Packets sent over the ovpn interface are processed and transmitted to the
connected peer, if any.
Implementation is UDP only. TCP will be added by a later patch.
Note: no crypto/encapsulation exists yet. Packets are just captured and
sent.
Signed-off-by: Antonio Quartulli
---
drivers/net
Add basic infrastructure for handling ovpn interfaces.
Tested-by: Donald Hunter
Signed-off-by: Antonio Quartulli
---
Documentation/netlink/specs/rt_link.yaml | 16 +
drivers/net/ovpn/Makefile| 1 +
drivers/net/ovpn/io.c| 22 ++
drivers/net/ovpn
This change implements encryption/decryption and
encapsulation/decapsulation of OpenVPN packets.
Support for generic crypto state is added along with
a wrapper for the AEAD crypto kernel API.
Signed-off-by: Antonio Quartulli
---
drivers/net/Kconfig| 4 +
drivers/net/ovpn/Makefile
it, even if IPV6 is
not compiled in.
Cc: David Ahern
Cc: Eric Dumazet
Cc: Jakub Kicinski
Cc: Paolo Abeni
Cc: Simon Horman
Signed-off-by: Antonio Quartulli
---
drivers/net/Kconfig | 1 +
drivers/net/ovpn/Makefile | 1 +
drivers/net/ovpn/io.c | 4 +
drivers/net/ovpn/mai
and add a
new interface named skb_send_sock_locked_with_flags().
Cc: Eric Dumazet
Cc: Jakub Kicinski
Cc: Paolo Abeni
Cc: Simon Horman
Signed-off-by: Antonio Quartulli
---
include/linux/skbuff.h | 2 ++
net/core/skbuff.c | 18 +-
2 files changed, 15 insertions(+), 5 delet
Userspace may want to pass the MSG_NOSIGNAL flag to
tcp_sendmsg() in order to avoid generating a SIGPIPE.
To pass this flag down the TCP stack a new skb sending API
accepting a flags argument is introduced.
Cc: Eric Dumazet
Cc: Paolo Abeni
Signed-off-by: Antonio Quartulli
---
drivers/net
Byte/packet counters for in-tunnel and transport streams
are now initialized and updated as needed.
To be exported via netlink.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/Makefile | 1 +
drivers/net/ovpn/io.c | 12 +++-
drivers/net/ovpn/peer.c | 2 ++
drivers/net
+++ b/tools/testing/selftests/net/ovpn/common.sh
@@ -0,0 +1,92 @@
+#!/bin/bash
+# SPDX-License-Identifier: GPL-2.0
+# Copyright (C) 2020-2025 OpenVPN, Inc.
+#
+# Author: Antonio Quartulli
+
+UDP_PEERS_FILE=${UDP_PEERS_FILE:-udp_peers.txt}
+TCP_PEERS_FILE=${TCP_PEERS_FILE:-tcp_peers.txt}
+OV
: Antonio Quartulli
---
drivers/net/ovpn/peer.c | 301 ++--
1 file changed, 291 insertions(+), 10 deletions(-)
diff --git a/drivers/net/ovpn/peer.c b/drivers/net/ovpn/peer.c
index
bed2e591c000c4efecdcd92db484e590f97f9f7f
ovpn_peer, also the ovpn_bind object is introcued
as the two are strictly related.
An ovpn_bind object wraps a sockaddr representing the local
coordinates being used to talk to a specific peer.
Signed-off-by: Antonio Quartulli
---
drivers/net/Kconfig | 1 +
drivers/net/ovpn/Makefile | 2
Whenever a peer is deleted, send a notification to userspace so that it
can react accordingly.
This is most important when a peer is deleted due to ping timeout,
because it all happens in kernelspace and thus userspace has no direct
way to learn about it.
Signed-off-by: Antonio Quartulli
Implement support for basic ethtool functionality.
Note that ovpn is a virtual device driver, therefore
various ethtool APIs are just not meaningful and thus
not implemented.
Signed-off-by: Antonio Quartulli
Reviewed-by: Andrew Lunn
---
drivers/net/ovpn/main.c | 15 +++
1 file
This change introduces the netlink commands needed to add, get, delete
and swap keys for a specific peer.
Userspace is expected to use these commands to create, inspect (non
sensitive data only), destroy and rotate session keys for a specific
peer.
Signed-off-by: Antonio Quartulli
---
drivers
This change introduces the netlink command needed to add, delete and
retrieve/dump known peers. Userspace is expected to use these commands
to handle known peer lifecycles.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/netlink.c | 677
amount of traffic by
periodically polling GET_PEER and fetching the VPN/LINK stats.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/crypto.c | 19 ++
drivers/net/ovpn/crypto.h | 2 ++
drivers/net/ovpn/io.c | 13 ++
drivers/net/ovpn/netlink.c | 64
/ovpn/netlink-gen.h
Reviewed-by: Donald Hunter
Signed-off-by: Antonio Quartulli
---
Documentation/netlink/specs/ovpn.yaml | 367 ++
MAINTAINERS | 2 +
drivers/net/ovpn/Makefile | 2 +
drivers/net/ovpn/main.c
OpenVPN supports configuring a periodic keepalive packet.
message to allow the remote endpoint detect link failures.
This change implements the keepalive sending and timer expiring logic.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/io.c | 74
drivers/net/ovpn
An ovpn interface configured in MP mode will keep carrier always
on and let the user decide when to bring it administratively up and
down.
This way a MP node (i.e. a server) will keep its interface always
up and running, even when no peer is connected.
Signed-off-by: Antonio Quartulli
In case of UDP links, the local or remote endpoint used to communicate
with a given peer may change without a connection restart.
Add support for learning the new address in case of change.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/io.c | 8 ++
drivers/net/ovpn/peer.c | 213
On 2/27/25 5:21 PM, Jakub Kicinski wrote:
On Thu, 27 Feb 2025 02:21:25 +0100 Antonio Quartulli wrote:
After some time of struggle trying to fix all hidden bugs that Sabrina
has found...here is v20!
Please note that some patches were already reviewed/tested by a few
people. These patches have
With this change an ovpn instance will be able to stay connected to
multiple remote endpoints.
This functionality is strictly required when running ovpn on an
OpenVPN server.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/main.c | 64 +--
drivers/net/ovpn/ovpnpriv.h
With this change an ovpn instance will be able to stay connected to
multiple remote endpoints.
This functionality is strictly required when running ovpn on an
OpenVPN server.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/main.c | 64 +--
drivers/net/ovpn/ovpnpriv.h
On 05/03/2025 12:20, Sabrina Dubroca wrote:
2025-03-05, 00:19:32 +0100, Antonio Quartulli wrote:
On 04/03/2025 19:37, Sabrina Dubroca wrote:
2025-03-04, 01:33:48 +0100, Antonio Quartulli wrote:
A peer connected via UDP may change its IP address without reconnecting
(float).
Should that
On 05/03/2025 11:11, Sabrina Dubroca wrote:
2025-03-05, 02:00:21 +0100, Antonio Quartulli wrote:
On 05/03/2025 00:09, Sabrina Dubroca wrote:
2025-03-04, 13:11:28 +0100, Antonio Quartulli wrote:
On 04/03/2025 13:00, Sabrina Dubroca wrote:
2025-03-04, 01:33:50 +0100, Antonio Quartulli wrote
On 04/03/2025 15:35, Sabrina Dubroca wrote:
2025-03-04, 01:33:49 +0100, Antonio Quartulli wrote:
@@ -1317,11 +1336,16 @@ void ovpn_peer_keepalive_work(struct work_struct *work)
/* prevent rearming if the interface is being destroyed */
if (next_run > 0 && ovpn-
On 05/03/2025 00:19, Antonio Quartulli wrote:
On 04/03/2025 19:37, Sabrina Dubroca wrote:
2025-03-04, 01:33:48 +0100, Antonio Quartulli wrote:
A peer connected via UDP may change its IP address without reconnecting
(float).
Should that trigger a reset of the peer->dst_cache? And same w
Add basic infrastructure for handling ovpn interfaces.
Tested-by: Donald Hunter
Signed-off-by: Antonio Quartulli
---
Documentation/netlink/specs/rt_link.yaml | 16 +
drivers/net/ovpn/Makefile| 1 +
drivers/net/ovpn/io.c| 22 ++
drivers/net/ovpn
/ovpn/netlink-gen.h
Reviewed-by: Donald Hunter
Signed-off-by: Antonio Quartulli
---
Documentation/netlink/specs/ovpn.yaml | 367 ++
MAINTAINERS | 2 +
drivers/net/ovpn/Makefile | 2 +
drivers/net/ovpn/main.c
ff-by: Antonio Quartulli
---
MAINTAINERS | 8
drivers/net/Kconfig | 8
drivers/net/Makefile | 1 +
drivers/net/ovpn/Makefile | 10 +
drivers/net/ovpn/main.c | 112 ++
5 files changed, 139 insertions(+)
avoid useless casts
Please note that some patches were already reviewed/tested by a few
people. These patches have retained the tags as they have hardly been
touched.
The latest code can also be found at:
https://github.com/OpenVPN/ovpn-net-next
Thanks a lot!
Best Regards,
Antonio Quartulli
OpenV
a later
patch.
Cc: willemdebruijn.ker...@gmail.com
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/Makefile | 2 +
drivers/net/ovpn/main.c | 2 +-
drivers/net/ovpn/peer.c | 28 +--
drivers/net/ovpn/peer.h | 6 +-
drivers/net/ovpn/socket.c | 208
An ovpn interface configured in MP mode will keep carrier always
on and let the user decide when to bring it administratively up and
down.
This way a MP node (i.e. a server) will keep its interface always
up and running, even when no peer is connected.
Signed-off-by: Antonio Quartulli
Packets received over the socket are forwarded to the user device.
Implementation is UDP only. TCP will be added by a later patch.
Note: no decryption/decapsulation exists yet, packets are forwarded as
they arrive without much processing.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn
This change implements encryption/decryption and
encapsulation/decapsulation of OpenVPN packets.
Support for generic crypto state is added along with
a wrapper for the AEAD crypto kernel API.
Signed-off-by: Antonio Quartulli
---
drivers/net/Kconfig| 4 +
drivers/net/ovpn/Makefile
ovpn_peer, also the ovpn_bind object is introcued
as the two are strictly related.
An ovpn_bind object wraps a sockaddr representing the local
coordinates being used to talk to a specific peer.
Signed-off-by: Antonio Quartulli
---
drivers/net/Kconfig | 1 +
drivers/net/ovpn/Makefile | 2
and add a
new interface named skb_send_sock_locked_with_flags().
Cc: Eric Dumazet
Cc: Jakub Kicinski
Cc: Paolo Abeni
Cc: Simon Horman
Signed-off-by: Antonio Quartulli
---
include/linux/skbuff.h | 2 ++
net/core/skbuff.c | 18 +-
2 files changed, 15 insertions(+), 5 delet
Userspace may want to pass the MSG_NOSIGNAL flag to
tcp_sendmsg() in order to avoid generating a SIGPIPE.
To pass this flag down the TCP stack a new skb sending API
accepting a flags argument is introduced.
Cc: Eric Dumazet
Cc: Paolo Abeni
Signed-off-by: Antonio Quartulli
---
drivers/net
This change introduces the netlink command needed to add, delete and
retrieve/dump known peers. Userspace is expected to use these commands
to handle known peer lifecycles.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/netlink.c | 677
In case of UDP links, the local or remote endpoint used to communicate
with a given peer may change without a connection restart.
Add support for learning the new address in case of change.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/io.c | 8 ++
drivers/net/ovpn/peer.c | 213
Whenever a peer is deleted, send a notification to userspace so that it
can react accordingly.
This is most important when a peer is deleted due to ping timeout,
because it all happens in kernelspace and thus userspace has no direct
way to learn about it.
Signed-off-by: Antonio Quartulli
Packets sent over the ovpn interface are processed and transmitted to the
connected peer, if any.
Implementation is UDP only. TCP will be added by a later patch.
Note: no crypto/encapsulation exists yet. Packets are just captured and
sent.
Signed-off-by: Antonio Quartulli
---
drivers/net
Implement support for basic ethtool functionality.
Note that ovpn is a virtual device driver, therefore
various ethtool APIs are just not meaningful and thus
not implemented.
Signed-off-by: Antonio Quartulli
Reviewed-by: Andrew Lunn
---
drivers/net/ovpn/main.c | 15 +++
1 file
+++ b/tools/testing/selftests/net/ovpn/common.sh
@@ -0,0 +1,92 @@
+#!/bin/bash
+# SPDX-License-Identifier: GPL-2.0
+# Copyright (C) 2020-2025 OpenVPN, Inc.
+#
+# Author: Antonio Quartulli
+
+UDP_PEERS_FILE=${UDP_PEERS_FILE:-udp_peers.txt}
+TCP_PEERS_FILE=${TCP_PEERS_FILE:-tcp_peers.txt}
+OV
Byte/packet counters for in-tunnel and transport streams
are now initialized and updated as needed.
To be exported via netlink.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/Makefile | 1 +
drivers/net/ovpn/io.c | 12 +++-
drivers/net/ovpn/peer.c | 2 ++
drivers/net
amount of traffic by
periodically polling GET_PEER and fetching the VPN/LINK stats.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/crypto.c | 19 ++
drivers/net/ovpn/crypto.h | 2 ++
drivers/net/ovpn/io.c | 13 ++
drivers/net/ovpn/netlink.c | 64
OpenVPN supports configuring a periodic keepalive packet.
message to allow the remote endpoint detect link failures.
This change implements the keepalive sending and timer expiring logic.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/io.c | 74
drivers/net/ovpn
This change introduces the netlink commands needed to add, get, delete
and swap keys for a specific peer.
Userspace is expected to use these commands to create, inspect (non
sensitive data only), destroy and rotate session keys for a specific
peer.
Signed-off-by: Antonio Quartulli
---
drivers
it, even if IPV6 is
not compiled in.
Cc: David Ahern
Cc: Eric Dumazet
Cc: Jakub Kicinski
Cc: Paolo Abeni
Cc: Simon Horman
Signed-off-by: Antonio Quartulli
---
drivers/net/Kconfig | 1 +
drivers/net/ovpn/Makefile | 1 +
drivers/net/ovpn/io.c | 4 +
drivers/net/ovpn/mai
On 13/02/2025 16:46, Sabrina Dubroca wrote:
2025-02-13, 12:46:34 +0100, Antonio Quartulli wrote:
On 13/02/2025 00:34, Sabrina Dubroca wrote:
Hello,
2025-02-11, 01:39:53 +0100, Antonio Quartulli wrote:
All minor and major reported problems have been finally addressed.
Big thanks to Sabrina
Hi Sean,
On 13/02/2025 15:26, Sean Anderson wrote:
Hi Antonio,
On 2/10/25 19:39, Antonio Quartulli wrote:
NOTE: TCP tests are still showing the following warning while running
iperf.
I have analysed the report several times, but it definitely looks like
a false positive to me, so nothing to
e Reviewed-by Shuah Khan tag on that specific patch)
The latest code can also be found at:
https://github.com/OpenVPN/ovpn-net-next
Thanks a lot!
Best Regards,
Antonio Quartulli
OpenVPN Inc.
---
Antonio Quartulli (25):
mailmap: remove unwanted entry for Antonio Quartulli
net: intr
anto...@openvpn.net is still used for sending
patches under the OpenVPN Inc. umbrella, therefore this
address should not be re-mapped.
Cc: Andrew Morton
Signed-off-by: Antonio Quartulli
---
.mailmap | 1 -
1 file changed, 1 deletion(-)
diff --git a/.mailmap b/.mailmap
index
ff-by: Antonio Quartulli
---
MAINTAINERS | 8
drivers/net/Kconfig | 8
drivers/net/Makefile | 1 +
drivers/net/ovpn/Makefile | 10 +
drivers/net/ovpn/main.c | 112 ++
5 files changed, 139 insertions(+)
Add basic infrastructure for handling ovpn interfaces.
Tested-by: Donald Hunter
Signed-off-by: Antonio Quartulli
---
Documentation/netlink/specs/rt_link.yaml | 16 +
drivers/net/ovpn/Makefile| 1 +
drivers/net/ovpn/io.c| 22 ++
drivers/net/ovpn
ovpn_peer, also the ovpn_bind object is introcued
as the two are strictly related.
An ovpn_bind object wraps a sockaddr representing the local
coordinates being used to talk to a specific peer.
Signed-off-by: Antonio Quartulli
---
drivers/net/Kconfig | 1 +
drivers/net/ovpn/Makefile | 2
Packets sent over the ovpn interface are processed and transmitted to the
connected peer, if any.
Implementation is UDP only. TCP will be added by a later patch.
Note: no crypto/encapsulation exists yet. Packets are just captured and
sent.
Signed-off-by: Antonio Quartulli
---
drivers/net
An ovpn interface configured in MP mode will keep carrier always
on and let the user decide when to bring it administratively up and
down.
This way a MP node (i.e. a server) will keep its interface always
up and running, even when no peer is connected.
Signed-off-by: Antonio Quartulli
Packets received over the socket are forwarded to the user device.
Implementation is UDP only. TCP will be added by a later patch.
Note: no decryption/decapsulation exists yet, packets are forwarded as
they arrive without much processing.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn
a later
patch.
Cc: willemdebruijn.ker...@gmail.com
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/Makefile | 2 +
drivers/net/ovpn/main.c | 2 +-
drivers/net/ovpn/peer.c | 28 +--
drivers/net/ovpn/peer.h | 6 +-
drivers/net/ovpn/socket.c | 208
and add a
new interface named skb_send_sock_locked_with_flags().
Cc: Eric Dumazet
Cc: Jakub Kicinski
Cc: Paolo Abeni
Cc: Simon Horman
Signed-off-by: Antonio Quartulli
---
include/linux/skbuff.h | 2 ++
net/core/skbuff.c | 18 +-
2 files changed, 15 insertions(+), 5 delet
This change implements encryption/decryption and
encapsulation/decapsulation of OpenVPN packets.
Support for generic crypto state is added along with
a wrapper for the AEAD crypto kernel API.
Signed-off-by: Antonio Quartulli
---
drivers/net/Kconfig| 4 +
drivers/net/ovpn/Makefile
Byte/packet counters for in-tunnel and transport streams
are now initialized and updated as needed.
To be exported via netlink.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/Makefile | 1 +
drivers/net/ovpn/io.c | 12 +++-
drivers/net/ovpn/peer.c | 2 ++
drivers/net
it, even if IPV6 is
not compiled in.
Cc: David Ahern
Cc: Eric Dumazet
Cc: Jakub Kicinski
Cc: Paolo Abeni
Cc: Simon Horman
Signed-off-by: Antonio Quartulli
---
drivers/net/Kconfig | 1 +
drivers/net/ovpn/Makefile | 1 +
drivers/net/ovpn/io.c | 4 +
drivers/net/ovpn/mai
: Antonio Quartulli
---
drivers/net/ovpn/peer.c | 301 ++--
1 file changed, 291 insertions(+), 10 deletions(-)
diff --git a/drivers/net/ovpn/peer.c b/drivers/net/ovpn/peer.c
index
b21ef6f10a7138e9f10c01b809df2cb0adf0abad
OpenVPN supports configuring a periodic keepalive packet.
message to allow the remote endpoint detect link failures.
This change implements the keepalive sending and timer expiring logic.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/io.c | 74
drivers/net/ovpn
In case of UDP links, the local endpoint used to communicate with a
given peer may change without a connection restart.
Add support for learning the new address in case of change.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/peer.c | 45
Userspace may want to pass the MSG_NOSIGNAL flag to
tcp_sendmsg() in order to avoid generating a SIGPIPE.
To pass this flag down the TCP stack a new skb sending API
accepting a flags argument is introduced.
Cc: Eric Dumazet
Cc: Paolo Abeni
Signed-off-by: Antonio Quartulli
---
drivers/net
With this change an ovpn instance will be able to stay connected to
multiple remote endpoints.
This functionality is strictly required when running ovpn on an
OpenVPN server.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/main.c | 68 -
drivers/net/ovpn/ovpnpriv.h
A peer connected via UDP may change its IP address without reconnecting
(float).
Add support for detecting and updating the new peer IP/port in case of
floating.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/io.c | 8 ++
drivers/net/ovpn/peer.c | 243
amount of traffic by
periodically polling GET_PEER and fetching the VPN/LINK stats.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/crypto.c | 19 ++
drivers/net/ovpn/crypto.h | 2 ++
drivers/net/ovpn/io.c | 13 ++
drivers/net/ovpn/netlink.c | 64
Whenever a peer is deleted, send a notification to userspace so that it
can react accordingly.
This is most important when a peer is deleted due to ping timeout,
because it all happens in kernelspace and thus userspace has no direct
way to learn about it.
Signed-off-by: Antonio Quartulli
v/null
+++ b/tools/testing/selftests/net/ovpn/common.sh
@@ -0,0 +1,92 @@
+#!/bin/bash
+# SPDX-License-Identifier: GPL-2.0
+# Copyright (C) 2020-2025 OpenVPN, Inc.
+#
+# Author: Antonio Quartulli
+
+UDP_PEERS_FILE=${UDP_PEERS_FILE:-udp_peers.txt}
+TCP_PEERS_FILE=${TCP_PEERS_FILE:-tcp_peers.txt}
+OV
/ovpn/netlink-gen.h
Reviewed-by: Donald Hunter
Signed-off-by: Antonio Quartulli
---
Documentation/netlink/specs/ovpn.yaml | 371 ++
MAINTAINERS | 2 +
drivers/net/ovpn/Makefile | 2 +
drivers/net/ovpn/main.c
This change introduces the netlink commands needed to add, get, delete
and swap keys for a specific peer.
Userspace is expected to use these commands to create, inspect (non
sensitive data only), destroy and rotate session keys for a specific
peer.
Signed-off-by: Antonio Quartulli
---
drivers
Implement support for basic ethtool functionality.
Note that ovpn is a virtual device driver, therefore
various ethtool APIs are just not meaningful and thus
not implemented.
Signed-off-by: Antonio Quartulli
Reviewed-by: Andrew Lunn
---
drivers/net/ovpn/main.c | 15 +++
1 file
This change introduces the netlink command needed to add, delete and
retrieve/dump known peers. Userspace is expected to use these commands
to handle known peer lifecycles.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/netlink.c | 677
Hi Sabrina,
do you plan to drop more comments at the patchset at this point?
I have gone through all requested changes and I'll just get the patches
ready for submission once net-next is open again.
Thanks a lot!
Cheers,
On 18/03/2025 02:40, Antonio Quartulli wrote:
Notable changes
On 01/04/2025 15:05, Sabrina Dubroca wrote:
2025-03-18, 02:40:41 +0100, Antonio Quartulli wrote:
+void ovpn_socket_release(struct ovpn_peer *peer)
+{
+ struct ovpn_socket *sock;
+
+ might_sleep();
+
+ /* release may be invoked after socket was detached */
+ rcu_read_lock
On 01/04/2025 12:02, Sabrina Dubroca wrote:
2025-03-18, 02:40:46 +0100, Antonio Quartulli wrote:
+static void ovpn_tcp_rcv(struct strparser *strp, struct sk_buff *skb)
+{
[...]
+ /* we need the first byte of data to be accessible
nit: and "first byte" here too (that com
On 01/04/2025 11:59, Sabrina Dubroca wrote:
2025-03-18, 02:40:44 +0100, Antonio Quartulli wrote:
+/* this swap is not atomic, but there will be a very short time frame where the
+ * old_secondary key won't be available. This should not be a big deal as most
+ * likely both peers are al
On 01/04/2025 14:51, Sabrina Dubroca wrote:
2025-03-18, 02:40:51 +0100, Antonio Quartulli wrote:
@@ -124,6 +154,13 @@ void ovpn_decrypt_post(void *data, int ret)
goto drop;
}
+ if (ovpn_is_keepalive(skb)) {
+ net_dbg_ratelimited
On 01/04/2025 15:49, Sabrina Dubroca wrote:
2025-03-18, 02:40:42 +0100, Antonio Quartulli wrote:
+static int ovpn_udp_output(struct ovpn_peer *peer, struct dst_cache *cache,
+ struct sock *sk, struct sk_buff *skb)
+{
+ struct ovpn_bind *bind;
+ int ret
On 01/04/2025 11:47, Sabrina Dubroca wrote:
2025-03-18, 02:40:43 +0100, Antonio Quartulli wrote:
diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c
index
024458ef163c9e24dfb37aea2690b2030f6a0fbc..b30175e34230d3dbf5d253838df894f0625c705c
100644
--- a/net/ipv6/udp.c
+++ b/net/ipv6/udp.c
@@ -1933,6
601 - 683 of 683 matches
Mail list logo
