From patchwork Mon Aug 1 22:23:16 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Antonio Quartulli X-Patchwork-Id: 2618 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director12.mail.ord1d.rsapps.net ([172.30.191.6]) by backend30.mail.ord1d.rsapps.net with LMTP id iJDtFyLf6GL+DAAAIUCqbw (envelope-from ) for ; Tue, 02 Aug 2022 04:24:02 -0400 Received: from proxy13.mail.ord1d.rsapps.net ([172.30.191.6]) by director12.mail.ord1d.rsapps.net with LMTP id iJLDFyLf6GIoIQAAIasKDg (envelope-from ) for ; Tue, 02 Aug 2022 04:24:02 -0400 Received: from smtp19.gate.ord1d ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy13.mail.ord1d.rsapps.net with LMTPS id SIeWFyLf6GKmSAAAgjf6aA (envelope-from ) for ; Tue, 02 Aug 2022 04:24:02 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp19.gate.ord1d.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=unstable.cc X-Suspicious-Flag: YES X-Classification-ID: 76b128f4-123c-11ed-bb18-525400d67fa8-1-1 Received: from [216.105.38.7] ([216.105.38.7:53134] helo=lists.sourceforge.net) by smtp19.gate.ord1d.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 2B/E3-02364-22FD8E26; Tue, 02 Aug 2022 04:24:02 -0400 Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.94.2) (envelope-from ) id 1oInB3-0001rF-65; Tue, 02 Aug 2022 08:22:58 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1oInB2-0001r9-C3 for openvpn-devel@lists.sourceforge.net; Tue, 02 Aug 2022 08:22:57 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=M0zCv/29xPbB2aFNInD6bb5DjO8Ji6r86Iv1Beof8o0=; b=De5lysjakrU0I0nCxglk9bQaNQ 1pZCmnV2beYpqPCQ89kdkKBpdB0M9kFk6vpxNLnRbnI8v6f7aMYXBdPPdpccAj3EXNrFbF3c2CEI1 rNs5RcwW3vN2KLrxUfaf6mkEdnGEGS3nrmTzv32/5DS9AArc2zyH5LvZlfAZAaVjtuwA=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:Cc:To:From :Sender:Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=M0zCv/29xPbB2aFNInD6bb5DjO8Ji6r86Iv1Beof8o0=; b=F BuXxMUWWuzwWOYFNHXshJ2xsic/zTK+aRKGhNDFhb9nTjXCOppWRaFlMKkfFLGfp13j8lCjzVDilr /2NuV4lz0PVMg4jxdb3CfZiX/+744Cs3bNMQPqBcLdktoEIwfo35dYskOLeGPPAlQZZhLnXeKsTNa WIkF6OPlEMNKwH1c=; Received: from s2.neomailbox.net ([5.148.176.60]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.94.2) id 1oInB1-000Sos-Hl for openvpn-devel@lists.sourceforge.net; Tue, 02 Aug 2022 08:22:56 +0000 From: Antonio Quartulli To: openvpn-devel@lists.sourceforge.net Date: Tue, 2 Aug 2022 10:23:16 +0200 Message-Id: <20220802082316.1424-1-a@unstable.cc> MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: To better arrange the order DCO option conflict messages are printed, we decided to first perform all needed checks on provided options and, only at the end, if no conflict was detected, to check if D [...] Content analysis details: (0.0 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1oInB1-000Sos-Hl Subject: [Openvpn-devel] [PATCH] dco: move availability check to the end of check_option_conflict() function X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Antonio Quartulli Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox To better arrange the order DCO option conflict messages are printed, we decided to first perform all needed checks on provided options and, only at the end, if no conflict was detected, to check if DCO is really available on the system. This way a user gets prompted with all warnings about their configuration first and, when everything is fixed, they will see if DCO is available or not. While at it, compress the first check in just one if to make the code simpler. Signed-off-by: Antonio Quartulli --- src/openvpn/dco.c | 22 +++++++++------------- 1 file changed, 9 insertions(+), 13 deletions(-) diff --git a/src/openvpn/dco.c b/src/openvpn/dco.c index a6912d4e..fdf474ca 100644 --- a/src/openvpn/dco.c +++ b/src/openvpn/dco.c @@ -268,18 +268,11 @@ dco_check_option_conflict_ce(const struct connection_entry *ce, int msglevel) bool dco_check_option_conflict(int msglevel, const struct options *o) { - if (o->tuntap_options.disable_dco) - { - /* already disabled by --disable-dco, no need to print warnings */ - return false; - } - - if (!dco_available(msglevel)) - { - return false; - } - - if (!o->dev) + /* check if DCO was already disabled by the user or if no dev name was + * specified at all. In the latter case, later logic will most likely stop + * OpenVPN, so no need to print any message here. + */ + if (o->tuntap_options.disable_dco || !o->dev) { return false; } @@ -361,7 +354,10 @@ dco_check_option_conflict(int msglevel, const struct options *o) } gc_free(&gc); - return true; + /* now that all options have been confirmed to be supported, check if DCO is + * truly available on the system + */ + return dco_available(o); } bool