From patchwork Sun Jul 24 07:46:30 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Angel Abad X-Patchwork-Id: 2604 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director11.mail.ord1d.rsapps.net ([172.30.191.6]) by backend30.mail.ord1d.rsapps.net with LMTP id uEJMGMiF3WLYSQAAIUCqbw (envelope-from ) for ; Sun, 24 Jul 2022 13:47:52 -0400 Received: from proxy3.mail.ord1d.rsapps.net ([172.30.191.6]) by director11.mail.ord1d.rsapps.net with LMTP id CLNFGMiF3WIZBAAAvGGmqA (envelope-from ) for ; Sun, 24 Jul 2022 13:47:52 -0400 Received: from smtp16.gate.ord1c ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy3.mail.ord1d.rsapps.net with LMTPS id kLL1F8iF3WL+TAAA7WKfLA (envelope-from ) for ; Sun, 24 Jul 2022 13:47:52 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp16.gate.ord1c.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=gmail.com; dmarc=none (p=nil; dis=none) header.from=debian.org X-Suspicious-Flag: YES X-Classification-ID: bcab64ac-0b78-11ed-a495-bc305bf036a4-1-1 Received: from [216.105.38.7] ([216.105.38.7:57836] helo=lists.sourceforge.net) by smtp16.gate.ord1c.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 70/A5-17756-7C58DD26; Sun, 24 Jul 2022 13:47:51 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.94.2) (envelope-from ) id 1oFfgg-0005aB-Gj; Sun, 24 Jul 2022 17:46:42 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1oFfge-0005a4-EU for openvpn-devel@lists.sourceforge.net; Sun, 24 Jul 2022 17:46:40 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Type:MIME-Version:Message-ID:Subject:To: From:Date:Sender:Reply-To:Cc:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=wENt8UQBrmO/T45Yv2lSU/SMbmF7s7rlVfaQkEozA7g=; b=kVlLrvGgQY/aQFxuAVSiF6UL94 lNgrDPAIH/X5TGZIfsmvZgzPwjrz4q5WLHRn6ckxqSgvrGkPLNpYtAKo5kOokSJFBRk4rgHGxEYaB 0z6nxXopnmg5PXzpfIT8aRm6weGFtox9dpUmeJiHRa9zzKU3M9GVH1Bee93X01cQD0L4=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date:Sender:Reply-To :Cc:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=wENt8UQBrmO/T45Yv2lSU/SMbmF7s7rlVfaQkEozA7g=; b=J qIz+drCrS5qursqsHLdkVJ25bjemF46y2+w0o00IPUUIZb/X8oVn+WwqKK2mIjIpWnYrakUFPkYyD c78ObEbZNia8W57bCc/U9kc0XbdsP0dQlzS4CPJNAhGh6bd8JNwhlzK3zXAnj8VZM/phdCNtGdxv0 r4NQ3NSq9HGunZcE=; Received: from mail-wr1-f46.google.com ([209.85.221.46]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.94.2) id 1oFfgd-00951z-IF for openvpn-devel@lists.sourceforge.net; Sun, 24 Jul 2022 17:46:40 +0000 Received: by mail-wr1-f46.google.com with SMTP id b26so13049901wrc.2 for ; Sun, 24 Jul 2022 10:46:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=sender:date:from:to:subject:message-id:mime-version :content-disposition; bh=wENt8UQBrmO/T45Yv2lSU/SMbmF7s7rlVfaQkEozA7g=; b=gGzJJ8iG3c0SetwgGU5wn1Pdxp3eGz9f5Ojm339d8k8joe9o1fWzsBaDu83EP2j/tv IE5xkPszbc2NmocBJXvbsCe64Eb867O/dcj3Enu+Y+HU+ChuMniR2VmOAmWyAk9eLYhq BH/LPhHXK11RdfHo1SPfgDqu//khf2dSvaT1iQqx+MYZlMf5Cw2aPoCOVYb58s9ShGGk L3eV0shNkROU1QcngVdsNjDA6xSNqOg/Ax0FiaoBHI/HjJEL4cuwZ13ZcbjNIlSL+APZ ZUCi6Q6IVC2Va9zikGboB64Le7oom8u1Bt0G4pEerdV7ty6PR0VPTiTXv5BfbqymIxbb aRWQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:sender:date:from:to:subject:message-id :mime-version:content-disposition; bh=wENt8UQBrmO/T45Yv2lSU/SMbmF7s7rlVfaQkEozA7g=; b=VggPXLhGn4qU8HEhvgoU2Ou9QDDASCe78XF5rG3dkATVi962I+vZRKCU41v2P4JCq9 nUAcNA/UGE0XKpWT2AzhE63bX83JFa5qRvM6/XVQa2eSsGDOLIgs7kNmE65iNWEAI5oS QMa/U62aMptSoI0mfmonc/hhosuo8uqej+a0lQ8mB20N/wH63RLED5RVbgHu+H0o8mm5 gg8K6mQX7RsQBizXdLuuxPlzneQCCQ7avyKGmdngesxCpJznfvYBtj8DhLnmitOOAsE3 sm+YNJTCOEgPNXVmaXV0N0Q3kZnBdSp6tZdRz67tMaFYjtzRlCFsHn2xShwZL1s04yQU /8pQ== X-Gm-Message-State: AJIora8UrnOixwFK3IGRfQ7ScfooDm6gcvGx+7hRXr0PLYg690RD2dCw eK81h3hHecEqfO7N7TAouSj/y3YE2zicwZYB X-Google-Smtp-Source: AGRyM1ue7gmU77uUjDNTQAY8UljSljLraLA1le4gb+GAnHXg5huf5ERN3tjPdhG9QqsJ+HzCavVR9g== X-Received: by 2002:a05:6000:2aa:b0:21d:ac4f:587c with SMTP id l10-20020a05600002aa00b0021dac4f587cmr5865086wry.675.1658684792799; Sun, 24 Jul 2022 10:46:32 -0700 (PDT) Received: from benares (213.62-99-108.dynamic.clientes.euskaltel.es. [62.99.108.213]) by smtp.gmail.com with ESMTPSA id x3-20020a05600c420300b003a3200bc788sm14912191wmh.33.2022.07.24.10.46.32 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 24 Jul 2022 10:46:32 -0700 (PDT) Date: Sun, 24 Jul 2022 19:46:30 +0200 From: Angel Abad To: openvpn-devel@lists.sourceforge.net Message-ID: MIME-Version: 1.0 Content-Disposition: inline X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Description: PUSH_BUNDLE_SIZE is too short Author: Angel Abad --- Hello, we have problem with a large used openvpn server, our server push to clients almos 150 routes, we havent problem with windows clients, but with linux clients push options are cut, and the clien [...] Content analysis details: (0.4 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [angelabad[at]gmail.com] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.221.46 listed in list.dnswl.org] 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.221.46 listed in wl.mailspike.net] 0.2 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and EnvelopeFrom freemail headers are different X-Headers-End: 1oFfgd-00951z-IF Subject: [Openvpn-devel] [PATCH] PUSH_BUNDLE_SIZE is too short X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Description: PUSH_BUNDLE_SIZE is too short Author: Angel Abad --- Hello, we have problem with a large used openvpn server, our server push to clients almos 150 routes, we havent problem with windows clients, but with linux clients push options are cut, and the clients fail to configure beacouse the route commmands are cut. We look code and verify that push bundle size is only 1024, so push options on linux are cut on this size. We looked openvpn3 too, and there this limit is 2048 https://github.com/OpenVPN/openvpn3/blob/e1a35028a82acaf5ae6caeae321d83c36477d27c/openvpn/tun/linux/client/sitnl.hpp#L50 Could you please increase this limit on openvpn2 or provide a configuration option to increase it? Thanks in advance! --- openvpn-2.6.0~git20220518+dco.orig/src/openvpn/common.h +++ openvpn-2.6.0~git20220518+dco/src/openvpn/common.h @@ -72,7 +72,7 @@ typedef unsigned long ptr_type; * This parameter controls the maximum size of a bundle * of pushed options. */ -#define PUSH_BUNDLE_SIZE 1024 +#define PUSH_BUNDLE_SIZE 2048 /* * In how many seconds does client re-send PUSH_REQUEST if we haven't yet received a reply