Re: [Openvpn-devel] [ovpn-dco] sudden network disconnection

2021-03-31 Thread Tony He
Hi Arne, I'm going to test encryption "none" to narrow down this issue, but I found your dco branch doesn't support this. Can you support? Tony Antonio Quartulli 于2021年3月31日周三 下午2:32写道: > Hi, > > On 31/03/2021 08:29, Antonio Quartulli wrote: > > A packet dump of the whole session may also help

Re: [Openvpn-devel] [ovpn-dco] sudden network disconnection

2021-03-31 Thread Antonio Quartulli
Hi, On 31/03/2021 09:29, Tony He wrote: > Hi Arne, > > I'm going to test encryption "none" to narrow down this issue, but I > found your dco branch doesn't support this.  > Can you support? For the sake of this test, could you use the ovpn-cli.c tool in the ovpn-dco/tests folder? Or that's not a

Re: [Openvpn-devel] [ovpn-dco] sudden network disconnection

2021-03-31 Thread Tony He
Antonio Quartulli 于2021年3月31日周三 下午3:32写道: > Hi, > > On 31/03/2021 09:29, Tony He wrote: > > Hi Arne, > > > > I'm going to test encryption "none" to narrow down this issue, but I > > found your dco branch doesn't support this. > > Can you support? > > For the sake of this test, could you use the o

[Openvpn-devel] Summary of the community meeting (31st March 2021)

2021-03-31 Thread Samuli Seppänen
Hi, Here's the summary of the IRC meeting. --- COMMUNITY MEETING Place: #openvpn-meeting on irc.freenode.net / Jitsi Date: Wed 31st March 2021 Time: 11:30 CET (10:30 UTC) Planned meeting topics for this meeting were here: Your l

Re: [Openvpn-devel] [ovpn-dco] sudden network disconnection

2021-03-31 Thread Arne Schwabe
Am 31.03.21 um 09:56 schrieb Tony He: > > > Antonio Quartulli 于2021年3月31日周三 下午3:32写道: > > Hi, > > On 31/03/2021 09:29, Tony He wrote: > > Hi Arne, > > > > I'm going to test encryption "none" to narrow down this issue, but I > > found your dco branch doesn't support this

Re: [Openvpn-devel] [PATCH] Remove automatic service

2021-03-31 Thread Lev Stipakov
Hi, Patch looks fine, apart missing change to VS project: diff --git a/src/openvpnserv/openvpnserv.vcxproj b/src/openvpnserv/openvpnserv.vcxproj index 5e973df4..d0f210ad 100644 --- a/src/openvpnserv/openvpnserv.vcxproj +++ b/src/openvpnserv/openvpnserv.vcxproj @@ -115,7 +115,6 @@ -

[Openvpn-devel] [PATCH applied] Re: Remove automatic service

2021-03-31 Thread Gert Doering
Your patch has been applied to the master branch. I have stared at it for a bit (looks good) and test-compiled it on Ubuntu 18 / MinGW (succeeded). I have not tested it (thanks Lev). I have added the vcxproj diff from Lev's mail, because that is "sort of obvious" if a source file goes away compl

Re: [Openvpn-devel] [ovpn-dco] sudden network disconnection

2021-03-31 Thread Tony He
Antonio Quartulli 于2021年3月31日周三 下午2:32写道: > Hi, > > On 31/03/2021 08:29, Antonio Quartulli wrote: > > A packet dump of the whole session may also help. > > Before taking the dump, I would switch to encryption "none", as it will > help understanding what is going on at all levels. (Assuming the pr

[Openvpn-devel] [PATCH] Fix binary and used instead auth-token check instead of logical and

2021-03-31 Thread Arne Schwabe
AUTH_TOKEN_HMAC_OK is 1, so the first term is always 0/1 and the bool from the second part is also 0/1, so the & does the same in this instance as &&. In this specific case & instead && does not change behaviour but using && is the intended semantic behaviour. Signed-off-by: Arne Schwabe --- sr

[Openvpn-devel] [PATCH 0/1] reliable: retransmit if 3 follow-up ACKs are received

2021-03-31 Thread Max Fillinger
This is my second attempt at sending this patch, this time without mixing up commit message and cover letter, and from an account that (I hope) doesn't hate mailing lists. This patch changes reliable_send() to resend a packet if at least three later packets have been ACKed. This improves performan

[Openvpn-devel] [PATCH 1/1] reliable: retransmit if 3 follow-up ACKs are received

2021-03-31 Thread Max Fillinger
From: Steffan Karger To improve the control channel performance under packet loss conditions, add a more aggressive retransmit policy similar to what many TCP implementations do: retransmit a packet if the ACK timeout expires (like we already do), *or* if three ACKs for follow-up packets are rece

Re: [Openvpn-devel] [PATCH 0/1] reliable: retransmit if 3 follow-up ACKs are received

2021-03-31 Thread Gert Doering
Hi, On Wed, Mar 31, 2021 at 08:03:22PM +0200, Max Fillinger wrote: > This is my second attempt at sending this patch, this time without > mixing up commit message and cover letter, and from an account that > (I hope) doesn't hate mailing lists. It works :-) (I would have managed to merge the oth

Re: [Openvpn-devel] [PATCH 0/1] reliable: retransmit if 3 follow-up ACKs are received

2021-03-31 Thread Simon Matter
> This is my second attempt at sending this patch, this time without > mixing up commit message and cover letter, and from an account that > (I hope) doesn't hate mailing lists. > > This patch changes reliable_send() to resend a packet if at least three > later packets have been ACKed. This improve

Re: [Openvpn-devel] [PATCH 0/1] reliable: retransmit if 3 follow-up ACKs are received

2021-03-31 Thread Arne Schwabe
Am 31.03.2021 um 21:39 schrieb Simon Matter: This is my second attempt at sending this patch, this time without mixing up commit message and cover letter, and from an account that (I hope) doesn't hate mailing lists. This patch changes reliable_send() to resend a packet if at least three later

Re: [Openvpn-devel] [PATCH] Fix binary and used instead auth-token check instead of logical and

2021-03-31 Thread Antonio Quartulli
Hi, I would reword the commit subject, because the way it is now fails to highlight that we are talking about a bitwise-and operator (&). On 31/03/2021 17:55, Arne Schwabe wrote: > AUTH_TOKEN_HMAC_OK is 1, so the first term is always 0/1 and the bool > from the second part is also 0/1, so the & d

Re: [Openvpn-devel] [PATCH v2] Stop using deprecated getpass()

2021-03-31 Thread Antonio Quartulli
Hi, Thanks a lot for considering my suggestions. On 28/03/2021 19:11, Tõivo Leedjärv wrote: > The getpass() function is present in SUSv2, but marked LEGACY. It is > removed in POSIX.1-2001. Additionally, on Solaris getpass() returns > maximum 9 bytes. This will make longer passwords fail with no

Re: [Openvpn-devel] [PATCH 2/5] xmit_hold is only required for port_share

2021-03-31 Thread Antonio Quartulli
Hi, As discussed with Arne in our latest meeting, this patch will be ignored for now. Hope was that the xmit_hold filed could be eventually removed, but it turned out it is actually needed. For this reason there is no real interest at this point to carry on this change. Regards, -- Antonio Qua

Re: [Openvpn-devel] [ovpn-dco] sudden network disconnection

2021-03-31 Thread Tony He
Hi Antonio, Arne, According to the dump, this issue is caused by fragment. If I set link-mtu to 1472 in the condition of encryption "none", it's gone. I also can reproduce the fragment in my Linux x86-64 PC and Linux VM . They use kernel 5.4. Fragment affects the performance in the low-end devices

Re: [Openvpn-devel] [PATCH 0/1] reliable: retransmit if 3 follow-up ACKs are received

2021-03-31 Thread Simon Matter
> > Am 31.03.2021 um 21:39 schrieb Simon Matter: >>> This is my second attempt at sending this patch, this time without >>> mixing up commit message and cover letter, and from an account that >>> (I hope) doesn't hate mailing lists. >>> >>> This patch changes reliable_send() to resend a packet if a

[Openvpn-devel] [PATCH applied] Re: Stop using deprecated getpass()

2021-03-31 Thread Gert Doering
Your patch has been applied to the master branch. I have compile-tested this across all our supported platforms to be sure that we do not hit undefined symbols (like, "ECHOK", which was unknown to me before) - but hat is all OK. I have given it minimal testing on my corp VPN profile on Linux (wor

Re: [Openvpn-devel] [PATCH 0/1] reliable: retransmit if 3 follow-up ACKs are received

2021-03-31 Thread Gert Doering
Hi, On Thu, Apr 01, 2021 at 08:20:48AM +0200, Simon Matter wrote: > > Yes. But it only affects the control channel. For data channel we never > > do retransmits. > > OK, but it still could help in case of things like VoIP UDP over OpenVPN > UDP with lots of small packets going over the link with

Re: [Openvpn-devel] [PATCH 0/1] reliable: retransmit if 3 follow-up ACKs are received

2021-03-31 Thread Simon Matter
> Hi, > > On Thu, Apr 01, 2021 at 08:20:48AM +0200, Simon Matter wrote: >> > Yes. But it only affects the control channel. For data channel we >> never >> > do retransmits. >> >> OK, but it still could help in case of things like VoIP UDP over OpenVPN >> UDP with lots of small packets going over th

Re: [Openvpn-devel] [ovpn-dco] sudden network disconnection

2021-03-31 Thread Antonio Quartulli
Hi Tony, On 01/04/2021 04:38, Tony He wrote: > Hi Antonio, Arne, > > According to the dump, this issue is caused by fragment. If I set > link-mtu to 1472 in the condition of encryption "none", it's gone. > I also can reproduce the fragment in my Linux x86-64 PC and Linux VM . > They use kernel 5.

[Openvpn-devel] [PATCH] ovpn-dco: ovpn-cli: properly set socket options

2021-03-31 Thread Tony He
Actully We can not set two options at the same time. Old code: setsockopt(s, SOL_SOCKET, SO_REUSEADDR | SO_REUSEPORT, &opt, sizeof(opt)) If you use strace to trace sys call, you will find only SO_REUSEPORT is set: >setsockopt(3, SOL_SOCKET, SO_REUSEPORT, [1], 4) = 0 This is because SD_REUSEADDR