Message ID | 20200518155427.17283-1-arne@rfc2549.org |
---|---|
State | Accepted |
Headers | show |
Series | [Openvpn-devel] Refuse server mode on Android | expand |
On 18/05/2020 17:54, Arne Schwabe wrote: > After the commit 042429d3 "build: Remove --disable-server from ./configure" > Android needs another way to ensure that OpenVPN is not run in server mode. > > Signed-off-by: Arne Schwabe <arne@rfc2549.org> > --- > src/openvpn/options.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/src/openvpn/options.c b/src/openvpn/options.c > index 2da8cf6d..bfba62ad 100644 > --- a/src/openvpn/options.c > +++ b/src/openvpn/options.c > @@ -2254,6 +2254,9 @@ options_postprocess_verify_ce(const struct options *options, const struct connec > */ > if (options->mode == MODE_SERVER) > { > +#ifdef TARGET_ANDROID > + msg(M_FATAL, "--mode server not supported on Android"); > +#endif > if (!(dev == DEV_TYPE_TUN || dev == DEV_TYPE_TAP)) > { > msg(M_USAGE, "--mode server only works with --dev tun or --dev tap"); > Not tested this, but this change is pretty clear and explicit. I also can't imagine now a better way to tackle this, even though I'm not too happy about adding more #ifdef. If someone really needs TARGET_ANDROID with server support, lets wait for them to appear so we can clearly define the use-case and design a better solution for a known scenario. Acked-By: David Sommerseth <davids@openvpn.net>
Your patch has been applied to the master branch. (I would have ACKed this, but David was faster... "#ifdef ANDROID, if not excessive, is mostly Arne's decision anyway") commit cc76e177606ba336bbcb63ebc5e4d85b4116057f Author: Arne Schwabe Date: Mon May 18 17:54:27 2020 +0200 Refuse server mode on Android Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: David Sommerseth <davids@openvpn.net> Message-Id: <20200518155427.17283-1-arne@rfc2549.org> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg19904.html Signed-off-by: Gert Doering <gert@greenie.muc.de> -- kind regards, Gert Doering
diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 2da8cf6d..bfba62ad 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -2254,6 +2254,9 @@ options_postprocess_verify_ce(const struct options *options, const struct connec */ if (options->mode == MODE_SERVER) { +#ifdef TARGET_ANDROID + msg(M_FATAL, "--mode server not supported on Android"); +#endif if (!(dev == DEV_TYPE_TUN || dev == DEV_TYPE_TAP)) { msg(M_USAGE, "--mode server only works with --dev tun or --dev tap");
After the commit 042429d3 "build: Remove --disable-server from ./configure" Android needs another way to ensure that OpenVPN is not run in server mode. Signed-off-by: Arne Schwabe <arne@rfc2549.org> --- src/openvpn/options.c | 3 +++ 1 file changed, 3 insertions(+)