On 06/05/2025 00:55, Antonio Quartulli wrote:
Signed-off-by: Antonio Quartulli
Merged to main, commit id 476148af4e28
So far we didn't spot any regression, so we'll move on with this fix for
the time being as we know it is preventing the crash for good.
We can improve it later
On 30/04/2025 14:32, Antonio Quartulli wrote:
From: Antonio Quartulli
The keepalive worker is cancelled before calling
unregister_netdevice_queue(), therefore it will never
hit a situation where the reg_state can be different
than NETDEV_REGISTERED.
For this reason, checking reg_state is
stroy/close).
Please let me know if you have any comment, otherwise I'd like to send
this to netdev for inclusion, since it fixes a frequent kernel panic.
Regards,
--
Antonio Quartulli
___
Openvpn-devel mailing list
Ope
nch, commit id 2176a2102216
Thanks!
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
On 07/05/2025 11:11, Gert Doering wrote:
Hi,
On Wed, May 07, 2025 at 10:56:32AM +0200, Antonio Quartulli wrote:
Clear the IFF_XMIT_DST_RELEASE flag during interface setup to allow
the route entry (skb's dst) to survive and thus be inspected
by the routing logic.
Tested, fixes the prob
On 07/05/2025 08:49, Antonio Quartulli wrote:
Hi,
On 07/05/2025 08:45, Gert Doering wrote:
so:
Tested-By: Gert Doering
Acked-By: Gert Doering
Sending your tags this way is definitely the way to go.
I'll add them when pushing the patch to my tree.
Merged to main branch, comm
From: Antonio Quartulli
ndo_start_xmit is basically expected to always return NETDEV_TX_OK.
However, in case of error, it was currently returning NET_XMIT_DROP,
which is not a valid netdev_tx_t return value, leading to
misinterpretation.
Change ndo_start_xmit to always return NETDEV_TX_OK to
From: Antonio Quartulli
When routing a packet to a LAN behind a peer, ovpn need to
inspect the route entry that brought there the packet in the
first place.
If this packet is truly routable, the route will provide the
GW to be used to lookup the VPN peer to send the packet to.
However, the
Hi,
On 07/05/2025 08:45, Gert Doering wrote:
so:
Tested-By: Gert Doering
Acked-By: Gert Doering
Sending your tags this way is definitely the way to go.
I'll add them when pushing the patch to my tree.
Thanks!
--
Antonio Quar
From: Antonio Quartulli
IPv6 user packets (sent over the tunnel) may be larger than
the outgoing interface MTU after encapsulation.
When this happens ovpn should allow the kernel to fragment
them because they are "locally generated".
To achieve the above, we must set skb->ignore_d
Hi,
On 06/05/2025 00:55, Antonio Quartulli wrote:
From: Antonio Quartulli
[...]
Signed-off-by: Antonio Quartulli
This is v2 for "[PATCH ovpn-net-next 1/2] ovpn: don't access sk after
release".
---
drivers/net/ovpn/socket.c | 21 -
1 f
From: Antonio Quartulli
In case of UDP peer timeout, an openvpn client (userspace)
performs the following actions:
1. receives the peer deletion notification (reason=timeout)
2. closes the socket
Upon 1. we have the following:
- ovpn_peer_keepalive_work()
- ovpn_socket_release
From: Antonio Quartulli
In case of UDP peer timeout, an openvpn client (userspace)
performs the following actions:
1. receives the peer deletion notification (reason=timeout)
2. closes the socket
3. deletes the ovpn interface
Upon 3. we have the following:
- dellink
From: Antonio Quartulli
The keepalive worker is cancelled before calling
unregister_netdevice_queue(), therefore it will never
hit a situation where the reg_state can be different
than NETDEV_REGISTERED.
For this reason, checking reg_state is useless and the
condition can be removed.
Signed
Tested and confirmed it does what it says.
Acked-by: Antonio Quartulli
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
1
Git will create a .patch file that you can then attach to your email.
Pasting the patch in an email is a bad idea as the body will likely get
mangled by the email client.
Regards,
--
Antonio Quartulli
___
Openvpn-devel mailing list
Op
on its own line, like you did for all
other blocks.
Regards,
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
ourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
nce of the license OpenVPN is shipped with.
Would you mind sending a v2 of this patchset with the modified
signed-off-by line?
Thanks a lot.
Best Regards,
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge
later.
Change-Id: I74216d776d3e0a8dc987ec7b1671c8e8dcccdbd6
Signed-off-by: Arne Schwabe
Acked-by: MaxF
My ACK got lost when v8 was created:
Acked-by: Antonio Quartulli
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel
n apply my
Acked-by: Antonio Quartulli
However, I live it to Gert if he wants a new patch with these layout
errors fixed or not.
Regards,
*/
static void
init_connection_list(struct context *c)
@@ -478,9 +485,9 @@ init_connection_list(struct context *c)
if (c->options.
he Fisher Yates algorithm
is described this way, I think it makes sense to follow that.
Feel free to resend your patch (possibly adding a "v2" in the subject so
we understand that this is a new patch, i.e. "[PATCH v2]")
Regards,
--
Antonio Quartulli
_
% l->len;
+const int j = get_random() % (i + 1);
if (i != j)
{
struct connection_entry *tmp;
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https:
In any case, I just made an attempt by myself, and indeed keeping the
original direction still yields the same effectiveness:
http://tpcg.io/_L5Q0WX
Regards,
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https:/
int renegotiate_packets;
+int64_t renegotiate_bytes;
+int64_t renegotiate_packets;
interval_t renegotiate_seconds;
/* cert verification parms */
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
From: Antonio Quartulli
The NLMSG_TAIL macro never had any reason to exist, because libnl
already provides a function doing exactly the same: nlmsg_tail().
Moreover, this macro was found to confuse gcc when compiling with -O3,
which would result in subsequent warnings like:
networking_sitnl.c
On 08/07/2024 23:53, Илья Шипицин wrote:
пн, 8 июл. 2024 г. в 23:47, Antonio Quartulli :
Hi,
On 08/07/2024 23:44, Илья Шипицин wrote:
+msg( M_FATAL, "Failed allocate memory saved_pid_file_name");
patchset looks great, but (!!) there should be no space after t
quot; );
Unfortunately those are unlucky leftovers that haven't been fixed yet:
$ grep -r 'msg(M_FATAL' . |wc -l
286
$ grep -r 'msg( M_FATAL' . |wc -l
4
also, uncrustify GHA jobs agreed that it is no formatting violation
doubly unfortunate as I think
_name");
patchset looks great, but (!!) there should be no space after the
opening parenthesis..
Cheers,
+}
}
}
}
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge
: I7a1765661f7676eeba8016024080fd1026220ced
Signed-off-by: Selva Nair
Acked-by: Antonio Quartulli
---
v2: Add '--' prefix when referring to auth-user-pass
and mention related github issue
doc/man-sections/client-options.rst | 11 +++
doc/man-sections/inline-files.rst | 2 +-
2 files changed, 12 insert
Acked-by: Antonio Quartulli
---
Does this have to go through gerrit?
doc/man-sections/client-options.rst | 11 +++
doc/man-sections/inline-files.rst | 2 +-
2 files changed, 12 insertions(+), 1 deletion(-)
diff --git a/doc/man-sections/client-options.rst
b/doc/man-sections/client
lla if() go.
Cheers,
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Hi,
On 16/02/2024 15:00, Antonio Quartulli wrote:
Hi,
On 15/02/2024 17:17, Gert Doering wrote:
Hi,
On Thu, Feb 15, 2024 at 03:59:02PM +, its_Giaan (Code Review) wrote:
if (buf->len > 0)
{
- /*
- * The --passtos and --mssfix options require
- *
not something we need to test for here (= if
only an IPv6 flag is active, why should we enter this branch?).
We need to enter for either v4 or v6 flags, no?
The check on whether the packet is v4 or v6 happens *inside* this if
block. Am I wrong?
Cheers,
--
Ant
to tell if what you are seeing is the result of this
implementation detail or something else, especially because in some
cases you get higher throughput.
Cheers,
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.source
lated to OpenVPN, but just a generic network
configuration issue.
Regards,
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Hi,
On 21/11/2023 18:06, Arne Schwabe wrote:
This can happen if the memory alloc fails.
Patch V2: add goto error
Patch V3: return -ENOMEM instead of going to error
Change-Id: Iee66caa794d267ac5f8bee584633352893047171
Signed-off-by: Arne Schwabe
Acked-by: Antonio Quartulli
---
src
gle thread for the client itself.
Arne
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
o instead of forcing any semantic, I think we should simply document
what the code does.
Cheers,
Regards,
Selva
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
From: Antonio Quartulli
Add an important detail about the DNS configured via this option
to be an "interface-specific" DNS. This detail is important when
troubleshooting DNS issues since this logic will bypass the
routing table.
Signed-off-by: Antonio Quartulli
---
doc/man-se
efault in openssl/opensslconf.h
#endif
]]
)],
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
rent message for this case?
Cheers,
#endif
]]
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
ket_descriptor_t ctrl_sd, /* already
open to proxy */
socket_descriptor_t udp_sd,
struct openvpn_sockaddr *relay_addr,
+ struct event_timeout *server_poll_timeout,
struct signal_info *sig_info
ction dco_multi_get_localaddr())
Prevent crash by running this code only if proto is UDP.
The same check is already performed in socket.c/h for the non-DCO
case.
Fixes: https://github.com/OpenVPN/openvpn/issues/390
Change-Id: I61adc26ce2ff737e020c3d980902a46758cb23e5
Signed-off-by: Antonio Quartulli
---
src/op
Reported-by: Matt Whitlock
Change-Id: Ic473fbc447741e54a9aac83c70bc4e6d87d91080
Signed-off-by: Antonio Quartulli
---
configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 5ab1d0df..2f65cbd5 100644
--- a/configure.ac
+++ b/configure.ac
831 | c2->dco_read_bytes);
| ~~
| |
| counter_type {aka long long unsigned int}
Signed-off-by: Sergey Korolev
Thanks for catching this!
Acked-by: Antonio Quartulli
--
Antonio Quartulli
___
Openv
_CIPHER_key_length(kt));
+EVP_CIPHER_free(kt);
}
+
This is not required - please remove it before merging.
int
cipher_ctx_iv_length(const EVP_CIPHER_CTX *ctx)
{
Acked-by: Antonio Quartulli
--
Antonio Quartulli
___
Openvpn-devel maili
Cheers,
Best regards,
Kristof
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
--
Antonio Quartulli
--
Antonio Quartulli
if (A ==
NULL). Although I am not sure if the whole codebase was cleaned up yet
or not.
Cheers,
+{
+close(fd);
+return false;
+}
ifcr.ifcr_count = ifcr.ifcr_total;
ifcr.ifcr_buffer = buf;
--
Antonio Quartulli
Hi,
On 15/05/2023 16:21, Frank Lichtenheld wrote:
Leaks a small amount of memory every 15s.
Signed-off-by: Frank Lichtenheld
wonderful catch, Frank!
Acked-by: Antonio Quartulli
---
src/openvpn/dco_linux.c | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src
hange for FreeBSD can be found in https://reviews.freebsd.org/D39570
Signed-off-by: Kristof Provost
This looks good to me and I think it's reasonable to use the
CMD_SWAP_KEYS as notification for userspace to actually trigger a key
rotation.
Acked-by: Antonio Quartulli
Linux and Windo
a.oracle.com/ <https://bugzilla.oracle.com/>"
ORACLE_BUGZILLA_PRODUCT="Oracle Linux 8"
ORACLE_BUGZILLA_PRODUCT_VERSION=8.7
ORACLE_SUPPORT_PRODUCT="Oracle Linux"
ORACLE_SUPPORT_PRODUCT_VERSION=8.7
-[~:#]- cat /etc/oracle-release
Oracle Linux Server release 8.7
-[~:#]-
*** [Makefile:59: all] Error 2
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
struct nl_sock *nl_sock = nl_socket_alloc();
+if (!nl_sock)
+{
+msg(msglevel, "Allocating net link socket failed");
+ret = -1;
+goto err_sock;
+}
+
ret = genl_connect(nl_sock);
if (ret)
{
--
Antonio Quartulli
ne.
(this is what we do in other functions of this file)
Cheers,
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
vise on #3.
Cheers,
Matthias
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
you can assign everything to 'void *'.
Cheers,
}
}
}
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
ed-by: Antonio Quartulli
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
DCO_DEBUG, "%s: peer-id %d", __func__, peer_id);
+if (!c->c1.tuntap)
+{
+return 0;
+}
+
dco_context_t *dco = &c->c1.tuntap->dco;
struct nl_msg *nl_msg = ovpn_dco_nlmsg_create(dco, OVPN_CMD_GET_PEER);
struct nlattr *attr = nla_nes
Spot on and sorry for forgetting to mentioning it:
You need ovpn-dco at this commit:
commit 726fdfe0fa21aa4e87c5a60294ea0365ce7b6809 (HEAD -> master,
origin/master)
Author: Antonio Quartulli
Date: Mon Mar 20 23:50:52 2023 +0100
ovpn-dco: store and report transport rx/tx stats as w
Hi,
On 23/03/2023 09:03, Gert Doering wrote:
From: Antonio Quartulli
When retrieving the multi_instance of a specific peer,
there is no need to peform a linear search across the
whole m->hash list. We can directly access the needed
object via m->instances[peer-id] in constant time (an
ristof Provost
Change-Id: I8d8af6f872146604a9710edf443db65df48ac3cb
Signed-off-by: Antonio Quartulli
---
NOTE: not tested because I have no FreeBSD environment
Changes from v1:
* added boundary check on peer-id
Changes from v2:
* use one check only instead of two
---
src/openvpn/dco_freebsd.
With this API it is possible to retrieve the stats for a specific peer
or for all peers and then update the userspace counters with the value
reported by DCO.
Change-Id: Ia3990b86b1be7ca844fb1674b39ce0d60528ccff
Signed-off-by: Antonio Quartulli
---
Changes from v1:
* use m->instances[] inst
With this API it is possible to retrieve the stats for a specific peer
or for all peers and then update the userspace counters with the value
reported by DCO.
Change-Id: Ia3990b86b1be7ca844fb1674b39ce0d60528ccff
Signed-off-by: Antonio Quartulli
---
Changes from v1:
* use m->instances[] inst
ristof Provost
Change-Id: I8d8af6f872146604a9710edf443db65df48ac3cb
Signed-off-by: Antonio Quartulli
---
NOTE: not tested because I have no FreeBSD environment
Changes from v1:
* added boundary check on peer-id
---
src/openvpn/dco_freebsd.c | 27 ---
1 file changed, 12 inse
Hi,
On 22/03/2023 08:14, Gert Doering wrote:
Hi,
On Wed, Mar 22, 2023 at 12:10:03AM +0100, Antonio Quartulli wrote:
+struct multi_instance *mi = m->instances[peer_id];
+if (!mi)
{
This (and undoubtedly the same code in dco_linux.c) is trusting the
kernel to never ret
Hi,
On 22/03/2023 00:10, Antonio Quartulli wrote:
When retrieving the multi_instance of a specific peer,
there is no need to peform a linear search across the
whole m->hash list. We can directly access the needed
object via m->instances[peer-id] in constant time (and
just one line o
ristof Provost
Change-Id: I8d8af6f872146604a9710edf443db65df48ac3cb
Signed-off-by: Antonio Quartulli
---
NOTE: not tested because I have no FreeBSD environment and I
can't find how to kick off the buildbot
---
src/openvpn/dco_freebsd.c | 22 +-
1 file changed, 5 insert
With this API it is possible to retrieve the stats for a specific peer
or for all peers and then update the userspace counters with the value
reported by DCO.
Change-Id: Ia3990b86b1be7ca844fb1674b39ce0d60528ccff
Signed-off-by: Antonio Quartulli
---
Changes from v1:
* use m->instances[] inst
Signed-off-by: Antonio Quartulli
---
src/openvpn/multi.c | 10 --
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c
index 53c17b3a..1f0a9c01 100644
--- a/src/openvpn/multi.c
+++ b/src/openvpn/multi.c
@@ -549,7 +549,10 @@ multi_del_iroutes
With this API it is possible to retrieve the stats for a specific peer
or for all peers and then update the userspace counters with the value
reported by DCO.
Change-Id: Ia3990b86b1be7ca844fb1674b39ce0d60528ccff
Signed-off-by: Antonio Quartulli
---
Pleas, use the latest ovpn-dco master branch
)
where the errno=4 (and its human readable representation) is a leftover
from the previous recv() interrupted by a signal and it is totally
unrelated to this netlink failure.
Signed-off-by: Antonio Quartulli
---
src/openvpn/dco_linux.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff
Ignore the last message - it was meant for another patch *shrug*
On 09/03/2023 16:02, Antonio Quartulli wrote:
This is being discussed on Gerrit at:
https://gerrit.openvpn.net/c/openvpn/+/28
On 09/03/2023 14:14, Antonio Quartulli wrote:
In order to provide better support in case of
-Id: Ia1297c3ae9a28b188ed21ad21ae96fff3d02ee4d
[l...@openvpn.net: ensure win_dco flag is still exposed]
Signed-off-by: Antonio Quartulli
---
Changes from v1:
* improved comments
* improved commit message
This patch was also reviewed and approved on gerrit at:
https://gerrit.openvpn.net/c/openvpn
This is being discussed on Gerrit at:
https://gerrit.openvpn.net/c/openvpn/+/28
On 09/03/2023 14:14, Antonio Quartulli wrote:
In order to provide better support in case of troubleshooting issues,
it's important to know what exact DCO version is loaded on the user
system.
Therefore prin
uld be improved with a follow-up patch.
For Linux we directly fetch the module version from /sys and print
something like:
DCO version: 0.1.20230206-15-g580608ec7c59
Change-Id: Ie1f6fa5d12a473d353d84fd119c2430b638e8bcd
Signed-off-by: Antonio Quartulli
---
Changes from v1:
* beautify usage o
However, this was not happening in
tls_crypt_v2_unwrap_client_key() thus leading to the assert being triggered.
Acked-by: Antonio Quartulli
---
src/openvpn/tls_crypt.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/openvpn/tls_crypt.c b/src/openvpn/tls_crypt.c
index 8882d5de0..4f2
uld be improved with a follow-up patch.
For Linux we directly fetch the module version from /sys and print
something like:
DCO version: 0.1.20230206-15-g580608ec7c59
Change-Id: Ie1f6fa5d12a473d353d84fd119c2430b638e8bcd
Signed-off-by: Antonio Quartulli
---
Changes from v1:
* beautify usage o
Hi,
On 09/03/2023 13:13, Kristof Provost via Openvpn-devel wrote:
This should use BSTR(data) instead.
I copied Antonio’s code here, but that is better, so I’ll fix that too.
dang! with one email Arne spoiled two patches!
Cheers,
--
Antonio Quartulli
Hi,
On 09/03/2023 10:03, Kristof Provost wrote:
On 9 Mar 2023, at 9:57, Antonio Quartulli wrote:
On 09/03/2023 09:36, Kristof Provost wrote:
On 9 Mar 2023, at 1:52, Antonio Quartulli wrote:
In order to provide better support in case of troubleshooting issues,
it's important to know
Hi,
On 09/03/2023 09:36, Kristof Provost wrote:
On 9 Mar 2023, at 1:52, Antonio Quartulli wrote:
In order to provide better support in case of troubleshooting issues,
it's important to know what exact DCO version is loaded on the user
system.
Therefore print the DCO version during b
uld be improved with a follow-up patch.
For Linux we directly fetch the module version from /sys and print
something like:
DCO version: 0.1.20230206-15-g580608ec7c59
Cc: Lev Stipakov
Cc: Kristof Provost
Change-Id: Ie1f6fa5d12a473d353d84fd119c2430b638e8bcd
Signed-off-by: Antonio Quartulli
-
all.
Under the hood DCO will redirect control packets to the transport socket
without altering them, so that userspace can happily process them as
usual.
Change-Id: Ia1297c3ae9a28b188ed21ad21ae96fff3d02ee4d
[l...@openvpn.net: ensure win_dco flag is still exposed]
Signed-off-by: Antonio Quartulli
30s). Avoid this situation by setting the socket to be
non-blocking, so we get a status in this case that allows us to continue.
Change-Id: I35447c23a9350176007df5455bf9451021e9856d
Signed-off-by: Arne Schwabe
Well spotted!
Acked-by: Antonio Quartulli
---
src/openvpn/dco_linux.c | 2 ++
1 f
Signed-off-by: Antonio Quartulli
---
As concluded on IRC, this version does what we want it to do.
We also quickly tested with some sample program to make sure we weren't
making this up.
src/openvpn/tls_crypt.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/op
sg(M_FATAL, "ERROR: not enough data in tls-crypt-v2 client key");
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Hi,
On 03/03/2023 12:27, Antonio Quartulli wrote:
Hi,
On 03/03/2023 12:05, Kristof Provost via Openvpn-devel wrote:
From: Kristof Provost
FreeBSD's if_ovpn will never emit this as a peer deletion reason
(because it doesn't support TCP), but this allows us to align the
defines bet
OVPN_DEL_PEER_REASON_USERSPACE:
/* We assume that is ourselves. Unfortunately, sometimes these
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
With this change we extend the text exposed to people opening a bug in
the OpenVPN project.
Hopefully they will read and immediately understand that GH is not the
right place to report ossues about commercial products.
Change-Id: Idd039612698a6b08f9544450885d1a5f77fd95c6
Signed-off-by: Antonio
rint only once, therefore
they won't cause the recursion to continue indefinitely.
Acked-by: Antonio Quartulli
---
src/openvpn/dco.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/src/openvpn/dco.c b/src/openvpn/dco.c
index 3087a0df..b53332a8 100644
--- a/src/openvpn/dco.c
+++
Hi,
On 20/02/2023 10:06, Lev Stipakov wrote:
From: Lev Stipakov
DCO doesn't support proxy and we already disable DCO
is proxy is set in profile.
Signed-off-by: Lev Stipakov
Acked-by: Antonio Quartulli
---
v2: use dco_enabled() helper function
src/openvpn/init.c | 6 ++
1
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
(shrug).
Acked-by: Antonio Quartulli
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
ux to
make people aware of the new dependency.
Signed-off-by: Frank Lichtenheld
Acked-by: Antonio Quartulli
--
Antonio Quartulli
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
uires DHCP server and
tap-windows6 driver is not used, print a clear error message
instead of obscure reference to --ip-win32.
Reported-by: Marek Zarychta
Signed-off-by: Lev Stipakov
Code makes sense and does what it says.
Acked-by: Antonio Quartulli
However, please not that I did not test this
hex representation better when you want to print a
bitfield.
The fact we are using hex kinda tells me already that it's not the value
"3" that we care about.
And later is may become "10". Imho it just gets more confusing.
Cheers,
ti 7. helmik. 2023 klo 15.36 Antonio
}
}
#endif /* if defined(_WIN32) || defined(TARGET_ANDROID) */
#ifdef _WIN32
diff --git a/src/openvpn/tun.h b/src/openvpn/tun.h
index 3b0a0d24..e19e1a2e 100644
--- a/src/openvpn/tun.h
+++ b/src/openvpn/tun.h
@@ -62,6 +62,10 @@ enum windows_driver_type {
#define IPW32_SET_ADAPTIV
The linux userspace API header has acquired the MIT license (check the
ovpn-dco repository for the related change), therefore we simply bring
this change in our local copy to ensure compliancy.
Signed-off-by: Antonio Quartulli
---
src/openvpn/ovpn_dco_linux.h | 2 +-
1 file changed, 1 insertion
wever, for now it makes sense to extend the userspace
buffer in order to decrease the likelihood of filling it up during
normal operations.
Therefore this patch gets my ACK:
Acked-by: Antonio Quartulli
[please add spaces around the '*' operator]
---
src/openvpn/dco_linux.c | 5
t is flexible enough to prevent this from
happening in the future.
There are some floating ideas.
Anyway, the discussion will continue in the other thread.
Regarding this patch:
Acked-by: Antonio Quartulli
Maybe we need a fbsd14 buildbot?
Cheers,
1 - 100 of 1031 matches
Mail list logo
