[Openvpn-devel,29/28] Add workaround for Softether server dropping P_ACK_V1 with >= 5 acks

From: Arne Schwabe <arne@rfc2549.org>
To: openvpn-devel@lists.sourceforge.net
Date: Wed, 31 Aug 2022 15:41:40 +0200
Message-Id: <20220831134140.913337-2-arne@rfc2549.org>
In-Reply-To: <20220831134140.913337-1-arne@rfc2549.org>
References: <20220422134038.3801239-1-arne@rfc2549.org>
 <20220831134140.913337-1-arne@rfc2549.org>
MIME-Version: 1.0
Subject: [Openvpn-devel] [PATCH 29/28] Add workaround for Softether server
 dropping P_ACK_V1 with >= 5 acks
Precedence: list
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: openvpn-devel-bounces@lists.sourceforge.net

Message ID	20220831134140.913337-2-arne@rfc2549.org
State	Accepted
Delegated to:	Gert Doering
Headers	show Return-Path: <openvpn-devel-bounces@lists.sourceforge.net> From: Arne Schwabe <arne@rfc2549.org> To: openvpn-devel@lists.sourceforge.net Date: Wed, 31 Aug 2022 15:41:40 +0200 Message-Id: <20220831134140.913337-2-arne@rfc2549.org> In-Reply-To: <20220831134140.913337-1-arne@rfc2549.org> References: <20220422134038.3801239-1-arne@rfc2549.org> <20220831134140.913337-1-arne@rfc2549.org> MIME-Version: 1.0 preview: Softether had the number of ACKs in ANY OpenVPN packet limited to 4 and dropped packets with more than 4 ACKs. This leads to Softether dropping P_ACK_V1 packets with more than 4 ACKs as invalid. As th [...] Content analysis details: (0.3 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record Subject: [Openvpn-devel] [PATCH 29/28] Add workaround for Softether server dropping P_ACK_V1 with >= 5 acks Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox
Series	Stateless three-way handshake and control channel improvements \| expand [Openvpn-devel,00/28] Stateless three-way handshake and control channel improvements [Openvpn-devel,01/28] Remove tls_init_control_channel_frame_parameters wrapper function [Openvpn-devel,02/28] Remove dead PID_TEST code [Openvpn-devel,03/28] Move pre decrypt lite check to its own function [Openvpn-devel,04/28] Add documentation for swap_hmac function [Openvpn-devel,05/28] Extend tls_pre_decrypt_lite to return type of packet and keep state [Openvpn-devel,06/28] Move ssl function related to control channel wrap/unwrap to ssl_pkt.c/h [Openvpn-devel,07/28] Add unit tests for test_tls_decrypt_lite [Openvpn-devel,08/28] Split out reliable_ack_parse from reliable_ack_read [Openvpn-devel,09/28] Remove inc_pid argument from reliable_mark_deleted that is always true [Openvpn-devel,10/28] Remove EXPONENTIAL_BACKOFF define [Openvpn-devel,11/28] Refactor tls-auth/tls-crypt wrapping into into own function [Openvpn-devel,12/28] Extract session_move_pre_start as own function, use local buffer variable [Openvpn-devel,13/28] Change FULL_SYNC macro to no_pending_reliable_packets function [Openvpn-devel,14/28] Move tls_process_state into its own function [Openvpn-devel,15/28] Remove pointless indentation from tls_process. [Openvpn-devel,16/28] Move CRL reload to key_state_init from S_START transition [Openvpn-devel,17/28] Implement constructing a control channel reset client as standalone fucntion [Openvpn-devel,18/28] Implement stateless, HMAC basedsesssion id three way handshake [Openvpn-devel,19/28] Make buf_write_u8/16/32 take the type they pretend to take [Openvpn-devel,20/28] Change reliable_get_buf_sequenced to reliable_get_entry_sequenced [Openvpn-devel,21/28] Extract read_incoming_tls_ciphertext into function [Openvpn-devel,22/28] Implement HMAC based session id for tls-crypt v2 [Openvpn-devel,23/28] Optimise three-way handshake condition for S_PRE_START to S_START [Openvpn-devel,24/28] Extract read_incoming_tls_plaintext into its own function [Openvpn-devel,25/28] Ensure that control channel packet are respecting tls-mtu [Openvpn-devel,26/28] Allow setting control channel packet size with tls-mtu [Openvpn-devel,27/28] Add unit test for reliable_get_num_output_sequenced_available [Openvpn-devel,28/28] Always include ACKs for the last seen control packets [Openvpn-devel,29/28] Add workaround for Softether server dropping P_ACK_V1 with >= 5 acks

[Openvpn-devel,29/28] Add workaround for Softether server dropping P_ACK_V1 with >= 5 acks

Commit Message

Comments

Patch