Release Version 5.2.2

.github/workflows/DevelopmentDPC.yml

@@ -7,9 +7,11 @@ name: Development DPC
 
 on:
   push:
-    branches: [ "Development" ]
+    branches-ignore:
+      - main
   pull_request:
-    branches: [ "Development" ]
+    branches-ignore:
+      - main
 
 jobs:
   build:

DPCInstaller/ADMX/dpc.admx

@@ -1335,7 +1335,7 @@
 			<parentCategory ref="CAT_DPCCategory_C_UserBackupTunnel" />
 			<supportedOn ref="SUPPORTED_Windows_10_0_NOSERVER" />
 			<elements>
-				<list id="DPCCategory_UserTunnel_ProxyExclusions_Listbox" key="SOFTWARE\Policies\DPC\DPCClient\UserTunnel\ProxyExcludeList" valuePrefix="" />
+				<list id="DPCCategory_UserTunnel_ProxyExclusions_Listbox" key="SOFTWARE\Policies\DPC\DPCClient\UserBackupTunnel\ProxyExcludeList" valuePrefix="" />
 				<enum id="ProxyBypassForLocal" valueName="ProxyBypassForLocal">
 					<item displayName="$(string.Disabled)">
 						<value>

DPCInstaller/ADMX/en-US/DPC.adml

@@ -255,11 +255,15 @@ If PAC File is selected then the full url to the PAC file should be defined in t
 
 Example:
 http://proxy.contoso.com/vpnproxy.pac
+https://proxy.contoso.com/vpnproxy.pac
+http://proxy.contoso.com:8080/vpnproxy.pac
+https://proxy.contoso.com:8081/vpnproxy.pac
 
 If Proxy Server is selected then the hostname and port of the proxy server should be defined in the Proxy Value
 
 Example:
-http://proxy.contoso.com:8080
+proxy.contoso.com
+proxy.contoso.com:8080
 
 NOTE: Proxy Exclusions and Bypass For Local Address Options are only valid when 'Proxy Server' is selected. These settings can be set with a seperate Group Policy Setting
 

DPCInstaller/ProductVersion.wxi

@@ -1,3 +1,3 @@
 <Include xmlns="http://wixtoolset.org/schemas/v4/wxs">
-  <?define ProductVersion=5.2.1?>
+  <?define ProductVersion=5.2.2?>
 </Include>

DPCLibrary/Models/IPv4Address.cs

@@ -40,7 +40,7 @@ public void LoadFromString(string address)
                 throw new ArgumentException("IPAddress must not be null");
             }
 
-            if (!Validate.IPv4(address))
+            if (!Validate.IPv4Address(address))
             {
                 throw new ArgumentException("IPAddress must be a valid IPv4 Address");
             }

DPCLibrary/Models/IPv6Address.cs

@@ -81,7 +81,7 @@ public void LoadFromString(string address)
                 throw new ArgumentException("IPAddress must not be null");
             }
 
-            if (!Validate.IPv6(address))
+            if (!Validate.IPv6Address(address))
             {
                 throw new ArgumentException("IPAddress must be a valid IPv6 Address");
             }

DPCLibrary/Models/Route.cs

@@ -72,28 +72,35 @@ public Route(XElement routeNode)
                 string tempAddress = routeNode.XPathSelectElement("Address")?.Value;
                 if (tempAddress.Contains("/"))
                 {
-                    string[] tempAddressSplit = tempAddress.Split('/');
-                    tempAddress = tempAddressSplit[0];
-                    Prefix = Convert.ToInt32(tempAddressSplit[1], CultureInfo.InvariantCulture);
+                    Prefix = IPUtils.GetIPCIDRSuffix(tempAddress);
+                    tempAddress = IPUtils.GetIPAddress(tempAddress);
                 }
                 else
                 {
                     Prefix = Convert.ToInt32(routeNode.XPathSelectElement("PrefixSize")?.Value, CultureInfo.InvariantCulture);
                 }
 
-                if (Validate.IPv4(tempAddress))
+                if (Validate.IPv4Address(tempAddress))
                 {
                     Address = new IPv4Address();
                     Address.LoadFromString(tempAddress);
+                    if (Prefix < 0 || Prefix > 32)
+                    {
+                        throw new InvalidDataException("IPv4 Prefix " + Prefix + " was not considered a valid CIDR Suffix");
+                    }
                 }
-                else if (Validate.IPv6(tempAddress))
+                else if (Validate.IPv6Address(tempAddress))
                 {
                     Address = new IPv6Address();
                     Address.LoadFromString(tempAddress);
+                    if (Prefix < 0 || Prefix > 128)
+                    {
+                        throw new InvalidDataException("IPv6 Prefix " + Prefix + " was not considered a valid CIDR Suffix");
+                    }
                 }
                 else
                 {
-                    throw new InvalidDataException("IP Address " + tempAddress + " was not considered a valid Iv4 or IPv6 Address");
+                    throw new InvalidDataException("IP Address " + tempAddress + " was not considered a valid IPv4 or IPv6 Address");
                 }
 
 

DPCLibrary/Utils/AccessWMI.cs

@@ -169,6 +169,7 @@ private static string SanitizeName(string name)
 
         private static string Sanitize(string profileData)
         {
+            profileData = profileData.Replace("&", "&"); //Must be first or breaks all the other escape codes
             profileData = profileData.Replace("<", "&lt;");
             profileData = profileData.Replace(">", "&gt;");
             profileData = profileData.Replace("\"", "&quot;");
@@ -232,7 +233,15 @@ public static bool SetProxyExcludeExceptions(string profileName, IList<string> e
                     return false;
                 }
 
-                List<string> proxyExcludeList = new List<string>(excludeList);
+                List<string> proxyExcludeList;
+                if (excludeList != null)
+                {
+                    proxyExcludeList = new List<string>(excludeList);
+                }
+                else
+                {
+                    proxyExcludeList = new List<string>();
+                }
 
                 using (CimOperationOptions options = GetContextOptions(DeviceInfo.SYSTEMSID, cancelToken))
                 {
@@ -244,7 +253,7 @@ public static bool SetProxyExcludeExceptions(string profileName, IList<string> e
                         CimMethodParameter.Create("BypassProxyForLocal", bypassForLocal, CimFlags.In)
                     })
                     {
-                        if (excludeList.Count > 0)
+                        if (proxyExcludeList.Count > 0)
                         {
                             string proxyServer = GetProxyServer(profileName, cancelToken);
                             if (!string.IsNullOrWhiteSpace(proxyServer))
@@ -277,7 +286,7 @@ private static IList<string> GetMachineCertificateEKUFilter(string profileName,
             return EKUData.ToList();
         }
 
-        private static IList<string> GetProxyExcludeList(string profileName, CancellationToken cancelToken)
+        public static IList<string> GetProxyExcludeList(string profileName, CancellationToken cancelToken)
         {
             IList<string> profileDetailsList = new List<string>();
             string XML = GetWMIVPNConfig(profileName, cancelToken);

DPCLibrary/Utils/IPUtils.cs

@@ -46,26 +46,26 @@ public static int GetIPCIDRSuffix(string address)
             }
 
             string[] splitAddress = address.Split('/');
-            if (splitAddress.Length == 1 && Validate.IPv4(address))
+            if (splitAddress.Length == 1 && Validate.IPv4EndpointAddress(address))
             {
                 //If there is no CIDR then assume it is a single IPv4 hence /32
                 return 32;
             }
-            if (splitAddress.Length == 1 && Validate.IPv6(address))
+            if (splitAddress.Length == 1 && Validate.IPv6EndpointAddress(address))
             {
                 //If there is no CIDR then assume it is a single IPv6 hence /128
                 return 128;
             }
             else if (splitAddress.Length == 2)
             {
-                if (Validate.IPv4(splitAddress[1]))
+                if (Validate.IPv4Address(splitAddress[1]))
                 {
                     //Mask may be in the format 255.255.0.0
                     return GetCIDRFromNetMask(splitAddress[1]);
                 }
                 else
                 {
-                    //Assume mask is in the format /24
+                    //Assume mask is in the CIDR format
                     //Throw exception if not valid
                     return int.Parse(splitAddress[1], CultureInfo.InvariantCulture);
                 }

DPCLibrary/Utils/VPNProfileCreator.cs

@@ -479,8 +479,15 @@ public void LoadFromRegistry()
                 //Proxy Disabled, reset proxy settings to defaults
                 ProxyType = ProxyType.None;
                 ProxyValue = "";
-                if (ProxyExcludeList != null && ProxyExcludeList.Count > 0)
+                //Initialise the value if it wasn't already
+                if (ProxyExcludeList == null)
                 {
+                    ProxyExcludeList = new List<string>();
+                }
+
+                if (ProxyExcludeList.Count > 0)
+                {
+                    //Proxy has been disabled, clear out any previous proxy exclusions as they are no longer needed
                     ProxyExcludeList.Clear();
                 }
                 ProxyBypassForLocal = false;
@@ -1216,9 +1223,21 @@ public void Generate()
                     {
                         writer.WriteComment(Route.Value);
                     }
+                    string address = IPUtils.GetIPAddress(Route.Key);
+                    if (string.IsNullOrWhiteSpace(address))
+                    {
+                        ValidationFailures.AppendLine("Route: " + Route.Key + " is not valid and has been skipped");
+                        continue;
+                    }
+                    int prefix = IPUtils.GetIPCIDRSuffix(Route.Key);
+                    if (prefix < 0)
+                    {
+                        ValidationFailures.AppendLine("Route: " + Route.Key + " is not valid and has been skipped");
+                        continue;
+                    }
                     writer.WriteStartElement("Route");
-                    writer.WriteElementString("Address", IPUtils.GetIPAddress(Route.Key));
-                    writer.WriteElementString("PrefixSize", IPUtils.GetIPCIDRSuffix(Route.Key).ToString(CultureInfo.InvariantCulture));
+                    writer.WriteElementString("Address", address);
+                    writer.WriteElementString("PrefixSize", prefix.ToString(CultureInfo.InvariantCulture));
                     if (RouteMetric > 0)
                     {
                         writer.WriteElementString("Metric", RouteMetric.ToString(CultureInfo.InvariantCulture));
@@ -1838,7 +1857,7 @@ private static List<string> GetOffice365ExcludeRoutes()
                 {
                     if (ipList.Contains(item)) continue;
                     //Don't add IPv6 addresses as currently windows won't connect the profile if a client doesn't have an IPv6 address and there are IPv6 routes in the Route Table
-                    if (Validate.IPv4(item) || Validate.IPv4CIDR(item))
+                    if (Validate.IPv4EndpointAddress(item) || Validate.IPv4CIDR(item))
                     {
                         ipList.Add(item);
                     }
@@ -1887,7 +1906,7 @@ private static string GetDNSRoutes(ref Dictionary<string, string> resolvedIPList
                         }
                         //Don't add IPv6 addresses as IPv6 Exclusions added to a machine without an IPv6 address breaks the tunnel completely
                         //if (Validate.IPv4(item) || Validate.IPv6(item))
-                        if (Validate.IPv4(item.Key))
+                        if (Validate.IPv4EndpointAddress(item.Key))
                         {
                             resolvedIPList.Add(item.Key, item.Value);
                         }