AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2026-04-24 15:59:25 +03:00
Code Releases Activity
1,383 Commits 5 Branches 27 Tags
8a37f5ce11c4735a183a59d99d37db241a706632
Commit Graph

103 Commits

Author SHA1 Message Date
Davide Beatrici 8a37f5ce11 Mayaqua/Network.c: Fix several warnings related to Windows data type mismatches 
Also, reported unused variables are removed.
 2021-03-01 02:48:38 +01:00
Ilya Shipitsin ebd1d281dd use SSL_SECOP_VERSION macro instead of OPENSSL_VERSION 
OPENSSL_VERSION is fragile in LibreSSL, BoringSSL.
security level manipulation is openssl specific defined in
https://github.com/openssl/openssl/commit/b362ccab5c1d52086f19d29a32f4acc11073b86b
 2021-02-20 17:48:26 +05:00
Takuho NAKANO c029b34b80 Run SSL_CTX_set_ssl_version earlier 
SSL_CTX_set_ssl_version may change security level.
 2020-10-31 20:19:32 +01:00
Takuho NAKANO 7fdacec2a6 Manage OpenSSL security level 
Add SslAcceptSettings option Override_Security_Level and Override_Security_Level_Value
to allow user to choose.
 2020-10-31 20:19:23 +01:00
Takuho NAKANO 190672bd84 Set RSA bits considering OpenSSL security Level 2020-10-31 20:11:11 +01:00
Takuho NAKANO 5ca62bdd8a Refact: manage SSL_OP_NO_SSLv3 in NewSSLCtx 2020-10-31 20:11:11 +01:00
Takuho NAKANO d0b3cde485 Refact: move SSL_CTX_set_ssl_version to NewSSLCtx 2020-10-31 20:11:11 +01:00
Ilya Shipitsin a2d15615f3 Merge pull request #1115 from takotakot/import_v4_change 
Add Tls_Disable1_3 (Import v4 change)
 2020-10-31 20:04:20 +03:00
Davide Beatrici 69cd39616b Remove "UINT32" and "DWORD", use "UINT" everywhere for consistency 2020-08-15 09:18:27 +02:00
dnobori 144392c587 Add Tls_Disable1_3 
Add Tls_Disable1_3 like Tls_Disable1_2 etc.
This change is part of v4.34-9744-beta e3370fb62c .
 2020-07-19 12:25:47 +09:00
Ilya Shipitsin 47d08b055e Merge pull request #1114 from takotakot/disable_sslv3 
Disable SSLv3
 2020-06-18 11:21:59 +05:00
Takuho NAKANO 5ebdb394fc Disable sslv3 2020-06-09 13:59:57 +09:00
Evengard f2fee4d32c Preliminary implementation of IPv6CP and IPv6 for PPP (untested) 2020-05-12 18:05:18 +03:00
Evengard f627b64264 Auto formatting with AStyle 2020-05-12 17:59:25 +03:00
Evengard 1d6a4d3ec8 Preliminary IPC IPv6 implementation (untested) 2020-05-12 17:59:24 +03:00
Davide Beatrici 0570f7d31c Mayaqua/Network: add StopUdpListener() 
This allows to stop a UDP listener without deleting it.

It's especially useful when no datagrams should be received anymore, but there are other threads accessing the listener.
 2020-05-11 07:50:55 +02:00
Evengard 8fb456f6a6 Fixing a memory leak in SslCertVerifyCallback because of a duplicated callback 2020-05-03 05:36:01 +03:00
Evengard 132926ee09 Fixing alignment of struct on GCC, changing the method to server one 2020-05-03 05:17:23 +03:00
Evengard 9180e065a0 Some weirdness fixes 2020-05-02 20:29:31 +03:00
Evengard 39becfe4ab Some hacks to make Android VPN Client Pro working 2020-05-02 20:25:01 +03:00
Evengard 723f38e72f Fixing Linux... 2020-05-02 19:52:47 +03:00
Evengard a2b7cb0148 Added possibility to load CA certificates from chain_certs folder to allow verifying the client certificates against it. 2020-05-02 19:52:46 +03:00
Evengard 24bd2b3198 Fixing up some errors 2020-05-02 19:52:46 +03:00
Evengard a6970e3e61 Merge branch 'master' into ppp-ipv6 2020-02-05 00:23:03 +03:00
Koichiro IWAO b1aae5080d put chain_certs in dbdir 2019-12-04 23:59:13 +09:00
Davide Beatrici 6b08a451da Mayaqua: implement R-UDP version 2, powered by ChaCha20-Poly1305 2019-11-23 04:38:20 +01:00
dnobori 9aaa9a7f15 Cedar: implement detailed protocol info 2019-11-23 04:23:56 +01:00
Davide Beatrici 2f90e9ecb8 Mayaqua: move HTTP functions from "Network" to "HTTP" 2019-10-20 04:15:12 +02:00
Daiyuu Nobori f0357d4000 - Fixed the problem occurs when RPC messages between Cluster Members exceed 64Kbytes. 
- Fixed the RADIUS PEAP client to use the standard TLS versioning.
- Implementation of a function to fix the MAC address of L3 VPN protocol by entering e.g. "MAC: 112233445566" in the "Notes" field of the user information.
- Implementation of a function to fix the virtual MAC address to be assigned to the L3 VPN client as a string attribute from RADIUS server when authentication.
 2019-10-19 17:34:12 +09:00
Daiyuu Nobori bf4667cfce Fix several compile warnings on MS VC++ 2008. 2019-08-04 10:35:16 +09:00
Davide Beatrici 9f19efb7af OpenVPN: use new protocol interface 2019-07-26 08:37:00 +02:00
Davide Beatrici 7d58e6bf60 Add interface for easy protocol implementation 
This commit adds a protocol interface to the server, its purpose is to manage TCP connections and the various third-party protocols.

More specifically, ProtoHandleConnection() takes care of exchanging the packets between the local and remote endpoint; the protocol implementation only has to parse them and act accordingly.

The interface knows which protocol is the connection for by calling IsPacketForMe(), a function implemented for each protocol.
 2019-07-26 08:36:54 +02:00
Daiyuu Nobori 98b08c2ad1 Implementation of the JSON-RPC API and the Web Admin interface. (dnobori's internal note: 7579 - 7682) 2019-05-28 12:51:51 +09:00
Nick 23b8161ac2 Fixed wrong function name in Debug message 2019-02-15 20:41:16 -05:00
Davide Beatrici 09ee19e72b Mayaqua/Network.c: fix double free crash in GetCipherList() 
SSL_free() also frees the associated context.

https://github.com/openssl/openssl/blob/d6c3c1896cf3c0d69bc27da923d63f8130b13ca0/ssl/ssl_lib.c#L1209

From https://www.openssl.org/docs/man1.1.1/man3/SSL_free.html:

"SSL_free() also calls the free()ing procedures for indirectly affected items, if applicable: the buffering BIO, the read and write BIOs, cipher lists specially created for this ssl, the SSL_SESSION. Do not explicitly free these indirectly freed up items before or after calling SSL_free(), as trying to free things twice may lead to program failure."
 2019-01-21 04:14:47 +01:00
Daiyuu Nobori 63c01ba736 Merge pull request #832 from dnobori/181202_switch_to_apache_license 
Switching license from GPLv2 to Apache License 2.0.
 2019-01-21 09:36:19 +09:00
Daiyuu Nobori 881f34ac56 Compacting headers, updating trivial texts to fit to the license change from GPLv2 to Apache License 2.0. 2019-01-14 12:25:53 +09:00
Davide Beatrici d62421adcb Cedar: retrieve the list of available encryption algorithms from the server 2019-01-01 20:31:13 +01:00
Davide Beatrici 2a572aab21 Mayaqua: fix segmentation fault, add new FreeHttpHeaderSafe() function 2018-12-30 14:46:26 +01:00
Davide Beatrici 619a533b8f Merge PR #843: Mayaqua: query OpenSSL for the list of available ciphers instead of relying on a static list 2018-12-28 20:24:13 +01:00
Davide Beatrici e51c319648 Mayaqua: add "PTR_TO_PTR" macro intended to be used with FreeSafe() 2018-12-22 07:38:38 +01:00
Davide Beatrici 7f9d47b3aa Mayaqua: query OpenSSL for the list of available ciphers instead of relying on a static list 2018-12-21 09:54:51 +01:00
Davide Beatrici bd01cbff9a Mayaqua: add new FreeSafe() function which calls Free() and set the pointer's value to NULL 2018-12-20 02:52:22 +01:00
Davide Beatrici ada06e218e Mayaqua: revamp RecvHttpHeader() so that cleanup functions are not called twice 2018-12-19 20:00:18 +01:00
Davide Beatrici aefbd2e903 Add custom HTTP header feature for HTTP proxy 
A custom HTTP header can be used to bypass certain restrictions imposed on the network or to avoid speed limitations applied by the QoS.
 2018-11-29 20:32:21 +01:00
Ilya Shipitsin 6440521f81 src/Mayaqua/Network.c: remove reccuring check 
found by PVS analyzer

src/Mayaqua/Network.c	18715	err	V571 Recurring check. The 'if (u->GetNatTIpThread == NULL)' condition was already verified in line 18712.
 2018-11-04 01:04:58 +05:00
Davide Beatrici 9fa9f6cdc1 Mayaqua/Network.c: improve RecvFrom() and RecvFrom6() 
This commit improves the RecvFrom() and RecvFrom6() functions by:
- Using the right data type for the struct size variable passed to recvfrom().
- Improving the arguments validation mechanism.
- Printing unhandled errors.
 2018-10-08 03:21:10 +02:00
Daiyuu Nobori ee9990317b Fix bugs reported by Coverity Scan. 2018-09-28 22:39:38 +09:00
Davide Beatrici 3f5f716357 Revamp digest functions 
- Hash() has been removed because it was ambiguous, Md5() and Sha0() are proper replacements.
- HMacMd5() and HMacSha1() now share a common implementation handled by the new Internal_HMac() function.
- NewMd() and MdProcess() now support plain hashing (without the key).
- NewMd(), SetMdKey() and MdProcess() now check the OpenSSL functions' return value and in case of failure a debug message is printed along with the error string, if available.
- SetMdKey()'s return value has been changed from void to bool, so that it's possible to know whether the function succeeded or not.
- MdProcess()' return value has been changed from void to UINT (unsigned int) and the function now returns the number of bytes written by HMAC_Final() or EVP_DigestFinal_ex().
 2018-09-22 06:36:09 +02:00
Ilya Shipitsin ddd0c96d46 src/Mayaqua/Network.c: silence coverity on "Unchecked return value" 2018-08-23 13:36:38 +05:00