From patchwork Mon May 6 10:27:10 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 3700 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:83a3:b0:577:9287:30c5 with SMTP id e3csp1226421mat; Mon, 6 May 2024 03:28:14 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCV1JnbM1yinTUFdQvuzMWmze+GsVSQ2UiCP82UsqtktDxQM57j9STOgjksVExc1Gmwa+bU7YmJi/B6blVcF12j5c212ZvI= X-Google-Smtp-Source: AGHT+IGRt+laUxbIayNLqEBd+Dfr9VXmQK47tC8ZDuboE3n2C8/a/ZuGtGFvu9x6mhrga6ZUYYMb X-Received: by 2002:a17:903:2444:b0:1eb:5c40:55d7 with SMTP id l4-20020a170903244400b001eb5c4055d7mr12598577pls.0.1714991294269; Mon, 06 May 2024 03:28:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1714991294; cv=none; d=google.com; s=arc-20160816; b=yD97Vw3dMtF67d7abJ2NrTw+iZ+hvZtu4PfN5IJErnAluzJn1l7BLI1MA8wMfBEKlA 6/lWPqnYKL3+qLNJX04TEfZIgVY9S6redc0R4NfAt76vRHVY3dPbGd3AvtZSRn7aGPlk kE3WwQQOcjr63pyNFygdtL/BUtrExnFum5wCU44SOPKa3DTTmMRP5cKUGaRvDrhmpgyW e1JnZEBaiT2Lw7gM0t77yQtiP00d+4FAYpsP5yxBxrkvrr660ibfZzSn7wRWUeWKtTdV WJTigVEzroyG/WF277LRO3occ6wrjn9DnFR1zu0vtgI9WBOR30Qa85m32MxtbrqnlD6d z+ww== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature; bh=Ibu3EfulMcfp2oauL5WF2BJ0rEseEwdGpxkgCA+umhA=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=N+TZmE+JtS0+4krIPrf1NLLRxYCXovEFkpEoz1hFbUNhV9alca1PKGwBPTpo9pX1j+ kHYnRgsGn3i70D0YJJTJR/DlfKyzxMOY+RLqVUrWofaFlSVOv02x46Bpcy3qb21qvFKS KK1EhlU+FAEvVtpi52jbwUgzb2kZGiDCCfSOgliCSEZiEuLe6G9mw35WYK1+I10gc7wk UtsVt7DSnb/ivn3EcXfdxFqZPqOWq2XfBdehHV9CNkSxrrSOod+4nRqWqUHI5q5q96Mu IfQr98MerMWiVh0uEQ8ZgFDgePv4eXM8c9FFndCPCzz107y9AWUYS55ZGE+m+mriz4VK CSjw==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=aGgwSmvX; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=NkFXpnws; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id bf7-20020a170902b90700b001eb1c44f9desi7633262plb.461.2024.05.06.03.28.13 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 06 May 2024 03:28:14 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=aGgwSmvX; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=NkFXpnws; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1s3vZB-00083A-Nn; Mon, 06 May 2024 10:27:30 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1s3vZ9-000831-3h for openvpn-devel@lists.sourceforge.net; Mon, 06 May 2024 10:27:27 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=FpcT379pXVb2kq1Oax3o6TQIcjl4vZ9rwOUcAr0PlTo=; b=aGgwSmvXP86ph/s1UTSJJozq4S nWBf2mk9w/fSWyaatMBmgQiYtAYMbBr7pJ746+jTOosjtflAa442CWyB2lgCJnBzWsq4wX7uDltmG 2UU6MNEmxJYOdRodFcAlyxVgoJGwbqqGaVvOf0HsdpydR/B2gJR6KbZ0HymUz3MHs0rc=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=FpcT379pXVb2kq1Oax3o6TQIcjl4vZ9rwOUcAr0PlTo=; b=NkFXpnwsI9f8P6WJpSTCGXdQBN L0qECr+Tj6wQgslPPqh7Sq9jI4umnMFhg5tWPCI16ohQJUj808bJMrKgfeq8DpnrNtAMWFsdswdJQ G9UAQapuwmGHuEStZ1BA9DZIwuraKMbfLcS4ZU2iUBW8w2B8HzuvGoJyi64uucJCrPJI=; Received: from dhcp-174.greenie.muc.de ([193.149.48.174] helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1s3vZ5-0003ZP-Lr for openvpn-devel@lists.sourceforge.net; Mon, 06 May 2024 10:27:27 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.17.1.9/8.17.1.9) with ESMTP id 446ARBaj009031 for ; Mon, 6 May 2024 12:27:11 +0200 Received: (from gert@localhost) by blue.greenie.muc.de (8.17.1.9/8.17.1.9/Submit) id 446ARBjO009030 for openvpn-devel@lists.sourceforge.net; Mon, 6 May 2024 12:27:11 +0200 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Mon, 6 May 2024 12:27:10 +0200 Message-ID: <20240506102710.8976-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.43.2 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: -0.0 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Arne Schwabe Old Microsoft versions did strange behaviour but according to the newly added unit test and https://stackoverflow.com/questions/7706936/is-snprintf-always-null-terminating this is now standard conform [...] Content analysis details: (-0.0 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: openvpn.net] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1s3vZ5-0003ZP-Lr Subject: [Openvpn-devel] [PATCH v5] Remove openvpn_snprintf and similar functions X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1794481592878275347?= X-GMAIL-MSGID: =?utf-8?q?1798298711485230459?= From: Arne Schwabe Old Microsoft versions did strange behaviour but according to the newly added unit test and https://stackoverflow.com/questions/7706936/is-snprintf-always-null-terminating this is now standard conforming and we can use the normal snprintf method. Microsoft own documentation to swprintf also says you nowadays need to define _CRT_NON_CONFORMING_SWPRINTFS to get to non-standard behaviour. Change-Id: I07096977e3b562bcb5d2c6f11673a4175b8e12ac Signed-off-by: Arne Schwabe Acked-by: Frank Lichtenheld --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/547 This mail reflects revision 5 of this Change. Acked-by according to Gerrit (reflected above): Frank Lichtenheld diff --git a/src/openvpn/buffer.c b/src/openvpn/buffer.c index 66fd63f..3a8069c 100644 --- a/src/openvpn/buffer.c +++ b/src/openvpn/buffer.c @@ -279,32 +279,6 @@ return ret; } - -/* - * This is necessary due to certain buggy implementations of snprintf, - * that don't guarantee null termination for size > 0. - * - * Return false on overflow. - * - * This functionality is duplicated in src/openvpnserv/common.c - * Any modifications here should be done to the other place as well. - */ - -bool -openvpn_snprintf(char *str, size_t size, const char *format, ...) -{ - va_list arglist; - int len = -1; - if (size > 0) - { - va_start(arglist, format); - len = vsnprintf(str, size, format, arglist); - va_end(arglist); - str[size - 1] = 0; - } - return (len >= 0 && len < size); -} - /* * write a string to the end of a buffer that was * truncated by buf_printf diff --git a/src/openvpn/buffer.h b/src/openvpn/buffer.h index 7c2f75a..27c3199 100644 --- a/src/openvpn/buffer.h +++ b/src/openvpn/buffer.h @@ -448,19 +448,6 @@ */ bool buf_puts(struct buffer *buf, const char *str); -/* - * Like snprintf but guarantees null termination for size > 0 - */ -bool openvpn_snprintf(char *str, size_t size, const char *format, ...) -#ifdef __GNUC__ -#if __USE_MINGW_ANSI_STDIO -__attribute__ ((format(gnu_printf, 3, 4))) -#else -__attribute__ ((format(__printf__, 3, 4))) -#endif -#endif -; - /* * remove/add trailing characters diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c index 5d05cc4..207f145 100644 --- a/src/openvpn/crypto.c +++ b/src/openvpn/crypto.c @@ -874,11 +874,11 @@ key_direction_state_init(&kds, key_direction); - openvpn_snprintf(log_prefix, sizeof(log_prefix), "Outgoing %s", name); + snprintf(log_prefix, sizeof(log_prefix), "Outgoing %s", name); init_key_ctx(&ctx->encrypt, &key2->keys[kds.out_key], kt, OPENVPN_OP_ENCRYPT, log_prefix); - openvpn_snprintf(log_prefix, sizeof(log_prefix), "Incoming %s", name); + snprintf(log_prefix, sizeof(log_prefix), "Incoming %s", name); init_key_ctx(&ctx->decrypt, &key2->keys[kds.in_key], kt, OPENVPN_OP_DECRYPT, log_prefix); diff --git a/src/openvpn/crypto_mbedtls.c b/src/openvpn/crypto_mbedtls.c index c230292..32511f0 100644 --- a/src/openvpn/crypto_mbedtls.c +++ b/src/openvpn/crypto_mbedtls.c @@ -128,7 +128,7 @@ { char prefix[256]; - if (!openvpn_snprintf(prefix, sizeof(prefix), "%s:%d", func, line)) + if (!snprintf(prefix, sizeof(prefix), "%s:%d", func, line)) { return mbed_log_err(flags, errval, func); } @@ -239,11 +239,11 @@ char header[1000+1] = { 0 }; char footer[1000+1] = { 0 }; - if (!openvpn_snprintf(header, sizeof(header), "-----BEGIN %s-----\n", name)) + if (!snprintf(header, sizeof(header), "-----BEGIN %s-----\n", name)) { return false; } - if (!openvpn_snprintf(footer, sizeof(footer), "-----END %s-----\n", name)) + if (!snprintf(footer, sizeof(footer), "-----END %s-----\n", name)) { return false; } @@ -278,11 +278,11 @@ char header[1000+1] = { 0 }; char footer[1000+1] = { 0 }; - if (!openvpn_snprintf(header, sizeof(header), "-----BEGIN %s-----", name)) + if (!snprintf(header, sizeof(header), "-----BEGIN %s-----", name)) { return false; } - if (!openvpn_snprintf(footer, sizeof(footer), "-----END %s-----", name)) + if (!snprintf(footer, sizeof(footer), "-----END %s-----", name)) { return false; } diff --git a/src/openvpn/dns.c b/src/openvpn/dns.c index 7de3991..0539ca5 100644 --- a/src/openvpn/dns.c +++ b/src/openvpn/dns.c @@ -349,11 +349,11 @@ if (j < 0) { - name_ok = openvpn_snprintf(name, sizeof(name), format, i); + name_ok = snprintf(name, sizeof(name), format, i); } else { - name_ok = openvpn_snprintf(name, sizeof(name), format, i, j); + name_ok = snprintf(name, sizeof(name), format, i, j); } if (!name_ok) diff --git a/src/openvpn/env_set.c b/src/openvpn/env_set.c index b13d01e..81ab59e 100644 --- a/src/openvpn/env_set.c +++ b/src/openvpn/env_set.c @@ -259,7 +259,7 @@ setenv_counter(struct env_set *es, const char *name, counter_type value) { char buf[64]; - openvpn_snprintf(buf, sizeof(buf), counter_format, value); + snprintf(buf, sizeof(buf), counter_format, value); setenv_str(es, name, buf); } @@ -267,7 +267,7 @@ setenv_int(struct env_set *es, const char *name, int value) { char buf[64]; - openvpn_snprintf(buf, sizeof(buf), "%d", value); + snprintf(buf, sizeof(buf), "%d", value); setenv_str(es, name, buf); } @@ -275,7 +275,7 @@ setenv_long_long(struct env_set *es, const char *name, long long value) { char buf[64]; - openvpn_snprintf(buf, sizeof(buf), "%" PRIi64, (int64_t)value); + snprintf(buf, sizeof(buf), "%" PRIi64, (int64_t)value); setenv_str(es, name, buf); } @@ -310,7 +310,7 @@ strcpy(tmpname, name); while (NULL != env_set_get(es, tmpname) && counter < 1000) { - ASSERT(openvpn_snprintf(tmpname, tmpname_len, "%s_%u", name, counter)); + ASSERT(snprintf(tmpname, tmpname_len, "%s_%u", name, counter)); counter++; } if (counter < 1000) diff --git a/src/openvpn/error.c b/src/openvpn/error.c index 245a2d5..ec65d5e 100644 --- a/src/openvpn/error.c +++ b/src/openvpn/error.c @@ -274,14 +274,14 @@ if ((flags & M_ERRNO) && e) { - openvpn_snprintf(m2, ERR_BUF_SIZE, "%s: %s (errno=%d)", - m1, openvpn_strerror(e, crt_error, &gc), e); + snprintf(m2, ERR_BUF_SIZE, "%s: %s (errno=%d)", + m1, openvpn_strerror(e, crt_error, &gc), e); SWAP; } if (flags & M_OPTERR) { - openvpn_snprintf(m2, ERR_BUF_SIZE, "Options error: %s", m1); + snprintf(m2, ERR_BUF_SIZE, "Options error: %s", m1); SWAP; } @@ -321,10 +321,10 @@ const struct virtual_output *vo = msg_get_virtual_output(); if (vo) { - openvpn_snprintf(m2, ERR_BUF_SIZE, "%s%s%s", - prefix, - prefix_sep, - m1); + snprintf(m2, ERR_BUF_SIZE, "%s%s%s", + prefix, + prefix_sep, + m1); virtual_output_print(vo, flags, m2); } } diff --git a/src/openvpn/init.c b/src/openvpn/init.c index e67f10e..ec0c309 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -359,7 +359,7 @@ char *out = malloc(len); check_malloc_return(out); - openvpn_snprintf(out, len, "%s,%s,%s,%s", ce->remote, ce->remote_port, proto, status); + snprintf(out, len, "%s,%s,%s,%s", ce->remote, ce->remote_port, proto, status); *remote = out; } else diff --git a/src/openvpn/manage.c b/src/openvpn/manage.c index 43c5507..89591ea 100644 --- a/src/openvpn/manage.c +++ b/src/openvpn/manage.c @@ -515,8 +515,8 @@ char out[32]; /* do in a roundabout way to work around possible mingw or mingw-glibc bug */ - openvpn_snprintf(in, sizeof(in), counter_format, man->persist.bytes_in + dco_read_bytes); - openvpn_snprintf(out, sizeof(out), counter_format, man->persist.bytes_out + dco_write_bytes); + snprintf(in, sizeof(in), counter_format, man->persist.bytes_in + dco_read_bytes); + snprintf(out, sizeof(out), counter_format, man->persist.bytes_out + dco_write_bytes); msg(M_CLIENT, ">BYTECOUNT:%s,%s", in, out); } @@ -528,8 +528,8 @@ char in[32]; char out[32]; /* do in a roundabout way to work around possible mingw or mingw-glibc bug */ - openvpn_snprintf(in, sizeof(in), counter_format, *bytes_in_total); - openvpn_snprintf(out, sizeof(out), counter_format, *bytes_out_total); + snprintf(in, sizeof(in), counter_format, *bytes_in_total); + snprintf(out, sizeof(out), counter_format, *bytes_out_total); msg(M_CLIENT, ">BYTECOUNT_CLI:%lu,%s,%s", mdac->cid, in, out); mdac->bytecount_last_update = now; } diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 07387cd..abcde89 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -1427,7 +1427,7 @@ for (int i = 1; i <= opt_max; ++i) { char name[32]; - openvpn_snprintf(name, sizeof(name), "foreign_option_%d", i); + snprintf(name, sizeof(name), "foreign_option_%d", i); const char *env_str = env_set_get(es, name); const char *value = strchr(env_str, '=') + 1; @@ -1482,7 +1482,7 @@ while (o->foreign_option_index < opt_max) { char name[32]; - openvpn_snprintf(name, sizeof(name), "foreign_option_%d", opt_max--); + snprintf(name, sizeof(name), "foreign_option_%d", opt_max--); setenv_del(es, name); } } @@ -5674,8 +5674,8 @@ #ifndef ENABLE_SMALL { char script_name[100]; - openvpn_snprintf(script_name, sizeof(script_name), - "--%s script", type); + snprintf(script_name, sizeof(script_name), + "--%s script", type); if (check_cmd_access(*script, script_name, (in_chroot ? options->chroot_dir : NULL))) { diff --git a/src/openvpn/pkcs11.c b/src/openvpn/pkcs11.c index 35a02c2..418f6bb 100644 --- a/src/openvpn/pkcs11.c +++ b/src/openvpn/pkcs11.c @@ -201,7 +201,7 @@ CLEAR(token_resp); token_resp.defined = false; token_resp.nocache = true; - openvpn_snprintf( + snprintf( token_resp.username, sizeof(token_resp.username), "Please insert %s token", @@ -245,7 +245,7 @@ ASSERT(token!=NULL); - openvpn_snprintf(prompt, sizeof(prompt), "%s token", token->label); + snprintf(prompt, sizeof(prompt), "%s token", token->label); token_pass.defined = false; token_pass.nocache = true; @@ -719,7 +719,7 @@ id_resp.defined = false; id_resp.nocache = true; - openvpn_snprintf( + snprintf( id_resp.username, sizeof(id_resp.username), "Please specify PKCS#11 id to use" diff --git a/src/openvpn/platform.c b/src/openvpn/platform.c index 9853dac..3d9d59e 100644 --- a/src/openvpn/platform.c +++ b/src/openvpn/platform.c @@ -564,9 +564,9 @@ { ++attempts; - if (!openvpn_snprintf(fname, sizeof(fname), fname_fmt, max_prefix_len, - prefix, (unsigned long) get_random(), - (unsigned long) get_random())) + if (!snprintf(fname, sizeof(fname), fname_fmt, max_prefix_len, + prefix, (unsigned long) get_random(), + (unsigned long) get_random())) { msg(M_WARN, "ERROR: temporary filename too long"); return NULL; diff --git a/src/openvpn/plugin.c b/src/openvpn/plugin.c index 2ad459c..944ce94 100644 --- a/src/openvpn/plugin.c +++ b/src/openvpn/plugin.c @@ -260,7 +260,7 @@ { char full[PATH_MAX]; - openvpn_snprintf(full, sizeof(full), "%s/%s", PLUGIN_LIBDIR, p->so_pathname); + snprintf(full, sizeof(full), "%s/%s", PLUGIN_LIBDIR, p->so_pathname); p->handle = dlopen(full, RTLD_NOW); } else @@ -409,7 +409,7 @@ gc_init(&gc); msg_fmt = gc_malloc(ERR_BUF_SIZE, false, &gc); - openvpn_snprintf(msg_fmt, ERR_BUF_SIZE, "PLUGIN %s: %s", name, format); + snprintf(msg_fmt, ERR_BUF_SIZE, "PLUGIN %s: %s", name, format); x_msg_va(msg_flags, msg_fmt, arglist); gc_free(&gc); diff --git a/src/openvpn/pool.c b/src/openvpn/pool.c index f706c1a..e3c3708 100644 --- a/src/openvpn/pool.c +++ b/src/openvpn/pool.c @@ -766,7 +766,7 @@ ifconfig_pool_handle h; in_addr_t local, remote; char buf[256]; - openvpn_snprintf(buf, sizeof(buf), "common-name-%d", i); + snprintf(buf, sizeof(buf), "common-name-%d", i); #ifdef DUP_CN cn = NULL; #else diff --git a/src/openvpn/proxy.c b/src/openvpn/proxy.c index 5c1cdcb..ba3d87c 100644 --- a/src/openvpn/proxy.c +++ b/src/openvpn/proxy.c @@ -582,9 +582,9 @@ { if (p->options.custom_headers[i].content) { - openvpn_snprintf(buf, sizeof(buf), "%s: %s", - p->options.custom_headers[i].name, - p->options.custom_headers[i].content); + snprintf(buf, sizeof(buf), "%s: %s", + p->options.custom_headers[i].name, + p->options.custom_headers[i].content); if (!strcasecmp(p->options.custom_headers[i].name, "Host")) { host_header_sent = true; @@ -592,8 +592,8 @@ } else { - openvpn_snprintf(buf, sizeof(buf), "%s", - p->options.custom_headers[i].name); + snprintf(buf, sizeof(buf), "%s", + p->options.custom_headers[i].name); if (!strncasecmp(p->options.custom_headers[i].name, "Host:", 5)) { host_header_sent = true; @@ -609,7 +609,7 @@ if (!host_header_sent) { - openvpn_snprintf(buf, sizeof(buf), "Host: %s", host); + snprintf(buf, sizeof(buf), "Host: %s", host); msg(D_PROXY, "Send to HTTP proxy: '%s'", buf); if (!send_line_crlf(sd, buf)) { @@ -620,8 +620,8 @@ /* send User-Agent string if provided */ if (p->options.user_agent) { - openvpn_snprintf(buf, sizeof(buf), "User-Agent: %s", - p->options.user_agent); + snprintf(buf, sizeof(buf), "User-Agent: %s", + p->options.user_agent); msg(D_PROXY, "Send to HTTP proxy: '%s'", buf); if (!send_line_crlf(sd, buf)) { @@ -667,10 +667,10 @@ else { /* format HTTP CONNECT message */ - openvpn_snprintf(buf, sizeof(buf), "CONNECT %s:%s HTTP/%s", - host, - port, - p->options.http_version); + snprintf(buf, sizeof(buf), "CONNECT %s:%s HTTP/%s", + host, + port, + p->options.http_version); msg(D_PROXY, "Send to HTTP proxy: '%s'", buf); @@ -692,8 +692,8 @@ break; case HTTP_AUTH_BASIC: - openvpn_snprintf(buf, sizeof(buf), "Proxy-Authorization: Basic %s", - username_password_as_base64(p, &gc)); + snprintf(buf, sizeof(buf), "Proxy-Authorization: Basic %s", + username_password_as_base64(p, &gc)); msg(D_PROXY, "Attempting Basic Proxy-Authorization"); dmsg(D_SHOW_KEYS, "Send to HTTP proxy: '%s'", buf); if (!send_line_crlf(sd, buf)) @@ -705,14 +705,14 @@ #if NTLM case HTTP_AUTH_NTLM2: /* keep-alive connection */ - openvpn_snprintf(buf, sizeof(buf), "Proxy-Connection: Keep-Alive"); + snprintf(buf, sizeof(buf), "Proxy-Connection: Keep-Alive"); if (!send_line_crlf(sd, buf)) { goto error; } - openvpn_snprintf(buf, sizeof(buf), "Proxy-Authorization: NTLM %s", - ntlm_phase_1(p, &gc)); + snprintf(buf, sizeof(buf), "Proxy-Authorization: NTLM %s", + ntlm_phase_1(p, &gc)); msg(D_PROXY, "Attempting NTLM Proxy-Authorization phase 1"); dmsg(D_SHOW_KEYS, "Send to HTTP proxy: '%s'", buf); if (!send_line_crlf(sd, buf)) @@ -773,7 +773,7 @@ char get[80]; CLEAR(buf2); - openvpn_snprintf(get, sizeof(get), "%%*s NTLM %%%zus", sizeof(buf2) - 1); + snprintf(get, sizeof(get), "%%*s NTLM %%%zus", sizeof(buf2) - 1); nparms = sscanf(buf, get, buf2); /* check for "Proxy-Authenticate: NTLM TlRM..." */ @@ -795,10 +795,10 @@ /* now send the phase 3 reply */ /* format HTTP CONNECT message */ - openvpn_snprintf(buf, sizeof(buf), "CONNECT %s:%s HTTP/%s", - host, - port, - p->options.http_version); + snprintf(buf, sizeof(buf), "CONNECT %s:%s HTTP/%s", + host, + port, + p->options.http_version); msg(D_PROXY, "Send to HTTP proxy: '%s'", buf); @@ -809,7 +809,7 @@ } /* keep-alive connection */ - openvpn_snprintf(buf, sizeof(buf), "Proxy-Connection: Keep-Alive"); + snprintf(buf, sizeof(buf), "Proxy-Connection: Keep-Alive"); if (!send_line_crlf(sd, buf)) { goto error; @@ -829,7 +829,7 @@ msg(D_PROXY, "NTLM Proxy-Authorization phase 3 failed: received corrupted data from proxy server"); goto error; } - openvpn_snprintf(buf, sizeof(buf), "Proxy-Authorization: NTLM %s", np3); + snprintf(buf, sizeof(buf), "Proxy-Authorization: NTLM %s", np3); } msg(D_PROXY, "Send to HTTP proxy: '%s'", buf); @@ -899,15 +899,15 @@ /* build the digest response */ - openvpn_snprintf(uri, sizeof(uri), "%s:%s", - host, - port); + snprintf(uri, sizeof(uri), "%s:%s", + host, + port); if (opaque) { const int len = strlen(opaque)+16; opaque_kv = gc_malloc(len, false, &gc); - openvpn_snprintf(opaque_kv, len, ", opaque=\"%s\"", opaque); + snprintf(opaque_kv, len, ", opaque=\"%s\"", opaque); } DigestCalcHA1(algor, @@ -928,10 +928,10 @@ response); /* format HTTP CONNECT message */ - openvpn_snprintf(buf, sizeof(buf), "%s %s HTTP/%s", - http_method, - uri, - p->options.http_version); + snprintf(buf, sizeof(buf), "%s %s HTTP/%s", + http_method, + uri, + p->options.http_version); msg(D_PROXY, "Send to HTTP proxy: '%s'", buf); @@ -948,21 +948,22 @@ } /* send digest response */ - int sret = openvpn_snprintf(buf, sizeof(buf), "Proxy-Authorization: Digest username=\"%s\", realm=\"%s\", nonce=\"%s\", uri=\"%s\", qop=%s, nc=%s, cnonce=\"%s\", response=\"%s\"%s", - username, - realm, - nonce, - uri, - qop, - nonce_count, - cnonce, - response, - opaque_kv - ); + int sret = snprintf(buf, sizeof(buf), "Proxy-Authorization: Digest username=\"%s\", realm=\"%s\", nonce=\"%s\", uri=\"%s\", qop=%s, nc=%s, cnonce=\"%s\", response=\"%s\"%s", + username, + realm, + nonce, + uri, + qop, + nonce_count, + cnonce, + response, + opaque_kv + ); if (sret >= sizeof(buf)) { goto error; } + msg(D_PROXY, "Send to HTTP proxy: '%s'", buf); if (!send_line_crlf(sd, buf)) { diff --git a/src/openvpn/ps.c b/src/openvpn/ps.c index 7d9f9b5..4ca3a12 100644 --- a/src/openvpn/ps.c +++ b/src/openvpn/ps.c @@ -354,7 +354,7 @@ fnlen = strlen(journal_dir) + strlen(t) + 2; jfn = (char *) malloc(fnlen); check_malloc_return(jfn); - openvpn_snprintf(jfn, fnlen, "%s/%s", journal_dir, t); + snprintf(jfn, fnlen, "%s/%s", journal_dir, t); dmsg(D_PS_PROXY_DEBUG, "PORT SHARE PROXY: client origin %s -> %s", jfn, f); fd = platform_open(jfn, O_CREAT | O_TRUNC | O_WRONLY, S_IRUSR | S_IWUSR | S_IRGRP); if (fd != -1) diff --git a/src/openvpn/route.c b/src/openvpn/route.c index 909d6d2..68bbcfd 100644 --- a/src/openvpn/route.c +++ b/src/openvpn/route.c @@ -1621,11 +1621,11 @@ if (rgi) { - openvpn_snprintf(out, sizeof(out), "%s %s %s dev %s", network, netmask, gateway, rgi->iface); + snprintf(out, sizeof(out), "%s %s %s dev %s", network, netmask, gateway, rgi->iface); } else { - openvpn_snprintf(out, sizeof(out), "%s %s %s", network, netmask, gateway); + snprintf(out, sizeof(out), "%s %s %s", network, netmask, gateway); } bool ret = management_android_control(management, "ROUTE", out); status = ret ? RTA_SUCCESS : RTA_ERROR; @@ -2000,7 +2000,7 @@ #elif defined (TARGET_ANDROID) char out[64]; - openvpn_snprintf(out, sizeof(out), "%s/%d %s", network, r6->netbits, device); + snprintf(out, sizeof(out), "%s/%d %s", network, r6->netbits, device); status = management_android_control(management, "ROUTE6", out); diff --git a/src/openvpn/run_command.h b/src/openvpn/run_command.h index 52ab115..ccad307 100644 --- a/src/openvpn/run_command.h +++ b/src/openvpn/run_command.h @@ -66,8 +66,8 @@ { char msg[256]; - openvpn_snprintf(msg, sizeof(msg), - "WARNING: Failed running command (%s)", hook); + snprintf(msg, sizeof(msg), + "WARNING: Failed running command (%s)", hook); return openvpn_execve_check(a, es, flags | S_SCRIPT, msg); } diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c index d2b82d5..24d1276 100644 --- a/src/openvpn/socket.c +++ b/src/openvpn/socket.c @@ -2983,11 +2983,11 @@ case AF_INET: if (flags & SA_IP_PORT) { - openvpn_snprintf(name_buf, sizeof(name_buf), "%s_ip", name_prefix); + snprintf(name_buf, sizeof(name_buf), "%s_ip", name_prefix); } else { - openvpn_snprintf(name_buf, sizeof(name_buf), "%s", name_prefix); + snprintf(name_buf, sizeof(name_buf), "%s", name_prefix); } inet_ntop(AF_INET, &addr->addr.in4.sin_addr, buf, sizeof(buf)); @@ -2995,7 +2995,7 @@ if ((flags & SA_IP_PORT) && addr->addr.in4.sin_port) { - openvpn_snprintf(name_buf, sizeof(name_buf), "%s_port", name_prefix); + snprintf(name_buf, sizeof(name_buf), "%s_port", name_prefix); setenv_int(es, name_buf, ntohs(addr->addr.in4.sin_port)); } break; @@ -3006,19 +3006,19 @@ struct in_addr ia; memcpy(&ia.s_addr, &addr->addr.in6.sin6_addr.s6_addr[12], sizeof(ia.s_addr)); - openvpn_snprintf(name_buf, sizeof(name_buf), "%s_ip", name_prefix); + snprintf(name_buf, sizeof(name_buf), "%s_ip", name_prefix); inet_ntop(AF_INET, &ia, buf, sizeof(buf)); } else { - openvpn_snprintf(name_buf, sizeof(name_buf), "%s_ip6", name_prefix); + snprintf(name_buf, sizeof(name_buf), "%s_ip6", name_prefix); inet_ntop(AF_INET6, &addr->addr.in6.sin6_addr, buf, sizeof(buf)); } setenv_str(es, name_buf, buf); if ((flags & SA_IP_PORT) && addr->addr.in6.sin6_port) { - openvpn_snprintf(name_buf, sizeof(name_buf), "%s_port", name_prefix); + snprintf(name_buf, sizeof(name_buf), "%s_port", name_prefix); setenv_int(es, name_buf, ntohs(addr->addr.in6.sin6_port)); } break; diff --git a/src/openvpn/socks.c b/src/openvpn/socks.c index b046910..8b8c01a 100644 --- a/src/openvpn/socks.c +++ b/src/openvpn/socks.c @@ -109,9 +109,10 @@ "Authentication not possible."); goto cleanup; } - int sret = openvpn_snprintf(to_send, sizeof(to_send), "\x01%c%s%c%s", - (int) strlen(creds.username), creds.username, - (int) strlen(creds.password), creds.password); + + int sret = snprintf(to_send, sizeof(to_send), "\x01%c%s%c%s", + (int) strlen(creds.username), creds.username, + (int) strlen(creds.password), creds.password); ASSERT(sret <= sizeof(to_send)); size = send(sd, to_send, strlen(to_send), MSG_NOSIGNAL); diff --git a/src/openvpn/ssl_mbedtls.c b/src/openvpn/ssl_mbedtls.c index 0730d25..b0303b6 100644 --- a/src/openvpn/ssl_mbedtls.c +++ b/src/openvpn/ssl_mbedtls.c @@ -1531,16 +1531,16 @@ char s2[256]; s1[0] = s2[0] = 0; - openvpn_snprintf(s1, sizeof(s1), "%s %s, cipher %s", - prefix, - mbedtls_ssl_get_version(ks_ssl->ctx), - mbedtls_ssl_get_ciphersuite(ks_ssl->ctx)); + snprintf(s1, sizeof(s1), "%s %s, cipher %s", + prefix, + mbedtls_ssl_get_version(ks_ssl->ctx), + mbedtls_ssl_get_ciphersuite(ks_ssl->ctx)); cert = mbedtls_ssl_get_peer_cert(ks_ssl->ctx); if (cert != NULL) { - openvpn_snprintf(s2, sizeof(s2), ", %u bit key", - (unsigned int) mbedtls_pk_get_bitlen(&cert->pk)); + snprintf(s2, sizeof(s2), ", %u bit key", + (unsigned int) mbedtls_pk_get_bitlen(&cert->pk)); } msg(D_HANDSHAKE, "%s%s", s1, s2); diff --git a/src/openvpn/ssl_ncp.c b/src/openvpn/ssl_ncp.c index 73ec9f5..968858e 100644 --- a/src/openvpn/ssl_ncp.c +++ b/src/openvpn/ssl_ncp.c @@ -198,8 +198,8 @@ size_t newlen = strlen(o->ncp_ciphers) + 1 + strlen(ciphername) + 1; char *ncp_ciphers = gc_malloc(newlen, false, &o->gc); - ASSERT(openvpn_snprintf(ncp_ciphers, newlen, "%s:%s", o->ncp_ciphers, - ciphername)); + ASSERT(snprintf(ncp_ciphers, newlen, "%s:%s", o->ncp_ciphers, + ciphername)); o->ncp_ciphers = ncp_ciphers; } diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c index a158617..6efef4f 100644 --- a/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c @@ -1774,7 +1774,7 @@ if (!biofp) { char fn[256]; - openvpn_snprintf(fn, sizeof(fn), "bio/%d-%d.log", pid, biofp_toggle); + snprintf(fn, sizeof(fn), "bio/%d-%d.log", pid, biofp_toggle); biofp = fopen(fn, "w"); ASSERT(biofp); biofp_last_open = time(NULL); @@ -2116,8 +2116,8 @@ #endif /* if OPENSSL_VERSION_NUMBER < 0x30000000L */ } - openvpn_snprintf(buf, buflen, "%d bits %s%s", - EVP_PKEY_bits(pkey), type, curve); + snprintf(buf, buflen, "%d bits %s%s", + EVP_PKEY_bits(pkey), type, curve); } /** @@ -2137,12 +2137,12 @@ int signature_nid = X509_get_signature_nid(cert); if (signature_nid != 0) { - openvpn_snprintf(sig, sizeof(sig), ", signature: %s", - OBJ_nid2sn(signature_nid)); + snprintf(sig, sizeof(sig), ", signature: %s", + OBJ_nid2sn(signature_nid)); } - openvpn_snprintf(buf, buflen, ", peer certificate: %s%s", - pkeybuf, sig); + snprintf(buf, buflen, ", peer certificate: %s%s", + pkeybuf, sig); EVP_PKEY_free(pkey); } @@ -2160,8 +2160,8 @@ char pkeybuf[128] = { 0 }; print_pkey_details(pkey, pkeybuf, sizeof(pkeybuf)); - openvpn_snprintf(buf, buflen, ", peer temporary key: %s", - pkeybuf); + snprintf(buf, buflen, ", peer temporary key: %s", + pkeybuf); EVP_PKEY_free(pkey); } @@ -2238,8 +2238,8 @@ return; } - openvpn_snprintf(buf, buflen, ", peer signing digest/type: %s %s", - peer_sig, peer_sig_type); + snprintf(buf, buflen, ", peer signing digest/type: %s %s", + peer_sig, peer_sig_type); } @@ -2262,11 +2262,11 @@ s1[0] = s2[0] = s3[0] = s4[0] = 0; ciph = SSL_get_current_cipher(ks_ssl->ssl); - openvpn_snprintf(s1, sizeof(s1), "%s %s, cipher %s %s", - prefix, - SSL_get_version(ks_ssl->ssl), - SSL_CIPHER_get_version(ciph), - SSL_CIPHER_get_name(ciph)); + snprintf(s1, sizeof(s1), "%s %s, cipher %s %s", + prefix, + SSL_get_version(ks_ssl->ssl), + SSL_CIPHER_get_version(ciph), + SSL_CIPHER_get_name(ciph)); X509 *cert = SSL_get_peer_certificate(ks_ssl->ssl); if (cert) diff --git a/src/openvpn/ssl_verify.c b/src/openvpn/ssl_verify.c index 930769b..934ff8d 100644 --- a/src/openvpn/ssl_verify.c +++ b/src/openvpn/ssl_verify.c @@ -421,12 +421,12 @@ } /* export subject name string as environmental variable */ - openvpn_snprintf(envname, sizeof(envname), "tls_id_%d", cert_depth); + snprintf(envname, sizeof(envname), "tls_id_%d", cert_depth); setenv_str(es, envname, subject); #if 0 /* export common name string as environmental variable */ - openvpn_snprintf(envname, sizeof(envname), "tls_common_name_%d", cert_depth); + snprintf(envname, sizeof(envname), "tls_common_name_%d", cert_depth); setenv_str(es, envname, common_name); #endif @@ -435,24 +435,24 @@ struct buffer sha1 = x509_get_sha1_fingerprint(peer_cert, &gc); struct buffer sha256 = x509_get_sha256_fingerprint(peer_cert, &gc); - openvpn_snprintf(envname, sizeof(envname), "tls_digest_%d", cert_depth); + snprintf(envname, sizeof(envname), "tls_digest_%d", cert_depth); setenv_str(es, envname, format_hex_ex(BPTR(&sha1), BLEN(&sha1), 0, 1, ":", &gc)); - openvpn_snprintf(envname, sizeof(envname), "tls_digest_sha256_%d", - cert_depth); + snprintf(envname, sizeof(envname), "tls_digest_sha256_%d", + cert_depth); setenv_str(es, envname, format_hex_ex(BPTR(&sha256), BLEN(&sha256), 0, 1, ":", &gc)); } /* export serial number as environmental variable */ serial = backend_x509_get_serial(peer_cert, &gc); - openvpn_snprintf(envname, sizeof(envname), "tls_serial_%d", cert_depth); + snprintf(envname, sizeof(envname), "tls_serial_%d", cert_depth); setenv_str(es, envname, serial); /* export serial number in hex as environmental variable */ serial = backend_x509_get_serial_hex(peer_cert, &gc); - openvpn_snprintf(envname, sizeof(envname), "tls_serial_hex_%d", cert_depth); + snprintf(envname, sizeof(envname), "tls_serial_hex_%d", cert_depth); setenv_str(es, envname, serial); gc_free(&gc); @@ -569,7 +569,7 @@ goto cleanup; } - if (!openvpn_snprintf(fn, sizeof(fn), "%s%c%s", crl_dir, PATH_SEPARATOR, serial)) + if (!snprintf(fn, sizeof(fn), "%s%c%s", crl_dir, PATH_SEPARATOR, serial)) { msg(D_HANDSHAKE, "VERIFY CRL: filename overflow"); goto cleanup; @@ -938,9 +938,9 @@ if (!check_auth_pending_method(multi->peer_info, pending_method)) { char buf[128]; - openvpn_snprintf(buf, sizeof(buf), - "Authentication failed, required pending auth " - "method '%s' not supported", pending_method); + snprintf(buf, sizeof(buf), + "Authentication failed, required pending auth " + "method '%s' not supported", pending_method); auth_set_client_reason(multi, buf); msg(M_INFO, "Client does not supported auth pending method " "'%s'", pending_method); diff --git a/src/openvpn/ssl_verify_mbedtls.c b/src/openvpn/ssl_verify_mbedtls.c index a801cd3..ca14ceb 100644 --- a/src/openvpn/ssl_verify_mbedtls.c +++ b/src/openvpn/ssl_verify_mbedtls.c @@ -86,8 +86,8 @@ char *serial = backend_x509_get_serial(cert, &gc); ret = mbedtls_x509_crt_verify_info(errstr, sizeof(errstr)-1, "", *flags); - if (ret <= 0 && !openvpn_snprintf(errstr, sizeof(errstr), - "Could not retrieve error string, flags=%" PRIx32, *flags)) + if (ret <= 0 && !snprintf(errstr, sizeof(errstr), + "Could not retrieve error string, flags=%" PRIx32, *flags)) { errstr[0] = '\0'; } @@ -307,7 +307,7 @@ name_expand_size = 64 + strlen(name); name_expand = (char *) malloc(name_expand_size); check_malloc_return(name_expand); - openvpn_snprintf(name_expand, name_expand_size, "X509_%d_%s", depth, name); + snprintf(name_expand, name_expand_size, "X509_%d_%s", depth, name); setenv_str(es, name_expand, value); free(name_expand); } @@ -431,13 +431,13 @@ if (0 == mbedtls_oid_get_attr_short_name(&name->oid, &shortname) ) { - openvpn_snprintf(name_expand, sizeof(name_expand), "X509_%d_%s", - cert_depth, shortname); + snprintf(name_expand, sizeof(name_expand), "X509_%d_%s", + cert_depth, shortname); } else { - openvpn_snprintf(name_expand, sizeof(name_expand), "X509_%d_\?\?", - cert_depth); + snprintf(name_expand, sizeof(name_expand), "X509_%d_\?\?", + cert_depth); } for (i = 0; i < name->val.len; i++) diff --git a/src/openvpn/ssl_verify_openssl.c b/src/openvpn/ssl_verify_openssl.c index ec3a7cf..7d41d4a 100644 --- a/src/openvpn/ssl_verify_openssl.c +++ b/src/openvpn/ssl_verify_openssl.c @@ -279,7 +279,7 @@ gc_free(&gc); return FAILURE; } - openvpn_snprintf(common_name, cn_len, "0x%s", serial); + snprintf(common_name, cn_len, "0x%s", serial); gc_free(&gc); } else @@ -454,7 +454,7 @@ name_expand_size = 64 + strlen(name); name_expand = (char *) malloc(name_expand_size); check_malloc_return(name_expand); - openvpn_snprintf(name_expand, name_expand_size, "X509_%d_%s", depth, name); + snprintf(name_expand, name_expand_size, "X509_%d_%s", depth, name); setenv_str(es, name_expand, value); free(name_expand); } @@ -597,8 +597,8 @@ name_expand_size = 64 + strlen(objbuf); name_expand = (char *) malloc(name_expand_size); check_malloc_return(name_expand); - openvpn_snprintf(name_expand, name_expand_size, "X509_%d_%s", cert_depth, - objbuf); + snprintf(name_expand, name_expand_size, "X509_%d_%s", cert_depth, + objbuf); string_mod(name_expand, CC_PRINT, CC_CRLF, '_'); string_mod((char *)buf, CC_PRINT, CC_CRLF, '_'); setenv_str_incr(es, name_expand, (char *)buf); diff --git a/src/openvpn/tls_crypt.c b/src/openvpn/tls_crypt.c index 6ef1c7d..90fe6e9 100644 --- a/src/openvpn/tls_crypt.c +++ b/src/openvpn/tls_crypt.c @@ -574,8 +574,8 @@ } char metadata_type_str[4] = { 0 }; /* Max value: 255 */ - openvpn_snprintf(metadata_type_str, sizeof(metadata_type_str), - "%i", (uint8_t) metadata_type); + snprintf(metadata_type_str, sizeof(metadata_type_str), + "%i", (uint8_t) metadata_type); struct env_set *es = env_set_create(NULL); setenv_str(es, "script_type", "tls-crypt-v2-verify"); setenv_str(es, "metadata_type", metadata_type_str); diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index f550e9c..d01515d 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -1114,8 +1114,8 @@ #elif defined(TARGET_ANDROID) char out6[64]; - openvpn_snprintf(out6, sizeof(out6), "%s/%d %d", - ifconfig_ipv6_local, tt->netbits_ipv6, tun_mtu); + snprintf(out6, sizeof(out6), "%s/%d %d", + ifconfig_ipv6_local, tt->netbits_ipv6, tun_mtu); management_android_control(management, "IFCONFIG6", out6); #elif defined(TARGET_SOLARIS) argv_printf(&argv, "%s %s inet6 unplumb", IFCONFIG_PATH, ifname); @@ -1362,8 +1362,8 @@ top = "undef"; } - openvpn_snprintf(out, sizeof(out), "%s %s %d %s", ifconfig_local, - ifconfig_remote_netmask, tun_mtu, top); + snprintf(out, sizeof(out), "%s %s %d %s", ifconfig_local, + ifconfig_remote_netmask, tun_mtu, top); management_android_control(management, "IFCONFIG", out); #elif defined(TARGET_SOLARIS) @@ -1912,7 +1912,7 @@ */ if (dev_node) { - openvpn_snprintf(tunname, sizeof(tunname), "%s", dev_node); + snprintf(tunname, sizeof(tunname), "%s", dev_node); } else { @@ -1926,10 +1926,10 @@ { for (int i = 0; i < 256; ++i) { - openvpn_snprintf(tunname, sizeof(tunname), - "/dev/%s%d", dev, i); - openvpn_snprintf(dynamic_name, sizeof(dynamic_name), - "%s%d", dev, i); + snprintf(tunname, sizeof(tunname), + "/dev/%s%d", dev, i); + snprintf(dynamic_name, sizeof(dynamic_name), + "%s%d", dev, i); if ((tt->fd = open(tunname, O_RDWR)) > 0) { dynamic_opened = true; @@ -1947,7 +1947,7 @@ */ else { - openvpn_snprintf(tunname, sizeof(tunname), "/dev/%s", dev); + snprintf(tunname, sizeof(tunname), "/dev/%s", dev); } } @@ -2002,8 +2002,8 @@ { for (int i = 0; i < 256; ++i) { - openvpn_snprintf(dynamic_name, sizeof(dynamic_name), - "%s%d", dev, i); + snprintf(dynamic_name, sizeof(dynamic_name), + "%s%d", dev, i); int ret = open_tun_dco(tt, ctx, dynamic_name); if (ret == 0) { @@ -2519,7 +2519,7 @@ tt->actual_name = (char *) malloc(32); check_malloc_return(tt->actual_name); - openvpn_snprintf(tt->actual_name, 32, "%s%d", dev_tuntap_type, ppa); + snprintf(tt->actual_name, 32, "%s%d", dev_tuntap_type, ppa); if (tt->type == DEV_TYPE_TAP) { @@ -3509,7 +3509,7 @@ int i; for (i = 0; i<99; i++) { - openvpn_snprintf(tunname, sizeof(tunname), "/dev/tap%d", i); + snprintf(tunname, sizeof(tunname), "/dev/tap%d", i); if (access( tunname, F_OK ) < 0 && errno == ENOENT) { break; @@ -3520,7 +3520,7 @@ msg( M_FATAL, "cannot find unused tap device" ); } - openvpn_snprintf( dynamic_name, sizeof(dynamic_name), "tap%d", i ); + snprintf( dynamic_name, sizeof(dynamic_name), "tap%d", i ); dev = dynamic_name; } else /* name given, sanity check */ @@ -3536,7 +3536,7 @@ msg( M_FATAL, "TAP device name must be '--dev tapNNNN'" ); } - openvpn_snprintf(tunname, sizeof(tunname), "/dev/%s", dev); + snprintf(tunname, sizeof(tunname), "/dev/%s", dev); } /* pre-existing device? @@ -3956,8 +3956,8 @@ ADAPTER_KEY); } - openvpn_snprintf(unit_string, sizeof(unit_string), "%s\\%s", - ADAPTER_KEY, enum_name); + snprintf(unit_string, sizeof(unit_string), "%s\\%s", + ADAPTER_KEY, enum_name); status = RegOpenKeyEx( HKEY_LOCAL_MACHINE, @@ -4098,9 +4098,9 @@ NETWORK_CONNECTIONS_KEY); } - openvpn_snprintf(connection_string, sizeof(connection_string), - "%s\\%s\\Connection", - NETWORK_CONNECTIONS_KEY, enum_name); + snprintf(connection_string, sizeof(connection_string), + "%s\\%s\\Connection", + NETWORK_CONNECTIONS_KEY, enum_name); status = RegOpenKeyEx( HKEY_LOCAL_MACHINE, @@ -4984,7 +4984,7 @@ DWORD index; ULONG aindex; wchar_t wbuf[256]; - openvpn_swprintf(wbuf, SIZE(wbuf), L"\\DEVICE\\TCPIP_%hs", guid); + swprintf(wbuf, SIZE(wbuf), L"\\DEVICE\\TCPIP_%hs", guid); if (GetAdapterIndex(wbuf, &aindex) != NO_ERROR) { index = TUN_ADAPTER_INDEX_INVALID; @@ -5164,10 +5164,10 @@ } /* Open Windows TAP-Windows adapter */ - openvpn_snprintf(device_path, sizeof(device_path), "%s%s%s", - USERMODEDEVICEDIR, - device_guid, - TAP_WIN_SUFFIX); + snprintf(device_path, sizeof(device_path), "%s%s%s", + USERMODEDEVICEDIR, + device_guid, + TAP_WIN_SUFFIX); hand = CreateFile( device_path, @@ -5208,10 +5208,10 @@ } /* Open Windows TAP-Windows adapter */ - openvpn_snprintf(device_path, sizeof(device_path), "%s%s%s", - USERMODEDEVICEDIR, - device_guid, - TAP_WIN_SUFFIX); + snprintf(device_path, sizeof(device_path), "%s%s%s", + USERMODEDEVICEDIR, + device_guid, + TAP_WIN_SUFFIX); hand = CreateFile( device_path, @@ -6607,10 +6607,10 @@ else { /* Open TAP-Windows */ - openvpn_snprintf(tuntap_device_path, sizeof(tuntap_device_path), "%s%s%s", - USERMODEDEVICEDIR, - device_guid, - TAP_WIN_SUFFIX); + snprintf(tuntap_device_path, sizeof(tuntap_device_path), "%s%s%s", + USERMODEDEVICEDIR, + device_guid, + TAP_WIN_SUFFIX); path = tuntap_device_path; } diff --git a/src/openvpn/win32.c b/src/openvpn/win32.c index 27d82c5..98955ba 100644 --- a/src/openvpn/win32.c +++ b/src/openvpn/win32.c @@ -885,8 +885,8 @@ char force_path[256]; char *sysroot = get_win_sys_path(); - if (!openvpn_snprintf(force_path, sizeof(force_path), "PATH=%s\\System32;%s;%s\\System32\\Wbem", - sysroot, sysroot, sysroot)) + if (!snprintf(force_path, sizeof(force_path), "PATH=%s\\System32;%s;%s\\System32\\Wbem", + sysroot, sysroot, sysroot)) { msg(M_WARN, "env_block: default path truncated to %s", force_path); } @@ -1483,26 +1483,11 @@ } bool -openvpn_swprintf(wchar_t *const str, const size_t size, const wchar_t *const format, ...) -{ - va_list arglist; - int len = -1; - if (size > 0) - { - va_start(arglist, format); - len = vswprintf(str, size, format, arglist); - va_end(arglist); - str[size - 1] = L'\0'; - } - return (len >= 0 && len < size); -} - -bool get_openvpn_reg_value(const WCHAR *key, WCHAR *value, DWORD size) { WCHAR reg_path[256]; HKEY hkey; - openvpn_swprintf(reg_path, _countof(reg_path), L"SOFTWARE\\" PACKAGE_NAME); + swprintf(reg_path, _countof(reg_path), L"SOFTWARE\\" PACKAGE_NAME); LONG status = RegOpenKeyExW(HKEY_LOCAL_MACHINE, reg_path, 0, KEY_READ, &hkey); if (status != ERROR_SUCCESS) @@ -1528,7 +1513,7 @@ /* if we cannot find installation path from the registry, * use Windows directory as a fallback */ - openvpn_swprintf(install_path, _countof(install_path), L"%ls", ssl_fallback_dir); + swprintf(install_path, _countof(install_path), L"%ls", ssl_fallback_dir); } if ((install_path[wcslen(install_path) - 1]) == L'\\') @@ -1553,7 +1538,7 @@ if (size == 0) { WCHAR val[MAX_PATH] = {0}; - openvpn_swprintf(val, _countof(val), L"%ls\\ssl\\%ls", install_path, ossl_env[i].value); + swprintf(val, _countof(val), L"%ls\\ssl\\%ls", install_path, ossl_env[i].value); _wputenv_s(ossl_env[i].name, val); } } diff --git a/src/openvpn/win32.h b/src/openvpn/win32.h index 974fe02d..fd75992 100644 --- a/src/openvpn/win32.h +++ b/src/openvpn/win32.h @@ -319,14 +319,6 @@ int openvpn_execve(const struct argv *a, const struct env_set *es, const unsigned int flags); -/* - * openvpn_swprintf() is currently only used by Windows code paths - * and when enabled for all platforms it will currently break older - * OpenBSD versions lacking vswprintf(3) support in their libc. - */ -bool -openvpn_swprintf(wchar_t *const str, const size_t size, const wchar_t *const format, ...); - /* Sleep that can be interrupted by signals and exit event */ void win32_sleep(const int n); diff --git a/src/openvpn/xkey_helper.c b/src/openvpn/xkey_helper.c index c803323..283c95d 100644 --- a/src/openvpn/xkey_helper.c +++ b/src/openvpn/xkey_helper.c @@ -205,7 +205,7 @@ } else { - openvpn_snprintf(alg_str, sizeof(alg_str), "ECDSA,hashalg=%s", alg.mdname); + snprintf(alg_str, sizeof(alg_str), "ECDSA,hashalg=%s", alg.mdname); } } else if (!strcmp(alg.keytype, "ED448") || !strcmp(alg.keytype, "ED25519")) @@ -229,8 +229,8 @@ /* For undigested message, add hashalg=digest parameter */ else { - openvpn_snprintf(alg_str, sizeof(alg_str), "%s,hashalg=%s", - "RSA_PKCS1_PADDING", alg.mdname); + snprintf(alg_str, sizeof(alg_str), "%s,hashalg=%s", + "RSA_PKCS1_PADDING", alg.mdname); } } else if (!strcmp(alg.padmode, "none") && (flags & MF_EXTERNAL_KEY_NOPADDING) @@ -240,8 +240,8 @@ } else if (!strcmp(alg.padmode, "pss") && (flags & MF_EXTERNAL_KEY_PSSPAD)) { - openvpn_snprintf(alg_str, sizeof(alg_str), "%s,hashalg=%s,saltlen=%s", - "RSA_PKCS1_PSS_PADDING", alg.mdname, alg.saltlen); + snprintf(alg_str, sizeof(alg_str), "%s,hashalg=%s,saltlen=%s", + "RSA_PKCS1_PSS_PADDING", alg.mdname, alg.saltlen); } else { diff --git a/src/openvpnserv/common.c b/src/openvpnserv/common.c index bd0a484..96bf800 100644 --- a/src/openvpnserv/common.c +++ b/src/openvpnserv/common.c @@ -27,36 +27,6 @@ LPCTSTR service_instance = TEXT(""); static wchar_t win_sys_path[MAX_PATH]; -/* - * These are necessary due to certain buggy implementations of (v)snprintf, - * that don't guarantee null termination for size > 0. - */ -BOOL -openvpn_vswprintf(LPTSTR str, size_t size, LPCTSTR format, va_list arglist) -{ - int len = -1; - if (size > 0) - { - len = vswprintf_s(str, size, format, arglist); - str[size - 1] = 0; - } - return (len >= 0 && (size_t)len < size); -} - -BOOL -openvpn_swprintf(LPTSTR str, size_t size, LPCTSTR format, ...) -{ - va_list arglist; - BOOL res = FALSE; - if (size > 0) - { - va_start(arglist, format); - res = openvpn_vswprintf(str, size, format, arglist); - va_end(arglist); - } - return res; -} - static DWORD GetRegString(HKEY key, LPCTSTR value, LPTSTR data, DWORD size, LPCTSTR default_value) { @@ -66,7 +36,7 @@ if (status == ERROR_FILE_NOT_FOUND && default_value) { size_t len = size/sizeof(data[0]); - if (openvpn_swprintf(data, len, default_value)) + if (swprintf(data, len, default_value)) { status = ERROR_SUCCESS; } @@ -93,7 +63,7 @@ TCHAR install_path[MAX_PATH]; TCHAR default_value[MAX_PATH]; - openvpn_swprintf(reg_path, _countof(reg_path), TEXT("SOFTWARE\\" PACKAGE_NAME "%ls"), service_instance); + swprintf(reg_path, _countof(reg_path), TEXT("SOFTWARE\\" PACKAGE_NAME "%ls"), service_instance); LONG status = RegOpenKeyEx(HKEY_LOCAL_MACHINE, reg_path, 0, KEY_READ, &key); if (status != ERROR_SUCCESS) @@ -110,15 +80,15 @@ goto out; } - openvpn_swprintf(default_value, _countof(default_value), TEXT("%ls\\bin\\openvpn.exe"), - install_path); + swprintf(default_value, _countof(default_value), TEXT("%ls\\bin\\openvpn.exe"), + install_path); error = GetRegString(key, TEXT("exe_path"), s->exe_path, sizeof(s->exe_path), default_value); if (error != ERROR_SUCCESS) { goto out; } - openvpn_swprintf(default_value, _countof(default_value), TEXT("%ls\\config"), install_path); + swprintf(default_value, _countof(default_value), TEXT("%ls\\config"), install_path); error = GetRegString(key, TEXT("config_dir"), s->config_dir, sizeof(s->config_dir), default_value); if (error != ERROR_SUCCESS) @@ -133,7 +103,7 @@ goto out; } - openvpn_swprintf(default_value, _countof(default_value), TEXT("%ls\\log"), install_path); + swprintf(default_value, _countof(default_value), TEXT("%ls\\log"), install_path); error = GetRegString(key, TEXT("log_dir"), s->log_dir, sizeof(s->log_dir), default_value); if (error != ERROR_SUCCESS) { @@ -229,7 +199,7 @@ else { tmp[wcslen(tmp) - 2] = TEXT('\0'); /* remove CR/LF characters */ - openvpn_swprintf(buf, _countof(buf), TEXT("%ls (0x%x)"), tmp, error); + swprintf(buf, _countof(buf), TEXT("%ls (0x%x)"), tmp, error); } if (tmp) @@ -259,12 +229,12 @@ hEventSource = RegisterEventSource(NULL, APPNAME); if (hEventSource != NULL) { - openvpn_swprintf(msg[0], _countof(msg[0]), - TEXT("%ls%ls%ls: %ls"), APPNAME, service_instance, - (flags & MSG_FLAGS_ERROR) ? TEXT(" error") : TEXT(""), err_msg); + swprintf(msg[0], _countof(msg[0]), + TEXT("%ls%ls%ls: %ls"), APPNAME, service_instance, + (flags & MSG_FLAGS_ERROR) ? TEXT(" error") : TEXT(""), err_msg); va_start(arglist, format); - openvpn_vswprintf(msg[1], _countof(msg[1]), format, arglist); + vswprintf(msg[1], _countof(msg[1]), format, arglist); va_end(arglist); const TCHAR *mesg[] = { msg[0], msg[1] }; diff --git a/src/openvpnserv/interactive.c b/src/openvpnserv/interactive.c index d32223c..294db00 100644 --- a/src/openvpnserv/interactive.c +++ b/src/openvpnserv/interactive.c @@ -311,7 +311,7 @@ * Same format as error messages (3 line string) with error = 0 in * 0x%08x format, PID on line 2 and a description "Process ID" on line 3 */ - openvpn_swprintf(buf, _countof(buf), L"0x%08x\n0x%08x\n%ls", 0, pid, msg); + swprintf(buf, _countof(buf), L"0x%08x\n0x%08x\n%ls", 0, pid, msg); WritePipeAsync(pipe, buf, (DWORD)(wcslen(buf) * 2), count, events); } @@ -385,9 +385,9 @@ if (!argv) { - openvpn_swprintf(errmsg, capacity, - L"Cannot validate options: CommandLineToArgvW failed with error = 0x%08x", - GetLastError()); + swprintf(errmsg, capacity, + L"Cannot validate options: CommandLineToArgvW failed with error = 0x%08x", + GetLastError()); goto out; } @@ -407,8 +407,8 @@ if (!CheckOption(workdir, 2, argv_tmp, &settings)) { - openvpn_swprintf(errmsg, capacity, msg1, argv[0], workdir, - settings.ovpn_admin_group); + swprintf(errmsg, capacity, msg1, argv[0], workdir, + settings.ovpn_admin_group); } goto out; } @@ -424,13 +424,13 @@ { if (wcscmp(L"--config", argv[i]) == 0 && argc-i > 1) { - openvpn_swprintf(errmsg, capacity, msg1, argv[i+1], workdir, - settings.ovpn_admin_group); + swprintf(errmsg, capacity, msg1, argv[i+1], workdir, + settings.ovpn_admin_group); } else { - openvpn_swprintf(errmsg, capacity, msg2, argv[i], - settings.ovpn_admin_group); + swprintf(errmsg, capacity, msg2, argv[i], + settings.ovpn_admin_group); } goto out; } @@ -985,7 +985,7 @@ HANDLE wait_handles[2] = {rdns_semaphore, exit_event}; - openvpn_swprintf(ipcfg, MAX_PATH, L"%ls\\%ls", get_win_sys_path(), L"ipconfig.exe"); + swprintf(ipcfg, MAX_PATH, L"%ls\\%ls", get_win_sys_path(), L"ipconfig.exe"); if (WaitForMultipleObjects(2, wait_handles, FALSE, timeout) == WAIT_OBJECT_0) { @@ -1064,7 +1064,7 @@ } /* Path of netsh */ - openvpn_swprintf(argv0, _countof(argv0), L"%ls\\%ls", get_win_sys_path(), L"netsh.exe"); + swprintf(argv0, _countof(argv0), L"%ls\\%ls", get_win_sys_path(), L"netsh.exe"); /* cmd template: * netsh interface $proto $action dns $if_name $addr [validate=no] @@ -1080,7 +1080,7 @@ goto out; } - openvpn_swprintf(cmdline, ncmdline, fmt, proto, action, if_name, addr); + swprintf(cmdline, ncmdline, fmt, proto, action, if_name, addr); if (IsWindows7OrGreater()) { @@ -1124,7 +1124,7 @@ } /* Path of netsh */ - openvpn_swprintf(argv0, _countof(argv0), L"%ls\\%ls", get_win_sys_path(), L"netsh.exe"); + swprintf(argv0, _countof(argv0), L"%ls\\%ls", get_win_sys_path(), L"netsh.exe"); /* cmd template: * netsh interface ip $action wins $if_name $static $addr @@ -1141,7 +1141,7 @@ goto out; } - openvpn_swprintf(cmdline, ncmdline, fmt, action, if_name, addr_static, addr); + swprintf(cmdline, ncmdline, fmt, action, if_name, addr_static, addr); err = ExecCommand(argv0, cmdline, timeout); @@ -1167,7 +1167,7 @@ wchar_t *cmdline = NULL; int timeout = 10000; /* in msec */ - openvpn_swprintf(argv0, _countof(argv0), L"%ls\\%ls", get_win_sys_path(), L"wbem\\wmic.exe"); + swprintf(argv0, _countof(argv0), L"%ls\\%ls", get_win_sys_path(), L"wbem\\wmic.exe"); const wchar_t *fmt; /* comma separated list must be enclosed in parenthesis */ @@ -1188,8 +1188,8 @@ return ERROR_OUTOFMEMORY; } - openvpn_swprintf(cmdline, ncmdline, fmt, if_index, action, - data ? data : L""); + swprintf(cmdline, ncmdline, fmt, if_index, action, + data ? data : L""); err = ExecCommand(argv0, cmdline, timeout); free(cmdline); @@ -1453,7 +1453,7 @@ wchar_t argv0[MAX_PATH]; /* Path of netsh */ - openvpn_swprintf(argv0, _countof(argv0), L"%ls\\%ls", get_win_sys_path(), L"netsh.exe"); + swprintf(argv0, _countof(argv0), L"%ls\\%ls", get_win_sys_path(), L"netsh.exe"); /* cmd template: * netsh interface ipv4 set address name=$if_index source=dhcp @@ -1471,7 +1471,7 @@ return err; } - openvpn_swprintf(cmdline, ncmdline, fmt, dhcp->iface.index); + swprintf(cmdline, ncmdline, fmt, dhcp->iface.index); err = ExecCommand(argv0, cmdline, timeout); @@ -1970,8 +1970,8 @@ goto out; } - openvpn_swprintf(ovpn_pipe_name, _countof(ovpn_pipe_name), - TEXT("\\\\.\\pipe\\" PACKAGE "%ls\\service_%lu"), service_instance, GetCurrentThreadId()); + swprintf(ovpn_pipe_name, _countof(ovpn_pipe_name), + TEXT("\\\\.\\pipe\\" PACKAGE "%ls\\service_%lu"), service_instance, GetCurrentThreadId()); ovpn_pipe = CreateNamedPipe(ovpn_pipe_name, PIPE_ACCESS_DUPLEX | FILE_FLAG_FIRST_PIPE_INSTANCE | FILE_FLAG_OVERLAPPED, PIPE_TYPE_MESSAGE | PIPE_READMODE_MESSAGE | PIPE_WAIT, 1, 128, 128, 0, NULL); @@ -2003,8 +2003,11 @@ ReturnLastError(pipe, L"malloc"); goto out; } - openvpn_swprintf(cmdline, cmdline_size, L"openvpn %ls --msg-channel %" PRIuPTR, - sud.options, svc_pipe); + /* there seem to be no common printf specifier that works on all + * mingw/msvc platforms without trickery, so convert to void* and use + * PRIuPTR to print that as best compromise */ + swprintf(cmdline, cmdline_size, L"openvpn %ls --msg-channel %" PRIuPTR, + sud.options, (uintptr_t)svc_pipe); if (!CreateEnvironmentBlock(&user_env, imp_token, FALSE)) { @@ -2079,8 +2082,8 @@ else if (exit_code != 0) { WCHAR buf[256]; - openvpn_swprintf(buf, _countof(buf), - L"OpenVPN exited with error: exit code = %lu", exit_code); + swprintf(buf, _countof(buf), + L"OpenVPN exited with error: exit code = %lu", exit_code); ReturnError(pipe, ERROR_OPENVPN_STARTUP, buf, 1, &exit_event); } Undo(&undo_lists); @@ -2174,7 +2177,7 @@ initialized = TRUE; } - openvpn_swprintf(pipe_name, _countof(pipe_name), TEXT("\\\\.\\pipe\\" PACKAGE "%ls\\service"), service_instance); + swprintf(pipe_name, _countof(pipe_name), TEXT("\\\\.\\pipe\\" PACKAGE "%ls\\service"), service_instance); pipe = CreateNamedPipe(pipe_name, flags, PIPE_TYPE_MESSAGE | PIPE_READMODE_MESSAGE | PIPE_REJECT_REMOTE_CLIENTS, PIPE_UNLIMITED_INSTANCES, 1024, 1024, 0, NULL); diff --git a/src/openvpnserv/service.h b/src/openvpnserv/service.h index 3acf08c..6d0827d 100644 --- a/src/openvpnserv/service.h +++ b/src/openvpnserv/service.h @@ -81,12 +81,6 @@ VOID WINAPI ServiceStartInteractive(DWORD argc, LPTSTR *argv); -BOOL openvpn_vsntprintf(LPTSTR str, size_t size, LPCTSTR format, va_list arglist); - -BOOL openvpn_sntprintf(LPTSTR str, size_t size, LPCTSTR format, ...); - -BOOL openvpn_swprintf(wchar_t *const str, const size_t size, const wchar_t *const format, ...); - DWORD GetOpenvpnSettings(settings_t *s); BOOL ReportStatusToSCMgr(SERVICE_STATUS_HANDLE service, SERVICE_STATUS *status); diff --git a/src/openvpnserv/validate.c b/src/openvpnserv/validate.c index 5f7acd7..9563fa5 100644 --- a/src/openvpnserv/validate.c +++ b/src/openvpnserv/validate.c @@ -68,7 +68,7 @@ /* convert fname to full path */ if (PathIsRelativeW(fname) ) { - openvpn_swprintf(tmp, _countof(tmp), L"%ls\\%ls", workdir, fname); + swprintf(tmp, _countof(tmp), L"%ls\\%ls", workdir, fname); config_file = tmp; } else diff --git a/tests/unit_tests/openvpn/test_buffer.c b/tests/unit_tests/openvpn/test_buffer.c index 52ffb54..e5d4233 100644 --- a/tests/unit_tests/openvpn/test_buffer.c +++ b/tests/unit_tests/openvpn/test_buffer.c @@ -354,6 +354,56 @@ assert_string_equal(buf, "There is a .'nice.' \"1234\" [.] year old .tree!"); } +static void +test_snprintf(void **state) +{ + /* we used to have a custom openvpn_snprintf function because some + * OS (the comment did not specify which) did not always put the + * null byte there. So we unit test this to be sure. + * + * This probably refers to the MSVC behaviour, see also + * https://stackoverflow.com/questions/7706936/is-snprintf-always-null-terminating + */ + + /* Instead of trying to trick the compiler here, disable the warnings + * for this unit test. We know that the results truncated + * and we want to test that */ +#if defined(__GNUC__) +/* some clang version do not understand -Wformat-truncation, so ignore the + * warning to avoid warnings/errors (-Werror) about unknown pragma/option */ +#if defined(__clang__) +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wunknown-warning-option" +#endif +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Wformat-truncation" +#endif + + char buf[10] = { 'a' }; + int ret = 0; + + ret = snprintf(buf, sizeof(buf), "0123456789abcde"); + assert_int_equal(ret, 15); + assert_int_equal(buf[9], '\0'); + + memset(buf, 'b', sizeof(buf)); + ret = snprintf(buf, sizeof(buf), "- %d - %d -", 77, 88); + assert_int_equal(ret, 11); + assert_int_equal(buf[9], '\0'); + + memset(buf, 'c', sizeof(buf)); + ret = snprintf(buf, sizeof(buf), "- %8.2f", 77.8899); + assert_int_equal(ret, 10); + assert_int_equal(buf[9], '\0'); + +#if defined(__GNUC__) +#pragma GCC diagnostic pop +#if defined(__clang__) +#pragma clang diagnostic pop +#endif +#endif +} + int main(void) { @@ -387,6 +437,7 @@ cmocka_unit_test(test_buffer_free_gc_two), cmocka_unit_test(test_buffer_gc_realloc), cmocka_unit_test(test_character_class), + cmocka_unit_test(test_snprintf) }; return cmocka_run_group_tests_name("buffer", tests, NULL, NULL); diff --git a/tests/unit_tests/openvpn/test_cryptoapi.c b/tests/unit_tests/openvpn/test_cryptoapi.c index 87f6208..98102ef 100644 --- a/tests/unit_tests/openvpn/test_cryptoapi.c +++ b/tests/unit_tests/openvpn/test_cryptoapi.c @@ -271,7 +271,7 @@ for (struct test_cert *c = certs; c->cert; c++) { - openvpn_snprintf(select_string, sizeof(select_string), "THUMB:%s", c->hash); + snprintf(select_string, sizeof(select_string), "THUMB:%s", c->hash); ctx = find_certificate_in_store(select_string, user_store); if (ctx) { @@ -304,7 +304,7 @@ for (struct test_cert *c = certs; c->cert; c++) { - openvpn_snprintf(select_string, sizeof(select_string), "SUBJ:%s", c->cname); + snprintf(select_string, sizeof(select_string), "SUBJ:%s", c->cname); ctx = find_certificate_in_store(select_string, user_store); /* In this case we expect a successful return as there is at least one valid * cert that matches the common name. But the returned cert may not exactly match @@ -337,7 +337,7 @@ for (struct test_cert *c = certs; c->cert; c++) { - openvpn_snprintf(select_string, sizeof(select_string), "ISSUER:%s", c->issuer); + snprintf(select_string, sizeof(select_string), "ISSUER:%s", c->issuer); ctx = find_certificate_in_store(select_string, user_store); /* In this case we expect a successful return as there is at least one valid * cert that matches the issuer. But the returned cert may not exactly match @@ -411,7 +411,7 @@ { continue; } - openvpn_snprintf(select_string, sizeof(select_string), "THUMB:%s", c->hash); + snprintf(select_string, sizeof(select_string), "THUMB:%s", c->hash); if (Load_CryptoAPI_certificate(select_string, &x509, &privkey) != 1) { fail_msg("Load_CryptoAPI_certificate failed: <%s>", c->friendly_name); @@ -446,7 +446,7 @@ SSL_CTX *ssl_ctx = SSL_CTX_new_ex(tls_libctx, NULL, SSLv23_client_method()); assert_non_null(ssl_ctx); - openvpn_snprintf(select_string, sizeof(select_string), "THUMB:%s", c->hash); + snprintf(select_string, sizeof(select_string), "THUMB:%s", c->hash); if (!SSL_CTX_use_CryptoAPI_certificate(ssl_ctx, select_string)) { fail_msg("SSL_CTX_use_CryptoAPI_certificate failed: <%s>", c->friendly_name); diff --git a/tests/unit_tests/openvpn/test_pkcs11.c b/tests/unit_tests/openvpn/test_pkcs11.c index a48e404..84ebb29 100644 --- a/tests/unit_tests/openvpn/test_pkcs11.c +++ b/tests/unit_tests/openvpn/test_pkcs11.c @@ -161,7 +161,7 @@ } else if (flags & GET_USER_PASS_PASSWORD_ONLY) { - openvpn_snprintf(up->password, sizeof(up->password), "%s", PIN); + snprintf(up->password, sizeof(up->password), "%s", PIN); } else { @@ -204,8 +204,8 @@ { fail_msg("make tmpfile using template <%s> failed (error = %d)", softhsm2_conf_path, errno); } - openvpn_snprintf(config, sizeof(config), "directories.tokendir=%s/", - softhsm2_tokens_path); + snprintf(config, sizeof(config), "directories.tokendir=%s/", + softhsm2_tokens_path); assert_int_equal(write(fd, config, strlen(config)), strlen(config)); close(fd);