Just uses the correct types i.e. the same as the limit.
Since the index is usually only used as a non-negative
array index the type change does not cause any behavioral
changes.
But it avoids -Wsign-compare complaints and is just
cleaner.
Change-Id: Ib6c3e154fbe14113ff990f13347f85a7c93dd3e0
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1491
Message-Id: <20260216212805.7808-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35682.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Otherwise the check for cmocka version doesn't
work. Includes the update to vcpkg in GHA since
that exposed the problem.
chore(deps): update vcpkg digest to 6d332a0
Change-Id: I3b246bcc36ba35c2ed9630dc18e97aff436eaa0b
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1488
Message-Id: <20260126145558.31460-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35437.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This commit adds support for Mbed TLS 4. This version comes with some
drastic changes. The crypto library has been completely redesigned, so
the contents of crypto_mbedtls.c are moved to crypto_mbedtls_legacy.c
and crypto_mbedtls.c handles the crypto for version 4.
Mbed TLS 4 also removed the feature for looking up a crypto algorithm by
name, so we need to translate algorithm names to Mbed TLS numbers in
OpenVPN. The tables are not yet complete. For symmetric algorithms, I
have added AES and Chacha-Poly which should be enough for most use
cases.
Change-Id: Ib251d546d993b96ed3bd8cb9111bcc627cdb0fae
Signed-off-by: Max Fillinger <maximilian.fillinger@sentyron.com>
Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1441
Message-Id: <20260123164746.7333-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35401.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This adds the required build infrastructure
and adds tests for two functions related to
GetItfDnsDomains().
Change-Id: I33583e51e1143c53fbe0aef16546fa3f602b17c0
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1459
Message-Id: <20260119215058.27888-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35345.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
When the sender jumps forwards exactly epoch_data_keys_future_count in its
epoch key use the housekeeping logic does not handle this correctly and
triggers an ASSERT.
Change the code to correctly implement the special case when the new epoch
key of the sender is the highest valid key epoch in the current window of
valid epoch keys for receiving data.
Change-Id: Ib581c02a29b974184256a9f4ad0ce15ba5f9db3b
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-By: Max Fillinger <maximilian.fillinger@sentyron.com>
Reported-By: Pavel Kohout of Aisle Research <pavel.kohout@aisle.com>
Github: closesOpenVPN/openvpn-private-issues#103
CVE: 2025-15497
This was missed in commit
6db186e0b1 since we
only built with cmocka 2.0 on macOS and that doesn't
build test_tls_crypt.
Now that we build with cmocka 2.0 also on Debian Sid
we noticed the additional issues.
Change-Id: Ibc964c13724316ca96276ba6b7d34dbbfcf52064
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1460
Message-Id: <20260108154248.21706-1-gert@greenie.muc.de>
Signed-off-by: Gert Doering <gert@greenie.muc.de>
But add compat layer so that we can still build
against older versions of cmocka. Mostly this is
trivial but the custom check function changed its
prototype, so that requires some more work.
Change-Id: Ifb6594700db71d219643a29c581099c778bcbbc6
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1449
Message-Id: <20251218104042.5961-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35144.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
While fixing the conversion warning I was
somewhat confused how this works, so added
UTs to verify I understood it.
v2:
- disable assert test for MS VS
- add define for memory-intensive UTs and
only enable it by default for CMake builds,
so we do not break a lot of builds out there
due to memory allocation failures
Change-Id: Icab68a5fd1b6288955f0073179f1ddde1468d951
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1432
Message-Id: <20251212120352.17402-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35050.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Previously, the logic for resetting push options (like 'route') was based on
`update_options_found` which was local to `apply_push_options`. This meant
that if a PUSH_UPDATE was split across multiple continuation messages,
the state was lost, causing routes to be reset multiple times (once per
message chunk) rather than once per update sequence.
This patch moves the state tracking to `struct options` as
`push_update_options_found`, allowing it to persist across the entire
PUSH_UPDATE sequence.
This fixes an issue where large route lists sent via PUSH_UPDATE would
result in only the last chunk's routes being applied, or previous routes
being continuously deleted and re-added.
Added unit test `test_incoming_push_continuation_route_accumulation` to
verify the fix.
Github: OpenVPN/openvpn#925
Signed-off-by: Moritz Fain <moritz-openvpn@fain.io>
Acked-by: Marco Baffo <marco@mandelbit.com>
Message-Id: <CAM8w-qEE6vHj=yUOpTFbM7DqPKzUV0NupvEG4rUefY=kNB2DxQ@mail.gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34814.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This is a stupid mistake but causes all hmac cookies to be accepted,
thus breaking source IP address validation. As a consequence, TLS
sessions can be openend and state can be consumed in the server from
IP addresses that did not initiate an initial connection.
While at it, fix check to only allow [t-2;t] timeslots, disallowing
HMACs coming in from a future timeslot.
Github: OpenVPN/openvpn-private-issues#56
CVE: 2025-13086
Reported-By: Joshua Rogers <contact@joshua.hu>
Found-by: ZeroPath (https://zeropath.com/)
Reported-By: stefan@srlabs.de
Change-Id: I9cbe2bf535575b47ddd7f34e985c5c1c6953a6fc
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Max Fillinger <max@max-fillinger.net>
Newer version of MSVC do not show the error anymore, but I do get, e.g.:
test_crypto.c(538,23): error C2059: syntax error: '}'
with version 19.38.33133 installed on a test system.
Change-Id: I13e34119303e056fdb51ff9925f4944171c824f2
Signed-off-by: Heiko Hund <heiko@ist.eigentlich.net>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1366
Message-Id: <20251111172504.7683-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34327.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
We have agreed to never use the plain assert()
anywhere in the code.
Unit tests are almost there as they always use
cmocka provided assert helpers, except for two cases.
Convert those two to cmocka assert calls too.
While at it also ensure that the proper bool helpers
are used rather than checking _int_equal against true/false.
Drop assert.h in cryptoapi.c as well as it's not needed
anymore.
GitHub: ClosesOpenVPN/openvpn#894
Change-Id: I61e4968f2e83d12d4d3fc3ccba92a06eb5ed5866
Signed-off-by: Antonio Quartulli <antonio@mandelbit.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1345
Message-Id: <20251104081653.3368-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34179.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
In all unit tests we rely on CMocka's provided assert helpers.
However, test_networking.c was still on the default assert() call,
which we try to avoid in favour of more appropriate helpers.
Substitute them all with assert_*() from CMocka.
Change-Id: Ie153b3d5bf19200f225cd09131de8583645110be
Reported-by: Marc Heuse <marc@srlabs.de>
Signed-off-by: Antonio Quartulli <antonio@mandelbit.com>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1342
Message-Id: <20251103145842.22969-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34155.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
The number of messages calculated before the call to message_splitter(),
used in the memory allocation in the buffer array, could in certain
cases be less than one than the actual number of messages, thus causing
an override of the sentinel buffer in message_splitter() and therefore
an invalid read in send_single_push_update().
The case in question would be, for example, a sequence of three options
"A,B,C" with the size of B equal to safe_cap - 1 and the sum of the
sizes of A and C less than safe_cap - 2.
The buffer array was therefore replaced with a list of buffers to
completely avoid calculating the number of messages before it was
actually computed.
The test case in question has been added to the unit tests.
The unit tests have been improved using cmocka macros.
Change-Id: Idba419681fe3ccc4e6e2f6ce7592332dcff62cd9
Signed-off-by: Marco Baffo <marco@mandelbit.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1316
Message-Id: <20251030195244.2659-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34073.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Since OpenVPN spawns various child processes, it is important
that sockets are closed after calling exec.
The sitnl socket didn't have the right flag set, resulting
in it surviving in, for example, connect/disconnect scripts
and giving the latter a chance to abuse the socket.
Ensure this doesn't happen by setting FD_CLOEXEC on
this socket right after creation.
Reported-by: Joshua Rogers <contact@joshua.hu>
Found-by: ZeroPath (https://zeropath.com/)
Change-Id: I54845bf4dd17d06cfc3b402f188795f74f4b1d3e
Signed-off-by: Antonio Quartulli <antonio@mandelbit.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1314
Message-Id: <20251028162843.18189-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg33952.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Not necessary to make it non-static just for UTs.
Change-Id: I348abec1e2f32301a0368d5f541e67bddf358bbc
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1282
Message-Id: <20251017203830.23807-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59248152/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
When sending a PUSH_UPDATE containing an ifconfig(-ipv6) option, we must add the new IP to the
multi_context vhash (hash table of the clients indexed by virtual IPs). Now in addition to
adding new client IPs, old IPs are also removed from vhash, allowing for a more complete update.
Change-Id: I07a8ddd9026eef64b6f5abde98702a9801616a5f
Signed-off-by: Marco Baffo <marco@mandelbit.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1253
Message-Id: <20251017201916.21697-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg33412.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This is what the Win32 APIs use. Since we put static
integers into this (e.g. sizeof()) this doesn't
result in new conversion warnings at the caller sites.
Change-Id: Ia836e3c05a868a7e8419c2bb2f547d968260783c
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1269
Message-Id: <20251013162221.2156-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59246222/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Use extra define to allow testing code only
used on Windows but not actually dependent
on Windows.
Change-Id: I08e50030b1b692d351509f541e5c0b03b5170615
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1267
Message-Id: <20251013154758.21695-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59246199/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Required a fix to mock_msg to make tests of M_FATAL
possible at all.
This also tests some cases which arguably should throw
a fatal error but do not.
v2:
- Suppress LeakSanitizer errors for fatal error tests.
Due to aborting the function, the memory will not be
cleaned up, but that is expected.
v3:
- Disable assert tests with MSVC. Does not seem to catch
the error correctly.
- Rebase on top of parallel-tests series to get
AM_TESTS_ENVIRONMENT.
v8:
- Update srcdir handling according to master.
v10:
- Update mock_msg.c fatal handling to be compatible
with NO_CMOCKA.
Change-Id: Icabc8acf75638c86c8c395e9ffecba7a7226cd97
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/474
Message-Id: <20251010211154.2780-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59245149/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Before sending the PUSH_UPDATE message to the client, we must verify that
the client has actually sent IV_PROTO_PUSH_UPDATE to the server, declaring that
it supports push-updates.
Also fixed a gc_arena memory leak in one of the error paths and asserted
mi->context.c2.tls_multi .
Change-Id: I7c28da72be11c7efbed3068fbfc65f2959227bec
Signed-off-by: Marco Baffo <marco@mandelbit.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1255
Message-Id: <20251009182855.18712-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59244566/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
After removing --wrap from some other tests in
a previous commit I got confused here myself.
--wrap is really only needed when you have the
original function linked in. Somehow I thought
the call ordering and mocking logic needed this.
But this is wrong, so no need to use --wrap here
since we currently do not link any of those
functions.
Change-Id: I60df1e61ed89be52e9d032b5b49133a784f9811e
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1258
Message-Id: <20251008161357.5679-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59244071/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
At least on OpenBSD it seems that uintmax_t maps
to unsigned long long always, but LargestIntegralType
is unsigned long. So if we have a version of cmocka.h
that defines LargestIntegralType then respect that.
Change-Id: I59a49696acd665d43b21e5c23f24b86c15989cd6
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1256
Message-Id: <20251008133338.23652-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59243971/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
The <inlineopt> test discovered the issue
fixed by commit "buffer: Fix buf_parse eating input".
Change-Id: Icb91d9c560b6f78f16571ac3052cc566d94afe99
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1247
Message-Id: <20251008100222.4610-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59243809/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
When parsing a "line" that is longer than the
available line buffer, then buf_parse was
eating up to 2 characters. It advanced past
them but they were not part of the output.
This can lead to unexpected results if buf_parse
is used in a while loop on unrestricted input,
like e.g. when reading configs (see in_src_get()
used for check_inline_file_via_buf()).
Change-Id: I3724660bf0f8336ee58c172acfb7c4f38e457393
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1246
Message-Id: <20251008103001.7696-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59243829/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
For now contains one test case for parse_line.
Change-Id: I95032d2539d994abf69fc17319ed1a429c3bb948
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1244
Message-Id: <20251008101014.5691-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59243816/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
The PUSH_UPDATE currently doesn't work with DCO.
For example, in server, if a new ifconfig is sent, the DCO
doesn't receive the new peer address and the connection drops.
Similarly in the client when a PUSH_UPDATE is received, the tun is
closed and reopened but the DCO doesn't receive the peer info.
Change-Id: Ibe78949435bb2f26ad68301e2710321bf37c9486
Signed-off-by: Marco Baffo <marco@mandelbit.com>
Acked-by: Antonio Quartulli <antonio@mandelbit.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1245
Message-Id: <20251008083046.27209-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59243711/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
If not using mock() or check_expected(), and
not linking the original function, then there
is no need for wrapping support.
Change-Id: I937105abeb5e8f796bf6bbe8432972adb60b3e2a
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1243
Message-Id: <20251007185217.19381-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59243508/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Replace some assert_true calls with more specific
assertions. This should improve reporting in case
of problems and also just makes the code nicer.
Change-Id: Ia2f374476c87855bba6c0f9d3e2f28a5fe62a152
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1141
Message-Id: <20251006204118.26237-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59243096/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Only trivial problems left after the other patches
have been merged.
Change-Id: Iab9e780d9649d7581e5f6aa4b23e72bbed5e145b
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1205
Message-Id: <20250924124154.15963-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59238128/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Grand-father all known locations of existing errors,
so that -Werror builds still pass and we do not spam
build logs.
Still, this should give us a much better roadmap to
work on these issues one by one while still enabling
the warnings for a lot of code-paths.
In general I did go for least amount of pragmas, so
usually there is only one override per file, covering
ALL of the failures in that file. While this protects
a lot of code that doesn't need it, it also cut down
the amount of pragmas by a lot.
This does cover gcc builds including mingw and clang
builds. Does not cover MSVC.
Once the amount of issues has been suitable reduced
more warnings could be enabled.
Change-Id: Iad5b00c35a1f1993b1fa99e8b945ab17b230ef59
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1168
Message-Id: <20250924122755.14391-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg33181.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
- Includes fixes for
- -Wimplicit-fallthrough=2
(=3 is default but requires replacing all
fallthrough comments)
- -Wmissing-field-initializers
- -Wold-style-declaration
- All other warnings that would need fixes are
disabled for now.
Change-Id: I9ce664d073a4e6a6d433e9e6f986a5086dae8aa1
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1202
Message-Id: <20250923140854.21766-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59237558/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Commit 0df0edc49c re-introduced explicit setting of broadcast addresses
for Linux IPv4 interfaces. t_net.sh verifies that the built-in netlink
code (sitnl) achieves the same result as "equivalent" iproute2 statements
- and we missed adjusting of these iproute2 statements (printed by
networking_testdriver). Done.
Change-Id: I5fea6ca1ccadb434b5c4f4b49881524a079a9d15
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Antonio Quartulli <antonio@mandelbit.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1203
Message-Id: <20250922080305.18477-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59236810/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
msglevel was definitely unsigned as the first
argument to msg(), but many parts of the code
had it as signed. So this produced a LOT of
warnings when enabling -Wsign-conversion.
Introduce a msglvl_t typedef and switch all
users to it. This includes any values that
are stored in the msglevel field, including
debug level and mute level.
There is one exception in struct status_output
where -1 is a valid value in the API. Only
positive values are translated into standard
message levels.
Change-Id: Id492cb774c6d022d06bb3cf5fec2a4bdd410e619
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1110
Message-Id: <20250917170428.3310-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg33028.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Unlike debugging with printf(), or msg() calls do not need or want
a '\n' at the end of the string. Remove those that were overlooked.
Change-Id: I889b53ed72efaec546a6609491fae9715726ea00
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20250912131609.43444-1-frank@lichtenheld.com>
URL: https://sourceforge.net/p/openvpn/mailman/message/59232448/
URL: https://gerrit.openvpn.net/c/openvpn/+/1180
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Basically all users already wanted that anyway. And most
of the library functions also take size_t nowadays.
Change-Id: Ic88cd6e143bc48cab3c9ebb7c7007513803bd199
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: MaxF <max@max-fillinger.net>
Message-Id: <20250911201719.25773-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59232185/
URL: https://gerrit.openvpn.net/c/openvpn/+/1135
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Using the management interface you can now target one or more clients
(via broadcast or via cid) and send a PUSH_UPDATE control message
to update some options. See doc/management-notes.txt for details.
Change-Id: Ie82bcc7a8e583de9156b185d71d1a323ed8df3fc
Signed-off-by: Marco Baffo <marco@mandelbit.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20250903164826.13284-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg32807.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This is a more powerful version of atoi_warn that can
- check minimum and maximum values
- report error seperately from parsed value
This can be used to simplify a lot of option parsing.
Change-Id: Ibc7526d59c1de17a0f9d8ed88f75c6f070ab11e7
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Message-Id: <20250902144657.11854-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59228172/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
With a first UT that tests add_in6_addr() (and
print_in6_addr implicitly).
Change-Id: If546f64a4554b292623bfcfe9ee53bac17dfa803
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20250831151133.25684-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg32723.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This fixes that control packets on a floating client can trigger
creating a new session in special circumstances:
To trigger this circumstance a connection needs to
- starts on IP A
- successfully floats to IP B by data packet
- then has a control packet from IP A before any
data packet can trigger the float back to IP A
and all of this needs to happen in the 60s time
that hmac cookie is valid in the default
configuration.
In this scenario we would trigger a new connection as the HMAC
session id would be valid.
This patch adds checking also of the message-id and acked ids to
discern packet from the initial three-way handshake where these
ids are 0 or 1 from any later packet.
This will now trigger (at verb 4 or higher) a messaged like:
Packet (P_ACK_V1) with invalid or missing SID
instead.
Also remove a few duplicated free_tls_pre_decrypt_state in test_ssl.
Reported-By: Walter Doekes <walter.openvpn@wjd.nu>
Tested-By: Walter Doekes <walter.openvpn@wjd.nu>
Change-Id: I6752dcd5aff3e5cea2b439366479e86751a1c403
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: MaxF <max@max-fillinger.net>
Message-Id: <20250819212214.16218-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg32626.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
In some cases an actual ColumnLimit leads to unfortunate
formatting. So leave the decision to developers after all.
This commit contains:
- changes that clang-format did as reaction to the config
change
- manual cleanups of these changes
- manual cleanup of some previous changes done
with ColumnLimit 100
Change-Id: Ibd900adfc775b7f785f1d5630184a124f5d8ff4b
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20250805132706.27619-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg32523.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Done with pre-commit run -a, so the version
defined in pre-commit config is used.
This also changes the Github workflow so that
there is no commit that fails GHA.
Change-Id: I2566ad493629e1f5fdfa6f6483b8973463404e3e
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20250804151853.10565-1-gert@greenie.muc.de>
URL: https://gerrit.openvpn.net/c/openvpn/+/791
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This removes the postal address of the FSF and replaces
it with their URL.
Mostly generated with
sed -i -e 's@if not, write to the Free Software Foundation, Inc.,\
@if not, see <https://www.gnu.org/licenses/>.@'
sed -i -e '/51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA/d'
sed -i -e '/59 Temple Place, Suite 330, Boston, MA 02111-1307 USA/d'
With some manual fix-ups afterwards.
Change-Id: Ic3959970fa9ab993e98d4b38c025fd0efc7b92f2
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20250803145126.23494-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg32481.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This mostly removes the postal address of the FSF.
This was triggered by rpmlint complaining about
that address being outdated.
Change-Id: Idfe5c615d1109a1038207c1c1b0e0de4da3279f5
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20250803143939.15335-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg32475.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
