1
0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2024-11-25 19:09:52 +03:00
Commit Graph

1136 Commits

Author SHA1 Message Date
Evengard
149096e13c * Implementing user search by certificate common name.
* Reworking EAP-TLS flow
* Implementing iterative TLS downgrade supporting PPPD TLS 1.3+Tickets, Windows TLS 1.3 w/o Tickets, VPN Client Pro TLS 1.2.
2023-01-23 23:57:19 +03:00
Ilya Shipitsin
c7766d072b src/Mayaqua/Unix.c: improve memory allocation handling according to Coverity
1875        if (mutex == NULL)
1876        {
    CID 367204 (#1 of 1): Resource leak (RESOURCE_LEAK)4. leaked_storage: Variable lock going out of scope leaks the storage it points to.
1877                return NULL;
1878        }
2023-01-15 13:30:37 +06:00
Ilya Shipitsin
6a5f4b0dfd src/Cedar/Virtual.c: mute Coverity warning
4272                FreeBlock(block);
    CID 375153 (#1 of 1): Uninitialized scalar variable (UNINIT)44. uninit_use: Using uninitialized value send_size.
4273                if (send_size == 0)
2023-01-14 21:38:28 +06:00
Yihong Wu
6e48227d93
Update CMakeLists.txt 2023-01-07 10:27:47 +09:00
Yihong Wu
1b79df7954 Mayaqua/CMakeLists: Fix win32 build without vcpkg 2023-01-06 22:32:28 +09:00
dependabot[bot]
2e8723b967
Bump json5, ts-loader, webpack and webpack-cli
Removes [json5](https://github.com/json5/json5). It's no longer used after updating ancestor dependencies [json5](https://github.com/json5/json5), [ts-loader](https://github.com/TypeStrong/ts-loader), [webpack](https://github.com/webpack/webpack) and [webpack-cli](https://github.com/webpack/webpack-cli). These dependencies need to be updated together.


Removes `json5`

Updates `ts-loader` from 6.0.1 to 9.4.2
- [Release notes](https://github.com/TypeStrong/ts-loader/releases)
- [Changelog](https://github.com/TypeStrong/ts-loader/blob/main/CHANGELOG.md)
- [Commits](https://github.com/TypeStrong/ts-loader/compare/v6.0.1...v9.4.2)

Updates `webpack` from 4.32.2 to 5.75.0
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v4.32.2...v5.75.0)

Updates `webpack-cli` from 3.3.12 to 5.0.1
- [Release notes](https://github.com/webpack/webpack-cli/releases)
- [Changelog](https://github.com/webpack/webpack-cli/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack/webpack-cli/compare/v3.3.12...webpack-cli@5.0.1)

---
updated-dependencies:
- dependency-name: json5
  dependency-type: indirect
- dependency-name: ts-loader
  dependency-type: direct:development
- dependency-name: webpack
  dependency-type: direct:development
- dependency-name: webpack-cli
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-01 08:28:23 +00:00
Ilya Shipitsin
86e44e8d7b LibreSSL-3.7.0 compatibility 2022-12-25 11:35:29 +06:00
dependabot[bot]
99374ba446
Bump decode-uri-component in /src/bin/hamcore/wwwroot/admin/default
Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2.
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2)

---
updated-dependencies:
- dependency-name: decode-uri-component
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-03 13:51:53 +00:00
Yihong Wu
d8e56f9dbc Add build instruction for dynamic linking OpenSSL
Co-authored-by: Davide Beatrici <github@davidebeatrici.dev>
2022-11-27 19:33:52 +09:00
Koichiro IWAO
e2ad7d5e8f Fix wrong shortcut key assignment
Fixes #1702.
2022-11-17 16:11:30 +09:00
Ilya Shipitsin
9eb9d57c27
Merge pull request #1700 from SoftEtherVPN/dependabot/npm_and_yarn/src/bin/hamcore/wwwroot/admin/default/kind-of-6.0.3
Bump kind-of from 6.0.2 to 6.0.3 in /src/bin/hamcore/wwwroot/admin/default
2022-11-12 21:00:03 +05:00
Ilya Shipitsin
28ec0d54b8
Merge pull request #1697 from SoftEtherVPN/dependabot/npm_and_yarn/src/bin/hamcore/wwwroot/admin/default/yargs-parser-13.1.2
Bump yargs-parser from 11.1.1 to 13.1.2 in /src/bin/hamcore/wwwroot/admin/default
2022-11-12 20:56:54 +05:00
dependabot[bot]
506677bf60
Bump kind-of in /src/bin/hamcore/wwwroot/admin/default
Bumps [kind-of](https://github.com/jonschlinkert/kind-of) from 6.0.2 to 6.0.3.
- [Release notes](https://github.com/jonschlinkert/kind-of/releases)
- [Changelog](https://github.com/jonschlinkert/kind-of/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jonschlinkert/kind-of/compare/6.0.2...6.0.3)

---
updated-dependencies:
- dependency-name: kind-of
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-12 15:42:01 +00:00
dependabot[bot]
6a1b55293c
Bump yargs-parser in /src/bin/hamcore/wwwroot/admin/default
Bumps [yargs-parser](https://github.com/yargs/yargs-parser) from 11.1.1 to 13.1.2.
- [Release notes](https://github.com/yargs/yargs-parser/releases)
- [Changelog](https://github.com/yargs/yargs-parser/blob/main/docs/CHANGELOG-full.md)
- [Commits](https://github.com/yargs/yargs-parser/commits)

---
updated-dependencies:
- dependency-name: yargs-parser
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-12 15:39:28 +00:00
Ilya Shipitsin
49c1a84752
Merge pull request #1699 from SoftEtherVPN/dependabot/npm_and_yarn/src/bin/hamcore/wwwroot/admin/default/serialize-javascript-and-terser-webpack-plugin-4.0.0
Bump serialize-javascript and terser-webpack-plugin in /src/bin/hamcore/wwwroot/admin/default
2022-11-12 20:35:18 +05:00
Ilya Shipitsin
34a9a7bc46
Merge pull request #1698 from SoftEtherVPN/dependabot/npm_and_yarn/src/bin/hamcore/wwwroot/admin/default/set-value-and-union-value-2.0.1
Bump set-value and union-value in /src/bin/hamcore/wwwroot/admin/default
2022-11-12 20:22:47 +05:00
dependabot[bot]
e7980ae9b1
Bump serialize-javascript and terser-webpack-plugin
Bumps [serialize-javascript](https://github.com/yahoo/serialize-javascript) and [terser-webpack-plugin](https://github.com/webpack-contrib/terser-webpack-plugin). These dependencies needed to be updated together.

Updates `serialize-javascript` from 1.7.0 to 4.0.0
- [Release notes](https://github.com/yahoo/serialize-javascript/releases)
- [Commits](https://github.com/yahoo/serialize-javascript/compare/v1.7.0...v4.0.0)

Updates `terser-webpack-plugin` from 1.3.0 to 1.4.5
- [Release notes](https://github.com/webpack-contrib/terser-webpack-plugin/releases)
- [Changelog](https://github.com/webpack-contrib/terser-webpack-plugin/blob/v1.4.5/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/terser-webpack-plugin/compare/v1.3.0...v1.4.5)

---
updated-dependencies:
- dependency-name: serialize-javascript
  dependency-type: indirect
- dependency-name: terser-webpack-plugin
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-12 14:44:52 +00:00
dependabot[bot]
9f53cf5bdb
Bump set-value and union-value in /src/bin/hamcore/wwwroot/admin/default
Bumps [set-value](https://github.com/jonschlinkert/set-value) and [union-value](https://github.com/jonschlinkert/union-value). These dependencies needed to be updated together.

Updates `set-value` from 2.0.0 to 2.0.1
- [Release notes](https://github.com/jonschlinkert/set-value/releases)
- [Commits](https://github.com/jonschlinkert/set-value/compare/2.0.0...2.0.1)

Updates `union-value` from 1.0.0 to 1.0.1
- [Release notes](https://github.com/jonschlinkert/union-value/releases)
- [Commits](https://github.com/jonschlinkert/union-value/compare/1.0.0...1.0.1)

---
updated-dependencies:
- dependency-name: set-value
  dependency-type: indirect
- dependency-name: union-value
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-12 14:43:12 +00:00
Ilya Shipitsin
c492276a94
Merge pull request #1695 from SoftEtherVPN/dependabot/npm_and_yarn/src/bin/hamcore/wwwroot/admin/default/glob-parent-and-watchpack-5.1.2
Bump glob-parent and watchpack in /src/bin/hamcore/wwwroot/admin/default
2022-11-12 19:36:00 +05:00
Ilya Shipitsin
661e61538e
Merge pull request #1694 from SoftEtherVPN/dependabot/npm_and_yarn/src/bin/hamcore/wwwroot/admin/default/ansi-regex-3.0.1
Bump ansi-regex from 3.0.0 to 3.0.1 in /src/bin/hamcore/wwwroot/admin/default
2022-11-12 19:34:56 +05:00
Ilya Shipitsin
b5a83cc208
Merge pull request #1691 from SoftEtherVPN/dependabot/npm_and_yarn/src/bin/hamcore/wwwroot/admin/default/loader-utils-1.4.2
Bump loader-utils from 1.2.3 to 1.4.2 in /src/bin/hamcore/wwwroot/admin/default
2022-11-12 19:34:07 +05:00
dependabot[bot]
b6d2ec3b76
Bump glob-parent and watchpack in /src/bin/hamcore/wwwroot/admin/default
Bumps [glob-parent](https://github.com/gulpjs/glob-parent) and [watchpack](https://github.com/webpack/watchpack). These dependencies needed to be updated together.

Updates `glob-parent` from 3.1.0 to 5.1.2
- [Release notes](https://github.com/gulpjs/glob-parent/releases)
- [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md)
- [Commits](https://github.com/gulpjs/glob-parent/compare/v3.1.0...v5.1.2)

Updates `watchpack` from 1.6.0 to 1.7.5
- [Release notes](https://github.com/webpack/watchpack/releases)
- [Commits](https://github.com/webpack/watchpack/compare/v1.6.0...v1.7.5)

---
updated-dependencies:
- dependency-name: glob-parent
  dependency-type: indirect
- dependency-name: watchpack
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-12 09:32:44 +00:00
dependabot[bot]
4ebf713911
Bump ansi-regex in /src/bin/hamcore/wwwroot/admin/default
Bumps [ansi-regex](https://github.com/chalk/ansi-regex) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/chalk/ansi-regex/releases)
- [Commits](https://github.com/chalk/ansi-regex/compare/v3.0.0...v3.0.1)

---
updated-dependencies:
- dependency-name: ansi-regex
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-12 09:31:04 +00:00
dependabot[bot]
b5727b3525
Bump loader-utils in /src/bin/hamcore/wwwroot/admin/default
Bumps [loader-utils](https://github.com/webpack/loader-utils) from 1.2.3 to 1.4.2.
- [Release notes](https://github.com/webpack/loader-utils/releases)
- [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md)
- [Commits](https://github.com/webpack/loader-utils/compare/v1.2.3...v1.4.2)

---
updated-dependencies:
- dependency-name: loader-utils
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-12 09:14:27 +00:00
dependabot[bot]
372759d2ad
Bump minimatch in /src/bin/hamcore/wwwroot/admin/default
Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.0.4 to 3.1.2.
- [Release notes](https://github.com/isaacs/minimatch/releases)
- [Commits](https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.2)

---
updated-dependencies:
- dependency-name: minimatch
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-12 09:14:23 +00:00
Yihong Wu
05fa675d5a Exclude inactive routes in Windows routing management 2022-09-16 17:25:11 +09:00
Yihong Wu
dc5da0c6a9 Zero out protocol strings when reconnecting 2022-09-13 19:14:33 +09:00
Guest126
04569c81c7
fix typo 2022-08-03 23:30:05 +09:00
dependabot[bot]
fa99fde893
Bump terser in /src/bin/hamcore/wwwroot/admin/default
Bumps [terser](https://github.com/terser/terser) from 4.0.0 to 4.8.1.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/commits)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-07-20 08:39:28 +00:00
Davide Beatrici
a14d812dcb
Merge PR #1610: Proto_OpenVPN: Set max allowed ACKs to 8 for P_ACK_V1 2022-06-14 04:53:56 +02:00
Arne Schwabe
37aa1ba534 Proto_OpenVPN: Set max allowed ACKs to 8 for P_ACK_V1
OpenVPN always allowed 8 ACKs in P_ACK_V1 packets but only used
up to 4 in other control packets. Since Softether drops all packets with
more than 4 ACKs it also drops legimate P_ACK_V1.

See also this issue: https://github.com/schwabe/ics-openvpn/issues/1486
2022-06-14 00:06:02 +02:00
Yihong Wu
3ed7f7cbce Adjust TCP MSS if UDP acceleration is enabled (even if inactive) 2022-06-13 22:15:44 +09:00
Yihong Wu
209f60f079
Merge pull request #1604 from domosekai/docs 2022-05-29 10:47:59 +09:00
Yihong Wu
333cbb3f29 Update Windows build instructions
Co-authored-by: Davide Beatrici <github@davidebeatrici.dev>
2022-05-28 15:26:23 +09:00
Yihong Wu
e74d9dec25
Merge pull request #1593 from domosekai/cm 2022-05-26 12:54:09 +09:00
Yihong Wu
ad4ce138e9
Merge pull request #1594 from domosekai/tray
Show connection names in tray tips
2022-05-16 15:23:36 +09:00
Yihong Wu
27d7f4cfbe Fix route tracking on x86 Windows 2022-05-15 19:42:57 +09:00
Yihong Wu
4a3b4589c6 Show connection names in icon tips 2022-05-15 15:22:46 +08:00
Yihong Wu
53d8b10de2 Remove CM timer event to fix taskbar behavior on Win 11 2022-05-14 14:05:31 +08:00
Yihong Wu
ca996ed89a
Merge pull request #1522 from domosekai/tls
Implement complete server certificate verification
2022-05-12 23:38:38 +08:00
Daehun Hyun
cb6d9531b5 Fixed an issue where routing was not added when receiving DHCP static routing options. 2022-05-10 17:35:01 +09:00
sfreet
5a0227ba1d Allow packets if the both source and destination session users are the same, even in PrivacyFilter mode 2022-05-09 15:45:55 +09:00
Yihong Wu
ca226cdc9d Add CMakeSettings.json to facilitate VS configuration
Update build instructions for Windows
2022-04-30 15:03:05 +08:00
Yihong Wu
c8dca265b4
Merge pull request #1576 from domosekai/ipv6
Fix IPv6 ND for Windows 11 PPP clients
2022-04-27 20:37:25 +08:00
Yihong Wu
b3afbe37e9 Load legacy provider under OpenSSL 3.0 2022-04-26 22:00:15 +08:00
updatede
b4bb90ec5b
Fix udp acceleration unusable on big endian system
On big endian system, while store 32 bits and 16bits number in memory of  UINT64 variable "tmp", first 4 bytes of it always be zero makes "cookie" and "size" always be zero, lead to udpaccel unusable.
2022-04-25 18:16:50 +08:00
Yihong Wu
a742e2d193 Fix IPv6 ND for Windows 11 PPP clients 2022-04-08 00:37:38 +08:00
Yihong Wu
992a998a34 Add missing translation for protocol details 2022-04-01 22:18:54 +08:00
Yihong Wu
3c0e3fa49c
Merge pull request #1564 from domosekai/bulk 2022-03-21 10:13:56 +08:00
Yihong Wu
d86cf181bf Fix UDP bulk v2 and protocol display 2022-03-20 16:48:15 +08:00
dependabot[bot]
e8b88fd225
Bump tar from 4.4.8 to 4.4.19 in /src/bin/hamcore/wwwroot/admin/default
Bumps [tar](https://github.com/npm/node-tar) from 4.4.8 to 4.4.19.
- [Release notes](https://github.com/npm/node-tar/releases)
- [Changelog](https://github.com/npm/node-tar/blob/main/CHANGELOG.md)
- [Commits](https://github.com/npm/node-tar/compare/v4.4.8...v4.4.19)

---
updated-dependencies:
- dependency-name: tar
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-19 19:17:31 +00:00
Davide Beatrici
9764485774
Merge PR #1551: Bump ajv from 6.10.0 to 6.12.6 2022-03-19 20:16:53 +01:00
Daiyuu Nobori
32a970f976 Admin.c: Fix wrong endianness in InRpcNodeInfo() and OutRpcNodeInfo() 2022-02-22 19:38:34 +01:00
Daiyuu Nobori
56aedd6817 Memory: Add LittleEndian16(), LittleEndian32() and LittleEndian64() 2022-02-22 19:38:03 +01:00
dependabot[bot]
b603d2658a
Bump ajv from 6.10.0 to 6.12.6 in /src/bin/hamcore/wwwroot/admin/default
Bumps [ajv](https://github.com/ajv-validator/ajv) from 6.10.0 to 6.12.6.
- [Release notes](https://github.com/ajv-validator/ajv/releases)
- [Commits](https://github.com/ajv-validator/ajv/compare/v6.10.0...v6.12.6)

---
updated-dependencies:
- dependency-name: ajv
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-02-12 02:08:14 +00:00
H William Welliver
fd92c754fc Add missing headers required for solaris/illumos 2022-01-06 23:06:36 -05:00
Yihong Wu
0a4455ac40 Add more TLS negotiation info in logging and UI 2021-12-29 17:41:29 +08:00
Yihong Wu
f94ac6351e Implement complete server certificate verification 2021-12-29 17:41:29 +08:00
weidi
09dd8a8b07 endif UNIX_LINUX before BSD 2021-12-26 16:13:53 +01:00
weidi
3c7d78a1bf
Merge branch 'SoftEtherVPN:master' into master 2021-12-26 11:51:55 +01:00
Yihong Wu
adbbe94675
Merge pull request #1528 from updatede/patch-1
Mayaqua/Network.h: Fix UDP acceleration under NAT-T connections
2021-12-26 12:32:48 +08:00
Yihong Wu
1c1560f6ca Apply security level override in azure client mode 2021-12-26 12:12:00 +08:00
Yihong Wu
68dc4e23d8 Improve NAT-T hint string handling 2021-12-26 12:11:51 +08:00
Yihong Wu
f6edb5e165 Fix a typo that causes CascadeList to show blank hub name 2021-12-26 12:03:59 +08:00
Yihong Wu
a5565fce4b Fix cascade links may start before configuration is loaded 2021-12-26 12:03:59 +08:00
Yihong Wu
d95d8ddefa Fix account name in wrong case after editing 2021-12-26 12:03:59 +08:00
Johannes Weidacher
f1b464e84d fix alpine compile issue. 2021-12-25 21:22:06 +01:00
Yihong Wu
51585e63e3 Fix server manager setting compatibility since build 9658 2021-12-25 13:25:34 +08:00
weidi
c72d4fddb8
Merge branch 'SoftEtherVPN:master' into master 2021-12-24 08:47:45 +01:00
Johannes Weidacher
fc15d1ebd5 fix alpine compile issue. 2021-12-23 21:06:19 +01:00
Johannes Weidacher
73ffa10f50 Fix build error on alpine 2021-12-23 20:59:48 +01:00
Yihong Wu
77ee848caa Cedar/SM.c: Fix pointer usage before initialization 2021-12-23 17:23:15 +08:00
updatede
0b74a8e4ce
Update Network.h
Missing argument check lead to wrong value of IsIPv6 of struct UDP_ACCEL in NewUdpAccel(),  eventually lead to UdpAccelInitClient() fail.
2021-12-22 13:19:50 +08:00
Yihong Wu
fc94843579 Fix the creation of a zero IPv6 address
Fix #1517
2021-12-12 20:05:36 +08:00
Yihong Wu
b91d9af5e3 Mayaqua/DNS: Fix memory safety in DNS operation threads
Fix #1329
2021-12-12 20:05:36 +08:00
Yihong Wu
2a40d21ef9
Merge pull request #1512 from domosekai/he
Perform TCP connection via IPv6 and IPv4 in parallel threads
2021-12-11 17:20:12 +08:00
Yihong Wu
02ee7b45d7 Save the correct server IP for route management 2021-12-10 16:53:28 +08:00
Yihong Wu
384ab07996 Perform TCP connection attempts via IPv6 and IPv4 in parallel 2021-12-10 16:18:45 +08:00
Yihong Wu
e6bf956806 Return and cache all addresses from DNS resolver 2021-12-10 16:18:45 +08:00
Yihong Wu
528f313dbe
Merge pull request #1511 from domosekai/ipstr
Fix IPv6 address display in session info dialog
2021-12-09 12:55:10 +08:00
Yihong Wu
b4aad09f21 Restore R-UDP listener when ListenIP is :: 2021-12-07 21:55:41 +08:00
Yihong Wu
14f5854ecf Fix IPv6 address display in session info dialog 2021-12-07 15:48:32 +08:00
Yihong Wu
b178f26e52
Reduce redundant loop
Co-authored-by: Davide Beatrici <github@davidebeatrici.dev>
2021-12-04 16:16:22 +08:00
Yihong Wu
9692a8d961 Fix DNS resolution when no IPv6 address is configured 2021-12-03 14:18:43 +08:00
Yihong Wu
2d1c8765aa
Merge pull request #1433 from domosekai/chain
Support user-specified server trust chain
2021-11-25 17:15:53 +08:00
Yihong Wu
8392ccd1fa
Merge pull request #1391 from domosekai/master 2021-11-25 11:09:12 +08:00
Davide Beatrici
2955dc5580
Merge PR #1507: Change default hub option to allow default router in IPv6 RA 2021-11-24 00:22:04 +01:00
Yihong Wu
e095283641 Change default hub option to allow default router in IPv6 RA 2021-11-23 23:54:42 +08:00
Yihong Wu
fb004345b4 Cedar/Proto_PPP: Fix IPC DHCP renewal 2021-11-23 19:48:46 +08:00
Ilya Shipitsin
4d594e00f8 add "data-ciphers" to generated OpenVPN configs 2021-10-02 15:00:20 +05:00
Yihong Wu
2990b5ae93 Fix memory overrun in policy copy 2021-09-30 19:36:36 +08:00
Yihong Wu
462ebfb960 Fix policy dialog 2021-09-30 16:59:22 +08:00
Yihong Wu
582a739179 Fix auto refreshing of client manager 2021-09-28 20:15:41 +08:00
Yihong Wu
3a2d588722
Merge pull request #1483 from domosekai/ecc
Support ECDSA certificates on server side and show parameters in dialog
2021-09-25 20:58:18 +08:00
Yihong Wu
9c2a573cf2 Display key algorithm and parameters in cert dialog 2021-09-24 17:12:51 +08:00
Tetsuo Sugiyama
c9508b7fb7
Password change from client increments config file revision
Fixed an issue where changing the password from the client did not increment the revision of the server config file and the changes were not saved
2021-09-21 18:28:17 +09:00
Yihong Wu
2853337b81 Allow ECDSA certificates on server side 2021-09-20 08:18:36 +00:00
Yihong Wu
03859eb515
Merge pull request #1443 from domosekai/win32
Add IPv6 route management for Windows client
2021-09-18 22:12:27 +08:00
Yihong Wu
82af38c482 Cedar/Protocol.c: Fix connection to server clusters 2021-09-18 08:06:10 +00:00
Ilya Shipitsin
fc9286b11b enable Control-flow Enforcement Technology (CET) Shadow Stack mitigation
for Windows binaries

found by BinSkim
2021-08-27 12:43:42 +05:00
Ilya Shipitsin
5adeeb75ea Enable Control flow guard and Qspectre protection for windows binaries
found by BinSkim
2021-08-26 23:09:13 +05:00
Steve Muskiewicz
472dde05de apply permission fix suggested by @hornos (for #1457) 2021-08-19 08:14:50 -04:00
Ilya Shipitsin
fbdd6f1f3c
Merge pull request #1453 from SoftEtherVPN/dependabot/npm_and_yarn/src/bin/hamcore/wwwroot/admin/default/path-parse-1.0.7
Merge PR #1453: Bump path-parse from 1.0.6 to 1.0.7 in /src/bin/hamcore/wwwroot/admin/default
2021-08-16 11:32:13 +05:00
dependabot[bot]
2d00ab7dcc
Bump path-parse in /src/bin/hamcore/wwwroot/admin/default
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-08-11 02:56:38 +00:00
Davide Beatrici
7f8e527883 CMake: Fix BLAKE2 build failure with MSVC due to it not defining __SSE2__ 2021-08-10 22:58:28 +02:00
Davide Beatrici
ffc095f95a CMake: Add build time check for EVP_PKEY_get_raw_public_key() availability
We need the function since 9dbbfcd388, but unfortunately it's not provided by LibreSSL.

By introducing a build time check we inform the user about the issue explicitly instead of just letting compilation fail.
2021-08-08 19:29:32 +02:00
Rosen Penev
ee3bf7f507 fix compilation without OpenSSL engines
Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-08-07 20:05:04 -07:00
domosekai
9b3077d955 Store interface metric separately as it mau change 2021-08-02 16:18:37 +08:00
domosekai
dd9c3546f7 Prevent IPv6 leak if only IPv4 default route is added 2021-08-02 16:18:37 +08:00
domosekai
4ddf39e760 Remove obsolete Win32 functions 2021-08-02 16:18:37 +08:00
domosekai
ce0591d924 Add IPv6 route management for Windows client 2021-08-02 16:18:36 +08:00
Ilya Shipitcin
37b5644291 src/Cedar/SW.c: treat "0" build as legitimate
installers built for PR have "0" build. let us treat them as legitimate
2021-08-01 12:26:51 +05:00
domosekai
9182a9b4e9 Mayaqua/Network.c: Fix race condition in TUBE operation 2021-07-22 11:59:15 +00:00
domosekai
8b87c9d4ef Cedar/Proto_PPP.c: Fix memory leak in EAP-MSCHAPv2
Fixes: #1420 (Implement EAP-MSCHAPv2)
2021-07-21 11:16:35 +00:00
domosekai
2761c1ca42 Support user-specified server trust chain 2021-07-21 07:02:42 +00:00
domosekai
1bb01e55e5 Mayaqua/TcpIp.c: Fix building DHCP static routes in new format
Fixes: 1708998 (Change IP structure so that IPv4 addresses are stored in RFC3493 format)
2021-07-14 08:11:05 +00:00
Koichiro IWAO
fce3592917
hamcore(ja,tw,cn): translate "Authentication"
appeared in "OpenSSL Engine Authorization"
2021-07-13 18:44:42 +09:00
Koichiro IWAO
410b7a959d
Fix case of OpenSSL 2021-07-13 18:41:41 +09:00
Koichiro IWAO
1590e6afb3
Fix typo s/has beens/has been/g 2021-07-13 18:15:09 +09:00
domosekai
7863ce8a8e Cedar/IPC.c: Add hub release in NewIPC() 2021-07-12 08:37:12 +00:00
domosekai
a1dff0f594 Mayaqua/Network.c: Create UDP listener for every interface if ListenIP is wildcard 2021-07-11 16:15:29 +00:00
Ilya Shipitsin
7881f8657a
Merge pull request #1420 from domosekai/eap
Implement EAP-MSCHAPv2
2021-07-10 23:27:10 +05:00
domosekai
dfb105c2d7 Fix use-after-free timeout issue for L2TP and SSTP 2021-07-10 16:07:09 +00:00
domosekai
66dc5ee581 Cedar/Radius.c: Fix EAP Message buffer overflow 2021-07-10 08:15:03 +00:00
domosekai
56bd9733d6 Cedar/Proto_PPP.c: Use unified format for negative condition 2021-07-10 05:30:06 +00:00
domosekai
eff784b624 Improve EAP behavior with RADIUS 2021-07-10 05:29:23 +00:00
domosekai
22a9231c33 Implement EAP-MSCHAPv2 2021-07-08 14:26:31 +00:00
domosekai
41b9973c24 Mayaqua/Network.c: Fix L2TP/IPsec over IPv6 when listening on :: 2021-07-07 17:37:06 +00:00
Ilya Shipitsin
60db1962f9
Merge pull request #1416 from domosekai/listener
Fix TCP and UDP listener behavior
2021-07-07 16:08:05 +05:00
domosekai
6e400c19af Fix TCP and UDP listener behavior 2021-07-07 10:50:23 +00:00
Ilya Shipitsin
f2466eb919
Merge pull request #1415 from davidebeatrici/vpncmd-wireguard-keys
Cedar/Command: Add GenX25519 and GetPublicX25519 commands
2021-07-07 13:04:13 +05:00
Davide Beatrici
c310163244 Cedar/Command: Add GenX25519 and GetPublicX25519 commands
GenX25519 command - Create new X25519 keypair
Help for command "GenX25519"

Purpose:
  Create new X25519 keypair

Description:
  Use this to create a new X25519 keypair, which can be used for WireGuard.
  Both the private and public key will be shown.
  The public key can be shared and is used to identify a peer.
  Also, it can always be retrieved from the private key using the GetPublicX25519 command.
  The private key should be kept in a secure place and never be shared.
  It cannot be recovered once lost.

Usage:
  GenX25519

==========================================================================================

GetPublicX25519 command - Retrieve public X25519 key from a private one
Help for command "GetPublicX25519"

Purpose:
  Retrieve public X25519 key from a private one

Description:
  Use this if you have a private X25519 key and want to get its corresponding public key.

Usage:
  GetPublicX25519 [private]

Parameters:
  private - The private X25519 key you want to get the corresponding public key of.
2021-07-07 08:43:41 +02:00
Davide Beatrici
9dbbfcd388 Mayaqua: Add new cryptographic functions for X25519/X448 keys management
The files are created in a new folder to keep the source tree tidier.

Please note that only X25519/X448 keys are supported due to an OpenSSL limitation:
https://www.openssl.org/docs/manmaster/man3/EVP_PKEY_new.html

We have functions that handle AES keys in Encrypt.c/.h.
Ideally we should move them into the new files.
2021-07-07 08:11:08 +02:00
Davide Beatrici
4328e6e5ab CMake: Link Cedar to Mayaqua directly
It's Cedar itself that depends on Mayaqua, not the executables.
2021-07-07 08:08:12 +02:00
domosekai
4efed994dc Mayaqua/Network.c: Use int as boolean flags for socket options 2021-07-07 03:07:06 +00:00
Davide Beatrici
513ad6e792
Merge PR #1410: Mayaqua/DNS.c: Fix DNS resolution in dual stack environment 2021-07-05 20:23:09 +02:00
domosekai
bcba88ca73 Cedar/Protocol.c: Use real server IP in creating node info under direct mode 2021-07-05 12:17:57 +00:00
domosekai
883d4d4cd7 Mayaqua/DNS.c: Fix DNS resolution in dual stack environment 2021-07-05 11:10:03 +00:00
domosekai
f6adcd6bfc Cedar/Connection.c: Fix buffer overflow when inserting NAT-T information 2021-07-04 05:53:24 +00:00
Davide Beatrici
233e28f38c Refactor Base64 functions, encode/decode using OpenSSL's EVP interface
Our own implementation works fine, however we should use OpenSSL's one since we already link to the library.

Base64Decode() and Base64Encode() return the required buffer size when "dst" is NULL.

This allows to efficiently allocate a buffer, without wasting memory or risking an overflow.

Base64FromBin() and Base64ToBin() perform all steps, returning a heap-allocated buffer with the data in it.
2021-07-02 09:24:41 +02:00
Davide Beatrici
46ca5f7b98 Use "%S" instead of "%s" for LA_SET_PORTS_UDP and LA_SET_PROTO_OPTIONS
Turns out %S refers to ANSI/UTF-8 and %s to UTF-16.

This commit fixes a buffer overflow reported by AddressSanitizer and removes an unnecessary conversion to UTF-16.
2021-06-27 21:08:26 +02:00
Davide Beatrici
4221579e95 Remove obsolete hardcoded build number checks
The open-source project began with version 1.00, build 9022.

With the exception of an informative message fallback for builds older than 9428 (2014), all checks were for closed-source builds.
2021-06-27 07:21:06 +02:00
domosekai
65bcbc8db3 Mayaqua/Network.c: Fix EAP-TLS chain certificate verification 2021-06-21 14:41:22 +00:00
domosekai
682052e0dc Cedar/Proto_PPP: Fix EAP-TLS fragmentation 2021-06-17 11:34:09 +00:00
Koichiro IWAO
28c90b190c hamcore(ja): just adding a missing ":" 2021-06-11 12:51:06 +09:00
Koichiro IWAO
b4817fd27a hamdore(ja): translate OpenVPN timeout and ping transmission interval 2021-06-06 23:35:46 +09:00
Koichiro IWAO
89ca29f259 hamcore(ja): translate WireGuard log messages 2021-06-06 23:35:46 +09:00
Koichiro IWAO
7a208d6114 hamcore(ja): translate SetStaticNetwork command 2021-06-06 23:35:45 +09:00
Koichiro IWAO
5b910322a7 hamcore(ja): translate Wgk* commands 2021-06-06 23:35:45 +09:00
Davide Beatrici
2923b5500a Mayaqua/FileIO: Fix typo causing segmentation fault on Hamcore cache expiration 2021-05-26 20:46:21 +02:00