[Openvpn-devel,1/7] Refactor early initialisation and uninitialisation into methods

Message ID 20220512121429.2096164-2-arne@rfc2549.org
State Accepted
Headers show
Series
  • Improve OpenSSL 3.0 support in OpenVPN 2.5
Related show

Commit Message

Arne Schwabe May 12, 2022, 12:14 p.m.
This put the early initialisation and uninitialisation that needs to
happen between option parsing and post processing into small methods.

Cherry-pick of 97056dbf9 as prerequirement for the provider patch

Signed-off-by: Arne Schwabe <arne@rfc2549.org>
---
 src/openvpn/openvpn.c | 23 ++++++++++++++++++-----
 1 file changed, 18 insertions(+), 5 deletions(-)

Comments

Gert Doering May 13, 2022, 7:23 a.m. | #1
Acked-by: Gert Doering <gert@greenie.muc.de>

Trivial.  Usually we wouldn't do refactoring in 2.5, but we decided we
want (must have, *sigh*) better OpenSSL support because Linux distributions
have started shipping "openvpn 2.5.x with openssl 3.0.x", and that is
not a good experience without this patchset.

"make check" tested on FreeBSD with 3.0.x - fails in the expected
places (engine test, no BF-CBC, no support for MD5/SHA1 certs)

Testing cipher BF-CBC... FAILED
Testing cipher DES-OFB... FAILED

Your patch has been applied to the release/2.5 branch.

commit 3f25bf7f7c1f32c2d3ef5b52443c97553a6c8977
Author: Arne Schwabe
Date:   Thu May 12 14:14:23 2022 +0200

     Refactor early initialisation and uninitialisation into methods

     Signed-off-by: Arne Schwabe <arne@rfc2549.org>
     Acked-by: Gert Doering <gert@greenie.muc.de>
     Message-Id: <20220512121429.2096164-2-arne@rfc2549.org>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg24328.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering

Patch

diff --git a/src/openvpn/openvpn.c b/src/openvpn/openvpn.c
index a21b21e23..e03d25450 100644
--- a/src/openvpn/openvpn.c
+++ b/src/openvpn/openvpn.c
@@ -105,6 +105,20 @@  tunnel_point_to_point(struct context *c)
 
 #undef PROCESS_SIGNAL_P2P
 
+void init_early(struct context *c)
+{
+    net_ctx_init(c, &c->net_ctx);
+
+    /* init verbosity and mute levels */
+    init_verb_mute(c, IVM_LEVEL_1);
+
+}
+
+static void uninit_early(struct context *c)
+{
+    net_ctx_free(&c->net_ctx);
+}
+
 
 /**************************************************************************/
 /**
@@ -193,10 +207,9 @@  openvpn_main(int argc, char *argv[])
             open_plugins(&c, true, OPENVPN_PLUGIN_INIT_PRE_CONFIG_PARSE);
 #endif
 
-            net_ctx_init(&c, &c.net_ctx);
-
-            /* init verbosity and mute levels */
-            init_verb_mute(&c, IVM_LEVEL_1);
+            /* Early initialisation that need to happen before option
+             * post processing and other early startup but after parsing */
+            init_early(&c);
 
             /* set dev options */
             init_options_dev(&c.options);
@@ -308,7 +321,7 @@  openvpn_main(int argc, char *argv[])
             env_set_destroy(c.es);
             uninit_options(&c.options);
             gc_reset(&c.gc);
-            net_ctx_free(&c.net_ctx);
+            uninit_early(&c);
         }
         while (c.sig->signal_received == SIGHUP);
     }