Am 18.12.22 um 20:22 schrieb selva.n...@gmail.com:
From: Selva Nair
As change in auth-token is common on restart and does not
require tun-reopen, exclude it from the "pulled options digest"
calculation. Without this tun is always re-opened on SIGUSR1
if auth-token is in use which breaks persist
Am 18.12.22 um 20:58 schrieb selva.n...@gmail.com:
+--connect-retry n [max]
Wait ``n`` seconds between connection attempts (default :code:`5`).
you were close. but forgot to change the 5 in the next line to also say 1.
Arne
___
Openvpn-devel ma
On Fri, Dec 16, 2022 at 06:42:25PM +0100, Gert Doering wrote:
> Acked-by: Gert Doering
>
> Have not tested beyond "we agreed on that, message looks good,
> and it compiles".
>
> Your patch has been applied to the master and release/2.6 branch.
Just noticed that this is missing a corresponding C
Hi,
On Mon, Dec 19, 2022 at 01:12:32PM +0100, Arne Schwabe wrote:
> Am 18.12.22 um 20:58 schrieb selva.n...@gmail.com:
> > +--connect-retry n [max]
> > Wait ``n`` seconds between connection attempts (default :code:`5`).
>
> you were close. but forgot to change the 5 in the next line to also s
Hi,
On Mon, Dec 19, 2022 at 01:13:20PM +0100, Frank Lichtenheld wrote:
> On Fri, Dec 16, 2022 at 06:42:25PM +0100, Gert Doering wrote:
> > Acked-by: Gert Doering
> >
> > Have not tested beyond "we agreed on that, message looks good,
> > and it compiles".
> >
> > Your patch has been applied to t
On Sun, Dec 18, 2022 at 02:58:10PM -0500, selva.n...@gmail.com wrote:
> From: Selva Nair
>
> Current value of restart pause is 5 seconds which feels
> unduly long. Reduce it to 1 second.
>
> User can still customize the delay using the first parameter for
> "--connect-retry".
>
> Also improve t
On Sun, Dec 18, 2022 at 02:22:03PM -0500, selva.n...@gmail.com wrote:
> From: Selva Nair
>
> As change in auth-token is common on restart and does not
> require tun-reopen, exclude it from the "pulled options digest"
> calculation. Without this tun is always re-opened on SIGUSR1
> if auth-token i
Hi,
On Mon, Dec 19, 2022 at 01:21:37PM +0100, Frank Lichtenheld wrote:
> > +/* peer-id and auth-token might change on restart and this should
> > not trigger reopening tun */
> > +if (strprefix(line, "peer-id ") || strprefix(line, "auth-token"))
>
> If I interpret this correctly,
From: Selva Nair
As change in auth-token is common on restart and does not
require tun-reopen, exclude it from the "pulled options digest"
calculation. Without this tun is always re-opened on SIGUSR1
if auth-token is in use which breaks persist-tun.
Fixes #200
v2: explcitly filter auth-token an
From: Lev Stipakov
Git magic to get branch name
git rev-parse --symbolic-full-name HEAD
doesn't work when we're on tag, which is the case when
we build releases.
First, try to get tag name with
git describe --exact-match
and if this fails, get branch name as before.
Use subprocess.Pope
From: Selva Nair
Current value of restart pause is 5 seconds which feels
unduly long. Reduce it to 1 second.
User can still customize the delay using the first parameter for
"--connect-retry".
Also improve the description of "--connect-retry" in the
man page.
v2 changes:
- fix incomplete man p
On Mon, Dec 19, 2022 at 05:02:26PM +0200, Lev Stipakov wrote:
[...]
> v2:
> - try to get tag name before branch
> - use "git describe --exact-match" instead of "git describe --tags"
> - use subprocess.Popen() instead of os.popen() to suppress output
This now handles the tag case correctly.
On Mon, Dec 19, 2022 at 10:04:35AM -0500, selva.n...@gmail.com wrote:
> From: Selva Nair
>
> Current value of restart pause is 5 seconds which feels
> unduly long. Reduce it to 1 second.
>
> User can still customize the delay using the first parameter for
> "--connect-retry".
>
> Also improve t
From: Lev Stipakov
Git magic to get branch name
git rev-parse --symbolic-full-name HEAD
doesn't work when we're on tag, which is the case when
we build releases.
First, try to get tag name with
git describe --exact-match
and if this fails, get branch name as before.
Use subprocess.Pope
On Mon, Dec 19, 2022 at 05:56:38PM +0200, Lev Stipakov wrote:
> From: Lev Stipakov
>
> Git magic to get branch name
>
> git rev-parse --symbolic-full-name HEAD
>
> doesn't work when we're on tag, which is the case when
> we build releases.
>
> First, try to get tag name with
>
>git desc
I haven't tested this, but I'm not the one who gets more grey hair
if this doesn't work - Frank is, and he's ACKed it, so all fine with me.
I have changed the Github reference to
Github: Fixes OpenVPN/openvpn#199
(we always prefix them with "Github:", and this notation is known to
make GH unde
Admittedly, I have not tested this, but it's simple enough - code wise,
not the "fighting .rst" part :-)
Your patch has been applied to the master and release/2.6 branch.
commit cb385c64279fcb11bf6622d9723e1223b4e2a7f5 (master)
commit 3a5d82d7fee8fc7d00902e9640494ea6fdd08b35 (release/2.6)
Author:
My own non-standard cmake based build system found this one. But
even if this is not a problem with the normal autoconf based system
we should still be consistent.
Signed-off-by: Arne Schwabe
---
src/openvpn/dco_freebsd.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/op
Hi,
I've been amusing myself over the weekend with breaking OpenVPN servers
by hitting them hard with a constant flurry of incoming client connections
and disconnects, connection time randomly between 0.1s and 15s, about
1/4 with --explicit-exit-notify, 1/4 with bad password, and 50% with
"good pa
Acked-by: Gert Doering
(Test compiled on FreeBSD, with DCO)
Your patch has been applied to the master branch.
commit 5bd787bb8fc647f508635b948be75179fbb0b8a5 (master)
commit d694814bde51e0d9fa17173e2072c8d037b1e78e (release/2.6)
Author: Arne Schwabe
Date: Mon Dec 19 18:21:41 2022 +0100
Signed-off-by: Arne Schwabe
---
src/openvpn/dco_freebsd.c | 3 +++
src/openvpn/init.c| 42 ---
2 files changed, 29 insertions(+), 16 deletions(-)
diff --git a/src/openvpn/dco_freebsd.c b/src/openvpn/dco_freebsd.c
index 7f5e69e3e..cd4083c49 100644
---
Acked-by: Gert Doering
(v2 is sufficiently different from v1 that I'm not taking Arne's ACK
but adding my own)
Only very lightly client-side tested, not doing actual SIGUSR1 restarts
with --persist-tun - but I'm fairly sure that this does what it attempts
to do, as it just extends the existing e
I have not tested this beyond "push to my github instance and verify
that it still builds", but if Lev says it's been tested and working,
good enough. Stare-at-code finds me wondering why we didn't remove
ENABLE_MANAGEMENT yet (my fault...) and need these extra indirections -
but that's for 2.7 to
Acked-by: Gert Doering
This indeed is good news - as in, the p2p --tls-server test case that
used to reliably break when the client disconnected because --ping wasn't
working is now working. Tested on Linux/DCO, FreeBSD/DCO and "Linux no DCO",
with the full set of client/server tests - it fixes
24 matches
Mail list logo
