Message ID | 20200709101603.11941-7-arne@rfc2549.org |
---|---|
State | Accepted |
Headers | show |
Series | [Openvpn-devel,1/8] Deprecate ncp-disable and add improved ncp to Changes.rst | expand |
Hi, On Thu, Jul 09, 2020 at 12:16:02PM +0200, Arne Schwabe wrote: > Signed-off-by: Arne Schwabe <arne@rfc2549.org> > --- > src/openvpn/ssl.c | 5 +++-- > src/openvpn/ssl.h | 7 ------- > 2 files changed, 3 insertions(+), 9 deletions(-) > > diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c > index 668bcbd9..4ee4c245 100644 > --- a/src/openvpn/ssl.c > +++ b/src/openvpn/ssl.c > @@ -1988,8 +1988,9 @@ tls_session_update_crypto_params(struct tls_session *session, > } > else > { > - /* Very hacky workaround and quick fix for our calculation > - * not correct to avoid a regression */ > + /* Very hacky workaround and quick fix for frame calculation > + * different when adjusting frame size when the original and new cipher > + * are identical to avoid a regression with client without NCP */ > return tls_session_generate_data_channel_keys(session); > } This comment has strayed a bit, I think I'll move it over to the previous patch (6/8) which introduces it - not so useful to add a comment and then change it right in the next patch. Also, somewhat unrelated change... > diff --git a/src/openvpn/ssl.h b/src/openvpn/ssl.h > index 2f6f7657..58a9b0d4 100644 > --- a/src/openvpn/ssl.h > +++ b/src/openvpn/ssl.h > @@ -89,13 +89,6 @@ > #define TLS_MULTI_HORIZON 2 /* call tls_multi_process frequently for n seconds after > * every packet sent/received action */ > > -/* > - * The SSL/TLS worker thread will wait at most this many seconds for the > - * interprocess communication pipe to the main thread to be ready to accept > - * writes. > - */ > -#define TLS_MULTI_THREAD_SEND_TIMEOUT 5 > - > /* Interval that tls_multi_process should call tls_authentication_status */ > #define TLS_MULTI_AUTH_STATUS_INTERVAL 10 This one is easy enough, so Acked-By: Gert Doering <gert@greenie.muc.de> gert
Your patch has been applied to the master branch. I have moved the comment change to 6/8 (to be applied as soon as we've worked out 4/8 and 5/8) so this can be nicely applied standalone. "It still compiles", so it is obviously correct :-) commit a6571181550f518eda3a63fb89e3a8191199dd24 Author: Arne Schwabe Date: Thu Jul 9 12:16:02 2020 +0200 Removed unused definition Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <20200709101603.11941-7-arne@rfc2549.org> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg20256.html Signed-off-by: Gert Doering <gert@greenie.muc.de> -- kind regards, Gert Doering
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index 668bcbd9..4ee4c245 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -1988,8 +1988,9 @@ tls_session_update_crypto_params(struct tls_session *session, } else { - /* Very hacky workaround and quick fix for our calculation - * not correct to avoid a regression */ + /* Very hacky workaround and quick fix for frame calculation + * different when adjusting frame size when the original and new cipher + * are identical to avoid a regression with client without NCP */ return tls_session_generate_data_channel_keys(session); } diff --git a/src/openvpn/ssl.h b/src/openvpn/ssl.h index 2f6f7657..58a9b0d4 100644 --- a/src/openvpn/ssl.h +++ b/src/openvpn/ssl.h @@ -89,13 +89,6 @@ #define TLS_MULTI_HORIZON 2 /* call tls_multi_process frequently for n seconds after * every packet sent/received action */ -/* - * The SSL/TLS worker thread will wait at most this many seconds for the - * interprocess communication pipe to the main thread to be ready to accept - * writes. - */ -#define TLS_MULTI_THREAD_SEND_TIMEOUT 5 - /* Interval that tls_multi_process should call tls_authentication_status */ #define TLS_MULTI_AUTH_STATUS_INTERVAL 10
Signed-off-by: Arne Schwabe <arne@rfc2549.org> --- src/openvpn/ssl.c | 5 +++-- src/openvpn/ssl.h | 7 ------- 2 files changed, 3 insertions(+), 9 deletions(-)