diff options
Diffstat (limited to 'src/Cedar')
| -rw-r--r-- | src/Cedar/Cedar.h | 12 | ||||
| -rw-r--r-- | src/Cedar/IPsec_IkePacket.c | 2 | ||||
| -rw-r--r-- | src/Cedar/Logging.c | 24 | ||||
| -rw-r--r-- | src/Cedar/Server.c | 2 | ||||
| -rw-r--r-- | src/Cedar/Virtual.c | 98 | ||||
| -rw-r--r-- | src/Cedar/Virtual.h | 2 |
6 files changed, 32 insertions, 108 deletions
diff --git a/src/Cedar/Cedar.h b/src/Cedar/Cedar.h index fc730a57..558380f9 100644 --- a/src/Cedar/Cedar.h +++ b/src/Cedar/Cedar.h @@ -138,7 +138,7 @@ #define CEDAR_VER 424
// Build Number
-#define CEDAR_BUILD 9651
+#define CEDAR_BUILD 9652
// Beta number
//#define BETA_NUMBER 3
@@ -158,11 +158,11 @@ // Specifies the build date
#define BUILD_DATE_Y 2017
-#define BUILD_DATE_M 10
-#define BUILD_DATE_D 23
-#define BUILD_DATE_HO 1
-#define BUILD_DATE_MI 4
-#define BUILD_DATE_SE 19
+#define BUILD_DATE_M 12
+#define BUILD_DATE_D 21
+#define BUILD_DATE_HO 10
+#define BUILD_DATE_MI 34
+#define BUILD_DATE_SE 43
// Tolerable time difference
#define ALLOW_TIMESTAMP_DIFF (UINT64)(3 * 24 * 60 * 60 * 1000)
diff --git a/src/Cedar/IPsec_IkePacket.c b/src/Cedar/IPsec_IkePacket.c index 81f61257..c02e3c04 100644 --- a/src/Cedar/IPsec_IkePacket.c +++ b/src/Cedar/IPsec_IkePacket.c @@ -3055,7 +3055,7 @@ void IkeHMac(IKE_HASH *h, void *dst, void *key, UINT key_size, void *data, UINT // Generation of data 2
data2_size = h->HashSize + hmac_block_size;
- for (i = 0;i < HMAC_BLOCK_SIZE;i++)
+ for (i = 0;i < hmac_block_size;i++)
{
data2[i] = k[i] ^ 0x5c;
}
diff --git a/src/Cedar/Logging.c b/src/Cedar/Logging.c index 310d9523..58d6d50a 100644 --- a/src/Cedar/Logging.c +++ b/src/Cedar/Logging.c @@ -1307,6 +1307,11 @@ UINT CalcPacketLoggingLevelEx(HUB_LOG *g, PKT *packet) // OpenVPN connection request
ret = MAX(ret, g->PacketLogConfig[PACKET_LOG_TCP_CONN]);
break;
+
+ case L7_DNS:
+ // DNS request
+ ret = MAX(ret, g->PacketLogConfig[PACKET_LOG_TCP_CONN]);
+ break;
}
break;
@@ -1354,6 +1359,11 @@ UINT CalcPacketLoggingLevelEx(HUB_LOG *g, PKT *packet) // OpenVPN connection request
ret = MAX(ret, g->PacketLogConfig[PACKET_LOG_TCP_CONN]);
break;
+
+ case L7_DNS:
+ // DNS request
+ ret = MAX(ret, g->PacketLogConfig[PACKET_LOG_TCP_CONN]);
+ break;
}
break;
@@ -1759,6 +1769,13 @@ char *PacketLogParseProc(RECORD *rec) }
break;
+ case L7_DNS:
+ // DNS query
+ t->Token[6] = CopyStr("DNSv4");
+ t->Token[7] = CopyStr("DNS_Query");
+ t->Token[14] = CopyStr(p->DnsQueryHost);
+ break;
+
default:
// Unknown Packet
t->Token[6] = CopyStr("UDPv4");
@@ -2024,6 +2041,13 @@ char *PacketLogParseProc(RECORD *rec) }
break;
+ case L7_DNS:
+ // DNS query
+ t->Token[6] = CopyStr("DNSv6");
+ t->Token[7] = CopyStr("DNS_Query");
+ t->Token[14] = CopyStr(p->DnsQueryHost);
+ break;
+
default:
t->Token[6] = CopyStr("UDPv6");
break;
diff --git a/src/Cedar/Server.c b/src/Cedar/Server.c index 6e7f3c56..2a100ecb 100644 --- a/src/Cedar/Server.c +++ b/src/Cedar/Server.c @@ -924,7 +924,7 @@ void SiWriteSysLog(SERVER *s, char *typestr, char *hubname, wchar_t *message) // Date and time
LocalTime(&st);
if(s->StrictSyslogDatetimeFormat){
- GetDateTimeStrRFC3164(datetime, sizeof(datetime), &st, GetCurrentTimezone());
+ GetDateTimeStrRFC3339(datetime, sizeof(datetime), &st, GetCurrentTimezone());
}else{
GetDateTimeStrMilli(datetime, sizeof(datetime), &st);
}
diff --git a/src/Cedar/Virtual.c b/src/Cedar/Virtual.c index 4d25efcc..7cf3b840 100644 --- a/src/Cedar/Virtual.c +++ b/src/Cedar/Virtual.c @@ -6955,104 +6955,6 @@ NAT_ENTRY *CreateNatDns(VH *v, UINT src_ip, UINT src_port, UINT dest_ip, UINT de return n;
}
-// Get the next byte
-UCHAR GetNextByte(BUF *b)
-{
- UCHAR c = 0;
- // Validate arguments
- if (b == NULL)
- {
- return 0;
- }
-
- if (ReadBuf(b, &c, 1) != 1)
- {
- return 0;
- }
-
- return c;
-}
-
-// Interpret the DNS query
-bool ParseDnsQuery(char *name, UINT name_size, void *data, UINT data_size)
-{
- BUF *b;
- char tmp[257];
- bool ok = true;
- USHORT val;
- // Validate arguments
- if (name == NULL || data == NULL || data_size == 0)
- {
- return false;
- }
- StrCpy(name, name_size, "");
-
- b = NewBuf();
- WriteBuf(b, data, data_size);
- SeekBuf(b, 0, 0);
-
- while (true)
- {
- UINT next_len = (UINT)GetNextByte(b);
- if (next_len > 0)
- {
- // Read only the specified length
- Zero(tmp, sizeof(tmp));
- if (ReadBuf(b, tmp, next_len) != next_len)
- {
- ok = false;
- break;
- }
- // Append
- if (StrLen(name) != 0)
- {
- StrCat(name, name_size, ".");
- }
- StrCat(name, name_size, tmp);
- }
- else
- {
- // Read all
- break;
- }
- }
-
- if (ReadBuf(b, &val, sizeof(val)) != sizeof(val))
- {
- ok = false;
- }
- else
- {
- if (Endian16(val) != 0x01 && Endian16(val) != 0x0c)
- {
- ok = false;
- }
- }
-
- if (ReadBuf(b, &val, sizeof(val)) != sizeof(val))
- {
- ok = false;
- }
- else
- {
- if (Endian16(val) != 0x01)
- {
- ok = false;
- }
- }
-
- FreeBuf(b);
-
- if (ok == false || StrLen(name) == 0)
- {
- return false;
- }
- else
- {
- return true;
- }
-}
-
// Set the VGS host name
void SetDnsProxyVgsHostname(char *hostname)
{
diff --git a/src/Cedar/Virtual.h b/src/Cedar/Virtual.h index 680f9354..780658a3 100644 --- a/src/Cedar/Virtual.h +++ b/src/Cedar/Virtual.h @@ -594,9 +594,7 @@ void SendTcp(VH *v, UINT src_ip, UINT src_port, UINT dest_ip, UINT dest_port, UI void DnsProxy(VH *v, UINT src_ip, UINT src_port, UINT dest_ip, UINT dest_port, void *data, UINT size);
bool ParseDnsPacket(VH *v, UINT src_ip, UINT src_port, UINT dest_ip, UINT dest_port, void *data, UINT size);
bool ParseDnsPacketEx(VH *v, UINT src_ip, UINT src_port, UINT dest_ip, UINT dest_port, void *data, UINT size, DNS_PARSED_PACKET *parsed_result);
-bool ParseDnsQuery(char *name, UINT name_size, void *data, UINT data_size);
void SetDnsProxyVgsHostname(char *hostname);
-UCHAR GetNextByte(BUF *b);
bool NatTransactDns(VH *v, NAT_ENTRY *n);
void NatDnsThread(THREAD *t, void *param);
bool NatGetIP(IP *ip, char *hostname);
|