1
0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2024-11-15 06:00:39 +03:00
Commit Graph

1913 Commits

Author SHA1 Message Date
Daiyuu Nobori
844dcdb0af Remove all references to strtok() and wcstok(), implement and use alternatives
strtok() and wcstok() are considered unsafe functions.

A segmentation fault caused by the use of strtok() was recently reported.

Co-authored-by: Takuho NAKANO <takotakot@users.noreply.github.com>
2020-07-20 17:57:58 +02:00
dnobori
144392c587 Add Tls_Disable1_3
Add Tls_Disable1_3 like Tls_Disable1_2 etc.
This change is part of v4.34-9744-beta e3370fb62c31eb10d0d221e628161863358d4cc3 .
2020-07-19 12:25:47 +09:00
Davide Beatrici
3baf4674e7
Merge PR #1171: Cedar: handle SSTP through Proto, minor improvements 2020-07-17 02:43:02 +02:00
Davide Beatrici
869496be3e Cedar: handle SSTP through Proto 2020-07-17 02:00:30 +02:00
Davide Beatrici
d917b2ac73 Cedar/Proto.c: check whether IsPacketForMe() is available before calling it
The SSTP implementation doesn't provide packet identification, because it's not required: the protocol is identified by the HTTP header it sends to the server.
2020-07-17 01:59:41 +02:00
Davide Beatrici
96a2d5a124 src/Cedar: pass client hostname and cipher to Init() function in PROTO_IMPL
The SSTP implementation must be aware of the cipher in order to be able to report it to the server's internals (i.e. IPC).
2020-07-17 01:59:22 +02:00
Davide Beatrici
3090688506 Cedar/Proto.c: support secure sockets
This is required for SSTP, because the connection is established through TLS/SSL.
2020-07-12 03:16:02 +02:00
Davide Beatrici
19dbdf46be Cedar: move buffer limit handling from ProtoHandleConnection() to protocol implementation
This allows greater control, required by SSTP: the limit only applies to data packets.
2020-07-12 03:09:12 +02:00
Davide Beatrici
eb5150a002 Cedar: change ProtoHandleConnection() so that it supports direct protocol specification 2020-07-12 03:05:51 +02:00
Davide Beatrici
e0c6813d44
Merge PR #1170: Cedar: fix server crash in CleanupSession() 2020-07-11 00:59:55 +02:00
Davide Beatrici
6869955acc Cedar: fix server crash in CleanupSession()
"ClientOption", as the name implies, is only used in a client context.

The issue was introduced in 235bd07e67. Before that, an unrelated check prevented UnixVLanSetState() from being called in a server context.
2020-07-11 00:32:07 +02:00
Davide Beatrici
f84513c95b
Merge PR #1164: Cedar: fix ProtoSetUdpPorts() call in SiLoadServerCfg() 2020-07-03 17:03:10 +02:00
Davide Beatrici
45399d9797 Cedar: fix ProtoSetUdpPorts() call in SiLoadServerCfg()
I accidentally passed the wrong variable in 4514ba5e2f.
2020-07-03 01:31:19 +02:00
Ilya Shipitsin
b60844e276
Merge pull request #1161 from ronisaacson/master
Fix three issues when building RPM packages
2020-07-01 13:00:19 +05:00
Ron Isaacson
40ed982079 Fix systemd unit file generation 2020-06-30 01:22:37 -04:00
Ron Isaacson
eeaac4e78c When generating an RPM, attempt to exclude system directories 2020-06-29 23:11:05 -04:00
Ron Isaacson
6fe678fe84 Fix wrapper script generation 2020-06-29 23:04:35 -04:00
Ron Isaacson
853b4a57bc Remove unnecessary CMake options 2020-06-28 16:21:12 -04:00
Davide Beatrici
275e8a81ef
Merge PR #1157: Cedar: remove "NicDownOnDisconnect" option, force correct behavior 2020-06-28 14:45:13 +02:00
Davide Beatrici
235bd07e67 Cedar: remove "NicDownOnDisconnect" option
SoftEther VPN originally created the NIC in the UP state and never changed it, even when the the client was not connected.

The behavior was changed in 59e1483dbf, which also added the NicDownOnDisconnect option

The option was disabled by default for backwards compatibility with scripts that don't check whether the NIC is down, but it's not ideal.

This commit forces the correct behavior and removes the commands "TUNDownOnDisconnectEnable", "TUNDownOnDisconnectDisable" and "TUNDownOnDisconnectGet".
2020-06-27 22:47:04 +02:00
Ilya Shipitsin
47d08b055e
Merge pull request #1114 from takotakot/disable_sslv3
Disable SSLv3
2020-06-18 11:21:59 +05:00
Davide Beatrici
485a5922eb
Merge PR #1146: Cedar/Server.c: load UDP ports from configuration file and apply them 2020-06-10 10:00:10 +02:00
Davide Beatrici
4514ba5e2f Cedar/Server.c: load UDP ports from configuration file and apply them
Unfortunately I realized only now that I didn't add the code in c4ec63fe32.
2020-06-10 09:42:23 +02:00
Takuho NAKANO
5ebdb394fc Disable sslv3 2020-06-09 13:59:57 +09:00
Davide Beatrici
2fafd7c70e
Merge PR #1134: Fixed that NewDhcpOption can't handle DHCP options longer than 255 bytes 2020-05-22 05:39:54 +02:00
Tetsuo Sugiyama
d726719602
Fixed that NewDhcpOption did not handle DHCP options longer than 255 bytes correctly 2020-05-22 11:05:36 +09:00
Davide Beatrici
09be880263
Merge PR #1130: Revamp UDP ports setting 2020-05-20 22:47:53 +02:00
Davide Beatrici
f7f6eeec44 .ci/start-se-openvpn.sh: use new vpncmd command to set the UDP port 2020-05-20 20:18:51 +02:00
Davide Beatrici
c4838006b1 Cedar/SM.c: move UDP ports setting outside of the OpenVPN/SSTP dialog
This commit moves the UDP ports setting right below the TCP listeners and uses the new RPC methods to get and set them.
2020-05-20 20:18:51 +02:00
Davide Beatrici
c52e49de2d Cedar/SM: replace SmStrToPortList() with StrToPortList()
The function only called StrToPortList(), thus it can safely be replaced with the upstream function.
2020-05-20 20:18:51 +02:00
Davide Beatrici
9e6476c7b2 Cedar/Command: Implement PortsUDPGet and PortsUDPSet commands
PortsUDPSet: This command can be used to specify a single or multiple UDP ports the server should listen on. "0" can be specified to disable the UDP listener.
Administrator privileges are required to execute the command.

PortsUDPGet: This command can be used to retrieve the UDP ports the server is listening on.

The two commands replace the functionality that was previously provided by OpenVpnEnable and OpenVpnGet, respectively.
2020-05-20 20:17:53 +02:00
Davide Beatrici
37f28b4119 Cedar/Command: add "limit_range" parameter to StrToPortList()
Originally, StrToPortList() returned NULL when it encountered a number equal to 0 or higher than 65535.

This commit adds a new parameter to the function called "limit_range":

- When its value is true, the function retains the original behavior.
- When its value is false, the function doesn't check whether the number is in the network port number range (1-65535).

The change is required because the command to set the UDP ports will allow to remove all ports by specifying "0" as the port number.
2020-05-20 20:17:40 +02:00
Davide Beatrici
f1cb86d979 Cedar/Admin: implement new RPC methods to get/set the UDP ports 2020-05-20 20:17:34 +02:00
Davide Beatrici
c4ec63fe32 Rename "OpenVPN_UdpPortList" to "PortsUDP", store ports in a LIST
Now that Proto supports UDP, the server can handle multiple protocols on each UDP port.

The UDP ports are specified by the "OpenVPN_UdpPortList" configuration setting, because:

- OpenVPN is currently the only UDP protocol supported by SoftEther VPN to allow a custom port number.
- Before Proto was introduced, a unified interface for the protocols didn't exist; each protocol implementation had to create its own listener.

In preparation for the upcoming WireGuard implementation, this commit renames "OpenVPN_UdpPortList" to "PortsUDP", which should clarify that the setting is global.

The change is reflected in the code. Also, the ports are now stored in a LIST rather than a string. The conversion between string and LIST only happens when loading/saving the configuration.

The default UDP ports are now the same as the TCP ones (443, 992, 1194, 5555).
2020-05-20 03:16:19 +02:00
Ilya Shipitsin
60cc784aee
Merge pull request #1131 from Evengard/ppp-ipv6-fix
Fixes from review of PPP-IPv6 stack
2020-05-19 20:17:41 +05:00
Evengard
b77dd167ff Fixes from review of PPP-IPv6 stack 2020-05-19 17:25:04 +03:00
Ilya Shipitsin
1a8e1385cf
Merge pull request #1125 from Evengard/ppp-ipv6
IPv6 support for the PPP stack
2020-05-19 17:09:09 +05:00
Ilya Shipitsin
e3e35f5a4c
Merge pull request #1122 from benrubson/ban
Log client IP in failed accesses
2020-05-13 15:35:45 +05:00
Davide Beatrici
c15a4ba04f
Merge PR #1126: Cedar/Proto.c: fix wrong NULL check in ProtoHandleDatagrams(), found by Coverity 2020-05-12 23:50:30 +02:00
Ben RUBSON
5e1c728f92
Update strtable_tw.stb 2020-05-12 22:08:59 +02:00
Ben RUBSON
eb9d6e77a4
Update strtable_ru.stb 2020-05-12 22:08:42 +02:00
Ben RUBSON
6e707f7550
Update strtable_pt_br.stb 2020-05-12 22:08:23 +02:00
Ben RUBSON
71b814060d
Update strtable_ko.stb 2020-05-12 22:08:05 +02:00
Ben RUBSON
8e1a377b82
Update strtable_ja.stb 2020-05-12 22:07:35 +02:00
Ben RUBSON
adf0f18b7a
Update strtable_cn.stb 2020-05-12 22:07:09 +02:00
Davide Beatrici
20bbe325fe Cedar/Proto.c: fix wrong NULL check in ProtoHandleDatagrams(), found by Coverity
*** CID 358434: Null pointer dereferences (REVERSE_INULL)
 /src/Cedar/Proto.c: 451 in ProtoHandleDatagrams()
 445   void ProtoHandleDatagrams(UDPLISTENER *listener, LIST *datagrams)
 446   {
 447       UINT i;
 448       HASH_LIST *sessions;
 449       PROTO *proto = listener->Param;
 450
 >>>   CID 358434: Null pointer dereferences (REVERSE_INULL)
 >>>   Null-checking "listener" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
 451       if (proto == NULL || listener == NULL || datagrams == NULL)
 452       {
 453           return;
 454       }
 455
 456       sessions = proto->Sessions;
2020-05-12 21:26:42 +02:00
Davide Beatrici
1d5ded9388
Merge PR #1123: Increase Radius timeout 2020-05-12 19:47:15 +02:00
Evengard
cbbac659a3 Fixing VS2015 quirks 2020-05-12 18:51:55 +03:00
Evengard
2cfe031398 Fixing most errors, the link on Windows is working and is stable 2020-05-12 18:10:06 +03:00
Evengard
a2a6502ab9 Numerous fixes. First working version. 2020-05-12 18:05:19 +03:00