| Message ID | 20260315184337.1541272-2-luca.boccassi@gmail.com |
|---|---|
| State | New |
| Headers | show
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Received: by 2002:a05:7000:2755:b0:83c:d90d:321 with SMTP id j21csp2448345maq;
Sun, 15 Mar 2026 11:44:03 -0700 (PDT)
X-Forwarded-Encrypted: i=2;
AJvYcCX+x1P/gfwEY7RVMgOSZlNj2FqQrBOUFz/T/rdURPZ6n5KIq9X8sumCqpJDblx7rohoEeZ85RmQCCk=@openvpn.net
X-Received: by 2002:a05:6820:214:b0:67b:d547:26d9 with SMTP id
006d021491bc7-67bda8865eamr6826325eaf.0.1773600243544;
Sun, 15 Mar 2026 11:44:03 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1773600243; cv=none;
d=google.com; s=arc-20240605;
b=D3Hu3zjXVu1V/psNunaqQvPIh/p1pg7WZ+VymfxEGvSvDunqOOkGoCYII8ljU/xbte
mmNVftu8i6eWvZjJ0zEv1jZskwWL7mrWH/A5XkQtRCrmjy+4vavuN+tPeuv/0muxUEg/
D7pZ9tsgol5WBCcT/cv1VcpweweaihpQ/J/mPh7HXXXQbRCAPCBMPHoCW4kIGmL8tTB5
0N28S57ioB8RPEAyod3rIEMNjnO47UGNMQoissj9f27q7wv7HlAzfZvntGeB4sZxhGyv
ywzh+gq6aEkVnqqTRYUpSJo35Fg/3GWPRFZLvEwSw6kc1p22V5vR+rTIk1Di2bWdzWvK
i1lQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20240605;
h=errors-to:content-transfer-encoding:cc:list-subscribe:list-help
:list-post:list-archive:list-unsubscribe:list-id:precedence:subject
:mime-version:references:in-reply-to:message-id:date:to:from
:dkim-signature:dkim-signature:dkim-signature:dkim-signature;
bh=XM92qzFANwfMcYKqaUJjK8Yhf3v48vAdUPsjy+MKGls=;
fh=FRWMOQmE4vArX8xPll5WCJJjcBedLRfud2/cHUpioeU=;
b=YzFRafyFiu8vFNpWJ2C64mEHdFnfo2Z+0nMGoy3Q/L2599Evbs+gruLj1DWCjIN/mz
oXqsiteWCx6AjYRkXxdVBn/33fSfNOehgEVHMy8UEqCGtzei0Sf9kyyOmQ/Ko+5Uu4ew
N7pbV5i58e/sHX0GdwGI+6OTDtODQ2vi8/XoJnTW1XutfEDyrFroc8CURtI9jPiZUVP+
ty+PQzQswi5gwBdQmgVPmLFnHPJI0G/c0hi+qSaC3GOo9TYyw6bvohxN1/G5Newm3uoV
za0dYVgV1TJ2OEQqalv10PXNYRKnE0+IQMLLTiINbujVmkGdhaL9lFUOysRmRXyKY+Rv
7Jlg==;
dara=google.com
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@lists.sourceforge.net header.s=beta
header.b=Y+AhwD+0;
dkim=neutral (body hash did not verify) header.i=@sourceforge.net
header.s=x header.b=XeO6Tphu;
dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
header.b=gLdhw2C9;
dkim=neutral (body hash did not verify) header.i=@gmail.com
header.s=20230601 header.b="IZn/DNFS";
spf=pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;
dara=neutral header.i=@openvpn.net
Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7])
by mx.google.com with ESMTPS id
006d021491bc7-67bc9322478si7073176eaf.83.2026.03.15.11.44.03
(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
Sun, 15 Mar 2026 11:44:03 -0700 (PDT)
Received-SPF: pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) client-ip=216.105.38.7;
Authentication-Results: mx.google.com;
dkim=pass header.i=@lists.sourceforge.net header.s=beta
header.b=Y+AhwD+0;
dkim=neutral (body hash did not verify) header.i=@sourceforge.net
header.s=x header.b=XeO6Tphu;
dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
header.b=gLdhw2C9;
dkim=neutral (body hash did not verify) header.i=@gmail.com
header.s=20230601 header.b="IZn/DNFS";
spf=pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;
dara=neutral header.i=@openvpn.net
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type:Cc:
List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:
Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender:
Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender
:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner;
bh=XM92qzFANwfMcYKqaUJjK8Yhf3v48vAdUPsjy+MKGls=; b=Y+AhwD+0S4OzwizLHGV1dBJnKd
qGIsIF3ZK8T8nDFaV4Y1j+cDZ9qNmPdi3fiy4U8UiMRmp3YYdE8gDNpAeWBjJLLPD+AjXNL+OoIaE
EH5CfqQrjOEalrABRc3rwFkLeMCKsxaUX0nnpZhRjZCRKxP1rV3Rqx9drIYINzjJadg4=;
Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com)
by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95)
(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
id 1w1qRT-00049B-Ou;
Sun, 15 Mar 2026 18:44:00 +0000
Received: from [172.30.29.66] (helo=mx.sourceforge.net)
by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
(envelope-from <luca.boccassi@gmail.com>) id 1w1qRS-00048s-53
for openvpn-devel@lists.sourceforge.net;
Sun, 15 Mar 2026 18:43:58 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References:
In-Reply-To:Message-ID:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:
Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
List-Subscribe:List-Post:List-Owner:List-Archive;
bh=znggBQvKt9TLYQqMPOm+ITTICpbLQIiOFj4TQ7DzGCM=; b=XeO6Tphuhor7Cuvy8QM2uqKVP7
xpkJmg9gkf4Y9BLgTUazGnAk6izKHJCNhg+jLrt6bCQdgDChxHg/XJ2gOGSCEz7WN60mp4ObONyaL
JaC8YS50zCwTGoaDEqHyN6WSs5jhl/jNQMIgwaqy4b9Xg3YcWwKDyh6V1xeKfzwElG/c=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
;
h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID:
Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID:
Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
List-Post:List-Owner:List-Archive;
bh=znggBQvKt9TLYQqMPOm+ITTICpbLQIiOFj4TQ7DzGCM=; b=gLdhw2C9kfMNEMS1MHkVZwp7jw
+s14I0uFhjtxvKFolKcFPml88n96fvKrUTTkDwVqlQ/CMivODkzFIUHWFFjL+z1hENqYjTMRw47YN
R5lbpw4O5xfjbKN0AQMAhZbj7C97SnMILIwCZXA5CcM9OwH6+ylPOf/o0TZo6Lb0/nJ0=;
Received: from mail-wr1-f52.google.com ([209.85.221.52])
by sfi-mx-2.v28.lw.sourceforge.com with esmtps
(TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95)
id 1w1qRS-0000OF-CQ for openvpn-devel@lists.sourceforge.net;
Sun, 15 Mar 2026 18:43:58 +0000
Received: by mail-wr1-f52.google.com with SMTP id
ffacd0b85a97d-439b9cf8cb5so4370540f8f.0
for <openvpn-devel@lists.sourceforge.net>;
Sun, 15 Mar 2026 11:43:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20230601; t=1773600226; x=1774205026;
darn=lists.sourceforge.net;
h=content-transfer-encoding:mime-version:references:in-reply-to
:message-id:date:subject:cc:to:from:from:to:cc:subject:date
:message-id:reply-to;
bh=znggBQvKt9TLYQqMPOm+ITTICpbLQIiOFj4TQ7DzGCM=;
b=IZn/DNFSVQcDJi6pg2FM+6kNSxSLBLM2wHmykzTAaCnNx4uqksolXAdhqOw/FxjWuL
ZhbZVwW1qylFNi3KZjmwZ3l5CP0wSfNU9Pdd0ZZXD21MIfsMp51zdbB3bINa2jG6H6Wb
QgFWID+VsVSh1lXxgpCyEaVNlxbAS0X2hN/XDvFVL5dEq8S7uyVVZKmR+9xelQDmC1Rc
gb3DgyoP5T1WWyX++Wb8XIrp9rzvUM6eSHD6Tmmo2fmF+vtAwUoFy1Wis09l5KQyfNQz
5gdmklub/sD1ZlxelYPYAafunUVpCT3cY5/0Y0Y+a/9LXOTIEAFoXnuYRt4nlC/g6pRF
GYhw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20251104; t=1773600226; x=1774205026;
h=content-transfer-encoding:mime-version:references:in-reply-to
:message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
:to:cc:subject:date:message-id:reply-to;
bh=znggBQvKt9TLYQqMPOm+ITTICpbLQIiOFj4TQ7DzGCM=;
b=ZRKJUyU5mmTvJriu3MYRf5Y+P/s73qGHfzJpBjyQ5gJQCPc3GOLWZk+mvvl9/Eqc04
TyJ8Cqxlmo8HLXRxb2i9fVrGjTXhlvhbeAVG6CFSmMjgm0Kcp6MiCwFF3K9JFKxzjQIa
mwgbMUXk5g/Lsg1VdIvoj5cAAIiFxXLEXuNm+W3nuQ3WE+i/z1ff2udOvPGLgBrNIoXV
kjeR0jPoPs8sy7uQnzluoXQEFJIVYp17LVTCAxJSGwdDv8Uw+A9K3EbbbTzgSfHA9Yu0
AGXi3Nm1zmHsegbLxQaKJhQtEofbffxEHttpMU0q+uGUJGtNuTyTl+scKYydolKiosJJ
qgWg==
X-Gm-Message-State: AOJu0YzNOkGvR+QFbRS+xLnUBAppWXGDnYr6rkLWyyW5MumCBzAr0yr9
HhQxBZgJ1miVX0LQkPxQESWbg3uFo4zsM/bWqgS5CfGC0N12heuyysdkcxeY6g==
X-Gm-Gg: ATEYQzzhWbfprf32fCnX7uIgXxZC1L67zX1AXiU4ImcW8aj3UygHw/Hb1VvOZ/grp8l
y4WfQhpuJQVyQnrr4E/aiPsJa+QmzlyN/vfwSvDC/mnslHSbuqtqh9CdK0glZEAXRG8UkeKbwLH
SwFQ6SBiXk98JwuCd4ZRUVmvZ4TrKBOx4AFlHqm9den6nfk48J8ZDY5s8rN7KbpCSRRT21s98by
WMjbMRluN5+o5sfywHu/auzo0nUFSkVLB1lHXZhCn26QYobxdoCJcCh2F23RMQcs7P2D6PQh8FH
ftW1Hh+8y0dSkyNVtiBvFiyKw+67WdAZ42dfgmcnZyN/MLSpW6gj3D+2bGKZvHKe9rKhvyT8dNk
9nVVx/9TkGWCmygK9vIQGAYCV0t2xlJLKj/W5TBUz65DI2aKlXIkXXerRYDQjSdOyZfr0Zz2AJj
2/OjLZDNbdJo3TDrsmAqYpYzC7fhwo+RGWbca2y4M=
X-Received: by 2002:a5d:5f53:0:b0:439:b624:5ce1 with SMTP id
ffacd0b85a97d-43a04db6580mr18780110f8f.33.1773600226381;
Sun, 15 Mar 2026 11:43:46 -0700 (PDT)
Received: from localhost ([2a01:4b00:d036:ae00:16d6:15ec:8b51:78c3])
by smtp.gmail.com with UTF8SMTPSA id
ffacd0b85a97d-439fe20bb90sm37365011f8f.19.2026.03.15.11.43.45
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Sun, 15 Mar 2026 11:43:45 -0700 (PDT)
From: luca.boccassi@gmail.com
To: openvpn-devel@lists.sourceforge.net
Date: Sun, 15 Mar 2026 18:39:55 +0000
Message-ID: <20260315184337.1541272-2-luca.boccassi@gmail.com>
X-Mailer: git-send-email 2.47.3
In-Reply-To: <20260315184337.1541272-1-luca.boccassi@gmail.com>
References: <20260315184337.1541272-1-luca.boccassi@gmail.com>
MIME-Version: 1.0
X-Spam-Score: 0.8 (/)
X-Spam-Report: Spam detection software,
running on the system "sfi-spamd-1.hosts.colo.sdot.me",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: From: Luca Boccassi When authenticating via a JWT token 2048
bytes are not enough, which breaks the auth process. In my local case the
token is ~2100 bytes. Bump the maximum harcoded size from 2k to 8k to leave
some head [...]
Content analysis details: (0.8 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
domain
-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from
envelope-from domain
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
[luca.boccassi(at)gmail.com]
1.0 FORGED_GMAIL_RCVD 'From' gmail.com does not match 'Received' headers
0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.221.52 listed in wl.mailspike.net]
X-Headers-End: 1w1qRS-0000OF-CQ
Subject: [Openvpn-devel] [PATCH 1/2] Increase TLS_CHANNEL_BUF_SIZE from 2048
to 8192
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
<mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive:
<http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
<mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Cc: Luca Boccassi <luca.boccassi@gmail.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox
X-GMAIL-THRID: =?utf-8?q?1859754648820128287?=
X-GMAIL-MSGID: =?utf-8?q?1859754648820128287?=
|
| Series |
Two small fixes for auth via tokens
|
expand
|
diff --git a/src/openvpn/common.h b/src/openvpn/common.h index aa7b7217..fbe6239a 100644 --- a/src/openvpn/common.h +++ b/src/openvpn/common.h @@ -67,7 +67,7 @@ typedef unsigned long ptr_type; * maximum size of a single TLS message (cleartext). * This parameter must be >= PUSH_BUNDLE_SIZE */ -#define TLS_CHANNEL_BUF_SIZE 2048 +#define TLS_CHANNEL_BUF_SIZE 8192 /* TLS control buffer minimum size *