Re: [Openvpn-devel] [PATCH] Add option to disable priority tagged packets (VID=0)

[Fabian Knittel]

Hi Alon,

Am 08.12.2011 21:17, schrieb Alon Bar-Lev:
> I fail to understand why this is relevant as far as usage (openvpn --help) and
> manual (man openvpn) to document this.

Ah.  Sorry for the misunderstanding.

Are you referring to the specific patch by Michael?  I agree that it
would have needed more documentation before being acceptable for inclusion.
Or are you referring to the VLAN patch-set in general?  (BTW, the latest
version adds a few additional clarifications to the openvpn man page [0].)

Cheers
Fabian

0:
http://opensource.fsmi.uni-karlsruhe.de/gitweb/?p=openvpn.git;a=commit;h=5c5cce29f2230a8fdaf7b135d2e3255f54af1395



signature.asc
Description: OpenPGP digital signature

[Openvpn-devel] [PATCH v2] Move away from openvpn_basename() over to platform provided basename()

[David Sommerseth]

This kicks out the openvpn_basename() function from misc.[ch] andputs
it into compat.[ch].  This is to provide the same functionality on
platforms not having a native basename() function available.

In addition this patch adds dirname() which commit 0f2bc0dd92f43c91e
depends.  Without dirname(), openvpn won't build in Visual Studio.

v2: Move all functions from compat.h to compat.c

Signed-off-by: David Sommerseth 
---
 Makefile.am  |1 +
 compat.c |   82 ++
 compat.h |   42 +
 configure.ac |2 +-
 init.c   |6 +++-
 misc.c   |   23 ++--
 misc.h   |3 --
 options.c|1 -
 syshead.h|2 +
 9 files changed, 135 insertions(+), 27 deletions(-)
 create mode 100644 compat.c
 create mode 100644 compat.h

diff --git a/Makefile.am b/Makefile.am
index 075270f..437f939 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -84,6 +84,7 @@ openvpn_SOURCES = \
circ_list.h \
clinat.c clinat.h \
common.h \
+   compat.h compat.c \
config-win32.h \
crypto.c crypto.h crypto_backend.h \
crypto_openssl.c crypto_openssl.h \
diff --git a/compat.c b/compat.c
new file mode 100644
index 000..bade0a1
--- /dev/null
+++ b/compat.c
@@ -0,0 +1,82 @@
+/*
+ *  OpenVPN -- An application to securely tunnel IP networks
+ * over a single UDP port, with support for SSL/TLS-based
+ * session authentication and key exchange,
+ * packet encryption, packet authentication, and
+ * packet compression.
+ *
+ *  Copyright (C) 2011 - David Sommerseth 
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2
+ *  as published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program (see the file COPYING included with this
+ *  distribution); if not, write to the Free Software Foundation, Inc.,
+ *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+#include "syshead.h"
+#include "compat.h"
+#include 
+
+#if !defined(HAVE_BASENAME) || !defined(HAVE_DIRNAME)
+enum ovpn_dirbasename_e { DIRNAME, BASENAME };
+
+char *
+openvpn_dirbasename(char *path, enum ovpn_dirbasename_e mode)
+ {
+   char *ret;
+   const int dirsep = OS_SPECIFIC_DIRSEP;
+
+   if (path) {
+ ret = strrchr (path, dirsep);
+ if (ret && *ret)
+   ++ret;
+ else
+   ret = path;
+
+ if (*ret)
+   switch( mode ) {
+   case BASENAME:
+ return ret;
+
+   case DIRNAME:
+ /* This implements the POSIX variant of dirname(),
+  * which do modify the input
+  */
+ *(ret-1) = 0;
+ return path;
+   }
+   }
+   return NULL;
+ }
+#endif /* !defined(HAVE_BASENAME) || !defined(HAVE_DIRNAME) */
+
+
+#ifndef HAVE_DIRNAME
+char *
+dirname(char *str)
+{
+  return openvpn_dirbasename(str, DIRNAME);
+}
+#endif /* HAVE_DIRNAME */
+
+
+#ifndef HAVE_BASENAME
+char *
+basename(char *str)
+{
+  /* the path is recasted as non-const, as we are sure it will not be modified
+   * in the basename type
+   */
+  return openvpn_dirbasename(str, BASENAME);
+
+}
+#endif /* HAVE_BASENAME */
diff --git a/compat.h b/compat.h
new file mode 100644
index 000..b380f0b
--- /dev/null
+++ b/compat.h
@@ -0,0 +1,42 @@
+/*
+ *  OpenVPN -- An application to securely tunnel IP networks
+ * over a single UDP port, with support for SSL/TLS-based
+ * session authentication and key exchange,
+ * packet encryption, packet authentication, and
+ * packet compression.
+ *
+ *  Copyright (C) 2011 - David Sommerseth 
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2
+ *  as published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program (see the file COPYING included with this
+ *  distribution); if not, write to the Free Software Foundation, Inc.,
+ *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+#ifndef COMPAT_H
+#define COMPAT_H
+
+#include "config.h"
+
+#if defined(HAVE_BASENAME) || defined(HAVE_DIRNAME)
+#include 
+#endif
+
+#ifndef HAVE_DIRNAME
+char * dirname(char *str);
+#endif /* HAVE_DIRNAME */
+
+

[Openvpn-devel] [PATCH] Enable access() when building in Visual Studio

[David Sommerseth]

Visual Studio does not enable certiain standard Unix functions,
such as access().  By defining _CRT_NONSTDC_NO_WARNINGS and
_CRT_SECURE_NO_WARNINGS, these functions are enabled.

This patch also adds a ./configure check for access() as well,
in case this needs to be implemented on other platforms lacking
this feature.  Which is why HAVE_ACCESS is defined in win/config.h.in

Thanks to Alon Bar-Lev for helping solving this.

Signed-off-by: David Sommerseth 
---
 configure.ac|2 +-
 options.c   |1 -
 win/config.h.in |   28 
 win/msvc.mak.in |2 +-
 4 files changed, 30 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 173d6e2..f8b3dd6 100644
--- a/configure.ac
+++ b/configure.ac
@@ -515,7 +515,7 @@ AC_CHECK_FUNCS(daemon chroot getpwnam setuid nice system 
getpid dup dup2 dnl
   getpass strerror syslog openlog mlockall getgrnam setgid dnl
   setgroups stat flock readv writev time dnl
   setsid chdir putenv getpeername unlink dnl
-  chsize ftruncate execve getpeereid umask basename dirname)
+  chsize ftruncate execve getpeereid umask basename dirname access)

 # Windows use stdcall for winsock so we cannot auto detect these
 m4_define([SOCKET_FUNCS], [socket recv recvfrom send sendto listen dnl
diff --git a/options.c b/options.c
index 2280e9b..508fc82 100644
--- a/options.c
+++ b/options.c
@@ -52,7 +52,6 @@
 #include "configure.h"
 #include "forward.h"
 #include 
-#include 

 #include "memdbg.h"

diff --git a/win/config.h.in b/win/config.h.in
index e9df379..b5c31b8 100644
--- a/win/config.h.in
+++ b/win/config.h.in
@@ -223,6 +223,34 @@ typedef unsigned long in_addr_t;
 /* Special Windows version of getpass() defined in io.c */
 #define HAVE_GETPASS 1

+
+/* The POSIX access() function is available, but requires
+ * _CRT_NONSTDC_NO_WARNINGS and _CRT_SECURE_NO_WARNINGS
+ * to be defined
+ */
+#define HAVE_ACCESS 1
+
+/* Macros used by the POSIX access() function might not be available on 
Windows.
+ * Based on information found here:
+ * http://msdn.microsoft.com/en-us/library/1w06ktdy%28v=vs.80%29.aspx
+ */
+#ifndef R_OK
+#define R_OK 4
+#endif
+
+#ifndef W_OK
+#define W_OK 2
+#endif
+
+#ifndef X_OK
+#define X_OK 1
+#endif
+
+#ifndef F_OK
+#define F_OK 0
+#endif
+
+
 /* Define to the full name and version of this package. */
 #ifdef DEBUG_LABEL
 #define PACKAGE_STRING PACKAGE_NAME " " PACKAGE_VERSION " " DEBUG_LABEL
diff --git a/win/msvc.mak.in b/win/msvc.mak.in
index 26d7a33..115e395 100644
--- a/win/msvc.mak.in
+++ b/win/msvc.mak.in
@@ -38,7 +38,7 @@ LIB_DIRS = -LIBPATH:$(OPENSSL)\lib 
-LIBPATH:$(POLARSSL)\build\library -LIBPATH:$
 EXE = openvpn.exe

 CPP=cl.exe
-CPP_ARG_COMMON=/nologo /W3 -DWIN32 -DWIN32_LEAN_AND_MEAN -D_CONSOLE -D_MBCS 
-D_CRT_SECURE_NO_DEPRECATE $(INCLUDE_DIRS) /FD /c
+CPP_ARG_COMMON=/nologo /W3 -DWIN32 -DWIN32_LEAN_AND_MEAN -D_CONSOLE -D_MBCS 
-D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_WARNINGS -D_CRT_SECURE_NO_WARNINGS 
$(INCLUDE_DIRS) /FD /c

 LINK32=link.exe

-- 
1.7.4.4

Re: [Openvpn-devel] [PATCH v3] Move away from openvpn_basename() over to platform provided basename()

[Alon Bar-Lev]

On Thu, Dec 8, 2011 at 5:24 PM, David Sommerseth  wrote:
> This kicks out the openvpn_basename() function from misc.[ch] and puts
> glibc equivalents into compat.[ch].  This is to provide the same
> functionality on platforms not having a native basename() function
> available.
>
> In addition this patch adds dirname() which commit 0f2bc0dd92f43c91e
> depends.  Without dirname(), openvpn won't build in Visual Studio.
>
> v2: Move all functions from compat.h to compat.c
> v3: Use glibc versions of basename() and dirname() instead
>
> Signed-off-by: David Sommerseth 
> ---

Yes, this is valid compat now :)

Alon.

Re: [Openvpn-devel] [PATCH] Add option to disable priority tagged packets (VID=0)

[Alon Bar-Lev]

On Thu, Dec 8, 2011 at 7:02 PM, Fabian Knittel  wrote:
> Am 08.12.2011 11:27, schrieb Alon Bar-Lev:
>> Missing usage, man.
>
> There are probably not *that* many users, agreed.  It's probably more of
> a "large enterprise" feature, as only people with VLAN tagged networks
> would be interested.  For example, our university is very fond of layer
> 2 networking and therefore uses VLAN tagging extensively.  OpenVPN with
> VLAN tagging provides a perfect match, allowing a single VPN entry point
> for access to all the different layer2 networks.  I imagine that other
> large organisations could make use of this feature too.
>
> So the number of deployments using the feature will probably never be
> high.  But the number of users depending on it, might not be as
> insignificant.  The two main deployments at our Uni (currently both in
> public beta) currently have about 100 unique users with several thousand
> potential users.

I fail to understand why this is relevant as far as usage (openvpn --help) and
manual (man openvpn) to document this.

Alon.

Re: [Openvpn-devel] [PATCH] Add option to disable priority tagged packets (VID=0)

[Fabian Knittel]

Hi Michael, Hi David, Hi Alon,

On 08/12/11 09:33, michael-dev wrote:
> This patch adds an option to disable the creation of tagged priority
> packets with VID=0. This is for the feature_vlan_tagging
> openvpn-testing head.

Great to know that other people are using the patch-set too.  Your patch
is quite similar to a patch [0] we've been using for a year, but which
never got pushed into the upstream branch because it was missing
documentation.  So I fully agree that it's necessary and I'm very sorry
that you had to duplicate the work just because I got massively
side-tracked.

> I tested the vlan feature and it works fine for me (no dhcp tested).
> Therefore I bridged my eth0 (LAN) and tap0 (OpenVPN) but as my switch
> flags arp replys with priority, the client ended up with 802.1q
> tagged (VID=0) priority packets. These were not expected on the client
> (Ubuntu 10.04 lts) and I found a linux kernel discussion from summer
> 2010 about supporting VID=0 priority packets, so I expect more linux
> clients (windows untested) to not support this kind of packets. This
> option prevents the creating of these packets by ignoring the
> priority information.

We're currently using the VLAN patches at three locations at our
University and all of them have the strip-priority option activated, so
I'd say that it should be the default mode.

I'd even go so far as to say that this doesn't even need to be
configurable. Vlan-tagged packets should never remain tagged (neither
vlan nor priority tagged) when forwarded to an untagged network.  Only
when the packet is priority-tagged without vlan-tagging can we assume
that the sender knew full well that some clients might not know what to
do with them.  The reworked patch [1] does precisely that, but it's
currently only compile tested, because I ran out of time again.  (The
reworked patch is part of the VLAN patch-set [2] that was rebased to
master.)

To fully test the rebased patch-set in our setups I will also need to
port another patch-set (regarding deferred client-connect scripts) ...
which is part of the reason why I ran out of time again.

As I've been getting some friendly pressure from the people using the
VLAN patch-set (and the other patch-set) at our Uni, this hopefully
provides enough motivation to get me working on this stuff again... :)

On Thu, Dec 8, 2011 at 12:15 PM, David Sommerseth wrote:
> Adding Fabian to Cc, he knows more about the VLAN code.

Thanks for the nudge.

> With this feedback, I'm willing merge in the feat_vlan_tagging branch
> into master.  I'm not sure if this should happen now in the v2.3 time
> frame (which is getting more and more ready for alpha/beta releases), or
> if we will take it in the next round with v2.4.  But I will bring that up
> for discussion soonish.

What I was meaning to ask: Did you guys come up with some kind of test
framework in the last year?  I was looking at creating something like
that for the VLAN patchset, but it was far too time intensive for my
extremely limited OpenVPN time budget ...

So would manual testing reports suffice?  And Michael, would you be
willing to review and test the full, rebased patch-set (as soon as I'm
confident again that it actually works)?

Am 08.12.2011 11:27, schrieb Alon Bar-Lev:
> Missing usage, man.

There are probably not *that* many users, agreed.  It's probably more of
a "large enterprise" feature, as only people with VLAN tagged networks
would be interested.  For example, our university is very fond of layer
2 networking and therefore uses VLAN tagging extensively.  OpenVPN with
VLAN tagging provides a perfect match, allowing a single VPN entry point
for access to all the different layer2 networks.  I imagine that other
large organisations could make use of this feature too.

So the number of deployments using the feature will probably never be
high.  But the number of users depending on it, might not be as
insignificant.  The two main deployments at our Uni (currently both in
public beta) currently have about 100 unique users with several thousand
potential users.

Cheers
Fabian

0:
http://opensource.fsmi.uni-karlsruhe.de/gitweb/?p=openvpn.git;a=commit;h=a642faabff003e8f199341b8af407e91c66e568e
1:
http://opensource.fsmi.uni-karlsruhe.de/gitweb/?p=openvpn.git;a=commit;h=f420df8521b5821fd7ddbbd742b515ecdac9c6c1
2:
http://opensource.fsmi.uni-karlsruhe.de/gitweb/?p=openvpn.git;a=shortlog;h=refs/heads/feat_vlan



signature.asc
Description: OpenPGP digital signature

[Openvpn-devel] Topics for today's meeting

[Samuli Seppänen]

Hi,

We're having an IRC meeting today, starting at 18:00 UTC on
#openvpn-de...@irc.freenode.net. Current topic list is here:



If you have any other things you'd like to bring up, respond to this
mail, send me mail privately or add them to the list yourself.

In case you can't attend the meeting, please feel free to make comments
on the topics by responding to this email or to the summary email sent
after the meeting.

NOTE: It's required to use a registered Freenode IRC nickname to join
#openvpn-devel - look here for details:



-- 
Samuli Seppänen
Community Manager
OpenVPN Technologies, Inc

irc freenode net: mattock

[Openvpn-devel] [PATCH v3] Move away from openvpn_basename() over to platform provided basename()

[David Sommerseth]

This kicks out the openvpn_basename() function from misc.[ch] and puts
glibc equivalents into compat.[ch].  This is to provide the same
functionality on platforms not having a native basename() function
available.

In addition this patch adds dirname() which commit 0f2bc0dd92f43c91e
depends.  Without dirname(), openvpn won't build in Visual Studio.

v2: Move all functions from compat.h to compat.c
v3: Use glibc versions of basename() and dirname() instead

Signed-off-by: David Sommerseth 
---
 Makefile.am  |1 +
 compat.c |  129 ++
 compat.h |   42 +++
 configure.ac |2 +-
 init.c   |6 ++-
 misc.c   |   23 +-
 misc.h   |3 -
 options.c|1 -
 syshead.h|2 +
 9 files changed, 182 insertions(+), 27 deletions(-)
 create mode 100644 compat.c
 create mode 100644 compat.h

diff --git a/Makefile.am b/Makefile.am
index 075270f..437f939 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -84,6 +84,7 @@ openvpn_SOURCES = \
circ_list.h \
clinat.c clinat.h \
common.h \
+   compat.h compat.c \
config-win32.h \
crypto.c crypto.h crypto_backend.h \
crypto_openssl.c crypto_openssl.h \
diff --git a/compat.c b/compat.c
new file mode 100644
index 000..cb599b0
--- /dev/null
+++ b/compat.c
@@ -0,0 +1,129 @@
+/*
+ *  OpenVPN -- An application to securely tunnel IP networks
+ * over a single UDP port, with support for SSL/TLS-based
+ * session authentication and key exchange,
+ * packet encryption, packet authentication, and
+ * packet compression.
+ *
+ *  Copyright (C) 2011 - David Sommerseth 
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2
+ *  as published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program (see the file COPYING included with this
+ *  distribution); if not, write to the Free Software Foundation, Inc.,
+ *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+#include "syshead.h"
+#include "compat.h"
+#include 
+
+
+#ifndef HAVE_DIRNAME
+/* Unoptimised version of glibc memrchr().
+ * This is considered fast enough, as only this compat
+ * version of dirname() depends on it.
+ */
+static const char *
+__memrchr(const char *str, int c, size_t n)
+{
+  const char *end = str;
+
+  end += n - 1; /* Go to the end of the string */
+  while (end >= str) {
+if(c == *end)
+  return end;
+else
+  end--;
+  }
+  return NULL;
+}
+
+/* Modified version based on glibc-2.14.1 by Ulrich Drepper 

+ * This version is extended to handle both / and \ in path names.
+ */
+char *
+dirname (char *path)
+{
+  static const char dot[] = ".";
+  char *last_slash;
+  char separator = '/';
+
+  /* Find last '/'.  */
+  last_slash = path != NULL ? strrchr (path, '/') : NULL;
+  /* If NULL, check for \ instead ... might be Windows a path */
+  if (!last_slash) {
+last_slash = path != NULL ? strrchr (path, '\\') : NULL;
+separator = last_slash ? '\\' : '/';  /* Change the separator if \ was 
found */
+  }
+
+  if (last_slash != NULL && last_slash != path && last_slash[1] == '\0') {
+  /* Determine whether all remaining characters are slashes.  */
+  char *runp;
+
+  for (runp = last_slash; runp != path; --runp)
+   if (runp[-1] != separator)
+ break;
+
+  /* The '/' is the last character, we have to look further.  */
+  if (runp != path)
+   last_slash = (char *) __memrchr (path, separator, runp - path);
+}
+
+  if (last_slash != NULL) {
+  /* Determine whether all remaining characters are slashes.  */
+  char *runp;
+
+  for (runp = last_slash; runp != path; --runp)
+   if (runp[-1] != separator)
+ break;
+
+  /* Terminate the path.  */
+  if (runp == path) {
+ /* The last slash is the first character in the string.  We have to
+return "/".  As a special case we have to return "//" if there
+are exactly two slashes at the beginning of the string.  See
+XBD 4.10 Path Name Resolution for more information.  */
+ if (last_slash == path + 1)
+   ++last_slash;
+ else
+   last_slash = path + 1;
+   }
+  else
+   last_slash = runp;
+
+  last_slash[0] = '\0';
+  } else
+/* This assignment is ill-designed but the XPG specs require to
+   return a string containing "." in any case no directory part is
+   found and so a static and constant string is required.  */
+path = (char *) dot;
+

Re: [Openvpn-devel] [PATCH v2] Move away from openvpn_basename() over to platform provided basename()

[David Sommerseth]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 08/12/11 14:01, David Sommerseth wrote:
> This kicks out the openvpn_basename() function from misc.[ch] andputs 
> it into compat.[ch].  This is to provide the same functionality on 
> platforms not having a native basename() function available.
> 
> In addition this patch adds dirname() which commit 0f2bc0dd92f43c91e 
> depends.  Without dirname(), openvpn won't build in Visual Studio.
> 
> v2: Move all functions from compat.h to compat.c
> 
> Signed-off-by: David Sommerseth  --- Makefile.am
> | 1 + compat.c |   82 
> ++ compat.h |
> 42 + configure.ac |2 +- init.c |6
> +++- misc.c   |   23 ++-- misc.h   |3 --
> options.c|1 - syshead.h|2 + 9 files changed, 135 
> insertions(+), 27 deletions(-) create mode 100644 compat.c create
> mode 100644 compat.h

On second thought, after having discussed things with Gert on IRC, I'm
withdrawing this version.  I'll make use of the glibc variants Alon
pointed me at as well.


kind regards,

David Sommerseth

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk7g1kIACgkQDC186MBRfrqD1QCeLiJP7Vbsf9Gy1YZqF1OU1A7i
xAMAoKk8nDWe1+yuPa+Gj1VGbJuU/s6y
=tCIC
-END PGP SIGNATURE-

Re: [Openvpn-devel] [PATCH] Enable access() when building in Visual Studio

[Gert Doering]

Hi,

On Thu, Dec 08, 2011 at 02:03:27PM +0100, David Sommerseth wrote:
> Visual Studio does not enable certiain standard Unix functions,
> such as access().  By defining _CRT_NONSTDC_NO_WARNINGS and
> _CRT_SECURE_NO_WARNINGS, these functions are enabled.
> 
> This patch also adds a ./configure check for access() as well,
> in case this needs to be implemented on other platforms lacking
> this feature.  Which is why HAVE_ACCESS is defined in win/config.h.in
> 
> Thanks to Alon Bar-Lev for helping solving this.

ACK!

And thanks to Alon.

gert
-- 
USENET is *not* the non-clickable part of WWW!
   //www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025g...@net.informatik.tu-muenchen.de


pgpS3yIt7z9Lf.pgp
Description: PGP signature

Re: [Openvpn-devel] [PATCH] Move away from openvpn_basename() over to platform provided basename()

[David Sommerseth]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Please ignore!  Troubles with SMTP relay, and I managed to resend the
wrong patch to the wrong thread.  Sorry!

David S.


On 08/12/11 14:01, David Sommerseth wrote:
> This kicks out the openvpn_basename() function from misc.[ch] andputs 
> it into compat.[ch].  This is to provide the same functionality on 
> platforms not having a native basename() function available.
> 
> In addition this patch adds dirname() which commit 0f2bc0dd92f43c91e 
> depends.  Without dirname(), openvpn won't build in Visual Studio.
> 
> v2: Move all functions from compat.h to compat.c
> 
> Signed-off-by: David Sommerseth  --- Makefile.am  |
> 1 + compat.c |   82
> ++ compat.h
> |   42 + configure.ac |2 +- init.c
> |6 +++- misc.c   |   23 ++-- misc.h   |3
> -- options.c|1 - syshead.h|2 + 9 files changed, 135
> insertions(+), 27 deletions(-) create mode 100644 compat.c create mode
> 100644 compat.h


-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk7gteoACgkQDC186MBRfroregCfdHxwZmFUlx3ptHoYTJXhWMiM
pfkAn15AHPu+hkVg3H4j78wIEbLWrGIO
=X+IE
-END PGP SIGNATURE-

[Openvpn-devel] [PATCH] Enable access() when building in Visual Studio

[David Sommerseth]

Visual Studio does not enable certiain standard Unix functions,
such as access().  By defining _CRT_NONSTDC_NO_WARNINGS and
_CRT_SECURE_NO_WARNINGS, these functions are enabled.

This patch also adds a ./configure check for access() as well,
in case this needs to be implemented on other platforms lacking
this feature.  Which is why HAVE_ACCESS is defined in win/config.h.in

Thanks to Alon Bar-Lev for helping solving this.

Signed-off-by: David Sommerseth 
---
 configure.ac|2 +-
 options.c   |1 -
 win/config.h.in |   28 
 win/msvc.mak.in |2 +-
 4 files changed, 30 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 173d6e2..f8b3dd6 100644
--- a/configure.ac
+++ b/configure.ac
@@ -515,7 +515,7 @@ AC_CHECK_FUNCS(daemon chroot getpwnam setuid nice system 
getpid dup dup2 dnl
   getpass strerror syslog openlog mlockall getgrnam setgid dnl
   setgroups stat flock readv writev time dnl
   setsid chdir putenv getpeername unlink dnl
-  chsize ftruncate execve getpeereid umask basename dirname)
+  chsize ftruncate execve getpeereid umask basename dirname access)

 # Windows use stdcall for winsock so we cannot auto detect these
 m4_define([SOCKET_FUNCS], [socket recv recvfrom send sendto listen dnl
diff --git a/options.c b/options.c
index 2280e9b..508fc82 100644
--- a/options.c
+++ b/options.c
@@ -52,7 +52,6 @@
 #include "configure.h"
 #include "forward.h"
 #include 
-#include 

 #include "memdbg.h"

diff --git a/win/config.h.in b/win/config.h.in
index e9df379..b5c31b8 100644
--- a/win/config.h.in
+++ b/win/config.h.in
@@ -223,6 +223,34 @@ typedef unsigned long in_addr_t;
 /* Special Windows version of getpass() defined in io.c */
 #define HAVE_GETPASS 1

+
+/* The POSIX access() function is available, but requires
+ * _CRT_NONSTDC_NO_WARNINGS and _CRT_SECURE_NO_WARNINGS
+ * to be defined
+ */
+#define HAVE_ACCESS 1
+
+/* Macros used by the POSIX access() function might not be available on 
Windows.
+ * Based on information found here:
+ * http://msdn.microsoft.com/en-us/library/1w06ktdy%28v=vs.80%29.aspx
+ */
+#ifndef R_OK
+#define R_OK 4
+#endif
+
+#ifndef W_OK
+#define W_OK 2
+#endif
+
+#ifndef X_OK
+#define X_OK 1
+#endif
+
+#ifndef F_OK
+#define F_OK 0
+#endif
+
+
 /* Define to the full name and version of this package. */
 #ifdef DEBUG_LABEL
 #define PACKAGE_STRING PACKAGE_NAME " " PACKAGE_VERSION " " DEBUG_LABEL
diff --git a/win/msvc.mak.in b/win/msvc.mak.in
index 26d7a33..115e395 100644
--- a/win/msvc.mak.in
+++ b/win/msvc.mak.in
@@ -38,7 +38,7 @@ LIB_DIRS = -LIBPATH:$(OPENSSL)\lib 
-LIBPATH:$(POLARSSL)\build\library -LIBPATH:$
 EXE = openvpn.exe

 CPP=cl.exe
-CPP_ARG_COMMON=/nologo /W3 -DWIN32 -DWIN32_LEAN_AND_MEAN -D_CONSOLE -D_MBCS 
-D_CRT_SECURE_NO_DEPRECATE $(INCLUDE_DIRS) /FD /c
+CPP_ARG_COMMON=/nologo /W3 -DWIN32 -DWIN32_LEAN_AND_MEAN -D_CONSOLE -D_MBCS 
-D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_WARNINGS -D_CRT_SECURE_NO_WARNINGS 
$(INCLUDE_DIRS) /FD /c

 LINK32=link.exe

-- 
1.7.4.4

[Openvpn-devel] [PATCH] Move away from openvpn_basename() over to platform provided basename()

[David Sommerseth]

This kicks out the openvpn_basename() function from misc.[ch] andputs
it into compat.[ch].  This is to provide the same functionality on
platforms not having a native basename() function available.

In addition this patch adds dirname() which commit 0f2bc0dd92f43c91e
depends.  Without dirname(), openvpn won't build in Visual Studio.

v2: Move all functions from compat.h to compat.c

Signed-off-by: David Sommerseth 
---
 Makefile.am  |1 +
 compat.c |   82 ++
 compat.h |   42 +
 configure.ac |2 +-
 init.c   |6 +++-
 misc.c   |   23 ++--
 misc.h   |3 --
 options.c|1 -
 syshead.h|2 +
 9 files changed, 135 insertions(+), 27 deletions(-)
 create mode 100644 compat.c
 create mode 100644 compat.h

diff --git a/Makefile.am b/Makefile.am
index 075270f..437f939 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -84,6 +84,7 @@ openvpn_SOURCES = \
circ_list.h \
clinat.c clinat.h \
common.h \
+   compat.h compat.c \
config-win32.h \
crypto.c crypto.h crypto_backend.h \
crypto_openssl.c crypto_openssl.h \
diff --git a/compat.c b/compat.c
new file mode 100644
index 000..bade0a1
--- /dev/null
+++ b/compat.c
@@ -0,0 +1,82 @@
+/*
+ *  OpenVPN -- An application to securely tunnel IP networks
+ * over a single UDP port, with support for SSL/TLS-based
+ * session authentication and key exchange,
+ * packet encryption, packet authentication, and
+ * packet compression.
+ *
+ *  Copyright (C) 2011 - David Sommerseth 
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2
+ *  as published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program (see the file COPYING included with this
+ *  distribution); if not, write to the Free Software Foundation, Inc.,
+ *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+#include "syshead.h"
+#include "compat.h"
+#include 
+
+#if !defined(HAVE_BASENAME) || !defined(HAVE_DIRNAME)
+enum ovpn_dirbasename_e { DIRNAME, BASENAME };
+
+char *
+openvpn_dirbasename(char *path, enum ovpn_dirbasename_e mode)
+ {
+   char *ret;
+   const int dirsep = OS_SPECIFIC_DIRSEP;
+
+   if (path) {
+ ret = strrchr (path, dirsep);
+ if (ret && *ret)
+   ++ret;
+ else
+   ret = path;
+
+ if (*ret)
+   switch( mode ) {
+   case BASENAME:
+ return ret;
+
+   case DIRNAME:
+ /* This implements the POSIX variant of dirname(),
+  * which do modify the input
+  */
+ *(ret-1) = 0;
+ return path;
+   }
+   }
+   return NULL;
+ }
+#endif /* !defined(HAVE_BASENAME) || !defined(HAVE_DIRNAME) */
+
+
+#ifndef HAVE_DIRNAME
+char *
+dirname(char *str)
+{
+  return openvpn_dirbasename(str, DIRNAME);
+}
+#endif /* HAVE_DIRNAME */
+
+
+#ifndef HAVE_BASENAME
+char *
+basename(char *str)
+{
+  /* the path is recasted as non-const, as we are sure it will not be modified
+   * in the basename type
+   */
+  return openvpn_dirbasename(str, BASENAME);
+
+}
+#endif /* HAVE_BASENAME */
diff --git a/compat.h b/compat.h
new file mode 100644
index 000..b380f0b
--- /dev/null
+++ b/compat.h
@@ -0,0 +1,42 @@
+/*
+ *  OpenVPN -- An application to securely tunnel IP networks
+ * over a single UDP port, with support for SSL/TLS-based
+ * session authentication and key exchange,
+ * packet encryption, packet authentication, and
+ * packet compression.
+ *
+ *  Copyright (C) 2011 - David Sommerseth 
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2
+ *  as published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program (see the file COPYING included with this
+ *  distribution); if not, write to the Free Software Foundation, Inc.,
+ *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+#ifndef COMPAT_H
+#define COMPAT_H
+
+#include "config.h"
+
+#if defined(HAVE_BASENAME) || defined(HAVE_DIRNAME)
+#include 
+#endif
+
+#ifndef HAVE_DIRNAME
+char * dirname(char *str);
+#endif /* HAVE_DIRNAME */
+
+

[Openvpn-devel] [PATCH v2] Move away from openvpn_basename() over to platform provided basename()

[David Sommerseth]

This kicks out the openvpn_basename() function from misc.[ch] andputs
it into compat.[ch].  This is to provide the same functionality on
platforms not having a native basename() function available.

In addition this patch adds dirname() which commit 0f2bc0dd92f43c91e
depends.  Without dirname(), openvpn won't build in Visual Studio.

v2: Move all functions from compat.h to compat.c

Signed-off-by: David Sommerseth 
---
 Makefile.am  |1 +
 compat.c |   82 ++
 compat.h |   42 +
 configure.ac |2 +-
 init.c   |6 +++-
 misc.c   |   23 ++--
 misc.h   |3 --
 options.c|1 -
 syshead.h|2 +
 9 files changed, 135 insertions(+), 27 deletions(-)
 create mode 100644 compat.c
 create mode 100644 compat.h

diff --git a/Makefile.am b/Makefile.am
index 075270f..437f939 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -84,6 +84,7 @@ openvpn_SOURCES = \
circ_list.h \
clinat.c clinat.h \
common.h \
+   compat.h compat.c \
config-win32.h \
crypto.c crypto.h crypto_backend.h \
crypto_openssl.c crypto_openssl.h \
diff --git a/compat.c b/compat.c
new file mode 100644
index 000..bade0a1
--- /dev/null
+++ b/compat.c
@@ -0,0 +1,82 @@
+/*
+ *  OpenVPN -- An application to securely tunnel IP networks
+ * over a single UDP port, with support for SSL/TLS-based
+ * session authentication and key exchange,
+ * packet encryption, packet authentication, and
+ * packet compression.
+ *
+ *  Copyright (C) 2011 - David Sommerseth 
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2
+ *  as published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program (see the file COPYING included with this
+ *  distribution); if not, write to the Free Software Foundation, Inc.,
+ *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+#include "syshead.h"
+#include "compat.h"
+#include 
+
+#if !defined(HAVE_BASENAME) || !defined(HAVE_DIRNAME)
+enum ovpn_dirbasename_e { DIRNAME, BASENAME };
+
+char *
+openvpn_dirbasename(char *path, enum ovpn_dirbasename_e mode)
+ {
+   char *ret;
+   const int dirsep = OS_SPECIFIC_DIRSEP;
+
+   if (path) {
+ ret = strrchr (path, dirsep);
+ if (ret && *ret)
+   ++ret;
+ else
+   ret = path;
+
+ if (*ret)
+   switch( mode ) {
+   case BASENAME:
+ return ret;
+
+   case DIRNAME:
+ /* This implements the POSIX variant of dirname(),
+  * which do modify the input
+  */
+ *(ret-1) = 0;
+ return path;
+   }
+   }
+   return NULL;
+ }
+#endif /* !defined(HAVE_BASENAME) || !defined(HAVE_DIRNAME) */
+
+
+#ifndef HAVE_DIRNAME
+char *
+dirname(char *str)
+{
+  return openvpn_dirbasename(str, DIRNAME);
+}
+#endif /* HAVE_DIRNAME */
+
+
+#ifndef HAVE_BASENAME
+char *
+basename(char *str)
+{
+  /* the path is recasted as non-const, as we are sure it will not be modified
+   * in the basename type
+   */
+  return openvpn_dirbasename(str, BASENAME);
+
+}
+#endif /* HAVE_BASENAME */
diff --git a/compat.h b/compat.h
new file mode 100644
index 000..b380f0b
--- /dev/null
+++ b/compat.h
@@ -0,0 +1,42 @@
+/*
+ *  OpenVPN -- An application to securely tunnel IP networks
+ * over a single UDP port, with support for SSL/TLS-based
+ * session authentication and key exchange,
+ * packet encryption, packet authentication, and
+ * packet compression.
+ *
+ *  Copyright (C) 2011 - David Sommerseth 
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2
+ *  as published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program (see the file COPYING included with this
+ *  distribution); if not, write to the Free Software Foundation, Inc.,
+ *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+#ifndef COMPAT_H
+#define COMPAT_H
+
+#include "config.h"
+
+#if defined(HAVE_BASENAME) || defined(HAVE_DIRNAME)
+#include 
+#endif
+
+#ifndef HAVE_DIRNAME
+char * dirname(char *str);
+#endif /* HAVE_DIRNAME */
+
+

Re: [Openvpn-devel] [PATCH] Enable access() when building in Visual Studio

[Alon Bar-Lev]

Well, this is small and beautiful! :)

On Thu, Dec 8, 2011 at 1:38 PM, David Sommerseth  wrote:
> Visual Studio does not enable certiain standard Unix functions,
> such as access().  By defining _CRT_NONSTDC_NO_WARNINGS and
> _CRT_SECURE_NO_WARNINGS, these functions are enabled.
>
> This patch also adds a ./configure check for access() as well,
> in case this needs to be implemented on other platforms lacking
> this feature.  Which is why HAVE_ACCESS is defined in win/config.h.in
>
> Thanks to Alon Bar-Lev for helping solving this.
>
> Signed-off-by: David Sommerseth 
> ---
>  configure.ac    |    2 +-
>  options.c       |    1 -
>  win/config.h.in |   28 
>  win/msvc.mak.in |    2 +-
>  4 files changed, 30 insertions(+), 3 deletions(-)
>
> diff --git a/configure.ac b/configure.ac
> index 173d6e2..f8b3dd6 100644
> --- a/configure.ac
> +++ b/configure.ac
> @@ -515,7 +515,7 @@ AC_CHECK_FUNCS(daemon chroot getpwnam setuid nice system 
> getpid dup dup2 dnl
>               getpass strerror syslog openlog mlockall getgrnam setgid dnl
>               setgroups stat flock readv writev time dnl
>               setsid chdir putenv getpeername unlink dnl
> -              chsize ftruncate execve getpeereid umask basename dirname)
> +              chsize ftruncate execve getpeereid umask basename dirname 
> access)
>
>  # Windows use stdcall for winsock so we cannot auto detect these
>  m4_define([SOCKET_FUNCS], [socket recv recvfrom send sendto listen dnl
> diff --git a/options.c b/options.c
> index 2280e9b..508fc82 100644
> --- a/options.c
> +++ b/options.c
> @@ -52,7 +52,6 @@
>  #include "configure.h"
>  #include "forward.h"
>  #include 
> -#include 
>
>  #include "memdbg.h"
>
> diff --git a/win/config.h.in b/win/config.h.in
> index e9df379..b5c31b8 100644
> --- a/win/config.h.in
> +++ b/win/config.h.in
> @@ -223,6 +223,34 @@ typedef unsigned long in_addr_t;
>  /* Special Windows version of getpass() defined in io.c */
>  #define HAVE_GETPASS 1
>
> +
> +/* The POSIX access() function is available, but requires
> + * _CRT_NONSTDC_NO_WARNINGS and _CRT_SECURE_NO_WARNINGS
> + * to be defined
> + */
> +#define HAVE_ACCESS 1
> +
> +/* Macros used by the POSIX access() function might not be available on 
> Windows.
> + * Based on information found here:
> + * http://msdn.microsoft.com/en-us/library/1w06ktdy%28v=vs.80%29.aspx
> + */
> +#ifndef R_OK
> +#define R_OK 4
> +#endif
> +
> +#ifndef W_OK
> +#define W_OK 2
> +#endif
> +
> +#ifndef X_OK
> +#define X_OK 1
> +#endif
> +
> +#ifndef F_OK
> +#define F_OK 0
> +#endif
> +
> +
>  /* Define to the full name and version of this package. */
>  #ifdef DEBUG_LABEL
>  #define PACKAGE_STRING PACKAGE_NAME " " PACKAGE_VERSION " " DEBUG_LABEL
> diff --git a/win/msvc.mak.in b/win/msvc.mak.in
> index 26d7a33..115e395 100644
> --- a/win/msvc.mak.in
> +++ b/win/msvc.mak.in
> @@ -38,7 +38,7 @@ LIB_DIRS = -LIBPATH:$(OPENSSL)\lib 
> -LIBPATH:$(POLARSSL)\build\library -LIBPATH:$
>  EXE = openvpn.exe
>
>  CPP=cl.exe
> -CPP_ARG_COMMON=/nologo /W3 -DWIN32 -DWIN32_LEAN_AND_MEAN -D_CONSOLE -D_MBCS 
> -D_CRT_SECURE_NO_DEPRECATE $(INCLUDE_DIRS) /FD /c
> +CPP_ARG_COMMON=/nologo /W3 -DWIN32 -DWIN32_LEAN_AND_MEAN -D_CONSOLE -D_MBCS 
> -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_WARNINGS 
> -D_CRT_SECURE_NO_WARNINGS $(INCLUDE_DIRS) /FD /c
>
>  LINK32=link.exe
>
> --
> 1.7.4.4
>

Re: [Openvpn-devel] [PATCH] handle Windows unicode paths

[Alon Bar-Lev]

On Thu, Dec 8, 2011 at 1:06 PM, Heiko Hund  wrote:
> On Wednesday 07 December 2011 17:58:51 Heiko Hund wrote:
>> This patch makes openvpn read the command line in UCS-2 and convert
>> it to UTF-8 internally. Windows stores names in the filesystem in UCS-2.
>> When using a paths openvpn converts it from UTF-8 to UCS-2 and uses the
>> wide character Windows API function.
>
> One thing I left out on purpose for now was handling --capath with a Unicode
> path. To have that work, openvpn would need to define a custom  LOOKUP_METHOD
> that is Unicode-safe. The one that is currently used is at [1]. The problem
> here is the _stat call that needs to be _wstat. Please let me know if that's
> something that should be done or not and I'll provide a patch.
>
> Heiko
>
> [1] http://cvs.openssl.org/fileview?f=openssl/crypto/x509/by_dir.c&v=1.32

Personally, I think that you should split this lng patch into several.
Style changes, file io, openssl, etc...
For the openssl, I would split each change:dn, files.

It would be much easier to review and comment.

At first glance, the files are relatively ok.

Alon.

Re: [Openvpn-devel] [PATCH] Add a wrapper for access() when compiling via Visual Studio

[Heiko Hund]

On Thursday 08 December 2011 00:13:49 David Sommerseth wrote:
> This adds the access() function as a wrapper for _access() to be
> able to compile OpenVPN via Visual Studio.  It also adds the required
> macros which used in POSIX environments (R_OK, W_OK, X_OK, F_OK).

Depending on the order this and my "Windows unicode paths" patch are merged 
there needs to be some additions code here or in that patch that converts the 
path using wide_string() passing it to _waccess().

Heiko
-- 
Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200
Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany
Commercial Register: Mannheim HRA 702710 | Headquarter Location: Karlsruhe
 
Represented by the General Partner Astaro Verwaltungs GmbH
Amalienbadstraße 41 Bau 52 | 76227 Karlsruhe | Germany 
Commercial Register: Mannheim HRB 708248 | Executive Board: Gert Hansen,
Markus Hennig, Jan Hichert, Günter Junk, Dr. Frank Nellissen

Re: [Openvpn-devel] [PATCH] handle Windows unicode paths

[Heiko Hund]

On Wednesday 07 December 2011 17:58:51 Heiko Hund wrote:
> This patch makes openvpn read the command line in UCS-2 and convert
> it to UTF-8 internally. Windows stores names in the filesystem in UCS-2.
> When using a paths openvpn converts it from UTF-8 to UCS-2 and uses the
> wide character Windows API function.

One thing I left out on purpose for now was handling --capath with a Unicode 
path. To have that work, openvpn would need to define a custom  LOOKUP_METHOD 
that is Unicode-safe. The one that is currently used is at [1]. The problem 
here is the _stat call that needs to be _wstat. Please let me know if that's 
something that should be done or not and I'll provide a patch.

Heiko

[1] http://cvs.openssl.org/fileview?f=openssl/crypto/x509/by_dir.c&v=1.32
-- 
Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200
Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany
Commercial Register: Mannheim HRA 702710 | Headquarter Location: Karlsruhe
 
Represented by the General Partner Astaro Verwaltungs GmbH
Amalienbadstraße 41 Bau 52 | 76227 Karlsruhe | Germany 
Commercial Register: Mannheim HRB 708248 | Executive Board: Gert Hansen,
Markus Hennig, Jan Hichert, Günter Junk, Dr. Frank Nellissen

Re: [Openvpn-devel] [PATCH] Add a wrapper for access() when compiling via Visual Studio

[Alon Bar-Lev]

On Thu, Dec 8, 2011 at 12:57 PM, Alon Bar-Lev  wrote:
> On Thu, Dec 8, 2011 at 12:51 PM, Alon Bar-Lev  wrote:
>> On Thu, Dec 8, 2011 at 12:44 PM, David Sommerseth
>>  wrote:
>>> -BEGIN PGP SIGNED MESSAGE-
>>> Hash: SHA1
>>>
>>> On 08/12/11 08:44, Alon Bar-Lev wrote:
 On Thu, Dec 8, 2011 at 2:13 AM, David Sommerseth 
 wrote:
> +/* The POSIX access() function is called via _access() on Windows,
> + * defined in io.h + */ +#define HAVE_ACCESS 1 +#define access
> _access +#pragma warning(disable : 4996) /* Avoid Visual Studio to
> complain about access(), which is redefined */

 Where is it defined? Anyway, won't it better: --- #ifdef access #undef
 access #endif #define access _access ---
>>>
>>> I tried that approach as well, and I still got this warning:
>>> - -
>>> options.c(2619) : warning C4996: '_access': The POSIX name for this item
>>> is deprecated. Instead, use the ISO C++ conformant name: _access. See
>>> online help for details.
>>>        c:\Program Files (x86)\Microsoft Visual Studio
>>> 9.0\VC\INCLUDE\io.h(185): see declaration of '_access'
>>> options.c(2625) : warning C4996: '_access': The POSIX name for this item
>>> is deprecated. Instead, use the ISO C++ conformant name: _access. See
>>> online help for details.
>>
>> This is something else!
>> Try defining _CRT_NONSTDC_NO_WARNINGS and _CRT_SECURE_NO_WARNINGS.
>>
>> Alon.
>
> This of course should be only in your vcproj not anywhere in openvpn.
>
> Alon.

Just checked, with this enabled you don't need to override access at all.

Alon.

Re: [Openvpn-devel] [PATCH] Add a wrapper for access() when compiling via Visual Studio

[Alon Bar-Lev]

On Thu, Dec 8, 2011 at 12:51 PM, Alon Bar-Lev  wrote:
> On Thu, Dec 8, 2011 at 12:44 PM, David Sommerseth
>  wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> On 08/12/11 08:44, Alon Bar-Lev wrote:
>>> On Thu, Dec 8, 2011 at 2:13 AM, David Sommerseth 
>>> wrote:
 +/* The POSIX access() function is called via _access() on Windows,
 + * defined in io.h + */ +#define HAVE_ACCESS 1 +#define access
 _access +#pragma warning(disable : 4996) /* Avoid Visual Studio to
 complain about access(), which is redefined */
>>>
>>> Where is it defined? Anyway, won't it better: --- #ifdef access #undef
>>> access #endif #define access _access ---
>>
>> I tried that approach as well, and I still got this warning:
>> - -
>> options.c(2619) : warning C4996: '_access': The POSIX name for this item
>> is deprecated. Instead, use the ISO C++ conformant name: _access. See
>> online help for details.
>>        c:\Program Files (x86)\Microsoft Visual Studio
>> 9.0\VC\INCLUDE\io.h(185): see declaration of '_access'
>> options.c(2625) : warning C4996: '_access': The POSIX name for this item
>> is deprecated. Instead, use the ISO C++ conformant name: _access. See
>> online help for details.
>
> This is something else!
> Try defining _CRT_NONSTDC_NO_WARNINGS and _CRT_SECURE_NO_WARNINGS.
>
> Alon.

This of course should be only in your vcproj not anywhere in openvpn.

Alon.

Re: [Openvpn-devel] [PATCH] Add a wrapper for access() when compiling via Visual Studio

[Alon Bar-Lev]

On Thu, Dec 8, 2011 at 12:44 PM, David Sommerseth
 wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 08/12/11 08:44, Alon Bar-Lev wrote:
>> On Thu, Dec 8, 2011 at 2:13 AM, David Sommerseth 
>> wrote:
>>> +/* The POSIX access() function is called via _access() on Windows,
>>> + * defined in io.h + */ +#define HAVE_ACCESS 1 +#define access
>>> _access +#pragma warning(disable : 4996) /* Avoid Visual Studio to
>>> complain about access(), which is redefined */
>>
>> Where is it defined? Anyway, won't it better: --- #ifdef access #undef
>> access #endif #define access _access ---
>
> I tried that approach as well, and I still got this warning:
> - -
> options.c(2619) : warning C4996: '_access': The POSIX name for this item
> is deprecated. Instead, use the ISO C++ conformant name: _access. See
> online help for details.
>        c:\Program Files (x86)\Microsoft Visual Studio
> 9.0\VC\INCLUDE\io.h(185): see declaration of '_access'
> options.c(2625) : warning C4996: '_access': The POSIX name for this item
> is deprecated. Instead, use the ISO C++ conformant name: _access. See
> online help for details.

This is something else!
Try defining _CRT_NONSTDC_NO_WARNINGS and _CRT_SECURE_NO_WARNINGS.

Alon.

Re: [Openvpn-devel] [PATCH] Add a wrapper for access() when compiling via Visual Studio

[David Sommerseth]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 08/12/11 08:44, Alon Bar-Lev wrote:
> On Thu, Dec 8, 2011 at 2:13 AM, David Sommerseth 
> wrote:
>> +/* The POSIX access() function is called via _access() on Windows, 
>> + * defined in io.h + */ +#define HAVE_ACCESS 1 +#define access
>> _access +#pragma warning(disable : 4996) /* Avoid Visual Studio to
>> complain about access(), which is redefined */
> 
> Where is it defined? Anyway, won't it better: --- #ifdef access #undef
> access #endif #define access _access ---

I tried that approach as well, and I still got this warning:
- -
options.c(2619) : warning C4996: '_access': The POSIX name for this item
is deprecated. Instead, use the ISO C++ conformant name: _access. See
online help for details.
c:\Program Files (x86)\Microsoft Visual Studio
9.0\VC\INCLUDE\io.h(185): see declaration of '_access'
options.c(2625) : warning C4996: '_access': The POSIX name for this item
is deprecated. Instead, use the ISO C++ conformant name: _access. See
online help for details.
c:\Program Files (x86)\Microsoft Visual Studio
9.0\VC\INCLUDE\io.h(185): see declaration of '_access'
options.c(2629) : warning C4996: '_access': The POSIX name for this item
is deprecated. Instead, use the ISO C++ conformant name: _access. See
online help for details.
c:\Program Files (x86)\Microsoft Visual Studio
9.0\VC\INCLUDE\io.h(185): see declaration of '_access'
options.c(2630) : warning C4996: '_access': The POSIX name for this item
is deprecated. Instead, use the ISO C++ conformant name: _access. See
online help for details.
c:\Program Files (x86)\Microsoft Visual Studio
9.0\VC\INCLUDE\io.h(185): see declaration of '_access'
- -

In io.h:185, this line can be found:
- -
_Check_return_ _CRTIMP int __cdecl _access(_In_z_ const char * _Filename,
_In_ int _AccessMode);
- -

And access() is declared like this in io.h:303
- -
_Check_return_ _CRT_NONSTDC_DEPRECATE(_access) _CRTIMP int __cdecl
access(_In_z_ const char * _Filename, _In_ int _AccessMode);
- -

The only way around this warning was to use the #pragma declaration to
disable the C4996 warning.  But I'm no Visual Studio expert, I might have
overlooked something.


kind regards,

David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk7glRwACgkQDC186MBRfrrM3QCgpgkDi4JWMaa4mmWjDeopDQfG
iWMAoKsMJC5zp4O9UwAwNtDXIM7wHkcB
=+4J5
-END PGP SIGNATURE-

Re: [Openvpn-devel] [PATCH] Move away from openvpn_basename() over to platform provided basename()

[Alon Bar-Lev]

On Thu, Dec 8, 2011 at 12:27 PM, David Sommerseth
 wrote:
> Hi Alon,
>
> I'm not sure I understand the critique too well now.  As this is the
> approach I tried to do.  However, I put the basename() and dirname()
> implementations in compat.h, calling the combined openvpn_dirbasename()
> function.
>
> The reason for the combined version is basically to keep as much generic
> code as possible.  And the old openvpn_basename() has been tested and
> tried for many years, so that code base can be considered solid.  As you
> know, the difference between dirname() and basename() is basically if you
> return the string from the beginning to the split point, or from the
> split point and to the end of the string.
>
> But I can move the static inline functions from the compat.h file over to
> the compat.c file, and declare openvpn_dirbasename() static instead.  If
> that is a better solution.
>

Yes, this what I meant... :)

Best not to put code in headers, unless absolutely required... when?
if you prove by profiler
that you can optimize anything... Most likely you won't call basename
in 10 loop.

However, you should be very careful from relying of the "solid"
openvpn_dirbasename
as it won't be used at most systems... as most have basename/dirname...

This is the code from glibc, which most probably be linked into your
code, the only difference
in windows it to check both '/' and '\' I like to use '/' also in
windows. But if you don't like it
we can do AC_DEFINE([PATH_SEPARATOR], ...) in configure.ac, if not
already there,
then use PATH_SEPARATOR constant in code.
---
char *
basename (filename)
 const char *filename;
{
  char *p = strrchr (filename, '/');
  return p ? p + 1 : (char *) filename;
}

char *
dirname (char *path)
{
  static const char dot[] = ".";
  char *last_slash;

  /* Find last '/'.  */
  last_slash = path != NULL ? strrchr (path, '/') : NULL;

  if (last_slash != NULL && last_slash != path && last_slash[1] == '\0')
{
  /* Determine whether all remaining characters are slashes.  */
  char *runp;

  for (runp = last_slash; runp != path; --runp)
if (runp[-1] != '/')
  break;

  /* The '/' is the last character, we have to look further.  */
  if (runp != path)
last_slash = __memrchr (path, '/', runp - path);
}

  if (last_slash != NULL)
{
  /* Determine whether all remaining characters are slashes.  */
  char *runp;

  for (runp = last_slash; runp != path; --runp)
if (runp[-1] != '/')
  break;

  /* Terminate the path.  */
  if (runp == path)
{
  /* The last slash is the first character in the string.  We have to
 return "/".  As a special case we have to return "//" if there
 are exactly two slashes at the beginning of the string.  See
 XBD 4.10 Path Name Resolution for more information.  */
  if (last_slash == path + 1)
++last_slash;
  else
last_slash = path + 1;
}
  else
last_slash = runp;

  last_slash[0] = '\0';
}
  else
/* This assignment is ill-designed but the XPG specs require to
   return a string containing "." in any case no directory part is
   found and so a static and constant string is required.  */
path = (char *) dot;

  return path;
}
---

Alon.

Re: [Openvpn-devel] [PATCH] Add option to disable priority tagged packets (VID=0)

[Alon Bar-Lev]

Missing usage, man.

On Thu, Dec 8, 2011 at 12:15 PM, David Sommerseth
 wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>
> Adding Fabian to Cc, he knows more about the VLAN code.
>
> With this feedback, I'm willing merge in the feat_vlan_tagging branch
> into master.  I'm not sure if this should happen now in the v2.3 time
> frame (which is getting more and more ready for alpha/beta releases), or
> if we will take it in the next round with v2.4.  But I will bring that up
> for discussion soonish.
>
>
> kind regards,
>
> David Sommerseth
>
>
> On 08/12/11 09:33, michael-dev wrote:
>> This patch adds an option to disable the creation of tagged priority
>> packets with VID=0. This is for the feature_vlan_tagging
>> openvpn-testing head.
>>
>> I tested the vlan feature and it works fine for me (no dhcp tested).
>> Therefore I bridged my eth0 (LAN) and tap0 (OpenVPN) but as my switch
>> flags arp replys with priority, the client ended up with 802.1q
>> tagged (VID=0) priority packets. These were not expected on the client
>> (Ubuntu 10.04 lts) and I found a linux kernel discussion from summer
>> 2010 about supporting VID=0 priority packets, so I expect more linux
>> clients (windows untested) to not support this kind of packets. This
>> option prevents the creating of these packets by ignoring the
>> priority information.
>>
>> This patch has already been tested and works fine for me.
>>
>> Signed-off-by: Michael Braun 
>>
>>
>>
>>
>> --
>>
>>
> Cloud Services Checklist: Pricing and Packaging Optimization
>> This white paper is intended to serve as a reference, checklist and
>> point of discussion for anyone considering optimizing the pricing and
>> packaging model of a cloud services business. Read Now!
>> http://www.accelacomm.com/jaw/sfnl/114/51491232/
>>
>>
>>
>> ___ Openvpn-devel mailing
>> list Openvpn-devel@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/openvpn-devel
>
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.11 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAk7gjjgACgkQDC186MBRfrqtsACgm8JiXbRQPTicmDjxL0WxDfGC
> KQkAoJu4gKtBtu6esT582SCBTD0z5J15
> =q6lu
> -END PGP SIGNATURE-
>
> --
> Cloud Services Checklist: Pricing and Packaging Optimization
> This white paper is intended to serve as a reference, checklist and point of
> discussion for anyone considering optimizing the pricing and packaging model
> of a cloud services business. Read Now!
> http://www.accelacomm.com/jaw/sfnl/114/51491232/
> ___
> Openvpn-devel mailing list
> Openvpn-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] [PATCH] Move away from openvpn_basename() over to platform provided basename()

[David Sommerseth]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 08/12/11 08:42, Alon Bar-Lev wrote:
> On Thu, Dec 8, 2011 at 1:46 AM, David Sommerseth 
> wrote:
>> 
>> This kicks out the openvpn_basename() function from misc.[ch]
>> andputs it into compat.[ch].  This is to provide the same
>> functionality on platforms not having a native basename() function
>> available.
>> 
>> In addition this patch adds dirname() which commit
>> 0f2bc0dd92f43c91e depends.  Without dirname(), openvpn won't build
>> in Visual Studio.
>> 
>> Signed-off-by: David Sommerseth 
> 
> Hello David,
> 
> The idea of compat.[hc] is to have system compatible layer. There
> should be no openvpn specific code in these. Just alternate
> implementation of missing functionality. It should be at the end of
> the chain in term of linkage.
> 
> So the "openvpn_dirbasename" should ether be copied to this file and 
> declared as static or provide a different simpler approach, 
> (strrchr('\\') or strrchr('/')).
> 

Hi Alon,

I'm not sure I understand the critique too well now.  As this is the
approach I tried to do.  However, I put the basename() and dirname()
implementations in compat.h, calling the combined openvpn_dirbasename()
function.

The reason for the combined version is basically to keep as much generic
code as possible.  And the old openvpn_basename() has been tested and
tried for many years, so that code base can be considered solid.  As you
know, the difference between dirname() and basename() is basically if you
return the string from the beginning to the split point, or from the
split point and to the end of the string.

But I can move the static inline functions from the compat.h file over to
the compat.c file, and declare openvpn_dirbasename() static instead.  If
that is a better solution.


kind regards,

David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk7gkQ0ACgkQDC186MBRfrrK7wCfZUZbCF+8bJXApFpOipFsJ4xt
Tz0AoJH8GJV/XyirtQklBzYKOHOAXD7o
=XiV3
-END PGP SIGNATURE-

Re: [Openvpn-devel] [PATCH] Move away from openvpn_basename() over to platform provided basename()

[Gert Doering]

Hi,

On Thu, Dec 08, 2011 at 12:46:28AM +0100, David Sommerseth wrote:
> This kicks out the openvpn_basename() function from misc.[ch] andputs
> it into compat.[ch].  This is to provide the same functionality on
> platforms not having a native basename() function available.

Agree with this in principle, but...

> diff --git a/compat.h b/compat.h
> new file mode 100644
> index 000..d44ab56
[..]

> +#ifndef HAVE_DIRNAME
> +static inline char *
> +dirname(char *str)
> +{
> +  return openvpn_dirbasename(str, DIRNAME);
> +}
> +#endif /* HAVE_DIRNAME */

... I don't think we should put even more code into .h files than we
already have.  This is not a performance critical call, and it makes
following the sources so much harder if actual functions are hidden in
header files.

gert
-- 
USENET is *not* the non-clickable part of WWW!
   //www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025g...@net.informatik.tu-muenchen.de


pgpqtRAhZyDWN.pgp
Description: PGP signature

Re: [Openvpn-devel] [PATCH] Add option to disable priority tagged packets (VID=0)

[David Sommerseth]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1


Adding Fabian to Cc, he knows more about the VLAN code.

With this feedback, I'm willing merge in the feat_vlan_tagging branch
into master.  I'm not sure if this should happen now in the v2.3 time
frame (which is getting more and more ready for alpha/beta releases), or
if we will take it in the next round with v2.4.  But I will bring that up
for discussion soonish.


kind regards,

David Sommerseth


On 08/12/11 09:33, michael-dev wrote:
> This patch adds an option to disable the creation of tagged priority
> packets with VID=0. This is for the feature_vlan_tagging
> openvpn-testing head.
> 
> I tested the vlan feature and it works fine for me (no dhcp tested). 
> Therefore I bridged my eth0 (LAN) and tap0 (OpenVPN) but as my switch 
> flags arp replys with priority, the client ended up with 802.1q
> tagged (VID=0) priority packets. These were not expected on the client
> (Ubuntu 10.04 lts) and I found a linux kernel discussion from summer
> 2010 about supporting VID=0 priority packets, so I expect more linux
> clients (windows untested) to not support this kind of packets. This
> option prevents the creating of these packets by ignoring the
> priority information.
> 
> This patch has already been tested and works fine for me.
> 
> Signed-off-by: Michael Braun 
> 
> 
> 
> 
> --
>
> 
Cloud Services Checklist: Pricing and Packaging Optimization
> This white paper is intended to serve as a reference, checklist and
> point of discussion for anyone considering optimizing the pricing and
> packaging model of a cloud services business. Read Now! 
> http://www.accelacomm.com/jaw/sfnl/114/51491232/
> 
> 
> 
> ___ Openvpn-devel mailing
> list Openvpn-devel@lists.sourceforge.net 
> https://lists.sourceforge.net/lists/listinfo/openvpn-devel

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk7gjjgACgkQDC186MBRfrqtsACgm8JiXbRQPTicmDjxL0WxDfGC
KQkAoJu4gKtBtu6esT582SCBTD0z5J15
=q6lu
-END PGP SIGNATURE-

[Openvpn-devel] [PATCH] Add option to disable priority tagged packets (VID=0)

[michael-dev]

This patch adds an option to disable the creation of tagged priority 
packets

with VID=0. This is for the feature_vlan_tagging openvpn-testing head.

I tested the vlan feature and it works fine for me (no dhcp tested).
Therefore I bridged my eth0 (LAN) and tap0 (OpenVPN) but as my switch
flags arp replys with priority, the client ended up with 802.1q tagged
(VID=0) priority packets. These were not expected on the client (Ubuntu 
10.04 lts)
and I found a linux kernel discussion from summer 2010 about supporting 
VID=0
priority packets, so I expect more linux clients (windows untested) to 
not support

this kind of packets.
This option prevents the creating of these packets by ignoring the 
priority information.


This patch has already been tested and works fine for me.

Signed-off-by: Michael Braun 


---
 multi.c   |2 +-
 options.c |9 +
 options.h |1 +
 3 files changed, 11 insertions(+), 1 deletions(-)

diff --git a/multi.c b/multi.c
index b77791a..d09fa68 100644
--- a/multi.c
+++ b/multi.c
@@ -2246,7 +2246,7 @@ remove_vlan_tag (const struct context *c, struct buffer *buf)
   return c->options.vlan_pvid;
 }
 
-  if (pcp == 0)
+  if (pcp == 0 || c->options.vlan_disable_priority)
 {
   /* VLAN-tagged without priority information. */
 
diff --git a/options.c b/options.c
index 827b9f0..fe0eac6 100644
--- a/options.c
+++ b/options.c
@@ -763,6 +763,7 @@ init_options (struct options *o, const bool init_gc)
 #ifdef ENABLE_VLAN_TAGGING
   o->vlan_accept = VAF_ALL;
   o->vlan_pvid = 1;
+  o->vlan_disable_priority = false;
 #endif
 }
 
@@ -1037,6 +1038,7 @@ show_p2mp_parms (const struct options *o)
   SHOW_BOOL (vlan_tagging);
   msg (D_SHOW_PARMS, "  vlan_accept = %s", print_vlan_accept (o->vlan_accept));
   SHOW_INT (vlan_pvid);
+  SHOW_BOOL (vlan_disable_priority);
 #endif
 #endif /* P2MP_SERVER */
 
@@ -1783,6 +1785,8 @@ options_postprocess_verify_ce (const struct options *options, const struct conne
 	msg (M_USAGE, "--vlan-accept requires --vlan-tagging");
 	  if (options->vlan_pvid != defaults.vlan_pvid)
 	msg (M_USAGE, "--vlan-pvid requires --vlan-tagging");
+	  if (options->vlan_disable_priority != defaults.vlan_disable_priority)
+	msg (M_USAGE, "--vlan_disable_priority requires --vlan-tagging");
 	}
 #endif
 }
@@ -5782,6 +5786,11 @@ add_option (struct options *options,
   VERIFY_PERMISSION (OPT_P_GENERAL);
   options->vlan_tagging = true;
 }
+  else if (streq (p[0], "vlan-disable-priority"))
+{
+  VERIFY_PERMISSION (OPT_P_GENERAL);
+  options->vlan_disable_priority = true;
+}
   else if (streq (p[0], "vlan-accept") && p[1])
 {
   VERIFY_PERMISSION (OPT_P_GENERAL);
diff --git a/options.h b/options.h
index a278561..5444e37 100644
--- a/options.h
+++ b/options.h
@@ -523,6 +523,7 @@ struct options
   bool vlan_tagging;
   enum vlan_acceptable_frames vlan_accept;
   uint16_t vlan_pvid;
+  bool vlan_disable_priority;
 #endif
 };
 
-- 
1.7.3.4

Re: [Openvpn-devel] [PATCH] Add a wrapper for access() when compiling via Visual Studio

[Alon Bar-Lev]

On Thu, Dec 8, 2011 at 2:13 AM, David Sommerseth  wrote:
> +/* The POSIX access() function is called via _access() on Windows,
> + * defined in io.h
> + */
> +#define HAVE_ACCESS 1
> +#define access _access
> +#pragma warning(disable : 4996) /* Avoid Visual Studio to complain about 
> access(), which is redefined */

Where is it defined?
Anyway, won't it better:
---
#ifdef access
#undef access
#endif
#define access _access
---

Alon.

Re: [Openvpn-devel] [PATCH] Move away from openvpn_basename() over to platform provided basename()

[Alon Bar-Lev]

On Thu, Dec 8, 2011 at 1:46 AM, David Sommerseth  wrote:
>
> This kicks out the openvpn_basename() function from misc.[ch] andputs
> it into compat.[ch].  This is to provide the same functionality on
> platforms not having a native basename() function available.
>
> In addition this patch adds dirname() which commit 0f2bc0dd92f43c91e
> depends.  Without dirname(), openvpn won't build in Visual Studio.
>
> Signed-off-by: David Sommerseth 

Hello David,

The idea of compat.[hc] is to have system compatible layer.
There should be no openvpn specific code in these.
Just alternate implementation of missing functionality.
It should be at the end of the chain in term of linkage.

So the "openvpn_dirbasename" should ether be copied to this file and
declared as static or provide a different simpler approach,
(strrchr('\\') or strrchr('/')).

Regards,
Alon.

[Openvpn-devel] suggested config settings for wifi?

[travis+ml-openvpn-devel]

See attach.

I'm wondering, with the default settings (used via Ubuntu's
network-manager, though that isn't really relevant I think), why I
keep getting timeouts.  I can ping the box.  It seems to work 1 out of
every 5 times, so it's not a packet filter blocking me.

Is there any setting I can set?

TY
-- 
http://www.subspacefield.org/~travis/ | A real man does not think of victory
or defeat.  He plunges recklessly towards an irrational death. -- Hagakure
If you are a spammer, please email j...@subspacefield.org to get blacklisted.
--- Begin Message ---
I'm getting a lot of "timeout exceeded" responses when trying to do
VPN over WiFi... sometimes it takes 4-5 attempts, especially when
doing WiFi->4G->wired connections.

Any suggested settings to make it more tolerant of
timeouts/retransmits?
-- 
http://www.subspacefield.org/~travis/
"Sweeney? It doesn't exactly sound like a super-villain's... y'know, cool name"
If you are a spammer, please email j...@subspacefield.org to get blacklisted.


pgpPztXLjGX2a.pgp
Description: PGP signature
--
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2d-oct___
Openvpn-users mailing list
openvpn-us...@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
--- End Message ---


pgp9tsjhWJ2FB.pgp
Description: PGP signature

Re: [Openvpn-devel] [PATCH] Don't look for 'stdin' file when using --auth-user-pass

[David Sommerseth]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 02/12/11 16:34, David Sommerseth wrote:
> This argument allows the keyword 'stdin' to indicate that the input is
> to be read from the stdin.  Don't check for file existence if the file
> name is set to 'stdin'
> 
> Signed-off-by: David Sommerseth  --- options.c |
> 5 +++-- 1 files changed, 3 insertions(+), 2 deletions(-)
> 

Applied and pushed out to -testing and -stable master branches.

commit 870cf166add7ea0aa15c9d12b7916e669a9f441f
Author: David Sommerseth 
List-Post: openvpn-devel@lists.sourceforge.net
Date:   Fri Dec 2 16:32:56 2011 +0100

Signed-off-by: David Sommerseth 
Acked-by: Gert Doering 


Kind regards,

David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk7gAzoACgkQDC186MBRfrrEZACfdekwNa5Vkxx68fMvnLD75+v0
FkQAn0FjLR5Pihduhva/oPuVzQhratnL
=Zui4
-END PGP SIGNATURE-

[Openvpn-devel] [PATCH] Add a wrapper for access() when compiling via Visual Studio

[David Sommerseth]

This adds the access() function as a wrapper for _access() to be
able to compile OpenVPN via Visual Studio.  It also adds the required
macros which used in POSIX environments (R_OK, W_OK, X_OK, F_OK).

This patch will also disable a compiler warning, C4996, as the compiler
complains about the usage of access() - despite it is being redefinded
as _access().

Signed-off-by: David Sommerseth 
---
 configure.ac|2 +-
 options.c   |1 -
 win/config.h.in |   29 +
 3 files changed, 30 insertions(+), 2 deletions(-)

diff --git a/configure.ac b/configure.ac
index 173d6e2..f8b3dd6 100644
--- a/configure.ac
+++ b/configure.ac
@@ -515,7 +515,7 @@ AC_CHECK_FUNCS(daemon chroot getpwnam setuid nice system 
getpid dup dup2 dnl
   getpass strerror syslog openlog mlockall getgrnam setgid dnl
   setgroups stat flock readv writev time dnl
   setsid chdir putenv getpeername unlink dnl
-  chsize ftruncate execve getpeereid umask basename dirname)
+  chsize ftruncate execve getpeereid umask basename dirname access)

 # Windows use stdcall for winsock so we cannot auto detect these
 m4_define([SOCKET_FUNCS], [socket recv recvfrom send sendto listen dnl
diff --git a/options.c b/options.c
index 2280e9b..508fc82 100644
--- a/options.c
+++ b/options.c
@@ -52,7 +52,6 @@
 #include "configure.h"
 #include "forward.h"
 #include 
-#include 

 #include "memdbg.h"

diff --git a/win/config.h.in b/win/config.h.in
index e9df379..b44f564 100644
--- a/win/config.h.in
+++ b/win/config.h.in
@@ -223,6 +223,35 @@ typedef unsigned long in_addr_t;
 /* Special Windows version of getpass() defined in io.c */
 #define HAVE_GETPASS 1

+
+/* The POSIX access() function is called via _access() on Windows,
+ * defined in io.h
+ */
+#define HAVE_ACCESS 1
+#define access _access
+#pragma warning(disable : 4996) /* Avoid Visual Studio to complain about 
access(), which is redefined */
+
+/* Macros used by the POSIX access() function might not be available on 
Windows.
+ * Based on information found here:
+ * http://msdn.microsoft.com/en-us/library/1w06ktdy%28v=vs.80%29.aspx
+ */
+#ifndef R_OK
+#define R_OK 4
+#endif
+
+#ifndef W_OK
+#define W_OK 2
+#endif
+
+#ifndef X_OK
+#define X_OK 1
+#endif
+
+#ifndef F_OK
+#define F_OK 0
+#endif
+
+
 /* Define to the full name and version of this package. */
 #ifdef DEBUG_LABEL
 #define PACKAGE_STRING PACKAGE_NAME " " PACKAGE_VERSION " " DEBUG_LABEL
-- 
1.7.4.4