diff --git a/src/Cedar/Cedar.h b/src/Cedar/Cedar.h index 558380f9..083770c4 100644 --- a/src/Cedar/Cedar.h +++ b/src/Cedar/Cedar.h @@ -135,10 +135,10 @@ // Version number -#define CEDAR_VER 424 +#define CEDAR_VER 425 // Build Number -#define CEDAR_BUILD 9652 +#define CEDAR_BUILD 9656 // Beta number //#define BETA_NUMBER 3 @@ -157,12 +157,12 @@ #endif // BUILD_PLACE // Specifies the build date -#define BUILD_DATE_Y 2017 -#define BUILD_DATE_M 12 -#define BUILD_DATE_D 21 -#define BUILD_DATE_HO 10 -#define BUILD_DATE_MI 34 -#define BUILD_DATE_SE 43 +#define BUILD_DATE_Y 2018 +#define BUILD_DATE_M 1 +#define BUILD_DATE_D 15 +#define BUILD_DATE_HO 9 +#define BUILD_DATE_MI 33 +#define BUILD_DATE_SE 22 // Tolerable time difference #define ALLOW_TIMESTAMP_DIFF (UINT64)(3 * 24 * 60 * 60 * 1000) diff --git a/src/Cedar/IPsec_L2TP.c b/src/Cedar/IPsec_L2TP.c index 79860153..e036e1a5 100644 --- a/src/Cedar/IPsec_L2TP.c +++ b/src/Cedar/IPsec_L2TP.c @@ -792,6 +792,12 @@ L2TP_PACKET *ParseL2TPPacket(UDPPACKET *p) size -= 2; a.DataSize = a.Length - 6; + + if (a.DataSize > size) + { + goto LABEL_ERROR; + } + a.Data = Clone(buf, a.DataSize); buf += a.DataSize; diff --git a/src/Cedar/IPsec_PPP.c b/src/Cedar/IPsec_PPP.c index e34f3d84..10a07e7a 100644 --- a/src/Cedar/IPsec_PPP.c +++ b/src/Cedar/IPsec_PPP.c @@ -291,7 +291,7 @@ void PPPThread(THREAD *thread, void *param) ReadBuf(b, client_response_buffer, 49); Zero(username_tmp, sizeof(username_tmp)); - ReadBuf(b, username_tmp, sizeof(username_tmp)); + ReadBuf(b, username_tmp, sizeof(username_tmp) - 1); Debug("First MS-CHAPv2: id=%s\n", username_tmp); @@ -977,7 +977,7 @@ PPP_PACKET *PPPProcessRequestPacket(PPP_SESSION *p, PPP_PACKET *req) ReadBuf(b, client_response_buffer, 49); Zero(username_tmp, sizeof(username_tmp)); - ReadBuf(b, username_tmp, sizeof(username_tmp)); + ReadBuf(b, username_tmp, sizeof(username_tmp) - 1); client_challenge_16 = client_response_buffer + 0; client_response_24 = client_response_buffer + 16 + 8; diff --git a/src/Cedar/Interop_OpenVPN.c b/src/Cedar/Interop_OpenVPN.c index 000a55a1..11e86a90 100644 --- a/src/Cedar/Interop_OpenVPN.c +++ b/src/Cedar/Interop_OpenVPN.c @@ -2840,7 +2840,7 @@ bool OvsPerformTcpServer(CEDAR *cedar, SOCK *sock) { void *ptr = FifoPtr(tcp_recv_fifo); USHORT packet_size = READ_USHORT(ptr); - if (packet_size <= OPENVPN_TCP_MAX_PACKET_SIZE) + if (packet_size != 0 && packet_size <= OPENVPN_TCP_MAX_PACKET_SIZE) { UINT total_len = (UINT)packet_size + sizeof(USHORT); if (r >= total_len) diff --git a/src/Cedar/Radius.c b/src/Cedar/Radius.c index 4b09f600..8740e753 100644 --- a/src/Cedar/Radius.c +++ b/src/Cedar/Radius.c @@ -1827,6 +1827,13 @@ bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT sec if (encrypted_password == NULL) { // Encryption failure + + // Release the ip_list + for(i = 0; i < LIST_NUM(ip_list); i++) + { + IP *tmp_ip = LIST_DATA(ip_list, i); + Free(tmp_ip); + } ReleaseList(ip_list); return false; } diff --git a/src/Cedar/Virtual.c b/src/Cedar/Virtual.c index 7cf3b840..e28a7733 100644 --- a/src/Cedar/Virtual.c +++ b/src/Cedar/Virtual.c @@ -2250,6 +2250,7 @@ BUF *NnReadDnsRecord(BUF *buf, bool answer, USHORT *ret_type, USHORT *ret_class) data = Malloc(data_len); if (ReadBuf(buf, data, data_len) != data_len) { + Free(data); return false; } diff --git a/src/CurrentBuild.txt b/src/CurrentBuild.txt index da37d18d..33b61513 100644 --- a/src/CurrentBuild.txt +++ b/src/CurrentBuild.txt @@ -1,4 +1,4 @@ -BUILD_NUMBER 9652 -VERSION 424 -BUILD_NAME beta -BUILD_DATE 20171221_103443 +BUILD_NUMBER 9656 +VERSION 425 +BUILD_NAME rtm +BUILD_DATE 20180115_093322 diff --git a/src/Mayaqua/Encrypt.c b/src/Mayaqua/Encrypt.c index 587f7d80..f3b3908e 100644 --- a/src/Mayaqua/Encrypt.c +++ b/src/Mayaqua/Encrypt.c @@ -1981,6 +1981,18 @@ X509 *NewX509(K *pub, K *priv, X *ca, NAME *name, UINT days, X_SERIAL *serial) X509_EXTENSION_free(eku); } + // Alternative subject name + if (UniIsEmptyStr(name->CommonName) == false) + { + char alt_dns[MAX_PATH]; + + Format(alt_dns, sizeof(alt_dns), "DNS.1:%S", name->CommonName); + + ex = X509V3_EXT_conf_nid(NULL, NULL, NID_subject_alt_name, alt_dns); + X509_add_ext(x509, ex, -1); + X509_EXTENSION_free(ex); + } + Lock(openssl_lock); { // Set the public key diff --git a/src/Mayaqua/Memory.c b/src/Mayaqua/Memory.c index 15d8fb31..9aff9345 100644 --- a/src/Mayaqua/Memory.c +++ b/src/Mayaqua/Memory.c @@ -4313,6 +4313,21 @@ void Copy(void *dst, void *src, UINT size) memcpy(dst, src, size); } +// Memory move +void Move(void *dst, void *src, UINT size) +{ + // Validate arguments + if (dst == NULL || src == NULL || size == 0 || dst == src) + { + return; + } + + // KS + KS_INC(KS_COPY_COUNT); + + memmove(dst, src, size); +} + // Memory comparison int Cmp(void *p1, void *p2, UINT size) { diff --git a/src/Mayaqua/Memory.h b/src/Mayaqua/Memory.h index d705adcb..630273cf 100644 --- a/src/Mayaqua/Memory.h +++ b/src/Mayaqua/Memory.h @@ -284,6 +284,7 @@ void *InternalReAlloc(void *addr, UINT size); void InternalFree(void *addr); void Copy(void *dst, void *src, UINT size); +void Move(void *dst, void *src, UINT size); int Cmp(void *p1, void *p2, UINT size); int CmpCaseIgnore(void *p1, void *p2, UINT size); void ZeroMem(void *addr, UINT size); diff --git a/src/Mayaqua/Network.c b/src/Mayaqua/Network.c index 85a67d6c..f5c12825 100644 --- a/src/Mayaqua/Network.c +++ b/src/Mayaqua/Network.c @@ -7373,7 +7373,7 @@ bool StrToIP6(IP *ip, char *str) if (StartWith(tmp, "[") && EndWith(tmp, "]")) { // If the string is enclosed in square brackets, remove brackets - StrCpy(tmp, sizeof(tmp), &tmp[1]); + StrCpyAllowOverlap(tmp, sizeof(tmp), &tmp[1]); if (StrLen(tmp) >= 1) { @@ -12691,6 +12691,14 @@ bool RecvAll(SOCK *sock, void *data, UINT size, bool secure) { return false; } + if (ret == SOCK_LATER) + { + // I suppose that this is safe because the RecvAll() function is used only + // if the sock->AsyncMode == true. And the Recv() function may return + // SOCK_LATER only if the sock->AsyncMode == false. Therefore the call of + // Recv() function in the RecvAll() function never returns SOCK_LATER. + return false; + } recv_size += ret; if (recv_size >= size) { @@ -17590,7 +17598,7 @@ void IPToInAddr6(struct in6_addr *addr, IP *ip) return; } - Zero(addr, sizeof(struct in_addr)); + Zero(addr, sizeof(struct in6_addr)); if (IsIP6(ip)) { diff --git a/src/Mayaqua/Pack.c b/src/Mayaqua/Pack.c index 3caafc8a..35a50a5c 100644 --- a/src/Mayaqua/Pack.c +++ b/src/Mayaqua/Pack.c @@ -354,7 +354,7 @@ VALUE *ReadValue(BUF *b, UINT type) break; case VALUE_STR: // ANSI string len = ReadBufInt(b); - if ((len + 1) > MAX_VALUE_SIZE) + if (len > (MAX_VALUE_SIZE - 1)) { // Size over break; diff --git a/src/Mayaqua/Str.c b/src/Mayaqua/Str.c index 1e5d14d8..0e1783db 100644 --- a/src/Mayaqua/Str.c +++ b/src/Mayaqua/Str.c @@ -3346,6 +3346,54 @@ UINT StrCpy(char *dst, UINT size, char *src) return len; } +UINT StrCpyAllowOverlap(char *dst, UINT size, char *src) +{ + UINT len; + // Validate arguments + if (dst == src) + { + return StrLen(src); + } + if (dst == NULL || src == NULL) + { + if (src == NULL && dst != NULL) + { + if (size >= 1) + { + dst[0] = '\0'; + } + } + return 0; + } + if (size == 1) + { + dst[0] = '\0'; + return 0; + } + if (size == 0) + { + // Ignore the length + size = 0x7fffffff; + } + + // Check the length + len = StrLen(src); + if (len <= (size - 1)) + { + Move(dst, src, len + 1); + } + else + { + len = size - 1; + Move(dst, src, len); + dst[len] = '\0'; + } + + // KS + KS_INC(KS_STRCPY_COUNT); + + return len; +} // Check whether the string buffer is within the specified size bool StrCheckSize(char *str, UINT size) diff --git a/src/Mayaqua/Str.h b/src/Mayaqua/Str.h index ad5b0cb5..a81f2784 100644 --- a/src/Mayaqua/Str.h +++ b/src/Mayaqua/Str.h @@ -135,6 +135,7 @@ UINT StrSize(char *str); bool StrCheckLen(char *str, UINT len); bool StrCheckSize(char *str, UINT size); UINT StrCpy(char *dst, UINT size, char *src); +UINT StrCpyAllowOverlap(char *dst, UINT size, char *src); UINT StrCat(char *dst, UINT size, char *src); UINT StrCatLeft(char *dst, UINT size, char *src); char ToLower(char c); diff --git a/src/Mayaqua/TcpIp.c b/src/Mayaqua/TcpIp.c index ba455edc..3c890d54 100644 --- a/src/Mayaqua/TcpIp.c +++ b/src/Mayaqua/TcpIp.c @@ -174,14 +174,14 @@ ICMP_RESULT *IcmpParseResult(IP *dest_ip, USHORT src_id, USHORT src_seqno, UCHAR if (true) { UINT ip_header_size = GetIpHeaderSize(recv_buffer, i); - if (ip_header_size >= sizeof(IPV4_HEADER)) + if (ip_header_size >= sizeof(IPV4_HEADER) && (ip_header_size <= i)) { IPV4_HEADER *ipv4 = (IPV4_HEADER *)recv_buffer; if ((IPV4_GET_VERSION(ipv4) == 4) && (ipv4->Protocol == IP_PROTO_ICMPV4)) { UINT ip_total_len = (UINT)Endian16(ipv4->TotalLength); - if ((ip_total_len >= sizeof(IPV4_HEADER)) && (ip_total_len <= i)) + if ((ip_total_len >= sizeof(IPV4_HEADER)) && (ip_total_len <= i) && (ip_total_len >= ip_header_size)) { UINT icmp_packet_size = ip_total_len - ip_header_size; ICMP_HEADER *icmp = (ICMP_HEADER *)(recv_buffer + ip_header_size); @@ -1957,7 +1957,7 @@ void CorrectChecksum(PKT *p) { udp->Checksum = 0; - if ((IPV4_GET_FLAGS(v4) & 0x01) == 0) + if ((IPV4_GET_FLAGS(v4) & 0x01) == 0 && (p->IPv4PayloadSize >= udp_len)) { // Calculate the checksum correctly based on the data in case of a non-fragmented packet udp->Checksum = CalcChecksumForIPv4(v4->SrcIP, v4->DstIP, IP_PROTO_UDP, udp, udp_len, 0); @@ -2023,7 +2023,7 @@ void CorrectChecksum(PKT *p) { udp->Checksum = 0; - if (v6info->FragmentHeader == NULL || ((IPV6_GET_FLAGS(v6info->FragmentHeader) & IPV6_FRAGMENT_HEADER_FLAG_MORE_FRAGMENTS) == 0)) + if ((v6info->FragmentHeader == NULL || ((IPV6_GET_FLAGS(v6info->FragmentHeader) & IPV6_FRAGMENT_HEADER_FLAG_MORE_FRAGMENTS) == 0)) && (v6info->PayloadSize >= udp_len)) { // If the packet is not fragmented, recalculate the checksum udp->Checksum = CalcChecksumForIPv6(&v6->SrcAddress, &v6->DestAddress, IP_PROTO_UDP, udp, udp_len, 0); @@ -2868,6 +2868,7 @@ PKT *ParsePacketIPv4WithDummyMacHeader(UCHAR *buf, UINT size) { UCHAR *tmp; UINT tmp_size; + PKT *ret; // Validate arguments if (buf == NULL) { @@ -2880,7 +2881,14 @@ PKT *ParsePacketIPv4WithDummyMacHeader(UCHAR *buf, UINT size) WRITE_USHORT(tmp + 12, MAC_PROTO_IPV4); Copy(tmp + 14, buf, size); - return ParsePacket(tmp, tmp_size); + ret = ParsePacket(tmp, tmp_size); + + if (ret == NULL) + { + Free(tmp); + } + + return ret; } // IPv4 parsing diff --git a/src/Mayaqua/Win32.c b/src/Mayaqua/Win32.c index 45c7d1b0..62dea990 100644 --- a/src/Mayaqua/Win32.c +++ b/src/Mayaqua/Win32.c @@ -548,7 +548,7 @@ DIRLIST *Win32EnumDirExW(wchar_t *dirname, COMPARE *compare) UniStrCpy(tmp2, sizeof(tmp2), dirname); - if (UniStrLen(tmp2) >= 1 && tmp[UniStrLen(tmp2) - 1] == L'\\') + if (UniStrLen(tmp2) >= 1 && tmp2[UniStrLen(tmp2) - 1] == L'\\') { tmp2[UniStrLen(tmp2) - 1] = 0; } diff --git a/src/bin/vpnweb.cab b/src/bin/vpnweb.cab index ca1ccb2a..e4b23f85 100644 Binary files a/src/bin/vpnweb.cab and b/src/bin/vpnweb.cab differ diff --git a/src/bin/vpnweb.ocx b/src/bin/vpnweb.ocx index 0e012e23..8facfbf6 100644 Binary files a/src/bin/vpnweb.ocx and b/src/bin/vpnweb.ocx differ diff --git a/src/makefiles/freebsd_32bit.mak b/src/makefiles/freebsd_32bit.mak index ff6e5768..5a7a1b77 100644 --- a/src/makefiles/freebsd_32bit.mak +++ b/src/makefiles/freebsd_32bit.mak @@ -1,7 +1,7 @@ # SoftEther VPN Source Code # -# Copyright (c) 2012-2017 SoftEther VPN Project at University of Tsukuba, Japan. -# Copyright (c) 2012-2017 Daiyuu Nobori. +# Copyright (c) 2012-2018 SoftEther VPN Project at University of Tsukuba, Japan. +# Copyright (c) 2012-2018 Daiyuu Nobori. # All Rights Reserved. # # http://www.softether.org/ diff --git a/src/makefiles/freebsd_64bit.mak b/src/makefiles/freebsd_64bit.mak index 10f06422..bcc8e409 100644 --- a/src/makefiles/freebsd_64bit.mak +++ b/src/makefiles/freebsd_64bit.mak @@ -1,7 +1,7 @@ # SoftEther VPN Source Code # -# Copyright (c) 2012-2017 SoftEther VPN Project at University of Tsukuba, Japan. -# Copyright (c) 2012-2017 Daiyuu Nobori. +# Copyright (c) 2012-2018 SoftEther VPN Project at University of Tsukuba, Japan. +# Copyright (c) 2012-2018 Daiyuu Nobori. # All Rights Reserved. # # http://www.softether.org/ diff --git a/src/makefiles/linux_32bit.mak b/src/makefiles/linux_32bit.mak index 7addd221..fb483fd0 100644 --- a/src/makefiles/linux_32bit.mak +++ b/src/makefiles/linux_32bit.mak @@ -1,7 +1,7 @@ # SoftEther VPN Source Code # -# Copyright (c) 2012-2017 SoftEther VPN Project at University of Tsukuba, Japan. -# Copyright (c) 2012-2017 Daiyuu Nobori. +# Copyright (c) 2012-2018 SoftEther VPN Project at University of Tsukuba, Japan. +# Copyright (c) 2012-2018 Daiyuu Nobori. # All Rights Reserved. # # http://www.softether.org/ diff --git a/src/makefiles/linux_64bit.mak b/src/makefiles/linux_64bit.mak index c473c1ec..66d2718d 100644 --- a/src/makefiles/linux_64bit.mak +++ b/src/makefiles/linux_64bit.mak @@ -1,7 +1,7 @@ # SoftEther VPN Source Code # -# Copyright (c) 2012-2017 SoftEther VPN Project at University of Tsukuba, Japan. -# Copyright (c) 2012-2017 Daiyuu Nobori. +# Copyright (c) 2012-2018 SoftEther VPN Project at University of Tsukuba, Japan. +# Copyright (c) 2012-2018 Daiyuu Nobori. # All Rights Reserved. # # http://www.softether.org/ diff --git a/src/makefiles/macos_32bit.mak b/src/makefiles/macos_32bit.mak index 990f5f3c..417d1eb0 100644 --- a/src/makefiles/macos_32bit.mak +++ b/src/makefiles/macos_32bit.mak @@ -1,7 +1,7 @@ # SoftEther VPN Source Code # -# Copyright (c) 2012-2017 SoftEther VPN Project at University of Tsukuba, Japan. -# Copyright (c) 2012-2017 Daiyuu Nobori. +# Copyright (c) 2012-2018 SoftEther VPN Project at University of Tsukuba, Japan. +# Copyright (c) 2012-2018 Daiyuu Nobori. # All Rights Reserved. # # http://www.softether.org/ diff --git a/src/makefiles/macos_64bit.mak b/src/makefiles/macos_64bit.mak index dfffc565..f5f53489 100644 --- a/src/makefiles/macos_64bit.mak +++ b/src/makefiles/macos_64bit.mak @@ -1,7 +1,7 @@ # SoftEther VPN Source Code # -# Copyright (c) 2012-2017 SoftEther VPN Project at University of Tsukuba, Japan. -# Copyright (c) 2012-2017 Daiyuu Nobori. +# Copyright (c) 2012-2018 SoftEther VPN Project at University of Tsukuba, Japan. +# Copyright (c) 2012-2018 Daiyuu Nobori. # All Rights Reserved. # # http://www.softether.org/ diff --git a/src/makefiles/openbsd_32bit.mak b/src/makefiles/openbsd_32bit.mak index 5fbfc5a1..8c7a788c 100644 --- a/src/makefiles/openbsd_32bit.mak +++ b/src/makefiles/openbsd_32bit.mak @@ -1,7 +1,7 @@ # SoftEther VPN Source Code # -# Copyright (c) 2012-2017 SoftEther VPN Project at University of Tsukuba, Japan. -# Copyright (c) 2012-2017 Daiyuu Nobori. +# Copyright (c) 2012-2018 SoftEther VPN Project at University of Tsukuba, Japan. +# Copyright (c) 2012-2018 Daiyuu Nobori. # All Rights Reserved. # # http://www.softether.org/ diff --git a/src/makefiles/openbsd_64bit.mak b/src/makefiles/openbsd_64bit.mak index b9795fd5..e21bc73c 100644 --- a/src/makefiles/openbsd_64bit.mak +++ b/src/makefiles/openbsd_64bit.mak @@ -1,7 +1,7 @@ # SoftEther VPN Source Code # -# Copyright (c) 2012-2017 SoftEther VPN Project at University of Tsukuba, Japan. -# Copyright (c) 2012-2017 Daiyuu Nobori. +# Copyright (c) 2012-2018 SoftEther VPN Project at University of Tsukuba, Japan. +# Copyright (c) 2012-2018 Daiyuu Nobori. # All Rights Reserved. # # http://www.softether.org/ diff --git a/src/makefiles/solaris_32bit.mak b/src/makefiles/solaris_32bit.mak index 7e28b4c2..fdcf42c0 100644 --- a/src/makefiles/solaris_32bit.mak +++ b/src/makefiles/solaris_32bit.mak @@ -1,7 +1,7 @@ # SoftEther VPN Source Code # -# Copyright (c) 2012-2017 SoftEther VPN Project at University of Tsukuba, Japan. -# Copyright (c) 2012-2017 Daiyuu Nobori. +# Copyright (c) 2012-2018 SoftEther VPN Project at University of Tsukuba, Japan. +# Copyright (c) 2012-2018 Daiyuu Nobori. # All Rights Reserved. # # http://www.softether.org/ diff --git a/src/makefiles/solaris_64bit.mak b/src/makefiles/solaris_64bit.mak index 572b83d1..df63553d 100644 --- a/src/makefiles/solaris_64bit.mak +++ b/src/makefiles/solaris_64bit.mak @@ -1,7 +1,7 @@ # SoftEther VPN Source Code # -# Copyright (c) 2012-2017 SoftEther VPN Project at University of Tsukuba, Japan. -# Copyright (c) 2012-2017 Daiyuu Nobori. +# Copyright (c) 2012-2018 SoftEther VPN Project at University of Tsukuba, Japan. +# Copyright (c) 2012-2018 Daiyuu Nobori. # All Rights Reserved. # # http://www.softether.org/ diff --git a/src/vpnweb/vpnweb.h b/src/vpnweb/vpnweb.h index 52df4f12..7cd3a705 100644 --- a/src/vpnweb/vpnweb.h +++ b/src/vpnweb/vpnweb.h @@ -4,7 +4,7 @@ /* File created by MIDL compiler version 7.00.0500 */ -/* at Thu Dec 21 10:34:58 2017 +/* at Mon Jan 15 09:33:38 2018 */ /* Compiler settings for .\vpnweb.idl: Oicf, W1, Zp8, env=Win32 (32b run) diff --git a/src/vpnweb/vpnweb_i.c b/src/vpnweb/vpnweb_i.c index 16c14b71..cff28a70 100644 --- a/src/vpnweb/vpnweb_i.c +++ b/src/vpnweb/vpnweb_i.c @@ -6,7 +6,7 @@ /* File created by MIDL compiler version 7.00.0500 */ -/* at Thu Dec 21 10:34:58 2017 +/* at Mon Jan 15 09:33:38 2018 */ /* Compiler settings for .\vpnweb.idl: Oicf, W1, Zp8, env=Win32 (32b run) diff --git a/src/vpnweb/vpnweb_p.c b/src/vpnweb/vpnweb_p.c index 2fcbda11..06b9728b 100644 --- a/src/vpnweb/vpnweb_p.c +++ b/src/vpnweb/vpnweb_p.c @@ -4,7 +4,7 @@ /* File created by MIDL compiler version 7.00.0500 */ -/* at Thu Dec 21 10:34:58 2017 +/* at Mon Jan 15 09:33:38 2018 */ /* Compiler settings for .\vpnweb.idl: Oicf, W1, Zp8, env=Win32 (32b run)