[Openvpn-devel] Specify platform and version on command line.

Message ID CAJ-EccN7eQsSaFn4MH4qRTKx+zZ-1YcGAe0XU8813p7k=W2i4g@mail.gmail.com
State Rejected
Headers show
Series
  • [Openvpn-devel] Specify platform and version on command line.
Related show

Commit Message

Micah Morton April 13, 2018, 5:23 p.m.
From 557d2e73bf21ddb9d07b43f716c7914d610e7392 Mon Sep 17 00:00:00 2001
From: Micah Morton <mortonm@chromium.org>
Date: Fri, 13 Apr 2018 09:55:22 -0700
Subject: [PATCH] Specify platform and version on command line.

Add --iv-plat and --iv-plat-rel command line args, and use the values
passed to these args to set IV_PLAT and IV_PLAT_REL info that is pushed
to the server.

IV_PLAT (platform type) is normally inferred from the build target, but
it would be useful to be able to override this from the command line
(e.g. for client to set platform as ChromeOS instead of Linux).

IV_PLAT_REL (platform release version) would allow for pushing the
platform (e.g. ChromeOS) release version to the server.

This patch is written against openvpn-2.4.4.

Signed-off-by: Micah Morton <mortonm@chromium.org>
---
 src/openvpn/init.c       |  8 ++++++++
 src/openvpn/options.c    | 18 ++++++++++++++++++
 src/openvpn/options.h    |  2 ++
 src/openvpn/ssl.c        |  9 +++++++++
 src/openvpn/ssl_common.h |  2 ++
 5 files changed, 39 insertions(+)

Comments

Jonathan K. Bullard April 13, 2018, 6:44 p.m. | #1
Hi.

On Fri, Apr 13, 2018 at 1:23 PM, Micah Morton <mortonm@chromium.org> wrote:
> From 557d2e73bf21ddb9d07b43f716c7914d610e7392 Mon Sep 17 00:00:00 2001
> From: Micah Morton <mortonm@chromium.org>
> Date: Fri, 13 Apr 2018 09:55:22 -0700
> Subject: [PATCH] Specify platform and version on command line.
>
> Add --iv-plat and --iv-plat-rel command line args, and use the values
> passed to these args to set IV_PLAT and IV_PLAT_REL info that is pushed
> to the server.

Sounds reasonable, but the new options should be documented on the man
page and in the usage message that's shown to users (in options.c) and
that should be included in this patch.

Best regards,

Jon Bullard

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
Gert Doering April 13, 2018, 6:58 p.m. | #2
Hi,

On Fri, Apr 13, 2018 at 10:23:03AM -0700, Micah Morton wrote:
> From 557d2e73bf21ddb9d07b43f716c7914d610e7392 Mon Sep 17 00:00:00 2001
> From: Micah Morton <mortonm@chromium.org>
> Date: Fri, 13 Apr 2018 09:55:22 -0700
> Subject: [PATCH] Specify platform and version on command line.
> 
> Add --iv-plat and --iv-plat-rel command line args, and use the values
> passed to these args to set IV_PLAT and IV_PLAT_REL info that is pushed
> to the server.
> 
> IV_PLAT (platform type) is normally inferred from the build target, but
> it would be useful to be able to override this from the command line
> (e.g. for client to set platform as ChromeOS instead of Linux).
> 
> IV_PLAT_REL (platform release version) would allow for pushing the
> platform (e.g. ChromeOS) release version to the server.

I'm actually less than enthusiastic about "yay, two more special-case
options for OpenVPN" - and even less so to options that enable users
to override a fairly well-defined meaning of IV_PLAT with an arbitrary 
string.  Even if it's ChromeOS, compiled with #define TARGET_LINUX, 
IV_PLAT should reflect that.

There is already "--setenv UV_anykey=value" to send arbitrary strings
to the server, and in particular, IV_PLAT_VER can already be set by
"--setenv IV_PLAT_VER=<version>".

There's one catch to this, though - for some reason that escapes me right 
now we have decided that IV_PLAT_VER= and the UV_ user-defined strings 
are only sent if --push-peer-info is also configured on the client
(while IV_GUI_VER, also settable with --setenv, is always sent).

So we might want to revisit that decision.

gert
Micah Morton April 13, 2018, 7:34 p.m. | #3
@gert:

From the help message: "--setenv name value : Set a custom environmental
variable to pass to script."

--setenv appears to set string values for scripts only, not for the main
openvpn process (which is reading them in the push_peer_info() function).
Starting a test openvpn server with `--setenv foo bar` and then running
`strings` on /proc/PID/environ doesn't show "foo=bar". This suggests that
getenv() calls in the main openvpn process that try to read these vars may
return NULL.

@jon:

the mods to options.c in the patch above should take care of the help
message (I tested it by running openvpn --help). Although good point if
this is going in I should update the man page as well.

On Fri, Apr 13, 2018 at 11:58 AM, Gert Doering <gert@greenie.muc.de> wrote:

> Hi,
>
> On Fri, Apr 13, 2018 at 10:23:03AM -0700, Micah Morton wrote:
> > From 557d2e73bf21ddb9d07b43f716c7914d610e7392 Mon Sep 17 00:00:00 2001
> > From: Micah Morton <mortonm@chromium.org>
> > Date: Fri, 13 Apr 2018 09:55:22 -0700
> > Subject: [PATCH] Specify platform and version on command line.
> >
> > Add --iv-plat and --iv-plat-rel command line args, and use the values
> > passed to these args to set IV_PLAT and IV_PLAT_REL info that is pushed
> > to the server.
> >
> > IV_PLAT (platform type) is normally inferred from the build target, but
> > it would be useful to be able to override this from the command line
> > (e.g. for client to set platform as ChromeOS instead of Linux).
> >
> > IV_PLAT_REL (platform release version) would allow for pushing the
> > platform (e.g. ChromeOS) release version to the server.
>
> I'm actually less than enthusiastic about "yay, two more special-case
> options for OpenVPN" - and even less so to options that enable users
> to override a fairly well-defined meaning of IV_PLAT with an arbitrary
> string.  Even if it's ChromeOS, compiled with #define TARGET_LINUX,
> IV_PLAT should reflect that.
>
> There is already "--setenv UV_anykey=value" to send arbitrary strings
> to the server, and in particular, IV_PLAT_VER can already be set by
> "--setenv IV_PLAT_VER=<version>".
>
> There's one catch to this, though - for some reason that escapes me right
> now we have decided that IV_PLAT_VER= and the UV_ user-defined strings
> are only sent if --push-peer-info is also configured on the client
> (while IV_GUI_VER, also settable with --setenv, is always sent).
>
> So we might want to revisit that decision.
>
> gert
>
> --
> "If was one thing all people took for granted, was conviction that if you
>  feed honest figures into a computer, honest figures come out. Never
> doubted
>  it myself till I met a computer with a sense of humor."
>                              Robert A. Heinlein, The Moon is a Harsh
> Mistress
>
> Gert Doering - Munich, Germany
> gert@greenie.muc.de
>
<div dir="ltr"><div><span style="color:rgb(0,0,0);font-family:Roboto,-apple-system,BlinkMacSystemFont,&quot;Segoe UI&quot;,Helvetica,Arial,sans-serif,&quot;Apple Color Emoji&quot;,&quot;Segoe UI Emoji&quot;,&quot;Segoe UI Symbol&quot;;font-size:13px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">@gert:</span></div><div><span style="color:rgb(0,0,0);font-family:Roboto,-apple-system,BlinkMacSystemFont,&quot;Segoe UI&quot;,Helvetica,Arial,sans-serif,&quot;Apple Color Emoji&quot;,&quot;Segoe UI Emoji&quot;,&quot;Segoe UI Symbol&quot;;font-size:13px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><br></span></div><div><span style="color:rgb(0,0,0);font-family:Roboto,-apple-system,BlinkMacSystemFont,&quot;Segoe UI&quot;,Helvetica,Arial,sans-serif,&quot;Apple Color Emoji&quot;,&quot;Segoe UI Emoji&quot;,&quot;Segoe UI Symbol&quot;;font-size:13px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">From the help message: &quot;--setenv name value : Set a custom environmental variable to pass to script.&quot;</span></div><span style="color:rgb(0,0,0);font-family:Roboto,-apple-system,BlinkMacSystemFont,&quot;Segoe UI&quot;,Helvetica,Arial,sans-serif,&quot;Apple Color Emoji&quot;,&quot;Segoe UI Emoji&quot;,&quot;Segoe UI Symbol&quot;;font-size:13px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><div><span style="color:rgb(0,0,0);font-family:Roboto,-apple-system,BlinkMacSystemFont,&quot;Segoe UI&quot;,Helvetica,Arial,sans-serif,&quot;Apple Color Emoji&quot;,&quot;Segoe UI Emoji&quot;,&quot;Segoe UI Symbol&quot;;font-size:13px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><br></span></div>--setenv appears to set string values for scripts only, not for the main openvpn process (which is reading them in the push_peer_info() function).  Starting a test openvpn server with `--setenv foo bar` and then running `strings` on /proc/PID/environ doesn&#39;t show &quot;foo=bar&quot;.  This suggests that getenv() calls in the main openvpn process that try to read these vars may return NULL.</span><br><div><span style="color:rgb(0,0,0);font-family:Roboto,-apple-system,BlinkMacSystemFont,&quot;Segoe UI&quot;,Helvetica,Arial,sans-serif,&quot;Apple Color Emoji&quot;,&quot;Segoe UI Emoji&quot;,&quot;Segoe UI Symbol&quot;;font-size:13px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><br></span></div><div><span style="color:rgb(0,0,0);font-family:Roboto,-apple-system,BlinkMacSystemFont,&quot;Segoe UI&quot;,Helvetica,Arial,sans-serif,&quot;Apple Color Emoji&quot;,&quot;Segoe UI Emoji&quot;,&quot;Segoe UI Symbol&quot;;font-size:13px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">@jon:</span></div><div><span style="color:rgb(0,0,0);font-family:Roboto,-apple-system,BlinkMacSystemFont,&quot;Segoe UI&quot;,Helvetica,Arial,sans-serif,&quot;Apple Color Emoji&quot;,&quot;Segoe UI Emoji&quot;,&quot;Segoe UI Symbol&quot;;font-size:13px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><br></span></div><div><span style="color:rgb(0,0,0);font-family:Roboto,-apple-system,BlinkMacSystemFont,&quot;Segoe UI&quot;,Helvetica,Arial,sans-serif,&quot;Apple Color Emoji&quot;,&quot;Segoe UI Emoji&quot;,&quot;Segoe UI Symbol&quot;;font-size:13px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">the mods to options.c in the patch above should take care of the help message (I tested it by running openvpn --help). Although good point if this is going in I should update the man page as well.</span></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Apr 13, 2018 at 11:58 AM, Gert Doering <span dir="ltr">&lt;<a href="mailto:gert@greenie.muc.de" target="_blank">gert@greenie.muc.de</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi,<br>
<span class=""><br>
On Fri, Apr 13, 2018 at 10:23:03AM -0700, Micah Morton wrote:<br>
&gt; From 557d2e73bf21ddb9d07b43f716c791<wbr>4d610e7392 Mon Sep 17 00:00:00 2001<br>
&gt; From: Micah Morton &lt;<a href="mailto:mortonm@chromium.org">mortonm@chromium.org</a>&gt;<br>
&gt; Date: Fri, 13 Apr 2018 09:55:22 -0700<br>
&gt; Subject: [PATCH] Specify platform and version on command line.<br>
&gt; <br>
&gt; Add --iv-plat and --iv-plat-rel command line args, and use the values<br>
&gt; passed to these args to set IV_PLAT and IV_PLAT_REL info that is pushed<br>
&gt; to the server.<br>
&gt; <br>
&gt; IV_PLAT (platform type) is normally inferred from the build target, but<br>
&gt; it would be useful to be able to override this from the command line<br>
&gt; (e.g. for client to set platform as ChromeOS instead of Linux).<br>
&gt; <br>
&gt; IV_PLAT_REL (platform release version) would allow for pushing the<br>
&gt; platform (e.g. ChromeOS) release version to the server.<br>
<br>
</span>I&#39;m actually less than enthusiastic about &quot;yay, two more special-case<br>
options for OpenVPN&quot; - and even less so to options that enable users<br>
to override a fairly well-defined meaning of IV_PLAT with an arbitrary <br>
string.  Even if it&#39;s ChromeOS, compiled with #define TARGET_LINUX, <br>
IV_PLAT should reflect that.<br>
<br>
There is already &quot;--setenv UV_anykey=value&quot; to send arbitrary strings<br>
to the server, and in particular, IV_PLAT_VER can already be set by<br>
&quot;--setenv IV_PLAT_VER=&lt;version&gt;&quot;.<br>
<br>
There&#39;s one catch to this, though - for some reason that escapes me right <br>
now we have decided that IV_PLAT_VER= and the UV_ user-defined strings <br>
are only sent if --push-peer-info is also configured on the client<br>
(while IV_GUI_VER, also settable with --setenv, is always sent).<br>
<br>
So we might want to revisit that decision.<br>
<span class="HOEnZb"><font color="#888888"><br>
gert<br>
<br>
-- <br>
&quot;If was one thing all people took for granted, was conviction that if you <br>
 feed honest figures into a computer, honest figures come out. Never doubted <br>
 it myself till I met a computer with a sense of humor.&quot;<br>
                             Robert A. Heinlein, The Moon is a Harsh Mistress<br>
<br>
Gert Doering - Munich, Germany                             <a href="mailto:gert@greenie.muc.de">gert@greenie.muc.de</a><br>
</font></span></blockquote></div><br></div>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
Gert Doering April 13, 2018, 8:10 p.m. | #4
Hi,

On Fri, Apr 13, 2018 at 12:34:15PM -0700, Micah Morton wrote:
> @gert:
> 
> From the help message: "--setenv name value : Set a custom environmental
> variable to pass to script."
> 
> --setenv appears to set string values for scripts only, not for the main
> openvpn process (which is reading them in the push_peer_info() function).
> Starting a test openvpn server with `--setenv foo bar` and then running
> `strings` on /proc/PID/environ doesn't show "foo=bar". This suggests that
> getenv() calls in the main openvpn process that try to read these vars may
> return NULL.

This stuff isn't pushed into openvpn's own environment, because it does
not need to.  It goes into session->opt->es, which basically is a linked
list of "NAME=VALUE" strings (and ssl.c / push_peer_info() walks that).

When external programs are called, opt->es is put into *their* environment.

gert
Arne Schwabe April 13, 2018, 11:24 p.m. | #5
Am 13.04.2018 um 19:23 schrieb Micah Morton:
> From 557d2e73bf21ddb9d07b43f716c7914d610e7392 Mon Sep 17 00:00:00 2001
> From: Micah Morton <mortonm@chromium.org <mailto:mortonm@chromium.org>>
> Date: Fri, 13 Apr 2018 09:55:22 -0700
> Subject: [PATCH] Specify platform and version on command line.
>
> Add --iv-plat and --iv-plat-rel command line args, and use the values
> passed to these args to set IV_PLAT and IV_PLAT_REL info that is pushed
> to the server.
>
> IV_PLAT (platform type) is normally inferred from the build target, but
> it would be useful to be able to override this from the command line
> (e.g. for client to set platform as ChromeOS instead of Linux).
>
> IV_PLAT_REL (platform release version) would allow for pushing the
> platform (e.g. ChromeOS) release version to the server.
>
My Android client already uses

setenv IV_PLAT_VER to send platform specific information. I think
setting IV_PLAT_VER (and extend that to other platforms, might be
android specific at the moment) should also work for you. E.g..

setenv IV_PLAT_VER "27 8.1.0 arm64-v8a google taimen Pixel 2 XL"

Arne
<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <div class="moz-cite-prefix">Am 13.04.2018 um 19:23 schrieb Micah
      Morton:<br>
    </div>
    <blockquote type="cite"
cite="mid:CAJ-EccN7eQsSaFn4MH4qRTKx+zZ-1YcGAe0XU8813p7k=W2i4g@mail.gmail.com">
      <div dir="ltr">
        <div>From 557d2e73bf21ddb9d07b43f716c7914d610e7392 Mon Sep 17
          00:00:00 2001</div>
        <div>From: Micah Morton &lt;<a
            href="mailto:mortonm@chromium.org" moz-do-not-send="true">mortonm@chromium.org</a>&gt;</div>
        <div>Date: Fri, 13 Apr 2018 09:55:22 -0700</div>
        <div>Subject: [PATCH] Specify platform and version on command
          line.</div>
        <div><br>
        </div>
        <div>Add --iv-plat and --iv-plat-rel command line args, and use
          the values</div>
        <div>passed to these args to set IV_PLAT and IV_PLAT_REL info
          that is pushed</div>
        <div>to the server.</div>
        <div><br>
        </div>
        <div>IV_PLAT (platform type) is normally inferred from the build
          target, but</div>
        <div>it would be useful to be able to override this from the
          command line</div>
        <div>(e.g. for client to set platform as ChromeOS instead of
          Linux).</div>
        <div><br>
        </div>
        <div>IV_PLAT_REL (platform release version) would allow for
          pushing the</div>
        <div>platform (e.g. ChromeOS) release version to the server.</div>
        <div><br>
        </div>
      </div>
    </blockquote>
    My Android client already uses <br>
    <br>
    setenv IV_PLAT_VER to send platform specific information. I think
    setting IV_PLAT_VER (and extend that to other platforms, might be
    android specific at the moment) should also work for you. E.g..<br>
    <br>
    setenv IV_PLAT_VER "27 8.1.0 arm64-v8a google taimen Pixel 2 XL"<br>
    <br>
    Arne<br>
  </body>
</html>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
Micah Morton April 17, 2018, 7:17 p.m. | #6
@gert:

Good point. We should be able to use UV_* variables to do what we need.

Thanks!

On Fri, Apr 13, 2018 at 4:24 PM, Arne Schwabe <arne@rfc2549.org> wrote:

> Am 13.04.2018 um 19:23 schrieb Micah Morton:
>
> From 557d2e73bf21ddb9d07b43f716c7914d610e7392 Mon Sep 17 00:00:00 2001
> From: Micah Morton <mortonm@chromium.org>
> Date: Fri, 13 Apr 2018 09:55:22 -0700
> Subject: [PATCH] Specify platform and version on command line.
>
> Add --iv-plat and --iv-plat-rel command line args, and use the values
> passed to these args to set IV_PLAT and IV_PLAT_REL info that is pushed
> to the server.
>
> IV_PLAT (platform type) is normally inferred from the build target, but
> it would be useful to be able to override this from the command line
> (e.g. for client to set platform as ChromeOS instead of Linux).
>
> IV_PLAT_REL (platform release version) would allow for pushing the
> platform (e.g. ChromeOS) release version to the server.
>
> My Android client already uses
>
> setenv IV_PLAT_VER to send platform specific information. I think setting
> IV_PLAT_VER (and extend that to other platforms, might be android specific
> at the moment) should also work for you. E.g..
>
> setenv IV_PLAT_VER "27 8.1.0 arm64-v8a google taimen Pixel 2 XL"
>
> Arne
>
<div dir="ltr">@gert:<div><br></div><div>Good point. We should be able to use UV_* variables to do what we need.</div><div><br></div><div>Thanks!</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Apr 13, 2018 at 4:24 PM, Arne Schwabe <span dir="ltr">&lt;<a href="mailto:arne@rfc2549.org" target="_blank">arne@rfc2549.org</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
  
    
  
  <div text="#000000" bgcolor="#FFFFFF"><span class="">
    <div class="m_-697804746895640438moz-cite-prefix">Am 13.04.2018 um 19:23 schrieb Micah
      Morton:<br>
    </div>
    <blockquote type="cite">
      <div dir="ltr">
        <div>From 557d2e73bf21ddb9d07b43f716c791<wbr>4d610e7392 Mon Sep 17
          00:00:00 2001</div>
        <div>From: Micah Morton &lt;<a href="mailto:mortonm@chromium.org" target="_blank">mortonm@chromium.org</a>&gt;</div>
        <div>Date: Fri, 13 Apr 2018 09:55:22 -0700</div>
        <div>Subject: [PATCH] Specify platform and version on command
          line.</div>
        <div><br>
        </div>
        <div>Add --iv-plat and --iv-plat-rel command line args, and use
          the values</div>
        <div>passed to these args to set IV_PLAT and IV_PLAT_REL info
          that is pushed</div>
        <div>to the server.</div>
        <div><br>
        </div>
        <div>IV_PLAT (platform type) is normally inferred from the build
          target, but</div>
        <div>it would be useful to be able to override this from the
          command line</div>
        <div>(e.g. for client to set platform as ChromeOS instead of
          Linux).</div>
        <div><br>
        </div>
        <div>IV_PLAT_REL (platform release version) would allow for
          pushing the</div>
        <div>platform (e.g. ChromeOS) release version to the server.</div>
        <div><br>
        </div>
      </div>
    </blockquote></span>
    My Android client already uses <br>
    <br>
    setenv IV_PLAT_VER to send platform specific information. I think
    setting IV_PLAT_VER (and extend that to other platforms, might be
    android specific at the moment) should also work for you. E.g..<br>
    <br>
    setenv IV_PLAT_VER &quot;27 8.1.0 arm64-v8a google taimen Pixel 2 XL&quot;<span class="HOEnZb"><font color="#888888"><br>
    <br>
    Arne<br>
  </font></span></div>

</blockquote></div><br></div>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot

Patch

diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index 133a9f5..1cb76ad 100644
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -2723,6 +2723,14 @@  do_init_crypto_tls(struct context *c, const unsigned
int flags)
     {
         to.push_peer_info_detail = 0;
     }
+    if (options->iv_plat)
+    {
+        to.iv_plat = options->iv_plat;
+    }
+    if (options->iv_plat_rel)
+    {
+        to.iv_plat_rel = options->iv_plat_rel;
+    }
 #endif

     /* should we not xmit any packets until we get an initial
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 8dee5d1..d9559a0 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -229,6 +229,8 @@  static const char usage_message[] =
     "--client-nat snat|dnat network netmask alias : on client add 1-to-1
NAT rule.\n"
 #ifdef ENABLE_PUSH_PEER_INFO
     "--push-peer-info : (client only) push client info to server.\n"
+    "--iv-plat: (client only) platform type.\n"
+    "--iv-plat-rel: (client only) platform release version.\n"
 #endif
     "--setenv name value : Set a custom environmental variable to pass to
script.\n"
     "--setenv FORWARD_COMPATIBLE 1 : Relax config file syntax checking to
allow\n"
@@ -1781,6 +1783,8 @@  show_settings(const struct options *o)
     SHOW_BOOL(single_session);
 #ifdef ENABLE_PUSH_PEER_INFO
     SHOW_BOOL(push_peer_info);
+    SHOW_STR(iv_plat);
+    SHOW_STR(iv_plat_rel);
 #endif
     SHOW_BOOL(tls_exit);

@@ -7837,6 +7841,20 @@  add_option(struct options *options,
         VERIFY_PERMISSION(OPT_P_GENERAL);
         options->push_peer_info = true;
     }
+
+    else if (streq(p[0], "iv-plat") && p[1] && !p[2])
+    {
+        VERIFY_PERMISSION(OPT_P_GENERAL);
+        options->iv_plat = p[1];
+    }
+
+    else if (streq(p[0], "iv-plat-rel") && p[1] && !p[2])
+    {
+        VERIFY_PERMISSION(OPT_P_GENERAL);
+        options->iv_plat_rel = p[1];
+    }
+
+
 #endif
     else if (streq(p[0], "tls-exit") && !p[1])
     {
diff --git a/src/openvpn/options.h b/src/openvpn/options.h
index 01a7b26..9da4058 100644
--- a/src/openvpn/options.h
+++ b/src/openvpn/options.h
@@ -575,6 +575,8 @@  struct options

 #ifdef ENABLE_PUSH_PEER_INFO
     bool push_peer_info;
+    const char *iv_plat;
+    const char *iv_plat_rel;
 #endif

     bool tls_exit;
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index 0739cf7..1265177 100644
--- a/src/openvpn/ssl.c
+++ b/src/openvpn/ssl.c
@@ -2245,6 +2245,7 @@  push_peer_info(struct buffer *buf, struct tls_session
*session)
         buf_printf(&out, "IV_VER=%s\n", PACKAGE_VERSION);

         /* push platform */
+        if (session->opt->iv_plat == NULL) {
 #if defined(TARGET_LINUX)
         buf_printf(&out, "IV_PLAT=linux\n");
 #elif defined(TARGET_SOLARIS)
@@ -2262,6 +2263,14 @@  push_peer_info(struct buffer *buf, struct
tls_session *session)
 #elif defined(_WIN32)
         buf_printf(&out, "IV_PLAT=win\n");
 #endif
+        } else {
+            buf_printf(&out, "IV_PLAT=%s\n", session->opt->iv_plat);
+        }
+
+        if (session->opt->iv_plat_rel != NULL)
+        {
+            buf_printf(&out, "IV_PLAT_REL=%s\n",
session->opt->iv_plat_rel);
+        }

         /* support for P_DATA_V2 */
         buf_printf(&out, "IV_PROTO=2\n");
diff --git a/src/openvpn/ssl_common.h b/src/openvpn/ssl_common.h
index 25bffd5..d95c2ef 100644
--- a/src/openvpn/ssl_common.h
+++ b/src/openvpn/ssl_common.h
@@ -251,6 +251,8 @@  struct tls_options
     bool pull;
 #ifdef ENABLE_PUSH_PEER_INFO
     int push_peer_info_detail;
+    const char *iv_plat;
+    const char *iv_plat_rel;
 #endif
     int transition_window;
     int handshake_window;