| Message ID | 20220512121429.2096164-2-arne@rfc2549.org |
|---|---|
| State | Accepted |
| Headers | show |
| Series | Improve OpenSSL 3.0 support in OpenVPN 2.5 | expand |
Acked-by: Gert Doering <gert@greenie.muc.de> Trivial. Usually we wouldn't do refactoring in 2.5, but we decided we want (must have, *sigh*) better OpenSSL support because Linux distributions have started shipping "openvpn 2.5.x with openssl 3.0.x", and that is not a good experience without this patchset. "make check" tested on FreeBSD with 3.0.x - fails in the expected places (engine test, no BF-CBC, no support for MD5/SHA1 certs) Testing cipher BF-CBC... FAILED Testing cipher DES-OFB... FAILED Your patch has been applied to the release/2.5 branch. commit 3f25bf7f7c1f32c2d3ef5b52443c97553a6c8977 Author: Arne Schwabe Date: Thu May 12 14:14:23 2022 +0200 Refactor early initialisation and uninitialisation into methods Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <20220512121429.2096164-2-arne@rfc2549.org> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg24328.html Signed-off-by: Gert Doering <gert@greenie.muc.de> -- kind regards, Gert Doering
diff --git a/src/openvpn/openvpn.c b/src/openvpn/openvpn.c index a21b21e23..e03d25450 100644 --- a/src/openvpn/openvpn.c +++ b/src/openvpn/openvpn.c @@ -105,6 +105,20 @@ tunnel_point_to_point(struct context *c) #undef PROCESS_SIGNAL_P2P +void init_early(struct context *c) +{ + net_ctx_init(c, &c->net_ctx); + + /* init verbosity and mute levels */ + init_verb_mute(c, IVM_LEVEL_1); + +} + +static void uninit_early(struct context *c) +{ + net_ctx_free(&c->net_ctx); +} + /**************************************************************************/ /** @@ -193,10 +207,9 @@ openvpn_main(int argc, char *argv[]) open_plugins(&c, true, OPENVPN_PLUGIN_INIT_PRE_CONFIG_PARSE); #endif - net_ctx_init(&c, &c.net_ctx); - - /* init verbosity and mute levels */ - init_verb_mute(&c, IVM_LEVEL_1); + /* Early initialisation that need to happen before option + * post processing and other early startup but after parsing */ + init_early(&c); /* set dev options */ init_options_dev(&c.options); @@ -308,7 +321,7 @@ openvpn_main(int argc, char *argv[]) env_set_destroy(c.es); uninit_options(&c.options); gc_reset(&c.gc); - net_ctx_free(&c.net_ctx); + uninit_early(&c); } while (c.sig->signal_received == SIGHUP); }
This put the early initialisation and uninitialisation that needs to happen between option parsing and post processing into small methods. Cherry-pick of 97056dbf9 as prerequirement for the provider patch Signed-off-by: Arne Schwabe <arne@rfc2549.org> --- src/openvpn/openvpn.c | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-)