From patchwork Mon Mar 25 01:05:48 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "plaisthos (Code Review)" X-Patchwork-Id: 3664 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:c315:b0:55c:c090:46f0 with SMTP id jk21csp2179565mab; Sun, 24 Mar 2024 18:07:14 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCX6CkR2ImOdf5f/pMFX2tol6bNUxQ/LU7AdqNmqfVmymP/qo0hGt7Q4TsqrhzcFZ7NOqBwJ9j1TSQWLok1ltHbqoPlfVzI= X-Google-Smtp-Source: AGHT+IHv1RQ4BnKaLz/Fgptg+tF0EK/bhoNBmvmpQMxQgyGotuxa0bin974jr62twLyigZZTWT0J X-Received: by 2002:a05:6870:b156:b0:221:399e:959a with SMTP id a22-20020a056870b15600b00221399e959amr5506439oal.0.1711328834058; Sun, 24 Mar 2024 18:07:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1711328834; cv=none; d=google.com; s=arc-20160816; b=CPzyAMmlkWLARum+o7tWHnnoqHMqU4l9cfq/dV9as+t0xeU3c1rTVUHJuMXBb/Y0OL RmP8RRheEHOhx55eTImjN2kYE6orc5h15qZAcvKZ2KkxGSBUzDCnO0w7OHIsUXhx/51H cM55+gVHl53gjWpHaLMfjpL3bjDjGfDri6WOrbzC+haS5PNvzOVIJjJbFBzkxKq7o7iw 5GGdE4d+OFW7V3c/dzGjqEi0RTudbQEHLVLT54h+FN+TTwtavBgsyVHYy62VPiJAQGIe 3mxgR0rsTb8cGDSZ92MLI3fG/gwA33elLteMgTEx64ChMAalnTFY52E/PMo3qq8J/0l8 16KQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:cc:reply-to:list-subscribe:list-help:list-post :list-archive:list-unsubscribe:list-id:precedence:subject:user-agent :mime-version:message-id:references:auto-submitted:to:date:from :dkim-signature:dkim-signature:dkim-signature; bh=mym5Thw7aStAIbVe7mgdsiNFRx7Ddpr+Bq9lMxQ9+Ac=; fh=lm0MLPW7DntlrDqRECIiC9JlE1uPxhepE0URYHIf+eE=; b=lEC6L3YpEFQ7vrb1NCWGPZQU/UoxyLJoWj1thqkE7WmeTWwIe7LFVBt03ifP6n211D FOjt0plVgUiVWRi/q9KYaxS46uFjeJA3a8DVCw1HcaDkyroVNoRX+OBxt+5gP8pTqWjK OPiXcZ+YDsJ2rh6W2XaBTaL8BKTfy2+UsT+TM4VS5GlNT7Xmj7/vQOeVYrVHohLFw1G9 2SA/5SkZf54f1jt8hrHbSDdNo2QDTCuUSTAwsHZFKXs4f8DH9aL0qkasJOJD9DVrlWAS TdWMhFrYNVmg7fXi2N6DNEUdEgVLMBu8LQvhWhWgjEjswI3J8lqbRRaXZtgxdmPmaLGw smaw==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=IyYp4RgE; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=IqnuqpBB; dkim=neutral (body hash did not verify) header.i=@openvpn.net header.s=google header.b=HwuBERNU; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id n32-20020a056a000d6000b006e8f9fc3c54si4098819pfv.95.2024.03.24.18.07.13 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 24 Mar 2024 18:07:13 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=IyYp4RgE; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=IqnuqpBB; dkim=neutral (body hash did not verify) header.i=@openvpn.net header.s=google header.b=HwuBERNU; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1roYmw-0000r0-IV; Mon, 25 Mar 2024 01:06:10 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1roYmv-0000qr-Ed for openvpn-devel@lists.sourceforge.net; Mon, 25 Mar 2024 01:06:09 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Type:Content-Transfer-Encoding:MIME-Version :Message-ID:Reply-To:References:Subject:List-Unsubscribe:List-Id:Cc:To:Date: From:Sender:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help: List-Subscribe:List-Post:List-Owner:List-Archive; bh=qGc6uaC/33etVlmcxyqOWJcTexV5oajRVf+B0KwNI2s=; b=IyYp4RgEQhl8dbLq2sFZ9y1VVQ WGpycXMTY6m+/JNLoe81vjMDy59iLcJlZz7e/NF3JA1bcLr9Zhzqrx1pQ3neUnQLMMfquzUx6DP3/ tN6x2oVI5VeAFUDJCHdXCZHpY1m1XCE2BlWtjLVh4DUWm9M9Z5rVfjifUorovqGFamHc=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Type:Content-Transfer-Encoding:MIME-Version:Message-ID:Reply-To: References:Subject:List-Unsubscribe:List-Id:Cc:To:Date:From:Sender:Content-ID :Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To: Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help:List-Subscribe:List-Post: List-Owner:List-Archive; bh=qGc6uaC/33etVlmcxyqOWJcTexV5oajRVf+B0KwNI2s=; b=I qnuqpBBBYtU5eI5xrHtuLxdla6lxtDHvopE1ll3VTzPQfOE2V71+nYHva/9y2be6zadvR23W878qs axfYyVFZAfZehZZst5UEL5Wswgpot44+N+jOoRqBX0ZCaEBjizWoobA/hK99p3xIvQEAdEC3Qhn/4 GGjtIt2uv7oHl0x0=; Received: from mail-wm1-f53.google.com ([209.85.128.53]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95) id 1roYmo-0002a4-0x for openvpn-devel@lists.sourceforge.net; Mon, 25 Mar 2024 01:06:08 +0000 Received: by mail-wm1-f53.google.com with SMTP id 5b1f17b1804b1-41489e975d6so1336175e9.0 for ; Sun, 24 Mar 2024 18:06:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=openvpn.net; s=google; t=1711328750; x=1711933550; darn=lists.sourceforge.net; h=user-agent:content-disposition:content-transfer-encoding :mime-version:message-id:reply-to:references:subject :list-unsubscribe:list-id:auto-submitted:cc:to:date:from:from:to:cc :subject:date:message-id:reply-to; bh=qGc6uaC/33etVlmcxyqOWJcTexV5oajRVf+B0KwNI2s=; b=HwuBERNUzELxBJmSyqg51KMhXsiXFmqLw7rrlIpGEwHmRzIDWxazKGLmU5JAzgKKrZ IY+7OZ0DLYHoPTKBucBw15z6Pubn5QwYIzmXxxMnfF9sD/l5VFKcOkUY6bZgIdzJeuPU CQZM7otgKOhl6o11TioYr/cRKEzGjoeVQbG8nf8wND2RhV+bZaFN6jOUBS7PwSV6KLf+ ziU2tm578jetEu+VTb5OfBmr1h6UXr7zv/CZuIXNsMcVsegMgYiXRf6+BKn0kcHzR2Nn P923xW9kp5LggZssbfEuO2vUcg1zfb1UdRmP25mDc0RgbWY1wB5uUdmqY0TlMeqaV63I r0Dg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1711328750; x=1711933550; h=user-agent:content-disposition:content-transfer-encoding :mime-version:message-id:reply-to:references:subject :list-unsubscribe:list-id:auto-submitted:cc:to:date:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=qGc6uaC/33etVlmcxyqOWJcTexV5oajRVf+B0KwNI2s=; b=mRfA5/ls05qROoYFilS3KYCka4T2hvW42SwDP3yPv9r5ov46yMmOXF63LcOWPxa0++ SLQa8lE7FC6zyvNZQ/ConEk1GDOU7iIhzoMM5ShRjkEDhRBSCMblSNyme/ljTdjGmsZZ C3veK+BXLzyqd/PaqmRP/Qxz0qe4Z1Sh97JkQ9WtbFewjlft6UZxg3PfVhA8JREGTuA7 JaIkDskJQAvuXqarLzg/GSbNnAW19pIaanpROHHi/mUaLGUz4CDE8Ok4XVwVqXxHUUMB Tnk1oqJSzZXlPXjXsVy0lBUzWNLYq853d249RZ+69wiiPc5bAkQmxu/k9nGhZVrldgzU LXMw== X-Gm-Message-State: AOJu0YwEFknaT646KGlnNPq0IfUsRcHqG5/88UIiMKAEAxcNIJh8UCTG BoOJlopd09hs7k9uHGdEt+2ac3YpbSWpsBYV3tsYpugH9DFHQulAbTmaIAEYjwtx9OZ4MjBc0vP 5 X-Received: by 2002:a05:600c:2201:b0:414:71b2:73c4 with SMTP id z1-20020a05600c220100b0041471b273c4mr4494700wml.12.1711328749564; Sun, 24 Mar 2024 18:05:49 -0700 (PDT) Received: from gerrit.openvpn.in (ec2-18-159-0-78.eu-central-1.compute.amazonaws.com. [18.159.0.78]) by smtp.gmail.com with ESMTPSA id a13-20020a05600c348d00b004148865bec7sm2825427wmq.0.2024.03.24.18.05.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 24 Mar 2024 18:05:48 -0700 (PDT) From: "plaisthos (Code Review)" X-Google-Original-From: "plaisthos (Code Review)" X-Gerrit-PatchSet: 1 Date: Mon, 25 Mar 2024 01:05:48 +0000 To: flichtenheld Auto-Submitted: auto-generated X-Gerrit-MessageType: newchange X-Gerrit-Change-Id: I07096977e3b562bcb5d2c6f11673a4175b8e12ac X-Gerrit-Change-Number: 547 X-Gerrit-Project: openvpn X-Gerrit-ChangeURL: X-Gerrit-Commit: 7370194dc6e9d3f13dca37814b19dcd16cce2ced References: Message-ID: <8c1f02eef9d9bc94e502d8afb16d43ce8d9331a5-HTML@gerrit.openvpn.net> MIME-Version: 1.0 User-Agent: Gerrit/3.8.2 X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Attention is currently required from: flichtenheld. Hello flichtenheld, I'd like you to do a code review. Please visit Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.128.53 listed in wl.mailspike.net] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.128.53 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 WEIRD_PORT URI: Uses non-standard port number for HTTP 0.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 0.0 T_KAM_HTML_FONT_INVALID Test for Invalidly Named or Formatted Colors in HTML X-Headers-End: 1roYmo-0002a4-0x Subject: [Openvpn-devel] [L] Change in openvpn[master]: Remove openvpn_snprintf and similar functions X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: arne-openvpn@rfc2549.org, openvpn-devel@lists.sourceforge.net, frank@lichtenheld.com Cc: openvpn-devel Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1794458343377770757?= X-GMAIL-MSGID: =?utf-8?q?1794458343377770757?= X-getmail-filter-classifier: gerrit message type newchange Attention is currently required from: flichtenheld. Hello flichtenheld, I'd like you to do a code review. Please visit http://gerrit.openvpn.net/c/openvpn/+/547?usp=email to review the following change. Change subject: Remove openvpn_snprintf and similar functions ...................................................................... Remove openvpn_snprintf and similar functions Old Microsoft versions did strange behaviour but according to the newly added unit test and https://stackoverflow.com/questions/7706936/is-snprintf-always-null-terminating this is now standard conforming and we can use the normal snprintf method. Microsoft own documentation to swprintf also says you nowadays need to define _CRT_NON_CONFORMING_SWPRINTFS to get to non-standard behaviour. Change-Id: I07096977e3b562bcb5d2c6f11673a4175b8e12ac --- M src/openvpn/buffer.c M src/openvpn/buffer.h M src/openvpn/crypto.c M src/openvpn/crypto_mbedtls.c M src/openvpn/dns.c M src/openvpn/env_set.c M src/openvpn/error.c M src/openvpn/init.c M src/openvpn/manage.c M src/openvpn/options.c M src/openvpn/pkcs11.c M src/openvpn/platform.c M src/openvpn/plugin.c M src/openvpn/pool.c M src/openvpn/proxy.c M src/openvpn/ps.c M src/openvpn/route.c M src/openvpn/run_command.h M src/openvpn/socket.c M src/openvpn/socks.c M src/openvpn/ssl_mbedtls.c M src/openvpn/ssl_ncp.c M src/openvpn/ssl_openssl.c M src/openvpn/ssl_verify.c M src/openvpn/ssl_verify_mbedtls.c M src/openvpn/ssl_verify_openssl.c M src/openvpn/tls_crypt.c M src/openvpn/tun.c M src/openvpn/win32.c M src/openvpn/win32.h M src/openvpn/xkey_helper.c M src/openvpnserv/common.c M src/openvpnserv/interactive.c M src/openvpnserv/service.h M src/openvpnserv/validate.c M tests/unit_tests/openvpn/test_buffer.c M tests/unit_tests/openvpn/test_cryptoapi.c M tests/unit_tests/openvpn/test_pkcs11.c 38 files changed, 258 insertions(+), 331 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/47/547/1 diff --git a/src/openvpn/buffer.c b/src/openvpn/buffer.c index 66fd63f..3a8069c 100644 --- a/src/openvpn/buffer.c +++ b/src/openvpn/buffer.c @@ -279,32 +279,6 @@ return ret; } - -/* - * This is necessary due to certain buggy implementations of snprintf, - * that don't guarantee null termination for size > 0. - * - * Return false on overflow. - * - * This functionality is duplicated in src/openvpnserv/common.c - * Any modifications here should be done to the other place as well. - */ - -bool -openvpn_snprintf(char *str, size_t size, const char *format, ...) -{ - va_list arglist; - int len = -1; - if (size > 0) - { - va_start(arglist, format); - len = vsnprintf(str, size, format, arglist); - va_end(arglist); - str[size - 1] = 0; - } - return (len >= 0 && len < size); -} - /* * write a string to the end of a buffer that was * truncated by buf_printf diff --git a/src/openvpn/buffer.h b/src/openvpn/buffer.h index 7c2f75a..27c3199 100644 --- a/src/openvpn/buffer.h +++ b/src/openvpn/buffer.h @@ -448,19 +448,6 @@ */ bool buf_puts(struct buffer *buf, const char *str); -/* - * Like snprintf but guarantees null termination for size > 0 - */ -bool openvpn_snprintf(char *str, size_t size, const char *format, ...) -#ifdef __GNUC__ -#if __USE_MINGW_ANSI_STDIO -__attribute__ ((format(gnu_printf, 3, 4))) -#else -__attribute__ ((format(__printf__, 3, 4))) -#endif -#endif -; - /* * remove/add trailing characters diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c index 5d05cc4..207f145 100644 --- a/src/openvpn/crypto.c +++ b/src/openvpn/crypto.c @@ -874,11 +874,11 @@ key_direction_state_init(&kds, key_direction); - openvpn_snprintf(log_prefix, sizeof(log_prefix), "Outgoing %s", name); + snprintf(log_prefix, sizeof(log_prefix), "Outgoing %s", name); init_key_ctx(&ctx->encrypt, &key2->keys[kds.out_key], kt, OPENVPN_OP_ENCRYPT, log_prefix); - openvpn_snprintf(log_prefix, sizeof(log_prefix), "Incoming %s", name); + snprintf(log_prefix, sizeof(log_prefix), "Incoming %s", name); init_key_ctx(&ctx->decrypt, &key2->keys[kds.in_key], kt, OPENVPN_OP_DECRYPT, log_prefix); diff --git a/src/openvpn/crypto_mbedtls.c b/src/openvpn/crypto_mbedtls.c index 1a39752..c806719 100644 --- a/src/openvpn/crypto_mbedtls.c +++ b/src/openvpn/crypto_mbedtls.c @@ -128,7 +128,7 @@ { char prefix[256]; - if (!openvpn_snprintf(prefix, sizeof(prefix), "%s:%d", func, line)) + if (!snprintf(prefix, sizeof(prefix), "%s:%d", func, line)) { return mbed_log_err(flags, errval, func); } @@ -239,11 +239,11 @@ char header[1000+1] = { 0 }; char footer[1000+1] = { 0 }; - if (!openvpn_snprintf(header, sizeof(header), "-----BEGIN %s-----\n", name)) + if (!snprintf(header, sizeof(header), "-----BEGIN %s-----\n", name)) { return false; } - if (!openvpn_snprintf(footer, sizeof(footer), "-----END %s-----\n", name)) + if (!snprintf(footer, sizeof(footer), "-----END %s-----\n", name)) { return false; } @@ -278,11 +278,11 @@ char header[1000+1] = { 0 }; char footer[1000+1] = { 0 }; - if (!openvpn_snprintf(header, sizeof(header), "-----BEGIN %s-----", name)) + if (!snprintf(header, sizeof(header), "-----BEGIN %s-----", name)) { return false; } - if (!openvpn_snprintf(footer, sizeof(footer), "-----END %s-----", name)) + if (!snprintf(footer, sizeof(footer), "-----END %s-----", name)) { return false; } diff --git a/src/openvpn/dns.c b/src/openvpn/dns.c index 7de3991..0539ca5 100644 --- a/src/openvpn/dns.c +++ b/src/openvpn/dns.c @@ -349,11 +349,11 @@ if (j < 0) { - name_ok = openvpn_snprintf(name, sizeof(name), format, i); + name_ok = snprintf(name, sizeof(name), format, i); } else { - name_ok = openvpn_snprintf(name, sizeof(name), format, i, j); + name_ok = snprintf(name, sizeof(name), format, i, j); } if (!name_ok) diff --git a/src/openvpn/env_set.c b/src/openvpn/env_set.c index b13d01e..81ab59e 100644 --- a/src/openvpn/env_set.c +++ b/src/openvpn/env_set.c @@ -259,7 +259,7 @@ setenv_counter(struct env_set *es, const char *name, counter_type value) { char buf[64]; - openvpn_snprintf(buf, sizeof(buf), counter_format, value); + snprintf(buf, sizeof(buf), counter_format, value); setenv_str(es, name, buf); } @@ -267,7 +267,7 @@ setenv_int(struct env_set *es, const char *name, int value) { char buf[64]; - openvpn_snprintf(buf, sizeof(buf), "%d", value); + snprintf(buf, sizeof(buf), "%d", value); setenv_str(es, name, buf); } @@ -275,7 +275,7 @@ setenv_long_long(struct env_set *es, const char *name, long long value) { char buf[64]; - openvpn_snprintf(buf, sizeof(buf), "%" PRIi64, (int64_t)value); + snprintf(buf, sizeof(buf), "%" PRIi64, (int64_t)value); setenv_str(es, name, buf); } @@ -310,7 +310,7 @@ strcpy(tmpname, name); while (NULL != env_set_get(es, tmpname) && counter < 1000) { - ASSERT(openvpn_snprintf(tmpname, tmpname_len, "%s_%u", name, counter)); + ASSERT(snprintf(tmpname, tmpname_len, "%s_%u", name, counter)); counter++; } if (counter < 1000) diff --git a/src/openvpn/error.c b/src/openvpn/error.c index 245a2d5..ec65d5e 100644 --- a/src/openvpn/error.c +++ b/src/openvpn/error.c @@ -274,14 +274,14 @@ if ((flags & M_ERRNO) && e) { - openvpn_snprintf(m2, ERR_BUF_SIZE, "%s: %s (errno=%d)", - m1, openvpn_strerror(e, crt_error, &gc), e); + snprintf(m2, ERR_BUF_SIZE, "%s: %s (errno=%d)", + m1, openvpn_strerror(e, crt_error, &gc), e); SWAP; } if (flags & M_OPTERR) { - openvpn_snprintf(m2, ERR_BUF_SIZE, "Options error: %s", m1); + snprintf(m2, ERR_BUF_SIZE, "Options error: %s", m1); SWAP; } @@ -321,10 +321,10 @@ const struct virtual_output *vo = msg_get_virtual_output(); if (vo) { - openvpn_snprintf(m2, ERR_BUF_SIZE, "%s%s%s", - prefix, - prefix_sep, - m1); + snprintf(m2, ERR_BUF_SIZE, "%s%s%s", + prefix, + prefix_sep, + m1); virtual_output_print(vo, flags, m2); } } diff --git a/src/openvpn/init.c b/src/openvpn/init.c index f2ce926..bce2e09 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -359,7 +359,7 @@ char *out = malloc(len); check_malloc_return(out); - openvpn_snprintf(out, len, "%s,%s,%s,%s", ce->remote, ce->remote_port, proto, status); + snprintf(out, len, "%s,%s,%s,%s", ce->remote, ce->remote_port, proto, status); *remote = out; } else diff --git a/src/openvpn/manage.c b/src/openvpn/manage.c index 43c5507..89591ea 100644 --- a/src/openvpn/manage.c +++ b/src/openvpn/manage.c @@ -515,8 +515,8 @@ char out[32]; /* do in a roundabout way to work around possible mingw or mingw-glibc bug */ - openvpn_snprintf(in, sizeof(in), counter_format, man->persist.bytes_in + dco_read_bytes); - openvpn_snprintf(out, sizeof(out), counter_format, man->persist.bytes_out + dco_write_bytes); + snprintf(in, sizeof(in), counter_format, man->persist.bytes_in + dco_read_bytes); + snprintf(out, sizeof(out), counter_format, man->persist.bytes_out + dco_write_bytes); msg(M_CLIENT, ">BYTECOUNT:%s,%s", in, out); } @@ -528,8 +528,8 @@ char in[32]; char out[32]; /* do in a roundabout way to work around possible mingw or mingw-glibc bug */ - openvpn_snprintf(in, sizeof(in), counter_format, *bytes_in_total); - openvpn_snprintf(out, sizeof(out), counter_format, *bytes_out_total); + snprintf(in, sizeof(in), counter_format, *bytes_in_total); + snprintf(out, sizeof(out), counter_format, *bytes_out_total); msg(M_CLIENT, ">BYTECOUNT_CLI:%lu,%s,%s", mdac->cid, in, out); mdac->bytecount_last_update = now; } diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 768332d..a9a44ba 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -1427,7 +1427,7 @@ for (int i = 1; i <= opt_max; ++i) { char name[32]; - openvpn_snprintf(name, sizeof(name), "foreign_option_%d", i); + snprintf(name, sizeof(name), "foreign_option_%d", i); const char *env_str = env_set_get(es, name); const char *value = strchr(env_str, '=') + 1; @@ -1482,7 +1482,7 @@ while (o->foreign_option_index < opt_max) { char name[32]; - openvpn_snprintf(name, sizeof(name), "foreign_option_%d", opt_max--); + snprintf(name, sizeof(name), "foreign_option_%d", opt_max--); setenv_del(es, name); } } @@ -5671,8 +5671,8 @@ #ifndef ENABLE_SMALL { char script_name[100]; - openvpn_snprintf(script_name, sizeof(script_name), - "--%s script", type); + snprintf(script_name, sizeof(script_name), + "--%s script", type); if (check_cmd_access(*script, script_name, (in_chroot ? options->chroot_dir : NULL))) { diff --git a/src/openvpn/pkcs11.c b/src/openvpn/pkcs11.c index 35a02c2..418f6bb 100644 --- a/src/openvpn/pkcs11.c +++ b/src/openvpn/pkcs11.c @@ -201,7 +201,7 @@ CLEAR(token_resp); token_resp.defined = false; token_resp.nocache = true; - openvpn_snprintf( + snprintf( token_resp.username, sizeof(token_resp.username), "Please insert %s token", @@ -245,7 +245,7 @@ ASSERT(token!=NULL); - openvpn_snprintf(prompt, sizeof(prompt), "%s token", token->label); + snprintf(prompt, sizeof(prompt), "%s token", token->label); token_pass.defined = false; token_pass.nocache = true; @@ -719,7 +719,7 @@ id_resp.defined = false; id_resp.nocache = true; - openvpn_snprintf( + snprintf( id_resp.username, sizeof(id_resp.username), "Please specify PKCS#11 id to use" diff --git a/src/openvpn/platform.c b/src/openvpn/platform.c index 9853dac..3d9d59e 100644 --- a/src/openvpn/platform.c +++ b/src/openvpn/platform.c @@ -564,9 +564,9 @@ { ++attempts; - if (!openvpn_snprintf(fname, sizeof(fname), fname_fmt, max_prefix_len, - prefix, (unsigned long) get_random(), - (unsigned long) get_random())) + if (!snprintf(fname, sizeof(fname), fname_fmt, max_prefix_len, + prefix, (unsigned long) get_random(), + (unsigned long) get_random())) { msg(M_WARN, "ERROR: temporary filename too long"); return NULL; diff --git a/src/openvpn/plugin.c b/src/openvpn/plugin.c index 2ad459c..944ce94 100644 --- a/src/openvpn/plugin.c +++ b/src/openvpn/plugin.c @@ -260,7 +260,7 @@ { char full[PATH_MAX]; - openvpn_snprintf(full, sizeof(full), "%s/%s", PLUGIN_LIBDIR, p->so_pathname); + snprintf(full, sizeof(full), "%s/%s", PLUGIN_LIBDIR, p->so_pathname); p->handle = dlopen(full, RTLD_NOW); } else @@ -409,7 +409,7 @@ gc_init(&gc); msg_fmt = gc_malloc(ERR_BUF_SIZE, false, &gc); - openvpn_snprintf(msg_fmt, ERR_BUF_SIZE, "PLUGIN %s: %s", name, format); + snprintf(msg_fmt, ERR_BUF_SIZE, "PLUGIN %s: %s", name, format); x_msg_va(msg_flags, msg_fmt, arglist); gc_free(&gc); diff --git a/src/openvpn/pool.c b/src/openvpn/pool.c index f706c1a..e3c3708 100644 --- a/src/openvpn/pool.c +++ b/src/openvpn/pool.c @@ -766,7 +766,7 @@ ifconfig_pool_handle h; in_addr_t local, remote; char buf[256]; - openvpn_snprintf(buf, sizeof(buf), "common-name-%d", i); + snprintf(buf, sizeof(buf), "common-name-%d", i); #ifdef DUP_CN cn = NULL; #else diff --git a/src/openvpn/proxy.c b/src/openvpn/proxy.c index c904301..8fd4744 100644 --- a/src/openvpn/proxy.c +++ b/src/openvpn/proxy.c @@ -582,9 +582,9 @@ { if (p->options.custom_headers[i].content) { - openvpn_snprintf(buf, sizeof(buf), "%s: %s", - p->options.custom_headers[i].name, - p->options.custom_headers[i].content); + snprintf(buf, sizeof(buf), "%s: %s", + p->options.custom_headers[i].name, + p->options.custom_headers[i].content); if (!strcasecmp(p->options.custom_headers[i].name, "Host")) { host_header_sent = true; @@ -592,8 +592,8 @@ } else { - openvpn_snprintf(buf, sizeof(buf), "%s", - p->options.custom_headers[i].name); + snprintf(buf, sizeof(buf), "%s", + p->options.custom_headers[i].name); if (!strncasecmp(p->options.custom_headers[i].name, "Host:", 5)) { host_header_sent = true; @@ -609,7 +609,7 @@ if (!host_header_sent) { - openvpn_snprintf(buf, sizeof(buf), "Host: %s", host); + snprintf(buf, sizeof(buf), "Host: %s", host); msg(D_PROXY, "Send to HTTP proxy: '%s'", buf); if (!send_line_crlf(sd, buf)) { @@ -620,8 +620,8 @@ /* send User-Agent string if provided */ if (p->options.user_agent) { - openvpn_snprintf(buf, sizeof(buf), "User-Agent: %s", - p->options.user_agent); + snprintf(buf, sizeof(buf), "User-Agent: %s", + p->options.user_agent); msg(D_PROXY, "Send to HTTP proxy: '%s'", buf); if (!send_line_crlf(sd, buf)) { @@ -667,10 +667,10 @@ else { /* format HTTP CONNECT message */ - openvpn_snprintf(buf, sizeof(buf), "CONNECT %s:%s HTTP/%s", - host, - port, - p->options.http_version); + snprintf(buf, sizeof(buf), "CONNECT %s:%s HTTP/%s", + host, + port, + p->options.http_version); msg(D_PROXY, "Send to HTTP proxy: '%s'", buf); @@ -692,8 +692,8 @@ break; case HTTP_AUTH_BASIC: - openvpn_snprintf(buf, sizeof(buf), "Proxy-Authorization: Basic %s", - username_password_as_base64(p, &gc)); + snprintf(buf, sizeof(buf), "Proxy-Authorization: Basic %s", + username_password_as_base64(p, &gc)); msg(D_PROXY, "Attempting Basic Proxy-Authorization"); dmsg(D_SHOW_KEYS, "Send to HTTP proxy: '%s'", buf); if (!send_line_crlf(sd, buf)) @@ -705,14 +705,14 @@ #if NTLM case HTTP_AUTH_NTLM2: /* keep-alive connection */ - openvpn_snprintf(buf, sizeof(buf), "Proxy-Connection: Keep-Alive"); + snprintf(buf, sizeof(buf), "Proxy-Connection: Keep-Alive"); if (!send_line_crlf(sd, buf)) { goto error; } - openvpn_snprintf(buf, sizeof(buf), "Proxy-Authorization: NTLM %s", - ntlm_phase_1(p, &gc)); + snprintf(buf, sizeof(buf), "Proxy-Authorization: NTLM %s", + ntlm_phase_1(p, &gc)); msg(D_PROXY, "Attempting NTLM Proxy-Authorization phase 1"); dmsg(D_SHOW_KEYS, "Send to HTTP proxy: '%s'", buf); if (!send_line_crlf(sd, buf)) @@ -773,7 +773,7 @@ char get[80]; CLEAR(buf2); - openvpn_snprintf(get, sizeof(get), "%%*s NTLM %%%zus", sizeof(buf2) - 1); + snprintf(get, sizeof(get), "%%*s NTLM %%%zus", sizeof(buf2) - 1); nparms = sscanf(buf, get, buf2); /* check for "Proxy-Authenticate: NTLM TlRM..." */ @@ -795,10 +795,10 @@ /* now send the phase 3 reply */ /* format HTTP CONNECT message */ - openvpn_snprintf(buf, sizeof(buf), "CONNECT %s:%s HTTP/%s", - host, - port, - p->options.http_version); + snprintf(buf, sizeof(buf), "CONNECT %s:%s HTTP/%s", + host, + port, + p->options.http_version); msg(D_PROXY, "Send to HTTP proxy: '%s'", buf); @@ -809,7 +809,7 @@ } /* keep-alive connection */ - openvpn_snprintf(buf, sizeof(buf), "Proxy-Connection: Keep-Alive"); + snprintf(buf, sizeof(buf), "Proxy-Connection: Keep-Alive"); if (!send_line_crlf(sd, buf)) { goto error; @@ -829,7 +829,7 @@ msg(D_PROXY, "NTLM Proxy-Authorization phase 3 failed: received corrupted data from proxy server"); goto error; } - openvpn_snprintf(buf, sizeof(buf), "Proxy-Authorization: NTLM %s", np3); + snprintf(buf, sizeof(buf), "Proxy-Authorization: NTLM %s", np3); } msg(D_PROXY, "Send to HTTP proxy: '%s'", buf); @@ -899,15 +899,15 @@ /* build the digest response */ - openvpn_snprintf(uri, sizeof(uri), "%s:%s", - host, - port); + snprintf(uri, sizeof(uri), "%s:%s", + host, + port); if (opaque) { const int len = strlen(opaque)+16; opaque_kv = gc_malloc(len, false, &gc); - openvpn_snprintf(opaque_kv, len, ", opaque=\"%s\"", opaque); + snprintf(opaque_kv, len, ", opaque=\"%s\"", opaque); } DigestCalcHA1(algor, @@ -928,10 +928,10 @@ response); /* format HTTP CONNECT message */ - openvpn_snprintf(buf, sizeof(buf), "%s %s HTTP/%s", - http_method, - uri, - p->options.http_version); + snprintf(buf, sizeof(buf), "%s %s HTTP/%s", + http_method, + uri, + p->options.http_version); msg(D_PROXY, "Send to HTTP proxy: '%s'", buf); @@ -948,17 +948,17 @@ } /* send digest response */ - openvpn_snprintf(buf, sizeof(buf), "Proxy-Authorization: Digest username=\"%s\", realm=\"%s\", nonce=\"%s\", uri=\"%s\", qop=%s, nc=%s, cnonce=\"%s\", response=\"%s\"%s", - username, - realm, - nonce, - uri, - qop, - nonce_count, - cnonce, - response, - opaque_kv - ); + snprintf(buf, sizeof(buf), "Proxy-Authorization: Digest username=\"%s\", realm=\"%s\", nonce=\"%s\", uri=\"%s\", qop=%s, nc=%s, cnonce=\"%s\", response=\"%s\"%s", + username, + realm, + nonce, + uri, + qop, + nonce_count, + cnonce, + response, + opaque_kv + ); msg(D_PROXY, "Send to HTTP proxy: '%s'", buf); if (!send_line_crlf(sd, buf)) { diff --git a/src/openvpn/ps.c b/src/openvpn/ps.c index 7d9f9b5..4ca3a12 100644 --- a/src/openvpn/ps.c +++ b/src/openvpn/ps.c @@ -354,7 +354,7 @@ fnlen = strlen(journal_dir) + strlen(t) + 2; jfn = (char *) malloc(fnlen); check_malloc_return(jfn); - openvpn_snprintf(jfn, fnlen, "%s/%s", journal_dir, t); + snprintf(jfn, fnlen, "%s/%s", journal_dir, t); dmsg(D_PS_PROXY_DEBUG, "PORT SHARE PROXY: client origin %s -> %s", jfn, f); fd = platform_open(jfn, O_CREAT | O_TRUNC | O_WRONLY, S_IRUSR | S_IWUSR | S_IRGRP); if (fd != -1) diff --git a/src/openvpn/route.c b/src/openvpn/route.c index 909d6d2..68bbcfd 100644 --- a/src/openvpn/route.c +++ b/src/openvpn/route.c @@ -1621,11 +1621,11 @@ if (rgi) { - openvpn_snprintf(out, sizeof(out), "%s %s %s dev %s", network, netmask, gateway, rgi->iface); + snprintf(out, sizeof(out), "%s %s %s dev %s", network, netmask, gateway, rgi->iface); } else { - openvpn_snprintf(out, sizeof(out), "%s %s %s", network, netmask, gateway); + snprintf(out, sizeof(out), "%s %s %s", network, netmask, gateway); } bool ret = management_android_control(management, "ROUTE", out); status = ret ? RTA_SUCCESS : RTA_ERROR; @@ -2000,7 +2000,7 @@ #elif defined (TARGET_ANDROID) char out[64]; - openvpn_snprintf(out, sizeof(out), "%s/%d %s", network, r6->netbits, device); + snprintf(out, sizeof(out), "%s/%d %s", network, r6->netbits, device); status = management_android_control(management, "ROUTE6", out); diff --git a/src/openvpn/run_command.h b/src/openvpn/run_command.h index 52ab115..ccad307 100644 --- a/src/openvpn/run_command.h +++ b/src/openvpn/run_command.h @@ -66,8 +66,8 @@ { char msg[256]; - openvpn_snprintf(msg, sizeof(msg), - "WARNING: Failed running command (%s)", hook); + snprintf(msg, sizeof(msg), + "WARNING: Failed running command (%s)", hook); return openvpn_execve_check(a, es, flags | S_SCRIPT, msg); } diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c index 57eaee2..817a37f 100644 --- a/src/openvpn/socket.c +++ b/src/openvpn/socket.c @@ -2982,11 +2982,11 @@ case AF_INET: if (flags & SA_IP_PORT) { - openvpn_snprintf(name_buf, sizeof(name_buf), "%s_ip", name_prefix); + snprintf(name_buf, sizeof(name_buf), "%s_ip", name_prefix); } else { - openvpn_snprintf(name_buf, sizeof(name_buf), "%s", name_prefix); + snprintf(name_buf, sizeof(name_buf), "%s", name_prefix); } inet_ntop(AF_INET, &addr->addr.in4.sin_addr, buf, sizeof(buf)); @@ -2994,7 +2994,7 @@ if ((flags & SA_IP_PORT) && addr->addr.in4.sin_port) { - openvpn_snprintf(name_buf, sizeof(name_buf), "%s_port", name_prefix); + snprintf(name_buf, sizeof(name_buf), "%s_port", name_prefix); setenv_int(es, name_buf, ntohs(addr->addr.in4.sin_port)); } break; @@ -3005,19 +3005,19 @@ struct in_addr ia; memcpy(&ia.s_addr, &addr->addr.in6.sin6_addr.s6_addr[12], sizeof(ia.s_addr)); - openvpn_snprintf(name_buf, sizeof(name_buf), "%s_ip", name_prefix); + snprintf(name_buf, sizeof(name_buf), "%s_ip", name_prefix); inet_ntop(AF_INET, &ia, buf, sizeof(buf)); } else { - openvpn_snprintf(name_buf, sizeof(name_buf), "%s_ip6", name_prefix); + snprintf(name_buf, sizeof(name_buf), "%s_ip6", name_prefix); inet_ntop(AF_INET6, &addr->addr.in6.sin6_addr, buf, sizeof(buf)); } setenv_str(es, name_buf, buf); if ((flags & SA_IP_PORT) && addr->addr.in6.sin6_port) { - openvpn_snprintf(name_buf, sizeof(name_buf), "%s_port", name_prefix); + snprintf(name_buf, sizeof(name_buf), "%s_port", name_prefix); setenv_int(es, name_buf, ntohs(addr->addr.in6.sin6_port)); } break; diff --git a/src/openvpn/socks.c b/src/openvpn/socks.c index d842666..2cbe8a4 100644 --- a/src/openvpn/socks.c +++ b/src/openvpn/socks.c @@ -109,8 +109,8 @@ "Authentication not possible."); goto cleanup; } - openvpn_snprintf(to_send, sizeof(to_send), "\x01%c%s%c%s", (int) strlen(creds.username), - creds.username, (int) strlen(creds.password), creds.password); + snprintf(to_send, sizeof(to_send), "\x01%c%s%c%s", (int) strlen(creds.username), + creds.username, (int) strlen(creds.password), creds.password); size = send(sd, to_send, strlen(to_send), MSG_NOSIGNAL); if (size != strlen(to_send)) diff --git a/src/openvpn/ssl_mbedtls.c b/src/openvpn/ssl_mbedtls.c index b44ddd5..65a865e 100644 --- a/src/openvpn/ssl_mbedtls.c +++ b/src/openvpn/ssl_mbedtls.c @@ -1531,16 +1531,16 @@ char s2[256]; s1[0] = s2[0] = 0; - openvpn_snprintf(s1, sizeof(s1), "%s %s, cipher %s", - prefix, - mbedtls_ssl_get_version(ks_ssl->ctx), - mbedtls_ssl_get_ciphersuite(ks_ssl->ctx)); + snprintf(s1, sizeof(s1), "%s %s, cipher %s", + prefix, + mbedtls_ssl_get_version(ks_ssl->ctx), + mbedtls_ssl_get_ciphersuite(ks_ssl->ctx)); cert = mbedtls_ssl_get_peer_cert(ks_ssl->ctx); if (cert != NULL) { - openvpn_snprintf(s2, sizeof(s2), ", %u bit key", - (unsigned int) mbedtls_pk_get_bitlen(&cert->pk)); + snprintf(s2, sizeof(s2), ", %u bit key", + (unsigned int) mbedtls_pk_get_bitlen(&cert->pk)); } msg(D_HANDSHAKE, "%s%s", s1, s2); diff --git a/src/openvpn/ssl_ncp.c b/src/openvpn/ssl_ncp.c index 73ec9f5..968858e 100644 --- a/src/openvpn/ssl_ncp.c +++ b/src/openvpn/ssl_ncp.c @@ -198,8 +198,8 @@ size_t newlen = strlen(o->ncp_ciphers) + 1 + strlen(ciphername) + 1; char *ncp_ciphers = gc_malloc(newlen, false, &o->gc); - ASSERT(openvpn_snprintf(ncp_ciphers, newlen, "%s:%s", o->ncp_ciphers, - ciphername)); + ASSERT(snprintf(ncp_ciphers, newlen, "%s:%s", o->ncp_ciphers, + ciphername)); o->ncp_ciphers = ncp_ciphers; } diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c index 4383e98..d0df0e8 100644 --- a/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c @@ -1774,7 +1774,7 @@ if (!biofp) { char fn[256]; - openvpn_snprintf(fn, sizeof(fn), "bio/%d-%d.log", pid, biofp_toggle); + snprintf(fn, sizeof(fn), "bio/%d-%d.log", pid, biofp_toggle); biofp = fopen(fn, "w"); ASSERT(biofp); biofp_last_open = time(NULL); @@ -2116,8 +2116,8 @@ #endif /* if OPENSSL_VERSION_NUMBER < 0x30000000L */ } - openvpn_snprintf(buf, buflen, "%d bits %s%s", - EVP_PKEY_bits(pkey), type, curve); + snprintf(buf, buflen, "%d bits %s%s", + EVP_PKEY_bits(pkey), type, curve); } /** @@ -2137,12 +2137,12 @@ int signature_nid = X509_get_signature_nid(cert); if (signature_nid != 0) { - openvpn_snprintf(sig, sizeof(sig), ", signature: %s", - OBJ_nid2sn(signature_nid)); + snprintf(sig, sizeof(sig), ", signature: %s", + OBJ_nid2sn(signature_nid)); } - openvpn_snprintf(buf, buflen, ", peer certificate: %s%s", - pkeybuf, sig); + snprintf(buf, buflen, ", peer certificate: %s%s", + pkeybuf, sig); EVP_PKEY_free(pkey); } @@ -2160,8 +2160,8 @@ char pkeybuf[128] = { 0 }; print_pkey_details(pkey, pkeybuf, sizeof(pkeybuf)); - openvpn_snprintf(buf, buflen, ", peer temporary key: %s", - pkeybuf); + snprintf(buf, buflen, ", peer temporary key: %s", + pkeybuf); EVP_PKEY_free(pkey); } @@ -2237,8 +2237,8 @@ return; } - openvpn_snprintf(buf, buflen, ", peer signing digest/type: %s %s", - peer_sig, peer_sig_type); + snprintf(buf, buflen, ", peer signing digest/type: %s %s", + peer_sig, peer_sig_type); } @@ -2261,11 +2261,11 @@ s1[0] = s2[0] = s3[0] = s4[0] = 0; ciph = SSL_get_current_cipher(ks_ssl->ssl); - openvpn_snprintf(s1, sizeof(s1), "%s %s, cipher %s %s", - prefix, - SSL_get_version(ks_ssl->ssl), - SSL_CIPHER_get_version(ciph), - SSL_CIPHER_get_name(ciph)); + snprintf(s1, sizeof(s1), "%s %s, cipher %s %s", + prefix, + SSL_get_version(ks_ssl->ssl), + SSL_CIPHER_get_version(ciph), + SSL_CIPHER_get_name(ciph)); X509 *cert = SSL_get_peer_certificate(ks_ssl->ssl); if (cert) diff --git a/src/openvpn/ssl_verify.c b/src/openvpn/ssl_verify.c index c7d7799..ec7ff23 100644 --- a/src/openvpn/ssl_verify.c +++ b/src/openvpn/ssl_verify.c @@ -421,12 +421,12 @@ } /* export subject name string as environmental variable */ - openvpn_snprintf(envname, sizeof(envname), "tls_id_%d", cert_depth); + snprintf(envname, sizeof(envname), "tls_id_%d", cert_depth); setenv_str(es, envname, subject); #if 0 /* export common name string as environmental variable */ - openvpn_snprintf(envname, sizeof(envname), "tls_common_name_%d", cert_depth); + snprintf(envname, sizeof(envname), "tls_common_name_%d", cert_depth); setenv_str(es, envname, common_name); #endif @@ -435,24 +435,24 @@ struct buffer sha1 = x509_get_sha1_fingerprint(peer_cert, &gc); struct buffer sha256 = x509_get_sha256_fingerprint(peer_cert, &gc); - openvpn_snprintf(envname, sizeof(envname), "tls_digest_%d", cert_depth); + snprintf(envname, sizeof(envname), "tls_digest_%d", cert_depth); setenv_str(es, envname, format_hex_ex(BPTR(&sha1), BLEN(&sha1), 0, 1, ":", &gc)); - openvpn_snprintf(envname, sizeof(envname), "tls_digest_sha256_%d", - cert_depth); + snprintf(envname, sizeof(envname), "tls_digest_sha256_%d", + cert_depth); setenv_str(es, envname, format_hex_ex(BPTR(&sha256), BLEN(&sha256), 0, 1, ":", &gc)); } /* export serial number as environmental variable */ serial = backend_x509_get_serial(peer_cert, &gc); - openvpn_snprintf(envname, sizeof(envname), "tls_serial_%d", cert_depth); + snprintf(envname, sizeof(envname), "tls_serial_%d", cert_depth); setenv_str(es, envname, serial); /* export serial number in hex as environmental variable */ serial = backend_x509_get_serial_hex(peer_cert, &gc); - openvpn_snprintf(envname, sizeof(envname), "tls_serial_hex_%d", cert_depth); + snprintf(envname, sizeof(envname), "tls_serial_hex_%d", cert_depth); setenv_str(es, envname, serial); gc_free(&gc); @@ -569,7 +569,7 @@ goto cleanup; } - if (!openvpn_snprintf(fn, sizeof(fn), "%s%c%s", crl_dir, PATH_SEPARATOR, serial)) + if (!snprintf(fn, sizeof(fn), "%s%c%s", crl_dir, PATH_SEPARATOR, serial)) { msg(D_HANDSHAKE, "VERIFY CRL: filename overflow"); goto cleanup; @@ -938,9 +938,9 @@ if (!check_auth_pending_method(multi->peer_info, pending_method)) { char buf[128]; - openvpn_snprintf(buf, sizeof(buf), - "Authentication failed, required pending auth " - "method '%s' not supported", pending_method); + snprintf(buf, sizeof(buf), + "Authentication failed, required pending auth " + "method '%s' not supported", pending_method); auth_set_client_reason(multi, buf); msg(M_INFO, "Client does not supported auth pending method " "'%s'", pending_method); diff --git a/src/openvpn/ssl_verify_mbedtls.c b/src/openvpn/ssl_verify_mbedtls.c index a801cd3..ca14ceb 100644 --- a/src/openvpn/ssl_verify_mbedtls.c +++ b/src/openvpn/ssl_verify_mbedtls.c @@ -86,8 +86,8 @@ char *serial = backend_x509_get_serial(cert, &gc); ret = mbedtls_x509_crt_verify_info(errstr, sizeof(errstr)-1, "", *flags); - if (ret <= 0 && !openvpn_snprintf(errstr, sizeof(errstr), - "Could not retrieve error string, flags=%" PRIx32, *flags)) + if (ret <= 0 && !snprintf(errstr, sizeof(errstr), + "Could not retrieve error string, flags=%" PRIx32, *flags)) { errstr[0] = '\0'; } @@ -307,7 +307,7 @@ name_expand_size = 64 + strlen(name); name_expand = (char *) malloc(name_expand_size); check_malloc_return(name_expand); - openvpn_snprintf(name_expand, name_expand_size, "X509_%d_%s", depth, name); + snprintf(name_expand, name_expand_size, "X509_%d_%s", depth, name); setenv_str(es, name_expand, value); free(name_expand); } @@ -431,13 +431,13 @@ if (0 == mbedtls_oid_get_attr_short_name(&name->oid, &shortname) ) { - openvpn_snprintf(name_expand, sizeof(name_expand), "X509_%d_%s", - cert_depth, shortname); + snprintf(name_expand, sizeof(name_expand), "X509_%d_%s", + cert_depth, shortname); } else { - openvpn_snprintf(name_expand, sizeof(name_expand), "X509_%d_\?\?", - cert_depth); + snprintf(name_expand, sizeof(name_expand), "X509_%d_\?\?", + cert_depth); } for (i = 0; i < name->val.len; i++) diff --git a/src/openvpn/ssl_verify_openssl.c b/src/openvpn/ssl_verify_openssl.c index ec3a7cf..7d41d4a 100644 --- a/src/openvpn/ssl_verify_openssl.c +++ b/src/openvpn/ssl_verify_openssl.c @@ -279,7 +279,7 @@ gc_free(&gc); return FAILURE; } - openvpn_snprintf(common_name, cn_len, "0x%s", serial); + snprintf(common_name, cn_len, "0x%s", serial); gc_free(&gc); } else @@ -454,7 +454,7 @@ name_expand_size = 64 + strlen(name); name_expand = (char *) malloc(name_expand_size); check_malloc_return(name_expand); - openvpn_snprintf(name_expand, name_expand_size, "X509_%d_%s", depth, name); + snprintf(name_expand, name_expand_size, "X509_%d_%s", depth, name); setenv_str(es, name_expand, value); free(name_expand); } @@ -597,8 +597,8 @@ name_expand_size = 64 + strlen(objbuf); name_expand = (char *) malloc(name_expand_size); check_malloc_return(name_expand); - openvpn_snprintf(name_expand, name_expand_size, "X509_%d_%s", cert_depth, - objbuf); + snprintf(name_expand, name_expand_size, "X509_%d_%s", cert_depth, + objbuf); string_mod(name_expand, CC_PRINT, CC_CRLF, '_'); string_mod((char *)buf, CC_PRINT, CC_CRLF, '_'); setenv_str_incr(es, name_expand, (char *)buf); diff --git a/src/openvpn/tls_crypt.c b/src/openvpn/tls_crypt.c index 975d31f..8948938 100644 --- a/src/openvpn/tls_crypt.c +++ b/src/openvpn/tls_crypt.c @@ -574,8 +574,8 @@ } char metadata_type_str[4] = { 0 }; /* Max value: 255 */ - openvpn_snprintf(metadata_type_str, sizeof(metadata_type_str), - "%i", metadata_type); + snprintf(metadata_type_str, sizeof(metadata_type_str), + "%i", metadata_type); struct env_set *es = env_set_create(NULL); setenv_str(es, "script_type", "tls-crypt-v2-verify"); setenv_str(es, "metadata_type", metadata_type_str); diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index f550e9c..d01515d 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -1114,8 +1114,8 @@ #elif defined(TARGET_ANDROID) char out6[64]; - openvpn_snprintf(out6, sizeof(out6), "%s/%d %d", - ifconfig_ipv6_local, tt->netbits_ipv6, tun_mtu); + snprintf(out6, sizeof(out6), "%s/%d %d", + ifconfig_ipv6_local, tt->netbits_ipv6, tun_mtu); management_android_control(management, "IFCONFIG6", out6); #elif defined(TARGET_SOLARIS) argv_printf(&argv, "%s %s inet6 unplumb", IFCONFIG_PATH, ifname); @@ -1362,8 +1362,8 @@ top = "undef"; } - openvpn_snprintf(out, sizeof(out), "%s %s %d %s", ifconfig_local, - ifconfig_remote_netmask, tun_mtu, top); + snprintf(out, sizeof(out), "%s %s %d %s", ifconfig_local, + ifconfig_remote_netmask, tun_mtu, top); management_android_control(management, "IFCONFIG", out); #elif defined(TARGET_SOLARIS) @@ -1912,7 +1912,7 @@ */ if (dev_node) { - openvpn_snprintf(tunname, sizeof(tunname), "%s", dev_node); + snprintf(tunname, sizeof(tunname), "%s", dev_node); } else { @@ -1926,10 +1926,10 @@ { for (int i = 0; i < 256; ++i) { - openvpn_snprintf(tunname, sizeof(tunname), - "/dev/%s%d", dev, i); - openvpn_snprintf(dynamic_name, sizeof(dynamic_name), - "%s%d", dev, i); + snprintf(tunname, sizeof(tunname), + "/dev/%s%d", dev, i); + snprintf(dynamic_name, sizeof(dynamic_name), + "%s%d", dev, i); if ((tt->fd = open(tunname, O_RDWR)) > 0) { dynamic_opened = true; @@ -1947,7 +1947,7 @@ */ else { - openvpn_snprintf(tunname, sizeof(tunname), "/dev/%s", dev); + snprintf(tunname, sizeof(tunname), "/dev/%s", dev); } } @@ -2002,8 +2002,8 @@ { for (int i = 0; i < 256; ++i) { - openvpn_snprintf(dynamic_name, sizeof(dynamic_name), - "%s%d", dev, i); + snprintf(dynamic_name, sizeof(dynamic_name), + "%s%d", dev, i); int ret = open_tun_dco(tt, ctx, dynamic_name); if (ret == 0) { @@ -2519,7 +2519,7 @@ tt->actual_name = (char *) malloc(32); check_malloc_return(tt->actual_name); - openvpn_snprintf(tt->actual_name, 32, "%s%d", dev_tuntap_type, ppa); + snprintf(tt->actual_name, 32, "%s%d", dev_tuntap_type, ppa); if (tt->type == DEV_TYPE_TAP) { @@ -3509,7 +3509,7 @@ int i; for (i = 0; i<99; i++) { - openvpn_snprintf(tunname, sizeof(tunname), "/dev/tap%d", i); + snprintf(tunname, sizeof(tunname), "/dev/tap%d", i); if (access( tunname, F_OK ) < 0 && errno == ENOENT) { break; @@ -3520,7 +3520,7 @@ msg( M_FATAL, "cannot find unused tap device" ); } - openvpn_snprintf( dynamic_name, sizeof(dynamic_name), "tap%d", i ); + snprintf( dynamic_name, sizeof(dynamic_name), "tap%d", i ); dev = dynamic_name; } else /* name given, sanity check */ @@ -3536,7 +3536,7 @@ msg( M_FATAL, "TAP device name must be '--dev tapNNNN'" ); } - openvpn_snprintf(tunname, sizeof(tunname), "/dev/%s", dev); + snprintf(tunname, sizeof(tunname), "/dev/%s", dev); } /* pre-existing device? @@ -3956,8 +3956,8 @@ ADAPTER_KEY); } - openvpn_snprintf(unit_string, sizeof(unit_string), "%s\\%s", - ADAPTER_KEY, enum_name); + snprintf(unit_string, sizeof(unit_string), "%s\\%s", + ADAPTER_KEY, enum_name); status = RegOpenKeyEx( HKEY_LOCAL_MACHINE, @@ -4098,9 +4098,9 @@ NETWORK_CONNECTIONS_KEY); } - openvpn_snprintf(connection_string, sizeof(connection_string), - "%s\\%s\\Connection", - NETWORK_CONNECTIONS_KEY, enum_name); + snprintf(connection_string, sizeof(connection_string), + "%s\\%s\\Connection", + NETWORK_CONNECTIONS_KEY, enum_name); status = RegOpenKeyEx( HKEY_LOCAL_MACHINE, @@ -4984,7 +4984,7 @@ DWORD index; ULONG aindex; wchar_t wbuf[256]; - openvpn_swprintf(wbuf, SIZE(wbuf), L"\\DEVICE\\TCPIP_%hs", guid); + swprintf(wbuf, SIZE(wbuf), L"\\DEVICE\\TCPIP_%hs", guid); if (GetAdapterIndex(wbuf, &aindex) != NO_ERROR) { index = TUN_ADAPTER_INDEX_INVALID; @@ -5164,10 +5164,10 @@ } /* Open Windows TAP-Windows adapter */ - openvpn_snprintf(device_path, sizeof(device_path), "%s%s%s", - USERMODEDEVICEDIR, - device_guid, - TAP_WIN_SUFFIX); + snprintf(device_path, sizeof(device_path), "%s%s%s", + USERMODEDEVICEDIR, + device_guid, + TAP_WIN_SUFFIX); hand = CreateFile( device_path, @@ -5208,10 +5208,10 @@ } /* Open Windows TAP-Windows adapter */ - openvpn_snprintf(device_path, sizeof(device_path), "%s%s%s", - USERMODEDEVICEDIR, - device_guid, - TAP_WIN_SUFFIX); + snprintf(device_path, sizeof(device_path), "%s%s%s", + USERMODEDEVICEDIR, + device_guid, + TAP_WIN_SUFFIX); hand = CreateFile( device_path, @@ -6607,10 +6607,10 @@ else { /* Open TAP-Windows */ - openvpn_snprintf(tuntap_device_path, sizeof(tuntap_device_path), "%s%s%s", - USERMODEDEVICEDIR, - device_guid, - TAP_WIN_SUFFIX); + snprintf(tuntap_device_path, sizeof(tuntap_device_path), "%s%s%s", + USERMODEDEVICEDIR, + device_guid, + TAP_WIN_SUFFIX); path = tuntap_device_path; } diff --git a/src/openvpn/win32.c b/src/openvpn/win32.c index 27d82c5..98955ba 100644 --- a/src/openvpn/win32.c +++ b/src/openvpn/win32.c @@ -885,8 +885,8 @@ char force_path[256]; char *sysroot = get_win_sys_path(); - if (!openvpn_snprintf(force_path, sizeof(force_path), "PATH=%s\\System32;%s;%s\\System32\\Wbem", - sysroot, sysroot, sysroot)) + if (!snprintf(force_path, sizeof(force_path), "PATH=%s\\System32;%s;%s\\System32\\Wbem", + sysroot, sysroot, sysroot)) { msg(M_WARN, "env_block: default path truncated to %s", force_path); } @@ -1483,26 +1483,11 @@ } bool -openvpn_swprintf(wchar_t *const str, const size_t size, const wchar_t *const format, ...) -{ - va_list arglist; - int len = -1; - if (size > 0) - { - va_start(arglist, format); - len = vswprintf(str, size, format, arglist); - va_end(arglist); - str[size - 1] = L'\0'; - } - return (len >= 0 && len < size); -} - -bool get_openvpn_reg_value(const WCHAR *key, WCHAR *value, DWORD size) { WCHAR reg_path[256]; HKEY hkey; - openvpn_swprintf(reg_path, _countof(reg_path), L"SOFTWARE\\" PACKAGE_NAME); + swprintf(reg_path, _countof(reg_path), L"SOFTWARE\\" PACKAGE_NAME); LONG status = RegOpenKeyExW(HKEY_LOCAL_MACHINE, reg_path, 0, KEY_READ, &hkey); if (status != ERROR_SUCCESS) @@ -1528,7 +1513,7 @@ /* if we cannot find installation path from the registry, * use Windows directory as a fallback */ - openvpn_swprintf(install_path, _countof(install_path), L"%ls", ssl_fallback_dir); + swprintf(install_path, _countof(install_path), L"%ls", ssl_fallback_dir); } if ((install_path[wcslen(install_path) - 1]) == L'\\') @@ -1553,7 +1538,7 @@ if (size == 0) { WCHAR val[MAX_PATH] = {0}; - openvpn_swprintf(val, _countof(val), L"%ls\\ssl\\%ls", install_path, ossl_env[i].value); + swprintf(val, _countof(val), L"%ls\\ssl\\%ls", install_path, ossl_env[i].value); _wputenv_s(ossl_env[i].name, val); } } diff --git a/src/openvpn/win32.h b/src/openvpn/win32.h index 974fe02d..fd75992 100644 --- a/src/openvpn/win32.h +++ b/src/openvpn/win32.h @@ -319,14 +319,6 @@ int openvpn_execve(const struct argv *a, const struct env_set *es, const unsigned int flags); -/* - * openvpn_swprintf() is currently only used by Windows code paths - * and when enabled for all platforms it will currently break older - * OpenBSD versions lacking vswprintf(3) support in their libc. - */ -bool -openvpn_swprintf(wchar_t *const str, const size_t size, const wchar_t *const format, ...); - /* Sleep that can be interrupted by signals and exit event */ void win32_sleep(const int n); diff --git a/src/openvpn/xkey_helper.c b/src/openvpn/xkey_helper.c index c803323..283c95d 100644 --- a/src/openvpn/xkey_helper.c +++ b/src/openvpn/xkey_helper.c @@ -205,7 +205,7 @@ } else { - openvpn_snprintf(alg_str, sizeof(alg_str), "ECDSA,hashalg=%s", alg.mdname); + snprintf(alg_str, sizeof(alg_str), "ECDSA,hashalg=%s", alg.mdname); } } else if (!strcmp(alg.keytype, "ED448") || !strcmp(alg.keytype, "ED25519")) @@ -229,8 +229,8 @@ /* For undigested message, add hashalg=digest parameter */ else { - openvpn_snprintf(alg_str, sizeof(alg_str), "%s,hashalg=%s", - "RSA_PKCS1_PADDING", alg.mdname); + snprintf(alg_str, sizeof(alg_str), "%s,hashalg=%s", + "RSA_PKCS1_PADDING", alg.mdname); } } else if (!strcmp(alg.padmode, "none") && (flags & MF_EXTERNAL_KEY_NOPADDING) @@ -240,8 +240,8 @@ } else if (!strcmp(alg.padmode, "pss") && (flags & MF_EXTERNAL_KEY_PSSPAD)) { - openvpn_snprintf(alg_str, sizeof(alg_str), "%s,hashalg=%s,saltlen=%s", - "RSA_PKCS1_PSS_PADDING", alg.mdname, alg.saltlen); + snprintf(alg_str, sizeof(alg_str), "%s,hashalg=%s,saltlen=%s", + "RSA_PKCS1_PSS_PADDING", alg.mdname, alg.saltlen); } else { diff --git a/src/openvpnserv/common.c b/src/openvpnserv/common.c index bd0a484..b6f934a 100644 --- a/src/openvpnserv/common.c +++ b/src/openvpnserv/common.c @@ -27,36 +27,6 @@ LPCTSTR service_instance = TEXT(""); static wchar_t win_sys_path[MAX_PATH]; -/* - * These are necessary due to certain buggy implementations of (v)snprintf, - * that don't guarantee null termination for size > 0. - */ -BOOL -openvpn_vswprintf(LPTSTR str, size_t size, LPCTSTR format, va_list arglist) -{ - int len = -1; - if (size > 0) - { - len = vswprintf_s(str, size, format, arglist); - str[size - 1] = 0; - } - return (len >= 0 && (size_t)len < size); -} - -BOOL -openvpn_swprintf(LPTSTR str, size_t size, LPCTSTR format, ...) -{ - va_list arglist; - BOOL res = FALSE; - if (size > 0) - { - va_start(arglist, format); - res = openvpn_vswprintf(str, size, format, arglist); - va_end(arglist); - } - return res; -} - static DWORD GetRegString(HKEY key, LPCTSTR value, LPTSTR data, DWORD size, LPCTSTR default_value) { @@ -66,7 +36,7 @@ if (status == ERROR_FILE_NOT_FOUND && default_value) { size_t len = size/sizeof(data[0]); - if (openvpn_swprintf(data, len, default_value)) + if (swprintf(data, len, default_value)) { status = ERROR_SUCCESS; } @@ -93,7 +63,7 @@ TCHAR install_path[MAX_PATH]; TCHAR default_value[MAX_PATH]; - openvpn_swprintf(reg_path, _countof(reg_path), TEXT("SOFTWARE\\" PACKAGE_NAME "%ls"), service_instance); + swprintf(reg_path, _countof(reg_path), TEXT("SOFTWARE\\" PACKAGE_NAME "%ls"), service_instance); LONG status = RegOpenKeyEx(HKEY_LOCAL_MACHINE, reg_path, 0, KEY_READ, &key); if (status != ERROR_SUCCESS) @@ -110,15 +80,15 @@ goto out; } - openvpn_swprintf(default_value, _countof(default_value), TEXT("%ls\\bin\\openvpn.exe"), - install_path); + swprintf(default_value, _countof(default_value), TEXT("%ls\\bin\\openvpn.exe"), + install_path); error = GetRegString(key, TEXT("exe_path"), s->exe_path, sizeof(s->exe_path), default_value); if (error != ERROR_SUCCESS) { goto out; } - openvpn_swprintf(default_value, _countof(default_value), TEXT("%ls\\config"), install_path); + swprintf(default_value, _countof(default_value), TEXT("%ls\\config"), install_path); error = GetRegString(key, TEXT("config_dir"), s->config_dir, sizeof(s->config_dir), default_value); if (error != ERROR_SUCCESS) @@ -133,7 +103,7 @@ goto out; } - openvpn_swprintf(default_value, _countof(default_value), TEXT("%ls\\log"), install_path); + swprintf(default_value, _countof(default_value), TEXT("%ls\\log"), install_path); error = GetRegString(key, TEXT("log_dir"), s->log_dir, sizeof(s->log_dir), default_value); if (error != ERROR_SUCCESS) { @@ -229,7 +199,7 @@ else { tmp[wcslen(tmp) - 2] = TEXT('\0'); /* remove CR/LF characters */ - openvpn_swprintf(buf, _countof(buf), TEXT("%ls (0x%x)"), tmp, error); + swprintf(buf, _countof(buf), TEXT("%ls (0x%x)"), tmp, error); } if (tmp) @@ -259,9 +229,9 @@ hEventSource = RegisterEventSource(NULL, APPNAME); if (hEventSource != NULL) { - openvpn_swprintf(msg[0], _countof(msg[0]), - TEXT("%ls%ls%ls: %ls"), APPNAME, service_instance, - (flags & MSG_FLAGS_ERROR) ? TEXT(" error") : TEXT(""), err_msg); + swprintf(msg[0], _countof(msg[0]), + TEXT("%ls%ls%ls: %ls"), APPNAME, service_instance, + (flags & MSG_FLAGS_ERROR) ? TEXT(" error") : TEXT(""), err_msg); va_start(arglist, format); openvpn_vswprintf(msg[1], _countof(msg[1]), format, arglist); diff --git a/src/openvpnserv/interactive.c b/src/openvpnserv/interactive.c index 452633c..efd3834 100644 --- a/src/openvpnserv/interactive.c +++ b/src/openvpnserv/interactive.c @@ -310,7 +310,7 @@ * Same format as error messages (3 line string) with error = 0 in * 0x%08x format, PID on line 2 and a description "Process ID" on line 3 */ - openvpn_swprintf(buf, _countof(buf), L"0x%08x\n0x%08x\n%ls", 0, pid, msg); + swprintf(buf, _countof(buf), L"0x%08x\n0x%08x\n%ls", 0, pid, msg); WritePipeAsync(pipe, buf, (DWORD)(wcslen(buf) * 2), count, events); } @@ -384,9 +384,9 @@ if (!argv) { - openvpn_swprintf(errmsg, capacity, - L"Cannot validate options: CommandLineToArgvW failed with error = 0x%08x", - GetLastError()); + swprintf(errmsg, capacity, + L"Cannot validate options: CommandLineToArgvW failed with error = 0x%08x", + GetLastError()); goto out; } @@ -406,8 +406,8 @@ if (!CheckOption(workdir, 2, argv_tmp, &settings)) { - openvpn_swprintf(errmsg, capacity, msg1, argv[0], workdir, - settings.ovpn_admin_group); + swprintf(errmsg, capacity, msg1, argv[0], workdir, + settings.ovpn_admin_group); } goto out; } @@ -423,13 +423,13 @@ { if (wcscmp(L"--config", argv[i]) == 0 && argc-i > 1) { - openvpn_swprintf(errmsg, capacity, msg1, argv[i+1], workdir, - settings.ovpn_admin_group); + swprintf(errmsg, capacity, msg1, argv[i+1], workdir, + settings.ovpn_admin_group); } else { - openvpn_swprintf(errmsg, capacity, msg2, argv[i], - settings.ovpn_admin_group); + swprintf(errmsg, capacity, msg2, argv[i], + settings.ovpn_admin_group); } goto out; } @@ -984,7 +984,7 @@ HANDLE wait_handles[2] = {rdns_semaphore, exit_event}; - openvpn_swprintf(ipcfg, MAX_PATH, L"%ls\\%ls", get_win_sys_path(), L"ipconfig.exe"); + swprintf(ipcfg, MAX_PATH, L"%ls\\%ls", get_win_sys_path(), L"ipconfig.exe"); if (WaitForMultipleObjects(2, wait_handles, FALSE, timeout) == WAIT_OBJECT_0) { @@ -1063,7 +1063,7 @@ } /* Path of netsh */ - openvpn_swprintf(argv0, _countof(argv0), L"%ls\\%ls", get_win_sys_path(), L"netsh.exe"); + swprintf(argv0, _countof(argv0), L"%ls\\%ls", get_win_sys_path(), L"netsh.exe"); /* cmd template: * netsh interface $proto $action dns $if_name $addr [validate=no] @@ -1079,7 +1079,7 @@ goto out; } - openvpn_swprintf(cmdline, ncmdline, fmt, proto, action, if_name, addr); + swprintf(cmdline, ncmdline, fmt, proto, action, if_name, addr); if (IsWindows7OrGreater()) { @@ -1123,7 +1123,7 @@ } /* Path of netsh */ - openvpn_swprintf(argv0, _countof(argv0), L"%ls\\%ls", get_win_sys_path(), L"netsh.exe"); + swprintf(argv0, _countof(argv0), L"%ls\\%ls", get_win_sys_path(), L"netsh.exe"); /* cmd template: * netsh interface ip $action wins $if_name $static $addr @@ -1140,7 +1140,7 @@ goto out; } - openvpn_swprintf(cmdline, ncmdline, fmt, action, if_name, addr_static, addr); + swprintf(cmdline, ncmdline, fmt, action, if_name, addr_static, addr); err = ExecCommand(argv0, cmdline, timeout); @@ -1166,7 +1166,7 @@ wchar_t *cmdline = NULL; int timeout = 10000; /* in msec */ - openvpn_swprintf(argv0, _countof(argv0), L"%ls\\%ls", get_win_sys_path(), L"wbem\\wmic.exe"); + swprintf(argv0, _countof(argv0), L"%ls\\%ls", get_win_sys_path(), L"wbem\\wmic.exe"); const wchar_t *fmt; /* comma separated list must be enclosed in parenthesis */ @@ -1187,8 +1187,8 @@ return ERROR_OUTOFMEMORY; } - openvpn_swprintf(cmdline, ncmdline, fmt, if_index, action, - data ? data : L""); + swprintf(cmdline, ncmdline, fmt, if_index, action, + data ? data : L""); err = ExecCommand(argv0, cmdline, timeout); free(cmdline); @@ -1452,7 +1452,7 @@ wchar_t argv0[MAX_PATH]; /* Path of netsh */ - openvpn_swprintf(argv0, _countof(argv0), L"%ls\\%ls", get_win_sys_path(), L"netsh.exe"); + swprintf(argv0, _countof(argv0), L"%ls\\%ls", get_win_sys_path(), L"netsh.exe"); /* cmd template: * netsh interface ipv4 set address name=$if_index source=dhcp @@ -1470,7 +1470,7 @@ return err; } - openvpn_swprintf(cmdline, ncmdline, fmt, dhcp->iface.index); + swprintf(cmdline, ncmdline, fmt, dhcp->iface.index); err = ExecCommand(argv0, cmdline, timeout); @@ -1969,8 +1969,8 @@ goto out; } - openvpn_swprintf(ovpn_pipe_name, _countof(ovpn_pipe_name), - TEXT("\\\\.\\pipe\\" PACKAGE "%ls\\service_%lu"), service_instance, GetCurrentThreadId()); + swprintf(ovpn_pipe_name, _countof(ovpn_pipe_name), + TEXT("\\\\.\\pipe\\" PACKAGE "%ls\\service_%lu"), service_instance, GetCurrentThreadId()); ovpn_pipe = CreateNamedPipe(ovpn_pipe_name, PIPE_ACCESS_DUPLEX | FILE_FLAG_FIRST_PIPE_INSTANCE | FILE_FLAG_OVERLAPPED, PIPE_TYPE_MESSAGE | PIPE_READMODE_MESSAGE | PIPE_WAIT, 1, 128, 128, 0, NULL); @@ -2002,8 +2002,8 @@ ReturnLastError(pipe, L"malloc"); goto out; } - openvpn_swprintf(cmdline, cmdline_size, L"openvpn %ls --msg-channel %lu", - sud.options, svc_pipe); + swprintf(cmdline, cmdline_size, L"openvpn %ls --msg-channel %lu", + sud.options, svc_pipe); if (!CreateEnvironmentBlock(&user_env, imp_token, FALSE)) { @@ -2078,8 +2078,8 @@ else if (exit_code != 0) { WCHAR buf[256]; - openvpn_swprintf(buf, _countof(buf), - L"OpenVPN exited with error: exit code = %lu", exit_code); + swprintf(buf, _countof(buf), + L"OpenVPN exited with error: exit code = %lu", exit_code); ReturnError(pipe, ERROR_OPENVPN_STARTUP, buf, 1, &exit_event); } Undo(&undo_lists); @@ -2173,7 +2173,7 @@ initialized = TRUE; } - openvpn_swprintf(pipe_name, _countof(pipe_name), TEXT("\\\\.\\pipe\\" PACKAGE "%ls\\service"), service_instance); + swprintf(pipe_name, _countof(pipe_name), TEXT("\\\\.\\pipe\\" PACKAGE "%ls\\service"), service_instance); pipe = CreateNamedPipe(pipe_name, flags, PIPE_TYPE_MESSAGE | PIPE_READMODE_MESSAGE | PIPE_REJECT_REMOTE_CLIENTS, PIPE_UNLIMITED_INSTANCES, 1024, 1024, 0, NULL); diff --git a/src/openvpnserv/service.h b/src/openvpnserv/service.h index 3acf08c..6d0827d 100644 --- a/src/openvpnserv/service.h +++ b/src/openvpnserv/service.h @@ -81,12 +81,6 @@ VOID WINAPI ServiceStartInteractive(DWORD argc, LPTSTR *argv); -BOOL openvpn_vsntprintf(LPTSTR str, size_t size, LPCTSTR format, va_list arglist); - -BOOL openvpn_sntprintf(LPTSTR str, size_t size, LPCTSTR format, ...); - -BOOL openvpn_swprintf(wchar_t *const str, const size_t size, const wchar_t *const format, ...); - DWORD GetOpenvpnSettings(settings_t *s); BOOL ReportStatusToSCMgr(SERVICE_STATUS_HANDLE service, SERVICE_STATUS *status); diff --git a/src/openvpnserv/validate.c b/src/openvpnserv/validate.c index 5f7acd7..9563fa5 100644 --- a/src/openvpnserv/validate.c +++ b/src/openvpnserv/validate.c @@ -68,7 +68,7 @@ /* convert fname to full path */ if (PathIsRelativeW(fname) ) { - openvpn_swprintf(tmp, _countof(tmp), L"%ls\\%ls", workdir, fname); + swprintf(tmp, _countof(tmp), L"%ls\\%ls", workdir, fname); config_file = tmp; } else diff --git a/tests/unit_tests/openvpn/test_buffer.c b/tests/unit_tests/openvpn/test_buffer.c index 52ffb54..c1d1538 100644 --- a/tests/unit_tests/openvpn/test_buffer.c +++ b/tests/unit_tests/openvpn/test_buffer.c @@ -354,6 +354,30 @@ assert_string_equal(buf, "There is a .'nice.' \"1234\" [.] year old .tree!"); } +static void +test_snprintf(void **state) +{ + /* we used to have a custom openvpn_snprintf function because some + * OS (the comment did not specify which) did not always put the + * null byte there. So we unit test this to be sure. + * + * This probably refers to the MSVC behaviour, see also + * https://stackoverflow.com/questions/7706936/is-snprintf-always-null-terminating + */ + + char buf[10] = { 'a' }; + assert_int_equal(snprintf(buf, sizeof(buf), "0123456789abcde"), 15); + assert_int_equal(buf[9], '\0'); + + memset(buf, 'b', sizeof(buf)); + assert_int_equal(snprintf(buf, sizeof(buf), "- %d - %d -", 77, 88), 11); + assert_int_equal(buf[9], '\0'); + + memset(buf, 'c', sizeof(buf)); + assert_int_equal(snprintf(buf, sizeof(buf), "- %8.2f", 77.8899), 10); + assert_int_equal(buf[9], '\0'); +} + int main(void) { @@ -387,6 +411,7 @@ cmocka_unit_test(test_buffer_free_gc_two), cmocka_unit_test(test_buffer_gc_realloc), cmocka_unit_test(test_character_class), + cmocka_unit_test(test_snprintf) }; return cmocka_run_group_tests_name("buffer", tests, NULL, NULL); diff --git a/tests/unit_tests/openvpn/test_cryptoapi.c b/tests/unit_tests/openvpn/test_cryptoapi.c index 87f6208..98102ef 100644 --- a/tests/unit_tests/openvpn/test_cryptoapi.c +++ b/tests/unit_tests/openvpn/test_cryptoapi.c @@ -271,7 +271,7 @@ for (struct test_cert *c = certs; c->cert; c++) { - openvpn_snprintf(select_string, sizeof(select_string), "THUMB:%s", c->hash); + snprintf(select_string, sizeof(select_string), "THUMB:%s", c->hash); ctx = find_certificate_in_store(select_string, user_store); if (ctx) { @@ -304,7 +304,7 @@ for (struct test_cert *c = certs; c->cert; c++) { - openvpn_snprintf(select_string, sizeof(select_string), "SUBJ:%s", c->cname); + snprintf(select_string, sizeof(select_string), "SUBJ:%s", c->cname); ctx = find_certificate_in_store(select_string, user_store); /* In this case we expect a successful return as there is at least one valid * cert that matches the common name. But the returned cert may not exactly match @@ -337,7 +337,7 @@ for (struct test_cert *c = certs; c->cert; c++) { - openvpn_snprintf(select_string, sizeof(select_string), "ISSUER:%s", c->issuer); + snprintf(select_string, sizeof(select_string), "ISSUER:%s", c->issuer); ctx = find_certificate_in_store(select_string, user_store); /* In this case we expect a successful return as there is at least one valid * cert that matches the issuer. But the returned cert may not exactly match @@ -411,7 +411,7 @@ { continue; } - openvpn_snprintf(select_string, sizeof(select_string), "THUMB:%s", c->hash); + snprintf(select_string, sizeof(select_string), "THUMB:%s", c->hash); if (Load_CryptoAPI_certificate(select_string, &x509, &privkey) != 1) { fail_msg("Load_CryptoAPI_certificate failed: <%s>", c->friendly_name); @@ -446,7 +446,7 @@ SSL_CTX *ssl_ctx = SSL_CTX_new_ex(tls_libctx, NULL, SSLv23_client_method()); assert_non_null(ssl_ctx); - openvpn_snprintf(select_string, sizeof(select_string), "THUMB:%s", c->hash); + snprintf(select_string, sizeof(select_string), "THUMB:%s", c->hash); if (!SSL_CTX_use_CryptoAPI_certificate(ssl_ctx, select_string)) { fail_msg("SSL_CTX_use_CryptoAPI_certificate failed: <%s>", c->friendly_name); diff --git a/tests/unit_tests/openvpn/test_pkcs11.c b/tests/unit_tests/openvpn/test_pkcs11.c index a48e404..84ebb29 100644 --- a/tests/unit_tests/openvpn/test_pkcs11.c +++ b/tests/unit_tests/openvpn/test_pkcs11.c @@ -161,7 +161,7 @@ } else if (flags & GET_USER_PASS_PASSWORD_ONLY) { - openvpn_snprintf(up->password, sizeof(up->password), "%s", PIN); + snprintf(up->password, sizeof(up->password), "%s", PIN); } else { @@ -204,8 +204,8 @@ { fail_msg("make tmpfile using template <%s> failed (error = %d)", softhsm2_conf_path, errno); } - openvpn_snprintf(config, sizeof(config), "directories.tokendir=%s/", - softhsm2_tokens_path); + snprintf(config, sizeof(config), "directories.tokendir=%s/", + softhsm2_tokens_path); assert_int_equal(write(fd, config, strlen(config)), strlen(config)); close(fd);