| Message ID | 20260520101152.17453-1-gert@greenie.muc.de |
|---|---|
| State | New |
| Headers |
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Received: by 2002:a05:7000:b695:b0:861:c897:cb9d with SMTP id
dh21csp740792mab;
Wed, 20 May 2026 03:12:36 -0700 (PDT)
X-Forwarded-Encrypted: i=2;
AFNElJ+TckTCr24XZD0183atWUXQNe32QbLxbMdNDdIkUxmGaz8amcwz2PAJ3ITvNL1YRoWo0QTf9MZMvFI=@openvpn.net
X-Received: by 2002:a05:6830:2b25:b0:7d7:f13a:761c with SMTP id
46e09a7af769-7e4fa059df2mr16790437a34.23.1779271955880;
Wed, 20 May 2026 03:12:35 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1779271955; cv=none;
d=google.com; s=arc-20240605;
b=ipz6hXjH5yFjNxnhOZai6BNwD1RelkCHb6sVXgPo0zAsC5KQ1WDXUTAG2ELTs0RDiN
6ouSBmMrV/qjTGXK8pnGoTQAblTh7nrIfxkvvGRbGFuTKTJMb6wvZ8K7ctaRHAZCm3vY
k1Za/N+4ehVuhW1hTxDJaP6zAfutY3cK/9IxjQ+7unu+I/wodMYtFhIl3qSDeQ6Iq8Qk
ZUqf9p8X0VnjYOZtC1uSAYk4+vkiQHUhV+HDq8qzOKhF1DY+26/UWPDqdlgMia0hAT/6
zFPwzEWdgCt1wDZfNhUrfh0LpNr1VFk2KRllLZm8d480Z2kIDMuAmY1ucD+SqjrIHAYm
FN6g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20240605;
h=errors-to:content-transfer-encoding:list-subscribe:list-help
:list-post:list-archive:list-unsubscribe:list-id:precedence:subject
:mime-version:references:in-reply-to:message-id:date:to:from
:dkim-signature:dkim-signature:dkim-signature;
bh=bcQ1+iD05937PR7AST9NioJnlkGhHMAH6+ZTWX7oKmw=;
fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=;
b=D/kKhawtajoxay/4mdMXBFK4u9lFlLX2IyIQi0EKlHFeYpVxXssuKW7ycO8mszXDfu
2qb4csKHJqwzmrcjqxYkcfWklBqmJaZCW3+Vf/b2Q0c/5tDQ/NMXKICzVDRheI5DCzWW
jCvp1yZ/x5mYpgDr7g6rPh5xdWcLpbrob1hB+gmyYH5QE4JVl1FyXuaWqLCEH2/ZTr2w
xoeiaaEcSAG7woJWmCShFPp6Z5JNKLnHnFzCgxMYouz3OTENxxbIX1F6Pc/bBo3ynJFe
DEeF2KucLJnxBJAh5yi2tZ39fzlWxPkVfNx9t0/8up4bb0A/bhd4sE83CsX5DHIfD9Nc
9Wzw==;
dara=google.com
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@lists.sourceforge.net header.s=beta
header.b=datyohZu;
dkim=neutral (body hash did not verify) header.i=@sourceforge.net
header.s=x header.b=nDgVro3w;
dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
header.b=JbmQ2u80;
spf=pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de
Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7])
by mx.google.com with ESMTPS id
46e09a7af769-7e55bbdcc19si12113731a34.88.2026.05.20.03.12.35
(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
Wed, 20 May 2026 03:12:35 -0700 (PDT)
Received-SPF: pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) client-ip=216.105.38.7;
Authentication-Results: mx.google.com;
dkim=pass header.i=@lists.sourceforge.net header.s=beta
header.b=datyohZu;
dkim=neutral (body hash did not verify) header.i=@sourceforge.net
header.s=x header.b=nDgVro3w;
dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
header.b=JbmQ2u80;
spf=pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type:
List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:
Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender:
Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From:
Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner;
bh=bcQ1+iD05937PR7AST9NioJnlkGhHMAH6+ZTWX7oKmw=; b=datyohZulA0RA2LtvPy0j+bZjS
ammxwZpK5RD6kwfHBkZqJEzuOZgUFWQ7DCOeErqZlp5GXkBndM49pl7zrpYvy13hHvbyC9DO+FKLU
kdKa1xYKPB1E7n0HtdyEXqZDWQC2vlSkl06yPnurmKFNz/X6/WOFZFj7/rhiwzLX4ZlY=;
Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com)
by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95)
(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
id 1wPduY-0006gL-37;
Wed, 20 May 2026 10:12:22 +0000
Received: from [172.30.29.66] (helo=mx.sourceforge.net)
by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
(envelope-from <gert@blue4.greenie.muc.de>) id 1wPduC-0006ev-Ue
for openvpn-devel@lists.sourceforge.net;
Wed, 20 May 2026 10:12:01 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References:
In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:
Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
List-Subscribe:List-Post:List-Owner:List-Archive;
bh=JdjH1+cOtW5upDCTo+C83qYiT3kfPQsYywBtkyM0nNU=; b=nDgVro3w22Wz8TF6LGqHx9jxre
IUsC6LNqznMrtM369RTGa+FevXZ14sgU7kJ2DkkRKBDXtY/3n0dZpi0CyuZUwbmswfCLAC9hpkVLr
jnrAV7aAEQ97Wt49gzRv9kOoHp5Sry/kNWkG9YWj3R09KEJPJLb2gKyU8rerSiR6nuH0=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
;
h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID:
Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID:
Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
List-Post:List-Owner:List-Archive;
bh=JdjH1+cOtW5upDCTo+C83qYiT3kfPQsYywBtkyM0nNU=; b=JbmQ2u80ZSbK60ZLC+it2sniQS
5fmauVEz2iDFqhpyPkZd4jOKpBcW0PgT9nMPKkLyfb94ZQ7/nlfy+WNTuhs1qbyewq9Slgeb438yj
/DgMB5YnenPlymTnCQFb/zeEY/BV9m3WxUIUumJRbifQKV6C2m6iiJUVwdSOYNkw6K6k=;
Received: from [193.149.48.129] (helo=blue.greenie.muc.de)
by sfi-mx-2.v28.lw.sourceforge.com with esmtps
(TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95)
id 1wPduC-0006kT-19 for openvpn-devel@lists.sourceforge.net;
Wed, 20 May 2026 10:12:01 +0000
Received: from blue.greenie.muc.de (localhost [127.0.0.1])
by blue.greenie.muc.de (8.18.1/8.18.1) with ESMTP id 64KABrSJ017475
for <openvpn-devel@lists.sourceforge.net>; Wed, 20 May 2026 12:11:53 +0200
Received: (from gert@localhost)
by blue.greenie.muc.de (8.18.2/8.18.1/Submit) id 64KABrZK017474
for openvpn-devel@lists.sourceforge.net; Wed, 20 May 2026 12:11:53 +0200
From: Gert Doering <gert@greenie.muc.de>
To: openvpn-devel@lists.sourceforge.net
Date: Wed, 20 May 2026 12:11:44 +0200
Message-ID: <20260520101152.17453-1-gert@greenie.muc.de>
X-Mailer: git-send-email 2.53.0
In-Reply-To:
<gerrit.1779183573000.Id4e21efebbe64b963cf7847ad77bc41339af7a37@gerrit.openvpn.net>
References:
<gerrit.1779183573000.Id4e21efebbe64b963cf7847ad77bc41339af7a37@gerrit.openvpn.net>
MIME-Version: 1.0
X-Spam-Score: 1.3 (+)
X-Spam-Report: Spam detection software,
running on the system "sfi-spamd-2.hosts.colo.sdot.me",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: From: Gianmarco De Gregori <gianmarco@mandelbit.com> When
port-share is used, enforce the presence of a TCP listener by checking the
local_list entries insted of rely on the global connection_entry proto field.
Content analysis details: (1.3 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
1.3 RDNS_NONE Delivered to internal network by a host with no rDNS
X-Headers-End: 1wPduC-0006kT-19
Subject: [Openvpn-devel] [PATCH v1] Fix: port-share and multi-socket
interaction
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
<mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive:
<http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
<mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox
X-GMAIL-THRID: =?utf-8?q?1865701870391740772?=
X-GMAIL-MSGID: =?utf-8?q?1865701870391740772?=
|
| Series |
[Openvpn-devel,v1] Fix: port-share and multi-socket interaction
|
|
Commit Message
Gert Doering
May 20, 2026, 10:11 a.m. UTC
From: Gianmarco De Gregori <gianmarco@mandelbit.com> When port-share is used, enforce the presence of a TCP listener by checking the local_list entries insted of rely on the global connection_entry proto field. Github: #1027 Change-Id: Id4e21efebbe64b963cf7847ad77bc41339af7a37 Signed-off-by: Gianmarco De Gregori <gianmarco@mandelbit.com> Acked-by: Frank Lichtenheld <frank@lichtenheld.com> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1680 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1680 This mail reflects revision 1 of this Change. Acked-by according to Gerrit (reflected above): Frank Lichtenheld <frank@lichtenheld.com>
Comments
Tested this on master without the patch. A config with two "local"
statements, one UDP, one TCP, and "port-share" will always fail with
Jun 9 10:26:19 gentoo tun-tcp-p2mp[19994]: Options error: --port-share only works in TCP server mode (--proto values of tcp-server, tcp4-server, or tcp6-server)
(the order of "local" statements does not matter). With the patch, it
will happily bind both ports and portshare works...
2026-06-09 10:36:17 us=623614 tcp6-server:[2001:608:4:0:62e9:965e:fba9:3fef]:50046 Non-OpenVPN client protocol detected
The code change is also quite straightforward - instead of checking only
"ce->proto" (which might be anything here), we need to walk list of
sockets and see if there is "any tcp socket". I also tested "2 TCP
sockets", and port-share works on either of them. Good :-)
Your patch has been applied to the master and release/2.7 branch (bugfix).
commit 0d7ea983e4c92d4c2caf5077ed8e868744c72512 (master)
commit 06e71f0c5fb3e8bc5980ca10e062b0c571b9b071 (release/2.7)
Author: Gianmarco De Gregori
Date: Wed May 20 12:11:44 2026 +0200
Fix: port-share and multi-socket interaction
Signed-off-by: Gianmarco De Gregori <gianmarco@mandelbit.com>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1680
Message-Id: <20260520101152.17453-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg36986.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
--
kind regards,
Gert Doering
diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 0c2866c..0ecb59c 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -2490,8 +2490,13 @@ msg(M_USAGE, USAGE_VALID_SERVER_PROTOS); } #if PORT_SHARE + bool has_tcp = false; + for (int i = 0; i < ce->local_list->len && !has_tcp; i++) + { + has_tcp = (ce->local_list->array[i]->proto == PROTO_TCP_SERVER); + } if ((options->port_share_host || options->port_share_port) - && (ce->proto != PROTO_TCP_SERVER)) + && !has_tcp) { msg(M_USAGE, "--port-share only works in TCP server mode " "(--proto values of tcp-server, tcp4-server, or tcp6-server)");