67fe99e1dc
Move duplicated code to one place
2024-07-16 02:33:16 -04:00
d4d20e4443
Remove testing code
2024-07-04 13:56:13 -04:00
a45219bb78
Revert "Fix engine include errors on Fedora Rawhide"
...
This reverts commit 1d57ccf94a
2024-07-04 13:15:50 -04:00
1d57ccf94a
Fix engine include errors on Fedora Rawhide
2024-07-04 06:55:06 -04:00
1f9ce6f9c2
Skip oqsprovider build when OpenSSL version is less than 3.0
2024-06-28 17:05:52 -04:00
28ded982a7
Remove empty OpenSSL version guard
2024-06-28 14:18:48 -04:00
0af6c96d88
Skip tests for oqsprovider
2024-06-28 04:01:30 -04:00
c2c1388f8c
Update liboqs and oqs-provider git submodules
2024-06-28 04:00:51 -04:00
d15f92c9b2
Make oqsprovider not build tests
2024-06-28 04:00:51 -04:00
7dc3f2240c
Add liboqs with find_package
2024-06-26 20:55:09 -04:00
eb66e7d360
That's not how you comment in C!
2024-06-21 15:16:27 -04:00
13e6369db3
Add liboqs because it isn't normally packaged
2024-06-21 15:14:49 -04:00
102485a4b8
Add oqsprovider statically (built in) by default
2024-06-20 22:08:38 -04:00
68964ab0d7
Guard variables with OpenSSL version
2024-06-18 16:09:10 -04:00
bf3c50fde4
Merge branch 'SoftEtherVPN:master' into quantum-safe-key-agreement
2024-06-18 14:55:45 -04:00
b06486b37d
Remove unecessary provider include
2024-06-18 00:01:58 -04:00
b2ec1bd5dd
Change ssl error handler: Having to read all of the errors using ERR_get_error
2024-06-08 02:28:28 +09:00
08213b7f0e
CHANGE ERROR HANDLER FOR SSL ERROR: Change of indent
2024-05-26 23:50:05 +09:00
98852b77d9
CHANGE ERROR HANDLER FOR SSL ERROR:
2024-05-26 23:36:21 +09:00
2fe4ca0f8c
Fix incorrect PQ_GROUP_LIST string
2024-05-20 21:46:57 -04:00
a50d8910ba
Add PQ Groups and the provider for them
2024-05-20 19:48:23 -04:00
9a009d750a
Use macro 'MAX' instead of 'max'
2024-04-16 19:14:44 +09:00
c36d7187a8
Fix 'RemoveDefGwOnDhcpForLocalhost' function No.2: Change the minimum size of DHCP reply
2024-04-16 10:30:10 +09:00
97203568e7
Fix 'RemoveDefGwOnDhcpForLocalhost' function: Change to exclude unplugged device from MAC address list.
2024-03-31 23:07:16 +09:00
2789b16c12
Fix hamcore access: Correcting path separator for hamcore.
2024-03-16 12:52:46 +09:00
60ee463044
adjust types of variables
...
gcc14 is not happy on "error: passing argument .. from incompatible pointer type [-Wincompatible-pointer-types]"
2024-02-23 11:06:27 +01:00
ff4b74afda
Merge pull request #1929 from chipitsine/pr_1921_followup
...
fix nullptr deref
2023-12-01 17:18:40 +01:00
e6792d8893
fix nullptr deref
...
Co-authored-by: icy17 <1061499390@qq.com >
2023-11-19 10:57:28 +01:00
f4bbe476be
Fix Vulnerability: CVE-2023-32275 TALOS-2023-1753
...
SoftEther VPN CtEnumCa () information disclosure vulnerability
https://www.softether.org/9-about/News/904-SEVPN202301
https://jvn.jp/en/jp/JVN64316789/
2023-10-07 04:42:41 +02:00
2dec52b875
Heap area protection of memory has been enhanced.
...
When memory is released and reallocated, a random security value called a canary is written to the before/after area of memory, and if the value has been modified, the process is terminated (restarted) for safety, assuming it is a buffer overflow of the memory area. This feature may effectively prevent confidentiality or integrity violations in the event that some heap area overflow vulnerability is discovered in this system in the future.
2023-10-07 04:42:34 +02:00
c49e462ed1
Fix Vulnerability: CVE-2023-22325 TALOS-2023-1736
...
SoftEther VPN DCRegister DDNS_RPC_MAX_RECV_SIZE denial of service vulnerability
https://www.softether.org/9-about/News/904-SEVPN202301
https://jvn.jp/en/jp/JVN64316789/
2023-09-28 18:26:17 +09:00
f736d18267
temporarily suppress clang warnings on "-Wincompatible-function-pointer-types"
2023-09-16 00:03:03 +02:00
6833a7a11d
Merge pull request #1901 from hiura2023/master
...
Bind outgoing connection to a specific IP address (avoid illegal access)
2023-09-12 09:39:18 +02:00
643cbbbf88
Bind outgoing connection to a specific IP address (avoid illegal access)
2023-09-12 10:20:51 +09:00
205a94cda2
Merge pull request #1867 from hiura2023/master
...
Bind outgoing connection to a specific IP address
2023-09-10 17:18:31 +02:00
088b5c2df3
additional error handling if SSL_CTX_new failed
...
this is a folloup to https://github.com/SoftEtherVPN/SoftEtherVPN/pull/1873
2023-08-16 19:17:18 +02:00
a80d3f2032
TunTap.h: fix for undefined u_char, u_short on MacOS
2023-08-14 15:54:56 +08:00
1cf2e7a8ea
Network.h: include forgotten pthread.h for MacOS too
2023-08-14 15:40:53 +08:00
c2fe874865
Bind outgoing connection to a specific IP address No.2
2023-08-08 18:14:22 +09:00
07733b29cb
fix potential crash.
2023-07-30 11:01:09 +00:00
dcdbce63d5
Fix build on __FreeBSD_version >= 140091 (LLVM 16)
...
Fails to build after:
https://cgit.freebsd.org/src/commit/?id=a681cba16d8967651a2146385ce44a2bfeb1c4c3
As the commit title is "Bump __FreeBSD_version for llvm 16.0.6 merge",
I suppose LLVM 16 is stricter than LLVM 15. It was building successfully
at least the previous week.
Build log: https://pkg-status.freebsd.org/beefy18/data/main-amd64-default/p4785b313b958_se8efee297c/logs/softether5-5.02.5180.335,2.log
```
[ 32%] Building C object src/Mayaqua/CMakeFiles/mayaqua.dir/Unix.c.o
cd /wrkdirs/usr/ports/security/softether5/work/.build/src/Mayaqua && /usr/bin/cc -DBRIDGE_BPF -DCPU_64 -DHAVE_SSL_CTX_SET_NUM_TICKETS -DNDEBUG -DOS_UNIX -DREENTRANT -DSE_DBDIR=\"/var/db/softether\" -DSE_LOGDIR=\"/var/log/softether\" -DSE_PIDDIR=\"/var/run/softether\" -DSE_TAGNAME=\"5.02.5180-335-g1c0bdb0c/freebsd\" -DTHREADSAFE -DTHREAD_SAFE -DUNIX -DUNIX_BSD -DVPN_SPEED -D_FILE_OFFSET_BITS=64 -D_REENTRANT -D_THREADSAFE -D_THREAD_SAFE -Dmayaqua_EXPORTS -I/wrkdirs/usr/ports/security/softether5/work/SoftEtherVPN-5.02.5180-335-g1c0bdb0c/src/. -I/wrkdirs/usr/ports/security/softether5/work/SoftEtherVPN-5.02.5180-335-g1c0bdb0c/src/Mayaqua/. -I/wrkdirs/usr/ports/security/softether5/work/SoftEtherVPN-5.02.5180-335-g1c0bdb0c/src/libhamcore/include -O2 -pipe -I/usr/local/include/cpu_features -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing -fsigned-char -O2 -pipe -I/usr/local/include/cpu_features -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing -DNDEBUG -O2 -std=gnu99 -fPIC -pthread -MD -MT src/Mayaqua/CMakeFiles/mayaqua.dir/Unix.c.o -MF CMakeFiles/mayaqua.dir/Unix.c.o.d -o CMakeFiles/mayaqua.dir/Unix.c.o -c /wrkdirs/usr/ports/security/softether5/work/SoftEtherVPN-5.02.5180-335-g1c0bdb0c/src/Mayaqua/Unix.c
/wrkdirs/usr/ports/security/softether5/work/SoftEtherVPN-5.02.5180-335-g1c0bdb0c/src/Mayaqua/Unix.c:259:18: error: incompatible function pointer types assigning to 'void (*)(int, struct __siginfo *, void *)' from 'void *(int, siginfo_t *, void *)' (aka 'void *(int, struct __siginfo *, void *)') [-Wincompatible-function-pointer-types]
sa.sa_sigaction = signal_received_for_ignore;
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~
```
2023-07-04 08:50:53 +09:00
e4330ca71a
bind outgoing connection
2023-06-28 23:18:09 +09:00
c59df82666
src/Mayaqua/Secure.c: fix potential null pointer dereference
...
found by coverity
CID 343528 (#1 of 1): Dereference before null check (REVERSE_INULL)
check_after_deref: Null-checking name suggests that it may be null,
but it has already been dereferenced on all paths leading to the
check.
438 if (name == NULL || k == NULL || k->private_key == false)
439 {
440 sec->Error = SEC_ERROR_BAD_PARAMETER;
441 return false;
442 }
2023-05-01 06:18:39 +02:00
db7d6c83d5
src/Mayaqua/Secure.c: fix potential null pointer dereference
...
found by coverity
CID 343537 (#1 of 1): Dereference before null check (REVERSE_INULL)
check_after_deref: Null-checking name suggests that it may be null
but it has already been dereferenced on all paths leading to the
check.
664 if (name == NULL)
665 {
666 sec->Error = SEC_ERROR_BAD_PARAMETER;
667 return false;
668 }
2023-05-01 06:09:38 +02:00
a89adaebc3
src/Mayaqua/Secure.c: fix potential null pointer dereference
...
found by coverity
CID 343536 (#1 of 1): Dereference before null check (REVERSE_INULL)
check_after_deref: Null-checking name suggests that it may be null, but
it has already been dereferenced on all paths leading to the check.
1339 if (name == NULL || data == NULL || size == 0)
1340 {
1341 sec->Error = SEC_ERROR_BAD_PARAMETER;
1342 return false;
1343 }
2023-05-01 06:07:19 +02:00
46e73e944f
src/Mayaqua/Unix.c: fix guarding
...
SoftEtherVPN/src/Mayaqua/Unix.c:51:25: warning: missing
terminating ' character
51 | #include <sys/statvfs.h>'
2023-04-29 22:31:55 +02:00
df6df007a3
src/Mayaqua/Str.c: fix denial of service reported by Cisco Talos
...
TALOS-2023-1741
CVE-2023-23581
SoftEther VPN vpnserver EnSafeHttpHeaderValueStr denial of service
vulnerability
A denial of service vulnerability exists in the vpnserver
EnSafeHttpHeaderValueStr functionality of SoftEther VPN 5.01.9674 and
5.02. A specially-crafted network packet can lead to denial of service.
2023-04-21 22:38:22 +02:00
df7ea3c54a
Mayaqua/Memory: Fix memory corruption in base64
2023-03-31 09:14:39 +00:00
bedf1cd7e9
Mayaqua/Unix: Make VM detection work on FreeBSD
...
This is just a cosmetic problem in the result of "Caps" command which
gets the list of server functions/capability. There's no behavioural
change in SoftEtherVPN whether running on VM so far.
2023-02-28 20:08:04 +09:00
eea1de3d25
Mayaqua/Network: Fix empty packet being treated as error
2023-02-19 05:41:55 +00:00
