1
0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2024-11-23 01:49:53 +03:00

Protocol: remove RC4 related stuff

This commit is contained in:
Davide Beatrici 2018-08-12 04:07:39 +02:00
parent 6764e24f20
commit eb03d1c54b
4 changed files with 3 additions and 185 deletions

View File

@ -659,11 +659,6 @@ void WriteSendFifo(SESSION *s, TCPSOCK *ts, void *data, UINT size)
return; return;
} }
if (s->UseFastRC4)
{
Encrypt(ts->SendKey, data, data, size);
}
WriteFifo(ts->SendFifo, data, size); WriteFifo(ts->SendFifo, data, size);
} }
@ -676,11 +671,6 @@ void WriteRecvFifo(SESSION *s, TCPSOCK *ts, void *data, UINT size)
return; return;
} }
if (s->UseFastRC4)
{
Encrypt(ts->RecvKey, data, data, size);
}
WriteFifo(ts->RecvFifo, data, size); WriteFifo(ts->RecvFifo, data, size);
} }
@ -688,14 +678,14 @@ void WriteRecvFifo(SESSION *s, TCPSOCK *ts, void *data, UINT size)
UINT TcpSockRecv(SESSION *s, TCPSOCK *ts, void *data, UINT size) UINT TcpSockRecv(SESSION *s, TCPSOCK *ts, void *data, UINT size)
{ {
// Receive // Receive
return Recv(ts->Sock, data, size, s->UseSSLDataEncryption); return Recv(ts->Sock, data, size, s->UseEncrypt);
} }
// TCP socket send // TCP socket send
UINT TcpSockSend(SESSION *s, TCPSOCK *ts, void *data, UINT size) UINT TcpSockSend(SESSION *s, TCPSOCK *ts, void *data, UINT size)
{ {
// Transmission // Transmission
return Send(ts->Sock, data, size, s->UseSSLDataEncryption); return Send(ts->Sock, data, size, s->UseEncrypt);
} }
// Send the data as UDP packet // Send the data as UDP packet

View File

@ -1265,7 +1265,6 @@ bool ServerAccept(CONNECTION *c)
char groupname[MAX_SIZE]; char groupname[MAX_SIZE];
UCHAR session_key[SHA1_SIZE]; UCHAR session_key[SHA1_SIZE];
UCHAR ticket[SHA1_SIZE]; UCHAR ticket[SHA1_SIZE];
RC4_KEY_PAIR key_pair;
UINT authtype; UINT authtype;
POLICY *policy; POLICY *policy;
UINT assigned_vlan_id = 0; UINT assigned_vlan_id = 0;
@ -1284,7 +1283,6 @@ bool ServerAccept(CONNECTION *c)
IP udp_acceleration_client_ip; IP udp_acceleration_client_ip;
UCHAR udp_acceleration_client_key[UDP_ACCELERATION_COMMON_KEY_SIZE]; UCHAR udp_acceleration_client_key[UDP_ACCELERATION_COMMON_KEY_SIZE];
UINT udp_acceleration_client_port; UINT udp_acceleration_client_port;
bool use_fast_rc4;
bool admin_mode = false; bool admin_mode = false;
UINT direction; UINT direction;
UINT max_connection; UINT max_connection;
@ -1643,7 +1641,6 @@ bool ServerAccept(CONNECTION *c)
use_compress = PackGetInt(p, "use_compress") == 0 ? false : true; use_compress = PackGetInt(p, "use_compress") == 0 ? false : true;
max_connection = PackGetInt(p, "max_connection"); max_connection = PackGetInt(p, "max_connection");
half_connection = PackGetInt(p, "half_connection") == 0 ? false : true; half_connection = PackGetInt(p, "half_connection") == 0 ? false : true;
use_fast_rc4 = PackGetInt(p, "use_fast_rc4") == 0 ? false : true;
qos = PackGetInt(p, "qos") ? true : false; qos = PackGetInt(p, "qos") ? true : false;
client_id = PackGetInt(p, "client_id"); client_id = PackGetInt(p, "client_id");
adjust_mss = PackGetInt(p, "adjust_mss"); adjust_mss = PackGetInt(p, "adjust_mss");
@ -3134,10 +3131,6 @@ bool ServerAccept(CONNECTION *c)
// Set the parameters // Set the parameters
s->MaxConnection = max_connection; s->MaxConnection = max_connection;
s->UseEncrypt = use_encrypt; s->UseEncrypt = use_encrypt;
if (s->UseEncrypt && use_fast_rc4)
{
s->UseFastRC4 = use_fast_rc4;
}
s->UseCompress = use_compress; s->UseCompress = use_compress;
s->HalfConnection = half_connection; s->HalfConnection = half_connection;
s->Timeout = timeout; s->Timeout = timeout;
@ -3294,26 +3287,6 @@ bool ServerAccept(CONNECTION *c)
Free(msg); Free(msg);
if (s->UseFastRC4)
{
// Generate a RC4 key pair
GenerateRC4KeyPair(&key_pair);
// Add to Welcome packet
PackAddData(p, "rc4_key_client_to_server", key_pair.ClientToServerKey, sizeof(key_pair.ClientToServerKey));
PackAddData(p, "rc4_key_server_to_client", key_pair.ServerToClientKey, sizeof(key_pair.ServerToClientKey));
{
char key1[64], key2[64];
BinToStr(key1, sizeof(key1), key_pair.ClientToServerKey, 16);
BinToStr(key2, sizeof(key2), key_pair.ServerToClientKey, 16);
Debug(
"Client to Server Key: %s\n"
"Server to Client Key: %s\n",
key1, key2);
}
}
// Brand string for the connection limit // Brand string for the connection limit
{ {
char *branded_cfroms = _SS("BRANDED_C_FROM_S"); char *branded_cfroms = _SS("BRANDED_C_FROM_S");
@ -3353,24 +3326,6 @@ bool ServerAccept(CONNECTION *c)
ts->Direction = TCP_CLIENT_TO_SERVER; ts->Direction = TCP_CLIENT_TO_SERVER;
} }
if (s->UseFastRC4)
{
// Set the RC4 key information to the first TCP connection
TCPSOCK *ts = (TCPSOCK *)LIST_DATA(c->Tcp->TcpSockList, 0);
Copy(&ts->Rc4KeyPair, &key_pair, sizeof(RC4_KEY_PAIR));
InitTcpSockRc4Key(ts, true);
}
if (s->UseEncrypt && s->UseFastRC4 == false)
{
s->UseSSLDataEncryption = true;
}
else
{
s->UseSSLDataEncryption = false;
}
if (s->Hub->Type == HUB_TYPE_FARM_DYNAMIC && s->Cedar->Server != NULL && s->Cedar->Server->ServerType == SERVER_TYPE_FARM_CONTROLLER) if (s->Hub->Type == HUB_TYPE_FARM_DYNAMIC && s->Cedar->Server != NULL && s->Cedar->Server->ServerType == SERVER_TYPE_FARM_CONTROLLER)
{ {
if (s->Hub->BeingOffline == false) if (s->Hub->BeingOffline == false)
@ -3536,12 +3491,6 @@ bool ServerAccept(CONNECTION *c)
goto CLEANUP; goto CLEANUP;
} }
// Generate a high-speed RC4 encryption key
if (s->UseFastRC4)
{
GenerateRC4KeyPair(&key_pair);
}
// Add the socket of this connection to the connection list of the session (TCP) // Add the socket of this connection to the connection list of the session (TCP)
sock = c->FirstSock; sock = c->FirstSock;
ts = NewTcpSock(sock); ts = NewTcpSock(sock);
@ -3581,34 +3530,10 @@ bool ServerAccept(CONNECTION *c)
} }
UnlockList(s->Connection->Tcp->TcpSockList); UnlockList(s->Connection->Tcp->TcpSockList);
if (s->UseFastRC4)
{
// Set the RC4 key information
Copy(&ts->Rc4KeyPair, &key_pair, sizeof(RC4_KEY_PAIR));
InitTcpSockRc4Key(ts, true);
}
// Return a success result // Return a success result
p = PackError(ERR_NO_ERROR); p = PackError(ERR_NO_ERROR);
PackAddInt(p, "direction", direction); PackAddInt(p, "direction", direction);
if (s->UseFastRC4)
{
// Add a RC4 key information
PackAddData(p, "rc4_key_client_to_server", key_pair.ClientToServerKey, sizeof(key_pair.ClientToServerKey));
PackAddData(p, "rc4_key_server_to_client", key_pair.ServerToClientKey, sizeof(key_pair.ServerToClientKey));
{
char key1[64], key2[64];
BinToStr(key1, sizeof(key1), key_pair.ClientToServerKey, 16);
BinToStr(key2, sizeof(key2), key_pair.ServerToClientKey, 16);
Debug(
"Client to Server Key: %s\n"
"Server to Client Key: %s\n",
key1, key2);
}
}
HttpServerSend(c->FirstSock, p); HttpServerSend(c->FirstSock, p);
FreePack(p); FreePack(p);
@ -4345,7 +4270,7 @@ bool ClientAdditionalConnect(CONNECTION *c, THREAD *t)
TCPSOCK *ts; TCPSOCK *ts;
UINT err; UINT err;
UINT direction; UINT direction;
RC4_KEY_PAIR key_pair;
// Validate arguments // Validate arguments
if (c == NULL) if (c == NULL)
{ {
@ -4409,28 +4334,6 @@ bool ClientAdditionalConnect(CONNECTION *c, THREAD *t)
err = GetErrorFromPack(p); err = GetErrorFromPack(p);
direction = PackGetInt(p, "direction"); direction = PackGetInt(p, "direction");
if (c->Session->UseFastRC4)
{
// Get the RC4 key information
if (PackGetDataSize(p, "rc4_key_client_to_server") == 16)
{
PackGetData(p, "rc4_key_client_to_server", key_pair.ClientToServerKey);
}
if (PackGetDataSize(p, "rc4_key_server_to_client") == 16)
{
PackGetData(p, "rc4_key_server_to_client", key_pair.ServerToClientKey);
}
{
char key1[64], key2[64];
BinToStr(key1, sizeof(key1), key_pair.ClientToServerKey, 16);
BinToStr(key2, sizeof(key2), key_pair.ServerToClientKey, 16);
Debug(
"Client to Server Key: %s\n"
"Server to Client Key: %s\n",
key1, key2);
}
}
FreePack(p); FreePack(p);
p = NULL; p = NULL;
@ -4475,14 +4378,6 @@ bool ClientAdditionalConnect(CONNECTION *c, THREAD *t)
); );
} }
if (c->Session->UseFastRC4)
{
// Set the RC4 encryption key
Copy(&ts->Rc4KeyPair, &key_pair, sizeof(RC4_KEY_PAIR));
InitTcpSockRc4Key(ts, false);
}
// Issue the Cancel to the session // Issue the Cancel to the session
Cancel(c->Session->Cancel1); Cancel(c->Session->Cancel1);
@ -4788,7 +4683,6 @@ bool ClientConnect(CONNECTION *c)
char session_name[MAX_SESSION_NAME_LEN + 1]; char session_name[MAX_SESSION_NAME_LEN + 1];
char connection_name[MAX_CONNECTION_NAME_LEN + 1]; char connection_name[MAX_CONNECTION_NAME_LEN + 1];
UCHAR session_key[SHA1_SIZE]; UCHAR session_key[SHA1_SIZE];
RC4_KEY_PAIR key_pair;
POLICY *policy; POLICY *policy;
bool expired = false; bool expired = false;
IP server_ip; IP server_ip;
@ -5137,10 +5031,6 @@ REDIRECTED:
c->Session->UseCompress = PackGetInt(p, "use_compress") == 0 ? false : true; c->Session->UseCompress = PackGetInt(p, "use_compress") == 0 ? false : true;
c->Session->UseEncrypt = PackGetInt(p, "use_encrypt") == 0 ? false : true; c->Session->UseEncrypt = PackGetInt(p, "use_encrypt") == 0 ? false : true;
c->Session->NoSendSignature = PackGetBool(p, "no_send_signature"); c->Session->NoSendSignature = PackGetBool(p, "no_send_signature");
if (c->Session->UseEncrypt)
{
c->Session->UseFastRC4 = PackGetInt(p, "use_fast_rc4") == 0 ? false : true;
}
c->Session->HalfConnection = PackGetInt(p, "half_connection") == 0 ? false : true; c->Session->HalfConnection = PackGetInt(p, "half_connection") == 0 ? false : true;
c->Session->IsAzureSession = PackGetInt(p, "is_azure_session") == 0 ? false : true; c->Session->IsAzureSession = PackGetInt(p, "is_azure_session") == 0 ? false : true;
c->Session->Timeout = PackGetInt(p, "timeout"); c->Session->Timeout = PackGetInt(p, "timeout");
@ -5203,28 +5093,6 @@ REDIRECTED:
} }
} }
if (c->Session->UseFastRC4)
{
// Get the RC4 key information
if (PackGetDataSize(p, "rc4_key_client_to_server") == 16)
{
PackGetData(p, "rc4_key_client_to_server", key_pair.ClientToServerKey);
}
if (PackGetDataSize(p, "rc4_key_server_to_client") == 16)
{
PackGetData(p, "rc4_key_server_to_client", key_pair.ServerToClientKey);
}
{
char key1[64], key2[64];
BinToStr(key1, sizeof(key1), key_pair.ClientToServerKey, 16);
BinToStr(key2, sizeof(key2), key_pair.ServerToClientKey, 16);
Debug(
"Client to Server Key: %s\n"
"Server to Client Key: %s\n",
key1, key2);
}
}
sess->EnableBulkOnRUDP = false; sess->EnableBulkOnRUDP = false;
sess->EnableHMacOnBulkOfRUDP = false; sess->EnableHMacOnBulkOfRUDP = false;
if (s->IsRUDPSocket && s->BulkRecvKey != NULL && s->BulkSendKey != NULL) if (s->IsRUDPSocket && s->BulkRecvKey != NULL && s->BulkSendKey != NULL)
@ -5405,25 +5273,6 @@ REDIRECTED:
ts->Direction = TCP_CLIENT_TO_SERVER; ts->Direction = TCP_CLIENT_TO_SERVER;
} }
if (c->Session->UseFastRC4)
{
// Set the high-speed RC4 encryption key
TCPSOCK *ts = (TCPSOCK *)LIST_DATA(c->Tcp->TcpSockList, 0);
Copy(&ts->Rc4KeyPair, &key_pair, sizeof(key_pair));
InitTcpSockRc4Key(ts, false);
}
// SSL encryption flag
if (c->Session->UseEncrypt && c->Session->UseFastRC4 == false)
{
c->Session->UseSSLDataEncryption = true;
}
else
{
c->Session->UseSSLDataEncryption = false;
}
PrintStatus(sess, L"free"); PrintStatus(sess, L"free");
CLog(c->Cedar->Client, "LC_CONNECT_2", c->Session->ClientOption->AccountName, CLog(c->Cedar->Client, "LC_CONNECT_2", c->Session->ClientOption->AccountName,
@ -5525,7 +5374,6 @@ PACK *PackWelcome(SESSION *s)
// Parameters // Parameters
PackAddInt(p, "max_connection", s->MaxConnection); PackAddInt(p, "max_connection", s->MaxConnection);
PackAddInt(p, "use_encrypt", s->UseEncrypt == false ? 0 : 1); PackAddInt(p, "use_encrypt", s->UseEncrypt == false ? 0 : 1);
PackAddInt(p, "use_fast_rc4", s->UseFastRC4 == false ? 0 : 1);
PackAddInt(p, "use_compress", s->UseCompress == false ? 0 : 1); PackAddInt(p, "use_compress", s->UseCompress == false ? 0 : 1);
PackAddInt(p, "half_connection", s->HalfConnection == false ? 0 : 1); PackAddInt(p, "half_connection", s->HalfConnection == false ? 0 : 1);
PackAddInt(p, "timeout", s->Timeout); PackAddInt(p, "timeout", s->Timeout);
@ -5930,8 +5778,6 @@ bool ClientUploadAuth(CONNECTION *c)
PackAddInt(p, "max_connection", o->MaxConnection); PackAddInt(p, "max_connection", o->MaxConnection);
// Flag to use of cryptography // Flag to use of cryptography
PackAddInt(p, "use_encrypt", o->UseEncrypt == false ? 0 : 1); PackAddInt(p, "use_encrypt", o->UseEncrypt == false ? 0 : 1);
// Fast encryption using flag
// PackAddInt(p, "use_fast_rc4", o->UseFastRC4 == false ? 0 : 1);
// Data compression flag // Data compression flag
PackAddInt(p, "use_compress", o->UseCompress == false ? 0 : 1); PackAddInt(p, "use_compress", o->UseCompress == false ? 0 : 1);
// Half connection flag // Half connection flag
@ -7390,18 +7236,3 @@ PACK *PackAdditionalConnect(UCHAR *session_key)
return p; return p;
} }
// Generate a RC4 key pair
void GenerateRC4KeyPair(RC4_KEY_PAIR *k)
{
// Validate arguments
if (k == NULL)
{
return;
}
Rand(k->ClientToServerKey, sizeof(k->ClientToServerKey));
Rand(k->ServerToClientKey, sizeof(k->ServerToClientKey));
}

View File

@ -258,7 +258,6 @@ bool ClientAdditionalConnect(CONNECTION *c, THREAD *t);
SOCK *ClientAdditionalConnectToServer(CONNECTION *c); SOCK *ClientAdditionalConnectToServer(CONNECTION *c);
bool ClientUploadAuth2(CONNECTION *c, SOCK *s); bool ClientUploadAuth2(CONNECTION *c, SOCK *s);
bool GetSessionKeyFromPack(PACK *p, UCHAR *session_key, UINT *session_key_32); bool GetSessionKeyFromPack(PACK *p, UCHAR *session_key, UINT *session_key_32);
void GenerateRC4KeyPair(RC4_KEY_PAIR *k);
SOCK *ProxyConnect(CONNECTION *c, char *proxy_host_name, UINT proxy_port, SOCK *ProxyConnect(CONNECTION *c, char *proxy_host_name, UINT proxy_port,
char *server_host_name, UINT server_port, char *server_host_name, UINT server_port,

View File

@ -217,7 +217,6 @@ struct SESSION
UINT64 NextConnectionTime; // Time to put next additional connection UINT64 NextConnectionTime; // Time to put next additional connection
IP ServerIP; // IP address of the server IP ServerIP; // IP address of the server
bool ClientModeAndUseVLan; // Use a virtual LAN card in client mode bool ClientModeAndUseVLan; // Use a virtual LAN card in client mode
bool UseSSLDataEncryption; // Use SSL data encryption
LOCK *TrafficLock; // Traffic data lock LOCK *TrafficLock; // Traffic data lock
LINK *Link; // A reference to the link object LINK *Link; // A reference to the link object
SNAT *SecureNAT; // A reference to the SecureNAT object SNAT *SecureNAT; // A reference to the SecureNAT object
@ -255,7 +254,6 @@ struct SESSION
char SessionKeyStr[64]; // Session key string char SessionKeyStr[64]; // Session key string
UINT MaxConnection; // Maximum number of concurrent TCP connections UINT MaxConnection; // Maximum number of concurrent TCP connections
bool UseEncrypt; // Use encrypted communication bool UseEncrypt; // Use encrypted communication
bool UseFastRC4; // Use high speed RC4 encryption
bool UseCompress; // Use data compression bool UseCompress; // Use data compression
bool HalfConnection; // Half connection mode bool HalfConnection; // Half connection mode
bool QoS; // VoIP / QoS bool QoS; // VoIP / QoS