From patchwork Tue Aug 2 03:03:12 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Antonio Quartulli X-Patchwork-Id: 2619 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director14.mail.ord1d.rsapps.net ([172.28.255.1]) by backend30.mail.ord1d.rsapps.net with LMTP id sMYpCrog6WJBGAAAIUCqbw (envelope-from ) for ; Tue, 02 Aug 2022 09:03:54 -0400 Received: from proxy4.mail.ord1c.rsapps.net ([172.28.255.1]) by director14.mail.ord1d.rsapps.net with LMTP id SJL9Cbog6WIRPgAAeJ7fFg (envelope-from ) for ; Tue, 02 Aug 2022 09:03:54 -0400 Received: from smtp20.gate.ord1c ([172.28.255.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy4.mail.ord1c.rsapps.net with LMTPS id qJWvErQg6WJ4VgAAjcXvpA (envelope-from ) for ; Tue, 02 Aug 2022 09:03:48 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp20.gate.ord1c.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=unstable.cc X-Suspicious-Flag: YES X-Classification-ID: 8e78038c-1263-11ed-940d-bc305bf03180-1-1 Received: from [216.105.38.7] ([216.105.38.7:41276] helo=lists.sourceforge.net) by smtp20.gate.ord1c.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id C3/AB-14176-8B029E26; Tue, 02 Aug 2022 09:03:52 -0400 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.94.2) (envelope-from ) id 1oIrXw-0004bb-2H; Tue, 02 Aug 2022 13:02:50 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1oIrXu-0004bU-Hm for openvpn-devel@lists.sourceforge.net; Tue, 02 Aug 2022 13:02:49 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=wtVvSCustOoc4jfK6eDUzZn4zy1DxDIUEe+f6COVqOM=; b=jDBlvtCt9/4jFKK6CnmLsIo+7W CYiO/5TghZEBHc6EltgcwIPb4WUsPJnwTLkbpxYJrD17TPIaO2Cix50VSE9WRLD/7UwZ9essFA6tR 47sdIXsHYe52ygLDgsckL0n+iOZl9GanSMCkM+mIWK7L7bldh6dC5XGhUbnujJDDNYq8=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=wtVvSCustOoc4jfK6eDUzZn4zy1DxDIUEe+f6COVqOM=; b=Lw7mSwxK1Xkv4J7Gc+WZXtq9it mPAFmhofPw1PzdAb4Vpr+FazWIzR8h8iI3nryObWOAv+SKeRzDe7xmnwMJGNTO3qC/Ksx7GmIN16+ xzk3B9Z85exEXLuQTPCnA0d0lAik9ATrE37JBr1dghU2QruSN9Ge9aYLSq9s+nVr62/s=; Received: from s2.neomailbox.net ([5.148.176.60]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.94.2) id 1oIrXs-0002q4-1c for openvpn-devel@lists.sourceforge.net; Tue, 02 Aug 2022 13:02:49 +0000 From: Antonio Quartulli To: openvpn-devel@lists.sourceforge.net Date: Tue, 2 Aug 2022 15:03:12 +0200 Message-Id: <20220802130312.18871-1-a@unstable.cc> In-Reply-To: <20220802082316.1424-1-a@unstable.cc> References: MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: To better arrange the order DCO option conflict messages are printed, we decided to first perform all needed checks on provided options and, only at the end, if no conflict was detected, to check if D [...] Content analysis details: (0.0 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1oIrXs-0002q4-1c Subject: [Openvpn-devel] [PATCH v2] dco: move availability check to the end of check_option_conflict() function X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Antonio Quartulli Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox To better arrange the order DCO option conflict messages are printed, we decided to first perform all needed checks on provided options and, only at the end, if no conflict was detected, to check if DCO is really available on the system. This way a user gets prompted with all warnings about their configuration first and, when everything is fixed, they will see if DCO is available or not. While at it, compress the first check in just one if to make the code simpler. Signed-off-by: Antonio Quartulli Acked-By: Frank Lichtenheld --- Changes from v1: * pass proper argument to dco_available() --- src/openvpn/dco.c | 22 +++++++++------------- 1 file changed, 9 insertions(+), 13 deletions(-) diff --git a/src/openvpn/dco.c b/src/openvpn/dco.c index a6912d4e..0877f0af 100644 --- a/src/openvpn/dco.c +++ b/src/openvpn/dco.c @@ -268,18 +268,11 @@ dco_check_option_conflict_ce(const struct connection_entry *ce, int msglevel) bool dco_check_option_conflict(int msglevel, const struct options *o) { - if (o->tuntap_options.disable_dco) - { - /* already disabled by --disable-dco, no need to print warnings */ - return false; - } - - if (!dco_available(msglevel)) - { - return false; - } - - if (!o->dev) + /* check if DCO was already disabled by the user or if no dev name was + * specified at all. In the latter case, later logic will most likely stop + * OpenVPN, so no need to print any message here. + */ + if (o->tuntap_options.disable_dco || !o->dev) { return false; } @@ -361,7 +354,10 @@ dco_check_option_conflict(int msglevel, const struct options *o) } gc_free(&gc); - return true; + /* now that all options have been confirmed to be supported, check if DCO is + * truly available on the system + */ + return dco_available(msglevel); } bool