1
0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2024-12-25 01:29:53 +03:00

Merge pull request #405 from dnobori/dev

Fixed the bug which occurs the L2TP/IPsec connection error with Android Oreo, etc.
This commit is contained in:
Daiyuu Nobori 2018-01-04 17:59:03 +09:00 committed by GitHub
commit e391b4d503
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 189 additions and 106 deletions

View File

@ -3055,7 +3055,7 @@ void IkeHMac(IKE_HASH *h, void *dst, void *key, UINT key_size, void *data, UINT
// Generation of data 2
data2_size = h->HashSize + hmac_block_size;
for (i = 0;i < HMAC_BLOCK_SIZE;i++)
for (i = 0;i < hmac_block_size;i++)
{
data2[i] = k[i] ^ 0x5c;
}

View File

@ -1307,6 +1307,11 @@ UINT CalcPacketLoggingLevelEx(HUB_LOG *g, PKT *packet)
// OpenVPN connection request
ret = MAX(ret, g->PacketLogConfig[PACKET_LOG_TCP_CONN]);
break;
case L7_DNS:
// DNS request
ret = MAX(ret, g->PacketLogConfig[PACKET_LOG_TCP_CONN]);
break;
}
break;
@ -1354,6 +1359,11 @@ UINT CalcPacketLoggingLevelEx(HUB_LOG *g, PKT *packet)
// OpenVPN connection request
ret = MAX(ret, g->PacketLogConfig[PACKET_LOG_TCP_CONN]);
break;
case L7_DNS:
// DNS request
ret = MAX(ret, g->PacketLogConfig[PACKET_LOG_TCP_CONN]);
break;
}
break;
@ -1758,6 +1768,13 @@ char *PacketLogParseProc(RECORD *rec)
}
}
break;
case L7_DNS:
// DNS query
t->Token[6] = CopyStr("DNSv4");
t->Token[7] = CopyStr("DNS_Query");
t->Token[14] = CopyStr(p->DnsQueryHost);
break;
default:
// Unknown Packet
@ -2023,6 +2040,13 @@ char *PacketLogParseProc(RECORD *rec)
}
}
break;
case L7_DNS:
// DNS query
t->Token[6] = CopyStr("DNSv6");
t->Token[7] = CopyStr("DNS_Query");
t->Token[14] = CopyStr(p->DnsQueryHost);
break;
default:
t->Token[6] = CopyStr("UDPv6");

View File

@ -924,7 +924,7 @@ void SiWriteSysLog(SERVER *s, char *typestr, char *hubname, wchar_t *message)
// Date and time
LocalTime(&st);
if(s->StrictSyslogDatetimeFormat){
GetDateTimeStrRFC3164(datetime, sizeof(datetime), &st, GetCurrentTimezone());
GetDateTimeStrRFC3339(datetime, sizeof(datetime), &st, GetCurrentTimezone());
}else{
GetDateTimeStrMilli(datetime, sizeof(datetime), &st);
}

View File

@ -6955,104 +6955,6 @@ NAT_ENTRY *CreateNatDns(VH *v, UINT src_ip, UINT src_port, UINT dest_ip, UINT de
return n;
}
// Get the next byte
UCHAR GetNextByte(BUF *b)
{
UCHAR c = 0;
// Validate arguments
if (b == NULL)
{
return 0;
}
if (ReadBuf(b, &c, 1) != 1)
{
return 0;
}
return c;
}
// Interpret the DNS query
bool ParseDnsQuery(char *name, UINT name_size, void *data, UINT data_size)
{
BUF *b;
char tmp[257];
bool ok = true;
USHORT val;
// Validate arguments
if (name == NULL || data == NULL || data_size == 0)
{
return false;
}
StrCpy(name, name_size, "");
b = NewBuf();
WriteBuf(b, data, data_size);
SeekBuf(b, 0, 0);
while (true)
{
UINT next_len = (UINT)GetNextByte(b);
if (next_len > 0)
{
// Read only the specified length
Zero(tmp, sizeof(tmp));
if (ReadBuf(b, tmp, next_len) != next_len)
{
ok = false;
break;
}
// Append
if (StrLen(name) != 0)
{
StrCat(name, name_size, ".");
}
StrCat(name, name_size, tmp);
}
else
{
// Read all
break;
}
}
if (ReadBuf(b, &val, sizeof(val)) != sizeof(val))
{
ok = false;
}
else
{
if (Endian16(val) != 0x01 && Endian16(val) != 0x0c)
{
ok = false;
}
}
if (ReadBuf(b, &val, sizeof(val)) != sizeof(val))
{
ok = false;
}
else
{
if (Endian16(val) != 0x01)
{
ok = false;
}
}
FreeBuf(b);
if (ok == false || StrLen(name) == 0)
{
return false;
}
else
{
return true;
}
}
// Set the VGS host name
void SetDnsProxyVgsHostname(char *hostname)
{

View File

@ -594,9 +594,7 @@ void SendTcp(VH *v, UINT src_ip, UINT src_port, UINT dest_ip, UINT dest_port, UI
void DnsProxy(VH *v, UINT src_ip, UINT src_port, UINT dest_ip, UINT dest_port, void *data, UINT size);
bool ParseDnsPacket(VH *v, UINT src_ip, UINT src_port, UINT dest_ip, UINT dest_port, void *data, UINT size);
bool ParseDnsPacketEx(VH *v, UINT src_ip, UINT src_port, UINT dest_ip, UINT dest_port, void *data, UINT size, DNS_PARSED_PACKET *parsed_result);
bool ParseDnsQuery(char *name, UINT name_size, void *data, UINT data_size);
void SetDnsProxyVgsHostname(char *hostname);
UCHAR GetNextByte(BUF *b);
bool NatTransactDns(VH *v, NAT_ENTRY *n);
void NatDnsThread(THREAD *t, void *param);
bool NatGetIP(IP *ip, char *hostname);

View File

@ -1631,8 +1631,8 @@ void GetDateTimeStrMilli(char *str, UINT size, SYSTEMTIME *st)
st->wMilliseconds);
}
// Get the date and time string in RFC3164 format (example: 2017-09-27T18:25:55.434-9:00)
void GetDateTimeStrRFC3164(char *str, UINT size, SYSTEMTIME *st, int timezone_min){
// Get the date and time string in RFC3339 format (example: 2017-09-27T18:25:55.434-9:00)
void GetDateTimeStrRFC3339(char *str, UINT size, SYSTEMTIME *st, int timezone_min){
// Validate arguments
if (str == NULL || st == NULL)
{

View File

@ -248,7 +248,7 @@ void GetTimeStrEx64(wchar_t *str, UINT size, UINT64 sec64, LOCALE *locale);
void GetDateStrEx64(wchar_t *str, UINT size, UINT64 sec64, LOCALE *locale);
void GetTimeStrMilli64(char *str, UINT size, UINT64 sec64);
void GetTimeStr64(char *str, UINT size, UINT64 sec64);
void GetDateTimeStrRFC3164(char *str, UINT size, SYSTEMTIME *st, int timezone_min);
void GetDateTimeStrRFC3339(char *str, UINT size, SYSTEMTIME *st, int timezone_min);
UINT64 SafeTime64(UINT64 sec64);
bool Run(char *filename, char *arg, bool hide, bool wait);
bool RunW(wchar_t *filename, wchar_t *arg, bool hide, bool wait);

View File

@ -1688,6 +1688,10 @@ PKT *ClonePacket(PKT *p, bool copy_data)
ret->L7.IkeHeader = MallocFast(sizeof(IKE_HEADER));
Copy(ret->L7.IkeHeader, p->L7.IkeHeader, sizeof(IKE_HEADER));
break;
case L7_DNS:
StrCpy(ret->DnsQueryHost, sizeof(ret->DnsQueryHost), p->DnsQueryHost);
break;
}
// Address data
@ -1845,12 +1849,13 @@ PKT *ParsePacketEx4(UCHAR *buf, UINT size, bool no_l3, UINT vlan_type_id, bool b
USHORT port_raw = Endian16(80);
USHORT port_raw2 = Endian16(8080);
USHORT port_raw3 = Endian16(443);
USHORT port_raw4 = Endian16(3128);
// Analyze if the packet is a part of HTTP
if ((p->TypeL3 == L3_IPV4 || p->TypeL3 == L3_IPV6) && p->TypeL4 == L4_TCP)
{
TCP_HEADER *tcp = p->L4.TCPHeader;
if (tcp != NULL && (tcp->DstPort == port_raw || tcp->DstPort == port_raw2) &&
if (tcp != NULL && (tcp->DstPort == port_raw || tcp->DstPort == port_raw2 || tcp->DstPort == port_raw4) &&
(!((tcp->Flag & TCP_SYN) || (tcp->Flag & TCP_RST) || (tcp->Flag & TCP_FIN))))
{
if (p->PayloadSize >= 1)
@ -3010,6 +3015,148 @@ bool ParseTCP(PKT *p, UCHAR *buf, UINT size)
return true;
}
// Get the next byte
UCHAR GetNextByte(BUF *b)
{
UCHAR c = 0;
// Validate arguments
if (b == NULL)
{
return 0;
}
if (ReadBuf(b, &c, 1) != 1)
{
return 0;
}
return c;
}
// Interpret the DNS query
bool ParseDnsQuery(char *name, UINT name_size, void *data, UINT data_size)
{
BUF *b;
char tmp[257];
bool ok = true;
USHORT val;
// Validate arguments
if (name == NULL || data == NULL || data_size == 0)
{
return false;
}
StrCpy(name, name_size, "");
b = NewBuf();
WriteBuf(b, data, data_size);
SeekBuf(b, 0, 0);
while (true)
{
UINT next_len = (UINT)GetNextByte(b);
if (next_len > 0)
{
// Read only the specified length
Zero(tmp, sizeof(tmp));
if (ReadBuf(b, tmp, next_len) != next_len)
{
ok = false;
break;
}
// Append
if (StrLen(name) != 0)
{
StrCat(name, name_size, ".");
}
StrCat(name, name_size, tmp);
}
else
{
// Read all
break;
}
}
if (ReadBuf(b, &val, sizeof(val)) != sizeof(val))
{
ok = false;
}
else
{
if (Endian16(val) != 0x01 && Endian16(val) != 0x0c)
{
ok = false;
}
}
if (ReadBuf(b, &val, sizeof(val)) != sizeof(val))
{
ok = false;
}
else
{
if (Endian16(val) != 0x01)
{
ok = false;
}
}
FreeBuf(b);
if (ok == false || StrLen(name) == 0)
{
return false;
}
else
{
return true;
}
}
// DNS parsing
void ParseDNS(PKT *p, UCHAR *buf, UINT size)
{
UCHAR *query_data;
UINT query_data_size;
DNSV4_HEADER *dns;
char hostname[MAX_SIZE];
if (p == NULL|| buf == NULL)
{
return;
}
if (size < sizeof(DNSV4_HEADER))
{
return;
}
dns = (DNSV4_HEADER *)buf;
if ((dns->Flag1 & 78) != 0 || (dns->Flag1 & 0x80) != 0)
{
// Illegal opcode
return;
}
if (Endian16(dns->NumQuery) != 1)
{
// Number of queries is invalid
return;
}
query_data = ((UCHAR *)dns) + sizeof(DNSV4_HEADER);
query_data_size = size - sizeof(DNSV4_HEADER);
// Interpret the query
if (ParseDnsQuery(hostname, sizeof(hostname), query_data, query_data_size) == false)
{
// Interpretation fails
return;
}
StrCpy(p->DnsQueryHost, sizeof(p->DnsQueryHost), hostname);
p->TypeL7 = L7_DNS;
}
// UDP parsing
bool ParseUDP(PKT *p, UCHAR *buf, UINT size)
{
@ -3052,6 +3199,13 @@ bool ParseUDP(PKT *p, UCHAR *buf, UINT size)
return true;
}
}
if (dst_port == 53)
{
ParseDNS(p, buf, size);
return true;
}
if (src_port == 500 || dst_port == 500 || src_port == 4500 || dst_port == 4500)
{

View File

@ -705,6 +705,7 @@ struct PKT
UCHAR *Payload; // Pointer to the payload of TCP or UDP
UINT PayloadSize; // Payload size
struct HTTPLOG *HttpLog; // HTTP log
char DnsQueryHost[64]; // DNS hostname
} GCC_PACKED;
// Layer-3 packet classification
@ -728,6 +729,7 @@ struct PKT
#define L7_DHCPV4 1 // DHCPv4 packet
#define L7_IKECONN 2 // IKE connection request packet
#define L7_OPENVPNCONN 3 // OpenVPN connection request packet
#define L7_DNS 4 // DNS packet
// IKE header
@ -869,6 +871,7 @@ bool ParseICMPv6(PKT *p, UCHAR *buf, UINT size);
bool ParseTCP(PKT *p, UCHAR *buf, UINT size);
bool ParseUDP(PKT *p, UCHAR *buf, UINT size);
void ParseDHCPv4(PKT *p, UCHAR *buf, UINT size);
void ParseDNS(PKT *p, UCHAR *buf, UINT size);
PKT *ClonePacket(PKT *p, bool copy_data);
void FreeClonePacket(PKT *p);
@ -901,6 +904,8 @@ void FreeDHCPv4Data(DHCPV4_DATA *d);
bool AdjustTcpMssL3(UCHAR *src, UINT src_size, UINT mss);
bool AdjustTcpMssL2(UCHAR *src, UINT src_size, UINT mss, USHORT tag_vlan_tpid);
UINT GetIpHeaderSize(UCHAR *src, UINT src_size);
bool ParseDnsQuery(char *name, UINT name_size, void *data, UINT data_size);
UCHAR GetNextByte(BUF *b);
bool IsDhcpPacketForSpecificMac(UCHAR *data, UINT size, UCHAR *mac_address);