domosekai
9182a9b4e9
Mayaqua/Network.c: Fix race condition in TUBE operation
2021-07-22 11:59:15 +00:00
domosekai
a1dff0f594
Mayaqua/Network.c: Create UDP listener for every interface if ListenIP is wildcard
2021-07-11 16:15:29 +00:00
domosekai
dfb105c2d7
Fix use-after-free timeout issue for L2TP and SSTP
2021-07-10 16:07:09 +00:00
domosekai
41b9973c24
Mayaqua/Network.c: Fix L2TP/IPsec over IPv6 when listening on ::
2021-07-07 17:37:06 +00:00
domosekai
6e400c19af
Fix TCP and UDP listener behavior
2021-07-07 10:50:23 +00:00
domosekai
4efed994dc
Mayaqua/Network.c: Use int as boolean flags for socket options
2021-07-07 03:07:06 +00:00
domosekai
c20bcb2e60
Mayaqua/Network: Skip IPv6 nameservers for SecureNAT
2021-04-27 07:30:38 +00:00
Davide Beatrici
0472f9c286
Rewrite DNS API from scratch into dedicated file(s)
...
From a functional point of view, the main improvement is that GetIP() now always prioritizes IPv6 over IPv4.
The previous implementation always returned an IPv4 address, unless not available: in such case it failed.
This means that now connections to hostnames should be established via IPv6 if available.
From a programmer point of view, getting rid of the insane wrappers is enough to justify a complete rewrite.
As an extra, several unrelated unused global variables are removed.
2021-04-18 01:46:59 +02:00
Davide Beatrici
1708998a11
Change IP structure so that IPv4 addresses are stored in RFC3493 format
...
In addition to saving 4 bytes for each instantiation, this change makes IP-related operations faster and clearer.
https://tools.ietf.org/html/rfc3493.html#section-3.7
2021-04-07 21:24:55 +02:00
Davide Beatrici
a6ba9b8788
Include headers properly
2021-04-05 04:48:25 +02:00
Ilya Shipitsin
46b54f00be
Merge pull request #1318 from davidebeatrici/minimum-version-windows-vista
...
Cedar, Mayaqua: Set minimum Windows version to Vista
2021-04-03 22:02:50 +05:00
Davide Beatrici
5cab279a8c
Cedar, Mayaqua: Set minimum Windows version to Vista
2021-04-03 02:25:19 +02:00
Davide Beatrici
84588095d5
Mayaqua/Network.c: Always use fcntl() to toggle socket non-blocking mode (UNIX)
...
O_NONBLOCK is standardized by POSIX, as opposed to FIONBIO.
This commit also fixes a bug: fcntl() was only called to disable the mode.
2021-04-01 08:04:27 +02:00
domosekai
934e49fea0
Mayaqua/Network.c: Fix UDP send error when used with reverse proxy
2021-03-23 11:59:23 +00:00
Davide Beatrici
8a37f5ce11
Mayaqua/Network.c: Fix several warnings related to Windows data type mismatches
...
Also, reported unused variables are removed.
2021-03-01 02:48:38 +01:00
Ilya Shipitsin
ebd1d281dd
use SSL_SECOP_VERSION macro instead of OPENSSL_VERSION
...
OPENSSL_VERSION is fragile in LibreSSL, BoringSSL.
security level manipulation is openssl specific defined in
b362ccab5c
2021-02-20 17:48:26 +05:00
Takuho NAKANO
c029b34b80
Run SSL_CTX_set_ssl_version earlier
...
SSL_CTX_set_ssl_version may change security level.
2020-10-31 20:19:32 +01:00
Takuho NAKANO
7fdacec2a6
Manage OpenSSL security level
...
Add SslAcceptSettings option Override_Security_Level and Override_Security_Level_Value
to allow user to choose.
2020-10-31 20:19:23 +01:00
Takuho NAKANO
190672bd84
Set RSA bits considering OpenSSL security Level
2020-10-31 20:11:11 +01:00
Takuho NAKANO
5ca62bdd8a
Refact: manage SSL_OP_NO_SSLv3 in NewSSLCtx
2020-10-31 20:11:11 +01:00
Takuho NAKANO
d0b3cde485
Refact: move SSL_CTX_set_ssl_version to NewSSLCtx
2020-10-31 20:11:11 +01:00
Ilya Shipitsin
a2d15615f3
Merge pull request #1115 from takotakot/import_v4_change
...
Add Tls_Disable1_3 (Import v4 change)
2020-10-31 20:04:20 +03:00
Davide Beatrici
69cd39616b
Remove "UINT32" and "DWORD", use "UINT" everywhere for consistency
2020-08-15 09:18:27 +02:00
dnobori
144392c587
Add Tls_Disable1_3
...
Add Tls_Disable1_3 like Tls_Disable1_2 etc.
This change is part of v4.34-9744-beta e3370fb62c31eb10d0d221e628161863358d4cc3 .
2020-07-19 12:25:47 +09:00
Ilya Shipitsin
47d08b055e
Merge pull request #1114 from takotakot/disable_sslv3
...
Disable SSLv3
2020-06-18 11:21:59 +05:00
Takuho NAKANO
5ebdb394fc
Disable sslv3
2020-06-09 13:59:57 +09:00
Evengard
f2fee4d32c
Preliminary implementation of IPv6CP and IPv6 for PPP (untested)
2020-05-12 18:05:18 +03:00
Evengard
f627b64264
Auto formatting with AStyle
2020-05-12 17:59:25 +03:00
Evengard
1d6a4d3ec8
Preliminary IPC IPv6 implementation (untested)
2020-05-12 17:59:24 +03:00
Davide Beatrici
0570f7d31c
Mayaqua/Network: add StopUdpListener()
...
This allows to stop a UDP listener without deleting it.
It's especially useful when no datagrams should be received anymore, but there are other threads accessing the listener.
2020-05-11 07:50:55 +02:00
Evengard
8fb456f6a6
Fixing a memory leak in SslCertVerifyCallback because of a duplicated callback
2020-05-03 05:36:01 +03:00
Evengard
132926ee09
Fixing alignment of struct on GCC, changing the method to server one
2020-05-03 05:17:23 +03:00
Evengard
9180e065a0
Some weirdness fixes
2020-05-02 20:29:31 +03:00
Evengard
39becfe4ab
Some hacks to make Android VPN Client Pro working
2020-05-02 20:25:01 +03:00
Evengard
723f38e72f
Fixing Linux...
2020-05-02 19:52:47 +03:00
Evengard
a2b7cb0148
Added possibility to load CA certificates from chain_certs folder to allow verifying the client certificates against it.
2020-05-02 19:52:46 +03:00
Evengard
24bd2b3198
Fixing up some errors
2020-05-02 19:52:46 +03:00
Evengard
a6970e3e61
Merge branch 'master' into ppp-ipv6
2020-02-05 00:23:03 +03:00
Koichiro IWAO
b1aae5080d
put chain_certs in dbdir
2019-12-04 23:59:13 +09:00
Davide Beatrici
6b08a451da
Mayaqua: implement R-UDP version 2, powered by ChaCha20-Poly1305
2019-11-23 04:38:20 +01:00
dnobori
9aaa9a7f15
Cedar: implement detailed protocol info
2019-11-23 04:23:56 +01:00
Davide Beatrici
2f90e9ecb8
Mayaqua: move HTTP functions from "Network" to "HTTP"
2019-10-20 04:15:12 +02:00
Daiyuu Nobori
f0357d4000
- Fixed the problem occurs when RPC messages between Cluster Members exceed 64Kbytes.
...
- Fixed the RADIUS PEAP client to use the standard TLS versioning.
- Implementation of a function to fix the MAC address of L3 VPN protocol by entering e.g. "MAC: 112233445566" in the "Notes" field of the user information.
- Implementation of a function to fix the virtual MAC address to be assigned to the L3 VPN client as a string attribute from RADIUS server when authentication.
2019-10-19 17:34:12 +09:00
Daiyuu Nobori
bf4667cfce
Fix several compile warnings on MS VC++ 2008.
2019-08-04 10:35:16 +09:00
Davide Beatrici
9f19efb7af
OpenVPN: use new protocol interface
2019-07-26 08:37:00 +02:00
Davide Beatrici
7d58e6bf60
Add interface for easy protocol implementation
...
This commit adds a protocol interface to the server, its purpose is to manage TCP connections and the various third-party protocols.
More specifically, ProtoHandleConnection() takes care of exchanging the packets between the local and remote endpoint; the protocol implementation only has to parse them and act accordingly.
The interface knows which protocol is the connection for by calling IsPacketForMe(), a function implemented for each protocol.
2019-07-26 08:36:54 +02:00
Daiyuu Nobori
98b08c2ad1
Implementation of the JSON-RPC API and the Web Admin interface. (dnobori's internal note: 7579 - 7682)
2019-05-28 12:51:51 +09:00
Nick
23b8161ac2
Fixed wrong function name in Debug message
2019-02-15 20:41:16 -05:00
Davide Beatrici
09ee19e72b
Mayaqua/Network.c: fix double free crash in GetCipherList()
...
SSL_free() also frees the associated context.
d6c3c1896c/ssl/ssl_lib.c (L1209)
From https://www.openssl.org/docs/man1.1.1/man3/SSL_free.html :
"SSL_free() also calls the free()ing procedures for indirectly affected items, if applicable: the buffering BIO, the read and write BIOs, cipher lists specially created for this ssl, the SSL_SESSION. Do not explicitly free these indirectly freed up items before or after calling SSL_free(), as trying to free things twice may lead to program failure."
2019-01-21 04:14:47 +01:00
Daiyuu Nobori
63c01ba736
Merge pull request #832 from dnobori/181202_switch_to_apache_license
...
Switching license from GPLv2 to Apache License 2.0.
2019-01-21 09:36:19 +09:00