From patchwork Mon Feb 20 09:06:01 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lev Stipakov X-Patchwork-Id: 3089 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7300:c95:b0:82:e4b3:40a0 with SMTP id p21csp1575115dyk; Mon, 20 Feb 2023 01:07:22 -0800 (PST) X-Google-Smtp-Source: AK7set+gygHhhGLPPp6p4ZHlKI3A7hxrUD9dui3XCteShvrlAUKX0PmxX4zY5sVNvDIk4xDN9BIH X-Received: by 2002:a05:6870:1716:b0:16d:f39d:2ac with SMTP id h22-20020a056870171600b0016df39d02acmr6390306oae.15.1676884042543; Mon, 20 Feb 2023 01:07:22 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1676884042; cv=none; d=google.com; s=arc-20160816; b=I0CTDCv7CD7vPXiwmbPONh38zmoJIEzaxTVtnn2MBSYknvXZSMTYMdlTdlXpoEbAh2 yjNWq6W+rXNRu6Qofo9HX34TZ1mWLLX3oexZRiBU08BzHk+zWFPPPJsDrzus1YN8DSSs 0+LKaevOOqPzGWYhX2Ko6dUPiX/lONHRAWHFx93S32l6P3JBjau6Nqb9bLkJIK0N2m+E 5tkjcj/b6KCxutPwI4Id7rc9d+TU6ykRni9M15ZLWJJSw+2c2/y9SmS9YF+mYKetMH1u b3NB9FUqaD0sR0CifrL0Y9unYlJ/DMQarlGIos5midk/e8tMoa3jArSt7YrJ8D0qUgGv Xcow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:cc:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=Q/FlCDUIMrH1kFeqYK/O4xtiadhrb6d1MNMlHp78TmI=; b=UQwj9b0nfofWbWDpe5lbMjV9dqPdAcWfTtZ6dB08YnjTRR1oUAtKyyeNeBL5D1Oqnw B0z2Fqnb1naHHPE1/79PPXSrY/TPbYLFA/BuWBYgIRwtKEtRrZW4UH+Vz5iK2JcPk3g0 W04f1lK/ex64mglrOsy4kfvvrZ4K9Lt/JXdl+WOh/nfoTgtKYbniFDI6P8NWXIL5PguZ lkrtlattiVmTFx8eTqZf1ZwSIsoLCCIqYbT9pNJpdtkdz8WA8M6NMXITNr9wCilbCfVP LyJII+zylcUqLO46kGpCoyHwJySDZp13ZG+5Yv4DEPKoC5lASsL6QVvvUslDueGm2hCO D9Jg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=FBKoAhI5; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=AeLqVWyS; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20210112 header.b=QkrMTMlp; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id yx24-20020a056871251800b00142e9f75220si13170762oab.200.2023.02.20.01.07.22 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 20 Feb 2023 01:07:22 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=FBKoAhI5; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=AeLqVWyS; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20210112 header.b=QkrMTMlp; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1pU27z-0000lv-Ii; Mon, 20 Feb 2023 09:06:30 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1pU27x-0000lj-An for openvpn-devel@lists.sourceforge.net; Mon, 20 Feb 2023 09:06:28 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=O3Q2UD3R6LB7qJNhH5zWSDjcDzgZ4J2z7zJ8qgpZwws=; b=FBKoAhI5X0Dm6BkPhPT3NczKBF VzHOM65ALKj7lVXUEGTMIXJGj0SPnJolXR6vU5eMy77xN/xRTIfHrrDO6dfgfmfr2+lOKeBFnA8yg 2hVnVm0m1YBE+cENJZw3xhnyICuSi/MCPH9V6Jo2owJ/LXA/Xo0AKFzTCLeb5PznohT8=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=O3Q2UD3R6LB7qJNhH5zWSDjcDzgZ4J2z7zJ8qgpZwws=; b=AeLqVWySgCPd/JYiDxZlcQ8XLM 0kMvw92T8BNM2AFhulCgm2GupA7w4VEks2PXngAqGRiqlvkTpD+zae4+lC7mH8KJIqqnyASG0zuC9 EkgVXVDc5AM51dkm5Y64G2q1yQJdiSB2Kqo+jL4bPpnBYkyVo2ygYI7oXNnckhmMrFM0=; Received: from mail-lf1-f50.google.com ([209.85.167.50]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95) id 1pU27t-00B04z-9W for openvpn-devel@lists.sourceforge.net; Mon, 20 Feb 2023 09:06:28 +0000 Received: by mail-lf1-f50.google.com with SMTP id x24so924740lfr.1 for ; Mon, 20 Feb 2023 01:06:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=O3Q2UD3R6LB7qJNhH5zWSDjcDzgZ4J2z7zJ8qgpZwws=; b=QkrMTMlpdRDXm8bNwlWGXamNnYr8in+B3YAXqYcjs6t+V4q1/OGEJP6qmt9+FF2Cyq 9ppiKl/X2O/qfiH+vd6DE0yfUql113Q+nmPR6b8LyZlYCgAS6mp0o4MuqS8gfgZJXQ/E W1oTAyAacgRLe07zIqCua8kiy/w/Zf6ozE89vgSi+91+NWmSl1ecre7Z3D8gH7LeuLSu U/hS17wwNQzlk7bKuTtTFArxGsSMMZas/uk7ts1O1SSZtO33876eDzgnqTzI/3Xl2nWH ElsQZxNr+uBK7fRH2Iu6U1BYj0XkNolFsHoQ4YaFnFgidr4YM/ALPkKp+bvojUpzL4jj SMlg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=O3Q2UD3R6LB7qJNhH5zWSDjcDzgZ4J2z7zJ8qgpZwws=; b=iMQtNyH8MwPgJuVSLTm71zZ98SUQclhjN/QjYmUfthpyR1vX/DGav4xqIBnlmzq7qb SR0FAeOEYI0HHAjvMvjJxaVYX5/gc459PNFGvWxDk0cAn2CH1gH4+0qAPm+cZXczPMrN cvmAPqHsKe7b0ARsorMMYrrM5rbuhPvgmwWXs0hcbBd2R6veoz98tybHNGH629zsYwnm k+oylKFA27gJ0N+cbecs3JO3FMePox3N6ETmeaXyL9/1ugjRdFxe56rxGLeyPyFLkeDR pZTTyikOi9QWkwXZxR0G9UXmplb8wemWnexW7BxdLiwxN61MjpJoLtgqkNq+iIvnqgkH jE8w== X-Gm-Message-State: AO0yUKUeIacbuK3appLqj00cJTGJU4CmQEJWeECU7Lr5WUvav3qtkTzw MC5WbkC/yYYNc9nuwUwy/WSDq/7l3Cc= X-Received: by 2002:ac2:52b3:0:b0:4db:2cd6:1a01 with SMTP id r19-20020ac252b3000000b004db2cd61a01mr141536lfm.32.1676883978276; Mon, 20 Feb 2023 01:06:18 -0800 (PST) Received: from localhost.localdomain ([2a00:1d50:3:0:e51e:b4b4:af07:6244]) by smtp.gmail.com with ESMTPSA id c26-20020ac244ba000000b004b58500383bsm1474042lfm.272.2023.02.20.01.06.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 20 Feb 2023 01:06:17 -0800 (PST) From: Lev Stipakov To: openvpn-devel@lists.sourceforge.net Date: Mon, 20 Feb 2023 11:06:01 +0200 Message-Id: <20230220090601.983-1-lstipakov@gmail.com> X-Mailer: git-send-email 2.38.1.windows.1 In-Reply-To: <20230220085640.1519-1-lstipakov@gmail.com> References: <20230220085640.1519-1-lstipakov@gmail.com> MIME-Version: 1.0 X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Lev Stipakov DCO doesn't support proxy and we already disable DCO is proxy is set in profile. Signed-off-by: Lev Stipakov --- v2: use dco_enabled() helper function Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [lstipakov[at]gmail.com] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.167.50 listed in list.dnswl.org] -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.167.50 listed in wl.mailspike.net] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid X-Headers-End: 1pU27t-00B04z-9W Subject: [Openvpn-devel] [PATCH v2] Disabe DCO if proxy is set via management X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Lev Stipakov Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1758339745826952585?= X-GMAIL-MSGID: =?utf-8?q?1758340361703291754?= From: Lev Stipakov DCO doesn't support proxy and we already disable DCO is proxy is set in profile. Signed-off-by: Lev Stipakov Acked-by: Antonio Quartulli --- v2: use dco_enabled() helper function src/openvpn/init.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/openvpn/init.c b/src/openvpn/init.c index b500d354..622239f6 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -223,6 +223,12 @@ management_callback_proxy_cmd(void *arg, const char **p) } else if (p[2] && p[3]) { + if (dco_enabled(&c->options)) + { + msg(M_INFO, "Proxy set via management, disabling Data Channel Offload."); + c->options.tuntap_options.disable_dco = true; + } + if (streq(p[1], "HTTP")) { struct http_proxy_options *ho;