1
0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2024-11-30 05:19:53 +03:00
Commit Graph

1616 Commits

Author SHA1 Message Date
ajeecai
69d132e997 Fix a deadlock when Run() to create a process. Child forked will inherit
state of global mutex which may be in intermidiate taken status by one of
threads of the parent, then in child process it tries to get this mutex
and is always pending. One example of mutex is malloc_lock, and there are more.
2018-04-16 10:37:22 +00:00
Moataz Elmasry
478270efba Revert "Cleanup ssl library. No memory leaks. (#143)". Build failing using OpenSSL 1.1.0f
This reverts commit 227842f89c.
2018-04-11 23:25:21 +02:00
Moataz Elmasry
227842f89c
Cleanup ssl library. No memory leaks. (#143) 2018-04-11 23:18:16 +02:00
Maks Naumov
3f553abf1d Use correct sizeof value (#426)
* Use correct sizeof() value

* Use correct size for Zero()
2018-04-11 22:53:59 +02:00
Ilya Shipitsin
596493e1a1 resolve several issues identified by cppcheck (#465)
[src/Cedar/Admin.c:13452] -> [src/Cedar/Admin.c:13492]: (warning) Either the condition 'cedar!=NULL' is redundant or there is possible null pointer dereference: cedar.
[src/Cedar/SM.c:18455] -> [src/Cedar/SM.c:18379]: (warning) Either the condition 'p!=NULL' is redundant or there is possible null pointer dereference: p.
[src/Cedar/SM.c:18455] -> [src/Cedar/SM.c:18491]: (warning) Either the condition 'p!=NULL' is redundant or there is possible null pointer dereference: p.
[src/Cedar/SM.c:18455] -> [src/Cedar/SM.c:18506]: (warning) Either the condition 'p!=NULL' is redundant or there is possible null pointer dereference: p.
[src/Cedar/Protocol.c:5190] -> [src/Cedar/Protocol.c:5115]: (warning) Either the condition 's!=NULL' is redundant or there is possible null pointer dereference: s.
[src/Cedar/Protocol.c:5190] -> [src/Cedar/Protocol.c:5145]: (warning) Either the condition 's!=NULL' is redundant or there is possible null pointer dereference: s.
[src/Cedar/Hub.c:5517] -> [src/Cedar/Hub.c:5553]: (warning) Either the condition 'dest!=NULL' is redundant or there is possible null pointer dereference: dest.
[src/Cedar/Hub.c:5517] -> [src/Cedar/Hub.c:5556]: (warning) Either the condition 'dest!=NULL' is redundant or there is possible null pointer dereference: dest.
2018-04-11 00:08:31 +02:00
Moataz Elmasry
a238b7450d Updated authors list 2018-04-09 23:20:06 +02:00
Davide Beatrici
affcc39300 GitHub: improve issue template (#480) 2018-04-09 23:18:00 +02:00
Ilya Shipitsin
26f3ebc059 travis-ci: split openssl into 1.0.2, 1.1.0 matrix (#477) 2018-04-09 23:16:38 +02:00
Moataz Elmasry
fcaaab0d8e
Initial commit of ISSUE_TEMPLATE so that users can create more detailed issue description (#392) 2018-04-07 22:18:18 +02:00
Moataz Elmasry
a2a0c271c8
Move disclaimer to its own file (#417) 2018-04-07 21:44:45 +02:00
Alexey Kryuchkov
9b19949614 Fix compilation with OpenSSL 1.1.0 (broken in #327) (#476) 2018-04-07 21:42:08 +02:00
moatazelmasry2
2c64df848d Updated authors list 2018-04-05 23:07:31 +02:00
Alexey Kryuchkov
83295bb736 OpenVPN client certificate authentication (Individual Certificate Authentication) (#327)
* Implement OpenVPN certificate authentication, fixes #55

* fixup! Implement OpenVPN certificate authentication, fixes #55
2018-04-05 23:04:58 +02:00
Evengard
9fff38de2b Rewriting PPP stack, preparing for IPv6 support 2018-03-15 12:49:18 +03:00
Ilya Shipitsin
863f87fac1 travis-ci: add "dh build-arch" step
debian: fix dependencies
2018-03-12 22:29:42 +01:00
moatazelmasry2
cdde36ccb2 Remove deploy snippet from travis-ci config 2018-03-07 22:07:01 +01:00
moatazelmasry2
4a0e493446 Add secure oauth token for travis-ci launchpad 2018-03-07 21:53:34 +01:00
moatazelmasry2
1cd55559cb Add PPA deployer to travis-ci 2018-03-06 23:29:36 +01:00
Moataz Elmasry
8f65a6ff16 Update AUTHORS.TXT 2018-03-06 23:11:41 +01:00
Moataz Elmasry
f4b3187602 Remove a file that was added by mistake into the repo 2018-03-06 23:10:35 +01:00
parly
ac3e5535f6 Make textbox of encryption algorithm name scrollable 2018-03-06 23:07:06 +01:00
Moataz Elmasry
b3291c98b0 Update authors list 2018-02-19 23:52:26 +01:00
Moataz Elmasry
734380c767 Squash PR 413 Update README.md into master 2018-02-19 23:51:06 +01:00
Moataz Elmasry
8128798875 Update Authors list 2018-02-15 22:23:50 +01:00
Moataz Elmasry
9ad254115f Merge PR #154 Add Traditional Chinese language translation into master 2018-02-15 22:10:02 +01:00
Moataz Elmasry
c32b26694e Updated authors list 2018-02-14 23:58:09 +01:00
Moataz Elmasry
c2c3ff3b4d Updated authors list 2018-02-14 23:52:48 +01:00
Quintin
d2f9d03297 Updated build instructions and package versions 2018-02-14 23:50:56 +01:00
Moataz Elmasry
e04ec3b203 Incrementing Version of SoftEther to 5.1. Preparing for release 2018-02-14 23:26:05 +01:00
Daiyuu Nobori
8c0c4396b7 Add the Alternative subject name field on the new X.509 certificate creation. 2018-02-12 23:56:14 +01:00
Daiyuu Nobori
02bcf9152c Fix a bug in the Win32EnumDirExW() function. 2018-02-12 23:55:34 +01:00
Ilya Shipitsin
79c06146a4 remove unused functions (identified by cppcheck)
[src/Cedar/Account.c:854]: (style) The function 'AddGroupTraffic' is never used.
[src/Mayaqua/Secure.c:1455]: (style) The function 'AddSecObjToEnumCache' is never used.
[src/Mayaqua/Network.c:18445]: (style) The function 'AddSockList' is never used.
[src/Cedar/Account.c:870]: (style) The function 'AddUserTraffic' is never used.
[src/Cedar/Server.c:1045]: (style) The function 'AdjoinEnumLogFile' is never used.
[src/Cedar/Admin.c:13780]: (style) The function 'AdminConnect' is never used.
[src/Mayaqua/Encrypt.c:855]: (style) The function 'BigNumToStr' is never used.
[src/Mayaqua/Str.c:2113]: (style) The function 'Bit128ToStr' is never used.
[src/Mayaqua/Encrypt.c:898]: (style) The function 'BufToBigNum' is never used.
[src/Mayaqua/Internat.c:1874]: (style) The function 'CalcStrToUtf8' is never used.
[src/Cedar/Hub.c:6689]: (style) The function 'CalcTrafficDiff' is never used.
[src/Mayaqua/Internat.c:1819]: (style) The function 'CalcUtf8ToStr' is never used.
[src/Mayaqua/Network.c:6495]: (style) The function 'CanGetTcpProcessId' is never used.
[src/Cedar/WinUi.c:7226]: (style) The function 'CbInsertStrA' is never used.
[src/Cedar/Client.c:3035]: (style) The function 'CcEnumObjectInSecure' is never used.
[src/Cedar/Client.c:2826]: (style) The function 'CcGetCommonProxySetting' is never used.
[src/Cedar/Client.c:2857]: (style) The function 'CcSetCommonProxySetting' is never used.
[src/Cedar/Cedar.c:575]: (style) The function 'CedarLog' is never used.
[src/Cedar/WinUi.c:9841]: (style) The function 'Center2' is never used.
[src/Mayaqua/Encrypt.c:814]: (style) The function 'CertTest' is never used.
[src/Mayaqua/Encrypt.c:809]: (style) The function 'CertTest2' is never used.
[src/Mayaqua/Encrypt.c:819]: (style) The function 'CertTest_' is never used.
[src/Mayaqua/Cfg.c:1705]: (style) The function 'CfgIsFolder' is never used.
2018-02-08 00:20:07 +01:00
Guanzhong Chen
56c4582da8 Allow specifying cipher suites instead of single ciphers (#343)
* Allow specifying cipher suites instead of single ciphers.

CipherName now specifies all cipher suites instead of the
preferred cipher. This allows insecure ciphers like RC4 to
be permanently disabled, instead of being the default fallback
when the preferred cipher is unsupported.

CipherName is now left for OpenSSL to verify. Should it be
invalid, a secure default is used. The default CipherName setting
for new servers is one such invalid string: "~DEFAULT~". This
allows for future updates to change the default and the servers
can stay secure.

* Remove unused temporary variable.
2018-02-08 00:13:41 +01:00
Moataz Elmasry
8cafa07d9c Set an initialization value in Network.c to be conform with PR #275 2018-02-01 00:10:04 +01:00
Moataz Elmasry
a5fa265811
Merge pull request #275 from chipitsine/master
cppcheck findings
2018-02-01 00:06:08 +01:00
Moataz Elmasry
3de0890a02 Extend authors list 2018-01-25 02:59:08 +01:00
Moataz Elmasry
9d6c1ea0e9 Add missing function definition 2018-01-25 02:58:18 +01:00
Moataz Elmasry
93d9ade990 Merge PR #129 into master. 2018-01-25 02:55:11 +01:00
Moataz Elmasry
93c04d0ddc Update authors list 2018-01-23 21:44:49 +01:00
Maks Naumov
ea4bb811ef Fix log msg for IKE with agressive exchange mode (#425) 2018-01-23 17:42:20 +01:00
Moataz Elmasry
5eb83bbad4
Merge pull request #419 from dnobori/180105-bugfix
Fixes 11 vulnerabilities
2018-01-19 17:54:23 +01:00
Daiyuu Nobori
7de986dcca 7 missing memory boundaries checks and similar memory problems. There are no risk of arbitrary code execution or intrusion on these bugs in my analysis. However, these problems may lead to crash the running server process. So these bugs must be fixed.
Buffer overread in ParseL2TPPacket()
Memory corruption in IcmpParseResult
Missing bounds check in ParseUDP() can lead to invalid memory access
Out-of-bounds read in IPsec_PPP.c (unterminated string buffer)
Overlapping parameters to memcpy() via StrToIp6()
PACK ReadValue() crash vulnerability
Potential use of uninitialized memory via IPToInAddr6()

4 memory leaks. While the amount of leakage is very small per time, these bugs can finally cause process crash by out of memory. So these bugs must be fixed.

Memory leak in NnReadDnsRecord
Memory leak in RadiusLogin()
Memory leak via ParsePacketIPv4WithDummyMacHeader
Remote memory leak in OpenVPN server code

1 coding improvement. This is not a bug, however, I fixed the code to avoid furture misunderstanding.

RecvAll can return success on failure (leading to use of uninitialized memory)

Contributors for this bugfix:

- Max Planck Institute for Molecular Genetics
- Guido Vranken
2018-01-15 10:25:10 +09:00
Daiyuu Nobori
8edbcd4c0d update recent authors 2018-01-15 10:11:40 +09:00
Moataz Elmasry
b810352f67 Updated AUTHORS.TXT file 2018-01-11 23:57:55 +01:00
macvk
ab4b27ab3c Add parameter "ListenIP" to server configuration (vpn_server.config) (#202)
* Added parameter "ListenIP" to server configuration (vpn_server.config)

* Fixed bug in VPN client
2018-01-11 23:53:38 +01:00
Daiyuu Nobori
e391b4d503
Merge pull request #405 from dnobori/dev
Fixed the bug which occurs the L2TP/IPsec connection error with Android Oreo, etc.
2018-01-04 17:59:03 +09:00
Daiyuu Nobori
ce3d35c595 Added the function to save the DNS query log on the packet logs. (fix) 2017-12-22 07:26:06 +09:00
Daiyuu Nobori
a0b54d7c6d Added the TCP destination port 3128 (well known as Squid default port) to assume as the HTTP proxy port on the packet logging. 2017-12-21 23:25:08 +09:00
Daiyuu Nobori
bb30535bb6 Fix the function name: RFC3164 -> RFC3339 2017-12-21 23:24:06 +09:00
Daiyuu Nobori
97e7a82be2 Added the function to save the DNS query log on the packet logs. 2017-12-21 23:23:17 +09:00