13dbf83e95
release 5.01.9671
2019-07-10 12:45:14 +05:00
a9f31d7df9
Fixing the typo "descrption" of the JSON-RPC document. Thanks to https://github.com/SoftEtherVPN/SoftEtherVPN/issues/938
2019-07-10 14:37:30 +09:00
47ad2328c0
src/Cedar/Admin.c: remove redundant check
...
found by Coverity
*** CID 341551: Incorrect expression (NO_EFFECT)
/src/Cedar/Admin.c: 414 in AdminWebHandleFileRequest()
408 // Handle the file request
409 bool AdminWebHandleFileRequest(ADMIN *a, CONNECTION *c, SOCK *s, HTTP_HEADER *h, char *url_src, char *query_string, char *virtual_root_dir, char *physical_root_dir)
410 {
411 bool ret = false;
412 char url[MAX_PATH];
413 UINT i, len;
>>> CID 341551: Incorrect expression (NO_EFFECT)
>>> Comparing an array to null is not useful: "url == NULL", since the test will always evaluate as true.
414 if (a == NULL || c == NULL || s == NULL || h == NULL || url == NULL || query_string == NULL ||
415 virtual_root_dir == NULL || physical_root_dir == NULL)
416 {
417 return false;
418 }
419
2019-07-06 10:22:44 +05:00
2592525b64
Merge pull request #931 from dnobori/190630_update_see_ndis5_driver
...
Update the driver binary for https://github.com/SoftEtherVPN/SoftEtherVPN/pull/929
2019-06-30 02:24:32 +09:00
896ac8e285
Merge pull request #930 from dnobori/190630_kb3033929_message
...
Add the warning message if KB3033929 is not installed in Windows 7 / Server 2008 R2.
2019-06-30 02:24:24 +09:00
6e78068a65
Update the driver binary for https://github.com/SoftEtherVPN/SoftEtherVPN/pull/929
2019-06-30 01:22:04 +09:00
9c227f3480
Add the warning message if KB3033929 is not installed in Windows 7 / Server 2008 R2.
2019-06-30 01:20:52 +09:00
9c6c88a1a8
Merge pull request #927 from dnobori/190629_fix_url
...
Fix incorrect URLs in text files
2019-06-30 01:17:38 +09:00
919f6c825f
Merge PR #929 : Added ProbeForWrite() buffer writable check routine for Irp->UserBuffer in the NDIX 5.x See driver.
2019-06-29 17:02:57 +02:00
7ef7c36c83
OpenVPN X.509 certificate authentication will be used only when no username / password is specified
2019-06-29 21:30:58 +09:00
9cba49b89a
Fix incorrect URLs in text files
2019-06-29 21:16:27 +09:00
afc6a706e5
Adding wwwroot/admin/README.md
2019-05-29 20:17:43 +09:00
b1d2dd8d87
Updating README
2019-05-29 19:37:29 +09:00
39b80e04c5
Add initial wwwroot/admin/default/ HTML5 admin pages
2019-05-29 19:17:50 +09:00
529d8f593c
Update developer tools for JSON-RPC
2019-05-29 18:23:33 +09:00
458906b151
Added JSON-RPC error message
2019-05-28 22:48:26 +09:00
98b08c2ad1
Implementation of the JSON-RPC API and the Web Admin interface. (dnobori's internal note: 7579 - 7682)
2019-05-28 12:51:51 +09:00
03841e4181
Initial vpnserver-jsonrpc-clients
2019-05-28 11:48:16 +09:00
18cfe18950
Added ProbeForWrite() buffer writable check routine for Irp->UserBuffer in the See driver. The See driver is a legacy driver for packet capturing with NDIS 5.x (Windows 2000 or XP). It is based on the source code of WinPcap.
2019-05-28 10:36:31 +09:00
854814475c
release 5.01.9670
2019-04-07 19:11:27 +00:00
6dbcda6026
Set unbuffered mode for *nix systems stdout, allowing interactive use within spawned processes. Fixes issue #898
2019-04-07 19:13:18 +01:00
98443715d9
Fixed the vulnerability that a malformed packet will cause the buffer overflow at the receive path. This vulnerability may occur abnormal process exit with the buffer security check mechanism built-in with SoftEther VPN binary. Although this buffer overflow can theoretically bypass the security check in theory, in the actual binary it is detected by the buffer security check inserted by the C compiler and the process is forcibly terminated. Therefore, as a result, it can be abused by a DoS attacker. Acknowledgments: The last problems is discovered and reported by Fabrizio Steiner.
2019-02-28 20:40:23 +09:00
372e8aa031
Fixed memory leak in OpenSSL deinitialization function
2019-02-27 21:41:20 +01:00
26261236ba
Fix compilation without OpenSSL ENGINE
2019-02-25 14:24:31 -08:00
23b8161ac2
Fixed wrong function name in Debug message
2019-02-15 20:41:16 -05:00
c1243c5198
Merge PR #873 : ver.rc: fix misspelling
2019-02-14 08:51:19 +01:00
962356af9c
Fix misspelling
2019-02-14 16:07:35 +09:00
5a7e4693fc
Fix GetCedarVersionNumber()
2019-02-14 16:04:16 +09:00
d790223700
release 5.01.9669
2019-02-03 19:43:50 +00:00
45c13c5409
disable cpu features on arm64, amrhf, s390x
...
tested on launchpad
2019-02-03 18:05:34 +05:00
c253c55a8c
Merge pull request #862 from davidebeatrici/mayaqua-getcipherlist-double-free-fix
...
Merge PR #862 : Fix crashes in GetCipherList() and StGetServerCipherList()
2019-01-29 19:31:57 +05:00
ce6e49a3f9
release 5.01.9668
2019-01-27 07:49:56 +00:00
8657955c92
Merge PR #867 : Improve translations for inf file.
2019-01-24 01:42:25 +01:00
a97b87da68
Cedar/Admin.c: fix segmentation fault caused by non-initialized string in StGetServerCipherList()
...
StrCat() appends a string to an already existing string. In order to know where the existing string ends, it uses StrLen() which in turn uses strlen(), a function considered unsafe because it doesn't stop until it finds the null character.
Since the string was allocated but not initialized, StrCat() was either:
- Working correctly.
- Copying only a part of the string.
- Making the program crash via strlen().
The fix consists in using StrCpy(), which starts writing at the beginning of the string.
2019-01-21 04:15:55 +01:00
09ee19e72b
Mayaqua/Network.c: fix double free crash in GetCipherList()
...
SSL_free() also frees the associated context.
https://github.com/openssl/openssl/blob/d6c3c1896cf3c0d69bc27da923d63f8130b13ca0/ssl/ssl_lib.c#L1209
From https://www.openssl.org/docs/man1.1.1/man3/SSL_free.html :
"SSL_free() also calls the free()ing procedures for indirectly affected items, if applicable: the buffering BIO, the read and write BIOs, cipher lists specially created for this ssl, the SSL_SESSION. Do not explicitly free these indirectly freed up items before or after calling SSL_free(), as trying to free things twice may lead to program failure."
2019-01-21 04:14:47 +01:00
e939f887c4
Update vpninstall_cn.inf
2019-01-21 03:59:31 +01:00
63c01ba736
Merge pull request #832 from dnobori/181202_switch_to_apache_license
...
Switching license from GPLv2 to Apache License 2.0.
2019-01-21 09:36:19 +09:00
bf493e359b
Update vpninstall_cn.inf
2019-01-19 16:56:15 +08:00
881f34ac56
Compacting headers, updating trivial texts to fit to the license change from GPLv2 to Apache License 2.0.
2019-01-14 12:25:53 +09:00
3bb0e20add
src/Mayaqua/FileIO: remove unused function
...
found by cppcheck
[src/Mayaqua/FileIO.c:2082]: (style) The function 'FileRename' is never used.
2019-01-06 23:44:23 +05:00
7f8e5b00dc
src/Cedar/UT: remove unused function
...
found by cppcheck
[src/Cedar/Proto_SSTP.c:126]: (style) The function 'SetNoSstp' is never used.
2019-01-06 23:39:43 +05:00
057984b87c
src/Cedar/Proto_SSTP: remove unused function
...
found by cppcheck
[src/Cedar/Proto_SSTP.c:126]: (style) The function 'SetNoSstp' is never used.
2019-01-06 23:34:10 +05:00
dcf5c57fc2
src/Cedar/Proto_IPsec" remove unused function
...
found by cppcheck
[src/Cedar/Proto_IPsec.c:120]: (style) The function 'IPSecSetDisable' is never used.
2019-01-06 23:31:29 +05:00
162a181b04
src/Cedar/Protocol: remove unused function
...
found by cppcheck
[src/Cedar/Protocol.c:6643]: (style) The function 'ProxyConnectEx' is never used.
2019-01-06 23:22:08 +05:00
8534f2843e
src/Cedar/DDNS: remove unused function, variables
...
found by cppcheck
[src/Cedar/DDNS.c:656]: (style) Condition 'ret==NULL' is always true
[src/Cedar/DDNS.c:515] -> [src/Cedar/DDNS.c:640]: (style) The expression 'use_https == false' is always true because 'use_https' and 'false' represent the same value.
[src/Cedar/DDNS.c:516] -> [src/Cedar/DDNS.c:648]: (style) The expression 'no_cert_verify == false' is always true because 'no_cert_verify' and 'false' represent the same value.
[src/Cedar/DDNS.c:816] -> [src/Cedar/DDNS.c:860]: (style) The expression 'no_cert_verify == false' is always true because 'no_cert_verify' and 'false' represent the same value.
[src/Cedar/DDNS.c:530]: (style) Variable 'use_vgs' is assigned a value that is never used.
[src/Cedar/DDNS.c:497]: (style) The function 'DCUpdateNow' is never used.
2019-01-06 23:18:25 +05:00
72bd221bb4
src/Cedar/Account: remove unused functions
...
found by cppcheck
[src/Cedar/Account.c:523]: (style) The function 'GetUserPolicy' is never used.
[src/Cedar/Account.c:163]: (style) The function 'NormalizePolicyName' is never used.
2019-01-06 18:53:18 +05:00
266f013880
src/Cedar/Command: remove redundant assignment
...
found by cppcheck
[src/Cedar/Command.c:23220] -> [src/Cedar/Command.c:23232]: (style) Variable 'len' is reassigned a value before the old one has been used.
2019-01-06 18:49:56 +05:00
9d4d111555
src/Cedar/CM: remove unused function, variables
...
found by cppcheck
[src/Cedar/CM.c:4509]: (style) Variable 'easy' is assigned a value that is never used.
[src/Cedar/CM.c:4547]: (style) Variable 'hub_name' is assigned a value that is never used.
[src/Cedar/CM.c:4609]: (style) Variable 'is_account' is assigned a value that is never used.
[src/Cedar/CM.c:8545]: (style) The function 'CmLoadK' is never used.
2019-01-06 18:43:51 +05:00
4760b3d0c3
src/Cedar/AzureClient: remove unused function
...
found by cppcheck
[src/Cedar/AzureClient.c:526]: (style) The function 'AcGetEnable' is never used.
2019-01-06 18:34:04 +05:00
d62421adcb
Cedar: retrieve the list of available encryption algorithms from the server
2019-01-01 20:31:13 +01:00
Ilya Shipitsin
Daiyuu Nobori
Daiyuu Nobori
Davide Beatrici
MatAtBread
vvd
Rosen Penev
Nick
parly
Umi