From patchwork Thu Mar 6 22:15:24 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "d12fk (Code Review)" X-Patchwork-Id: 4168 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:b9c6:b0:60a:d70a:d3c7 with SMTP id gh6csp571277mab; Thu, 6 Mar 2025 14:15:45 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCUXnAmfMvYS01tiNNsMQKXHC+TgJsEhBvKE+Kwvn/fLlOy0Z/RdbsRM7Uqx9wLghQiuj0qkJ7tqmVc=@openvpn.net X-Google-Smtp-Source: AGHT+IHEYGgh2I8o65+CK4vZJY2cHD/DODjUitTob887UDAS4KrykZjTl/zwC6i3a2S3zpWYp+4u X-Received: by 2002:a05:6e02:180d:b0:3d4:3ac3:4ca3 with SMTP id e9e14a558f8ab-3d441963b3cmr16844585ab.12.1741299345672; Thu, 06 Mar 2025 14:15:45 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1741299345; cv=none; d=google.com; s=arc-20240605; b=aqSjHAfkt34WtE05nDm1OgIX4ajb0Fhjy7tYU7dv/yRZbkxv1/yJ6DSFEDAeyqnEUE ExDyfny6uVJt7Sn22wbBEJA3Cg5Pre/3gv60aB+NBcHK3tp/sd3/oiw0SiQZxOLJsbWH JWdpAPIlc8j+cWWnOzsuqFk1+1c5MLqZxpDQhmKjS3ogWeWcw2kL6/JQo5mU19UkYtdS ZDFAZ0bTow95imgdOnvDhcNmc+gffahhDpMH5LySQ08TKHXsZzQ9RXAP7X3kJQqdXDHK hgMR+guLdWnXT0vkhienEREPoOL+9tmT74hQ57gkDzp1Wh2FgwTMwpPZlRxXUSwlUY+Q DqEQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:cc:reply-to:list-subscribe:list-help:list-post :list-archive:list-unsubscribe:list-id:precedence:subject:user-agent :mime-version:message-id:references:auto-submitted:to:date:from :dkim-signature:dkim-signature:dkim-signature; bh=sa8tuC6OGkwYJscds/TLTbpDfcutJeOWbpjv3sPUoYk=; fh=U7wEyxtwz2o5+UdevFSA47vNeG9knhWH0KV//QhD5a0=; b=ZCFXL95SMP/bLgwaMgobJmleZuYJ3DEe85t1Q/CrM9DJ6plMDQxFp5fZ8Sjew/14dH tn/b6OhAaIVJp6aSi5mUaN7zCWSw6X+pf3GQkCnsTETAcTKrWAwa/o8PTqdXYWeZsnVs YR/V7adVDPJOtkhaMCCJTc2X+vjk32ojvXP/zBB1m4NmdyaznmTbJVTH5h9ybSoe1JPD fTxKWirMoxwa04kFV7W7LZ21VhuxANnRMI+WxexfKkXqp8HQ8bzZMTqfAc/il3oqMpVS 2m5rqqQcHQUN7wpKfTnwsGGOtXHtNfKXbK6e7JCt36aAfoTN3t16SnnrQT4r0Px1Hzl/ a5AQ==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=AhBs9alr; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=OB41tw9o; dkim=neutral (body hash did not verify) header.i=@openvpn.net header.s=google header.b=gW5PDlNl; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net; dara=fail header.i=@openvpn.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id e9e14a558f8ab-3d43b4e9350si18512705ab.40.2025.03.06.14.15.45 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 06 Mar 2025 14:15:45 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=AhBs9alr; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=OB41tw9o; dkim=neutral (body hash did not verify) header.i=@openvpn.net header.s=google header.b=gW5PDlNl; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net; dara=fail header.i=@openvpn.net Received: from [127.0.0.1] (helo=sfs-ml-3.v29.lw.sourceforge.com) by sfs-ml-3.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1tqJVF-0001id-Uk; Thu, 06 Mar 2025 22:15:41 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-3.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1tqJVC-0001iR-6U for openvpn-devel@lists.sourceforge.net; Thu, 06 Mar 2025 22:15:37 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Type:Content-Transfer-Encoding:MIME-Version :Message-ID:Reply-To:References:Subject:List-Unsubscribe:List-Id:Cc:To:Date: From:Sender:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help: List-Subscribe:List-Post:List-Owner:List-Archive; bh=s08xc1H1cth1Y2lp1kzQpX2p4s0Janyt2YRHbK0vAcU=; b=AhBs9alrBb1iwzIWNLilcPDzpQ cmW2nxbXqsHSU1WgO1/PNFF3lLhXbT8nDRb2mFYaIexfapgkdAKHfWDZECptWGyegBekbq0303/Px /7/xSyCvw4q0UNEyhLOL88ImM6S/MPuS/8blpJJ2i2xN/9YmQ/FbiDu/qNDfu+hdXe50=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Type:Content-Transfer-Encoding:MIME-Version:Message-ID:Reply-To: References:Subject:List-Unsubscribe:List-Id:Cc:To:Date:From:Sender:Content-ID :Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To: Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help:List-Subscribe:List-Post: List-Owner:List-Archive; bh=s08xc1H1cth1Y2lp1kzQpX2p4s0Janyt2YRHbK0vAcU=; b=O B41tw9oau5yBWqHt/H2R1vF9pIEscpthpRa9q1pUYaXysKN7WpTWcaJkxSupMCq1W2yLoXq6aChAU i+ZDohx03rZLPfmNv3dCJREsBRdRXjhxhohJm+hiuIoALHyRedfM2kqxm0V73rPm5SII5zNEREMSr +fY3S2NtoUsO1Ye4=; Received: from mail-wr1-f41.google.com ([209.85.221.41]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95) id 1tqJVA-00077w-NW for openvpn-devel@lists.sourceforge.net; Thu, 06 Mar 2025 22:15:37 +0000 Received: by mail-wr1-f41.google.com with SMTP id ffacd0b85a97d-39129fc51f8so1078387f8f.0 for ; Thu, 06 Mar 2025 14:15:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=openvpn.net; s=google; t=1741299325; x=1741904125; darn=lists.sourceforge.net; h=user-agent:content-disposition:content-transfer-encoding :mime-version:message-id:reply-to:references:subject :list-unsubscribe:list-id:auto-submitted:cc:to:date:from:from:to:cc :subject:date:message-id:reply-to; bh=s08xc1H1cth1Y2lp1kzQpX2p4s0Janyt2YRHbK0vAcU=; b=gW5PDlNluIjHNlfPqbJym35P+t5mdvd2zdSxeIGOPpPhzfjawaKofDB4Gxy/AgHZrR 1myV3qm7bpAY6drgKPgQ11IJ4FpAOIODjWXUgFKdW4Og0bMmhDc0QX/K1Rt5O84KlfUC 5Cf4xWKQEEZig44cvNvrKoXHDHKLh8z2YcDcQujRUPBthriScTIPAmODUF7mUxOJc0LV H4X+72T3dbYb8fluowk+JWQBxjmD1UEDd6htG70YUYfyiT5b/V/7hoLT0+eqTLPscH7s LjhjFsxtjCdKo6/71jDx5FtZYe9raq2Zs/eOaP+1zlRzTktLe//V4FVPGa1HYfaE/1a3 Lcmg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741299325; x=1741904125; h=user-agent:content-disposition:content-transfer-encoding :mime-version:message-id:reply-to:references:subject :list-unsubscribe:list-id:auto-submitted:cc:to:date:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=s08xc1H1cth1Y2lp1kzQpX2p4s0Janyt2YRHbK0vAcU=; b=X3nAoQngcZV1+YX7nnV9wlP8Ks1KEE2N5K1fmx2Zdeguxlo8MBZdiClDSZ4IzK8Y+/ L7rh7YuYJ/L5i99jezuBUa5BSvpmdLQv8nlbpt5a/eA6ukgFXz0FX+55FHMVea1aQ6UG 2egi1CvrHBxeeQ8n+c7EU6rzbLEF9WVDYxFs1zxG+AfR72nwE/IO2QCofN3hGjbB2OSL v83fVhhepj+1o796r+qCHvQpOI1qbnETqdhphQcvAoe6iV3dkZn/QVdT9ZsagsQsLXnb 5HhpyVFI4dGV2wFoL+bXKpdHjyKOKL0/tHtPold3NyutRXwu1cPQ5GfQ9omszsX3EHJD rx+w== X-Gm-Message-State: AOJu0YyDYOE3VKGC2mNs0pF+GE4vwZ3yuT/kWMzGNpWR3hdNOjxpisX4 6QbkPzcuvzpWSMfmXqRFie/Sfe5nEd5ABu9ZGiHEXpPBo3n9onF9hW66QdgnKoUxT6Q0xJf9UiE n X-Gm-Gg: ASbGncstYB2997z2FdzzlwyZA98/MflEdkSjqXAJaxtisYkgg7unJjtdsWSavAs0W9g RY0JyGuHnflm6lP81Nuxl+FZNi7TpWl1TOXEkLZ4YHauu+W3CDRbRTxpQJDrMViH5Ry4YPKgG5C mApZEUTXjkkEyjQw7LPuORs1ev3JGH/15kDIj4qoTtCKF1JU6reN/f4c9nNE/G2/aX83SDktf4w K/iO1RuIi3rkoTQvBXdk/ATir2qbQMubEsZkfh6g3lI9FtCVBud3JO6C97Ads6wLmE0vMMAN+bQ 5SS4WKwbElb51WZrezJD8lfraC1Jh6MjuvzOXtJbMk5DVFCa5HP71CUvY+Gk1iHGhTRXr51ycNv MNdb3ydw3Uan+uXXudpMaP/Ljw6G8tUMXaSlD X-Received: by 2002:a5d:598b:0:b0:391:1472:bfae with SMTP id ffacd0b85a97d-39132db9a35mr587118f8f.49.1741299324906; Thu, 06 Mar 2025 14:15:24 -0800 (PST) Received: from gerrit.openvpn.in (ec2-18-159-0-78.eu-central-1.compute.amazonaws.com. [18.159.0.78]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3912c0e2b6asm3300859f8f.66.2025.03.06.14.15.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 06 Mar 2025 14:15:24 -0800 (PST) From: "d12fk (Code Review)" X-Google-Original-From: "d12fk (Code Review)" X-Gerrit-PatchSet: 1 Date: Thu, 6 Mar 2025 22:15:24 +0000 To: plaisthos , flichtenheld Auto-Submitted: auto-generated X-Gerrit-MessageType: newchange X-Gerrit-Change-Id: I635c4018fb43b5976a39b6a90cb2e9cb2570cd6a X-Gerrit-Change-Number: 904 X-Gerrit-Project: openvpn X-Gerrit-ChangeURL: X-Gerrit-Commit: 213bbe8a196fae678f095663bd46c00b64c8b3a5 References: Message-ID: MIME-Version: 1.0 User-Agent: Gerrit/3.8.2 X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Attention is currently required from: flichtenheld, plaisthos. Hello plaisthos, flichtenheld, I'd like you to do a code review. Please visit Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [209.85.221.41 listed in sa-trusted.bondedsender.org] 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [209.85.221.41 listed in bl.score.senderscore.com] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.221.41 listed in list.dnswl.org] 0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.221.41 listed in wl.mailspike.net] 0.0 WEIRD_PORT URI: Uses non-standard port number for HTTP 0.0 HTML_MESSAGE BODY: HTML included in message 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.0 T_KAM_HTML_FONT_INVALID Test for Invalidly Named or Formatted Colors in HTML X-Headers-End: 1tqJVA-00077w-NW Subject: [Openvpn-devel] [S] Change in openvpn[master]: dns: clean up --dhcp-options when --dns is active X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: heiko@openvpn.net, arne-openvpn@rfc2549.org, openvpn-devel@lists.sourceforge.net, frank@lichtenheld.com Cc: openvpn-devel Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1825884702420469602?= X-GMAIL-MSGID: =?utf-8?q?1825884702420469602?= X-getmail-filter-classifier: gerrit message type newchange Attention is currently required from: flichtenheld, plaisthos. Hello plaisthos, flichtenheld, I'd like you to do a code review. Please visit http://gerrit.openvpn.net/c/openvpn/+/904?usp=email to review the following change. Change subject: dns: clean up --dhcp-options when --dns is active ...................................................................... dns: clean up --dhcp-options when --dns is active Since --dns setting overrule DNS related --dhcp-options, remove the latter when we got some via --dns. Change-Id: I635c4018fb43b5976a39b6a90cb2e9cb2570cd6a Signed-off-by: Heiko Hund --- M src/openvpn/options.c 1 file changed, 47 insertions(+), 0 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/04/904/1 diff --git a/src/openvpn/options.c b/src/openvpn/options.c index d7f6b16..c42d933 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -4160,6 +4160,53 @@ if (success) { dns_options_postprocess_pull(&o->dns_options); + +#if defined(_WIN32) || defined(TARGET_ANDROID) + /* If there's --dns servers, remove dns related --dhcp-options */ + if (o->dns_options.servers) + { + o->tuntap_options.dns_len = 0; + o->tuntap_options.dns6_len = 0; + o->tuntap_options.domain = NULL; + o->tuntap_options.domain_search_list_len = 0; + } +#else /* if defined(_WIN32) || defined(TARGET_ANDROID) */ + /* Clean up env from overridden DNS config */ + struct gc_arena gc = gc_new(); + struct buffer name = alloc_buf_gc(OPTION_PARM_SIZE, &gc); + struct buffer value = alloc_buf_gc(OPTION_PARM_SIZE, &gc); + + const int fo_count = o->foreign_option_index; + o->foreign_option_index = 0; + + for (int i = 1; i <= fo_count; ++i) + { + buf_clear(&name); + buf_printf(&name, "foreign_option_%d", i); + const char *env_str = env_set_get(es, BSTR(&name)); + const char *item_val = strchr(env_str, '=') + 1; + buf_clear(&value); + buf_printf(&value, "%s", item_val); + + /* Remove foreign option item from env set */ + env_set_del(es, BSTR(&name)); + + item_val = BSTR(&value); + if (strncmp(item_val, "dhcp-option ", 12) != 0 + || (strncmp(item_val + 12, "ADAPTER-DOMAIN-SUFFIX ", 22) != 0 + && strncmp(item_val + 12, "DOMAIN-SEARCH ", 14) != 0 + && strncmp(item_val + 12, "DOMAIN ", 7) != 0 + && strncmp(item_val + 12, "DNS6 ", 5) != 0 + && strncmp(item_val + 12, "DNS ", 4) != 0)) + { + /* Re-set the item with potentially updated name */ + buf_clear(&name); + buf_printf(&name, "foreign_option_%d", ++o->foreign_option_index); + setenv_str(es, BSTR(&name), BSTR(&value)); + } + } + gc_free(&gc); +#endif /* defined(_WIN32) || defined(TARGET_ANDROID) */ } return success; }