1 // SoftEther VPN Source Code - Stable Edition Repository 2 // Cedar Communication Module 3 // 4 // SoftEther VPN Server, Client and Bridge are free software under the Apache License, Version 2.0. 5 // 6 // Copyright (c) Daiyuu Nobori. 7 // Copyright (c) SoftEther VPN Project, University of Tsukuba, Japan. 8 // Copyright (c) SoftEther Corporation. 9 // Copyright (c) all contributors on SoftEther VPN project in GitHub. 10 // 11 // All Rights Reserved. 12 // 13 // http://www.softether.org/ 14 // 15 // This stable branch is officially managed by Daiyuu Nobori, the owner of SoftEther VPN Project. 16 // Pull requests should be sent to the Developer Edition Master Repository on https://github.com/SoftEtherVPN/SoftEtherVPN 17 // 18 // License: The Apache License, Version 2.0 19 // https://www.apache.org/licenses/LICENSE-2.0 20 // 21 // DISCLAIMER 22 // ========== 23 // 24 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 25 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 26 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 27 // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 28 // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 29 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 30 // SOFTWARE. 31 // 32 // THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN, UNDER 33 // JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY, MERGE, PUBLISH, 34 // DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS SOFTWARE, THAT ANY 35 // JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS SOFTWARE OR ITS CONTENTS, 36 // AGAINST US (SOFTETHER PROJECT, SOFTETHER CORPORATION, DAIYUU NOBORI OR OTHER 37 // SUPPLIERS), OR ANY JURIDICAL DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND 38 // OF USING, COPYING, MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, 39 // AND/OR SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND 40 // CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO EXCLUSIVE 41 // JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO, JAPAN. YOU MUST WAIVE 42 // ALL DEFENSES OF LACK OF PERSONAL JURISDICTION AND FORUM NON CONVENIENS. 43 // PROCESS MAY BE SERVED ON EITHER PARTY IN THE MANNER AUTHORIZED BY APPLICABLE 44 // LAW OR COURT RULE. 45 // 46 // USE ONLY IN JAPAN. DO NOT USE THIS SOFTWARE IN ANOTHER COUNTRY UNLESS YOU HAVE 47 // A CONFIRMATION THAT THIS SOFTWARE DOES NOT VIOLATE ANY CRIMINAL LAWS OR CIVIL 48 // RIGHTS IN THAT PARTICULAR COUNTRY. USING THIS SOFTWARE IN OTHER COUNTRIES IS 49 // COMPLETELY AT YOUR OWN RISK. THE SOFTETHER VPN PROJECT HAS DEVELOPED AND 50 // DISTRIBUTED THIS SOFTWARE TO COMPLY ONLY WITH THE JAPANESE LAWS AND EXISTING 51 // CIVIL RIGHTS INCLUDING PATENTS WHICH ARE SUBJECTS APPLY IN JAPAN. OTHER 52 // COUNTRIES' LAWS OR CIVIL RIGHTS ARE NONE OF OUR CONCERNS NOR RESPONSIBILITIES. 53 // WE HAVE NEVER INVESTIGATED ANY CRIMINAL REGULATIONS, CIVIL LAWS OR 54 // INTELLECTUAL PROPERTY RIGHTS INCLUDING PATENTS IN ANY OF OTHER 200+ COUNTRIES 55 // AND TERRITORIES. BY NATURE, THERE ARE 200+ REGIONS IN THE WORLD, WITH 56 // DIFFERENT LAWS. IT IS IMPOSSIBLE TO VERIFY EVERY COUNTRIES' LAWS, REGULATIONS 57 // AND CIVIL RIGHTS TO MAKE THE SOFTWARE COMPLY WITH ALL COUNTRIES' LAWS BY THE 58 // PROJECT. EVEN IF YOU WILL BE SUED BY A PRIVATE ENTITY OR BE DAMAGED BY A 59 // PUBLIC SERVANT IN YOUR COUNTRY, THE DEVELOPERS OF THIS SOFTWARE WILL NEVER BE 60 // LIABLE TO RECOVER OR COMPENSATE SUCH DAMAGES, CRIMINAL OR CIVIL 61 // RESPONSIBILITIES. NOTE THAT THIS LINE IS NOT LICENSE RESTRICTION BUT JUST A 62 // STATEMENT FOR WARNING AND DISCLAIMER. 63 // 64 // READ AND UNDERSTAND THE 'WARNING.TXT' FILE BEFORE USING THIS SOFTWARE. 65 // SOME SOFTWARE PROGRAMS FROM THIRD PARTIES ARE INCLUDED ON THIS SOFTWARE WITH 66 // LICENSE CONDITIONS WHICH ARE DESCRIBED ON THE 'THIRD_PARTY.TXT' FILE. 67 // 68 // 69 // SOURCE CODE CONTRIBUTION 70 // ------------------------ 71 // 72 // Your contribution to SoftEther VPN Project is much appreciated. 73 // Please send patches to us through GitHub. 74 // Read the SoftEther VPN Patch Acceptance Policy in advance: 75 // http://www.softether.org/5-download/src/9.patch 76 // 77 // 78 // DEAR SECURITY EXPERTS 79 // --------------------- 80 // 81 // If you find a bug or a security vulnerability please kindly inform us 82 // about the problem immediately so that we can fix the security problem 83 // to protect a lot of users around the world as soon as possible. 84 // 85 // Our e-mail address for security reports is: 86 // softether-vpn-security [at] softether.org 87 // 88 // Please note that the above e-mail address is not a technical support 89 // inquiry address. If you need technical assistance, please visit 90 // http://www.softether.org/ and ask your question on the users forum. 91 // 92 // Thank you for your cooperation. 93 // 94 // 95 // NO MEMORY OR RESOURCE LEAKS 96 // --------------------------- 97 // 98 // The memory-leaks and resource-leaks verification under the stress 99 // test has been passed before release this source code. 100 101 102 // Server.h 103 // Header of Server.c 104 105 #ifndef SERVER_H 106 #define SERVER_H 107 108 // Default ports 109 #define SERVER_DEF_PORTS_1 443 110 #define SERVER_DEF_PORTS_2 992 111 #define SERVER_DEF_PORTS_3 1194 112 #define SERVER_DEF_PORTS_4 GC_DEFAULT_PORT 113 114 #define SERVER_DEF_PORTS_INCLIENT_1 995 115 #define SERVER_DEF_PORTS_INCLIENT_2 465 116 #define SERVER_DEF_PORTS_INCLIENT_3 9008 // for admin (in client) 117 #define SERVER_DEF_PORTS_INCLIENT_4 1195 118 119 #define SERVER_DEF_PORTS_INCLIENT_DYN_MIN 1201 120 #define SERVER_DEF_PORTS_INCLIENT_DYN_MAX 1999 121 122 extern char *SERVER_CONFIG_FILE_NAME; 123 #define SERVER_DEFAULT_CIPHER_NAME "AES128-SHA" 124 #define SERVER_DEFAULT_CERT_DAYS (365 * 10) 125 #define SERVER_DEFAULT_HUB_NAME "DEFAULT" 126 #define SERVER_DEFAULT_BRIDGE_NAME "BRIDGE" 127 #define SERVER_CONTROL_TCP_TIMEOUT (60 * 1000) 128 #define SERVER_FARM_CONTROL_INTERVAL (10 * 1000) 129 130 #define SERVER_FILE_SAVE_INTERVAL_DEFAULT (5 * 60 * 1000) 131 #define SERVER_FILE_SAVE_INTERVAL_MIN (5 * 1000) 132 #define SERVER_FILE_SAVE_INTERVAL_MAX (3600 * 1000) 133 #define SERVER_FILE_SAVE_INTERVAL_USERMODE (1 * 60 * 1000) 134 135 #define SERVER_LICENSE_VIOLATION_SPAN (SERVER_FARM_CONTROL_INTERVAL * 2) 136 137 138 #define SERVER_DEADLOCK_CHECK_SPAN (2 * 60 * 1000) 139 #define SERVER_DEADLOCK_CHECK_TIMEOUT (10 * 60 * 1000) 140 141 142 #define RETRY_CONNECT_TO_CONTROLLER_INTERVAL (1 * 1000) 143 144 #define MAX_PUBLIC_PORT_NUM 128 145 146 #define MEMBER_SELECTOR_TXT_FILENAME "$member_selector.config" 147 #define MEMBER_SELECTOR_CONNECT_TIMEOUT 2000 148 #define MEMBER_SELECTOR_DATA_TIMEOUT 5000 149 150 #define FIRM_SERV_RECV_PACK_MAX_SIZE (100 * 1024 * 1024) 151 152 153 // Virtual HUB list hosted by each farm member 154 struct HUB_LIST 155 { 156 struct FARM_MEMBER *FarmMember; // Farm member 157 bool DynamicHub; // Dynamic HUB 158 char Name[MAX_HUBNAME_LEN + 1]; // HUB Name 159 UINT NumSessions; // Number of sessions 160 UINT NumSessionsClient; // Number of client sessions 161 UINT NumSessionsBridge; // Number of bridge sessions 162 UINT NumMacTables; // Number of MAC table entries 163 UINT NumIpTables; // Number of IP table entries 164 }; 165 166 // Task 167 struct FARM_TASK 168 { 169 EVENT *CompleteEvent; // Completion notice 170 PACK *Request; // Request 171 PACK *Response; // Response 172 FARM_MEMBER *FarmMember; // Destination farm member 173 char TaskName[MAX_PATH]; // Task name 174 char HostName[MAX_PATH]; // Host name 175 }; 176 177 // Farm member 178 struct FARM_MEMBER 179 { 180 CEDAR *Cedar; // Cedar 181 UINT64 ConnectedTime; // Connection date and time 182 UINT Me; // Myself 183 UINT Ip; // IP address 184 UINT NumPort; // Number of port numbers 185 UINT *Ports; // Port number 186 char hostname[MAX_HOST_NAME_LEN + 1]; // Host name 187 X *ServerCert; // Server certificate 188 LIST *HubList; // Virtual HUB list 189 QUEUE *TaskQueue; // Task queue 190 EVENT *TaskPostEvent; // Task queuing event 191 UINT Point; // Point 192 volatile bool Halting; // Stopped 193 UINT NumSessions; // Number of sessions 194 UINT MaxSessions; // Maximum number of sessions 195 UINT NumTcpConnections; // Number of TCP connections 196 TRAFFIC Traffic; // Traffic information 197 UINT AssignedClientLicense; // Number of assigned client licenses 198 UINT AssignedBridgeLicense; // Number of assigned bridge licenses 199 UINT Weight; // Performance ratio 200 UCHAR RandomKey[SHA1_SIZE]; // Random number key (license check) 201 UINT64 SystemId; // System ID (license check) 202 }; 203 204 // Connection to the farm controller 205 struct FARM_CONTROLLER 206 { 207 LOCK *lock; // Lock 208 struct SERVER *Server; // Server 209 THREAD *Thread; // Thread 210 SOCK *Sock; // Socket 211 SESSION *Session; // Session 212 volatile bool Halt; // Halting flag 213 EVENT *HaltEvent; // Halting event 214 UINT LastError; // Last error 215 bool Online; // Online flag 216 UINT64 StartedTime; // Connection start time 217 UINT64 CurrentConnectedTime; // Connection time of this time 218 UINT64 FirstConnectedTime; // First connection time 219 UINT NumConnected; // Number of connection count 220 UINT NumTry; // Number of trials 221 UINT NumFailed; // Connection failure count 222 bool IsConnected; // Whether it's connected 223 }; 224 225 // Server listener 226 struct SERVER_LISTENER 227 { 228 UINT Port; // Port number 229 bool Enabled; // Active flag 230 LISTENER *Listener; // Listener object 231 bool DisableDos; // Disable the DoS detection 232 }; 233 234 // Syslog configuration 235 struct SYSLOG_SETTING 236 { 237 UINT SaveType; // Save type 238 char Hostname[MAX_HOST_NAME_LEN + 1]; // Host name 239 UINT Port; // Port number 240 }; 241 242 // Setting of SSTP and OpenVPN 243 struct OPENVPN_SSTP_CONFIG 244 { 245 bool EnableOpenVPN; // OpenVPN is enabled 246 char OpenVPNPortList[MAX_SIZE]; // OpenVPN UDP port number list 247 bool EnableSSTP; // SSTP is enabled 248 }; 249 250 // Server object 251 struct SERVER 252 { 253 UINT ServerType; // Type of server 254 UINT UpdatedServerType; // Type of updated server 255 LIST *ServerListenerList; // Server listener list 256 UCHAR HashedPassword[SHA1_SIZE]; // Password 257 char ControllerName[MAX_HOST_NAME_LEN + 1]; // Controller name 258 UINT ControllerPort; // Controller port 259 UINT Weight; // Performance ratio 260 bool ControllerOnly; // Only controller function 261 UCHAR MemberPassword[SHA1_SIZE]; // Password for farm members 262 UINT PublicIp; // Public IP 263 UINT NumPublicPort; // Number of public ports 264 UINT *PublicPorts; // Public port array 265 UINT64 StartTime; // Start-up time 266 UINT AutoSaveConfigSpan; // Auto save interval 267 UINT AutoSaveConfigSpanSaved; // Auto save interval (stored value) 268 bool DontBackupConfig; // Do not save a backup of the configuration automatically 269 bool BackupConfigOnlyWhenModified; // Save a backup of the configuration only if there is a modification 270 UINT ConfigRevision; // Configuration file revision 271 bool DisableDosProction; // Disable the DoS attack protection 272 UCHAR MyRandomKey[SHA1_SIZE]; // Their own random key 273 bool FarmControllerInited; // Initialization of farm controller has been completed 274 bool DisableDeadLockCheck; // Disable the deadlock check 275 bool UseWebUI; // Use the WebUI 276 bool SaveDebugLog; // Save the debug log 277 bool NoSendSignature; // Let the client not to send a signature 278 bool UseWebTimePage; // Use WebTimePage 279 bool NoLinuxArpFilter; // Not to set arp_filter in Linux 280 bool NoHighPriorityProcess; // Not to raise the priority of the process 281 bool NoDebugDump; // Not to output the debug dump 282 bool DisableSSTPServer; // Disable the SSTP server function 283 bool DisableOpenVPNServer; // Disable the OpenVPN server function 284 bool DisableNatTraversal; // Disable the NAT-traversal feature 285 bool EnableVpnOverIcmp; // VPN over ICMP is enabled 286 bool EnableVpnOverDns; // VPN over DNS is enabled 287 bool DisableIntelAesAcceleration; // Disable the Intel AES acceleration 288 bool NoMoreSave; // Do not save any more 289 bool EnableConditionalAccept; // Apply the Conditional Accept the Listener 290 bool EnableLegacySSL; // Enable Legacy SSL 291 bool DisableIPsecAggressiveMode; // Disable IPsec Aggressive Mode 292 293 volatile bool Halt; // Halting flag 294 LOCK *lock; // Lock 295 REF *ref; // Reference counter 296 CEDAR *Cedar; // Cedar 297 CFG_RW *CfgRw; // Configuration file R/W 298 LOCK *SaveCfgLock; // Settings saving lock 299 EVENT *SaveHaltEvent; // Saving thread halting event 300 THREAD *SaveThread; // Settings saving thread 301 FARM_CONTROLLER *FarmController; // Farm controller 302 LOCK *TasksFromFarmControllerLock; // Lock while processing tasks from farm controller 303 LIST *FarmMemberList; // Farm members list 304 FARM_MEMBER *Me; // Register myself as a farm member 305 THREAD *FarmControlThread; // Farm control thread 306 EVENT *FarmControlThreadHaltEvent; // Farm control thread halting event 307 LIST *HubCreateHistoryList; // Virtual HUB creation history list 308 309 KEEP *Keep; // Maintaining connections 310 LOG *Logger; // Server logger 311 ERASER *Eraser; // Eraser 312 313 bool Led; // Use the LED display board 314 bool LedSpecial; // LED Special 315 316 UINT CurrentTotalNumSessionsOnFarm; // Total number of sessions in this server farm 317 UINT CurrentAssignedClientLicense; // Current number of assigned client licenses 318 UINT CurrentAssignedBridgeLicense; // Current number of assigned bridge license 319 320 321 LOCK *SyslogLock; // The lock of the syslog configuration 322 SYSLOG_SETTING SyslogSetting; // Syslog configuration 323 SLOG *Syslog; // Syslog object 324 325 LOCK *CapsCacheLock; // Lock for Caps cache 326 CAPSLIST *CapsListCache; // Caps cache 327 UINT LicenseHash; // Hash value of the license list 328 329 bool SnapshotInited; 330 EVENT *SnapshotHaltEvent; // Snapshot halting event 331 volatile bool HaltSnapshot; // Snapshot halting flag 332 THREAD *SnapshotThread; // Snapshot thread 333 LOG *SnapshotLogger; // Snapshot logger 334 UINT64 LastSnapshotTime; // Time that the last snapshot created 335 336 THREAD *DeadLockCheckThread; // Deadlock check thread 337 volatile bool HaltDeadLockThread; // Halting flag 338 EVENT *DeadLockWaitEvent; // Waiting Event 339 340 IPSEC_SERVER *IPsecServer; // IPsec server function 341 OPENVPN_SERVER_UDP *OpenVpnServerUdp; // OpenVPN server function 342 char OpenVpnServerUdpPorts[MAX_SIZE]; // UDP port list string 343 DDNS_CLIENT *DDnsClient; // DDNS client feature 344 LOCK *OpenVpnSstpConfigLock; // Lock OpenVPN and SSTP configuration 345 346 AZURE_CLIENT *AzureClient; // VPN Azure client 347 bool EnableVpnAzure; // Flag whether VPN Azure client is enabled 348 349 bool DisableGetHostNameWhenAcceptTcp; // Disable GetHostName when accepting TCP 350 bool DisableCoreDumpOnUnix; // Disable core dump on UNIX 351 352 TINY_LOG *DebugLog; // Debug log 353 354 DYNAMIC_LISTENER *DynListenerIcmp; // VPN over ICMP listener 355 DYNAMIC_LISTENER *DynListenerDns; // VPN over DNS listener 356 357 bool IPsecMessageDisplayed; // Flag for whether the message about IPsec is displayed 358 359 bool IsInVm; // Whether I'm within the VM 360 361 362 363 volatile UINT NatTGlobalUdpPort; // NAT-T global UDP port 364 365 bool StrictSyslogDatetimeFormat; // Make syslog datetime format strict RFC3164 366 bool DisableJsonRpcWebApi; // Disable JSON-RPC Web API 367 }; 368 369 370 // Enumerate sessions * 371 struct RPC_ENUM_SESSION 372 { 373 char HubName[MAX_HUBNAME_LEN + 1]; // HUB Name 374 UINT NumSession; // Number of sessions 375 struct RPC_ENUM_SESSION_ITEM *Sessions; // Session list 376 }; 377 378 // Session status * 379 struct RPC_SESSION_STATUS 380 { 381 char HubName[MAX_HUBNAME_LEN + 1]; // HUB Name 382 char Name[MAX_SESSION_NAME_LEN + 1]; // Session name 383 char Username[MAX_USERNAME_LEN + 1]; // User name 384 char RealUsername[MAX_USERNAME_LEN + 1]; // Real user name 385 char GroupName[MAX_USERNAME_LEN + 1]; // Group name 386 bool LinkMode; // Link mode 387 RPC_CLIENT_GET_CONNECTION_STATUS Status; // Status 388 UINT ClientIp; // Client IP address 389 UCHAR ClientIp6[16]; // Client IPv6 address 390 IP ClientIpAddress; // Client IP address (IPv4/IPv6) 391 char ClientHostName[MAX_HOST_NAME_LEN + 1]; // Client host name 392 NODE_INFO NodeInfo; // Node information 393 }; 394 395 396 // Type of server 397 #define SERVER_TYPE_STANDALONE 0 // Stand-alone server 398 #define SERVER_TYPE_FARM_CONTROLLER 1 // Farm controller server 399 #define SERVER_TYPE_FARM_MEMBER 2 // Farm member server 400 401 402 // Caps related 403 struct CAPS 404 { 405 char *Name; // Name 406 UINT Value; // Value 407 }; 408 struct CAPSLIST 409 { 410 LIST *CapsList; // Caps list 411 }; 412 413 // Log file 414 struct LOG_FILE 415 { 416 char Path[MAX_PATH]; // Path name 417 char ServerName[MAX_HOST_NAME_LEN + 1]; // Server name 418 UINT FileSize; // File size 419 UINT64 UpdatedTime; // Updating date 420 }; 421 422 423 // Global server flags 424 #define NUM_GLOBAL_SERVER_FLAGS 128 425 #define GSF_DISABLE_PUSH_ROUTE 1 426 #define GSF_DISABLE_RADIUS_AUTH 2 427 #define GSF_DISABLE_CERT_AUTH 3 428 #define GSF_DISABLE_DEEP_LOGGING 4 429 #define GSF_DISABLE_AC 5 430 #define GSF_DISABLE_SYSLOG 6 431 #define GSF_SHOW_OSS_MSG 7 432 #define GSF_LOCALBRIDGE_NO_DISABLE_OFFLOAD 8 433 #define GSF_DISABLE_SESSION_RECONNECT 9 434 435 // Global parameters 436 #define NUM_GLOBAL_PARAMS 128 437 #define GP_MAX_SEND_SOCKET_QUEUE_SIZE 1 438 #define GP_MIN_SEND_SOCKET_QUEUE_SIZE 2 439 #define GP_MAX_SEND_SOCKET_QUEUE_NUM 3 440 #define GP_SELECT_TIME 4 441 #define GP_SELECT_TIME_FOR_NAT 5 442 #define GP_MAX_STORED_QUEUE_NUM 6 443 #define GP_MAX_BUFFERING_PACKET_SIZE 7 444 #define GP_HUB_ARP_SEND_INTERVAL 8 445 #define GP_MAC_TABLE_EXPIRE_TIME 9 446 #define GP_IP_TABLE_EXPIRE_TIME 10 447 #define GP_IP_TABLE_EXPIRE_TIME_DHCP 11 448 #define GP_STORM_CHECK_SPAN 12 449 #define GP_STORM_DISCARD_VALUE_START 13 450 #define GP_STORM_DISCARD_VALUE_END 14 451 #define GP_MAX_MAC_TABLES 15 452 #define GP_MAX_IP_TABLES 16 453 #define GP_MAX_HUB_LINKS 17 454 #define GP_MEM_FIFO_REALLOC_MEM_SIZE 18 455 #define GP_QUEUE_BUDGET 19 456 #define GP_FIFO_BUDGET 20 457 458 extern UINT vpn_global_parameters[NUM_GLOBAL_PARAMS]; 459 460 #define VPN_GP(id, default_value) ((UINT)(vpn_global_parameters[(id)] != 0 ? vpn_global_parameters[(id)] : (default_value))) 461 462 463 464 // Virtual HUB creation history 465 struct SERVER_HUB_CREATE_HISTORY 466 { 467 char HubName[MAX_HUBNAME_LEN + 1]; 468 UINT64 CreatedTime; 469 }; 470 471 // Function prototype declaration 472 SERVER *SiNewServer(bool bridge); 473 SERVER *SiNewServerEx(bool bridge, bool in_client_inner_server, bool relay_server); 474 void SiReleaseServer(SERVER *s); 475 void SiCleanupServer(SERVER *s); 476 void StStartServer(bool bridge); 477 void StStopServer(); 478 void SiInitConfiguration(SERVER *s); 479 void SiFreeConfiguration(SERVER *s); 480 UINT SiWriteConfigurationFile(SERVER *s); 481 void SiLoadInitialConfiguration(SERVER *s); 482 bool SiLoadConfigurationFile(SERVER *s); 483 bool SiLoadConfigurationFileMain(SERVER *s, FOLDER *root); 484 void SiInitDefaultServerCert(SERVER *s); 485 void SiInitCipherName(SERVER *s); 486 void SiGenerateDefaultCert(X **server_x, K **server_k); 487 void SiGenerateDefaultCertEx(X **server_x, K **server_k, char *common_name); 488 void SiInitListenerList(SERVER *s); 489 void SiLockListenerList(SERVER *s); 490 void SiUnlockListenerList(SERVER *s); 491 bool SiAddListener(SERVER *s, UINT port, bool enabled); 492 bool SiAddListenerEx(SERVER *s, UINT port, bool enabled, bool disable_dos); 493 bool SiEnableListener(SERVER *s, UINT port); 494 bool SiDisableListener(SERVER *s, UINT port); 495 bool SiDeleteListener(SERVER *s, UINT port); 496 SERVER_LISTENER *SiGetListener(SERVER *s, UINT port); 497 int CompareServerListener(void *p1, void *p2); 498 void SiStopAllListener(SERVER *s); 499 void SiInitDefaultHubList(SERVER *s); 500 void SiSetDefaultHubOption(HUB_OPTION *o); 501 void SiInitBridge(SERVER *s); 502 void SiTest(SERVER *s); 503 FOLDER *SiWriteConfigurationToCfg(SERVER *s); 504 bool SiLoadConfigurationCfg(SERVER *s, FOLDER *root); 505 void SiWriteLocalBridges(FOLDER *f, SERVER *s); 506 void SiLoadLocalBridges(SERVER *s, FOLDER *f); 507 void SiWriteLocalBridgeCfg(FOLDER *f, LOCALBRIDGE *br); 508 void SiLoadLocalBridgeCfg(SERVER *s, FOLDER *f); 509 void SiWriteListeners(FOLDER *f, SERVER *s); 510 void SiLoadListeners(SERVER *s, FOLDER *f); 511 void SiWriteListenerCfg(FOLDER *f, SERVER_LISTENER *r); 512 void SiLoadListenerCfg(SERVER *s, FOLDER *f); 513 void SiWriteServerCfg(FOLDER *f, SERVER *s); 514 void SiLoadServerCfg(SERVER *s, FOLDER *f); 515 void SiWriteGlobalParamsCfg(FOLDER *f); 516 void SiLoadGlobalParamsCfg(FOLDER *f); 517 void SiLoadGlobalParamItem(UINT id, UINT value); 518 void SiWriteTraffic(FOLDER *parent, char *name, TRAFFIC *t); 519 void SiWriteTrafficInner(FOLDER *parent, char *name, TRAFFIC_ENTRY *e); 520 void SiLoadTrafficInner(FOLDER *parent, char *name, TRAFFIC_ENTRY *e); 521 void SiLoadTraffic(FOLDER *parent, char *name, TRAFFIC *t); 522 void SiSaverThread(THREAD *thread, void *param); 523 void SiLoadLicenseManager(SERVER *s, FOLDER *f); 524 void SiWriteLicenseManager(FOLDER *f, SERVER *s); 525 void SiLoadL3Switchs(SERVER *s, FOLDER *f); 526 void SiLoadL3SwitchCfg(L3SW *sw, FOLDER *f); 527 void SiWriteL3Switchs(FOLDER *f, SERVER *s); 528 void SiWriteL3SwitchCfg(FOLDER *f, L3SW *sw); 529 void SiLoadIPsec(SERVER *s, FOLDER *f); 530 void SiWriteIPsec(FOLDER *f, SERVER *s); 531 void SiWriteHubs(FOLDER *f, SERVER *s); 532 void SiLoadHubs(SERVER *s, FOLDER *f); 533 void SiWriteHubCfg(FOLDER *f, HUB *h); 534 void SiLoadHubCfg(SERVER *s, FOLDER *f, char *name); 535 void SiLoadHubLogCfg(HUB_LOG *g, FOLDER *f); 536 void SiWriteHubOptionCfg(FOLDER *f, HUB_OPTION *o); 537 void SiWriteHubLogCfg(FOLDER *f, HUB_LOG *g); 538 void SiWriteHubLogCfgEx(FOLDER *f, HUB_LOG *g, bool el_mode); 539 void SiLoadHubOptionCfg(FOLDER *f, HUB_OPTION *o); 540 void SiWriteHubLinks(FOLDER *f, HUB *h); 541 void SiLoadHubLinks(HUB *h, FOLDER *f); 542 void SiWriteHubAdminOptions(FOLDER *f, HUB *h); 543 void SiLoadHubAdminOptions(HUB *h, FOLDER *f); 544 void SiWriteHubLinkCfg(FOLDER *f, LINK *k); 545 void SiLoadHubLinkCfg(FOLDER *f, HUB *h); 546 void SiWriteHubAccessLists(FOLDER *f, HUB *h); 547 void SiLoadHubAccessLists(HUB *h, FOLDER *f); 548 void SiWriteHubAccessCfg(FOLDER *f, ACCESS *a); 549 void SiLoadHubAccessCfg(HUB *h, FOLDER *f); 550 void SiWriteHubDb(FOLDER *f, HUBDB *db, bool no_save_ac_list); 551 void SiLoadHubDb(HUB *h, FOLDER *f); 552 void SiWriteUserList(FOLDER *f, LIST *o); 553 void SiLoadUserList(HUB *h, FOLDER *f); 554 void SiWriteUserCfg(FOLDER *f, USER *u); 555 void SiLoadUserCfg(HUB *h, FOLDER *f); 556 void SiWriteGroupList(FOLDER *f, LIST *o); 557 void SiLoadGroupList(HUB *h, FOLDER *f); 558 void SiWriteGroupCfg(FOLDER *f, USERGROUP *g); 559 void SiLoadGroupCfg(HUB *h, FOLDER *f); 560 void SiWriteCertList(FOLDER *f, LIST *o); 561 void SiLoadCertList(LIST *o, FOLDER *f); 562 void SiWriteCrlList(FOLDER *f, LIST *o); 563 void SiLoadCrlList(LIST *o, FOLDER *f); 564 void SiWriteAcList(FOLDER *f, LIST *o); 565 void SiLoadAcList(LIST *o, FOLDER *f); 566 void SiWritePolicyCfg(FOLDER *f, POLICY *p, bool cascade_mode); 567 void SiLoadPolicyCfg(POLICY *p, FOLDER *f); 568 void SiLoadSecureNAT(HUB *h, FOLDER *f); 569 void SiWriteSecureNAT(HUB *h, FOLDER *f); 570 void SiRebootServerEx(bool bridge, bool reset_setting); 571 void SiRebootServer(bool bridge); 572 void SiRebootServerThread(THREAD *thread, void *param); 573 void StInit(); 574 void StFree(); 575 SERVER *StGetServer(); 576 void SiSetServerType(SERVER *s, UINT type, 577 UINT ip, UINT num_port, UINT *ports, 578 char *controller_name, UINT controller_port, UCHAR *password, UINT weight, bool controller_only); 579 FARM_CONTROLLER *SiStartConnectToController(SERVER *s); 580 void SiStopConnectToController(FARM_CONTROLLER *f); 581 void SiFarmServ(SERVER *server, SOCK *sock, X *cert, UINT ip, UINT num_port, UINT *ports, char *hostname, UINT point, UINT weight, UINT max_sessions); 582 int CompareHubList(void *p1, void *p2); 583 void SiFarmServMain(SERVER *server, SOCK *sock, FARM_MEMBER *f); 584 FARM_TASK *SiFarmServPostTask(FARM_MEMBER *f, PACK *request); 585 PACK *SiFarmServWaitTask(FARM_TASK *t); 586 PACK *SiExecTask(FARM_MEMBER *f, PACK *p); 587 PACK *SiCallTask(FARM_MEMBER *f, PACK *p, char *taskname); 588 FARM_TASK *SiCallTaskAsyncBegin(FARM_MEMBER *f, PACK *p, char *taskname); 589 PACK *SiCallTaskAsyncEnd(CEDAR *c, FARM_TASK *t); 590 void SiAcceptTasksFromController(FARM_CONTROLLER *f, SOCK *sock); 591 void SiAcceptTasksFromControllerMain(FARM_CONTROLLER *f, SOCK *sock); 592 PACK *SiCalledTask(FARM_CONTROLLER *f, PACK *p, char *taskname); 593 void SiHubOnlineProc(HUB *h); 594 void SiHubOfflineProc(HUB *h); 595 FARM_MEMBER *SiGetNextFarmMember(SERVER *s, CONNECTION *c, HUB *h); 596 bool SiGetMemberSelectorUrl(char *url, UINT url_size); 597 void SiCallCreateHub(SERVER *s, FARM_MEMBER *f, HUB *h); 598 void SiCallUpdateHub(SERVER *s, FARM_MEMBER *f, HUB *h); 599 void SiCallDeleteHub(SERVER *s, FARM_MEMBER *f, HUB *h); 600 void SiCallEnumSession(SERVER *s, FARM_MEMBER *f, char *hubname, RPC_ENUM_SESSION *t); 601 void SiCallEnumNat(SERVER *s, FARM_MEMBER *f, char *hubname, RPC_ENUM_NAT *t); 602 void SiCallEnumDhcp(SERVER *s, FARM_MEMBER *f, char *hubname, RPC_ENUM_DHCP *t); 603 void SiCallGetNatStatus(SERVER *s, FARM_MEMBER *f, char *hubname, RPC_NAT_STATUS *t); 604 void SiCallEnumMacTable(SERVER *s, FARM_MEMBER *f, char *hubname, RPC_ENUM_MAC_TABLE *t); 605 void SiCallEnumIpTable(SERVER *s, FARM_MEMBER *f, char *hubname, RPC_ENUM_IP_TABLE *t); 606 void SiCallDeleteSession(SERVER *s, FARM_MEMBER *f, char *hubname, char *session_name); 607 void SiCallCreateTicket(SERVER *s, FARM_MEMBER *f, char *hubname, char *username, char *realusername, POLICY *policy, UCHAR *ticket, UINT counter, char *groupname); 608 void SiCallDeleteMacTable(SERVER *s, FARM_MEMBER *f, char *hubname, UINT key); 609 void SiCallDeleteIpTable(SERVER *s, FARM_MEMBER *f, char *hubname, UINT key); 610 void SiCalledCreateHub(SERVER *s, PACK *p); 611 void SiCalledUpdateHub(SERVER *s, PACK *p); 612 void SiCalledDeleteHub(SERVER *s, PACK *p); 613 void SiCalledDeleteSession(SERVER *s, PACK *p); 614 void SiCalledDeleteMacTable(SERVER *s, PACK *p); 615 void SiCalledDeleteIpTable(SERVER *s, PACK *p); 616 PACK *SiCalledCreateTicket(SERVER *s, PACK *p); 617 PACK *SiCalledEnumSession(SERVER *s, PACK *p); 618 PACK *SiCalledEnumNat(SERVER *s, PACK *p); 619 PACK *SiCalledEnumDhcp(SERVER *s, PACK *p); 620 PACK *SiCalledGetNatStatus(SERVER *s, PACK *p); 621 PACK *SiCalledEnumMacTable(SERVER *s, PACK *p); 622 PACK *SiCalledEnumIpTable(SERVER *s, PACK *p); 623 void SiCalledEnumHub(SERVER *s, PACK *p, PACK *req); 624 void SiPackAddCreateHub(PACK *p, HUB *h); 625 FARM_MEMBER *SiGetHubHostingMember(SERVER *s, HUB *h, bool admin_mode, CONNECTION *c); 626 void SiCallEnumHub(SERVER *s, FARM_MEMBER *f); 627 void SiCallEnumHubBegin(SERVER *s, FARM_MEMBER *f); 628 void SiCallEnumHubEnd(SERVER *s, FARM_MEMBER *f); 629 void SiStartFarmControl(SERVER *s); 630 void SiStopFarmControl(SERVER *s); 631 void SiFarmControlThread(THREAD *thread, void *param); 632 void SiAccessListToPack(PACK *p, LIST *o); 633 void SiAccessToPack(PACK *p, ACCESS *a, UINT i, UINT total); 634 ACCESS *SiPackToAccess(PACK *p, UINT i); 635 UINT SiNumAccessFromPack(PACK *p); 636 void SiHubUpdateProc(HUB *h); 637 bool SiCheckTicket(HUB *h, UCHAR *ticket, char *username, UINT username_size, char *usernamereal, UINT usernamereal_size, POLICY *policy, char *sessionname, UINT sessionname_size, char *groupname, UINT groupname_size); 638 UINT SiGetPoint(SERVER *s); 639 UINT SiCalcPoint(SERVER *s, UINT num, UINT weight); 640 bool SiCallGetSessionStatus(SERVER *s, FARM_MEMBER *f, RPC_SESSION_STATUS *t); 641 PACK *SiCalledGetSessionStatus(SERVER *s, PACK *p); 642 bool SiCallEnumLogFileList(SERVER *s, FARM_MEMBER *f, RPC_ENUM_LOG_FILE *t, char *hubname); 643 PACK *SiCalledEnumLogFileList(SERVER *s, PACK *p); 644 bool SiCallReadLogFile(SERVER *s, FARM_MEMBER *f, RPC_READ_LOG_FILE *t); 645 PACK *SiCalledReadLogFile(SERVER *s, PACK *p); 646 int CmpLogFile(void *p1, void *p2); 647 LIST *EnumLogFile(char *hubname); 648 void EnumLogFileDir(LIST *o, char *dirname); 649 void FreeEnumLogFile(LIST *o); 650 bool CheckLogFileNameFromEnumList(LIST *o, char *name, char *server_name); 651 void AdjoinEnumLogFile(LIST *o, LIST *src); 652 void IncrementServerConfigRevision(SERVER *s); 653 void GetServerProductName(SERVER *s, char *name, UINT size); 654 void GetServerProductNameInternal(SERVER *s, char *name, UINT size); 655 656 657 void SiSetSysLogSetting(SERVER *s, SYSLOG_SETTING *setting); 658 void SiGetSysLogSetting(SERVER *s, SYSLOG_SETTING *setting); 659 void SiWriteSysLog(SERVER *s, char *typestr, char *hubname, wchar_t *message); 660 UINT SiGetSysLogSaveStatus(SERVER *s); 661 void SiInitDeadLockCheck(SERVER *s); 662 void SiFreeDeadLockCheck(SERVER *s); 663 void SiDeadLockCheckThread(THREAD *t, void *param); 664 void SiCheckDeadLockMain(SERVER *s, UINT timeout); 665 void SiDebugLog(SERVER *s, char *msg); 666 UINT SiDebug(SERVER *s, RPC_TEST *ret, UINT i, char *str); 667 UINT SiDebugProcHelloWorld(SERVER *s, char *in_str, char *ret_str, UINT ret_str_size); 668 UINT SiDebugProcExit(SERVER *s, char *in_str, char *ret_str, UINT ret_str_size); 669 UINT SiDebugProcDump(SERVER *s, char *in_str, char *ret_str, UINT ret_str_size); 670 UINT SiDebugProcRestorePriority(SERVER *s, char *in_str, char *ret_str, UINT ret_str_size); 671 UINT SiDebugProcSetHighPriority(SERVER *s, char *in_str, char *ret_str, UINT ret_str_size); 672 UINT SiDebugProcGetExeFileName(SERVER *s, char *in_str, char *ret_str, UINT ret_str_size); 673 UINT SiDebugProcCrash(SERVER *s, char *in_str, char *ret_str, UINT ret_str_size); 674 UINT SiDebugProcGetIPsecMessageDisplayedValue(SERVER *s, char *in_str, char *ret_str, UINT ret_str_size); 675 UINT SiDebugProcSetIPsecMessageDisplayedValue(SERVER *s, char *in_str, char *ret_str, UINT ret_str_size); 676 UINT SiDebugProcGetVgsMessageDisplayedValue(SERVER *s, char *in_str, char *ret_str, UINT ret_str_size); 677 UINT SiDebugProcSetVgsMessageDisplayedValue(SERVER *s, char *in_str, char *ret_str, UINT ret_str_size); 678 UINT SiDebugProcGetCurrentTcpSendQueueLength(SERVER *s, char *in_str, char *ret_str, UINT ret_str_size); 679 UINT SiDebugProcGetCurrentGetIPThreadCount(SERVER *s, char *in_str, char *ret_str, UINT ret_str_size); 680 681 typedef UINT (SI_DEBUG_PROC)(SERVER *s, char *in_str, char *ret_str, UINT ret_str_size); 682 683 CAPS *NewCaps(char *name, UINT value); 684 void FreeCaps(CAPS *c); 685 CAPSLIST *NewCapsList(); 686 int CompareCaps(void *p1, void *p2); 687 void AddCaps(CAPSLIST *caps, CAPS *c); 688 CAPS *GetCaps(CAPSLIST *caps, char *name); 689 void FreeCapsList(CAPSLIST *caps); 690 bool GetCapsBool(CAPSLIST *caps, char *name); 691 UINT GetCapsInt(CAPSLIST *caps, char *name); 692 void AddCapsBool(CAPSLIST *caps, char *name, bool b); 693 void AddCapsInt(CAPSLIST *caps, char *name, UINT i); 694 void InRpcCapsList(CAPSLIST *t, PACK *p); 695 void OutRpcCapsList(PACK *p, CAPSLIST *t); 696 void FreeRpcCapsList(CAPSLIST *t); 697 void InitCapsList(CAPSLIST *t); 698 void InRpcSysLogSetting(SYSLOG_SETTING *t, PACK *p); 699 void OutRpcSysLogSetting(PACK *p, SYSLOG_SETTING *t); 700 701 void GetServerCaps(SERVER *s, CAPSLIST *t); 702 void FlushServerCaps(SERVER *s); 703 bool GetServerCapsBool(SERVER *s, char *name); 704 UINT GetServerCapsInt(SERVER *s, char *name); 705 void GetServerCapsMain(SERVER *s, CAPSLIST *t); 706 void InitServerCapsCache(SERVER *s); 707 void FreeServerCapsCache(SERVER *s); 708 void DestroyServerCapsCache(SERVER *s); 709 710 void SetGlobalServerFlag(UINT index, UINT value); 711 UINT GetGlobalServerFlag(UINT index); 712 void UpdateGlobalServerFlags(SERVER *s, CAPSLIST *t); 713 714 715 bool IsAdminPackSupportedServerProduct(char *name); 716 717 void SiInitHubCreateHistory(SERVER *s); 718 void SiFreeHubCreateHistory(SERVER *s); 719 void SiDeleteOldHubCreateHistory(SERVER *s); 720 void SiAddHubCreateHistory(SERVER *s, char *name); 721 void SiDelHubCreateHistory(SERVER *s, char *name); 722 bool SiIsHubRegistedOnCreateHistory(SERVER *s, char *name); 723 724 UINT SiGetServerNumUserObjects(SERVER *s); 725 bool SiTooManyUserObjectsInServer(SERVER *s, bool oneMore); 726 727 void SiGetOpenVPNAndSSTPConfig(SERVER *s, OPENVPN_SSTP_CONFIG *c); 728 void SiSetOpenVPNAndSSTPConfig(SERVER *s, OPENVPN_SSTP_CONFIG *c); 729 730 bool SiCanOpenVpnOverDnsPort(); 731 bool SiCanOpenVpnOverIcmpPort(); 732 void SiApplySpecialListenerStatus(SERVER *s); 733 734 bool SiIsAzureEnabled(SERVER *s); 735 bool SiIsAzureSupported(SERVER *s); 736 void SiApplyAzureConfig(SERVER *s, DDNS_CLIENT_STATUS *ddns_status); 737 void SiSetAzureEnable(SERVER *s, bool enabled); 738 bool SiGetAzureEnable(SERVER *s); 739 740 void SiUpdateCurrentRegion(CEDAR *c, char *region, bool force_update); 741 void SiGetCurrentRegion(CEDAR *c, char *region, UINT region_size); 742 bool SiIsEnterpriseFunctionsRestrictedOnOpenSource(CEDAR *c); 743 bool SiCheckCurrentRegion(CEDAR *c, char *r); 744 745 #endif // SERVER_H 746 747 748 749