acbc514b87
Merge pull request #2170 from kanglongwei/branch2
...
fix : #2166 L3KnownArp, delete entry from the incorrect list
2025-10-28 21:44:25 +01:00
ab245552b1
fix : #2165 memory leak
2025-10-13 20:05:28 +08:00
fdcb0a207b
fix : #2166 L3KnownArp, delete entry from the incorrect list
2025-10-10 21:20:30 +08:00
8f0deb576c
Incorrect variable used while iterating through sessions which makes the loop stuck
2024-08-25 15:36:50 +03:00
6f57449164
src/Cedar/Proto_IKE.c: ignore packets with no IPSec SA
...
many thanks to Jonathan Phillibert from Amazon Web Services
for investigating and reporting that responding to such packets
might lead to traffic amplification
2024-06-22 18:53:35 +02:00
bfaff4fdb0
Merge pull request #1994 from hiura2023/master
...
Fix Virtual DHCP Server: Correct IP reassignment
2024-05-27 13:13:40 +02:00
5a88b34ddb
Fix Virtual DHCP Server: Correct IP reassignment
2024-05-08 10:55:00 +09:00
bcb896b178
Merge branch 'SoftEtherVPN:master' into master
2024-05-03 17:19:47 +09:00
6e5395cc8d
Fix Virtual DHCP Server: Correct DHCP renewal request
2024-05-03 17:18:13 +09:00
d568cc1727
Fix another memory access error again because of a missing MAC address in IPv6 headers
2024-04-27 21:57:36 +03:00
c9b5e25c87
Fix memory access error when IPv6 prefix reading, should resolve #1972
2024-04-27 02:01:48 +03:00
7f074d0c0b
Fix Virtual DHCP Server: Correct HDCP Sequence
2024-04-26 12:42:27 +09:00
74f7269ef6
Merge pull request #1679 from tickerguy/tickerguy-patch-1
...
BridgeUnix.c: Disable MTU changes on FreeBSD
2024-04-19 16:46:16 +02:00
41f83c9e32
Merge pull request #1840 from RoelvandeWiel/issue1838
...
Changed 'settng' to 'setting' and regenerated the RPC docs
2024-04-17 20:53:42 +02:00
6582955cfa
Update src/Cedar/Protocol.c
...
Co-authored-by: Davide Beatrici <github@davidebeatrici.dev >
2024-04-14 10:36:55 +02:00
71d71e51db
OpenVPN certificate authorization with cn_username in 'email' format
2024-04-12 23:08:24 +05:00
e8c14cba68
Fix 'Session Timeouted.': Change the time for checking wether all the TCP connectins are alive or not.
2024-03-24 19:11:24 +09:00
64cb8e1eff
Change bridge function: Make the NIC appear in the 'Local Bridge Settings' list No.2
2024-03-11 00:16:22 +09:00
645d5ebb55
Change bridge function: Make the NIC appear in the 'Local Bridge Settings' list regardless of a NULL character consisted in 'FriendlyName'
2024-03-06 11:33:56 +09:00
4e4bd79ad2
IPC.c:Cast the pointer to a defined size due to the error in compiling.
2024-02-20 12:01:35 +09:00
9429243dbe
Merge pull request #1906 from hiura2023/master
...
Fix access violation: correct typing mistake in calling Debug().
2023-11-01 10:26:37 +01:00
6dbf7e9ae2
Showing an explanation of the purpose of the Developer Edition and the difference from the Stable Editon by Daiyuu Nobori
2023-10-09 17:14:32 +02:00
54ae7f725b
Add four new certificate hashes to the DDNS_CERT_HASH list by Daiyuu Nobori. These certificates will be used to University of Tsukuba's built-in "softether.net" DDNS server after year 2038.
2023-10-09 17:14:32 +02:00
35077deaf1
Fix Vulnerability: CVE-2023-25774 TALOS-2023-1743
...
SoftEther VPN vpnserver ConnectionAccept () denial of service vulnerability
2023-10-09 17:13:57 +02:00
3b932f5fee
Fix Vulnerability: CVE-2023-27516 TALOS-2023-1754 and CVE-2023-32634 TALOS-2023-1755
...
SoftEther VPN CiRpcAccepted () authentication bypass vulnerability
and SoftEther VPN CiRpcServerThread () MitM authentication bypass vulnerability
https://www.softether.org/9-about/News/904-SEVPN202301
https://jvn.jp/en/jp/JVN64316789/
2023-10-07 04:42:41 +02:00
c49e462ed1
Fix Vulnerability: CVE-2023-22325 TALOS-2023-1736
...
SoftEther VPN DCRegister DDNS_RPC_MAX_RECV_SIZE denial of service vulnerability
https://www.softether.org/9-about/News/904-SEVPN202301
https://jvn.jp/en/jp/JVN64316789/
2023-09-28 18:26:17 +09:00
b8e542105f
Fix Vulnerability: CVE-2023-27395 TALOS-2023-1735
...
SoftEther VPN vpnserver WpcParsePacket () heap-based buffer overflow vulnerability
https://www.softether.org/9-about/News/904-SEVPN202301
https://jvn.jp/en/jp/JVN64316789/
2023-09-28 18:24:12 +09:00
f57f05a599
Bind outgoing connection to a specific IP address (fix a bug)
2023-09-17 16:36:57 +09:00
f736d18267
temporarily suppress clang warnings on "-Wincompatible-function-pointer-types"
2023-09-16 00:03:03 +02:00
205a94cda2
Merge pull request #1867 from hiura2023/master
...
Bind outgoing connection to a specific IP address
2023-09-10 17:18:31 +02:00
8f8677f164
set PPPSetStatus(p, PPP_STATUS_FAIL); in case of failure
2023-08-16 22:32:00 +02:00
088b5c2df3
additional error handling if SSL_CTX_new failed
...
this is a folloup to https://github.com/SoftEtherVPN/SoftEtherVPN/pull/1873
2023-08-16 19:17:18 +02:00
c2fe874865
Bind outgoing connection to a specific IP address No.2
2023-08-08 18:14:22 +09:00
f6f2660060
Merge pull request #1869 from metalefty/bsdunixvlan-group
...
Cedar/VLanUnix: assign virtual interface to softether group
2023-08-07 08:16:17 +02:00
adccc6b7d4
Merge pull request #1775 from domosekai/radius2
...
Support more EAP methods for RADIUS auth
2023-08-07 02:50:13 +09:00
1493ccb44d
Merge PR #1865 : Fix build when NO_VLAN
2023-07-05 09:55:35 +02:00
49f8112d83
Cedar/VLanUnix: assign virtual interface to softether group
...
Interface grouping is available on FreeBSD and OpenBSD. This will allow
you to enumerate only SoftEther virtual interfaces or exclude SoftEther
virtual interfaces, and be helpful when making custom scripts to start
DHCP client when virtual interface become up (=VPN connection
established) for example.
Usage examples as follows.
List all interfaces' names available on the system:
```
$ ifconfig -l
vtnet0 lo0 vpn_client0 vpn_client1 vpn_client2
```
Display a list of SoftEther virtual interfaces:
```
$ ifconfig -g softether
vpn_client0
vpn_client1
vpn_client2
```
Display details about SoftEther virtual interfaces that are up:
```
$ ifconfig -a -u -g softether
vpn_client0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: SoftEther Virtual Network Adapter
options=80000<LINKSTATE>
ether 5e:71:fa:f8:91:4a
hwaddr 58:9c:fc:10:34:2a
groups: tap softether
media: Ethernet autoselect
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
Opened by PID 1445
```
Display details about interfaces except for SoftEther virtual interfaces:
```
$ ifconfig -a -G softether
vtnet0: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=80028<VLAN_MTU,JUMBO_MTU,LINKSTATE>
ether 58:9c:fc:00:f0:23
inet6 fe80::5a9c:fcff:fe00:f023%vtnet0 prefixlen 64 scopeid 0x1
inet 192.168.96.7 netmask 0xffffff00 broadcast 192.168.96.255
media: Ethernet autoselect (10Gbase-T <full-duplex>)
status: active
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
inet 127.0.0.1 netmask 0xff000000
groups: lo
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
```
2023-07-04 14:38:36 +09:00
e4330ca71a
bind outgoing connection
2023-06-28 23:18:09 +09:00
0ab5199272
Fix build when NO_VLAN
...
Occurred at: #670
Closes: #1864
Tested build on FreeBSD with NO_VLAN by modifying CMakeLists.txt like this:
```diff
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index c49a3c78..1dad3691 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -93,6 +93,7 @@ if(UNIX)
if(${CMAKE_SYSTEM_NAME} STREQUAL "FreeBSD")
add_definitions(-DUNIX_BSD -DBRIDGE_BPF)
+ add_definitions(-DNO_VLAN)
include_directories(SYSTEM /usr/local/include)
link_directories(SYSTEM /usr/local/lib)
endif()
```
2023-06-17 02:18:04 +09:00
41be858df0
Collect garbage at development
2023-06-17 01:54:36 +09:00
6665efb822
Remove unnecessary quotation to fix build
2023-06-15 10:17:33 +09:00
8826484245
Rename macro BRDEST -> BRIDGE for simplicity
...
UNIX_VLAN_BRDEST_IFACE_PREFIX -> UNIX_VLAN_BRIDGE_IFACE_PREFIX
2023-06-15 00:15:17 +09:00
09708bc8cb
Cedar/BridgeUnix: make sure to destroy tap device for bridge on FreeBSD
...
Also, rename NewTap/FreeTap to NewBridgeTap/FreeBridgeTap because these
functions are used to create/destroy tap device used for bridge
destination.
2023-06-15 00:15:17 +09:00
696a9bc0a1
Cedar: Don't hardcode prefix for virtual brige destination
2023-06-15 00:15:17 +09:00
96e4fc040f
Cedar/VLanUnix: add description to FreeBSD tap device
...
$ ifconfig vpn_client
vpn_client: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: SoftEther Virtual Network Adapter
options=80000<LINKSTATE>
ether 5e:51:5e:48:ea:ef
hwaddr 58:9c:fc:10:34:2a
groups: tap
media: Ethernet autoselect
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
Opened by PID 35981
2023-06-01 16:50:30 +09:00
867c992111
Cedar/VLanUnix: use space after #ifdef
2023-06-01 15:18:13 +09:00
96b1961d78
Cedar/VLanUnix: add UnixDestroyTapDevice prototype declaration
2023-06-01 11:57:50 +09:00
939eb3130e
Cedar/Client: Enable CtVLans{Up,Down} on FreeBSD
...
The same trick also works on FreeBSD. There's no reason to limit it to
Linux.
2023-05-31 17:48:31 +09:00
0ba7ad392e
Cedar/VLanUnix: Enable UnixVLanSetState on FreeBSD
2023-05-31 17:48:31 +09:00
8482a52522
Cedar/VLanUnix: Make NicDelete work on FreeBSD
...
In contrast to Linux, FreeBSD's tap devices are still plumbed after fd
closed. The tap device must be destroyed in addition to closing fd
to delete virtual network interfaces used for VPN connection.
NicDelete command now works properly and virtual network interfaces used
by vpnclient are cleaned up when shutting down vpnclient.
2023-05-31 17:48:31 +09:00
