Our own implementation works fine, however we should use OpenSSL's one since we already link to the library.
Base64Decode() and Base64Encode() return the required buffer size when "dst" is NULL.
This allows to efficiently allocate a buffer, without wasting memory or risking an overflow.
Base64FromBin() and Base64ToBin() perform all steps, returning a heap-allocated buffer with the data in it.
Turns out %S refers to ANSI/UTF-8 and %s to UTF-16.
This commit fixes a buffer overflow reported by AddressSanitizer and removes an unnecessary conversion to UTF-16.
The open-source project began with version 1.00, build 9022.
With the exception of an informative message fallback for builds older than 9428 (2014), all checks were for closed-source builds.
- <pthread.h> included for the "pthread_t" type definition.
- <net/ethernet.h> include removed as the header doesn't exist.
- AI_ALL and AI_V4MAPPED defined to 0 as the options don't exist.
52 bytes in 2 blocks are definitely lost in loss record 5 of 13
at 0x483877F: malloc (vg_replace_malloc.c:307)
by 0x4ABB1BB: UnixMemoryAlloc (Unix.c:2033)
by 0x4A7FABF: InternalMalloc (Memory.c:3819)
by 0x4A7B769: MallocEx (Memory.c:3650)
by 0x4A7B769: Malloc (Memory.c:3641)
by 0x4AA71A9: CopyStr (Str.c:1884)
by 0x4A61A9C: DnsCacheReverseUpdate (DNS.c:257)
by 0x4A62123: DnsResolveReverse (DNS.c:506)
by 0x4A93EB3: GetHostName (Network.c:15023)
by 0x4A93EB3: AcceptInitEx (Network.c:12589)
by 0x4934659: TCPAcceptedThread (Listener.c:172)
by 0x4A76469: ThreadPoolProc (Kernel.c:872)
by 0x4ABD159: UnixDefaultThreadProc (Unix.c:1589)
by 0x51C2EA6: start_thread (pthread_create.c:477)
2,280 (684 direct, 1,596 indirect) bytes in 9 blocks are definitely lost in loss record 11 of 13
at 0x483877F: malloc (vg_replace_malloc.c:307)
by 0x4C65AC5: gaih_inet.constprop.0 (getaddrinfo.c:1058)
by 0x4C67224: getaddrinfo (getaddrinfo.c:2256)
by 0x4A61E06: DnsResolver (DNS.c:404)
by 0x4A76469: ThreadPoolProc (Kernel.c:872)
by 0x4ABD159: UnixDefaultThreadProc (Unix.c:1589)
by 0x51C2EA6: start_thread (pthread_create.c:477)
by 0x4C7CDEE: clone (clone.S:95)
Also, the default timeout value is set to 30000 (milliseconds) instead of 10000.
The change is made because it was reported that some routers failed to connect in time.
This commit also fixes a bug which caused the server to initialize all boolean options to false.
It was caused by SiLoadProtoCfg() not checking whether the item exists in the configuration file.
CfgGetBool() always returns false if the item doesn't exist.
From a functional point of view, the main improvement is that GetIP() now always prioritizes IPv6 over IPv4.
The previous implementation always returned an IPv4 address, unless not available: in such case it failed.
This means that now connections to hostnames should be established via IPv6 if available.
From a programmer point of view, getting rid of the insane wrappers is enough to justify a complete rewrite.
As an extra, several unrelated unused global variables are removed.
Before this commit, the IP address reported by the NAT-T server was immediately discarded.
That's because the peer should be accessible via the IP address used to establish the TCP connection.
User "domosekai" (https://www.domosekai.com) pointed out that the NAT-T IP address should be taken into account.
In his case it's required due to his broadband carrier's NAT causing TCP and UDP to have different external IPs.
Co-authored-by: domosekai <54519668+domosekai@users.noreply.github.com>
This greatly improves performance and reduces the binary's size (~0.2 MB vs ~5 MB).
All recent Windows versions are supported, starting with Vista.
No dialogs are created, aside from error/warning ones in case of failure.
The only dependency (aside from Windows libraries) is libhamcore.
The bug caused ProtoOptionsGet and ProtoOptionsSet not to work anymore after c90617e0e86dedf78e0e3c8a71263a80eec29caa.
The functions were introduced in aa65327e73, but the issue went unnoticed because bool was the same as UINT.
BOOL was just an alias for bool, this commit replaces all instances of it for consistency.
For some reason bool was defined as a 4-byte integer instead of a 1-byte one, presumably to match WinAPI's definition: https://docs.microsoft.com/en-us/windows/win32/winprog/windows-data-types
Nothing should break now that bool is 1-byte, as no protocol code appears to be relying on the size of the data type.
PACK, for example, explicitly stores boolean values as 4-byte integers.
This commit can be seen as a follow-up to 61ccaed4f6.
WgkAdd command - Add a WireGuard key
Help for command "WgkAdd"
Purpose:
Add a WireGuard key
Description:
This command can be used to add a WireGuard key to the allowed key list.
To execute this command, you must have VPN Server administrator privileges.
Usage:
WgkAdd [key] [/HUB:hub] [/USER:user]
Parameters:
key - WireGuard key. Make sure it is the public one!
/HUB - Hub the key will be associated to.
/USER - User the key will be associated to, in the specified hub.
================================================================================
WgkDelete command - Delete a WireGuard key
Help for command "WgkDelete"
Purpose:
Delete a WireGuard key
Description:
This command can be used to delete a WireGuard key from the allowed key list.
To execute this command, you must have VPN Server administrator privileges.
Usage:
WgkDelete [key]
Parameters:
key - WireGuard key.
================================================================================
WgkEnum command - List the WireGuard keys
Help for command "WgkEnum"
Purpose:
List the WireGuard keys
Description:
This command retrieves the WireGuard keys that are allowed to connect to the server, along with the associated Virtual Hub and user.
You can add a key with the WgkAdd command.
You can delete a key with the WgkDelete command.
To execute this command, you must have VPN Server administrator privileges.
Usage:
WgkEnum