From patchwork Tue Aug 7 23:58:47 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steffan Karger X-Patchwork-Id: 442 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director12.mail.ord1d.rsapps.net ([172.31.255.6]) by backend30.mail.ord1d.rsapps.net (Dovecot) with LMTP id +4HzHkO/alvPIgAAIUCqbw for ; Wed, 08 Aug 2018 06:00:35 -0400 Received: from proxy8.mail.iad3b.rsapps.net ([172.31.255.6]) by director12.mail.ord1d.rsapps.net (Dovecot) with LMTP id Tzo6AEO/alvPTgAAIasKDg ; Wed, 08 Aug 2018 06:00:35 -0400 Received: from smtp5.gate.iad3b ([172.31.255.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy8.mail.iad3b.rsapps.net with LMTP id EMjnF0O/alsaXAAAoCsc3g ; Wed, 08 Aug 2018 06:00:35 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp5.gate.iad3b.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=fox-it.com X-Suspicious-Flag: YES X-Classification-ID: e46ef7b6-9af1-11e8-a240-525400155d63-1-1 Received: from [216.105.38.7] ([216.105.38.7:10820] helo=lists.sourceforge.net) by smtp5.gate.iad3b.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id B7/BE-00848-34FBA6B5; Wed, 08 Aug 2018 06:00:35 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1fnLFU-0007Yr-8V; Wed, 08 Aug 2018 09:59:24 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1fnLFT-0007Yd-2k for openvpn-devel@lists.sourceforge.net; Wed, 08 Aug 2018 09:59:23 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Type:MIME-Version:Message-ID:Date:Subject: CC:To:From:Sender:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=EI3HsnoY4xp2NElZX3nc645BthPC9SVuWcOcx/+16TA=; b=WNK6bPMnKpNsGkL7QeQuBqAFGB KS1kNlpXwZgv0O3HH0xNe0kai8JuznBgk1m7Jy776p2FZ5CeKTqP2BIPAZlFDvNeTNCufMHYsmPOq 8ZFONKupoC61Nr343nAm7UNgx20QI0fE22jyhLr2CY71LC4tBRtXpHrxMC2FZ/dTHojc=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Type:MIME-Version:Message-ID:Date:Subject:CC:To:From:Sender: Reply-To:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date :Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=EI3HsnoY4xp2NElZX3nc645BthPC9SVuWcOcx/+16TA=; b=O l+sO1nmoDBNfTLnur0PTwreZBOaGokZzLSvrq1DsLhw2kvypyviaJzg/SNJdu4nC1G3mtQVinZ+g3 gUx0fKrstkbL/XtaoiKQ+h/MlgV9Oh+i9zp0E//i5ctNKw6421x6rx2QoPZeFN9gja7ur7Tr0aCbX r4T2CFnHMpD3U1yA=; Received: from ns2.fox-it.com ([178.250.144.131]) by sfi-mx-4.v28.lw.sourceforge.com with esmtps (TLSv1:ECDHE-RSA-AES256-SHA:256) (Exim 4.90_1) id 1fnLFR-00BNV8-7x for openvpn-devel@lists.sourceforge.net; Wed, 08 Aug 2018 09:59:23 +0000 Received: from FOXDFT52.FOX.local (unknown [10.0.0.129]) by ns2.fox-it.com (Postfix) with ESMTPS id CA2C61AF85F for ; Wed, 8 Aug 2018 11:59:14 +0200 (CEST) Received: from steffan-fox.fox.local (10.0.3.178) by FOXDFT52.FOX.local (10.0.0.129) with Microsoft SMTP Server (TLS) id 15.0.1293.2; Wed, 8 Aug 2018 11:59:14 +0200 From: Steffan Karger To: Date: Wed, 8 Aug 2018 11:58:47 +0200 Message-ID: <1533722327-5228-1-git-send-email-steffan.karger@fox-it.com> X-Mailer: git-send-email 2.7.4 MIME-Version: 1.0 X-ClientProxiedBy: FOXDFT52.FOX.local (10.0.0.129) To FOXDFT52.FOX.local (10.0.0.129) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1fnLFR-00BNV8-7x Subject: [Openvpn-devel] [PATCH] Don't print OCC warnings about 'key-method', 'keydir' and 'tls-auth' X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Like 'proto', a mismatch in key-method, keydir or tls-auth would fail before we ever get to the point where we can print this warning. This prepares for removing these from the occ string later on, but also prepares for tls-crypt-v2, which allows a server to support tls-auth and tls-crypt-v2 connections in parallel. Such a server will send 'keydir' and 'tls-auth' in the occ string. This change removes the spurious warnings about that in the client log. Signed-off-by: Steffan Karger --- src/openvpn/options.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 61fa983..60f4b6f 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -3790,11 +3790,14 @@ options_warning_safe_scan2(const int msglevel, const char *b1_name, const char *b2_name) { - /* we will stop sending 'proto xxx' in OCC in a future version - * (because it's not useful), and to reduce questions when - * interoperating, we start not-printing a warning about it today + /* We will stop sending 'key-method', 'keydir', 'proto' and 'tls-auth' in + * OCC in a future version (because it's not useful). To reduce questions + * when interoperating, we no longer printing a warning about it. */ - if (strncmp(p1, "proto ", 6) == 0) + if (strcmp(p1, "key-method ") == 0 + || strcmp(p1, "keydir ") == 0 + || strcmp(p1, "proto ") == 0 + || strcmp(p1, "tls-auth ") == 0) { return; }