Merge pull request #1980 from Alexey-I/master

OpenVPN certificate authorization with cn_username in 'email' format

.appveyor.yml

@@ -1,33 +0,0 @@
-version: '{build}'
-
-image: Ubuntu2004
-
-configuration: Release
-
-skip_branch_with_pr: true
-clone_depth: 1
-
-skip_commits:
-  files:
-    - .travis.yml
-    - .gitlab-ci.yml
-    - .azure-pipelines.yml
-    - .cirrus.yml
-
-init:
-  - ps: Update-AppveyorBuild -Version "build-$env:APPVEYOR_BUILD_NUMBER-$($env:APPVEYOR_REPO_COMMIT.substring(0,7))"
-
-install:
-  - sudo apt-get -y install libsodium-dev libcap-ng-dev
-before_build:
-  - git submodule update --init --recursive
-  - ./configure
-build_script:
-  - make package -C build -j $(nproc || sysctl -n hw.ncpu || echo 4)
-  - .ci/memory-leak-test.sh
-test_script:
-  - .ci/appveyor-deb-install-test.sh
-  - sudo apt-get update && sudo apt-get -y install autoconf libtool liblzo2-dev libpam-dev fping unzip liblz4-dev libnl-genl-3-dev # openvpn build deps
-  - sudo .ci/start-se-openvpn.sh
-  - sudo .ci/run-openvpn-tests.sh
-

.azure-pipelines.yml

@@ -1,4 +0,0 @@
-jobs:
-  - template: .ci/azure-pipelines/linux.yml
-  - template: .ci/azure-pipelines/windows.yml
-  - template: .ci/azure-pipelines/macos.yml

.ci/azure-pipelines/linux.yml

@@ -1,20 +0,0 @@
-jobs:
-- job: Ubuntu_x64
-  pool:
-    vmImage: ubuntu-22.04
-  steps:
-  - checkout: self
-    submodules: true
-    persistCredentials: true
-  - script: sudo apt update && sudo apt-get -y install cmake gcc g++ ninja-build libncurses5-dev libreadline-dev libsodium-dev libssl-dev make zlib1g-dev liblz4-dev libnl-genl-3-dev
-    displayName: 'Prepare environment'
-  - script: "$(Build.SourcesDirectory)/.ci/azure-pipelines/linux_build.sh"
-    env:
-      SE_BUILD_NUMBER_TOKEN: $(BUILD_NUMBER_TOKEN)
-    displayName: 'Build'
-  - script: |
-      .ci/appveyor-deb-install-test.sh
-      sudo apt-get -y install autoconf libtool liblzo2-dev libpam-dev fping unzip libcap-ng-dev # To build OpenVPN
-      sudo BUILD_BINARIESDIRECTORY=$BUILD_BINARIESDIRECTORY .ci/start-se-openvpn.sh
-      sudo BUILD_BINARIESDIRECTORY=$BUILD_BINARIESDIRECTORY .ci/run-openvpn-tests.sh
-    displayName: 'Test'

.ci/azure-pipelines/macos.yml

@@ -1,14 +0,0 @@
-jobs:
-- job: macOS
-  pool:
-    vmImage: macOS-latest
-  steps:
-  - checkout: self
-    submodules: true
-    persistCredentials: true
-  - script: brew install pkg-config cmake ninja ncurses readline libsodium openssl zlib
-    displayName: 'Prepare environment'
-  - script: '$(Build.SourcesDirectory)/.ci/azure-pipelines/macos_build.sh'
-    env:
-      SE_BUILD_NUMBER_TOKEN: $(BUILD_NUMBER_TOKEN)
-    displayName: 'Build'

.ci/azure-pipelines/windows-steps.yml

@@ -1,41 +0,0 @@
-parameters:
-- name: architecture
-  type: string
-- name: compilerPath
-  type: string
-- name: vcpkgTriplet
-  type: string
-- name: vcvarsPath
-  type: string
-
-steps:
-- task: Cache@2
-  inputs:
-    key: '"vcpkg-manifest" | "$(Agent.OS)" | "${{parameters.vcpkgTriplet}}" | C:/vcpkg/.git/refs/heads/master'
-    path: '$(Build.BinariesDirectory)/vcpkg_installed'
-  displayName: 'Environment storage'
-- script: '$(Build.SourcesDirectory)/.ci/azure-pipelines/windows_build.bat'
-  env:
-    ARCHITECTURE: ${{parameters.architecture}}
-    COMPILER_PATH: ${{parameters.compilerPath}}
-    VCPKG_TRIPLET: ${{parameters.vcpkgTriplet}}
-    VCVARS_PATH: ${{parameters.vcvarsPath}}
-    SE_BUILD_NUMBER_TOKEN: $(BUILD_NUMBER_TOKEN)
-  displayName: 'Build'
-- powershell: |
-    . .ci/appveyor-vpntest.ps1
-  displayName: 'Test'
-- task: CopyFiles@2
-  inputs:
-    sourceFolder: '$(Build.BinariesDirectory)'
-    contents: '?(*.exe|*.se2|*.pdb)'
-    TargetFolder: '$(Build.StagingDirectory)/binaries/${{parameters.architecture}}'
-    flattenFolders: true
-- task: PublishBuildArtifacts@1
-  inputs:
-    pathtoPublish: '$(Build.StagingDirectory)/binaries/${{parameters.architecture}}'
-    artifactName: 'Binaries_${{parameters.architecture}}'
-- task: PublishBuildArtifacts@1
-  inputs:
-    pathtoPublish: '$(Build.StagingDirectory)/installers'
-    artifactName: 'Installers'

.ci/azure-pipelines/windows.yml

@@ -1,27 +0,0 @@
-jobs:
-- job: Windows_x64
-  pool:
-    vmImage: windows-latest
-  steps:
-  - checkout: self
-    submodules: true
-    persistCredentials: true
-  - template: "windows-steps.yml"
-    parameters:
-      architecture: "x64"
-      compilerPath: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/x64/bin/clang-cl.exe"
-      vcpkgTriplet: "x64-windows-static"
-      vcvarsPath: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars64.bat"
-- job: Windows_x86
-  pool:
-    vmImage: windows-latest
-  steps:
-  - checkout: self
-    submodules: true
-    persistCredentials: true
-  - template: "windows-steps.yml"
-    parameters:
-      architecture: "x86"
-      compilerPath: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/bin/clang-cl.exe"
-      vcpkgTriplet: "x86-windows-static"
-      vcvarsPath: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars32.bat"

.ci/azure-pipelines/windows_build.bat

@@ -14,6 +14,12 @@ if %SE_BUILD_NUMBER_TOKEN_LENGTH% equ 64 (
 	set BUILD_NUMBER=0
 )
 
+
+if "%BUILD_BINARIESDIRECTORY%"=="" (set BUILD_BINARIESDIRECTORY=build)
+if "%BUILD_SOURCESDIRECTORY%"=="" (set BUILD_SOURCESDIRECTORY=%cd%)
+
+if not exist %BUILD_BINARIESDIRECTORY% mkdir %BUILD_BINARIESDIRECTORY%
+
 cd %BUILD_BINARIESDIRECTORY%
 
 call "%VCVARS_PATH%"
@@ -21,6 +27,7 @@ call "%VCVARS_PATH%"
 cmake -G "Ninja" -DCMAKE_TOOLCHAIN_FILE="C:\vcpkg\scripts\buildsystems\vcpkg.cmake" -DVCPKG_TARGET_TRIPLET=%VCPKG_TRIPLET% -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_C_COMPILER="%COMPILER_PATH%" -DCMAKE_CXX_COMPILER="%COMPILER_PATH%" -DBUILD_NUMBER=%BUILD_NUMBER% "%BUILD_SOURCESDIRECTORY%"
 cmake --build .
 
+if "%BUILD_STAGINGDIRECTORY%"=="" (set BUILD_STAGINGDIRECTORY=%cd%)
 mkdir "%BUILD_STAGINGDIRECTORY%\installers"
 vpnsetup /SFXMODE:vpnclient /SFXOUT:"%BUILD_STAGINGDIRECTORY%\installers\softether-vpnclient-%VERSION%.%BUILD_NUMBER%.%ARCHITECTURE%.exe"
 vpnsetup /SFXMODE:vpnserver_vpnbridge /SFXOUT:"%BUILD_STAGINGDIRECTORY%\installers\softether-vpnserver_vpnbridge-%VERSION%.%BUILD_NUMBER%.%ARCHITECTURE%.exe"

.github/workflows/linux.yml

@@ -0,0 +1,34 @@
+on: [push, pull_request]
+
+permissions:
+  contents: read
+
+jobs:
+  build_and_test:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        submodules: true
+
+    - name: Install dependencies
+      run: sudo apt update && sudo apt-get -y install cmake gcc g++ ninja-build libncurses5-dev libreadline-dev libsodium-dev libssl-dev make zlib1g-dev liblz4-dev libnl-genl-3-dev 
+
+    - name: Build
+      run: |
+        mkdir build
+        cd build
+        cmake -G "Ninja" -DCMAKE_BUILD_TYPE=RelWithDebInfo ..
+        cmake --build .
+
+    - name: Build deb packages
+      run: |
+        cd build
+        cpack -C Release -G DEB 
+
+    - name: Test
+      run: |
+       .ci/appveyor-deb-install-test.sh
+       sudo apt-get -y install autoconf libtool liblzo2-dev libpam-dev fping unzip libcap-ng-dev # To build OpenVPN
+       sudo .ci/start-se-openvpn.sh
+       sudo .ci/run-openvpn-tests.sh

.github/workflows/windows.yml

@@ -0,0 +1,48 @@
+on: [push, pull_request]
+
+permissions:
+  contents: read
+
+jobs:
+  build_and_test:
+    strategy:
+      matrix:
+        platform: [
+          { ARCHITECTURE: x86, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/bin/clang-cl.exe",     VCPKG_TRIPLET: "x86-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars32.bat"},
+          { ARCHITECTURE: x64, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/x64/bin/clang-cl.exe", VCPKG_TRIPLET: "x64-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars64.bat"}
+        ]
+    runs-on: windows-latest
+    name: ${{ matrix.platform.ARCHITECTURE }}
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        submodules: true
+    - name: Cache vcpkg
+      uses: actions/cache@v4
+      with:
+        path: 'build/vcpkg_installed/'
+        key: vcpkg-${{ matrix.platform.VCPKG_TRIPLET }}
+    - name: Build
+      env:
+        ARCHITECTURE: ${{ matrix.platform.ARCHITECTURE }}
+        COMPILER_PATH: ${{ matrix.platform.COMPILER_PATH }}
+        VCPKG_TRIPLET: ${{ matrix.platform.VCPKG_TRIPLET }}
+        VCVARS_PATH: ${{ matrix.platform.VCVARS_PATH }}
+      run: .ci/azure-pipelines/windows_build.bat
+    - name: Test
+      shell: powershell
+      run: |
+        . .ci/appveyor-vpntest.ps1
+    - uses: actions/upload-artifact@v4
+      with:
+        if-no-files-found: error
+        name: Binaries-${{ matrix.platform.ARCHITECTURE }}
+        path: |
+          build/*.exe
+          build/*.pdb
+          build/*.se2
+    - uses: actions/upload-artifact@v4
+      with:
+        if-no-files-found: error
+        name: Installers-${{ matrix.platform.ARCHITECTURE }}
+        path: build/installers

.vscode/settings.json

@@ -0,0 +1,3 @@
+{
+    "cmake.configureOnOpen": false
+}

CMakeLists.txt

@@ -3,7 +3,7 @@ cmake_minimum_required(VERSION 3.10)
 set(BUILD_NUMBER CACHE STRING "The number of the current build.")
 
 if ("${BUILD_NUMBER}" STREQUAL "")
-	set(BUILD_NUMBER "5182")
+	set(BUILD_NUMBER "5183")
 endif()
 
 if (BUILD_NUMBER LESS 5180)

CMakeSettings.json

@@ -1,5 +1,5 @@
 {
-  "environments": [ { "BuildNumber": "5182" } ],
+  "environments": [ { "BuildNumber": "5183" } ],
   "configurations": [
     {
       "name": "x64-native",

src/Cedar/Protocol.c

@@ -6773,7 +6773,6 @@ PACK *PackLoginWithOpenVPNCertificate(char *hubname, char *username, X *x)
 
 	p = NewPack();
 	PackAddStr(p, "method", "login");
-	PackAddStr(p, "hubname", hubname);
 
 	if (IsEmptyStr(username))
 	{
@@ -6782,12 +6781,26 @@ PACK *PackLoginWithOpenVPNCertificate(char *hubname, char *username, X *x)
 			FreePack(p);
 			return NULL;
 		}
+
 		UniToStr(cn_username, sizeof(cn_username), x->subject_name->CommonName);
-		PackAddStr(p, "username", cn_username);
+
+		if (strchr(cn_username, '@') != NULL)
+
+		{
+			PackAddStr(p, "username", strtok(cn_username, "@"));
+			PackAddStr(p, "hubname", strtok(NULL, ""));
+		}
+		else
+		{
+			PackAddStr(p, "username", cn_username);
+			PackAddStr(p, "hubname", hubname);
+		}
+
 	}
 	else
 	{
 		PackAddStr(p, "username", username);
+		PackAddStr(p, "hubname", hubname);
 	}
 
 	PackAddInt(p, "authtype", AUTHTYPE_OPENVPN_CERT);

src/Cedar/Session.c

@@ -615,7 +615,7 @@ void SessionMain(SESSION *s)
 					UINT max_conn = s->ClientOption->MaxConnection;
 
 					if ((s->CurrentConnectionEstablishTime +
-						(UINT64)(s->ClientOption->AdditionalConnectionInterval * 1000 * 2 + CONNECTING_TIMEOUT * 2))
+						(UINT64)(num_tcp_conn * s->ClientOption->AdditionalConnectionInterval * 1000 * 2 + CONNECTING_TIMEOUT * 2))
 						<= Tick64())
 					{
 						if (s->ClientOption->BindLocalPort != 0 || num_tcp_conn == 0)

src/Mayaqua/Microsoft.c

@@ -2568,6 +2568,7 @@ MS_ADAPTER_LIST *MsCreateAdapterListInnerExVista(bool no_info)
 				UniStrCpy(a->TitleW, sizeof(a->TitleW), title);
 				UniToStr(a->Title, sizeof(a->Title), title);
 				a->Index = r->InterfaceIndex;
+				a->MediaConnectState = r->MediaConnectState;
 				a->Type = r->Type;
 				a->Status = ConvertMidStatusVistaToXp(r->OperStatus);
 				a->Mtu = r->Mtu;

src/Mayaqua/Microsoft.h

@@ -281,6 +281,7 @@ typedef struct MS_ADAPTER
 	char Title[MAX_PATH];			// Display name
 	wchar_t TitleW[MAX_PATH];		// Display Name (Unicode)
 	UINT Index;						// Index
+	UINT MediaConnectState;			// Media Connect State
 	UINT Type;						// Type
 	UINT Status;					// Status
 	UINT Mtu;						// MTU

src/Mayaqua/Network.c

@@ -540,6 +540,13 @@ LIST *Win32GetNicList()
 
 		if (a->Type == 6 && a->AddressSize == 6)
 		{
+			// If the connection state of the interface is unknown, then exclude it.
+			// Unknown means that the device is not plugged into the local host.
+			if (a->MediaConnectState == MediaConnectStateUnknown)
+			{
+				continue;
+			}
+
 			NIC_ENTRY *e = ZeroMalloc(sizeof(NIC_ENTRY));
 
 			StrCpy(e->IfName, sizeof(e->IfName), a->Title);