| Message ID | 20251016103308.4685-1-gert@greenie.muc.de |
|---|---|
| State | Accepted |
| Headers |
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Received: by 2002:a05:7000:7d42:b0:72f:f16c:e055 with SMTP id
fr2csp3790973mab;
Thu, 16 Oct 2025 03:33:19 -0700 (PDT)
X-Forwarded-Encrypted: i=2;
AJvYcCUVI8fc3cxs1MdoXQC2CHSQQsoIZqnnDVIeocgwn1DMji2+fPT9aaxcOXlaEeHtQgTgKg/NZh1dfD0=@openvpn.net
X-Google-Smtp-Source:
AGHT+IEVLn2JFeDA+HjGmDY63O7uvVY4ZUn6T20RthEV6RHzIepBRv8DekFpFWW4J4k3B5qZMwVQ
X-Received: by 2002:a05:6808:470c:b0:43d:2e4a:e5c0 with SMTP id
5614622812f47-441fb7ea9e9mr1659588b6e.1.1760610799450;
Thu, 16 Oct 2025 03:33:19 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1760610799; cv=none;
d=google.com; s=arc-20240605;
b=S5LfdhN1CwCsNNHd873kwZit7jgvHLAM6F0HdgXz44Aco7/epKdyRDXBQ1h8pijxdn
QCyiDTyDGGxPGWGI0o4xtOr6MuolyRIPrshqefW6W3LDhDSwou8qoZ5Qx3kTY0FHJdGJ
Oq3/mfYfmcvpcPHh2Q1EN1+pJ9ZdOPGdAEsvO1ge8K4X/crvAOL9YjLGEAMEQDkk63mq
hTVEUuBV0BcISm/N2AEDQ+yWPiE76QKLzwIi4w8G2ajGiBvvbOfwWDWP+Dbs5+jCItwt
Gy8XN/n+DWCqhj2xn64oeaP+OS5eA/U2HL+ANJBZMCbm+YzGnTN9niipKNZelRZW8R+n
ORHw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20240605;
h=errors-to:content-transfer-encoding:list-subscribe:list-help
:list-post:list-archive:list-unsubscribe:list-id:precedence:subject
:mime-version:references:in-reply-to:message-id:date:to:from
:dkim-signature:dkim-signature:dkim-signature;
bh=4Q8muR0shItjmy/2iiQnliT+Vm/p+CiW8awxsUG+Efw=;
fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=;
b=eQLmpNhWa6/tMMqUrNxm9L8B3Zn10FOc96/8T7WxtSmk7yRTFOjcAAS5f17JaUitSx
P7OX6j1pxitgeVwcel62aLsy+BaZ6tGwZKKjDrUeqnIDSyXZl3uA42GIr+VTQrNUvcMO
xuVvLoevianzWYy7dQTsrn1RTuVYeE7gUvoQXl+V3dtpnk9y3uVFl6NRxnchpCDlG5DA
gFvTkPz5ppdQRYVMlLWmlNM/V4q9eTcYvAzEx9TtKxU5gOvdcBaNkeFproUsN2XkWJ4s
9GMkbHOrT5Vy0LygB9wzUWCqzBqWeQI737bqKfkb5xzYwtKvsG+mhPvyNcprm54IWS22
f0EQ==;
dara=google.com
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@lists.sourceforge.net header.s=beta
header.b=YfTbn8LS;
dkim=neutral (body hash did not verify) header.i=@sourceforge.net
header.s=x header.b=nWKMS2aX;
dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
header.b="N/Isj648";
spf=pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de
Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7])
by mx.google.com with ESMTPS id
006d021491bc7-65018222ecbsi4240611eaf.160.2025.10.16.03.33.19
(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
Thu, 16 Oct 2025 03:33:19 -0700 (PDT)
Received-SPF: pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) client-ip=216.105.38.7;
Authentication-Results: mx.google.com;
dkim=pass header.i=@lists.sourceforge.net header.s=beta
header.b=YfTbn8LS;
dkim=neutral (body hash did not verify) header.i=@sourceforge.net
header.s=x header.b=nWKMS2aX;
dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
header.b="N/Isj648";
spf=pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type:
List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:
Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender:
Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From:
Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner;
bh=4Q8muR0shItjmy/2iiQnliT+Vm/p+CiW8awxsUG+Efw=; b=YfTbn8LS7SVLHHahks+1MQXuW4
znFC9fQLDPqgQLtoQvA7zAr+igPWQTOSR8g76PhRWYU1xdevc2aZgKqY9B76xX8bLU39pqFFyvnUJ
ZrGP8XYQgQ+H1Y9+YFECJMH86DrPWE3mtGDWHaSLyOuZcn9Lpy7e3Q2EI0liFVKsor7w=;
Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com)
by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95)
(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
id 1v9LIL-0005uQ-Gv;
Thu, 16 Oct 2025 10:33:17 +0000
Received: from [172.30.29.66] (helo=mx.sourceforge.net)
by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
(envelope-from <gert@blue4.greenie.muc.de>) id 1v9LIK-0005uK-Pa
for openvpn-devel@lists.sourceforge.net;
Thu, 16 Oct 2025 10:33:16 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References:
In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:
Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
List-Subscribe:List-Post:List-Owner:List-Archive;
bh=Q3FzfXOzGAl+pvkBo3ZkDXL4mUjHbDMAS2KL8Tjt40Q=; b=nWKMS2aXi02oIAdo00x7vTS31u
+TscIevs/NCryjdIND4+fEBOKLRrD6wF32uZADzvbWJgfBaE/dyp3FiU+iCqm+0FIA3SFqpjVEAMD
MkPW1Pj+fhNBQipI/mwBIFkAxW9s0SpYOlH/+RgLkza2QEIRcNvMofUf6bxoeZsmNXu8=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
;
h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID:
Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID:
Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
List-Post:List-Owner:List-Archive;
bh=Q3FzfXOzGAl+pvkBo3ZkDXL4mUjHbDMAS2KL8Tjt40Q=; b=N/Isj648FU/EOo7KRrwOFzhs9K
anI32v/USI+3j5wURFRJhnT3NnDDsmOElvdPnl5Kt0sko9/AQjRWYK0cAz3JEb8f2z99x63yhTb8F
n2+OJBxoUiAX7MffKp1OKNgvj2ea7bnXh2GW3Lu1QYhOnzUdmXJRe3xQKrLwniS7q3Pc=;
Received: from [193.149.48.134] (helo=blue.greenie.muc.de)
by sfi-mx-2.v28.lw.sourceforge.com with esmtps
(TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95)
id 1v9LIJ-0007Qy-PY for openvpn-devel@lists.sourceforge.net;
Thu, 16 Oct 2025 10:33:16 +0000
Received: from blue.greenie.muc.de (localhost [127.0.0.1])
by blue.greenie.muc.de (8.18.1/8.18.1) with ESMTP id 59GAX9NP004703
for <openvpn-devel@lists.sourceforge.net>; Thu, 16 Oct 2025 12:33:09 +0200
Received: (from gert@localhost)
by blue.greenie.muc.de (8.18.1/8.18.1/Submit) id 59GAX9JE004702
for openvpn-devel@lists.sourceforge.net; Thu, 16 Oct 2025 12:33:09 +0200
From: Gert Doering <gert@greenie.muc.de>
To: openvpn-devel@lists.sourceforge.net
Date: Thu, 16 Oct 2025 12:33:03 +0200
Message-ID: <20251016103308.4685-1-gert@greenie.muc.de>
X-Mailer: git-send-email 2.49.1
In-Reply-To:
<gerrit.1760441637000.Ia713a2ecfcad7032863867630a0c306ff9f90385@gerrit.openvpn.net>
References:
<gerrit.1760441637000.Ia713a2ecfcad7032863867630a0c306ff9f90385@gerrit.openvpn.net>
MIME-Version: 1.0
X-Spam-Score: 1.3 (+)
X-Spam-Report: Spam detection software,
running on the system "sfi-spamd-2.hosts.colo.sdot.me",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: From: Frank Lichtenheld <frank@lichtenheld.com> peer_id is
unsigned,
so the previous check was partly useless. Instead check use_peer_id.
Change-Id: Ia713a2ecfcad7032863867630a0c306ff9f90385 Signed-off-by: Frank
Lichtenheld <frank@lichtenheld.com> Acked-by: Arne Schwabe
<arne-openvpn@rfc2549.org>
Gerrit URL: https://gerrit.openvpn.net/c [...]
Content analysis details: (1.3 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
1.3 RDNS_NONE Delivered to internal network by a host with no rDNS
X-Headers-End: 1v9LIJ-0007Qy-PY
Subject: [Openvpn-devel] [PATCH v1] init: Fix datav2_enabled check in
options import
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
<mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive:
<http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
<mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox
X-GMAIL-THRID: =?utf-8?q?1846134229479194727?=
X-GMAIL-MSGID: =?utf-8?q?1846134229479194727?=
|
| Series |
[Openvpn-devel,v1] init: Fix datav2_enabled check in options import
|
|
Commit Message
Gert Doering
Oct. 16, 2025, 10:33 a.m. UTC
From: Frank Lichtenheld <frank@lichtenheld.com> peer_id is unsigned, so the previous check was partly useless. Instead check use_peer_id. Change-Id: Ia713a2ecfcad7032863867630a0c306ff9f90385 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1273 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1273 This mail reflects revision 1 of this Change. Acked-by according to Gerrit (reflected above): Arne Schwabe <arne-openvpn@rfc2549.org>
Comments
This is one of the "integer" patches that uncovered an actual logic
error - checking the wrong variable for the trigger "can I do epoch data?".
This did not hurt so far (because the other checks ensure the right
outcome) but I think it de-fuses the "data_v2 must be enabled!" sanity
check that would lead to not detecting a non-compliant client. So it's
good we found this in time :-)
Not tested beyond "looks reasonable, the BBs say it compiles fine"
(the netbsd test fails are due to stuck t_client process from a previous
test run abort).
Your patch has been applied to the master branch.
commit c124e50317e530394d9011ddde5653ccfdd94482
Author: Frank Lichtenheld
Date: Thu Oct 16 12:33:03 2025 +0200
init: Fix datav2_enabled check in options import
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1273
Message-Id: <20251016103308.4685-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg33365.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
--
kind regards,
Gert Doering
diff --git a/src/openvpn/init.c b/src/openvpn/init.c index aaa0573..aa2611d 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -2728,8 +2728,8 @@ /* Ensure that for epoch data format is only enabled if also data v2 * is enabled */ - bool epoch_data = (c->options.imported_protocol_flags & CO_EPOCH_DATA_KEY_FORMAT); - bool datav2_enabled = (c->options.peer_id >= 0 && c->options.peer_id < MAX_PEER_ID); + bool epoch_data = c->options.imported_protocol_flags & CO_EPOCH_DATA_KEY_FORMAT; + bool datav2_enabled = c->options.use_peer_id && c->options.peer_id < MAX_PEER_ID; if (epoch_data && !datav2_enabled) {