Release 1.0.0.26151 · liulilittle/openppp2
Fix potential bugs in tunnel and transport layer implementation and correct TCP_FASTOPEN configuration regression · 8cc7864
This release incorporates every commit since Fix the issue where static tunnel IPv6 does not add routes, causing inability to access the internet · 23cf06a.
Full Changelog: All changes and fixes from 23cf06a to the latest commit (newest first)
8cc7864 : Fix the previous commit: TCP_FASTOPEN setting error issues.
Details : Corrected a regression introduced in the immediately preceding commit where TCP Fast Open was incorrectly configured via setsockopt. The original code mistakenly used the TCP_FASTOPEN constant as both the option name and value (e.g., int opt = TCP_FASTOPEN; setsockopt(..., opt, &opt, ...)). This commit fixes it by properly setting the option name to TCP_FASTOPEN with an explicit enable value of 1. Updated ppp/net/proxies/sniproxy.cpp (lines 590–591) and added a robust fallback using Boost.Asio’s socket_option::boolean wrapper for maximum compatibility across platforms and kernels. Additionally integrated the newly introduced dnsx.cpp into the Windows Visual Studio project files (ppp.vcxproj and ppp.vcxproj.filters) to ensure it is compiled correctly. This resolves connection setup failures and restores intended TCP Fast Open performance benefits without side effects.
0fb426f : Fix potential bugs in the implementation of tunnel and transport layer protocols.
Details : Comprehensive stabilization and refactoring across the core tunneling engine (16 files changed, +3,377 / -2,308 lines). Major updates to app/protocol/VirtualEthernetPacket.{cpp,h} and VirtualEthernetLinklayer.{cpp,h} include new methods (GetUdpPacket(), Pack() overloads, UnpackBy(), Ciphertext(), OpenDatagramSocket(), FillBytesToPayload()) with explicit protocol checks, dual-layer (protocol + transport) ciphertext handling using GUID/FSID, and safer non-allocating unpack paths via BufferswapAllocator. Fixed packet-type ambiguity (UDP vs. IP vs. ICMP extraction), prevented potential encryption bypass, added socket binding fallback to ANY address, and enhanced payload obfuscation with random min/max length padding. Also improved native checksum logic (native/checksum.{cpp,h}), DNS handling (net/asio/vdns.{cpp,h} and new dnsx.cpp), SNI proxy forwarding (proxies/sniproxy.{cpp,h}), and the ITransmission interface. Updated precompiled headers and resource files for build consistency. These changes eliminate long-standing edge-case bugs, reduce memory allocations and latency in the hot path, strengthen end-to-end security, and improve resilience under restrictive network conditions.
Base commit ( 23cf06a ) :
Fix the issue where static tunnel IPv6 does not add routes, causing inability to access the internet
This version delivers significant stability improvements to the core virtual Ethernet tunnel and transport layers, resolves a TCP Fast Open regression, and strengthens packet processing, encryption, and cross-platform compatibility. All existing features (static/dynamic tunnels, Wintun/TAP drivers, SYSNAT, client/server modes, etc.) remain fully backward compatible.
Highly recommended for users running high-throughput tunnels, SNI proxy scenarios, or IPv6-enabled configurations.