mirror of
https://github.com/deneraraujo/OpenVPNAdapter.git
synced 2026-04-24 00:00:05 +08:00
Squashed 'Sources/OpenVPN3/' changes from 1f92c424e1..407fc5fdb3
3e56f9a644 Finalizing OpenVPN 3 Core library release v3.5.6 a290b87d1a mssparms: do not fail on invalid mssfix values 59f201be90 Finalizing OpenVPN 3 Core library release v3.5.5 bbcf90171f Upgrade OpenSSL to 1.1.1g a88f2379c3 win/tunutil.hpp: fix TAP adapter name query abb7857452 Bump openssl version to 1.1.1f 89a3283944 Fix variable name typo in build-openssl 34435cbf65 Support optional HTTP Status Code reason d5471e1846 Increase OpenSSL version to 1.1.1e 6daf928edb Merge branch 'hotfix/3.4' into released 40f1419b38 Merge branch 'hotfix/3.3' into hotfix/3.4 f225fcd058 Finalizing OpenVPN 3 release v3.3.4 44e8dd8c01 Fix build issues against OpenSSL 1.0.x 65a5e959bc Fix typo in OpenSSL error mapping 042502c932 Additional mappings for OpenSSL errors to OpenVPN error codes c824c032b1 deps: Update to mbedtls-2.7.13 8b302a01c8 Finalizing OpenVPN 3 release v3.4.2 85bd50a577 Finalizing OpenVPN 3 release v3.3.3 git-subtree-dir: Sources/OpenVPN3 git-subtree-split: 407fc5fdb3bc73cf99dcd85a7fb3c1cbef833f0e
This commit is contained in:
Sergey Abramchuk
Vendored
+5
-4
@@ -4,8 +4,8 @@ export ASIO_CSUM=bdb01a649c24d73ca4a836662e7af442d935313ed6deef6b07f17f3bc5f78d7
|
|||||||
export LZ4_VERSION=lz4-1.8.3
|
export LZ4_VERSION=lz4-1.8.3
|
||||||
export LZ4_CSUM=33af5936ac06536805f9745e0b6d61da606a1f8b4cc5c04dd3cbaca3b9b4fc43
|
export LZ4_CSUM=33af5936ac06536805f9745e0b6d61da606a1f8b4cc5c04dd3cbaca3b9b4fc43
|
||||||
|
|
||||||
export MBEDTLS_VERSION=mbedtls-2.7.12
|
export MBEDTLS_VERSION=mbedtls-2.7.13
|
||||||
export MBEDTLS_CSUM=d3a36dbc9f607747daa6875c1ab2e41f49eff5fc99d3436b4f3ac90c89f3c143
|
export MBEDTLS_CSUM=6772fe21c7755dc513920e84adec629d39188b6451542ebaece428f0eba655c9
|
||||||
|
|
||||||
export JSONCPP_VERSION=1.8.4
|
export JSONCPP_VERSION=1.8.4
|
||||||
export JSONCPP_CSUM=c49deac9e0933bcb7044f08516861a2d560988540b23de2ac1ad443b219afdb6
|
export JSONCPP_CSUM=c49deac9e0933bcb7044f08516861a2d560988540b23de2ac1ad443b219afdb6
|
||||||
@@ -19,6 +19,7 @@ export CITYHASH_CSUM=f70368facd15735dffc77fe2b27ab505bfdd05be5e9166d94149a8744c2
|
|||||||
export LZO_VERSION=lzo-2.10
|
export LZO_VERSION=lzo-2.10
|
||||||
export LZO_CSUM=c0f892943208266f9b6543b3ae308fab6284c5c90e627931446fb49b4221a072
|
export LZO_CSUM=c0f892943208266f9b6543b3ae308fab6284c5c90e627931446fb49b4221a072
|
||||||
|
|
||||||
export OPENSSL_VERSION=openssl-1.1.1d
|
export OPENSSL_VERSION=openssl-1.1.1g
|
||||||
export OPENSSL_CSUM=1e3a91bc1f9dfce01af26026f856e064eab4c8ee0a8f457b5ae30b40b8b711f2
|
export OPENSSL_CSUM=ddb04774f1e32f0c49751e21b67216ac87852ceb056b75209af2443400636d46
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
Vendored
+1
-1
@@ -38,7 +38,7 @@ fi
|
|||||||
# source helper functions
|
# source helper functions
|
||||||
. $O3/core/deps/functions.sh
|
. $O3/core/deps/functions.sh
|
||||||
|
|
||||||
FNAME=openssl-${OPNESSL_VERSION}.tar.gz
|
FNAME=openssl-${OPENSSL_VERSION}.tar.gz
|
||||||
URL=https://www.openssl.org/source/${OPENSSL_VERSION}.tar.gz
|
URL=https://www.openssl.org/source/${OPENSSL_VERSION}.tar.gz
|
||||||
CSUM=${OPENSSL_CSUM}
|
CSUM=${OPENSSL_CSUM}
|
||||||
|
|
||||||
|
|||||||
@@ -24,5 +24,5 @@
|
|||||||
#pragma once
|
#pragma once
|
||||||
|
|
||||||
#ifndef OPENVPN_VERSION
|
#ifndef OPENVPN_VERSION
|
||||||
#define OPENVPN_VERSION "3.5.4"
|
#define OPENVPN_VERSION "3.5.6"
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
@@ -61,6 +61,9 @@ namespace openvpn {
|
|||||||
UDP_CONNECT_ERROR, // client error on UDP connect
|
UDP_CONNECT_ERROR, // client error on UDP connect
|
||||||
SSL_ERROR, // errors resulting from read/write on SSL object
|
SSL_ERROR, // errors resulting from read/write on SSL object
|
||||||
SSL_PARTIAL_WRITE, // SSL object did not process all written cleartext
|
SSL_PARTIAL_WRITE, // SSL object did not process all written cleartext
|
||||||
|
SSL_CA_MD_TOO_WEAK, // CA message digest is too weak
|
||||||
|
SSL_CA_KEY_TOO_SMALL, // CA key is too small
|
||||||
|
SSL_DH_KEY_TOO_SMALL, // DH key is too small
|
||||||
ENCAPSULATION_ERROR, // exceptions thrown during packet encapsulation
|
ENCAPSULATION_ERROR, // exceptions thrown during packet encapsulation
|
||||||
EPKI_CERT_ERROR, // error obtaining certificate from External PKI provider
|
EPKI_CERT_ERROR, // error obtaining certificate from External PKI provider
|
||||||
EPKI_SIGN_ERROR, // error obtaining RSA signature from External PKI provider
|
EPKI_SIGN_ERROR, // error obtaining RSA signature from External PKI provider
|
||||||
@@ -139,6 +142,9 @@ namespace openvpn {
|
|||||||
"UDP_CONNECT_ERROR",
|
"UDP_CONNECT_ERROR",
|
||||||
"SSL_ERROR",
|
"SSL_ERROR",
|
||||||
"SSL_PARTIAL_WRITE",
|
"SSL_PARTIAL_WRITE",
|
||||||
|
"SSL_CA_MD_TOO_WEAK",
|
||||||
|
"SSL_CA_KEY_TOO_SMALL",
|
||||||
|
"SSL_DH_KEY_TOO_SMALL",
|
||||||
"ENCAPSULATION_ERROR",
|
"ENCAPSULATION_ERROR",
|
||||||
"EPKI_CERT_ERROR",
|
"EPKI_CERT_ERROR",
|
||||||
"EPKI_SIGN_ERROR",
|
"EPKI_SIGN_ERROR",
|
||||||
|
|||||||
@@ -245,7 +245,12 @@ namespace openvpn {
|
|||||||
return fail;
|
return fail;
|
||||||
}
|
}
|
||||||
case status_text_start:
|
case status_text_start:
|
||||||
if (!Util::is_char(input) || Util::is_ctl(input) || Util::is_tspecial(input))
|
if (input == '\r')
|
||||||
|
{
|
||||||
|
state_ = expecting_newline_1;
|
||||||
|
return pending;
|
||||||
|
}
|
||||||
|
else if (!Util::is_char(input) || Util::is_ctl(input) || Util::is_tspecial(input))
|
||||||
{
|
{
|
||||||
return fail;
|
return fail;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -144,6 +144,18 @@ namespace openvpn {
|
|||||||
case SSL_R_UNSUPPORTED_PROTOCOL:
|
case SSL_R_UNSUPPORTED_PROTOCOL:
|
||||||
set_code(Error::TLS_VERSION_MIN, true);
|
set_code(Error::TLS_VERSION_MIN, true);
|
||||||
break;
|
break;
|
||||||
|
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
||||||
|
// These error codes are not available in older OpenSSL versions
|
||||||
|
case SSL_R_CA_MD_TOO_WEAK:
|
||||||
|
set_code(Error::SSL_CA_MD_TOO_WEAK, true);
|
||||||
|
break;
|
||||||
|
case SSL_R_CA_KEY_TOO_SMALL:
|
||||||
|
set_code(Error::SSL_CA_KEY_TOO_SMALL, true);
|
||||||
|
break;
|
||||||
|
#endif // OpenSSL >= 1.1.0
|
||||||
|
case SSL_R_DH_KEY_TOO_SMALL:
|
||||||
|
set_code(Error::SSL_DH_KEY_TOO_SMALL, true);
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
errtxt = tmp.str();
|
errtxt = tmp.str();
|
||||||
|
|||||||
@@ -33,18 +33,41 @@ namespace openvpn {
|
|||||||
{
|
{
|
||||||
}
|
}
|
||||||
|
|
||||||
void parse(const OptionList& opt)
|
void parse(const OptionList& opt, bool nothrow=false)
|
||||||
{
|
{
|
||||||
const Option *o = opt.get_ptr("mssfix");
|
const Option *o = opt.get_ptr("mssfix");
|
||||||
if (o)
|
if (o)
|
||||||
{
|
{
|
||||||
const bool status = parse_number_validate<decltype(mssfix)>(o->get(1, 16),
|
const std::string* val = o->get_ptr(1, 16);
|
||||||
|
if (val == nullptr)
|
||||||
|
{
|
||||||
|
if (nothrow)
|
||||||
|
{
|
||||||
|
OPENVPN_LOG("Missing mssfix value, mssfix functionality disabled");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
throw option_error("mssfix must have a value");
|
||||||
|
}
|
||||||
|
|
||||||
|
const bool status = parse_number_validate<decltype(mssfix)>(*val,
|
||||||
16,
|
16,
|
||||||
576,
|
576,
|
||||||
65535,
|
65535,
|
||||||
&mssfix);
|
&mssfix);
|
||||||
if (!status)
|
if (!status)
|
||||||
throw option_error("mssfix: parse/range issue");
|
{
|
||||||
|
if (nothrow)
|
||||||
|
{
|
||||||
|
// no need to warn if mssfix is actually 0
|
||||||
|
if (*val != "0")
|
||||||
|
{
|
||||||
|
OPENVPN_LOG("Invalid mssfix value " << *val << ", mssfix functionality disabled");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
throw option_error("mssfix: parse/range issue");
|
||||||
|
}
|
||||||
mtu = (o->get_optional(2, 16) == "mtu");
|
mtu = (o->get_optional(2, 16) == "mtu");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -561,7 +561,7 @@ namespace openvpn {
|
|||||||
tun_mtu = parse_tun_mtu(opt, tun_mtu);
|
tun_mtu = parse_tun_mtu(opt, tun_mtu);
|
||||||
|
|
||||||
// mssfix
|
// mssfix
|
||||||
mss_parms.parse(opt);
|
mss_parms.parse(opt, true);
|
||||||
|
|
||||||
// load parameters that can be present in both config file or pushed options
|
// load parameters that can be present in both config file or pushed options
|
||||||
load_common(opt, pco, server ? LOAD_COMMON_SERVER : LOAD_COMMON_CLIENT);
|
load_common(opt, pco, server ? LOAD_COMMON_SERVER : LOAD_COMMON_CLIENT);
|
||||||
|
|||||||
@@ -288,15 +288,16 @@ namespace openvpn {
|
|||||||
continue;
|
continue;
|
||||||
|
|
||||||
wchar_t wbuf[256] = L"";
|
wchar_t wbuf[256] = L"";
|
||||||
|
DWORD cbwbuf = sizeof(wbuf);
|
||||||
status = ::RegQueryValueExW(connection_key(),
|
status = ::RegQueryValueExW(connection_key(),
|
||||||
L"Name",
|
L"Name",
|
||||||
nullptr,
|
nullptr,
|
||||||
&data_type,
|
&data_type,
|
||||||
(LPBYTE)wbuf,
|
(LPBYTE)wbuf,
|
||||||
&len);
|
&cbwbuf);
|
||||||
if (status != ERROR_SUCCESS || data_type != REG_SZ)
|
if (status != ERROR_SUCCESS || data_type != REG_SZ)
|
||||||
continue;
|
continue;
|
||||||
wbuf[(sizeof(wbuf) / sizeof(wchar_t)) - 1] = L'\0';
|
wbuf[(cbwbuf / sizeof(wchar_t)) - 1] = L'\0';
|
||||||
|
|
||||||
// iterate through self and try to patch the name
|
// iterate through self and try to patch the name
|
||||||
{
|
{
|
||||||
|
|||||||
Reference in New Issue
Block a user