AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2026-04-20 05:49:26 +03:00
Code Releases Activity

v4.06-9430-beta

Browse Source
This commit is contained in:
dnobori
2014-03-20 05:45:05 +09:00
parent dcd9b94381
commit cf2a6a42bc
557 changed files with 5422 additions and 637 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/Cedar/Account.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Account.c
src/Cedar/Account.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Account.h
src/Cedar/Admin.c
+51 -6
View File
@@ -16,7 +16,6 @@
// - ELIN (https://github.com/el1n)
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -87,6 +86,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Admin.c
@@ -1716,7 +1722,7 @@ UINT StGetAdminMsg(ADMIN *a, RPC_MSG *t)
if (
c->Bridge == false)
{
if (GetCurrentLangId() != SE_LANG_ENGLISH)
if (GetGlobalServerFlag(GSF_SHOW_OSS_MSG) != 0)
{
UniStrCat(tmp, tmpsize, _UU("OSS_MSG"));
}
@@ -2179,6 +2185,11 @@ UINT StSetAcList(ADMIN *a, RPC_AC_LIST *t)
return ERR_NOT_SUPPORTED;
}
if (GetGlobalServerFlag(GSF_DISABLE_AC) != 0 && LIST_NUM(t->o) >= 1)
{
return ERR_NOT_SUPPORTED_FUNCTION_ON_OPENSOURCE;
}
CHECK_RIGHT;
NO_SUPPORT_FOR_BRIDGE;
if (s->ServerType == SERVER_TYPE_FARM_MEMBER)
@@ -3620,6 +3631,11 @@ UINT StSetSysLog(ADMIN *a, SYSLOG_SETTING *t)
SERVER_ADMIN_ONLY;
if (GetGlobalServerFlag(GSF_DISABLE_SYSLOG) != 0 && t->SaveType != SYSLOG_NONE)
{
return ERR_NOT_SUPPORTED_FUNCTION_ON_OPENSOURCE;
}
if (GetServerCapsBool(s, "b_support_syslog") == false)
{
return ERR_NOT_SUPPORTED;
@@ -5017,9 +5033,12 @@ UINT StSetUser(ADMIN *a, RPC_SET_USER *t)
CHECK_RIGHT;
if (t->AuthType == AUTHTYPE_USERCERT || t->AuthType == AUTHTYPE_RADIUS || t->AuthType == AUTHTYPE_ROOTCERT || t->AuthType == AUTHTYPE_NT)
if (GetGlobalServerFlag(GSF_DISABLE_RADIUS_AUTH) != 0)
{
return ERR_NOT_SUPPORTED_AUTH_ON_OPENSOURCE;
if (t->AuthType == AUTHTYPE_USERCERT || t->AuthType == AUTHTYPE_RADIUS || t->AuthType == AUTHTYPE_ROOTCERT || t->AuthType == AUTHTYPE_NT)
{
return ERR_NOT_SUPPORTED_AUTH_ON_OPENSOURCE;
}
}
if (StrCmpi(t->Name, "*") == 0)
@@ -5147,9 +5166,12 @@ UINT StCreateUser(ADMIN *a, RPC_SET_USER *t)
CHECK_RIGHT;
if (t->AuthType == AUTHTYPE_USERCERT || t->AuthType == AUTHTYPE_RADIUS || t->AuthType == AUTHTYPE_ROOTCERT || t->AuthType == AUTHTYPE_NT)
if (GetGlobalServerFlag(GSF_DISABLE_RADIUS_AUTH) != 0)
{
return ERR_NOT_SUPPORTED_AUTH_ON_OPENSOURCE;
if (t->AuthType == AUTHTYPE_USERCERT || t->AuthType == AUTHTYPE_RADIUS || t->AuthType == AUTHTYPE_ROOTCERT || t->AuthType == AUTHTYPE_NT)
{
return ERR_NOT_SUPPORTED_AUTH_ON_OPENSOURCE;
}
}
if (t->AuthType == AUTHTYPE_USERCERT)
@@ -7254,6 +7276,7 @@ UINT StSetSecureNATOption(ADMIN *a, VH_OPTION *t)
SERVER *s = a->Server;
CEDAR *c = s->Cedar;
HUB *h;
char push_routes_str_old[MAX_DHCP_CLASSLESS_ROUTE_TABLE_STR_SIZE];
if (IsZero(t->MacAddress, sizeof(t->MacAddress)) ||
@@ -7266,6 +7289,17 @@ UINT StSetSecureNATOption(ADMIN *a, VH_OPTION *t)
{
return ERR_INVALID_PARAMETER;
}
if (GetServerCapsBool(s, "b_support_securenat") == false)
{
t->ApplyDhcpPushRoutes = false;
}
if (t->ApplyDhcpPushRoutes)
{
if (NormalizeClasslessRouteTableStr(t->DhcpPushRoutes, sizeof(t->DhcpPushRoutes), t->DhcpPushRoutes) == false)
{
return ERR_INVALID_PARAMETER;
}
}
CHECK_RIGHT;
@@ -7315,7 +7349,12 @@ UINT StSetSecureNATOption(ADMIN *a, VH_OPTION *t)
}
}
StrCpy(push_routes_str_old, sizeof(push_routes_str_old), h->SecureNATOption->DhcpPushRoutes);
Copy(h->SecureNATOption, t, sizeof(VH_OPTION));
if (t->ApplyDhcpPushRoutes == false)
{
StrCpy(h->SecureNATOption->DhcpPushRoutes, sizeof(h->SecureNATOption->DhcpPushRoutes), push_routes_str_old);
}
if (h->Type != HUB_TYPE_STANDALONE && h->Cedar != NULL && h->Cedar->Server != NULL &&
h->Cedar->Server->ServerType == SERVER_TYPE_FARM_CONTROLLER)
@@ -7381,6 +7420,7 @@ UINT StGetSecureNATOption(ADMIN *a, VH_OPTION *t)
Zero(t, sizeof(VH_OPTION));
StrCpy(t->HubName, sizeof(t->HubName), hubname);
Copy(t, h->SecureNATOption, sizeof(VH_OPTION));
t->ApplyDhcpPushRoutes = true;
ReleaseHub(h);
@@ -7617,6 +7657,11 @@ UINT StSetHubRadius(ADMIN *a, RPC_RADIUS *t)
return ERR_NOT_SUPPORTED;
}
if (GetGlobalServerFlag(GSF_DISABLE_RADIUS_AUTH) != 0 && IsEmptyStr(t->RadiusServerName) == false)
{
return ERR_NOT_SUPPORTED_FUNCTION_ON_OPENSOURCE;
}
CHECK_RIGHT;
LockHubList(c);
src/Cedar/Admin.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Admin.h
src/Cedar/AzureClient.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// AzureClient.c
src/Cedar/AzureClient.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// AzureClient.h
src/Cedar/AzureServer.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// AzureServer.c
src/Cedar/AzureServer.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// AzureServer.h
src/Cedar/Bridge.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Bridge.c
src/Cedar/Bridge.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Bridge.h
src/Cedar/BridgeUnix.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// BridgeUnix.c
src/Cedar/BridgeUnix.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// BridgeUnix.h
src/Cedar/BridgeWin32.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// BridgeWin32.c
src/Cedar/BridgeWin32.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// BridgeWin32.h
src/Cedar/CM.c
+69 -1
View File
@@ -16,7 +16,6 @@
// - ELIN (https://github.com/el1n)
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -87,6 +86,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// CM.c
@@ -6847,6 +6853,17 @@ void CmEditAccountDlgUpdate(HWND hWnd, CM_ACCOUNT *a)
GetTxtA(hWnd, E_HOSTNAME, a->ClientOption->Hostname, sizeof(a->ClientOption->Hostname));
Trim(a->ClientOption->Hostname);
if (InStr(a->ClientOption->Hostname, "/tcp"))
{
Check(hWnd, R_DISABLE_NATT, true);
}
else
{
Check(hWnd, R_DISABLE_NATT, false);
}
SetEnable(hWnd, R_DISABLE_NATT, !IsEmptyStr(a->ClientOption->Hostname));
// Port number
a->ClientOption->Port = GetInt(hWnd, C_PORT);
@@ -7278,6 +7295,15 @@ void CmEditAccountDlgInit(HWND hWnd, CM_ACCOUNT *a)
SetTextA(hWnd, E_HOSTNAME, a->ClientOption->Hostname);
StrCpy(a->old_server_name, sizeof(a->old_server_name), a->ClientOption->Hostname);
if (InStr(a->ClientOption->Hostname, "/tcp"))
{
Check(hWnd, R_DISABLE_NATT, true);
}
else
{
Check(hWnd, R_DISABLE_NATT, false);
}
// Port number
CbSetHeight(hWnd, C_PORT, 18);
CbAddStr(hWnd, C_PORT, _UU("CM_PORT_1"), 0);
@@ -7442,6 +7468,8 @@ UINT CmEditAccountDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, voi
NMHDR *n;
X *x;
K *k;
char tmp[MAX_PATH];
bool no_update_natt_check = false;
// Validate arguments
if (hWnd == NULL)
{
@@ -7483,6 +7511,39 @@ UINT CmEditAccountDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, voi
}
break;
case WM_COMMAND:
switch (wParam)
{
case R_DISABLE_NATT:
Zero(tmp, sizeof(tmp));
GetTxtA(hWnd, E_HOSTNAME, tmp, sizeof(tmp));
if (IsChecked(hWnd, R_DISABLE_NATT))
{
if (InStr(tmp, "/tcp") == false)
{
StrCat(tmp, sizeof(tmp), "/tcp");
SetTextA(hWnd, E_HOSTNAME, tmp);
}
}
else
{
if (InStr(tmp, "/tcp"))
{
UINT i = SearchStrEx(tmp, "/tcp", 0, false);
if (i != INFINITE)
{
tmp[i] = 0;
SetTextA(hWnd, E_HOSTNAME, tmp);
}
}
}
CmEditAccountDlgStartEnumHub(hWnd, a);
break;
}
switch (LOWORD(wParam))
{
case E_ACCOUNT_NAME:
@@ -7531,6 +7592,13 @@ UINT CmEditAccountDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, voi
break;
}
break;
case BN_PUSHED:
switch (LOWORD(wParam))
{
case R_DISABLE_NATT:
break;
}
break;
}
if (HIWORD(wParam) == 0)
{
src/Cedar/CM.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// CM.h
src/Cedar/CMInner.h
+7 -1
View File
@@ -16,7 +16,6 @@
// - ELIN (https://github.com/el1n)
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -87,6 +86,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// CMInner.h
src/Cedar/Cedar.c
+11 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Cedar.c
@@ -1246,6 +1252,8 @@ void CleanupCedar(CEDAR *c)
DeleteLock(c->OpenVPNPublicPortsLock);
DeleteLock(c->CurrentRegionLock);
Free(c);
}
@@ -1505,6 +1513,8 @@ CEDAR *NewCedar(X *server_x, K *server_k)
c->CedarSuperLock = NewLock();
c->CurrentRegionLock = NewLock();
#ifdef BETA_NUMBER
c->Beta = BETA_NUMBER;
#endif // BETA_NUMBER
src/Cedar/Cedar.h
+16 -8
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Cedar.h
@@ -114,10 +120,10 @@
// Version number
#define CEDAR_VER 405
#define CEDAR_VER 406
// Build Number
#define CEDAR_BUILD 9423
#define CEDAR_BUILD 9430
// Beta number
//#define BETA_NUMBER 3
@@ -137,11 +143,11 @@
// Specifies the build date
#define BUILD_DATE_Y 2014
#define BUILD_DATE_M 2
#define BUILD_DATE_D 18
#define BUILD_DATE_HO 19
#define BUILD_DATE_MI 9
#define BUILD_DATE_SE 44
#define BUILD_DATE_M 3
#define BUILD_DATE_D 20
#define BUILD_DATE_HO 4
#define BUILD_DATE_MI 8
#define BUILD_DATE_SE 6
// Tolerable time difference
#define ALLOW_TIMESTAMP_DIFF (UINT64)(3 * 24 * 60 * 60 * 1000)
@@ -1003,6 +1009,8 @@ typedef struct CEDAR
char CurrentDDnsFqdn[MAX_SIZE]; // FQDN of the current DDNS
char OpenVPNPublicPorts[MAX_SIZE]; // OpenVPN public UDP port list
LOCK *OpenVPNPublicPortsLock; // Lock of OpenVPN public UDP port list
LOCK *CurrentRegionLock; // Current region lock
char CurrentRegion[128]; // Current region
} CEDAR;
// Type of CEDAR
src/Cedar/CedarPch.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// CedarPch.c
src/Cedar/CedarPch.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// CedarPch.h
src/Cedar/CedarType.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// CedarType.h
src/Cedar/Client.c
+7 -1
View File
@@ -16,7 +16,6 @@
// - nattoheaven (https://github.com/nattoheaven)
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -87,6 +86,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Client.c
src/Cedar/Client.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Client.h
src/Cedar/Command.c
+27 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Command.c
@@ -18846,6 +18852,13 @@ UINT PsDhcpGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
// To save the log
CtInsert(ct, _UU("CMD_SecureNatHostGet_Column_LOG"), t.SaveLog ? _UU("SEC_YES") : _UU("SEC_NO"));
// Push routing table
if (t.ApplyDhcpPushRoutes)
{
StrToUni(tmp, sizeof(tmp), t.DhcpPushRoutes);
CtInsert(ct, _UU("CMD_DhcpGet_Column_PUSHROUTE"), tmp);
}
CtFree(ct, c);
}
@@ -19013,6 +19026,7 @@ UINT PsDhcpSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
{"DNS2", CmdPrompt, _UU("CMD_DhcpSet_Prompt_DNS2"), CmdEvalIp, NULL},
{"DOMAIN", CmdPrompt, _UU("CMD_DhcpSet_Prompt_DOMAIN"), NULL, NULL},
{"LOG", CmdPrompt, _UU("CMD_NatSet_Prompt_LOG"), CmdEvalNotEmpty, NULL},
{"PUSHROUTE", NULL, _UU("CMD_DhcpSet_PUSHROUTE"), NULL, NULL},
};
// If virtual HUB is not selected, it's an error
@@ -19055,6 +19069,9 @@ UINT PsDhcpSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
StrCpy(t.DhcpDomainName, sizeof(t.DhcpDomainName), GetParamStr(o, "DOMAIN"));
t.SaveLog = GetParamYes(o, "LOG");
StrCpy(t.DhcpPushRoutes, sizeof(t.DhcpPushRoutes), GetParamStr(o, "PUSHROUTE"));
t.ApplyDhcpPushRoutes = true;
if (ok == false)
{
// Parameter is invalid
@@ -19075,6 +19092,15 @@ UINT PsDhcpSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
FreeParamValueList(o);
return ret;
}
if (IsEmptyStr(GetParamStr(o, "PUSHROUTE")) == false)
{
if (GetCapsBool(ps->CapsList, "b_suppport_push_route") == false &&
GetCapsBool(ps->CapsList, "b_suppport_push_route_config"))
{
CmdPrintError(c, ERR_NOT_SUPPORTED_FUNCTION_ON_OPENSOURCE);
}
}
}
}
src/Cedar/Command.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Command.h
src/Cedar/Connection.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Connection.c
src/Cedar/Connection.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Connection.h
src/Cedar/Console.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Console.c
src/Cedar/Console.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Console.h
src/Cedar/DDNS.c
+15 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// DDNS.c
@@ -652,6 +658,7 @@ UINT DCRegister(DDNS_CLIENT *c, bool ipv6, DDNS_REGISTER_PARAM *p, char *replace
if (err == ERR_NO_ERROR)
{
char snat_t[MAX_SIZE];
char current_region[128];
// Current host name
PackGetStr(ret, "current_hostname", c->CurrentHostName, sizeof(c->CurrentHostName));
@@ -659,6 +666,7 @@ UINT DCRegister(DDNS_CLIENT *c, bool ipv6, DDNS_REGISTER_PARAM *p, char *replace
PackGetStr(ret, "current_ipv4", c->CurrentIPv4, sizeof(c->CurrentIPv4));
PackGetStr(ret, "current_ipv6", c->CurrentIPv6, sizeof(c->CurrentIPv6));
PackGetStr(ret, "dns_suffix", c->DnsSuffix, sizeof(c->DnsSuffix));
PackGetStr(ret, "current_region", current_region, sizeof(current_region));
// SecureNAT connectivity check parameters
Zero(snat_t, sizeof(snat_t));
@@ -688,6 +696,12 @@ UINT DCRegister(DDNS_CLIENT *c, bool ipv6, DDNS_REGISTER_PARAM *p, char *replace
c->CurrentHostName, c->CurrentFqdn,
c->CurrentIPv4, c->CurrentIPv6,
c->CurrentAzureIp, c->CurrentAzureTimestamp, c->CurrentAzureSignature, c->AzureCertHash);
if (IsEmptyStr(current_region) == false)
{
// Update the current region
SiUpdateCurrentRegion(c->Cedar, current_region, false);
}
}
}
Unlock(c->Lock);
src/Cedar/DDNS.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// DDNS.h
src/Cedar/Database.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Database.c
src/Cedar/Database.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Database.h
src/Cedar/EM.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// EM.c
src/Cedar/EM.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// EM.h
src/Cedar/EMInner.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// EMInner.h
src/Cedar/EtherLog.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// EtherLog.c
src/Cedar/EtherLog.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// EtherLog.h
src/Cedar/Hub.c
+112 -6
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Hub.c
@@ -572,6 +578,8 @@ void DataToHubOptionStruct(HUB_OPTION *o, RPC_ADMIN_OPTION *ao)
GetHubAdminOptionDataAndSet(ao, "BroadcastLimiterStrictMode", &o->BroadcastLimiterStrictMode);
GetHubAdminOptionDataAndSet(ao, "MaxLoggedPacketsPerMinute", &o->MaxLoggedPacketsPerMinute);
GetHubAdminOptionDataAndSet(ao, "DoNotSaveHeavySecurityLogs", &o->DoNotSaveHeavySecurityLogs);
GetHubAdminOptionDataAndSet(ao, "DropBroadcastsInPrivacyFilterMode", &o->DropBroadcastsInPrivacyFilterMode);
GetHubAdminOptionDataAndSet(ao, "DropArpInPrivacyFilterMode", &o->DropArpInPrivacyFilterMode);
}
// Convert the contents of the HUB_OPTION to data
@@ -633,6 +641,8 @@ void HubOptionStructToData(RPC_ADMIN_OPTION *ao, HUB_OPTION *o, char *hub_name)
Add(aol, NewAdminOption("BroadcastLimiterStrictMode", o->BroadcastLimiterStrictMode));
Add(aol, NewAdminOption("MaxLoggedPacketsPerMinute", o->MaxLoggedPacketsPerMinute));
Add(aol, NewAdminOption("DoNotSaveHeavySecurityLogs", o->DoNotSaveHeavySecurityLogs));
Add(aol, NewAdminOption("DropBroadcastsInPrivacyFilterMode", o->DropBroadcastsInPrivacyFilterMode));
Add(aol, NewAdminOption("DropArpInPrivacyFilterMode", o->DropArpInPrivacyFilterMode));
Zero(ao, sizeof(RPC_ADMIN_OPTION));
@@ -775,13 +785,102 @@ char *GenerateAcStr(AC *ac)
// Calculate whether the specified IP address is rejected by the access list
bool IsIpDeniedByAcList(IP *ip, LIST *o)
{
UINT i;
// Validate arguments
if (ip == NULL || o == NULL)
{
return false;
}
if (GetGlobalServerFlag(GSF_DISABLE_AC) != 0)
{
return false;
}
for (i = 0;i < LIST_NUM(o);i++)
{
AC *ac = LIST_DATA(o, i);
if (IsIpMaskedByAc(ip, ac))
{
if (ac->Deny == false)
{
return false;
}
else
{
return true;
}
}
}
return false;
}
// Calculate whether the specified IP address is masked by the AC
bool IsIpMaskedByAc(IP *ip, AC *ac)
{
return false;
UINT uip, net, mask;
// Validate arguments
if (ip == NULL || ac == NULL)
{
return false;
}
if (GetGlobalServerFlag(GSF_DISABLE_AC) != 0)
{
return false;
}
if (IsIP4(ip))
{
// IPv4
uip = IPToUINT(ip);
net = IPToUINT(&ac->IpAddress);
mask = IPToUINT(&ac->SubnetMask);
if (ac->Masked == false)
{
if (uip == net)
{
return true;
}
}
else
{
if ((uip & mask) == (net & mask))
{
return true;
}
}
return false;
}
else
{
// IPv6
if (ac->Masked == false)
{
if (CmpIpAddr(ip, &ac->IpAddress) == 0)
{
return true;
}
}
else
{
IP and1, and2;
IPAnd6(&and1, ip, &ac->SubnetMask);
IPAnd6(&and2, &ac->IpAddress, &ac->SubnetMask);
if (CmpIpAddr(&and1, &and2) == 0)
{
return true;
}
}
return false;
}
}
// Set the AC
@@ -3831,6 +3930,8 @@ void StorePacket(HUB *hub, SESSION *s, PKT *packet)
TRAFFIC traffic;
UINT64 now = Tick64();
bool no_heavy = false;
bool drop_broadcast_packet_privacy = false;
bool drop_arp_packet_privacy = false;
// Validate arguments
if (hub == NULL || packet == NULL)
{
@@ -3851,6 +3952,8 @@ void StorePacket(HUB *hub, SESSION *s, PKT *packet)
if (hub->Option != NULL)
{
no_heavy = hub->Option->DoNotSaveHeavySecurityLogs;
drop_broadcast_packet_privacy = hub->Option->DropBroadcastsInPrivacyFilterMode;
drop_arp_packet_privacy = hub->Option->DropArpInPrivacyFilterMode;
}
// Lock the entire MAC address table
@@ -4760,13 +4863,13 @@ UPDATE_FDB:
}
if (s != NULL &&
(packet->BroadcastPacket == false &&
((drop_broadcast_packet_privacy || packet->BroadcastPacket == false) &&
s->Policy->PrivacyFilter &&
dest_session->Policy->PrivacyFilter)
)
{
// Privacy filter
if (packet->TypeL3 != L3_ARPV4)
if (drop_arp_packet_privacy || packet->TypeL3 != L3_ARPV4)
{
goto DISCARD_UNICAST_PACKET;
}
@@ -4942,13 +5045,13 @@ DISCARD_UNICAST_PACKET:
}
if (s != NULL &&
(packet->BroadcastPacket == false &&
((drop_broadcast_packet_privacy || packet->BroadcastPacket == false) &&
s->Policy->PrivacyFilter &&
dest_session->Policy->PrivacyFilter)
)
{
// Privacy filter
if (packet->TypeL3 != L3_ARPV4)
if (drop_arp_packet_privacy || packet->TypeL3 != L3_ARPV4)
{
discard = true;
}
@@ -6858,6 +6961,9 @@ HUB *NewHub(CEDAR *cedar, char *HubName, HUB_OPTION *option)
h->Option->VlanTypeId = MAC_PROTO_TAGVLAN;
}
h->Option->DropBroadcastsInPrivacyFilterMode = true;
h->Option->DropArpInPrivacyFilterMode = true;
Rand(h->HubSignature, sizeof(h->HubSignature));
// SecureNAT related
src/Cedar/Hub.h
+9 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Hub.h
@@ -245,6 +251,8 @@ struct HUB_OPTION
bool BroadcastLimiterStrictMode; // Strictly broadcast packets limiting mode
UINT MaxLoggedPacketsPerMinute; // Maximum number of logging target packets per minute
bool DoNotSaveHeavySecurityLogs; // Do not take heavy security log
bool DropBroadcastsInPrivacyFilterMode; // Drop broadcasting packets if the both source and destination session is PrivacyFilter mode
bool DropArpInPrivacyFilterMode; // Drop ARP packets if the both source and destination session is PrivacyFilter mode
};
// MAC table entry
src/Cedar/IPsec.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// IPsec.c
src/Cedar/IPsec.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// IPsec.h
src/Cedar/IPsec_EtherIP.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// IPsec_EtherIP.c
src/Cedar/IPsec_EtherIP.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// IPsec_EtherIP.h
src/Cedar/IPsec_IKE.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// IPsec_IKE.c
src/Cedar/IPsec_IKE.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// IPsec_IKE.h
src/Cedar/IPsec_IPC.c
+33 -6
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// IPsec_IPC.c
@@ -225,7 +231,7 @@ void IPCAsyncThreadProc(THREAD *thread, void *param)
UINTToIP(&subnet, cao.SubnetMask);
UINTToIP(&gw, cao.Gateway);
IPCSetIPv4Parameters(a->Ipc, &ip, &subnet, &gw);
IPCSetIPv4Parameters(a->Ipc, &ip, &subnet, &gw, &cao.ClasslessRoute);
a->L3NextDhcpRenewTick = Tick64() + a->L3DhcpRenewInterval;
}
@@ -1574,7 +1580,7 @@ void IPCProcessL3EventsEx(IPC *ipc, UINT64 now)
}
// Configure IPv4 parameters
bool IPCSetIPv4Parameters(IPC *ipc, IP *ip, IP *subnet, IP *gw)
bool IPCSetIPv4Parameters(IPC *ipc, IP *ip, IP *subnet, IP *gw, DHCP_CLASSLESS_ROUTE_TABLE *rt)
{
bool changed = false;
// Validate arguments
@@ -1616,6 +1622,16 @@ bool IPCSetIPv4Parameters(IPC *ipc, IP *ip, IP *subnet, IP *gw)
GetBroadcastAddress4(&ipc->BroadcastAddress, ip, subnet);
if (rt != NULL && rt->NumExistingRoutes >= 1)
{
if (Cmp(&ipc->ClasslessRoute, rt, sizeof(DHCP_CLASSLESS_ROUTE_TABLE)) != 0)
{
changed = true;
Copy(&ipc->ClasslessRoute, rt, sizeof(DHCP_CLASSLESS_ROUTE_TABLE));
}
}
return changed;
}
@@ -1626,6 +1642,7 @@ void IPCSendIPv4(IPC *ipc, void *data, UINT size)
IP ip_dst_local;
bool is_broadcast = false;
UCHAR uc;
DHCP_CLASSLESS_ROUTE *r = NULL;
// Validate arguments
if (ipc == NULL || data == NULL || size < 20 || size > 1500)
{
@@ -1664,11 +1681,19 @@ void IPCSendIPv4(IPC *ipc, void *data, UINT size)
// Get the IP address of the relayed destination
Copy(&ip_dst_local, &ip_dst, sizeof(IP));
if (ip_dst.addr[0]==8)
DoNothing();
if (IsInSameNetwork4(&ip_dst, &ipc->ClientIPAddress, &ipc->SubnetMask) == false)
{
Copy(&ip_dst_local, &ipc->DefaultGateway, sizeof(IP));
r = GetBestClasslessRoute(&ipc->ClasslessRoute, &ip_dst);
if (r == NULL)
{
Copy(&ip_dst_local, &ipc->DefaultGateway, sizeof(IP));
}
else
{
Copy(&ip_dst_local, &r->Gateway, sizeof(IP));
}
}
if (CmpIpAddr(&ipc->BroadcastAddress, &ip_dst) == 0)
@@ -1709,9 +1734,11 @@ void IPCSendIPv4(IPC *ipc, void *data, UINT size)
if (IsZeroIP(&ip_dst_local))
{
// Unable to send
return;
}
// Send a unicast packet
IPCSendIPv4Unicast(ipc, data, size, &ip_dst_local);
}
src/Cedar/IPsec_IPC.h
+9 -2
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// IPsec_IPC.h
@@ -187,6 +193,7 @@ struct IPC
QUEUE *IPv4RecviedQueue; // IPv4 reception queue
TUBE_FLUSH_LIST *FlushList; // Tube Flush List
UCHAR MsChapV2_ServerResponse[20]; // Server response
DHCP_CLASSLESS_ROUTE_TABLE ClasslessRoute; // Classless routing table
};
// MS-CHAPv2 authentication information
@@ -214,7 +221,7 @@ BLOCK *IPCRecvIPv4(IPC *ipc);
void IPCProcessInterrupts(IPC *ipc);
void IPCProcessL3Events(IPC *ipc);
void IPCProcessL3EventsEx(IPC *ipc, UINT64 now);
bool IPCSetIPv4Parameters(IPC *ipc, IP *ip, IP *subnet, IP *gw);
bool IPCSetIPv4Parameters(IPC *ipc, IP *ip, IP *subnet, IP *gw, DHCP_CLASSLESS_ROUTE_TABLE *rt);
IPC_ARP *IPCNewARP(IP *ip, UCHAR *mac_address);
void IPCFreeARP(IPC_ARP *a);
int IPCCmpArpTable(void *p1, void *p2);
src/Cedar/IPsec_IkePacket.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// IPsec_IkePacket.c
src/Cedar/IPsec_IkePacket.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// IPsec_IkePacket.h
src/Cedar/IPsec_L2TP.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// IPsec_L2TP.c
src/Cedar/IPsec_L2TP.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// IPsec_L2TP.h
src/Cedar/IPsec_PPP.c
+10 -4
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// IPsec_PPP.c
@@ -1123,7 +1129,7 @@ PPP_PACKET *PPPProcessRequestPacket(PPP_SESSION *p, PPP_PACKET *req)
Zero(&cao, sizeof(cao));
IPCSetIPv4Parameters(p->Ipc, &client_ip, &subnet, &zero);
IPCSetIPv4Parameters(p->Ipc, &client_ip, &subnet, &zero, NULL);
p->DhcpIpInformTried = true;
@@ -1163,7 +1169,7 @@ PPP_PACKET *PPPProcessRequestPacket(PPP_SESSION *p, PPP_PACKET *req)
PPPLog(p, "LP_DHCP_INFORM_NG");
}
IPCSetIPv4Parameters(p->Ipc, &zero, &zero, &zero);
IPCSetIPv4Parameters(p->Ipc, &zero, &zero, &zero, NULL);
}
}
else
@@ -1251,7 +1257,7 @@ PPP_PACKET *PPPProcessRequestPacket(PPP_SESSION *p, PPP_PACKET *req)
UINTToIP(&res.WinsServer1, p->ClientAddressOption.WinsServer);
UINTToIP(&res.WinsServer2, p->ClientAddressOption.WinsServer2);
if (IPCSetIPv4Parameters(p->Ipc, &res.IpAddress, &subnet, &gw))
if (IPCSetIPv4Parameters(p->Ipc, &res.IpAddress, &subnet, &gw, &p->ClientAddressOption.ClasslessRoute))
{
char client_ip_str[64];
char subnet_str[64], defgw_str[64];
src/Cedar/IPsec_PPP.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// IPsec_PPP.h
src/Cedar/IPsec_Win7.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// IPsec_Win7.c
src/Cedar/IPsec_Win7.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// IPsec_Win7.h
src/Cedar/IPsec_Win7Inner.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// IPsec_Win7.h
src/Cedar/Interop_OpenVPN.c
+48 -2
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Interop_OpenVPN.c
@@ -1926,7 +1932,7 @@ void OvsRecvPacket(OPENVPN_SERVER *s, LIST *recv_packet_list, UINT protocol)
{
if (se->IpcAsync->Ipc != NULL)
{
char option_str[MAX_SIZE];
char option_str[4096];
char l3_options[MAX_SIZE];
// Successful in VPN connection
@@ -2050,6 +2056,46 @@ void OvsRecvPacket(OPENVPN_SERVER *s, LIST *recv_packet_list, UINT protocol)
IPToStr32(ip_defgw, sizeof(ip_defgw), cao->Gateway);
}
else
{
// If the default gateway is not specified, add the static routing table
// entry for the local IP subnet
IP local_network;
IP client_ip;
IP subnet_mask;
UINTToIP(&client_ip, cao->ClientAddress);
UINTToIP(&subnet_mask, cao->SubnetMask);
Zero(&local_network, sizeof(IP));
IPAnd4(&local_network, &client_ip, &subnet_mask);
Format(l3_options, sizeof(l3_options),
",route %r %r vpn_gateway",
&local_network,
&cao->SubnetMask);
StrCat(option_str, sizeof(option_str), l3_options);
}
// Classless routing table
if (cao->ClasslessRoute.NumExistingRoutes >= 1)
{
UINT i;
for (i = 0;i < MAX_DHCP_CLASSLESS_ROUTE_ENTRIES;i++)
{
DHCP_CLASSLESS_ROUTE *r = &cao->ClasslessRoute.Entries[i];
if (r->Exists)
{
Format(l3_options, sizeof(l3_options),
",route %r %r vpn_gateway",
&r->Network, &r->SubnetMask);
StrCat(option_str, sizeof(option_str), l3_options);
}
}
}
OvsLog(s, se, c, "LP_SET_IPV4_PARAM",
ip_client, ip_subnet_mask, ip_defgw, ip_dns1, ip_dns2, ip_wins1, ip_wins2);
src/Cedar/Interop_OpenVPN.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Interop_OpenVPN.h
src/Cedar/Interop_SSTP.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Interop_SSTP.c
src/Cedar/Interop_SSTP.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Interop_SSTP.h
src/Cedar/Layer3.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Layer3.c
src/Cedar/Layer3.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Layer3.h
src/Cedar/Link.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Link.c
src/Cedar/Link.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Link.h
src/Cedar/Listener.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Listener.c
src/Cedar/Listener.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Listener.h
src/Cedar/Logging.c
+797 -2
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Logging.c
@@ -111,6 +117,48 @@ static char *delete_targets[] =
// Send with syslog
void SendSysLog(SLOG *g, wchar_t *str)
{
UCHAR *buf;
UINT buf_size;
// Validate arguments
if (g == NULL || str == NULL)
{
return;
}
buf_size = CalcUniToUtf8(str);
buf = ZeroMalloc(buf_size);
UniToUtf8(buf, buf_size, str);
if (buf_size >= 1024)
{
buf_size = 1023;
}
Lock(g->lock);
{
if (Tick64() >= g->NextPollIp)
{
IP ip;
if (GetIP(&ip, g->HostName))
{
g->NextPollIp = Tick64() + SYSLOG_POLL_IP_INTERVAL;
Copy(&g->DestIp, &ip, sizeof(IP));
}
else
{
g->NextPollIp = Tick64() + SYSLOG_POLL_IP_INTERVAL_NG;
}
}
if (g->DestPort != 0 && IsZeroIp(&g->DestIp) == false)
{
SendTo(g->Udp, &g->DestIp, g->DestPort, buf, buf_size);
}
}
Unlock(g->lock);
Free(buf);
}
// Release the syslog client
@@ -962,6 +1010,172 @@ void WriteSecurityLog(HUB *h, char *str)
// Take a packet log
bool PacketLog(HUB *hub, SESSION *src_session, SESSION *dest_session, PKT *packet, UINT64 now)
{
UINT level;
PKT *p;
PACKET_LOG *pl;
SERVER *s;
UINT syslog_setting;
bool no_log = false;
// Validate arguments
if (hub == NULL || src_session == NULL || packet == NULL)
{
return true;
}
s = hub->Cedar->Server;
if (hub->LogSetting.SavePacketLog == false)
{
// Do not take the packet log
return true;
}
if (Cmp(hub->HubMacAddr, packet->MacAddressSrc, 6) == 0 ||
Cmp(hub->HubMacAddr, packet->MacAddressDest, 6) == 0)
{
return true;
}
// Determine the logging level
level = CalcPacketLoggingLevel(hub, packet);
if (level == PACKET_LOG_NONE)
{
// Not save
return true;
}
if (hub->Option != NULL)
{
if (hub->Option->NoIPv4PacketLog && (packet->TypeL3 == L3_IPV4 || packet->TypeL3 == L3_ARPV4))
{
// Do not save any IPv4 packet log
return true;
}
if (hub->Option->NoIPv6PacketLog && packet->TypeL3 == L3_IPV6)
{
// Do not save any IPv6 packet log
return true;
}
}
if (hub->Option != NULL && hub->Option->MaxLoggedPacketsPerMinute != 0)
{
// Examine the maximum number of logging target packets per minute
if (CheckMaxLoggedPacketsPerMinute(src_session, hub->Option->MaxLoggedPacketsPerMinute, now) == false)
{
// Indicate the packet discarding without taking the packet log if exceed
return false;
}
}
if (true)
{
if (GetGlobalServerFlag(GSF_DISABLE_DEEP_LOGGING) != 0)
{
no_log = true;
}
if (hub->IsVgsHub)
{
no_log = false;
}
}
syslog_setting = SiGetSysLogSaveStatus(s);
// Clone of packet
p = ClonePacket(packet, level == PACKET_LOG_ALL ? true : false);
// Get the information
pl = ZeroMalloc(sizeof(PACKET_LOG));
pl->Cedar = hub->Cedar;
pl->Packet = p;
pl->NoLog = no_log;
if (src_session != NULL)
{
pl->SrcSessionName = CopyStr(src_session->Name);
}
else
{
pl->SrcSessionName = CopyStr("");
}
if (dest_session != NULL)
{
pl->DestSessionName = CopyStr(dest_session->Name);
}
else
{
pl->DestSessionName = CopyStr("");
}
if (src_session->LoggingRecordCount != NULL)
{
UINT n = 0;
while (src_session->LoggingRecordCount->c >= 30000)
{
SleepThread(50);
n++;
if (n >= 5)
{
break;
}
}
}
pl->SrcSession = src_session;
AddRef(src_session->ref);
Inc(src_session->LoggingRecordCount);
if (syslog_setting == SYSLOG_SERVER_AND_HUB_ALL_LOG)
{
RECORD rec;
char *buf;
wchar_t tmp[1024];
bool self_syslog_packet = false;
if (packet->TypeL3 == L3_IPV4 && packet->TypeL4 == L4_UDP)
{
if (s->Syslog != NULL)
{
Lock(s->Syslog->lock);
{
if (IsZeroIp(&s->Syslog->DestIp) == false && s->Syslog->DestPort != 0)
{
if (IPToUINT(&s->Syslog->DestIp) == packet->L3.IPv4Header->DstIP)
{
if (Endian32(packet->L4.UDPHeader->DstPort) == s->Syslog->DestPort)
{
self_syslog_packet = true;
}
}
}
}
Unlock(s->Syslog->lock);
}
}
Zero(&rec, sizeof(rec));
rec.Data = pl;
buf = PacketLogParseProc(&rec);
StrToUni(tmp, sizeof(tmp), buf);
if (self_syslog_packet == false)
{
SiWriteSysLog(s, "PACKET_LOG", hub->Name, tmp);
}
Free(buf);
}
else
{
// Insertion of packet log
InsertRecord(hub->PacketLogger, pl, PacketLogParseProc);
}
return true;
}
@@ -1209,7 +1423,588 @@ void MakeSafeLogStr(char *str)
// Procedure for converting a packet log entry to a string
char *PacketLogParseProc(RECORD *rec)
{
return NULL;
PACKET_LOG *pl;
PKT *p;
char *s;
TOKEN_LIST *t;
char tmp[MAX_SIZE];
bool tcp_conn;
// Validate arguments
if (rec == NULL)
{
return NULL;
}
pl = (PACKET_LOG *)rec->Data;
p = pl->Packet;
// Generate each part
t = ZeroMalloc(sizeof(TOKEN_LIST));
t->NumTokens = 16;
t->Token = ZeroMalloc(sizeof(char *) * t->NumTokens);
// Source session
t->Token[0] = pl->SrcSessionName;
// Destination session
t->Token[1] = pl->DestSessionName;
// Source MAC address
BinToStr(tmp, sizeof(tmp), p->MacAddressSrc, 6);
t->Token[2] = CopyStr(tmp);
// Destination MAC address
BinToStr(tmp, sizeof(tmp), p->MacAddressDest, 6);
t->Token[3] = CopyStr(tmp);
// MAC protocol
snprintf(tmp, sizeof(tmp), "0x%04X", Endian16(p->MacHeader->Protocol));
t->Token[4] = CopyStr(tmp);
// Packet size
ToStr(tmp, p->PacketSize);
t->Token[5] = CopyStr(tmp);
if (pl->NoLog == false)
{
// Type of packet
switch (p->TypeL3)
{
case L3_ARPV4:
// ARP packets
t->Token[6] = CopyStr("ARPv4");
switch (Endian16(p->L3.ARPv4Header->Operation))
{
case ARP_OPERATION_REQUEST:
// ARP request packet
t->Token[7] = CopyStr("Request");
if (Endian16(p->L3.ARPv4Header->HardwareType) == ARP_HARDWARE_TYPE_ETHERNET &&
p->L3.ARPv4Header->HardwareSize == 6 &&
Endian16(p->L3.ARPv4Header->ProtocolType) == MAC_PROTO_IPV4 &&
p->L3.ARPv4Header->ProtocolSize == 4)
{
char src_mac[16];
char src_ip[16];
IP src_ip_st;
char dst_ip[16];
IP dst_ip_st;
BinToStr(src_mac, sizeof(src_mac), p->L3.ARPv4Header->SrcAddress, 6);
UINTToIP(&src_ip_st, p->L3.ARPv4Header->SrcIP);
UINTToIP(&dst_ip_st, p->L3.ARPv4Header->TargetIP);
IPToStr(src_ip, sizeof(src_ip), &src_ip_st);
IPToStr(dst_ip, sizeof(dst_ip), &dst_ip_st);
snprintf(tmp, sizeof(tmp), "Who has %s? Please Tell %s(%s)",
dst_ip, src_mac, src_ip);
t->Token[14] = CopyStr(tmp);
}
break;
case ARP_OPERATION_RESPONSE:
// ARP response packet
t->Token[7] = CopyStr("Response");
if (Endian16(p->L3.ARPv4Header->HardwareType) == ARP_HARDWARE_TYPE_ETHERNET &&
p->L3.ARPv4Header->HardwareSize == 6 &&
Endian16(p->L3.ARPv4Header->ProtocolType) == MAC_PROTO_IPV4 &&
p->L3.ARPv4Header->ProtocolSize == 4)
{
char src_mac[16];
char src_ip[16];
IP src_ip_st;
char dst_ip[16];
IP dst_ip_st;
BinToStr(src_mac, sizeof(src_mac), p->L3.ARPv4Header->SrcAddress, 6);
UINTToIP(&src_ip_st, p->L3.ARPv4Header->SrcIP);
UINTToIP(&dst_ip_st, p->L3.ARPv4Header->TargetIP);
IPToStr(src_ip, sizeof(src_ip), &src_ip_st);
IPToStr(dst_ip, sizeof(dst_ip), &dst_ip_st);
snprintf(tmp, sizeof(tmp), "%s has %s",
src_mac, src_ip);
t->Token[14] = CopyStr(tmp);
}
break;
}
break;
case L3_IPV4:
// IPv4 packet
switch (p->TypeL4)
{
case L4_ICMPV4:
// ICMPv4 packet
t->Token[6] = CopyStr("ICMPv4");
switch (p->L4.ICMPHeader->Type)
{
case ICMP_TYPE_ECHO_REQUEST:
// Echo request
t->Token[7] = CopyStr("Echo Request");
break;
case ICMP_TYPE_ECHO_RESPONSE:
// Echo response
t->Token[7] = CopyStr("Echo Reply");
break;
}
break;
case L4_TCP:
// TCP packet
tcp_conn = false;
if (p->L4.TCPHeader->Flag & TCP_SYN || p->L4.TCPHeader->Flag & TCP_RST || p->L4.TCPHeader->Flag & TCP_FIN)
{
tcp_conn = true;
}
t->Token[6] = CopyStr(tcp_conn ? "TCP_CONNECTv4" : "TCP_DATAv4");
t->Token[7] = TcpFlagStr(p->L4.TCPHeader->Flag);
t->Token[9] = PortStr(pl->Cedar, Endian16(p->L4.TCPHeader->SrcPort), false);
t->Token[11] = PortStr(pl->Cedar, Endian16(p->L4.TCPHeader->DstPort), false);
ToStr(tmp, Endian32(p->L4.TCPHeader->SeqNumber));
t->Token[12] = CopyStr(tmp);
ToStr(tmp, Endian32(p->L4.TCPHeader->AckNumber));
t->Token[13] = CopyStr(tmp);
snprintf(tmp, sizeof(tmp), "WindowSize=%u", Endian16(p->L4.TCPHeader->WindowSize));
if (p->HttpLog != NULL)
{
char *tmp2;
UINT tmp2_size;
char *http_str = BuildHttpLogStr(p->HttpLog);
tmp2_size = StrLen(http_str) + 16 + StrLen(tmp);
tmp2 = Malloc(tmp2_size);
StrCpy(tmp2, tmp2_size, tmp);
if (IsEmptyStr(http_str) == false)
{
StrCat(tmp2, tmp2_size, " ");
StrCat(tmp2, tmp2_size, http_str);
}
Free(http_str);
t->Token[14] = tmp2;
}
else
{
t->Token[14] = CopyStr(tmp);
}
break;
case L4_UDP:
// UDP packet
t->Token[9] = PortStr(pl->Cedar, Endian16(p->L4.UDPHeader->SrcPort), true);
t->Token[11] = PortStr(pl->Cedar, Endian16(p->L4.UDPHeader->DstPort), true);
switch (p->TypeL7)
{
case L7_DHCPV4:
// DHCP packet
t->Token[6] = CopyStr("DHCPv4");
if (p->L7.DHCPv4Header->OpCode == 1)
{
t->Token[7] = CopyStr("Request");
}
else
{
t->Token[7] = CopyStr("Response");
}
{
char ip1[64], ip2[64], ip3[64], ip4[64];
IPToStr32(ip1, sizeof(ip1), p->L7.DHCPv4Header->ClientIP);
IPToStr32(ip2, sizeof(ip2), p->L7.DHCPv4Header->YourIP);
IPToStr32(ip3, sizeof(ip3), p->L7.DHCPv4Header->ServerIP);
IPToStr32(ip4, sizeof(ip4), p->L7.DHCPv4Header->RelayIP);
snprintf(tmp, sizeof(tmp),
"TransactionId=%u ClientIP=%s YourIP=%s ServerIP=%s RelayIP=%s",
Endian32(p->L7.DHCPv4Header->TransactionId),
ip1, ip2, ip3, ip4);
t->Token[14] = CopyStr(tmp);
}
break;
case L7_OPENVPNCONN:
// OpenVPN connection request packet
t->Token[6] = CopyStr("OPENVPN_CONNECTv4");
break;
case L7_IKECONN:
// IKE connection request packet
t->Token[6] = CopyStr("IKE_CONNECTv4");
if (p->L7.IkeHeader != NULL)
{
if (p->L7.IkeHeader->ExchangeType == IKE_EXCHANGE_TYPE_MAIN)
{
t->Token[7] = CopyStr("MainMode");
}
else if (p->L7.IkeHeader->ExchangeType == IKE_EXCHANGE_TYPE_MAIN)
{
t->Token[7] = CopyStr("AgressiveMode");
}
{
Format(tmp, sizeof(tmp), "InitiatorCookie=%I64u ResponderCookie=%I64u "
"Version=0x%x ExchangeType=0x%x Flag=0x%x MessageId=%u MessageSize=%u",
Endian64(p->L7.IkeHeader->InitiatorCookie),
Endian64(p->L7.IkeHeader->ResponderCookie),
p->L7.IkeHeader->Version,
p->L7.IkeHeader->ExchangeType,
p->L7.IkeHeader->Flag,
Endian32(p->L7.IkeHeader->MessageId),
Endian32(p->L7.IkeHeader->MessageSize));
t->Token[14] = CopyStr(tmp);
}
}
break;
default:
// Unknown Packet
t->Token[6] = CopyStr("UDPv4");
break;
}
break;
case L4_FRAGMENT:
// Fragment
snprintf(tmp, sizeof(tmp), "IPv4_Fragment(0x%02X)", p->L3.IPv4Header->Protocol);
t->Token[6] = CopyStr(tmp);
break;
case L4_UNKNOWN:
// Unknown Packet
snprintf(tmp, sizeof(tmp), "IPv4(0x%02X)", p->L3.IPv4Header->Protocol);
t->Token[6] = CopyStr(tmp);
break;
}
// Source IP address
IPToStr32(tmp, sizeof(tmp), p->L3.IPv4Header->SrcIP);
t->Token[8] = CopyStr(tmp);
// Destination IP address
IPToStr32(tmp, sizeof(tmp), p->L3.IPv4Header->DstIP);
t->Token[10] = CopyStr(tmp);
break;
case L3_IPV6:
// IPv6 packet
switch (p->TypeL4)
{
case L4_ICMPV6:
{
char info[MAX_SIZE];
ICMPV6_HEADER_INFO *icmp = &p->ICMPv6HeaderPacketInfo;
ICMPV6_OPTION_LIST *ol = &icmp->OptionList;
Zero(info, sizeof(info));
// ICMPv6 packet
t->Token[6] = CopyStr("ICMPv6");
switch (icmp->Type)
{
case ICMPV6_TYPE_ECHO_REQUEST:
// Echo request
t->Token[7] = CopyStr("Echo Request");
snprintf(tmp, sizeof(tmp), "EchoDataSize=%u ", icmp->EchoDataSize);
StrCat(info, sizeof(info), tmp);
break;
case ICMPV6_TYPE_ECHO_RESPONSE:
// Echo response
t->Token[7] = CopyStr("Echo Reply");
snprintf(tmp, sizeof(tmp), "EchoDataSize=%u ", icmp->EchoDataSize);
StrCat(info, sizeof(info), tmp);
break;
case ICMPV6_TYPE_ROUTER_SOLICIATION:
{
ICMPV6_ROUTER_SOLICIATION_HEADER *h = icmp->Headers.RouterSoliciationHeader;
// Router Solicitation
t->Token[7] = CopyStr("Router Soliciation");
if (h != NULL)
{
// No additional information
}
}
break;
case ICMPV6_TYPE_ROUTER_ADVERTISEMENT:
{
ICMPV6_ROUTER_ADVERTISEMENT_HEADER *h = icmp->Headers.RouterAdvertisementHeader;
// Router Advertisement
t->Token[7] = CopyStr("Router Advertisement");
if (h != NULL)
{
snprintf(tmp, sizeof(tmp), "CurHopLimit=%u "
"Flags=0x%02X Lifetime=%u ",
h->CurHopLimit, h->Flags, Endian16(h->Lifetime));
StrCat(info, sizeof(info), tmp);
}
}
break;
case ICMPV6_TYPE_NEIGHBOR_SOLICIATION:
{
ICMPV6_NEIGHBOR_SOLICIATION_HEADER *h = icmp->Headers.NeighborSoliciationHeader;
// Neighbor Solicitation
t->Token[7] = CopyStr("Neighbor Soliciation");
if (h != NULL)
{
char tmp2[MAX_SIZE];
IP6AddrToStr(tmp2, sizeof(tmp2), &h->TargetAddress);
snprintf(tmp, sizeof(tmp), "TargetAddress=%s ",
tmp2);
StrCat(info, sizeof(info), tmp);
}
}
break;
case ICMPV6_TYPE_NEIGHBOR_ADVERTISEMENT:
{
ICMPV6_NEIGHBOR_ADVERTISEMENT_HEADER *h = icmp->Headers.NeighborAdvertisementHeader;
// Neighbor Advertisement
t->Token[7] = CopyStr("Neighbor Advertisement");
if (h != NULL)
{
char tmp2[MAX_SIZE];
IP6AddrToStr(tmp2, sizeof(tmp2), &h->TargetAddress);
snprintf(tmp, sizeof(tmp), "TargetAddress=%s Flags=0x%02X ",
tmp2, h->Flags);
StrCat(info, sizeof(info), tmp);
}
}
break;
default:
{
snprintf(tmp, sizeof(tmp), "Type=%u", icmp->Type);
t->Token[7] = CopyStr(tmp);
}
break;
}
// Option data
if (ol->SourceLinkLayer != NULL)
{
char tmp2[MAX_SIZE];
BinToStr(tmp2, sizeof(tmp2), ol->SourceLinkLayer->Address, 6);
snprintf(tmp, sizeof(tmp), "SourceLinkLayer=%s ", tmp2);
StrCat(info, sizeof(info), tmp);
}
if (ol->TargetLinkLayer != NULL)
{
char tmp2[MAX_SIZE];
BinToStr(tmp2, sizeof(tmp2), ol->TargetLinkLayer->Address, 6);
snprintf(tmp, sizeof(tmp), "TargetLinkLayer=%s ", tmp2);
StrCat(info, sizeof(info), tmp);
}
if (ol->Prefix != NULL)
{
char tmp2[MAX_SIZE];
IP6AddrToStr(tmp2, sizeof(tmp2), &ol->Prefix->Prefix);
snprintf(tmp, sizeof(tmp), "Prefix=%s/%u PrefixFlag=0x%02X ", tmp2,
ol->Prefix->SubnetLength, ol->Prefix->Flags);
StrCat(info, sizeof(info), tmp);
}
if (ol->Mtu != NULL)
{
snprintf(tmp, sizeof(tmp), "Mtu=%u ", Endian32(ol->Mtu->Mtu));
StrCat(info, sizeof(info), tmp);
}
Trim(info);
if (IsEmptyStr(info) == false)
{
t->Token[14] = CopyStr(info);
}
}
break;
case L4_TCP:
// TCP packet
tcp_conn = false;
if (p->L4.TCPHeader->Flag & TCP_SYN || p->L4.TCPHeader->Flag & TCP_RST || p->L4.TCPHeader->Flag & TCP_FIN)
{
tcp_conn = true;
}
t->Token[6] = CopyStr(tcp_conn ? "TCP_CONNECTv6" : "TCP_DATAv6");
t->Token[7] = TcpFlagStr(p->L4.TCPHeader->Flag);
t->Token[9] = PortStr(pl->Cedar, Endian16(p->L4.TCPHeader->SrcPort), false);
t->Token[11] = PortStr(pl->Cedar, Endian16(p->L4.TCPHeader->DstPort), false);
ToStr(tmp, Endian32(p->L4.TCPHeader->SeqNumber));
t->Token[12] = CopyStr(tmp);
ToStr(tmp, Endian32(p->L4.TCPHeader->AckNumber));
t->Token[13] = CopyStr(tmp);
snprintf(tmp, sizeof(tmp), "WindowSize=%u", Endian16(p->L4.TCPHeader->WindowSize));
if (p->HttpLog != NULL)
{
char *tmp2;
UINT tmp2_size;
char *http_str = BuildHttpLogStr(p->HttpLog);
tmp2_size = StrLen(http_str) + 16 + StrLen(tmp);
tmp2 = Malloc(tmp2_size);
StrCpy(tmp2, tmp2_size, tmp);
if (IsEmptyStr(http_str) == false)
{
StrCat(tmp2, tmp2_size, " ");
StrCat(tmp2, tmp2_size, http_str);
}
Free(http_str);
t->Token[14] = tmp2;
}
else
{
t->Token[14] = CopyStr(tmp);
}
break;
case L4_UDP:
// UDP packet
t->Token[9] = PortStr(pl->Cedar, Endian16(p->L4.UDPHeader->SrcPort), true);
t->Token[11] = PortStr(pl->Cedar, Endian16(p->L4.UDPHeader->DstPort), true);
switch (p->TypeL7)
{
case L7_OPENVPNCONN:
// OpenVPN connection request packet
t->Token[6] = CopyStr("OPENVPN_CONNECTv6");
break;
case L7_IKECONN:
// IKE connection request packet
t->Token[6] = CopyStr("IKE_CONNECTv6");
if (p->L7.IkeHeader != NULL)
{
if (p->L7.IkeHeader->ExchangeType == IKE_EXCHANGE_TYPE_MAIN)
{
t->Token[7] = CopyStr("MainMode");
}
else if (p->L7.IkeHeader->ExchangeType == IKE_EXCHANGE_TYPE_MAIN)
{
t->Token[7] = CopyStr("AgressiveMode");
}
{
Format(tmp, sizeof(tmp), "InitiatorCookie=%I64u ResponderCookie=%I64u "
"Version=0x%x ExchangeType=0x%x Flag=0x%x MessageId=%u MessageSize=%u",
Endian64(p->L7.IkeHeader->InitiatorCookie),
Endian64(p->L7.IkeHeader->ResponderCookie),
p->L7.IkeHeader->Version,
p->L7.IkeHeader->ExchangeType,
p->L7.IkeHeader->Flag,
Endian32(p->L7.IkeHeader->MessageId),
Endian32(p->L7.IkeHeader->MessageSize));
t->Token[14] = CopyStr(tmp);
}
}
break;
default:
t->Token[6] = CopyStr("UDPv6");
break;
}
break;
case L4_FRAGMENT:
// Fragment packet
snprintf(tmp, sizeof(tmp), "IPv6_Fragment(0x%02X)", p->IPv6HeaderPacketInfo.Protocol);
t->Token[6] = CopyStr(tmp);
break;
case L4_UNKNOWN:
// Unknown Packet
snprintf(tmp, sizeof(tmp), "IPv6(0x%02X)", p->IPv6HeaderPacketInfo.Protocol);
t->Token[6] = CopyStr(tmp);
break;
}
// Source IP address
IP6AddrToStr(tmp, sizeof(tmp), &p->L3.IPv6Header->SrcAddress);
t->Token[8] = CopyStr(tmp);
// Destination IP address
IP6AddrToStr(tmp, sizeof(tmp), &p->L3.IPv6Header->DestAddress);
t->Token[10] = CopyStr(tmp);
break;
case L3_UNKNOWN:
// Unknown Packet
snprintf(tmp, sizeof(tmp), "Proto=0x%04X", Endian16(p->MacHeader->Protocol));
t->Token[6] = CopyStr(tmp);
break;
}
if (p->PacketData != NULL && (pl->PurePacket == false || pl->PurePacketNoPayload == false))
{
char *data = Malloc(p->PacketSize * 2 + 1);
BinToStr(data, p->PacketSize * 2 + 1, p->PacketData, p->PacketSize);
t->Token[15] = data;
}
}
else
{
t->Token[6] = CopyUniToUtf(_UU("LH_PACKET_LOG_NO_LOG_OSS"));
}
s = GenCsvLine(t);
FreeToken(t);
// Discard the packet data
if (pl->PurePacket == false)
{
FreeClonePacket(p);
}
else
{
Free(p->PacketData);
FreePacket(p);
}
// Release the session
if (pl->SrcSession != NULL)
{
Dec(pl->SrcSession->LoggingRecordCount);
ReleaseSession(pl->SrcSession);
}
Free(pl);
return s;
}
// Convert TCP flags to a string
src/Cedar/Logging.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Logging.h
src/Cedar/NM.c
+107 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// NM.c
@@ -125,6 +131,87 @@
// Global variable
static NM *nm = NULL;
// Dialog proc for the push routing option
UINT NmEditPushRouteProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param)
{
SM_HUB *r = (SM_HUB *)param;
char *str = NULL;
// Validate arguments
if (hWnd == NULL)
{
return 0;
}
switch (msg)
{
case WM_INITDIALOG:
SetTextA(hWnd, E_TEXT, r->CurrentPushRouteStr);
Focus(hWnd, E_TEXT);
SetIcon(hWnd, 0, ICO_PROTOCOL);
break;
case WM_COMMAND:
switch (wParam)
{
case IDOK:
str = GetTextA(hWnd, E_TEXT);
if (str != NULL)
{
bool ok = true;
if (CheckClasslessRouteTableStr(str) == false)
{
if (MsgBox(hWnd, MB_ICONWARNING | MB_OKCANCEL | MB_DEFBUTTON2, _UU("NM_PUSH_ROUTE_WARNING")) == IDCANCEL)
{
ok = false;
}
}
if (ok)
{
if (IsEmptyStr(r->CurrentPushRouteStr) == false)
{
if (GetCapsBool(r->p->CapsList, "b_suppport_push_route") == false)
{
MsgBox(hWnd, MB_ICONEXCLAMATION, _UU("ERR_147"));
}
}
StrCpy(r->CurrentPushRouteStr, sizeof(r->CurrentPushRouteStr), str);
EndDialog(hWnd, 1);
}
Free(str);
}
break;
case IDCANCEL:
Close(hWnd);
break;
}
break;
case WM_CLOSE:
EndDialog(hWnd, 0);
break;
}
return 0;
}
// Edit dialog for the push routing option
bool NmEditPushRoute(HWND hWnd, SM_HUB *r)
{
// Validate arguments
if (r == NULL)
{
return false;
}
return Dialog(hWnd, D_NM_PUSH, NmEditPushRouteProc, r);
}
// Change Password dialog
UINT NmChangePasswordProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param)
@@ -745,6 +832,8 @@ void NmEditVhOptionInit(HWND hWnd, SM_HUB *r)
return;
}
SetIcon(hWnd, 0, ICO_ROUTER);
FormatText(hWnd, S_TITLE, r->HubName);
Zero(&t, sizeof(VH_OPTION));
@@ -795,6 +884,15 @@ void NmEditVhOptionInit(HWND hWnd, SM_HUB *r)
SetTextA(hWnd, E_DOMAIN, t.DhcpDomainName);
Check(hWnd, R_SAVE_LOG, t.SaveLog);
StrCpy(r->CurrentPushRouteStr, sizeof(r->CurrentPushRouteStr), t.DhcpPushRoutes);
if (GetCapsBool(r->p->CapsList, "b_suppport_push_route_config") == false)
{
Disable(hWnd, S_1);
Disable(hWnd, S_2);
Disable(hWnd, B_PUSH);
}
NmEditVhOptionUpdate(hWnd, r);
}
@@ -929,6 +1027,9 @@ void NmEditVhOptionOnOk(HWND hWnd, SM_HUB *r)
NmEditVhOptionFormToVH(hWnd, &t);
StrCpy(t.HubName, sizeof(t.HubName), r->HubName);
t.ApplyDhcpPushRoutes = true;
StrCpy(t.DhcpPushRoutes, sizeof(t.DhcpPushRoutes), r->CurrentPushRouteStr);
if (CALL(hWnd, ScSetSecureNATOption(r->Rpc, &t)))
{
EndDialog(hWnd, true);
@@ -996,6 +1097,10 @@ UINT NmEditVhOptionProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void
Focus(hWnd, E_DHCP_START);
}
break;
case B_PUSH:
NmEditPushRoute(hWnd, r);
break;
}
break;
@@ -1013,6 +1118,7 @@ void NmEditVhOption(HWND hWnd, SM_HUB *r)
return;
}
Zero(r->CurrentPushRouteStr, sizeof(r->CurrentPushRouteStr));
Dialog(hWnd, D_NM_OPTION, NmEditVhOptionProc, r);
}
src/Cedar/NM.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// NM.h
src/Cedar/NMInner.h
+11 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// NMInner.h
@@ -151,6 +157,10 @@ void NmDhcpRefresh(HWND hWnd, SM_HUB *r);
void NmDhcpInit(HWND hWnd, SM_HUB *r);
void NmChangePassword(HWND hWnd, RPC *r);
UINT NmChangePasswordProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
bool NmEditPushRoute(HWND hWnd, SM_HUB *r);
UINT NmEditPushRouteProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
src/Cedar/Nat.c
+21 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Nat.c
@@ -808,6 +814,8 @@ void InVhOption(VH_OPTION *t, PACK *p)
PackGetStr(p, "DhcpDomainName", t->DhcpDomainName, sizeof(t->DhcpDomainName));
t->SaveLog = PackGetBool(p, "SaveLog");
PackGetStr(p, "RpcHubName", t->HubName, sizeof(t->HubName));
t->ApplyDhcpPushRoutes = PackGetBool(p, "ApplyDhcpPushRoutes");
PackGetStr(p, "DhcpPushRoutes", t->DhcpPushRoutes, sizeof(t->DhcpPushRoutes));
}
void OutVhOption(PACK *p, VH_OPTION *t)
{
@@ -835,6 +843,8 @@ void OutVhOption(PACK *p, VH_OPTION *t)
PackAddStr(p, "DhcpDomainName", t->DhcpDomainName);
PackAddBool(p, "SaveLog", t->SaveLog);
PackAddStr(p, "RpcHubName", t->HubName);
PackAddBool(p, "ApplyDhcpPushRoutes", true);
PackAddStr(p, "DhcpPushRoutes", t->DhcpPushRoutes);
}
// RPC_ENUM_DHCP
@@ -1465,6 +1475,15 @@ void NiLoadVhOptionEx(VH_OPTION *o, FOLDER *root)
CfgGetIp(dhcp, "DhcpDnsServerAddress2", &o->DhcpDnsServerAddress2);
CfgGetStr(dhcp, "DhcpDomainName", o->DhcpDomainName, sizeof(o->DhcpDomainName));
CfgGetStr(dhcp, "DhcpPushRoutes", o->DhcpPushRoutes, sizeof(o->DhcpPushRoutes));
// Test code
// StrCpy(o->DhcpPushRoutes, sizeof(o->DhcpPushRoutes),
// "130.158.6.0/24/192.168.9.2 130.158.80.244/255.255.255.255/192.168.9.2");
NormalizeClasslessRouteTableStr(o->DhcpPushRoutes, sizeof(o->DhcpPushRoutes), o->DhcpPushRoutes);
o->ApplyDhcpPushRoutes = true;
Trim(o->DhcpDomainName);
if (StrLen(o->DhcpDomainName) == 0)
{
@@ -1595,6 +1614,7 @@ void NiWriteVhOptionEx(VH_OPTION *o, FOLDER *root)
CfgAddIp(dhcp, "DhcpDnsServerAddress", &o->DhcpDnsServerAddress);
CfgAddIp(dhcp, "DhcpDnsServerAddress2", &o->DhcpDnsServerAddress2);
CfgAddStr(dhcp, "DhcpDomainName", o->DhcpDomainName);
CfgAddStr(dhcp, "DhcpPushRoutes", o->DhcpPushRoutes);
CfgAddBool(root, "SaveLog", o->SaveLog);
}
src/Cedar/Nat.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Nat.h
src/Cedar/NativeStack.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// NativeStack.c
src/Cedar/NativeStack.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// NativeStack.h
src/Cedar/NullLan.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// NullLan.c
src/Cedar/NullLan.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// NullLan.h
src/Cedar/Protocol.c
+157 -12
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Protocol.c
@@ -1111,6 +1117,28 @@ bool ServerAccept(CONNECTION *c)
goto CLEANUP;
}
if (GetGlobalServerFlag(GSF_DISABLE_AC) == 0)
{
if (hub->HubDb != NULL && c->FirstSock != NULL)
{
IP ip;
Copy(&ip, &c->FirstSock->RemoteIP, sizeof(IP));
if (IsIpDeniedByAcList(&ip, hub->HubDb->AcList))
{
char ip_str[64];
// Access denied
ReleaseHub(hub);
hub = NULL;
FreePack(p);
c->Err = ERR_IP_ADDRESS_DENIED;
IPToStr(ip_str, sizeof(ip_str), &ip);
SLog(c->Cedar, "LS_IP_DENIED", c->Name, ip_str);
goto CLEANUP;
}
}
}
Lock(hub->lock);
{
@@ -1486,7 +1514,7 @@ bool ServerAccept(CONNECTION *c)
{
// Attempt external authentication registered users
bool fail_ext_user_auth = false;
if (true)
if (GetGlobalServerFlag(GSF_DISABLE_RADIUS_AUTH) != 0)
{
fail_ext_user_auth = true;
}
@@ -1502,6 +1530,36 @@ bool ServerAccept(CONNECTION *c)
}
}
if (auth_ret == false)
{
// Attempt external authentication asterisk user
bool b = false;
bool fail_ext_user_auth = false;
if (GetGlobalServerFlag(GSF_DISABLE_RADIUS_AUTH) != 0)
{
fail_ext_user_auth = true;
}
if (fail_ext_user_auth == false)
{
AcLock(hub);
{
b = AcIsUser(hub, "*");
}
AcUnlock(hub);
// If there is asterisk user, log on as the user
if (b)
{
auth_ret = SamAuthUserByPlainPassword(c, hub, username, plain_password, true, mschap_v2_server_response_20);
if (auth_ret && pol == NULL)
{
pol = SamGetUserPolicy(hub, "*");
}
}
}
}
if (pol != NULL)
{
@@ -1519,13 +1577,66 @@ bool ServerAccept(CONNECTION *c)
break;
case CLIENT_AUTHTYPE_CERT:
// Certificate authentication is not supported in the open source version
HLog(hub, "LH_AUTH_CERT_NOT_SUPPORT_ON_OPEN_SOURCE", c->Name, username);
Unlock(hub->lock);
ReleaseHub(hub);
FreePack(p);
c->Err = ERR_AUTHTYPE_NOT_SUPPORTED;
goto CLEANUP;
if (GetGlobalServerFlag(GSF_DISABLE_CERT_AUTH) != 0)
{
// Certificate authentication
cert_size = PackGetDataSize(p, "cert");
if (cert_size >= 1 && cert_size <= 100000)
{
cert_buf = ZeroMalloc(cert_size);
if (PackGetData(p, "cert", cert_buf))
{
UCHAR sign[4096 / 8];
UINT sign_size = PackGetDataSize(p, "sign");
if (sign_size <= sizeof(sign) && sign_size >= 1)
{
if (PackGetData(p, "sign", sign))
{
BUF *b = NewBuf();
X *x;
WriteBuf(b, cert_buf, cert_size);
x = BufToX(b, false);
if (x != NULL && x->is_compatible_bit &&
sign_size == (x->bits / 8))
{
K *k = GetKFromX(x);
// Verify the signature received from the client
if (RsaVerifyEx(c->Random, SHA1_SIZE, sign, k, x->bits))
{
// Confirmed that the client has had this certificate
// certainly because the signature matched.
// Check whether the certificate is valid.
auth_ret = SamAuthUserByCert(hub, username, x);
if (auth_ret)
{
// Copy the certificate
c->ClientX = CloneX(x);
}
}
else
{
// Authentication failure
}
FreeK(k);
}
FreeX(x);
FreeBuf(b);
}
}
}
Free(cert_buf);
}
}
else
{
// Certificate authentication is not supported in the open source version
HLog(hub, "LH_AUTH_CERT_NOT_SUPPORT_ON_OPEN_SOURCE", c->Name, username);
Unlock(hub->lock);
ReleaseHub(hub);
FreePack(p);
c->Err = ERR_AUTHTYPE_NOT_SUPPORTED;
goto CLEANUP;
}
break;
default:
@@ -2538,15 +2649,49 @@ bool ServerAccept(CONNECTION *c)
st.wYear, st.wMonth);
}
tmpsize = UniStrSize(winver_msg_client) + UniStrSize(winver_msg_server) + UniStrSize(msg) + 16000;
tmpsize = UniStrSize(winver_msg_client) + UniStrSize(winver_msg_server) + UniStrSize(msg) + 16000 + 3000;
tmp = ZeroMalloc(tmpsize);
if (IsURLMsg(msg, NULL, 0) == false)
{
if (s != NULL && s->IsRUDPSession && c != NULL && StrCmpi(hub->Name, VG_HUBNAME) != 0)
{
if (GetCurrentLangId() != SE_LANG_ENGLISH)
// Show the warning message if the connection is made by NAT-T
wchar_t *tmp2;
UINT tmp2_size = 2400;
char local_name[128];
wchar_t local_name_2[128];
char local_name_3[128];
Zero(local_name, sizeof(local_name));
Zero(local_name_2, sizeof(local_name_2));
Zero(local_name_3, sizeof(local_name_3));
GetMachineName(local_name, sizeof(local_name));
#ifdef OS_WIN32
MsGetComputerNameFullEx(local_name_2, sizeof(local_name_2), true);
UniToStr(local_name_3, sizeof(local_name_3), local_name_2);
if (IsEmptyStr(local_name_3) == false)
{
StrCpy(local_name, sizeof(local_name), local_name_3);
}
#endif // OS_WIN32
tmp2 = Malloc(tmp2_size);
UniFormat(tmp2, tmp2_size, _UU(c->ClientBuild >= 9428 ? "NATT_MSG" : "NATT_MSG2"), local_name);
UniStrCat(tmp, tmpsize, tmp2);
Free(tmp2);
}
{
if (GetGlobalServerFlag(GSF_SHOW_OSS_MSG) != 0)
{
UniStrCat(tmp, tmpsize, _UU("OSS_MSG"));
}
@@ -5728,7 +5873,7 @@ SOCK *ClientConnectGetSocket(CONNECTION *c, bool additional_connect, bool no_tls
// If additional_connect == true, follow the IsRUDPSession setting in this session
s = TcpIpConnectEx(host_for_direct_connection, port_for_direct_connection,
(bool *)cancel_flag, hWnd, &nat_t_err, (additional_connect ? (!is_additonal_rudp_session) : false),
true, no_tls);
false, no_tls);
}
}
else
src/Cedar/Protocol.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Protocol.h
src/Cedar/Radius.c
+556 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Radius.c
@@ -92,6 +98,555 @@
#include "CedarPch.h"
// Attempts Radius authentication (with specifying retry interval and multiple server)
bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT secret_size, wchar_t *username, char *password, UINT interval, UCHAR *mschap_v2_server_response_20)
{
UCHAR random[MD5_SIZE];
UCHAR id;
BUF *encrypted_password = NULL;
BUF *user_name = NULL;
//IP ip;
bool ret = false;
TOKEN_LIST *token;
UINT i;
LIST *ip_list;
IPC_MSCHAP_V2_AUTHINFO mschap;
bool is_mschap;
char client_ip_str[MAX_SIZE];
static UINT packet_id = 0;
// Validate arguments
if (server == NULL || port == 0 || (secret_size != 0 && secret == NULL) || username == NULL || password == NULL)
{
return false;
}
Zero(client_ip_str, sizeof(client_ip_str));
if (c != NULL && c->FirstSock != NULL)
{
IPToStr(client_ip_str, sizeof(client_ip_str), &c->FirstSock->RemoteIP);
}
// Parse the MS-CHAP v2 authentication data
Zero(&mschap, sizeof(mschap));
is_mschap = ParseAndExtractMsChapV2InfoFromPassword(&mschap, password);
// Split the server into tokens
token = ParseToken(server, " ,;\t");
// Get the IP address of the server
ip_list = NewListFast(NULL);
for(i = 0; i < token->NumTokens; i++)
{
IP *tmp_ip = Malloc(sizeof(IP));
if (GetIP(tmp_ip, token->Token[i]))
{
Add(ip_list, tmp_ip);
}
else if (GetIPEx(tmp_ip, token->Token[i], true))
{
Add(ip_list, tmp_ip);
}
else
{
Free(tmp_ip);
}
}
FreeToken(token);
if(LIST_NUM(ip_list) == 0)
{
ReleaseList(ip_list);
return false;
}
// Random number generation
Rand(random, sizeof(random));
// ID generation
id = (UCHAR)(packet_id % 254 + 1);
packet_id++;
if (is_mschap == false)
{
// Encrypt the password
encrypted_password = RadiusEncryptPassword(password, random, secret, secret_size);
if (encrypted_password == NULL)
{
// Encryption failure
ReleaseList(ip_list);
return false;
}
}
// Generate the user name packet
user_name = RadiusCreateUserName(username);
if (user_name != NULL)
{
// Generate a password packet
BUF *user_password = (is_mschap ? NULL : RadiusCreateUserPassword(encrypted_password->Buf, encrypted_password->Size));
BUF *nas_id = RadiusCreateNasId(CEDAR_SERVER_STR);
if (is_mschap || user_password != NULL)
{
UINT64 start;
UINT64 next_send_time;
UCHAR tmp[MAX_SIZE];
UINT recv_buf_size = 32768;
UCHAR *recv_buf = MallocEx(recv_buf_size, true);
// Generate an UDP packet
BUF *p = NewBuf();
UCHAR type = 1;
SOCK *sock;
USHORT sz = 0;
UINT pos = 0;
BOOL *finish = ZeroMallocEx(sizeof(BOOL) * LIST_NUM(ip_list), true);
Zero(tmp, sizeof(tmp));
WriteBuf(p, &type, 1);
WriteBuf(p, &id, 1);
WriteBuf(p, &sz, 2);
WriteBuf(p, random, 16);
WriteBuf(p, user_name->Buf, user_name->Size);
if (is_mschap == false)
{
UINT ui;
// PAP
WriteBuf(p, user_password->Buf, user_password->Size);
WriteBuf(p, nas_id->Buf, nas_id->Size);
// Service-Type
ui = Endian32(2);
RadiusAddValue(p, 6, 0, 0, &ui, sizeof(ui));
// NAS-Port-Type
ui = Endian32(5);
RadiusAddValue(p, 61, 0, 0, &ui, sizeof(ui));
// Tunnel-Type
ui = Endian32(1);
RadiusAddValue(p, 64, 0, 0, &ui, sizeof(ui));
// Tunnel-Medium-Type
ui = Endian32(1);
RadiusAddValue(p, 65, 0, 0, &ui, sizeof(ui));
// Calling-Station-Id
RadiusAddValue(p, 31, 0, 0, client_ip_str, StrLen(client_ip_str));
// Tunnel-Client-Endpoint
RadiusAddValue(p, 66, 0, 0, client_ip_str, StrLen(client_ip_str));
}
else
{
// MS-CHAP v2
static UINT session_id = 0;
USHORT us;
UINT ui;
char *ms_ras_version = "MSRASV5.20";
UCHAR ms_chapv2_response[50];
// Acct-Session-Id
us = Endian16(session_id % 254 + 1);
session_id++;
RadiusAddValue(p, 44, 0, 0, &us, sizeof(us));
// NAS-IP-Address
if (c != NULL && c->FirstSock != NULL && c->FirstSock->IPv6 == false)
{
ui = IPToUINT(&c->FirstSock->LocalIP);
RadiusAddValue(p, 4, 0, 0, &ui, sizeof(ui));
}
// Service-Type
ui = Endian32(2);
RadiusAddValue(p, 6, 0, 0, &ui, sizeof(ui));
// MS-RAS-Vendor
ui = Endian32(311);
RadiusAddValue(p, 26, 311, 9, &ui, sizeof(ui));
// MS-RAS-Version
RadiusAddValue(p, 26, 311, 18, ms_ras_version, StrLen(ms_ras_version));
// NAS-Port-Type
ui = Endian32(5);
RadiusAddValue(p, 61, 0, 0, &ui, sizeof(ui));
// Tunnel-Type
ui = Endian32(1);
RadiusAddValue(p, 64, 0, 0, &ui, sizeof(ui));
// Tunnel-Medium-Type
ui = Endian32(1);
RadiusAddValue(p, 65, 0, 0, &ui, sizeof(ui));
// Calling-Station-Id
RadiusAddValue(p, 31, 0, 0, client_ip_str, StrLen(client_ip_str));
// Tunnel-Client-Endpoint
RadiusAddValue(p, 66, 0, 0, client_ip_str, StrLen(client_ip_str));
// MS-RAS-Client-Version
RadiusAddValue(p, 26, 311, 35, ms_ras_version, StrLen(ms_ras_version));
// MS-RAS-Client-Name
RadiusAddValue(p, 26, 311, 34, client_ip_str, StrLen(client_ip_str));
// MS-CHAP-Challenge
RadiusAddValue(p, 26, 311, 11, mschap.MsChapV2_ServerChallenge, sizeof(mschap.MsChapV2_ServerChallenge));
// MS-CHAP2-Response
Zero(ms_chapv2_response, sizeof(ms_chapv2_response));
Copy(ms_chapv2_response + 2, mschap.MsChapV2_ClientChallenge, 16);
Copy(ms_chapv2_response + 2 + 16 + 8, mschap.MsChapV2_ClientResponse, 24);
RadiusAddValue(p, 26, 311, 25, ms_chapv2_response, sizeof(ms_chapv2_response));
// NAS-ID
WriteBuf(p, nas_id->Buf, nas_id->Size);
}
SeekBuf(p, 0, 0);
WRITE_USHORT(((UCHAR *)p->Buf) + 2, (USHORT)p->Size);
// Create a socket
sock = NewUDPEx(0, IsIP6(LIST_DATA(ip_list, pos)));
// Transmission process start
start = Tick64();
if(interval < RADIUS_RETRY_INTERVAL)
{
interval = RADIUS_RETRY_INTERVAL;
}
else if(interval > RADIUS_RETRY_TIMEOUT)
{
interval = RADIUS_RETRY_TIMEOUT;
}
next_send_time = start + (UINT64)interval;
while (true)
{
UINT server_port;
UINT recv_size;
//IP server_ip;
SOCKSET set;
UINT64 now;
SEND_RETRY:
//SendTo(sock, &ip, port, p->Buf, p->Size);
SendTo(sock, LIST_DATA(ip_list, pos), port, p->Buf, p->Size);
Debug("send to host:%u\n", pos);
next_send_time = Tick64() + (UINT64)interval;
RECV_RETRY:
now = Tick64();
if (next_send_time <= now)
{
// Switch the host to refer
pos++;
pos = pos % LIST_NUM(ip_list);
goto SEND_RETRY;
}
if ((start + RADIUS_RETRY_TIMEOUT) < now)
{
// Time-out
break;
}
InitSockSet(&set);
AddSockSet(&set, sock);
Select(&set, (UINT)(next_send_time - now), NULL, NULL);
recv_size = RecvFrom(sock, LIST_DATA(ip_list, pos), &server_port, recv_buf, recv_buf_size);
if (recv_size == 0)
{
Debug("Radius recv_size 0\n");
finish[pos] = TRUE;
for(i = 0; i < LIST_NUM(ip_list); i++)
{
if(finish[i] == FALSE)
{
// Switch the host to refer
pos++;
pos = pos % LIST_NUM(ip_list);
goto SEND_RETRY;
}
}
// Failure
break;
}
else if (recv_size == SOCK_LATER)
{
// Waiting
goto RECV_RETRY;
}
else
{
// Check such as the IP address
if (/*Cmp(&server_ip, &ip, sizeof(IP)) != 0 || */server_port != port)
{
goto RECV_RETRY;
}
// Success
if (recv_buf[0] == 2)
{
ret = true;
if (is_mschap && mschap_v2_server_response_20 != NULL)
{
// Cutting corners Zurukko
UCHAR signature[] = {0x1A, 0x33, 0x00, 0x00, 0x01, 0x37, 0x1A, 0x2D, 0x00, 0x53, 0x3D, };
UINT i = SearchBin(recv_buf, 0, recv_buf_size, signature, sizeof(signature));
if (i == INFINITE || ((i + sizeof(signature) + 40) > recv_buf_size))
{
ret = false;
}
else
{
char tmp[MAX_SIZE];
BUF *b;
Zero(tmp, sizeof(tmp));
Copy(tmp, recv_buf + i + sizeof(signature), 40);
b = StrToBin(tmp);
if (b != NULL && b->Size == 20)
{
WHERE;
Copy(mschap_v2_server_response_20, b->Buf, 20);
}
else
{
WHERE;
ret = false;
}
FreeBuf(b);
}
}
}
break;
}
}
Free(finish);
// Release the socket
ReleaseSock(sock);
FreeBuf(p);
FreeBuf(user_password);
Free(recv_buf);
}
FreeBuf(nas_id);
FreeBuf(user_name);
}
// Release the ip_list
for(i = 0; i < LIST_NUM(ip_list); i++)
{
IP *tmp_ip = LIST_DATA(ip_list, i);
Free(tmp_ip);
}
ReleaseList(ip_list);
// Release the memory
FreeBuf(encrypted_password);
return ret;
}
// Adding Attributes
void RadiusAddValue(BUF *b, UCHAR t, UINT v, UCHAR vt, void *data, UINT size)
{
UINT len;
// Validate arguments
if (b == NULL || (data == NULL && size != 0))
{
return;
}
// type
WriteBufChar(b, t);
// length
len = 2 + size;
if (t == 26)
{
len += 6;
}
WriteBufChar(b, (UCHAR)len);
if (t != 26)
{
// value
WriteBuf(b, data, size);
}
else
{
// vendor
WriteBufInt(b, v);
// vendor type
WriteBufChar(b, vt);
// length2
len = size + 2;
WriteBufChar(b, (UCHAR)len);
// value
WriteBuf(b, data, size);
}
}
// Create a password attribute for Radius
BUF *RadiusCreateUserPassword(void *data, UINT size)
{
BUF *b;
UCHAR code, sz;
// Validate arguments
if (size != 0 && data == NULL || size >= 253)
{
return NULL;
}
b = NewBuf();
code = 2;
sz = 2 + (UCHAR)size;
WriteBuf(b, &code, 1);
WriteBuf(b, &sz, 1);
WriteBuf(b, data, size);
return b;
}
// Generate an ID attribute of Nas
BUF *RadiusCreateNasId(char *name)
{
BUF *b;
UCHAR code, size;
// Validate arguments
if (name == NULL)
{
return NULL;
}
if (StrLen(name) == 0 || StrLen(name) >= 128)
{
return NULL;
}
b = NewBuf();
code = 32;
size = 2 + (UCHAR)StrLen(name);
WriteBuf(b, &code, 1);
WriteBuf(b, &size, 1);
WriteBuf(b, name, StrLen(name));
return b;
}
// Create a user name attribute for Radius
BUF *RadiusCreateUserName(wchar_t *username)
{
BUF *b;
UCHAR code, size;
UCHAR utf8[254];
// Validate arguments
if (username == NULL)
{
return NULL;
}
// Convert the user name to a Unicode string
UniToStr(utf8, sizeof(utf8), username);
utf8[253] = 0;
b = NewBuf();
code = 1;
size = 2 + (UCHAR)StrLen(utf8);
WriteBuf(b, &code, 1);
WriteBuf(b, &size, 1);
WriteBuf(b, utf8, StrLen(utf8));
return b;
}
// Encrypt the password for the Radius
BUF *RadiusEncryptPassword(char *password, UCHAR *random, UCHAR *secret, UINT secret_size)
{
UINT n, i;
BUF *buf;
UCHAR c[16][16]; // Result
UCHAR b[16][16]; // Result
UCHAR p[16][16]; // Password
// Validate arguments
if (password == NULL || random == NULL || (secret_size != 0 && secret == NULL))
{
return NULL;
}
if (StrLen(password) > 256)
{
// Password is too long
return NULL;
}
// Initialize
Zero(c, sizeof(c));
Zero(p, sizeof(p));
Zero(b, sizeof(b));
// Divide the password per 16 characters
Copy(p, password, StrLen(password));
// Calculate the number of blocks
n = StrLen(password) / 16;
if ((StrLen(password) % 16) != 0)
{
n++;
}
// Encryption processing
for (i = 0;i < n;i++)
{
// Calculation of b[i]
UINT j;
BUF *tmp = NewBuf();
WriteBuf(tmp, secret, secret_size);
if (i == 0)
{
WriteBuf(tmp, random, 16);
}
else
{
WriteBuf(tmp, c[i - 1], 16);
}
Hash(b[i], tmp->Buf, tmp->Size, false);
FreeBuf(tmp);
// Calculation of c[i]
for (j = 0;j < 16;j++)
{
c[i][j] = p[i][j] ^ b[i][j];
}
}
// Return the results
buf = NewBuf();
WriteBuf(buf, c, n * 16);
return buf;
}
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
src/Cedar/Radius.h
+14 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Radius.h
@@ -97,6 +103,13 @@
#define RADIUS_RETRY_INTERVAL 500 // Retransmission interval
#define RADIUS_RETRY_TIMEOUT (10 * 1000) // Time-out period
// Function prototype
bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT secret_size, wchar_t *username, char *password, UINT interval, UCHAR *mschap_v2_server_response_20);
BUF *RadiusEncryptPassword(char *password, UCHAR *random, UCHAR *secret, UINT secret_size);
BUF *RadiusCreateUserName(wchar_t *username);
BUF *RadiusCreateUserPassword(void *data, UINT size);
BUF *RadiusCreateNasId(char *name);
void RadiusAddValue(BUF *b, UCHAR t, UINT v, UCHAR vt, void *data, UINT size);
#endif // RADIUS_H
src/Cedar/Remote.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Remote.c
src/Cedar/Remote.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Remote.h
src/Cedar/SM.c
+67 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// SM.c
@@ -702,6 +708,19 @@ UINT SmDDnsDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param)
}
break;
case B_HINT2:
// Hint2 (for DDNS key)
{
wchar_t tmp[MAX_SIZE * 4];
wchar_t *keystr;
keystr = GetText(hWnd, E_KEY);
UniFormat(tmp, sizeof(tmp), _UU("SM_DDNS_KEY_MSG"), keystr);
Free(keystr);
OnceMsg(hWnd, _UU("SM_DDNS_KEY_TITLE"), tmp, false, ICO_DISPLAY);
}
break;
case B_PROXY:
// Proxy settings
if (true)
@@ -835,8 +854,45 @@ UINT SmDDnsDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param)
return 0;
}
// Get the ddns key from the server configuration file
static UINT SmDdnsGetKey(char *key, SM_DDNS *d){
RPC *rpc = d->s->Rpc;
RPC_CONFIG config;
UINT err;
BUF *buf;
FOLDER *root, *ddnsfolder;
// Validate arguments
if(d == NULL || d->s == NULL || key == NULL){
return ERR_INTERNAL_ERROR;
}
Zero(&config, sizeof(config));
err = ScGetConfig(d->s->Rpc, &config);
if(err != ERR_NO_ERROR){
return err;
}
buf = NewBufFromMemory(config.FileData, StrLen(config.FileData));
FreeRpcConfig(&config);
root = CfgBufTextToFolder(buf);
FreeBuf(buf);
ddnsfolder = CfgGetFolder(root, "DDnsClient");
err = CfgGetByte(ddnsfolder, "Key", key, 20);
CfgDeleteFolder(root);
return (err == 20) ? ERR_NO_ERROR : ERR_INTERNAL_ERROR;
}
void SmDDnsDlgInit(HWND hWnd, SM_DDNS *d)
{
char key[20];
char encodedkey[20 * 4 + 32];
// Validate arguments
if (hWnd == NULL || d == NULL)
{
@@ -854,6 +910,7 @@ void SmDDnsDlgInit(HWND hWnd, SM_DDNS *d)
DlgFont(hWnd, S_STATUS4, 0, true);
DlgFont(hWnd, S_STATUS5, 0, true);
DlgFont(hWnd, S_STATUS6, 0, true);
DlgFont(hWnd, S_STATUS8, 0, true);
SetFont(hWnd, S_SUFFIX, GetFont("Verdana", 10, false, false, false, false));
SetFont(hWnd, E_NEWHOST, GetFont("Verdana", 10, false, false, false, false));
@@ -861,6 +918,7 @@ void SmDDnsDlgInit(HWND hWnd, SM_DDNS *d)
SetFont(hWnd, E_HOST, GetFont((MsIsWinXPOrGreater() ? "Verdana" : NULL), 10, false, false, false, false));
SetFont(hWnd, E_IPV4, GetFont((MsIsWinXPOrGreater() ? "Verdana" : NULL), 10, false, false, false, false));
SetFont(hWnd, E_IPV6, GetFont((MsIsWinXPOrGreater() ? "Verdana" : NULL), 10, false, false, false, false));
SetFont(hWnd, E_KEY, GetFont((MsIsWinXPOrGreater() ? "Verdana" : NULL), 8, false, false, false, false));
DlgFont(hWnd, IDOK, 0, true);
@@ -871,6 +929,13 @@ void SmDDnsDlgInit(HWND hWnd, SM_DDNS *d)
Hide(hWnd, B_PROXY);
if(SmDdnsGetKey(key, d) == ERR_NO_ERROR){
encodedkey[ B64_Encode(encodedkey, key, 20) ] = 0;
SetTextA(hWnd, E_KEY, encodedkey);
}else{
SetText(hWnd, E_KEY, _UU("SM_DDNS_KEY_ERR"));
}
SmDDnsRefresh(hWnd, d);
}
@@ -878,6 +943,7 @@ void SmDDnsRefresh(HWND hWnd, SM_DDNS *d)
{
DDNS_CLIENT_STATUS st;
INTERNET_SETTING t;
// Validate arguments
if (hWnd == NULL || d == NULL)
{
src/Cedar/SM.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// SM.h
src/Cedar/SMInner.h
+8 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// SMInner.h
@@ -209,6 +215,7 @@ typedef struct SM_HUB
SM_SERVER *p; // P
RPC *Rpc; // RPC
char *HubName; // HUB name
char CurrentPushRouteStr[MAX_DHCP_CLASSLESS_ROUTE_TABLE_STR_SIZE]; // Current editing push routing table string
} SM_HUB;
// Show the User list
src/Cedar/SW.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// SW.c
src/Cedar/SW.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// SW.h
src/Cedar/SWInner.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// SWInner.h
src/Cedar/Sam.c
+259 -3
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Sam.c
@@ -156,13 +162,263 @@ bool SamAuthUserByAnonymous(HUB *h, char *username)
// Plaintext password authentication of user
bool SamAuthUserByPlainPassword(CONNECTION *c, HUB *hub, char *username, char *password, bool ast, UCHAR *mschap_v2_server_response_20)
{
return false;
bool b = false;
wchar_t *name = NULL;
bool auth_by_nt = false;
HUB *h;
// Validate arguments
if (hub == NULL || c == NULL || username == NULL)
{
return false;
}
if (GetGlobalServerFlag(GSF_DISABLE_RADIUS_AUTH) != 0)
{
return false;
}
h = hub;
AddRef(h->ref);
// Get the user name on authentication system
AcLock(hub);
{
USER *u;
u = AcGetUser(hub, ast == false ? username : "*");
if (u)
{
Lock(u->lock);
{
if (u->AuthType == AUTHTYPE_RADIUS)
{
// Radius authentication
AUTHRADIUS *auth = (AUTHRADIUS *)u->AuthData;
if (ast || auth->RadiusUsername == NULL || UniStrLen(auth->RadiusUsername) == 0)
{
name = CopyStrToUni(username);
}
else
{
name = CopyUniStr(auth->RadiusUsername);
}
auth_by_nt = false;
}
else if (u->AuthType == AUTHTYPE_NT)
{
// NT authentication
AUTHNT *auth = (AUTHNT *)u->AuthData;
if (ast || auth->NtUsername == NULL || UniStrLen(auth->NtUsername) == 0)
{
name = CopyStrToUni(username);
}
else
{
name = CopyUniStr(auth->NtUsername);
}
auth_by_nt = true;
}
}
Unlock(u->lock);
ReleaseUser(u);
}
}
AcUnlock(hub);
if (name != NULL)
{
if (auth_by_nt == false)
{
// Radius authentication
char radius_server_addr[MAX_SIZE];
UINT radius_server_port;
char radius_secret[MAX_SIZE];
char suffix_filter[MAX_SIZE];
wchar_t suffix_filter_w[MAX_SIZE];
UINT interval;
Zero(suffix_filter, sizeof(suffix_filter));
Zero(suffix_filter_w, sizeof(suffix_filter_w));
// Get the Radius server information
if (GetRadiusServerEx2(hub, radius_server_addr, sizeof(radius_server_addr), &radius_server_port, radius_secret, sizeof(radius_secret), &interval, suffix_filter, sizeof(suffix_filter)))
{
Unlock(hub->lock);
StrToUni(suffix_filter_w, sizeof(suffix_filter_w), suffix_filter);
if (UniIsEmptyStr(suffix_filter_w) || UniEndWith(name, suffix_filter_w))
{
// Attempt to login
b = RadiusLogin(c, radius_server_addr, radius_server_port,
radius_secret, StrLen(radius_secret),
name, password, interval, mschap_v2_server_response_20);
}
Lock(hub->lock);
}
else
{
HLog(hub, "LH_NO_RADIUS_SETTING", name);
}
}
else
{
// NT authentication (Not available for non-Win32)
#ifdef OS_WIN32
IPC_MSCHAP_V2_AUTHINFO mschap;
Unlock(hub->lock);
if (ParseAndExtractMsChapV2InfoFromPassword(&mschap, password) == false)
{
// Plaintext password authentication
b = MsCheckLogon(name, password);
}
else
{
UCHAR challenge8[8];
UCHAR nt_pw_hash_hash[16];
char nt_name[MAX_SIZE];
UniToStr(nt_name, sizeof(nt_name), name);
// MS-CHAPv2 authentication
MsChapV2_GenerateChallenge8(challenge8, mschap.MsChapV2_ClientChallenge,
mschap.MsChapV2_ServerChallenge,
mschap.MsChapV2_PPPUsername);
Debug("MsChapV2_PPPUsername = %s, nt_name = %s\n", mschap.MsChapV2_PPPUsername, nt_name);
b = MsPerformMsChapV2AuthByLsa(nt_name, challenge8, mschap.MsChapV2_ClientResponse, nt_pw_hash_hash);
if (b)
{
if (mschap_v2_server_response_20 != NULL)
{
MsChapV2Server_GenerateResponse(mschap_v2_server_response_20, nt_pw_hash_hash,
mschap.MsChapV2_ClientResponse, challenge8);
}
}
}
Lock(hub->lock);
#else // OS_WIN32
// Nothing to do other than Win32
#endif // OS_WIN32
}
// Memory release
Free(name);
}
ReleaseHub(h);
return b;
}
// Certificate authentication of user
bool SamAuthUserByCert(HUB *h, char *username, X *x)
{
return false;
bool b = false;
// Validate arguments
if (h == NULL || username == NULL || x == NULL)
{
return false;
}
if (GetGlobalServerFlag(GSF_DISABLE_CERT_AUTH) != 0)
{
return false;
}
// Check expiration date
if (CheckXDateNow(x) == false)
{
return false;
}
// Check the Certification Revocation List
if (IsValidCertInHub(h, x) == false)
{
// Bad
wchar_t tmp[MAX_SIZE * 2];
// Log the contents of the certificate
GetAllNameFromX(tmp, sizeof(tmp), x);
HLog(h, "LH_AUTH_NG_CERT", username, tmp);
return false;
}
AcLock(h);
{
USER *u;
u = AcGetUser(h, username);
if (u)
{
Lock(u->lock);
{
if (u->AuthType == AUTHTYPE_USERCERT)
{
// Check whether to matche with the registered certificate
AUTHUSERCERT *auth = (AUTHUSERCERT *)u->AuthData;
if (CompareX(auth->UserX, x))
{
b = true;
}
}
else if (u->AuthType == AUTHTYPE_ROOTCERT)
{
// Check whether the certificate has been signed by the root certificate
AUTHROOTCERT *auth = (AUTHROOTCERT *)u->AuthData;
if (h->HubDb != NULL)
{
LockList(h->HubDb->RootCertList);
{
X *root_cert;
root_cert = GetIssuerFromList(h->HubDb->RootCertList, x);
if (root_cert != NULL)
{
b = true;
if (auth->CommonName != NULL && UniIsEmptyStr(auth->CommonName) == false)
{
// Compare the CN
if (UniStrCmpi(x->subject_name->CommonName, auth->CommonName) != 0)
{
b = false;
}
}
if (auth->Serial != NULL && auth->Serial->size >= 1)
{
// Compare the serial number
if (CompareXSerial(x->serial, auth->Serial) == false)
{
b = false;
}
}
}
}
UnlockList(h->HubDb->RootCertList);
}
}
}
Unlock(u->lock);
ReleaseUser(u);
}
}
AcUnlock(h);
if (b)
{
wchar_t tmp[MAX_SIZE * 2];
// Log the contents of the certificate
GetAllNameFromX(tmp, sizeof(tmp), x);
HLog(h, "LH_AUTH_OK_CERT", username, tmp);
}
return b;
}
// Get the root certificate that signed the specified certificate from the list
src/Cedar/Sam.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Sam.h
src/Cedar/SeLowUser.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// SeLowUser.c
src/Cedar/SeLowUser.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// SeLowUser.h
src/Cedar/SecureInfo.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// SecureInfo.c
src/Cedar/SecureInfo.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// SecureInfo.h
src/Cedar/SecureNAT.c
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// SecureNAT.c
src/Cedar/SecureNAT.h
+7 -1
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// SecureNAT.h
src/Cedar/Server.c
+271 -6
View File
@@ -14,7 +14,6 @@
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
@@ -85,6 +84,13 @@
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
//
//
// NO MEMORY OR RESOURCE LEAKS
// ---------------------------
//
// The memory-leaks and resource-leaks verification under the stress
// test has been passed before release this source code.
// Server.c
@@ -100,6 +106,8 @@ char *BRIDGE_CONFIG_FILE_NAME = "@vpn_bridge.config";
static bool server_reset_setting = false;
static volatile UINT global_server_flags[NUM_GLOBAL_SERVER_FLAGS] = {0};
// Set the OpenVPN and SSTP setting
void SiSetOpenVPNAndSSTPConfig(SERVER *s, OPENVPN_SSTP_CONFIG *c)
{
@@ -825,6 +833,40 @@ UINT SiGetSysLogSaveStatus(SERVER *s)
// Send a syslog
void SiWriteSysLog(SERVER *s, char *typestr, char *hubname, wchar_t *message)
{
wchar_t tmp[1024];
char machinename[MAX_HOST_NAME_LEN + 1];
char datetime[MAX_PATH];
SYSTEMTIME st;
// Validate arguments
if (s == NULL || typestr == NULL || message == NULL)
{
return;
}
if (GetGlobalServerFlag(GSF_DISABLE_SYSLOG) != 0)
{
return;
}
// Host name
GetMachineName(machinename, sizeof(machinename));
// Date and time
LocalTime(&st);
GetDateTimeStrMilli(datetime, sizeof(datetime), &st);
if (IsEmptyStr(hubname) == false)
{
UniFormat(tmp, sizeof(tmp), L"[%S/VPN/%S] (%S) <%S>: %s",
machinename, hubname, datetime, typestr, message);
}
else
{
UniFormat(tmp, sizeof(tmp), L"[%S/VPN] (%S) <%S>: %s",
machinename, datetime, typestr, message);
}
SendSysLog(s->Syslog, tmp);
}
// Write the syslog configuration
@@ -1207,6 +1249,22 @@ void DestroyServerCapsCache(SERVER *s)
Unlock(s->CapsCacheLock);
}
// Flush the Caps list for this server
void FlushServerCaps(SERVER *s)
{
CAPSLIST t;
// Validate arguments
if (s == NULL)
{
return;
}
DestroyServerCapsCache(s);
Zero(&t, sizeof(t));
GetServerCaps(s, &t);
}
// Get the Caps list for this server
void GetServerCaps(SERVER *s, CAPSLIST *t)
{
@@ -1230,15 +1288,63 @@ void GetServerCaps(SERVER *s, CAPSLIST *t)
Unlock(s->CapsCacheLock);
}
// Main of the aquisition of Caps of the server
void GetServerCapsMain(SERVER *s, CAPSLIST *t)
// Update the global server flags
void UpdateGlobalServerFlags(SERVER *s, CAPSLIST *t)
{
bool is_restricted = false;
// Validate arguments
if (s == NULL || t == NULL)
{
return;
}
is_restricted = SiIsEnterpriseFunctionsRestrictedOnOpenSource(s->Cedar);
SetGlobalServerFlag(GSF_DISABLE_PUSH_ROUTE, is_restricted);
SetGlobalServerFlag(GSF_DISABLE_RADIUS_AUTH, is_restricted);
SetGlobalServerFlag(GSF_DISABLE_CERT_AUTH, is_restricted);
SetGlobalServerFlag(GSF_DISABLE_DEEP_LOGGING, is_restricted);
SetGlobalServerFlag(GSF_DISABLE_AC, is_restricted);
SetGlobalServerFlag(GSF_DISABLE_SYSLOG, is_restricted);
}
// Set a global server flag
void SetGlobalServerFlag(UINT index, UINT value)
{
// Validate arguments
if (index >= NUM_GLOBAL_SERVER_FLAGS)
{
return;
}
global_server_flags[index] = value;
}
// Get a global server flag
UINT GetGlobalServerFlag(UINT index)
{
// Validate arguments
if (index >= NUM_GLOBAL_SERVER_FLAGS)
{
return 0;
}
return global_server_flags[index];
}
// Main of the aquisition of Caps of the server
void GetServerCapsMain(SERVER *s, CAPSLIST *t)
{
bool is_restricted = false;
// Validate arguments
if (s == NULL || t == NULL)
{
return;
}
is_restricted = SiIsEnterpriseFunctionsRestrictedOnOpenSource(s->Cedar);
// Initialize
InitCapsList(t);
@@ -1299,7 +1405,7 @@ void GetServerCapsMain(SERVER *s, CAPSLIST *t)
AddCapsBool(t, "b_support_qos", true);
// syslog
AddCapsBool(t, "b_support_syslog", false);
AddCapsBool(t, "b_support_syslog", true);
// IPsec
// (Only works in stand-alone mode currently)
@@ -1382,6 +1488,10 @@ void GetServerCapsMain(SERVER *s, CAPSLIST *t)
// SecureNAT function is available
AddCapsBool(t, "b_support_securenat", true);
// Pushing routing table function of SecureNAT Virtual DHCP Server is available
AddCapsBool(t, "b_suppport_push_route", !is_restricted);
AddCapsBool(t, "b_suppport_push_route_config", true);
if (s->ServerType != SERVER_TYPE_STANDALONE)
{
AddCapsBool(t, "b_virtual_nat_disabled", true);
@@ -1428,7 +1538,9 @@ void GetServerCapsMain(SERVER *s, CAPSLIST *t)
// VPN client can be connected
AddCapsBool(t, "b_vpn_client_connect", s->Cedar->Bridge == false ? true : false);
AddCapsBool(t, "b_support_radius", false);
// External authentication server is available
AddCapsBool(t, "b_support_radius", s->ServerType != SERVER_TYPE_FARM_MEMBER &&
s->Cedar->Bridge == false);
// Local-bridge function is available
AddCapsBool(t, "b_local_bridge", IsBridgeSupported());
@@ -1463,7 +1575,8 @@ void GetServerCapsMain(SERVER *s, CAPSLIST *t)
// Server authentication can be used in cascade connection
AddCapsBool(t, "b_support_cascade_cert", true);
AddCapsBool(t, "b_support_config_log", false);
// the log file settings is modifiable
AddCapsBool(t, "b_support_config_log", s->ServerType != SERVER_TYPE_FARM_MEMBER);
// Automatic deletion of log file is available
AddCapsBool(t, "b_support_autodelete", true);
@@ -1515,6 +1628,8 @@ void GetServerCapsMain(SERVER *s, CAPSLIST *t)
// Support for CRL
AddCapsBool(t, "b_support_crl", true);
// Supports AC
AddCapsBool(t, "b_support_ac", true);
}
// Supports downloading a log file
@@ -1614,6 +1729,8 @@ void GetServerCapsMain(SERVER *s, CAPSLIST *t)
// VPN4
AddCapsBool(t, "b_vpn4", true);
UpdateGlobalServerFlags(s, t);
}
// SYSLOG_SETTING
@@ -3123,6 +3240,7 @@ void IncrementServerConfigRevision(SERVER *s)
FOLDER *SiWriteConfigurationToCfg(SERVER *s)
{
FOLDER *root;
char region[128];
// Validate arguments
if (s == NULL)
{
@@ -3131,6 +3249,10 @@ FOLDER *SiWriteConfigurationToCfg(SERVER *s)
root = CfgCreateFolder(NULL, TAG_ROOT);
SiGetCurrentRegion(s->Cedar, region, sizeof(region));
CfgAddStr(root, "Region", region);
CfgAddInt(root, "ConfigRevision", s->ConfigRevision);
SiWriteListeners(CfgCreateFolder(root, "ListenerList"), s);
@@ -3829,6 +3951,25 @@ void SiLoadHubOptionCfg(FOLDER *f, HUB_OPTION *o)
o->BroadcastLimiterStrictMode = CfgGetBool(f, "BroadcastLimiterStrictMode");
o->MaxLoggedPacketsPerMinute = CfgGetInt(f, "MaxLoggedPacketsPerMinute");
o->DoNotSaveHeavySecurityLogs = CfgGetBool(f, "DoNotSaveHeavySecurityLogs");
if (CfgIsItem(f, "DropBroadcastsInPrivacyFilterMode"))
{
o->DropBroadcastsInPrivacyFilterMode = CfgGetBool(f, "DropBroadcastsInPrivacyFilterMode");
}
else
{
o->DropBroadcastsInPrivacyFilterMode = true;
}
if (CfgIsItem(f, "DropArpInPrivacyFilterMode"))
{
o->DropArpInPrivacyFilterMode = CfgGetBool(f, "DropArpInPrivacyFilterMode");
}
else
{
o->DropArpInPrivacyFilterMode = true;
}
o->NoLookBPDUBridgeId = CfgGetBool(f, "NoLookBPDUBridgeId");
o->AdjustTcpMssValue = CfgGetInt(f, "AdjustTcpMssValue");
o->DisableAdjustTcpMss = CfgGetBool(f, "DisableAdjustTcpMss");
@@ -3939,6 +4080,8 @@ void SiWriteHubOptionCfg(FOLDER *f, HUB_OPTION *o)
CfgAddBool(f, "BroadcastLimiterStrictMode", o->BroadcastLimiterStrictMode);
CfgAddInt(f, "MaxLoggedPacketsPerMinute", o->MaxLoggedPacketsPerMinute);
CfgAddBool(f, "DoNotSaveHeavySecurityLogs", o->DoNotSaveHeavySecurityLogs);
CfgAddBool(f, "DropBroadcastsInPrivacyFilterMode", o->DropBroadcastsInPrivacyFilterMode);
CfgAddBool(f, "DropArpInPrivacyFilterMode", o->DropArpInPrivacyFilterMode);
CfgAddBool(f, "NoLookBPDUBridgeId", o->NoLookBPDUBridgeId);
CfgAddInt(f, "AdjustTcpMssValue", o->AdjustTcpMssValue);
CfgAddBool(f, "DisableAdjustTcpMss", o->DisableAdjustTcpMss);
@@ -7075,6 +7218,8 @@ void SiCalledUpdateHub(SERVER *s, PACK *p)
o.NoManageVlanId = PackGetBool(p, "NoManageVlanId");
o.MaxLoggedPacketsPerMinute = PackGetInt(p, "MaxLoggedPacketsPerMinute");
o.DoNotSaveHeavySecurityLogs = PackGetBool(p, "DoNotSaveHeavySecurityLogs");
o.DropBroadcastsInPrivacyFilterMode = PackGetBool(p, "DropBroadcastsInPrivacyFilterMode");
o.DropArpInPrivacyFilterMode = PackGetBool(p, "DropArpInPrivacyFilterMode");
o.VlanTypeId = PackGetInt(p, "VlanTypeId");
if (o.VlanTypeId == 0)
{
@@ -8913,6 +9058,8 @@ void SiPackAddCreateHub(PACK *p, HUB *h)
PackAddInt(p, "BroadcastStormDetectionThreshold", h->Option->BroadcastStormDetectionThreshold);
PackAddInt(p, "MaxLoggedPacketsPerMinute", h->Option->MaxLoggedPacketsPerMinute);
PackAddBool(p, "DoNotSaveHeavySecurityLogs", h->Option->DoNotSaveHeavySecurityLogs);
PackAddBool(p, "DropBroadcastsInPrivacyFilterMode", h->Option->DropBroadcastsInPrivacyFilterMode);
PackAddBool(p, "DropArpInPrivacyFilterMode", h->Option->DropArpInPrivacyFilterMode);
PackAddInt(p, "ClientMinimumRequiredBuild", h->Option->ClientMinimumRequiredBuild);
PackAddBool(p, "FixForDLinkBPDU", h->Option->FixForDLinkBPDU);
PackAddBool(p, "BroadcastLimiterStrictMode", h->Option->BroadcastLimiterStrictMode);
@@ -10311,6 +10458,122 @@ FARM_CONTROLLER *SiStartConnectToController(SERVER *s)
return f;
}
// Get the current version
void SiGetCurrentRegion(CEDAR *c, char *region, UINT region_size)
{
ClearStr(region, region_size);
// Validate arguments
if (c == NULL || region == NULL)
{
return;
}
Lock(c->CurrentRegionLock);
{
StrCpy(region, region_size, c->CurrentRegion);
}
Unlock(c->CurrentRegionLock);
if (IsEmptyStr(region))
{
if (GetCurrentLangId() == SE_LANG_JAPANESE)
{
StrCpy(region, region_size, "JP");
}
else if (GetCurrentLangId() == SE_LANG_CHINESE_ZH)
{
StrCpy(region, region_size, "CN");
}
}
}
// Check whether some enterprise functions are restricted
//
// ** Hints by Daiyuu Nobori, written on March 19, 2014 **
//
// The following 'enterprise functions' are implemented on SoftEther VPN Server
// since March 19, 2014. However, these functions are disabled on
// SoftEther VPN Servers which run in Japan and China.
//
// - RADIUS / NT Domain user authentication
// - RSA certificate authentication
// - Deep-inspect packet logging
// - Source IP address control list
// - syslog transfer
//
// The SoftEther VPN Project intentionally disables these functions for users
// in Japan and China. The reason is: Daiyuu Nobori, the chief author of
// SoftEther VPN, has been liable to observe the existing agreements and
// restrictions between him and some companies. The agreements have regulated
// the region-limited restriction to implement and distribute the above
// enterprise functions on the SoftEther VPN open-source program.
//
// Therefore, the SoftEther VPN Project distributes the binary program and
// the source code with the "SiIsEnterpriseFunctionsRestrictedOnOpenSource"
// function. This function identifies whether the SoftEther VPN Server
// program is running in either Japan or China. If the restricted region is
// detected, then the above enterprise functions will be disabled.
//
// Please note that the above restriction has been imposed only on the
// original binaries and source codes from the SoftEther VPN Project.
// Anyone, except Daiyuu Nobori, who understands and writes the C language
// program can remove this restriction at his own risk.
//
bool SiIsEnterpriseFunctionsRestrictedOnOpenSource(CEDAR *c)
{
char region[128];
bool ret = false;
// Validate arguments
if (c == NULL)
{
return false;
}
SiGetCurrentRegion(c, region, sizeof(region));
if (StrCmpi(region, "JP") == 0 || StrCmpi(region, "CN") == 0)
{
ret = true;
}
return ret;
}
// Update the current region
void SiUpdateCurrentRegion(CEDAR *c, char *region, bool force_update)
{
bool changed = false;
// Validate arguments
if (c == NULL)
{
return;
}
if (IsEmptyStr(region) == false)
{
Lock(c->CurrentRegionLock);
{
if (StrCmpi(c->CurrentRegion, region) != 0)
{
StrCpy(c->CurrentRegion, sizeof(c->CurrentRegion), region);
changed = true;
}
}
Unlock(c->CurrentRegionLock);
}
if (force_update)
{
changed = true;
}
if (changed)
{
FlushServerCaps(c->Server);
}
}
// Create a server
SERVER *SiNewServer(bool bridge)
{
@@ -10461,6 +10724,8 @@ SERVER *SiNewServerEx(bool bridge, bool in_client_inner_server)
SiInitDeadLockCheck(s);
SiUpdateCurrentRegion(s->Cedar, "", true);
return s;
}

Some files were not shown because too many files have changed in this diff Show More