SoftEtherVPN · gerhard-strauss-jambit · May 28, 2020 · May 28, 2020 · May 28, 2020
diff --git a/src/Cedar/Cedar.h b/src/Cedar/Cedar.h
@@ -129,7 +129,7 @@
 #define	CEDAR_VER					434
 
 // Build Number
-#define	CEDAR_BUILD					9745
+#define	CEDAR_BUILD					9746
 
 // Beta number
 //#define	BETA_NUMBER					3

diff --git a/src/Cedar/IPsec_IPC.c b/src/Cedar/IPsec_IPC.c
@@ -220,13 +220,13 @@ void IPCAsyncThreadProc(THREAD *thread, void *param)
 			Zero(&cao, sizeof(cao));
 
 			// Get an IP address from the DHCP server in the case of L3 mode
-			Debug("IPCDhcpAllocateIPEx() start...\n");
-			if (IPCDhcpAllocateIPEx(a->Ipc, &cao, a->TubeForDisconnect, a->Param.IsOpenVPN))
+			Debug("IPCDhcpAllocateIP() start...\n");
+			if (IPCDhcpAllocateIP(a->Ipc, &cao, a->TubeForDisconnect))
 			{
 				UINT t;
 				IP ip, subnet, gw;
 
-				Debug("IPCDhcpAllocateIPEx() Ok.\n");
+				Debug("IPCDhcpAllocateIP() Ok.\n");
 
 				// Calculate the DHCP update interval
 				t = cao.LeaseTime;
@@ -257,7 +257,7 @@ void IPCAsyncThreadProc(THREAD *thread, void *param)
 			}
 			else
 			{
-				Debug("IPCDhcpAllocateIPEx() Error.\n");
+				Debug("IPCDhcpAllocateIP() Error.\n");
 
 				a->DhcpAllocFailed = true;
 
@@ -809,47 +809,28 @@ bool IPCDhcpRequestInformIP(IPC *ipc, DHCP_OPTION_LIST *opt, TUBE *discon_poll_t
 
 // Make a request for IP addresses using DHCP
 bool IPCDhcpAllocateIP(IPC *ipc, DHCP_OPTION_LIST *opt, TUBE *discon_poll_tube)
-{
-	return IPCDhcpAllocateIPEx(ipc, opt, discon_poll_tube, false);
-}
-bool IPCDhcpAllocateIPEx(IPC *ipc, DHCP_OPTION_LIST *opt, TUBE *discon_poll_tube, bool openvpn_compatible)
 {
 	DHCP_OPTION_LIST req;
 	DHCPV4_DATA *d, *d2;
 	UINT tran_id = Rand32();
 	bool ok;
-	UINT request_ip = 0;
-	IP current_scanning_ip;
-	UCHAR current_scanning_addr8;
-	UCHAR begin_scanning_addr8;
-	UINT64 giveup = Tick64() + (UINT64)IPC_DHCP_TIMEOUT_TOTAL_GIVEUP;
-	LIST *release_list;
-	bool ret = false;
 	// Validate arguments
 	if (ipc == NULL || opt == NULL)
 	{
 		return false;
 	}
 
-	release_list = NewListFast(NULL);
-
-	Zero(&current_scanning_ip, sizeof(current_scanning_ip));
-	current_scanning_addr8 = 0;
-	begin_scanning_addr8 = 0;
-
-LABEL_RETRY_FOR_OPENVPN:
-	tran_id = Rand32();
 	// Send a DHCP Discover
 	Zero(&req, sizeof(req));
-	req.RequestedIp = request_ip;
+	req.RequestedIp = 0;
 	req.Opcode = DHCP_DISCOVER;
 	StrCpy(req.Hostname, sizeof(req.Hostname), ipc->ClientHostname);
 	IPCDhcpSetConditionalUserClass(ipc, &req);
 
 	d = IPCSendDhcpRequest(ipc, NULL, tran_id, &req, DHCP_OFFER, IPC_DHCP_TIMEOUT, discon_poll_tube);
 	if (d == NULL)
 	{
-		goto LABEL_CLEANUP;
+		return false;
 	}
 
 	// Analyze the DHCP Offer
@@ -878,75 +859,7 @@ bool IPCDhcpAllocateIPEx(IPC *ipc, DHCP_OPTION_LIST *opt, TUBE *discon_poll_tube
 	if (ok == false)
 	{
 		FreeDHCPv4Data(d);
-		goto LABEL_CLEANUP;
-	}
-
-	if (openvpn_compatible)
-	{
-		UINT ip = d->ParsedOptionList->ClientAddress;
-
-		if (OvsIsCompatibleL3IP(ip) == false)
-		{
-			char tmp[64];
-
-			DHCP_OPTION_LIST req;
-			IPC_DHCP_RELESAE_QUEUE *q;
-
-			// If the offered IP address is not used, place the address
-			// in release memo list to release at the end of this function
-			Zero(&req, sizeof(req));
-			req.Opcode = DHCP_RELEASE;
-			req.ServerAddress = d->ParsedOptionList->ServerAddress;
-
-			q = ZeroMalloc(sizeof(IPC_DHCP_RELESAE_QUEUE));
-			Copy(&q->Req, &req, sizeof(DHCP_OPTION_LIST));
-			q->TranId = tran_id;
-			Copy(q->MacAddress, ipc->MacAddress, 6);
-
-			Add(release_list, q);
-
-			FreeDHCPv4Data(d);
-
-			if (Tick64() >= giveup)
-			{
-				goto LABEL_CLEANUP;
-			}
-
-			if (IsZero(&current_scanning_ip, sizeof(IP)))
-			{
-				UINTToIP(&current_scanning_ip, ip);
-				current_scanning_addr8 = current_scanning_ip.addr[3];
-
-				if ((current_scanning_addr8 % 4) != 1)
-				{
-					current_scanning_addr8 = (UCHAR)(((((UINT)current_scanning_addr8 - 1) / 4) + 1) * 4 + 1);
-				}
-
-				begin_scanning_addr8 = current_scanning_addr8;
-			}
-			else
-			{
-				current_scanning_addr8 += 4;
-
-				if (current_scanning_addr8 == begin_scanning_addr8)
-				{
-					goto LABEL_CLEANUP;
-				}
-			}
-
-			current_scanning_ip.addr[3] = current_scanning_addr8;
-
-			request_ip = IPToUINT(&current_scanning_ip);
-
-			IPToStr32(tmp, sizeof(tmp), request_ip);
-
-			// Generate another MAC address
-			ipc->MacAddress[5]++;
-
-			Debug("Trying Allocating IP for OpenVPN: %s\n", tmp);
-
-			goto LABEL_RETRY_FOR_OPENVPN;
-		}
+		return false;
 	}
 
 	// Send a DHCP Request
@@ -961,7 +874,7 @@ bool IPCDhcpAllocateIPEx(IPC *ipc, DHCP_OPTION_LIST *opt, TUBE *discon_poll_tube
 	if (d2 == NULL)
 	{
 		FreeDHCPv4Data(d);
-		goto LABEL_CLEANUP;
+		return false;
 	}
 
 	// Analyze the DHCP Ack
@@ -991,42 +904,15 @@ bool IPCDhcpAllocateIPEx(IPC *ipc, DHCP_OPTION_LIST *opt, TUBE *discon_poll_tube
 	{
 		FreeDHCPv4Data(d);
 		FreeDHCPv4Data(d2);
-		goto LABEL_CLEANUP;
+		return false;
 	}
 
 	Copy(opt, d2->ParsedOptionList, sizeof(DHCP_OPTION_LIST));
 
 	FreeDHCPv4Data(d);
 	FreeDHCPv4Data(d2);
 
-	ret = true;
-
-LABEL_CLEANUP:
-	if (release_list != NULL)
-	{
-		// Release the IP address that was acquired from the DHCP server to no avail on the way
-		UINT i;
-		UCHAR mac_backup[6];
-
-		Copy(mac_backup, ipc->MacAddress, 6);
-
-		for (i = 0;i < LIST_NUM(release_list);i++)
-		{
-			IPC_DHCP_RELESAE_QUEUE *q = LIST_DATA(release_list, i);
-
-			Copy(ipc->MacAddress, q->MacAddress, 6);
-			FreeDHCPv4Data(IPCSendDhcpRequest(ipc, NULL, q->TranId, &q->Req, 0, 0, NULL));
-
-			IPCProcessInterrupts(ipc);
-
-			Free(q);
-		}
-
-		Copy(ipc->MacAddress, mac_backup, 6);
-
-		ReleaseList(release_list);
-	}
-	return ret;
+	return true;
 }
 
 // Send out a DHCP request, and wait for a corresponding response

diff --git a/src/Cedar/IPsec_IPC.h b/src/Cedar/IPsec_IPC.h
@@ -109,7 +109,6 @@
 #define	IPC_ARP_LIFETIME				(3 * 60 * 1000)
 #define	IPC_ARP_GIVEUPTIME				(1 * 1000)
 #define	IPC_DHCP_TIMEOUT				(5 * 1000)
-#define	IPC_DHCP_TIMEOUT_TOTAL_GIVEUP	(20 * 1000)
 #define	IPC_DHCP_MIN_LEASE				5
 #define	IPC_DHCP_DEFAULT_LEASE			3600
 
@@ -166,7 +165,6 @@ struct IPC_PARAM
 	bool BridgeMode;
 	UINT Mss;
 	bool IsL3Mode;
-	bool IsOpenVPN;
 	X *ClientCertificate;
 	UINT Layer;
 };
@@ -263,7 +261,6 @@ DHCPV4_DATA *IPCSendDhcpRequest(IPC *ipc, IP *dest_ip, UINT tran_id, DHCP_OPTION
 BUF *IPCBuildDhcpRequest(IPC *ipc, IP *dest_ip, UINT tran_id, DHCP_OPTION_LIST *opt);
 BUF *IPCBuildDhcpRequestOptions(IPC *ipc, DHCP_OPTION_LIST *opt);
 bool IPCDhcpAllocateIP(IPC *ipc, DHCP_OPTION_LIST *opt, TUBE *discon_poll_tube);
-bool IPCDhcpAllocateIPEx(IPC *ipc, DHCP_OPTION_LIST *opt, TUBE *discon_poll_tube, bool openvpn_compatible);
 bool IPCDhcpRequestInformIP(IPC *ipc, DHCP_OPTION_LIST *opt, TUBE *discon_poll_tube, IP *client_ip);
 void IPCDhcpRenewIP(IPC *ipc, IP *dhcp_server);
 void IPCDhcpFreeIP(IPC *ipc, IP *dhcp_server);

diff --git a/src/Cedar/Interop_OpenVPN.c b/src/Cedar/Interop_OpenVPN.c
@@ -713,8 +713,6 @@ void OvsBeginIPCAsyncConnectionIfEmpty(OPENVPN_SERVER *s, OPENVPN_SESSION *se, O
 			}
 		}
 
-		p.IsOpenVPN = true;
-
 		p.Layer = (se->Mode == OPENVPN_MODE_L2) ? IPC_LAYER_2 : IPC_LAYER_3;
 
 		// Calculate the MSS
@@ -2008,9 +2006,6 @@ void OvsRecvPacket(OPENVPN_SERVER *s, LIST *recv_packet_list, UINT protocol)
 									// if the L3 mode to the option character string
 									DHCP_OPTION_LIST *cao = &se->IpcAsync->L3ClientAddressOption;
 									char ip_client[64];
-									char ip_tunnel_endpoint[64];
-									UINT ip_tunnel_endpoint_32;
-									char ip_network[64];
 									char ip_subnet_mask[64];
 									char ip_dns1[64];
 									char ip_dns2[64];
@@ -2027,25 +2022,17 @@ void OvsRecvPacket(OPENVPN_SERVER *s, LIST *recv_packet_list, UINT protocol)
 									IPToStr32(ip_client, sizeof(ip_client),
 										cao->ClientAddress);
 
-									// Generate a virtual gateway address to be passed to the OpenVPN
-									ip_tunnel_endpoint_32 = Endian32(cao->ClientAddress);
-									ip_tunnel_endpoint_32++;
-									ip_tunnel_endpoint_32 = Endian32(ip_tunnel_endpoint_32);
-									IPToStr32(ip_tunnel_endpoint, sizeof(ip_tunnel_endpoint), ip_tunnel_endpoint_32);
-
-									// Create a subnet information for the LAN
-									IPToStr32(ip_network, sizeof(ip_network),
-										GetNetworkAddress(cao->ClientAddress,
-										cao->SubnetMask));
-
 									IPToStr32(ip_subnet_mask, sizeof(ip_subnet_mask),
 										cao->SubnetMask);
 
+									Format(l3_options, sizeof(l3_options),
+										",topology subnet");
+									StrCat(option_str, sizeof(option_str), l3_options);
+
 									Format(l3_options, sizeof(l3_options),
 										",ifconfig %s %s",
-//										",ifconfig %s %s,route %s %s %s 1",
-										ip_client, ip_tunnel_endpoint, ip_network, ip_subnet_mask,
-										ip_tunnel_endpoint);
+										ip_client,
+										ip_subnet_mask);
 									StrCat(option_str, sizeof(option_str), l3_options);
 
 									// Domain name
@@ -2107,11 +2094,13 @@ void OvsRecvPacket(OPENVPN_SERVER *s, LIST *recv_packet_list, UINT protocol)
 									// Default gateway
 									if (cao->Gateway != 0)
 									{
+										char ip_str[64];
+										IPToStr32(ip_str, sizeof(ip_str), cao->Gateway);
 										Format(l3_options, sizeof(l3_options),
-											",route-gateway %s,redirect-gateway def1", ip_tunnel_endpoint);
+											",route-gateway %s,redirect-gateway def1", ip_str);
 										StrCat(option_str, sizeof(option_str), l3_options);
 
-										IPToStr32(ip_defgw, sizeof(ip_defgw), cao->Gateway);
+										StrCpy(ip_defgw, sizeof(ip_defgw), ip_str);
 									}
 									else
 									{
@@ -2571,36 +2560,6 @@ int OvsCompareSessionList(void *p1, void *p2)
 	return 0;
 }
 
-// Identify whether the IP address is compatible to the tun device of OpenVPN
-bool OvsIsCompatibleL3IP(UINT ip)
-{
-	IP p;
-
-	UINTToIP(&p, ip);
-	if ((p.addr[3] % 4) == 1)
-	{
-		return true;
-	}
-
-	return false;
-}
-
-// Get an IP address that is compatible to tun device of the OpenVPN after the specified IP address
-UINT OvsGetCompatibleL3IPNext(UINT ip)
-{
-	ip = Endian32(ip);
-
-	while (true)
-	{
-		if (OvsIsCompatibleL3IP(Endian32(ip)))
-		{
-			return Endian32(ip);
-		}
-
-		ip++;
-	}
-}
-
 // Create a new OpenVPN server
 OPENVPN_SERVER *NewOpenVpnServer(CEDAR *cedar, INTERRUPT_MANAGER *interrupt, SOCK_EVENT *sock_event)
 {

diff --git a/src/Cedar/Interop_OpenVPN.h b/src/Cedar/Interop_OpenVPN.h
@@ -362,8 +362,6 @@ void OvsAddOption(LIST *o, char *key, char *value);
 bool OvsHasOption(LIST *o, char *key);
 UINT OvsPeekStringFromFifo(FIFO *f, char *str, UINT str_size);
 void OvsBeginIPCAsyncConnectionIfEmpty(OPENVPN_SERVER *s, OPENVPN_SESSION *se, OPENVPN_CHANNEL *c);
-bool OvsIsCompatibleL3IP(UINT ip);
-UINT OvsGetCompatibleL3IPNext(UINT ip);
 UINT OvsCalcTcpMss(OPENVPN_SERVER *s, OPENVPN_SESSION *se, OPENVPN_CHANNEL *c);
 
 CIPHER *OvsGetCipher(char *name);

diff --git a/src/CurrentBuild.txt b/src/CurrentBuild.txt
@@ -1,4 +1,4 @@
-BUILD_NUMBER 9745
+BUILD_NUMBER 9746
 VERSION 434
 BUILD_NAME beta
-BUILD_DATE 20200405_232052
+BUILD_DATE 20200528_140700