From patchwork Thu Dec 29 18:27:38 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Selva Nair X-Patchwork-Id: 2961 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7300:c95:b0:82:e4b3:40a0 with SMTP id p21csp4151940dyk; Thu, 29 Dec 2022 10:28:29 -0800 (PST) X-Google-Smtp-Source: AMrXdXsSnWVDYD0GmsijZNmxUz3VsPEhRZORjReusEekTb2zwMRJqd1CSOhtP7OZ6Dm6N1EFeJBL X-Received: by 2002:a17:903:30d2:b0:186:e426:ff33 with SMTP id s18-20020a17090330d200b00186e426ff33mr27595325plc.20.1672338509389; Thu, 29 Dec 2022 10:28:29 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1672338509; cv=none; d=google.com; s=arc-20160816; b=OtC8eXGERWnf9AkrX0xmCccZvUxGOkaD6Qx8zMlMnXuzqkuELy+zg9NnY8oNzaofSH pjETOzG5AYGLMMoGWL7K7wtNMTW8Fay34gIUASENMUmHc8HKSEC4o7l+EU4Id9M8D6yS P6WbHDEqyFIShV/aCWGdPDB4XhdcUbyYpsqfDIwyyXyfRWh4dsupWaebsAJ1FD8pOOnb zq+V4j/o+ahFnd3uD6A+b7cyuq5DxmlHzFNjDne9I730+G1tw9EOYOdknBFZkrx5uANZ XnFmStpSL2t0tru2Ji/ZldV6bEonPfQ0UKQ8sYVSoUXjZL7v3qMytc2Bnwo5K+Tsv5ci vDBQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:message-id:date:to:from:dkim-signature:dkim-signature :dkim-signature; bh=MeYU2n+0Nnb0ueId/YvJmXq8usMYHIgeeUa7eIlVgjs=; b=LlDqMw3sTKrv71pK3q2qIwMrZBrUZU9T4NjRm2ee0zBfUm1vJQHo5pB7JRO1UgtfYQ 2PCsOimR4Ed2Jl9eQzJwa3x7EI0ZdOBc7Vcpgf1KRDHCsS5oAwIERbkw4kIfV+1d1GaG kYD24nj/OfINJv3JDWOwitmcGuFdjCxJfiLJfOfPZIVNw8Xq78HUPtHbCwk0w3lofB08 NIcrL0/kHoWKiK9VUSodv2dBIegLiirW6s6efdu3VyrRfmTrhtqfH1/O+Mm6f9t1uJYy A3m4OMG7GslAd78u1CWwSS9JXih2/PwW/aI0jg1su+x88KrFPv03axKFWqs/EfNhlHSn q9uA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=fI9eH91y; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=YTLi15pQ; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20210112 header.b=do8TjejT; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id e19-20020a170902f11300b00186ba56bda8si17811692plb.61.2022.12.29.10.28.28 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 29 Dec 2022 10:28:29 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=fI9eH91y; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=YTLi15pQ; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20210112 header.b=do8TjejT; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1pAxdQ-0007hX-5e; Thu, 29 Dec 2022 18:28:08 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1pAxdO-0007hR-Kg for openvpn-devel@lists.sourceforge.net; Thu, 29 Dec 2022 18:28:06 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=60cNET093/FPtUeVgPr/eQzvd3TaRFyVzDfBrI/8HGs=; b=fI9eH91yYES/YWQpYoKheiAm47 dGUVfa0Idd/QmURYD8gWQOPimWl2BeoUAtXVDSqK9olKTYoh4OEIl1KEYKgGrn4rnWx9aWFistXeV P70cMHWzLWWdrrK/4OhX9JnqVapUl1EOZJrSGKRNtMY9eP4ih3qKi7S+iwY1HHPfqR6s=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:Cc:To:From :Sender:Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=60cNET093/FPtUeVgPr/eQzvd3TaRFyVzDfBrI/8HGs=; b=Y TLi15pQU6TVqxijgOGjelqRkSFxvzw7/pjY41mHFbG5x+wWngC+VxQVw7ncZ7zTsq4EtrIxDpVT4Q jN6GwaGO/9Zejo6YPq8VQrvpp1bjBRU/Partg0plztBz45QmpfT6rSQpcI4qIufyld8cJUvCYBazX ielqI/AmUioG0iOM=; Received: from mail-il1-f169.google.com ([209.85.166.169]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95) id 1pAxdM-00GPi6-JG for openvpn-devel@lists.sourceforge.net; Thu, 29 Dec 2022 18:28:06 +0000 Received: by mail-il1-f169.google.com with SMTP id z18so10148265ils.3 for ; Thu, 29 Dec 2022 10:28:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=60cNET093/FPtUeVgPr/eQzvd3TaRFyVzDfBrI/8HGs=; b=do8TjejTInmZfDLyg9Ne6y12iSIRjv7BHl72kzCEli+MUsvd2xcDCPVuTfA0MHKFke KQh6OIrnWkq2uwOHCfttlJrmKCmuJLCFLNQdAvaEcfrRrPaNuUJTkbyeFIcjWbzrpSX8 SGv57hKU/xSLXqW/rva2AkpSqMsjHPyS3N2OhobuJy/A5oVY7+zVHg5Sqtfp9Y5T7ZEX r5uWNGtkh+l9gP4d85UNw1tIad73OMn6dosm21socZn2Z4NwjDcp8Yg4kE6xEvLBnqwg P2PHslYWhPt+H3qhoq6CbVGITRu7u05tAedKldPNgMlmcREpUtp3sJLjc6rK/DhGjU1t CE1A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=60cNET093/FPtUeVgPr/eQzvd3TaRFyVzDfBrI/8HGs=; b=xfBEIFB1uy4xGaoVI7R+8JWe/qcI0BnszNkfe9wSOznHEZmOhlfop2WzuTWoPZP5N0 q1nkNOUK/lt6aoWOpzWjzuEUHgNYMh46cqJYFj9FbFSVwlc6fgVpAd/ermq24afCUMbh n9oKXs/9dfrUAFtEFBl9uhVB8unF02YZ/XoywY/Vi8trkxMusMGTerYq1wV+VOhTJCk0 kt5TAxxjCdmvubcAIkVbmJlqcUC2ZD2ox7LWaojF+2qtWbVvqfmzWVd5CP0BE0iV0nEb 4Btt/1/TZVfUkAfd6kq5Id4Ht1tMiFU7fKIN+PBN+DkKeJecSfST/Jd9ujrs559TrzAH yaWA== X-Gm-Message-State: AFqh2kqpqfJdIY+pWX+sKNcEJs0X5ipCVTSpWkgHmlb7RfX8wpSNMR6f yKDjWOWNI9Ju45iuT2vOYHrG4O0O8/DUbQ== X-Received: by 2002:a92:cd48:0:b0:303:814:5698 with SMTP id v8-20020a92cd48000000b0030308145698mr4810891ilq.1.1672338478843; Thu, 29 Dec 2022 10:27:58 -0800 (PST) Received: from uranus.sansel.ca (bras-vprn-tnhlon4053w-lp130-01-70-51-222-66.dsl.bell.ca. [70.51.222.66]) by smtp.gmail.com with ESMTPSA id o11-20020a056e02092b00b0030c2667fe17sm973492ilt.80.2022.12.29.10.27.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 Dec 2022 10:27:58 -0800 (PST) From: selva.nair@gmail.com To: openvpn-devel@lists.sourceforge.net Date: Thu, 29 Dec 2022 13:27:38 -0500 Message-Id: <20221229182739.1477336-1-selva.nair@gmail.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Selva Nair HandleRegisterRingBuffers() in interactive.c did not follow the the original API of HandleMessage(): a new argument was added to HandleMessage to pass-in prer-process ring-buffer handles. The existing [...] Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.166.169 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [selva.nair[at]gmail.com] -0.0 SPF_PASS SPF: sender matches SPF record -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.166.169 listed in wl.mailspike.net] -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-Headers-End: 1pAxdM-00GPi6-JG Subject: [Openvpn-devel] [PATCH 1/2] Use undo_lists for saving ring-buffer handles in interactive service X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1753574024797151708?= X-GMAIL-MSGID: =?utf-8?q?1753574024797151708?= From: Selva Nair HandleRegisterRingBuffers() in interactive.c did not follow the the original API of HandleMessage(): a new argument was added to HandleMessage to pass-in prer-process ring-buffer handles. The existing undo lists argument is meant for such use. Rewrite following the original design. Signed-off-by: Selva Nair Acked-by: Lev Stipakov --- src/openvpnserv/interactive.c | 51 ++++++++++++++++++++++++----------- 1 file changed, 36 insertions(+), 15 deletions(-) diff --git a/src/openvpnserv/interactive.c b/src/openvpnserv/interactive.c index 47bcd72a..8476738c 100644 --- a/src/openvpnserv/interactive.c +++ b/src/openvpnserv/interactive.c @@ -92,6 +92,7 @@ typedef enum { undo_dns4, undo_dns6, undo_domain, + undo_ring_buffer, _undo_type_max } undo_type_t; typedef list_item_t *undo_lists_t[_undo_type_max]; @@ -780,7 +781,7 @@ BlockDNSErrHandler(DWORD err, const char *msg) /* Use an always-true match_fn to get the head of the list */ static BOOL -CmpEngine(LPVOID item, LPVOID any) +CmpAny(LPVOID item, LPVOID any) { return TRUE; } @@ -835,7 +836,7 @@ HandleBlockDNSMessage(const block_dns_message_t *msg, undo_lists_t *lists) } else { - interface_data = RemoveListItem(&(*lists)[block_dns], CmpEngine, NULL); + interface_data = RemoveListItem(&(*lists)[block_dns], CmpAny, NULL); if (interface_data) { engine = interface_data->engine; @@ -1354,40 +1355,49 @@ DuplicateAndMapRing(HANDLE ovpn_proc, HANDLE orig_handle, HANDLE *new_handle, st static DWORD HandleRegisterRingBuffers(const register_ring_buffers_message_t *rrb, HANDLE ovpn_proc, - ring_buffer_handles_t *ring_buffer_handles) + undo_lists_t *lists) { DWORD err = 0; - CloseRingBufferHandles(ring_buffer_handles); + ring_buffer_handles_t *ring_buffer_handles = RemoveListItem(&(*lists)[undo_ring_buffer], CmpAny, NULL); + + if (ring_buffer_handles) + { + CloseRingBufferHandles(ring_buffer_handles); + } + else if ((ring_buffer_handles = calloc(1, sizeof(*ring_buffer_handles))) == NULL) + { + return ERROR_OUTOFMEMORY; + } err = OvpnDuplicateHandle(ovpn_proc, rrb->device, &ring_buffer_handles->device); if (err != ERROR_SUCCESS) { - return err; + goto out; } err = DuplicateAndMapRing(ovpn_proc, rrb->send_ring_handle, &ring_buffer_handles->send_ring_handle, &ring_buffer_handles->send_ring); if (err != ERROR_SUCCESS) { - return err; + goto out; } err = DuplicateAndMapRing(ovpn_proc, rrb->receive_ring_handle, &ring_buffer_handles->receive_ring_handle, &ring_buffer_handles->receive_ring); if (err != ERROR_SUCCESS) { - return err; + goto out; } err = OvpnDuplicateHandle(ovpn_proc, rrb->send_tail_moved, &ring_buffer_handles->send_tail_moved); if (err != ERROR_SUCCESS) { - return err; + goto out; } err = OvpnDuplicateHandle(ovpn_proc, rrb->receive_tail_moved, &ring_buffer_handles->receive_tail_moved); if (err != ERROR_SUCCESS) { - return err; + goto out; } if (!register_ring_buffers(ring_buffer_handles->device, ring_buffer_handles->send_ring, @@ -1396,6 +1406,16 @@ HandleRegisterRingBuffers(const register_ring_buffers_message_t *rrb, HANDLE ovp { err = GetLastError(); MsgToEventLog(M_SYSERR, TEXT("Could not register ring buffers")); + goto out; + } + + err = AddListItem(&(*lists)[undo_ring_buffer], ring_buffer_handles); + +out: + if (err != ERROR_SUCCESS && ring_buffer_handles) + { + CloseRingBufferHandles(ring_buffer_handles); + free(ring_buffer_handles); } return err; @@ -1425,7 +1445,7 @@ HandleMTUMessage(const set_mtu_message_t *mtu) } static VOID -HandleMessage(HANDLE pipe, HANDLE ovpn_proc, ring_buffer_handles_t *ring_buffer_handles, +HandleMessage(HANDLE pipe, HANDLE ovpn_proc, DWORD bytes, DWORD count, LPHANDLE events, undo_lists_t *lists) { DWORD read; @@ -1509,7 +1529,7 @@ HandleMessage(HANDLE pipe, HANDLE ovpn_proc, ring_buffer_handles_t *ring_buffer_ case msg_register_ring_buffers: if (msg.header.size == sizeof(msg.rrb)) { - ack.error_number = HandleRegisterRingBuffers(&msg.rrb, ovpn_proc, ring_buffer_handles); + ack.error_number = HandleRegisterRingBuffers(&msg.rrb, ovpn_proc, lists); } break; @@ -1579,6 +1599,10 @@ Undo(undo_lists_t *lists) } break; + case undo_ring_buffer: + CloseRingBufferHandles(item->data); + break; + case _undo_type_max: /* unreachable */ break; @@ -1611,7 +1635,6 @@ RunOpenvpn(LPVOID p) WCHAR *cmdline = NULL; size_t cmdline_size; undo_lists_t undo_lists; - ring_buffer_handles_t ring_buffer_handles; WCHAR errmsg[512] = L""; SECURITY_ATTRIBUTES inheritable = { @@ -1633,7 +1656,6 @@ RunOpenvpn(LPVOID p) ZeroMemory(&startup_info, sizeof(startup_info)); ZeroMemory(&undo_lists, sizeof(undo_lists)); ZeroMemory(&proc_info, sizeof(proc_info)); - ZeroMemory(&ring_buffer_handles, sizeof(ring_buffer_handles)); if (!GetStartupData(pipe, &sud)) { @@ -1866,7 +1888,7 @@ RunOpenvpn(LPVOID p) break; } - HandleMessage(ovpn_pipe, proc_info.hProcess, &ring_buffer_handles, bytes, 1, &exit_event, &undo_lists); + HandleMessage(ovpn_pipe, proc_info.hProcess, bytes, 1, &exit_event, &undo_lists); } WaitForSingleObject(proc_info.hProcess, IO_TIMEOUT); @@ -1893,7 +1915,6 @@ out: free(cmdline); DestroyEnvironmentBlock(user_env); FreeStartupData(&sud); - CloseRingBufferHandles(&ring_buffer_handles); CloseHandleEx(&proc_info.hProcess); CloseHandleEx(&proc_info.hThread); CloseHandleEx(&stdin_read); From patchwork Thu Dec 29 18:27:39 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Selva Nair X-Patchwork-Id: 2962 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7300:c95:b0:82:e4b3:40a0 with SMTP id p21csp4151994dyk; Thu, 29 Dec 2022 10:28:33 -0800 (PST) X-Google-Smtp-Source: AMrXdXsNDw32QlGxhFruONAmYarrReWmP31FrMa+a+4iD2F+KBY6geooXsrkwbfplGE3rjkAYNVH X-Received: by 2002:a05:6a00:1f0d:b0:573:d183:4218 with SMTP id be13-20020a056a001f0d00b00573d1834218mr43572837pfb.10.1672338513510; Thu, 29 Dec 2022 10:28:33 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1672338513; cv=none; d=google.com; s=arc-20160816; b=dBpGU8BXyUv9OXROZLlICzW5Nb3yJuYP5Z9Ouamskj/3VKGCCpFCsFpOUW85x0yvT6 DzpddXVBBZko+l7cXRQKVi1NNShUPZ3fhQUr83oREVf6AR4jysPBiIiiNdCgvKAQq+pw kZE3fjyCKytrjA8BArrRdi0U4ILTHZFIzdCbiLDbrD19ccmOK6TK58V7o7W6WnNw1/2m +JsqffVCAXDN1kE51RBWmUtbOxe1eoJNmymm7UqVn7e2BCHR3fB8yl/BWt3pP7J/pf4N qF7Kbye7LW+8/ozsusIpnMVZ0ASC4mroPM7dUEy/PYIKAneooC0w6ZiDffZJui+gBD2j oEQA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=aKTOqgxpPVjX6caDjMu6mhZwDIVPhoK3AWtNLbvk8mA=; b=BNJjHC4rexSxc3z0bebq2GW52JHqDK4GOxawnKd9On1D0CU1+DDSsSon05IaDj1K4j k7t/cqg23JXOf5S7FaoqAwdF6vquQ4DhldLl8UV80YCMgmz1n8psMY/r1Ac6w1N4HZWI pjAZtzE4MZ/uFUVxGOm8nIGNwQP/Biui1SEzVoaa7YQzDq6/1Im8WsHgeWDjDNJNnRvD CIJ8hd/hJCOzDvXNTBs6CdvW0pYSlTWoXNydZii9WqgnxL4bUuLp2N/fnfqNdCEdhRPE TDwawv7933qe/j//9rjmIjpRPpYAYDJJ3cFkbO3+AlG5ssxBjGemIUcE/hKs7d35S3Cn F2Tg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=Hxby+P9R; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=GbgtmFk2; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20210112 header.b=EiYRb5Mg; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id n27-20020aa7985b000000b0056e8f32463esi18956725pfq.322.2022.12.29.10.28.33 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 29 Dec 2022 10:28:33 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=Hxby+P9R; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=GbgtmFk2; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20210112 header.b=EiYRb5Mg; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1pAxdU-0002QJ-Rf; Thu, 29 Dec 2022 18:28:12 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1pAxdU-0002QD-I0 for openvpn-devel@lists.sourceforge.net; Thu, 29 Dec 2022 18:28:12 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=zBsZRWYK9zIultkfj7JhnRJ7xxNzMqCI4XF+15G+Sxo=; b=Hxby+P9RB7wPIsTm07nYXs77P8 qcRUKBjYgh3LRh010GJeAJE44xWTf69PT22PbCwD4Fbs6XiPD1Mg5YRl0yYbLlx1X0R8NZ9v33w+C DhMg6rg2riIRGHRdB+5R7ci+XuiKaZpZuIr0310tAa+rdMC7XGfTyo+16pgOu5Q4tpZ0=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=zBsZRWYK9zIultkfj7JhnRJ7xxNzMqCI4XF+15G+Sxo=; b=GbgtmFk2wEqL/hYvcPbUzLDBLJ +nH2lK7rulrOHZPSlR0BJ8aQB61jGeA7qFYHnmOLk9T2aWkaKH5JYmgm7yWJNwNqnnu56O1cB9VMP 7L4G5haOuJNF51IdaZouF4VEQyMJJplTYnO+1V9WSJX+qJuiJv04FrglqZoMebObKowk=; Received: from mail-il1-f179.google.com ([209.85.166.179]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95) id 1pAxdT-00GPiU-SE for openvpn-devel@lists.sourceforge.net; Thu, 29 Dec 2022 18:28:12 +0000 Received: by mail-il1-f179.google.com with SMTP id o8so10137787ilq.6 for ; Thu, 29 Dec 2022 10:28:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=zBsZRWYK9zIultkfj7JhnRJ7xxNzMqCI4XF+15G+Sxo=; b=EiYRb5MgHVGrIgXdYgn32riEiBWiaNVWsdMBg6/3+SgBYnwSPdyWZlX6dJ5o4rnKTY sm0hSoXGGHnr3yz3mX5hkBy+gHYKs4+45ugk65FtG5b53m2ag4nDfu4hGlsTetIzDP+y vwYPEHwfZINBfTUOdBVJyOjj1K2mj/NPFW+C1h3+L2rtHm1U1pEs1zCiOaiqiNC5s0vf ZMr+6RYa2uxC6o/LLot597kq84Y1QUFFdhoRm6qMp+IXOv1+83yq4i+RMISrLPQTAU9L dXKWcxUQ+JvBzoFbXr44ODOYfJBJ9CdrnSFEVFR0lj5vJT6Cg2EvBx2CcZ2tW965h0NE UPFg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=zBsZRWYK9zIultkfj7JhnRJ7xxNzMqCI4XF+15G+Sxo=; b=zFXMTCmo8mWnBtbg9t4oxIxy14ThKG6zpPnsyRdN8az3vaNmvn3u/O+kwK0d8yKbdL RGyDDyjXqEH2bixgH7/6vAMVyGUmKTALqZSXTToZyBDL7jXtUuDLpAhXO3x3lkBEY5g/ olITVw16K5Fe3io7MfnnRNoAIeJcGRa00NHUBo2YHYUcJSNyrbboimY75upLJifDo5Ug dEE//iz1V3fPaYndLaYiNT8xuU/c0iAG1l0NTRSps3tbtGI9JhE0ITXfVl1cSzS/ToL7 OAF/ZjaeRHQDZCY8e+ZDy3n0Sh+dIYVL5ONoTs5mj7ii6zjwLTXPKXcfPG1MuUw8XUzE V3xQ== X-Gm-Message-State: AFqh2ko2YATPkJXZOdCzIDP3KV3afmqUtg9jPWD0vvJqm92axXHUkbEk L7NKDO5ResABsFLP4s+ngGwbhK6dKKECUA== X-Received: by 2002:a92:c008:0:b0:30c:3065:7d3e with SMTP id q8-20020a92c008000000b0030c30657d3emr42053ild.2.1672338486133; Thu, 29 Dec 2022 10:28:06 -0800 (PST) Received: from uranus.sansel.ca (bras-vprn-tnhlon4053w-lp130-01-70-51-222-66.dsl.bell.ca. [70.51.222.66]) by smtp.gmail.com with ESMTPSA id o11-20020a056e02092b00b0030c2667fe17sm973492ilt.80.2022.12.29.10.28.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 Dec 2022 10:28:05 -0800 (PST) From: selva.nair@gmail.com To: openvpn-devel@lists.sourceforge.net Date: Thu, 29 Dec 2022 13:27:39 -0500 Message-Id: <20221229182739.1477336-2-selva.nair@gmail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221229182739.1477336-1-selva.nair@gmail.com> References: <20221229182739.1477336-1-selva.nair@gmail.com> MIME-Version: 1.0 X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Selva Nair Several handles from openvpn.exe are duplicated in the service for registering ring buffer memory maps with the driver. These handles are not required after registration, as all access is through hand [...] Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [selva.nair[at]gmail.com] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.166.179 listed in list.dnswl.org] -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.166.179 listed in wl.mailspike.net] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1pAxdT-00GPiU-SE Subject: [Openvpn-devel] [PATCH 2/2] Cleanup: Close duplicated handles in interactive service X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1753574029222686846?= X-GMAIL-MSGID: =?utf-8?q?1753574029222686846?= From: Selva Nair Several handles from openvpn.exe are duplicated in the service for registering ring buffer memory maps with the driver. These handles are not required after registration, as all access is through handles in openvpn.exe. Only the map base address (send_ring, rceive_ring) need be retained for later unmapping. Use local variables for duplicated handles and close them soon after use. The struct ring_buffer_handles_t is renamed to ring_buffer_maps_t as there are no handles in there any longer. Signed-off-by: Selva Nair Acked-by: Lev Stipakov --- src/openvpnserv/interactive.c | 69 +++++++++++++++++------------------ 1 file changed, 34 insertions(+), 35 deletions(-) diff --git a/src/openvpnserv/interactive.c b/src/openvpnserv/interactive.c index 8476738c..47ddd4e8 100644 --- a/src/openvpnserv/interactive.c +++ b/src/openvpnserv/interactive.c @@ -105,14 +105,9 @@ typedef struct { } block_dns_data_t; typedef struct { - HANDLE send_ring_handle; - HANDLE receive_ring_handle; - HANDLE send_tail_moved; - HANDLE receive_tail_moved; - HANDLE device; struct tun_ring *send_ring; struct tun_ring *receive_ring; -} ring_buffer_handles_t; +} ring_buffer_maps_t; static DWORD @@ -179,15 +174,10 @@ OvpnUnmapViewOfFile(struct tun_ring **ring) } static void -CloseRingBufferHandles(ring_buffer_handles_t *ring_buffer_handles) +UnmapRingBuffer(ring_buffer_maps_t *ring_buffer_maps) { - CloseHandleEx(&ring_buffer_handles->device); - CloseHandleEx(&ring_buffer_handles->receive_tail_moved); - CloseHandleEx(&ring_buffer_handles->send_tail_moved); - OvpnUnmapViewOfFile(&ring_buffer_handles->send_ring); - OvpnUnmapViewOfFile(&ring_buffer_handles->receive_ring); - CloseHandleEx(&ring_buffer_handles->receive_ring_handle); - CloseHandleEx(&ring_buffer_handles->send_ring_handle); + OvpnUnmapViewOfFile(&ring_buffer_maps->send_ring); + OvpnUnmapViewOfFile(&ring_buffer_maps->receive_ring); } static HANDLE @@ -1333,16 +1323,19 @@ OvpnDuplicateHandle(HANDLE ovpn_proc, HANDLE orig_handle, HANDLE *new_handle) } static DWORD -DuplicateAndMapRing(HANDLE ovpn_proc, HANDLE orig_handle, HANDLE *new_handle, struct tun_ring **ring) +DuplicateAndMapRing(HANDLE ovpn_proc, HANDLE orig_handle, struct tun_ring **ring) { DWORD err = ERROR_SUCCESS; - err = OvpnDuplicateHandle(ovpn_proc, orig_handle, new_handle); + HANDLE dup_handle = NULL; + + err = OvpnDuplicateHandle(ovpn_proc, orig_handle, &dup_handle); if (err != ERROR_SUCCESS) { return err; } - *ring = (struct tun_ring *)MapViewOfFile(*new_handle, FILE_MAP_ALL_ACCESS, 0, 0, sizeof(struct tun_ring)); + *ring = (struct tun_ring *)MapViewOfFile(dup_handle, FILE_MAP_ALL_ACCESS, 0, 0, sizeof(struct tun_ring)); + CloseHandleEx(&dup_handle); if (*ring == NULL) { err = GetLastError(); @@ -1359,65 +1352,71 @@ HandleRegisterRingBuffers(const register_ring_buffers_message_t *rrb, HANDLE ovp { DWORD err = 0; - ring_buffer_handles_t *ring_buffer_handles = RemoveListItem(&(*lists)[undo_ring_buffer], CmpAny, NULL); + ring_buffer_maps_t *ring_buffer_maps = RemoveListItem(&(*lists)[undo_ring_buffer], CmpAny, NULL); - if (ring_buffer_handles) + if (ring_buffer_maps) { - CloseRingBufferHandles(ring_buffer_handles); + UnmapRingBuffer(ring_buffer_maps); } - else if ((ring_buffer_handles = calloc(1, sizeof(*ring_buffer_handles))) == NULL) + else if ((ring_buffer_maps = calloc(1, sizeof(*ring_buffer_maps))) == NULL) { return ERROR_OUTOFMEMORY; } - err = OvpnDuplicateHandle(ovpn_proc, rrb->device, &ring_buffer_handles->device); + HANDLE device = NULL; + HANDLE send_tail_moved = NULL; + HANDLE receive_tail_moved = NULL; + + err = OvpnDuplicateHandle(ovpn_proc, rrb->device, &device); if (err != ERROR_SUCCESS) { goto out; } - err = DuplicateAndMapRing(ovpn_proc, rrb->send_ring_handle, &ring_buffer_handles->send_ring_handle, &ring_buffer_handles->send_ring); + err = DuplicateAndMapRing(ovpn_proc, rrb->send_ring_handle, &ring_buffer_maps->send_ring); if (err != ERROR_SUCCESS) { goto out; } - err = DuplicateAndMapRing(ovpn_proc, rrb->receive_ring_handle, &ring_buffer_handles->receive_ring_handle, &ring_buffer_handles->receive_ring); + err = DuplicateAndMapRing(ovpn_proc, rrb->receive_ring_handle, &ring_buffer_maps->receive_ring); if (err != ERROR_SUCCESS) { goto out; } - err = OvpnDuplicateHandle(ovpn_proc, rrb->send_tail_moved, &ring_buffer_handles->send_tail_moved); + err = OvpnDuplicateHandle(ovpn_proc, rrb->send_tail_moved, &send_tail_moved); if (err != ERROR_SUCCESS) { goto out; } - err = OvpnDuplicateHandle(ovpn_proc, rrb->receive_tail_moved, &ring_buffer_handles->receive_tail_moved); + err = OvpnDuplicateHandle(ovpn_proc, rrb->receive_tail_moved, &receive_tail_moved); if (err != ERROR_SUCCESS) { goto out; } - if (!register_ring_buffers(ring_buffer_handles->device, ring_buffer_handles->send_ring, - ring_buffer_handles->receive_ring, - ring_buffer_handles->send_tail_moved, ring_buffer_handles->receive_tail_moved)) + if (!register_ring_buffers(device, ring_buffer_maps->send_ring, + ring_buffer_maps->receive_ring, + send_tail_moved, receive_tail_moved)) { err = GetLastError(); MsgToEventLog(M_SYSERR, TEXT("Could not register ring buffers")); goto out; } - err = AddListItem(&(*lists)[undo_ring_buffer], ring_buffer_handles); + err = AddListItem(&(*lists)[undo_ring_buffer], ring_buffer_maps); out: - if (err != ERROR_SUCCESS && ring_buffer_handles) + if (err != ERROR_SUCCESS && ring_buffer_maps) { - CloseRingBufferHandles(ring_buffer_handles); - free(ring_buffer_handles); + UnmapRingBuffer(ring_buffer_maps); + free(ring_buffer_maps); } - + CloseHandleEx(&device); + CloseHandleEx(&send_tail_moved); + CloseHandleEx(&receive_tail_moved); return err; } @@ -1600,7 +1599,7 @@ Undo(undo_lists_t *lists) break; case undo_ring_buffer: - CloseRingBufferHandles(item->data); + UnmapRingBuffer(item->data); break; case _undo_type_max: