On 06/03/2026 04:20, Jakub Kicinski wrote:
On Thu, 5 Mar 2026 00:06:25 +0100 Antonio Quartulli wrote:
From: Ralf Lici <[email protected]>
Extend the base test to verify that the correct peer-id is set in data
packet headers. This is done by capturing ping packets with ngrep during
the initial exchange and matching the first portion of the header
against the expected sequence for every connection.
AI asks
@@ -2204,15 +2217,15 @@ static int ovpn_parse_cmd_args(struct ovpn_ctx *ovpn,
int argc, char *argv[])
if (argc < 7)
return -EINVAL;
The CMD_CONNECT case was correctly updated from 'argc < 6' to 'argc < 7'
for the new tx_id argument. However, was CMD_NEW_PEER also updated?
Looking at the usage text, CMD_NEW_PEER now expects:
new_peer <iface> <peer_id> <tx_id> <lport> <raddr> <rport> [vpnaddr]
That's argv[0] through argv[7] for 8 required arguments (indices 0-7),
but the check at the start of CMD_NEW_PEER still requires only argc < 7.
With argc=7, argv[7] would be NULL according to the C standard, so when
ovpn_parse_new_peer() passes argv[7] as rport and calls getaddrinfo(),
the NULL service parameter would silently produce port 0 instead of
the intended port.
Should the check be 'argc < 8' instead?
Right. Some rebase went wrong, sorry about that.
--
Antonio Quartulli
OpenVPN Inc.
