AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2024-11-06 17:50:40 +03:00
Code Releases Activity
986 Commits 1 Branch 26 Tags 548 MiB
5.01.9671
Commit Graph

590 Commits

Author SHA1 Message Date
Ilya Shipitsin
13dbf83e95 release 5.01.9671 2019-07-10 12:45:14 +05:00
Daiyuu Nobori
a9f31d7df9 Fixing the typo "descrption" of the JSON-RPC document. Thanks to https://github.com/SoftEtherVPN/SoftEtherVPN/issues/938 2019-07-10 14:37:30 +09:00
Ilya Shipitsin
47ad2328c0 src/Cedar/Admin.c: remove redundant check 
found by Coverity

*** CID 341551:  Incorrect expression  (NO_EFFECT)
/src/Cedar/Admin.c: 414 in AdminWebHandleFileRequest()
408     // Handle the file request
409     bool AdminWebHandleFileRequest(ADMIN *a, CONNECTION *c, SOCK *s, HTTP_HEADER *h, char *url_src, char *query_string, char *virtual_root_dir, char *physical_root_dir)
410     {
411             bool ret = false;
412             char url[MAX_PATH];
413             UINT i, len;
>>>     CID 341551:  Incorrect expression  (NO_EFFECT)
>>>     Comparing an array to null is not useful: "url == NULL", since the test will always evaluate as true.
414             if (a == NULL || c == NULL || s == NULL || h == NULL || url == NULL || query_string == NULL ||
415                     virtual_root_dir == NULL || physical_root_dir == NULL)
416             {
417                     return false;
418             }
419
 2019-07-06 10:22:44 +05:00
Daiyuu Nobori
2592525b64
Merge pull request #931 from dnobori/190630_update_see_ndis5_driver 
Update the driver binary for https://github.com/SoftEtherVPN/SoftEtherVPN/pull/929
 2019-06-30 02:24:32 +09:00
Daiyuu Nobori
896ac8e285
Merge pull request #930 from dnobori/190630_kb3033929_message 
Add the warning message if KB3033929 is not installed in Windows 7 / Server 2008 R2.
 2019-06-30 02:24:24 +09:00
Daiyuu Nobori
6e78068a65 Update the driver binary for https://github.com/SoftEtherVPN/SoftEtherVPN/pull/929 2019-06-30 01:22:04 +09:00
Daiyuu Nobori
9c227f3480 Add the warning message if KB3033929 is not installed in Windows 7 / Server 2008 R2. 2019-06-30 01:20:52 +09:00
Daiyuu Nobori
9c6c88a1a8
Merge pull request #927 from dnobori/190629_fix_url 
Fix incorrect URLs in text files
 2019-06-30 01:17:38 +09:00
Davide Beatrici
919f6c825f
Merge PR #929: Added ProbeForWrite() buffer writable check routine for Irp->UserBuffer in the NDIX 5.x See driver. 2019-06-29 17:02:57 +02:00
Daiyuu Nobori
7ef7c36c83 OpenVPN X.509 certificate authentication will be used only when no username / password is specified 2019-06-29 21:30:58 +09:00
Daiyuu Nobori
9cba49b89a Fix incorrect URLs in text files 2019-06-29 21:16:27 +09:00
Daiyuu Nobori
afc6a706e5 Adding wwwroot/admin/README.md 2019-05-29 20:17:43 +09:00
Daiyuu Nobori
b1d2dd8d87 Updating README 2019-05-29 19:37:29 +09:00
Daiyuu Nobori
39b80e04c5 Add initial wwwroot/admin/default/ HTML5 admin pages 2019-05-29 19:17:50 +09:00
Daiyuu Nobori
529d8f593c Update developer tools for JSON-RPC 2019-05-29 18:23:33 +09:00
Daiyuu Nobori
458906b151 Added JSON-RPC error message 2019-05-28 22:48:26 +09:00
Daiyuu Nobori
98b08c2ad1 Implementation of the JSON-RPC API and the Web Admin interface. (dnobori's internal note: 7579 - 7682) 2019-05-28 12:51:51 +09:00
Daiyuu Nobori
03841e4181 Initial vpnserver-jsonrpc-clients 2019-05-28 11:48:16 +09:00
Daiyuu Nobori
18cfe18950 Added ProbeForWrite() buffer writable check routine for Irp->UserBuffer in the See driver. The See driver is a legacy driver for packet capturing with NDIS 5.x (Windows 2000 or XP). It is based on the source code of WinPcap. 2019-05-28 10:36:31 +09:00
Ilya Shipitsin
854814475c release 5.01.9670 2019-04-07 19:11:27 +00:00
MatAtBread
6dbcda6026 Set unbuffered mode for *nix systems stdout, allowing interactive use within spawned processes. Fixes issue #898 2019-04-07 19:13:18 +01:00
Daiyuu Nobori
98443715d9 Fixed the vulnerability that a malformed packet will cause the buffer overflow at the receive path. This vulnerability may occur abnormal process exit with the buffer security check mechanism built-in with SoftEther VPN binary. Although this buffer overflow can theoretically bypass the security check in theory, in the actual binary it is detected by the buffer security check inserted by the C compiler and the process is forcibly terminated. Therefore, as a result, it can be abused by a DoS attacker. Acknowledgments: The last problems is discovered and reported by Fabrizio Steiner. 2019-02-28 20:40:23 +09:00
vvd
372e8aa031 Fixed memory leak in OpenSSL deinitialization function 2019-02-27 21:41:20 +01:00
Rosen Penev
26261236ba
Fix compilation without OpenSSL ENGINE 2019-02-25 14:24:31 -08:00
Nick
23b8161ac2
Fixed wrong function name in Debug message 2019-02-15 20:41:16 -05:00
Davide Beatrici
c1243c5198
Merge PR #873: ver.rc: fix misspelling 2019-02-14 08:51:19 +01:00
parly
962356af9c Fix misspelling 2019-02-14 16:07:35 +09:00
parly
5a7e4693fc Fix GetCedarVersionNumber() 2019-02-14 16:04:16 +09:00
Ilya Shipitsin
d790223700 release 5.01.9669 2019-02-03 19:43:50 +00:00
Ilya Shipitsin
45c13c5409 disable cpu features on arm64, amrhf, s390x 
tested on launchpad
 2019-02-03 18:05:34 +05:00
Ilya Shipitsin
c253c55a8c
Merge pull request #862 from davidebeatrici/mayaqua-getcipherlist-double-free-fix 
Merge PR #862: Fix crashes in GetCipherList() and StGetServerCipherList()
 2019-01-29 19:31:57 +05:00
Ilya Shipitsin
ce6e49a3f9 release 5.01.9668 2019-01-27 07:49:56 +00:00
Davide Beatrici
8657955c92 Merge PR #867: Improve translations for inf file. 2019-01-24 01:42:25 +01:00
Davide Beatrici
a97b87da68 Cedar/Admin.c: fix segmentation fault caused by non-initialized string in StGetServerCipherList() 
StrCat() appends a string to an already existing string. In order to know where the existing string ends, it uses StrLen() which in turn uses strlen(), a function considered unsafe because it doesn't stop until it finds the null character.

Since the string was allocated but not initialized, StrCat() was either:

- Working correctly.
- Copying only a part of the string.
- Making the program crash via strlen().

The fix consists in using StrCpy(), which starts writing at the beginning of the string.
 2019-01-21 04:15:55 +01:00
Davide Beatrici
09ee19e72b Mayaqua/Network.c: fix double free crash in GetCipherList() 
SSL_free() also frees the associated context.

d6c3c1896c/ssl/ssl_lib.c (L1209)

From https://www.openssl.org/docs/man1.1.1/man3/SSL_free.html:

"SSL_free() also calls the free()ing procedures for indirectly affected items, if applicable: the buffering BIO, the read and write BIOs, cipher lists specially created for this ssl, the SSL_SESSION. Do not explicitly free these indirectly freed up items before or after calling SSL_free(), as trying to free things twice may lead to program failure."
 2019-01-21 04:14:47 +01:00
Umi
e939f887c4 Update vpninstall_cn.inf 2019-01-21 03:59:31 +01:00
Daiyuu Nobori
63c01ba736
Merge pull request #832 from dnobori/181202_switch_to_apache_license 
Switching license from GPLv2 to Apache License 2.0.
 2019-01-21 09:36:19 +09:00
Umi
bf493e359b
Update vpninstall_cn.inf 2019-01-19 16:56:15 +08:00
Daiyuu Nobori
881f34ac56 Compacting headers, updating trivial texts to fit to the license change from GPLv2 to Apache License 2.0. 2019-01-14 12:25:53 +09:00
Ilya Shipitsin
3bb0e20add src/Mayaqua/FileIO: remove unused function 
found by cppcheck

[src/Mayaqua/FileIO.c:2082]: (style) The function 'FileRename' is never used.
 2019-01-06 23:44:23 +05:00
Ilya Shipitsin
7f8e5b00dc src/Cedar/UT: remove unused function 
found by cppcheck

[src/Cedar/Proto_SSTP.c:126]: (style) The function 'SetNoSstp' is never used.
 2019-01-06 23:39:43 +05:00
Ilya Shipitsin
057984b87c src/Cedar/Proto_SSTP: remove unused function 
found by cppcheck

[src/Cedar/Proto_SSTP.c:126]: (style) The function 'SetNoSstp' is never used.
 2019-01-06 23:34:10 +05:00
Ilya Shipitsin
dcf5c57fc2 src/Cedar/Proto_IPsec" remove unused function 
found by cppcheck

[src/Cedar/Proto_IPsec.c:120]: (style) The function 'IPSecSetDisable' is never used.
 2019-01-06 23:31:29 +05:00
Ilya Shipitsin
162a181b04 src/Cedar/Protocol: remove unused function 
found by cppcheck

[src/Cedar/Protocol.c:6643]: (style) The function 'ProxyConnectEx' is never used.
 2019-01-06 23:22:08 +05:00
Ilya Shipitsin
8534f2843e src/Cedar/DDNS: remove unused function, variables 
found by cppcheck

[src/Cedar/DDNS.c:656]: (style) Condition 'ret==NULL' is always true
[src/Cedar/DDNS.c:515] -> [src/Cedar/DDNS.c:640]: (style) The expression 'use_https == false' is always true because 'use_https' and 'false' represent the same value.
[src/Cedar/DDNS.c:516] -> [src/Cedar/DDNS.c:648]: (style) The expression 'no_cert_verify == false' is always true because 'no_cert_verify' and 'false' represent the same value.
[src/Cedar/DDNS.c:816] -> [src/Cedar/DDNS.c:860]: (style) The expression 'no_cert_verify == false' is always true because 'no_cert_verify' and 'false' represent the same value.
[src/Cedar/DDNS.c:530]: (style) Variable 'use_vgs' is assigned a value that is never used.
[src/Cedar/DDNS.c:497]: (style) The function 'DCUpdateNow' is never used.
 2019-01-06 23:18:25 +05:00
Ilya Shipitsin
72bd221bb4 src/Cedar/Account: remove unused functions 
found by cppcheck

[src/Cedar/Account.c:523]: (style) The function 'GetUserPolicy' is never used.
[src/Cedar/Account.c:163]: (style) The function 'NormalizePolicyName' is never used.
 2019-01-06 18:53:18 +05:00
Ilya Shipitsin
266f013880 src/Cedar/Command: remove redundant assignment 
found by cppcheck

[src/Cedar/Command.c:23220] -> [src/Cedar/Command.c:23232]: (style) Variable 'len' is reassigned a value before the old one has been used.
 2019-01-06 18:49:56 +05:00
Ilya Shipitsin
9d4d111555 src/Cedar/CM: remove unused function, variables 
found by cppcheck

[src/Cedar/CM.c:4509]: (style) Variable 'easy' is assigned a value that is never used.
[src/Cedar/CM.c:4547]: (style) Variable 'hub_name' is assigned a value that is never used.
[src/Cedar/CM.c:4609]: (style) Variable 'is_account' is assigned a value that is never used.
[src/Cedar/CM.c:8545]: (style) The function 'CmLoadK' is never used.
 2019-01-06 18:43:51 +05:00
Ilya Shipitsin
4760b3d0c3 src/Cedar/AzureClient: remove unused function 
found by cppcheck

[src/Cedar/AzureClient.c:526]: (style) The function 'AcGetEnable' is never used.
 2019-01-06 18:34:04 +05:00
Davide Beatrici
d62421adcb Cedar: retrieve the list of available encryption algorithms from the server 2019-01-01 20:31:13 +01:00