AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2024-11-22 17:39:53 +03:00
Code Releases Activity

Cedar/Proto_PPP: Fix EAP identifier duplication

Browse Source
This commit is contained in:
domosekai 2021-05-26 09:26:22 +00:00
parent dc8d705854
commit 8c12e79448
1 changed files with 20 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
src/Cedar/Proto_PPP.c
View File

@ -257,7 +257,8 @@ void PPPThread(THREAD *thread, void *param)
case PPP_EAP_TYPE_TLS: case PPP_EAP_TYPE_TLS:
// Sending TLS Start... // Sending TLS Start...
flags |= PPP_EAP_TLS_FLAG_SSLSTARTED; flags |= PPP_EAP_TLS_FLAG_SSLSTARTED;
lcpEap = BuildEAPTlsRequest(p->Eap_PacketId++, 0, flags); p->Eap_PacketId = p->NextId++;
lcpEap = BuildEAPTlsRequest(p->Eap_PacketId, 0, flags);
PPPSetStatus(p, PPP_STATUS_AUTHENTICATING); PPPSetStatus(p, PPP_STATUS_AUTHENTICATING);
if (!PPPSendAndRetransmitRequest(p, PPP_PROTOCOL_EAP, lcpEap)) if (!PPPSendAndRetransmitRequest(p, PPP_PROTOCOL_EAP, lcpEap))
{ {
@ -269,7 +270,8 @@ void PPPThread(THREAD *thread, void *param)
case PPP_EAP_TYPE_IDENTITY: case PPP_EAP_TYPE_IDENTITY:
default: // We treat the unspecified protocol as the IDENTITY protocol default: // We treat the unspecified protocol as the IDENTITY protocol
p->Eap_Protocol = PPP_EAP_TYPE_IDENTITY; p->Eap_Protocol = PPP_EAP_TYPE_IDENTITY;
lcpEap = BuildEAPPacketEx(PPP_EAP_CODE_REQUEST, p->Eap_PacketId++, PPP_EAP_TYPE_IDENTITY, StrLen(welcomeMessage) + 1); p->Eap_PacketId = p->NextId++;
lcpEap = BuildEAPPacketEx(PPP_EAP_CODE_REQUEST, p->Eap_PacketId, PPP_EAP_TYPE_IDENTITY, StrLen(welcomeMessage) + 1);
eapPacket = lcpEap->Data; eapPacket = lcpEap->Data;
Copy(eapPacket->Data, welcomeMessage, StrLen(welcomeMessage)); Copy(eapPacket->Data, welcomeMessage, StrLen(welcomeMessage));
PPPSetStatus(p, PPP_STATUS_AUTHENTICATING); PPPSetStatus(p, PPP_STATUS_AUTHENTICATING);
@ -1251,7 +1253,8 @@ bool PPPProcessEAPResponsePacket(PPP_SESSION *p, PPP_PACKET *pp, PPP_PACKET *req
eap = req->Lcp->Data; eap = req->Lcp->Data;
if (eap->Type == PPP_EAP_TYPE_TLS) if (eap->Type == PPP_EAP_TYPE_TLS)
{ {
PPP_LCP *lcp = BuildEAPTlsRequest(p->Eap_PacketId++, 0, PPP_EAP_TLS_FLAG_NONE); p->Eap_PacketId = p->NextId++;
PPP_LCP *lcp = BuildEAPTlsRequest(p->Eap_PacketId, 0, PPP_EAP_TLS_FLAG_NONE);
if (!PPPSendAndRetransmitRequest(p, PPP_PROTOCOL_EAP, lcp)) if (!PPPSendAndRetransmitRequest(p, PPP_PROTOCOL_EAP, lcp))
{ {
PPPSetStatus(p, PPP_STATUS_FAIL); PPPSetStatus(p, PPP_STATUS_FAIL);
@ -3218,7 +3221,8 @@ bool PPPProcessEAPTlsResponse(PPP_SESSION *p, PPP_EAP *eap_packet, UINT eapTlsSi
dataSize = sizeLeft; dataSize = sizeLeft;
flags = PPP_EAP_TLS_FLAG_NONE; // Clearing the M flag because it is the last packet flags = PPP_EAP_TLS_FLAG_NONE; // Clearing the M flag because it is the last packet
} }
lcp = BuildEAPTlsRequest(p->Eap_PacketId++, dataSize, flags); p->Eap_PacketId = p->NextId++;
lcp = BuildEAPTlsRequest(p->Eap_PacketId, dataSize, flags);
eap = lcp->Data; eap = lcp->Data;
Copy(eap->Tls.TlsDataWithoutLength, p->Eap_TlsCtx.CachedBufferSendPntr, dataSize); Copy(eap->Tls.TlsDataWithoutLength, p->Eap_TlsCtx.CachedBufferSendPntr, dataSize);
p->Eap_TlsCtx.CachedBufferSendPntr += (UINT64)dataSize; p->Eap_TlsCtx.CachedBufferSendPntr += (UINT64)dataSize;
@ -3252,7 +3256,8 @@ bool PPPProcessEAPTlsResponse(PPP_SESSION *p, PPP_EAP *eap_packet, UINT eapTlsSi
/*if (!p->Eap_TlsCtx.SslPipe->IsDisconnected) /*if (!p->Eap_TlsCtx.SslPipe->IsDisconnected)
{ {
dataSize = FifoSize(p->Eap_TlsCtx.SslPipe->RawOut->RecvFifo); dataSize = FifoSize(p->Eap_TlsCtx.SslPipe->RawOut->RecvFifo);
lcp = BuildEAPTlsRequest(p->Eap_PacketId++, dataSize, 0); p->Eap_PacketId = p->NextId++;
lcp = BuildEAPTlsRequest(p->Eap_PacketId, dataSize, 0);
eap = lcp->Data; eap = lcp->Data;
ReadFifo(p->Eap_TlsCtx.SslPipe->RawOut->RecvFifo, &(eap->Tls.TlsDataWithoutLength), dataSize); ReadFifo(p->Eap_TlsCtx.SslPipe->RawOut->RecvFifo, &(eap->Tls.TlsDataWithoutLength), dataSize);
if (!PPPSendAndRetransmitRequest(p, PPP_PROTOCOL_EAP, lcp)) if (!PPPSendAndRetransmitRequest(p, PPP_PROTOCOL_EAP, lcp))
@ -3275,7 +3280,7 @@ bool PPPProcessEAPTlsResponse(PPP_SESSION *p, PPP_EAP *eap_packet, UINT eapTlsSi
if (ipc != NULL) if (ipc != NULL)
{ {
PPP_PACKET *pack; PPP_PACKET *pack;
UINT identificator = p->Eap_PacketId - 1; // THIS IS A HACK TO SUPPORT VPN Client Pro on Android!!! UINT identificator = p->Eap_PacketId;
p->Ipc = ipc; p->Ipc = ipc;
PPPSetStatus(p, PPP_STATUS_AUTH_SUCCESS); PPPSetStatus(p, PPP_STATUS_AUTH_SUCCESS);
@ -3298,7 +3303,7 @@ bool PPPProcessEAPTlsResponse(PPP_SESSION *p, PPP_EAP *eap_packet, UINT eapTlsSi
else else
{ {
PPP_PACKET *pack; PPP_PACKET *pack;
UINT identificator = p->Eap_PacketId - 1; // THIS IS A HACK TO SUPPORT VPN Client Pro on Android!!! UINT identificator = p->Eap_PacketId;
PPPSetStatus(p, PPP_STATUS_AUTH_FAIL); PPPSetStatus(p, PPP_STATUS_AUTH_FAIL);
@ -3321,7 +3326,8 @@ bool PPPProcessEAPTlsResponse(PPP_SESSION *p, PPP_EAP *eap_packet, UINT eapTlsSi
{ {
// Some clients needs a little help it seems - namely VPN Client Pro on Android // Some clients needs a little help it seems - namely VPN Client Pro on Android
flags |= PPP_EAP_TLS_FLAG_SSLSTARTED; flags |= PPP_EAP_TLS_FLAG_SSLSTARTED;
lcp = BuildEAPTlsRequest(p->Eap_PacketId++, 0, flags); p->Eap_PacketId = p->NextId++;
lcp = BuildEAPTlsRequest(p->Eap_PacketId, 0, flags);
PPPSetStatus(p, PPP_STATUS_AUTHENTICATING); PPPSetStatus(p, PPP_STATUS_AUTHENTICATING);
if (!PPPSendAndRetransmitRequest(p, PPP_PROTOCOL_EAP, lcp)) if (!PPPSendAndRetransmitRequest(p, PPP_PROTOCOL_EAP, lcp))
{ {
@ -3399,7 +3405,8 @@ bool PPPProcessEAPTlsResponse(PPP_SESSION *p, PPP_EAP *eap_packet, UINT eapTlsSi
// Just acknoweldge that we buffered the fragmented data // Just acknoweldge that we buffered the fragmented data
if (isFragmented) if (isFragmented)
{ {
PPP_LCP *lcp = BuildEAPPacketEx(PPP_EAP_CODE_REQUEST, p->Eap_PacketId++, PPP_EAP_TYPE_TLS, 0); p->Eap_PacketId = p->NextId++;
PPP_LCP *lcp = BuildEAPPacketEx(PPP_EAP_CODE_REQUEST, p->Eap_PacketId, PPP_EAP_TYPE_TLS, 0);
if (!PPPSendAndRetransmitRequest(p, PPP_PROTOCOL_EAP, lcp)) if (!PPPSendAndRetransmitRequest(p, PPP_PROTOCOL_EAP, lcp))
{ {
PPPSetStatus(p, PPP_STATUS_FAIL); PPPSetStatus(p, PPP_STATUS_FAIL);
@ -3445,7 +3452,8 @@ bool PPPProcessEAPTlsResponse(PPP_SESSION *p, PPP_EAP *eap_packet, UINT eapTlsSi
dataSize = p->Mru1 - 8 - 1 - 1 - 4; // Calculating the maximum payload size (adjusting for including TlsLength) dataSize = p->Mru1 - 8 - 1 - 1 - 4; // Calculating the maximum payload size (adjusting for including TlsLength)
flags = PPP_EAP_TLS_FLAG_TLS_LENGTH; // L flag flags = PPP_EAP_TLS_FLAG_TLS_LENGTH; // L flag
flags |= PPP_EAP_TLS_FLAG_FRAGMENTED; // M flag flags |= PPP_EAP_TLS_FLAG_FRAGMENTED; // M flag
lcp = BuildEAPTlsRequest(p->Eap_PacketId++, dataSize, flags); p->Eap_PacketId = p->NextId++;
lcp = BuildEAPTlsRequest(p->Eap_PacketId, dataSize, flags);
eap = lcp->Data; eap = lcp->Data;
eap->Tls.TlsDataWithLength.TlsLength = Endian32(tlsLength); eap->Tls.TlsDataWithLength.TlsLength = Endian32(tlsLength);
Copy(eap->Tls.TlsDataWithLength.Data, p->Eap_TlsCtx.CachedBufferSend, dataSize); Copy(eap->Tls.TlsDataWithLength.Data, p->Eap_TlsCtx.CachedBufferSend, dataSize);
@ -3460,7 +3468,8 @@ bool PPPProcessEAPTlsResponse(PPP_SESSION *p, PPP_EAP *eap_packet, UINT eapTlsSi
} }
else else
{ {
lcp = BuildEAPTlsRequest(p->Eap_PacketId++, dataSize, 0); p->Eap_PacketId = p->NextId++;
lcp = BuildEAPTlsRequest(p->Eap_PacketId, dataSize, 0);
eap = lcp->Data; eap = lcp->Data;
ReadFifo(p->Eap_TlsCtx.SslPipe->RawOut->RecvFifo, &(eap->Tls.TlsDataWithoutLength), dataSize); ReadFifo(p->Eap_TlsCtx.SslPipe->RawOut->RecvFifo, &(eap->Tls.TlsDataWithoutLength), dataSize);
if (!PPPSendAndRetransmitRequest(p, PPP_PROTOCOL_EAP, lcp)) if (!PPPSendAndRetransmitRequest(p, PPP_PROTOCOL_EAP, lcp))