With this API it is possible to retrieve the stats for a specific peer
or for all peers and then update the userspace counters with the value
reported by DCO.
Change-Id: Ia3990b86b1be7ca844fb1674b39ce0d60528ccff
Signed-off-by: Antonio Quartulli
---
Pleas, use the latest ovpn-dco master branch!
Netlink has its own error space and reports errors via the return
value of its functions.
For this reason remove the M_ERRNO flag when printing its errors.
At the moment we get something like this:
netlink reports error (-7): Invalid input data or parameter: Interrupted system
call (errno=4)
Hi,
On Mon, Mar 20, 2023 at 02:07:14PM -0400, Selva Nair wrote:
> > Thanks, this change makes sense. I have not actively tried to provoke
> > it (like, by connecting to a "fake SOCKS server" that will trigger it),
> > but the change is obviously an improvement to "if it's not ==1, it
> > must be
>
>
>
> Thanks, this change makes sense. I have not actively tried to provoke
> it (like, by connecting to a "fake SOCKS server" that will trigger it),
> but the change is obviously an improvement to "if it's not ==1, it
> must be a TCP error!").
>
An easy way to "provoke" this is to use openssh
Acked-by: Gert Doering
Thanks, this change makes sense. I have not actively tried to provoke
it (like, by connecting to a "fake SOCKS server" that will trigger it),
but the change is obviously an improvement to "if it's not ==1, it
must be a TCP error!").
I do test the SOCKS code in my
Acked-by: Gert Doering
Unit tests are goood :-)
Stare-at-code looks good, and Github is happy with the result... (both
32 and 64 bit)
[==] Running 7 test(s).
[ RUN ] test_parse_hexstring
[ OK ] test_parse_hexstring
[ RUN ] import_certs
[ OK
Acked-by: Gert Doering
This is not really "high priority critical NULL pointer crash bug"
important, because due to lucky circumstances the result from
get_link_socket_info(c) on a NULL pointer is still NULL (because
&->info is the first member of the struct) - so later consumers
of *lsi will
Am 14.02.23 um 15:01 schrieb Gert Doering:
Hi,
On Tue, Feb 14, 2023 at 02:56:58PM +0100, Arne Schwabe wrote:
resolve_ovpn_netlink_id(int msglevel)
{
-int ret;
struct nl_sock *nl_sock = nl_socket_alloc();
-ret = genl_connect(nl_sock);
+if (!nl_sock)
+{
+
Explicitly say that the version specified is the one of the peer and not
the version we try to emulate.
Patch v2: Improve grammar.
Change-Id: I3bd27a8d34d8cb4896a3b78508b7d16911571543
Change-Id: If4fb45b3426f5e0dbe6c87d5bd05681b9d733827
Signed-off-by: Arne Schwabe
---
Acked-by: Gert Doering
Discussed this at length with Arne - the change looks very big, but
most of it is "change of calling conventions", passing in "session"
instead of "multi" (session being c2.tls_multi->session[$key], TM_ACTIVE
for most of the invocations).
The interesting things are more
OpenVPN 3 Linux v20 (stable)
This is the first stable release of OpenVPN 3 Linux. This release is
mostly adding minor improvements, a few bug fix and adding two more
helper tools.
* Feature: openvpn3-admin journal
This is a helper function to retrieve log events from the OpenVPN 3
Linux
Acked-by: Gert Doering
This one is fairly trivial refactoring - moving the "ks = get_key_scan()"
part out of tls_send_payload(), passing in "ks" instead of "multi".
Stared-at-code (straightforward), fed to GH for "maybe it is not?" and
local client side test.
Your patch has been applied to the
I have not tested this extensively, just subjected to GH to compile and
run basic checks with OpenSSL 1.1.x and 3.0.x, and ran a few local tests
(Linux + OpenSSL 1.1.1). This all passed. Have not investigated how
to actually trigger these code lines.
Your patch has been applied to the master
Am 19.03.23 um 08:54 schrieb Michael Baentsch:
Signed-off-by: Michael Baentsch
Acked-By: Arne Schwabe
Thanks. We had a discussion/review round on gihtub before this.
Basically the problem is that trying to print the algorithm
for algorithms that are not part of the old OpenSSL 1.x API
14 matches
Mail list logo