mirror of
https://github.com/deneraraujo/OpenVPNAdapter.git
synced 2024-10-06 00:52:07 +08:00
Squashed 'Sources/OpenVPN3/' changes from 1f92c424e1..407fc5fdb3
3e56f9a644 Finalizing OpenVPN 3 Core library release v3.5.6 a290b87d1a mssparms: do not fail on invalid mssfix values 59f201be90 Finalizing OpenVPN 3 Core library release v3.5.5 bbcf90171f Upgrade OpenSSL to 1.1.1g a88f2379c3 win/tunutil.hpp: fix TAP adapter name query abb7857452 Bump openssl version to 1.1.1f 89a3283944 Fix variable name typo in build-openssl 34435cbf65 Support optional HTTP Status Code reason d5471e1846 Increase OpenSSL version to 1.1.1e 6daf928edb Merge branch 'hotfix/3.4' into released 40f1419b38 Merge branch 'hotfix/3.3' into hotfix/3.4 f225fcd058 Finalizing OpenVPN 3 release v3.3.4 44e8dd8c01 Fix build issues against OpenSSL 1.0.x 65a5e959bc Fix typo in OpenSSL error mapping 042502c932 Additional mappings for OpenSSL errors to OpenVPN error codes c824c032b1 deps: Update to mbedtls-2.7.13 8b302a01c8 Finalizing OpenVPN 3 release v3.4.2 85bd50a577 Finalizing OpenVPN 3 release v3.3.3 git-subtree-dir: Sources/OpenVPN3 git-subtree-split: 407fc5fdb3bc73cf99dcd85a7fb3c1cbef833f0e
This commit is contained in:
parent
86cc97e55f
commit
f81b84d64d
9
deps/lib-versions
vendored
9
deps/lib-versions
vendored
@ -4,8 +4,8 @@ export ASIO_CSUM=bdb01a649c24d73ca4a836662e7af442d935313ed6deef6b07f17f3bc5f78d7
|
||||
export LZ4_VERSION=lz4-1.8.3
|
||||
export LZ4_CSUM=33af5936ac06536805f9745e0b6d61da606a1f8b4cc5c04dd3cbaca3b9b4fc43
|
||||
|
||||
export MBEDTLS_VERSION=mbedtls-2.7.12
|
||||
export MBEDTLS_CSUM=d3a36dbc9f607747daa6875c1ab2e41f49eff5fc99d3436b4f3ac90c89f3c143
|
||||
export MBEDTLS_VERSION=mbedtls-2.7.13
|
||||
export MBEDTLS_CSUM=6772fe21c7755dc513920e84adec629d39188b6451542ebaece428f0eba655c9
|
||||
|
||||
export JSONCPP_VERSION=1.8.4
|
||||
export JSONCPP_CSUM=c49deac9e0933bcb7044f08516861a2d560988540b23de2ac1ad443b219afdb6
|
||||
@ -19,6 +19,7 @@ export CITYHASH_CSUM=f70368facd15735dffc77fe2b27ab505bfdd05be5e9166d94149a8744c2
|
||||
export LZO_VERSION=lzo-2.10
|
||||
export LZO_CSUM=c0f892943208266f9b6543b3ae308fab6284c5c90e627931446fb49b4221a072
|
||||
|
||||
export OPENSSL_VERSION=openssl-1.1.1d
|
||||
export OPENSSL_CSUM=1e3a91bc1f9dfce01af26026f856e064eab4c8ee0a8f457b5ae30b40b8b711f2
|
||||
export OPENSSL_VERSION=openssl-1.1.1g
|
||||
export OPENSSL_CSUM=ddb04774f1e32f0c49751e21b67216ac87852ceb056b75209af2443400636d46
|
||||
|
||||
|
||||
|
2
deps/openssl/build-openssl
vendored
2
deps/openssl/build-openssl
vendored
@ -38,7 +38,7 @@ fi
|
||||
# source helper functions
|
||||
. $O3/core/deps/functions.sh
|
||||
|
||||
FNAME=openssl-${OPNESSL_VERSION}.tar.gz
|
||||
FNAME=openssl-${OPENSSL_VERSION}.tar.gz
|
||||
URL=https://www.openssl.org/source/${OPENSSL_VERSION}.tar.gz
|
||||
CSUM=${OPENSSL_CSUM}
|
||||
|
||||
|
@ -24,5 +24,5 @@
|
||||
#pragma once
|
||||
|
||||
#ifndef OPENVPN_VERSION
|
||||
#define OPENVPN_VERSION "3.5.4"
|
||||
#define OPENVPN_VERSION "3.5.6"
|
||||
#endif
|
||||
|
@ -61,6 +61,9 @@ namespace openvpn {
|
||||
UDP_CONNECT_ERROR, // client error on UDP connect
|
||||
SSL_ERROR, // errors resulting from read/write on SSL object
|
||||
SSL_PARTIAL_WRITE, // SSL object did not process all written cleartext
|
||||
SSL_CA_MD_TOO_WEAK, // CA message digest is too weak
|
||||
SSL_CA_KEY_TOO_SMALL, // CA key is too small
|
||||
SSL_DH_KEY_TOO_SMALL, // DH key is too small
|
||||
ENCAPSULATION_ERROR, // exceptions thrown during packet encapsulation
|
||||
EPKI_CERT_ERROR, // error obtaining certificate from External PKI provider
|
||||
EPKI_SIGN_ERROR, // error obtaining RSA signature from External PKI provider
|
||||
@ -139,6 +142,9 @@ namespace openvpn {
|
||||
"UDP_CONNECT_ERROR",
|
||||
"SSL_ERROR",
|
||||
"SSL_PARTIAL_WRITE",
|
||||
"SSL_CA_MD_TOO_WEAK",
|
||||
"SSL_CA_KEY_TOO_SMALL",
|
||||
"SSL_DH_KEY_TOO_SMALL",
|
||||
"ENCAPSULATION_ERROR",
|
||||
"EPKI_CERT_ERROR",
|
||||
"EPKI_SIGN_ERROR",
|
||||
|
@ -245,7 +245,12 @@ namespace openvpn {
|
||||
return fail;
|
||||
}
|
||||
case status_text_start:
|
||||
if (!Util::is_char(input) || Util::is_ctl(input) || Util::is_tspecial(input))
|
||||
if (input == '\r')
|
||||
{
|
||||
state_ = expecting_newline_1;
|
||||
return pending;
|
||||
}
|
||||
else if (!Util::is_char(input) || Util::is_ctl(input) || Util::is_tspecial(input))
|
||||
{
|
||||
return fail;
|
||||
}
|
||||
|
@ -144,6 +144,18 @@ namespace openvpn {
|
||||
case SSL_R_UNSUPPORTED_PROTOCOL:
|
||||
set_code(Error::TLS_VERSION_MIN, true);
|
||||
break;
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
||||
// These error codes are not available in older OpenSSL versions
|
||||
case SSL_R_CA_MD_TOO_WEAK:
|
||||
set_code(Error::SSL_CA_MD_TOO_WEAK, true);
|
||||
break;
|
||||
case SSL_R_CA_KEY_TOO_SMALL:
|
||||
set_code(Error::SSL_CA_KEY_TOO_SMALL, true);
|
||||
break;
|
||||
#endif // OpenSSL >= 1.1.0
|
||||
case SSL_R_DH_KEY_TOO_SMALL:
|
||||
set_code(Error::SSL_DH_KEY_TOO_SMALL, true);
|
||||
break;
|
||||
}
|
||||
}
|
||||
errtxt = tmp.str();
|
||||
|
@ -33,18 +33,41 @@ namespace openvpn {
|
||||
{
|
||||
}
|
||||
|
||||
void parse(const OptionList& opt)
|
||||
void parse(const OptionList& opt, bool nothrow=false)
|
||||
{
|
||||
const Option *o = opt.get_ptr("mssfix");
|
||||
if (o)
|
||||
{
|
||||
const bool status = parse_number_validate<decltype(mssfix)>(o->get(1, 16),
|
||||
const std::string* val = o->get_ptr(1, 16);
|
||||
if (val == nullptr)
|
||||
{
|
||||
if (nothrow)
|
||||
{
|
||||
OPENVPN_LOG("Missing mssfix value, mssfix functionality disabled");
|
||||
return;
|
||||
}
|
||||
else
|
||||
throw option_error("mssfix must have a value");
|
||||
}
|
||||
|
||||
const bool status = parse_number_validate<decltype(mssfix)>(*val,
|
||||
16,
|
||||
576,
|
||||
65535,
|
||||
&mssfix);
|
||||
if (!status)
|
||||
throw option_error("mssfix: parse/range issue");
|
||||
{
|
||||
if (nothrow)
|
||||
{
|
||||
// no need to warn if mssfix is actually 0
|
||||
if (*val != "0")
|
||||
{
|
||||
OPENVPN_LOG("Invalid mssfix value " << *val << ", mssfix functionality disabled");
|
||||
}
|
||||
}
|
||||
else
|
||||
throw option_error("mssfix: parse/range issue");
|
||||
}
|
||||
mtu = (o->get_optional(2, 16) == "mtu");
|
||||
}
|
||||
}
|
||||
|
@ -561,7 +561,7 @@ namespace openvpn {
|
||||
tun_mtu = parse_tun_mtu(opt, tun_mtu);
|
||||
|
||||
// mssfix
|
||||
mss_parms.parse(opt);
|
||||
mss_parms.parse(opt, true);
|
||||
|
||||
// load parameters that can be present in both config file or pushed options
|
||||
load_common(opt, pco, server ? LOAD_COMMON_SERVER : LOAD_COMMON_CLIENT);
|
||||
|
@ -288,15 +288,16 @@ namespace openvpn {
|
||||
continue;
|
||||
|
||||
wchar_t wbuf[256] = L"";
|
||||
DWORD cbwbuf = sizeof(wbuf);
|
||||
status = ::RegQueryValueExW(connection_key(),
|
||||
L"Name",
|
||||
nullptr,
|
||||
&data_type,
|
||||
(LPBYTE)wbuf,
|
||||
&len);
|
||||
&cbwbuf);
|
||||
if (status != ERROR_SUCCESS || data_type != REG_SZ)
|
||||
continue;
|
||||
wbuf[(sizeof(wbuf) / sizeof(wchar_t)) - 1] = L'\0';
|
||||
wbuf[(cbwbuf / sizeof(wchar_t)) - 1] = L'\0';
|
||||
|
||||
// iterate through self and try to patch the name
|
||||
{
|
||||
|
Loading…
Reference in New Issue
Block a user