Commit graph

243 commits

Author SHA1 Message Date
Frank Lichtenheld
25af0b222f Fix various loop index types to avoid sign-compare issues
Some checks are pending
Build / mingw unittest user_pass - x86 - Release - OSSL (push) Blocked by required conditions
Build / gcc - ubuntu-24.04 - OpenSSL 3.0.13 --enable-pkcs11 (push) Waiting to run
Build / gcc - ubuntu-22.04 - OpenSSL 3.0.2 --enable-pkcs11 (push) Waiting to run
Build / clang-asan - ubuntu-22.04 - openssl (push) Waiting to run
Build / clang-asan - ubuntu-24.04 - openssl (push) Waiting to run
Build / macos-14 - libressl - asan (push) Waiting to run
Build / macos-14 - openssl@3 - asan (push) Waiting to run
Build / macos-15 - libressl - asan (push) Waiting to run
Build / macos-15 - openssl@3 - asan (push) Waiting to run
Build / macos-26 - libressl - asan (push) Waiting to run
Build / macos-26 - openssl@3 - asan (push) Waiting to run
Build / macos-14 - libressl - normal (push) Waiting to run
Build / macos-14 - openssl@3 - normal (push) Waiting to run
Build / macos-15 - libressl - normal (push) Waiting to run
Build / macos-15 - openssl@3 - normal (push) Waiting to run
Build / macos-26 - libressl - normal (push) Waiting to run
Build / macos-26 - openssl@3 - normal (push) Waiting to run
Build / msbuild - amd64 - openssl (push) Waiting to run
Build / msbuild - amd64-clang - openssl (push) Waiting to run
Build / msbuild - arm64 - openssl (push) Waiting to run
Build / msbuild - x86 - openssl (push) Waiting to run
Build / msbuild - x86-clang - openssl (push) Waiting to run
Build / clang asan - ubuntu-22.04 - libressl (push) Waiting to run
Build / gcc normal - ubuntu-22.04 - libressl (push) Waiting to run
Build / clang asan - ubuntu-22.04 - mbedtls4 (push) Waiting to run
Build / gcc normal - ubuntu-22.04 - mbedtls4 (push) Waiting to run
Build / clang asan - ubuntu-24.04 - awslc (push) Waiting to run
Build / gcc normal - ubuntu-24.04 - awslc (push) Waiting to run
Deploy Doxygen documentation to Pages / build (push) Waiting to run
Deploy Doxygen documentation to Pages / deploy (push) Blocked by required conditions
Just uses the correct types i.e. the same as the limit.
Since the index is usually only used as a non-negative
array index the type change does not cause any behavioral
changes.

But it avoids -Wsign-compare complaints and is just
cleaner.

Change-Id: Ib6c3e154fbe14113ff990f13347f85a7c93dd3e0
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1491
Message-Id: <20260216212805.7808-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35682.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2026-02-19 17:11:30 +01:00
Frank Lichtenheld
83f9c55efb test_openvpnserv: Make sure to include config.h
Otherwise the check for cmocka version doesn't
work. Includes the update to vcpkg in GHA since
that exposed the problem.

chore(deps): update vcpkg digest to 6d332a0

Change-Id: I3b246bcc36ba35c2ed9630dc18e97aff436eaa0b
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1488
Message-Id: <20260126145558.31460-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35437.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2026-01-26 16:32:26 +01:00
Max Fillinger
494fb71804 Add support for Mbed TLS 4
Some checks are pending
Build / mingw unittest user_pass - x86 - Release - OSSL (push) Blocked by required conditions
Build / gcc - ubuntu-24.04 - OpenSSL 3.0.13 --enable-pkcs11 (push) Waiting to run
Build / gcc - ubuntu-22.04 - OpenSSL 3.0.2 --enable-pkcs11 (push) Waiting to run
Build / clang-asan - ubuntu-22.04 - openssl (push) Waiting to run
Build / clang-asan - ubuntu-24.04 - openssl (push) Waiting to run
Build / macos-14 - libressl - asan (push) Waiting to run
Build / macos-14 - openssl@3 - asan (push) Waiting to run
Build / macos-15 - libressl - asan (push) Waiting to run
Build / macos-15 - openssl@3 - asan (push) Waiting to run
Build / macos-26 - libressl - asan (push) Waiting to run
Build / macos-26 - openssl@3 - asan (push) Waiting to run
Build / macos-14 - libressl - normal (push) Waiting to run
Build / macos-14 - openssl@3 - normal (push) Waiting to run
Build / macos-15 - libressl - normal (push) Waiting to run
Build / macos-15 - openssl@3 - normal (push) Waiting to run
Build / macos-26 - libressl - normal (push) Waiting to run
Build / macos-26 - openssl@3 - normal (push) Waiting to run
Build / msbuild - amd64 - openssl (push) Waiting to run
Build / msbuild - amd64-clang - openssl (push) Waiting to run
Build / msbuild - arm64 - openssl (push) Waiting to run
Build / msbuild - x86 - openssl (push) Waiting to run
Build / msbuild - x86-clang - openssl (push) Waiting to run
Build / clang asan - ubuntu-22.04 - libressl (push) Waiting to run
Build / gcc normal - ubuntu-22.04 - libressl (push) Waiting to run
Build / clang asan - ubuntu-22.04 - mbedtls3 (push) Waiting to run
Build / gcc normal - ubuntu-22.04 - mbedtls3 (push) Waiting to run
Build / clang asan - ubuntu-24.04 - awslc (push) Waiting to run
Build / gcc normal - ubuntu-24.04 - awslc (push) Waiting to run
Deploy Doxygen documentation to Pages / build (push) Waiting to run
Deploy Doxygen documentation to Pages / deploy (push) Blocked by required conditions
This commit adds support for Mbed TLS 4. This version comes with some
drastic changes. The crypto library has been completely redesigned, so
the contents of crypto_mbedtls.c are moved to crypto_mbedtls_legacy.c
and crypto_mbedtls.c handles the crypto for version 4.

Mbed TLS 4 also removed the feature for looking up a crypto algorithm by
name, so we need to translate algorithm names to Mbed TLS numbers in
OpenVPN. The tables are not yet complete. For symmetric algorithms, I
have added AES and Chacha-Poly which should be enough for most use
cases.

Change-Id: Ib251d546d993b96ed3bd8cb9111bcc627cdb0fae
Signed-off-by: Max Fillinger <maximilian.fillinger@sentyron.com>
Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1441
Message-Id: <20260123164746.7333-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35401.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2026-01-24 18:49:44 +01:00
Frank Lichtenheld
b10ee38ccd openvpnserv: Add a first unit test
This adds the required build infrastructure
and adds tests for two functions related to
GetItfDnsDomains().

Change-Id: I33583e51e1143c53fbe0aef16546fa3f602b17c0
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1459
Message-Id: <20260119215058.27888-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35345.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2026-01-24 18:23:05 +01:00
Arne Schwabe
e0e0720ac3 Correctly handle sender jumping exactly epoch_data_keys_future_count
When the sender jumps forwards exactly epoch_data_keys_future_count in its
epoch key use the housekeeping logic does not handle this correctly and
triggers an ASSERT.

Change the code to correctly implement the special case when the new epoch
key of the sender is the highest valid key epoch in the current window of
valid epoch keys for receiving data.

Change-Id: Ib581c02a29b974184256a9f4ad0ce15ba5f9db3b
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-By: Max Fillinger <maximilian.fillinger@sentyron.com>
Reported-By: Pavel Kohout of Aisle Research <pavel.kohout@aisle.com>
Github: closes OpenVPN/openvpn-private-issues#103
CVE: 2025-15497
2026-01-15 11:10:56 +01:00
Frank Lichtenheld
20f8127bcd Fix building test_tls_crypt with cmocka 2.0
Some checks are pending
Build / mingw unittest user_pass - x86 - Release - OSSL (push) Blocked by required conditions
Build / gcc - ubuntu-24.04 - OpenSSL 3.0.13 --enable-pkcs11 (push) Waiting to run
Build / gcc - ubuntu-22.04 - OpenSSL 3.0.2 --enable-pkcs11 (push) Waiting to run
Build / clang-asan - ubuntu-22.04 - openssl (push) Waiting to run
Build / clang-asan - ubuntu-24.04 - openssl (push) Waiting to run
Build / macos-14 - libressl - asan (push) Waiting to run
Build / macos-14 - openssl@3 - asan (push) Waiting to run
Build / macos-15 - libressl - asan (push) Waiting to run
Build / macos-15 - openssl@3 - asan (push) Waiting to run
Build / macos-26 - libressl - asan (push) Waiting to run
Build / macos-26 - openssl@3 - asan (push) Waiting to run
Build / macos-14 - libressl - normal (push) Waiting to run
Build / macos-14 - openssl@3 - normal (push) Waiting to run
Build / macos-15 - libressl - normal (push) Waiting to run
Build / macos-15 - openssl@3 - normal (push) Waiting to run
Build / macos-26 - libressl - normal (push) Waiting to run
Build / macos-26 - openssl@3 - normal (push) Waiting to run
Build / msbuild - amd64 - openssl (push) Waiting to run
Build / msbuild - amd64-clang - openssl (push) Waiting to run
Build / msbuild - arm64 - openssl (push) Waiting to run
Build / msbuild - x86 - openssl (push) Waiting to run
Build / msbuild - x86-clang - openssl (push) Waiting to run
Build / clang asan - ubuntu-22.04 - libressl (push) Waiting to run
Build / gcc normal - ubuntu-22.04 - libressl (push) Waiting to run
Build / clang asan - ubuntu-22.04 - mbedtls3 (push) Waiting to run
Build / gcc normal - ubuntu-22.04 - mbedtls3 (push) Waiting to run
Build / clang asan - ubuntu-24.04 - awslc (push) Waiting to run
Build / gcc normal - ubuntu-24.04 - awslc (push) Waiting to run
Deploy Doxygen documentation to Pages / build (push) Waiting to run
Deploy Doxygen documentation to Pages / deploy (push) Blocked by required conditions
This was missed in commit
6db186e0b1 since we
only built with cmocka 2.0 on macOS and that doesn't
build test_tls_crypt.

Now that we build with cmocka 2.0 also on Debian Sid
we noticed the additional issues.

Change-Id: Ibc964c13724316ca96276ba6b7d34dbbfcf52064
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1460
Message-Id: <20260108154248.21706-1-gert@greenie.muc.de>
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2026-01-08 16:50:36 +01:00
Frank Lichtenheld
f94a3ad2ba Update Copyright statements to 2026
Some checks are pending
Build / mingw unittest user_pass - x86 - Release - OSSL (push) Blocked by required conditions
Build / gcc - ubuntu-24.04 - OpenSSL 3.0.13 --enable-pkcs11 (push) Waiting to run
Build / gcc - ubuntu-22.04 - OpenSSL 3.0.2 --enable-pkcs11 (push) Waiting to run
Build / clang-asan - ubuntu-22.04 - openssl (push) Waiting to run
Build / clang-asan - ubuntu-24.04 - openssl (push) Waiting to run
Build / macos-14 - libressl - asan (push) Waiting to run
Build / macos-14 - openssl@3 - asan (push) Waiting to run
Build / macos-15 - libressl - asan (push) Waiting to run
Build / macos-15 - openssl@3 - asan (push) Waiting to run
Build / macos-26 - libressl - asan (push) Waiting to run
Build / macos-26 - openssl@3 - asan (push) Waiting to run
Build / macos-14 - libressl - normal (push) Waiting to run
Build / macos-14 - openssl@3 - normal (push) Waiting to run
Build / macos-15 - libressl - normal (push) Waiting to run
Build / macos-15 - openssl@3 - normal (push) Waiting to run
Build / macos-26 - libressl - normal (push) Waiting to run
Build / macos-26 - openssl@3 - normal (push) Waiting to run
Build / msbuild - amd64 - openssl (push) Waiting to run
Build / msbuild - amd64-clang - openssl (push) Waiting to run
Build / msbuild - arm64 - openssl (push) Waiting to run
Build / msbuild - x86 - openssl (push) Waiting to run
Build / msbuild - x86-clang - openssl (push) Waiting to run
Build / clang asan - ubuntu-22.04 - libressl (push) Waiting to run
Build / gcc normal - ubuntu-22.04 - libressl (push) Waiting to run
Build / clang asan - ubuntu-22.04 - mbedtls3 (push) Waiting to run
Build / gcc normal - ubuntu-22.04 - mbedtls3 (push) Waiting to run
Build / clang asan - ubuntu-24.04 - awslc (push) Waiting to run
Build / gcc normal - ubuntu-24.04 - awslc (push) Waiting to run
Deploy Doxygen documentation to Pages / build (push) Waiting to run
Deploy Doxygen documentation to Pages / deploy (push) Blocked by required conditions
Change-Id: I1728fcb75284ba106e5c37ef53f6e568b64fb647
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1456
Message-Id: <20260108074915.9417-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59280815/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2026-01-08 10:59:57 +01:00
Frank Lichtenheld
6db186e0b1 tests/unit_tests: Port to cmocka 2.0.0 API
Some checks failed
Build / mingw unittest user_pass - x64 - Release - OSSL (push) Has been cancelled
Build / mingw unittest argv - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest auth_token - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest buffer - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest crypto - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest cryptoapi - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest misc - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest ncp - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest options_parse - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest packet_id - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest pkt - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest provider - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest ssl - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest tls_crypt - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest user_pass - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest argv - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest auth_token - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest buffer - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest crypto - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest cryptoapi - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest misc - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest ncp - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest options_parse - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest packet_id - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest pkt - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest provider - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest ssl - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest tls_crypt - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest user_pass - x86 - Release - OSSL (push) Has been cancelled
Deploy Doxygen documentation to Pages / deploy (push) Has been cancelled
But add compat layer so that we can still build
against older versions of cmocka. Mostly this is
trivial but the custom check function changed its
prototype, so that requires some more work.

Change-Id: Ifb6594700db71d219643a29c581099c778bcbbc6
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1449
Message-Id: <20251218104042.5961-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35144.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-12-18 12:21:28 +01:00
Frank Lichtenheld
75cc34eccc mbuf: Add unit tests
Some checks failed
Build / mingw unittest user_pass - x64 - Release - OSSL (push) Has been cancelled
Build / mingw unittest argv - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest auth_token - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest buffer - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest crypto - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest cryptoapi - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest misc - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest ncp - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest options_parse - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest packet_id - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest pkt - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest provider - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest ssl - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest tls_crypt - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest user_pass - x86 - Debug - OSSL (push) Has been cancelled
Build / mingw unittest argv - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest auth_token - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest buffer - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest crypto - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest cryptoapi - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest misc - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest ncp - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest options_parse - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest packet_id - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest pkt - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest provider - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest ssl - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest tls_crypt - x86 - Release - OSSL (push) Has been cancelled
Build / mingw unittest user_pass - x86 - Release - OSSL (push) Has been cancelled
Deploy Doxygen documentation to Pages / deploy (push) Has been cancelled
While fixing the conversion warning I was
somewhat confused how this works, so added
UTs to verify I understood it.

v2:
 - disable assert test for MS VS
 - add define for memory-intensive UTs and
   only enable it by default for CMake builds,
   so we do not break a lot of builds out there
   due to memory allocation failures

Change-Id: Icab68a5fd1b6288955f0073179f1ddde1468d951
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1432
Message-Id: <20251212120352.17402-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35050.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-12-12 13:52:02 +01:00
Moritz Fain
309c2332c3 PUSH_UPDATE: fix option reset logic in continuation messages
Some checks are pending
Build / mingw unittest user_pass - x86 - Release - OSSL (push) Blocked by required conditions
Build / gcc - ubuntu-24.04 - OpenSSL 3.0.13 --enable-pkcs11 (push) Waiting to run
Build / gcc - ubuntu-22.04 - OpenSSL 3.0.2 --enable-pkcs11 (push) Waiting to run
Build / clang-asan - ubuntu-22.04 - openssl (push) Waiting to run
Build / clang-asan - ubuntu-24.04 - openssl (push) Waiting to run
Build / macos-14 - libressl - asan (push) Waiting to run
Build / macos-14 - openssl@3 - asan (push) Waiting to run
Build / macos-15 - libressl - asan (push) Waiting to run
Build / macos-15 - openssl@3 - asan (push) Waiting to run
Build / macos-26 - libressl - asan (push) Waiting to run
Build / macos-26 - openssl@3 - asan (push) Waiting to run
Build / macos-14 - libressl - normal (push) Waiting to run
Build / macos-14 - openssl@3 - normal (push) Waiting to run
Build / macos-15 - libressl - normal (push) Waiting to run
Build / macos-15 - openssl@3 - normal (push) Waiting to run
Build / macos-26 - libressl - normal (push) Waiting to run
Build / macos-26 - openssl@3 - normal (push) Waiting to run
Build / msbuild - amd64 - openssl (push) Waiting to run
Build / msbuild - amd64-clang - openssl (push) Waiting to run
Build / msbuild - arm64 - openssl (push) Waiting to run
Build / msbuild - x86 - openssl (push) Waiting to run
Build / msbuild - x86-clang - openssl (push) Waiting to run
Build / clang asan - ubuntu-22.04 - libressl (push) Waiting to run
Build / gcc normal - ubuntu-22.04 - libressl (push) Waiting to run
Build / clang asan - ubuntu-22.04 - mbedtls3 (push) Waiting to run
Build / gcc normal - ubuntu-22.04 - mbedtls3 (push) Waiting to run
Build / clang asan - ubuntu-24.04 - awslc (push) Waiting to run
Build / gcc normal - ubuntu-24.04 - awslc (push) Waiting to run
Deploy Doxygen documentation to Pages / build (push) Waiting to run
Deploy Doxygen documentation to Pages / deploy (push) Blocked by required conditions
Previously, the logic for resetting push options (like 'route') was based on
`update_options_found` which was local to `apply_push_options`. This meant
that if a PUSH_UPDATE was split across multiple continuation messages,
the state was lost, causing routes to be reset multiple times (once per
message chunk) rather than once per update sequence.

This patch moves the state tracking to `struct options` as
`push_update_options_found`, allowing it to persist across the entire
PUSH_UPDATE sequence.

This fixes an issue where large route lists sent via PUSH_UPDATE would
result in only the last chunk's routes being applied, or previous routes
being continuously deleted and re-added.

Added unit test `test_incoming_push_continuation_route_accumulation` to
verify the fix.

Github: OpenVPN/openvpn#925

Signed-off-by: Moritz Fain <moritz-openvpn@fain.io>
Acked-by: Marco Baffo <marco@mandelbit.com>
Message-Id: <CAM8w-qEE6vHj=yUOpTFbM7DqPKzUV0NupvEG4rUefY=kNB2DxQ@mail.gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34814.html

Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-12-10 12:34:16 +01:00
Arne Schwabe
18c483dd60 Fix memcmp check for the hmac verification in the 3way handshake being inverted
This is a stupid mistake but causes all hmac cookies to be accepted,
thus breaking source IP address validation.   As a consequence, TLS
sessions can be openend and state can be consumed in the server from
IP addresses that did not initiate an initial connection.

While at it, fix check to only allow [t-2;t] timeslots, disallowing
HMACs coming in from a future timeslot.

Github: OpenVPN/openvpn-private-issues#56

CVE: 2025-13086

Reported-By: Joshua Rogers <contact@joshua.hu>
Found-by: ZeroPath (https://zeropath.com/)
Reported-By: stefan@srlabs.de

Change-Id: I9cbe2bf535575b47ddd7f34e985c5c1c6953a6fc
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Max Fillinger <max@max-fillinger.net>
2025-11-17 10:08:36 +01:00
Heiko Hund
5888adc6fa msvc: fix struct initialization for v19 compilers
Newer version of MSVC do not show the error anymore, but I do get, e.g.:

  test_crypto.c(538,23): error C2059: syntax error: '}'

with version 19.38.33133 installed on a test system.

Change-Id: I13e34119303e056fdb51ff9925f4944171c824f2
Signed-off-by: Heiko Hund <heiko@ist.eigentlich.net>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1366
Message-Id: <20251111172504.7683-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34327.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-11-12 10:54:36 +01:00
Antonio Quartulli
c5e9950987 unit_tests: prefer proper cmocka assert helpers
We have agreed to never use the plain assert()
anywhere in the code.

Unit tests are almost there as they always use
cmocka provided assert helpers, except for two cases.
Convert those two to cmocka assert calls too.

While at it also ensure that the proper bool helpers
are used rather than checking _int_equal against true/false.

Drop assert.h in cryptoapi.c as well as it's not needed
anymore.

GitHub: Closes OpenVPN/openvpn#894
Change-Id: I61e4968f2e83d12d4d3fc3ccba92a06eb5ed5866
Signed-off-by: Antonio Quartulli <antonio@mandelbit.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1345
Message-Id: <20251104081653.3368-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34179.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-11-04 09:18:56 +01:00
Antonio Quartulli
21b943734f test_networking: use appropriate assert helpers
Some checks are pending
Build / macos-13 - openssl@1.1 - asan (push) Waiting to run
Build / macos-13 - openssl@3 - asan (push) Waiting to run
Build / macos-14 - libressl - asan (push) Waiting to run
Build / macos-14 - openssl@1.1 - asan (push) Waiting to run
Build / macos-14 - openssl@3 - asan (push) Waiting to run
Build / macos-15 - libressl - asan (push) Waiting to run
Build / macos-15 - openssl@1.1 - asan (push) Waiting to run
Build / macos-15 - openssl@3 - asan (push) Waiting to run
Build / macos-13 - libressl - normal (push) Waiting to run
Build / macos-13 - openssl@1.1 - normal (push) Waiting to run
Build / macos-13 - openssl@3 - normal (push) Waiting to run
Build / macos-14 - libressl - normal (push) Waiting to run
Build / macos-14 - openssl@1.1 - normal (push) Waiting to run
Build / macos-14 - openssl@3 - normal (push) Waiting to run
Build / macos-15 - libressl - normal (push) Waiting to run
Build / macos-15 - openssl@1.1 - normal (push) Waiting to run
Build / macos-15 - openssl@3 - normal (push) Waiting to run
Build / msbuild - amd64 - openssl (push) Waiting to run
Build / msbuild - amd64-clang - openssl (push) Waiting to run
Build / msbuild - arm64 - openssl (push) Waiting to run
Build / msbuild - x86 - openssl (push) Waiting to run
Build / msbuild - x86-clang - openssl (push) Waiting to run
Build / clang asan - ubuntu-22.04 - libressl (push) Waiting to run
Build / gcc normal - ubuntu-22.04 - libressl (push) Waiting to run
Build / clang asan - ubuntu-22.04 - mbedtls3 (push) Waiting to run
Build / gcc normal - ubuntu-22.04 - mbedtls3 (push) Waiting to run
Build / clang asan - ubuntu-24.04 - awslc (push) Waiting to run
Build / gcc normal - ubuntu-24.04 - awslc (push) Waiting to run
Deploy Doxygen documentation to Pages / build (push) Waiting to run
Deploy Doxygen documentation to Pages / deploy (push) Blocked by required conditions
In all unit tests we rely on CMocka's provided assert helpers.

However, test_networking.c was still on the default assert() call,
which we try to avoid in favour of more appropriate helpers.

Substitute them all with assert_*() from CMocka.

Change-Id: Ie153b3d5bf19200f225cd09131de8583645110be
Reported-by: Marc Heuse <marc@srlabs.de>
Signed-off-by: Antonio Quartulli <antonio@mandelbit.com>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1342
Message-Id: <20251103145842.22969-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34155.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-11-03 16:31:59 +01:00
Marco Baffo
6b0208e962 PUSH_UPDATE server: invalid read bug-fix and unit-tests improvements
The number of messages calculated before the call to message_splitter(),
used in the memory allocation in the buffer array, could in certain
cases be less than one than the actual number of messages, thus causing
an override of the sentinel buffer in message_splitter() and therefore
an invalid read in send_single_push_update().
The case in question would be, for example, a sequence of three options
"A,B,C" with the size of B equal to safe_cap - 1 and the sum of the
sizes of A and C less than safe_cap - 2.

The buffer array was therefore replaced with a list of buffers to
completely avoid calculating the number of messages before it was
actually computed.
The test case in question has been added to the unit tests.
The unit tests have been improved using cmocka macros.

Change-Id: Idba419681fe3ccc4e6e2f6ce7592332dcff62cd9
Signed-off-by: Marco Baffo <marco@mandelbit.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1316
Message-Id: <20251030195244.2659-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34073.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-10-31 10:51:47 +01:00
Antonio Quartulli
b9b5470521 sitnl: set FD_CLOEXEC on socket to prevent abuse
Since OpenVPN spawns various child processes, it is important
that sockets are closed after calling exec.

The sitnl socket didn't have the right flag set, resulting
in it surviving in, for example, connect/disconnect scripts
and giving the latter a chance to abuse the socket.

Ensure this doesn't happen by setting FD_CLOEXEC on
this socket right after creation.

Reported-by: Joshua Rogers <contact@joshua.hu>
Found-by: ZeroPath (https://zeropath.com/)
Change-Id: I54845bf4dd17d06cfc3b402f188795f74f4b1d3e
Signed-off-by: Antonio Quartulli <antonio@mandelbit.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1314
Message-Id: <20251028162843.18189-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg33952.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-10-28 17:31:35 +01:00
Frank Lichtenheld
160e994d72 push_util: Make send_push_update static
Some checks are pending
Build / macos-13 - openssl@1.1 - asan (push) Waiting to run
Build / macos-13 - openssl@3 - asan (push) Waiting to run
Build / macos-14 - libressl - asan (push) Waiting to run
Build / macos-14 - openssl@1.1 - asan (push) Waiting to run
Build / macos-14 - openssl@3 - asan (push) Waiting to run
Build / macos-15 - libressl - asan (push) Waiting to run
Build / macos-15 - openssl@1.1 - asan (push) Waiting to run
Build / macos-15 - openssl@3 - asan (push) Waiting to run
Build / macos-13 - libressl - normal (push) Waiting to run
Build / macos-13 - openssl@1.1 - normal (push) Waiting to run
Build / macos-13 - openssl@3 - normal (push) Waiting to run
Build / macos-14 - libressl - normal (push) Waiting to run
Build / macos-14 - openssl@1.1 - normal (push) Waiting to run
Build / macos-14 - openssl@3 - normal (push) Waiting to run
Build / macos-15 - libressl - normal (push) Waiting to run
Build / macos-15 - openssl@1.1 - normal (push) Waiting to run
Build / macos-15 - openssl@3 - normal (push) Waiting to run
Build / msbuild - amd64 - openssl (push) Waiting to run
Build / msbuild - amd64-clang - openssl (push) Waiting to run
Build / msbuild - arm64 - openssl (push) Waiting to run
Build / msbuild - x86 - openssl (push) Waiting to run
Build / msbuild - x86-clang - openssl (push) Waiting to run
Build / clang asan - ubuntu-22.04 - libressl (push) Waiting to run
Build / gcc normal - ubuntu-22.04 - libressl (push) Waiting to run
Build / clang asan - ubuntu-22.04 - mbedtls3 (push) Waiting to run
Build / gcc normal - ubuntu-22.04 - mbedtls3 (push) Waiting to run
Build / clang asan - ubuntu-24.04 - awslc (push) Waiting to run
Build / gcc normal - ubuntu-24.04 - awslc (push) Waiting to run
Deploy Doxygen documentation to Pages / build (push) Waiting to run
Deploy Doxygen documentation to Pages / deploy (push) Blocked by required conditions
Not necessary to make it non-static just for UTs.

Change-Id: I348abec1e2f32301a0368d5f541e67bddf358bbc
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1282
Message-Id: <20251017203830.23807-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59248152/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-10-17 22:46:35 +02:00
Marco Baffo
5e4c9a69ea PUSH_UPDATE server: remove old IP(s) from vhash after sending a message containing ifconfig(-ipv6)
When sending a PUSH_UPDATE containing an ifconfig(-ipv6) option, we must add the new IP to the
multi_context vhash (hash table of the clients indexed by virtual IPs). Now in addition to
adding new client IPs, old IPs are also removed from vhash, allowing for a more complete update.

Change-Id: I07a8ddd9026eef64b6f5abde98702a9801616a5f
Signed-off-by: Marco Baffo <marco@mandelbit.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1253
Message-Id: <20251017201916.21697-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg33412.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-10-17 22:24:11 +02:00
Frank Lichtenheld
c4f7b418c2 win32: Change some APIs to use DWORD instead of size_t
This is what the Win32 APIs use. Since we put static
integers into this (e.g. sizeof()) this doesn't
result in new conversion warnings at the caller sites.

Change-Id: Ia836e3c05a868a7e8419c2bb2f547d968260783c
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1269
Message-Id: <20251013162221.2156-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59246222/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-10-13 18:30:07 +02:00
Frank Lichtenheld
d78ebd4b8c test_dhcp: Start a dhcp helper functions UT
Use extra define to allow testing code only
used on Windows but not actually dependent
on Windows.

Change-Id: I08e50030b1b692d351509f541e5c0b03b5170615
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1267
Message-Id: <20251013154758.21695-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59246199/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-10-13 17:58:49 +02:00
Frank Lichtenheld
e7fdde7cb8 test_user_pass: Check fatal errors for empty username/password
Required a fix to mock_msg to make tests of M_FATAL
possible at all.
This also tests some cases which arguably should throw
a fatal error but do not.

v2:
 - Suppress LeakSanitizer errors for fatal error tests.
   Due to aborting the function, the memory will not be
   cleaned up, but that is expected.
v3:
 - Disable assert tests with MSVC. Does not seem to catch
   the error correctly.
 - Rebase on top of parallel-tests series to get
   AM_TESTS_ENVIRONMENT.
v8:
 - Update srcdir handling according to master.
v10:
 - Update mock_msg.c fatal handling to be compatible
   with NO_CMOCKA.

Change-Id: Icabc8acf75638c86c8c395e9ffecba7a7226cd97
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/474
Message-Id: <20251010211154.2780-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59245149/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-10-11 11:51:27 +02:00
Marco Baffo
855094893e PUSH_UPDATE server: check IV_PROTO before sending the message to the client
Some checks are pending
Build / macos-13 - openssl@1.1 - asan (push) Waiting to run
Build / macos-13 - openssl@3 - asan (push) Waiting to run
Build / macos-14 - libressl - asan (push) Waiting to run
Build / macos-14 - openssl@1.1 - asan (push) Waiting to run
Build / macos-14 - openssl@3 - asan (push) Waiting to run
Build / macos-15 - libressl - asan (push) Waiting to run
Build / macos-15 - openssl@1.1 - asan (push) Waiting to run
Build / macos-15 - openssl@3 - asan (push) Waiting to run
Build / macos-13 - libressl - normal (push) Waiting to run
Build / macos-13 - openssl@1.1 - normal (push) Waiting to run
Build / macos-13 - openssl@3 - normal (push) Waiting to run
Build / macos-14 - libressl - normal (push) Waiting to run
Build / macos-14 - openssl@1.1 - normal (push) Waiting to run
Build / macos-14 - openssl@3 - normal (push) Waiting to run
Build / macos-15 - libressl - normal (push) Waiting to run
Build / macos-15 - openssl@1.1 - normal (push) Waiting to run
Build / macos-15 - openssl@3 - normal (push) Waiting to run
Build / msbuild - amd64 - openssl (push) Waiting to run
Build / msbuild - amd64-clang - openssl (push) Waiting to run
Build / msbuild - arm64 - openssl (push) Waiting to run
Build / msbuild - x86 - openssl (push) Waiting to run
Build / msbuild - x86-clang - openssl (push) Waiting to run
Build / clang asan - ubuntu-22.04 - libressl (push) Waiting to run
Build / gcc normal - ubuntu-22.04 - libressl (push) Waiting to run
Build / clang asan - ubuntu-22.04 - mbedtls3 (push) Waiting to run
Build / gcc normal - ubuntu-22.04 - mbedtls3 (push) Waiting to run
Build / clang asan - ubuntu-24.04 - awslc (push) Waiting to run
Build / gcc normal - ubuntu-24.04 - awslc (push) Waiting to run
Deploy Doxygen documentation to Pages / build (push) Waiting to run
Deploy Doxygen documentation to Pages / deploy (push) Blocked by required conditions
Before sending the PUSH_UPDATE message to the client, we must verify that
the client has actually sent IV_PROTO_PUSH_UPDATE to the server, declaring that
it supports push-updates.

Also fixed a gc_arena memory leak in one of the error paths and asserted
mi->context.c2.tls_multi .

Change-Id: I7c28da72be11c7efbed3068fbfc65f2959227bec
Signed-off-by: Marco Baffo <marco@mandelbit.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1255
Message-Id: <20251009182855.18712-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59244566/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-10-10 16:34:51 +02:00
Selva Nair
f9bfd1c405 Fix PIN cache time in test_pkcs11.c
Github: closes OpenVPN/openvpn#861

Change-Id: Ic6fd6ba676b4741da7811ffc7c9688d4673465f8
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1263
Message-Id: <20251010063934.18197-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg33306.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-10-10 09:15:56 +02:00
Frank Lichtenheld
8f3e3de7d7 test_options_parse: Remove --wrap
After removing --wrap from some other tests in
a previous commit I got confused here myself.
--wrap is really only needed when you have the
original function linked in. Somehow I thought
the call ordering and mocking logic needed this.

But this is wrong, so no need to use --wrap here
since we currently do not link any of those
functions.

Change-Id: I60df1e61ed89be52e9d032b5b49133a784f9811e
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1258
Message-Id: <20251008161357.5679-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59244071/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-10-08 18:18:07 +02:00
Frank Lichtenheld
5b8e0563f9 test_options_parse: Do not use uintmax_t instead of LargestIntegralType
At least on OpenBSD it seems that uintmax_t maps
to unsigned long long always, but LargestIntegralType
is unsigned long. So if we have a version of cmocka.h
that defines LargestIntegralType then respect that.

Change-Id: I59a49696acd665d43b21e5c23f24b86c15989cd6
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1256
Message-Id: <20251008133338.23652-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59243971/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-10-08 15:38:43 +02:00
Frank Lichtenheld
775488b81c test_options_parse: Add test for read_config_string
The <inlineopt> test discovered the issue
fixed by commit "buffer: Fix buf_parse eating input".

Change-Id: Icb91d9c560b6f78f16571ac3052cc566d94afe99
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1247
Message-Id: <20251008100222.4610-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59243809/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-10-08 12:46:10 +02:00
Frank Lichtenheld
f5a2e2319b buffer: Fix buf_parse eating input
When parsing a "line" that is longer than the
available line buffer, then buf_parse was
eating up to 2 characters. It advanced past
them but they were not part of the output.

This can lead to unexpected results if buf_parse
is used in a while loop on unrestricted input,
like e.g. when reading configs (see in_src_get()
used for check_inline_file_via_buf()).

Change-Id: I3724660bf0f8336ee58c172acfb7c4f38e457393
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1246
Message-Id: <20251008103001.7696-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59243829/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-10-08 12:36:18 +02:00
Frank Lichtenheld
80981cf338 test_options_parse: Start new UT for options_parse.c
For now contains one test case for parse_line.

Change-Id: I95032d2539d994abf69fc17319ed1a429c3bb948
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1244
Message-Id: <20251008101014.5691-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59243816/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-10-08 12:16:47 +02:00
Marco Baffo
373178b32d PUSH_UPDATE: disabling PUSH_UPDATE server and client if DCO is enabled
The PUSH_UPDATE currently doesn't work with DCO.
For example, in server, if a new ifconfig is sent, the DCO
doesn't receive the new peer address and the connection drops.
Similarly in the client when a PUSH_UPDATE is received, the tun is
closed and reopened but the DCO doesn't receive the peer info.

Change-Id: Ibe78949435bb2f26ad68301e2710321bf37c9486
Signed-off-by: Marco Baffo <marco@mandelbit.com>
Acked-by: Antonio Quartulli <antonio@mandelbit.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1245
Message-Id: <20251008083046.27209-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59243711/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-10-08 10:55:29 +02:00
Frank Lichtenheld
d2428900ef unit_tests: Remove useless wrapping for argv/buffer tests
If not using mock() or check_expected(), and
not linking the original function, then there
is no need for wrapping support.

Change-Id: I937105abeb5e8f796bf6bbe8432972adb60b3e2a
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1243
Message-Id: <20251007185217.19381-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59243508/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-10-07 22:16:11 +02:00
Frank Lichtenheld
0e3dd1ccba Review CMocka assertion usage
Replace some assert_true calls with more specific
assertions. This should improve reporting in case
of problems and also just makes the code nicer.

Change-Id: Ia2f374476c87855bba6c0f9d3e2f28a5fe62a152
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1141
Message-Id: <20251006204118.26237-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59243096/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-10-06 22:50:51 +02:00
Frank Lichtenheld
9db98baf65 Make unit tests -Wconversion clean
Only trivial problems left after the other patches
have been merged.

Change-Id: Iab9e780d9649d7581e5f6aa4b23e72bbed5e145b
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1205
Message-Id: <20250924124154.15963-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59238128/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-09-24 15:11:57 +02:00
Frank Lichtenheld
3ac840942b Enable -Wconversion -Wno-sign-conversion by default
Grand-father all known locations of existing errors,
so that -Werror builds still pass and we do not spam
build logs.

Still, this should give us a much better roadmap to
work on these issues one by one while still enabling
the warnings for a lot of code-paths.

In general I did go for least amount of pragmas, so
usually there is only one override per file, covering
ALL of the failures in that file. While this protects
a lot of code that doesn't need it, it also cut down
the amount of pragmas by a lot.

This does cover gcc builds including mingw and clang
builds. Does not cover MSVC.

Once the amount of issues has been suitable reduced
more warnings could be enabled.

Change-Id: Iad5b00c35a1f1993b1fa99e8b945ab17b230ef59
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1168
Message-Id: <20250924122755.14391-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg33181.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-09-24 14:36:10 +02:00
Frank Lichtenheld
45eb7e1807 Enable a subset of -Wextra
- Includes fixes for
  - -Wimplicit-fallthrough=2
    (=3 is default but requires replacing all
     fallthrough comments)
  - -Wmissing-field-initializers
  - -Wold-style-declaration
- All other warnings that would need fixes are
  disabled for now.

Change-Id: I9ce664d073a4e6a6d433e9e6f986a5086dae8aa1
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1202
Message-Id: <20250923140854.21766-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59237558/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-09-23 16:11:45 +02:00
Gert Doering
2bb658c826 Fix t_net.sh / networking_testdriver after 'broadcast' change
Commit 0df0edc49c re-introduced explicit setting of broadcast addresses
for Linux IPv4 interfaces.  t_net.sh verifies that the built-in netlink
code (sitnl) achieves the same result as "equivalent" iproute2 statements
- and we missed adjusting of these iproute2 statements (printed by
networking_testdriver).  Done.

Change-Id: I5fea6ca1ccadb434b5c4f4b49881524a079a9d15
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Antonio Quartulli <antonio@mandelbit.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1203
Message-Id: <20250922080305.18477-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59236810/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-09-22 10:42:27 +02:00
Frank Lichtenheld
a69aac41c4 list: Make types of hash elements consistent
Really no use in having the indices and limits in int.

Change-Id: I3334465738fb1fbf508dfd719b6a238b500cc0ae
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1119
Message-Id: <20250919173838.28092-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg33108.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-09-20 23:33:00 +02:00
Max Fillinger
efb58abbcc Rename Fox Crypto to Sentyron in copyright notices
Fox Crypto has been renamed to Sentyron on September 4th 2025.

See https://sentyron.com/press-release-foxcrypto-sentyron/ for the
announcement.

Change-Id: Ic9912627b707bf4edd4fe4bfc37b8a639feaba08
Signed-off-by: MaxF <max@max-fillinger.net>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1047
Message-Id: <20250919164440.23251-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg33102.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-09-19 19:25:27 +02:00
Frank Lichtenheld
cc8cd31174 Introduce msglvl_t to unify msglevel type handling
msglevel was definitely unsigned as the first
argument to msg(), but many parts of the code
had it as signed. So this produced a LOT of
warnings when enabling -Wsign-conversion.

Introduce a msglvl_t typedef and switch all
users to it. This includes any values that
are stored in the msglevel field, including
debug level and mute level.

There is one exception in struct status_output
where -1 is a valid value in the API. Only
positive values are translated into standard
message levels.

Change-Id: Id492cb774c6d022d06bb3cf5fec2a4bdd410e619
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1110
Message-Id: <20250917170428.3310-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg33028.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-09-19 16:14:16 +02:00
Arne Schwabe
456da311da Switch test_ssl certificate from RSA 2048 to secp384r1
This allow the unit test to also run in environments that have seclevel
(SSL_CTX_set_security_level) set to 3.

Closes: OpenVPN/openvpn#830
Change-Id: I327ecc9a85dd906517c28e71fe500883bfa028a4
Signed-off-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
URL: https://gerrit.openvpn.net/c/openvpn/+/1172
Message-Id: <20250908181852.5054-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg32838.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-09-14 15:32:59 +02:00
Frank Lichtenheld
10c42c7407 options: Factor out usages of strtoll and atoll
This covers the cases where we actually want to
allow numbers > 2^31

Change-Id: I454126b3f8fa9d14501f6c4b1ed9ce7b2904be61
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: MaxF <max@max-fillinger.net>
URL: https://gerrit.openvpn.net/c/openvpn/+/1154
Message-Id: <20250911201505.25582-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg32858.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-09-14 14:25:02 +02:00
Gert Doering
340b5b2d26 remove newline characters at the end of msg() calls
Unlike debugging with printf(), or msg() calls do not need or want
a '\n' at the end of the string.  Remove those that were overlooked.

Change-Id: I889b53ed72efaec546a6609491fae9715726ea00
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20250912131609.43444-1-frank@lichtenheld.com>
URL: https://sourceforge.net/p/openvpn/mailman/message/59232448/
URL: https://gerrit.openvpn.net/c/openvpn/+/1180
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-09-12 18:08:24 +02:00
Frank Lichtenheld
6269eb43a0 openvpn_PRF: Change API to use size_t for lengths
Basically all users already wanted that anyway. And most
of the library functions also take size_t nowadays.

Change-Id: Ic88cd6e143bc48cab3c9ebb7c7007513803bd199
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: MaxF <max@max-fillinger.net>
Message-Id: <20250911201719.25773-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59232185/
URL: https://gerrit.openvpn.net/c/openvpn/+/1135
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-09-12 17:00:59 +02:00
Marco Baffo
c598efc405 PUSH_UPDATE message sender: enabling the server to send PUSH_UPDATE control messages
Using the management interface you can now target one or more clients
(via broadcast or via cid) and send a PUSH_UPDATE control message
to update some options.  See doc/management-notes.txt for details.

Change-Id: Ie82bcc7a8e583de9156b185d71d1a323ed8df3fc
Signed-off-by: Marco Baffo <marco@mandelbit.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20250903164826.13284-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg32807.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-09-03 20:55:52 +02:00
Frank Lichtenheld
a01c909c3b options: Introduce atoi_constrained and review usages of atoi_warn
This is a more powerful version of atoi_warn that can
- check minimum and maximum values
- report error seperately from parsed value

This can be used to simplify a lot of option parsing.

Change-Id: Ibc7526d59c1de17a0f9d8ed88f75c6f070ab11e7
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Message-Id: <20250902144657.11854-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59228172/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-09-02 19:11:13 +02:00
Frank Lichtenheld
10d64c1844 Add new unit test module test_socket
With a first UT that tests add_in6_addr() (and
print_in6_addr implicitly).

Change-Id: If546f64a4554b292623bfcfe9ee53bac17dfa803
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20250831151133.25684-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg32723.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-08-31 18:27:46 +02:00
Arne Schwabe
518e122b42 Check message id/acked ids too when doing sessionid cookie checks
This fixes that control packets on a floating client can trigger
creating a new session in special circumstances:

To trigger this circumstance a connection needs to

- starts on IP A
- successfully floats to IP B by data packet
- then has a control packet from IP A before any
  data packet can trigger the float back to IP A

and all of this needs to happen in the 60s time
that hmac cookie is valid in the default
configuration.

In this scenario we would trigger a new connection as the HMAC
session id would be valid.

This patch adds checking also of the message-id and acked ids to
discern packet from the initial three-way handshake where these
ids are 0 or 1 from any later packet.

This will now trigger (at verb 4 or higher) a messaged like:

   Packet (P_ACK_V1) with invalid or missing SID

instead.

Also remove a few duplicated free_tls_pre_decrypt_state in test_ssl.

Reported-By: Walter Doekes <walter.openvpn@wjd.nu>
Tested-By: Walter Doekes <walter.openvpn@wjd.nu>

Change-Id: I6752dcd5aff3e5cea2b439366479e86751a1c403
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: MaxF <max@max-fillinger.net>
Message-Id: <20250819212214.16218-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg32626.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-08-23 17:53:52 +02:00
Frank Lichtenheld
21f7d6e1ad clang-format: Switch to ColumnLimit 0
In some cases an actual ColumnLimit leads to unfortunate
formatting. So leave the decision to developers after all.

This commit contains:
 - changes that clang-format did as reaction to the config
   change
 - manual cleanups of these changes
 - manual cleanup of some previous changes done
   with ColumnLimit 100

Change-Id: Ibd900adfc775b7f785f1d5630184a124f5d8ff4b
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20250805132706.27619-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg32523.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-08-05 15:32:53 +02:00
Frank Lichtenheld
3cca3367e6 Reformat the whole project with clang-format
Done with pre-commit run -a, so the version
defined in pre-commit config is used.

This also changes the Github workflow so that
there is no commit that fails GHA.

Change-Id: I2566ad493629e1f5fdfa6f6483b8973463404e3e
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20250804151853.10565-1-gert@greenie.muc.de>
URL: https://gerrit.openvpn.net/c/openvpn/+/791
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-08-04 21:40:22 +02:00
Frank Lichtenheld
ad73d827d3 Update GPL header in all source files to current recommended version
This removes the postal address of the FSF and replaces
it with their URL.

Mostly generated with
sed -i -e 's@if not, write to the Free Software Foundation, Inc.,\
            @if not, see <https://www.gnu.org/licenses/>.@'
sed -i -e '/51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA/d'
sed -i -e '/59 Temple Place, Suite 330, Boston, MA  02111-1307  USA/d'

With some manual fix-ups afterwards.

Change-Id: Ic3959970fa9ab993e98d4b38c025fd0efc7b92f2
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20250803145126.23494-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg32481.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-08-03 16:55:47 +02:00
Frank Lichtenheld
632573834a Update text of GPL to latest version from FSF
This mostly removes the postal address of the FSF.

This was triggered by rpmlint complaining about
that address being outdated.

Change-Id: Idfe5c615d1109a1038207c1c1b0e0de4da3279f5
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20250803143939.15335-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg32475.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-08-03 16:43:58 +02:00