| Message ID | beb91351d80ec3d8186b9f8cd29775cb059b2896-HTML@gerrit.openvpn.net |
|---|---|
| State | Superseded |
| Headers | show
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Received: by 2002:a05:7000:8444:b0:55c:c090:46f0 with SMTP id m4csp1076906mat;
Fri, 15 Mar 2024 06:44:40 -0700 (PDT)
X-Forwarded-Encrypted: i=2;
AJvYcCUXLvLVigBCuJc8sucMuUAhOZasFMKG6VZZLIGjfho5VNg26kSgjYqSKG2F3E621RHnbYA8lE6Xv9QxUibxvmHHmDGoaB0=
X-Google-Smtp-Source:
AGHT+IFWgbcvaYxpyfyYVRnwdZuZTRjgThcCIGXys92YR3IweBvAdgIi8MqhgZAQkVKAAWt/3+W8
X-Received: by 2002:a05:6a20:3c9f:b0:1a3:4721:df94 with SMTP id
b31-20020a056a203c9f00b001a34721df94mr2182122pzj.0.1710510280464;
Fri, 15 Mar 2024 06:44:40 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1710510280; cv=none;
d=google.com; s=arc-20160816;
b=TPMZ7Eh4ApT1rZvUhDBnVhQp8kiKtAIz8jQY9X34fJavY/htjQ6WNDr0aFAAN9arqD
64NXq0mzVkrr/e8QhcDkMkV0r3Abi3kRi5Es0wLBzetNGsyTBN4Q5Dj/5e5fgdNVmTsa
xXCkOyCNKkidlGSEaeX/AJbTZ3hgBCowjnNVTK/DCE7Z8bBIDHwz70EDzuFOwmKJX1u1
vI4hFyuZDL0bxUUmBeJmH0iX2R95DW5WI5XhHp9+k6z3y5xVJTrbZGfBP5keONOFaLCN
Z17rohFMJXExEtIgssjEbSEZR3XCX9aqu6Lx5DC7QYPfwQ2Juo98I6HjIMMJgwtot/7e
aMhw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=errors-to:cc:reply-to:list-subscribe:list-help:list-post
:list-archive:list-unsubscribe:list-id:precedence:subject:user-agent
:mime-version:message-id:references:auto-submitted:to:date:from
:dkim-signature:dkim-signature:dkim-signature;
bh=w27CEcKD9xhESYmDcO7sct/79g5AclSmpXAhTdoAhMs=;
fh=U7wEyxtwz2o5+UdevFSA47vNeG9knhWH0KV//QhD5a0=;
b=CcQjcPFKpPylSZYXI9Q5RTP89Fq+MH8oVIiCmz1QCz/rvfUsmetKJ4ucy7dz/ydxp8
mkAte7Y8bwtbzVAG9uQiNJvAe+qyusFXYS29gzvvk2C2KP44tbZlaXpLgivlhREeg/vF
7YaJv+ud/nxsQy8jnplqArS96S6XS+KpmjhVYuzQe3dewZFXHVWhUTFkLFE5btz3MlD6
mwlMLZu0xmq/afbfunn80ISKwzF9jnhoGY54s0vtQ/MpZCFZmQBt6ii+9csAD+R/nfVN
AMY9T69buiZurPTwEtC2GKrmjcwNIyMMrrc041pdSv4gDyMpgKtypXDcO2sT+YajZ7nR
45Iw==;
dara=google.com
ARC-Authentication-Results: i=1; mx.google.com;
dkim=neutral (body hash did not verify) header.i=@sourceforge.net
header.s=x header.b=Zg32E1iO;
dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
header.b=NBNKSELd;
dkim=neutral (body hash did not verify) header.i=@openvpn.net
header.s=google header.b=Yi1mf3mF;
spf=pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net
Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7])
by mx.google.com with ESMTPS id
e8-20020a63aa08000000b005e4ba7d402bsi2700466pgf.808.2024.03.15.06.44.40
(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
Fri, 15 Mar 2024 06:44:40 -0700 (PDT)
Received-SPF: pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) client-ip=216.105.38.7;
Authentication-Results: mx.google.com;
dkim=neutral (body hash did not verify) header.i=@sourceforge.net
header.s=x header.b=Zg32E1iO;
dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
header.b=NBNKSELd;
dkim=neutral (body hash did not verify) header.i=@openvpn.net
header.s=google header.b=Yi1mf3mF;
spf=pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net
Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com)
by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95)
(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
id 1rl7qT-0002yH-B3;
Fri, 15 Mar 2024 13:43:37 +0000
Received: from [172.30.20.202] (helo=mx.sourceforge.net)
by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
(envelope-from <gerrit@openvpn.net>) id 1rl7qQ-0002yA-30
for openvpn-devel@lists.sourceforge.net;
Fri, 15 Mar 2024 13:43:34 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=sourceforge.net; s=x; h=Content-Type:Content-Transfer-Encoding:MIME-Version
:Message-ID:Reply-To:References:Subject:List-Unsubscribe:List-Id:Cc:To:Date:
From:Sender:Content-ID:Content-Description:Resent-Date:Resent-From:
Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help:
List-Subscribe:List-Post:List-Owner:List-Archive;
bh=gAJyUXCdyrjFUXlP4AWNb1GTRvERR4Lw8kTPNhoq+hQ=; b=Zg32E1iOCNwpRU8ul55d0yJnI+
e0qBIZba7hkDGaddlsb6NX4yD93cGUnBZIw1sPpYInFfYdQLzlgSwPSBTQl5d+tszxr1PzkyaoltQ
DJbGC8c/1OT7YHDzNZlIiHgxd9uLeqXZKbSfDHkr6BREZaVqD/Qm51o791bMNTSxVwO8=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
;
h=Content-Type:Content-Transfer-Encoding:MIME-Version:Message-ID:Reply-To:
References:Subject:List-Unsubscribe:List-Id:Cc:To:Date:From:Sender:Content-ID
:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:
Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help:List-Subscribe:List-Post:
List-Owner:List-Archive; bh=gAJyUXCdyrjFUXlP4AWNb1GTRvERR4Lw8kTPNhoq+hQ=; b=N
BNKSELdQU8u2qk6WoXJ9Hpq3/O3Z598JI9Nhi9ezQFOZ2Nu3R2tsP0eQ3tsroQTXXyRnGSxq2gz1w
VJoKts19LghusLCE4t8EBDn0dJmryRB+YAjTZQGKohhREJhQ5lUcBe8N6UoHVO472nUSMs2oyQKr6
d1zGHTXjPo309e3o=;
Received: from mail-lf1-f50.google.com ([209.85.167.50])
by sfi-mx-2.v28.lw.sourceforge.com with esmtps
(TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95)
id 1rl7qD-0005It-Sp for openvpn-devel@lists.sourceforge.net;
Fri, 15 Mar 2024 13:43:33 +0000
Received: by mail-lf1-f50.google.com with SMTP id
2adb3069b0e04-513b022a238so2587685e87.0
for <openvpn-devel@lists.sourceforge.net>;
Fri, 15 Mar 2024 06:43:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=openvpn.net; s=google; t=1710510197; x=1711114997;
darn=lists.sourceforge.net;
h=user-agent:content-disposition:content-transfer-encoding
:mime-version:message-id:reply-to:references:subject
:list-unsubscribe:list-id:auto-submitted:cc:to:date:from:from:to:cc
:subject:date:message-id:reply-to;
bh=gAJyUXCdyrjFUXlP4AWNb1GTRvERR4Lw8kTPNhoq+hQ=;
b=Yi1mf3mFAZmZU45Pn111A5p+XqjlFDCza6h9ofVjRCQG57zjFKYX0NgIfcxUOTtwcz
ibjBos3+ZSJ8i0mk1ozjK6SXOeB+77x8FKOK+paM3NGnT71iq7oC/hArfsw7znRX7cTN
HBvUzh5p+5+CxSviZd96jhqIMqtAxWOiL0bzRGZ27Tqg/wIh+yojCfKRCtLB01ksFBGh
xp5uX8K2aEyDvU1HTsjwFr0hl9NTzzP9nzrI8MeEOS6A1ht3Qd9THTIg2AUWYnGa9Xe3
gVCHZR+MV1Xzv4n4ailZcnFyxbQqDVn0kdpbAzxJZmWjYB/4yA3wTY2jR9S8lBO3+T/U
W3zQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1710510197; x=1711114997;
h=user-agent:content-disposition:content-transfer-encoding
:mime-version:message-id:reply-to:references:subject
:list-unsubscribe:list-id:auto-submitted:cc:to:date:from
:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
bh=gAJyUXCdyrjFUXlP4AWNb1GTRvERR4Lw8kTPNhoq+hQ=;
b=ANmvgp++lbGl4Yc4xqKzDnqMHoW0FQiKGyAMopMI+a2vQno+oYgqhLHUxI31C+eC19
C42qLUJYRsoNBs+W3MJ7yJDdtuF8lAMLyP69/wM4F6XzOJilRxY0YvokYbRek7du207y
27rRQDS/HaNMFLWq5ixBrmps7n4NJs3rZg4pUaAm7xmz3OQEWFAvTx2kbL1lDTm5AnoO
B2tfcpQjgth5oGqay+1Yrv+/mTd+O4RfhoPrLqJ7UADxX9ugFzQ1BPTm8iyPQ2v0fJZB
H5gF52xs8hxUhR4fwOd/y5v0Cs5Ue4G/Hv3Y60bUBH7aS0o8Nec3GzqJh01rFPBpehPF
JDVg==
X-Gm-Message-State: AOJu0YzjkPv3VIeZyEmW1qe5UGgJwqKPMfoocBPKH4OdRABxVUMm+0nC
Tlf2jDCnZmuBxzBplZLdfvihDsI95WUga9IreIozeHrHudzAAvIN8/4ko0l/k7l4Aa4fP2cWC70
h
X-Received: by 2002:a05:6512:32a6:b0:513:a83b:6761 with SMTP id
q6-20020a05651232a600b00513a83b6761mr3558734lfe.18.1710510197295;
Fri, 15 Mar 2024 06:43:17 -0700 (PDT)
Received: from gerrit.openvpn.in
(ec2-18-159-0-78.eu-central-1.compute.amazonaws.com. [18.159.0.78])
by smtp.gmail.com with ESMTPSA id
bu27-20020a056000079b00b0033ecbfc6941sm2886812wrb.110.2024.03.15.06.43.16
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Fri, 15 Mar 2024 06:43:16 -0700 (PDT)
From: "stipa (Code Review)" <gerrit@openvpn.net>
X-Google-Original-From: "stipa (Code Review)" <gerrit@gerrit.openvpn.in>
X-Gerrit-PatchSet: 1
Date: Fri, 15 Mar 2024 13:43:16 +0000
To: plaisthos <arne-openvpn@rfc2549.org>, flichtenheld <frank@lichtenheld.com>
Auto-Submitted: auto-generated
X-Gerrit-MessageType: newchange
X-Gerrit-Change-Id: I16d6a9fefa317d7d4a195e786618328445bdbca8
X-Gerrit-Change-Number: 543
X-Gerrit-Project: openvpn
X-Gerrit-ChangeURL: <http://gerrit.openvpn.net/c/openvpn/+/543?usp=email>
X-Gerrit-Commit: c6e0551d695a8685f4a2e457edb53b3f5cef54c6
References:
<gerrit.1710510194000.I16d6a9fefa317d7d4a195e786618328445bdbca8@gerrit.openvpn.net>
Message-ID: <beb91351d80ec3d8186b9f8cd29775cb059b2896-HTML@gerrit.openvpn.net>
MIME-Version: 1.0
User-Agent: Gerrit/3.8.2
X-Spam-Score: -0.2 (/)
X-Spam-Report: Spam detection software,
running on the system "util-spamd-2.v13.lw.sourceforge.com",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Attention is currently required from: flichtenheld,
plaisthos.
Hello plaisthos, flichtenheld, I'd like you to do a code review. Please visit
Content analysis details: (-0.2 points, 6.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
-0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.167.50 listed in wl.mailspike.net]
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/,
no trust [209.85.167.50 listed in list.dnswl.org]
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 WEIRD_PORT URI: Uses non-standard port number for HTTP
0.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily
valid
-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from
envelope-from domain
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
-0.0 T_SCC_BODY_TEXT_LINE No description available.
0.0 T_KAM_HTML_FONT_INVALID Test for Invalidly Named or Formatted
Colors in HTML
X-Headers-End: 1rl7qD-0005It-Sp
Subject: [Openvpn-devel] [S] Change in openvpn[master]: Disable DCO if proxy
is set via management
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
<mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive:
<http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
<mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Reply-To: lstipakov@gmail.com, arne-openvpn@rfc2549.org,
openvpn-devel@lists.sourceforge.net, frank@lichtenheld.com
Cc: openvpn-devel <openvpn-devel@lists.sourceforge.net>
Content-Type: multipart/mixed; boundary="===============1193564571229517989=="
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox
X-GMAIL-THRID: =?utf-8?q?1793600027647467266?=
X-GMAIL-MSGID: =?utf-8?q?1793600027647467266?=
X-getmail-filter-classifier: gerrit message type newchange
|
| Series |
[Openvpn-devel,S] Change in openvpn[master]: Disable DCO if proxy is set via management
|
expand
|
diff --git a/src/openvpn/dco.c b/src/openvpn/dco.c index 14430d3..540b5a8 100644 --- a/src/openvpn/dco.c +++ b/src/openvpn/dco.c @@ -387,6 +387,12 @@ return false; } + if (o->management_flags & MF_QUERY_PROXY) + { + msg(msglevel, "Note: --management-query-proxy disables data channel offload."); + return false; + } + /* now that all options have been confirmed to be supported, check * if DCO is truly available on the system */ diff --git a/src/openvpn/init.c b/src/openvpn/init.c index 52b3931..6a3040f 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -221,12 +221,6 @@ } else if (p[2] && p[3]) { - if (dco_enabled(&c->options)) - { - msg(M_INFO, "Proxy set via management, disabling Data Channel Offload."); - c->options.tuntap_options.disable_dco = true; - } - if (streq(p[1], "HTTP")) { struct http_proxy_options *ho;
Attention is currently required from: flichtenheld, plaisthos. Hello plaisthos, flichtenheld, I'd like you to do a code review. Please visit http://gerrit.openvpn.net/c/openvpn/+/543?usp=email to review the following change. Change subject: Disable DCO if proxy is set via management ...................................................................... Disable DCO if proxy is set via management Commit 45a1cb2a ("Disable DCO if proxy is set via management") attempted to disable DCO when proxy is set via management interface. However, at least on Windows this doesn't work, since: - setting tuntap_options->disable_dco to true is not enough to disable DCO - at this point it is a bit too late, since we've already done DCO-specific adjustments Since proxy could be set via management only if --management-query-proxy is specified, the better way would be to add a check to dco_check_startup_option(). Github: fixes OpenVPN/openvpn#522 Change-Id: I16d6a9fefa317d7d4a195e786618328445bdbca8 Signed-off-by: Lev Stipakov <lev@openvpn.net> --- M src/openvpn/dco.c M src/openvpn/init.c 2 files changed, 6 insertions(+), 6 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/43/543/1