v4.25-9656-rtm

src/Cedar/Cedar.h

@@ -135,10 +135,10 @@
 
 
 // Version number
-#define	CEDAR_VER					424
+#define	CEDAR_VER					425
 
 // Build Number
-#define	CEDAR_BUILD					9652
+#define	CEDAR_BUILD					9656
 
 // Beta number
 //#define	BETA_NUMBER					3
@@ -157,12 +157,12 @@
 #endif	// BUILD_PLACE
 
 // Specifies the build date
-#define	BUILD_DATE_Y		2017
-#define	BUILD_DATE_M		12
-#define	BUILD_DATE_D		21
-#define	BUILD_DATE_HO		10
-#define	BUILD_DATE_MI		34
-#define	BUILD_DATE_SE		43
+#define	BUILD_DATE_Y		2018
+#define	BUILD_DATE_M		1
+#define	BUILD_DATE_D		15
+#define	BUILD_DATE_HO		9
+#define	BUILD_DATE_MI		33
+#define	BUILD_DATE_SE		22
 
 // Tolerable time difference
 #define	ALLOW_TIMESTAMP_DIFF		(UINT64)(3 * 24 * 60 * 60 * 1000)

src/Cedar/IPsec_L2TP.c

@@ -792,6 +792,12 @@ L2TP_PACKET *ParseL2TPPacket(UDPPACKET *p)
 			size -= 2;
 
 			a.DataSize = a.Length - 6;
+
+			if (a.DataSize > size)
+			{
+				goto LABEL_ERROR;
+			}
+
 			a.Data = Clone(buf, a.DataSize);
 
 			buf += a.DataSize;

src/Cedar/IPsec_PPP.c

@@ -291,7 +291,7 @@ void PPPThread(THREAD *thread, void *param)
 						ReadBuf(b, client_response_buffer, 49);
 
 						Zero(username_tmp, sizeof(username_tmp));
-						ReadBuf(b, username_tmp, sizeof(username_tmp));
+						ReadBuf(b, username_tmp, sizeof(username_tmp) - 1);
 
 						Debug("First MS-CHAPv2: id=%s\n", username_tmp);
 
@@ -977,7 +977,7 @@ PPP_PACKET *PPPProcessRequestPacket(PPP_SESSION *p, PPP_PACKET *req)
 					ReadBuf(b, client_response_buffer, 49);
 
 					Zero(username_tmp, sizeof(username_tmp));
-					ReadBuf(b, username_tmp, sizeof(username_tmp));
+					ReadBuf(b, username_tmp, sizeof(username_tmp) - 1);
 
 					client_challenge_16 = client_response_buffer + 0;
 					client_response_24 = client_response_buffer + 16 + 8;

src/Cedar/Interop_OpenVPN.c

@@ -2840,7 +2840,7 @@ bool OvsPerformTcpServer(CEDAR *cedar, SOCK *sock)
 			{
 				void *ptr = FifoPtr(tcp_recv_fifo);
 				USHORT packet_size = READ_USHORT(ptr);
-				if (packet_size <= OPENVPN_TCP_MAX_PACKET_SIZE)
+				if (packet_size != 0 && packet_size <= OPENVPN_TCP_MAX_PACKET_SIZE)
 				{
 					UINT total_len = (UINT)packet_size + sizeof(USHORT);
 					if (r >= total_len)

src/Cedar/Radius.c

@@ -1827,6 +1827,13 @@ bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT sec
 		if (encrypted_password == NULL)
 		{
 			// Encryption failure
+
+			// Release the ip_list
+			for(i = 0; i < LIST_NUM(ip_list); i++)
+			{
+				IP *tmp_ip = LIST_DATA(ip_list, i);
+				Free(tmp_ip);
+			}
 			ReleaseList(ip_list);
 			return false;
 		}

src/Cedar/Virtual.c

@@ -2250,6 +2250,7 @@ BUF *NnReadDnsRecord(BUF *buf, bool answer, USHORT *ret_type, USHORT *ret_class)
 		data = Malloc(data_len);
 		if (ReadBuf(buf, data, data_len) != data_len)
 		{
+			Free(data);
 			return false;
 		}
 

src/CurrentBuild.txt

@@ -1,4 +1,4 @@
-BUILD_NUMBER 9652
-VERSION 424
-BUILD_NAME beta
-BUILD_DATE 20171221_103443
+BUILD_NUMBER 9656
+VERSION 425
+BUILD_NAME rtm
+BUILD_DATE 20180115_093322

src/Mayaqua/Encrypt.c

@@ -1981,6 +1981,18 @@ X509 *NewX509(K *pub, K *priv, X *ca, NAME *name, UINT days, X_SERIAL *serial)
 		X509_EXTENSION_free(eku);
 	}
 
+	// Alternative subject name
+	if (UniIsEmptyStr(name->CommonName) == false)
+	{
+		char alt_dns[MAX_PATH];
+
+		Format(alt_dns, sizeof(alt_dns), "DNS.1:%S", name->CommonName);
+
+		ex = X509V3_EXT_conf_nid(NULL, NULL, NID_subject_alt_name,	alt_dns);
+		X509_add_ext(x509, ex, -1);
+		X509_EXTENSION_free(ex);
+	}
+
 	Lock(openssl_lock);
 	{
 		// Set the public key

src/Mayaqua/Memory.c

@@ -4313,6 +4313,21 @@ void Copy(void *dst, void *src, UINT size)
 	memcpy(dst, src, size);
 }
 
+// Memory move
+void Move(void *dst, void *src, UINT size)
+{
+	// Validate arguments
+	if (dst == NULL || src == NULL || size == 0 || dst == src)
+	{
+		return;
+	}
+
+	// KS
+	KS_INC(KS_COPY_COUNT);
+
+	memmove(dst, src, size);
+}
+
 // Memory comparison
 int Cmp(void *p1, void *p2, UINT size)
 {

src/Mayaqua/Memory.h

@@ -284,6 +284,7 @@ void *InternalReAlloc(void *addr, UINT size);
 void InternalFree(void *addr);
 
 void Copy(void *dst, void *src, UINT size);
+void Move(void *dst, void *src, UINT size);
 int Cmp(void *p1, void *p2, UINT size);
 int CmpCaseIgnore(void *p1, void *p2, UINT size);
 void ZeroMem(void *addr, UINT size);

src/Mayaqua/Network.c

@@ -7373,7 +7373,7 @@ bool StrToIP6(IP *ip, char *str)
 	if (StartWith(tmp, "[") && EndWith(tmp, "]"))
 	{
 		// If the string is enclosed in square brackets, remove brackets
-		StrCpy(tmp, sizeof(tmp), &tmp[1]);
+		StrCpyAllowOverlap(tmp, sizeof(tmp), &tmp[1]);
 
 		if (StrLen(tmp) >= 1)
 		{
@@ -12691,6 +12691,14 @@ bool RecvAll(SOCK *sock, void *data, UINT size, bool secure)
 		{
 			return false;
 		}
+		if (ret == SOCK_LATER)
+		{
+			// I suppose that this is safe because the RecvAll() function is used only 
+			// if the sock->AsyncMode == true. And the Recv() function may return
+			// SOCK_LATER only if the sock->AsyncMode == false. Therefore the call of 
+			// Recv() function in the RecvAll() function never returns SOCK_LATER.
+			return false;
+		}
 		recv_size += ret;
 		if (recv_size >= size)
 		{
@@ -17590,7 +17598,7 @@ void IPToInAddr6(struct in6_addr *addr, IP *ip)
 		return;
 	}
 
-	Zero(addr, sizeof(struct in_addr));
+	Zero(addr, sizeof(struct in6_addr));
 
 	if (IsIP6(ip))
 	{

src/Mayaqua/Pack.c

@@ -354,7 +354,7 @@ VALUE *ReadValue(BUF *b, UINT type)
 		break;
 	case VALUE_STR:			// ANSI string
 		len = ReadBufInt(b);
-		if ((len + 1) > MAX_VALUE_SIZE)
+		if (len > (MAX_VALUE_SIZE - 1))
 		{
 			// Size over
 			break;

src/Mayaqua/Str.c

@@ -3346,6 +3346,54 @@ UINT StrCpy(char *dst, UINT size, char *src)
 
 	return len;
 }
+UINT StrCpyAllowOverlap(char *dst, UINT size, char *src)
+{
+	UINT len;
+	// Validate arguments
+	if (dst == src)
+	{
+		return StrLen(src);
+	}
+	if (dst == NULL || src == NULL)
+	{
+		if (src == NULL && dst != NULL)
+		{
+			if (size >= 1)
+			{
+				dst[0] = '\0';
+			}
+		}
+		return 0;
+	}
+	if (size == 1)
+	{
+		dst[0] = '\0';
+		return 0;
+	}
+	if (size == 0)
+	{
+		// Ignore the length
+		size = 0x7fffffff;
+	}
+
+	// Check the length
+	len = StrLen(src);
+	if (len <= (size - 1))
+	{
+		Move(dst, src, len + 1);
+	}
+	else
+	{
+		len = size - 1;
+		Move(dst, src, len);
+		dst[len] = '\0';
+	}
+
+	// KS
+	KS_INC(KS_STRCPY_COUNT);
+
+	return len;
+}
 
 // Check whether the string buffer is within the specified size
 bool StrCheckSize(char *str, UINT size)

src/Mayaqua/Str.h

@@ -135,6 +135,7 @@ UINT StrSize(char *str);
 bool StrCheckLen(char *str, UINT len);
 bool StrCheckSize(char *str, UINT size);
 UINT StrCpy(char *dst, UINT size, char *src);
+UINT StrCpyAllowOverlap(char *dst, UINT size, char *src);
 UINT StrCat(char *dst, UINT size, char *src);
 UINT StrCatLeft(char *dst, UINT size, char *src);
 char ToLower(char c);

src/Mayaqua/TcpIp.c

@@ -174,14 +174,14 @@ ICMP_RESULT *IcmpParseResult(IP *dest_ip, USHORT src_id, USHORT src_seqno, UCHAR
 	if (true)
 	{
 		UINT ip_header_size = GetIpHeaderSize(recv_buffer, i);
-		if (ip_header_size >= sizeof(IPV4_HEADER))
+		if (ip_header_size >= sizeof(IPV4_HEADER) && (ip_header_size <= i))
 		{
 			IPV4_HEADER *ipv4 = (IPV4_HEADER *)recv_buffer;
 			if ((IPV4_GET_VERSION(ipv4) == 4) && (ipv4->Protocol == IP_PROTO_ICMPV4))
 			{
 				UINT ip_total_len = (UINT)Endian16(ipv4->TotalLength);
 
-				if ((ip_total_len >= sizeof(IPV4_HEADER)) && (ip_total_len <= i))
+				if ((ip_total_len >= sizeof(IPV4_HEADER)) && (ip_total_len <= i) && (ip_total_len >= ip_header_size))
 				{
 					UINT icmp_packet_size = ip_total_len - ip_header_size;
 					ICMP_HEADER *icmp = (ICMP_HEADER *)(recv_buffer + ip_header_size);
@@ -1957,7 +1957,7 @@ void CorrectChecksum(PKT *p)
 						{
 							udp->Checksum = 0;
 
-							if ((IPV4_GET_FLAGS(v4) & 0x01) == 0)
+							if ((IPV4_GET_FLAGS(v4) & 0x01) == 0 && (p->IPv4PayloadSize >= udp_len))
 							{
 								// Calculate the checksum correctly based on the data in case of a non-fragmented packet
 								udp->Checksum = CalcChecksumForIPv4(v4->SrcIP, v4->DstIP, IP_PROTO_UDP, udp, udp_len, 0);
@@ -2023,7 +2023,7 @@ void CorrectChecksum(PKT *p)
 						{
 							udp->Checksum = 0;
 
-							if (v6info->FragmentHeader == NULL || ((IPV6_GET_FLAGS(v6info->FragmentHeader) & IPV6_FRAGMENT_HEADER_FLAG_MORE_FRAGMENTS) == 0))
+							if ((v6info->FragmentHeader == NULL || ((IPV6_GET_FLAGS(v6info->FragmentHeader) & IPV6_FRAGMENT_HEADER_FLAG_MORE_FRAGMENTS) == 0)) && (v6info->PayloadSize >= udp_len))
 							{
 								// If the packet is not fragmented, recalculate the checksum
 								udp->Checksum = CalcChecksumForIPv6(&v6->SrcAddress, &v6->DestAddress, IP_PROTO_UDP, udp, udp_len, 0);
@@ -2868,6 +2868,7 @@ PKT *ParsePacketIPv4WithDummyMacHeader(UCHAR *buf, UINT size)
 {
 	UCHAR *tmp;
 	UINT tmp_size;
+	PKT *ret;
 	// Validate arguments
 	if (buf == NULL)
 	{
@@ -2880,7 +2881,14 @@ PKT *ParsePacketIPv4WithDummyMacHeader(UCHAR *buf, UINT size)
 	WRITE_USHORT(tmp + 12, MAC_PROTO_IPV4);
 	Copy(tmp + 14, buf, size);
 
-	return ParsePacket(tmp, tmp_size);
+	ret = ParsePacket(tmp, tmp_size);
+
+	if (ret == NULL)
+	{
+		Free(tmp);
+	}
+
+	return ret;
 }
 
 // IPv4 parsing

src/Mayaqua/Win32.c

@@ -548,7 +548,7 @@ DIRLIST *Win32EnumDirExW(wchar_t *dirname, COMPARE *compare)
 
 	UniStrCpy(tmp2, sizeof(tmp2), dirname);
 
-	if (UniStrLen(tmp2) >= 1 && tmp[UniStrLen(tmp2) - 1] == L'\\')
+	if (UniStrLen(tmp2) >= 1 && tmp2[UniStrLen(tmp2) - 1] == L'\\')
 	{
 		tmp2[UniStrLen(tmp2) - 1] = 0;
 	}

src/makefiles/freebsd_32bit.mak

@@ -1,7 +1,7 @@
 # SoftEther VPN Source Code
 # 
-# Copyright (c) 2012-2017 SoftEther VPN Project at University of Tsukuba, Japan.
-# Copyright (c) 2012-2017 Daiyuu Nobori.
+# Copyright (c) 2012-2018 SoftEther VPN Project at University of Tsukuba, Japan.
+# Copyright (c) 2012-2018 Daiyuu Nobori.
 # All Rights Reserved.
 # 
 # http://www.softether.org/

src/makefiles/freebsd_64bit.mak

@@ -1,7 +1,7 @@
 # SoftEther VPN Source Code
 # 
-# Copyright (c) 2012-2017 SoftEther VPN Project at University of Tsukuba, Japan.
-# Copyright (c) 2012-2017 Daiyuu Nobori.
+# Copyright (c) 2012-2018 SoftEther VPN Project at University of Tsukuba, Japan.
+# Copyright (c) 2012-2018 Daiyuu Nobori.
 # All Rights Reserved.
 # 
 # http://www.softether.org/

src/makefiles/linux_32bit.mak

@@ -1,7 +1,7 @@
 # SoftEther VPN Source Code
 # 
-# Copyright (c) 2012-2017 SoftEther VPN Project at University of Tsukuba, Japan.
-# Copyright (c) 2012-2017 Daiyuu Nobori.
+# Copyright (c) 2012-2018 SoftEther VPN Project at University of Tsukuba, Japan.
+# Copyright (c) 2012-2018 Daiyuu Nobori.
 # All Rights Reserved.
 # 
 # http://www.softether.org/

src/makefiles/linux_64bit.mak

@@ -1,7 +1,7 @@
 # SoftEther VPN Source Code
 # 
-# Copyright (c) 2012-2017 SoftEther VPN Project at University of Tsukuba, Japan.
-# Copyright (c) 2012-2017 Daiyuu Nobori.
+# Copyright (c) 2012-2018 SoftEther VPN Project at University of Tsukuba, Japan.
+# Copyright (c) 2012-2018 Daiyuu Nobori.
 # All Rights Reserved.
 # 
 # http://www.softether.org/

src/makefiles/macos_32bit.mak

@@ -1,7 +1,7 @@
 # SoftEther VPN Source Code
 # 
-# Copyright (c) 2012-2017 SoftEther VPN Project at University of Tsukuba, Japan.
-# Copyright (c) 2012-2017 Daiyuu Nobori.
+# Copyright (c) 2012-2018 SoftEther VPN Project at University of Tsukuba, Japan.
+# Copyright (c) 2012-2018 Daiyuu Nobori.
 # All Rights Reserved.
 # 
 # http://www.softether.org/

src/makefiles/macos_64bit.mak

@@ -1,7 +1,7 @@
 # SoftEther VPN Source Code
 # 
-# Copyright (c) 2012-2017 SoftEther VPN Project at University of Tsukuba, Japan.
-# Copyright (c) 2012-2017 Daiyuu Nobori.
+# Copyright (c) 2012-2018 SoftEther VPN Project at University of Tsukuba, Japan.
+# Copyright (c) 2012-2018 Daiyuu Nobori.
 # All Rights Reserved.
 # 
 # http://www.softether.org/

src/makefiles/openbsd_32bit.mak

@@ -1,7 +1,7 @@
 # SoftEther VPN Source Code
 # 
-# Copyright (c) 2012-2017 SoftEther VPN Project at University of Tsukuba, Japan.
-# Copyright (c) 2012-2017 Daiyuu Nobori.
+# Copyright (c) 2012-2018 SoftEther VPN Project at University of Tsukuba, Japan.
+# Copyright (c) 2012-2018 Daiyuu Nobori.
 # All Rights Reserved.
 # 
 # http://www.softether.org/

src/makefiles/openbsd_64bit.mak

@@ -1,7 +1,7 @@
 # SoftEther VPN Source Code
 # 
-# Copyright (c) 2012-2017 SoftEther VPN Project at University of Tsukuba, Japan.
-# Copyright (c) 2012-2017 Daiyuu Nobori.
+# Copyright (c) 2012-2018 SoftEther VPN Project at University of Tsukuba, Japan.
+# Copyright (c) 2012-2018 Daiyuu Nobori.
 # All Rights Reserved.
 # 
 # http://www.softether.org/

src/makefiles/solaris_32bit.mak

@@ -1,7 +1,7 @@
 # SoftEther VPN Source Code
 # 
-# Copyright (c) 2012-2017 SoftEther VPN Project at University of Tsukuba, Japan.
-# Copyright (c) 2012-2017 Daiyuu Nobori.
+# Copyright (c) 2012-2018 SoftEther VPN Project at University of Tsukuba, Japan.
+# Copyright (c) 2012-2018 Daiyuu Nobori.
 # All Rights Reserved.
 # 
 # http://www.softether.org/

src/makefiles/solaris_64bit.mak

@@ -1,7 +1,7 @@
 # SoftEther VPN Source Code
 # 
-# Copyright (c) 2012-2017 SoftEther VPN Project at University of Tsukuba, Japan.
-# Copyright (c) 2012-2017 Daiyuu Nobori.
+# Copyright (c) 2012-2018 SoftEther VPN Project at University of Tsukuba, Japan.
+# Copyright (c) 2012-2018 Daiyuu Nobori.
 # All Rights Reserved.
 # 
 # http://www.softether.org/

src/vpnweb/vpnweb.h

@@ -4,7 +4,7 @@
 
 
  /* File created by MIDL compiler version 7.00.0500 */
-/* at Thu Dec 21 10:34:58 2017
+/* at Mon Jan 15 09:33:38 2018
  */
 /* Compiler settings for .\vpnweb.idl:
     Oicf, W1, Zp8, env=Win32 (32b run)

src/vpnweb/vpnweb_i.c

@@ -6,7 +6,7 @@
 
 
  /* File created by MIDL compiler version 7.00.0500 */
-/* at Thu Dec 21 10:34:58 2017
+/* at Mon Jan 15 09:33:38 2018
  */
 /* Compiler settings for .\vpnweb.idl:
     Oicf, W1, Zp8, env=Win32 (32b run)

src/vpnweb/vpnweb_p.c

@@ -4,7 +4,7 @@
 
 
  /* File created by MIDL compiler version 7.00.0500 */
-/* at Thu Dec 21 10:34:58 2017
+/* at Mon Jan 15 09:33:38 2018
  */
 /* Compiler settings for .\vpnweb.idl:
     Oicf, W1, Zp8, env=Win32 (32b run)