mirror/openvpn
0
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn.git synced 2024-09-20 03:52:28 +02:00
Code
e498cb0ea8
openvpn/tests/unit_tests
History
Steffan Karger e498cb0ea8
Drop packets instead of assert out if packet id rolls over (CVE-2017-7479) 
Previously, if a mode was selected where packet ids are not allowed to roll
over, but renegotiation does not succeed for some reason (e.g. no password
entered in time, certificate expired or a malicious peer that refuses the
renegotiaion on purpose) we would continue to use the old keys.  Until the
packet ID would roll over and we would ASSERT() out.

Given that this can be triggered on purpose by an authenticated peer, this
is a fix for an authenticated remote DoS vulnerability.  An attack is
rather inefficient though; a peer would need to get us to send 2^32
packets (min-size packet is IP+UDP+OPCODE+PID+TAG (no payload), results in
(20+8+1+4+16)*2^32 bytes, or approx. 196 GB).

This is a fix for finding 5.2 from the OSTIF / Quarkslab audit.

CVE: 2017-7479
Signed-off-by: Steffan Karger <steffan.karger@fox-it.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <1494358209-4568-3-git-send-email-steffan.karger@fox-it.com>
URL: http://www.mail-archive.com/search?l=mid&q=1494358209-4568-3-git-send-email-steffan.karger@fox-it.com
Signed-off-by: David Sommerseth <davids@openvpn.net>
2017-05-11 01:17:02 +02:00
..
example_test The Great Reformatting - first phase 2016-12-14 22:33:49 +01:00
openvpn Drop packets instead of assert out if packet id rolls over (CVE-2017-7479) 2017-05-11 01:17:02 +02:00
plugins The Great Reformatting - first phase 2016-12-14 22:33:49 +01:00
Makefile.am Make argv unit tests obey {MBEDTLS, OPENSSL}_{LIBS, CFLAGS} 2016-11-14 20:46:28 +01:00
README.md Add unit testing support via cmocka 2016-05-30 22:40:55 +02:00

README.md

Unit Tests

This directory contains unit tests for openvpn. New features/bugfixes should be written in a test friendly way and come with corresponding tests.

Run tests

Tests are run by make check. A failed tests stops test execution. To run all tests regardless of errors call make -k check.

Add new tests to existing test suite

Test suites are organized in directories. example_test/ is an example for a test suite with two test executables. Feel free to use it as a template for new tests.

Test suites

Test suites live inside a subdirectory of $ROOT/tests/unit_tests, e.g. $ROOT/tests/unit_tests/my_feature.

Test suites are configured by a Makefile.am. Tests are executed by testdrivers. One testsuite can contain more than one testdriver.

Hints

  • Name suites & testdrivers in a way that the name of the driver says something about which component/feature is tested
  • Name the testdriver executable *_testdriver. This way it gets picked up by the default .gitignore
    • If this is not feasible: Add all output to a .gitignore* Use descriptive test names: coffee_brewing__with_no_beans__fails vs. test34
  • Testing a configurable feature? Wrap test execution with a conditional (see auth_pam for an example)
  • Add multiple test-drivers when one testdriver looks crowded with tests

New Test Suites

  1. Organize tests in folders for features.
  2. Add the new test directory to SUBDIRS in Makefile.am
  3. Edit configure.ac and add the new Makefile to AC_CONFIG_FILES
  4. Run ./configure, and enable the feature you'd like to test
  5. Make sure that make check runs your tests
  6. Check: Would a stranger be able to easily find your tests by you looking at the test output?
  7. Run ./configure, and disable the feature you'd like to test
  8. Make sure that make check does not run your tests