From patchwork Fri Mar 8 14:01:12 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Frank Lichtenheld X-Patchwork-Id: 3642 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:5897:b0:559:d8ef:cc57 with SMTP id h23csp2193927max; Fri, 8 Mar 2024 06:02:00 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCX9BupFl+9OD05JGjwg32qCz34vsQD18+ku6qE+dMVYnPG6+NNlqIoDQJOdnSpYWs2AapaceWRtlrrrilPdR3eLktm0hJk= X-Google-Smtp-Source: AGHT+IFvNmtXZGkYlGzc0pFMFpzPC4LI2HnvVt3u1RsDss8JNsXkfOX1W48+2x5F+1bPBzQxmehK X-Received: by 2002:a05:6808:150e:b0:3c2:17b0:deda with SMTP id u14-20020a056808150e00b003c217b0dedamr2420114oiw.0.1709906519722; Fri, 08 Mar 2024 06:01:59 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1709906519; cv=none; d=google.com; s=arc-20160816; b=wCnBgRWPhkfJX51rAkrIvtOK4WGMDwXHGRYqL9zoiHDz3WhRQ9IB5C5JYcjdFpFjMu yf8momGkLf5yN3E4PwzxYRxqD2s9wT5GH3egvYjvTuuTd6YOUG3bG4MPh3ZrvYXzy1Gq QR46F7/8x4V195yKLJFqrixWl4f27N9qQqHuZT3YXaKeBwulmg6u6s61nTOL7qBEk9Vc zJ0K5yjkB3WVjOZtf+rgSO0H/vz2n/NsRtP+xGjXkrgQ/1VdfDg1w50NtJZQ31eUktMS j+J9+JE9hz26pcvP2wyyQn4kBqm1NUoMvouP2pZj41oQPA2zOmitzoZ/zaA4hc0OYXVb UrNA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:cc:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:message-id:date:to:from:dkim-signature:dkim-signature :dkim-signature; bh=VS/n3lDojWEL+4C+8Zvb6B+PgcUwMQpPxJOnzYalFjg=; fh=dolTBZKyEFFm1rcUDSpVBkI/OAfeOehaCqg5h/BusSQ=; b=AIpkoJa5BlP6HWFXByARrzlpN1Kn4ysDXwbnbmWFFeU3zupUjS/mccq4sr/OVmyRfC tnevWSgY33e1cTJiCBuczX6d6xTjEe3d1YjrH+6OLk/7ujXP/YusR1B0F1rAMGQeD8AD ZyG3ai4bu0jP1uBJin3u5SuW8ODLMnjgCigj32lfmnk6HUR1Jzw7tRTC1BiEK+GX/t7K eEZG/QOrLWRiEcb0adpxlkecUmvG2MMeE+OZbE9gVWqrDHOBVnYfiznRDVOrdXXseGrG y1Ddje25GsY6O0cuMfPZObOQMaoWEIHkvNLkJ6ibguG/P4VSsLCgOKbNjzmkmivDDhRI jD4w==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=iFOSXPij; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=m+2wMVdq; dkim=neutral (body hash did not verify) header.i=@lichtenheld.com header.s=MBO0001 header.b=mSA65ls7; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id i19-20020a056808031300b003c1f97fd591si2411384oie.73.2024.03.08.06.01.59 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 08 Mar 2024 06:01:59 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=iFOSXPij; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=m+2wMVdq; dkim=neutral (body hash did not verify) header.i=@lichtenheld.com header.s=MBO0001 header.b=mSA65ls7; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from [127.0.0.1] (helo=sfs-ml-3.v29.lw.sourceforge.com) by sfs-ml-3.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1rian0-00034w-FB; Fri, 08 Mar 2024 14:01:34 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-3.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1riamz-00034p-6E for openvpn-devel@lists.sourceforge.net; Fri, 08 Mar 2024 14:01:33 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=mx9MZED43JX99esKzVDXp5Bq9WpqcdybQzUncwPPyvw=; b=iFOSXPijWCiWMBjn849elv8qgb yOEWjzuuSFktuBsgsGq1cmruTMd/SmQS7tNJKTffFfLpq2oHI29JeVk/EAab2dmHbcBI63xU/SNUZ OPBmdq+rA3ko2CwKjUO21TSqsiYoSul5OsCTF5pPOU0F312RuBQ6j6XVdu/Z72WwklzE=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:Cc:To:From :Sender:Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=mx9MZED43JX99esKzVDXp5Bq9WpqcdybQzUncwPPyvw=; b=m +2wMVdqEAoO+xLdhmY9lpUYOmc6xLuC4jRzAWVKcceIUVQ6PE94SWNUK5dxctLVdH/y0C3bSx0+69 ZL5LMEtFws02EMePuB21BWo6zRtEhUoZQACK45h01vpDaBPPgFRjZ30lfI6foMZ5vhMyxEp6TBXCL g/sPOySnwDuQfBI4=; Received: from mout-p-202.mailbox.org ([80.241.56.172]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1riamj-00030E-Qo for openvpn-devel@lists.sourceforge.net; Fri, 08 Mar 2024 14:01:33 +0000 Received: from smtp202.mailbox.org (smtp202.mailbox.org [IPv6:2001:67c:2050:b231:465::202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-202.mailbox.org (Postfix) with ESMTPS id 4Trnrn5sXyz9scH; Fri, 8 Mar 2024 15:01:13 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lichtenheld.com; s=MBO0001; t=1709906473; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=mx9MZED43JX99esKzVDXp5Bq9WpqcdybQzUncwPPyvw=; b=mSA65ls7MIZT2vkvXepQXZFECwY9a2m5ogWhM9zVCSwYtRWaopO5jQoaudTPdER+lw/Abi bOFLvyn7FCGrdCzxeggWxSjNcFESJYZ3fveSlTsM5Sx2Ybl0uZ73GVq5M0mwEmXVpopyYh 39LXA9pCIoGDtqlp9C0JtjjQ3YzOxfq+L7y2hd+ZNthSlt8awwPNNIp4fSyVuLHjGwIwaX Fq4/YZi4GMFdvgoPyCtOMwjikEYX4iUe8r9b/9IU2Wf6PP4KbLYDU6Qv0pyVCobb6siS3e 71Lc/BViNir9f+KBrUgQFRwc5e49RDhj3z9qoYJSsi3NRXNIEc3UVqh610jKBQ== From: Frank Lichtenheld To: openvpn-devel@lists.sourceforge.net Date: Fri, 8 Mar 2024 15:01:12 +0100 Message-Id: <20240308140112.4015131-1-frank@lichtenheld.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: 4Trnrn5sXyz9scH X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: wellweek Change-Id: I4f349963b41ebe155d3866da8955f2d7245d0394 Signed-off-by: wellweek Acked-by: Frank Lichtenheld --- Changes.rst | 2 +- contrib/OCSP_check/OCSP_c [...] Content analysis details: (-0.9 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [80.241.56.172 listed in list.dnswl.org] 0.0 RCVD_IN_MSPIKE_H4 RBL: Very Good reputation (+4) [80.241.56.172 listed in wl.mailspike.net] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 T_SPF_TEMPERROR SPF: test of record failed (temperror) -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders -0.0 T_SCC_BODY_TEXT_LINE No description available. X-Headers-End: 1riamj-00030E-Qo Subject: [Openvpn-devel] [PATCH] remove repetitive words in documentation and comments X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: wellweek Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1792966939065413652?= X-GMAIL-MSGID: =?utf-8?q?1792966939065413652?= From: wellweek Change-Id: I4f349963b41ebe155d3866da8955f2d7245d0394 Signed-off-by: wellweek Acked-by: Frank Lichtenheld --- Changes.rst | 2 +- contrib/OCSP_check/OCSP_check.sh | 2 +- doc/man-sections/cipher-negotiation.rst | 2 +- doc/man-sections/vpn-network-options.rst | 4 ++-- sample/sample-config-files/server.conf | 2 +- src/openvpn/fragment.h | 2 +- src/openvpn/misc.c | 2 +- src/openvpnserv/interactive.c | 2 +- 8 files changed, 9 insertions(+), 9 deletions(-) diff --git a/Changes.rst b/Changes.rst index 4cded980..54e59809 100644 --- a/Changes.rst +++ b/Changes.rst @@ -794,7 +794,7 @@ Control channel encryption (``--tls-crypt``) Asynchronous push reply Plug-ins providing support for deferred authentication can benefit from a more responsive authentication where the server sends PUSH_REPLY immediately once - the authentication result is ready, instead of waiting for the the client to + the authentication result is ready, instead of waiting for the client to to send PUSH_REQUEST once more. This requires OpenVPN to be built with ``./configure --enable-async-push``. This is a compile-time only switch. diff --git a/contrib/OCSP_check/OCSP_check.sh b/contrib/OCSP_check/OCSP_check.sh index 26757889..e4fec834 100644 --- a/contrib/OCSP_check/OCSP_check.sh +++ b/contrib/OCSP_check/OCSP_check.sh @@ -89,7 +89,7 @@ if [ $check_depth -eq -1 ] || [ $cur_depth -eq $check_depth ]; then # # NOTE: It is needed to check the exit code of OpenSSL explicitly. OpenSSL # can in some circumstances give a "good" result if it could not - # reach the the OSCP server. In this case, the exit code will indicate + # reach the OSCP server. In this case, the exit code will indicate # if OpenSSL itself failed or not. If OpenSSL's exit code is not 0, # don't trust the OpenSSL status. diff --git a/doc/man-sections/cipher-negotiation.rst b/doc/man-sections/cipher-negotiation.rst index 888ffa6f..949ff862 100644 --- a/doc/man-sections/cipher-negotiation.rst +++ b/doc/man-sections/cipher-negotiation.rst @@ -8,7 +8,7 @@ different backwards compatibility mechanism with older server and clients. OpenVPN 2.5 and later behaviour -------------------------------- When both client and server are at least running OpenVPN 2.5, that the order of -the ciphers of the server's ``--data-ciphers`` is used to pick the the data cipher. +the ciphers of the server's ``--data-ciphers`` is used to pick the data cipher. That means that the first cipher in that list that is also in the client's ``--data-ciphers`` list is chosen. If no common cipher is found the client is rejected with a AUTH_FAILED message (as seen in client log): diff --git a/doc/man-sections/vpn-network-options.rst b/doc/man-sections/vpn-network-options.rst index 41d367bf..abe474f7 100644 --- a/doc/man-sections/vpn-network-options.rst +++ b/doc/man-sections/vpn-network-options.rst @@ -235,7 +235,7 @@ routing. address and subnet mask just as a physical ethernet adapter would be similarly configured. If you are attempting to connect to a remote ethernet bridge, the IP address and subnet should be set to values which - would be valid on the the bridged ethernet segment (note also that DHCP + would be valid on the bridged ethernet segment (note also that DHCP can be used for the same purpose). This option, while primarily a proxy for the ``ifconfig``\(8) command, @@ -584,7 +584,7 @@ These two standalone operations will require ``--dev`` and optionally One of the advantages of persistent tunnels is that they eliminate the need for separate ``--up`` and ``--down`` scripts to run the appropriate ``ifconfig``\(8) and ``route``\(8) commands. These commands can be - placed in the the same shell script which starts or terminates an + placed in the same shell script which starts or terminates an OpenVPN session. Another advantage is that open connections through the TUN/TAP-based diff --git a/sample/sample-config-files/server.conf b/sample/sample-config-files/server.conf index 009fe56c..97732c62 100644 --- a/sample/sample-config-files/server.conf +++ b/sample/sample-config-files/server.conf @@ -42,7 +42,7 @@ proto udp # and bridged it with your ethernet interface. # If you want to control access policies # over the VPN, you must create firewall -# rules for the the TUN/TAP interface. +# rules for the TUN/TAP interface. # On non-Windows systems, you can give # an explicit unit number, such as tun0. # On Windows, use "dev-node" for this. diff --git a/src/openvpn/fragment.h b/src/openvpn/fragment.h index cc6829aa..2d13dbb7 100644 --- a/src/openvpn/fragment.h +++ b/src/openvpn/fragment.h @@ -314,7 +314,7 @@ void fragment_free(struct fragment_master *f); * reassembly buffer. If the incoming part completes the packet being * reassembled, the \a buf argument is modified to point to the fully * reassembled packet. If, on the other hand, reassembly is not yet - * complete, then the the \a buf buffer is set to empty. + * complete, then the \a buf buffer is set to empty. * - Any other value: error. * * If an error occurs during processing, an error message is logged and diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c index 08f274db..ac6df65e 100644 --- a/src/openvpn/misc.c +++ b/src/openvpn/misc.c @@ -129,7 +129,7 @@ auth_user_pass_mgmt(struct user_pass *up, const char *prefix, const unsigned int * Parses an authentication challenge string and returns an auth_challenge_info structure. * The authentication challenge string should follow the dynamic challenge/response protocol. * - * See doc/management-notes.txt for more info on the the dynamic challenge/response protocol + * See doc/management-notes.txt for more info on the dynamic challenge/response protocol * implemented here. * * @param auth_challenge The authentication challenge string to parse. Can't be NULL. diff --git a/src/openvpnserv/interactive.c b/src/openvpnserv/interactive.c index 32c8996c..a6a2c7c6 100644 --- a/src/openvpnserv/interactive.c +++ b/src/openvpnserv/interactive.c @@ -1207,7 +1207,7 @@ CmpWString(LPVOID item, LPVOID str) /** * Set interface specific DNS domain suffix - * @param if_name name of the the interface + * @param if_name name of the interface * @param domain a single domain name * @param lists pointer to the undo lists. If NULL * undo lists are not altered.