From patchwork Fri Sep 9 09:59:01 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 2748 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director14.mail.ord1d.rsapps.net ([172.31.255.6]) by backend30.mail.ord1d.rsapps.net with LMTP id yGXQED+bG2PUSQAAIUCqbw (envelope-from ) for ; Fri, 09 Sep 2022 15:59:59 -0400 Received: from proxy1.mail.iad3b.rsapps.net ([172.31.255.6]) by director14.mail.ord1d.rsapps.net with LMTP id SEGiED+bG2MWVgAAeJ7fFg (envelope-from ) for ; Fri, 09 Sep 2022 15:59:59 -0400 Received: from smtp5.gate.iad3b ([172.31.255.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy1.mail.iad3b.rsapps.net with LMTPS id 0NK3CT+bG2NiKwAALM5PBw (envelope-from ) for ; Fri, 09 Sep 2022 15:59:59 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp5.gate.iad3b.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: fb10f754-3079-11ed-beef-525400155d63-1-1 Received: from [216.105.38.7] ([216.105.38.7:45302] helo=lists.sourceforge.net) by smtp5.gate.iad3b.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id F8/F3-14519-E3B9B136; Fri, 09 Sep 2022 15:59:58 -0400 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1oWk9h-0002en-VJ; Fri, 09 Sep 2022 19:59:26 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1oWk9g-0002eg-DU for openvpn-devel@lists.sourceforge.net; Fri, 09 Sep 2022 19:59:25 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=bz6GsVsuP1k7M39dDl+6DHe5Rpi/OYdelubHtKmdbVs=; b=CaB5VMK7yt5ZHM8MZRfpgEqU+H /O7KjChuGPmuOtZ+dh9gX1gswlAJ0FV2AdJSApnlJ0Ybnn8pZuJ77lX6EgEk82sh7DaUrBT39BJF1 GSduClnkrxJJ7aYNg32E3hlUTrrT0z4BuOxSnYZrVitUoXPfynLnRsO5CvAQYQPP/gZ8=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=bz6GsVsuP1k7M39dDl+6DHe5Rpi/OYdelubHtKmdbVs=; b=lyw013Qu3qIwGr9p6XyQvkm/H2 5B1hZZgWwBnme3PzOyK87Td3fJMOcS0AJKYtTRB0BOUAjmZ+mnUQnC8TEo5rXV1Jy27W4VVtSCPPF 0foOfe4tyqCsHcxBZhIM9MKgWzuDzOKYsF0vfCd298RSL26+ynTUn+EqtJ5x5PYVecW0=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1oWk9n-0002pA-P2 for openvpn-devel@lists.sourceforge.net; Fri, 09 Sep 2022 19:59:24 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.95 (FreeBSD)) (envelope-from ) id 1oWk9W-000IjP-R3 for openvpn-devel@lists.sourceforge.net; Fri, 09 Sep 2022 21:59:02 +0200 Received: (nullmailer pid 2011847 invoked by uid 10006); Fri, 09 Sep 2022 19:59:02 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Fri, 9 Sep 2022 21:59:01 +0200 Message-Id: <20220909195902.2011798-2-arne@rfc2549.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220909195902.2011798-1-arne@rfc2549.org> References: <20220909195902.2011798-1-arne@rfc2549.org> MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: The current approach of checking a string buffer is a bit clunky and also not very extensible. Refactor this by collecting the flags in a buffer. Signed-off-by: Arne Schwabe --- src/openvpn/push.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) Content analysis details: (0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 T_SCC_BODY_TEXT_LINE No description available. X-Headers-End: 1oWk9n-0002pA-P2 Subject: [Openvpn-devel] [PATCH 2/3] Use buffer to prepare protocol-flags push-reply X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox The current approach of checking a string buffer is a bit clunky and also not very extensible. Refactor this by collecting the flags in a buffer. Signed-off-by: Arne Schwabe --- src/openvpn/push.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/src/openvpn/push.c b/src/openvpn/push.c index 0a66902a8..989316130 100644 --- a/src/openvpn/push.c +++ b/src/openvpn/push.c @@ -647,14 +647,18 @@ prepare_push_reply(struct context *c, struct gc_arena *gc, } } + struct buffer proto_flags = alloc_buf_gc(128, gc); + if (o->imported_protocol_flags & CO_USE_CC_EXIT_NOTIFY) { - const char *ekm = ""; + buf_printf(&proto_flags, " cc-exit"); + + /* if the cc exit flag is supported, pushing tls-ekm via protocol-flags + * is also supported */ if (o->imported_protocol_flags & CO_USE_TLS_KEY_MATERIAL_EXPORT) { - ekm = " tls-ekm"; + buf_printf(&proto_flags, " tls-ekm"); } - push_option_fmt(gc, push_list, M_USAGE, "protocol-flags cc-exit%s", ekm); } else if (o->imported_protocol_flags & CO_USE_TLS_KEY_MATERIAL_EXPORT) { @@ -662,6 +666,10 @@ prepare_push_reply(struct context *c, struct gc_arena *gc, } + if (buf_len(&proto_flags) > 0) + { + push_option_fmt(gc, push_list, M_USAGE, "protocol-flags%s", buf_str(&proto_flags)); + } return true; }