1
0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2024-11-14 05:30:41 +03:00
Commit Graph

347 Commits

Author SHA1 Message Date
Rosen Penev
ee3bf7f507 fix compilation without OpenSSL engines
Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-08-07 20:05:04 -07:00
domosekai
9182a9b4e9 Mayaqua/Network.c: Fix race condition in TUBE operation 2021-07-22 11:59:15 +00:00
domosekai
1bb01e55e5 Mayaqua/TcpIp.c: Fix building DHCP static routes in new format
Fixes: 1708998 (Change IP structure so that IPv4 addresses are stored in RFC3493 format)
2021-07-14 08:11:05 +00:00
domosekai
a1dff0f594 Mayaqua/Network.c: Create UDP listener for every interface if ListenIP is wildcard 2021-07-11 16:15:29 +00:00
domosekai
dfb105c2d7 Fix use-after-free timeout issue for L2TP and SSTP 2021-07-10 16:07:09 +00:00
domosekai
41b9973c24 Mayaqua/Network.c: Fix L2TP/IPsec over IPv6 when listening on :: 2021-07-07 17:37:06 +00:00
Ilya Shipitsin
60db1962f9
Merge pull request #1416 from domosekai/listener
Fix TCP and UDP listener behavior
2021-07-07 16:08:05 +05:00
domosekai
6e400c19af Fix TCP and UDP listener behavior 2021-07-07 10:50:23 +00:00
Ilya Shipitsin
f2466eb919
Merge pull request #1415 from davidebeatrici/vpncmd-wireguard-keys
Cedar/Command: Add GenX25519 and GetPublicX25519 commands
2021-07-07 13:04:13 +05:00
Davide Beatrici
9dbbfcd388 Mayaqua: Add new cryptographic functions for X25519/X448 keys management
The files are created in a new folder to keep the source tree tidier.

Please note that only X25519/X448 keys are supported due to an OpenSSL limitation:
https://www.openssl.org/docs/manmaster/man3/EVP_PKEY_new.html

We have functions that handle AES keys in Encrypt.c/.h.
Ideally we should move them into the new files.
2021-07-07 08:11:08 +02:00
domosekai
4efed994dc Mayaqua/Network.c: Use int as boolean flags for socket options 2021-07-07 03:07:06 +00:00
domosekai
883d4d4cd7 Mayaqua/DNS.c: Fix DNS resolution in dual stack environment 2021-07-05 11:10:03 +00:00
Davide Beatrici
233e28f38c Refactor Base64 functions, encode/decode using OpenSSL's EVP interface
Our own implementation works fine, however we should use OpenSSL's one since we already link to the library.

Base64Decode() and Base64Encode() return the required buffer size when "dst" is NULL.

This allows to efficiently allocate a buffer, without wasting memory or risking an overflow.

Base64FromBin() and Base64ToBin() perform all steps, returning a heap-allocated buffer with the data in it.
2021-07-02 09:24:41 +02:00
Davide Beatrici
2923b5500a Mayaqua/FileIO: Fix typo causing segmentation fault on Hamcore cache expiration 2021-05-26 20:46:21 +02:00
Davide Beatrici
81c71d309a Read hamcore.se2 using libhamcore, set arbitrary path through HAMCORE_FILE_PATH 2021-05-26 07:44:45 +02:00
sl077
f9a1d72ce7 Fix IPv6 Neighbor Discovery for PPP based protocols 2021-05-09 13:55:31 +02:00
Davide Beatrici
2f801f30de Fix compile errors on OpenBSD
- <pthread.h> included for the "pthread_t" type definition.
- <net/ethernet.h> include removed as the header doesn't exist.
- AI_ALL and AI_V4MAPPED defined to 0 as the options don't exist.
2021-05-03 19:58:12 +02:00
domosekai
c20bcb2e60 Mayaqua/Network: Skip IPv6 nameservers for SecureNAT 2021-04-27 07:30:38 +00:00
Ilya Shipitsin
cf318d7219 src/Mayaqua/TcpIp.c: remove redundant condition
src/Mayaqua/TcpIp.c	4236	warn	V560 A part of conditional expression is always true: o2 == NULL.
2021-04-24 12:47:29 +05:00
Ilya Shipitsin
92f41341d9 src/Mayaqua/TcpIp.c: remove redundant check
src/Mayaqua/TcpIp.c	1811	warn	V560 A part of conditional expression is always false: udp->Checksum == 0.
2021-04-23 15:39:11 +05:00
Davide Beatrici
3a595b4a46 Mayaqua/DNS.c: Fix memory leaks
52 bytes in 2 blocks are definitely lost in loss record 5 of 13
   at 0x483877F: malloc (vg_replace_malloc.c:307)
   by 0x4ABB1BB: UnixMemoryAlloc (Unix.c:2033)
   by 0x4A7FABF: InternalMalloc (Memory.c:3819)
   by 0x4A7B769: MallocEx (Memory.c:3650)
   by 0x4A7B769: Malloc (Memory.c:3641)
   by 0x4AA71A9: CopyStr (Str.c:1884)
   by 0x4A61A9C: DnsCacheReverseUpdate (DNS.c:257)
   by 0x4A62123: DnsResolveReverse (DNS.c:506)
   by 0x4A93EB3: GetHostName (Network.c:15023)
   by 0x4A93EB3: AcceptInitEx (Network.c:12589)
   by 0x4934659: TCPAcceptedThread (Listener.c:172)
   by 0x4A76469: ThreadPoolProc (Kernel.c:872)
   by 0x4ABD159: UnixDefaultThreadProc (Unix.c:1589)
   by 0x51C2EA6: start_thread (pthread_create.c:477)

2,280 (684 direct, 1,596 indirect) bytes in 9 blocks are definitely lost in loss record 11 of 13
   at 0x483877F: malloc (vg_replace_malloc.c:307)
   by 0x4C65AC5: gaih_inet.constprop.0 (getaddrinfo.c:1058)
   by 0x4C67224: getaddrinfo (getaddrinfo.c:2256)
   by 0x4A61E06: DnsResolver (DNS.c:404)
   by 0x4A76469: ThreadPoolProc (Kernel.c:872)
   by 0x4ABD159: UnixDefaultThreadProc (Unix.c:1589)
   by 0x51C2EA6: start_thread (pthread_create.c:477)
   by 0x4C7CDEE: clone (clone.S:95)
2021-04-21 22:35:45 +02:00
Davide Beatrici
0472f9c286 Rewrite DNS API from scratch into dedicated file(s)
From a functional point of view, the main improvement is that GetIP() now always prioritizes IPv6 over IPv4.
The previous implementation always returned an IPv4 address, unless not available: in such case it failed.
This means that now connections to hostnames should be established via IPv6 if available.

From a programmer point of view, getting rid of the insane wrappers is enough to justify a complete rewrite.

As an extra, several unrelated unused global variables are removed.
2021-04-18 01:46:59 +02:00
Davide Beatrici
1708998a11 Change IP structure so that IPv4 addresses are stored in RFC3493 format
In addition to saving 4 bytes for each instantiation, this change makes IP-related operations faster and clearer.

https://tools.ietf.org/html/rfc3493.html#section-3.7
2021-04-07 21:24:55 +02:00
Davide Beatrici
a6ba9b8788 Include headers properly 2021-04-05 04:48:25 +02:00
Ilya Shipitsin
46b54f00be
Merge pull request #1318 from davidebeatrici/minimum-version-windows-vista
Cedar, Mayaqua: Set minimum Windows version to Vista
2021-04-03 22:02:50 +05:00
Davide Beatrici
5cab279a8c Cedar, Mayaqua: Set minimum Windows version to Vista 2021-04-03 02:25:19 +02:00
Davide Beatrici
84588095d5 Mayaqua/Network.c: Always use fcntl() to toggle socket non-blocking mode (UNIX)
O_NONBLOCK is standardized by POSIX, as opposed to FIONBIO.

This commit also fixes a bug: fcntl() was only called to disable the mode.
2021-04-01 08:04:27 +02:00
domosekai
934e49fea0 Mayaqua/Network.c: Fix UDP send error when used with reverse proxy 2021-03-23 11:59:23 +00:00
Davide Beatrici
9d29d8813b New vpndrvinst implementation, independent from Cedar and Mayaqua
This greatly improves performance and reduces the binary's size (~0.2 MB vs ~5 MB).

All recent Windows versions are supported, starting with Vista.

No dialogs are created, aside from error/warning ones in case of failure.

The only dependency (aside from Windows libraries) is libhamcore.
2021-03-12 05:46:20 +01:00
Davide Beatrici
562ffe8945 Mayaqua/Pack: Fix PackGetStrSize() and PackGetStrSizeEx()'s return data type
The bug caused ProtoOptionsGet and ProtoOptionsSet not to work anymore after c90617e0e86dedf78e0e3c8a71263a80eec29caa.

The functions were introduced in aa65327e73, but the issue went unnoticed because bool was the same as UINT.
2021-03-01 03:01:34 +01:00
Davide Beatrici
914bfe7d44 Use bool from stdbool.h, get rid of BOOL
BOOL was just an alias for bool, this commit replaces all instances of it for consistency.

For some reason bool was defined as a 4-byte integer instead of a 1-byte one, presumably to match WinAPI's definition: https://docs.microsoft.com/en-us/windows/win32/winprog/windows-data-types
Nothing should break now that bool is 1-byte, as no protocol code appears to be relying on the size of the data type.
PACK, for example, explicitly stores boolean values as 4-byte integers.

This commit can be seen as a follow-up to 61ccaed4f6.
2021-03-01 03:01:34 +01:00
Davide Beatrici
8a37f5ce11 Mayaqua/Network.c: Fix several warnings related to Windows data type mismatches
Also, reported unused variables are removed.
2021-03-01 02:48:38 +01:00
Davide Beatrici
e7bf97583d Mayaqua/Microsoft: Fix several warnings related to Windows data type mismatches
Also, reported unused variables are removed.
2021-03-01 02:30:45 +01:00
Davide Beatrici
dbd4dd5ae7 Link to Windows libraries in CMake project, remove related #pragma directives
In addition to making the code cleaner, this also prevents potential issues due to #pragma directives being in headers.
2021-02-28 20:35:25 +01:00
Davide Beatrici
cf2585c079 Hamcore: Remove unused functions 2021-02-26 07:06:29 +01:00
Davide Beatrici
1301dc93c6 New hamcorebuilder implementation, independent from Cedar and Mayaqua
This new implementation can be easily compiled and executed without the need for other components to be present.

It relies on standard C functions, aside from stat() which is part of POSIX but available on Windows as well.

There's only one third-party dependency, which is tinydir: a single-file header-only library for traversing directories.
2021-02-26 07:06:26 +01:00
Davide Beatrici
ea2c8f9861
Merge PR #1273: fix null pointer dereference found by ErrorSanitizer 2021-02-21 14:10:08 +01:00
Ilya Shipitsin
e5e86abc0e fix null pointer dereference found by ErrorSanitizer
(gdb) bt
0  0x00007f43857a5e14 in __GI___pthread_mutex_init (mutex=0x0, mutexattr=0x0) at pthread_mutex_init.c:89
1  0x00007f4385eaaf1b in UnixNewLock () at SoftEtherVPN/src/Mayaqua/Unix.c:1845
2  0x00007f4385e92331 in NewLockMain () at SoftEtherVPN/src/Mayaqua/Object.c:89
3  0x00007f4385e92359 in NewLock () at SoftEtherVPN/src/Mayaqua/Object.c:101
4  0x00007f4385e92765 in NewCounter () at SoftEtherVPN/src/Mayaqua/Object.c:171
5  0x00007f4385e92e76 in NewRef () at SoftEtherVPN/src/Mayaqua/Object.c:339
6  0x00007f4385e76939 in NewSkEx (no_compact=0) at SoftEtherVPN/src/Mayaqua/Memory.c:863
7  0x00007f4385e68c95 in NormalizePathW (
    dst=0x7ffe65932940 L"\xd6ff2ffb\xfbf14ce5\xad8669ca\x41998a9c\x5107d62d\x8d2ab3f2\x37ceaad2\xffc947ec\xad8ed8d8\x33e9f2f7\xc05723a9\x843263e3\x5516beb3\x12571e2a\xd81405f3\xf92194fe\xd807aa98\x12835b01\x243185be\x550c7dc3\xfd74170d\x12835b01\x553185be\x550c7dc3\x72be5d74\x80deb1fe\x9bdc06a7\xc19bf1f4\x72be5d74\x80deb1fe\x9bdc06a7\xc19bf174\x894d4018\xc54302b8\x145dc92\x143b3917\x62aa4fb8\x915764b1\xd5e11bef\x9d5fbc5\xb956c25b\x59f111f1\x923f82a4\xab1c5ed5\x3956c25b\x59f111f1\x923f82a4\xab1c5ed5\xbaeb40", size=2048, src=<optimized out>)
    at SoftEtherVPN/src/Mayaqua/FileIO.c:1960
8  0x00007f4385e69188 in ConbinePathW (
    dst=0x7ffe65932940 L"\xd6ff2ffb\xfbf14ce5\xad8669ca\x41998a9c\x5107d62d\x8d2ab3f2\x37ceaad2\xffc947ec\xad8ed8d8\x33e9f2f7\xc05723a9\x843263e3\x5516beb3\x12571e2a\xd81405f3\xf92194fe\xd807aa98\x12835b01\x243185be\x550c7dc3\xfd74170d\x12835b01\x553185be\x550c7dc3\x72be5d74\x80deb1fe\x9bdc06a7\xc19bf1f4\x72be5d74\x80deb1fe\x9bdc06a7\xc19bf174\x894d4018\xc54302b8\x145dc92\x143b3917\x62aa4fb8\x915764b1\xd5e11bef\x9d5fbc5\xb956c25b\x59f111f1\x923f82a4\xab1c5ed5\x3956c25b\x59f111f1\x923f82a4\xab1c5ed5\xbaeb40", size=2048,
    dirname=0xbace10 L"/root/.local/bin", filename=0x7ffe65932100 L"SoftEtherVPN/build/vpntest") at SoftEtherVPN/src/Mayaqua/FileIO.c:1686
9  0x00007f4385e6af48 in UnixGetExeNameW (name=0x7f4385ede820 <exe_file_name_w> L"/tmp/a.out", size=2048, arg=0xbb5050 L"./vpntest") at SoftEtherVPN/src/Mayaqua/FileIO.c:1401
10 0x00007f4385e6b04b in InitGetExeName (arg=<optimized out>) at SoftEtherVPN/src/Mayaqua/FileIO.c:1367
11 0x00007f4385e7470a in InitMayaqua (memcheck=memcheck@entry=0, debug=debug@entry=1, argc=argc@entry=3, argv=argv@entry=0x7ffe659340e8)
    at SoftEtherVPN/src/Mayaqua/Mayaqua.c:456
12 0x0000000000401282 in main (argc=3, argv=0x7ffe659340e8) at SoftEtherVPN/src/vpntest/vpntest.c:259
2021-02-21 16:13:36 +05:00
Ilya Shipitsin
586c27d43b
Merge pull request #1269 from chipitsine/openssl_version_agnostic
use SSL_SECOP_VERSION macro instead of OPENSSL_VERSION
2021-02-20 20:56:26 +05:00
Ilya Shipitsin
ebd1d281dd use SSL_SECOP_VERSION macro instead of OPENSSL_VERSION
OPENSSL_VERSION is fragile in LibreSSL, BoringSSL.
security level manipulation is openssl specific defined in
b362ccab5c
2021-02-20 17:48:26 +05:00
Davide Beatrici
d53f80bfa6 Remove BuildUtil and all MSBuild projects, except the ones not in CMake yet
Since 35200a29ea we build complete installers using CMake, meaning that there's no need for BuildUtil anymore.

MSBuild projects that are not migrated to CMake yet are kept for reference.

This commit also updates BUILD_WINDOWS.md so that it mentions Visual Studio 2019 instead of 2017.
2021-02-19 21:17:01 +01:00
Daiyuu Nobori
a207260e38 Found the bad remove for lock files. 2020-11-30 18:15:37 +09:00
Takuho NAKANO
c029b34b80 Run SSL_CTX_set_ssl_version earlier
SSL_CTX_set_ssl_version may change security level.
2020-10-31 20:19:32 +01:00
Takuho NAKANO
7fdacec2a6 Manage OpenSSL security level
Add SslAcceptSettings option Override_Security_Level and Override_Security_Level_Value
to allow user to choose.
2020-10-31 20:19:23 +01:00
Takuho NAKANO
190672bd84 Set RSA bits considering OpenSSL security Level 2020-10-31 20:11:11 +01:00
Takuho NAKANO
5ca62bdd8a Refact: manage SSL_OP_NO_SSLv3 in NewSSLCtx 2020-10-31 20:11:11 +01:00
Takuho NAKANO
d0b3cde485 Refact: move SSL_CTX_set_ssl_version to NewSSLCtx 2020-10-31 20:11:11 +01:00
Ilya Shipitsin
a2d15615f3
Merge pull request #1115 from takotakot/import_v4_change
Add Tls_Disable1_3 (Import v4 change)
2020-10-31 20:04:20 +03:00
mcallist
2e0c24f6c8 Add english translation to each language for openssl engine auth 2020-10-09 10:22:23 +02:00
mcallist
d1ad4196bb Change from unix only implementation to all os and skip ENGINE_load_dynamic if oss is 1.1.0 or later 2020-10-09 09:58:34 +02:00