AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2026-05-04 04:39:25 +03:00
Code Releases Activity
2,206 Commits 5 Branches 27 Tags
a0cbe2daf68a8067ce420d8c08329652438dd2b8
Commit Graph

475 Commits

Author SHA1 Message Date
Ilya Shipitsin 61b920f957 Merge pull request #2239 from synqa/add-comment-unix-lock 
Add comment for UnixLock
 2026-02-21 15:36:51 +01:00
synqa 93bf90ba95 Add comment for UnixLock 
The Lock/Unlock mechanism on Unix is a manual, hand-coded implementation
of PTHREAD_MUTEX_RECURSIVE. We avoid using the PTHREAD_MUTEX_RECURSIVE
directly because it exhibits critical bugs, such as deadlocks on
certain older systems(Linux, Solaris, or macOS).
followup #2219
 2026-02-21 21:15:56 +09:00
Ilya Shipitsin 13f15384f2 Merge pull request #2161 from siddharth-narayan/radius-retry-timeout 
Add RadiusRetryTimeout option
 2026-02-18 07:54:10 +01:00
Ilya Shipitsin b551b77e25 Merge pull request #2225 from synqa/tsan-disable-macro 
Add macro to disable thread sanitizer
 2026-02-08 17:26:26 +01:00
synqa 0a87ff8fbd Add macro to disable thread sanitizer 
Define ATTRIBUTE_NO_TSAN as __attribute__((no_sanitize(\"thread\")))
when building with thread sanitizer enabled. Falls back to empty
definition when thread sanitizer is not active or not supported
compiler.
 2026-02-08 23:41:10 +09:00
synqa 6016f84315 Revert "Fix data race on Tick64" 2026-02-08 23:14:09 +09:00
Ilya Shipitsin 9d27b935b7 Merge pull request #2223 from synqa/fix-memory-leak-loadlanglist 
Fix memory leak in LoadLangList()
 2026-02-06 15:56:18 +01:00
Ilya Shipitsin 1e1104d3ba Merge pull request #2221 from synqa/fix-halt-flag 
Fix data race on Tick64
 2026-02-06 15:55:01 +01:00
synqa fe460de5a6 Fix data race on Tick64 
Add lock protection when reading/writing Halt flag to prevent data race.
 2026-02-06 21:12:16 +09:00
synqa 6ef941db21 Fix memory leak in LoadLangList() 2026-02-06 21:08:52 +09:00
synqa d7d3ec8cac Fix race condition in thread counter 
To prevent data races caused by concurrent access from multiple threads,
replace UINT with COUNTER.
 2026-02-06 21:03:08 +09:00
Ilya Shipitsin 1411d4ceb4 Merge pull request #2217 from synqa/fix-preserve-errno 
Fix preserve errno in SIGCHLD signal handler
 2026-02-05 15:46:13 +01:00
synqa 88af7986b4 Fix preserve errno in SIGCHLD signal handler 
Signal handler may interrupt code that depends on errno, and waitpid()
may modify errno, therefore, errno must be saved and restored before
returning.
 2026-02-05 18:51:58 +09:00
synqa 38f102e2e7 Fix undefined behavior of left shift 
Left shifting UCHAR promotes it to a signed integer. When the
value is >= 128 and shifted by 24, the result sets the sign bit,
causing undefined behavior. Fixes it by explicit casting to UINT.
 2026-02-05 18:48:01 +09:00
SaiXU 875c4fa344 support ARM64 on windows 2026-01-30 11:36:39 +08:00
Siddharth Narayan c32184495b Add server-side NOOP upload for connection keepalive 2025-12-21 21:10:32 -05:00
Siddharth Narayan 304364719c Add radius retry timeout in configuration 2025-12-21 21:07:55 -05:00
Siddharth Narayan 2628c562be Disable unecessary liboqs algorithms 2025-12-02 02:57:15 -06:00
Siddharth Narayan e9f7089c8b Update post quantum submodules 2025-12-02 02:05:27 -06:00
Dominique Martinet 4bb366572d Mayaqua build: allow disabling OQS 
SoftEtherVPN version 5.02.5186 enable post-quantum algorithms, but these
come at a large size increase (after strip, on x86_64, with default
options as of master):
- default options: 9.1M
- new -DOQS_ENABLE=OFF: 762K

Note it is also possible to disable all the algorithms individually by
passing the (243!) options to cmake -DOQS_ENABLE_KEM_BIKE=OFF
-DOQS_ENABLE_KEM_FRODOKEM=OFF -DOQS_ENABLE_KEM_NTRUPRIME=OFF ...,
in which case the binary goes back to a reasonable size of 830K

In the future, it might make sense to add a few settings picking
"sensible" algorithms, e.g. allow everything for a server build or only
allow the best algorithms for a lightweight client.

See: #2148
 2025-10-01 18:05:59 +09:00
Koichiro Iwao efb04daa34 Proper fix for #2122 #2150 
Bundled cpu_features needs to be built with PIC but SHARED_LIBS should
be OFF.
 2025-09-05 22:40:18 +09:00
Koichiro Iwao 2746e8dd19 Build bundled cpu_features with PIC 
After updating bundled cpu_features to 0.9.0, set_property() is not
effective. We need to use set() instead.

Resolves: #2122 #2150
 2025-08-25 21:52:15 +09:00
onetown 0389bfd97a fix: Continue decapsulation to parse L3 data from VLAN-tagged packets 2025-07-17 10:51:52 -04:00
Ilya Shipitsin 260bc09276 Merge pull request #2092 from metalefty/cpu_features 
cpu_features improvements
 2025-04-08 22:56:47 +02:00
Koichiro Iwao 10a2806f12 CI: Use system's cpu_features in FreeBSD CI 2025-01-15 17:09:18 +09:00
Siddharth 972256c578 Update liboqs and oqs-provider submodules - Add X25519MLKEM768 NIST finalized PQ Key exchange 2025-01-14 17:37:55 -06:00
Koichiro Iwao e2e8193495 Improve the usage of cpu_features 
- Add USE_SYSTEM_CPU_FEATURES flag to use system's cpu_features
  instead of the bundled one
- Allow the use of cpu_features for more architectures on Linux [1]

[1] https://github.com/google/cpu_features/tree/v0.9.0?tab=readme-ov-file#whats-supported
 2025-01-14 22:58:20 +09:00
Koichiro Iwao 71b6aa7a8c Update cpu_features to 0.9.0 2025-01-14 18:09:18 +09:00
Ilya Shipitsin 8be6d756b8 Merge pull request #2089 from metalefty/drop_exec 
Drop unnecessary exec permission
 2025-01-14 07:36:11 +01:00
Koichiro Iwao a6c5f0d135 Drop unnecessary exec permission 2025-01-14 14:35:34 +09:00
siddharth-narayan 27d233a522 Merge branch 'SoftEtherVPN:master' into nt-fix 2024-08-15 04:28:13 -04:00
icy17 e2017772c7 Fix potential NULL pointer dereference 2024-08-01 15:43:34 +08:00
Ilya Shipitsin a836b3bd5e Merge pull request #2022 from siddharth-narayan/built-in-post-quantum 
Add built in post quantum functionality
 2024-07-19 20:05:47 +02:00
Siddharth 3a25c6bf73 Fix incorrect "Not on NT" error messages 2024-07-17 15:16:11 -07:00
Siddharth 67fe99e1dc Move duplicated code to one place 2024-07-16 02:33:16 -04:00
Siddharth d4d20e4443 Remove testing code 2024-07-04 13:56:13 -04:00
Siddharth a45219bb78 Revert "Fix engine include errors on Fedora Rawhide" 
This reverts commit 1d57ccf94a.
 2024-07-04 13:15:50 -04:00
siddharth-narayan 25585a1e3d Guard engine.h include 2024-07-04 13:05:30 -04:00
Siddharth 1d57ccf94a Fix engine include errors on Fedora Rawhide 2024-07-04 06:55:06 -04:00
Siddharth 1f9ce6f9c2 Skip oqsprovider build when OpenSSL version is less than 3.0 2024-06-28 17:05:52 -04:00
Siddharth 28ded982a7 Remove empty OpenSSL version guard 2024-06-28 14:18:48 -04:00
Siddharth 0af6c96d88 Skip tests for oqsprovider 2024-06-28 04:01:30 -04:00
Siddharth c2c1388f8c Update liboqs and oqs-provider git submodules 2024-06-28 04:00:51 -04:00
Siddharth d15f92c9b2 Make oqsprovider not build tests 2024-06-28 04:00:51 -04:00
Siddharth 7dc3f2240c Add liboqs with find_package 2024-06-26 20:55:09 -04:00
Siddharth eb66e7d360 That's not how you comment in C! 2024-06-21 15:16:27 -04:00
Siddharth 13e6369db3 Add liboqs because it isn't normally packaged 2024-06-21 15:14:49 -04:00
Siddharth 102485a4b8 Add oqsprovider statically (built in) by default 2024-06-20 22:08:38 -04:00
Siddharth 68964ab0d7 Guard variables with OpenSSL version 2024-06-18 16:09:10 -04:00
siddharth-narayan bf3c50fde4 Merge branch 'SoftEtherVPN:master' into quantum-safe-key-agreement 2024-06-18 14:55:45 -04:00