doxygen/push__util_8c_source.html

#ifdef HAVE_CONFIG_H

#include "config.h"

#endif


#include "push.h"

#include "buffer.h"


#ifdef ENABLE_MANAGEMENT

#include "multi.h"

#endif


#if defined(__GNUC__) || defined(__clang__)

#pragma GCC diagnostic push

#pragma GCC diagnostic ignored "-Wconversion"

#endif


int


process_incoming_push_update(struct context *c, unsigned int permission_mask,

                             unsigned int *option_types_found, struct buffer *buf,

                             bool msg_sender)

{

    int ret = PUSH_MSG_ERROR;

    const uint8_t ch = buf_read_u8(buf);

    if (ch == ',')

    {

        if (apply_push_options(c, &c->options, buf, permission_mask, option_types_found, c->c2.es,

                               true))

        {

            switch (c->options.push_continuation)

            {

                case 0:

                case 1:

                    ret = PUSH_MSG_UPDATE;

                    break;


                case 2:

                    ret = PUSH_MSG_CONTINUATION;

                    break;

            }

        }

        else if (!msg_sender)

        {

            throw_signal_soft(SIGUSR1, "Offending option received from server");

        }

    }

    else if (ch == '\0')

    {

        ret = PUSH_MSG_UPDATE;

    }


    return ret;

}


#ifdef ENABLE_MANAGEMENT

static int


find_first_comma_of_next_bundle(const char *str, int ix)

{

    while (ix > 0)

    {

        if (str[ix] == ',')

        {

            return ix;

        }

        ix--;

    }

    return 0;

}


/* Allocate memory and assemble the final message */

static struct buffer


forge_msg(const char *src, const char *continuation, struct gc_arena *gc)

{

    int src_len = strlen(src);

    int con_len = continuation ? strlen(continuation) : 0;

    struct buffer buf = alloc_buf_gc(src_len + sizeof(push_update_cmd) + con_len + 2, gc);


    buf_printf(&buf, "%s,%s%s", push_update_cmd, src, continuation ? continuation : "");


    return buf;

}


static char *


gc_strdup(const char *src, struct gc_arena *gc)

{

    char *ret = gc_malloc((strlen(src) + 1) * sizeof(char), true, gc);


    strcpy(ret, src);

    return ret;

}


/* It split the messagge (if necessay) and fill msgs with the message chunks.

 * Return `false` on failure an `true` on success.

 */

static bool


message_splitter(const char *s, struct buffer *msgs, struct gc_arena *gc, const int safe_cap)

{

    if (!s || !*s)

    {

        return false;

    }


    char *str = gc_strdup(s, gc);

    int i = 0;

    int im = 0;


    while (*str)

    {

        /* + ',' - '/0' */

        if (strlen(str) > safe_cap)

        {

            int ci = find_first_comma_of_next_bundle(str, safe_cap);

            if (!ci)

            {

                /* if no commas were found go to fail, do not send any message */

                return false;

            }

            str[ci] = '\0';

            /* copy from i to (ci -1) */

            msgs[im] = forge_msg(str, ",push-continuation 2", gc);

            i = ci + 1;

        }

        else

        {

            if (im)

            {

                msgs[im] = forge_msg(str, ",push-continuation 1", gc);

            }

            else

            {

                msgs[im] = forge_msg(str, NULL, gc);

            }

            i = strlen(str);

        }

        str = &str[i];

        im++;

    }

    return true;

}


/* send the message(s) prepared to one single client */

static bool


send_single_push_update(struct context *c, struct buffer *msgs, unsigned int *option_types_found)

{

    if (!msgs[0].data || !*(msgs[0].data))

    {

        return false;

    }

    int i = -1;


    while (msgs[++i].data && *(msgs[i].data))

    {

        if (!send_control_channel_string(c, BSTR(&msgs[i]), D_PUSH))

        {

            return false;

        }


        /* After sending the control message, we update the options

         * server-side in the client's context so pushed options like

         * ifconfig/ifconfig-ipv6 can actually work.

         * If we don't do that, packets arriving from the client with the

         * new address will be rejected and packets for the new address

         * will not be routed towards the client.

         * For the same reason we later update the vhash too in

         * `send_push_update()` function.

         * Using `buf_string_compare_advance()` we mimic the behavior

         * inside `process_incoming_push_msg()`. However, we don't need

         * to check the return value here because we just want to `advance`,

         * meaning we skip the `push_update_cmd' we added earlier.

         */

        buf_string_compare_advance(&msgs[i], push_update_cmd);

        if (process_incoming_push_update(c, pull_permission_mask(c), option_types_found, &msgs[i], true) == PUSH_MSG_ERROR)

        {

            msg(M_WARN, "Failed to process push update message sent to client ID: %u",

                c->c2.tls_multi ? c->c2.tls_multi->peer_id : UINT32_MAX);

            continue;

        }

        c->options.push_option_types_found |= *option_types_found;

        if (!options_postprocess_pull(&c->options, c->c2.es))

        {

            msg(M_WARN, "Failed to post-process push update message sent to client ID: %u",

                c->c2.tls_multi ? c->c2.tls_multi->peer_id : UINT32_MAX);

        }

    }

    return true;

}


int


send_push_update(struct multi_context *m, const void *target, const char *msg, const push_update_type type, const int push_bundle_size)

{

    if (!msg || !*msg || !m

        || (!target && type != UPT_BROADCAST))

    {

        return -EINVAL;

    }


    struct gc_arena gc = gc_new();

    /* extra space for possible trailing ifconfig and push-continuation */

    const int extra = 84 + sizeof(push_update_cmd);

    /* push_bundle_size is the maximum size of a message, so if the message

     * we want to send exceeds that size we have to split it into smaller messages */

    const int safe_cap = push_bundle_size - extra;

    int msgs_num = (strlen(msg) / safe_cap) + ((strlen(msg) % safe_cap) != 0);

    struct buffer *msgs = gc_malloc((msgs_num + 1) * sizeof(struct buffer), true, &gc);


    unsigned int option_types_found = 0;


    msgs[msgs_num].data = NULL;

    if (!message_splitter(msg, msgs, &gc, safe_cap))

    {

        gc_free(&gc);

        return -EINVAL;

    }


    if (type == UPT_BY_CID)

    {

        struct multi_instance *mi = lookup_by_cid(m, *((unsigned long *)target));


        if (!mi)

        {

            return -ENOENT;

        }


        const char *old_ip = mi->context.options.ifconfig_local;

        const char *old_ipv6 = mi->context.options.ifconfig_ipv6_local;

        if (!mi->halt

            && send_single_push_update(&mi->context, msgs, &option_types_found))

        {

            if (option_types_found & OPT_P_UP)

            {

                update_vhash(m, mi, old_ip, old_ipv6);

            }

            gc_free(&gc);

            return 1;

        }

        else

        {

            gc_free(&gc);

            return 0;

        }

    }


    int count = 0;

    struct hash_iterator hi;

    const struct hash_element *he;


    hash_iterator_init(m->iter, &hi);

    while ((he = hash_iterator_next(&hi)))

    {

        struct multi_instance *curr_mi = he->value;


        if (curr_mi->halt)

        {

            continue;

        }


        /* Type is UPT_BROADCAST so we update every client */

        option_types_found = 0;

        const char *old_ip = curr_mi->context.options.ifconfig_local;

        const char *old_ipv6 = curr_mi->context.options.ifconfig_ipv6_local;

        if (!send_single_push_update(&curr_mi->context, msgs, &option_types_found))

        {

            msg(M_CLIENT, "ERROR: Peer ID: %u has not been updated",

                curr_mi->context.c2.tls_multi ? curr_mi->context.c2.tls_multi->peer_id : UINT32_MAX);

            continue;

        }

        if (option_types_found & OPT_P_UP)

        {

            update_vhash(m, curr_mi, old_ip, old_ipv6);

        }

        count++;

    }


    hash_iterator_free(&hi);

    gc_free(&gc);

    return count;

}


#define RETURN_UPDATE_STATUS(n_sent)                                  \

    do                                                                \

    {                                                                 \

        if ((n_sent) > 0)                                             \

        {                                                             \

            msg(M_CLIENT, "SUCCESS: %d client(s) updated", (n_sent)); \

            return true;                                              \

        }                                                             \

        else                                                          \

        {                                                             \

            msg(M_CLIENT, "ERROR: no client updated");                \

            return false;                                             \

        }                                                             \

    } while (0)


bool


management_callback_send_push_update_broadcast(void *arg, const char *options)

{

    int n_sent = send_push_update(arg, NULL, options, UPT_BROADCAST, PUSH_BUNDLE_SIZE);


    RETURN_UPDATE_STATUS(n_sent);

}


bool


management_callback_send_push_update_by_cid(void *arg, unsigned long cid, const char *options)

{

    int n_sent = send_push_update(arg, &cid, options, UPT_BY_CID, PUSH_BUNDLE_SIZE);


    RETURN_UPDATE_STATUS(n_sent);

}


#endif /* ifdef ENABLE_MANAGEMENT */


#if defined(__GNUC__) || defined(__clang__)

#pragma GCC diagnostic pop

#endif

buf_string_compare_advance
bool buf_string_compare_advance(struct buffer *src, const char *match)
Definition buffer.c:789

buf_printf
bool buf_printf(struct buffer *buf, const char *format,...)
Definition buffer.c:241

gc_malloc
void * gc_malloc(size_t size, bool clear, struct gc_arena *a)
Definition buffer.c:336

alloc_buf_gc
struct buffer alloc_buf_gc(size_t size, struct gc_arena *gc)
Definition buffer.c:89

buffer.h

BSTR
#define BSTR(buf)
Definition buffer.h:128

buf_read_u8
static int buf_read_u8(struct buffer *buf)
Definition buffer.h:774

gc_free
static void gc_free(struct gc_arena *a)
Definition buffer.h:1015

gc_new
static struct gc_arena gc_new(void)
Definition buffer.h:1007

PUSH_BUNDLE_SIZE
#define PUSH_BUNDLE_SIZE
Definition common.h:87

config.h

D_PUSH
#define D_PUSH
Definition errlevel.h:82

send_control_channel_string
bool send_control_channel_string(struct context *c, const char *str, msglvl_t msglevel)
Definition forward.c:404

pull_permission_mask
unsigned int pull_permission_mask(const struct context *c)
Definition init.c:2544

hash_iterator_free
void hash_iterator_free(struct hash_iterator *hi)
Definition list.c:270

hash_iterator_next
struct hash_element * hash_iterator_next(struct hash_iterator *hi)
Definition list.c:276

hash_iterator_init
void hash_iterator_init(struct hash *hash, struct hash_iterator *hi)
Definition list.c:234

lookup_by_cid
struct multi_instance * lookup_by_cid(struct multi_context *m, const unsigned long cid)
Definition multi.c:4005

update_vhash
void update_vhash(struct multi_context *m, struct multi_instance *mi, const char *old_ip, const char *old_ipv6)
Update the vhash with new IP/IPv6 addresses in the multi_context when a push-update message containin...
Definition multi.c:4280

multi.h
Header file for server-mode related structures and functions.

M_CLIENT
#define M_CLIENT
Definition error.h:108

msg
#define msg(flags,...)
Definition error.h:152

M_WARN
#define M_WARN
Definition error.h:92

options_postprocess_pull
bool options_postprocess_pull(struct options *o, struct env_set *es)
Definition options.c:4293

apply_push_options
bool apply_push_options(struct context *c, struct options *options, struct buffer *buf, unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es, bool is_update)
Definition options.c:5463

OPT_P_UP
#define OPT_P_UP
Definition options.h:733

push.h

push_update_type
push_update_type
Definition push.h:47

UPT_BY_CID
@ UPT_BY_CID
Definition push.h:49

UPT_BROADCAST
@ UPT_BROADCAST
Definition push.h:48

PUSH_MSG_ERROR
#define PUSH_MSG_ERROR
Definition push.h:28

PUSH_MSG_UPDATE
#define PUSH_MSG_UPDATE
Definition push.h:35

push_update_cmd
#define push_update_cmd
Definition push.h:38

PUSH_MSG_CONTINUATION
#define PUSH_MSG_CONTINUATION
Definition push.h:33

message_splitter
static bool message_splitter(const char *s, struct buffer *msgs, struct gc_arena *gc, const int safe_cap)
Definition push_util.c:99

forge_msg
static struct buffer forge_msg(const char *src, const char *continuation, struct gc_arena *gc)
Definition push_util.c:75

find_first_comma_of_next_bundle
static int find_first_comma_of_next_bundle(const char *str, int ix)
Return index of last , or 0 if it didn't find any.
Definition push_util.c:60

send_push_update
int send_push_update(struct multi_context *m, const void *target, const char *msg, const push_update_type type, const int push_bundle_size)
A function to send a PUSH_UPDATE control message from server to client(s).
Definition push_util.c:192

RETURN_UPDATE_STATUS
#define RETURN_UPDATE_STATUS(n_sent)
Definition push_util.c:282

management_callback_send_push_update_by_cid
bool management_callback_send_push_update_by_cid(void *arg, unsigned long cid, const char *options)
Definition push_util.c:307

management_callback_send_push_update_broadcast
bool management_callback_send_push_update_broadcast(void *arg, const char *options)
Definition push_util.c:299

gc_strdup
static char * gc_strdup(const char *src, struct gc_arena *gc)
Definition push_util.c:87

send_single_push_update
static bool send_single_push_update(struct context *c, struct buffer *msgs, unsigned int *option_types_found)
Definition push_util.c:146

process_incoming_push_update
int process_incoming_push_update(struct context *c, unsigned int permission_mask, unsigned int *option_types_found, struct buffer *buf, bool msg_sender)
Handles the receiving of a push-update message and applies updates to the specified options.
Definition push_util.c:18

throw_signal_soft
void throw_signal_soft(const int signum, const char *signal_text)
Throw a soft global signal.
Definition sig.c:204

buffer
Wrapper structure for dynamically allocated memory.
Definition buffer.h:60

buffer::data
uint8_t * data
Pointer to the allocated memory.
Definition buffer.h:67

buffer::len
int len
Length in bytes of the actual content within the allocated memory.
Definition buffer.h:65

context_2::es
struct env_set * es
Definition openvpn.h:420

context_2::tls_multi
struct tls_multi * tls_multi
TLS state structure for this VPN tunnel.
Definition openvpn.h:323

context
Contains all state information for one tunnel.
Definition openvpn.h:474

context::c2
struct context_2 c2
Level 2 context.
Definition openvpn.h:517

context::options
struct options options
Options loaded from command line or configuration file.
Definition openvpn.h:475

gc_arena
Garbage collection arena used to keep track of dynamically allocated memory.
Definition buffer.h:116

hash_element
Definition list.h:40

hash_element::value
void * value
Definition list.h:41

hash_iterator
Definition list.h:79

multi_context
Main OpenVPN server state structure.
Definition multi.h:164

multi_context::iter
struct hash * iter
VPN tunnel instances indexed by real address of the remote peer, optimized for iteration.
Definition multi.h:172

multi_instance
Server-mode state structure for one single VPN tunnel.
Definition multi.h:103

multi_instance::halt
bool halt
Definition multi.h:114

multi_instance::context
struct context context
The context structure storing state for this VPN tunnel.
Definition multi.h:144

options
Definition options.h:252

options::ifconfig_ipv6_local
const char * ifconfig_ipv6_local
Definition options.h:325

options::ifconfig_local
const char * ifconfig_local
Definition options.h:323

options::push_continuation
int push_continuation
Definition options.h:560

tls_multi::peer_id
uint32_t peer_id
Definition ssl_common.h:700

i
int i
Definition test_push_update_msg.c:120

gc
struct gc_arena gc
Definition test_ssl.c:131