Acked-by: Gert Doering <[email protected]>
Most of it is actually straightforward (if no workable key is
found, go to the "print fail" function, find the right key slot
*again*, print "not initialized" or "not authorized" according
to ks->state / ks->authenticated - and if nothing matches, print
the existing "generic out of sync" message.
We still don't know how to trigger this on-demand, but even so it
won't do harm, and cleans up handle_data_channel_packet() a bit.
What I do not like so much is the extra gc + 3 gc_free() calls
(while the caller has its own gc + gc_free() right after calling
print_key_id_not_found_reason()...) - but then, gc is "something
local", so be it... and for some reason the existing gc_free()
gets moved around - that looks a bit spurious (but harmless).
I fed this to the client/server test bed, to see if I could
trigger something (or it would *break* something) - didn't break
anything, but didn't trigger key messages either...
Your patch has been applied to the master branch.
commit 616a143552143a8c0a3b727362cc3931541ca785
Author: Arne Schwabe
Date: Wed Sep 14 19:25:27 2022 +0200
Improve data key id not found error message
Signed-off-by: Arne Schwabe <[email protected]>
Acked-by: Gert Doering <[email protected]>
Message-Id: <[email protected]>
URL:
https://www.mail-archive.com/[email protected]/msg25212.html
Signed-off-by: Gert Doering <[email protected]>
--
kind regards,
Gert Doering
_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
