1
0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2024-11-22 17:39:53 +03:00
Commit Graph

836 Commits

Author SHA1 Message Date
Evengard
723f38e72f Fixing Linux... 2020-05-02 19:52:47 +03:00
Evengard
a2b7cb0148 Added possibility to load CA certificates from chain_certs folder to allow verifying the client certificates against it. 2020-05-02 19:52:46 +03:00
Evengard
24bd2b3198 Fixing up some errors 2020-05-02 19:52:46 +03:00
Evengard
9f2a5cecf3 Preliminary (untested) EAP-TLS implementation 2020-05-02 19:52:46 +03:00
Evengard
a65c436e8f Writing skeleton for EAP-TLS implementation 2020-05-02 19:52:45 +03:00
Evengard
aa0ec4343c Fixing errors as per static analysis 2020-05-02 19:52:45 +03:00
Evengard
1bdd9a92bc Adding timeout propagation from user policy in PPP sessions (including L2TP and SSTP). 2020-05-02 19:52:45 +03:00
Davide Beatrici
942051d3a8 Cedar: various improvements to Proto
The PROTO structure is now used to identify the system as a whole, rather than a single protocol. It's stored and initialized in Server.

ProtoCompare(), ProtoAdd() and ProtoDetected() are renamed to make the difference between PROTO and PROTO_IMPL more clear.

ProtoGet() and ProtoNum() are removed because the related list can now be accessed directly by Server.
2020-05-01 07:14:38 +02:00
Ilya Shipitsin
039cd8edf0
Merge pull request #1107 from chipitsine/master
5.01.9674 release
2020-04-30 13:26:45 +05:00
Ilya Shipitsin
a902d3eed9 5.01.9674 release 2020-04-30 12:02:05 +05:00
dependabot[bot]
44f731f781
Bump jquery in /src/bin/hamcore/wwwroot/admin/default
Bumps [jquery](https://github.com/jquery/jquery) from 3.4.1 to 3.5.0.
- [Release notes](https://github.com/jquery/jquery/releases)
- [Commits](https://github.com/jquery/jquery/compare/3.4.1...3.5.0)

Signed-off-by: dependabot[bot] <support@github.com>
2020-04-30 06:12:25 +00:00
Evengard
f20e99f8e4 Treating empty IPCP requests as IPCP requests with IP-Address option zeroed out 2020-04-25 20:59:08 +03:00
Evengard
b9109211d3 ACKing an empty LCP options list 2020-04-25 15:29:57 +03:00
Davide Beatrici
9073452b09
Merge PR #1092: src/Cedar/Proto_OpenVPN.c: push "block-outside-dns" to clients 2020-04-20 03:25:43 +02:00
Ilya Shipitsin
70a7c4596d 5.01.9673 release 2020-04-18 00:47:47 +05:00
Daiyuu Nobori
033647c8ac Fix security issue: Fix the security of JSON-API. If the administrator password of the Virtual Hub is empty, JSON-API (which was added in 4.30 Build 9696 Beta) will not be able to access to the virtual hub with a empty password since this release. Because there are relatively many cases in which administrator password is empty for a virtual hub, being able to manage a virtual hub without a password using JSON-API was a security problem. In this release, this behavior has been changed so that JSON-API cannot be accessed in the Virtual Hub management mode until it is configured with non-empty password. 2020-04-06 00:44:14 +09:00
Davide Beatrici
b6ef9f88c9 src/Cedar/Proto_OpenVPN.c: push "block-outside-dns" to clients
From https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage:

--block-outside-dns

Block DNS servers on other network adapters to prevent DNS leaks.
This option prevents any application from accessing TCP or UDP port 53 except one inside the tunnel.
It uses Windows Filtering Platform (WFP) and works on Windows Vista or later.
This option is considered unknown on non-Windows platforms and unsupported on Windows XP, resulting in fatal error.
You may want to use --setenv opt or --ignore-unknown-option (not suitable for Windows XP) to ignore said error.
Note that pushing unknown options from server does not trigger fatal errors.
2020-04-04 08:37:19 +02:00
Ilya Shipitsin
c6f186bd73
Merge pull request #1084 from ffontaine/master
Only enable getifaddrs support when available
2020-04-03 17:45:19 +05:00
Ilya Shipitsin
84bd9abb30
Merge pull request #1072 from Evengard/ppp-ipv6
Rewriting the PPP stack
2020-04-02 20:29:51 +05:00
Georgy Komarov
4772a508dc
sam: fix using pointer to local variable that is out of scope 2020-03-27 07:28:43 +03:00
Georgy Komarov
1416a693e7
protocol: fix uninitialized variable
Value of server_cert is undefined if `b = PackGetBuf(p, "Cert");` was
failed.
2020-03-27 07:25:45 +03:00
Paul Menzel
be3e45a4bf hamcore: Remove trailing spaces from comments 2020-03-25 12:23:55 +01:00
Fabrice Fontaine
dcecd4c0d5 Only enable getifaddrs support when available
On uClibc, the ifaddrs.h support is optional. While the default
Buildroot uClibc configuration has it enabled, some external
toolchains may not. Therefore this patch detects that and adjusts
softether usage of ifaddrs accordingly.

Based on an initial patch from Bernd Kuhls.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
[Retrieved from:
https://git.buildroot.net/buildroot/tree/package/softether/0009-uclibc-ai-addrconfig.patch]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2020-03-21 17:57:37 +01:00
Ilya Shipitsin
3b00d4c56b
Merge pull request #1081 from metalefty/describe_cmake_flags
Describe CMake options added by myself
2020-03-20 18:43:16 +05:00
Koichiro IWAO
e6b8e6eee3
replace SoftEther project related http links with https
Outside links such as http://www.openssl.org and http links appear in
source code are untouched.
2020-03-20 21:27:51 +09:00
Koichiro IWAO
78b0684dd4
Document additional CMake options
Some CMake options are added by myself (#1047 #1079). So I should
describe in document.
2020-03-20 21:24:51 +09:00
Koichiro IWAO
c222ef525b
Update build requirements on Unix 2020-03-18 18:28:33 +09:00
Ilya Shipitsin
c3d56c2201
Merge pull request #1079 from metalefty/skip_cpu_features
allow to SKIP_CPU_FEATURES explicitly, not only autodetect
2020-03-18 11:59:02 +05:00
Koichiro IWAO
f34d3c80b1
allow to SKIP_CPU_FEATURES explicitly, not only autodetect
Formerly, SKIP_CPU_FEATURES is automatically detected by system
processor. However, "^(armv7l|aarch64|s390x)$" does not cover all
processors that cpu_features should be skipped.

"armv6", "armv7", "mips", "mips64" on FreeBSD are examples [1]
that cpu_features is not correctly skipped.

This change intends to build SoftEther without any modifications on
CMakeLists.txt on such processors.

    cmake . -DSKIP_CPU_FEATURES=1

[1] https://www.freebsd.org/platforms/
2020-03-16 18:50:55 +09:00
dependabot[bot]
c635cdd614
Bump acorn from 6.1.1 to 6.4.1 in /src/bin/hamcore/wwwroot/admin/default
Bumps [acorn](https://github.com/acornjs/acorn) from 6.1.1 to 6.4.1.
- [Release notes](https://github.com/acornjs/acorn/releases)
- [Commits](https://github.com/acornjs/acorn/compare/6.1.1...6.4.1)

Signed-off-by: dependabot[bot] <support@github.com>
2020-03-15 22:06:23 +00:00
Evengard
fa9e9d15a5 Removing unrelated changes as per review 2020-02-06 10:52:34 +03:00
Evengard
60e85afd1f
Apply reviewed code style
Co-Authored-By: Davide Beatrici <davidebeatrici@gmail.com>
2020-02-06 10:49:09 +03:00
Evengard
a6970e3e61 Merge branch 'master' into ppp-ipv6 2020-02-05 00:23:03 +03:00
Ilya Shipitsin
eeec9a82f6
Merge pull request #1062 from dnobori/200101_impr_url_log_spacing
Merge pull request #1062: Improvement: Add a space character between URL and other tokens in the packet log format.
2020-01-01 17:53:27 +05:00
Daiyuu Nobori
a49219db83 Merge branch 'master' of github.com:SoftEtherVPN/SoftEtherVPN into 200101_fix_securenat_ecn 2020-01-01 19:59:42 +09:00
Daiyuu Nobori
a4f87565ae Bugfix: Fix the SecureNAT connection problem with ignoring TCP ECN bit enabled packets 2020-01-01 17:51:38 +09:00
Ilya Shipitsin
9487bc8d47
Merge pull request #1060 from dnobori/200101_fix_imperfect_lock
Merge pull request #1060: src/Cedar/Hub.c: fix possible crash because of imperfect Virtual Hub FDB lock
2020-01-01 12:33:15 +05:00
Daiyuu Nobori
70564a8f52 Bugfix: Imperfect Virtual Hub FDB lock may cause process crush. 2020-01-01 15:52:47 +09:00
Daiyuu Nobori
17e7d65839 Improvement: Add a space character between URL and other tokens in the packet log format. 2020-01-01 11:00:51 +09:00
Daiyuu Nobori
e5d691977d Bugfix: OpenVPN Certificate Authentication may cause process crush. 2020-01-01 10:59:24 +09:00
Daiyuu Nobori
f083c59905 Bugfix: Imperfect Virtual Hub FDB lock may cause process crush. 2020-01-01 10:57:51 +09:00
FelipeL
6d3fef8da6 pt-br translation 2019-12-28 15:43:06 +05:00
Koichiro IWAO
c8479e3011
CMake: make db, log, pid directory customizable 2019-12-04 23:59:18 +09:00
Koichiro IWAO
b1aae5080d
put chain_certs in dbdir 2019-12-04 23:59:13 +09:00
Koichiro IWAO
a69c4980d5
log eraser, log enumerator should refer logdir 2019-12-04 23:59:11 +09:00
Koichiro IWAO
c64674479d
separte log directory and database(config) directory
@ was an alias for exedir. To separate log directory and
database(config) directory, @ is now an alias for logdir and $ is an
alias for dbdir.
2019-12-04 23:59:09 +09:00
Koichiro IWAO
01abdedc45
put PID files under PidDir 2019-12-04 23:59:07 +09:00
Koichiro IWAO
18c9b74ff0
implement Get{Db,Log,Pid}{,W} function
DbDir  : directory to store files such as vpn_server.config and backups etc
LogDir : directory to write logs (sub directories is created in this dir)
PidDir : directory to put PID files such as .ctl-* .pid-* .VPN-*
2019-12-04 23:59:01 +09:00
Ilya Shipitsin
3b6c4d02ac 5.01.9672 release 2019-11-24 20:47:23 +05:00
dnobori
1d2a58b172 Cedar: handle UDP acceleration and R-UDP versions 2019-11-23 04:38:27 +01:00
Davide Beatrici
6b08a451da Mayaqua: implement R-UDP version 2, powered by ChaCha20-Poly1305 2019-11-23 04:38:20 +01:00
Davide Beatrici
2ea5c2a7b0 Cedar: implement UDP acceleration version 2, powered by ChaCha20-Poly1305 2019-11-23 04:23:56 +01:00
dnobori
82a81a3ce6 Cedar: serve new web management interface 2019-11-23 04:23:56 +01:00
dnobori
9aaa9a7f15 Cedar: implement detailed protocol info 2019-11-23 04:23:56 +01:00
dnobori
ab57ef3f54 Mayaqua: add Windows Server 2019 to the supported operating systems list 2019-11-23 04:23:56 +01:00
dnobori
76ae935172 Cedar: various fixes 2019-11-23 04:23:51 +01:00
Daiyuu Nobori
76c330e74b Cedar: add "DisableIPsecAggressiveMode" option
Setting it to "true" mitigates CVE-2002-1623.
2019-11-18 06:16:49 +01:00
Davide Beatrici
4acd7ab98e
Merge PR #1022: Move generic proxy stuff from Cedar to Mayaqua 2019-11-01 09:35:18 +01:00
Donald Buczek
12cbf34302 Make install dir for unit files configurable
Currently the systemd service unit files are installed
into /lib/systemd/system if that directory exists. This
might not be optimal for every user, e.g. when the build
system is not the target system or when building as an
unprivileged user using CMAKE_INSTALL_PREFIX.

Make this configurable by adding a cached cmake variable
CMAKE_INSTALL_SYSTEMD_UNITDIR. Usage:

- install unit files into /lib/systemd/system if it exists (old
behavior)

    cmake

- don't install unit files

   cmake -D CMAKE_INSTALL_SYSTEMD_UNITDIR=

- install into absolute path

   cmake -D CMAKE_INSTALL_SYSTEMD_UNITDIR=/path

- install into path relative to ${CMAKE_INSTALL_PREFIX}

   cmake -D CMAKE_INSTALL_SYSTEMD_UNITDIR=path
2019-10-30 11:33:08 +01:00
Davide Beatrici
63caa4b07f Protocol.c: adapt ClientConnectGetSocket() for new proxy functions
The function has been greatly improved, here are some of the changes:

- The required SESSION (c->Session) parameter is checked correctly: the function returns immediately in case it's NULL. Previously, the function didn't return in case the parameter was NULL; multiple checks were in place, but not in all instances where the parameter was dereferenced.
- The resolved IP address is cached with all proxy types.
- The "RestoreServerNameAndPort" variable is documented.
- The Debug() messages have been improved.
2019-10-30 01:39:11 +01:00
Davide Beatrici
3c21d982fc Wpc.c: adapt WpcSockConnectEx() for new proxy functions 2019-10-30 01:39:11 +01:00
Davide Beatrici
59dc26aa21 Protocol: add ProxyCodeToCedar()
This new function translates a proxy error code to a Cedar error code.
2019-10-30 01:39:11 +01:00
Davide Beatrici
b8f58a2f94 Move generic proxy stuff from Cedar to Mayaqua
This commit moves the generic (not related to our protocol) proxy stuff from Cedar to Mayaqua, in dedicated files.

The functions are refactored so that they all have the same arguments and follow the same logic.

Dedicated error codes are added, in order to indicate clearly why the function(s) failed.
2019-10-30 01:39:04 +01:00
Davide Beatrici
5d73cd878f Proto_OpenVPN.c: improve OvsProcessData(), fix out-of-bounds access found by Coverity
Coverity Scan detected an out-of-bounds access issue: OvsProcessData() checked whether the payload size was bigger than the size of the buffer, instead of checking whether the entire packet size (payload size + 2 bytes) was, resulting in an out-of-bounds access in case the payload size is bigger than 1998.

This commit also improves the variable names, the comments and adds two Debug() lines.
2019-10-27 09:01:56 +01:00
Davide Beatrici
16bde47763 Proto_OpenVPN.c: fix segmentation fault in OvsProceccRecvPacket()
OvsDecrypt() returns 0 when it fails, resulting in "size" rolling over with an end result of 4294967292.

This commit fixes the issue by checking whether "size" is greater than sizeof(UINT) before performing the subtraction.
2019-10-26 00:36:07 +02:00
Daiyuu Nobori
4d42f450b2 Addressing the UDP reflection amplification attack: https://github.com/SoftEtherVPN/SoftEtherVPN/issues/1001 2019-10-22 11:14:05 +09:00
Davide Beatrici
51330fdb43 Mayaqua.h: include <stdarg.h> for "va_list" on Illumos 2019-10-21 21:44:38 +02:00
Davide Beatrici
12cc242529 Protocol.c: fix bug in ClientConnectGetSocket() causing custom HTTP header not to work
The bug was caused by a typo in the StrCpy() call: the source buffer was the same as the destination one, meaning that the function didn't do anything.
2019-10-21 20:26:56 +02:00
Davide Beatrici
2f90e9ecb8 Mayaqua: move HTTP functions from "Network" to "HTTP" 2019-10-20 04:15:12 +02:00
Davide Beatrici
c3d6ffc533 Move GetMimeTypeFromFileName() and related structure to Mayaqua
The structure (containing all mimetypes) occupies almost 700 lines, which are a lot.

This is just the beginning of the refactor plan.
2019-10-20 04:15:12 +02:00
Davide Beatrici
04ecbf843a Mayaqua.h: include <stdio.h> for "FILE" 2019-10-20 04:15:12 +02:00
Davide Beatrici
6b41b19327 Mayaqua.h: include <stddef.h>, for "wchar_t" 2019-10-20 04:15:12 +02:00
dependabot[bot]
5fed2b8903
Bump mixin-deep in /src/bin/hamcore/wwwroot/admin/default
Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/jonschlinkert/mixin-deep/releases)
- [Commits](https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2)

Signed-off-by: dependabot[bot] <support@github.com>
2019-10-19 22:39:12 +00:00
Davide Beatrici
2aeec323f9
Merge PR #1008: Adding RADIUS and L3 MAC address fixing function, with small bug-fixes 2019-10-19 19:37:21 +02:00
Daiyuu Nobori
f0357d4000 - Fixed the problem occurs when RPC messages between Cluster Members exceed 64Kbytes.
- Fixed the RADIUS PEAP client to use the standard TLS versioning.
- Implementation of a function to fix the MAC address of L3 VPN protocol by entering e.g. "MAC: 112233445566" in the "Notes" field of the user information.
- Implementation of a function to fix the virtual MAC address to be assigned to the L3 VPN client as a string attribute from RADIUS server when authentication.
2019-10-19 17:34:12 +09:00
Daiyuu Nobori
7413fec646 Updating built-in Win32 libraries
- OpenSSL 1.1.1 -> 1.1.1d
- zlib 1.2.3 -> 1.2.11
2019-10-19 16:59:13 +09:00
Davide Beatrici
c8a0a5648b
Merge PR #970: Fix buffer overflow during NETBIOS name resolution 2019-09-30 06:59:04 +02:00
Ilya Shipitsin
e03db7ee60
Merge pull request #966 from Flucons/patch-1
Merge pull request #966: Create strtable_pt_br.stb
2019-09-21 17:33:12 +00:00
Ilya Shipitsin
93183f7b3f
Merge pull request #967 from Flucons/patch-2
Merge pull request #967 : Update SEVPN.sln
2019-09-21 17:32:03 +00:00
柊 ゆり子
50960dbe16
Update strtable_cn.stb
Improve some translation.
2019-09-17 17:51:03 +08:00
Koichiro IWAO
21e3ce104b Avoid using hardcoded paths in log file enumeration
Hardcoded paths are used in log file enumeration such as LogFileList
command or GenerateEraseFileList function to delete old log files when
disk free space is lacking.

Fixes: SoftEtherVPN/SoftEtherVPN#972
2019-09-13 10:38:09 +09:00
stffabi
850a5faa0d Fix buffer overflow during NETBIOS name resolution
If SecureNAT is enabled and the hostname of the server
is longer than 16characters, every NETBIOS name resolution
query triggers the buffer overflow. If the server was built
with stack protection, the process will be killed.
2019-09-04 14:32:19 +02:00
FelipeL
1144d6c430
Update SEVPN.sln
Add pt-br
2019-08-15 13:03:14 -03:00
FelipeL
926b99047a
Create strtable_pt_br.stb
Start pt-br translation
2019-08-15 00:46:58 -03:00
Davide Beatrici
d10f83417f
Merge PR #962: Fix several compile warnings on MS VC++ 2008. 2019-08-04 04:03:14 +02:00
Davide Beatrici
82b84a9436
Merge PR #961: Enable crash minidump for Win32 vpntest 2019-08-04 03:51:00 +02:00
Daiyuu Nobori
bf4667cfce Fix several compile warnings on MS VC++ 2008. 2019-08-04 10:35:16 +09:00
Daiyuu Nobori
c6068d23c7 Enables crash minidump for Win32 vpntest. Minidump files will be saved to the 'C:\Users\<username>\AppData\Local\Temp\vpn_debug' (for normal user) or 'src\bin\vpn_debug\' (for administrator user). 2019-08-04 10:26:41 +09:00
Davide Beatrici
9f19efb7af OpenVPN: use new protocol interface 2019-07-26 08:37:00 +02:00
Davide Beatrici
7d58e6bf60 Add interface for easy protocol implementation
This commit adds a protocol interface to the server, its purpose is to manage TCP connections and the various third-party protocols.

More specifically, ProtoHandleConnection() takes care of exchanging the packets between the local and remote endpoint; the protocol implementation only has to parse them and act accordingly.

The interface knows which protocol is the connection for by calling IsPacketForMe(), a function implemented for each protocol.
2019-07-26 08:36:54 +02:00
Rosen Penev
d57fc3524c
Fix LibreSSL support
My previous patch used a wrong if directive, which disabled removed
(de)initialization and threading for LibreSSL. This most likely causes
issues at runtime.
2019-07-22 11:35:19 -07:00
Rosen Penev
a9f707c813
Switch to OpenSSL THREADID API
The old threading API was deprecated in OpenSSL 1.0.
2019-07-22 11:28:12 -07:00
Davide Beatrici
d6cf1b85a9 Virtual: fix race condition in DHCP server which resulted in multiple clients receiving the same IP
A race condition in the DHCP server caused it to offer the same IP address to multiple clients when they connected at the same time, because an offered IP address was considered free until the final step (DHCP_ACK).

This commit introduces a list to keep track of the pending leases created during DHCP_OFFER, so that an IP address is guaranteed to be offered to a single client.
2019-07-13 23:29:16 +02:00
Rosen Penev
1bd39485cf
Mayaqua: Fix compilation without deprecated OpenSSL APIs
Initialization and deinitialization are deprecated.

Missing headers were added.

Explicit threading is also deprecated.
2019-07-11 12:42:26 -07:00
Rosen Penev
a4ed656001
Mayaqua: Replace GNU specific sys/poll.h header with POSIX poll.h
Fixes warning from the musl libc:

warning redirecting incorrect #include <sys/poll.h> to <poll.h>
2019-07-10 17:01:01 -07:00
Ilya Shipitsin
13dbf83e95 release 5.01.9671 2019-07-10 12:45:14 +05:00
Daiyuu Nobori
a9f31d7df9 Fixing the typo "descrption" of the JSON-RPC document. Thanks to https://github.com/SoftEtherVPN/SoftEtherVPN/issues/938 2019-07-10 14:37:30 +09:00
Ilya Shipitsin
47ad2328c0 src/Cedar/Admin.c: remove redundant check
found by Coverity

*** CID 341551:  Incorrect expression  (NO_EFFECT)
/src/Cedar/Admin.c: 414 in AdminWebHandleFileRequest()
408     // Handle the file request
409     bool AdminWebHandleFileRequest(ADMIN *a, CONNECTION *c, SOCK *s, HTTP_HEADER *h, char *url_src, char *query_string, char *virtual_root_dir, char *physical_root_dir)
410     {
411             bool ret = false;
412             char url[MAX_PATH];
413             UINT i, len;
>>>     CID 341551:  Incorrect expression  (NO_EFFECT)
>>>     Comparing an array to null is not useful: "url == NULL", since the test will always evaluate as true.
414             if (a == NULL || c == NULL || s == NULL || h == NULL || url == NULL || query_string == NULL ||
415                     virtual_root_dir == NULL || physical_root_dir == NULL)
416             {
417                     return false;
418             }
419
2019-07-06 10:22:44 +05:00
Daiyuu Nobori
2592525b64
Merge pull request #931 from dnobori/190630_update_see_ndis5_driver
Update the driver binary for https://github.com/SoftEtherVPN/SoftEtherVPN/pull/929
2019-06-30 02:24:32 +09:00
Daiyuu Nobori
896ac8e285
Merge pull request #930 from dnobori/190630_kb3033929_message
Add the warning message if KB3033929 is not installed in Windows 7 / Server 2008 R2.
2019-06-30 02:24:24 +09:00
Daiyuu Nobori
6e78068a65 Update the driver binary for https://github.com/SoftEtherVPN/SoftEtherVPN/pull/929 2019-06-30 01:22:04 +09:00
Daiyuu Nobori
9c227f3480 Add the warning message if KB3033929 is not installed in Windows 7 / Server 2008 R2. 2019-06-30 01:20:52 +09:00
Daiyuu Nobori
9c6c88a1a8
Merge pull request #927 from dnobori/190629_fix_url
Fix incorrect URLs in text files
2019-06-30 01:17:38 +09:00
Davide Beatrici
919f6c825f
Merge PR #929: Added ProbeForWrite() buffer writable check routine for Irp->UserBuffer in the NDIX 5.x See driver. 2019-06-29 17:02:57 +02:00
Daiyuu Nobori
7ef7c36c83 OpenVPN X.509 certificate authentication will be used only when no username / password is specified 2019-06-29 21:30:58 +09:00
Daiyuu Nobori
9cba49b89a Fix incorrect URLs in text files 2019-06-29 21:16:27 +09:00
Daiyuu Nobori
afc6a706e5 Adding wwwroot/admin/README.md 2019-05-29 20:17:43 +09:00
Daiyuu Nobori
b1d2dd8d87 Updating README 2019-05-29 19:37:29 +09:00
Daiyuu Nobori
39b80e04c5 Add initial wwwroot/admin/default/ HTML5 admin pages 2019-05-29 19:17:50 +09:00
Daiyuu Nobori
529d8f593c Update developer tools for JSON-RPC 2019-05-29 18:23:33 +09:00
Daiyuu Nobori
458906b151 Added JSON-RPC error message 2019-05-28 22:48:26 +09:00
Daiyuu Nobori
98b08c2ad1 Implementation of the JSON-RPC API and the Web Admin interface. (dnobori's internal note: 7579 - 7682) 2019-05-28 12:51:51 +09:00
Daiyuu Nobori
03841e4181 Initial vpnserver-jsonrpc-clients 2019-05-28 11:48:16 +09:00
Daiyuu Nobori
18cfe18950 Added ProbeForWrite() buffer writable check routine for Irp->UserBuffer in the See driver. The See driver is a legacy driver for packet capturing with NDIS 5.x (Windows 2000 or XP). It is based on the source code of WinPcap. 2019-05-28 10:36:31 +09:00
Ilya Shipitsin
854814475c release 5.01.9670 2019-04-07 19:11:27 +00:00
MatAtBread
6dbcda6026 Set unbuffered mode for *nix systems stdout, allowing interactive use within spawned processes. Fixes issue #898 2019-04-07 19:13:18 +01:00
Daiyuu Nobori
98443715d9 Fixed the vulnerability that a malformed packet will cause the buffer overflow at the receive path. This vulnerability may occur abnormal process exit with the buffer security check mechanism built-in with SoftEther VPN binary. Although this buffer overflow can theoretically bypass the security check in theory, in the actual binary it is detected by the buffer security check inserted by the C compiler and the process is forcibly terminated. Therefore, as a result, it can be abused by a DoS attacker. Acknowledgments: The last problems is discovered and reported by Fabrizio Steiner. 2019-02-28 20:40:23 +09:00
vvd
372e8aa031 Fixed memory leak in OpenSSL deinitialization function 2019-02-27 21:41:20 +01:00
Rosen Penev
26261236ba
Fix compilation without OpenSSL ENGINE 2019-02-25 14:24:31 -08:00
Nick
23b8161ac2
Fixed wrong function name in Debug message 2019-02-15 20:41:16 -05:00
Davide Beatrici
c1243c5198
Merge PR #873: ver.rc: fix misspelling 2019-02-14 08:51:19 +01:00
parly
962356af9c Fix misspelling 2019-02-14 16:07:35 +09:00
parly
5a7e4693fc Fix GetCedarVersionNumber() 2019-02-14 16:04:16 +09:00
Ilya Shipitsin
d790223700 release 5.01.9669 2019-02-03 19:43:50 +00:00
Ilya Shipitsin
45c13c5409 disable cpu features on arm64, amrhf, s390x
tested on launchpad
2019-02-03 18:05:34 +05:00
Ilya Shipitsin
c253c55a8c
Merge pull request #862 from davidebeatrici/mayaqua-getcipherlist-double-free-fix
Merge PR #862: Fix crashes in GetCipherList() and StGetServerCipherList()
2019-01-29 19:31:57 +05:00
Ilya Shipitsin
ce6e49a3f9 release 5.01.9668 2019-01-27 07:49:56 +00:00
Davide Beatrici
8657955c92 Merge PR #867: Improve translations for inf file. 2019-01-24 01:42:25 +01:00
Davide Beatrici
a97b87da68 Cedar/Admin.c: fix segmentation fault caused by non-initialized string in StGetServerCipherList()
StrCat() appends a string to an already existing string. In order to know where the existing string ends, it uses StrLen() which in turn uses strlen(), a function considered unsafe because it doesn't stop until it finds the null character.

Since the string was allocated but not initialized, StrCat() was either:

- Working correctly.
- Copying only a part of the string.
- Making the program crash via strlen().

The fix consists in using StrCpy(), which starts writing at the beginning of the string.
2019-01-21 04:15:55 +01:00
Davide Beatrici
09ee19e72b Mayaqua/Network.c: fix double free crash in GetCipherList()
SSL_free() also frees the associated context.

d6c3c1896c/ssl/ssl_lib.c (L1209)

From https://www.openssl.org/docs/man1.1.1/man3/SSL_free.html:

"SSL_free() also calls the free()ing procedures for indirectly affected items, if applicable: the buffering BIO, the read and write BIOs, cipher lists specially created for this ssl, the SSL_SESSION. Do not explicitly free these indirectly freed up items before or after calling SSL_free(), as trying to free things twice may lead to program failure."
2019-01-21 04:14:47 +01:00
Umi
e939f887c4 Update vpninstall_cn.inf 2019-01-21 03:59:31 +01:00
Daiyuu Nobori
63c01ba736
Merge pull request #832 from dnobori/181202_switch_to_apache_license
Switching license from GPLv2 to Apache License 2.0.
2019-01-21 09:36:19 +09:00
Umi
bf493e359b
Update vpninstall_cn.inf 2019-01-19 16:56:15 +08:00
Daiyuu Nobori
881f34ac56 Compacting headers, updating trivial texts to fit to the license change from GPLv2 to Apache License 2.0. 2019-01-14 12:25:53 +09:00
Ilya Shipitsin
3bb0e20add src/Mayaqua/FileIO: remove unused function
found by cppcheck

[src/Mayaqua/FileIO.c:2082]: (style) The function 'FileRename' is never used.
2019-01-06 23:44:23 +05:00
Ilya Shipitsin
7f8e5b00dc src/Cedar/UT: remove unused function
found by cppcheck

[src/Cedar/Proto_SSTP.c:126]: (style) The function 'SetNoSstp' is never used.
2019-01-06 23:39:43 +05:00
Ilya Shipitsin
057984b87c src/Cedar/Proto_SSTP: remove unused function
found by cppcheck

[src/Cedar/Proto_SSTP.c:126]: (style) The function 'SetNoSstp' is never used.
2019-01-06 23:34:10 +05:00
Ilya Shipitsin
dcf5c57fc2 src/Cedar/Proto_IPsec" remove unused function
found by cppcheck

[src/Cedar/Proto_IPsec.c:120]: (style) The function 'IPSecSetDisable' is never used.
2019-01-06 23:31:29 +05:00
Ilya Shipitsin
162a181b04 src/Cedar/Protocol: remove unused function
found by cppcheck

[src/Cedar/Protocol.c:6643]: (style) The function 'ProxyConnectEx' is never used.
2019-01-06 23:22:08 +05:00
Ilya Shipitsin
8534f2843e src/Cedar/DDNS: remove unused function, variables
found by cppcheck

[src/Cedar/DDNS.c:656]: (style) Condition 'ret==NULL' is always true
[src/Cedar/DDNS.c:515] -> [src/Cedar/DDNS.c:640]: (style) The expression 'use_https == false' is always true because 'use_https' and 'false' represent the same value.
[src/Cedar/DDNS.c:516] -> [src/Cedar/DDNS.c:648]: (style) The expression 'no_cert_verify == false' is always true because 'no_cert_verify' and 'false' represent the same value.
[src/Cedar/DDNS.c:816] -> [src/Cedar/DDNS.c:860]: (style) The expression 'no_cert_verify == false' is always true because 'no_cert_verify' and 'false' represent the same value.
[src/Cedar/DDNS.c:530]: (style) Variable 'use_vgs' is assigned a value that is never used.
[src/Cedar/DDNS.c:497]: (style) The function 'DCUpdateNow' is never used.
2019-01-06 23:18:25 +05:00
Ilya Shipitsin
72bd221bb4 src/Cedar/Account: remove unused functions
found by cppcheck

[src/Cedar/Account.c:523]: (style) The function 'GetUserPolicy' is never used.
[src/Cedar/Account.c:163]: (style) The function 'NormalizePolicyName' is never used.
2019-01-06 18:53:18 +05:00
Ilya Shipitsin
266f013880 src/Cedar/Command: remove redundant assignment
found by cppcheck

[src/Cedar/Command.c:23220] -> [src/Cedar/Command.c:23232]: (style) Variable 'len' is reassigned a value before the old one has been used.
2019-01-06 18:49:56 +05:00
Ilya Shipitsin
9d4d111555 src/Cedar/CM: remove unused function, variables
found by cppcheck

[src/Cedar/CM.c:4509]: (style) Variable 'easy' is assigned a value that is never used.
[src/Cedar/CM.c:4547]: (style) Variable 'hub_name' is assigned a value that is never used.
[src/Cedar/CM.c:4609]: (style) Variable 'is_account' is assigned a value that is never used.
[src/Cedar/CM.c:8545]: (style) The function 'CmLoadK' is never used.
2019-01-06 18:43:51 +05:00
Ilya Shipitsin
4760b3d0c3 src/Cedar/AzureClient: remove unused function
found by cppcheck

[src/Cedar/AzureClient.c:526]: (style) The function 'AcGetEnable' is never used.
2019-01-06 18:34:04 +05:00
Davide Beatrici
d62421adcb Cedar: retrieve the list of available encryption algorithms from the server 2019-01-01 20:31:13 +01:00
Davide Beatrici
2a572aab21 Mayaqua: fix segmentation fault, add new FreeHttpHeaderSafe() function 2018-12-30 14:46:26 +01:00
Davide Beatrici
619a533b8f
Merge PR #843: Mayaqua: query OpenSSL for the list of available ciphers instead of relying on a static list 2018-12-28 20:24:13 +01:00
Kero Yang
5ea5dd34b6
Update strtable_cn.stb
fixed a typo ("取消l" => "取消")
2018-12-25 04:05:37 +08:00
Davide Beatrici
eee494f046
Merge PR #847: Mayaqua: add "PTR_TO_PTR" macro intended to be used with FreeSafe() 2018-12-23 11:36:40 +01:00
Davide Beatrici
e51c319648 Mayaqua: add "PTR_TO_PTR" macro intended to be used with FreeSafe() 2018-12-22 07:38:38 +01:00
Davide Beatrici
ef77e95f87 Cedar/IPC.c: fix memory leak occurring when both the username and common name are not present (OpenVPN) 2018-12-21 21:24:22 +01:00
Ilya Shipitsin
0cf6fac7a3 5.01.9667
Signed-off-by: Ilya Shipitsin <chipitsine@gmail.com>
2018-12-21 11:18:18 +00:00
Davide Beatrici
7f9d47b3aa Mayaqua: query OpenSSL for the list of available ciphers instead of relying on a static list 2018-12-21 09:54:51 +01:00
Davide Beatrici
ac5e68b3ed hamcore: fix port number shown in the server management info string of vpncmd 2018-12-21 07:27:57 +01:00
Davide Beatrici
bd01cbff9a Mayaqua: add new FreeSafe() function which calls Free() and set the pointer's value to NULL 2018-12-20 02:52:22 +01:00
Davide Beatrici
ada06e218e Mayaqua: revamp RecvHttpHeader() so that cleanup functions are not called twice 2018-12-19 20:00:18 +01:00
Davide Beatrici
6c44cecc64 Cedar: Bind the special listeners to the specified IP address 2018-12-15 21:33:37 +01:00
Daiyuu Nobori
9c0eee0aad Merge branch 'master' of github.com:SoftEtherVPN/SoftEtherVPN into 181202_switch_to_apache_license 2018-12-14 10:58:58 +09:00
Davide Beatrici
a812910f85 src: Update VPN Client Manager and VPN Server Manager icons 2018-12-07 08:35:02 +00:00
Ilya Shipitsin
272c69d35a Release v5.01.9666
Signed-off-by: Ilya Shipitsin <chipitsine@gmail.com>
2018-12-04 04:14:18 +00:00
Daiyuu Nobori
456efa7f87 Modification the header comments for some definitions in TunTap.h. 2018-12-02 16:00:45 +09:00
Daiyuu Nobori
337aaa0dfa Modification the header comments for some definitions in TunTap.h. 2018-12-02 15:58:23 +09:00
Daiyuu Nobori
c407f35322 SHA-0 Implementation replacement from GPLv3 to Apache License 2018-12-02 10:30:22 +09:00
Daiyuu Nobori
16ed2f3e0c Documents: Switching license from GPLv2 to Apache License 2.0. 2018-12-02 09:37:24 +09:00
Daiyuu Nobori
58e2f74f7f Added the "OpenVPNPushDummyIPv4AddressOnL2Mode" option for the OpenVPN L2 mode.
To fix the bug of OpenVPN 2.4.6 and particular version of kernel mode TAP driver on Linux, the TAP device must be up after the OpenVPN client is connected. However there is no direct push instruction to do so to OpenVPN client. Therefore we push the dummy IPv4 address (RFC7600) to the OpenVPN client to enforce the TAP driver UP state.
2018-12-01 16:20:30 +09:00
Ilya Shipitsin
08465e3f39
Merge pull request #772 from davidebeatrici/http-proxy-custom-header
Merge PR #772: Add custom HTTP header feature for HTTP proxy
2018-11-30 10:22:32 +05:00
Ilya Shipitsin
cbaf198bd1
Merge pull request #826 from chipitsine/issue_689
Merge PR #826: missing warning_ru.txt which caused null pointer dereference
2018-11-30 02:56:23 +05:00
Davide Beatrici
aefbd2e903 Add custom HTTP header feature for HTTP proxy
A custom HTTP header can be used to bypass certain restrictions imposed on the network or to avoid speed limitations applied by the QoS.
2018-11-29 20:32:21 +01:00
Ilya Shipitsin
9e250e62be src/Mayaqua/Mayaqua: remove unused functions
found by cppcheck

[src/Mayaqua/Mayaqua.c:753]: (style) Consecutive return, break, continue, goto or throw statements are unnecessary.
[src/Mayaqua/Mayaqua.c:484]: (style) The function 'IsUnicode' is never used.
[src/Mayaqua/Mayaqua.c:438]: (style) The function 'MayaquaDotNetMode' is never used.
[src/Mayaqua/Mayaqua.c:774]: (style) The function 'PrintOsInfo' is never used.
2018-11-30 00:01:11 +05:00
Ilya Shipitsin
f985a50f31 quick and dirty fix for issue 689 2018-11-28 23:19:56 +05:00
Davide Beatrici
a1722ac2e0 Cedar: allow @ in username 2018-11-28 15:51:04 +01:00
Ilya Shipitsin
974f18505b v5.01.9665
Signed-off-by: Ilya Shipitsin <chipitsine@gmail.com>
2018-11-28 10:34:59 +00:00
Davide Beatrici
8d37f3fa0f BuildUtil: use new variables 2018-11-27 05:26:28 +01:00
Davide Beatrici
6903f9b89f CMake: build targets with versioning info on Windows 2018-11-27 05:26:21 +01:00
Davide Beatrici
0642427080 BuildFiles: edit "ver.rc" so that it uses CMake's variables syntax 2018-11-27 05:00:30 +01:00
Davide Beatrici
04188f8606 CMake: change project name to "SoftEther VPN", create and use "TOP_DIRECTORY" variable 2018-11-27 05:00:30 +01:00
Ilya Shipitsin
70ee8abae8
Merge pull request #818 from chipitsine/cleanup
Merge PR #818: src/Mayaqua/Cfg: remove unused functions, variables
2018-11-27 02:13:10 +05:00
Ilya Shipitsin
d72329c007 src/Mayaqua/Cfg: remove unused functions, variables
found by cppcheck

[src/Mayaqua/Cfg.c:669]: (style) Variable 'invalid_file' is assigned a value that is never used.
[src/Mayaqua/Cfg.c:2111]: (style) Variable 'v' is assigned a value that is never used.
[src/Mayaqua/Cfg.c:1114]: (style) The function 'CfgFolderToBufText' is never used.
[src/Mayaqua/Cfg.c:539]: (style) The function 'CfgRead' is never used.
[src/Mayaqua/Cfg.c:418]: (style) The function 'CfgSave' is never used.
[src/Mayaqua/Cfg.c:1425]: (style) The function 'CfgStrToType' is never used.
[src/Mayaqua/Cfg.c:708]: (style) The function 'CfgTest' is never used.
[src/Mayaqua/Cfg.c:704]: (style) The function 'CfgTest2' is never used.
[src/Mayaqua/Cfg.c:247]: (style) The function 'NewCfgRwW' is never used.
2018-11-27 01:52:27 +05:00
Davide Beatrici
8a58af86b1 Cedar: add new "UsernameHubSeparator" configuration option for the server, to specify a different character from '@' 2018-11-25 20:50:14 +01:00
Ilya Shipitsin
3842e813d6 Release v5.01.9664
Signed-off-by: Ilya Shipitsin <chipitsine@gmail.com>
2018-11-20 04:20:51 +00:00
Davide Beatrici
03f80edfcd Cedar/Proto_OpenVPN.c: don't release data channel if it's not established, improve logic and debug messages 2018-11-19 21:30:42 +01:00
Davide Beatrici
264760aaf5
Merge PR #808: OpenVPN: Add packet scrambling/obfuscation feature 2018-11-19 21:14:27 +01:00
Davide Beatrici
c48de5924a Mayaqua: ability to toggle memory tracking at runtime, various logic improvements 2018-11-18 04:18:51 +01:00
Davide Beatrici
e1bd84d7f3 CMake: set PDB output directory, don't set default build type 2018-11-18 04:18:42 +01:00
Davide Beatrici
6a45921f41 OpenVPN: Add packet scrambling/obfuscation feature
This allows an OpenVPN client to bypass a firewall which is aware of the protocol and is able to block it.
The XOR mask set on the server has to be the same on the client, otherwise it will not be able to connect with certain obfuscation modes.
A special OpenVPN client built with the "XOR patch" is required in order to use this function, because it has never been merged in the official OpenVPN repository.

Two parameters are added to the server configuration: "OpenVPNObfuscationMethod" and "OpenVPNObfuscationMask".
Their value can be retrieved with "OpenVpnObfuscationGet" and set with "OpenVpnObfuscationEnable" in the VPN Command Line Management Utility.
2018-11-12 22:32:37 +01:00
Ilya Shipitsin
304893c139 src/Cedar/Protocol, src/Cedar/Session: cleanup, remove unused functions, variables,
resolve possible null pointer dereference

found by cppcheck

[src/Cedar/Protocol.c:3138] -> [src/Cedar/Protocol.c:3071]: (warning) Either the condition 's!=NULL' is redundant or there is possible null pointer dereference: s.
[src/Cedar/Protocol.c:916]: (style) Variable 'save' is assigned a value that is never used.
[src/Cedar/Protocol.c:6242]: (style) Variable 'size' is assigned a value that is never used.
[src/Cedar/Protocol.c:778]: (style) Variable 'old_disable' is assigned a value that is never used.
[src/Cedar/Protocol.c:1021]: (style) Variable 'save' is assigned a value that is never used.
[src/Cedar/Protocol.c:3708]: (style) Variable 'is_vgc' is assigned a value that is never used.
[src/Cedar/Protocol.c:5785]: (style) Variable 's' is assigned a value that is never used.
[src/Cedar/Protocol.c:6164]: (style) The function 'SocksConnectEx' is never used.
[src/Cedar/Protocol.c:907]: (style) The function 'CompareNodeInfo' is never used.
[src/Cedar/Protocol.c:6968]: (style) The function 'ProxyConnect' is never used.
[src/Cedar/Protocol.c:3986]: (style) The function 'SecureDelete' is never used.
[src/Cedar/Protocol.c:4042]: (style) The function 'SecureEnum' is never used.
[src/Cedar/Protocol.c:4127]: (style) The function 'SecureWrite' is never used.
[src/Cedar/Protocol.c:6463]: (style) The function 'SocksConnect' is never used.
[src/Cedar/Protocol.c:7185]: (style) The function 'TcpConnectEx2' is never used.
[src/Cedar/Protocol.c:7206]: (style) The function 'TcpIpConnect' is never used.
2018-11-10 14:18:18 +05:00
Davide Beatrici
f154cf1cec Mayaqua/Encrypt.h: fix missing AEAD macro for OpenBSD 2018-11-08 19:24:42 +01:00
Davide Beatrici
c259138225 src/BUILD_WINDOWS.md: remove ATL/MFC step 2018-11-08 15:44:52 +01:00
Davide Beatrici
0bc6a9ba5e src: change "afxres.h" to "winres.h" in all resource files, to remove MFC dependency 2018-11-07 21:23:55 +00:00
Ilya Shipitsin
da518914c1 release v5.01.9663
Signed-off-by: Ilya Shipitsin <chipitsine@gmail.com>
2018-11-07 02:15:14 +00:00
Davide Beatrici
a5f18087cd
Merge PR #790: Add support for SOCKS5 proxy protocol 2018-11-07 01:30:56 +01:00
Davide Beatrici
85ebba5e39 Cedar/Proto_PPP.c: push 192.0.0.8 instead of 1.0.0.1 as gateway IP address
1.0.0.1 is a real IP address, owned by CloudFlare and used for their DNS service.

This commit changes the IP address we push to 192.0.0.8, which is defined in RFC7600 as dummy IPv4 address.
2018-11-07 00:07:01 +01:00
Davide Beatrici
540dffda05
Merge PR #793: Added Windows CMake setup info 2018-11-04 04:11:37 +01:00
Fox
7b148d8db0 Added Windows CMake setup info 2018-11-04 01:50:18 -06:00
Davide Beatrici
ba930668ba
Merge PR #796: Cedar/Proto_OpenVPN: add support for GCM ciphers 2018-11-04 01:01:10 +01:00
Ilya Shipitsin
6440521f81 src/Mayaqua/Network.c: remove reccuring check
found by PVS analyzer

src/Mayaqua/Network.c	18715	err	V571 Recurring check. The 'if (u->GetNatTIpThread == NULL)' condition was already verified in line 18712.
2018-11-04 01:04:58 +05:00
Ilya Shipitsin
dcc684ea28 src/Cedar/Admin.c: remove reccuring check
found by PVS analyzer

src/Cedar/Admin.c	5583	err	V571 Recurring check. The 'if (no_include)' condition was already verified in line 5581.
2018-11-04 01:02:51 +05:00
Ilya Shipitsin
87702f0f7d src/Mayaqua/OS: remove unused functions
found by cppcheck

[src/Mayaqua/OS.c:493]: (style) The function 'OSDec32' is never used.
[src/Mayaqua/OS.c:373]: (style) The function 'OSDeleteDir' is never used.
[src/Mayaqua/OS.c:393]: (style) The function 'OSFileCreate' is never used.
[src/Mayaqua/OS.c:353]: (style) The function 'OSFileDelete' is never used.
[src/Mayaqua/OS.c:383]: (style) The function 'OSFileOpen' is never used.
[src/Mayaqua/OS.c:331]: (style) The function 'OSFileRename' is never used.
[src/Mayaqua/OS.c:487]: (style) The function 'OSInc32' is never used.
[src/Mayaqua/OS.c:363]: (style) The function 'OSMakeDir' is never used.
[src/Mayaqua/OS.c:541]: (style) The function 'OSResetEvent' is never used.
2018-11-04 00:41:12 +05:00
Ilya Shipitsin
bfe8ee8127 src/Cedar/Proto_IkePacket: remove unused functions, redundant assignments
found by cppcheck

[src/Cedar/Proto_IkePacket.c:958]: (style) The function 'IkeNewCertPayload' is never used.
[src/Cedar/Proto_IkePacket.c:942]: (style) The function 'IkeNewCertRequestPayload' is never used.
[src/Cedar/Proto_IkePacket.c:875]: (style) The function 'IkeNewNoticeErrorInvalidExchangeTypePayload' is never used.
[src/Cedar/Proto_IkePacket.c:2542]: (style) The function 'IkeNewSpi' is never used.
[src/Cedar/Proto_IkePacket.c:142]: (style) The function 'IkePhase1CryptIdToKeySize' is never used.
[src/Cedar/Proto_IkePacket.c:157]: (style) The function 'IkePhase2CryptIdToKeySize' is never used.
[src/Cedar/Proto_IkePacket.c:172]: (style) The function 'IkeStrToPhase1CryptId' is never used.
[src/Cedar/Proto_IkePacket.c:187]: (style) The function 'IkeStrToPhase1HashId' is never used.
[src/Cedar/Proto_IkePacket.c:196]: (style) The function 'IkeStrToPhase2CryptId' is never used.
[src/Cedar/Proto_IkePacket.c:211]: (style) The function 'IkeStrToPhase2HashId' is never used.
[src/Cedar/Proto_IkePacket.c:2168]: (style) Condition 'b==NULL' is always true
2018-11-04 00:13:51 +05:00
Davide Beatrici
0357024e62 hamcore/openvpn_sample.ovpn: improve "cipher" and "auth" documentation, remove list of supported ciphers 2018-11-03 16:44:56 +01:00