Re: [Openvpn-devel] [PATCH] PUSH_BUNDLE_SIZE is too short

Hi, sorry for my late reply! We use on server side managed AWS Clientvpn product[1], but we havent the problem with macosX or windows laptops, only with linux (ubuntu, centos and debian). Bye, [1] https://docs.aws.amazon.com/es_es/vpn/latest/clientvpn-admin/what-is.html El dom, 24 jul 2022 a la

[Openvpn-devel] [PATCH v2 15/25] dco: add documentation for ovpn-dco-linux

Signed-off-by: Antonio Quartulli --- Changes from v1: * removed text about TCP drop (cannot reproduce at the moment) * clarified version requirements for p2p and client mode --- Changes.rst | 9 ++ README.dco.md | 121 ++

[Openvpn-devel] [PATCH v3 14/25] dco: implement dco support for p2mp/server code path

This change introduces ovpn-dco support along the p2mp/server code path. Some code seems to be duplicate of the p2p version, but details are different, so it couldn't be shared. Signed-off-by: Antonio Quartulli --- Changes from v2: * rebased Changes from v1: * fix if condition P_DATA_V2 -> P_DA

Re: [Openvpn-devel] [PATCH 25/25] dco-win: update GH Actions config file

Hi, On Tue, Jul 05, 2022 at 11:36:37AM +0200, Antonio Quartulli wrote: > On 05/07/2022 11:32, Frank Lichtenheld wrote: > > I think this commit could use an additional sentence > > in the commit message on why exactly you remove this? > > > > Doesn't immediately make sense to me. > > To be honest

Re: [Openvpn-devel] [PATCH applied] Re: dco: implement dco support for p2p/client code path

Hi, On Thu, Aug 04, 2022 at 03:30:25PM +0200, Gert Doering wrote: > Test sets failed: 2b 2c 2f. So, this is an interesting one. To trigger this, you need to connect over UDP + IPv6 transport, and then you need to inject a packet into "openvpn with DCO" that is fragmented into two parts, wh

[Openvpn-devel] [PATCH 1/2] config-version.h: remove unused includes

We only need to include this when we want the git version. This is currently only the case in options.c Signed-off-by: Frank Lichtenheld --- src/openvpn/block_dns.c | 3 --- src/openvpn/plugin.c| 3 --- src/tapctl/main.c | 3 --- 3 files changed, 9 deletions(-) diff --git a/src/openvp

[Openvpn-devel] [PATCH 2/2] Reduce usage of __DATE__

To increase the reproducibility of builds we shouldn't use __DATE__. However, for the development builds there is some demand for leaving this in. So as suggested by Gert Doering go for a compromise where we only use __DATE__ if we also include the git information. This will remove this informatio

Re: [Openvpn-devel] [PATCH] openvpnmsica: remove OpenVPNService state check code

Hi, On Thu, Jul 28, 2022 at 7:19 AM Lev Stipakov wrote: > From: Lev Stipakov > > This code reads the state of OpenVPNService, > such as startup mode and running, and sets MSI > property value. If that property is set, installer > selects OpenVPNService as a feature to be installed. > > This has

Re: [Openvpn-devel] [PATCH applied] Re: dco: implement dco support for p2p/client code path

On 04/08/2022 15:30, Gert Doering wrote: Acked-by: Gert Doering []> Your patch has been applied to the master branch. Wohooo! Great stuff! Thanks to everybody who contributed to this first milestone! However, the party is not over yet :-) Cheers, commit b6f7b285767e66f5cbd3854cf0ff918e8

[Openvpn-devel] [PATCH applied] Re: dco: implement dco support for p2p/client code path

Acked-by: Gert Doering After all the preliminary infrastructure building, *this* is the beginning of the real thing :-) I have tested - full set of server side tests, without --enable-dco (this system does not have kernel DCO, so it does not matter) --> all works - full set of client s

Re: [Openvpn-devel] [PATCH 21/25] do_open_tun: restyle "can preserve TUN" check

Hi, On 04/08/2022 13:49, Lev Stipakov wrote: Hi, +static bool +can_preserve_tun(struct tuntap *tt) +{ +#ifdef TARGET_ANDROID +return false; +#elif _WIN32 +return tt && tt->dco.real_tun_init; Looks like dco.real_tun_init has been added in the very next patch, 22/25. Darn - must have

Re: [Openvpn-devel] [PATCH 21/25] do_open_tun: restyle "can preserve TUN" check

Hi, > +static bool > +can_preserve_tun(struct tuntap *tt) > +{ > +#ifdef TARGET_ANDROID > +return false; > +#elif _WIN32 > +return tt && tt->dco.real_tun_init; Looks like dco.real_tun_init has been added in the very next patch, 22/25. ___ Open

[Openvpn-devel] [PATCH applied] Re: dco: check that pulled options are compatible

Acked-by: Gert Doering Thanks for shuffling this around a bit :-) Tis is the same code change as v3, with a bit of reformatting in the message and comment, and it's applied in "part1" now (do_deferred_options()). Does nothing if DCO is not available (not compiled in / no kernel support), does t

Re: [Openvpn-devel] [PATCH v2] Break 'try 256 dco devices' loop on EPERM

Hi, On 04/08/2022 10:25, Gert Doering wrote: If we get a permission denied error on one DCO device, trying 255 more times will not succeed, and just fill the log file with errors. Also, remove the msg() call there because it was at debug level (needed --verb 4 to be seen), didn't see the correc

[Openvpn-devel] [PATCH v2] Break 'try 256 dco devices' loop on EPERM

If we get a permission denied error on one DCO device, trying 255 more times will not succeed, and just fill the log file with errors. Also, remove the msg() call there because it was at debug level (needed --verb 4 to be seen), didn't see the correct errno, and the sitnl code already prints the e

[Openvpn-devel] [PATCH v2 13/25] dco: implement dco support for p2p/client code path

With this change we introduce ovpn-dco support only along the p2p/client code path. Server codebase is still unchanged. Signed-off-by: Antonio Quartulli --- Changes from v1: * rebased --- src/openvpn/dco.c | 91 +++ src/openvpn/dco.h | 48