[Openvpn-devel] Alias ADAPTER_DOMAIN_SUFFIX to DOMAIN

Message ID 20200920152738.20086-1-lstipakov@gmail.com
State Changes Requested
Headers show
Series
  • [Openvpn-devel] Alias ADAPTER_DOMAIN_SUFFIX to DOMAIN
Related show

Commit Message

Lev Stipakov Sept. 20, 2020, 3:27 p.m.
From: Lev Stipakov <lev@openvpn.net>

ADAPTER_DOMAIN_SUFFIX is an openvpn3 replacement for
DOMAIN, which is used there for split-dns. This is pushed by
modern Access Server.

This change improves compatibility between OpenVPN
community client and Access Server.

Signed-off-by: Lev Stipakov <lev@openvpn.net>
---
 doc/man-sections/vpn-network-options.rst |  3 +++
 src/openvpn/options.c                    | 21 +++++++++++----------
 2 files changed, 14 insertions(+), 10 deletions(-)

Comments

Gert Doering Sept. 29, 2020, 6:55 a.m. | #1
Hi,

On Sun, Sep 20, 2020 at 06:27:38PM +0300, Lev Stipakov wrote:
> From: Lev Stipakov <lev@openvpn.net>
> 
> ADAPTER_DOMAIN_SUFFIX is an openvpn3 replacement for
> DOMAIN, which is used there for split-dns. This is pushed by
> modern Access Server.
> 
> This change improves compatibility between OpenVPN
> community client and Access Server.

I agree that compatibility with AS is important, but I'd rather not
*advertise* this new flag everywhere - so, accepting it as alias for
DOMAIN is ok, but my gut feeling is "it should neither show up in
the man page nor in the online help" - we do not want to encourage
people to use it.

Also, the great re-indentation of the online help might look orderly,
but makes the output actually harder to read with all the whitespace
(plus, some of the resulting lines are too long).  So I'm not happy
with that either.


Thus, unless someone else feels very strongly otherwise, I think we 
should reduce this to the single-line change that adds the alias
(watch out for line length!), but leave out the --help change.  The 
man page change should mention "this is a compatibility option, and
should not be used in new deployments" or so.

gert

Patch

diff --git a/doc/man-sections/vpn-network-options.rst b/doc/man-sections/vpn-network-options.rst
index 825dd1ca..dbc51e6c 100644
--- a/doc/man-sections/vpn-network-options.rst
+++ b/doc/man-sections/vpn-network-options.rst
@@ -114,6 +114,9 @@  routing.
   :code:`DOMAIN` ``name``
         Set Connection-specific DNS Suffix to :code:`name`.
 
+  :code:`ADAPTER_DOMAIN_SUFFIX` ``name``
+        Set Connection-specific DNS Suffix to :code:`name`.
+
   :code:`DOMAIN-SEARCH` ``name``
         Add :code:`name` to the domain search list.
         Repeat this option to add more entries. Up to
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 4b22d3d9..bcff0611 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -715,16 +715,17 @@  static const char usage_message[] =
     "                    be used with --ip-win32 dynamic.  For options\n"
     "                    which allow multiple addresses,\n"
     "                    --dhcp-option must be repeated.\n"
-    "                    DOMAIN name : Set DNS suffix\n"
+    "                    DOMAIN name         : Set DNS suffix\n"
+    "                    ADAPTER_DOMAIN_NAME : alias to DOMAIN\n"
     "                    DOMAIN-SEARCH entry : Add entry to DNS domain search list\n"
-    "                    DNS addr    : Set domain name server address(es) (IPv4 and IPv6)\n"
-    "                    NTP         : Set NTP server address(es)\n"
-    "                    NBDD        : Set NBDD server address(es)\n"
-    "                    WINS addr   : Set WINS server address(es)\n"
-    "                    NBT type    : Set NetBIOS over TCP/IP Node type\n"
-    "                                  1: B, 2: P, 4: M, 8: H\n"
-    "                    NBS id      : Set NetBIOS scope ID\n"
-    "                    DISABLE-NBT : Disable Netbios-over-TCP/IP.\n"
+    "                    DNS addr            : Set domain name server address(es) (IPv4 and IPv6)\n"
+    "                    NTP                 : Set NTP server address(es)\n"
+    "                    NBDD                : Set NBDD server address(es)\n"
+    "                    WINS addr           : Set WINS server address(es)\n"
+    "                    NBT type            : Set NetBIOS over TCP/IP Node type\n"
+    "                                          1: B, 2: P, 4: M, 8: H\n"
+    "                    NBS id              : Set NetBIOS scope ID\n"
+    "                    DISABLE-NBT         : Disable Netbios-over-TCP/IP.\n"
     "--dhcp-renew       : Ask Windows to renew the TAP adapter lease on startup.\n"
     "--dhcp-pre-release : Ask Windows to release the previous TAP adapter lease on\n"
     "                       startup.\n"
@@ -7440,7 +7441,7 @@  add_option(struct options *options,
         VERIFY_PERMISSION(OPT_P_IPWIN32);
         bool ipv6dns = false;
 
-        if (streq(p[1], "DOMAIN") && p[2])
+        if ((streq(p[1], "DOMAIN") || streq(p[1], "ADAPTER_DOMAIN_SUFFIX")) && p[2])
         {
             o->domain = p[2];
         }