[Openvpn-devel] Set o->use_peer_id flag for p2p mode

Message ID	20220524091916.145-1-lstipakov@gmail.com
State	Accepted
Headers	show Return-Path: <openvpn-devel-bounces@lists.sourceforge.net> From: Lev Stipakov <lstipakov@gmail.com> To: openvpn-devel@lists.sourceforge.net Date: Tue, 24 May 2022 12:19:16 +0300 Message-Id: <20220524091916.145-1-lstipakov@gmail.com> preview: From: Lev Stipakov There are two flags to indicate peer-id usage, one is in tls_multi struct and another one is in options. For P2P mode we don't set this flag in options, which is used in MTU calculation. As a result, automatically calculated MSS value in P2P mode is wrong, Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.167.44 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [lstipakov[at]gmail.com] -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.167.44 listed in wl.mailspike.net] Subject: [Openvpn-devel] [PATCH] Set o->use_peer_id flag for p2p mode Precedence: list Cc: Lev Stipakov <lev@openvpn.net> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox
Series	[Openvpn-devel] Set o->use_peer_id flag for p2p mode \| expand [Openvpn-devel] Set o->use_peer_id flag for p2p mode

Message ID

20220524091916.145-1-lstipakov@gmail.com

State

Accepted

Headers

From: Lev Stipakov <lstipakov@gmail.com>
To: openvpn-devel@lists.sourceforge.net
Date: Tue, 24 May 2022 12:19:16 +0300
Message-Id: <20220524091916.145-1-lstipakov@gmail.com>
Subject: [Openvpn-devel] [PATCH] Set o->use_peer_id flag for p2p mode
Precedence: list
Cc: Lev Stipakov <lev@openvpn.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: openvpn-devel-bounces@lists.sourceforge.net

Series

[Openvpn-devel] Set o->use_peer_id flag for p2p mode | expand

Commit Message

Lev Stipakov May 23, 2022, 11:19 p.m. UTC

From: Lev Stipakov <lev@openvpn.net>

There are two flags to indicate peer-id usage, one is
in tls_multi struct and another one is in options.

For P2P mode we don't set this flag in options,
which is used in MTU calculation. As a result,
automatically calculated MSS value in P2P mode is wrong,

Fix by bring use_peer_id flag in options and tls_multi
into sync for P2P.

Signed-off-by: Lev Stipakov <lev@openvpn.net>
---
 src/openvpn/init.c | 2 ++
 1 file changed, 2 insertions(+)

Comments

Antonio Quartulli June 21, 2022, 11:16 p.m. UTC | #1

Hi,

On 24/05/2022 11:19, Lev Stipakov wrote:
> From: Lev Stipakov <lev@openvpn.net>
> 
> There are two flags to indicate peer-id usage, one is
> in tls_multi struct and another one is in options.
> 
> For P2P mode we don't set this flag in options,
> which is used in MTU calculation. As a result,
> automatically calculated MSS value in P2P mode is wrong,
> 
> Fix by bring use_peer_id flag in options and tls_multi
> into sync for P2P.
> 
> Signed-off-by: Lev Stipakov <lev@openvpn.net>

Does what it says and creates no side effect.
(It's easy to check where o->use_peer_id is used)

Moreover, this patch is needed to ensure the p2p case in dco works as 
expected.

Acked-by: Antonio Quartulli <a@unstable.cc>

Gert Doering June 23, 2022, 3:34 a.m. UTC | #2

This is p2p NCP, which is all new in 2.6(-to-be) - and needed for DCO.

I have not tested this more than "it compiles", but Lev and Antonio have.

Your patch has been applied to the master branch.

commit 0d46c4963ae47581eadd94dbd2190c66086b9ecb
Author: Lev Stipakov
Date:   Tue May 24 12:19:16 2022 +0300

     Set o->use_peer_id flag for p2p mode

     Signed-off-by: Lev Stipakov <lev@openvpn.net>
     Acked-by: Antonio Quartulli <a@unstable.cc>
     Message-Id: <20220524091916.145-1-lstipakov@gmail.com>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg24430.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering

diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index b0c62a85..bf01d3d6 100644
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -2144,6 +2144,8 @@  do_deferred_p2p_ncp(struct context *c)
         return true;
     }
 
+    c->options.use_peer_id = c->c2.tls_multi->use_peer_id;
+
     struct tls_session *session = &c->c2.tls_multi->session[TM_ACTIVE];
 
     const char *ncp_cipher = get_p2p_ncp_cipher(session, c->c2.tls_multi->peer_info,

[Openvpn-devel] Set o->use_peer_id flag for p2p mode

Commit Message

Comments

Patch