AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2025-07-06 15:54:57 +03:00
Code Releases Activity
1,368 Commits 1 Branch 26 Tags
9997785812755b38ec7adb23be9a4fabc98a9bb8
Commit Graph

834 Commits

Author SHA1 Message Date
Evengard
24bd2b3198 Fixing up some errors 2020-05-02 19:52:46 +03:00
Evengard
9f2a5cecf3 Preliminary (untested) EAP-TLS implementation 2020-05-02 19:52:46 +03:00
Evengard
a65c436e8f Writing skeleton for EAP-TLS implementation 2020-05-02 19:52:45 +03:00
Evengard
aa0ec4343c Fixing errors as per static analysis 2020-05-02 19:52:45 +03:00
Evengard
1bdd9a92bc Adding timeout propagation from user policy in PPP sessions (including L2TP and SSTP). 2020-05-02 19:52:45 +03:00
Davide Beatrici
942051d3a8 Cedar: various improvements to Proto 
The PROTO structure is now used to identify the system as a whole, rather than a single protocol. It's stored and initialized in Server.

ProtoCompare(), ProtoAdd() and ProtoDetected() are renamed to make the difference between PROTO and PROTO_IMPL more clear.

ProtoGet() and ProtoNum() are removed because the related list can now be accessed directly by Server.
 2020-05-01 07:14:38 +02:00
Ilya Shipitsin
039cd8edf0 Merge pull request #1107 from chipitsine/master 
5.01.9674 release
 2020-04-30 13:26:45 +05:00
Ilya Shipitsin
a902d3eed9 5.01.9674 release 2020-04-30 12:02:05 +05:00
dependabot[bot]
44f731f781 Bump jquery in /src/bin/hamcore/wwwroot/admin/default 
Bumps [jquery](https://github.com/jquery/jquery) from 3.4.1 to 3.5.0.
- [Release notes](https://github.com/jquery/jquery/releases)
- [Commits](https://github.com/jquery/jquery/compare/3.4.1...3.5.0)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-04-30 06:12:25 +00:00
Evengard
f20e99f8e4 Treating empty IPCP requests as IPCP requests with IP-Address option zeroed out 2020-04-25 20:59:08 +03:00
Evengard
b9109211d3 ACKing an empty LCP options list 2020-04-25 15:29:57 +03:00
Davide Beatrici
9073452b09 Merge PR #1092: src/Cedar/Proto_OpenVPN.c: push "block-outside-dns" to clients 2020-04-20 03:25:43 +02:00
Ilya Shipitsin
70a7c4596d 5.01.9673 release 2020-04-18 00:47:47 +05:00
Daiyuu Nobori
033647c8ac Fix security issue: Fix the security of JSON-API. If the administrator password of the Virtual Hub is empty, JSON-API (which was added in 4.30 Build 9696 Beta) will not be able to access to the virtual hub with a empty password since this release. Because there are relatively many cases in which administrator password is empty for a virtual hub, being able to manage a virtual hub without a password using JSON-API was a security problem. In this release, this behavior has been changed so that JSON-API cannot be accessed in the Virtual Hub management mode until it is configured with non-empty password. 2020-04-06 00:44:14 +09:00
Davide Beatrici
b6ef9f88c9 src/Cedar/Proto_OpenVPN.c: push "block-outside-dns" to clients 
From https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage:

--block-outside-dns

Block DNS servers on other network adapters to prevent DNS leaks.
This option prevents any application from accessing TCP or UDP port 53 except one inside the tunnel.
It uses Windows Filtering Platform (WFP) and works on Windows Vista or later.
This option is considered unknown on non-Windows platforms and unsupported on Windows XP, resulting in fatal error.
You may want to use --setenv opt or --ignore-unknown-option (not suitable for Windows XP) to ignore said error.
Note that pushing unknown options from server does not trigger fatal errors.
 2020-04-04 08:37:19 +02:00
Ilya Shipitsin
c6f186bd73 Merge pull request #1084 from ffontaine/master 
Only enable getifaddrs support when available
 2020-04-03 17:45:19 +05:00
Ilya Shipitsin
84bd9abb30 Merge pull request #1072 from Evengard/ppp-ipv6 
Rewriting the PPP stack
 2020-04-02 20:29:51 +05:00
Georgy Komarov
4772a508dc sam: fix using pointer to local variable that is out of scope 2020-03-27 07:28:43 +03:00
Georgy Komarov
1416a693e7 protocol: fix uninitialized variable 
Value of server_cert is undefined if `b = PackGetBuf(p, "Cert");` was
failed.
 2020-03-27 07:25:45 +03:00
Paul Menzel
be3e45a4bf hamcore: Remove trailing spaces from comments 2020-03-25 12:23:55 +01:00
Fabrice Fontaine
dcecd4c0d5 Only enable getifaddrs support when available 
On uClibc, the ifaddrs.h support is optional. While the default
Buildroot uClibc configuration has it enabled, some external
toolchains may not. Therefore this patch detects that and adjusts
softether usage of ifaddrs accordingly.

Based on an initial patch from Bernd Kuhls.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
[Retrieved from:
https://git.buildroot.net/buildroot/tree/package/softether/0009-uclibc-ai-addrconfig.patch]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
 2020-03-21 17:57:37 +01:00
Ilya Shipitsin
3b00d4c56b Merge pull request #1081 from metalefty/describe_cmake_flags 
Describe CMake options added by myself
 2020-03-20 18:43:16 +05:00
Koichiro IWAO
e6b8e6eee3 replace SoftEther project related http links with https 
Outside links such as http://www.openssl.org and http links appear in
source code are untouched.
 2020-03-20 21:27:51 +09:00
Koichiro IWAO
78b0684dd4 Document additional CMake options 
Some CMake options are added by myself (#1047 #1079). So I should
describe in document.
 2020-03-20 21:24:51 +09:00
Koichiro IWAO
c222ef525b Update build requirements on Unix 2020-03-18 18:28:33 +09:00
Ilya Shipitsin
c3d56c2201 Merge pull request #1079 from metalefty/skip_cpu_features 
allow to SKIP_CPU_FEATURES explicitly, not only autodetect
 2020-03-18 11:59:02 +05:00
Koichiro IWAO
f34d3c80b1 allow to SKIP_CPU_FEATURES explicitly, not only autodetect 
Formerly, SKIP_CPU_FEATURES is automatically detected by system
processor. However, "^(armv7l|aarch64|s390x)$" does not cover all
processors that cpu_features should be skipped.

"armv6", "armv7", "mips", "mips64" on FreeBSD are examples [1]
that cpu_features is not correctly skipped.

This change intends to build SoftEther without any modifications on
CMakeLists.txt on such processors.

    cmake . -DSKIP_CPU_FEATURES=1

[1] https://www.freebsd.org/platforms/
 2020-03-16 18:50:55 +09:00
dependabot[bot]
c635cdd614 Bump acorn from 6.1.1 to 6.4.1 in /src/bin/hamcore/wwwroot/admin/default 
Bumps [acorn](https://github.com/acornjs/acorn) from 6.1.1 to 6.4.1.
- [Release notes](https://github.com/acornjs/acorn/releases)
- [Commits](https://github.com/acornjs/acorn/compare/6.1.1...6.4.1)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-03-15 22:06:23 +00:00
Evengard
fa9e9d15a5 Removing unrelated changes as per review 2020-02-06 10:52:34 +03:00
Evengard
60e85afd1f Apply reviewed code style 
Co-Authored-By: Davide Beatrici <davidebeatrici@gmail.com>
 2020-02-06 10:49:09 +03:00
Evengard
a6970e3e61 Merge branch 'master' into ppp-ipv6 2020-02-05 00:23:03 +03:00
Ilya Shipitsin
eeec9a82f6 Merge pull request #1062 from dnobori/200101_impr_url_log_spacing 
Merge pull request #1062: Improvement: Add a space character between URL and other tokens in the packet log format.
 2020-01-01 17:53:27 +05:00
Daiyuu Nobori
a49219db83 Merge branch 'master' of github.com:SoftEtherVPN/SoftEtherVPN into 200101_fix_securenat_ecn 2020-01-01 19:59:42 +09:00
Daiyuu Nobori
a4f87565ae Bugfix: Fix the SecureNAT connection problem with ignoring TCP ECN bit enabled packets 2020-01-01 17:51:38 +09:00
Ilya Shipitsin
9487bc8d47 Merge pull request #1060 from dnobori/200101_fix_imperfect_lock 
Merge pull request #1060: src/Cedar/Hub.c: fix possible crash because of imperfect Virtual Hub FDB lock
 2020-01-01 12:33:15 +05:00
Daiyuu Nobori
70564a8f52 Bugfix: Imperfect Virtual Hub FDB lock may cause process crush. 2020-01-01 15:52:47 +09:00
Daiyuu Nobori
17e7d65839 Improvement: Add a space character between URL and other tokens in the packet log format. 2020-01-01 11:00:51 +09:00
Daiyuu Nobori
e5d691977d Bugfix: OpenVPN Certificate Authentication may cause process crush. 2020-01-01 10:59:24 +09:00
Daiyuu Nobori
f083c59905 Bugfix: Imperfect Virtual Hub FDB lock may cause process crush. 2020-01-01 10:57:51 +09:00
FelipeL
6d3fef8da6 pt-br translation 2019-12-28 15:43:06 +05:00
Koichiro IWAO
c8479e3011 CMake: make db, log, pid directory customizable 2019-12-04 23:59:18 +09:00
Koichiro IWAO
b1aae5080d put chain_certs in dbdir 2019-12-04 23:59:13 +09:00
Koichiro IWAO
a69c4980d5 log eraser, log enumerator should refer logdir 2019-12-04 23:59:11 +09:00
Koichiro IWAO
c64674479d separte log directory and database(config) directory 
@ was an alias for exedir. To separate log directory and
database(config) directory, @ is now an alias for logdir and $ is an
alias for dbdir.
 2019-12-04 23:59:09 +09:00
Koichiro IWAO
01abdedc45 put PID files under PidDir 2019-12-04 23:59:07 +09:00
Koichiro IWAO
18c9b74ff0 implement Get{Db,Log,Pid}{,W} function 
DbDir  : directory to store files such as vpn_server.config and backups etc
LogDir : directory to write logs (sub directories is created in this dir)
PidDir : directory to put PID files such as .ctl-* .pid-* .VPN-*
 2019-12-04 23:59:01 +09:00
Ilya Shipitsin
3b6c4d02ac 5.01.9672 release 2019-11-24 20:47:23 +05:00
dnobori
1d2a58b172 Cedar: handle UDP acceleration and R-UDP versions 2019-11-23 04:38:27 +01:00
Davide Beatrici
6b08a451da Mayaqua: implement R-UDP version 2, powered by ChaCha20-Poly1305 2019-11-23 04:38:20 +01:00
Davide Beatrici
2ea5c2a7b0 Cedar: implement UDP acceleration version 2, powered by ChaCha20-Poly1305 2019-11-23 04:23:56 +01:00