Message ID | 20211214165928.30676-13-selva.nair@gmail.com |
---|---|
State | Accepted |
Headers | show |
Series | External key provider for use with OpenSSL 3 | expand |
Am 14.12.21 um 17:59 schrieb selva.nair@gmail.com: > From: Selva Nair <selva.nair@gmail.com> > > Sending largish messages to the management interface errors due to > the limited size used for the "error" buffer in x_msg_va(). Although > all intermediate steps allocate required space for the data to > send, it gets truncated at the last step. > > This really requires a smarter fix. As a quick relief, we just increase > the buffer size to 10240 when management support is compiled in. Should > be enough for PK_SIGN with undigested message. > > Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-By: Arne Schwabe <arne@rfc2549.org>
I seem to have seen a similar patch in Arne's series, and we didn't like it there much either :-) - so yeah, smarter fix, eventually. That said, this is "only" wasting another 2048 byte as the buffer is already at 8k if PKCS11 is enabled, and it's not static but gc_malloc(). Pretty weird to use *ERR*_BUF_SIZE in manage.c and plugin.c, though :-) (and maybe the plugin_vlog() code could be changed to be smarter about the way it builds the msg_fmt string based on plugin name + format string) Anyway, client tested with 1.1.1, just for good measure. Your patch has been applied to the master branch. commit eeb019acee57ef5b9485569ec4d3279a822c4eb0 Author: Selva Nair Date: Tue Dec 14 11:59:22 2021 -0500 Increase ERR_BUF_SIZE when management interface support is enabled Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Arne Schwabe <arne@rfc2549.org> Message-Id: <20211214165928.30676-13-selva.nair@gmail.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23440.html Signed-off-by: Gert Doering <gert@greenie.muc.de> -- kind regards, Gert Doering
diff --git a/src/openvpn/error.h b/src/openvpn/error.h index 533354b3..66c1722e 100644 --- a/src/openvpn/error.h +++ b/src/openvpn/error.h @@ -37,8 +37,8 @@ /* #define ABORT_ON_ERROR */ -#ifdef ENABLE_PKCS11 -#define ERR_BUF_SIZE 8192 +#if defined(ENABLE_PKCS11) || defined(ENABLE_MANAGEMENT) +#define ERR_BUF_SIZE 10240 #else #define ERR_BUF_SIZE 1280 #endif