1
0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2024-11-23 09:59:52 +03:00
Commit Graph

120 Commits

Author SHA1 Message Date
Daiyuu Nobori
d8ab9c00ec Preparing the development branch 2017-10-19 14:54:56 +09:00
dnobori
faee11ff09 v4.23-9647-beta 2017-10-18 18:24:21 +09:00
Daiyuu Nobori
acf49ad536 Merge pull request #344 from quantum5/openssl1.1
OpenSSL 1.1 Port
2017-10-18 16:58:46 +09:00
Daiyuu Nobori
1b73778e3f Merge pull request #315 from rel22/SoftetherVPN-RuToken-S-patch-1
Added support for RuToken USB key PKCS#11
2017-10-18 16:58:19 +09:00
Daiyuu Nobori
f9436daa6f Merge pull request #313 from zulzardi/patch-2
Fixed RSA key bits wrong calculation for certain x509 certificate
2017-10-18 16:58:09 +09:00
Daiyuu Nobori
2241b9a366 Merge pull request #309 from moatazelmasry2/openvpn-extend-ciphers
Openvpn extend ciphers
2017-10-18 16:57:52 +09:00
Daiyuu Nobori
056c322601 Merge branch 'master' into add-sha2 2017-10-18 16:57:26 +09:00
Daiyuu Nobori
936815f2d4 Merge pull request #293 from moatazelmasry2/expand-dh-groups
Add DH groups 2048,3072,4096 to IPSec_IKE
2017-10-18 16:37:22 +09:00
Daiyuu Nobori
8ae035420b Merge pull request #282 from NoahO/NoahO-PPP-patch
Stop Radius Delay from counting to next_resend
2017-10-18 16:37:02 +09:00
Daiyuu Nobori
b61882598f Merge pull request #256 from cm0x4D/master
Using client parameter in function CtConnect
2017-10-18 16:36:24 +09:00
cm0x4d
78bcc07fa9 Peer info optional in OvsParseKeyMethod2() 2017-09-28 10:37:24 +02:00
Quantum
0746be43a2 OpenSSL 1.1 Port.
Some potential problems with Ssl_Init_Async_SendAlert.
2017-07-29 22:31:25 -04:00
rel22
61e71be380 Add support for RuToken USB key PKCS#11
Test on RuToken-S key.
https://www.rutoken.ru/products/all/rutoken-s/
2017-03-13 18:17:24 +03:00
Zulyandri Zardi
a3db7b2e3d Update Encrypt.c
Fixed RSA bits wrong calculation for certain x509 certificate
2017-03-10 12:04:17 +08:00
Moataz Elmasry
fdcf90d3f0 Add CAMELLIA cipher suite to OpenVPN 2017-02-24 14:09:22 +01:00
Moataz Elmasry
e0a9fb1950 Add HMAC-SHA2-256, HMAC2-384, HMAC2-512 support to OpenVPN 2017-01-23 02:34:25 +01:00
Moataz Elmasry
071004477f Fix errors while adding SHA2 support to HMAC 2017-01-23 02:03:37 +01:00
Moataz Elmasry
29234b7f9a Add HMAC SHA2 to IKE 2017-01-23 00:50:48 +01:00
Moataz Elmasry
342d602f5d Add support for HMAC SHA2-256, HMAC SHA2-384, HMAC SHA2-512 2017-01-22 16:09:30 +01:00
Moataz Elmasry
c7c40c063a Add DH groups 2048,3072,4096 to IPSec_IKE
src/Cedar/IPsec_IkePacket.c
2017-01-21 19:20:59 +01:00
Noah O'Donoghue
a5425bcb4e Add files via upload 2016-12-28 14:39:01 +07:00
dnobori
4df2eb4f9c v4.22-9634-beta 2016-11-27 17:43:14 +09:00
Daiyuu Nobori
c9cd73d906 fix conflict 2016-11-27 18:02:30 +09:00
Daiyuu Nobori
2a2f47e0c8 Merge pull request #127 from nna774/fix/vpncmd-LogFileGet
fix LogFileGet won't save to SAVEPATH
2016-11-27 17:57:47 +09:00
Daiyuu Nobori
86d87d1ac4 fix conflict 2016-11-27 17:57:00 +09:00
Daiyuu Nobori
5f8ce287c3 Merge pull request #133 from yehorov/master
Add the possibility to send the Virtual Hub Name to an external DHCP server
2016-11-27 17:55:04 +09:00
Daiyuu Nobori
697bff4023 Merge pull request #165 from micsell/cpupatch
Fixed OSX CPU utilization by replacing broken kevent() with select()
2016-11-27 17:54:57 +09:00
Daiyuu Nobori
7c30cddedb Merge pull request #178 from mcsalgado/fix_initialization
Fix set initialization, set.OnlyCapsuleModeIsInvalid could be garbage
2016-11-27 17:54:17 +09:00
Daiyuu Nobori
034a213c2c Merge pull request #204 from LegDog/master
Adding Radius AVP Called-Station-Id
2016-11-27 17:53:45 +09:00
Daiyuu Nobori
712adc6d74 resolved the conflict 2016-11-27 17:48:18 +09:00
Daiyuu Nobori
cc8fff4d81 Merge pull request #217 from lewellyn/patch-1
Default to TLS connections only
2016-11-27 17:25:15 +09:00
Daiyuu Nobori
5cae447c79 Merge pull request #229 from chipitsine/master
cppcheck issues
2016-11-27 17:25:03 +09:00
Luiz Eduardo Gava
ced0856ab1 HTTPS /wiki redir to 443 (test) 2016-11-08 14:44:35 -02:00
Luiz Eduardo Gava
8520502707 Merge remote-tracking branch 'upstream/master' 2016-11-08 09:23:52 -02:00
Michael Clausen
462840cf6e Using client parameter in function CtConnect
Using the global client variable might lead to strange behavoir if multiple clients are allocated and to crashes in the case the client was not initialized with CtStartClient()
2016-10-03 13:31:03 +02:00
ajeecai
9bc67cc293 Fix that ParseTcpOption doesn't work correctly
Suppose there is a TCP SYN or SYN-ACK packet taking options as:
    02 04 05 b4 01 01 04 02 01 03 03 04 
which is 
Options: (12 bytes)
    >Maximum segment size: 1460 bytes
    >No-Operation (NOP)
    >No-Operation (NOP)
    >TCP SACK Permitted Option: True
    >No-Operation (NOP)
    >Window scale: 4 (multiply by 16)

Then the original parse function only returns MSS 1460 while WSS is 0.
2016-08-04 17:33:18 +08:00
Mykhaylo Yehorov
03ffd7535a merge upstream v4.21-9613-beta 2016-05-04 12:27:52 +03:00
Mykhaylo Yehorov
698babf408 merge upstream v4.20-9608-rtm 2016-05-04 11:53:35 +03:00
Ilya Shipitsin
d1ea47eb66 cppcheck issues:
[src/Cedar/Client.c:2184] -> [src/Cedar/Client.c:2187]: (warning) Either the condition 'rpc==0' is redundant or there is possible null pointer dereference: rpc.
[src/Cedar/Client.c:6032] -> [src/Cedar/Client.c:6035]: (warning) Either the condition 'ret!=0' is redundant or there is possible null pointer dereference: ret.
2016-04-30 00:26:58 +05:00
Ilya Shipitsin
29f93371c3 cppcheck issue:
[src/Cedar/Connection.c:1041] -> [src/Cedar/Connection.c:1043]: (warning) Either the condition 's!=0' is redundant or there is possible null pointer dereference: s.
2016-04-30 00:22:05 +05:00
Ilya Shipitsin
01edd34bbe cppcheck issues:
[src/Cedar/SM.c:875] -> [src/Cedar/SM.c:882]: (warning) Either the condition 'd==0' is redundant or there is possible null pointer dereference: d.
[src/Cedar/UdpAccel.c:119] -> [src/Cedar/UdpAccel.c:123]: (warning) Either the condition 'a==0' is redundant or there is possible null pointer dereference: a.
2016-04-30 00:16:15 +05:00
Ilya Shipitsin
556ea647e3 cppcheck issues:
[src/Cedar/Virtual.c:2389] -> [src/Cedar/Virtual.c:2398]: (warning) Either the condition 'a==0' is redundant or there is possible null pointer dereference: a.
[src/Cedar/Virtual.c:4000] -> [src/Cedar/Virtual.c:4004]: (warning) Either the condition 'n==0' is redundant or there is possible null pointer dereference: n.
[src/Cedar/Virtual.c:4203] -> [src/Cedar/Virtual.c:4207]: (warning) Either the condition 'n==0' is redundant or there is possible null pointer dereference: n.
2016-04-30 00:03:35 +05:00
Ilya Shipitsin
84f95447a3 cppcheck issues:
[src/Cedar/WebUI.c:1728] -> [src/Cedar/WebUI.c:1730]: (warning) Either the condition 'buf==0' is redundant or there is possible null pointer dereference: buf.
[src/Mayaqua/FileIO.c:383] -> [src/Mayaqua/FileIO.c:386]: (warning) Either the condition 'p==0' is redundant or there is possible null pointer dereference: p.
[src/Mayaqua/TcpIp.c:1837] -> [src/Mayaqua/TcpIp.c:1839]: (warning) Either the condition 'tcp!=0' is redundant or there is possible null pointer dereference: tcp.
2016-04-29 23:59:35 +05:00
Ilya Shipitsin
2f52dac9c4 cppcheck issues:
[src/Cedar/Admin.c:11843] -> [src/Cedar/Admin.c:11845]: (warning) Either the condition 't==0' is redundant or there is possible null pointer dereference: t.
[src/Cedar/Admin.c:12316] -> [src/Cedar/Admin.c:12318]: (warning) Either the condition 'a==0' is redundant or there is possible null pointer dereference: a.
[src/Cedar/Admin.c:12576] -> [src/Cedar/Admin.c:12578]: (warning) Either the condition 't==0' is redundant or there is possible null pointer dereference: t.
[src/Cedar/Admin.c:12790] -> [src/Cedar/Admin.c:12792]: (warning) Either the condition 't==0' is redundant or there is possible null pointer dereference: t.
2016-04-29 23:50:58 +05:00
dnobori
1e17c9bcfd v4.21-9613-beta 2016-04-24 23:49:31 +09:00
dnobori
c0c1b914db v4.20-9608-rtm 2016-04-18 01:52:49 +09:00
Mykhaylo Yehorov
4a3f08e5b8 merge upstream v4.19-9605-beta 2016-03-08 21:32:14 +02:00
dnobori
17e624ac26 v4.19-9605-beta 2016-03-06 23:16:01 +09:00
Matt Lewandowsky
15876de6fb Default to TLS connections only
Due to DROWN (CVE-2016-0800), SSLv2 must be disabled by default. This is the most straight-forward way to ensure new installations are not vulnerable. The upgrade use case is not addressed by this PR, though I posted information to the forum: http://www.vpnusers.com/viewtopic.php?f=7&t=5596

This patch is made available under Contribution Option 1, to allow PacketiX to be fixed the same way.
2016-03-02 08:02:07 -08:00
Raymond Tau
311ab9efab Correctly save and apply the DisableSslVersions config 2015-12-09 14:06:13 +08:00