336 commits

Author	SHA1	Message	Date
Selva Nair	25c5c42ac2	Add unit tests for 'auth-user-pass username-only' ... Input from stdin is tested. Change-Id: I1c18b3cf4a454444a61941d88a702a140b0ac23d Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1602 Message-Id: <20260414055805.16974-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg36605.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2026-04-15 11:46:15 +02:00
Frank Lichtenheld	798884d6df	test_buffer: Add test for buf_null_terminate ... Change-Id: I01683153a68e1809a4d7ab455eb346f53780e219 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1580 Message-Id: <20260407095044.28528-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg36532.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2026-04-07 12:53:42 +02:00
Frank Lichtenheld	cdb0fbde26	test_packet_id: Add a check after malloc to ensure value is valid ... cppcheck complains about a potential null pointer dereference in reliable_get_num_output_sequenced_available. That is mostly theoretical, but still add a check. Change-Id: I64da2328591ef2b9ee7502e574c878651cdf356a Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1621 Message-Id: <20260406074729.29903-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg36516.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2026-04-06 12:00:30 +02:00
Arne Schwabe	27d1b9a0da	Add unit test for printing various details of certificates ... These unit tests will ensure that refactoring of these methods does not change the output. Change-Id: Iacbd8195cdedc7226bddc686ca8dccf9f25f8842 Signed-off-by: Arne Schwabe <arne@rfc2549.org> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1598 Message-Id: <20260331173403.3082-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg36389.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2026-04-04 16:08:29 +02:00
Arne Schwabe	579046470f	Rename key* to privkey* in cert_data.h ... The name key2 conflicts with our struct key2 and prevents these test keys from being used in test_ssl.c Change-Id: Id8680e6555a66024417d6eb9322d4fde79922453 Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Frank Lichtenheld <frank@lichtenheld.com> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1597 Message-Id: <20260401102247.21915-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg36401.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2026-04-04 16:01:05 +02:00
Haixiao Yan	690aace41a	tests: skip test execution when cross-compiling ... The auth-pam unit test Makefile.am unconditionally assigns the TESTS variable, causing test execution to fail during cross-compilation because the target binaries are not executable on the build host. Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com> Acked-By: Frank Lichtenheld <frank@lichtenheld.com> Message-Id: <20260326062016.3856597-1-haixiao.yan.cn@windriver.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg36288.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2026-03-30 13:05:14 +02:00
Arne Schwabe	91fd9614f9	Change type of option flag from unsigned int to uint64_t ... We currently use all 32 bits of the unsigned int for option classes. While we can probably can retire 2-3 of the existing options, at some point we will hit the limit again. Instead of fully rewriting this logic to use a different approach or structure, changing the type from unsigned int to uint64_t seem to be a lot less intrusive approach. Change-Id: I8ca07e2bbb5de229204191d61e90f084a58969af Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Frank Lichtenheld <frank@lichtenheld.com> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1583 Message-Id: <20260325124338.123477-1-frank@lichtenheld.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg36266.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2026-03-27 18:46:29 +01:00
Frank Lichtenheld	5933af1620	auth_token: Clean up type handling in verify_auth_token and its UT ... First of all remove the testing of renegotiation_seconds. Commit 9a51617041 made it irrelevant for verify_auth_token but still left UTs for it. But AFAICT these UTs only test that renegotiation_seconds is bigger than auth_token_renewal, so it tests the UT setup routine... Also improve the code to require less casts under -Wsign-compare. Add a comment that this code is not y38 safe if time_t is 32bit. Probably nothing we want to do from our side since in that case everything that uses "now" is borked. So we trust in the OS here... Change-Id: I73dba29719ea685f0427a3c479e7f1f176f09eba Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1510 Message-Id: <20260312173144.15602-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg36079.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2026-03-26 17:46:10 +01:00
Arne Schwabe	369c751078	Remove unnecessary OpenSSL init and cleanup commands in unit tests ... After the removal of OpenSSL 1.0.2 support these instructions are no longer needed and the main OpenVPN program also no longer calls them in init_ssl_lib or free_ssl_lib. Also remove them from the unit tests. This also solves a deprecation warning on EVP_cleanup when compiling with aws-lc Change-Id: I228f6fd9ff18256f09d4348df1fc48853f8e7306 Signed-off-by: Arne Schwabe <arne-openvpn@rfc2549.org> Acked-by: Frank Lichtenheld <frank@lichtenheld.com> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1568 Message-Id: <20260316121148.25189-1-frank@lichtenheld.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg36153.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2026-03-16 14:43:01 +01:00
Frank Lichtenheld	3451c18fe1	cryptoapi: Change signature of parse_hexstring to match code ... parse_hexdigest is a function that is used in exactly one place (not counting tests). So change the types in a way that they match what the caller actually wants (DWORD) and so we do not have any unnecessary conversions. Change-Id: I525a5b1b9b6f173cdf12341aefc44d58f0d43aed Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Antonio Quartulli <antonio@mandelbit.com> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1492 Message-Id: <20260304164502.15449-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35901.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2026-03-05 09:27:37 +01:00
Frank Lichtenheld	984bd3952e	ssl_ncp: Fix length check in mutate_ncp_cipher_list ... * Make it more readable by removing a level of negation * Fix an off-by-one error. It accepted one char fewer than allowed. * Slightly improve the UT. Change-Id: Ib0d2b9520e4a77a9f4bf70ce092f76ca73608537 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1503 Message-Id: <20260302181627.29008-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35828.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2026-03-04 17:17:14 +01:00
Frank Lichtenheld	4f0f2615f9	Enable -Wsign-compare ... As we did before with -Wconversion, ignore existing issues for now so that we can tackle them one-by-one. Change-Id: I880cf01b0db80fc9b40ca4afa30aa51e3fb8ce3b Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1386 Message-Id: <20260304142720.1311-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35888.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2026-03-04 17:10:24 +01:00
Frank Lichtenheld	1ec71fe0c0	buffer: Add checked_snprintf function and use it in the code ... This reintroduces a function that converts the result of snprintf to a boolean since the check is always the same but annoyingly verbose. And it gets worse when you add -Wsign-compare. So in preparation of introducing -Wsign-compare wrap this check in the function. This somewhat reverts the removal of openvpn_snprintf. But note that that was originally introduced to work around the broken snprintf of Windows. So this is not exactly the same. For this reason I also classified this as a buffer function and not a compat function. Change-Id: Ia3477b8ee7a637c15aad7f285144280595cda5d5 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1489 Message-Id: <20260304110455.15859-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35872.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2026-03-04 14:11:31 +01:00
Frank Lichtenheld	28941473f3	buffer: Add BLENZ macro that returns size_t and use it where required ... The big int-vs-size_t length confusion in buffer and its users can't be solved easily or quickly. So as a first step document which users of BLEN actually already want a size_t return. This is better than adding manual size_t casts since it should be easier to change the API later. This will also help with the -Wsign-compare introduction. This does not actually change any behavior. The compiler already did all of these casts implicitly. We just make them explicit. Change-Id: I4e75ba1dbc6d9a0f75298bc900f713b67e60d096 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1132 Message-Id: <20260304105944.15386-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35870.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2026-03-04 13:01:55 +01:00
Antonio Quartulli	92937c267b	options: drop useless init_gc param for init_options() ... The init_option() function is always invoked with the second param "init_gc" set to "true". This makes the parameter useless and it can therefore be removed while always taking the "true" branch in the related logic. This way we can also drop the options->gc_owned member as it would also be always set to true. Change-Id: I633d8cbf75ab4da85e16df44684aef60523811c5 Signed-off-by: Antonio Quartulli <antonio@mandelbit.com> Acked-by: Frank Lichtenheld <frank@lichtenheld.com> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1536 Message-Id: <20260217135605.154129-1-frank@lichtenheld.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35695.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2026-02-28 10:54:38 +01:00
Frank Lichtenheld	25af0b222f	Fix various loop index types to avoid sign-compare issues ... Just uses the correct types i.e. the same as the limit. Since the index is usually only used as a non-negative array index the type change does not cause any behavioral changes. But it avoids -Wsign-compare complaints and is just cleaner. Change-Id: Ib6c3e154fbe14113ff990f13347f85a7c93dd3e0 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1491 Message-Id: <20260216212805.7808-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35682.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2026-02-19 17:11:30 +01:00
Frank Lichtenheld	70ab9347f8	Remove NTLM support ... Since Microsoft has abandonded this I think it is time for us to do the same for OpenVPN 2.8. Leaves a stub ntlm_support in to make cross-branch t_client.rc easier to maintain. Change-Id: I1f5724476862935284f620c54afa510eea03e3f9 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1453 Message-Id: <20260216145205.14958-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35650.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2026-02-16 16:14:13 +01:00
Frank Lichtenheld	5836ccdff4	Review Changes.rst for 2.7.0 release ... Fixes various issues, either errors or things that got outdated during development. Change-Id: Idd079f42fac1189c08c6cf42ea84fa8c0383e1a8 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1515 Message-Id: <20260210162038.7915-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35574.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2026-02-10 18:40:20 +01:00
Frank Lichtenheld	83f9c55efb	test_openvpnserv: Make sure to include config.h ... Otherwise the check for cmocka version doesn't work. Includes the update to vcpkg in GHA since that exposed the problem. chore(deps): update vcpkg digest to 6d332a0 Change-Id: I3b246bcc36ba35c2ed9630dc18e97aff436eaa0b Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1488 Message-Id: <20260126145558.31460-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35437.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2026-01-26 16:32:26 +01:00
Max Fillinger	494fb71804	Add support for Mbed TLS 4 ... This commit adds support for Mbed TLS 4. This version comes with some drastic changes. The crypto library has been completely redesigned, so the contents of crypto_mbedtls.c are moved to crypto_mbedtls_legacy.c and crypto_mbedtls.c handles the crypto for version 4. Mbed TLS 4 also removed the feature for looking up a crypto algorithm by name, so we need to translate algorithm names to Mbed TLS numbers in OpenVPN. The tables are not yet complete. For symmetric algorithms, I have added AES and Chacha-Poly which should be enough for most use cases. Change-Id: Ib251d546d993b96ed3bd8cb9111bcc627cdb0fae Signed-off-by: Max Fillinger <maximilian.fillinger@sentyron.com> Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1441 Message-Id: <20260123164746.7333-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35401.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2026-01-24 18:49:44 +01:00
Frank Lichtenheld	b10ee38ccd	openvpnserv: Add a first unit test ... This adds the required build infrastructure and adds tests for two functions related to GetItfDnsDomains(). Change-Id: I33583e51e1143c53fbe0aef16546fa3f602b17c0 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1459 Message-Id: <20260119215058.27888-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35345.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2026-01-24 18:23:05 +01:00
Arne Schwabe	e0e0720ac3	Correctly handle sender jumping exactly epoch_data_keys_future_count ... When the sender jumps forwards exactly epoch_data_keys_future_count in its epoch key use the housekeeping logic does not handle this correctly and triggers an ASSERT. Change the code to correctly implement the special case when the new epoch key of the sender is the highest valid key epoch in the current window of valid epoch keys for receiving data. Change-Id: Ib581c02a29b974184256a9f4ad0ce15ba5f9db3b Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-By: Max Fillinger <maximilian.fillinger@sentyron.com> Reported-By: Pavel Kohout of Aisle Research <pavel.kohout@aisle.com> Github: closes OpenVPN/openvpn-private-issues#103 CVE: 2025-15497	2026-01-15 11:10:56 +01:00
Frank Lichtenheld	20f8127bcd	Fix building test_tls_crypt with cmocka 2.0 ... This was missed in commit 6db186e0b1 since we only built with cmocka 2.0 on macOS and that doesn't build test_tls_crypt. Now that we build with cmocka 2.0 also on Debian Sid we noticed the additional issues. Change-Id: Ibc964c13724316ca96276ba6b7d34dbbfcf52064 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1460 Message-Id: <20260108154248.21706-1-gert@greenie.muc.de> Signed-off-by: Gert Doering <gert@greenie.muc.de>	2026-01-08 16:50:36 +01:00
Frank Lichtenheld	f94a3ad2ba	Update Copyright statements to 2026 ... Change-Id: I1728fcb75284ba106e5c37ef53f6e568b64fb647 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1456 Message-Id: <20260108074915.9417-1-gert@greenie.muc.de> URL: https://sourceforge.net/p/openvpn/mailman/message/59280815/ Signed-off-by: Gert Doering <gert@greenie.muc.de>	2026-01-08 10:59:57 +01:00
Arne Schwabe	927b45dde7	Allow test-crypto to work without the --secret argument ... The --test-crypto still requires the --secret argument. Since --secret will be removed in OpenVPN 2.8 but we want to keep test-crypt, remove the dependency of test-crypto on --static. Instead we will just generate a random key for this selftest method. This also removes the extra logic that is a leftover from the early multi-thread implementation attempt. Change-Id: I72947bd4f0213fd118327f740daeb1d86ae166de Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Frank Lichtenheld <frank@lichtenheld.com> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1435 Message-Id: <20251219135110.166468-1-frank@lichtenheld.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35157.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-12-22 13:09:24 +01:00
Frank Lichtenheld	6db186e0b1	tests/unit_tests: Port to cmocka 2.0.0 API ... But add compat layer so that we can still build against older versions of cmocka. Mostly this is trivial but the custom check function changed its prototype, so that requires some more work. Change-Id: Ifb6594700db71d219643a29c581099c778bcbbc6 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1449 Message-Id: <20251218104042.5961-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35144.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-12-18 12:21:28 +01:00
Frank Lichtenheld	75cc34eccc	mbuf: Add unit tests ... While fixing the conversion warning I was somewhat confused how this works, so added UTs to verify I understood it. v2: - disable assert test for MS VS - add define for memory-intensive UTs and only enable it by default for CMake builds, so we do not break a lot of builds out there due to memory allocation failures Change-Id: Icab68a5fd1b6288955f0073179f1ddde1468d951 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1432 Message-Id: <20251212120352.17402-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35050.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-12-12 13:52:02 +01:00
Moritz Fain	309c2332c3	PUSH_UPDATE: fix option reset logic in continuation messages ... Previously, the logic for resetting push options (like 'route') was based on `update_options_found` which was local to `apply_push_options`. This meant that if a PUSH_UPDATE was split across multiple continuation messages, the state was lost, causing routes to be reset multiple times (once per message chunk) rather than once per update sequence. This patch moves the state tracking to `struct options` as `push_update_options_found`, allowing it to persist across the entire PUSH_UPDATE sequence. This fixes an issue where large route lists sent via PUSH_UPDATE would result in only the last chunk's routes being applied, or previous routes being continuously deleted and re-added. Added unit test `test_incoming_push_continuation_route_accumulation` to verify the fix. Github: OpenVPN/openvpn#925 Signed-off-by: Moritz Fain <moritz-openvpn@fain.io> Acked-by: Marco Baffo <marco@mandelbit.com> Message-Id: <CAM8w-qEE6vHj=yUOpTFbM7DqPKzUV0NupvEG4rUefY=kNB2DxQ@mail.gmail.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34814.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-12-10 12:34:16 +01:00
Arne Schwabe	18c483dd60	Fix memcmp check for the hmac verification in the 3way handshake being inverted ... This is a stupid mistake but causes all hmac cookies to be accepted, thus breaking source IP address validation. As a consequence, TLS sessions can be openend and state can be consumed in the server from IP addresses that did not initiate an initial connection. While at it, fix check to only allow [t-2;t] timeslots, disallowing HMACs coming in from a future timeslot. Github: OpenVPN/openvpn-private-issues#56 CVE: 2025-13086 Reported-By: Joshua Rogers <contact@joshua.hu> Found-by: ZeroPath (https://zeropath.com/) Reported-By: stefan@srlabs.de Change-Id: I9cbe2bf535575b47ddd7f34e985c5c1c6953a6fc Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Max Fillinger <max@max-fillinger.net>	2025-11-17 10:08:36 +01:00
Heiko Hund	5888adc6fa	msvc: fix struct initialization for v19 compilers ... Newer version of MSVC do not show the error anymore, but I do get, e.g.: test_crypto.c(538,23): error C2059: syntax error: '}' with version 19.38.33133 installed on a test system. Change-Id: I13e34119303e056fdb51ff9925f4944171c824f2 Signed-off-by: Heiko Hund <heiko@ist.eigentlich.net> Acked-by: Frank Lichtenheld <frank@lichtenheld.com> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1366 Message-Id: <20251111172504.7683-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34327.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-11-12 10:54:36 +01:00
Antonio Quartulli	c5e9950987	unit_tests: prefer proper cmocka assert helpers ... We have agreed to never use the plain assert() anywhere in the code. Unit tests are almost there as they always use cmocka provided assert helpers, except for two cases. Convert those two to cmocka assert calls too. While at it also ensure that the proper bool helpers are used rather than checking _int_equal against true/false. Drop assert.h in cryptoapi.c as well as it's not needed anymore. GitHub: Closes OpenVPN/openvpn#894 Change-Id: I61e4968f2e83d12d4d3fc3ccba92a06eb5ed5866 Signed-off-by: Antonio Quartulli <antonio@mandelbit.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1345 Message-Id: <20251104081653.3368-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34179.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-11-04 09:18:56 +01:00
Antonio Quartulli	21b943734f	test_networking: use appropriate assert helpers ... In all unit tests we rely on CMocka's provided assert helpers. However, test_networking.c was still on the default assert() call, which we try to avoid in favour of more appropriate helpers. Substitute them all with assert_*() from CMocka. Change-Id: Ie153b3d5bf19200f225cd09131de8583645110be Reported-by: Marc Heuse <marc@srlabs.de> Signed-off-by: Antonio Quartulli <antonio@mandelbit.com> Acked-by: Frank Lichtenheld <frank@lichtenheld.com> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1342 Message-Id: <20251103145842.22969-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34155.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-11-03 16:31:59 +01:00
Marco Baffo	6b0208e962	PUSH_UPDATE server: invalid read bug-fix and unit-tests improvements ... The number of messages calculated before the call to message_splitter(), used in the memory allocation in the buffer array, could in certain cases be less than one than the actual number of messages, thus causing an override of the sentinel buffer in message_splitter() and therefore an invalid read in send_single_push_update(). The case in question would be, for example, a sequence of three options "A,B,C" with the size of B equal to safe_cap - 1 and the sum of the sizes of A and C less than safe_cap - 2. The buffer array was therefore replaced with a list of buffers to completely avoid calculating the number of messages before it was actually computed. The test case in question has been added to the unit tests. The unit tests have been improved using cmocka macros. Change-Id: Idba419681fe3ccc4e6e2f6ce7592332dcff62cd9 Signed-off-by: Marco Baffo <marco@mandelbit.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1316 Message-Id: <20251030195244.2659-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34073.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-10-31 10:51:47 +01:00
Antonio Quartulli	b9b5470521	sitnl: set FD_CLOEXEC on socket to prevent abuse ... Since OpenVPN spawns various child processes, it is important that sockets are closed after calling exec. The sitnl socket didn't have the right flag set, resulting in it surviving in, for example, connect/disconnect scripts and giving the latter a chance to abuse the socket. Ensure this doesn't happen by setting FD_CLOEXEC on this socket right after creation. Reported-by: Joshua Rogers <contact@joshua.hu> Found-by: ZeroPath (https://zeropath.com/) Change-Id: I54845bf4dd17d06cfc3b402f188795f74f4b1d3e Signed-off-by: Antonio Quartulli <antonio@mandelbit.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1314 Message-Id: <20251028162843.18189-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg33952.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-10-28 17:31:35 +01:00
Frank Lichtenheld	160e994d72	push_util: Make send_push_update static ... Not necessary to make it non-static just for UTs. Change-Id: I348abec1e2f32301a0368d5f541e67bddf358bbc Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1282 Message-Id: <20251017203830.23807-1-gert@greenie.muc.de> URL: https://sourceforge.net/p/openvpn/mailman/message/59248152/ Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-10-17 22:46:35 +02:00
Marco Baffo	5e4c9a69ea	PUSH_UPDATE server: remove old IP(s) from vhash after sending a message containing ifconfig(-ipv6) ... When sending a PUSH_UPDATE containing an ifconfig(-ipv6) option, we must add the new IP to the multi_context vhash (hash table of the clients indexed by virtual IPs). Now in addition to adding new client IPs, old IPs are also removed from vhash, allowing for a more complete update. Change-Id: I07a8ddd9026eef64b6f5abde98702a9801616a5f Signed-off-by: Marco Baffo <marco@mandelbit.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1253 Message-Id: <20251017201916.21697-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg33412.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-10-17 22:24:11 +02:00
Frank Lichtenheld	c4f7b418c2	win32: Change some APIs to use DWORD instead of size_t ... This is what the Win32 APIs use. Since we put static integers into this (e.g. sizeof()) this doesn't result in new conversion warnings at the caller sites. Change-Id: Ia836e3c05a868a7e8419c2bb2f547d968260783c Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1269 Message-Id: <20251013162221.2156-1-gert@greenie.muc.de> URL: https://sourceforge.net/p/openvpn/mailman/message/59246222/ Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-10-13 18:30:07 +02:00
Frank Lichtenheld	d78ebd4b8c	test_dhcp: Start a dhcp helper functions UT ... Use extra define to allow testing code only used on Windows but not actually dependent on Windows. Change-Id: I08e50030b1b692d351509f541e5c0b03b5170615 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1267 Message-Id: <20251013154758.21695-1-gert@greenie.muc.de> URL: https://sourceforge.net/p/openvpn/mailman/message/59246199/ Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-10-13 17:58:49 +02:00
Frank Lichtenheld	e7fdde7cb8	test_user_pass: Check fatal errors for empty username/password ... Required a fix to mock_msg to make tests of M_FATAL possible at all. This also tests some cases which arguably should throw a fatal error but do not. v2: - Suppress LeakSanitizer errors for fatal error tests. Due to aborting the function, the memory will not be cleaned up, but that is expected. v3: - Disable assert tests with MSVC. Does not seem to catch the error correctly. - Rebase on top of parallel-tests series to get AM_TESTS_ENVIRONMENT. v8: - Update srcdir handling according to master. v10: - Update mock_msg.c fatal handling to be compatible with NO_CMOCKA. Change-Id: Icabc8acf75638c86c8c395e9ffecba7a7226cd97 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/474 Message-Id: <20251010211154.2780-1-gert@greenie.muc.de> URL: https://sourceforge.net/p/openvpn/mailman/message/59245149/ Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-10-11 11:51:27 +02:00
Marco Baffo	855094893e	PUSH_UPDATE server: check IV_PROTO before sending the message to the client ... Before sending the PUSH_UPDATE message to the client, we must verify that the client has actually sent IV_PROTO_PUSH_UPDATE to the server, declaring that it supports push-updates. Also fixed a gc_arena memory leak in one of the error paths and asserted mi->context.c2.tls_multi . Change-Id: I7c28da72be11c7efbed3068fbfc65f2959227bec Signed-off-by: Marco Baffo <marco@mandelbit.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1255 Message-Id: <20251009182855.18712-1-gert@greenie.muc.de> URL: https://sourceforge.net/p/openvpn/mailman/message/59244566/ Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-10-10 16:34:51 +02:00
Selva Nair	f9bfd1c405	Fix PIN cache time in test_pkcs11.c ... Github: closes OpenVPN/openvpn#861 Change-Id: Ic6fd6ba676b4741da7811ffc7c9688d4673465f8 Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1263 Message-Id: <20251010063934.18197-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg33306.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-10-10 09:15:56 +02:00
Frank Lichtenheld	8f3e3de7d7	test_options_parse: Remove --wrap ... After removing --wrap from some other tests in a previous commit I got confused here myself. --wrap is really only needed when you have the original function linked in. Somehow I thought the call ordering and mocking logic needed this. But this is wrong, so no need to use --wrap here since we currently do not link any of those functions. Change-Id: I60df1e61ed89be52e9d032b5b49133a784f9811e Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1258 Message-Id: <20251008161357.5679-1-gert@greenie.muc.de> URL: https://sourceforge.net/p/openvpn/mailman/message/59244071/ Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-10-08 18:18:07 +02:00
Frank Lichtenheld	5b8e0563f9	test_options_parse: Do not use uintmax_t instead of LargestIntegralType ... At least on OpenBSD it seems that uintmax_t maps to unsigned long long always, but LargestIntegralType is unsigned long. So if we have a version of cmocka.h that defines LargestIntegralType then respect that. Change-Id: I59a49696acd665d43b21e5c23f24b86c15989cd6 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1256 Message-Id: <20251008133338.23652-1-gert@greenie.muc.de> URL: https://sourceforge.net/p/openvpn/mailman/message/59243971/ Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-10-08 15:38:43 +02:00
Frank Lichtenheld	775488b81c	test_options_parse: Add test for read_config_string ... The <inlineopt> test discovered the issue fixed by commit "buffer: Fix buf_parse eating input". Change-Id: Icb91d9c560b6f78f16571ac3052cc566d94afe99 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1247 Message-Id: <20251008100222.4610-1-gert@greenie.muc.de> URL: https://sourceforge.net/p/openvpn/mailman/message/59243809/ Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-10-08 12:46:10 +02:00
Frank Lichtenheld	f5a2e2319b	buffer: Fix buf_parse eating input ... When parsing a "line" that is longer than the available line buffer, then buf_parse was eating up to 2 characters. It advanced past them but they were not part of the output. This can lead to unexpected results if buf_parse is used in a while loop on unrestricted input, like e.g. when reading configs (see in_src_get() used for check_inline_file_via_buf()). Change-Id: I3724660bf0f8336ee58c172acfb7c4f38e457393 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1246 Message-Id: <20251008103001.7696-1-gert@greenie.muc.de> URL: https://sourceforge.net/p/openvpn/mailman/message/59243829/ Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-10-08 12:36:18 +02:00
Frank Lichtenheld	80981cf338	test_options_parse: Start new UT for options_parse.c ... For now contains one test case for parse_line. Change-Id: I95032d2539d994abf69fc17319ed1a429c3bb948 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1244 Message-Id: <20251008101014.5691-1-gert@greenie.muc.de> URL: https://sourceforge.net/p/openvpn/mailman/message/59243816/ Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-10-08 12:16:47 +02:00
Marco Baffo	373178b32d	PUSH_UPDATE: disabling PUSH_UPDATE server and client if DCO is enabled ... The PUSH_UPDATE currently doesn't work with DCO. For example, in server, if a new ifconfig is sent, the DCO doesn't receive the new peer address and the connection drops. Similarly in the client when a PUSH_UPDATE is received, the tun is closed and reopened but the DCO doesn't receive the peer info. Change-Id: Ibe78949435bb2f26ad68301e2710321bf37c9486 Signed-off-by: Marco Baffo <marco@mandelbit.com> Acked-by: Antonio Quartulli <antonio@mandelbit.com> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1245 Message-Id: <20251008083046.27209-1-gert@greenie.muc.de> URL: https://sourceforge.net/p/openvpn/mailman/message/59243711/ Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-10-08 10:55:29 +02:00
Frank Lichtenheld	d2428900ef	unit_tests: Remove useless wrapping for argv/buffer tests ... If not using mock() or check_expected(), and not linking the original function, then there is no need for wrapping support. Change-Id: I937105abeb5e8f796bf6bbe8432972adb60b3e2a Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1243 Message-Id: <20251007185217.19381-1-gert@greenie.muc.de> URL: https://sourceforge.net/p/openvpn/mailman/message/59243508/ Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-10-07 22:16:11 +02:00
Frank Lichtenheld	0e3dd1ccba	Review CMocka assertion usage ... Replace some assert_true calls with more specific assertions. This should improve reporting in case of problems and also just makes the code nicer. Change-Id: Ia2f374476c87855bba6c0f9d3e2f28a5fe62a152 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1141 Message-Id: <20251006204118.26237-1-gert@greenie.muc.de> URL: https://sourceforge.net/p/openvpn/mailman/message/59243096/ Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-10-06 22:50:51 +02:00
Frank Lichtenheld	9db98baf65	Make unit tests -Wconversion clean ... Only trivial problems left after the other patches have been merged. Change-Id: Iab9e780d9649d7581e5f6aa4b23e72bbed5e145b Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1205 Message-Id: <20250924124154.15963-1-gert@greenie.muc.de> URL: https://sourceforge.net/p/openvpn/mailman/message/59238128/ Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-09-24 15:11:57 +02:00