mirror of
https://github.com/SoftEtherVPN/SoftEtherVPN.git
synced 2025-11-20 10:21:47 +03:00
Compare commits
3 Commits
master
...
26b29a1ab1
| Author | SHA1 | Date | |
|---|---|---|---|
| 26b29a1ab1 | |||
| d6d0f2dadd | |||
| 68b72d8867 |
@ -4,14 +4,14 @@ FreeBSD_task:
|
|||||||
SSL: openssl
|
SSL: openssl
|
||||||
OPENSSL_ROOT_DIR: /usr/local
|
OPENSSL_ROOT_DIR: /usr/local
|
||||||
env:
|
env:
|
||||||
SSL: openssl36
|
SSL: openssl32
|
||||||
OPENSSL_ROOT_DIR: /usr/local
|
OPENSSL_ROOT_DIR: /usr/local
|
||||||
env:
|
env:
|
||||||
# base openssl
|
# base openssl
|
||||||
SSL:
|
SSL:
|
||||||
matrix:
|
matrix:
|
||||||
freebsd_instance:
|
freebsd_instance:
|
||||||
image_family: freebsd-14-3
|
image_family: freebsd-14-2
|
||||||
prepare_script:
|
prepare_script:
|
||||||
- pkg install -y pkgconf cmake git libsodium cpu_features $SSL
|
- pkg install -y pkgconf cmake git libsodium cpu_features $SSL
|
||||||
- git submodule update --init --recursive
|
- git submodule update --init --recursive
|
||||||
|
|||||||
@ -37,18 +37,15 @@ COPY --from=builder /usr/local/src/SoftEtherVPN/build/libcedar.so /usr/local/src
|
|||||||
|
|
||||||
FROM base AS vpnserver
|
FROM base AS vpnserver
|
||||||
COPY --from=builder /usr/local/src/SoftEtherVPN/build/vpnserver ./
|
COPY --from=builder /usr/local/src/SoftEtherVPN/build/vpnserver ./
|
||||||
RUN ./vpnserver --help
|
|
||||||
EXPOSE 443/tcp 992/tcp 1194/tcp 1194/udp 5555/tcp 500/udp 4500/udp
|
EXPOSE 443/tcp 992/tcp 1194/tcp 1194/udp 5555/tcp 500/udp 4500/udp
|
||||||
CMD ["/usr/local/bin/vpnserver", "execsvc"]
|
CMD ["/usr/local/bin/vpnserver", "execsvc"]
|
||||||
|
|
||||||
|
|
||||||
FROM base AS vpnclient
|
FROM base AS vpnclient
|
||||||
COPY --from=builder /usr/local/src/SoftEtherVPN/build/vpnclient ./
|
COPY --from=builder /usr/local/src/SoftEtherVPN/build/vpnclient ./
|
||||||
RUN ./vpnclient --help
|
|
||||||
CMD ["/usr/local/bin/vpnclient", "execsvc"]
|
CMD ["/usr/local/bin/vpnclient", "execsvc"]
|
||||||
|
|
||||||
|
|
||||||
FROM base AS vpnbridge
|
FROM base AS vpnbridge
|
||||||
COPY --from=builder /usr/local/src/SoftEtherVPN/build/vpnbridge ./
|
COPY --from=builder /usr/local/src/SoftEtherVPN/build/vpnbridge ./
|
||||||
RUN ./vpnbridge --help
|
|
||||||
CMD ["/usr/local/bin/vpnbridge", "execsvc"]
|
CMD ["/usr/local/bin/vpnbridge", "execsvc"]
|
||||||
@ -33,6 +33,7 @@ You need to install the following software to build SoftEther VPN for UNIX.
|
|||||||
|
|
||||||
```bash
|
```bash
|
||||||
sudo yum -y groupinstall "Development Tools"
|
sudo yum -y groupinstall "Development Tools"
|
||||||
|
sudo yum -y install epel-release
|
||||||
sudo yum -y install cmake ncurses-devel openssl-devel libsodium-devel readline-devel zlib-devel
|
sudo yum -y install cmake ncurses-devel openssl-devel libsodium-devel readline-devel zlib-devel
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|||||||
@ -457,10 +457,10 @@ void L3KnownArp(L3IF *f, UINT ip, UCHAR *mac)
|
|||||||
// Delete an ARP query entry to this IP address
|
// Delete an ARP query entry to this IP address
|
||||||
Zero(&t, sizeof(t));
|
Zero(&t, sizeof(t));
|
||||||
t.IpAddress = ip;
|
t.IpAddress = ip;
|
||||||
w = Search(f->ArpWaitTable, &t);
|
w = Search(f->IpWaitList, &t);
|
||||||
if (w != NULL)
|
if (w != NULL)
|
||||||
{
|
{
|
||||||
Delete(f->ArpWaitTable, w);
|
Delete(f->IpWaitList, w);
|
||||||
Free(w);
|
Free(w);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -5843,6 +5843,7 @@ bool ServerDownloadSignature(CONNECTION *c, char **error_detail_str)
|
|||||||
// Target is invalid
|
// Target is invalid
|
||||||
HttpSendNotFound(s, h->Target);
|
HttpSendNotFound(s, h->Target);
|
||||||
Free(data);
|
Free(data);
|
||||||
|
FreeHttpHeader(h);
|
||||||
*error_detail_str = "POST_Target_Wrong";
|
*error_detail_str = "POST_Target_Wrong";
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
@ -5860,10 +5861,10 @@ bool ServerDownloadSignature(CONNECTION *c, char **error_detail_str)
|
|||||||
{
|
{
|
||||||
// WaterMark is incorrect
|
// WaterMark is incorrect
|
||||||
HttpSendForbidden(s, h->Target, NULL);
|
HttpSendForbidden(s, h->Target, NULL);
|
||||||
|
FreeHttpHeader(h);
|
||||||
*error_detail_str = "POST_WaterMark_Error";
|
*error_detail_str = "POST_WaterMark_Error";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
FreeHttpHeader(h);
|
|
||||||
}
|
}
|
||||||
else if (StrCmpi(h->Method, "OPTIONS") == 0)
|
else if (StrCmpi(h->Method, "OPTIONS") == 0)
|
||||||
{
|
{
|
||||||
@ -5883,7 +5884,6 @@ bool ServerDownloadSignature(CONNECTION *c, char **error_detail_str)
|
|||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
FreeHttpHeader(h);
|
|
||||||
}
|
}
|
||||||
else if (StrCmpi(h->Method, "SSTP_DUPLEX_POST") == 0 && (ProtoEnabled(server->Proto, "SSTP") || s->IsReverseAcceptedSocket) && GetServerCapsBool(server, "b_support_sstp"))
|
else if (StrCmpi(h->Method, "SSTP_DUPLEX_POST") == 0 && (ProtoEnabled(server->Proto, "SSTP") || s->IsReverseAcceptedSocket) && GetServerCapsBool(server, "b_support_sstp"))
|
||||||
{
|
{
|
||||||
|
|||||||
@ -18,14 +18,9 @@ set_target_properties(mayaqua
|
|||||||
|
|
||||||
find_package(OpenSSL REQUIRED)
|
find_package(OpenSSL REQUIRED)
|
||||||
|
|
||||||
if(OPENSSL_VERSION VERSION_GREATER_EQUAL "3")
|
if(OPENSSL_VERSION VERSION_LESS "3") # Disable oqsprovider when OpenSSL version < 3
|
||||||
set(OQS_ENABLE ON CACHE BOOL "By setting this to OFF, Open Quantum Safe algorithms will not be built in")
|
add_definitions(-DSKIP_OQS_PROVIDER)
|
||||||
else()
|
else()
|
||||||
# Disable oqsprovider when OpenSSL version < 3
|
|
||||||
set(OQS_ENABLE OFF)
|
|
||||||
endif()
|
|
||||||
|
|
||||||
if(OQS_ENABLE)
|
|
||||||
set(OQS_BUILD_ONLY_LIB ON CACHE BOOL "Set liboqs to build only the library (no tests)")
|
set(OQS_BUILD_ONLY_LIB ON CACHE BOOL "Set liboqs to build only the library (no tests)")
|
||||||
set(BUILD_TESTING OFF CACHE BOOL "By setting this to OFF, no tests or examples will be compiled.")
|
set(BUILD_TESTING OFF CACHE BOOL "By setting this to OFF, no tests or examples will be compiled.")
|
||||||
set(OQS_PROVIDER_BUILD_STATIC ON CACHE BOOL "Build a static library instead of a shared library") # Build oqsprovider as a static library (defaults to shared)
|
set(OQS_PROVIDER_BUILD_STATIC ON CACHE BOOL "Build a static library instead of a shared library") # Build oqsprovider as a static library (defaults to shared)
|
||||||
@ -37,8 +32,6 @@ if(OQS_ENABLE)
|
|||||||
target_include_directories(oqsprovider PUBLIC ${CMAKE_CURRENT_BINARY_DIR}/3rdparty/liboqs/include)
|
target_include_directories(oqsprovider PUBLIC ${CMAKE_CURRENT_BINARY_DIR}/3rdparty/liboqs/include)
|
||||||
set_property(TARGET oqsprovider PROPERTY POSITION_INDEPENDENT_CODE ON)
|
set_property(TARGET oqsprovider PROPERTY POSITION_INDEPENDENT_CODE ON)
|
||||||
target_link_libraries(mayaqua PRIVATE oqsprovider)
|
target_link_libraries(mayaqua PRIVATE oqsprovider)
|
||||||
else()
|
|
||||||
add_definitions(-DSKIP_OQS_PROVIDER)
|
|
||||||
endif()
|
endif()
|
||||||
|
|
||||||
include(CheckSymbolExists)
|
include(CheckSymbolExists)
|
||||||
@ -132,10 +125,8 @@ if(UNIX)
|
|||||||
message("-- Using system's cpu_features")
|
message("-- Using system's cpu_features")
|
||||||
target_link_libraries(mayaqua PRIVATE cpu_features)
|
target_link_libraries(mayaqua PRIVATE cpu_features)
|
||||||
else()
|
else()
|
||||||
message("-- Using bundled cpu_features")
|
|
||||||
set(BUILD_SHARED_LIBS OFF)
|
|
||||||
set(CMAKE_POSITION_INDEPENDENT_CODE ON)
|
|
||||||
add_subdirectory(3rdparty/cpu_features)
|
add_subdirectory(3rdparty/cpu_features)
|
||||||
|
set_property(TARGET cpu_features PROPERTY POSITION_INDEPENDENT_CODE ON)
|
||||||
target_link_libraries(mayaqua PRIVATE cpu_features)
|
target_link_libraries(mayaqua PRIVATE cpu_features)
|
||||||
endif()
|
endif()
|
||||||
|
|
||||||
|
|||||||
@ -2057,15 +2057,43 @@ bool ParsePacketL2Ex(PKT *p, UCHAR *buf, UINT size, bool no_l3, bool no_l3_l4_ex
|
|||||||
|
|
||||||
if (type_id_16 > 1500)
|
if (type_id_16 > 1500)
|
||||||
{
|
{
|
||||||
if (type_id_16 == MAC_PROTO_TAGVLAN)
|
// Ordinary Ethernet frame
|
||||||
|
switch (type_id_16)
|
||||||
{
|
{
|
||||||
// Parse VLAN frame
|
case MAC_PROTO_ARPV4: // ARPv4
|
||||||
return ParsePacketTAGVLAN(p, buf, size, no_l3, no_l3_l4_except_icmpv6);
|
if (no_l3 || no_l3_l4_except_icmpv6)
|
||||||
}
|
{
|
||||||
else
|
return true;
|
||||||
{
|
}
|
||||||
// Parse Ordinary Ethernet frame
|
|
||||||
return ParsePacketL3(p, buf, size, type_id_16, no_l3, no_l3_l4_except_icmpv6);
|
return ParsePacketARPv4(p, buf, size);
|
||||||
|
|
||||||
|
case MAC_PROTO_IPV4: // IPv4
|
||||||
|
if (no_l3 || no_l3_l4_except_icmpv6)
|
||||||
|
{
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return ParsePacketIPv4(p, buf, size);
|
||||||
|
|
||||||
|
case MAC_PROTO_IPV6: // IPv6
|
||||||
|
if (no_l3)
|
||||||
|
{
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return ParsePacketIPv6(p, buf, size, no_l3_l4_except_icmpv6);
|
||||||
|
|
||||||
|
default: // Unknown
|
||||||
|
if (type_id_16 == p->VlanTypeID)
|
||||||
|
{
|
||||||
|
// VLAN
|
||||||
|
return ParsePacketTAGVLAN(p, buf, size);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
return true;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
@ -2100,44 +2128,10 @@ bool ParsePacketL2Ex(PKT *p, UCHAR *buf, UINT size, bool no_l3, bool no_l3_l4_ex
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
bool ParsePacketL3(PKT *p, UCHAR *buf, UINT size, USHORT proto, bool no_l3, bool no_l3_l4_except_icmpv6)
|
|
||||||
{
|
|
||||||
switch (proto)
|
|
||||||
{
|
|
||||||
case MAC_PROTO_ARPV4: // ARPv4
|
|
||||||
if (no_l3 || no_l3_l4_except_icmpv6)
|
|
||||||
{
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
return ParsePacketARPv4(p, buf, size);
|
|
||||||
|
|
||||||
case MAC_PROTO_IPV4: // IPv4
|
|
||||||
if (no_l3 || no_l3_l4_except_icmpv6)
|
|
||||||
{
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
return ParsePacketIPv4(p, buf, size);
|
|
||||||
|
|
||||||
case MAC_PROTO_IPV6: // IPv6
|
|
||||||
if (no_l3)
|
|
||||||
{
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
return ParsePacketIPv6(p, buf, size, no_l3_l4_except_icmpv6);
|
|
||||||
|
|
||||||
default: // Unknown
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// TAG VLAN parsing
|
// TAG VLAN parsing
|
||||||
bool ParsePacketTAGVLAN(PKT *p, UCHAR *buf, UINT size, bool no_l3, bool no_l3_l4_except_icmpv6)
|
bool ParsePacketTAGVLAN(PKT *p, UCHAR *buf, UINT size)
|
||||||
{
|
{
|
||||||
USHORT vlan_ushort;
|
USHORT vlan_ushort;
|
||||||
USHORT proto_ushort;
|
|
||||||
// Validate arguments
|
// Validate arguments
|
||||||
if (p == NULL || buf == NULL)
|
if (p == NULL || buf == NULL)
|
||||||
{
|
{
|
||||||
@ -2157,17 +2151,12 @@ bool ParsePacketTAGVLAN(PKT *p, UCHAR *buf, UINT size, bool no_l3, bool no_l3_l4
|
|||||||
buf += sizeof(TAGVLAN_HEADER);
|
buf += sizeof(TAGVLAN_HEADER);
|
||||||
size -= sizeof(TAGVLAN_HEADER);
|
size -= sizeof(TAGVLAN_HEADER);
|
||||||
|
|
||||||
vlan_ushort = READ_USHORT(p->L3.TagVlanHeader->TagID);
|
vlan_ushort = READ_USHORT(p->L3.TagVlanHeader->Data);
|
||||||
vlan_ushort = vlan_ushort & 0xFFF;
|
vlan_ushort = vlan_ushort & 0xFFF;
|
||||||
|
|
||||||
p->VlanId = vlan_ushort;
|
p->VlanId = vlan_ushort;
|
||||||
|
|
||||||
proto_ushort = READ_USHORT(p->L3.TagVlanHeader->Protocol);
|
return true;
|
||||||
proto_ushort = proto_ushort & 0xFFFF;
|
|
||||||
|
|
||||||
|
|
||||||
// Parse the L3 packet
|
|
||||||
return ParsePacketL3(p, buf, size, proto_ushort, no_l3, no_l3_l4_except_icmpv6);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// BPDU Parsing
|
// BPDU Parsing
|
||||||
|
|||||||
@ -87,8 +87,7 @@ struct ARPV4_HEADER
|
|||||||
// Tagged VLAN header
|
// Tagged VLAN header
|
||||||
struct TAGVLAN_HEADER
|
struct TAGVLAN_HEADER
|
||||||
{
|
{
|
||||||
UCHAR TagID[2]; // TagID
|
UCHAR Data[2]; // Data
|
||||||
UCHAR Protocol[2]; // Protocol
|
|
||||||
} GCC_PACKED;
|
} GCC_PACKED;
|
||||||
|
|
||||||
// IPv4 header
|
// IPv4 header
|
||||||
@ -763,11 +762,10 @@ void FreePacketTCPv4(PKT *p);
|
|||||||
void FreePacketICMPv4(PKT *p);
|
void FreePacketICMPv4(PKT *p);
|
||||||
void FreePacketDHCPv4(PKT *p);
|
void FreePacketDHCPv4(PKT *p);
|
||||||
bool ParsePacketL2Ex(PKT *p, UCHAR *buf, UINT size, bool no_l3, bool no_l3_l4_except_icmpv6);
|
bool ParsePacketL2Ex(PKT *p, UCHAR *buf, UINT size, bool no_l3, bool no_l3_l4_except_icmpv6);
|
||||||
bool ParsePacketL3(PKT *p, UCHAR *buf, UINT size, USHORT proto, bool no_l3, bool no_l3_l4_except_icmpv6);
|
|
||||||
bool ParsePacketARPv4(PKT *p, UCHAR *buf, UINT size);
|
bool ParsePacketARPv4(PKT *p, UCHAR *buf, UINT size);
|
||||||
bool ParsePacketIPv4(PKT *p, UCHAR *buf, UINT size);
|
bool ParsePacketIPv4(PKT *p, UCHAR *buf, UINT size);
|
||||||
bool ParsePacketBPDU(PKT *p, UCHAR *buf, UINT size);
|
bool ParsePacketBPDU(PKT *p, UCHAR *buf, UINT size);
|
||||||
bool ParsePacketTAGVLAN(PKT *p, UCHAR *buf, UINT size, bool no_l3, bool no_l3_l4_except_icmpv6);
|
bool ParsePacketTAGVLAN(PKT *p, UCHAR *buf, UINT size);
|
||||||
bool ParseICMPv4(PKT *p, UCHAR *buf, UINT size);
|
bool ParseICMPv4(PKT *p, UCHAR *buf, UINT size);
|
||||||
bool ParseICMPv6(PKT *p, UCHAR *buf, UINT size);
|
bool ParseICMPv6(PKT *p, UCHAR *buf, UINT size);
|
||||||
bool ParseTCP(PKT *p, UCHAR *buf, UINT size);
|
bool ParseTCP(PKT *p, UCHAR *buf, UINT size);
|
||||||
|
|||||||
Reference in New Issue
Block a user