openvpn/test__push__update__msg_8c_source.html

#ifdef HAVE_CONFIG_H

#include "config.h"

#endif


#include <stdlib.h>

#include <stdarg.h>

#include <setjmp.h>

#include <cmocka.h>

#include "push.h"

#include "options_util.h"

#include "multi.h"


#include "push_util.c"


/* mocks */


void


throw_signal_soft(const int signum, const char *signal_text)

{

    msg(M_WARN, "Offending option received from server");

}


unsigned int


pull_permission_mask(const struct context *c)

{

    unsigned int flags = OPT_P_UP | OPT_P_ROUTE_EXTRAS | OPT_P_SOCKBUF | OPT_P_SOCKFLAGS

                         | OPT_P_SETENV | OPT_P_SHAPER | OPT_P_TIMER | OPT_P_COMP | OPT_P_PERSIST

                         | OPT_P_MESSAGES | OPT_P_EXPLICIT_NOTIFY | OPT_P_ECHO | OPT_P_PULL_MODE

                         | OPT_P_PEER_ID | OPT_P_NCP | OPT_P_PUSH_MTU | OPT_P_ROUTE | OPT_P_DHCPDNS;

    return flags;

}


void


unlearn_ifconfig(struct multi_context *m, struct multi_instance *mi)

{

    return;

}


void


unlearn_ifconfig_ipv6(struct multi_context *m, struct multi_instance *mi)

{

    return;

}


void


update_vhash(struct multi_context *m, struct multi_instance *mi, const char *new_ip, const char *new_ipv6)

{

    return;

}


bool


options_postprocess_pull(struct options *options, struct env_set *es)

{

    return true;

}


/*

 * Counters to track route accumulation across continuation messages.

 * Used to verify the bug where update_options_found resets per message.

 */

static int route_reset_count = 0;

static int route_add_count = 0;


static void


reset_route_counters(void)

{

    route_reset_count = 0;

    route_add_count = 0;

}


bool


apply_push_options(struct context *c, struct options *options, struct buffer *buf,

                   unsigned int permission_mask, unsigned int *option_types_found,

                   struct env_set *es, bool is_update)

{

    char line[OPTION_PARM_SIZE];


    /*

     * Use persistent push_update_options_found from options struct to track

     * which option types have been reset across continuation messages.

     * This is the FIXED behavior - routes are only reset once per PUSH_UPDATE sequence.

     */


    while (buf_parse(buf, ',', line, sizeof(line)))

    {

        unsigned int push_update_option_flags = 0;

        int i = 0;


        if (is_update || options->pull_filter_list)

        {

            /* skip leading spaces matching the behaviour of parse_line */

            while (isspace(line[i]))

            {

                i++;

            }


            if ((is_update && !check_push_update_option_flags(line, &i, &push_update_option_flags))

                || (options->pull_filter_list && !apply_pull_filter(options, &line[i])))

            {

                if (push_update_option_flags & PUSH_OPT_OPTIONAL)

                {

                    continue; /* Ignoring this option */

                }

                return false; /* Cause push/pull error and stop push processing */

            }

        }


        /* Simulate route handling from update_option() in options.c */

        if (strncmp(&line[i], "route ", 6) == 0)

        {

            if (!(options->push_update_options_found & OPT_P_U_ROUTE))

            {

                /* First route in entire PUSH_UPDATE sequence - reset routes once */

                route_reset_count++;

                options->push_update_options_found |= OPT_P_U_ROUTE;

            }

            route_add_count++;

        }

        /* Simulate add_option() push-continuation logic */

        else if (!strcmp(&line[i], "push-continuation 2"))

        {

            options->push_continuation = 2;

        }

        else if (!strcmp(&line[i], "push-continuation 1"))

        {

            options->push_continuation = 1;

        }

    }

    return true;

}


int


process_incoming_push_msg(struct context *c, const struct buffer *buffer,

                          bool honor_received_options, unsigned int permission_mask,

                          unsigned int *option_types_found)

{

    struct buffer buf = *buffer;


    if (buf_string_compare_advance(&buf, "PUSH_REQUEST"))

    {

        return PUSH_MSG_REQUEST;

    }

    else if (honor_received_options && buf_string_compare_advance(&buf, push_reply_cmd))

    {

        return PUSH_MSG_REPLY;

    }

    else if (honor_received_options && buf_string_compare_advance(&buf, push_update_cmd))

    {

        return process_push_update(c, &c->options, permission_mask, option_types_found, &buf, false);

    }

    else

    {

        return PUSH_MSG_ERROR;

    }

}


const char *


tls_common_name(const struct tls_multi *multi, const bool null)

{

    return NULL;

}


#ifndef ENABLE_MANAGEMENT

bool

send_control_channel_string(struct context *c, const char *str, msglvl_t msglevel)

{

    return true;

}

#else  /* ifndef ENABLE_MANAGEMENT */


bool


send_control_channel_string(struct context *c, const char *str, msglvl_t msglevel)

{

    check_expected(str);

    return true;

}


struct multi_instance *


lookup_by_cid(struct multi_context *m, const unsigned long cid)

{

    return *(m->instances);

}


bool


mroute_extract_openvpn_sockaddr(struct mroute_addr *addr,

                                const struct openvpn_sockaddr *osaddr,

                                bool use_port)

{

    return true;

}


unsigned int


extract_iv_proto(const char *peer_info)

{

    return IV_PROTO_PUSH_UPDATE;

}


#endif /* ifdef ENABLE_MANAGEMENT */


/* tests */


static void


test_incoming_push_message_basic(void **state)

{

    struct context *c = *state;

    struct buffer buf = alloc_buf(256);

    const char *update_msg =

        "PUSH_UPDATE,dhcp-option DNS 8.8.8.8, route 0.0.0.0 0.0.0.0 10.10.10.1";

    buf_write(&buf, update_msg, strlen(update_msg));

    unsigned int option_types_found = 0;


    assert_int_equal(process_incoming_push_msg(c, &buf, c->options.pull, pull_permission_mask(c),

                                               &option_types_found),

                     PUSH_MSG_UPDATE);


    free_buf(&buf);

}


static void


test_incoming_push_message_error1(void **state)

{

    struct context *c = *state;

    struct buffer buf = alloc_buf(256);

    const char *update_msg = "PUSH_UPDATEerr,dhcp-option DNS 8.8.8.8";

    buf_write(&buf, update_msg, strlen(update_msg));

    unsigned int option_types_found = 0;


    assert_int_equal(process_incoming_push_msg(c, &buf, c->options.pull, pull_permission_mask(c),

                                               &option_types_found),

                     PUSH_MSG_ERROR);


    free_buf(&buf);

}


static void


test_incoming_push_message_error2(void **state)

{

    struct context *c = *state;

    struct buffer buf = alloc_buf(256);

    const char *update_msg = "PUSH_UPDATE ,dhcp-option DNS 8.8.8.8";

    buf_write(&buf, update_msg, strlen(update_msg));

    unsigned int option_types_found = 0;


    assert_int_equal(process_incoming_push_msg(c, &buf, c->options.pull, pull_permission_mask(c),

                                               &option_types_found),

                     PUSH_MSG_ERROR);


    free_buf(&buf);

}


static void


test_incoming_push_message_1(void **state)

{

    struct context *c = *state;

    struct buffer buf = alloc_buf(256);

    const char *update_msg = "PUSH_UPDATE, -?dns, route something, ?dhcp-option DNS 8.8.8.8";

    buf_write(&buf, update_msg, strlen(update_msg));

    unsigned int option_types_found = 0;


    assert_int_equal(process_incoming_push_msg(c, &buf, c->options.pull, pull_permission_mask(c),

                                               &option_types_found),

                     PUSH_MSG_UPDATE);


    free_buf(&buf);

}


static void


test_incoming_push_message_bad_format(void **state)

{

    struct context *c = *state;

    struct buffer buf = alloc_buf(256);

    const char *update_msg = "PUSH_UPDATE, -dhcp-option, ?-dns";

    buf_write(&buf, update_msg, strlen(update_msg));

    unsigned int option_types_found = 0;


    assert_int_equal(process_incoming_push_msg(c, &buf, c->options.pull, pull_permission_mask(c),

                                               &option_types_found),

                     PUSH_MSG_ERROR);


    free_buf(&buf);

}


static void


test_incoming_push_message_not_updatable_option(void **state)

{

    struct context *c = *state;

    struct buffer buf = alloc_buf(256);

    const char *update_msg = "PUSH_UPDATE, dev tun";

    buf_write(&buf, update_msg, strlen(update_msg));

    unsigned int option_types_found = 0;


    assert_int_equal(process_incoming_push_msg(c, &buf, c->options.pull, pull_permission_mask(c),

                                               &option_types_found),

                     PUSH_MSG_ERROR);


    free_buf(&buf);

}


static void


test_incoming_push_message_mix(void **state)

{

    struct context *c = *state;

    struct buffer buf = alloc_buf(256);

    const char *update_msg =

        "PUSH_UPDATE,-dhcp-option, route 10.10.10.0, dhcp-option DNS 1.1.1.1, route 10.11.12.0, dhcp-option DOMAIN corp.local, keepalive 10 60";

    buf_write(&buf, update_msg, strlen(update_msg));

    unsigned int option_types_found = 0;


    assert_int_equal(process_incoming_push_msg(c, &buf, c->options.pull, pull_permission_mask(c),

                                               &option_types_found),

                     PUSH_MSG_UPDATE);


    free_buf(&buf);

}


static void


test_incoming_push_message_mix2(void **state)

{

    struct context *c = *state;

    struct buffer buf = alloc_buf(256);

    const char *update_msg =

        "PUSH_UPDATE,-dhcp-option,dhcp-option DNS 8.8.8.8,redirect-gateway local,route 192.168.1.0 255.255.255.0";

    buf_write(&buf, update_msg, strlen(update_msg));

    unsigned int option_types_found = 0;


    assert_int_equal(process_incoming_push_msg(c, &buf, c->options.pull, pull_permission_mask(c),

                                               &option_types_found),

                     PUSH_MSG_UPDATE);


    free_buf(&buf);

}


static void


test_incoming_push_continuation_route_accumulation(void **state)

{

    struct context *c = *state;

    unsigned int option_types_found = 0;


    reset_route_counters();


    /* Message 1: first batch of routes, continuation 2 (more coming) */

    struct buffer buf1 = alloc_buf(512);

    const char *msg1 = "PUSH_UPDATE, route 10.1.0.0 255.255.0.0, route 10.2.0.0 255.255.0.0, route 10.3.0.0 255.255.0.0,push-continuation 2";

    buf_write(&buf1, msg1, strlen(msg1));


    assert_int_equal(process_incoming_push_msg(c, &buf1, c->options.pull, pull_permission_mask(c),

                                               &option_types_found),

                     PUSH_MSG_CONTINUATION);

    free_buf(&buf1);


    /* Message 2: more routes, continuation 2 (more coming) */

    struct buffer buf2 = alloc_buf(512);

    const char *msg2 = "PUSH_UPDATE, route 10.4.0.0 255.255.0.0, route 10.5.0.0 255.255.0.0, route 10.6.0.0 255.255.0.0,push-continuation 2";

    buf_write(&buf2, msg2, strlen(msg2));


    assert_int_equal(process_incoming_push_msg(c, &buf2, c->options.pull, pull_permission_mask(c),

                                               &option_types_found),

                     PUSH_MSG_CONTINUATION);

    free_buf(&buf2);


    /* Message 3: final batch of routes, continuation 1 (last message) */

    struct buffer buf3 = alloc_buf(512);

    const char *msg3 = "PUSH_UPDATE, route 10.7.0.0 255.255.0.0, route 10.8.0.0 255.255.0.0, route 10.9.0.0 255.255.0.0,push-continuation 1";

    buf_write(&buf3, msg3, strlen(msg3));


    assert_int_equal(process_incoming_push_msg(c, &buf3, c->options.pull, pull_permission_mask(c),

                                               &option_types_found),

                     PUSH_MSG_UPDATE);

    free_buf(&buf3);


    /* Verify: all 9 routes should have been added */

    assert_int_equal(route_add_count, 9);


    /*

     * Verify: route option is reset only one time in the first message

     * if a push-continuation is present.

     */

    assert_int_equal(route_reset_count, 1);

}


#ifdef ENABLE_MANAGEMENT


char *r0[] = {

    "PUSH_UPDATE,redirect-gateway local,route 192.168.1.0 255.255.255.0",

    NULL

};


char *r1[] = {

    "PUSH_UPDATE,-dhcp-option,blablalalalalalalalalalalalalf, lalalalalalalalalalalalalalaf,push-continuation 2",

    "PUSH_UPDATE, akakakakakakakakakakakaf, dhcp-option DNS 8.8.8.8,redirect-gateway local,push-continuation 2",

    "PUSH_UPDATE,route 192.168.1.0 255.255.255.0,push-continuation 1",

    NULL

};


char *r3[] = {

    "PUSH_UPDATE,,,",

    NULL

};


char *r4[] = {

    "PUSH_UPDATE,-dhcp-option, blablalalalalalalalalalalalalf, lalalalalalalalalalalalalalaf,push-continuation 2",

    "PUSH_UPDATE, akakakakakakakakakakakaf,dhcp-option DNS 8.8.8.8, redirect-gateway local,push-continuation 2",

    "PUSH_UPDATE, route 192.168.1.0 255.255.255.0,,push-continuation 1",

    NULL

};


char *r5[] = {

    "PUSH_UPDATE,,-dhcp-option, blablalalalalalalalalalalalalf, lalalalalalalalalalalalalalaf,push-continuation 2",

    "PUSH_UPDATE, akakakakakakakakakakakaf,dhcp-option DNS 8.8.8.8, redirect-gateway local,push-continuation 2",

    "PUSH_UPDATE, route 192.168.1.0 255.255.255.0,push-continuation 1",

    NULL

};


char *r6[] = {

    "PUSH_UPDATE,-dhcp-option,blablalalalalalalalalalalalalf, lalalalalalalalalalalalalalaf,push-continuation 2",

    "PUSH_UPDATE, akakakakakakakakakakakaf, dhcp-option DNS 8.8.8.8, redirect-gateway 10.10.10.10,,push-continuation 2",

    "PUSH_UPDATE, route 192.168.1.0 255.255.255.0,,push-continuation 1",

    NULL

};


char *r7[] = {

    "PUSH_UPDATE,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,push-continuation 2",

    "PUSH_UPDATE,,,,,,,,,,,,,,,,,,,push-continuation 1",

    NULL

};


char *r8[] = {

    "PUSH_UPDATE,-dhcp-option,blablalalalalalalalalalalalalf, lalalalalalalalalalalalalalaf,push-continuation 2",

    "PUSH_UPDATE, akakakakakakakakakakakaf, dhcp-option DNS 8.8.8.8,redirect-gateway\n local,push-continuation 2",

    "PUSH_UPDATE,route 192.168.1.0 255.255.255.0\n\n\n,push-continuation 1",

    NULL

};


char *r9[] = {

    "PUSH_UPDATE,,",

    NULL

};


char *r11[] = {

    "PUSH_UPDATE,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,push-continuation 2",

    "PUSH_UPDATE,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,push-continuation 2",

    "PUSH_UPDATE,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,push-continuation 2",

    "PUSH_UPDATE,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,push-continuation 2",

    "PUSH_UPDATE,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,push-continuation 1",

    NULL

};


char *r12[] = {

    "PUSH_UPDATE,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,,,,,,a,push-continuation 2",

    "PUSH_UPDATE,abc,push-continuation 1",

    NULL

};


char *r13[] = {

    "PUSH_UPDATE,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,,,,,,a,",

    NULL

};


char *r14[] = {

    "PUSH_UPDATE,a,push-continuation 2",

    "PUSH_UPDATE,aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa,push-continuation 2",

    "PUSH_UPDATE,a,push-continuation 1",

    NULL

};


const char *msg0 = "redirect-gateway local,route 192.168.1.0 255.255.255.0";

const char *msg1 = "-dhcp-option,blablalalalalalalalalalalalalf, lalalalalalalalalalalalalalaf,"

                   " akakakakakakakakakakakaf, dhcp-option DNS 8.8.8.8,redirect-gateway local,route 192.168.1.0 255.255.255.0";

const char *msg2 = "";

const char *msg3 = ",,";

const char *msg4 = "-dhcp-option, blablalalalalalalalalalalalalf, lalalalalalalalalalalalalalaf,"

                   " akakakakakakakakakakakaf,dhcp-option DNS 8.8.8.8, redirect-gateway local, route 192.168.1.0 255.255.255.0,";

const char *msg5 = ",-dhcp-option, blablalalalalalalalalalalalalf, lalalalalalalalalalalalalalaf,"

                   " akakakakakakakakakakakaf,dhcp-option DNS 8.8.8.8, redirect-gateway local, route 192.168.1.0 255.255.255.0";

const char *msg6 = "-dhcp-option,blablalalalalalalalalalalalalf, lalalalalalalalalalalalalalaf, akakakakakakakakakakakaf,"

                   " dhcp-option DNS 8.8.8.8, redirect-gateway 10.10.10.10,, route 192.168.1.0 255.255.255.0,";

const char *msg7 = ",,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,";

const char *msg8 = "-dhcp-option,blablalalalalalalalalalalalalf, lalalalalalalalalalalalalalaf, akakakakakakakakakakakaf,"

                   " dhcp-option DNS 8.8.8.8,redirect-gateway\n local,route 192.168.1.0 255.255.255.0\n\n\n";

const char *msg9 = ",";


const char *msg10 = "abandon ability able about above absent absorb abstract absurd abuse access accident account accuse achieve"

                    "acid acoustic acquire across act action actor actress actual adapt add addict address adjust"

                    "baby bachelor bacon badge bag balance balcony ball bamboo banana banner bar barely bargain barrel base basic"

                    "basket battle beach bean beauty because become beef before begin behave behind"

                    "cabbage cabin cable cactus cage cake call calm camera camp can canal cancel candy cannon canoe canvas canyon"

                    "capable capital captain car carbon card cargo carpet carry cart case"

                    "daisy damage damp dance danger daring dash daughter dawn day deal debate debris decade december decide decline"

                    "decorate decrease deer defense define defy degree delay deliver demand demise denial";


const char *msg11 = "a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,"

                    "a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,"

                    "a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,"

                    "a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,"

                    "a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a";


const char *msg12 = "a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,,,,,,a,abc";


const char *msg13 = "a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,a,,,,,,a,";


const char *msg14 = "a,aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa,a";


#define PUSH_BUNDLE_SIZE_TEST 184


#define expect_control_channel_strings(res)                          \

    do                                                               \

    {                                                                \

        for (int j = 0; res[j] != NULL; j++)                         \

        {                                                            \

            expect_string(send_control_channel_string, str, res[j]); \

        }                                                            \

    } while (0)


static void


test_send_push_msg0(void **state)

{

    struct multi_context *m = *state;

    const unsigned long cid = 0;

    expect_control_channel_strings(r0);

    assert_int_equal(send_push_update(m, &cid, msg0, UPT_BY_CID, PUSH_BUNDLE_SIZE_TEST), 1);

}


static void


test_send_push_msg1(void **state)

{

    struct multi_context *m = *state;

    const unsigned long cid = 0;

    expect_control_channel_strings(r1);

    assert_int_equal(send_push_update(m, &cid, msg1, UPT_BY_CID, PUSH_BUNDLE_SIZE_TEST), 1);

}


static void


test_send_push_msg2(void **state)

{

    struct multi_context *m = *state;

    const unsigned long cid = 0;

    assert_int_equal(send_push_update(m, &cid, msg2, UPT_BY_CID, PUSH_BUNDLE_SIZE_TEST), -EINVAL);

}


static void


test_send_push_msg3(void **state)

{

    struct multi_context *m = *state;

    const unsigned long cid = 0;

    expect_control_channel_strings(r3);

    assert_int_equal(send_push_update(m, &cid, msg3, UPT_BY_CID, PUSH_BUNDLE_SIZE_TEST), 1);

}


static void


test_send_push_msg4(void **state)

{

    struct multi_context *m = *state;

    const unsigned long cid = 0;

    expect_control_channel_strings(r4);

    assert_int_equal(send_push_update(m, &cid, msg4, UPT_BY_CID, PUSH_BUNDLE_SIZE_TEST), 1);

}


static void


test_send_push_msg5(void **state)

{

    struct multi_context *m = *state;

    const unsigned long cid = 0;

    expect_control_channel_strings(r5);

    assert_int_equal(send_push_update(m, &cid, msg5, UPT_BY_CID, PUSH_BUNDLE_SIZE_TEST), 1);

}


static void


test_send_push_msg6(void **state)

{

    struct multi_context *m = *state;

    const unsigned long cid = 0;

    expect_control_channel_strings(r6);

    assert_int_equal(send_push_update(m, &cid, msg6, UPT_BY_CID, PUSH_BUNDLE_SIZE_TEST), 1);

}


static void


test_send_push_msg7(void **state)

{

    struct multi_context *m = *state;

    const unsigned long cid = 0;

    expect_control_channel_strings(r7);

    assert_int_equal(send_push_update(m, &cid, msg7, UPT_BY_CID, PUSH_BUNDLE_SIZE_TEST), 1);

}


static void


test_send_push_msg8(void **state)

{

    struct multi_context *m = *state;

    const unsigned long cid = 0;

    expect_control_channel_strings(r8);

    assert_int_equal(send_push_update(m, &cid, msg8, UPT_BY_CID, PUSH_BUNDLE_SIZE_TEST), 1);

}


static void


test_send_push_msg9(void **state)

{

    struct multi_context *m = *state;

    const unsigned long cid = 0;

    expect_control_channel_strings(r9);

    assert_int_equal(send_push_update(m, &cid, msg9, UPT_BY_CID, PUSH_BUNDLE_SIZE_TEST), 1);

}


static void


test_send_push_msg10(void **state)

{

    struct multi_context *m = *state;

    const unsigned long cid = 0;

    assert_int_equal(send_push_update(m, &cid, msg10, UPT_BY_CID, PUSH_BUNDLE_SIZE_TEST), -EINVAL);

}


static void


test_send_push_msg11(void **state)

{

    struct multi_context *m = *state;

    const unsigned long cid = 0;

    expect_control_channel_strings(r11);

    assert_int_equal(send_push_update(m, &cid, msg11, UPT_BY_CID, PUSH_BUNDLE_SIZE_TEST), 1);

}


static void


test_send_push_msg12(void **state)

{

    struct multi_context *m = *state;

    const unsigned long cid = 0;

    expect_control_channel_strings(r12);

    assert_int_equal(send_push_update(m, &cid, msg12, UPT_BY_CID, PUSH_BUNDLE_SIZE_TEST), 1);

}


static void


test_send_push_msg13(void **state)

{

    struct multi_context *m = *state;

    const unsigned long cid = 0;

    expect_control_channel_strings(r13);

    assert_int_equal(send_push_update(m, &cid, msg13, UPT_BY_CID, PUSH_BUNDLE_SIZE_TEST), 1);

}


static void


test_send_push_msg14(void **state)

{

    struct multi_context *m = *state;

    const unsigned long cid = 0;

    expect_control_channel_strings(r14);

    assert_int_equal(send_push_update(m, &cid, msg14, UPT_BY_CID, PUSH_BUNDLE_SIZE_TEST), 1);

}


#undef PUSH_BUNDLE_SIZE_TEST


static int


setup2(void **state)

{

    struct multi_context *m = calloc(1, sizeof(struct multi_context));

    m->instances = calloc(1, sizeof(struct multi_instance *));

    struct multi_instance *mi = calloc(1, sizeof(struct multi_instance));

    mi->context.c2.tls_multi = calloc(1, sizeof(struct tls_multi));

    *(m->instances) = mi;

    m->top.options.disable_dco = true;

    *state = m;

    return 0;

}


static int


teardown2(void **state)

{

    struct multi_context *m = *state;

    free((*(m->instances))->context.c2.tls_multi);

    free(*(m->instances));

    free(m->instances);

    free(m);

    return 0;

}


#endif /* ifdef ENABLE_MANAGEMENT */


static int


setup(void **state)

{

    struct context *c = calloc(1, sizeof(struct context));

    c->options.pull = true;

    c->options.route_nopull = false;

    *state = c;

    return 0;

}


static int


teardown(void **state)

{

    struct context *c = *state;

    free(c);

    return 0;

}


int


main(void)

{

    const struct CMUnitTest tests[] = {

        cmocka_unit_test_setup_teardown(test_incoming_push_message_basic, setup, teardown),

        cmocka_unit_test_setup_teardown(test_incoming_push_message_error1, setup, teardown),

        cmocka_unit_test_setup_teardown(test_incoming_push_message_error2, setup, teardown),

        cmocka_unit_test_setup_teardown(test_incoming_push_message_not_updatable_option, setup,

                                        teardown),

        cmocka_unit_test_setup_teardown(test_incoming_push_message_1, setup, teardown),

        cmocka_unit_test_setup_teardown(test_incoming_push_message_bad_format, setup, teardown),

        cmocka_unit_test_setup_teardown(test_incoming_push_message_mix, setup, teardown),

        cmocka_unit_test_setup_teardown(test_incoming_push_message_mix2, setup, teardown),

        cmocka_unit_test_setup_teardown(test_incoming_push_continuation_route_accumulation, setup,

                                        teardown),

#ifdef ENABLE_MANAGEMENT


        cmocka_unit_test_setup_teardown(test_send_push_msg0, setup2, teardown2),

        cmocka_unit_test_setup_teardown(test_send_push_msg1, setup2, teardown2),

        cmocka_unit_test_setup_teardown(test_send_push_msg2, setup2, teardown2),

        cmocka_unit_test_setup_teardown(test_send_push_msg3, setup2, teardown2),

        cmocka_unit_test_setup_teardown(test_send_push_msg4, setup2, teardown2),

        cmocka_unit_test_setup_teardown(test_send_push_msg5, setup2, teardown2),

        cmocka_unit_test_setup_teardown(test_send_push_msg6, setup2, teardown2),

        cmocka_unit_test_setup_teardown(test_send_push_msg7, setup2, teardown2),

        cmocka_unit_test_setup_teardown(test_send_push_msg8, setup2, teardown2),

        cmocka_unit_test_setup_teardown(test_send_push_msg9, setup2, teardown2),

        cmocka_unit_test_setup_teardown(test_send_push_msg10, setup2, teardown2),

        cmocka_unit_test_setup_teardown(test_send_push_msg11, setup2, teardown2),

        cmocka_unit_test_setup_teardown(test_send_push_msg12, setup2, teardown2),

        cmocka_unit_test_setup_teardown(test_send_push_msg13, setup2, teardown2),

        cmocka_unit_test_setup_teardown(test_send_push_msg14, setup2, teardown2)

#endif

    };


    return cmocka_run_group_tests(tests, NULL, NULL);

}


buf_string_compare_advance
bool buf_string_compare_advance(struct buffer *src, const char *match)
Definition buffer.c:788

free_buf
void free_buf(struct buffer *buf)
Definition buffer.c:184

alloc_buf
struct buffer alloc_buf(size_t size)
Definition buffer.c:63

buf_parse
bool buf_parse(struct buffer *buf, const int delim, char *line, const int size)
Definition buffer.c:824

buf_write
static bool buf_write(struct buffer *dest, const void *src, size_t size)
Definition buffer.h:660

multi.h
Header file for server-mode related structures and functions.

msg
#define msg(flags,...)
Definition error.h:152

msglvl_t
unsigned int msglvl_t
Definition error.h:77

M_WARN
#define M_WARN
Definition error.h:92

OPT_P_UP
#define OPT_P_UP
Definition options.h:732

OPT_P_NCP
#define OPT_P_NCP
Negotiable crypto parameters.
Definition options.h:743

OPT_P_ECHO
#define OPT_P_ECHO
Definition options.h:751

OPT_P_EXPLICIT_NOTIFY
#define OPT_P_EXPLICIT_NOTIFY
Definition options.h:750

OPT_P_SHAPER
#define OPT_P_SHAPER
Definition options.h:737

OPT_P_SOCKFLAGS
#define OPT_P_SOCKFLAGS
Definition options.h:757

OPT_P_MESSAGES
#define OPT_P_MESSAGES
Definition options.h:742

OPT_P_SETENV
#define OPT_P_SETENV
Definition options.h:736

OPT_P_SOCKBUF
#define OPT_P_SOCKBUF
Definition options.h:756

OPTION_PARM_SIZE
#define OPTION_PARM_SIZE
Definition options.h:56

OPT_P_TIMER
#define OPT_P_TIMER
Definition options.h:738

OPT_P_DHCPDNS
#define OPT_P_DHCPDNS
Definition options.h:734

OPT_P_PULL_MODE
#define OPT_P_PULL_MODE
Definition options.h:754

OPT_P_PUSH_MTU
#define OPT_P_PUSH_MTU
Definition options.h:761

OPT_P_PERSIST
#define OPT_P_PERSIST
Definition options.h:739

OPT_P_U_ROUTE
#define OPT_P_U_ROUTE
Definition options.h:791

OPT_P_COMP
#define OPT_P_COMP
Definition options.h:741

OPT_P_ROUTE_EXTRAS
#define OPT_P_ROUTE_EXTRAS
Definition options.h:753

OPT_P_PEER_ID
#define OPT_P_PEER_ID
Definition options.h:759

OPT_P_ROUTE
#define OPT_P_ROUTE
Definition options.h:733

check_push_update_option_flags
bool check_push_update_option_flags(char *line, int *i, unsigned int *flags)
Checks the formatting and validity of options inside push-update messages.
Definition options_util.c:206

apply_pull_filter
bool apply_pull_filter(const struct options *o, char *line)
Filter an option line by all pull filters.
Definition options_util.c:268

options_util.h

push.h

UPT_BY_CID
@ UPT_BY_CID
Definition push.h:49

PUSH_MSG_REQUEST
#define PUSH_MSG_REQUEST
Definition push.h:29

process_push_update
int process_push_update(struct context *c, struct options *o, unsigned int permission_mask, unsigned int *option_types_found, struct buffer *buf, bool msg_sender)
Handles the receiving of a push-update message and applies updates to the specified options.
Definition push_util.c:14

PUSH_OPT_OPTIONAL
#define PUSH_OPT_OPTIONAL
Definition push.h:42

PUSH_MSG_ERROR
#define PUSH_MSG_ERROR
Definition push.h:28

PUSH_MSG_REPLY
#define PUSH_MSG_REPLY
Definition push.h:30

PUSH_MSG_UPDATE
#define PUSH_MSG_UPDATE
Definition push.h:35

push_update_cmd
#define push_update_cmd
Definition push.h:38

push_reply_cmd
#define push_reply_cmd
Definition push.h:37

PUSH_MSG_CONTINUATION
#define PUSH_MSG_CONTINUATION
Definition push.h:33

push_util.c

send_push_update
static int send_push_update(struct multi_context *m, const void *target, const char *msg, const push_update_type type, const size_t push_bundle_size)
A function to send a PUSH_UPDATE control message from server to client(s).
Definition push_util.c:254

IV_PROTO_PUSH_UPDATE
#define IV_PROTO_PUSH_UPDATE
Supports push-update.
Definition ssl.h:117

buffer
Wrapper structure for dynamically allocated memory.
Definition buffer.h:60

buffer::len
int len
Length in bytes of the actual content within the allocated memory.
Definition buffer.h:65

context_2::tls_multi
struct tls_multi * tls_multi
TLS state structure for this VPN tunnel.
Definition openvpn.h:323

context
Contains all state information for one tunnel.
Definition openvpn.h:471

context::c2
struct context_2 c2
Level 2 context.
Definition openvpn.h:514

context::options
struct options options
Options loaded from command line or configuration file.
Definition openvpn.h:472

env_set
Definition env_set.h:43

mroute_addr
Definition mroute.h:82

multi_context
Main OpenVPN server state structure.
Definition multi.h:163

multi_context::top
struct context top
Storage structure for process-wide configuration.
Definition multi.h:202

multi_context::instances
struct multi_instance ** instances
Array of multi_instances.
Definition multi.h:164

multi_instance
Server-mode state structure for one single VPN tunnel.
Definition multi.h:102

multi_instance::context
struct context context
The context structure storing state for this VPN tunnel.
Definition multi.h:143

openvpn_sockaddr
Definition socket_util.h:38

options
Definition options.h:255

options::route_nopull
bool route_nopull
Definition options.h:436

options::push_update_options_found
unsigned int push_update_options_found
Definition options.h:558

options::push_continuation
int push_continuation
Definition options.h:556

options::disable_dco
bool disable_dco
Definition options.h:373

options::pull
bool pull
Definition options.h:555

options::pull_filter_list
struct pull_filter_list * pull_filter_list
Definition options.h:716

tls_multi
Security parameter state for a single VPN tunnel.
Definition ssl_common.h:613

es
struct env_set * es
Definition test_pkcs11.c:138

options_postprocess_pull
bool options_postprocess_pull(struct options *options, struct env_set *es)
Definition test_push_update_msg.c:52

msg2
const char * msg2
Definition test_push_update_msg.c:466

test_send_push_msg2
static void test_send_push_msg2(void **state)
Definition test_push_update_msg.c:530

send_control_channel_string
bool send_control_channel_string(struct context *c, const char *str, msglvl_t msglevel)
Definition test_push_update_msg.c:172

msg10
const char * msg10
Definition test_push_update_msg.c:479

teardown
static int teardown(void **state)
Definition test_push_update_msg.c:682

r13
char * r13[]
Definition test_push_update_msg.c:452

r4
char * r4[]
Definition test_push_update_msg.c:406

msg11
const char * msg11
Definition test_push_update_msg.c:488

msg13
const char * msg13
Definition test_push_update_msg.c:496

test_send_push_msg9
static void test_send_push_msg9(void **state)
Definition test_push_update_msg.c:592

test_send_push_msg11
static void test_send_push_msg11(void **state)
Definition test_push_update_msg.c:609

throw_signal_soft
void throw_signal_soft(const int signum, const char *signal_text)
Throw a soft global signal.
Definition test_push_update_msg.c:18

test_send_push_msg4
static void test_send_push_msg4(void **state)
Definition test_push_update_msg.c:547

msg1
const char * msg1
Definition test_push_update_msg.c:464

test_send_push_msg1
static void test_send_push_msg1(void **state)
Definition test_push_update_msg.c:521

mroute_extract_openvpn_sockaddr
bool mroute_extract_openvpn_sockaddr(struct mroute_addr *addr, const struct openvpn_sockaddr *osaddr, bool use_port)
Definition test_push_update_msg.c:185

msg8
const char * msg8
Definition test_push_update_msg.c:475

test_send_push_msg3
static void test_send_push_msg3(void **state)
Definition test_push_update_msg.c:538

reset_route_counters
static void reset_route_counters(void)
Definition test_push_update_msg.c:65

r9
char * r9[]
Definition test_push_update_msg.c:435

test_send_push_msg0
static void test_send_push_msg0(void **state)
Definition test_push_update_msg.c:512

msg6
const char * msg6
Definition test_push_update_msg.c:472

test_send_push_msg8
static void test_send_push_msg8(void **state)
Definition test_push_update_msg.c:583

lookup_by_cid
struct multi_instance * lookup_by_cid(struct multi_context *m, const unsigned long cid)
Definition test_push_update_msg.c:179

test_send_push_msg12
static void test_send_push_msg12(void **state)
Definition test_push_update_msg.c:618

teardown2
static int teardown2(void **state)
Definition test_push_update_msg.c:660

r5
char * r5[]
Definition test_push_update_msg.c:412

msg0
const char * msg0
Definition test_push_update_msg.c:463

route_add_count
static int route_add_count
Definition test_push_update_msg.c:62

test_incoming_push_message_bad_format
static void test_incoming_push_message_bad_format(void **state)
Definition test_push_update_msg.c:267

expect_control_channel_strings
#define expect_control_channel_strings(res)
Definition test_push_update_msg.c:502

r3
char * r3[]
Definition test_push_update_msg.c:402

test_send_push_msg6
static void test_send_push_msg6(void **state)
Definition test_push_update_msg.c:565

test_send_push_msg7
static void test_send_push_msg7(void **state)
Definition test_push_update_msg.c:574

msg4
const char * msg4
Definition test_push_update_msg.c:468

main
int main(void)
Definition test_push_update_msg.c:690

msg5
const char * msg5
Definition test_push_update_msg.c:470

r14
char * r14[]
Definition test_push_update_msg.c:456

test_incoming_push_message_error2
static void test_incoming_push_message_error2(void **state)
Definition test_push_update_msg.c:235

test_send_push_msg5
static void test_send_push_msg5(void **state)
Definition test_push_update_msg.c:556

msg7
const char * msg7
Definition test_push_update_msg.c:474

setup2
static int setup2(void **state)
Definition test_push_update_msg.c:647

test_incoming_push_continuation_route_accumulation
static void test_incoming_push_continuation_route_accumulation(void **state)
Test that routes accumulate correctly across multiple continuation messages.
Definition test_push_update_msg.c:344

route_reset_count
static int route_reset_count
Definition test_push_update_msg.c:61

apply_push_options
bool apply_push_options(struct context *c, struct options *options, struct buffer *buf, unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es, bool is_update)
Definition test_push_update_msg.c:72

test_send_push_msg10
static void test_send_push_msg10(void **state)
Definition test_push_update_msg.c:601

r6
char * r6[]
Definition test_push_update_msg.c:418

test_incoming_push_message_mix
static void test_incoming_push_message_mix(void **state)
Definition test_push_update_msg.c:299

r11
char * r11[]
Definition test_push_update_msg.c:439

setup
static int setup(void **state)
Definition test_push_update_msg.c:672

test_incoming_push_message_basic
static void test_incoming_push_message_basic(void **state)
Definition test_push_update_msg.c:202

test_incoming_push_message_1
static void test_incoming_push_message_1(void **state)
Definition test_push_update_msg.c:251

test_incoming_push_message_error1
static void test_incoming_push_message_error1(void **state)
Definition test_push_update_msg.c:219

test_incoming_push_message_mix2
static void test_incoming_push_message_mix2(void **state)
Definition test_push_update_msg.c:316

test_send_push_msg13
static void test_send_push_msg13(void **state)
Definition test_push_update_msg.c:627

extract_iv_proto
unsigned int extract_iv_proto(const char *peer_info)
Extracts the IV_PROTO variable and returns its value or 0 if it cannot be extracted.
Definition test_push_update_msg.c:193

msg9
const char * msg9
Definition test_push_update_msg.c:477

unlearn_ifconfig_ipv6
void unlearn_ifconfig_ipv6(struct multi_context *m, struct multi_instance *mi)
Definition test_push_update_msg.c:40

unlearn_ifconfig
void unlearn_ifconfig(struct multi_context *m, struct multi_instance *mi)
Definition test_push_update_msg.c:34

test_incoming_push_message_not_updatable_option
static void test_incoming_push_message_not_updatable_option(void **state)
Definition test_push_update_msg.c:283

PUSH_BUNDLE_SIZE_TEST
#define PUSH_BUNDLE_SIZE_TEST
Definition test_push_update_msg.c:500

test_send_push_msg14
static void test_send_push_msg14(void **state)
Definition test_push_update_msg.c:636

msg14
const char * msg14
Definition test_push_update_msg.c:498

update_vhash
void update_vhash(struct multi_context *m, struct multi_instance *mi, const char *new_ip, const char *new_ipv6)
Update the vhash with new IP/IPv6 addresses in the multi_context when a push-update message containin...
Definition test_push_update_msg.c:46

pull_permission_mask
unsigned int pull_permission_mask(const struct context *c)
Definition test_push_update_msg.c:24

process_incoming_push_msg
int process_incoming_push_msg(struct context *c, const struct buffer *buffer, bool honor_received_options, unsigned int permission_mask, unsigned int *option_types_found)
Definition test_push_update_msg.c:133

r8
char * r8[]
Definition test_push_update_msg.c:429

tls_common_name
const char * tls_common_name(const struct tls_multi *multi, const bool null)
Returns the common name field for the given tunnel.
Definition test_push_update_msg.c:158

r1
char * r1[]
Definition test_push_update_msg.c:396

r0
char * r0[]
Definition test_push_update_msg.c:392

r7
char * r7[]
Definition test_push_update_msg.c:424

msg3
const char * msg3
Definition test_push_update_msg.c:467

msg12
const char * msg12
Definition test_push_update_msg.c:494

r12
char * r12[]
Definition test_push_update_msg.c:447