From patchwork Fri Dec 13 17:09:31 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "ralf_lici (Code Review)" X-Patchwork-Id: 3998 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:1f13:b0:5e7:b9eb:58e8 with SMTP id hs19csp543446mab; Fri, 13 Dec 2024 09:09:46 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCWvqTZjFyR5lmYDiApTuyu+qeU88IVCZmyhtoYKuqIgu8TBJwWKnd5dW+ruLG7wekyXIiEwPwe1lIo=@openvpn.net X-Google-Smtp-Source: AGHT+IEO2dZKZ8cLi6GHoURtJqMAPTwv4kAnZe2sy6AIDdC9hY/TUs6HRBKfukfgl8lYuusBOW+l X-Received: by 2002:a05:6808:198e:b0:3e0:3ab7:d7ad with SMTP id 5614622812f47-3eba68997c2mr2577493b6e.22.1734109786229; Fri, 13 Dec 2024 09:09:46 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1734109786; cv=none; d=google.com; s=arc-20240605; b=HKClkn47nBhmEJfbSsqfPudkwl/v2cUzYQpSDI+1twDpw9rUYfJWB3VYngrjH0HsPV koG385/OifKZoeWiJdUR3bbBymACXr/pKK0YlqQ/RvLwhiercXnX4JdtH9OERRSOrMKF Eg6MOK7PxbtTSnteI4Y2gWh4P2r5BMj2kg6Ep9SawbEH3h+PXk0GsiZqMgK+Td16lxaK +VOn6i2OKTWqZK0/lv/WZ1kU20MMXPNKMWZeI9z3iBvPAiGhQPf0wGMLhr3D+dDM1ci8 xDOF6KqKSqr2N4PVBW0fs4fQA3cSjvLJ7qhJ+QWlmMCj04MjF6cPZeLp2tvN39ZUmDpT xo3A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:cc:reply-to:list-subscribe:list-help:list-post :list-archive:list-unsubscribe:list-id:precedence:subject:user-agent :mime-version:message-id:references:auto-submitted:to:date:from :dkim-signature:dkim-signature:dkim-signature; bh=QN3dLzWiu1nzep7kgaUUT+8krZShOYETrd2n/rs7h6Q=; fh=U7wEyxtwz2o5+UdevFSA47vNeG9knhWH0KV//QhD5a0=; b=C7SoCXV7K7ATtH28HWpCsuXCxIQae4dUfIJeWy8Cfy5AwJ3SjnvchrbcygLaoNTVIW +N0HYphSs+rL56Mri5tMi47uHpRYQqPoAxLMR3JWgMJO4z6Y4L1+9eFhnwwPEqX/KMjt olE2FFTof0JBRYmi61QuBWC36acWMA0hnwdgV3RCJTNTfcQe24klPo4jdbRV2VQ41FS2 ckVNVPR7cX2mBnr+V5Tbq4vpAIqrBFQj8WqQfbOSgCVA1fNN0xoEeA080uOqVRPOzt8q Wjglb5fEhoyP5a3HfS1TXu020pqgpUPV9ZIA+ln2rRWzoLn3CBFg0VIuE+OhrtvhEsUd Ybpw==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=IUDoCzsK; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=VIwpjPHV; dkim=neutral (body hash did not verify) header.i=@openvpn.net header.s=google header.b=KThdqwem; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net; dara=fail header.i=@openvpn.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 006d021491bc7-5f2e057ec3esi3293930eaf.16.2024.12.13.09.09.46 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 13 Dec 2024 09:09:46 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=IUDoCzsK; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=VIwpjPHV; dkim=neutral (body hash did not verify) header.i=@openvpn.net header.s=google header.b=KThdqwem; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net; dara=fail header.i=@openvpn.net Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1tM9Aa-0002UN-K9; Fri, 13 Dec 2024 17:09:41 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1tM9AZ-0002UE-6Q for openvpn-devel@lists.sourceforge.net; Fri, 13 Dec 2024 17:09:39 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Type:Content-Transfer-Encoding:MIME-Version :Message-ID:Reply-To:References:Subject:List-Unsubscribe:List-Id:Cc:To:Date: From:Sender:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help: List-Subscribe:List-Post:List-Owner:List-Archive; bh=mJJi5jTPFcb3ckzhfh7iA/cVmo8/vy1Jo+gZvEI+oAg=; b=IUDoCzsKgh905lz/ysP1tMIBMN Xv8yI/glf1cemW9u55uNU4LZhdNfKbBN0WRwFkVW5L/rzAVFXi68sTAzh1TYSaWW2kGUkV85/haj6 zSwrtMQoAXmWidxewuM/knVporyojQ0Z3JjuC5YYKFvoyWaSvrzNqVGqoqOtux2Pp+Ao=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Type:Content-Transfer-Encoding:MIME-Version:Message-ID:Reply-To: References:Subject:List-Unsubscribe:List-Id:Cc:To:Date:From:Sender:Content-ID :Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To: Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help:List-Subscribe:List-Post: List-Owner:List-Archive; bh=mJJi5jTPFcb3ckzhfh7iA/cVmo8/vy1Jo+gZvEI+oAg=; b=V IwpjPHVCYCEgzBNshuRauHw0x3qq3V487LiC3yHX1TdoRxx3jJf3+1euUk3L3pSrAXkPhoTH09uYW lPuPCdklvwJbJj08CgL8rf8fsGXHKHCCsbUP7a76iRHhdnTP4DMRLEvbLK2cjB3rcd9y0ThhAF+my s2lqh17k0DFwdW9A=; Received: from mail-wm1-f51.google.com ([209.85.128.51]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95) id 1tM9AZ-0006XG-0O for openvpn-devel@lists.sourceforge.net; Fri, 13 Dec 2024 17:09:39 +0000 Received: by mail-wm1-f51.google.com with SMTP id 5b1f17b1804b1-436249df846so14287235e9.3 for ; Fri, 13 Dec 2024 09:09:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=openvpn.net; s=google; t=1734109772; x=1734714572; darn=lists.sourceforge.net; h=user-agent:content-disposition:content-transfer-encoding :mime-version:message-id:reply-to:references:subject :list-unsubscribe:list-id:auto-submitted:cc:to:date:from:from:to:cc :subject:date:message-id:reply-to; bh=mJJi5jTPFcb3ckzhfh7iA/cVmo8/vy1Jo+gZvEI+oAg=; b=KThdqwem2x3RshcQTM7BIyu+Rgk+Vriz+If9Ygoc6PmTdocbeEh/mXElinpxqTvpY7 CRuzsTasIPhgG/tJFsmOxwvMyKwarP/jfZ61Rp90RA5auU+0ACL7YB6/KDPJZ9mRwpKI r1whdsRX4y5i3Q/dbdmIE7ZzyeDsJghSbCFOYAI1s/A8s7uLgtI9cBtDjGnZEXnLjMwG iQ5DEMZnrDzfFdFpVG9UY+jK9Xib2JBEcs6oAMO92Guyl6bCA+NtX+GPJsNBe9/AJIrJ wotsGWa2EE/QBTV/m3YLkdFI79/lONwc/u/AvR3RESvuOZyJBKpUzj1ACoEE4sLExmD/ 4Y/g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1734109772; x=1734714572; h=user-agent:content-disposition:content-transfer-encoding :mime-version:message-id:reply-to:references:subject :list-unsubscribe:list-id:auto-submitted:cc:to:date:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=mJJi5jTPFcb3ckzhfh7iA/cVmo8/vy1Jo+gZvEI+oAg=; b=lU3N2FGttd4+JC0E3xV18XT31vmXZrOZbD4ShdOVcT6nEceg1mVU0de9oprknXvKto Itj180kjJAn5DhZOXFLcMYnLXsZmkNe/FEPmBD63SG4CJXK7nnX7VEFHNKYfixOjrMBC Y77SR/itkxRXOkyz0w+CJ3iGNbL2z4Ow7aGrDWjTdFGFsyD+vw1CPmIVOTImbo6W9pNM 2J+70XYJhelB7kawysuHtdkzsGlmbwgouJLOBvEb7hNtxA7oT9Rk9YO1hTF4Bf2gGFh7 2+xxmsuPOZEpUYBHUgh99lr+0CdIa1/v4jXcy07kEg51WFH1czEHV1mttrOLhDCZqOMs C9GQ== X-Gm-Message-State: AOJu0Yy+qdcn1SZLN6rO6FlNnLi6NwLV2V1NaFgzoR9ICqy57ZORuoPB vg1kPhWz6DRUkrP7xJqkEpZt8tua9xgEiVwadnQ8o1S6GywXT2dJidtE5xjpZ3Rc1exYoEz7nbq 2 X-Gm-Gg: ASbGncsQgefjYd6Q/hrJk0pAGRzGWoHvRDJlkm4ecQBI1AZNvfwy8kmasB8kbFcX9M/ ov2VNhDp0NTovR9emb5P9AZ8Vqq7jyWlf6B3dfVnHRFfD4OpNRrtNPNTsa5Mn0pcKhQoBEXwUKs y9JU+64/u2u+Pa3GWQ8gFdx0StTeiL0GciSjXK5W+NAlN9T9vSGoad5KlergikfONhju15tZx12 gPbrGxmMnakVXaCAmi5dPZK1xinzJuDaHYQNWR72R0Lm8puKWo88OWwldTAiHtM7bw+qpoIkbdu lB8Licy9w1+oClR1Y6XetzC/dze69gUGJARjUi5ZTqVIyZHk X-Received: by 2002:a05:600c:384c:b0:434:fa24:b84a with SMTP id 5b1f17b1804b1-4362aaa9441mr27163295e9.25.1734109772350; Fri, 13 Dec 2024 09:09:32 -0800 (PST) Received: from gerrit.openvpn.in (ec2-18-159-0-78.eu-central-1.compute.amazonaws.com. [18.159.0.78]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-388c80162a6sm31996f8f.33.2024.12.13.09.09.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 13 Dec 2024 09:09:31 -0800 (PST) From: "ordex (Code Review)" X-Google-Original-From: "ordex (Code Review)" X-Gerrit-PatchSet: 1 Date: Fri, 13 Dec 2024 17:09:31 +0000 To: plaisthos , flichtenheld Auto-Submitted: auto-generated X-Gerrit-MessageType: newchange X-Gerrit-Change-Id: I76e2e616c6ffe436a9627fa71aaace74030b2f4a X-Gerrit-Change-Number: 842 X-Gerrit-Project: openvpn X-Gerrit-ChangeURL: X-Gerrit-Commit: aad8f68c3d31b95265a131ff46c68f92e69f7e13 References: Message-ID: MIME-Version: 1.0 User-Agent: Gerrit/3.8.2 X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Attention is currently required from: flichtenheld, plaisthos. Hello plaisthos, flichtenheld, I'd like you to do a code review. Please visit Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [209.85.128.51 listed in bl.score.senderscore.com] 0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [209.85.128.51 listed in sa-trusted.bondedsender.org] -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.128.51 listed in wl.mailspike.net] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.128.51 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record 0.0 WEIRD_PORT URI: Uses non-standard port number for HTTP 0.0 HTML_MESSAGE BODY: HTML included in message 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.0 T_KAM_HTML_FONT_INVALID Test for Invalidly Named or Formatted Colors in HTML X-Headers-End: 1tM9AZ-0006XG-0O Subject: [Openvpn-devel] [XS] Change in openvpn[master]: dco: pass remoteaddr only for UDP peers X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: a@unstable.cc, arne-openvpn@rfc2549.org, openvpn-devel@lists.sourceforge.net, frank@lichtenheld.com Cc: openvpn-devel Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1818345903393866152?= X-GMAIL-MSGID: =?utf-8?q?1818345903393866152?= X-getmail-filter-classifier: gerrit message type newchange Attention is currently required from: flichtenheld, plaisthos. Hello plaisthos, flichtenheld, I'd like you to do a code review. Please visit http://gerrit.openvpn.net/c/openvpn/+/842?usp=email to review the following change. Change subject: dco: pass remoteaddr only for UDP peers ...................................................................... dco: pass remoteaddr only for UDP peers TCP connected sockets do not need any remote addr because the destination is fixed. For this reason we can avoid sending the remote addr along the peer-new dco call. This change is important on Linux because the new 'ovpn' kernel module is stricter when it comes to accepting netlink messages and will reject calls with TCP sockets if a remote address is specified. Change-Id: I76e2e616c6ffe436a9627fa71aaace74030b2f4a Signed-off-by: Antonio Quartulli --- M src/openvpn/dco.c 1 file changed, 3 insertions(+), 1 deletion(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/42/842/1 diff --git a/src/openvpn/dco.c b/src/openvpn/dco.c index dcc80d3..b1a3715 100644 --- a/src/openvpn/dco.c +++ b/src/openvpn/dco.c @@ -494,7 +494,9 @@ } #endif int ret = dco_new_peer(&c->c1.tuntap->dco, multi->peer_id, - c->c2.link_socket->sd, NULL, remoteaddr, NULL, NULL); + c->c2.link_socket->sd, NULL, + proto_is_dgram(ls->info.proto) ? remoteaddr : NULL, + NULL, NULL); if (ret < 0) { return ret;