From d4606b645ce98bc10b0f597717ec33b01ec73910 Mon Sep 17 00:00:00 2001
From: Daniel Lenski <dlenski@gmail.com>
Date: Mon, 8 Feb 2021 19:26:00 -0800
Subject: [PATCH] give nullppp the option of cancelling/terminating itself
 after negotation

With 'term' in the cookie, nullppp will initiate a clean termination after successful
PPP negiation.

This is a much cleaner way to run tests than starting OpenConnect in the background,
sleeping, and killing.

Signed-off-by: Daniel Lenski <dlenski@gmail.com>
---
 library.c              |  2 +-
 nullppp.c              | 15 ++++++++++++++-
 openconnect-internal.h |  1 +
 tests/common.sh        |  2 +-
 tests/ppp-over-tls     | 21 ++++++++-------------
 5 files changed, 25 insertions(+), 16 deletions(-)

diff --git a/library.c b/library.c
index f7eca7d6..63193e57 100644
--- a/library.c
+++ b/library.c
@@ -194,7 +194,7 @@ static const struct vpn_proto openconnect_protos[] = {
 		.description = N_("Unauthenticated RFC1661/RFC1662 PPP over TLS, for testing"),
 		.flags = OC_PROTO_PROXY | OC_PROTO_HIDDEN,
 		.tcp_connect = nullppp_connect,
-		.tcp_mainloop = ppp_mainloop,
+		.tcp_mainloop = nullppp_mainloop,
 		.add_http_headers = http_common_headers,
 		.obtain_cookie = nullppp_obtain_cookie,
 	}
diff --git a/nullppp.c b/nullppp.c
index bf2964b4..ef772f56 100644
--- a/nullppp.c
+++ b/nullppp.c
@@ -30,6 +30,7 @@
 #include <sys/types.h>
 
 #include "openconnect-internal.h"
+#include "ppp.h"
 
 int nullppp_obtain_cookie(struct openconnect_info *vpninfo)
 {
@@ -43,7 +44,7 @@ int nullppp_connect(struct openconnect_info *vpninfo)
 	int ret;
 	int ipv4, ipv6, hdlc;
 
-	/* XX: cookie hack. Use -C hdlc,noipv4,noipv6 on the
+	/* XX: cookie hack. Use -C hdlc,noipv4,noipv6,term on the
 	 * command line to set options. */
 	hdlc = strstr(vpninfo->cookie, "hdlc") ? 1 : 0;
 	ipv4 = strstr(vpninfo->cookie, "noipv4") ? 0 : 1;
@@ -69,3 +70,15 @@ int nullppp_connect(struct openconnect_info *vpninfo)
 
 	return ret;
 }
+
+int nullppp_mainloop(struct openconnect_info *vpninfo, int *timeout, int readable)
+{
+	if (vpninfo->ppp->ppp_state >= PPPS_NETWORK &&
+	    strstr(vpninfo->cookie, "term")) {
+		vpninfo->got_cancel_cmd = 1;
+		vpn_progress(vpninfo, PRG_ERR,
+			     _("Terminating because nullppp has reached network state.\n"));
+	}
+
+	return ppp_mainloop(vpninfo, timeout, readable);
+}
diff --git a/openconnect-internal.h b/openconnect-internal.h
index 72a3ad17..923109c1 100644
--- a/openconnect-internal.h
+++ b/openconnect-internal.h
@@ -980,6 +980,7 @@ int pulse_eap_ttls_recv(struct openconnect_info *vpninfo, void *data, int len);
 /* nullppp.c */
 int nullppp_obtain_cookie(struct openconnect_info *vpninfo);
 int nullppp_connect(struct openconnect_info *vpninfo);
+int nullppp_mainloop(struct openconnect_info *vpninfo, int *timeout, int readable);
 
 /* ppp.c */
 struct oc_ppp;
diff --git a/tests/common.sh b/tests/common.sh
index a9024dff..f0de258c 100644
--- a/tests/common.sh
+++ b/tests/common.sh
@@ -96,7 +96,7 @@ wait_server() {
 
 cleanup() {
 	ret=0
-	kill $PID
+	kill $PID 2>/dev/null
 	if test $? != 0;then
 		ret=1
 	fi
diff --git a/tests/ppp-over-tls b/tests/ppp-over-tls
index 0f26e0ff..2aa4ba59 100755
--- a/tests/ppp-over-tls
+++ b/tests/ppp-over-tls
@@ -23,7 +23,6 @@ top_builddir=${top_builddir:-..}
 . `dirname $0`/common.sh
 
 FINGERPRINT="--servercert=d66b507ae074d03b02eafca40d35f87dd81049d3"
-CLIPID=$SOCKDIR/oc-pid.$$.tmp
 CERT=$certdir/server-cert.pem
 KEY=$certdir/server-key.pem
 
@@ -40,6 +39,7 @@ IPV4_SUCCESS_1="rcvd [IPCP ConfAck "
 IPV4_SUCCESS_2="sent [IPCP ConfAck "
 IPV6_SUCCESS_1="rcvd [IPV6CP ConfAck "
 IPV6_SUCCESS_2="sent [IPV6CP ConfAck "
+TIMEOUT_3S_IDLE="idle 3"
 
 echo "Testing PPP ... "
 
@@ -47,8 +47,7 @@ echo -n "Connecting to PPP peer (HDLC/RFC1662, IPv4+IPv6, DNS, extraneous VJ and
 launch_simple_pppd $CERT $KEY $HDLC_YES $IPV4_YES $OFFER_DNS $IPV6_YES 2>&1
 wait_server "$PID"
 start=$(date +%s)
-LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q --protocol=nullppp $ADDRESS:443 -u test $FINGERPRINT --cookie "hdlc" -b --pid-file=$CLIPID >/dev/null 2>&1
-kill $(cat $CLIPID) > /dev/null 2>&1
+LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q --protocol=nullppp $ADDRESS:443 -u test $FINGERPRINT --cookie "hdlc,term" -Ss '' >/dev/null 2>&1
 took=$(( $(date +%s) - start ))
 if grep -qF "$IPV4_SUCCESS_1" $LOGFILE && grep -qF "$IPV4_SUCCESS_2" $LOGFILE && grep -qF "$IPV6_SUCCESS_1" $LOGFILE && grep -qF "$IPV6_SUCCESS_2" $LOGFILE; then
     echo "ok (took $took seconds)"
@@ -63,8 +62,7 @@ echo -n "Connecting to PPP peer (HDLC/RFC1662, IPv4+IPv6, DNS, extraneous VJ and
 launch_simple_pppd $CERT $KEY $HDLC_YES $IPV4_YES $OFFER_DNS $IPV6_YES $NO_HDR_COMP 2>&1
 wait_server "$PID"
 start=$(date +%s)
-LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q --protocol=nullppp $ADDRESS:443 -u test $FINGERPRINT --cookie "hdlc" -b --pid-file=$CLIPID >/dev/null 2>&1
-kill $(cat $CLIPID) > /dev/null 2>&1
+LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q --protocol=nullppp $ADDRESS:443 -u test $FINGERPRINT --cookie "hdlc,term" -Ss '' >/dev/null 2>&1
 took=$(( $(date +%s) - start ))
 if grep -qF "$IPV4_SUCCESS_1" $LOGFILE && grep -qF "$IPV4_SUCCESS_2" $LOGFILE && grep -qF "$IPV6_SUCCESS_1" $LOGFILE && grep -qF "$IPV6_SUCCESS_2" $LOGFILE; then
     echo "ok (took $took seconds)"
@@ -79,8 +77,7 @@ echo -n "Connecting to PPP peer (sync/no-HDLC, IPv4+IPv6, DNS, extraneous VJ and
 launch_simple_pppd $CERT $KEY $HDLC_NO $IPV4_YES $OFFER_DNS $IPV6_YES 2>&1
 wait_server "$PID"
 start=$(date +%s)
-LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q --protocol=nullppp $ADDRESS:443 -u test $FINGERPRINT -b --pid-file=$CLIPID >/dev/null 2>&1
-kill $(cat $CLIPID) > /dev/null 2>&1
+LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q --protocol=nullppp $ADDRESS:443 -u test $FINGERPRINT --cookie "term" -Ss '' >/dev/null 2>&1
 took=$(( $(date +%s) - start ))
 if grep -qF "$IPV4_SUCCESS_1" $LOGFILE && grep -qF "$IPV4_SUCCESS_2" $LOGFILE && grep -qF "$IPV6_SUCCESS_1" $LOGFILE && grep -qF "$IPV6_SUCCESS_2" $LOGFILE; then
     echo "ok (took $took seconds)"
@@ -95,8 +92,7 @@ echo -n "Connecting to PPP peer (HDLC/RFC1662, IPv4 only)... "
 launch_simple_pppd $CERT $KEY $HDLC_YES $NO_JUNK_COMP $IPV4_YES $IPV6_NO 2>&1
 wait_server "$PID"
 start=$(date +%s)
-LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q --protocol=nullppp $ADDRESS:443 -u test $FINGERPRINT --cookie "hdlc" -b --pid-file=$CLIPID >/dev/null 2>&1
-kill $(cat $CLIPID) > /dev/null 2>&2
+LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q --protocol=nullppp $ADDRESS:443 -u test $FINGERPRINT --cookie "hdlc,term" -Ss '' >/dev/null 2>&1
 took=$(( $(date +%s) - start ))
 if grep -qF "$IPV4_SUCCESS_1" $LOGFILE && grep -qF "$IPV4_SUCCESS_2" $LOGFILE; then
     echo "ok (took $took seconds)"
@@ -107,12 +103,11 @@ fi
 
 cleanup
 
-echo -n "Connecting to PPP peer (HDLC/RFC1662, IPv6 only)... "
-launch_simple_pppd $CERT $KEY $HDLC_YES $NO_JUNK_COMP $IPV4_NO $IPV6_YES 2>&1
+echo -n "Connecting to PPP peer (HDLC/RFC1662, IPv6 only, 3s idle timeout)... "
+launch_simple_pppd $CERT $KEY $HDLC_YES $NO_JUNK_COMP $IPV4_NO $IPV6_YES $TIMEOUT_3S_IDLE 2>&1
 wait_server "$PID"
 start=$(date +%s)
-LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q --protocol=nullppp $ADDRESS:443 -u test $FINGERPRINT --cookie "hdlc" -b --pid-file=$CLIPID >/dev/null 2>&1
-kill $(cat $CLIPID) > /dev/null 2>&2
+LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q --protocol=nullppp $ADDRESS:443 -u test $FINGERPRINT --cookie "hdlc" -Ss '' >/dev/null 2>&1
 took=$(( $(date +%s) - start ))
 if grep -qF "$IPV6_SUCCESS_1" $LOGFILE && grep -qF "$IPV6_SUCCESS_2" $LOGFILE; then
     echo "ok (took $took seconds)"
-- 
2.49.0