AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2025-06-29 04:15:08 +03:00
Code Releases Activity
2,024 Commits 1 Branch 26 Tags 675 MiB
67fe99e1dc
Commit Graph

440 Commits

Author SHA1 Message Date
Siddharth
67fe99e1dc Move duplicated code to one place 2024-07-16 02:33:16 -04:00
Siddharth
d4d20e4443 Remove testing code 2024-07-04 13:56:13 -04:00
Siddharth
a45219bb78 Revert "Fix engine include errors on Fedora Rawhide" 
This reverts commit 1d57ccf94a.
 2024-07-04 13:15:50 -04:00
Siddharth
1d57ccf94a Fix engine include errors on Fedora Rawhide 2024-07-04 06:55:06 -04:00
Siddharth
1f9ce6f9c2 Skip oqsprovider build when OpenSSL version is less than 3.0 2024-06-28 17:05:52 -04:00
Siddharth
28ded982a7 Remove empty OpenSSL version guard 2024-06-28 14:18:48 -04:00
Siddharth
0af6c96d88 Skip tests for oqsprovider 2024-06-28 04:01:30 -04:00
Siddharth
c2c1388f8c Update liboqs and oqs-provider git submodules 2024-06-28 04:00:51 -04:00
Siddharth
d15f92c9b2 Make oqsprovider not build tests 2024-06-28 04:00:51 -04:00
Siddharth
7dc3f2240c Add liboqs with find_package 2024-06-26 20:55:09 -04:00
Siddharth
eb66e7d360 That's not how you comment in C! 2024-06-21 15:16:27 -04:00
Siddharth
13e6369db3 Add liboqs because it isn't normally packaged 2024-06-21 15:14:49 -04:00
Siddharth
102485a4b8 Add oqsprovider statically (built in) by default 2024-06-20 22:08:38 -04:00
Siddharth
68964ab0d7 Guard variables with OpenSSL version 2024-06-18 16:09:10 -04:00
siddharth-narayan
bf3c50fde4
Merge branch 'SoftEtherVPN:master' into quantum-safe-key-agreement 2024-06-18 14:55:45 -04:00
Siddharth
b06486b37d Remove unecessary provider include 2024-06-18 00:01:58 -04:00
hiura
b2ec1bd5dd Change ssl error handler: Having to read all of the errors using ERR_get_error 2024-06-08 02:28:28 +09:00
hiura
08213b7f0e CHANGE ERROR HANDLER FOR SSL ERROR: Change of indent 2024-05-26 23:50:05 +09:00
hiura
98852b77d9 CHANGE ERROR HANDLER FOR SSL ERROR: 2024-05-26 23:36:21 +09:00
Siddharth
2fe4ca0f8c Fix incorrect PQ_GROUP_LIST string 2024-05-20 21:46:57 -04:00
Siddharth
a50d8910ba Add PQ Groups and the provider for them 2024-05-20 19:48:23 -04:00
hiura
9a009d750a Use macro 'MAX' instead of 'max' 2024-04-16 19:14:44 +09:00
hiura
c36d7187a8 Fix 'RemoveDefGwOnDhcpForLocalhost' function No.2: Change the minimum size of DHCP reply 2024-04-16 10:30:10 +09:00
hiura
97203568e7 Fix 'RemoveDefGwOnDhcpForLocalhost' function: Change to exclude unplugged device from MAC address list. 2024-03-31 23:07:16 +09:00
hiura
2789b16c12 Fix hamcore access: Correcting path separator for hamcore. 2024-03-16 12:52:46 +09:00
Ilya Shipitsin
60ee463044 adjust types of variables 
gcc14 is not happy on "error: passing argument .. from incompatible pointer type [-Wincompatible-pointer-types]"
 2024-02-23 11:06:27 +01:00
Ilya Shipitsin
ff4b74afda
Merge pull request #1929 from chipitsine/pr_1921_followup 
fix nullptr deref
 2023-12-01 17:18:40 +01:00
Ilya Shipitsin
e6792d8893 fix nullptr deref 
Co-authored-by: icy17 <1061499390@qq.com>
 2023-11-19 10:57:28 +01:00
Daiyuu Nobori
f4bbe476be Fix Vulnerability: CVE-2023-32275 TALOS-2023-1753 
SoftEther VPN CtEnumCa () information disclosure vulnerability
https://www.softether.org/9-about/News/904-SEVPN202301
https://jvn.jp/en/jp/JVN64316789/
 2023-10-07 04:42:41 +02:00
Daiyuu Nobori
2dec52b875 Heap area protection of memory has been enhanced. 
When memory is released and reallocated, a random security value called a canary is written to the before/after area of memory, and if the value has been modified, the process is terminated (restarted) for safety, assuming it is a buffer overflow of the memory area. This feature may effectively prevent confidentiality or integrity violations in the event that some heap area overflow vulnerability is discovered in this system in the future.
 2023-10-07 04:42:34 +02:00
Daiyuu Nobori
c49e462ed1 Fix Vulnerability: CVE-2023-22325 TALOS-2023-1736 
SoftEther VPN DCRegister DDNS_RPC_MAX_RECV_SIZE denial of service vulnerability
https://www.softether.org/9-about/News/904-SEVPN202301
https://jvn.jp/en/jp/JVN64316789/
 2023-09-28 18:26:17 +09:00
Ilya Shipitsin
f736d18267 temporarily suppress clang warnings on "-Wincompatible-function-pointer-types" 2023-09-16 00:03:03 +02:00
Ilya Shipitsin
6833a7a11d
Merge pull request #1901 from hiura2023/master 
Bind outgoing connection to a specific IP address (avoid illegal access)
 2023-09-12 09:39:18 +02:00
hiura
643cbbbf88 Bind outgoing connection to a specific IP address (avoid illegal access) 2023-09-12 10:20:51 +09:00
Ilya Shipitsin
205a94cda2
Merge pull request #1867 from hiura2023/master 
Bind outgoing connection to a specific IP address
 2023-09-10 17:18:31 +02:00
Ilya Shipitsin
088b5c2df3 additional error handling if SSL_CTX_new failed 
this is a folloup to https://github.com/SoftEtherVPN/SoftEtherVPN/pull/1873
 2023-08-16 19:17:18 +02:00
barracuda156
a80d3f2032 TunTap.h: fix for undefined u_char, u_short on MacOS 2023-08-14 15:54:56 +08:00
barracuda156
1cf2e7a8ea Network.h: include forgotten pthread.h for MacOS too 2023-08-14 15:40:53 +08:00
hiura
c2fe874865 Bind outgoing connection to a specific IP address No.2 2023-08-08 18:14:22 +09:00
icy17
07733b29cb fix potential crash. 2023-07-30 11:01:09 +00:00
Koichiro Iwao
dcdbce63d5 Fix build on __FreeBSD_version >= 140091 (LLVM 16) 
Fails to build after:
https://cgit.freebsd.org/src/commit/?id=a681cba16d8967651a2146385ce44a2bfeb1c4c3

As the commit title is "Bump __FreeBSD_version for llvm 16.0.6 merge",
I suppose LLVM 16 is stricter than LLVM 15. It was building successfully
at least the previous week.

Build log: https://pkg-status.freebsd.org/beefy18/data/main-amd64-default/p4785b313b958_se8efee297c/logs/softether5-5.02.5180.335,2.log

```
[ 32%] Building C object src/Mayaqua/CMakeFiles/mayaqua.dir/Unix.c.o
cd /wrkdirs/usr/ports/security/softether5/work/.build/src/Mayaqua && /usr/bin/cc -DBRIDGE_BPF -DCPU_64 -DHAVE_SSL_CTX_SET_NUM_TICKETS -DNDEBUG -DOS_UNIX -DREENTRANT -DSE_DBDIR=\"/var/db/softether\" -DSE_LOGDIR=\"/var/log/softether\" -DSE_PIDDIR=\"/var/run/softether\" -DSE_TAGNAME=\"5.02.5180-335-g1c0bdb0c/freebsd\" -DTHREADSAFE -DTHREAD_SAFE -DUNIX -DUNIX_BSD -DVPN_SPEED -D_FILE_OFFSET_BITS=64 -D_REENTRANT -D_THREADSAFE -D_THREAD_SAFE -Dmayaqua_EXPORTS -I/wrkdirs/usr/ports/security/softether5/work/SoftEtherVPN-5.02.5180-335-g1c0bdb0c/src/. -I/wrkdirs/usr/ports/security/softether5/work/SoftEtherVPN-5.02.5180-335-g1c0bdb0c/src/Mayaqua/. -I/wrkdirs/usr/ports/security/softether5/work/SoftEtherVPN-5.02.5180-335-g1c0bdb0c/src/libhamcore/include -O2 -pipe  -I/usr/local/include/cpu_features -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing -fsigned-char -O2 -pipe  -I/usr/local/include/cpu_features -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing  -DNDEBUG -O2 -std=gnu99 -fPIC -pthread -MD -MT src/Mayaqua/CMakeFiles/mayaqua.dir/Unix.c.o -MF CMakeFiles/mayaqua.dir/Unix.c.o.d -o CMakeFiles/mayaqua.dir/Unix.c.o -c /wrkdirs/usr/ports/security/softether5/work/SoftEtherVPN-5.02.5180-335-g1c0bdb0c/src/Mayaqua/Unix.c
/wrkdirs/usr/ports/security/softether5/work/SoftEtherVPN-5.02.5180-335-g1c0bdb0c/src/Mayaqua/Unix.c:259:18: error: incompatible function pointer types assigning to 'void (*)(int, struct __siginfo *, void *)' from 'void *(int, siginfo_t *, void *)' (aka 'void *(int, struct __siginfo *, void *)') [-Wincompatible-function-pointer-types]
        sa.sa_sigaction = signal_received_for_ignore;
                        ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~
```
 2023-07-04 08:50:53 +09:00
hiura
e4330ca71a bind outgoing connection 2023-06-28 23:18:09 +09:00
Ilya Shipitsin
c59df82666 src/Mayaqua/Secure.c: fix potential null pointer dereference 
found by coverity

   CID 343528 (#1 of 1): Dereference before null check (REVERSE_INULL)
   check_after_deref: Null-checking name suggests that it may be null,
   but it has already been dereferenced on all paths leading to the
   check.
   438        if (name == NULL || k == NULL || k->private_key == false)
   439        {
   440                sec->Error = SEC_ERROR_BAD_PARAMETER;
   441                return false;
   442        }
 2023-05-01 06:18:39 +02:00
Ilya Shipitsin
db7d6c83d5 src/Mayaqua/Secure.c: fix potential null pointer dereference 
found by coverity

   CID 343537 (#1 of 1): Dereference before null check (REVERSE_INULL)
   check_after_deref: Null-checking name suggests that it may be null
   but it has already been dereferenced on all paths leading to the
   check.
   664        if (name == NULL)
   665        {
   666                sec->Error = SEC_ERROR_BAD_PARAMETER;
   667                return false;
   668        }
 2023-05-01 06:09:38 +02:00
Ilya Shipitsin
a89adaebc3 src/Mayaqua/Secure.c: fix potential null pointer dereference 
found by coverity

 CID 343536 (#1 of 1): Dereference before null check (REVERSE_INULL)
 check_after_deref: Null-checking name suggests that it may be null, but
 it has already been dereferenced on all paths leading to the check.
 1339        if (name == NULL || data == NULL || size == 0)
 1340        {
 1341                sec->Error = SEC_ERROR_BAD_PARAMETER;
 1342                return false;
 1343        }
 2023-05-01 06:07:19 +02:00
Ilya Shipitsin
46e73e944f src/Mayaqua/Unix.c: fix guarding 
SoftEtherVPN/src/Mayaqua/Unix.c:51:25: warning: missing
terminating ' character
   51 | #include <sys/statvfs.h>'
 2023-04-29 22:31:55 +02:00
Ilya Shipitsin
df6df007a3 src/Mayaqua/Str.c: fix denial of service reported by Cisco Talos 
TALOS-2023-1741
CVE-2023-23581

SoftEther VPN vpnserver EnSafeHttpHeaderValueStr denial of service
vulnerability

A denial of service vulnerability exists in the vpnserver
EnSafeHttpHeaderValueStr functionality of SoftEther VPN 5.01.9674 and
5.02. A specially-crafted network packet can lead to denial of service.
 2023-04-21 22:38:22 +02:00
Yihong Wu
df7ea3c54a Mayaqua/Memory: Fix memory corruption in base64 2023-03-31 09:14:39 +00:00
Koichiro IWAO
bedf1cd7e9
Mayaqua/Unix: Make VM detection work on FreeBSD 
This is just a cosmetic problem in the result of "Caps" command which
gets the list of server functions/capability.  There's no behavioural
change in SoftEtherVPN whether running on VM so far.
 2023-02-28 20:08:04 +09:00
Yihong Wu
eea1de3d25 Mayaqua/Network: Fix empty packet being treated as error 2023-02-19 05:41:55 +00:00