From patchwork Tue Dec 7 06:01:52 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 2122 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director7.mail.ord1d.rsapps.net ([172.30.191.6]) by backend41.mail.ord1d.rsapps.net with LMTP id 6AgGLMmTr2HSUgAAqwncew (envelope-from ) for ; Tue, 07 Dec 2021 12:03:05 -0500 Received: from proxy3.mail.ord1d.rsapps.net ([172.30.191.6]) by director7.mail.ord1d.rsapps.net with LMTP id kAanDcqTr2G9SgAAovjBpQ (envelope-from ) for ; Tue, 07 Dec 2021 12:03:06 -0500 Received: from smtp25.gate.ord1d ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy3.mail.ord1d.rsapps.net with LMTPS id 6JR/DcqTr2FTCQAA7WKfLA (envelope-from ) for ; Tue, 07 Dec 2021 12:03:06 -0500 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp25.gate.ord1d.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: 8aefb132-577f-11ec-8d6d-52540081550e-1-1 Received: from [216.105.38.7] ([216.105.38.7:50656] helo=lists.sourceforge.net) by smtp25.gate.ord1d.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 74/22-22155-8C39FA16; Tue, 07 Dec 2021 12:03:05 -0500 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.94.2) (envelope-from ) id 1mudrB-0002nF-Dv; Tue, 07 Dec 2021 17:02:21 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1mudrA-0002ms-2T for openvpn-devel@lists.sourceforge.net; Tue, 07 Dec 2021 17:02:20 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=iWaIDVFcgpXpH9xklCrk4y6mmbz0bXjWMXmb6lvtf4s=; b=fy839WqnVhZ5rbtxr3C8ulvgT+ G2ko0vXr4Lo773Kkt6fIsRPBWWMxRRJWZ2QhEPmC0r1szJ+0rIzKgTHiXIeo2HZz50rArz3FYzA6X ivPZqE471nT66tVts99m2/QOsiBkRjYswP8r1Og/wOrua2tylLi4SzoqwjNi7ektG/xA=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=iWaIDVFcgpXpH9xklCrk4y6mmbz0bXjWMXmb6lvtf4s=; b=mvoxgo6g+CNlrzx6WfZ6ISPWLv u1bLvKJ88ChpvpzHr1pWq9bhkgv3f4wCtFi4I9hhKCJCu2mwVzF+yC5PO/oqCug57ctr4avfsz8Hi Ee+AeIU4mOydSkp0OvIySqZwOCRJqniT+/K1Y6es4NRywzpqA4RRNhmbiIvif1WTHDfU=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.3) id 1mudr8-007aK8-7y for openvpn-devel@lists.sourceforge.net; Tue, 07 Dec 2021 17:02:19 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.94.2 (FreeBSD)) (envelope-from ) id 1mudr1-000Idh-Be for openvpn-devel@lists.sourceforge.net; Tue, 07 Dec 2021 18:02:11 +0100 Received: (nullmailer pid 3275889 invoked by uid 10006); Tue, 07 Dec 2021 17:02:11 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Tue, 7 Dec 2021 18:01:52 +0100 Message-Id: <20211207170211.3275837-3-arne@rfc2549.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211207170211.3275837-1-arne@rfc2549.org> References: <20211207170211.3275837-1-arne@rfc2549.org> MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: This options might have been useful in the past but nowadays it has a very unclear semantics, so better remove/deprecate it. Signed-off-by: Arne Schwabe --- doc/man-sections/link-options.rst | 7 ++++++- src/openvpn/options.c | 4 +--- 2 files changed, 7 insertions(+), 4 deletions(-) Content analysis details: (0.3 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record X-Headers-End: 1mudr8-007aK8-7y Subject: [Openvpn-devel] [PATCH 02/21] Deprecate link-mtu X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox This options might have been useful in the past but nowadays it has a very unclear semantics, so better remove/deprecate it. Signed-off-by: Arne Schwabe --- doc/man-sections/link-options.rst | 7 ++++++- src/openvpn/options.c | 4 +--- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/doc/man-sections/link-options.rst b/doc/man-sections/link-options.rst index 32e72a1b7..b1ae4e75a 100644 --- a/doc/man-sections/link-options.rst +++ b/doc/man-sections/link-options.rst @@ -82,10 +82,15 @@ the local and the remote host. ping-restart 60 # Argument: timeout --link-mtu n - Sets an upper bound on the size of UDP packets which are sent between + **DEPRECATED** Sets an upper bound on the size of UDP packets which are sent between OpenVPN peers. *It's best not to set this parameter unless you know what you're doing.* + Due to variable header size of IP header (20 bytes for IPv4 and 40 bytes + for IPv6) and dynamically negotiated data channel cipher, this option + is not reliable. It is recommended to set tun-mtu with enough headroom + instead. + --local host Local host name or IP address for bind. If specified, OpenVPN will bind to this address only. If unspecified, OpenVPN will bind to all diff --git a/src/openvpn/options.c b/src/openvpn/options.c index b840b767b..c1663b264 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -2111,9 +2111,7 @@ options_postprocess_verify_ce(const struct options *options, */ if (options->ce.tun_mtu_defined && options->ce.link_mtu_defined) { - msg(M_USAGE, - "only one of --tun-mtu or --link-mtu may be defined (note that " - "--ifconfig implies --link-mtu %d)", LINK_MTU_DEFAULT); + msg(M_USAGE, "only one of --tun-mtu or --link-mtu may be defined"); } if (!proto_is_udp(ce->proto) && options->mtu_test)