From patchwork Tue Feb 24 21:30:30 2026
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gert Doering <gert@greenie.muc.de>
X-Patchwork-Id: 4782
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Received: by 2002:a05:7000:6e08:b0:83c:d90d:321 with SMTP id bn8csp414962mab;
        Tue, 24 Feb 2026 13:30:55 -0800 (PST)
X-Forwarded-Encrypted: i=2;
 AJvYcCVZ+HV+Ythe9ceypU7iDToAdD8WL5PsRpVi7PF7wjUyY9oeFwltH4Ssh1pYz8XlUTWvAtE/vLD4vOA=@openvpn.net
X-Received: by 2002:a05:6870:328c:b0:409:5ef5:be0c with SMTP id
 586e51a60fabf-4157ac67e02mr5882575fac.12.1771968655511;
        Tue, 24 Feb 2026 13:30:55 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1771968655; cv=none;
        d=google.com; s=arc-20240605;
        b=EI7FSIAx0KCzuTm9u5f5oBHmxMDcYtL/C02nccGY593nIRK79KriAqF7evOxOHGvjz
         7/nEXg/9jFa1PCRSuBq6TMZsEXwheCbhiFLqa4kYTOZaYulbRL37DlJAQBJY6QWpO2c8
         ajNPABS4fkp/AD93xqe4a12qaOJq/RPwyF0LyIaQdFuySjov24jupWHBzQri55GKF6SX
         pQsVMhodu9oIe4GrBu7EeZsQ2fqioM4ltVjtbTC3toGZhrB2h3ZThtLI7hkykX2l5SZB
         YwarCdVceeoU5l8TUIS9dOQAJpKOcJtVP1VprLDv51eN3EMbe8h9Q2EMIa3Ytdmp2UUV
         slmw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
        h=errors-to:content-transfer-encoding:list-subscribe:list-help
         :list-post:list-archive:list-unsubscribe:list-id:precedence:subject
         :mime-version:references:in-reply-to:message-id:date:to:from
         :dkim-signature:dkim-signature:dkim-signature;
        bh=8EnJ+ouB2oH73P/H3UIuRM762pnIAHNerNz+d/xr0GQ=;
        fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=;
        b=GuiVPrkrHhM0hZDYCd7530K7+hNTFsnn65sA8khzrmGxcLcgCpNjZBay4vd5R1bN45
         Cwp43gqyk73d548IzjlEBivfWOv73Ye5wIJIjyaXrgW4zp+p+aI1giviqA41jKovNTzN
         zeclt6AnoebMmurRmG6AAi7FQ6KkrkQ7MAL5i4nSEebHy8YOcvwA8Wzarg5hnVwSBji+
         64JNz7DH8nQGMs02/HpKcHbt8o82Lkl8n9720/jkJ6XIzccJ6+NX3/4ilUutNAbQC/KL
         /+x1pi1XvxsxOZ9EhoCW+DLQuK92HrEaZvLcpqYBNudsNBAUROE9+K0eMuGvP1GHT9Bw
         jgzA==;
        dara=google.com
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@lists.sourceforge.net header.s=beta
 header.b="jiLq/mIG";
       dkim=neutral (body hash did not verify) header.i=@sourceforge.net
 header.s=x header.b=HVRMrKrB;
       dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
 header.b=EzTKntCX;
       spf=pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de
Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7])
        by mx.google.com with ESMTPS id
 586e51a60fabf-415d926c45csi1718589fac.180.2026.02.24.13.30.55
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Tue, 24 Feb 2026 13:30:55 -0800 (PST)
Received-SPF: pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) client-ip=216.105.38.7;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@lists.sourceforge.net header.s=beta
 header.b="jiLq/mIG";
       dkim=neutral (body hash did not verify) header.i=@sourceforge.net
 header.s=x header.b=HVRMrKrB;
       dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
 header.b=EzTKntCX;
       spf=pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type:
	List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:
	Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender:
	Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From:
	Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner;
	bh=8EnJ+ouB2oH73P/H3UIuRM762pnIAHNerNz+d/xr0GQ=; b=jiLq/mIGMgzLWYV3Evcx9ZvRRo
	WVmMVYMBPDIK46zWDHrJOu3nZa5ZBiUz1xMzPme0xaeCkMr1GOyd6o0/6NdJuy87GRKIlEglSCszv
	TRoC7WuPfEx0CqYJVozVkam7/DN8ZzeFlbRXiM8Ou05w0HvdY8Crcm68DErOyoZyHZh4=;
Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com)
	by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1vuzzY-0003g0-4s;
	Tue, 24 Feb 2026 21:30:52 +0000
Received: from [172.30.29.66] (helo=mx.sourceforge.net)
 by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
 (envelope-from <gert@blue4.greenie.muc.de>) id 1vuzzV-0003fc-Ht
 for openvpn-devel@lists.sourceforge.net;
 Tue, 24 Feb 2026 21:30:50 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References:
 In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:
 Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
 Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=LsxWxbfD/jyhBueF+q40nqhSrTzP91myQvjKcKKD698=; b=HVRMrKrBBDN6PJoGBo8rTwiglW
 2OMXMgFI7tZCdxmmHqB0QZ/5/JTqO+qJdSDs2Pcnsecv3M7ACYeiRXuAfe/w/roKnbg1g6qAz+wpP
 VRQFG+y/NgesRQfPX363Ahu9oJlsrC6w2lOvAuOYx1GLN0bEdff8zBgKcizcoef90xnE=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID:
 Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
 List-Post:List-Owner:List-Archive;
 bh=LsxWxbfD/jyhBueF+q40nqhSrTzP91myQvjKcKKD698=; b=EzTKntCX6EJHY4F7NXeOUcFvqN
 60aMZnQrQk7sGe/k7iSPODKoRaoDBQpxuxlVRyzqJqFPCR/gHxs9mO9MxRJWeevOV69ks9G77zgq5
 HoG20O7i7wpEpBHVUBiwykGg9C3/SWnw5uwc3uKooKono6iBia9ayMCv0G4QOWMuhkQk=;
Received: from [193.149.48.129] (helo=blue.greenie.muc.de)
 by sfi-mx-2.v28.lw.sourceforge.com with esmtps
 (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95)
 id 1vuzzU-00061I-Uy for openvpn-devel@lists.sourceforge.net;
 Tue, 24 Feb 2026 21:30:50 +0000
Received: from blue.greenie.muc.de (localhost [127.0.0.1])
 by blue.greenie.muc.de (8.18.1/8.18.1) with ESMTP id 61OLUai3031859
 for <openvpn-devel@lists.sourceforge.net>; Tue, 24 Feb 2026 22:30:36 +0100
Received: (from gert@localhost)
 by blue.greenie.muc.de (8.18.1/8.18.1/Submit) id 61OLUaWN031858
 for openvpn-devel@lists.sourceforge.net; Tue, 24 Feb 2026 22:30:36 +0100
From: Gert Doering <gert@greenie.muc.de>
To: openvpn-devel@lists.sourceforge.net
Date: Tue, 24 Feb 2026 22:30:30 +0100
Message-ID: <20260224213036.31845-1-gert@greenie.muc.de>
X-Mailer: git-send-email 2.52.0
In-Reply-To: 
 <gerrit.1771205254000.I76dc80a9d9b29e401b7bbd59e0c46baf751d2e4a@gerrit.openvpn.net>
References: 
 <gerrit.1771205254000.I76dc80a9d9b29e401b7bbd59e0c46baf751d2e4a@gerrit.openvpn.net>
MIME-Version: 1.0
X-Spam-Score: 1.3 (+)
X-Spam-Report: Spam detection software,
 running on the system "sfi-spamd-1.hosts.colo.sdot.me",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview: From: Selva Nair <selva.nair@gmail.com> All commands to the
 management interface are supposed to be responded with either a one-line
 "SUCCESS:/ERROR:" message or a multi-line reply terminated by "END". But,
 curently we silently accept the " [...]
 Content analysis details:   (1.3 points, 5.0 required)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS
X-Headers-End: 1vuzzU-00061I-Uy
Subject: [Openvpn-devel] [PATCH v5] Fixup version command on management
 interface
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox
X-GMAIL-THRID: =?utf-8?q?1858028438873434563?=
X-GMAIL-MSGID: =?utf-8?q?1858043805123394497?=

From: Selva Nair <selva.nair@gmail.com>

All commands to the management interface are supposed to be
responded with either a one-line "SUCCESS:/ERROR:" message
or a multi-line reply terminated by "END". But, curently we
silently accept the "version n" command wih no response. This
causes clients like OpenVPN-GUI lock-up if version command is
used, waiting for ever for a reply.

Fix this by adding a SUCCESS response if client version
is set to a value >= 4. As the highest client version in use
until now is 3, this should not affect any work-arounds in
existing clients. ERROR response is generated if the version
parameter is null which never happens in practice.

Change-Id: I76dc80a9d9b29e401b7bbd59e0c46baf751d2e4a
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1528
---

This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to master.

Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1528
This mail reflects revision 5 of this Change.

Acked-by according to Gerrit (reflected above):
Gert Doering <gert@greenie.muc.de>

diff --git a/doc/management-notes.txt b/doc/management-notes.txt
index 1a5c311..86b74f3 100644
--- a/doc/management-notes.txt
+++ b/doc/management-notes.txt
@@ -492,6 +492,10 @@
   version 2  -- Change management version of client to 2 (default = 1)
   version    -- Show the version of OpenVPN and its Management Interface
 
+Note: Until version 3, no response was generated when client sets its
+version. This was fixed starting version 4: clients should expect
+"SUCCESS: .. " message only when setting the version to >= 4.
+
 COMMAND -- auth-retry
 ---------------------
 
diff --git a/src/openvpn/manage.c b/src/openvpn/manage.c
index 37ae6b3..03ff5b3 100644
--- a/src/openvpn/manage.c
+++ b/src/openvpn/manage.c
@@ -1333,6 +1333,15 @@
     if (version)
     {
         man->connection.client_version = atoi(version);
+        /* Prior to version 3, we missed to respond to this command. Acknowledge only if version >= 4 */
+        if (man->connection.client_version >= 4)
+        {
+            msg(M_CLIENT, "SUCCESS: Management client version set to %d", man->connection.client_version);
+        }
+    }
+    else
+    {
+        msg(M_CLIENT, "ERROR: Invalid value specified for management client version");
     }
 }