Re: [Openvpn-devel] [PATCHv2]: FreeBSD DCO support

Fri, 19 Aug 2022 10:38:03 -0700 

Hi,

On Fri, Aug 12, 2022 at 03:41:52PM +0200, Kristof Provost via Openvpn-devel 
wrote:
> Here's the updated version of the FreeBSD DCO patch. It should address
> all remarks on the userspace side of things.

As I said, I only tested the client side of things so far.  Now I started
building a server test rig, to see what I could break :-) - and then
see if the iroute patch does what it should (looks generally good).

Before getting to routing, I discovered something that "upstream changes"
might have broken in your patch:

Namely, if I run multiple instances with --dev tun, the first one
grabs "tun0", and the next one will *fail*

2022-08-19 19:21:08 us=399955 OpenVPN 2.6_git [git:vw/master/d7f16eea8e939b42] 
amd64-unknown-freebsd14.0 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] [DCO] 
built on Aug 13 2022
2022-08-19 19:21:08 us=399974 library versions: OpenSSL 1.1.1q-freebsd  5 Jul 
2022, LZO 2.10
[...]
2022-08-19 19:21:08 us=403141 GDG6: remote_host_ipv6=n/a
2022-08-19 19:21:08 us=403225 ROUTE6_GATEWAY 2001:608:0:814::ffff IFACE=em0
2022-08-19 19:21:08 us=414627 Failed to create interface tun0: File exists 
(errno=17)
2022-08-19 19:21:08 us=414703 Exiting due to fatal error

This is because of a misunderstanding between tun.c:open_tun_dco_generic()
and FreeBSD's open_tun_dco() / create_interface() - tun.c expects the
return code to be "-errno", and gives up on -EPERM - which happens to
be "-1" on FreeBSD ("if we can not create a single interface due to
*permission*, break the loop").

Changing the flow to return -errno makes it succeed.  I will send a patch
for that in a few minutes (feed family first).

gert
-- 
"If was one thing all people took for granted, was conviction that if you 
 feed honest figures into a computer, honest figures come out. Never doubted 
 it myself till I met a computer with a sense of humor."
                             Robert A. Heinlein, The Moon is a Harsh Mistress

Gert Doering - Munich, Germany                             g...@greenie.muc.de

Attachment: signature.asc
Description: PGP signature

_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel























					Reply via email to