Add test for new client -> old server

This causes an error during secure renegotiation
expressvpn · Aug 2, 2023 · 7777462 · 7777462
1 parent 9932e9a
commit 7777462
Show file tree

Hide file tree

Showing 6 changed files with 214 additions and 2 deletions.
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -14,6 +14,7 @@ services:
   server:
     build:
       context: .
+      # dockerfile: docker/Dockerfile-dtls
       dockerfile: docker/Dockerfile
     networks:
       - perfnet
@@ -24,7 +25,8 @@ services:
   cli:
     build:
       context: .
-      dockerfile: docker/Dockerfile
+      # dockerfile: docker/Dockerfile
+      dockerfile: docker/Dockerfile-dtls
     depends_on:
       - iperf
       - server

diff --git a/docker/Dockerfile-dtls b/docker/Dockerfile-dtls
@@ -0,0 +1,41 @@
+FROM debian/buildd:buster as builder
+ARG DEBIAN_FRONTEND=noninteractive
+
+ENV LANG C.UTF-8
+ENV LC_ALL C.UTF-8
+
+RUN apt-get update && apt-get install -qqy --no-install-recommends \
+  autoconf \
+  automake \
+  bsdmainutils \
+  dnsutils \
+  git \
+  iperf3 \
+  iproute2 \
+  iptables \
+  iputils-ping \
+  liblua5.3-dev \
+  libtool \
+  libsqlite3-dev \
+  lua5.3 \
+  procps \
+  psmisc \
+  rubygems \
+  tcpdump \
+  unzip \
+  valgrind \
+  wget \
+  strace \
+  vim
+
+# Set up ceedling
+RUN gem install ceedling
+
+WORKDIR /lw_reference
+
+FROM builder
+COPY ./ .
+RUN ceedling clobber project:dtls
+RUN ceedling verbosity[4] dependencies:fetch project:dtls
+RUN ceedling verbosity[4] dependencies:make project:dtls
+RUN ceedling verbosity[4] release project:dtls
diff --git a/dtls.yml b/dtls.yml
@@ -0,0 +1,159 @@
+---
+
+:project:
+  :use_exceptions: FALSE
+  :use_test_preprocessor: TRUE
+  :use_auxiliary_dependencies: TRUE
+  :build_root: build
+  :release_build: TRUE
+  :test_file_prefix: test_
+  :which_ceedling: gem
+  :default_tasks:
+    - test:all
+
+:release_build:
+  :output: lw.out
+
+:environment:
+
+:extension:
+  :executable: .out
+
+:paths:
+  :source:
+    - src/**
+  :test:
+    - +:test/**
+    - -:test/support
+  :include:
+    - include/*
+  :support:
+    - test/support
+
+:defines:
+  # in order to add common defines:
+  #  1) remove the trailing [] from the :common: section
+  #  2) add entries to the :common: section (e.g. :test: has TEST defined)
+  :common: &common_defines []
+  :test:
+    - *common_defines
+    - TEST
+  :test_preprocess:
+    - *common_defines
+    - TEST
+
+:cmock:
+  :mock_prefix: mock_
+  :when_no_prototypes: :warn
+  :enforce_strict_ordering: TRUE
+  :includes:
+    - libhe_testable_types.h
+  :plugins:
+    - :ignore
+    - :callback
+    - :expect_any_args
+    - :ignore_arg
+  :treat_as:
+    uint8:    HEX8
+    uint16:   HEX16
+    uint32:   UINT32
+    int8:     INT8
+    bool:     UINT8
+
+
+:plugins:
+  :load_paths:
+    - "#{Ceedling.load_path}"
+  :enabled:
+    - module_generator
+    - dependencies
+    - compile_commands_json
+
+:dependencies:
+  :libraries:
+    - :name: lightway_core
+      :source_path: third_party/lightway_core
+      :fetch:
+        :method: :git
+        # :source: https://github.com/expressvpn/lightway-core.git
+        # :branch: main
+        :source: https://github.com/julek-wolfssl/lightway-core.git
+        :branch: lightway-dtls1.3
+      :environment:
+      - CFLAGS= -DLARGE_STATIC_BUFFERS -DWOLFSSL_DTLS_ALLOW_FUTURE -DWOLFSSL_MIN_RSA_BITS=2048 -DWOLFSSL_MIN_ECC_BITS=256 -fPIC
+      :build:
+        - /usr/local/bin/ceedling verbosity[4] release project:linux
+      :artifacts:
+        :includes:
+          - public/**
+        :static_libraries:
+          - build/artifacts/release/libhelium.a
+          - third_party/builds/wolfssl_build/lib/libwolfssl.a
+    - :name: libuv
+      :source_path: third_party/libuv
+      :artifact_path: third_party/builds/libuv
+      :fetch:
+        :method: :git
+        :source: https://github.com/libuv/libuv.git
+        :tag: v1.46.0
+      :build:
+        - "sh autogen.sh"
+        - "./configure --prefix=$(pwd)/../builds/libuv/ --enable-static --disable-shared"
+        - "make"
+        - "make install"
+      :artifacts:
+        :includes:
+          - include/*
+        :static_libraries:
+          - lib/libuv.a
+    - :name: zlog
+      :source_path: third_party/zlog
+      :artifact_path: third_party/zlog/tidy
+      :fetch:
+        :method: :git
+        :source: https://github.com/zma/zlog.git
+        :commit: 16f266e
+      :build:
+        - mkdir -p tidy
+        - cp zlog.c tidy/
+        - cp zlog.h tidy/
+        - cp zlog-config.h tidy/
+        - sed -i "s/1 << 22/1 << 10/" tidy/zlog-config.h
+        - sed -i "s/15/2/" zlog-config.h
+      :artifacts:
+        :includes:
+          - /*
+        :source:
+          - /zlog.c
+    - :name: argparse
+      :source_path: third_party/argparse
+      :artifact_path: third_party/argparse/tidy
+      :fetch:
+        :method: :git
+        :source: https://github.com/cofyc/argparse.git
+        :tag: v1.1.0
+      :build:
+        - mkdir -p tidy
+        - cp argparse.c tidy/
+        - cp argparse.h tidy/
+      :artifacts:
+        :includes:
+          - /*
+        :source:
+          - /argparse.c
+
+
+:tools_release_linker:
+  :arguments:
+    - -lpthread
+    - -lm
+    - -ldl
+
+:flags:
+  :release:
+    :compile:
+      :*:
+        - -O3
+        - -g
+
+...
diff --git a/project.yml b/project.yml
@@ -77,6 +77,8 @@
         :method: :git
         :source: https://github.com/expressvpn/lightway-core.git
         :branch: main
+        # :source: https://github.com/julek-wolfssl/lightway-core.git
+        # :branch: lightway-dtls1.3
       :environment:
       - CFLAGS= -DLARGE_STATIC_BUFFERS -DWOLFSSL_DTLS_ALLOW_FUTURE -DWOLFSSL_MIN_RSA_BITS=2048 -DWOLFSSL_MIN_ECC_BITS=256 -fPIC
       :build:

diff --git a/scripts/run_iperf_client.sh b/scripts/run_iperf_client.sh
@@ -12,7 +12,7 @@ ping -w1 "${SERVER}"
 
 build/release/lw.out --client --protocol udp --username test --password test --server_ip ${SERVER} --server_port 19655 --cert certs/shared.crt --tun helium-test &
 
-sleep 2
+sleep 15
 
 echo "Setting route to ${TARGET} via ${HELIUM_GATE}"
 ip route add "${TARGET}" via "${HELIUM_GATE}"

diff --git a/src/he/helium.c b/src/he/helium.c
@@ -79,11 +79,19 @@ he_return_code_t state_change_cb(he_conn_t *client, he_conn_state_t new_state, v
 
   zlogf_time(ZLOG_INFO_LOG_MSG, "State changed to %s\n", he_client_state_name(new_state));
 
+  static bool reneg = false;
+
   if(new_state == HE_STATE_DISCONNECTED) {
     zlogf_time(ZLOG_INFO_LOG_MSG, "Helium connection was disconnected\n");
     lw_state_post_disconnect_cleanup(state);
   }
 
+  if(new_state == HE_STATE_ONLINE && !state->is_server && !reneg) {
+    reneg = true;
+    he_conn_schedule_renegotiation(client);
+    zlogf_time(ZLOG_INFO_LOG_MSG, "SCHEDULED RENEGOTIATION\n");
+  }
+
   return HE_SUCCESS;
 }