
{
SM_SERVER *p; // P
RPC *Rpc; // RPC
SM_HUB *Hub; // HUB
char *Username; // Username
} SM_USER_INFO;
// Policy
typedef struct SM_POLICY
{
bool Inited; // Initialize
POLICY *Policy; // Policy
wchar_t *Caption; // Title
bool CascadeMode; // Cascade mode
UINT Ver; // Version
} SM_POLICY;
// Show the Group list
typedef struct SM_GROUP
{
SM_SERVER *p; // P
RPC *Rpc; // RPC
SM_HUB *Hub; // HUB
bool SelectMode; // Selection mode
char *SelectedGroupName; // Group name of the selected
} SM_GROUP;
// Edit the Group
typedef struct SM_EDIT_GROUP
{
bool Inited; // Initialization flag
bool EditMode; // Edit mode
SM_SERVER *p; // P
RPC *Rpc; // RPC
SM_HUB *Hub; // HUB
RPC_SET_GROUP SetGroup; // Group Settings
} SM_EDIT_GROUP;
// Access list
typedef struct SM_ACCESS_LIST
{
RPC *Rpc; // RPC
SM_HUB *Hub; // HUB
LIST *AccessList; // Access list
} SM_ACCESS_LIST;
// Edit the access list
typedef struct SM_EDIT_ACCESS
{
SM_HUB *Hub; // HUB
bool Inited; // Initialization flag
bool EditMode; // Edit mode
SM_ACCESS_LIST *AccessList; // Access list
ACCESS *Access; // Access list item
} SM_EDIT_ACCESS;
// Display status of the access list
typedef struct SM_LINK
{
SM_HUB *Hub; // HUB
wchar_t *AccountName; // Account name
} SM_LINK;
// Session status
typedef struct SM_SESSION_STATUS
{
SM_HUB *Hub; // HUB
char *SessionName; // Session name
} SM_SESSION_STATUS;
// Address table
typedef struct SM_TABLE
{
SM_HUB *Hub; // HUB
RPC *Rpc; // RPC
char *SessionName; // Session name
} SM_TABLE;
// Certificate tool
typedef struct SM_CERT
{
X *x; // Generated certificate
K *k; // Generated secret key
X *root_x; // Root certificate
K *root_k; // Private key of the root certificate
bool do_not_save; // Do not save to the file
char *default_cn; // Default CN
bool root_only; // Only the root certificate
} SM_CERT;
// Config edit
typedef struct SM_CONFIG
{
SM_SERVER *s; // SM_SERVER
RPC_CONFIG Config; // Config body
} SM_CONFIG;
// Hub_admin_option edit
typedef struct SM_EDIT_AO
{
SM_EDIT_HUB *e;
bool CanChange;
RPC_ADMIN_OPTION CurrentOptions;
RPC_ADMIN_OPTION DefaultOptions;
bool NewMode;
char Name[MAX_ADMIN_OPTION_NAME_LEN + 1];
UINT Value;
bool ExtOption;
} SM_EDIT_AO;
// Editing the switch
typedef struct SM_L3SW
{
SM_SERVER *s;
char *SwitchName;
bool Enable;
} SM_L3SW;
// Specify the certificate and private key in the smart card
typedef struct SM_SECURE_KEYPAIR
{
UINT Id;
bool UseCert;
bool UseKey;
char CertName[MAX_SIZE];
char KeyName[MAX_SIZE];
bool Flag;
UINT BitmapId;
} SM_SECURE_KEYPAIR;
// CRL edit
typedef struct SM_EDIT_CRL
{
SM_HUB *s;
bool NewCrl;
UINT Key;
} SM_EDIT_CRL;
// AC list edit
typedef struct SM_EDIT_AC_LIST
{
SM_EDIT_HUB *s;
LIST *AcList;
} SM_EDIT_AC_LIST;
// AC edit
typedef struct SM_EDIT_AC
{
SM_EDIT_AC_LIST *e;
UINT id;
} SM_EDIT_AC;
// Download the log File
typedef struct SM_READ_LOG_FILE
{
HWND hWnd;
SM_SERVER *s;
char *server_name;
char *filepath;
UINT totalsize;
bool cancel_flag;
BUF *Buffer;
} SM_READ_LOG_FILE;
// Setup dialog
typedef struct SM_SETUP
{
SM_SERVER *s;
RPC *Rpc;
bool IsBridge;
bool UseRemote; // Remote Access VPN
bool UseSite; // LAN-to-LAN VPN
bool UseSiteEdge; // VPN Server / Bridge to be installed in each site
char HubName[MAX_HUBNAME_LEN + 1]; // Virtual HUB name
bool Flag1;
bool Flag2;
} SM_SETUP;
// EtherIP ID edit dialog
typedef struct SM_ETHERIP_ID
{
SM_SERVER *s;
bool EditMode;
char EditId[MAX_SIZE];
bool InitCompleted;
ETHERIP_ID Data;
} SM_ETHERIP_ID;
// DDNS dialog
typedef struct SM_DDNS
{
SM_SERVER *s;
DDNS_CLIENT_STATUS Status;
bool Flag;
bool HostnameSetFlag;
bool Changed;
bool Silent;
bool NoChangeCert;
bool DoNotPoll;
} SM_DDNS;
// VPN Azure dialog
typedef struct SM_AZURE
{
SM_SERVER *s;
bool OnSetup;
} SM_AZURE;
// Function prototype
void InitSM();
void InitSMEx(bool from_cm);
void SmParseCommandLine();
void MainSM();
void FreeSM();
void FreeSMEx(bool from_cm);
void SmMainDlg();
UINT SmMainDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmMainDlgInit(HWND hWnd);
void SmMainDlgUpdate(HWND hWnd);
void SmInitSettingList();
void SmFreeSettingList();
void SmWriteSettingList();
void SmLoadSettingList();
void SmInitDefaultSettingList();
int SmCompareSetting(void *p1, void *p2);
SETTING *SmGetSetting(wchar_t *title);
bool SmAddSetting(SETTING *s);
void SmDeleteSetting(wchar_t *title);
bool SmCheckNewName(SETTING *s, wchar_t *new_title);
void SmRefreshSetting(HWND hWnd);
void SmRefreshSettingEx(HWND hWnd, wchar_t *select_name);
bool SmAddSettingDlg(HWND hWnd, wchar_t *new_name, UINT new_name_size);
bool SmEditSettingDlg(HWND hWnd);
UINT SmEditSettingDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmEditSettingDlgInit(HWND hWnd, SM_EDIT_SETTING *p);
void SmEditSettingDlgUpdate(HWND hWnd, SM_EDIT_SETTING *p);
void SmEditSettingDlgOnOk(HWND hWnd, SM_EDIT_SETTING *p);
void SmConnect(HWND hWnd, SETTING *s);
void SmConnectEx(HWND hWnd, SETTING *s, bool is_in_client);
char *SmPassword(HWND hWnd, char *server_name);
UINT SmServerDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmServerDlgInit(HWND hWnd, SM_SERVER *p);
void SmServerDlgUpdate(HWND hWnd, SM_SERVER *p);
void SmServerDlgRefresh(HWND hWnd, SM_SERVER *p);
void SmStatusDlg(HWND hWnd, SM_SERVER *p, void *param, bool no_image, bool show_refresh_button, wchar_t *caption, UINT icon,
SM_STATUS_INIT_PROC *init, SM_STATUS_REFRESH_PROC *refresh);
UINT SmStatusDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
bool SmRefreshHubStatus(HWND hWnd, SM_SERVER *p, void *param);
void SmInsertTrafficInfo(LVB *b, TRAFFIC *t);
bool SmCreateHubDlg(HWND hWnd, SM_SERVER *p);
bool SmEditHubDlg(HWND hWnd, SM_SERVER *p, char *hubname);
UINT SmEditHubProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmEditHubInit(HWND hWnd, SM_EDIT_HUB *s);
void SmEditHubUpdate(HWND hWnd, SM_EDIT_HUB *s);
void SmEditHubOnOk(HWND hWnd, SM_EDIT_HUB *s);
bool SmCreateListenerDlg(HWND hWnd, SM_SERVER *p);
UINT SmCreateListenerDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmSslDlg(HWND hWnd, SM_SERVER *p);
UINT SmSslDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmSslDlgInit(HWND hWnd, SM_SSL *s);
void SmSslDlgOnOk(HWND hWnd, SM_SSL *s);
void SmSslDlgUpdate(HWND hWnd, SM_SSL *s);
void SmGetCertInfoStr(wchar_t *str, UINT size, X *x);
bool SmRegenerateServerCert(HWND hWnd, SM_SERVER *server, char *default_cn, X **x, K **k, bool root_only);
bool SmSaveKeyPairDlg(HWND hWnd, X *x, K *k);
UINT SmSaveKeyPairDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmSaveKeyPairDlgInit(HWND hWnd, SM_SAVE_KEY_PAIR *s);
void SmSaveKeyPairDlgUpdate(HWND hWnd, SM_SAVE_KEY_PAIR *s);
void SmSaveKeyPairDlgOnOk(HWND hWnd, SM_SAVE_KEY_PAIR *s);
bool SmRefreshServerStatus(HWND hWnd, SM_SERVER *p, void *param);
bool SmRefreshServerInfo(HWND hWnd, SM_SERVER *p, void *param);
void SmPrintNodeInfo(LVB *b, NODE_INFO *info);
wchar_t *SmGetConnectionTypeStr(UINT type);
void SmConnectionDlg(HWND hWnd, SM_SERVER *p);
UINT SmConnectionDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmConnectionDlgInit(HWND hWnd, SM_SERVER *p);
void SmConnectionDlgRefresh(HWND hWnd, SM_SERVER *p);
void SmConnectionDlgUpdate(HWND hWnd, SM_SERVER *p);
bool SmRefreshConnectionStatus(HWND hWnd, SM_SERVER *p, void *param);
bool SmFarmDlg(HWND hWnd, SM_SERVER *p);
UINT SmFarmDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmFarmDlgInit(HWND hWnd, SM_SERVER *p);
void SmFarmDlgUpdate(HWND hWnd, SM_SERVER *p);
void SmFarmDlgOnOk(HWND hWnd, SM_SERVER *p);
LIST *SmStrToPortList(char *str);
UINT SmFarmMemberDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmFarmMemberDlgInit(HWND hWnd, SM_SERVER *p);
void SmFarmMemberDlgUpdate(HWND hWnd, SM_SERVER *p);
void SmFarmMemberDlgRefresh(HWND hWnd, SM_SERVER *p);
void SmFarmMemberDlgOnOk(HWND hWnd, SM_SERVER *p);
void SmFarmMemberCert(HWND hWnd, SM_SERVER *p, UINT id);
bool SmRefreshFarmMemberInfo(HWND hWnd, SM_SERVER *p, void *param);
bool SmRefreshFarmConnectionInfo(HWND hWnd, SM_SERVER *p, void *param);
UINT SmChangeServerPasswordDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmHubDlg(HWND hWnd, SM_HUB *s);
UINT SmHubDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmHubDlgInit(HWND hWnd, SM_HUB *s);
void SmHubDlgUpdate(HWND hWnd, SM_HUB *s);
void SmHubDlgRefresh(HWND hWnd, SM_HUB *s);
void SmUserListDlg(HWND hWnd, SM_HUB *s);
UINT SmUserListProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmUserListInit(HWND hWnd, SM_USER *s);
void SmUserListRefresh(HWND hWnd, SM_USER *s);
void SmUserListUpdate(HWND hWnd, SM_USER *s);
wchar_t *SmGetAuthTypeStr(UINT id);
bool SmCreateUserDlg(HWND hWnd, SM_HUB *s);
UINT SmEditUserDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmEditUserDlgInit(HWND hWnd, SM_EDIT_USER *s);
void SmEditUserDlgUpdate(HWND hWnd, SM_EDIT_USER *s);
void SmEditUserDlgOk(HWND hWnd, SM_EDIT_USER *s);
bool SmPolicyDlg(HWND hWnd, POLICY *p, wchar_t *caption);
bool SmPolicyDlgEx(HWND hWnd, POLICY *p, wchar_t *caption, bool cascade_mode);
bool SmPolicyDlgEx2(HWND hWnd, POLICY *p, wchar_t *caption, bool cascade_mode, UINT ver);
UINT SmPolicyDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmPolicyDlgInit(HWND hWnd, SM_POLICY *s);
void SmPolicyDlgUpdate(HWND hWnd, SM_POLICY *s);
void SmPolicyDlgOk(HWND hWnd, SM_POLICY *s);
bool SmEditUserDlg(HWND hWnd, SM_HUB *s, char *username);
bool SmRefreshUserInfo(HWND hWnd, SM_SERVER *s, void *param);
void SmGroupListDlg(HWND hWnd, SM_HUB *s);
char *SmSelectGroupDlg(HWND hWnd, SM_HUB *s, char *default_name);
UINT SmGroupListDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmGroupListDlgInit(HWND hWnd, SM_GROUP *s);
void SmGroupListDlgUpdate(HWND hWnd, SM_GROUP *s);
void SmGroupListDlgRefresh(HWND hWnd, SM_GROUP *s);
bool SmCreateGroupDlg(HWND hWnd, SM_GROUP *s);
bool SmEditGroupDlg(HWND hWnd, SM_GROUP *s, char *name);
UINT SmEditGroupDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmEditGroupDlgInit(HWND hWnd, SM_EDIT_GROUP *g);
void SmEditGroupDlgUpdate(HWND hWnd, SM_EDIT_GROUP *g);
void SmEditGroupDlgOnOk(HWND hWnd, SM_EDIT_GROUP *g);
void SmUserListDlgEx(HWND hWnd, SM_HUB *s, char *groupname, bool create);
void SmAccessListDlg(HWND hWnd, SM_HUB *s);
UINT SmAccessListProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmAccessListInit(HWND hWnd, SM_ACCESS_LIST *s);
void SmAccessListUpdate(HWND hWnd, SM_ACCESS_LIST *s);
void SmAccessListRefresh(HWND hWnd, SM_ACCESS_LIST *s);
bool SmAddAccess(HWND hWnd, SM_ACCESS_LIST *s, bool ipv6);
bool SmCloneAccess(HWND hWnd, SM_ACCESS_LIST *s, ACCESS *t);
bool SmEditAccess(HWND hWnd, SM_ACCESS_LIST *s, ACCESS *a);
UINT SmEditAccessDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmEditAccessInit(HWND hWnd, SM_EDIT_ACCESS *s);
void SmEditAccessUpdate(HWND hWnd, SM_EDIT_ACCESS *s);
void SmEditAccessOnOk(HWND hWnd, SM_EDIT_ACCESS *s);
void SmRedirect(HWND hWnd, SM_EDIT_ACCESS *s);
UINT SmRedirectDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmRedirectDlgInit(HWND hWnd, SM_EDIT_ACCESS *s);
void SmRedirectDlgUpdate(HWND hWnd, SM_EDIT_ACCESS *s);
UINT SmSimulationDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmSimulationUpdate(HWND hWnd, SM_EDIT_ACCESS *s);
void SmSimulationInit(HWND hWnd, SM_EDIT_ACCESS *s);
void SmSimulationOnOk(HWND hWnd, SM_EDIT_ACCESS *s);
char *SmSelectUserDlg(HWND hWnd, SM_HUB *s, char *default_name);
char *SmSelectUserDlgEx(HWND hWnd, SM_HUB *s, char *default_name, bool allow_group);
void SmRadiusDlg(HWND hWnd, SM_HUB *s);
UINT SmRadiusDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmRadiusDlgInit(HWND hWnd, SM_HUB *s);
void SmRadiusDlgUpdate(HWND hWnd, SM_HUB *s);
void SmRadiusDlgOnOk(HWND hWnd, SM_HUB *s);
void SmLinkDlg(HWND hWnd, SM_HUB *s);
void SmLinkDlgEx(HWND hWnd, SM_HUB *s, bool createNow);
UINT SmLinkDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmLinkDlgInit(HWND hWnd, SM_HUB *s);
void SmLinkDlgUpdate(HWND hWnd, SM_HUB *s);
void SmLinkDlgRefresh(HWND hWnd, SM_HUB *s);
bool SmLinkCreate(HWND hWnd, SM_HUB *s);
bool SmLinkCreateEx(HWND hWnd, SM_HUB *s, bool connectNow);
bool SmLinkEdit(HWND hWnd, SM_HUB *s, wchar_t *name);
bool SmRefreshLinkStatus(HWND hWnd, SM_SERVER *s, void *param);
UINT SmLogDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmLogDlgInit(HWND hWnd, SM_HUB *s);
void SmLogDlgUpdate(HWND hWnd, SM_HUB *s);
void SmLogDlgOnOk(HWND hWnd, SM_HUB *s);
void SmCaDlg(HWND hWnd, SM_HUB *s);
UINT SmCaDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmCaDlgInit(HWND hWnd, SM_HUB *s);
void SmCaDlgRefresh(HWND hWnd, SM_HUB *s);
void SmCaDlgUpdate(HWND hWnd, SM_HUB *s);
void SmCaDlgOnOk(HWND hWnd, SM_HUB *s);
bool SmCaDlgAdd(HWND hWnd, SM_HUB *s);
void SmSessionDlg(HWND hWnd, SM_HUB *s);
UINT SmSessionDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmSessionDlgInit(HWND hWnd, SM_HUB *s);
void SmSessionDlgUpdate(HWND hWnd, SM_HUB *s);
void SmSessionDlgRefresh(HWND hWnd, SM_HUB *s);
bool SmRefreshSessionStatus(HWND hWnd, SM_SERVER *s, void *param);
void SmMacTableDlg(HWND hWnd, SM_HUB *s, char *session_name);
UINT SmMacTableDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmMacTableDlgInit(HWND hWnd, SM_TABLE *s);
void SmMacTableDlgUpdate(HWND hWnd, SM_TABLE *s);
void SmMacTableDlgRefresh(HWND hWnd, SM_TABLE *s);
void SmIpTableDlg(HWND hWnd, SM_HUB *s, char *session_name);
UINT SmIpTableDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmIpTableDlgInit(HWND hWnd, SM_TABLE *s);
void SmIpTableDlgUpdate(HWND hWnd, SM_TABLE *s);
void SmIpTableDlgRefresh(HWND hWnd, SM_TABLE *s);
bool SmCreateCert(HWND hWnd, X **x, K **k, bool do_not_save, char *default_cn, bool root_only);
UINT SmCreateCertDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmCreateCertDlgInit(HWND hWnd, SM_CERT *s);
void SmCreateCertDlgUpdate(HWND hWnd, SM_CERT *s);
void SmCreateCertDlgOnOk(HWND hWnd, SM_CERT *s);
UINT SmSNATDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmSNATDlgUpdate(HWND hWnd, SM_HUB *s);
void SmBridgeDlg(HWND hWnd, SM_SERVER *s);
void SmInstallWinPcap(HWND hWnd, SM_SERVER *s);
UINT SmBridgeDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
UINT SmBridgeDlgInit(HWND hWnd, SM_SERVER *s);
void SmBridgeDlgUpdate(HWND hWnd, SM_SERVER *s);
void SmBridgeDlgRefresh(HWND hWnd, SM_SERVER *s);
void SmBridgeDlgOnOk(HWND hWnd, SM_SERVER *s);
void SmAddServerCaps(LVB *b, CAPSLIST *t);
void SmConfig(HWND hWnd, SM_SERVER *s);
UINT SmConfigDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmConfigDlgInit(HWND hWnd, SM_CONFIG *c);
void SmHubAdminOption(HWND hWnd, SM_EDIT_HUB *e);
void SmHubExtOption(HWND hWnd, SM_EDIT_HUB *e);
UINT SmHubAdminOptionDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmHubAdminOptionDlgUpdate(HWND hWnd, SM_EDIT_AO *a);
void SmHubAdminOptionDlgInit(HWND hWnd, SM_EDIT_AO *a);
void SmHubAdminOptionDlgOk(HWND hWnd, SM_EDIT_AO *a);
UINT SmHubAdminOptionValueDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmHubAdminOptionValueDlgUpdate(HWND hWnd, SM_EDIT_AO *a);
void SmL3(HWND hWnd, SM_SERVER *s);
UINT SmL3Dlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmL3DlgInit(HWND hWnd, SM_SERVER *s);
void SmL3DlgUpdate(HWND hWnd, SM_SERVER *s);
void SmL3DlgRefresh(HWND hWnd, SM_SERVER *s);
UINT SmL3AddDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmL3AddDlgUpdate(HWND hWnd, SM_SERVER *s);
UINT SmL3SwDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmL3SwDlgInit(HWND hWnd, SM_L3SW *w);
void SmL3SwDlgUpdate(HWND hWnd, SM_L3SW *w);
void SmL3SwDlgRefresh(HWND hWnd, SM_L3SW *w);
UINT SmL3SwIfDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmL3SwIfDlgInit(HWND hWnd, SM_L3SW *w);
void SmL3SwIfDlgUpdate(HWND hWnd, SM_L3SW *w);
UINT SmL3SwTableDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmL3SwTableDlgInit(HWND hWnd, SM_L3SW *w);
void SmL3SwTableDlgUpdate(HWND hWnd, SM_L3SW *w);
bool SmL3IsSwActive(SM_SERVER *s, char *name);
UINT SmGetCurrentSecureId(HWND hWnd);
UINT SmGetCurrentSecureIdFromReg();
UINT SmSelectSecureId(HWND hWnd);
void SmWriteSelectSecureIdReg(UINT id);
bool SmSelectKeyPair(HWND hWnd, char *cert_name, UINT cert_name_size, char *key_name, UINT key_name_size);
bool SmSelectKeyPairEx(HWND hWnd, char *cert_name, UINT cert_name_size, char *key_name, UINT key_name_size, UINT bitmap_id);
UINT SmSelectKeyPairDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmSelectKeyPairDlgInit(HWND hWnd, SM_SECURE_KEYPAIR *k);
void SmSelectKeyPairDlgUpdate(HWND hWnd, SM_SECURE_KEYPAIR *k);
void SmSelectKeyPairDlgRefresh(HWND hWnd, SM_SECURE_KEYPAIR *k);
void SmSecureManager(HWND hWnd);
UINT SmCrlDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmCrlDlgInit(HWND hWnd, SM_HUB *s);
void SmCrlDlgUpdate(HWND hWnd, SM_HUB *s);
void SmCrlDlgRefresh(HWND hWnd, SM_HUB *s);
UINT SmEditCrlDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmEditCrlDlgInit(HWND hWnd, SM_EDIT_CRL *c);
void SmEditCrlDlgUpdate(HWND hWnd, SM_EDIT_CRL *c);
void SmEditCrlDlgOnOk(HWND hWnd, SM_EDIT_CRL *c);
void SmEditCrlDlgOnLoad(HWND hWnd, SM_EDIT_CRL *c);
void SmEditCrlDlgSetName(HWND hWnd, NAME *name);
void SmEditCrlDlgSetSerial(HWND hWnd, X_SERIAL *serial);
void SmEditCrlDlgSetHash(HWND hWnd, UCHAR *hash_md5, UCHAR *hash_sha1);
void SmHubAc(HWND hWnd, SM_EDIT_HUB *s);
UINT SmHubAcDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmHubAcDlgInit(HWND hWnd, SM_EDIT_AC_LIST *p);
void SmHubAcDlgUpdate(HWND hWnd, SM_EDIT_AC_LIST *p);
void SmHubAcDlgRefresh(HWND hWnd, SM_EDIT_AC_LIST *p);
UINT SmHubEditAcDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmHubEditAcDlgInit(HWND hWnd, SM_EDIT_AC *p);
void SmHubEditAcDlgUpdate(HWND hWnd, SM_EDIT_AC *p);
void SmHubEditAcDlgOnOk(HWND hWnd, SM_EDIT_AC *p);
UINT SmLogFileDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmLogFileDlgInit(HWND hWnd, SM_SERVER *p);
void SmLogFileDlgRefresh(HWND hWnd, SM_SERVER *p);
void SmLogFileDlgUpdate(HWND hWnd, SM_SERVER *p);
void SmLogFileStartDownload(HWND hWnd, SM_SERVER *s, char *server_name, char *filepath, UINT totalsize);
UINT SmReadLogFile(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
bool SmReadLogFileProc(DOWNLOAD_PROGRESS *g);
UINT SmSaveLogProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmLicense(HWND hWnd, SM_SERVER *s);
UINT SmLicenseDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmLicenseDlgInit(HWND hWnd, SM_SERVER *s);
void SmLicenseDlgRefresh(HWND hWnd, SM_SERVER *s);
void SmLicenseDlgUpdate(HWND hWnd, SM_SERVER *s);
bool SmLicenseAdd(HWND hWnd, SM_SERVER *s);
UINT SmLicenseAddDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmLicenseAddDlgInit(HWND hWnd, SM_SERVER *s);
void SmLicenseAddDlgUpdate(HWND hWnd, SM_SERVER *s);
void SmLicenseAddDlgShiftTextItem(HWND hWnd, UINT id1, UINT id2, UINT *next_focus);
void SmLicenseAddDlgGetText(HWND hWnd, char *str, UINT size);
void SmLicenseAddDlgOnOk(HWND hWnd, SM_SERVER *s);
bool SmSetup(HWND hWnd, SM_SERVER *s);
UINT SmSetupDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmSetupDlgInit(HWND hWnd, SM_SETUP *s);
void SmSetupDlgUpdate(HWND hWnd, SM_SETUP *s);
void SmSetupDlgOnOk(HWND hWnd, SM_SETUP *s);
UINT SmSetupHubDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmSetupHubDlgUpdate(HWND hWnd, SM_SETUP *s);
bool SmSetupInit(HWND hWnd, SM_SETUP *s);
bool SmSetupDeleteAllHub(HWND hWnd, SM_SETUP *s);
bool SmSetupDeleteAllLocalBridge(HWND hWnd, SM_SETUP *s);
bool SmSetupDeleteAllLayer3(HWND hWnd, SM_SETUP *s);
bool SmSetupDeleteAllObjectInBridgeHub(HWND hWnd, SM_SETUP *s);
void SmSetupStep(HWND hWnd, SM_SETUP *s);
UINT SmSetupStepDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmSetupStepDlgInit(HWND hWnd, SM_SETUP *s);
void SmSetupOnClose(HWND hWnd, SM_SETUP *s);
bool SmSetupIsNew(SM_SERVER *s);
void SmVLan(HWND hWnd, SM_SERVER *s);
UINT SmVLanDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmVLanDlgInit(HWND hWnd, SM_SERVER *s);
void SmVLanDlgRefresh(HWND hWnd, SM_SERVER *s);
void SmVLanDlgUpdate(HWND hWnd, SM_SERVER *s);
void SmHubMsg(HWND hWnd, SM_EDIT_HUB *s);
UINT SmHubMsgDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmHubMsgDlgInit(HWND hWnd, SM_EDIT_HUB *s);
void SmHubMsgDlgUpdate(HWND hWnd, SM_EDIT_HUB *s);
void SmHubMsgDlgOnOk(HWND hWnd, SM_EDIT_HUB *s);
void SmIPsec(HWND hWnd, SM_SERVER *s);
UINT SmIPsecDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmIPsecDlgInit(HWND hWnd, SM_SERVER *s);
void SmIPsecDlgOnOk(HWND hWnd, SM_SERVER *s);
void SmIPsecDlgUpdate(HWND hWnd, SM_SERVER *s);
void SmIPsecDlgGetSetting(HWND hWnd, IPSEC_SERVICES *sl);
void SmEtherIp(HWND hWnd, SM_SERVER *s);
UINT SmEtherIpDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmEtherIpDlgInit(HWND hWnd, SM_SERVER *s);
void SmEtherIpDlgRefresh(HWND hWnd, SM_SERVER *s);
void SmEtherIpDlgUpdate(HWND hWnd, SM_SERVER *s);
bool SmEtherIpId(HWND hWnd, SM_ETHERIP_ID *t);
UINT SmEtherIpIdDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmEtherIpIdDlgInit(HWND hWnd, SM_ETHERIP_ID *t);
void SmEtherIpIdDlgOnOk(HWND hWnd, SM_ETHERIP_ID *t);
void SmEtherIpIdDlgUpdate(HWND hWnd, SM_ETHERIP_ID *t);
void SmEtherIpIdDlgGetSetting(HWND hWnd, SM_ETHERIP_ID *t);
bool SmDDns(HWND hWnd, SM_SERVER *s, bool silent, bool no_change_cert);
UINT SmDDnsDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmDDnsDlgInit(HWND hWnd, SM_DDNS *d);
void SmDDnsRefresh(HWND hWnd, SM_DDNS *d);
void SmDDnsDlgOnOk(HWND hWnd, SM_DDNS *d);
void SmDDnsDlgUpdate(HWND hWnd, SM_DDNS *d);
void SmOpenVpn(HWND hWnd, SM_SERVER *s);
UINT SmOpenVpnDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmOpenVpnDlgInit(HWND hWnd, SM_SERVER *s);
void SmOpenVpnDlgOnOk(HWND hWnd, SM_SERVER *s, bool no_close);
void SmOpenVpnDlgUpdate(HWND hWnd, SM_SERVER *s);
void SmOpenVpn(HWND hWnd, SM_SERVER *s);
void SmSpecialListener(HWND hWnd, SM_SERVER *s);
UINT SmSpecialListenerDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmSpecialListenerDlgInit(HWND hWnd, SM_SERVER *s);
void SmSpecialListenerDlgOnOk(HWND hWnd, SM_SERVER *s);
void SmShowIPSecMessageIfNecessary(HWND hWnd, SM_SERVER *p);
UINT SmVmBridgeDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmAzure(HWND hWnd, SM_SERVER *s, bool on_setup);
UINT SmAzureDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmAzureDlgOnInit(HWND hWnd, SM_AZURE *a);
void SmAzureDlgRefresh(HWND hWnd, SM_AZURE *a);
void SmAzureSetStatus(HWND hWnd, SM_AZURE *a);
bool SmProxy(HWND hWnd, INTERNET_SETTING *t);
UINT SmProxyDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
void SmProxyDlgInit(HWND hWnd, INTERNET_SETTING *t);
void SmProxyDlgUpdate(HWND hWnd, INTERNET_SETTING *t);
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/SW.c
+6569
View File
File diff suppressed because it is too large Load Diff
src/Cedar/SW.h
+105
View File
@@ -0,0 +1,105 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// SW.h
// Header of SW.c
#ifndef SW_H
#define SW_H
#define SW_REG_KEY "Software\\" GC_REG_COMPANY_NAME "\\Setup Wizard Settings"
UINT SWExec();
UINT SWExecMain();
LIST *SwNewSfxFileList();
void SwFreeSfxFileList(LIST *o);
bool SwAddBasicFilesToList(LIST *o, char *component_name);
bool SwCompileSfx(LIST *o, wchar_t *dst_filename);
bool SwGenSfxModeMain(char *mode, wchar_t *dst);
bool SwWaitForVpnClientPortReady(UINT timeout);
#endif // SW_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/SWInner.h
+425
View File
@@ -0,0 +1,425 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// SWInner.h
// Header of SW.c (for internal use)
#ifndef SW_INNER_H
#define SW_INNER_H
// Component string
#define SW_NAME_VPNSERVER "vpnserver"
#define SW_LONG_VPNSERVER _UU("SW_LONG_VPNSERVER")
#define SW_NAME_VPNCLIENT "vpnclient"
#define SW_LONG_VPNCLIENT _UU("SW_LONG_VPNCLIENT")
#define SW_NAME_VPNBRIDGE "vpnbridge"
#define SW_LONG_VPNBRIDGE _UU("SW_LONG_VPNBRIDGE")
#define SW_NAME_VPNSMGR "vpnsmgr"
#define SW_LONG_VPNSMGR _UU("SW_LONG_VPNSMGR")
#define SW_NAME_VPNCMGR "vpncmgr"
#define SW_LONG_VPNCMGR _UU("SW_LONG_VPNCMGR")
#define SW_VPN_CLIENT_UIHELPER_REGVALUE GC_SW_UIHELPER_REGVALUE
#define SW_VPN_CLIENT_EXT_REGKEY "SOFTWARE\\Classes\\.vpn"
#define SW_VPN_CLIENT_EXT_REGVALUE "vpnfile"
#define SW_VPN_CLIENT_EXT_REGKEY_SUB1 "SOFTWARE\\Classes\\.vpn\\vpnfile"
#define SW_VPN_CLIENT_EXT_REGKEY_SUB2 "SOFTWARE\\Classes\\.vpn\\vpnfile\\ShellNew"
#define SW_VPN_CLIENT_VPNFILE_REGKEY "SOFTWARE\\Classes\\vpnfile"
#define SW_VPN_CLIENT_VPNFILE_REGVALUE "VPN Client Connection Setting File"
#define SW_VPN_CLIENT_VPNFILE_ICON_REGKEY "SOFTWARE\\Classes\\vpnfile\\DefaultIcon"
#define SW_VPN_CLIENT_VPNFILE_SHELLOPEN_CMD_REGKEY "SOFTWARE\\Classes\\vpnfile\\shell\\open\\command"
#define SW_VPN_CLIENT_VPNFILE_SHELLOPEN_CMD_REGKEY_SUB1 "SOFTWARE\\Classes\\vpnfile\\shell\\open"
#define SW_VPN_CLIENT_VPNFILE_SHELLOPEN_CMD_REGKEY_SUB2 "SOFTWARE\\Classes\\vpnfile\\shell"
#define SW_REG_KEY_EULA "Software\\" GC_REG_COMPANY_NAME "\\Setup Wizard Settings\\Eula"
// Component ID
#define SW_CMP_VPN_SERVER 1 // VPN Server
#define SW_CMP_VPN_CLIENT 2 // VPN Client
#define SW_CMP_VPN_BRIDGE 3 // VPN Bridge
#define SW_CMP_VPN_SMGR 4 // VPN Server Manager (Tools Only)
#define SW_CMP_VPN_CMGR 5 // VPN Client Manager (Tools Only)
// Exit code
#define SW_EXIT_CODE_USER_CANCEL 1000000001 // Cancel by the user
#define SW_EXIT_CODE_INTERNAL_ERROR 1000000002 // Internal error
// Special messages to be used in the setup wizard
#define WM_SW_BASE (WM_APP + 251)
#define WM_SW_INTERACT_UI (WM_SW_BASE + 0) // UI processing
#define WM_SW_EXIT (WM_SW_BASE + 1) // Close
// Automatic connection setting file
#define SW_AUTO_CONNECT_ACCOUNT_FILE_NAME "auto_connect.vpn"
#define SW_AUTO_CONNECT_ACCOUNT_FILE_NAME_W L"auto_connect.vpn"
// Installer cache file to be stored in the VPN Client installation folder
#define SW_SFX_CACHE_FILENAME L"installer.cache"
// Flag file
#define SW_FLAG_EASY_MODE "easy_mode.flag"
#define SW_FLAG_EASY_MODE_2 "@easy_mode.flag"
// Multiple-starts prevention name
#define SW_SINGLE_INSTANCE_NAME "SoftEther_VPN_Setup_Wizard"
// Time to wait for the VPN Client service startup
#define SW_VPNCLIENT_SERVICE_WAIT_READY_TIMEOUT (30 * 1000)
// UI interaction
typedef struct SW_UI
{
UINT Type; // Type
wchar_t *Message; // Message string
UINT Param; // Parameters
UINT RetCode; // Return value
} SW_UI;
// Type of UI interaction
#define SW_UI_TYPE_PRINT 0 // Display the message
#define SW_UI_TYPE_MSGBOX 1 // Show a message box
#define SW_UI_TYPE_FINISH 2 // Completion
#define SW_UI_TYPE_ERROR 3 // Error
// Resource type of the file stored in the setup.exe
#define SW_SFX_RESOURCE_TYPE "DATAFILE"
// Code of old MSI
typedef struct SW_OLD_MSI
{
char *ProductCode; // Product code
char *ComponentCode; // Component code
} SW_OLD_MSI;
// Component
typedef struct SW_COMPONENT
{
UINT Id; // ID
bool Detected; // Whether it has been detected as an installation source
LIST *NeedFiles; // Necessary files
char *Name; // Internal name
char *SvcName; // Service name
wchar_t *Title; // Display name
wchar_t *Description; // Detail
wchar_t *DefaultDirName; // Installation directory name of the default
wchar_t *LongName; // Long name
UINT Icon; // Icon
UINT IconExeIndex; // The index number of the icon within the Setup.exe
bool SystemModeOnly; // Only system mode
bool InstallService; // Installation of service
wchar_t *SvcFileName; // Service file name
wchar_t *StartExeName; // Start EXE file name
wchar_t *StartDescription; // Description of the running software
SW_OLD_MSI *OldMsiList; // Old MSI Product List
UINT NumOldMsi; // The number of old MSI Product List
bool CopyVGDat; // Copy of the VPN Gate DAT file
} SW_COMPONENT;
// File copy task
typedef struct SW_TASK_COPY
{
wchar_t SrcFileName[MAX_SIZE]; // Original file name
wchar_t DstFileName[MAX_SIZE]; // Destination file name
wchar_t SrcDir[MAX_SIZE]; // Source directory
wchar_t DstDir[MAX_SIZE]; // Destination directory
bool Overwrite; // Override flag
bool SetupFile; // Setup file flag
} SW_TASK_COPY;
// Link creation task
typedef struct SW_TASK_LINK
{
wchar_t TargetDir[MAX_SIZE]; // Target directory
wchar_t TargetExe[MAX_SIZE]; // Target EXE file name
wchar_t TargetArg[MAX_SIZE]; // Arguments to pass to the target
wchar_t IconExe[MAX_SIZE]; // Icon EXE file name
UINT IconIndex; // Icon Index number
wchar_t DestDir[MAX_SIZE]; // Directory name to be created
wchar_t DestName[MAX_SIZE]; // File name to be created
wchar_t DestDescription[MAX_SIZE]; // Description string
bool NoDeleteDir; // Do not delete the directory on uninstall
} SW_TASK_LINK;
// Setup Tasks
typedef struct SW_TASK
{
LIST *CopyTasks; // File copy task
LIST *SetSecurityPaths; // List of paths to set the security
LIST *LinkTasks; // Link creation task
} SW_TASK;
// Setup log
typedef struct SW_LOG
{
UINT Type; // Type of log
wchar_t Path[MAX_PATH]; // Path
} SW_LOG;
// Type of setup log
#define SW_LOG_TYPE_FILE 1 // File
#define SW_LOG_TYPE_DIR 2 // Directory
#define SW_LOG_TYPE_REGISTRY 3 // Registry
#define SW_LOG_TYPE_LNK 4 // Shortcut file
#define SW_LOG_TYPE_LNK_DIR 5 // Shortcut directory
#define SW_LOG_TYPE_SVC 6 // Service
// Setup log files
typedef struct SW_LOGFILE
{
LIST *LogList; // List of log
bool IsSystemMode; // Whether the system mode
UINT Build; // Build Number
SW_COMPONENT *Component; // Component
} SW_LOGFILE;
// SFX file
typedef struct SW_SFX_FILE
{
char InnerFileName[MAX_PATH]; // Internal file name
wchar_t DiskFileName[MAX_PATH]; // File name of the disk
} SW_SFX_FILE;
// SW instance
typedef struct SW
{
LIST *ComponentList; // List of components
wchar_t InstallSrc[MAX_SIZE]; // Source directory
bool IsSystemMode; // Whether the system mode
bool UninstallMode; // Uninstall mode
UINT ExitCode; // Exit code
void *ReExecProcessHandle; // Child process handle of a result of the re-run itself
bool IsReExecForUac; // Whether the process was re-run for UAC handling
SW_COMPONENT *CurrentComponent; // Component that is currently selected
bool EulaAgreed; // Whether the user accepted the license agreement
bool DoubleClickBlocker; // Double-click blocker
bool LanguageMode; // Language setting mode
UINT LangId; // Language ID in the language setting mode
bool SetLangAndReboot; // Prompt to restart after making the language setting
bool LangNow; // Start the language setting process right now
bool EasyMode; // Simple installer creation mode
bool WebMode; // Web installer creation mode
bool OnlyAutoSettingMode; // Apply only mode of connection settings of VPN Client
INSTANCE *Single; // Multiple-starts check
wchar_t DefaultInstallDir_System[MAX_PATH]; // Default system installation directory
wchar_t DefaultInstallDir_User[MAX_PATH]; // Default user installation directory
bool IsAvailableSystemMode; // Whether the system mode is selectable
bool IsAvailableUserMode; // Whether the user mode is selectable
bool ShowWarningForUserMode; // Whether to display a warning for the user-mode
wchar_t InstallDir[MAX_PATH]; // Destination directory
THREAD *PerformThread; // Set up processing thread
bool Run; // Whether to start the tool after Setup finishes
SW_LOGFILE *LogFile; // Log file
bool MsiRebootRequired; // Need to be re-started as a result of MSI
bool LangNotChanged; // Language has not changed
wchar_t FinishMsg[MAX_SIZE * 2]; // Completion message
wchar_t Easy_SettingFile[MAX_PATH]; // Connection settings file name of the Simple installer creation kit:
wchar_t Easy_OutFile[MAX_PATH]; // Destination file name of the simple installer creation kit
bool Easy_EraseSensitive; // Simple installer creation kit: Delete the confidential information
bool Easy_EasyMode; // Simple installer creation kit: simple mode
wchar_t Web_SettingFile[MAX_PATH]; // Connection setting file name for the Web installer creation Kit
wchar_t Web_OutFile[MAX_PATH]; // Destination file name of the Web installer creation Kit
bool Web_EraseSensitive; // Web installer creation Kit: removing confidential information
bool Web_EasyMode; // Web installer creation kit: simple mode
wchar_t vpncmgr_path[MAX_PATH]; // Path of vpncmgr.exe
wchar_t auto_setting_path[MAX_PATH]; // Path of automatic connection setting
bool HideStartCommand; // Not to show the option to start the program on installation complete screen
char SfxMode[MAX_SIZE]; // SFX generation mode
wchar_t SfxOut[MAX_PATH]; // SFX destination
wchar_t CallerSfxPath[MAX_PATH]; // Calling SFX path
bool IsEasyInstaller; // Whether the calling SFX was built by the simple installer creation kit
bool IsWebInstaller; // Whether Web installer
bool DisableAutoImport; // Not to use the automatic import process
UINT CurrentEulaHash; // Hash of the license agreement
} SW;
// Function prototype
SW *NewSw();
UINT FreeSw(SW *sw);
void SwDefineComponents(SW *sw);
SW_COMPONENT *SwNewComponent(char *name, char *svc_name, UINT id, UINT icon, UINT icon_index, wchar_t *svc_filename,
wchar_t *long_name, bool system_mode_only, UINT num_files, char *files[],
wchar_t *start_exe_name, wchar_t *start_description,
SW_OLD_MSI *old_msis, UINT num_old_msis);
void SwFreeComponent(SW_COMPONENT *c);
void SwDetectComponents(SW *sw);
bool SwIsComponentDetected(SW *sw, SW_COMPONENT *c);
void SwParseCommandLine(SW *sw);
SW_COMPONENT *SwFindComponent(SW *sw, char *name);
void SwInitDefaultInstallDir(SW *sw);
void SwUiMain(SW *sw);
bool SwCheckNewDirName(wchar_t *name);
wchar_t *SwGetOldMsiInstalledDir(SW_COMPONENT *c);
bool SwUninstallOldMsiInstalled(HWND hWnd, WIZARD_PAGE *wp, SW_COMPONENT *c, bool *reboot_required);
bool SwReExecMyself(SW *sw, wchar_t *additional_params, bool as_admin);
SW_TASK *SwNewTask();
void SwFreeTask(SW_TASK *t);
SW_TASK_COPY *SwNewCopyTask(wchar_t *srcfilename, wchar_t *dstfilename, wchar_t *srcdir, wchar_t *dstdir, bool overwrite, bool setup_file);
void SwFreeCopyTask(SW_TASK_COPY *ct);
void SwDefineTasks(SW *sw, SW_TASK *t, SW_COMPONENT *c);
SW_TASK_LINK *SwNewLinkTask(wchar_t *target_dir, wchar_t *target_exe, wchar_t *target_arg,
wchar_t *icon_exe, UINT icon_index,
wchar_t *dest_dir, wchar_t *dest_name, wchar_t *dest_desc,
bool no_delete_dir);
void SwFreeLinkTask(SW_TASK_LINK *lt);
void SwAddLog(SW *sw, SW_LOGFILE *logfile, UINT type, wchar_t *path);
void SwAddLogA(SW *sw, SW_LOGFILE *logfile, UINT type, char *path);
bool SwSaveLogFile(SW *sw, wchar_t *dst_name, SW_LOGFILE *logfile);
SW_LOGFILE *SwLoadLogFile(SW *sw, wchar_t *filename);
SW_LOGFILE *SwNewLogFile();
void SwFreeLogFile(SW_LOGFILE *logfile);
void SwInstallShortcuts(SW *sw, WIZARD_PAGE *wp, SW_COMPONENT *c, SW_TASK *t);
void SwDeleteShortcuts(SW_LOGFILE *logfile);
bool SwCheckOs(SW *sw, SW_COMPONENT *c);
bool SwEnterSingle(SW *sw);
void SwLeaveSingle(SW *sw);
UINT SwWelcomeDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, WIZARD *wizard, WIZARD_PAGE *wizard_page, void *param);
UINT SwModeDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, WIZARD *wizard, WIZARD_PAGE *wizard_page, void *param);
UINT SwNotAdminDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, WIZARD *wizard, WIZARD_PAGE *wizard_page, void *param);
UINT SwComponents(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, WIZARD *wizard, WIZARD_PAGE *wizard_page, void *param);
void SwComponentsInit(HWND hWnd, SW *sw);
void SwComponentsUpdate(HWND hWnd, SW *sw, WIZARD *wizard, WIZARD_PAGE *wizard_page);
UINT SwEula(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, WIZARD *wizard, WIZARD_PAGE *wizard_page, void *param);
void SwEulaUpdate(HWND hWnd, SW *sw, WIZARD *wizard, WIZARD_PAGE *wizard_page);
UINT SwDir(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, WIZARD *wizard, WIZARD_PAGE *wizard_page, void *param);
void SwDirUpdate(HWND hWnd, SW *sw, WIZARD_PAGE *wizard_page);
UINT SwReady(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, WIZARD *wizard, WIZARD_PAGE *wizard_page, void *param);
UINT SwPerform(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, WIZARD *wizard, WIZARD_PAGE *wizard_page, void *param);
void SwPerformInit(HWND hWnd, SW *sw, WIZARD_PAGE *wp);
void SwPerformThread(THREAD *thread, void *param);
void SwPerformPrint(WIZARD_PAGE *wp, wchar_t *str);
UINT SwPerformMsgBox(WIZARD_PAGE *wp, UINT flags, wchar_t *msg);
UINT SwInteractUi(WIZARD_PAGE *wp, SW_UI *ui);
void SwInteractUiCalled(HWND hWnd, SW *sw, WIZARD_PAGE *wp, SW_UI *ui);
bool SwInstallMain(SW *sw, WIZARD_PAGE *wp, SW_COMPONENT *c);
UINT SwError(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, WIZARD *wizard, WIZARD_PAGE *wizard_page, void *param);
UINT SwFinish(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, WIZARD *wizard, WIZARD_PAGE *wizard_page, void *param);
UINT SwUninst1(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, WIZARD *wizard, WIZARD_PAGE *wizard_page, void *param);
bool SwUninstallMain(SW *sw, WIZARD_PAGE *wp, SW_COMPONENT *c);
UINT SwLang1(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, WIZARD *wizard, WIZARD_PAGE *wizard_page, void *param);
void SwLang1Init(HWND hWnd, SW *sw);
UINT SwGetLangIcon(char *name);
void SwLang1Update(HWND hWnd, SW *sw, WIZARD *wizard, WIZARD_PAGE *wizard_page);
UINT SwEasy1(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, WIZARD *wizard, WIZARD_PAGE *wizard_page, void *param);
UINT SwEasy2(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, WIZARD *wizard, WIZARD_PAGE *wizard_page, void *param);
void SwEasy2Update(HWND hWnd, SW *sw, WIZARD *wizard, WIZARD_PAGE *wizard_page);
bool SwEasyMain(SW *sw, WIZARD_PAGE *wp);
UINT SwWeb1(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, WIZARD *wizard, WIZARD_PAGE *wizard_page, void *param);
UINT SwWeb2(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, WIZARD *wizard, WIZARD_PAGE *wizard_page, void *param);
void SwWeb2Update(HWND hWnd, SW *sw, WIZARD *wizard, WIZARD_PAGE *wizard_page);
bool SwWebMain(SW *sw, WIZARD_PAGE *wp);
void SwGenerateDefaultSfxFileName(wchar_t *name, UINT size);
void SwGenerateDefaultZipFileName(wchar_t *name, UINT size);
bool CALLBACK SwEnumResourceNamesProc(HMODULE hModule, const char *type, char *name, LONG_PTR lParam);
UINT SwSfxModeMain();
bool CALLBACK SfxModeMainDialogProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam);
bool SwSfxExtractProcess(HWND hWnd, bool *hide_error_msg);
bool SwSfxExtractFile(HWND hWnd, void *data, UINT size, wchar_t *dst, bool compressed);
SW_SFX_FILE *SwNewSfxFile(char *inner_file_name, wchar_t *disk_file_name);
bool SwSfxCopyVgFiles(HWND hWnd, wchar_t *src, wchar_t *dst);
#endif // SW_INNER_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Sam.c
+415
View File
@@ -0,0 +1,415 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Sam.c
// Security Accounts Manager
#include "CedarPch.h"
// Password encryption
void SecurePassword(void *secure_password, void *password, void *random)
{
BUF *b;
// Validate arguments
if (secure_password == NULL || password == NULL || random == NULL)
{
return;
}
b = NewBuf();
WriteBuf(b, password, SHA1_SIZE);
WriteBuf(b, random, SHA1_SIZE);
Hash(secure_password, b->Buf, b->Size, true);
FreeBuf(b);
}
// Generate 160bit random number
void GenRamdom(void *random)
{
// Validate arguments
if (random == NULL)
{
return;
}
Rand(random, SHA1_SIZE);
}
// Anonymous authentication of user
bool SamAuthUserByAnonymous(HUB *h, char *username)
{
bool b = false;
// Validate arguments
if (h == NULL || username == NULL)
{
return false;
}
AcLock(h);
{
USER *u = AcGetUser(h, username);
if (u)
{
Lock(u->lock);
{
if (u->AuthType == AUTHTYPE_ANONYMOUS)
{
b = true;
}
}
Unlock(u->lock);
}
ReleaseUser(u);
}
AcUnlock(h);
return b;
}
// Plaintext password authentication of user
bool SamAuthUserByPlainPassword(CONNECTION *c, HUB *hub, char *username, char *password, bool ast, UCHAR *mschap_v2_server_response_20)
{
return false;
}
// Certificate authentication of user
bool SamAuthUserByCert(HUB *h, char *username, X *x)
{
return false;
}
// Get the root certificate that signed the specified certificate from the list
X *GetIssuerFromList(LIST *cert_list, X *cert)
{
UINT i;
X *ret = NULL;
// Validate arguments
if (cert_list == NULL || cert == NULL)
{
return NULL;
}
for (i = 0;i < LIST_NUM(cert_list);i++)
{
X *x = LIST_DATA(cert_list, i);
// Name comparison
if (CheckXDateNow(x))
{
if (CompareName(x->subject_name, cert->issuer_name))
{
// Get the public key of the root certificate
K *k = GetKFromX(x);
if (k != NULL)
{
// Check the signature
if (CheckSignature(cert, k))
{
ret = x;
}
FreeK(k);
}
}
}
if (CompareX(x, cert))
{
// Complete identical
ret = x;
}
}
return ret;
}
// Get the policy to be applied for the user
POLICY *SamGetUserPolicy(HUB *h, char *username)
{
POLICY *ret = NULL;
// Validate arguments
if (h == NULL || username == NULL)
{
return NULL;
}
AcLock(h);
{
USER *u;
u = AcGetUser(h, username);
if (u)
{
USERGROUP *g = NULL;
Lock(u->lock);
{
if (u->Policy != NULL)
{
ret = ClonePolicy(u->Policy);
}
g = u->Group;
if (g != NULL)
{
AddRef(g->ref);
}
}
Unlock(u->lock);
ReleaseUser(u);
u = NULL;
if (ret == NULL)
{
if (g != NULL)
{
Lock(g->lock);
{
ret = ClonePolicy(g->Policy);
}
Unlock(g->lock);
}
}
if (g != NULL)
{
ReleaseGroup(g);
}
}
}
AcUnlock(h);
return ret;
}
// Password authentication of user
bool SamAuthUserByPassword(HUB *h, char *username, void *random, void *secure_password, char *mschap_v2_password, UCHAR *mschap_v2_server_response_20, UINT *err)
{
bool b = false;
UCHAR secure_password_check[SHA1_SIZE];
bool is_mschap = false;
IPC_MSCHAP_V2_AUTHINFO mschap;
UINT dummy = 0;
// Validate arguments
if (h == NULL || username == NULL || secure_password == NULL)
{
return false;
}
if (err == NULL)
{
err = &dummy;
}
*err = 0;
Zero(&mschap, sizeof(mschap));
is_mschap = ParseAndExtractMsChapV2InfoFromPassword(&mschap, mschap_v2_password);
if (StrCmpi(username, ADMINISTRATOR_USERNAME) == 0)
{
// Administrator mode
SecurePassword(secure_password_check, h->SecurePassword, random);
if (Cmp(secure_password_check, secure_password, SHA1_SIZE) == 0)
{
return true;
}
else
{
return false;
}
}
AcLock(h);
{
USER *u;
u = AcGetUser(h, username);
if (u)
{
Lock(u->lock);
{
if (u->AuthType == AUTHTYPE_PASSWORD)
{
AUTHPASSWORD *auth = (AUTHPASSWORD *)u->AuthData;
if (is_mschap == false)
{
// Normal password authentication
SecurePassword(secure_password_check, auth->HashedKey, random);
if (Cmp(secure_password_check, secure_password, SHA1_SIZE) == 0)
{
b = true;
}
}
else
{
// MS-CHAP v2 authentication via PPP
UCHAR challenge8[8];
UCHAR client_response[24];
if (IsZero(auth->NtLmSecureHash, MD5_SIZE))
{
// NTLM hash is not registered in the user account
*err = ERR_MSCHAP2_PASSWORD_NEED_RESET;
}
else
{
UCHAR nt_pw_hash_hash[16];
Zero(challenge8, sizeof(challenge8));
Zero(client_response, sizeof(client_response));
MsChapV2_GenerateChallenge8(challenge8, mschap.MsChapV2_ClientChallenge, mschap.MsChapV2_ServerChallenge,
mschap.MsChapV2_PPPUsername);
MsChapV2Client_GenerateResponse(client_response, challenge8, auth->NtLmSecureHash);
if (Cmp(client_response, mschap.MsChapV2_ClientResponse, 24) == 0)
{
// Hash matched
b = true;
// Calculate the response
GenerateNtPasswordHashHash(nt_pw_hash_hash, auth->NtLmSecureHash);
MsChapV2Server_GenerateResponse(mschap_v2_server_response_20, nt_pw_hash_hash,
client_response, challenge8);
}
}
}
}
}
Unlock(u->lock);
ReleaseUser(u);
}
}
AcUnlock(h);
return b;
}
// Make sure that the user exists
bool SamIsUser(HUB *h, char *username)
{
bool b;
// Validate arguments
if (h == NULL || username == NULL)
{
return false;
}
AcLock(h);
{
b = AcIsUser(h, username);
}
AcUnlock(h);
return b;
}
// Get the type of authentication used by the user
UINT SamGetUserAuthType(HUB *h, char *username)
{
UINT authtype;
// Validate arguments
if (h == NULL || username == NULL)
{
return INFINITE;
}
AcLock(h);
{
USER *u = AcGetUser(h, username);
if (u == NULL)
{
authtype = INFINITE;
}
else
{
authtype = u->AuthType;
ReleaseUser(u);
}
}
AcUnlock(h);
return authtype;
}
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/Sam.h
+106
View File
@@ -0,0 +1,106 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Sam.h
// Header of Sam.c
#ifndef SAM_H
#define SAM_H
// Function prototype
bool SamIsUser(HUB *h, char *username);
UINT SamGetUserAuthType(HUB *h, char *username);
bool SamAuthUserByPassword(HUB *h, char *username, void *random, void *secure_password, char *mschap_v2_password, UCHAR *mschap_v2_server_response_20, UINT *err);
bool SamAuthUserByAnonymous(HUB *h, char *username);
bool SamAuthUserByCert(HUB *h, char *username, X *x);
bool SamAuthUserByPlainPassword(CONNECTION *c, HUB *hub, char *username, char *password, bool ast, UCHAR *mschap_v2_server_response_20);
POLICY *SamGetUserPolicy(HUB *h, char *username);
void GenRamdom(void *random);
void SecurePassword(void *secure_password, void *password, void *random);
X *GetIssuerFromList(LIST *cert_list, X *cert);
#endif // SAM_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/SeLowUser.c
+772
View File
@@ -0,0 +1,772 @@
// SoftEther VPN Source Code
// SeLow: SoftEther Lightweight Network Protocol
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// SeLowUser.c
// SoftEther Lightweight Network Protocol User-mode Library
#include <GlobalConst.h>
#ifdef WIN32
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <wchar.h>
#include <stdarg.h>
#include <time.h>
#include <errno.h>
#include <Mayaqua/Mayaqua.h>
#include <Cedar/Cedar.h>
// Install the driver
bool SuInstallDriver(bool force)
{
bool ret;
void *wow;
wow = MsDisableWow64FileSystemRedirection();
ret = SuInstallDriverInner(force);
MsRestoreWow64FileSystemRedirection(wow);
return ret;
}
bool SuInstallDriverInner(bool force)
{
wchar_t sys_fullpath[MAX_PATH];
UINT current_sl_ver = 0;
bool ret = false;
wchar_t src_cat[MAX_PATH];
wchar_t src_inf[MAX_PATH];
wchar_t src_sys[MAX_PATH];
wchar_t dst_cat[MAX_PATH];
wchar_t dst_inf[MAX_PATH];
wchar_t dst_sys[MAX_PATH];
wchar_t tmp_dir[MAX_PATH];
char *cpu_type = MsIsX64() ? "x64" : "x86";
if (SuIsSupportedOs() == false)
{
// Unsupported OS
return false;
}
CombinePathW(tmp_dir, sizeof(tmp_dir), MsGetWindowsDirW(), L"Temp");
MakeDirExW(tmp_dir);
UniStrCat(tmp_dir, sizeof(tmp_dir), L"\\selowtmp");
MakeDirExW(tmp_dir);
// Confirm whether the driver is currently installed
CombinePathW(sys_fullpath, sizeof(sys_fullpath), MsGetSystem32DirW(), L"drivers\\SeLow_%S.sys");
UniFormat(sys_fullpath, sizeof(sys_fullpath), sys_fullpath, cpu_type);
if (IsFileExistsW(sys_fullpath))
{
char *path;
// Read the current version from the registry
current_sl_ver = MsRegReadIntEx2(REG_LOCAL_MACHINE, SL_REG_KEY_NAME, SL_REG_VER_VALUE, false, true);
path = MsRegReadStrEx2(REG_LOCAL_MACHINE, SL_REG_KEY_NAME, "ImagePath", false, true);
if (IsEmptyStr(path))
{
current_sl_ver = 0;
}
Free(path);
}
if (force == false && current_sl_ver >= SL_VER)
{
// Newer version has already been installed
Debug("Newer SeLow is Installed. %u >= %u\n", current_sl_ver, SL_VER);
return true;
}
// Copy necessary files to a temporary directory
UniFormat(src_sys, sizeof(src_sys), L"|SeLow_%S.sys", cpu_type);
UniFormat(src_cat, sizeof(src_cat), L"|inf\\selow_%S\\inf.cat", cpu_type);
UniFormat(src_inf, sizeof(src_inf), L"|inf\\selow_%S\\SeLow_%S.inf", cpu_type, cpu_type);
UniFormat(dst_sys, sizeof(dst_cat), L"%s\\SeLow_%S.sys", tmp_dir, cpu_type);
UniFormat(dst_cat, sizeof(dst_cat), L"%s\\inf_selow.cat", tmp_dir);
UniFormat(dst_inf, sizeof(dst_inf), L"%s\\SeLow_%S.inf", tmp_dir, cpu_type);
if (FileCopyW(src_sys, dst_sys) &&
FileCopyW(src_cat, dst_cat) &&
FileCopyW(src_inf, dst_inf))
{
NO_WARNING *nw;
nw = MsInitNoWarningEx(SL_USER_AUTO_PUSH_TIMER);
// Call the installer
if (InstallNdisProtocolDriver(dst_inf, L"SeLow", SL_USER_INSTALL_LOCK_TIMEOUT) == false)
{
Debug("InstallNdisProtocolDriver Error.\n");
}
else
{
Debug("InstallNdisProtocolDriver Ok.\n");
// Copy manually because there are cases where .sys file is not copied successfully for some reason
FileCopyW(src_sys, sys_fullpath);
ret = true;
// Write the version number into the registry
MsRegWriteIntEx2(REG_LOCAL_MACHINE, SL_REG_KEY_NAME, SL_REG_VER_VALUE, SL_VER, false, true);
// Set to automatic startup
MsRegWriteIntEx2(REG_LOCAL_MACHINE, SL_REG_KEY_NAME, "Start", SERVICE_SYSTEM_START, false, true);
}
MsFreeNoWarning(nw);
}
else
{
Debug("Fail Copying Files.\n");
}
if (ret)
{
// If the service is installed this time, start and wait until the enumeration is completed
SuFree(SuInitEx(180 * 1000));
}
return ret;
}
// Get whether the current OS is supported by SeLow
bool SuIsSupportedOs()
{
// At present, this doesn't support any OS.
return false;
//return MsIsWindows7();
}
// Write the next packet to the driver
bool SuPutPacket(SU_ADAPTER *a, void *buf, UINT size)
{
// Validate arguments
if (a == NULL)
{
return false;
}
if (a->Halt)
{
return false;
}
if (size > MAX_PACKET_SIZE)
{
return false;
}
// First, examine whether the current buffer is full
if ((SL_NUM_PACKET(a->PutBuffer) >= SL_MAX_PACKET_EXCHANGE) ||
(buf == NULL && SL_NUM_PACKET(a->PutBuffer) != 0))
{
// Write all current packets to the driver
if (SuPutPacketsToDriver(a) == false)
{
return false;
}
SL_NUM_PACKET(a->PutBuffer) = 0;
}
// Add the next packet to the buffer
if (buf != NULL)
{
UINT i = SL_NUM_PACKET(a->PutBuffer);
SL_NUM_PACKET(a->PutBuffer)++;
SL_SIZE_OF_PACKET(a->PutBuffer, i) = size;
Copy(SL_ADDR_OF_PACKET(a->PutBuffer, i), buf, size);
Free(buf);
}
return true;
}
// Write all current packets to the driver
bool SuPutPacketsToDriver(SU_ADAPTER *a)
{
DWORD write_size;
// Validate arguments
if (a == NULL)
{
return false;
}
if (a->Halt)
{
return false;
}
if (WriteFile(a->hFile, a->PutBuffer, SL_EXCHANGE_BUFFER_SIZE, &write_size, NULL) == false)
{
a->Halt = true;
SuCloseAdapterHandleInner(a);
return false;
}
if (write_size != SL_EXCHANGE_BUFFER_SIZE)
{
a->Halt = true;
return false;
}
return true;
}
// Read the next packet from the driver
bool SuGetNextPacket(SU_ADAPTER *a, void **buf, UINT *size)
{
// Validate arguments
if (a == NULL || buf == NULL || size == NULL)
{
return false;
}
if (a->Halt)
{
return false;
}
while (true)
{
if (a->CurrentPacketCount < SL_NUM_PACKET(a->GetBuffer))
{
// There are still packets that have been already read
*size = SL_SIZE_OF_PACKET(a->GetBuffer, a->CurrentPacketCount);
*buf = Malloc(*size);
Copy(*buf, SL_ADDR_OF_PACKET(a->GetBuffer, a->CurrentPacketCount), *size);
// Increment the packet number
a->CurrentPacketCount++;
return true;
}
else
{
// Read the next packet from the driver
if (SuGetPacketsFromDriver(a) == false)
{
return false;
}
if (SL_NUM_PACKET(a->GetBuffer) == 0)
{
// Packet is not received yet
*buf = NULL;
*size = 0;
return true;
}
a->CurrentPacketCount = 0;
}
}
}
// Read the next packet from the driver
bool SuGetPacketsFromDriver(SU_ADAPTER *a)
{
DWORD read_size;
// Validate arguments
if (a == NULL)
{
return false;
}
if (a->Halt)
{
return false;
}
if (ReadFile(a->hFile, a->GetBuffer, SL_EXCHANGE_BUFFER_SIZE, &read_size, NULL) == false)
{
a->Halt = true;
SuCloseAdapterHandleInner(a);
return false;
}
if (read_size != SL_EXCHANGE_BUFFER_SIZE)
{
a->Halt = true;
return false;
}
return true;
}
// Close the adapter
void SuCloseAdapter(SU_ADAPTER *a)
{
// Validate arguments
if (a == NULL)
{
return;
}
if (a->hEvent != NULL)
{
CloseHandle(a->hEvent);
}
if (a->hFile != INVALID_HANDLE_VALUE)
{
CloseHandle(a->hFile);
a->hFile = INVALID_HANDLE_VALUE;
}
Free(a);
}
// Close the adapter handle
void SuCloseAdapterHandleInner(SU_ADAPTER *a)
{
return;//////////// ****************
// Validate arguments
if (a == NULL)
{
return;
}
if (a->hFile != INVALID_HANDLE_VALUE)
{
CloseHandle(a->hFile);
a->hFile = INVALID_HANDLE_VALUE;
}
}
// Open the adapter
SU_ADAPTER *SuOpenAdapter(SU *u, char *adapter_id)
{
char filename[MAX_PATH];
void *h;
SU_ADAPTER *a;
SL_IOCTL_EVENT_NAME t;
UINT read_size;
// Validate arguments
if (u == NULL || adapter_id == NULL)
{
return NULL;
}
Format(filename, sizeof(filename), SL_ADAPTER_DEVICE_FILENAME_WIN32, adapter_id);
h = CreateFileA(filename, GENERIC_READ | GENERIC_WRITE,
FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL);
if (h == INVALID_HANDLE_VALUE)
{
Debug("Create File %s failed. %u\n", filename, GetLastError());
return NULL;
}
else
{
Debug("Create File %s ok.\n", filename);
}
a = ZeroMalloc(sizeof(SU_ADAPTER));
StrCpy(a->AdapterId, sizeof(a->AdapterId), adapter_id);
StrCpy(a->DeviceName, sizeof(a->DeviceName), filename);
a->hFile = h;
Zero(&t, sizeof(t));
// Get the event name
if (DeviceIoControl(h, SL_IOCTL_GET_EVENT_NAME, &t, sizeof(t), &t, sizeof(t), &read_size, NULL) == false)
{
// Acquisition failure
SuCloseAdapter(a);
return NULL;
}
Debug("Event Name: %s\n", t.EventNameWin32);
// Get the event
a->hEvent = OpenEvent(EVENT_ALL_ACCESS, FALSE, t.EventNameWin32);
if (a->hEvent == NULL)
{
// Acquisition failure
SuCloseAdapter(a);
return NULL;
}
return a;
}
// Enumerate adapters
TOKEN_LIST *SuEnumAdapters(SU *u)
{
UINT i;
UINT ret_size;
TOKEN_LIST *ret;
// Validate arguments
if (u == NULL)
{
return NullToken();
}
Zero(&u->AdapterInfoList, sizeof(u->AdapterInfoList));
if (ReadFile(u->hFile, &u->AdapterInfoList, sizeof(u->AdapterInfoList),
&ret_size, NULL) == false ||
u->AdapterInfoList.Signature != SL_SIGNATURE)
{
Debug("SuEnumAdapters: ReadFile error.\n");
return NullToken();
}
ret = ZeroMalloc(sizeof(TOKEN_LIST));
ret->NumTokens = u->AdapterInfoList.NumAdapters;
ret->Token = ZeroMalloc(sizeof(char *) * ret->NumTokens);
Debug("SuEnumAdapters: u->AdapterInfoList.NumAdapters = %u\n", u->AdapterInfoList.NumAdapters);
for (i = 0;i < ret->NumTokens;i++)
{
ret->Token[i] = CopyUniToStr(u->AdapterInfoList.Adapters[i].AdapterId);
UniPrint(L"%s %u %S\n",
u->AdapterInfoList.Adapters[i].AdapterId,
u->AdapterInfoList.Adapters[i].MtuSize,
u->AdapterInfoList.Adapters[i].FriendlyName);
}
return ret;
}
// Create an adapters list
LIST *SuGetAdapterList(SU *u)
{
LIST *ret;
UINT read_size;
UINT i;
// Validate arguments
if (u == NULL)
{
return NULL;
}
ret = NewList(SuCmpAdaterList);
// Enumerate adapters
Zero(&u->AdapterInfoList, sizeof(u->AdapterInfoList));
if (ReadFile(u->hFile, &u->AdapterInfoList, sizeof(u->AdapterInfoList),
&read_size, NULL) == false ||
u->AdapterInfoList.Signature != SL_SIGNATURE)
{
SuFreeAdapterList(ret);
return NULL;
}
for (i = 0;i < u->AdapterInfoList.NumAdapters;i++)
{
SL_ADAPTER_INFO *info = &u->AdapterInfoList.Adapters[i];
SU_ADAPTER_LIST *a = SuAdapterInfoToAdapterList(info);
if (a != NULL)
{
Add(ret, a);
}
}
// Sort
Sort(ret);
return ret;
}
// Comparison function of the adapter list
int SuCmpAdaterList(void *p1, void *p2)
{
int r;
SU_ADAPTER_LIST *a1, *a2;
if (p1 == NULL || p2 == NULL)
{
return 0;
}
a1 = *(SU_ADAPTER_LIST **)p1;
a2 = *(SU_ADAPTER_LIST **)p2;
if (a1 == NULL || a2 == NULL)
{
return 0;
}
r = StrCmpi(a1->SortKey, a2->SortKey);
if (r != 0)
{
return 0;
}
return StrCmpi(a1->Guid, a2->Guid);
}
// Release the adapter list
void SuFreeAdapterList(LIST *o)
{
UINT i;
// Validate arguments
if (o == NULL)
{
return;
}
for (i = 0;i < LIST_NUM(o);i++)
{
SU_ADAPTER_LIST *a = LIST_DATA(o, i);
Free(a);
}
ReleaseList(o);
}
// Create an adapter list item
SU_ADAPTER_LIST *SuAdapterInfoToAdapterList(SL_ADAPTER_INFO *info)
{
SU_ADAPTER_LIST t;
char tmp[MAX_SIZE];
// Validate arguments
if (info == NULL)
{
return NULL;
}
Zero(&t, sizeof(t));
Copy(&t.Info, info, sizeof(SL_ADAPTER_INFO));
UniToStr(tmp, sizeof(tmp), info->AdapterId);
if (IsEmptyStr(tmp) || IsEmptyStr(info->FriendlyName) || StartWith(tmp, SL_ADAPTER_ID_PREFIX) == false)
{
// Name is invalid
return NULL;
}
// GUID (Part after "SELOW_A_" prefix)
StrCpy(t.Guid, sizeof(t.Guid), tmp + StrLen(SL_ADAPTER_ID_PREFIX));
// Name
StrCpy(t.Name, sizeof(t.Name), tmp);
// Key for sort
if (GetClassRegKeyWin32(t.SortKey, sizeof(t.SortKey), tmp, sizeof(tmp), t.Guid) == false)
{
// Can not be found
return NULL;
}
return Clone(&t, sizeof(t));
}
// Initialize the driver
SU *SuInit()
{
return SuInitEx(0);
}
SU *SuInitEx(UINT wait_for_bind_complete_tick)
{
void *h;
SU *u;
UINT read_size;
bool flag = false;
UINT64 giveup_tick = 0;
if (SuIsSupportedOs() == false)
{
// Unsupported OS
return NULL;
}
LABEL_RETRY:
// Open the device driver
h = CreateFileA(SL_BASIC_DEVICE_FILENAME_WIN32, GENERIC_READ | GENERIC_WRITE,
FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL);
if (h == INVALID_HANDLE_VALUE)
{
Debug("CreateFileA(%s) Failed.\n", SL_BASIC_DEVICE_FILENAME_WIN32);
// Start the service if it fails to start the device driver
if (flag == false)
{
if (MsStartService(SL_PROTOCOL_NAME) == false)
{
Debug("MsStartService(%s) Failed.\n", SL_PROTOCOL_NAME);
}
else
{
Debug("MsStartService(%s) Ok.\n", SL_PROTOCOL_NAME);
flag = true;
goto LABEL_RETRY;
}
}
return NULL;
}
//Debug("CreateFileA(%s) Ok.\n", SL_BASIC_DEVICE_FILENAME_WIN32);
u = ZeroMalloc(sizeof(SU));
giveup_tick = Tick64() + (UINT64)wait_for_bind_complete_tick;
if (wait_for_bind_complete_tick == 0)
{
if (ReadFile(h, &u->AdapterInfoList, sizeof(u->AdapterInfoList), &read_size, NULL) == false ||
u->AdapterInfoList.Signature != SL_SIGNATURE)
{
// Signature reception failure
Debug("Bad Signature.\n");
Free(u);
CloseHandle(h);
return NULL;
}
}
else
{
while (giveup_tick >= Tick64())
{
// Wait until the enumeration is completed
if (ReadFile(h, &u->AdapterInfoList, sizeof(u->AdapterInfoList), &read_size, NULL) == false ||
u->AdapterInfoList.Signature != SL_SIGNATURE)
{
// Signature reception failure
Debug("Bad Signature.\n");
Free(u);
CloseHandle(h);
return NULL;
}
if (u->AdapterInfoList.EnumCompleted)
{
// Complete enumeration
Debug("Bind Completed! %u\n", u->AdapterInfoList.EnumCompleted);
break;
}
// Incomplete enumeration
Debug("Waiting for Bind Complete.\n");
SleepThread(25);
}
}
u->hFile = h;
return u;
}
// Release the driver
void SuFree(SU *u)
{
// Validate arguments
if (u == NULL)
{
return;
}
CloseHandle(u->hFile);
Free(u);
}
#endif // WIN32
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/SeLowUser.h
+154
View File
@@ -0,0 +1,154 @@
// SoftEther VPN Source Code
// SeLow: SoftEther Lightweight Network Protocol
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// SeLowUser.h
// Header for SeLowUser.c
#ifndef SELOWUSER_H
#define SELOWUSER_H
#include <SeLow/SeLowCommon.h>
//// Macro
#define SL_USER_INSTALL_LOCK_TIMEOUT 60000 // Lock acquisition timeout
#define SL_USER_AUTO_PUSH_TIMER 60000 // Timer to start the installation automatically
//// Type
// SU
struct SU
{
void *hFile; // File handle
SL_ADAPTER_INFO_LIST AdapterInfoList; // Adapter list cache
};
// Adapter
struct SU_ADAPTER
{
char AdapterId[MAX_PATH]; // Adapter ID
char DeviceName[MAX_PATH]; // Device name
void *hFile; // File handle
void *hEvent; // Event handle
bool Halt;
UINT CurrentPacketCount;
UCHAR GetBuffer[SL_EXCHANGE_BUFFER_SIZE]; // Read buffer
UCHAR PutBuffer[SL_EXCHANGE_BUFFER_SIZE]; // Write buffer
};
// Adapter list items
struct SU_ADAPTER_LIST
{
SL_ADAPTER_INFO Info; // Adapter information
char Guid[128]; // GUID
char Name[MAX_SIZE]; // Name
char SortKey[MAX_SIZE]; // Sort key
};
//// Function prototype
SU *SuInit();
SU *SuInitEx(UINT wait_for_bind_complete_tick);
void SuFree(SU *u);
TOKEN_LIST *SuEnumAdapters(SU *u);
SU_ADAPTER *SuOpenAdapter(SU *u, char *adapter_id);
void SuCloseAdapter(SU_ADAPTER *a);
void SuCloseAdapterHandleInner(SU_ADAPTER *a);
bool SuGetPacketsFromDriver(SU_ADAPTER *a);
bool SuGetNextPacket(SU_ADAPTER *a, void **buf, UINT *size);
bool SuPutPacketsToDriver(SU_ADAPTER *a);
bool SuPutPacket(SU_ADAPTER *a, void *buf, UINT size);
SU_ADAPTER_LIST *SuAdapterInfoToAdapterList(SL_ADAPTER_INFO *info);
LIST *SuGetAdapterList(SU *u);
void SuFreeAdapterList(LIST *o);
int SuCmpAdaterList(void *p1, void *p2);
bool SuInstallDriver(bool force);
bool SuInstallDriverInner(bool force);
bool SuIsSupportedOs();
#endif // SELOWUSER_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/SecureInfo.c
+90
View File
@@ -0,0 +1,90 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// SecureInfo.c
// Code related to a secure VPN tunnel data for system administrators
#include "CedarPch.h"
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/SecureInfo.h
+94
View File
@@ -0,0 +1,94 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// SecureInfo.h
// Header of SecureInfo.c
#ifndef SECUREINFO_H
#define SECUREINFO_H
#endif // SECUREINFO_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/SecureNAT.c
+228
View File
@@ -0,0 +1,228 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// SecureNAT.c
// SecureNAT code
#include "CedarPch.h"
// SecureNAT server-side thread
void SnSecureNATThread(THREAD *t, void *param)
{
SNAT *s;
CONNECTION *c;
SESSION *se;
POLICY *policy;
HUB *h;
// Validate arguments
if (t == NULL || param == NULL)
{
return;
}
s = (SNAT *)param;
// Create a server connection
c = NewServerConnection(s->Cedar, NULL, t);
c->Protocol = CONNECTION_HUB_SECURE_NAT;
// Apply the default policy
policy = ClonePolicy(GetDefaultPolicy());
// Not to limit the number of broadcast
policy->NoBroadcastLimiter = true;
h = s->Hub;
AddRef(h->ref);
// create a server session
se = NewServerSession(s->Cedar, c, s->Hub, SNAT_USER_NAME, policy);
se->SecureNATMode = true;
se->SecureNAT = s;
c->Session = se;
ReleaseConnection(c);
HLog(se->Hub, "LH_NAT_START", se->Name);
// User name
se->Username = CopyStr(SNAT_USER_NAME_PRINT);
s->Session = se;
AddRef(se->ref);
// Notification initialization completion
NoticeThreadInit(t);
ReleaseCancel(s->Nat->Virtual->Cancel);
s->Nat->Virtual->Cancel = se->Cancel1;
AddRef(se->Cancel1->ref);
if (s->Nat->Virtual->NativeNat != NULL)
{
CANCEL *old_cancel = NULL;
Lock(s->Nat->Virtual->NativeNat->CancelLock);
{
if (s->Nat->Virtual->NativeNat->Cancel != NULL)
{
old_cancel = s->Nat->Virtual->NativeNat->Cancel;
s->Nat->Virtual->NativeNat->Cancel = se->Cancel1;
AddRef(se->Cancel1->ref);
}
}
Unlock(s->Nat->Virtual->NativeNat->CancelLock);
if (old_cancel != NULL)
{
ReleaseCancel(old_cancel);
}
}
// Main function of the session
Debug("SecureNAT Start.\n");
SessionMain(se);
Debug("SecureNAT Stop.\n");
HLog(se->Hub, "LH_NAT_STOP");
ReleaseHub(h);
ReleaseSession(se);
}
// Release the SecureNAT
void SnFreeSecureNAT(SNAT *s)
{
// Validate arguments
if (s == NULL)
{
return;
}
// Stop the session
StopSession(s->Session);
ReleaseSession(s->Session);
// Virtual machine release
Virtual_Free(s->Nat->Virtual);
// NAT release
NiFreeNat(s->Nat);
DeleteLock(s->lock);
Free(s);
}
// Create a new SecureNAT
SNAT *SnNewSecureNAT(HUB *h, VH_OPTION *o)
{
SNAT *s;
THREAD *t;
// Validate arguments
if (h == NULL || o == NULL)
{
return NULL;
}
s = ZeroMalloc(sizeof(SNAT));
s->Cedar = h->Cedar;
s->Hub = h;
s->lock = NewLock();
// Create a NAT
s->Nat = NiNewNatEx(s, o);
// Initialize the virtual machine
VirtualInit(s->Nat->Virtual);
// Create a thread
t = NewThread(SnSecureNATThread, s);
WaitThreadInit(t);
ReleaseThread(t);
return s;
}
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
src/Cedar/SecureNAT.h
+108
View File
@@ -0,0 +1,108 @@
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// SecureNAT.h
// Header of SecureNAT.c
#ifndef SECURENAT_H
#define SECURENAT_H
struct SNAT
{
LOCK *lock; // Lock
CEDAR *Cedar; // Cedar
HUB *Hub; // HUB
SESSION *Session; // Session
POLICY *Policy; // Policy
NAT *Nat; // NAT
};
SNAT *SnNewSecureNAT(HUB *h, VH_OPTION *o);
void SnFreeSecureNAT(SNAT *s);
void SnSecureNATThread(THREAD *t, void *param);
#endif // SECURENAT_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/

Some files were not shown because too many files have changed in this diff Show More