From patchwork Sat Dec 2 02:45:37 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Antonio Quartulli X-Patchwork-Id: 108 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director2.mail.ord1d.rsapps.net ([172.30.191.6]) by backend31.mail.ord1d.rsapps.net (Dovecot) with LMTP id q/U5I/SuIlq6FwAAgoeIoA for ; Sat, 02 Dec 2017 08:47:32 -0500 Received: from proxy8.mail.ord1d.rsapps.net ([172.30.191.6]) by director2.mail.ord1d.rsapps.net (Dovecot) with LMTP id V1a6AfSuIlrMCQAAgYhSiA ; Sat, 02 Dec 2017 08:47:32 -0500 Received: from smtp41.gate.ord1c ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy8.mail.ord1d.rsapps.net (Dovecot) with LMTP id 890eE/SuIlp7ZAAAGdz6CA ; Sat, 02 Dec 2017 08:47:32 -0500 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.34.181.88] Authentication-Results: smtp41.gate.ord1c.rsapps.net; iprev=pass policy.iprev="216.34.181.88"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=unstable.cc X-Classification-ID: 585f23fc-d767-11e7-9622-b8ca3a5bd12c-1-1 Received: from [216.34.181.88] ([216.34.181.88:47007] helo=lists.sourceforge.net) by smtp41.gate.ord1c.rsapps.net (envelope-from ) (ecelerity 4.2.1.56364 r(Core:4.2.1.14)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 4D/26-27263-4FEA22A5; Sat, 02 Dec 2017 08:47:32 -0500 Received: from localhost ([127.0.0.1] helo=sfs-ml-4.v29.ch3.sourceforge.com) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.89) (envelope-from ) id 1eL881-0002b2-Mn; Sat, 02 Dec 2017 13:46:49 +0000 Received: from sfi-mx-2.v28.ch3.sourceforge.com ([172.29.28.192] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89) (envelope-from ) id 1eL880-0002aw-Du for openvpn-devel@lists.sourceforge.net; Sat, 02 Dec 2017 13:46:48 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:Cc: To:From:Sender:Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=raN2oUNOBQ0bBofyLEAl71B1mUZL0P1sFSfTBUHk1j0=; b=A0/5YMyHnTFRr1GT0ikbj9FYXf PKblGKI61s7IxBCQSN47bldG4M+ZeDQsn3rdFT15P+tqtluhEV3JWHMYgljotISm80teHyvSPsh/v oVwIeXllryQ9ezLL3TGcORSQKlBu01kkXkqXnoXJCw5+OCnGX0HaUKfW1aJRdPmLqxio=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=raN2oUNOBQ0bBofyLEAl71B1mUZL0P1sFSfTBUHk1j0=; b=TRXni94GGRFzyGxy+vhURagkyX 2fZjyVUlDV8zdHdhwqAV5dDu/kdVQjgftSZdUr8AAu+Me4Lwe1qzDbClgBt1jzZAU4YhktsouYdsR BDgkHZLKFFBbFAISaI8PzzWWZUWFUY4sB350m9Z9yTSzm5UDltlwKwFgVkLqgzAH4GnM=; Received: from s2.neomailbox.net ([5.148.176.60]) by sfi-mx-2.v28.ch3.sourceforge.com with esmtps (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89) id 1eL87z-0003C9-Gu for openvpn-devel@lists.sourceforge.net; Sat, 02 Dec 2017 13:46:48 +0000 From: Antonio Quartulli To: openvpn-devel@lists.sourceforge.net Date: Sat, 2 Dec 2017 21:45:37 +0800 Message-Id: <20171202134541.7688-3-a@unstable.cc> In-Reply-To: <20171202134541.7688-1-a@unstable.cc> References: <20171202134541.7688-1-a@unstable.cc> X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [5.148.176.60 listed in list.dnswl.org] -0.0 AWL AWL: Adjusted score from AWL reputation of From: address X-Headers-End: 1eL87z-0003C9-Gu Subject: [Openvpn-devel] [PATCH 3/7] Remove ENABLE_PUSH_PEER_INFO X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Antonio Quartulli MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox ENABLE_PUSH_PEER_INFO depended on ENABLE_CRYPTO that now does not exist anymore. Get rid of ENABLE_PUSH_PEER_INFO by assuming that it is always enabled and simplify the code. Signed-off-by: Antonio Quartulli Acked-by: Steffan Karger --- src/openvpn/init.c | 2 -- src/openvpn/options.c | 10 ---------- src/openvpn/options.h | 2 -- src/openvpn/ssl.c | 2 -- src/openvpn/ssl_common.h | 2 -- src/openvpn/syshead.h | 5 ----- 6 files changed, 23 deletions(-) diff --git a/src/openvpn/init.c b/src/openvpn/init.c index bfc80ebf..e013e9ca 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -2686,7 +2686,6 @@ do_init_crypto_tls(struct context *c, const unsigned int flags) to.single_session = options->single_session; to.mode = options->mode; to.pull = options->pull; -#ifdef ENABLE_PUSH_PEER_INFO if (options->push_peer_info) /* all there is */ { to.push_peer_info_detail = 2; @@ -2699,7 +2698,6 @@ do_init_crypto_tls(struct context *c, const unsigned int flags) { to.push_peer_info_detail = 0; } -#endif /* should we not xmit any packets until we get an initial * response from client? */ diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 49afb4e4..9d9798f7 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -225,9 +225,7 @@ static const char usage_message[] = "--redirect-private [flags]: Like --redirect-gateway, but omit actually changing\n" " the default gateway. Useful when pushing private subnets.\n" "--client-nat snat|dnat network netmask alias : on client add 1-to-1 NAT rule.\n" -#ifdef ENABLE_PUSH_PEER_INFO "--push-peer-info : (client only) push client info to server.\n" -#endif "--setenv name value : Set a custom environmental variable to pass to script.\n" "--setenv FORWARD_COMPATIBLE 1 : Relax config file syntax checking to allow\n" " directives for future OpenVPN versions to be ignored.\n" @@ -1772,9 +1770,7 @@ show_settings(const struct options *o) SHOW_INT(transition_window); SHOW_BOOL(single_session); -#ifdef ENABLE_PUSH_PEER_INFO SHOW_BOOL(push_peer_info); -#endif SHOW_BOOL(tls_exit); SHOW_STR(tls_auth_file); @@ -2732,9 +2728,7 @@ options_postprocess_verify_ce(const struct options *options, const struct connec MUST_BE_UNDEF(tls_auth_file); MUST_BE_UNDEF(tls_crypt_file); MUST_BE_UNDEF(single_session); -#ifdef ENABLE_PUSH_PEER_INFO MUST_BE_UNDEF(push_peer_info); -#endif MUST_BE_UNDEF(tls_exit); MUST_BE_UNDEF(crl_file); MUST_BE_UNDEF(key_method); @@ -6344,12 +6338,10 @@ add_option(struct options *options, msg(msglevel, "this is a generic configuration and cannot directly be used"); goto err; } -#ifdef ENABLE_PUSH_PEER_INFO else if (streq(p[1], "PUSH_PEER_INFO") && !p[2]) { options->push_peer_info = true; } -#endif else if (streq(p[1], "SERVER_POLL_TIMEOUT") && p[2]) { options->ce.connect_timeout = positive_atoi(p[2]); @@ -7778,13 +7770,11 @@ add_option(struct options *options, VERIFY_PERMISSION(OPT_P_GENERAL); options->single_session = true; } -#ifdef ENABLE_PUSH_PEER_INFO else if (streq(p[0], "push-peer-info") && !p[1]) { VERIFY_PERMISSION(OPT_P_GENERAL); options->push_peer_info = true; } -#endif else if (streq(p[0], "tls-exit") && !p[1]) { VERIFY_PERMISSION(OPT_P_GENERAL); diff --git a/src/openvpn/options.h b/src/openvpn/options.h index d7b46219..6d7fcc08 100644 --- a/src/openvpn/options.h +++ b/src/openvpn/options.h @@ -569,9 +569,7 @@ struct options /* Allow only one session */ bool single_session; -#ifdef ENABLE_PUSH_PEER_INFO bool push_peer_info; -#endif bool tls_exit; diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index d9439062..a95ef7e2 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -2235,7 +2235,6 @@ push_peer_info(struct buffer *buf, struct tls_session *session) struct gc_arena gc = gc_new(); bool ret = false; -#ifdef ENABLE_PUSH_PEER_INFO if (session->opt->push_peer_info_detail > 0) { struct env_set *es = session->opt->es; @@ -2316,7 +2315,6 @@ push_peer_info(struct buffer *buf, struct tls_session *session) } } else -#endif /* ifdef ENABLE_PUSH_PEER_INFO */ { if (!write_empty_string(buf)) /* no peer info */ { diff --git a/src/openvpn/ssl_common.h b/src/openvpn/ssl_common.h index 25bffd5b..60ed5f8a 100644 --- a/src/openvpn/ssl_common.h +++ b/src/openvpn/ssl_common.h @@ -249,9 +249,7 @@ struct tls_options #endif int mode; bool pull; -#ifdef ENABLE_PUSH_PEER_INFO int push_peer_info_detail; -#endif int transition_window; int handshake_window; interval_t packet_timeout; diff --git a/src/openvpn/syshead.h b/src/openvpn/syshead.h index 594ddf17..83904af9 100644 --- a/src/openvpn/syshead.h +++ b/src/openvpn/syshead.h @@ -673,11 +673,6 @@ socket_defined(const socket_descriptor_t sd) #define ENABLE_CLIENT_CR #endif -/* - * Do we support pushing peer info? - */ -#define ENABLE_PUSH_PEER_INFO - /* * Compression support */