Am 11.08.22 um 17:25 schrieb Kristof Provost via Openvpn-devel:
On 10 Aug 2022, at 18:32, Gert Doering wrote:
as promised, here's test results and code review.
Test results:
- running openvpn over TCP gives me a kernel panic - this is not so
nice... (see attached .png from the vmware console) - userland seems
to assume "kernel can do TCP", kernel panics on "if !udp, panic()"
(so intentional panic, not corruption panic).
This is on freebsd git FreeBSD 14.0-CURRENT #1 main-n257130-c0665d5c824
I’ve pushed a fix for this panic in fd6b3bede5a5c210f327e5c9bd3e415ee905048b.
I simply didn’t think that user space might give us a non-UDP socket, so
checking for that and rejecting the peer in that case fixes the panic. Thanks
for finding that.
You should probably also modify the check for dco incompatible in
OpenVPN so that using TCP disables DCO on FreeBSD.
Arne
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
