AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2024-11-06 17:50:40 +03:00
Code Releases Activity
1,524 Commits 1 Branch 26 Tags 548 MiB
7881f8657a
Commit Graph

115 Commits

Author SHA1 Message Date
domosekai
dfb105c2d7 Fix use-after-free timeout issue for L2TP and SSTP 2021-07-10 16:07:09 +00:00
domosekai
41b9973c24 Mayaqua/Network.c: Fix L2TP/IPsec over IPv6 when listening on :: 2021-07-07 17:37:06 +00:00
domosekai
6e400c19af Fix TCP and UDP listener behavior 2021-07-07 10:50:23 +00:00
domosekai
4efed994dc Mayaqua/Network.c: Use int as boolean flags for socket options 2021-07-07 03:07:06 +00:00
domosekai
c20bcb2e60 Mayaqua/Network: Skip IPv6 nameservers for SecureNAT 2021-04-27 07:30:38 +00:00
Davide Beatrici
0472f9c286 Rewrite DNS API from scratch into dedicated file(s) 
From a functional point of view, the main improvement is that GetIP() now always prioritizes IPv6 over IPv4.
The previous implementation always returned an IPv4 address, unless not available: in such case it failed.
This means that now connections to hostnames should be established via IPv6 if available.

From a programmer point of view, getting rid of the insane wrappers is enough to justify a complete rewrite.

As an extra, several unrelated unused global variables are removed.
 2021-04-18 01:46:59 +02:00
Davide Beatrici
1708998a11 Change IP structure so that IPv4 addresses are stored in RFC3493 format 
In addition to saving 4 bytes for each instantiation, this change makes IP-related operations faster and clearer.

https://tools.ietf.org/html/rfc3493.html#section-3.7
 2021-04-07 21:24:55 +02:00
Davide Beatrici
a6ba9b8788 Include headers properly 2021-04-05 04:48:25 +02:00
Ilya Shipitsin
46b54f00be
Merge pull request #1318 from davidebeatrici/minimum-version-windows-vista 
Cedar, Mayaqua: Set minimum Windows version to Vista
 2021-04-03 22:02:50 +05:00
Davide Beatrici
5cab279a8c Cedar, Mayaqua: Set minimum Windows version to Vista 2021-04-03 02:25:19 +02:00
Davide Beatrici
84588095d5 Mayaqua/Network.c: Always use fcntl() to toggle socket non-blocking mode (UNIX) 
O_NONBLOCK is standardized by POSIX, as opposed to FIONBIO.

This commit also fixes a bug: fcntl() was only called to disable the mode.
 2021-04-01 08:04:27 +02:00
domosekai
934e49fea0 Mayaqua/Network.c: Fix UDP send error when used with reverse proxy 2021-03-23 11:59:23 +00:00
Davide Beatrici
8a37f5ce11 Mayaqua/Network.c: Fix several warnings related to Windows data type mismatches 
Also, reported unused variables are removed.
 2021-03-01 02:48:38 +01:00
Ilya Shipitsin
ebd1d281dd use SSL_SECOP_VERSION macro instead of OPENSSL_VERSION 
OPENSSL_VERSION is fragile in LibreSSL, BoringSSL.
security level manipulation is openssl specific defined in
b362ccab5c
 2021-02-20 17:48:26 +05:00
Takuho NAKANO
c029b34b80 Run SSL_CTX_set_ssl_version earlier 
SSL_CTX_set_ssl_version may change security level.
 2020-10-31 20:19:32 +01:00
Takuho NAKANO
7fdacec2a6 Manage OpenSSL security level 
Add SslAcceptSettings option Override_Security_Level and Override_Security_Level_Value
to allow user to choose.
 2020-10-31 20:19:23 +01:00
Takuho NAKANO
190672bd84 Set RSA bits considering OpenSSL security Level 2020-10-31 20:11:11 +01:00
Takuho NAKANO
5ca62bdd8a Refact: manage SSL_OP_NO_SSLv3 in NewSSLCtx 2020-10-31 20:11:11 +01:00
Takuho NAKANO
d0b3cde485 Refact: move SSL_CTX_set_ssl_version to NewSSLCtx 2020-10-31 20:11:11 +01:00
Ilya Shipitsin
a2d15615f3
Merge pull request #1115 from takotakot/import_v4_change 
Add Tls_Disable1_3 (Import v4 change)
 2020-10-31 20:04:20 +03:00
Davide Beatrici
69cd39616b Remove "UINT32" and "DWORD", use "UINT" everywhere for consistency 2020-08-15 09:18:27 +02:00
dnobori
144392c587 Add Tls_Disable1_3 
Add Tls_Disable1_3 like Tls_Disable1_2 etc.
This change is part of v4.34-9744-beta e3370fb62c31eb10d0d221e628161863358d4cc3 .
 2020-07-19 12:25:47 +09:00
Ilya Shipitsin
47d08b055e
Merge pull request #1114 from takotakot/disable_sslv3 
Disable SSLv3
 2020-06-18 11:21:59 +05:00
Takuho NAKANO
5ebdb394fc Disable sslv3 2020-06-09 13:59:57 +09:00
Evengard
f2fee4d32c Preliminary implementation of IPv6CP and IPv6 for PPP (untested) 2020-05-12 18:05:18 +03:00
Evengard
f627b64264 Auto formatting with AStyle 2020-05-12 17:59:25 +03:00
Evengard
1d6a4d3ec8 Preliminary IPC IPv6 implementation (untested) 2020-05-12 17:59:24 +03:00
Davide Beatrici
0570f7d31c Mayaqua/Network: add StopUdpListener() 
This allows to stop a UDP listener without deleting it.

It's especially useful when no datagrams should be received anymore, but there are other threads accessing the listener.
 2020-05-11 07:50:55 +02:00
Evengard
8fb456f6a6 Fixing a memory leak in SslCertVerifyCallback because of a duplicated callback 2020-05-03 05:36:01 +03:00
Evengard
132926ee09 Fixing alignment of struct on GCC, changing the method to server one 2020-05-03 05:17:23 +03:00
Evengard
9180e065a0 Some weirdness fixes 2020-05-02 20:29:31 +03:00
Evengard
39becfe4ab Some hacks to make Android VPN Client Pro working 2020-05-02 20:25:01 +03:00
Evengard
723f38e72f Fixing Linux... 2020-05-02 19:52:47 +03:00
Evengard
a2b7cb0148 Added possibility to load CA certificates from chain_certs folder to allow verifying the client certificates against it. 2020-05-02 19:52:46 +03:00
Evengard
24bd2b3198 Fixing up some errors 2020-05-02 19:52:46 +03:00
Evengard
a6970e3e61 Merge branch 'master' into ppp-ipv6 2020-02-05 00:23:03 +03:00
Koichiro IWAO
b1aae5080d
put chain_certs in dbdir 2019-12-04 23:59:13 +09:00
Davide Beatrici
6b08a451da Mayaqua: implement R-UDP version 2, powered by ChaCha20-Poly1305 2019-11-23 04:38:20 +01:00
dnobori
9aaa9a7f15 Cedar: implement detailed protocol info 2019-11-23 04:23:56 +01:00
Davide Beatrici
2f90e9ecb8 Mayaqua: move HTTP functions from "Network" to "HTTP" 2019-10-20 04:15:12 +02:00
Daiyuu Nobori
f0357d4000 - Fixed the problem occurs when RPC messages between Cluster Members exceed 64Kbytes. 
- Fixed the RADIUS PEAP client to use the standard TLS versioning.
- Implementation of a function to fix the MAC address of L3 VPN protocol by entering e.g. "MAC: 112233445566" in the "Notes" field of the user information.
- Implementation of a function to fix the virtual MAC address to be assigned to the L3 VPN client as a string attribute from RADIUS server when authentication.
 2019-10-19 17:34:12 +09:00
Daiyuu Nobori
bf4667cfce Fix several compile warnings on MS VC++ 2008. 2019-08-04 10:35:16 +09:00
Davide Beatrici
9f19efb7af OpenVPN: use new protocol interface 2019-07-26 08:37:00 +02:00
Davide Beatrici
7d58e6bf60 Add interface for easy protocol implementation 
This commit adds a protocol interface to the server, its purpose is to manage TCP connections and the various third-party protocols.

More specifically, ProtoHandleConnection() takes care of exchanging the packets between the local and remote endpoint; the protocol implementation only has to parse them and act accordingly.

The interface knows which protocol is the connection for by calling IsPacketForMe(), a function implemented for each protocol.
 2019-07-26 08:36:54 +02:00
Daiyuu Nobori
98b08c2ad1 Implementation of the JSON-RPC API and the Web Admin interface. (dnobori's internal note: 7579 - 7682) 2019-05-28 12:51:51 +09:00
Nick
23b8161ac2
Fixed wrong function name in Debug message 2019-02-15 20:41:16 -05:00
Davide Beatrici
09ee19e72b Mayaqua/Network.c: fix double free crash in GetCipherList() 
SSL_free() also frees the associated context.

d6c3c1896c/ssl/ssl_lib.c (L1209)

From https://www.openssl.org/docs/man1.1.1/man3/SSL_free.html:

"SSL_free() also calls the free()ing procedures for indirectly affected items, if applicable: the buffering BIO, the read and write BIOs, cipher lists specially created for this ssl, the SSL_SESSION. Do not explicitly free these indirectly freed up items before or after calling SSL_free(), as trying to free things twice may lead to program failure."
 2019-01-21 04:14:47 +01:00
Daiyuu Nobori
63c01ba736
Merge pull request #832 from dnobori/181202_switch_to_apache_license 
Switching license from GPLv2 to Apache License 2.0.
 2019-01-21 09:36:19 +09:00
Daiyuu Nobori
881f34ac56 Compacting headers, updating trivial texts to fit to the license change from GPLv2 to Apache License 2.0. 2019-01-14 12:25:53 +09:00
Davide Beatrici
d62421adcb Cedar: retrieve the list of available encryption algorithms from the server 2019-01-01 20:31:13 +01:00