From patchwork Fri Apr 2 02:45:29 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 1703 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director12.mail.ord1d.rsapps.net ([172.27.255.50]) by backend30.mail.ord1d.rsapps.net with LMTP id WA2pADwoZ2A2PQAAIUCqbw (envelope-from ) for ; Fri, 02 Apr 2021 10:20:44 -0400 Received: from proxy4.mail.iad3a.rsapps.net ([172.27.255.50]) by director12.mail.ord1d.rsapps.net with LMTP id GFqXADwoZ2C7PgAAIasKDg (envelope-from ) for ; Fri, 02 Apr 2021 10:20:44 -0400 Received: from smtp12.gate.iad3a ([172.27.255.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy4.mail.iad3a.rsapps.net with LMTPS id eHNhNTsoZ2CQYQAA8Zvu4w (envelope-from ) for ; Fri, 02 Apr 2021 10:20:43 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp12.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=greenie.muc.de X-Suspicious-Flag: YES X-Classification-ID: 9b063d96-93be-11eb-97cd-525400068c1c-1-1 Received: from [216.105.38.7] ([216.105.38.7:33678] helo=lists.sourceforge.net) by smtp12.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 69/8D-09933-A3827606; Fri, 02 Apr 2021 10:20:42 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1lSKeH-0003x9-A7; Fri, 02 Apr 2021 14:19:45 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lSKeD-0003wV-Lw for openvpn-devel@lists.sourceforge.net; Fri, 02 Apr 2021 14:19:41 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=ELmJ8ZeqzybJvzVq/uQwpZhTE9YN/HQWWQIlNMA87uA=; b=g1YhST3twiRraA7yQwbR806GFL rnRL5lcslNHxCGPkekB96dkIWOKrjquSeJ7XkiGO+DQA/HjCClBTgs7UZdT85ARyFa3++PNEwVfhq /MQObFLDm26J6sAFe3n6Cp/FDilID2dCBRdTPxMVt9ry05IkB0YxMYd6mie5s0joySUA=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:To:From: Sender:Reply-To:Cc:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=ELmJ8ZeqzybJvzVq/uQwpZhTE9YN/HQWWQIlNMA87uA=; b=l uTAI6FrlzCemQSXLJm7lMJuoWza6o5D1OoSNKAYfCbBoxL1WmWD4G9B9a2eP3/FCdRQ32GrmkR3Rl GQ4EIuFmiNF452JukiRCixFd+/4msjuX1kJkonOs9HXT22YdJyt0cxfe5+rBOBevM3kbwEgPEnq5j vUoYgtWvxAPhQQNk=; Received: from vmail1.greenie.net ([195.30.8.66]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.2) id 1lSKdk-0076bb-JS for openvpn-devel@lists.sourceforge.net; Fri, 02 Apr 2021 14:19:40 +0000 Received: from gentoo.ov.greenie.net (gentoo.ov.greenie.net [IPv6:2001:608:0:814:0:0:f000:11]) by vmail1.greenie.net (8.16.1/8.12.11) with SMTP id 132DjTcW019113 for ; Fri, 2 Apr 2021 15:45:29 +0200 (CEST) Received: (nullmailer pid 27912 invoked by uid 1000); Fri, 02 Apr 2021 13:45:29 -0000 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Fri, 2 Apr 2021 15:45:29 +0200 Message-Id: <20210402134529.27866-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.26.3 MIME-Version: 1.0 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.6.2 (vmail1.greenie.net [IPv6:2001:608:1:995a:20c:29ff:feb8:10eb]); Fri, 02 Apr 2021 15:45:29 +0200 (CEST) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: muc.de] 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 TIME_LIMIT_EXCEEDED Exceeded time limit / deadline X-Headers-End: 1lSKdk-0076bb-JS Subject: [Openvpn-devel] [PATCH] Fix 'compress migrate' for 2.2 clients. X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Commit 8fa8a17528c001a introduces "compress migrate" to move old clients that have "compress" or "comp-lzo" in their config towards a connection without compression. This is done by looking at incoming OCC strings to see if the client has compression enabled, and at incoming IV_ strings to see whether it can do "compress stub-v2" or needs to be sent "comp-lzo no". That check fails for 2.2 clients that do not send *any* peer-info by default, so the server will not push back any "disable compression" command. It works if the client connects with "--push-peer-info". Fix: turn around the order of checks, treat "no peer_info" the same as "peer_info does not contain IV_COMP_STUBv2". Signed-off-by: Gert Doering Acked-By: Arne Schwabe --- src/openvpn/multi.c | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index 5c495036..56b4fc0d 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -2485,14 +2485,9 @@ multi_client_connect_compress_migrate(struct multi_context *m, struct options *o = &mi->context.options; const char *const peer_info = mi->context.c2.tls_multi->peer_info; - if (!peer_info) - { - return CC_RET_SUCCEEDED; - } - if (o->comp.flags & COMP_F_MIGRATE && mi->context.c2.tls_multi->remote_usescomp) { - if(strstr(peer_info, "IV_COMP_STUBv2=1")) + if(peer_info && strstr(peer_info, "IV_COMP_STUBv2=1")) { push_option(o, "compress stub-v2", M_USAGE); }