Change type of option flag from unsigned int to uint64_t

We currently use all 32 bits of the unsigned int for option classes.
While we can probably can retire 2-3 of the existing options, at some
point we will hit the limit again.

Instead of fully rewriting this logic to use a different approach or
structure, changing the type from unsigned int to uint64_t seem to be
a lot less intrusive approach.

Change-Id: I8ca07e2bbb5de229204191d61e90f084a58969af
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1583
Message-Id: <20260325124338.123477-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg36266.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

Author: schwabe

src/openvpn/init.c

@@ -2339,7 +2339,7 @@ do_deferred_options_part2(struct context *c)
 }
 
 bool
-do_up(struct context *c, bool pulled_options, unsigned int option_types_found)
+do_up(struct context *c, bool pulled_options, uint64_t option_types_found)
 {
     int error_flags = 0;
     if (!c->c2.do_up_ran)
@@ -2474,7 +2474,7 @@ do_up(struct context *c, bool pulled_options, unsigned int option_types_found)
 }
 
 bool
-do_update(struct context *c, unsigned int option_types_found)
+do_update(struct context *c, uint64_t option_types_found)
 {
     /* Not necessary since to receive the update the openvpn
      * instance must be up and running but just in case
@@ -2588,7 +2588,7 @@ do_deferred_p2p_ncp(struct context *c)
 }
 
 bool
-do_deferred_options(struct context *c, const unsigned int found, const bool is_update)
+do_deferred_options(struct context *c, const uint64_t found, const bool is_update)
 {
     if (found & OPT_P_MESSAGES)
     {
@@ -4209,7 +4209,7 @@ open_plugins(struct context *c, const bool import_options, int init_point)
                 int i;
                 for (i = 0; i < config.n; ++i)
                 {
-                    unsigned int option_types_found = 0;
+                    uint64_t option_types_found = 0;
                     if (config.list[i] && config.list[i]->value)
                     {
                         options_string_import(

src/openvpn/init.h

@@ -75,7 +75,7 @@ void do_test_crypto(struct context *o);
 
 void context_gc_free(struct context *c);
 
-bool do_up(struct context *c, bool pulled_options, unsigned int option_types_found);
+bool do_up(struct context *c, bool pulled_options, uint64_t option_types_found);
 
 /**
  * @brief A simplified version of the do_up() function. This function is called
@@ -87,7 +87,7 @@ bool do_up(struct context *c, bool pulled_options, unsigned int option_types_fou
  * @return true on success.
  * @return false on error.
  */
-bool do_update(struct context *c, unsigned int option_types_found);
+bool do_update(struct context *c, uint64_t option_types_found);
 
 unsigned int pull_permission_mask(const struct context *c);
 
@@ -99,7 +99,7 @@ void reset_coarse_timers(struct context *c);
  * Handle non-tun-related pulled options.
  * Set `is_update` param to true to skip NCP check.
  */
-bool do_deferred_options(struct context *c, const unsigned int found, const bool is_update);
+bool do_deferred_options(struct context *c, const uint64_t found, const bool is_update);
 
 void inherit_context_child(struct context *dest, const struct context *src,
                            struct link_socket *sock);

src/openvpn/multi.c

@@ -1619,7 +1619,7 @@ multi_set_virtual_addr_env(struct multi_instance *mi)
  */
 static void
 multi_client_connect_post(struct multi_context *m, struct multi_instance *mi, const char *dc_file,
-                          unsigned int *option_types_found)
+                          uint64_t *option_types_found)
 {
     /* Did script generate a dynamic config file? */
     if (platform_test_file(dc_file))
@@ -1645,7 +1645,7 @@ multi_client_connect_post(struct multi_context *m, struct multi_instance *mi, co
  */
 static void
 multi_client_connect_post_plugin(struct multi_context *m, struct multi_instance *mi,
-                                 const struct plugin_return *pr, unsigned int *option_types_found)
+                                 const struct plugin_return *pr, uint64_t *option_types_found)
 {
     struct plugin_return config;
 
@@ -1684,7 +1684,7 @@ multi_client_connect_post_plugin(struct multi_context *m, struct multi_instance
  */
 enum client_connect_return
 multi_client_connect_mda(struct multi_context *m, struct multi_instance *mi, bool deferred,
-                         unsigned int *option_types_found)
+                         uint64_t *option_types_found)
 {
     /* We never return CC_RET_DEFERRED */
     ASSERT(!deferred);
@@ -2055,7 +2055,7 @@ ccs_gen_config_file(struct multi_instance *mi)
 
 static enum client_connect_return
 multi_client_connect_call_plugin_v1(struct multi_context *m, struct multi_instance *mi,
-                                    bool deferred, unsigned int *option_types_found)
+                                    bool deferred, uint64_t *option_types_found)
 {
     enum client_connect_return ret = CC_RET_SKIPPED;
 #ifdef ENABLE_PLUGIN
@@ -2145,7 +2145,7 @@ multi_client_connect_call_plugin_v1(struct multi_context *m, struct multi_instan
 
 static enum client_connect_return
 multi_client_connect_call_plugin_v2(struct multi_context *m, struct multi_instance *mi,
-                                    bool deferred, unsigned int *option_types_found)
+                                    bool deferred, uint64_t *option_types_found)
 {
     enum client_connect_return ret = CC_RET_SKIPPED;
 #ifdef ENABLE_PLUGIN
@@ -2194,7 +2194,7 @@ multi_client_connect_call_plugin_v2(struct multi_context *m, struct multi_instan
 
 static enum client_connect_return
 multi_client_connect_script_deferred(struct multi_context *m, struct multi_instance *mi,
-                                     unsigned int *option_types_found)
+                                     uint64_t *option_types_found)
 {
     ASSERT(mi);
     ASSERT(option_types_found);
@@ -2235,7 +2235,7 @@ multi_client_connect_script_deferred(struct multi_context *m, struct multi_insta
  */
 static enum client_connect_return
 multi_client_connect_call_script(struct multi_context *m, struct multi_instance *mi, bool deferred,
-                                 unsigned int *option_types_found)
+                                 uint64_t *option_types_found)
 {
     if (deferred)
     {
@@ -2339,7 +2339,7 @@ multi_client_generate_tls_keys(struct context *c)
 
 static void
 multi_client_connect_late_setup(struct multi_context *m, struct multi_instance *mi,
-                                const unsigned int option_types_found)
+                                const uint64_t option_types_found)
 {
     ASSERT(m);
     ASSERT(mi);
@@ -2497,7 +2497,7 @@ multi_client_connect_early_setup(struct multi_context *m, struct multi_instance
  */
 static enum client_connect_return
 multi_client_connect_compress_migrate(struct multi_context *m, struct multi_instance *mi,
-                                      bool deferred, unsigned int *option_types_found)
+                                      bool deferred, uint64_t *option_types_found)
 {
 #ifdef USE_COMP
     struct options *o = &mi->context.options;
@@ -2529,7 +2529,7 @@ multi_client_connect_compress_migrate(struct multi_context *m, struct multi_inst
  */
 static enum client_connect_return
 multi_client_connect_source_ccd(struct multi_context *m, struct multi_instance *mi, bool deferred,
-                                unsigned int *option_types_found)
+                                uint64_t *option_types_found)
 {
     /* Since we never return a CC_RET_DEFERRED, this indicates a serious
      * problem */
@@ -2580,7 +2580,7 @@ multi_client_connect_source_ccd(struct multi_context *m, struct multi_instance *
 
 typedef enum client_connect_return (*multi_client_connect_handler)(
     struct multi_context *m, struct multi_instance *mi, bool from_deferred,
-    unsigned int *option_types_found);
+    uint64_t *option_types_found);
 
 static const multi_client_connect_handler client_connect_handlers[] = {
     multi_client_connect_compress_migrate,
@@ -2678,7 +2678,7 @@ multi_connection_established(struct multi_context *m, struct multi_instance *mi)
     bool from_deferred = (mi->context.c2.tls_multi->multi_state != CAS_PENDING);
 
     int *cur_handler_index = &mi->client_connect_defer_state.cur_handler_index;
-    unsigned int *option_types_found = &mi->client_connect_defer_state.option_types_found;
+    uint64_t *option_types_found = &mi->client_connect_defer_state.option_types_found;
 
     /* We are called for the first time */
     if (!from_deferred)

src/openvpn/multi.h

@@ -73,7 +73,7 @@ struct client_connect_defer_state
     int cur_handler_index;
     /* Remember which option classes where processed for delayed option
      * handling. */
-    unsigned int option_types_found;
+    uint64_t option_types_found;
 
     /**
      * The temporary file name that contains the return status of the

src/openvpn/options.c

@@ -4972,8 +4972,8 @@ atou(const char *str)
     }
 
 static bool
-verify_permission(const char *name, const char *file, int line, const unsigned int type,
-                  const unsigned int allowed, unsigned int *found, const msglvl_t msglevel,
+verify_permission(const char *name, const char *file, int line, const uint64_t type,
+                  const uint64_t allowed, uint64_t *found, const msglvl_t msglevel,
                   struct options *options, bool is_inline)
 {
     if (!(type & allowed))
@@ -5065,7 +5065,7 @@ msglevel_forward_compatible(struct options *options, const msglvl_t msglevel)
 void
 remove_option(struct context *c, struct options *options, char *p[], bool is_inline,
               const char *file, int line, const msglvl_t msglevel,
-              const unsigned int permission_mask, unsigned int *option_types_found,
+              const uint64_t permission_mask, uint64_t *option_types_found,
               struct env_set *es)
 {
     msglvl_t msglevel_fc = msglevel_forward_compatible(options, msglevel);
@@ -5385,7 +5385,7 @@ check_dns_option(struct options *options, char *p[], const msglvl_t msglevel, bo
 void
 update_option(struct context *c, struct options *options, char *p[], bool is_inline,
               const char *file, int line, const int level, const msglvl_t msglevel,
-              const unsigned int permission_mask, unsigned int *option_types_found,
+              const uint64_t permission_mask, uint64_t *option_types_found,
               struct env_set *es)
 {
     const bool pull_mode = BOOL_CAST(permission_mask & OPT_P_PULL_MODE);
@@ -5574,8 +5574,8 @@ key_is_external(const struct options *options)
 
 void
 add_option(struct options *options, char *p[], bool is_inline, const char *file, int line,
-           const int level, const msglvl_t msglevel, const unsigned int permission_mask,
-           unsigned int *option_types_found, struct env_set *es)
+           const int level, const msglvl_t msglevel, const uint64_t permission_mask,
+           uint64_t *option_types_found, struct env_set *es)
 {
     struct gc_arena gc = gc_new();
     const bool pull_mode = BOOL_CAST(permission_mask & OPT_P_PULL_MODE);

src/openvpn/options.h

@@ -553,8 +553,8 @@ struct options
     bool client;
     bool pull; /* client pull of config options from server */
     int push_continuation;
-    unsigned int push_option_types_found;
-    unsigned int push_update_options_found; /* tracks which option types have been reset in current PUSH_UPDATE sequence */
+    uint64_t push_option_types_found;
+    uint64_t push_update_options_found; /* tracks which option types have been reset in current PUSH_UPDATE sequence */
     const char *auth_user_pass_file;
     bool auth_user_pass_file_inline;
     struct options_pre_connect *pre_connect;
@@ -808,7 +808,7 @@ struct pull_filter_list
 
 void add_option(struct options *options, char *p[], bool is_inline, const char *file,
                 int line, const int level, const msglvl_t msglevel,
-                const unsigned int permission_mask, unsigned int *option_types_found,
+                const uint64_t permission_mask, uint64_t *option_types_found,
                 struct env_set *es);
 
 /**
@@ -833,7 +833,7 @@ void add_option(struct options *options, char *p[], bool is_inline, const char *
  */
 void remove_option(struct context *c, struct options *options, char *p[], bool is_inline,
                    const char *file, int line, const msglvl_t msglevel,
-                   const unsigned int permission_mask, unsigned int *option_types_found,
+                   const uint64_t permission_mask, uint64_t *option_types_found,
                    struct env_set *es);
 
 /**
@@ -858,21 +858,21 @@ void remove_option(struct context *c, struct options *options, char *p[], bool i
  */
 void update_option(struct context *c, struct options *options, char *p[], bool is_inline,
                    const char *file, int line, const int level, const msglvl_t msglevel,
-                   const unsigned int permission_mask, unsigned int *option_types_found,
+                   const uint64_t permission_mask, uint64_t *option_types_found,
                    struct env_set *es);
 
 void parse_argv(struct options *options, const int argc, char *argv[], const msglvl_t msglevel,
-                const unsigned int permission_mask, unsigned int *option_types_found,
+                const uint64_t permission_mask, uint64_t *option_types_found,
                 struct env_set *es);
 
 void read_config_file(struct options *options, const char *file, int level, const char *top_file,
                       const int top_line, const msglvl_t msglevel,
-                      const unsigned int permission_mask, unsigned int *option_types_found,
+                      const uint64_t permission_mask, uint64_t *option_types_found,
                       struct env_set *es);
 
 void read_config_string(const char *prefix, struct options *options, const char *config,
-                        const msglvl_t msglevel, const unsigned int permission_mask,
-                        unsigned int *option_types_found, struct env_set *es);
+                        const msglvl_t msglevel, const uint64_t permission_mask,
+                        uint64_t *option_types_found, struct env_set *es);
 
 void notnull(const char *arg, const char *description);
 
@@ -933,13 +933,13 @@ bool options_postprocess_pull(struct options *o, struct env_set *es);
 void pre_connect_restore(struct options *o, struct gc_arena *gc);
 
 bool apply_push_options(struct context *c, struct options *options, struct buffer *buf,
-                        unsigned int permission_mask, unsigned int *option_types_found,
+                        uint64_t permission_mask, uint64_t *option_types_found,
                         struct env_set *es, bool is_update);
 
 void options_detach(struct options *o);
 
 void options_server_import(struct options *o, const char *filename, msglvl_t msglevel,
-                           unsigned int permission_mask, unsigned int *option_types_found,
+                           uint64_t permission_mask, uint64_t *option_types_found,
                            struct env_set *es);
 
 void pre_pull_default(struct options *o);
@@ -972,7 +972,7 @@ bool auth_retry_set(const msglvl_t msglevel, const char *option);
 const char *auth_retry_print(void);
 
 void options_string_import(struct options *options, const char *config, const msglvl_t msglevel,
-                           const unsigned int permission_mask, unsigned int *option_types_found,
+                           const uint64_t permission_mask, uint64_t *option_types_found,
                            struct env_set *es);
 
 bool key_is_external(const struct options *options);

src/openvpn/options_parse.c

@@ -346,7 +346,7 @@ check_inline_file_via_buf(struct buffer *multiline, char *p[], struct gc_arena *
 void
 read_config_file(struct options *options, const char *file, int level, const char *top_file,
                  const int top_line, const msglvl_t msglevel,
-                 const unsigned int permission_mask, unsigned int *option_types_found,
+                 const uint64_t permission_mask, uint64_t *option_types_found,
                  struct env_set *es)
 {
     const int max_recursive_levels = 10;
@@ -419,8 +419,8 @@ read_config_file(struct options *options, const char *file, int level, const cha
 
 void
 read_config_string(const char *prefix, struct options *options, const char *config,
-                   const msglvl_t msglevel, const unsigned int permission_mask,
-                   unsigned int *option_types_found, struct env_set *es)
+                   const msglvl_t msglevel, const uint64_t permission_mask,
+                   uint64_t *option_types_found, struct env_set *es)
 {
     char line[OPTION_LINE_SIZE];
     struct buffer multiline;
@@ -448,7 +448,7 @@ read_config_string(const char *prefix, struct options *options, const char *conf
 
 void
 parse_argv(struct options *options, const int argc, char *argv[], const msglvl_t msglevel,
-           const unsigned int permission_mask, unsigned int *option_types_found, struct env_set *es)
+           const uint64_t permission_mask, uint64_t *option_types_found, struct env_set *es)
 {
     /* usage message */
     if (argc <= 1)
@@ -510,7 +510,7 @@ parse_argv(struct options *options, const int argc, char *argv[], const msglvl_t
 
 bool
 apply_push_options(struct context *c, struct options *options, struct buffer *buf,
-                   unsigned int permission_mask, unsigned int *option_types_found,
+                   uint64_t permission_mask, uint64_t *option_types_found,
                    struct env_set *es, bool is_update)
 {
     char line[OPTION_PARM_SIZE];
@@ -523,7 +523,7 @@ apply_push_options(struct context *c, struct options *options, struct buffer *bu
         char *p[MAX_PARMS + 1];
         CLEAR(p);
         ++line_num;
-        unsigned int push_update_option_flags = 0;
+        uint64_t push_update_option_flags = 0;
         int i = 0;
 
         /* skip leading spaces matching the behaviour of parse_line */
@@ -578,7 +578,7 @@ apply_push_options(struct context *c, struct options *options, struct buffer *bu
 
 void
 options_server_import(struct options *o, const char *filename, msglvl_t msglevel,
-                      unsigned int permission_mask, unsigned int *option_types_found,
+                      const uint64_t permission_mask, uint64_t *option_types_found,
                       struct env_set *es)
 {
     msg(D_PUSH, "OPTIONS IMPORT: reading client specific options from: %s", filename);
@@ -588,7 +588,7 @@ options_server_import(struct options *o, const char *filename, msglvl_t msglevel
 
 void
 options_string_import(struct options *options, const char *config, const msglvl_t msglevel,
-                      const unsigned int permission_mask, unsigned int *option_types_found,
+                      const uint64_t permission_mask, uint64_t *option_types_found,
                       struct env_set *es)
 {
     read_config_string("[CONFIG-STRING]", options, config, msglevel, permission_mask,

src/openvpn/options_util.c

@@ -203,7 +203,7 @@ static const char *updatable_options[] = { "block-ipv6", "block-outside-dns",
                                            "tun-mtu", "keepalive" };
 
 bool
-check_push_update_option_flags(char *line, int *i, unsigned int *flags)
+check_push_update_option_flags(char *line, int *i, uint64_t *flags)
 {
     *flags = 0;
     bool opt_is_updatable = false;

src/openvpn/options_util.h

@@ -106,6 +106,6 @@ bool apply_pull_filter(const struct options *o, char *line);
  *         - The `line` parameter is empty or `NULL`.
  *         - The `?` flag is absent and the option is not updatable.
  */
-bool check_push_update_option_flags(char *line, int *i, unsigned int *flags);
+bool check_push_update_option_flags(char *line, int *i, uint64_t *flags);
 
 #endif /* ifndef OPTIONS_UTIL_H_ */