mirror of
https://github.com/SoftEtherVPN/SoftEtherVPN.git
synced 2026-05-31 01:38:35 +03:00
Compare commits
11 Commits
193ebdba12
..
master
| Author | SHA1 | Date | |
|---|---|---|---|
 Ilya Shipitsin
|
d9f46760ff | ||
|
Ilia Shipitsin
|
c7bfb30f2a | ||
|
Ilya Shipitsin
|
597cdab464 | ||
|
Ilya Shipitsin
|
7bb19486b8 | ||
 dependabot[bot]
|
f67769bb8c | ||
|
dependabot[bot]
|
50d740a802 | ||
|
Ilya Shipitsin
|
41c85953c1 | ||
 Koichiro Iwao
|
d77c258dac | ||
|
Koichiro Iwao
|
7bb2a6753a | ||
|
Ilya Shipitsin
|
cf559617b1 | ||
 Evengard
|
11fa0a4891 |
-25
@@ -1,25 +0,0 @@
|
||||
FreeBSD_task:
|
||||
matrix:
|
||||
env:
|
||||
SSL: openssl
|
||||
OPENSSL_ROOT_DIR: /usr/local
|
||||
env:
|
||||
SSL: openssl36
|
||||
OPENSSL_ROOT_DIR: /usr/local
|
||||
env:
|
||||
# base openssl
|
||||
SSL:
|
||||
matrix:
|
||||
freebsd_instance:
|
||||
image_family: freebsd-14-3
|
||||
prepare_script:
|
||||
- pkg install -y pkgconf cmake git libsodium cpu_features $SSL
|
||||
- git submodule update --init --recursive
|
||||
configure_script:
|
||||
- CMAKE_FLAGS="-DUSE_SYSTEM_CPU_FEATURES=1" CFLAGS="-I/usr/local/include/cpu_features" ./configure
|
||||
build_script:
|
||||
- make -j $(sysctl -n hw.ncpu || echo 4) -C build
|
||||
test_script:
|
||||
- ldd build/vpnserver
|
||||
- .ci/memory-leak-test.sh
|
||||
- .ci/vpntools-check.sh
|
||||
@@ -0,0 +1,39 @@
|
||||
name: FreeBSD
|
||||
|
||||
on: [push, pull_request]
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
build_and_test:
|
||||
runs-on: ubuntu-latest
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
include:
|
||||
- ssl: openssl # currently 3.0
|
||||
openssl_root_dir: /usr/local
|
||||
- ssl: openssl36
|
||||
openssl_root_dir: /usr/local
|
||||
- ssl: # base openssl
|
||||
openssl_root_dir:
|
||||
name: FreeBSD with ${{ matrix.ssl || 'base openssl' }}
|
||||
env:
|
||||
SSL: ${{ matrix.ssl }}
|
||||
OPENSSL_ROOT_DIR: ${{ matrix.openssl_root_dir }}
|
||||
steps:
|
||||
- uses: actions/checkout@v6
|
||||
with:
|
||||
submodules: true
|
||||
- uses: vmactions/freebsd-vm@v1
|
||||
with:
|
||||
envs: 'OPENSSL_ROOT_DIR SSL'
|
||||
prepare: |
|
||||
pkg install -y $SSL pkgconf cmake git libsodium cpu_features
|
||||
run: |
|
||||
CMAKE_FLAGS="-DUSE_SYSTEM_CPU_FEATURES=1" CFLAGS="-I/usr/local/include/cpu_features" ./configure
|
||||
make -j $(nproc || echo 4) -C build
|
||||
ldd build/vpnserver
|
||||
.ci/memory-leak-test.sh
|
||||
.ci/vpntools-check.sh
|
||||
@@ -31,9 +31,9 @@ jobs:
|
||||
strategy:
|
||||
matrix:
|
||||
platform: [
|
||||
{ ARCHITECTURE: x86, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/bin/clang-cl.exe", VCPKG_TRIPLET: "x86-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars32.bat", RUNNER: "windows-latest", CMAKE_EXTRA_FLAGS: ""},
|
||||
{ ARCHITECTURE: x64, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/x64/bin/clang-cl.exe", VCPKG_TRIPLET: "x64-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars64.bat", RUNNER: "windows-latest", CMAKE_EXTRA_FLAGS: ""},
|
||||
{ ARCHITECTURE: arm64, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/ARM64/bin/clang-cl.exe", VCPKG_TRIPLET: "arm64-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvarsarm64.bat", RUNNER: "windows-11-arm", CMAKE_EXTRA_FLAGS: "-DOQS_PERMIT_UNSUPPORTED_ARCHITECTURE=ON"}
|
||||
{ ARCHITECTURE: x86, VCPKG_TRIPLET: "x86-windows-static", RUNNER: "windows-latest", CMAKE_EXTRA_FLAGS: ""},
|
||||
{ ARCHITECTURE: x64, VCPKG_TRIPLET: "x64-windows-static", RUNNER: "windows-latest", CMAKE_EXTRA_FLAGS: ""},
|
||||
{ ARCHITECTURE: arm64, VCPKG_TRIPLET: "arm64-windows-static", RUNNER: "windows-11-arm", CMAKE_EXTRA_FLAGS: "-DOQS_PERMIT_UNSUPPORTED_ARCHITECTURE=ON"}
|
||||
]
|
||||
steps:
|
||||
- name: "Checkout repository"
|
||||
@@ -55,13 +55,32 @@ jobs:
|
||||
- name: Build
|
||||
env:
|
||||
ARCHITECTURE: ${{ matrix.platform.ARCHITECTURE }}
|
||||
COMPILER_PATH: ${{ matrix.platform.COMPILER_PATH }}
|
||||
VCPKG_TRIPLET: ${{ matrix.platform.VCPKG_TRIPLET }}
|
||||
VCVARS_PATH: ${{ matrix.platform.VCVARS_PATH }}
|
||||
CMAKE_EXTRA_FLAGS: ${{ matrix.platform.CMAKE_EXTRA_FLAGS }}
|
||||
run: |
|
||||
mkdir build
|
||||
cd build
|
||||
|
||||
for /f "usebackq delims=" %%i in (`"%ProgramFiles(x86)%\Microsoft Visual Studio\Installer\vswhere.exe" -latest -products * -property installationPath`) do set "VSINSTALL=%%i"
|
||||
if "%VSINSTALL%"=="" (
|
||||
echo Visual Studio installation was not found.
|
||||
exit /b 1
|
||||
)
|
||||
|
||||
if /i "%ARCHITECTURE%"=="x86" (
|
||||
set "VCVARS_PATH=%VSINSTALL%\VC\Auxiliary\Build\vcvars32.bat"
|
||||
set "COMPILER_PATH=%VSINSTALL%\VC\Tools\Llvm\bin\clang-cl.exe"
|
||||
) else if /i "%ARCHITECTURE%"=="x64" (
|
||||
set "VCVARS_PATH=%VSINSTALL%\VC\Auxiliary\Build\vcvars64.bat"
|
||||
set "COMPILER_PATH=%VSINSTALL%\VC\Tools\Llvm\x64\bin\clang-cl.exe"
|
||||
) else if /i "%ARCHITECTURE%"=="arm64" (
|
||||
set "VCVARS_PATH=%VSINSTALL%\VC\Auxiliary\Build\vcvarsarm64.bat"
|
||||
set "COMPILER_PATH=%VSINSTALL%\VC\Tools\Llvm\ARM64\bin\clang-cl.exe"
|
||||
) else (
|
||||
echo Unsupported architecture: %ARCHITECTURE%
|
||||
exit /b 1
|
||||
)
|
||||
|
||||
call "%VCVARS_PATH%"
|
||||
cmake -G "Ninja" -DCMAKE_TOOLCHAIN_FILE="C:\vcpkg\scripts\buildsystems\vcpkg.cmake" -DVCPKG_TARGET_TRIPLET=%VCPKG_TRIPLET% -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_C_COMPILER="%COMPILER_PATH%" -DCMAKE_CXX_COMPILER="%COMPILER_PATH%" -DBUILD_NUMBER=%BUILD_NUMBER% %CMAKE_EXTRA_FLAGS% ..
|
||||
cmake --build .
|
||||
|
||||
Generated
+3
-3
@@ -759,9 +759,9 @@
|
||||
"peer": true
|
||||
},
|
||||
"node_modules/fast-uri": {
|
||||
"version": "3.1.0",
|
||||
"resolved": "https://registry.npmjs.org/fast-uri/-/fast-uri-3.1.0.tgz",
|
||||
"integrity": "sha512-iPeeDKJSWf4IEOasVVrknXpaBV0IApz/gp7S2bb7Z4Lljbl2MGJRqInZiUrQwV16cpzw/D3S5j5Julj/gT52AA==",
|
||||
"version": "3.1.2",
|
||||
"resolved": "https://registry.npmjs.org/fast-uri/-/fast-uri-3.1.2.tgz",
|
||||
"integrity": "sha512-rVjf7ArG3LTk+FS6Yw81V1DLuZl1bRbNrev6Tmd/9RaroeeRRJhAt7jg/6YFxbvAQXUCavSoZhPPj6oOx+5KjQ==",
|
||||
"dev": true,
|
||||
"funding": [
|
||||
{
|
||||
|
||||
@@ -3615,6 +3615,8 @@ bool PPPProcessEAPTlsResponse(PPP_SESSION *p, PPP_EAP *eap_packet, UINT eapSize)
|
||||
dataBuffer = eap_packet->Tls.TlsDataWithLength.Data;
|
||||
dataSize -= 4;
|
||||
tlsLength = Endian32(eap_packet->Tls.TlsDataWithLength.TlsLength);
|
||||
// Let's just clamp it to a safe size to avoid DoS (GHSA-q5g3-qhc6-pr3h)
|
||||
tlsLength = MIN(tlsLength, PPP_MRU_MAX * 10);
|
||||
}
|
||||
/*Debug("=======RECV EAP-TLS PACKET DUMP=======\n");
|
||||
for (i = 0; i < dataSize; i++)
|
||||
@@ -3659,10 +3661,13 @@ bool PPPProcessEAPTlsResponse(PPP_SESSION *p, PPP_EAP *eap_packet, UINT eapSize)
|
||||
sizeLeft = GetMemSize(p->Eap_TlsCtx.CachedBufferRecv);
|
||||
sizeLeft -= (UINT)(p->Eap_TlsCtx.CachedBufferRecvPntr - p->Eap_TlsCtx.CachedBufferRecv);
|
||||
|
||||
if (sizeLeft > 0)
|
||||
{
|
||||
Copy(p->Eap_TlsCtx.CachedBufferRecvPntr, dataBuffer, MIN(sizeLeft, dataSize));
|
||||
|
||||
p->Eap_TlsCtx.CachedBufferRecvPntr += MIN(sizeLeft, dataSize);
|
||||
}
|
||||
}
|
||||
|
||||
// If we got a cached buffer, we should feed the FIFOs via it
|
||||
if (p->Eap_TlsCtx.CachedBufferRecv != NULL)
|
||||
@@ -3783,6 +3788,8 @@ bool PPPProcessEAPTlsResponse(PPP_SESSION *p, PPP_EAP *eap_packet, UINT eapSize)
|
||||
}
|
||||
AcUnlock(hub);
|
||||
ReleaseHub(hub);
|
||||
// Making sure the stale pntr is cleared and can't be reused (GHSA-7437-282p-7465)
|
||||
hub = NULL;
|
||||
}
|
||||
|
||||
if (found == false)
|
||||
@@ -3790,8 +3797,6 @@ bool PPPProcessEAPTlsResponse(PPP_SESSION *p, PPP_EAP *eap_packet, UINT eapSize)
|
||||
PPP_PACKET* pack;
|
||||
UINT identificator = p->Eap_PacketId;
|
||||
|
||||
ReleaseHub(hub);
|
||||
|
||||
PPPSetStatus(p, PPP_STATUS_AUTH_FAIL);
|
||||
|
||||
pack = ZeroMalloc(sizeof(PPP_PACKET));
|
||||
|
||||
+3
-3
@@ -838,9 +838,9 @@
|
||||
"license": "MIT"
|
||||
},
|
||||
"node_modules/fast-uri": {
|
||||
"version": "3.1.0",
|
||||
"resolved": "https://registry.npmjs.org/fast-uri/-/fast-uri-3.1.0.tgz",
|
||||
"integrity": "sha512-iPeeDKJSWf4IEOasVVrknXpaBV0IApz/gp7S2bb7Z4Lljbl2MGJRqInZiUrQwV16cpzw/D3S5j5Julj/gT52AA==",
|
||||
"version": "3.1.2",
|
||||
"resolved": "https://registry.npmjs.org/fast-uri/-/fast-uri-3.1.2.tgz",
|
||||
"integrity": "sha512-rVjf7ArG3LTk+FS6Yw81V1DLuZl1bRbNrev6Tmd/9RaroeeRRJhAt7jg/6YFxbvAQXUCavSoZhPPj6oOx+5KjQ==",
|
||||
"dev": true,
|
||||
"funding": [
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user