Fix DoGlobalRequestFwd and Add the regress tests

Author: yosuke-wolfssl

src/internal.c

@@ -8496,16 +8496,30 @@ static int DoGlobalRequestFwd(WOLFSSH* ssh,
                 isCancel ? " cancel" : "", bindAddr, bindPort);
     }
 
-    if (ret == WS_SUCCESS && wantReply) {
-        ret = SendGlobalRequestFwdSuccess(ssh, 1, bindPort);
-    }
-
     if (ret == WS_SUCCESS) {
         if (ssh->ctx->fwdCb) {
             ret = ssh->ctx->fwdCb(isCancel ? WOLFSSH_FWD_REMOTE_CLEANUP :
                         WOLFSSH_FWD_REMOTE_SETUP,
                     ssh->fwdCbCtx, bindAddr, bindPort);
         }
+        else {
+            WLOG(WS_LOG_WARN, "No forwarding callback set, rejecting request. "
+                "Set one with wolfSSH_CTX_SetFwdCb().");
+            ret = WS_UNIMPLEMENTED_E;
+        }
+    }
+
+    if (wantReply) {
+        if (ret == WS_SUCCESS) {
+            ret = SendGlobalRequestFwdSuccess(ssh, 1, bindPort);
+        }
+        else {
+            ret = SendGlobalRequestFwdSuccess(ssh, 0, 0);
+        }
+    }
+    else if (ret == WS_UNIMPLEMENTED_E) {
+        /* No reply expected; silently reject without terminating connection. */
+        ret = WS_SUCCESS;
     }
 
     if (bindAddr != NULL)

tests/regress.c

@@ -231,6 +231,21 @@ static word32 BuildDirectTcpipExtra(const char* host, word32 hostPort,
 
     return idx;
 }
+
+static word32 BuildGlobalRequestFwdPacket(const char* bindAddr, word32 bindPort,
+        int isCancel, byte wantReply, byte* out, word32 outSz)
+{
+    byte payload[256];
+    word32 idx = 0;
+    const char* reqName = isCancel ? "cancel-tcpip-forward" : "tcpip-forward";
+
+    idx = AppendString(payload, sizeof(payload), idx, reqName);
+    idx = AppendByte  (payload, sizeof(payload), idx, wantReply);
+    idx = AppendString(payload, sizeof(payload), idx, bindAddr);
+    idx = AppendUint32(payload, sizeof(payload), idx, bindPort);
+
+    return WrapPacket(MSGID_GLOBAL_REQUEST, payload, idx, out, outSz);
+}
 #endif
 
 /* Simple in-memory transport harness */
@@ -957,6 +972,15 @@ static void AssertChannelOpenFailResponse(const ChannelOpenHarness* harness,
     AssertTrue(harness->ssh->channelList == NULL);
 }
 
+#ifdef WOLFSSH_FWD
+static void AssertGlobalRequestReply(const ChannelOpenHarness* harness,
+        byte expectedMsgId)
+{
+    AssertTrue(harness->io.outSz > 0);
+    AssertIntEQ(ParseMsgId(harness->io.out, harness->io.outSz), expectedMsgId);
+}
+#endif
+
 static int RejectChannelOpenCb(WOLFSSH_CHANNEL* channel, void* ctx)
 {
     (void)channel;
@@ -978,6 +1002,17 @@ static int RejectDirectTcpipSetup(WS_FwdCbAction action, void* ctx,
 
     return WS_SUCCESS;
 }
+
+static int AcceptFwdCb(WS_FwdCbAction action, void* ctx,
+        const char* host, word32 port)
+{
+    (void)action;
+    (void)ctx;
+    (void)host;
+    (void)port;
+
+    return WS_SUCCESS;
+}
 #endif
 
 
@@ -1239,6 +1274,101 @@ static void TestDirectTcpipNoFwdCbSendsOpenFail(void)
 
     ret = DoReceive(harness.ssh);
     AssertChannelOpenFailResponse(&harness, ret);
+    
+    FreeChannelOpenHarness(&harness);
+}
+
+static void TestGlobalRequestFwdNoCbSendsFailure(void)
+{
+    ChannelOpenHarness harness;
+    byte in[256];
+    word32 inSz;
+    int ret;
+
+    inSz = BuildGlobalRequestFwdPacket("0.0.0.0", 2222, 0, 1, in, sizeof(in));
+    InitChannelOpenHarness(&harness, in, inSz);
+    /* no fwdCb registered */
+
+    ret = DoReceive(harness.ssh);
+
+    AssertIntEQ(ret, WS_SUCCESS);
+    AssertGlobalRequestReply(&harness, MSGID_REQUEST_FAILURE);
+
+    FreeChannelOpenHarness(&harness);
+}
+
+static void TestGlobalRequestFwdNoCbNoReplyKeepsConnection(void)
+{
+    ChannelOpenHarness harness;
+    byte in[256];
+    word32 inSz;
+    int ret;
+
+    /* wantReply=0: no reply sent, connection must stay alive */
+    inSz = BuildGlobalRequestFwdPacket("0.0.0.0", 2222, 0, 0, in, sizeof(in));
+    InitChannelOpenHarness(&harness, in, inSz);
+    /* no fwdCb registered */
+
+    ret = DoReceive(harness.ssh);
+
+    AssertIntEQ(ret, WS_SUCCESS);
+    AssertIntEQ(harness.io.outSz, 0); /* no reply sent */
+
+    FreeChannelOpenHarness(&harness);
+}
+
+static void TestGlobalRequestFwdWithCbSendsSuccess(void)
+{
+    ChannelOpenHarness harness;
+    byte in[256];
+    word32 inSz;
+    int ret;
+
+    inSz = BuildGlobalRequestFwdPacket("0.0.0.0", 2222, 0, 1, in, sizeof(in));
+    InitChannelOpenHarness(&harness, in, inSz);
+    AssertIntEQ(wolfSSH_CTX_SetFwdCb(harness.ctx, AcceptFwdCb, NULL), WS_SUCCESS);
+
+    ret = DoReceive(harness.ssh);
+
+    AssertIntEQ(ret, WS_SUCCESS);
+    AssertGlobalRequestReply(&harness, MSGID_REQUEST_SUCCESS);
+
+    FreeChannelOpenHarness(&harness);
+}
+
+static void TestGlobalRequestFwdCancelNoCbSendsFailure(void)
+{
+    ChannelOpenHarness harness;
+    byte in[256];
+    word32 inSz;
+    int ret;
+
+    inSz = BuildGlobalRequestFwdPacket("0.0.0.0", 2222, 1, 1, in, sizeof(in));
+    InitChannelOpenHarness(&harness, in, inSz);
+
+    ret = DoReceive(harness.ssh);
+
+    AssertIntEQ(ret, WS_SUCCESS);
+    AssertGlobalRequestReply(&harness, MSGID_REQUEST_FAILURE);
+
+    FreeChannelOpenHarness(&harness);
+}
+
+static void TestGlobalRequestFwdCancelWithCbSendsSuccess(void)
+{
+    ChannelOpenHarness harness;
+    byte in[256];
+    word32 inSz;
+    int ret;
+
+    inSz = BuildGlobalRequestFwdPacket("0.0.0.0", 2222, 1, 1, in, sizeof(in));
+    InitChannelOpenHarness(&harness, in, inSz);
+    AssertIntEQ(wolfSSH_CTX_SetFwdCb(harness.ctx, AcceptFwdCb, NULL), WS_SUCCESS);
+
+    ret = DoReceive(harness.ssh);
+
+    AssertIntEQ(ret, WS_SUCCESS);
+    AssertGlobalRequestReply(&harness, MSGID_REQUEST_SUCCESS);
 
     FreeChannelOpenHarness(&harness);
 }
@@ -1707,6 +1837,11 @@ int main(int argc, char** argv)
 #ifdef WOLFSSH_FWD
     TestDirectTcpipRejectSendsOpenFail();
     TestDirectTcpipNoFwdCbSendsOpenFail();
+    TestGlobalRequestFwdNoCbSendsFailure();
+    TestGlobalRequestFwdNoCbNoReplyKeepsConnection();
+    TestGlobalRequestFwdWithCbSendsSuccess();
+    TestGlobalRequestFwdCancelNoCbSendsFailure();
+    TestGlobalRequestFwdCancelWithCbSendsSuccess();
 #endif
 #ifdef WOLFSSH_AGENT
     TestAgentChannelNullAgentSendsOpenFail();