From dc0d7355bc3229c724eabdbe1ebc0e74baa020df Mon Sep 17 00:00:00 2001
From: Mazet Laurent <laurent.mazet@thalesgroup.com>
Date: Fri, 6 Jun 2025 16:52:21 +0200
Subject: [PATCH] add timeout in MOREP receive function

---
 mapec.c      |  5 ++--
 mapec_test.c |  1 -
 ulvpn.c      | 73 ++++++++++++++++++++++++++++++++++------------------
 3 files changed, 51 insertions(+), 28 deletions(-)

diff --git a/mapec.c b/mapec.c
index 4f8877f..be3f62e 100644
--- a/mapec.c
+++ b/mapec.c
@@ -13,7 +13,6 @@
 */
 
 #include <arpa/inet.h>
-#include <assert.h>
 #include <errno.h>
 #include <fcntl.h>
 #include <linux/if_tun.h>
@@ -391,7 +390,9 @@ int MAPEC_Send (int fid, unsigned char *data, int len)
 
     VERBOSE (mapec, TRACE, PRINTF ("MAPEC_Send\n"));
 
-    assert (((data != NULL) && (len > 0)) || ((data == NULL) && (len == 0)));
+    if ((data == NULL) || (len <= 0)) {
+        return 0;
+    }
 
     if ((fid < 0) || (fid >= MAX_MAPEC_NUMBER) || (MAPEC_list[fid] == NULL)) {
         errno = EBADF;
diff --git a/mapec_test.c b/mapec_test.c
index e44bf47..293d535 100644
--- a/mapec_test.c
+++ b/mapec_test.c
@@ -19,7 +19,6 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <errno.h>
-#include <assert.h>
 #include <pthread.h>
 #include <string.h>
 #include <unistd.h>
diff --git a/ulvpn.c b/ulvpn.c
index d460120..9a76865 100644
--- a/ulvpn.c
+++ b/ulvpn.c
@@ -39,9 +39,12 @@ char *loctun = "tun://10.2.0.1";
 char *remtun = "tun://10.2.1.0";
 char *locudp = "udp://10.1.0.1:1234";
 char *remudp = "udp://10.1.0.2:1235";
-char *cmblack = "";
-char *cmred = "";
+char *cmlocblack = NULL;
+char *cmremblack = NULL;
+char *cmlocred = NULL;
+char *cmremred = NULL;
 
+int timeout = 100; /* ms */
 int stop = 0;
 
 #define BUFMAX 4096
@@ -52,8 +55,10 @@ DECLARE_VERBOSE_LEVEL (ulvpn, INFO);
 
 typedef struct {
     uint8_t aad[4];
-    int red;
-    int black;
+    int rxred;
+    int rxblack;
+    int txred;
+    int txblack;
 } cm_t;
 
 void sig_handler (int sig)
@@ -70,7 +75,7 @@ void sig_handler (int sig)
 
 void usage (void)
 {
-    printf ("usage: %s [-d devtun] [-h] [-l loctun] [-r remtun] [-t locudp] [-u remudp] [-v int] [-w]\n", progname);
+    printf ("usage: %s [-d devtun] [-h] [-l loctun] [-r remtun] [-t locudp] [-u remudp] [-v int] [-x url url] [-y url url] [-w]\n", progname);
     printf (" -d: dev tun (%s)\n", devtun);
     printf (" -h: help message\n");
     printf (" -l: local tun (%s)\n", loctun);
@@ -79,8 +84,8 @@ void usage (void)
     printf (" -u: remote udp (%s)\n", remudp);
     printf (" -v: program verbose level [%d..%d] (%d)\n", ERROR, TRACE, GET_VERBOSE_LEVEL (ulvpn));
     printf (" -V: library verbose level [%d..%d] (%d)\n", ERROR, TRACE, GET_VERBOSE_LEVEL (mapec));
-    printf (" -x: black CM service (%s)\n", cmblack);
-    printf (" -y: red CM service (%s)\n", cmred);
+    printf (" -x: black CM service (%s|%s)\n", cmlocblack, cmremblack);
+    printf (" -y: red CM service (%s|%s)\n", cmlocred, cmremred);
     printf ("%s version %s\n", progname, version);
 }
 
@@ -111,13 +116,13 @@ int encrypt (uint8_t *buffer, int len, cm_t *cm)
         VERBOSE (ulvpn, WARNING, PRINTF ("error when serializing clear message\n"));
         return 0;
     }
-    int seqtx = MOREP_Send (cm->red, 0x00, out, out_len);
+    int seqtx = MOREP_Send (cm->txred, 0x00, out, out_len);
 
     /* get encrypted message and check it */
     uint8_t in[MAXPAYLOAD] = {0};
     uint8_t msgtype = 0;
     int in_len = 0;
-    int seqrx = MOREP_Receive (cm->black, &msgtype, in, &in_len);
+    int seqrx = MOREP_Receive_timeout (cm->rxblack, &msgtype, in, &in_len, timeout);
     if ((msgtype != 0x01) || (in_len != out_len + 16) || (seqtx != seqrx)) {
         VERBOSE (ulvpn, WARNING, PRINTF ("non-coherent encrypyted message\n"));
         return 0;
@@ -184,13 +189,13 @@ int decrypt (uint8_t *buffer, int len, cm_t *cm)
         VERBOSE (ulvpn, WARNING, PRINTF ("error when serializing encrypted message\n"));
         return 0;
     }
-    int seqtx = MOREP_Send (cm->black, 0x02, out, out_len);
+    int seqtx = MOREP_Send (cm->txblack, 0x02, out, out_len);
 
     /* get clear message and check it */
     uint8_t in[MAXPAYLOAD] = {0};
     uint8_t msgtype = 0;
     int in_len = 0;
-    int seqrx = MOREP_Receive (cm->red, &msgtype, in, &in_len);
+    int seqrx = MOREP_Receive_timeout (cm->rxred, &msgtype, in, &in_len, timeout);
     if ((msgtype != 0x03) || (in_len != out_len - 16) || (seqtx != seqrx)) {
         VERBOSE (ulvpn, WARNING, PRINTF ("non-coherent decrypted message\n"));
         return 0;
@@ -231,6 +236,7 @@ int main (int argc, char **argv)
     /* process argument */
     while (argc-- > 1) {
         char *arg = *(++argv);
+        char *arg2;
         if (arg[0] != '-') {
             usage ();
             return 1;
@@ -295,19 +301,23 @@ int main (int argc, char **argv)
             break;
         case 'x':
             arg = (arg[2]) ? arg + 2 : (--argc > 0) ? *(++argv) : NULL;
-            if (arg == NULL) {
+            arg2 = (arg) && (--argc > 0) ? *(++argv) : NULL;
+            if ((arg == NULL) || (arg2 == NULL)) {
                 VERBOSE (ulvpn, ERROR, PRINTF ("%s: black cm service not specified\n", progname));
                 return 1;
             }
-            cmblack = arg;
+            cmlocblack = arg;
+            cmremblack = arg2;
             break;
         case 'y':
             arg = (arg[2]) ? arg + 2 : (--argc > 0) ? *(++argv) : NULL;
-            if (arg == NULL) {
+            arg2 = (arg) && (--argc > 0) ? *(++argv) : NULL;
+            if ((arg == NULL) || (arg2 == NULL)) {
                 VERBOSE (ulvpn, ERROR, PRINTF ("%s: red cm service not specified\n", progname));
                 return 1;
             }
-            cmred = arg;
+            cmlocred = arg;
+            cmremred = arg2;
             break;
         case 'h':
         default:
@@ -329,14 +339,23 @@ int main (int argc, char **argv)
     }
 
     /* init crypto module */
-    cm_t cm = {{0, 0, 0, 0}, -1, -1};
-    if ((cmblack) && (*cmblack)) {
-        cm.black = MOREP_Connect (cmblack);
-    }
-    if ((cmred) && (*cmred)) {
-        cm.red = MOREP_Connect (cmred);
+    cm_t cm = {{0, 0, 0, 0}, -1, -1, -1, -1};
+    int cmok = 0;
+    if ((cmlocblack) && (cmremblack) && (cmlocred) && (cmremred)) {
+        cmok = 1;
+        if ((cm.rxblack = MOREP_Connect (cmlocblack)) < 0) {
+            cmok = 0;
+        }
+        if ((cm.txblack = MOREP_Connect (cmremblack)) < 0) {
+            cmok = 0;
+        }
+        if ((cm.rxred = MOREP_Connect (cmlocred)) < 0) {
+            cmok = 0;
+        }
+        if ((cm.txred = MOREP_Connect (cmremred)) < 0) {
+            cmok = 0;
+        }
     }
-    int cmok = (cm.black >= 0) && (cm.red >= 0);
     if (!cmok) {
         VERBOSE (ulvpn, INFO, PRINTF ("CM desactivated\n"));
     }
@@ -378,13 +397,17 @@ int main (int argc, char **argv)
                     r = encrypt (buffer, r, &cm);
                 }
 
-                r = MAPEC_Send (udp_fd, buffer, r);
-                if (r < 0) {
+                if (r > 0) {
+                    r = MAPEC_Send (udp_fd, buffer, r);
+                }
+                if (r <= 0) {
                     // TODO: ignore some errno
                     VERBOSE (ulvpn, ERROR, PRINTF ("error when sending to udp\n"));
                     //break;
-                } else {
+                } else if (r > 0) {
                     VERBOSE (ulvpn, DEBUG, PRINTF ("sent to udp %d bytes\n", r));
+                } else {
+                    VERBOSE (ulvpn, DEBUG, PRINTF ("nothing sent to udp\n"));
                 }
             }
 
-- 
2.30.2