1
0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2024-11-23 18:09:53 +03:00
Commit Graph

397 Commits

Author SHA1 Message Date
Ilya Shipitsin
eeec9a82f6
Merge pull request #1062 from dnobori/200101_impr_url_log_spacing
Merge pull request #1062: Improvement: Add a space character between URL and other tokens in the packet log format.
2020-01-01 17:53:27 +05:00
Daiyuu Nobori
a49219db83 Merge branch 'master' of github.com:SoftEtherVPN/SoftEtherVPN into 200101_fix_securenat_ecn 2020-01-01 19:59:42 +09:00
Daiyuu Nobori
a4f87565ae Bugfix: Fix the SecureNAT connection problem with ignoring TCP ECN bit enabled packets 2020-01-01 17:51:38 +09:00
Ilya Shipitsin
9487bc8d47
Merge pull request #1060 from dnobori/200101_fix_imperfect_lock
Merge pull request #1060: src/Cedar/Hub.c: fix possible crash because of imperfect Virtual Hub FDB lock
2020-01-01 12:33:15 +05:00
Daiyuu Nobori
70564a8f52 Bugfix: Imperfect Virtual Hub FDB lock may cause process crush. 2020-01-01 15:52:47 +09:00
Daiyuu Nobori
17e7d65839 Improvement: Add a space character between URL and other tokens in the packet log format. 2020-01-01 11:00:51 +09:00
Daiyuu Nobori
e5d691977d Bugfix: OpenVPN Certificate Authentication may cause process crush. 2020-01-01 10:59:24 +09:00
Daiyuu Nobori
f083c59905 Bugfix: Imperfect Virtual Hub FDB lock may cause process crush. 2020-01-01 10:57:51 +09:00
Koichiro IWAO
b1aae5080d
put chain_certs in dbdir 2019-12-04 23:59:13 +09:00
Koichiro IWAO
a69c4980d5
log eraser, log enumerator should refer logdir 2019-12-04 23:59:11 +09:00
Koichiro IWAO
c64674479d
separte log directory and database(config) directory
@ was an alias for exedir. To separate log directory and
database(config) directory, @ is now an alias for logdir and $ is an
alias for dbdir.
2019-12-04 23:59:09 +09:00
dnobori
1d2a58b172 Cedar: handle UDP acceleration and R-UDP versions 2019-11-23 04:38:27 +01:00
Davide Beatrici
2ea5c2a7b0 Cedar: implement UDP acceleration version 2, powered by ChaCha20-Poly1305 2019-11-23 04:23:56 +01:00
dnobori
82a81a3ce6 Cedar: serve new web management interface 2019-11-23 04:23:56 +01:00
dnobori
9aaa9a7f15 Cedar: implement detailed protocol info 2019-11-23 04:23:56 +01:00
dnobori
76ae935172 Cedar: various fixes 2019-11-23 04:23:51 +01:00
Daiyuu Nobori
76c330e74b Cedar: add "DisableIPsecAggressiveMode" option
Setting it to "true" mitigates CVE-2002-1623.
2019-11-18 06:16:49 +01:00
Davide Beatrici
63caa4b07f Protocol.c: adapt ClientConnectGetSocket() for new proxy functions
The function has been greatly improved, here are some of the changes:

- The required SESSION (c->Session) parameter is checked correctly: the function returns immediately in case it's NULL. Previously, the function didn't return in case the parameter was NULL; multiple checks were in place, but not in all instances where the parameter was dereferenced.
- The resolved IP address is cached with all proxy types.
- The "RestoreServerNameAndPort" variable is documented.
- The Debug() messages have been improved.
2019-10-30 01:39:11 +01:00
Davide Beatrici
3c21d982fc Wpc.c: adapt WpcSockConnectEx() for new proxy functions 2019-10-30 01:39:11 +01:00
Davide Beatrici
59dc26aa21 Protocol: add ProxyCodeToCedar()
This new function translates a proxy error code to a Cedar error code.
2019-10-30 01:39:11 +01:00
Davide Beatrici
b8f58a2f94 Move generic proxy stuff from Cedar to Mayaqua
This commit moves the generic (not related to our protocol) proxy stuff from Cedar to Mayaqua, in dedicated files.

The functions are refactored so that they all have the same arguments and follow the same logic.

Dedicated error codes are added, in order to indicate clearly why the function(s) failed.
2019-10-30 01:39:04 +01:00
Davide Beatrici
5d73cd878f Proto_OpenVPN.c: improve OvsProcessData(), fix out-of-bounds access found by Coverity
Coverity Scan detected an out-of-bounds access issue: OvsProcessData() checked whether the payload size was bigger than the size of the buffer, instead of checking whether the entire packet size (payload size + 2 bytes) was, resulting in an out-of-bounds access in case the payload size is bigger than 1998.

This commit also improves the variable names, the comments and adds two Debug() lines.
2019-10-27 09:01:56 +01:00
Davide Beatrici
16bde47763 Proto_OpenVPN.c: fix segmentation fault in OvsProceccRecvPacket()
OvsDecrypt() returns 0 when it fails, resulting in "size" rolling over with an end result of 4294967292.

This commit fixes the issue by checking whether "size" is greater than sizeof(UINT) before performing the subtraction.
2019-10-26 00:36:07 +02:00
Daiyuu Nobori
4d42f450b2 Addressing the UDP reflection amplification attack: https://github.com/SoftEtherVPN/SoftEtherVPN/issues/1001 2019-10-22 11:14:05 +09:00
Davide Beatrici
12cc242529 Protocol.c: fix bug in ClientConnectGetSocket() causing custom HTTP header not to work
The bug was caused by a typo in the StrCpy() call: the source buffer was the same as the destination one, meaning that the function didn't do anything.
2019-10-21 20:26:56 +02:00
Davide Beatrici
c3d6ffc533 Move GetMimeTypeFromFileName() and related structure to Mayaqua
The structure (containing all mimetypes) occupies almost 700 lines, which are a lot.

This is just the beginning of the refactor plan.
2019-10-20 04:15:12 +02:00
Daiyuu Nobori
f0357d4000 - Fixed the problem occurs when RPC messages between Cluster Members exceed 64Kbytes.
- Fixed the RADIUS PEAP client to use the standard TLS versioning.
- Implementation of a function to fix the MAC address of L3 VPN protocol by entering e.g. "MAC: 112233445566" in the "Notes" field of the user information.
- Implementation of a function to fix the virtual MAC address to be assigned to the L3 VPN client as a string attribute from RADIUS server when authentication.
2019-10-19 17:34:12 +09:00
Davide Beatrici
c8a0a5648b
Merge PR #970: Fix buffer overflow during NETBIOS name resolution 2019-09-30 06:59:04 +02:00
Koichiro IWAO
21e3ce104b Avoid using hardcoded paths in log file enumeration
Hardcoded paths are used in log file enumeration such as LogFileList
command or GenerateEraseFileList function to delete old log files when
disk free space is lacking.

Fixes: SoftEtherVPN/SoftEtherVPN#972
2019-09-13 10:38:09 +09:00
stffabi
850a5faa0d Fix buffer overflow during NETBIOS name resolution
If SecureNAT is enabled and the hostname of the server
is longer than 16characters, every NETBIOS name resolution
query triggers the buffer overflow. If the server was built
with stack protection, the process will be killed.
2019-09-04 14:32:19 +02:00
Daiyuu Nobori
bf4667cfce Fix several compile warnings on MS VC++ 2008. 2019-08-04 10:35:16 +09:00
Davide Beatrici
9f19efb7af OpenVPN: use new protocol interface 2019-07-26 08:37:00 +02:00
Davide Beatrici
7d58e6bf60 Add interface for easy protocol implementation
This commit adds a protocol interface to the server, its purpose is to manage TCP connections and the various third-party protocols.

More specifically, ProtoHandleConnection() takes care of exchanging the packets between the local and remote endpoint; the protocol implementation only has to parse them and act accordingly.

The interface knows which protocol is the connection for by calling IsPacketForMe(), a function implemented for each protocol.
2019-07-26 08:36:54 +02:00
Davide Beatrici
d6cf1b85a9 Virtual: fix race condition in DHCP server which resulted in multiple clients receiving the same IP
A race condition in the DHCP server caused it to offer the same IP address to multiple clients when they connected at the same time, because an offered IP address was considered free until the final step (DHCP_ACK).

This commit introduces a list to keep track of the pending leases created during DHCP_OFFER, so that an IP address is guaranteed to be offered to a single client.
2019-07-13 23:29:16 +02:00
Ilya Shipitsin
47ad2328c0 src/Cedar/Admin.c: remove redundant check
found by Coverity

*** CID 341551:  Incorrect expression  (NO_EFFECT)
/src/Cedar/Admin.c: 414 in AdminWebHandleFileRequest()
408     // Handle the file request
409     bool AdminWebHandleFileRequest(ADMIN *a, CONNECTION *c, SOCK *s, HTTP_HEADER *h, char *url_src, char *query_string, char *virtual_root_dir, char *physical_root_dir)
410     {
411             bool ret = false;
412             char url[MAX_PATH];
413             UINT i, len;
>>>     CID 341551:  Incorrect expression  (NO_EFFECT)
>>>     Comparing an array to null is not useful: "url == NULL", since the test will always evaluate as true.
414             if (a == NULL || c == NULL || s == NULL || h == NULL || url == NULL || query_string == NULL ||
415                     virtual_root_dir == NULL || physical_root_dir == NULL)
416             {
417                     return false;
418             }
419
2019-07-06 10:22:44 +05:00
Daiyuu Nobori
896ac8e285
Merge pull request #930 from dnobori/190630_kb3033929_message
Add the warning message if KB3033929 is not installed in Windows 7 / Server 2008 R2.
2019-06-30 02:24:24 +09:00
Daiyuu Nobori
9c227f3480 Add the warning message if KB3033929 is not installed in Windows 7 / Server 2008 R2. 2019-06-30 01:20:52 +09:00
Daiyuu Nobori
7ef7c36c83 OpenVPN X.509 certificate authentication will be used only when no username / password is specified 2019-06-29 21:30:58 +09:00
Daiyuu Nobori
98b08c2ad1 Implementation of the JSON-RPC API and the Web Admin interface. (dnobori's internal note: 7579 - 7682) 2019-05-28 12:51:51 +09:00
parly
5a7e4693fc Fix GetCedarVersionNumber() 2019-02-14 16:04:16 +09:00
Davide Beatrici
a97b87da68 Cedar/Admin.c: fix segmentation fault caused by non-initialized string in StGetServerCipherList()
StrCat() appends a string to an already existing string. In order to know where the existing string ends, it uses StrLen() which in turn uses strlen(), a function considered unsafe because it doesn't stop until it finds the null character.

Since the string was allocated but not initialized, StrCat() was either:

- Working correctly.
- Copying only a part of the string.
- Making the program crash via strlen().

The fix consists in using StrCpy(), which starts writing at the beginning of the string.
2019-01-21 04:15:55 +01:00
Daiyuu Nobori
63c01ba736
Merge pull request #832 from dnobori/181202_switch_to_apache_license
Switching license from GPLv2 to Apache License 2.0.
2019-01-21 09:36:19 +09:00
Daiyuu Nobori
881f34ac56 Compacting headers, updating trivial texts to fit to the license change from GPLv2 to Apache License 2.0. 2019-01-14 12:25:53 +09:00
Ilya Shipitsin
7f8e5b00dc src/Cedar/UT: remove unused function
found by cppcheck

[src/Cedar/Proto_SSTP.c:126]: (style) The function 'SetNoSstp' is never used.
2019-01-06 23:39:43 +05:00
Ilya Shipitsin
057984b87c src/Cedar/Proto_SSTP: remove unused function
found by cppcheck

[src/Cedar/Proto_SSTP.c:126]: (style) The function 'SetNoSstp' is never used.
2019-01-06 23:34:10 +05:00
Ilya Shipitsin
dcf5c57fc2 src/Cedar/Proto_IPsec" remove unused function
found by cppcheck

[src/Cedar/Proto_IPsec.c:120]: (style) The function 'IPSecSetDisable' is never used.
2019-01-06 23:31:29 +05:00
Ilya Shipitsin
162a181b04 src/Cedar/Protocol: remove unused function
found by cppcheck

[src/Cedar/Protocol.c:6643]: (style) The function 'ProxyConnectEx' is never used.
2019-01-06 23:22:08 +05:00
Ilya Shipitsin
8534f2843e src/Cedar/DDNS: remove unused function, variables
found by cppcheck

[src/Cedar/DDNS.c:656]: (style) Condition 'ret==NULL' is always true
[src/Cedar/DDNS.c:515] -> [src/Cedar/DDNS.c:640]: (style) The expression 'use_https == false' is always true because 'use_https' and 'false' represent the same value.
[src/Cedar/DDNS.c:516] -> [src/Cedar/DDNS.c:648]: (style) The expression 'no_cert_verify == false' is always true because 'no_cert_verify' and 'false' represent the same value.
[src/Cedar/DDNS.c:816] -> [src/Cedar/DDNS.c:860]: (style) The expression 'no_cert_verify == false' is always true because 'no_cert_verify' and 'false' represent the same value.
[src/Cedar/DDNS.c:530]: (style) Variable 'use_vgs' is assigned a value that is never used.
[src/Cedar/DDNS.c:497]: (style) The function 'DCUpdateNow' is never used.
2019-01-06 23:18:25 +05:00
Ilya Shipitsin
72bd221bb4 src/Cedar/Account: remove unused functions
found by cppcheck

[src/Cedar/Account.c:523]: (style) The function 'GetUserPolicy' is never used.
[src/Cedar/Account.c:163]: (style) The function 'NormalizePolicyName' is never used.
2019-01-06 18:53:18 +05:00
Ilya Shipitsin
266f013880 src/Cedar/Command: remove redundant assignment
found by cppcheck

[src/Cedar/Command.c:23220] -> [src/Cedar/Command.c:23232]: (style) Variable 'len' is reassigned a value before the old one has been used.
2019-01-06 18:49:56 +05:00
Ilya Shipitsin
9d4d111555 src/Cedar/CM: remove unused function, variables
found by cppcheck

[src/Cedar/CM.c:4509]: (style) Variable 'easy' is assigned a value that is never used.
[src/Cedar/CM.c:4547]: (style) Variable 'hub_name' is assigned a value that is never used.
[src/Cedar/CM.c:4609]: (style) Variable 'is_account' is assigned a value that is never used.
[src/Cedar/CM.c:8545]: (style) The function 'CmLoadK' is never used.
2019-01-06 18:43:51 +05:00
Ilya Shipitsin
4760b3d0c3 src/Cedar/AzureClient: remove unused function
found by cppcheck

[src/Cedar/AzureClient.c:526]: (style) The function 'AcGetEnable' is never used.
2019-01-06 18:34:04 +05:00
Davide Beatrici
d62421adcb Cedar: retrieve the list of available encryption algorithms from the server 2019-01-01 20:31:13 +01:00
Davide Beatrici
619a533b8f
Merge PR #843: Mayaqua: query OpenSSL for the list of available ciphers instead of relying on a static list 2018-12-28 20:24:13 +01:00
Davide Beatrici
ef77e95f87 Cedar/IPC.c: fix memory leak occurring when both the username and common name are not present (OpenVPN) 2018-12-21 21:24:22 +01:00
Davide Beatrici
7f9d47b3aa Mayaqua: query OpenSSL for the list of available ciphers instead of relying on a static list 2018-12-21 09:54:51 +01:00
Davide Beatrici
6c44cecc64 Cedar: Bind the special listeners to the specified IP address 2018-12-15 21:33:37 +01:00
Daiyuu Nobori
58e2f74f7f Added the "OpenVPNPushDummyIPv4AddressOnL2Mode" option for the OpenVPN L2 mode.
To fix the bug of OpenVPN 2.4.6 and particular version of kernel mode TAP driver on Linux, the TAP device must be up after the OpenVPN client is connected. However there is no direct push instruction to do so to OpenVPN client. Therefore we push the dummy IPv4 address (RFC7600) to the OpenVPN client to enforce the TAP driver UP state.
2018-12-01 16:20:30 +09:00
Davide Beatrici
aefbd2e903 Add custom HTTP header feature for HTTP proxy
A custom HTTP header can be used to bypass certain restrictions imposed on the network or to avoid speed limitations applied by the QoS.
2018-11-29 20:32:21 +01:00
Davide Beatrici
a1722ac2e0 Cedar: allow @ in username 2018-11-28 15:51:04 +01:00
Davide Beatrici
6903f9b89f CMake: build targets with versioning info on Windows 2018-11-27 05:26:21 +01:00
Davide Beatrici
8a58af86b1 Cedar: add new "UsernameHubSeparator" configuration option for the server, to specify a different character from '@' 2018-11-25 20:50:14 +01:00
Davide Beatrici
03f80edfcd Cedar/Proto_OpenVPN.c: don't release data channel if it's not established, improve logic and debug messages 2018-11-19 21:30:42 +01:00
Davide Beatrici
264760aaf5
Merge PR #808: OpenVPN: Add packet scrambling/obfuscation feature 2018-11-19 21:14:27 +01:00
Davide Beatrici
e1bd84d7f3 CMake: set PDB output directory, don't set default build type 2018-11-18 04:18:42 +01:00
Davide Beatrici
6a45921f41 OpenVPN: Add packet scrambling/obfuscation feature
This allows an OpenVPN client to bypass a firewall which is aware of the protocol and is able to block it.
The XOR mask set on the server has to be the same on the client, otherwise it will not be able to connect with certain obfuscation modes.
A special OpenVPN client built with the "XOR patch" is required in order to use this function, because it has never been merged in the official OpenVPN repository.

Two parameters are added to the server configuration: "OpenVPNObfuscationMethod" and "OpenVPNObfuscationMask".
Their value can be retrieved with "OpenVpnObfuscationGet" and set with "OpenVpnObfuscationEnable" in the VPN Command Line Management Utility.
2018-11-12 22:32:37 +01:00
Ilya Shipitsin
304893c139 src/Cedar/Protocol, src/Cedar/Session: cleanup, remove unused functions, variables,
resolve possible null pointer dereference

found by cppcheck

[src/Cedar/Protocol.c:3138] -> [src/Cedar/Protocol.c:3071]: (warning) Either the condition 's!=NULL' is redundant or there is possible null pointer dereference: s.
[src/Cedar/Protocol.c:916]: (style) Variable 'save' is assigned a value that is never used.
[src/Cedar/Protocol.c:6242]: (style) Variable 'size' is assigned a value that is never used.
[src/Cedar/Protocol.c:778]: (style) Variable 'old_disable' is assigned a value that is never used.
[src/Cedar/Protocol.c:1021]: (style) Variable 'save' is assigned a value that is never used.
[src/Cedar/Protocol.c:3708]: (style) Variable 'is_vgc' is assigned a value that is never used.
[src/Cedar/Protocol.c:5785]: (style) Variable 's' is assigned a value that is never used.
[src/Cedar/Protocol.c:6164]: (style) The function 'SocksConnectEx' is never used.
[src/Cedar/Protocol.c:907]: (style) The function 'CompareNodeInfo' is never used.
[src/Cedar/Protocol.c:6968]: (style) The function 'ProxyConnect' is never used.
[src/Cedar/Protocol.c:3986]: (style) The function 'SecureDelete' is never used.
[src/Cedar/Protocol.c:4042]: (style) The function 'SecureEnum' is never used.
[src/Cedar/Protocol.c:4127]: (style) The function 'SecureWrite' is never used.
[src/Cedar/Protocol.c:6463]: (style) The function 'SocksConnect' is never used.
[src/Cedar/Protocol.c:7185]: (style) The function 'TcpConnectEx2' is never used.
[src/Cedar/Protocol.c:7206]: (style) The function 'TcpIpConnect' is never used.
2018-11-10 14:18:18 +05:00
Davide Beatrici
a5f18087cd
Merge PR #790: Add support for SOCKS5 proxy protocol 2018-11-07 01:30:56 +01:00
Davide Beatrici
85ebba5e39 Cedar/Proto_PPP.c: push 192.0.0.8 instead of 1.0.0.1 as gateway IP address
1.0.0.1 is a real IP address, owned by CloudFlare and used for their DNS service.

This commit changes the IP address we push to 192.0.0.8, which is defined in RFC7600 as dummy IPv4 address.
2018-11-07 00:07:01 +01:00
Davide Beatrici
ba930668ba
Merge PR #796: Cedar/Proto_OpenVPN: add support for GCM ciphers 2018-11-04 01:01:10 +01:00
Ilya Shipitsin
dcc684ea28 src/Cedar/Admin.c: remove reccuring check
found by PVS analyzer

src/Cedar/Admin.c	5583	err	V571 Recurring check. The 'if (no_include)' condition was already verified in line 5581.
2018-11-04 01:02:51 +05:00
Ilya Shipitsin
bfe8ee8127 src/Cedar/Proto_IkePacket: remove unused functions, redundant assignments
found by cppcheck

[src/Cedar/Proto_IkePacket.c:958]: (style) The function 'IkeNewCertPayload' is never used.
[src/Cedar/Proto_IkePacket.c:942]: (style) The function 'IkeNewCertRequestPayload' is never used.
[src/Cedar/Proto_IkePacket.c:875]: (style) The function 'IkeNewNoticeErrorInvalidExchangeTypePayload' is never used.
[src/Cedar/Proto_IkePacket.c:2542]: (style) The function 'IkeNewSpi' is never used.
[src/Cedar/Proto_IkePacket.c:142]: (style) The function 'IkePhase1CryptIdToKeySize' is never used.
[src/Cedar/Proto_IkePacket.c:157]: (style) The function 'IkePhase2CryptIdToKeySize' is never used.
[src/Cedar/Proto_IkePacket.c:172]: (style) The function 'IkeStrToPhase1CryptId' is never used.
[src/Cedar/Proto_IkePacket.c:187]: (style) The function 'IkeStrToPhase1HashId' is never used.
[src/Cedar/Proto_IkePacket.c:196]: (style) The function 'IkeStrToPhase2CryptId' is never used.
[src/Cedar/Proto_IkePacket.c:211]: (style) The function 'IkeStrToPhase2HashId' is never used.
[src/Cedar/Proto_IkePacket.c:2168]: (style) Condition 'b==NULL' is always true
2018-11-04 00:13:51 +05:00
Davide Beatrici
9afcc91ae1 Cedar/Proto_OpenVPN: add support for GCM ciphers 2018-11-03 16:14:56 +01:00
Davide Beatrici
953989d344 Proto_OpenVPN.c: move encrypt and decrypt process into dedicated functions 2018-10-31 18:14:38 +01:00
Davide Beatrici
53e0a2e5e2 Add support for SOCKS5 proxy protocol 2018-10-30 15:11:16 +01:00
Davide Beatrici
c1f522c10e CMake: add support for Windows (Visual C++ 2017 toolset) 2018-10-24 21:25:57 +02:00
Davide Beatrici
b72292edd1 Try to fix macOS build 2018-10-20 13:31:45 +02:00
Davide Beatrici
3429e1bf31 CMake: build Cedar and Mayaqua as shared libraries, create "common" package 2018-10-20 13:12:49 +02:00
Davide Beatrici
99a029c7c4
Merge PR #759: Protocol.c: fix crash with OpenVPN when the certificate's common name is empty 2018-10-18 22:24:37 +02:00
Davide Beatrici
f061557aad Protocol.c: fix crash with OpenVPN when the certificate's common name is empty 2018-10-18 21:21:37 +02:00
Ilya Shipitsin
63513259c0 src/Cedar/Logging.c: clean compiler warning
warning: zero-length gnu_printf format string [-Wformat-zero-length]
2018-10-17 15:31:36 +05:00
Davide Beatrici
91c5d5feb8 Cedar/Bridge.c: fix NULL pointer dereference in GetEthDeviceHash() 2018-10-16 04:40:22 +02:00
Daiyuu Nobori
8df347c093 Added OpenSSL 1.1.1 .lib files for Visual Studio 2008. 2018-10-09 20:30:03 +09:00
Davide Beatrici
03d78693a3
Merge PR #735: Debug flag and test mode improvements 2018-10-08 21:00:44 +02:00
Daiyuu Nobori
8abcf3d0a9 Debug flag and test mode improvements
1. ifdef DEBUG -> defined(_DEBUG) || defined(DEBUG)
In VC++ compilers, the macro is "_DEBUG", not "DEBUG".

2. If set memcheck = true, the program will be vitally slow since it will log all malloc() / realloc() / free() calls to find the cause of memory leak.
For normal debug we set memcheck = false.
Please set memcheck = true if you want to test the cause of memory leaks.
2018-10-08 04:50:46 +02:00
Daiyuu Nobori
2d76507561 Next, change the project name "Ham" to "vpntest" so every programmer will recognize easily it is a test program. 2018-10-08 11:19:39 +09:00
Daiyuu Nobori
0ce8ad7a2b At first, restore "Ham" project. This reverts commit 24d23feacf. 2018-10-08 11:13:48 +09:00
Davide Beatrici
afe994f252 Mayaqua/OS: improve UnixGetOsInfo() so that it retrieves info on recent Linux/BSD systems 2018-10-07 01:38:02 +02:00
Davide Beatrici
9970d6f657 Mayaqua/Memory: move and adapt entry list functions from Cedar/Proto_OpenVPN 2018-10-06 22:41:35 +02:00
Davide Beatrici
34f443c0c7
Merge PR #718: src/Cedar/BridgeUnix.c: resolve null pointer dereference 2018-09-29 23:30:28 +02:00
Davide Beatrici
aee6084b19 BridgeUnix.c: enable local bridge function on all BSD systems 2018-09-28 20:56:10 +02:00
Daiyuu Nobori
ee9990317b Fix bugs reported by Coverity Scan. 2018-09-28 22:39:38 +09:00
Ilya Shipitsin
60bb1c34de src/Cedar/BridgeUnix.c: resolve null pointer dereference
found by coverity
2018-09-28 16:17:20 +05:00
Ilya Shipitsin
1fdc712e66 src/Cedar/Client.c: silence coverity regarding dead code 2018-09-24 11:19:54 +05:00
Ilya Shipitsin
36dbde6f32 src/Cedar/Hub.c: resolve possible null pointer dereference
found by coverity
2018-09-24 11:13:43 +05:00
Davide Beatrici
f449b0b405
Merge PR #704: vpncmd: Added information about "Disable UDP Acceleration" setting into output of AccountGet command. 2018-09-23 17:05:45 +02:00
Davide Beatrici
3f5f716357 Revamp digest functions
- Hash() has been removed because it was ambiguous, Md5() and Sha0() are proper replacements.
- HMacMd5() and HMacSha1() now share a common implementation handled by the new Internal_HMac() function.
- NewMd() and MdProcess() now support plain hashing (without the key).
- NewMd(), SetMdKey() and MdProcess() now check the OpenSSL functions' return value and in case of failure a debug message is printed along with the error string, if available.
- SetMdKey()'s return value has been changed from void to bool, so that it's possible to know whether the function succeeded or not.
- MdProcess()' return value has been changed from void to UINT (unsigned int) and the function now returns the number of bytes written by HMAC_Final() or EVP_DigestFinal_ex().
2018-09-22 06:36:09 +02:00
Davide Beatrici
a78bcb4f21
Merge PR #707: src/Cedar/Hub.c: resolve null pointer dereference found by coverity 2018-09-19 04:23:56 +02:00
Ilya Shipitsin
621fffbfbd src/Cedar/Hub.c: resolve null pointer dereference found by coverity,
also cleanup a code based on PVS analyzer findings

src/Cedar/Hub.c	5279	warn	V547 Expression 'e->UpdatedTime <= oldest_time' is always true.
src/Cedar/Hub.c	5840	warn	V581 The conditional expressions of the 'if' statements situated alongside each other are identical. Check lines: 5828, 5840.
2018-09-18 10:52:04 +05:00
Davide Beatrici
60a2583ee4 BridgeUnix.c: add TAP local bridge support for FreeBSD 2018-09-18 01:35:23 +02:00