Compare commits
9 Commits
0f612f1c5e
...
0639843809
| Author | SHA1 | Date |
|---|---|---|
Syuugo
|
0639843809 | |
Ilya Shipitsin
|
bc31a5cfd3 | |
Siddharth
|
68964ab0d7 | |
|
siddharth-narayan
|
bf3c50fde4 | |
|
Siddharth
|
b06486b37d | |
Syuugo
|
9a7e55b3e0 | |
|
siddharth-narayan
|
63ffab9ee4 | |
|
Siddharth
|
2fe4ca0f8c | |
|
Siddharth
|
a50d8910ba |
|
|
@ -8,15 +8,16 @@ on:
|
|||
|
||||
jobs:
|
||||
build:
|
||||
name: build
|
||||
name: Build
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
|
||||
- uses: actions/checkout@v1
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
submodules: true
|
||||
|
||||
- name: archive
|
||||
- name: Archive
|
||||
id: archive
|
||||
run: |
|
||||
VERSION=${{ github.event.release.tag_name }}
|
||||
|
|
@ -28,12 +29,8 @@ jobs:
|
|||
tar cJf $TARBALL $PKGNAME
|
||||
echo "tarball=$TARBALL" >> $GITHUB_OUTPUT
|
||||
|
||||
- name: upload tarball
|
||||
uses: actions/upload-release-asset@v1
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
- name: Upload tarball
|
||||
uses: softprops/action-gh-release@v2
|
||||
with:
|
||||
upload_url: ${{ github.event.release.upload_url }}
|
||||
asset_path: ./${{ steps.archive.outputs.tarball }}
|
||||
asset_name: ${{ steps.archive.outputs.tarball }}
|
||||
asset_content_type: application/gzip
|
||||
files: ./${{ steps.archive.outputs.tarball }}
|
||||
name: ${{ steps.archive.outputs.tarball }}
|
||||
|
|
|
|||
|
|
@ -1,4 +1,3 @@
|
|||
|
||||
name: Coverity
|
||||
|
||||
on:
|
||||
|
|
@ -10,28 +9,36 @@ permissions:
|
|||
|
||||
jobs:
|
||||
scan:
|
||||
name: Scan
|
||||
runs-on: ubuntu-latest
|
||||
if: ${{ github.repository_owner == 'SoftEtherVPN' }}
|
||||
if: github.repository_owner == 'SoftEtherVPN'
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
submodules: true
|
||||
|
||||
- name: Install apt dependencies
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install -y cmake gcc g++ libncurses5-dev libreadline-dev libssl-dev make zlib1g-dev libsodium-dev
|
||||
|
||||
- name: Download Coverity build tool
|
||||
run: |
|
||||
wget -c -N https://scan.coverity.com/download/linux64 --post-data "token=${{ secrets.COVERITY_SCAN_TOKEN }}&project=SoftEtherVPN%2FSoftEtherVPN" -O coverity_tool.tar.gz
|
||||
mkdir coverity_tool
|
||||
tar xzf coverity_tool.tar.gz --strip 1 -C coverity_tool
|
||||
|
||||
- name: Configure
|
||||
run: |
|
||||
./configure
|
||||
|
||||
- name: Build with Coverity build tool
|
||||
run: |
|
||||
export PATH=`pwd`/coverity_tool/bin:$PATH
|
||||
cov-build --dir cov-int make -C build
|
||||
|
||||
- name: Submit build result to Coverity Scan
|
||||
run: |
|
||||
tar czvf cov.tar.gz cov-int
|
||||
|
|
|
|||
|
|
@ -19,15 +19,18 @@ jobs:
|
|||
container:
|
||||
image: fedora:rawhide
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
with:
|
||||
submodules: true
|
||||
|
||||
- name: Install dependencies
|
||||
run: |
|
||||
dnf -y install git cmake ncurses-devel openssl-devel libsodium-devel readline-devel zlib-devel gcc-c++ clang
|
||||
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
submodules: true
|
||||
|
||||
- name: Compile with ${{ matrix.cc }}
|
||||
run: |
|
||||
export CC=${{ matrix.cc }}
|
||||
./configure
|
||||
make -C build
|
||||
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
name: Linux
|
||||
on: [push, pull_request]
|
||||
|
||||
permissions:
|
||||
|
|
@ -5,14 +6,16 @@ permissions:
|
|||
|
||||
jobs:
|
||||
build_and_test:
|
||||
name: Build
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
submodules: true
|
||||
|
||||
- name: Install dependencies
|
||||
run: sudo apt update && sudo apt-get -y install cmake gcc g++ ninja-build libncurses5-dev libreadline-dev libsodium-dev libssl-dev make zlib1g-dev liblz4-dev libnl-genl-3-dev
|
||||
run: sudo apt-get update && sudo apt-get -y install cmake gcc g++ ninja-build libncurses5-dev libreadline-dev libsodium-dev libssl-dev make zlib1g-dev liblz4-dev libnl-genl-3-dev
|
||||
|
||||
- name: Build
|
||||
run: |
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
name: macOS
|
||||
on: [push, pull_request, workflow_dispatch]
|
||||
|
||||
permissions:
|
||||
|
|
@ -11,18 +12,21 @@ jobs:
|
|||
name: ${{ matrix.os }}
|
||||
runs-on: ${{ matrix.os }}
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
submodules: true
|
||||
|
||||
- name: Install dependencies
|
||||
run: |
|
||||
brew install libsodium
|
||||
|
||||
- name: Compile
|
||||
run: |
|
||||
./configure
|
||||
make -C build
|
||||
|
||||
- name: Test
|
||||
run: |
|
||||
otool -L build/vpnserver
|
||||
.ci/memory-leak-test.sh
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
name: alpine/musl
|
||||
name: Alpine/musl
|
||||
|
||||
on: [push, pull_request]
|
||||
|
||||
|
|
@ -7,17 +7,22 @@ permissions:
|
|||
|
||||
jobs:
|
||||
musl:
|
||||
name: gcc
|
||||
runs-on: ubuntu-latest
|
||||
container:
|
||||
image: alpine:latest
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
with:
|
||||
submodules: true
|
||||
name: gcc
|
||||
runs-on: ubuntu-latest
|
||||
container:
|
||||
image: alpine:latest
|
||||
steps:
|
||||
|
||||
- name: Install dependencies
|
||||
run: apk add binutils --no-cache build-base readline-dev openssl-dev ncurses-dev git cmake zlib-dev libsodium-dev gnu-libiconv
|
||||
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
submodules: true
|
||||
|
||||
- name: Configure
|
||||
run: ./configure
|
||||
|
||||
- name: make
|
||||
run: make -C build
|
||||
run: make -C build
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
name: STB Check
|
||||
on: [push, pull_request]
|
||||
|
||||
permissions:
|
||||
|
|
@ -5,12 +6,16 @@ permissions:
|
|||
|
||||
jobs:
|
||||
check:
|
||||
name: Check
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
submodules: true
|
||||
|
||||
- name: Check
|
||||
run: |
|
||||
cd developer_tools/stbchecker
|
||||
dotnet run ../../src/bin/hamcore
|
||||
dotnet run ../../src/bin/hamcore
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
name: Windows
|
||||
on: [push, pull_request]
|
||||
|
||||
permissions:
|
||||
|
|
@ -14,19 +15,24 @@ jobs:
|
|||
runs-on: windows-latest
|
||||
name: ${{ matrix.platform.ARCHITECTURE }}
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
submodules: true
|
||||
|
||||
- name: Cache vcpkg
|
||||
uses: actions/cache@v4
|
||||
with:
|
||||
path: 'build/vcpkg_installed/'
|
||||
key: vcpkg-${{ matrix.platform.VCPKG_TRIPLET }}
|
||||
|
||||
- name: Set version variables
|
||||
run: |
|
||||
$v = python version.py
|
||||
echo "VERSION=$v" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
|
||||
shell: pwsh
|
||||
|
||||
- name: Build
|
||||
env:
|
||||
ARCHITECTURE: ${{ matrix.platform.ARCHITECTURE }}
|
||||
|
|
@ -44,11 +50,14 @@ jobs:
|
|||
vpnsetup /SFXMODE:vpnclient /SFXOUT:"installers\softether-vpnclient-%VERSION%.%BUILD_NUMBER%.%ARCHITECTURE%.exe"
|
||||
vpnsetup /SFXMODE:vpnserver_vpnbridge /SFXOUT:"installers\softether-vpnserver_vpnbridge-%VERSION%.%BUILD_NUMBER%.%ARCHITECTURE%.exe"
|
||||
shell: cmd
|
||||
|
||||
- name: Test
|
||||
shell: powershell
|
||||
run: |
|
||||
. .ci/appveyor-vpntest.ps1
|
||||
- uses: actions/upload-artifact@v4
|
||||
|
||||
- name: Upload built binaries
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
if-no-files-found: error
|
||||
name: Binaries-${{ matrix.platform.ARCHITECTURE }}
|
||||
|
|
@ -56,8 +65,10 @@ jobs:
|
|||
build/*.exe
|
||||
build/*.pdb
|
||||
build/*.se2
|
||||
- uses: actions/upload-artifact@v4
|
||||
|
||||
- name: Upload installers
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
if-no-files-found: error
|
||||
name: Installers-${{ matrix.platform.ARCHITECTURE }}
|
||||
path: build/installers
|
||||
path: build/installers
|
||||
|
|
|
|||
|
|
@ -14,16 +14,19 @@ permissions:
|
|||
|
||||
jobs:
|
||||
release:
|
||||
name: Release
|
||||
runs-on: windows-latest
|
||||
outputs:
|
||||
upload_url: "${{ steps.create_release.outputs.upload_url }}"
|
||||
steps:
|
||||
|
||||
- name: "Checkout repository"
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: "Create GitHub release"
|
||||
id: create_release
|
||||
uses: softprops/action-gh-release@v1
|
||||
uses: softprops/action-gh-release@v2
|
||||
|
||||
build-windows:
|
||||
name: ${{ matrix.platform.ARCHITECTURE }}
|
||||
runs-on: windows-latest
|
||||
|
|
@ -35,15 +38,18 @@ jobs:
|
|||
{ ARCHITECTURE: x64, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/x64/bin/clang-cl.exe", VCPKG_TRIPLET: "x64-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars64.bat"}
|
||||
]
|
||||
steps:
|
||||
|
||||
- name: "Checkout repository"
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
submodules: true
|
||||
|
||||
- name: Cache vcpkg
|
||||
uses: actions/cache@v4
|
||||
with:
|
||||
path: 'build/vcpkg_installed/'
|
||||
key: vcpkg-release-${{ matrix.platform.VCPKG_TRIPLET }}
|
||||
|
||||
- name: Set version variables
|
||||
run: |
|
||||
$b=(Get-Content CMakeSettings.json | Out-String | ConvertFrom-Json).environments.BuildNumber
|
||||
|
|
@ -51,6 +57,7 @@ jobs:
|
|||
$v = python version.py
|
||||
echo "VERSION=$v" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
|
||||
shell: pwsh
|
||||
|
||||
- name: Build
|
||||
env:
|
||||
ARCHITECTURE: ${{ matrix.platform.ARCHITECTURE }}
|
||||
|
|
@ -68,27 +75,19 @@ jobs:
|
|||
vpnsetup /SFXMODE:vpnserver_vpnbridge /SFXOUT:"installers\softether-vpnserver_vpnbridge-%VERSION%.%BUILD_NUMBER%.%ARCHITECTURE%.exe"
|
||||
shell: cmd
|
||||
|
||||
- name: dir
|
||||
- name: Show directory items
|
||||
run: |
|
||||
Get-ChildItem -Recurse build/installers
|
||||
shell: pwsh
|
||||
|
||||
- name: "Upload softether-vpnclient"
|
||||
uses: actions/upload-release-asset@v1
|
||||
env:
|
||||
GITHUB_TOKEN: "${{ github.token }}"
|
||||
uses: softprops/action-gh-release@v2
|
||||
with:
|
||||
upload_url: "${{ needs.release.outputs.upload_url }}"
|
||||
asset_path: "build/installers/softether-vpnclient-${{ env.VERSION }}.${{ env.BUILD_NUMBER }}.${{ matrix.platform.ARCHITECTURE }}.exe"
|
||||
asset_name: "softether-vpnclient-${{ env.VERSION }}.${{ env.BUILD_NUMBER }}.${{ matrix.platform.ARCHITECTURE }}.exe"
|
||||
asset_content_type: "application/octet-stream"
|
||||
files: "build/installers/softether-vpnclient-${{ env.VERSION }}.${{ env.BUILD_NUMBER }}.${{ matrix.platform.ARCHITECTURE }}.exe"
|
||||
name: "softether-vpnclient-${{ env.VERSION }}.${{ env.BUILD_NUMBER }}.${{ matrix.platform.ARCHITECTURE }}.exe"
|
||||
|
||||
- name: "Upload softether-vpnserver_vpnbridge"
|
||||
uses: actions/upload-release-asset@v1
|
||||
env:
|
||||
GITHUB_TOKEN: "${{ github.token }}"
|
||||
uses: softprops/action-gh-release@v2
|
||||
with:
|
||||
upload_url: "${{ needs.release.outputs.upload_url }}"
|
||||
asset_path: "build/installers/softether-vpnserver_vpnbridge-${{ env.VERSION }}.${{ env.BUILD_NUMBER }}.${{ matrix.platform.ARCHITECTURE }}.exe"
|
||||
asset_name: "softether-vpnserver_vpnbridge-${{ env.VERSION }}.${{ env.BUILD_NUMBER }}.${{ matrix.platform.ARCHITECTURE }}.exe"
|
||||
asset_content_type: "application/octet-stream"
|
||||
|
||||
files: "build/installers/softether-vpnserver_vpnbridge-${{ env.VERSION }}.${{ env.BUILD_NUMBER }}.${{ matrix.platform.ARCHITECTURE }}.exe"
|
||||
name: "softether-vpnserver_vpnbridge-${{ env.VERSION }}.${{ env.BUILD_NUMBER }}.${{ matrix.platform.ARCHITECTURE }}.exe"
|
||||
|
|
|
|||
|
|
@ -88,6 +88,7 @@ int ssl_clientcert_index = 0;
|
|||
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
static OSSL_PROVIDER *ossl_provider_legacy = NULL;
|
||||
static OSSL_PROVIDER *ossl_provider_default = NULL;
|
||||
static OSSL_PROVIDER *ossl_provider_oqsprovider = NULL;
|
||||
#endif
|
||||
|
||||
LOCK **ssl_lock_obj = NULL;
|
||||
|
|
@ -3974,6 +3975,12 @@ void FreeCryptLibrary()
|
|||
OSSL_PROVIDER_unload(ossl_provider_legacy);
|
||||
ossl_provider_legacy = NULL;
|
||||
}
|
||||
|
||||
if (ossl_provider_oqsprovider != NULL)
|
||||
{
|
||||
OSSL_PROVIDER_unload(ossl_provider_oqsprovider);
|
||||
ossl_provider_oqsprovider = NULL;
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
||||
|
|
@ -3996,6 +4003,7 @@ void InitCryptLibrary()
|
|||
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
ossl_provider_default = OSSL_PROVIDER_load(NULL, "legacy");
|
||||
ossl_provider_legacy = OSSL_PROVIDER_load(NULL, "default");
|
||||
ossl_provider_oqsprovider = OSSL_PROVIDER_load(NULL, "oqsprovider");
|
||||
#endif
|
||||
|
||||
ssl_clientcert_index = SSL_get_ex_new_index(0, "struct SslClientCertInfo *", NULL, NULL, NULL);
|
||||
|
|
|
|||
|
|
@ -11905,6 +11905,10 @@ bool StartSSLEx3(SOCK *sock, X *x, K *priv, LIST *chain, UINT ssl_timeout, char
|
|||
Unlock(openssl_lock);
|
||||
}
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
SSL_set1_groups_list(sock->ssl, PQ_GROUP_LIST);
|
||||
#endif
|
||||
|
||||
if (sock->ServerMode)
|
||||
{
|
||||
// Lock(ssl_connect_lock);
|
||||
|
|
@ -11984,7 +11988,7 @@ bool StartSSLEx3(SOCK *sock, X *x, K *priv, LIST *chain, UINT ssl_timeout, char
|
|||
// Unlock(ssl_connect_lock);
|
||||
}
|
||||
else
|
||||
{
|
||||
{
|
||||
prev_timeout = GetTimeout(sock);
|
||||
SetTimeout(sock, ssl_timeout);
|
||||
// Client mode
|
||||
|
|
|
|||
|
|
@ -59,6 +59,10 @@ struct DYN_VALUE
|
|||
|
||||
#define DEFAULT_CIPHER_LIST "ECDHE+AESGCM:ECDHE+CHACHA20:DHE+AESGCM:DHE+CHACHA20:ECDHE+AES256:DHE+AES256:RSA+AES"
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
#define PQ_GROUP_LIST "p521_kyber1024:x25519_kyber768:P-521:X25519:P-256"
|
||||
#endif
|
||||
|
||||
// SSL logging function
|
||||
//#define ENABLE_SSL_LOGGING
|
||||
#define SSL_LOGGING_DIRNAME "@ssl_log"
|
||||
|
|
|
|||
Loading…
Reference in New Issue