Hello Arne,
Am Wed, 25 Mar 2020 12:50:34 +0100
schrieb Arne Schwabe <[email protected]>:
> > 1) Do you run automated tests of the OpenVPN code on any build
> > server?
> >
> > 2) If that is the case, is there any test with a version, where
> > -DVERIFY_ALIGNMENT is enabled?
> >
>
> I never heard of this option and Google does not want to spit
> something out for me for that.
That's a #define in the OpenVPN code, for example in
src/openvpn/buffer.h line 943 ;-)
> Compression adds a one byte header in the packet making it all
> unaligned. The newer lz4 with swap, or v2 compression methods try to
> avoid this misaligned, mainly for speed on platforms where unaligned
> access comes with a penality.
Yes, so I think, that the size of the payload of the sent ICMP-Pings
over the Tunnel changes, if the LZO compression kicks in for this
packet or not.
> I think there might still be unaligned access that are in the code
> but I am not sure how to debug them. Is there an easy way to
> reproduce them? Can a RPI configured to throw those warnings?
Yes, just compile OpenVPN with the additional
CFLAGS="${CFLAGS} -DVERIFY_ALIGNMENT"
Then increase verbositiy of the logs to 14 and grep the log for "ERROR"
Of course you have to enable --comp-lzo
RPI? You mean Raspberry PI?
Maybe on this machine the problem is not a problem. We also use OpenVPN
2.4.7 on a ARMv7, and there is no obvious problem, just on the old
ARMv4.
Finding all problematic places in the code will still be difficult.
--
Servus
Michael
_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
