AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2026-04-20 05:49:26 +03:00
Code Releases Activity
1,377 Commits 5 Branches 27 Tags
d161b75a7d666bf8c1e71071cf7b6d0dfb5c8aca
Commit Graph

836 Commits

Author SHA1 Message Date
Evengard 723f38e72f Fixing Linux... 2020-05-02 19:52:47 +03:00
Evengard a2b7cb0148 Added possibility to load CA certificates from chain_certs folder to allow verifying the client certificates against it. 2020-05-02 19:52:46 +03:00
Evengard 24bd2b3198 Fixing up some errors 2020-05-02 19:52:46 +03:00
Evengard 9f2a5cecf3 Preliminary (untested) EAP-TLS implementation 2020-05-02 19:52:46 +03:00
Evengard a65c436e8f Writing skeleton for EAP-TLS implementation 2020-05-02 19:52:45 +03:00
Evengard aa0ec4343c Fixing errors as per static analysis 2020-05-02 19:52:45 +03:00
Evengard 1bdd9a92bc Adding timeout propagation from user policy in PPP sessions (including L2TP and SSTP). 2020-05-02 19:52:45 +03:00
Davide Beatrici 942051d3a8 Cedar: various improvements to Proto 
The PROTO structure is now used to identify the system as a whole, rather than a single protocol. It's stored and initialized in Server.

ProtoCompare(), ProtoAdd() and ProtoDetected() are renamed to make the difference between PROTO and PROTO_IMPL more clear.

ProtoGet() and ProtoNum() are removed because the related list can now be accessed directly by Server.
 2020-05-01 07:14:38 +02:00
Ilya Shipitsin 039cd8edf0 Merge pull request #1107 from chipitsine/master 
5.01.9674 release
 2020-04-30 13:26:45 +05:00
Ilya Shipitsin a902d3eed9 5.01.9674 release 2020-04-30 12:02:05 +05:00
dependabot[bot] 44f731f781 Bump jquery in /src/bin/hamcore/wwwroot/admin/default 
Bumps [jquery](https://github.com/jquery/jquery) from 3.4.1 to 3.5.0.
- [Release notes](https://github.com/jquery/jquery/releases)
- [Commits](https://github.com/jquery/jquery/compare/3.4.1...3.5.0)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-04-30 06:12:25 +00:00
Evengard f20e99f8e4 Treating empty IPCP requests as IPCP requests with IP-Address option zeroed out 2020-04-25 20:59:08 +03:00
Evengard b9109211d3 ACKing an empty LCP options list 2020-04-25 15:29:57 +03:00
Davide Beatrici 9073452b09 Merge PR #1092: src/Cedar/Proto_OpenVPN.c: push "block-outside-dns" to clients 2020-04-20 03:25:43 +02:00
Ilya Shipitsin 70a7c4596d 5.01.9673 release 2020-04-18 00:47:47 +05:00
Daiyuu Nobori 033647c8ac Fix security issue: Fix the security of JSON-API. If the administrator password of the Virtual Hub is empty, JSON-API (which was added in 4.30 Build 9696 Beta) will not be able to access to the virtual hub with a empty password since this release. Because there are relatively many cases in which administrator password is empty for a virtual hub, being able to manage a virtual hub without a password using JSON-API was a security problem. In this release, this behavior has been changed so that JSON-API cannot be accessed in the Virtual Hub management mode until it is configured with non-empty password. 2020-04-06 00:44:14 +09:00
Davide Beatrici b6ef9f88c9 src/Cedar/Proto_OpenVPN.c: push "block-outside-dns" to clients 
From https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage:

--block-outside-dns

Block DNS servers on other network adapters to prevent DNS leaks.
This option prevents any application from accessing TCP or UDP port 53 except one inside the tunnel.
It uses Windows Filtering Platform (WFP) and works on Windows Vista or later.
This option is considered unknown on non-Windows platforms and unsupported on Windows XP, resulting in fatal error.
You may want to use --setenv opt or --ignore-unknown-option (not suitable for Windows XP) to ignore said error.
Note that pushing unknown options from server does not trigger fatal errors.
 2020-04-04 08:37:19 +02:00
Ilya Shipitsin c6f186bd73 Merge pull request #1084 from ffontaine/master 
Only enable getifaddrs support when available
 2020-04-03 17:45:19 +05:00
Ilya Shipitsin 84bd9abb30 Merge pull request #1072 from Evengard/ppp-ipv6 
Rewriting the PPP stack
 2020-04-02 20:29:51 +05:00
Georgy Komarov 4772a508dc sam: fix using pointer to local variable that is out of scope 2020-03-27 07:28:43 +03:00
Georgy Komarov 1416a693e7 protocol: fix uninitialized variable 
Value of server_cert is undefined if `b = PackGetBuf(p, "Cert");` was
failed.
 2020-03-27 07:25:45 +03:00
Paul Menzel be3e45a4bf hamcore: Remove trailing spaces from comments 2020-03-25 12:23:55 +01:00
Fabrice Fontaine dcecd4c0d5 Only enable getifaddrs support when available 
On uClibc, the ifaddrs.h support is optional. While the default
Buildroot uClibc configuration has it enabled, some external
toolchains may not. Therefore this patch detects that and adjusts
softether usage of ifaddrs accordingly.

Based on an initial patch from Bernd Kuhls.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
[Retrieved from:
https://git.buildroot.net/buildroot/tree/package/softether/0009-uclibc-ai-addrconfig.patch]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
 2020-03-21 17:57:37 +01:00
Ilya Shipitsin 3b00d4c56b Merge pull request #1081 from metalefty/describe_cmake_flags 
Describe CMake options added by myself
 2020-03-20 18:43:16 +05:00
Koichiro IWAO e6b8e6eee3 replace SoftEther project related http links with https 
Outside links such as http://www.openssl.org and http links appear in
source code are untouched.
 2020-03-20 21:27:51 +09:00
Koichiro IWAO 78b0684dd4 Document additional CMake options 
Some CMake options are added by myself (#1047 #1079). So I should
describe in document.
 2020-03-20 21:24:51 +09:00
Koichiro IWAO c222ef525b Update build requirements on Unix 2020-03-18 18:28:33 +09:00
Ilya Shipitsin c3d56c2201 Merge pull request #1079 from metalefty/skip_cpu_features 
allow to SKIP_CPU_FEATURES explicitly, not only autodetect
 2020-03-18 11:59:02 +05:00
Koichiro IWAO f34d3c80b1 allow to SKIP_CPU_FEATURES explicitly, not only autodetect 
Formerly, SKIP_CPU_FEATURES is automatically detected by system
processor. However, "^(armv7l|aarch64|s390x)$" does not cover all
processors that cpu_features should be skipped.

"armv6", "armv7", "mips", "mips64" on FreeBSD are examples [1]
that cpu_features is not correctly skipped.

This change intends to build SoftEther without any modifications on
CMakeLists.txt on such processors.

    cmake . -DSKIP_CPU_FEATURES=1

[1] https://www.freebsd.org/platforms/
 2020-03-16 18:50:55 +09:00
dependabot[bot] c635cdd614 Bump acorn from 6.1.1 to 6.4.1 in /src/bin/hamcore/wwwroot/admin/default 
Bumps [acorn](https://github.com/acornjs/acorn) from 6.1.1 to 6.4.1.
- [Release notes](https://github.com/acornjs/acorn/releases)
- [Commits](https://github.com/acornjs/acorn/compare/6.1.1...6.4.1)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-03-15 22:06:23 +00:00
Evengard fa9e9d15a5 Removing unrelated changes as per review 2020-02-06 10:52:34 +03:00
Evengard 60e85afd1f Apply reviewed code style 
Co-Authored-By: Davide Beatrici <davidebeatrici@gmail.com>
 2020-02-06 10:49:09 +03:00
Evengard a6970e3e61 Merge branch 'master' into ppp-ipv6 2020-02-05 00:23:03 +03:00
Ilya Shipitsin eeec9a82f6 Merge pull request #1062 from dnobori/200101_impr_url_log_spacing 
Merge pull request #1062: Improvement: Add a space character between URL and other tokens in the packet log format.
 2020-01-01 17:53:27 +05:00
Daiyuu Nobori a49219db83 Merge branch 'master' of github.com:SoftEtherVPN/SoftEtherVPN into 200101_fix_securenat_ecn 2020-01-01 19:59:42 +09:00
Daiyuu Nobori a4f87565ae Bugfix: Fix the SecureNAT connection problem with ignoring TCP ECN bit enabled packets 2020-01-01 17:51:38 +09:00
Ilya Shipitsin 9487bc8d47 Merge pull request #1060 from dnobori/200101_fix_imperfect_lock 
Merge pull request #1060: src/Cedar/Hub.c: fix possible crash because of imperfect Virtual Hub FDB lock
 2020-01-01 12:33:15 +05:00
Daiyuu Nobori 70564a8f52 Bugfix: Imperfect Virtual Hub FDB lock may cause process crush. 2020-01-01 15:52:47 +09:00
Daiyuu Nobori 17e7d65839 Improvement: Add a space character between URL and other tokens in the packet log format. 2020-01-01 11:00:51 +09:00
Daiyuu Nobori e5d691977d Bugfix: OpenVPN Certificate Authentication may cause process crush. 2020-01-01 10:59:24 +09:00
Daiyuu Nobori f083c59905 Bugfix: Imperfect Virtual Hub FDB lock may cause process crush. 2020-01-01 10:57:51 +09:00
FelipeL 6d3fef8da6 pt-br translation 2019-12-28 15:43:06 +05:00
Koichiro IWAO c8479e3011 CMake: make db, log, pid directory customizable 2019-12-04 23:59:18 +09:00
Koichiro IWAO b1aae5080d put chain_certs in dbdir 2019-12-04 23:59:13 +09:00
Koichiro IWAO a69c4980d5 log eraser, log enumerator should refer logdir 2019-12-04 23:59:11 +09:00
Koichiro IWAO c64674479d separte log directory and database(config) directory 
@ was an alias for exedir. To separate log directory and
database(config) directory, @ is now an alias for logdir and $ is an
alias for dbdir.
 2019-12-04 23:59:09 +09:00
Koichiro IWAO 01abdedc45 put PID files under PidDir 2019-12-04 23:59:07 +09:00
Koichiro IWAO 18c9b74ff0 implement Get{Db,Log,Pid}{,W} function 
DbDir  : directory to store files such as vpn_server.config and backups etc
LogDir : directory to write logs (sub directories is created in this dir)
PidDir : directory to put PID files such as .ctl-* .pid-* .VPN-*
 2019-12-04 23:59:01 +09:00
Ilya Shipitsin 3b6c4d02ac 5.01.9672 release 2019-11-24 20:47:23 +05:00
dnobori 1d2a58b172 Cedar: handle UDP acceleration and R-UDP versions 2019-11-23 04:38:27 +01:00