From patchwork Tue Oct 18 14:37:04 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 2822 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director12.mail.ord1d.rsapps.net ([172.27.255.55]) by backend30.mail.ord1d.rsapps.net with LMTP id 0LsJOD26TmNHOAAAIUCqbw (envelope-from ) for ; Tue, 18 Oct 2022 10:37:49 -0400 Received: from proxy5.mail.iad3a.rsapps.net ([172.27.255.55]) by director12.mail.ord1d.rsapps.net with LMTP id gDfANz26TmMAVQAAIasKDg (envelope-from ) for ; Tue, 18 Oct 2022 10:37:49 -0400 Received: from smtp38.gate.iad3a ([172.27.255.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy5.mail.iad3a.rsapps.net with LMTPS id YCMQMD26TmNXEgAAhn5joQ (envelope-from ) for ; Tue, 18 Oct 2022 10:37:49 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp38.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: 6facb864-4ef2-11ed-bfa9-525400000c92-1-1 Received: from [216.105.38.7] ([216.105.38.7:48104] helo=lists.sourceforge.net) by smtp38.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 00/14-25769-C3ABE436; Tue, 18 Oct 2022 10:37:48 -0400 Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1oknia-0003kC-8X; Tue, 18 Oct 2022 14:37:20 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1okniX-0003k5-Ou for openvpn-devel@lists.sourceforge.net; Tue, 18 Oct 2022 14:37:17 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=Mvy2j9sMYDTwI552HJNs6TLVgCHGR0k0KzkNczTgOe8=; b=JRh6Dl7LhxvCtgKi6+8WN0Wjz1 0nsvNy/0GeryHoB7W/LcTBeatQCuFNAQTgyS6Q98zzby0s8aBpn1ZChGU1nloR9kH6rxLIJPZG9Gx wVBsHzqb3IClr+IaTqdeRjM5XZPFkPu59BIayuLJ7k6aE+MKdwJ7eTuEgArel7nW+syw=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:To:From: Sender:Reply-To:Cc:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=Mvy2j9sMYDTwI552HJNs6TLVgCHGR0k0KzkNczTgOe8=; b=h bA4Bo46yuh8/U1gvaIynJTlxuSJeqPZr+nbAOce2XXGGQm5eGMniUxfoUQvUVI8y+9HdBwpPNlYRS jGApDb1AQsyWMoT943afCpESMhcSguC+cDB6UAL+AAts46MTCxBuZTuHdrhypTtkqmmankqUxMfBO 7e+xN9/zHIKbB2Bs=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1okniT-0005es-H0 for openvpn-devel@lists.sourceforge.net; Tue, 18 Oct 2022 14:37:16 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.95 (FreeBSD)) (envelope-from ) id 1okniK-000BOv-Px for openvpn-devel@lists.sourceforge.net; Tue, 18 Oct 2022 16:37:04 +0200 Received: (nullmailer pid 2759573 invoked by uid 10006); Tue, 18 Oct 2022 14:37:04 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Tue, 18 Oct 2022 16:37:04 +0200 Message-Id: <20221018143704.2759522-1-arne@rfc2549.org> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: The previous commit 9a516170 forgot to change to allow more than 2 parameters to auth-gen-token, so you could eitherh ave renewal time or external-auth but not both. Also fix two instances of misspell [...] Content analysis details: (0.3 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record X-Headers-End: 1okniT-0005es-H0 Subject: [Openvpn-devel] [PATCH] Fix renewal spelling and actually allow external-auth with renewal time X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox The previous commit 9a516170 forgot to change to allow more than 2 parameters to auth-gen-token, so you could eitherh ave renewal time or external-auth but not both. Also fix two instances of misspelled auth-gen-token Signed-off-by: Arne Schwabe Acked-by: Gert Doering --- src/openvpn/options.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 60fec147..9f5e4b35 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -2635,7 +2635,7 @@ options_postprocess_verify_ce(const struct options *options, if (options->auth_token_generate && options->auth_token_renewal && options->auth_token_renewal < 2 * options->handshake_window) { - msg(M_USAGE, "--auth-gen-token reneweal time needs to be at least " + msg(M_USAGE, "--auth-gen-token renewal time needs to be at least " " two times --hand-window (%d).", options->handshake_window); @@ -7476,7 +7476,7 @@ add_option(struct options *options, &options->auth_user_pass_verify_script, p[1], "auth-user-pass-verify", true); } - else if (streq(p[0], "auth-gen-token") && !p[3]) + else if (streq(p[0], "auth-gen-token")) { VERIFY_PERMISSION(OPT_P_GENERAL); options->auth_token_generate = true; @@ -7484,7 +7484,7 @@ add_option(struct options *options, for (int i = 2; i < MAX_PARMS && p[i] != NULL; i++) { - /* the second parameter can be the reneweal time */ + /* the second parameter can be the renewal time */ if (i == 2 && positive_atoi(p[i])) { options->auth_token_renewal = positive_atoi(p[i]);