1
0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2025-07-07 00:04:57 +03:00
Commit Graph

1199 Commits

Author SHA1 Message Date
40ed982079 Fix systemd unit file generation 2020-06-30 01:22:37 -04:00
eeaac4e78c When generating an RPM, attempt to exclude system directories 2020-06-29 23:11:05 -04:00
6fe678fe84 Fix wrapper script generation 2020-06-29 23:04:35 -04:00
853b4a57bc Remove unnecessary CMake options 2020-06-28 16:21:12 -04:00
275e8a81ef Merge PR #1157: Cedar: remove "NicDownOnDisconnect" option, force correct behavior 2020-06-28 14:45:13 +02:00
235bd07e67 Cedar: remove "NicDownOnDisconnect" option
SoftEther VPN originally created the NIC in the UP state and never changed it, even when the the client was not connected.

The behavior was changed in 59e1483dbf, which also added the NicDownOnDisconnect option

The option was disabled by default for backwards compatibility with scripts that don't check whether the NIC is down, but it's not ideal.

This commit forces the correct behavior and removes the commands "TUNDownOnDisconnectEnable", "TUNDownOnDisconnectDisable" and "TUNDownOnDisconnectGet".
2020-06-27 22:47:04 +02:00
47d08b055e Merge pull request #1114 from takotakot/disable_sslv3
Disable SSLv3
2020-06-18 11:21:59 +05:00
485a5922eb Merge PR #1146: Cedar/Server.c: load UDP ports from configuration file and apply them 2020-06-10 10:00:10 +02:00
4514ba5e2f Cedar/Server.c: load UDP ports from configuration file and apply them
Unfortunately I realized only now that I didn't add the code in c4ec63fe32.
2020-06-10 09:42:23 +02:00
5ebdb394fc Disable sslv3 2020-06-09 13:59:57 +09:00
2fafd7c70e Merge PR #1134: Fixed that NewDhcpOption can't handle DHCP options longer than 255 bytes 2020-05-22 05:39:54 +02:00
d726719602 Fixed that NewDhcpOption did not handle DHCP options longer than 255 bytes correctly 2020-05-22 11:05:36 +09:00
09be880263 Merge PR #1130: Revamp UDP ports setting 2020-05-20 22:47:53 +02:00
f7f6eeec44 .ci/start-se-openvpn.sh: use new vpncmd command to set the UDP port 2020-05-20 20:18:51 +02:00
c4838006b1 Cedar/SM.c: move UDP ports setting outside of the OpenVPN/SSTP dialog
This commit moves the UDP ports setting right below the TCP listeners and uses the new RPC methods to get and set them.
2020-05-20 20:18:51 +02:00
c52e49de2d Cedar/SM: replace SmStrToPortList() with StrToPortList()
The function only called StrToPortList(), thus it can safely be replaced with the upstream function.
2020-05-20 20:18:51 +02:00
9e6476c7b2 Cedar/Command: Implement PortsUDPGet and PortsUDPSet commands
PortsUDPSet: This command can be used to specify a single or multiple UDP ports the server should listen on. "0" can be specified to disable the UDP listener.
Administrator privileges are required to execute the command.

PortsUDPGet: This command can be used to retrieve the UDP ports the server is listening on.

The two commands replace the functionality that was previously provided by OpenVpnEnable and OpenVpnGet, respectively.
2020-05-20 20:17:53 +02:00
37f28b4119 Cedar/Command: add "limit_range" parameter to StrToPortList()
Originally, StrToPortList() returned NULL when it encountered a number equal to 0 or higher than 65535.

This commit adds a new parameter to the function called "limit_range":

- When its value is true, the function retains the original behavior.
- When its value is false, the function doesn't check whether the number is in the network port number range (1-65535).

The change is required because the command to set the UDP ports will allow to remove all ports by specifying "0" as the port number.
2020-05-20 20:17:40 +02:00
f1cb86d979 Cedar/Admin: implement new RPC methods to get/set the UDP ports 2020-05-20 20:17:34 +02:00
c4ec63fe32 Rename "OpenVPN_UdpPortList" to "PortsUDP", store ports in a LIST
Now that Proto supports UDP, the server can handle multiple protocols on each UDP port.

The UDP ports are specified by the "OpenVPN_UdpPortList" configuration setting, because:

- OpenVPN is currently the only UDP protocol supported by SoftEther VPN to allow a custom port number.
- Before Proto was introduced, a unified interface for the protocols didn't exist; each protocol implementation had to create its own listener.

In preparation for the upcoming WireGuard implementation, this commit renames "OpenVPN_UdpPortList" to "PortsUDP", which should clarify that the setting is global.

The change is reflected in the code. Also, the ports are now stored in a LIST rather than a string. The conversion between string and LIST only happens when loading/saving the configuration.

The default UDP ports are now the same as the TCP ones (443, 992, 1194, 5555).
2020-05-20 03:16:19 +02:00
60cc784aee Merge pull request #1131 from Evengard/ppp-ipv6-fix
Fixes from review of PPP-IPv6 stack
2020-05-19 20:17:41 +05:00
b77dd167ff Fixes from review of PPP-IPv6 stack 2020-05-19 17:25:04 +03:00
1a8e1385cf Merge pull request #1125 from Evengard/ppp-ipv6
IPv6 support for the PPP stack
2020-05-19 17:09:09 +05:00
e3e35f5a4c Merge pull request #1122 from benrubson/ban
Log client IP in failed accesses
2020-05-13 15:35:45 +05:00
c15a4ba04f Merge PR #1126: Cedar/Proto.c: fix wrong NULL check in ProtoHandleDatagrams(), found by Coverity 2020-05-12 23:50:30 +02:00
5e1c728f92 Update strtable_tw.stb 2020-05-12 22:08:59 +02:00
eb9d6e77a4 Update strtable_ru.stb 2020-05-12 22:08:42 +02:00
6e707f7550 Update strtable_pt_br.stb 2020-05-12 22:08:23 +02:00
71b814060d Update strtable_ko.stb 2020-05-12 22:08:05 +02:00
8e1a377b82 Update strtable_ja.stb 2020-05-12 22:07:35 +02:00
adf0f18b7a Update strtable_cn.stb 2020-05-12 22:07:09 +02:00
20bbe325fe Cedar/Proto.c: fix wrong NULL check in ProtoHandleDatagrams(), found by Coverity
*** CID 358434: Null pointer dereferences (REVERSE_INULL)
 /src/Cedar/Proto.c: 451 in ProtoHandleDatagrams()
 445   void ProtoHandleDatagrams(UDPLISTENER *listener, LIST *datagrams)
 446   {
 447       UINT i;
 448       HASH_LIST *sessions;
 449       PROTO *proto = listener->Param;
 450
 >>>   CID 358434: Null pointer dereferences (REVERSE_INULL)
 >>>   Null-checking "listener" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
 451       if (proto == NULL || listener == NULL || datagrams == NULL)
 452       {
 453           return;
 454       }
 455
 456       sessions = proto->Sessions;
2020-05-12 21:26:42 +02:00
1d5ded9388 Merge PR #1123: Increase Radius timeout 2020-05-12 19:47:15 +02:00
cbbac659a3 Fixing VS2015 quirks 2020-05-12 18:51:55 +03:00
2cfe031398 Fixing most errors, the link on Windows is working and is stable 2020-05-12 18:10:06 +03:00
a2a6502ab9 Numerous fixes. First working version. 2020-05-12 18:05:19 +03:00
f2fee4d32c Preliminary implementation of IPv6CP and IPv6 for PPP (untested) 2020-05-12 18:05:18 +03:00
f627b64264 Auto formatting with AStyle 2020-05-12 17:59:25 +03:00
1d6a4d3ec8 Preliminary IPC IPv6 implementation (untested) 2020-05-12 17:59:24 +03:00
3b7dd25b65 Log client IP in failed accesses 2020-05-11 23:10:40 +02:00
3f16a7e704 Log client IP in failed accesses
to be able to feed tools such as Fail2Ban
2020-05-11 23:09:26 +02:00
4e583e43f1 Increase Radius timeout
to make it 2FA friendly
2020-05-11 23:06:01 +02:00
8fdf7302a5 Merge PR #1120: Cedar: implement UDP system in Proto 2020-05-11 19:58:13 +02:00
981b57ee28 Cedar/Server: set ports in Proto, remove OpenVPN UDP server leftovers
The setting's name is still "OpenVPN_UdpPortList".

We will change it as soon as there's another UDP protocol implemented in Proto.
2020-05-11 08:23:32 +02:00
27f7d43ff7 Cedar/Proto_OpenVPN: remove UDP system, use the one provided by Proto
As a side effect, the DH parameter is now applied to the TCP server as well.

Previously, the default value was always used, ignoring the one from the configuration.
2020-05-11 08:23:29 +02:00
a3aea00820 Cedar/Proto: implement UDP system
When a datagram is received, the matching session is looked up in a hash list; if it's not found, a new session is created.

This method allows to use a single UDP port for multiple protocols, as we do with TCP.

Also, each session has its own dedicated thread, used to process the received datagrams and generate the ones that are then sent through the UDP listener.

In addition to guaranteeing constant performance, separate threads also prevent a single one from blocking all sessions.
2020-05-11 08:22:44 +02:00
0570f7d31c Mayaqua/Network: add StopUdpListener()
This allows to stop a UDP listener without deleting it.

It's especially useful when no datagrams should be received anymore, but there are other threads accessing the listener.
2020-05-11 07:50:55 +02:00
667108319d Cedar: prepare Proto for UDP support
- An additional parameter is added to IsPacketForMe(), used to specify the protocol type (currently either TCP or UDP).
- SupportedModes() is dropped because it's now redundant.
- IsOk() and EstablishedSessions() are dropped because error checking should be handled by the implementation.
- ProtoImplDetect() now takes a buffer and its size rather than a SOCK, so that it can be used to detect UDP protocols.
- The OpenVPN toggle check is moved to ProtoImplDetect(), so that we don't have to duplicate it once UDP support is implemented.
2020-05-11 07:07:04 +02:00
7e8b3c0b39 Merge pull request #1112 from Evengard/making-unique-clientid-dhcp
Make DHCP Client ID more unique
2020-05-05 16:00:23 +05:00
34dfc14549 Fixing errors discovered with Coverity. 2020-05-04 16:07:21 +03:00