From patchwork Wed May 20 10:11:44 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 4960 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:b695:b0:861:c897:cb9d with SMTP id dh21csp740792mab; Wed, 20 May 2026 03:12:36 -0700 (PDT) X-Forwarded-Encrypted: i=2; AFNElJ+TckTCr24XZD0183atWUXQNe32QbLxbMdNDdIkUxmGaz8amcwz2PAJ3ITvNL1YRoWo0QTf9MZMvFI=@openvpn.net X-Received: by 2002:a05:6830:2b25:b0:7d7:f13a:761c with SMTP id 46e09a7af769-7e4fa059df2mr16790437a34.23.1779271955880; Wed, 20 May 2026 03:12:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1779271955; cv=none; d=google.com; s=arc-20240605; b=ipz6hXjH5yFjNxnhOZai6BNwD1RelkCHb6sVXgPo0zAsC5KQ1WDXUTAG2ELTs0RDiN 6ouSBmMrV/qjTGXK8pnGoTQAblTh7nrIfxkvvGRbGFuTKTJMb6wvZ8K7ctaRHAZCm3vY k1Za/N+4ehVuhW1hTxDJaP6zAfutY3cK/9IxjQ+7unu+I/wodMYtFhIl3qSDeQ6Iq8Qk ZUqf9p8X0VnjYOZtC1uSAYk4+vkiQHUhV+HDq8qzOKhF1DY+26/UWPDqdlgMia0hAT/6 zFPwzEWdgCt1wDZfNhUrfh0LpNr1VFk2KRllLZm8d480Z2kIDMuAmY1ucD+SqjrIHAYm FN6g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=bcQ1+iD05937PR7AST9NioJnlkGhHMAH6+ZTWX7oKmw=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=D/kKhawtajoxay/4mdMXBFK4u9lFlLX2IyIQi0EKlHFeYpVxXssuKW7ycO8mszXDfu 2qb4csKHJqwzmrcjqxYkcfWklBqmJaZCW3+Vf/b2Q0c/5tDQ/NMXKICzVDRheI5DCzWW jCvp1yZ/x5mYpgDr7g6rPh5xdWcLpbrob1hB+gmyYH5QE4JVl1FyXuaWqLCEH2/ZTr2w xoeiaaEcSAG7woJWmCShFPp6Z5JNKLnHnFzCgxMYouz3OTENxxbIX1F6Pc/bBo3ynJFe DEeF2KucLJnxBJAh5yi2tZ39fzlWxPkVfNx9t0/8up4bb0A/bhd4sE83CsX5DHIfD9Nc 9Wzw==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=datyohZu; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=nDgVro3w; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=JbmQ2u80; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 46e09a7af769-7e55bbdcc19si12113731a34.88.2026.05.20.03.12.35 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 20 May 2026 03:12:35 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=datyohZu; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=nDgVro3w; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=JbmQ2u80; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=bcQ1+iD05937PR7AST9NioJnlkGhHMAH6+ZTWX7oKmw=; b=datyohZulA0RA2LtvPy0j+bZjS ammxwZpK5RD6kwfHBkZqJEzuOZgUFWQ7DCOeErqZlp5GXkBndM49pl7zrpYvy13hHvbyC9DO+FKLU kdKa1xYKPB1E7n0HtdyEXqZDWQC2vlSkl06yPnurmKFNz/X6/WOFZFj7/rhiwzLX4ZlY=; Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1wPduY-0006gL-37; Wed, 20 May 2026 10:12:22 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1wPduC-0006ev-Ue for openvpn-devel@lists.sourceforge.net; Wed, 20 May 2026 10:12:01 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=JdjH1+cOtW5upDCTo+C83qYiT3kfPQsYywBtkyM0nNU=; b=nDgVro3w22Wz8TF6LGqHx9jxre IUsC6LNqznMrtM369RTGa+FevXZ14sgU7kJ2DkkRKBDXtY/3n0dZpi0CyuZUwbmswfCLAC9hpkVLr jnrAV7aAEQ97Wt49gzRv9kOoHp5Sry/kNWkG9YWj3R09KEJPJLb2gKyU8rerSiR6nuH0=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=JdjH1+cOtW5upDCTo+C83qYiT3kfPQsYywBtkyM0nNU=; b=JbmQ2u80ZSbK60ZLC+it2sniQS 5fmauVEz2iDFqhpyPkZd4jOKpBcW0PgT9nMPKkLyfb94ZQ7/nlfy+WNTuhs1qbyewq9Slgeb438yj /DgMB5YnenPlymTnCQFb/zeEY/BV9m3WxUIUumJRbifQKV6C2m6iiJUVwdSOYNkw6K6k=; Received: from [193.149.48.129] (helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1wPduC-0006kT-19 for openvpn-devel@lists.sourceforge.net; Wed, 20 May 2026 10:12:01 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.18.1/8.18.1) with ESMTP id 64KABrSJ017475 for ; Wed, 20 May 2026 12:11:53 +0200 Received: (from gert@localhost) by blue.greenie.muc.de (8.18.2/8.18.1/Submit) id 64KABrZK017474 for openvpn-devel@lists.sourceforge.net; Wed, 20 May 2026 12:11:53 +0200 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Wed, 20 May 2026 12:11:44 +0200 Message-ID: <20260520101152.17453-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.53.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: 1.3 (+) X-Spam-Report: Spam detection software, running on the system "sfi-spamd-2.hosts.colo.sdot.me", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Gianmarco De Gregori When port-share is used, enforce the presence of a TCP listener by checking the local_list entries insted of rely on the global connection_entry proto field. Content analysis details: (1.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS X-Headers-End: 1wPduC-0006kT-19 Subject: [Openvpn-devel] [PATCH v1] Fix: port-share and multi-socket interaction X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1865701870391740772?= X-GMAIL-MSGID: =?utf-8?q?1865701870391740772?= From: Gianmarco De Gregori When port-share is used, enforce the presence of a TCP listener by checking the local_list entries insted of rely on the global connection_entry proto field. Github: #1027 Change-Id: Id4e21efebbe64b963cf7847ad77bc41339af7a37 Signed-off-by: Gianmarco De Gregori Acked-by: Frank Lichtenheld Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1680 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1680 This mail reflects revision 1 of this Change. Acked-by according to Gerrit (reflected above): Frank Lichtenheld diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 0c2866c..0ecb59c 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -2490,8 +2490,13 @@ msg(M_USAGE, USAGE_VALID_SERVER_PROTOS); } #if PORT_SHARE + bool has_tcp = false; + for (int i = 0; i < ce->local_list->len && !has_tcp; i++) + { + has_tcp = (ce->local_list->array[i]->proto == PROTO_TCP_SERVER); + } if ((options->port_share_host || options->port_share_port) - && (ce->proto != PROTO_TCP_SERVER)) + && !has_tcp) { msg(M_USAGE, "--port-share only works in TCP server mode " "(--proto values of tcp-server, tcp4-server, or tcp6-server)");