The buffer we pass to tls_crypt_v2_extract_client_key contains the
entire received control channel packet. We should skip the opcode before
trying to read WKC.
This logic error is a second bug behind the XlabAI finding, next too the
too-strict ASSERT in tls_crypt_unwrap.
Also remove a too strict ASSERT in tls_crypt_unwrap. We already check
a few lines later for a too short packet and return a proper error
("packet too short").
XlabAI found a way of triggering this ASSERT that requires a tls-crypt-v2
client key that has a specific property (a specific byte need to have a
specific value, about 1/256 probability). If an attacker can get hold of
such a tls-crypt-v2 client key or observe a handshake using such a key,
the attacker can trigger the ASSERT, crashing the server. Setups that do
not use tls-crypt-v2 are not affected.
Independently, Cisco Talos reported a way to trigger this ASSERT with any
tls-crypt-v2 key but this requires the attacker to be also in possession
of the private key part of the tls-crypt-v2 client key or to inject packet
into a live session of a client session.
CVE: 2026-35058
Reported-By: XlabAI Team of Tencent Xuanwu Lab (xlabai@tencent.com)
Reported-By: Guannan Wang (wgnbuaa@gmail.com
Reported-By: Zhanpeng Liu (pkugenuine@gmail.com)
Reported-By: Guancheng Li (lgcpku@gmail.com)
Reported-By: Emma Reuter of Cisco ASIG (TALOS-2026-2381)
Signed-off-by: Steffan Karger <steffan@karger.me>
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Change-Id: I623733c0476c98f436d19009ee8990693c1579b5
Private-URL: https://github.com/OpenVPN/openvpn-private-issues/issues/111
Acked-by: Gert Doering <gert@greenie.muc.de>
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 18270324a5fd43122ca1b8c29b224c5dd5905429)
The name key2 conflicts with our struct key2 and prevents these
test keys from being used in test_ssl.c
Change-Id: Id8680e6555a66024417d6eb9322d4fde79922453
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1597
Message-Id: <20260401102247.21915-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg36401.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 579046470f)
The auth-pam unit test Makefile.am unconditionally assigns the TESTS variable,
causing test execution to fail during cross-compilation because the target
binaries are not executable on the build host.
Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com>
Acked-By: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20260326062016.3856597-1-haixiao.yan.cn@windriver.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg36288.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 690aace41a)
After the removal of OpenSSL 1.0.2 support these instructions are
no longer needed and the main OpenVPN program also no longer calls
them in init_ssl_lib or free_ssl_lib.
Also remove them from the unit tests. This also solves a
deprecation warning on EVP_cleanup when compiling with aws-lc
Change-Id: I228f6fd9ff18256f09d4348df1fc48853f8e7306
Signed-off-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1568
Message-Id: <20260316121148.25189-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg36153.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 369c751078)
This reintroduces a function that converts the result
of snprintf to a boolean since the check is always the
same but annoyingly verbose. And it gets worse when you add
-Wsign-compare.
So in preparation of introducing -Wsign-compare wrap this
check in the function.
This somewhat reverts the removal of openvpn_snprintf.
But note that that was originally introduced to work
around the broken snprintf of Windows. So this is not
exactly the same. For this reason I also classified this
as a buffer function and not a compat function.
Change-Id: Ia3477b8ee7a637c15aad7f285144280595cda5d5
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1489
Message-Id: <20260304110455.15859-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35872.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 1ec71fe0c0)
The init_option() function is always invoked with the second
param "init_gc" set to "true".
This makes the parameter useless and it can therefore be removed
while always taking the "true" branch in the related logic.
This way we can also drop the options->gc_owned member as it
would also be always set to true.
Change-Id: I633d8cbf75ab4da85e16df44684aef60523811c5
Signed-off-by: Antonio Quartulli <antonio@mandelbit.com>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1536
Message-Id: <20260217135605.154129-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35695.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 92937c267b)
Otherwise the check for cmocka version doesn't
work. Includes the update to vcpkg in GHA since
that exposed the problem.
chore(deps): update vcpkg digest to 6d332a0
Change-Id: I3b246bcc36ba35c2ed9630dc18e97aff436eaa0b
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1488
Message-Id: <20260126145558.31460-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35437.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This commit adds support for Mbed TLS 4. This version comes with some
drastic changes. The crypto library has been completely redesigned, so
the contents of crypto_mbedtls.c are moved to crypto_mbedtls_legacy.c
and crypto_mbedtls.c handles the crypto for version 4.
Mbed TLS 4 also removed the feature for looking up a crypto algorithm by
name, so we need to translate algorithm names to Mbed TLS numbers in
OpenVPN. The tables are not yet complete. For symmetric algorithms, I
have added AES and Chacha-Poly which should be enough for most use
cases.
Change-Id: Ib251d546d993b96ed3bd8cb9111bcc627cdb0fae
Signed-off-by: Max Fillinger <maximilian.fillinger@sentyron.com>
Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1441
Message-Id: <20260123164746.7333-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35401.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This adds the required build infrastructure
and adds tests for two functions related to
GetItfDnsDomains().
Change-Id: I33583e51e1143c53fbe0aef16546fa3f602b17c0
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1459
Message-Id: <20260119215058.27888-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35345.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
When the sender jumps forwards exactly epoch_data_keys_future_count in its
epoch key use the housekeeping logic does not handle this correctly and
triggers an ASSERT.
Change the code to correctly implement the special case when the new epoch
key of the sender is the highest valid key epoch in the current window of
valid epoch keys for receiving data.
Change-Id: Ib581c02a29b974184256a9f4ad0ce15ba5f9db3b
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-By: Max Fillinger <maximilian.fillinger@sentyron.com>
Reported-By: Pavel Kohout of Aisle Research <pavel.kohout@aisle.com>
Github: closesOpenVPN/openvpn-private-issues#103
CVE: 2025-15497
This was missed in commit
6db186e0b1 since we
only built with cmocka 2.0 on macOS and that doesn't
build test_tls_crypt.
Now that we build with cmocka 2.0 also on Debian Sid
we noticed the additional issues.
Change-Id: Ibc964c13724316ca96276ba6b7d34dbbfcf52064
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1460
Message-Id: <20260108154248.21706-1-gert@greenie.muc.de>
Signed-off-by: Gert Doering <gert@greenie.muc.de>
But add compat layer so that we can still build
against older versions of cmocka. Mostly this is
trivial but the custom check function changed its
prototype, so that requires some more work.
Change-Id: Ifb6594700db71d219643a29c581099c778bcbbc6
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1449
Message-Id: <20251218104042.5961-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35144.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
While fixing the conversion warning I was
somewhat confused how this works, so added
UTs to verify I understood it.
v2:
- disable assert test for MS VS
- add define for memory-intensive UTs and
only enable it by default for CMake builds,
so we do not break a lot of builds out there
due to memory allocation failures
Change-Id: Icab68a5fd1b6288955f0073179f1ddde1468d951
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1432
Message-Id: <20251212120352.17402-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35050.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Previously, the logic for resetting push options (like 'route') was based on
`update_options_found` which was local to `apply_push_options`. This meant
that if a PUSH_UPDATE was split across multiple continuation messages,
the state was lost, causing routes to be reset multiple times (once per
message chunk) rather than once per update sequence.
This patch moves the state tracking to `struct options` as
`push_update_options_found`, allowing it to persist across the entire
PUSH_UPDATE sequence.
This fixes an issue where large route lists sent via PUSH_UPDATE would
result in only the last chunk's routes being applied, or previous routes
being continuously deleted and re-added.
Added unit test `test_incoming_push_continuation_route_accumulation` to
verify the fix.
Github: OpenVPN/openvpn#925
Signed-off-by: Moritz Fain <moritz-openvpn@fain.io>
Acked-by: Marco Baffo <marco@mandelbit.com>
Message-Id: <CAM8w-qEE6vHj=yUOpTFbM7DqPKzUV0NupvEG4rUefY=kNB2DxQ@mail.gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34814.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This is a stupid mistake but causes all hmac cookies to be accepted,
thus breaking source IP address validation. As a consequence, TLS
sessions can be openend and state can be consumed in the server from
IP addresses that did not initiate an initial connection.
While at it, fix check to only allow [t-2;t] timeslots, disallowing
HMACs coming in from a future timeslot.
Github: OpenVPN/openvpn-private-issues#56
CVE: 2025-13086
Reported-By: Joshua Rogers <contact@joshua.hu>
Found-by: ZeroPath (https://zeropath.com/)
Reported-By: stefan@srlabs.de
Change-Id: I9cbe2bf535575b47ddd7f34e985c5c1c6953a6fc
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Max Fillinger <max@max-fillinger.net>
Newer version of MSVC do not show the error anymore, but I do get, e.g.:
test_crypto.c(538,23): error C2059: syntax error: '}'
with version 19.38.33133 installed on a test system.
Change-Id: I13e34119303e056fdb51ff9925f4944171c824f2
Signed-off-by: Heiko Hund <heiko@ist.eigentlich.net>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1366
Message-Id: <20251111172504.7683-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34327.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
We have agreed to never use the plain assert()
anywhere in the code.
Unit tests are almost there as they always use
cmocka provided assert helpers, except for two cases.
Convert those two to cmocka assert calls too.
While at it also ensure that the proper bool helpers
are used rather than checking _int_equal against true/false.
Drop assert.h in cryptoapi.c as well as it's not needed
anymore.
GitHub: ClosesOpenVPN/openvpn#894
Change-Id: I61e4968f2e83d12d4d3fc3ccba92a06eb5ed5866
Signed-off-by: Antonio Quartulli <antonio@mandelbit.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1345
Message-Id: <20251104081653.3368-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34179.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
In all unit tests we rely on CMocka's provided assert helpers.
However, test_networking.c was still on the default assert() call,
which we try to avoid in favour of more appropriate helpers.
Substitute them all with assert_*() from CMocka.
Change-Id: Ie153b3d5bf19200f225cd09131de8583645110be
Reported-by: Marc Heuse <marc@srlabs.de>
Signed-off-by: Antonio Quartulli <antonio@mandelbit.com>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1342
Message-Id: <20251103145842.22969-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34155.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
The number of messages calculated before the call to message_splitter(),
used in the memory allocation in the buffer array, could in certain
cases be less than one than the actual number of messages, thus causing
an override of the sentinel buffer in message_splitter() and therefore
an invalid read in send_single_push_update().
The case in question would be, for example, a sequence of three options
"A,B,C" with the size of B equal to safe_cap - 1 and the sum of the
sizes of A and C less than safe_cap - 2.
The buffer array was therefore replaced with a list of buffers to
completely avoid calculating the number of messages before it was
actually computed.
The test case in question has been added to the unit tests.
The unit tests have been improved using cmocka macros.
Change-Id: Idba419681fe3ccc4e6e2f6ce7592332dcff62cd9
Signed-off-by: Marco Baffo <marco@mandelbit.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1316
Message-Id: <20251030195244.2659-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34073.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Since OpenVPN spawns various child processes, it is important
that sockets are closed after calling exec.
The sitnl socket didn't have the right flag set, resulting
in it surviving in, for example, connect/disconnect scripts
and giving the latter a chance to abuse the socket.
Ensure this doesn't happen by setting FD_CLOEXEC on
this socket right after creation.
Reported-by: Joshua Rogers <contact@joshua.hu>
Found-by: ZeroPath (https://zeropath.com/)
Change-Id: I54845bf4dd17d06cfc3b402f188795f74f4b1d3e
Signed-off-by: Antonio Quartulli <antonio@mandelbit.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1314
Message-Id: <20251028162843.18189-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg33952.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Not necessary to make it non-static just for UTs.
Change-Id: I348abec1e2f32301a0368d5f541e67bddf358bbc
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1282
Message-Id: <20251017203830.23807-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59248152/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
When sending a PUSH_UPDATE containing an ifconfig(-ipv6) option, we must add the new IP to the
multi_context vhash (hash table of the clients indexed by virtual IPs). Now in addition to
adding new client IPs, old IPs are also removed from vhash, allowing for a more complete update.
Change-Id: I07a8ddd9026eef64b6f5abde98702a9801616a5f
Signed-off-by: Marco Baffo <marco@mandelbit.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1253
Message-Id: <20251017201916.21697-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg33412.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This is what the Win32 APIs use. Since we put static
integers into this (e.g. sizeof()) this doesn't
result in new conversion warnings at the caller sites.
Change-Id: Ia836e3c05a868a7e8419c2bb2f547d968260783c
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1269
Message-Id: <20251013162221.2156-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59246222/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Use extra define to allow testing code only
used on Windows but not actually dependent
on Windows.
Change-Id: I08e50030b1b692d351509f541e5c0b03b5170615
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1267
Message-Id: <20251013154758.21695-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59246199/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Required a fix to mock_msg to make tests of M_FATAL
possible at all.
This also tests some cases which arguably should throw
a fatal error but do not.
v2:
- Suppress LeakSanitizer errors for fatal error tests.
Due to aborting the function, the memory will not be
cleaned up, but that is expected.
v3:
- Disable assert tests with MSVC. Does not seem to catch
the error correctly.
- Rebase on top of parallel-tests series to get
AM_TESTS_ENVIRONMENT.
v8:
- Update srcdir handling according to master.
v10:
- Update mock_msg.c fatal handling to be compatible
with NO_CMOCKA.
Change-Id: Icabc8acf75638c86c8c395e9ffecba7a7226cd97
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/474
Message-Id: <20251010211154.2780-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59245149/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Before sending the PUSH_UPDATE message to the client, we must verify that
the client has actually sent IV_PROTO_PUSH_UPDATE to the server, declaring that
it supports push-updates.
Also fixed a gc_arena memory leak in one of the error paths and asserted
mi->context.c2.tls_multi .
Change-Id: I7c28da72be11c7efbed3068fbfc65f2959227bec
Signed-off-by: Marco Baffo <marco@mandelbit.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1255
Message-Id: <20251009182855.18712-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59244566/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
After removing --wrap from some other tests in
a previous commit I got confused here myself.
--wrap is really only needed when you have the
original function linked in. Somehow I thought
the call ordering and mocking logic needed this.
But this is wrong, so no need to use --wrap here
since we currently do not link any of those
functions.
Change-Id: I60df1e61ed89be52e9d032b5b49133a784f9811e
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1258
Message-Id: <20251008161357.5679-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59244071/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
At least on OpenBSD it seems that uintmax_t maps
to unsigned long long always, but LargestIntegralType
is unsigned long. So if we have a version of cmocka.h
that defines LargestIntegralType then respect that.
Change-Id: I59a49696acd665d43b21e5c23f24b86c15989cd6
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1256
Message-Id: <20251008133338.23652-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59243971/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
The <inlineopt> test discovered the issue
fixed by commit "buffer: Fix buf_parse eating input".
Change-Id: Icb91d9c560b6f78f16571ac3052cc566d94afe99
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1247
Message-Id: <20251008100222.4610-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59243809/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
When parsing a "line" that is longer than the
available line buffer, then buf_parse was
eating up to 2 characters. It advanced past
them but they were not part of the output.
This can lead to unexpected results if buf_parse
is used in a while loop on unrestricted input,
like e.g. when reading configs (see in_src_get()
used for check_inline_file_via_buf()).
Change-Id: I3724660bf0f8336ee58c172acfb7c4f38e457393
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1246
Message-Id: <20251008103001.7696-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59243829/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
For now contains one test case for parse_line.
Change-Id: I95032d2539d994abf69fc17319ed1a429c3bb948
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1244
Message-Id: <20251008101014.5691-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59243816/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
The PUSH_UPDATE currently doesn't work with DCO.
For example, in server, if a new ifconfig is sent, the DCO
doesn't receive the new peer address and the connection drops.
Similarly in the client when a PUSH_UPDATE is received, the tun is
closed and reopened but the DCO doesn't receive the peer info.
Change-Id: Ibe78949435bb2f26ad68301e2710321bf37c9486
Signed-off-by: Marco Baffo <marco@mandelbit.com>
Acked-by: Antonio Quartulli <antonio@mandelbit.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1245
Message-Id: <20251008083046.27209-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59243711/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
If not using mock() or check_expected(), and
not linking the original function, then there
is no need for wrapping support.
Change-Id: I937105abeb5e8f796bf6bbe8432972adb60b3e2a
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1243
Message-Id: <20251007185217.19381-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59243508/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Replace some assert_true calls with more specific
assertions. This should improve reporting in case
of problems and also just makes the code nicer.
Change-Id: Ia2f374476c87855bba6c0f9d3e2f28a5fe62a152
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1141
Message-Id: <20251006204118.26237-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59243096/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Only trivial problems left after the other patches
have been merged.
Change-Id: Iab9e780d9649d7581e5f6aa4b23e72bbed5e145b
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1205
Message-Id: <20250924124154.15963-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59238128/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Grand-father all known locations of existing errors,
so that -Werror builds still pass and we do not spam
build logs.
Still, this should give us a much better roadmap to
work on these issues one by one while still enabling
the warnings for a lot of code-paths.
In general I did go for least amount of pragmas, so
usually there is only one override per file, covering
ALL of the failures in that file. While this protects
a lot of code that doesn't need it, it also cut down
the amount of pragmas by a lot.
This does cover gcc builds including mingw and clang
builds. Does not cover MSVC.
Once the amount of issues has been suitable reduced
more warnings could be enabled.
Change-Id: Iad5b00c35a1f1993b1fa99e8b945ab17b230ef59
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1168
Message-Id: <20250924122755.14391-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg33181.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
- Includes fixes for
- -Wimplicit-fallthrough=2
(=3 is default but requires replacing all
fallthrough comments)
- -Wmissing-field-initializers
- -Wold-style-declaration
- All other warnings that would need fixes are
disabled for now.
Change-Id: I9ce664d073a4e6a6d433e9e6f986a5086dae8aa1
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1202
Message-Id: <20250923140854.21766-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59237558/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Commit 0df0edc49c re-introduced explicit setting of broadcast addresses
for Linux IPv4 interfaces. t_net.sh verifies that the built-in netlink
code (sitnl) achieves the same result as "equivalent" iproute2 statements
- and we missed adjusting of these iproute2 statements (printed by
networking_testdriver). Done.
Change-Id: I5fea6ca1ccadb434b5c4f4b49881524a079a9d15
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Antonio Quartulli <antonio@mandelbit.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1203
Message-Id: <20250922080305.18477-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59236810/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
msglevel was definitely unsigned as the first
argument to msg(), but many parts of the code
had it as signed. So this produced a LOT of
warnings when enabling -Wsign-conversion.
Introduce a msglvl_t typedef and switch all
users to it. This includes any values that
are stored in the msglevel field, including
debug level and mute level.
There is one exception in struct status_output
where -1 is a valid value in the API. Only
positive values are translated into standard
message levels.
Change-Id: Id492cb774c6d022d06bb3cf5fec2a4bdd410e619
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1110
Message-Id: <20250917170428.3310-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg33028.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Unlike debugging with printf(), or msg() calls do not need or want
a '\n' at the end of the string. Remove those that were overlooked.
Change-Id: I889b53ed72efaec546a6609491fae9715726ea00
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20250912131609.43444-1-frank@lichtenheld.com>
URL: https://sourceforge.net/p/openvpn/mailman/message/59232448/
URL: https://gerrit.openvpn.net/c/openvpn/+/1180
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Basically all users already wanted that anyway. And most
of the library functions also take size_t nowadays.
Change-Id: Ic88cd6e143bc48cab3c9ebb7c7007513803bd199
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: MaxF <max@max-fillinger.net>
Message-Id: <20250911201719.25773-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59232185/
URL: https://gerrit.openvpn.net/c/openvpn/+/1135
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Using the management interface you can now target one or more clients
(via broadcast or via cid) and send a PUSH_UPDATE control message
to update some options. See doc/management-notes.txt for details.
Change-Id: Ie82bcc7a8e583de9156b185d71d1a323ed8df3fc
Signed-off-by: Marco Baffo <marco@mandelbit.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20250903164826.13284-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg32807.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
