1
0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2024-11-26 03:19:52 +03:00
Commit Graph

938 Commits

Author SHA1 Message Date
Tetsuo Sugiyama
c9508b7fb7
Password change from client increments config file revision
Fixed an issue where changing the password from the client did not increment the revision of the server config file and the changes were not saved
2021-09-21 18:28:17 +09:00
Yihong Wu
03859eb515
Merge pull request #1443 from domosekai/win32
Add IPv6 route management for Windows client
2021-09-18 22:12:27 +08:00
Yihong Wu
82af38c482 Cedar/Protocol.c: Fix connection to server clusters 2021-09-18 08:06:10 +00:00
Ilya Shipitsin
fc9286b11b enable Control-flow Enforcement Technology (CET) Shadow Stack mitigation
for Windows binaries

found by BinSkim
2021-08-27 12:43:42 +05:00
Ilya Shipitsin
5adeeb75ea Enable Control flow guard and Qspectre protection for windows binaries
found by BinSkim
2021-08-26 23:09:13 +05:00
Steve Muskiewicz
472dde05de apply permission fix suggested by @hornos (for #1457) 2021-08-19 08:14:50 -04:00
Ilya Shipitsin
fbdd6f1f3c
Merge pull request #1453 from SoftEtherVPN/dependabot/npm_and_yarn/src/bin/hamcore/wwwroot/admin/default/path-parse-1.0.7
Merge PR #1453: Bump path-parse from 1.0.6 to 1.0.7 in /src/bin/hamcore/wwwroot/admin/default
2021-08-16 11:32:13 +05:00
dependabot[bot]
2d00ab7dcc
Bump path-parse in /src/bin/hamcore/wwwroot/admin/default
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-08-11 02:56:38 +00:00
Davide Beatrici
7f8e527883 CMake: Fix BLAKE2 build failure with MSVC due to it not defining __SSE2__ 2021-08-10 22:58:28 +02:00
Davide Beatrici
ffc095f95a CMake: Add build time check for EVP_PKEY_get_raw_public_key() availability
We need the function since 9dbbfcd388, but unfortunately it's not provided by LibreSSL.

By introducing a build time check we inform the user about the issue explicitly instead of just letting compilation fail.
2021-08-08 19:29:32 +02:00
Rosen Penev
ee3bf7f507 fix compilation without OpenSSL engines
Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-08-07 20:05:04 -07:00
domosekai
9b3077d955 Store interface metric separately as it mau change 2021-08-02 16:18:37 +08:00
domosekai
dd9c3546f7 Prevent IPv6 leak if only IPv4 default route is added 2021-08-02 16:18:37 +08:00
domosekai
4ddf39e760 Remove obsolete Win32 functions 2021-08-02 16:18:37 +08:00
domosekai
ce0591d924 Add IPv6 route management for Windows client 2021-08-02 16:18:36 +08:00
Ilya Shipitcin
37b5644291 src/Cedar/SW.c: treat "0" build as legitimate
installers built for PR have "0" build. let us treat them as legitimate
2021-08-01 12:26:51 +05:00
domosekai
9182a9b4e9 Mayaqua/Network.c: Fix race condition in TUBE operation 2021-07-22 11:59:15 +00:00
domosekai
8b87c9d4ef Cedar/Proto_PPP.c: Fix memory leak in EAP-MSCHAPv2
Fixes: #1420 (Implement EAP-MSCHAPv2)
2021-07-21 11:16:35 +00:00
domosekai
1bb01e55e5 Mayaqua/TcpIp.c: Fix building DHCP static routes in new format
Fixes: 1708998 (Change IP structure so that IPv4 addresses are stored in RFC3493 format)
2021-07-14 08:11:05 +00:00
Koichiro IWAO
fce3592917
hamcore(ja,tw,cn): translate "Authentication"
appeared in "OpenSSL Engine Authorization"
2021-07-13 18:44:42 +09:00
Koichiro IWAO
410b7a959d
Fix case of OpenSSL 2021-07-13 18:41:41 +09:00
Koichiro IWAO
1590e6afb3
Fix typo s/has beens/has been/g 2021-07-13 18:15:09 +09:00
domosekai
7863ce8a8e Cedar/IPC.c: Add hub release in NewIPC() 2021-07-12 08:37:12 +00:00
domosekai
a1dff0f594 Mayaqua/Network.c: Create UDP listener for every interface if ListenIP is wildcard 2021-07-11 16:15:29 +00:00
Ilya Shipitsin
7881f8657a
Merge pull request #1420 from domosekai/eap
Implement EAP-MSCHAPv2
2021-07-10 23:27:10 +05:00
domosekai
dfb105c2d7 Fix use-after-free timeout issue for L2TP and SSTP 2021-07-10 16:07:09 +00:00
domosekai
66dc5ee581 Cedar/Radius.c: Fix EAP Message buffer overflow 2021-07-10 08:15:03 +00:00
domosekai
56bd9733d6 Cedar/Proto_PPP.c: Use unified format for negative condition 2021-07-10 05:30:06 +00:00
domosekai
eff784b624 Improve EAP behavior with RADIUS 2021-07-10 05:29:23 +00:00
domosekai
22a9231c33 Implement EAP-MSCHAPv2 2021-07-08 14:26:31 +00:00
domosekai
41b9973c24 Mayaqua/Network.c: Fix L2TP/IPsec over IPv6 when listening on :: 2021-07-07 17:37:06 +00:00
Ilya Shipitsin
60db1962f9
Merge pull request #1416 from domosekai/listener
Fix TCP and UDP listener behavior
2021-07-07 16:08:05 +05:00
domosekai
6e400c19af Fix TCP and UDP listener behavior 2021-07-07 10:50:23 +00:00
Ilya Shipitsin
f2466eb919
Merge pull request #1415 from davidebeatrici/vpncmd-wireguard-keys
Cedar/Command: Add GenX25519 and GetPublicX25519 commands
2021-07-07 13:04:13 +05:00
Davide Beatrici
c310163244 Cedar/Command: Add GenX25519 and GetPublicX25519 commands
GenX25519 command - Create new X25519 keypair
Help for command "GenX25519"

Purpose:
  Create new X25519 keypair

Description:
  Use this to create a new X25519 keypair, which can be used for WireGuard.
  Both the private and public key will be shown.
  The public key can be shared and is used to identify a peer.
  Also, it can always be retrieved from the private key using the GetPublicX25519 command.
  The private key should be kept in a secure place and never be shared.
  It cannot be recovered once lost.

Usage:
  GenX25519

==========================================================================================

GetPublicX25519 command - Retrieve public X25519 key from a private one
Help for command "GetPublicX25519"

Purpose:
  Retrieve public X25519 key from a private one

Description:
  Use this if you have a private X25519 key and want to get its corresponding public key.

Usage:
  GetPublicX25519 [private]

Parameters:
  private - The private X25519 key you want to get the corresponding public key of.
2021-07-07 08:43:41 +02:00
Davide Beatrici
9dbbfcd388 Mayaqua: Add new cryptographic functions for X25519/X448 keys management
The files are created in a new folder to keep the source tree tidier.

Please note that only X25519/X448 keys are supported due to an OpenSSL limitation:
https://www.openssl.org/docs/manmaster/man3/EVP_PKEY_new.html

We have functions that handle AES keys in Encrypt.c/.h.
Ideally we should move them into the new files.
2021-07-07 08:11:08 +02:00
Davide Beatrici
4328e6e5ab CMake: Link Cedar to Mayaqua directly
It's Cedar itself that depends on Mayaqua, not the executables.
2021-07-07 08:08:12 +02:00
domosekai
4efed994dc Mayaqua/Network.c: Use int as boolean flags for socket options 2021-07-07 03:07:06 +00:00
Davide Beatrici
513ad6e792
Merge PR #1410: Mayaqua/DNS.c: Fix DNS resolution in dual stack environment 2021-07-05 20:23:09 +02:00
domosekai
bcba88ca73 Cedar/Protocol.c: Use real server IP in creating node info under direct mode 2021-07-05 12:17:57 +00:00
domosekai
883d4d4cd7 Mayaqua/DNS.c: Fix DNS resolution in dual stack environment 2021-07-05 11:10:03 +00:00
domosekai
f6adcd6bfc Cedar/Connection.c: Fix buffer overflow when inserting NAT-T information 2021-07-04 05:53:24 +00:00
Davide Beatrici
233e28f38c Refactor Base64 functions, encode/decode using OpenSSL's EVP interface
Our own implementation works fine, however we should use OpenSSL's one since we already link to the library.

Base64Decode() and Base64Encode() return the required buffer size when "dst" is NULL.

This allows to efficiently allocate a buffer, without wasting memory or risking an overflow.

Base64FromBin() and Base64ToBin() perform all steps, returning a heap-allocated buffer with the data in it.
2021-07-02 09:24:41 +02:00
Davide Beatrici
46ca5f7b98 Use "%S" instead of "%s" for LA_SET_PORTS_UDP and LA_SET_PROTO_OPTIONS
Turns out %S refers to ANSI/UTF-8 and %s to UTF-16.

This commit fixes a buffer overflow reported by AddressSanitizer and removes an unnecessary conversion to UTF-16.
2021-06-27 21:08:26 +02:00
Davide Beatrici
4221579e95 Remove obsolete hardcoded build number checks
The open-source project began with version 1.00, build 9022.

With the exception of an informative message fallback for builds older than 9428 (2014), all checks were for closed-source builds.
2021-06-27 07:21:06 +02:00
domosekai
682052e0dc Cedar/Proto_PPP: Fix EAP-TLS fragmentation 2021-06-17 11:34:09 +00:00
Koichiro IWAO
28c90b190c hamcore(ja): just adding a missing ":" 2021-06-11 12:51:06 +09:00
Koichiro IWAO
b4817fd27a hamdore(ja): translate OpenVPN timeout and ping transmission interval 2021-06-06 23:35:46 +09:00
Koichiro IWAO
89ca29f259 hamcore(ja): translate WireGuard log messages 2021-06-06 23:35:46 +09:00
Koichiro IWAO
7a208d6114 hamcore(ja): translate SetStaticNetwork command 2021-06-06 23:35:45 +09:00