Re: [Openvpn-devel] [PATCH] Increase listen() backlog queue to 32

Hi, On 15/08/2019 17:53, Gert Doering wrote: > For reasons historically unknown, OpenVPN sets the listen() backlog > queue to "1", which signals the kernel "while there is one TCP connect > waiting for OpenVPN to handle it, refuse all others" - which, on > restarting a busy TCP server, will create

[Openvpn-devel] Summary of the community meeting (15th August 2019)

Hi, Here's the summary of the IRC meeting. --- COMMUNITY MEETING Place: #openvpn-meeting on irc.freenode.net Date: Thursday 15th August 2019 Time: 20:00 CEST (18:00 UTC) Planned meeting topics for this meeting were here: Your loc

[Openvpn-devel] [PATCH applied] Re: sitnl: harden strncpy() by forcing arguments to have the same length

Acked-by: Gert Doering Interesting remark from Casper Dik - strncpy() actually is defined to *always* write all IFNAMSIZ bytes (so says the linux man page), unlike strcpy() which stops after the '\0' byte. But in this particular case, "not overrunning" is more important than "save a few cycles

Re: [Openvpn-devel] [PATCH] More specific syslog process name with systemd

Hi, On Thu, Aug 15, 2019 at 07:23:37PM +0200, François Kooman wrote: > Please ignore the patch! Argueing patches away is so much easier than ACKing :-)) gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come

Re: [Openvpn-devel] [PATCH] More specific syslog process name with systemd

On 15.08.19 14:31, David Sommerseth wrote: > Could you please provide a rationale to why this is needed? How things works > now, is that the systemd-journal picks up everything; including various > additional meta-data which syslog does not support. The rationale was that when viewing the log wit

[Openvpn-devel] [PATCH] Increase listen() backlog queue to 32

For reasons historically unknown, OpenVPN sets the listen() backlog queue to "1", which signals the kernel "while there is one TCP connect waiting for OpenVPN to handle it, refuse all others" - which, on restarting a busy TCP server, will create connection issues. The exact "best" value of the bac

[Openvpn-devel] [PATCH applied] Re: Adjust Android code after sitnl patch merge

Acked-by: Gert Doering I can't really test this, but it only touches (and cleans up) android- specific code - and by convention if you say "android needs this", so it does :-) - and it looks generally sane. Your patch has been applied to the master branch. commit 26e5b80096a78ec7d5e7bcd15f81155

[Openvpn-devel] [PATCH applied] Re: Fix check if iface name is set

Your patch has been applied to the master branch. commit ac4ceada14b9cb8d1a6180a2e1e07d81af8e34f6 Author: Arne Schwabe Date: Thu Aug 15 14:10:52 2019 +0200 Fix check if iface name is set Signed-off-by: Arne Schwabe Acked-by: Antonio Quartulli Message-Id: <20190815121053.1

Re: [Openvpn-devel] [PATCH] More specific syslog process name with systemd

On 15/08/2019 09:28, François Kooman wrote: > Adds the `--syslog` option to specify the unit and configuration > name when using systemd. Could you please provide a rationale to why this is needed? How things works now, is that the systemd-journal picks up everything; including various additional

Re: [Openvpn-devel] [PATCH v2 1/2] Fix check if iface name is set

Hi, On 15/08/2019 14:10, Arne Schwabe wrote: > Clang/Android complained > > warning: address of array 'rgi6->iface' will always evaluate to 'true' > [-Wpointer-bool-conversion] > if (rgi6->iface) > > iface is a char[16]; So its pointer is always true. > > we do a CLEAR(rgi6) always

[Openvpn-devel] [PATCH v2 1/2] Fix check if iface name is set

Clang/Android complained warning: address of array 'rgi6->iface' will always evaluate to 'true' [-Wpointer-bool-conversion] if (rgi6->iface) iface is a char[16]; So its pointer is always true. we do a CLEAR(rgi6) always before setting this struct and strcpy the name into iface. So us

[Openvpn-devel] [PATCH v2 2/2] Adjust Android code after sitnl patch merge

It turns out that the only part of Android that still shares routing code with Linux is the get_default_ipv6 method. Instead of fixing a method that makes little sense on Android anyway, have a method that returns a fake ipv6 gateway like for ipv4. Patch V2: Instead adding ANDROID to a long list

Re: [Openvpn-devel] [PATCH 1/2] Fix check if iface name is set

Hi Arne, better mark the patches with v2. They are also both missing the signed-off-by line. how about git format-patch -v2 -s -2 ? :) Cheers, On 15/08/2019 13:52, Arne Schwabe wrote: > Clang/Android complained > > warning: address of array 'rgi6->iface' will always evaluate to 'true' > [-Wp

[Openvpn-devel] [PATCH 1/2] Fix check if iface name is set

Clang/Android complained warning: address of array 'rgi6->iface' will always evaluate to 'true' [-Wpointer-bool-conversion] if (rgi6->iface) iface is a char[16]; So its pointer is always true. we do a CLEAR(rgi6) always before setting this struct and strcpy the name into iface. So us

[Openvpn-devel] [PATCH 2/2] Adjust Android code after sitnl patch merge

It turns out that the only part of Android that still shares routing code with Linux is the get_default_ipv6 method. Instead of fixing a method that makes little sense on Android anyway, have a method that returns a fake ipv6 gateway like for ipv4. --- src/openvpn/route.c | 66 +++

[Openvpn-devel] [PATCH] More specific syslog process name with systemd

Adds the `--syslog` option to specify the unit and configuration name when using systemd. Signed-off-by: François Kooman --- distro/systemd/openvpn-cli...@.service.in | 2 +- distro/systemd/openvpn-ser...@.service.in | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/distro/s