Hi, On Fri, May 07, 2021 at 06:50:22PM +0500, Vladislav Grishenko wrote: > DNS SRV remote host discovery allows to have multiple OpenVPN servers for > a single domain w/o explicit profile enumeration, to move services from > host to host with little fuss, and to designate hosts as primary servers > for a service and others as backups. > Feature has been asked several times already, should be useful in case of > substantial number of clients & servers deployed. [..] > v12: > add get_cached_srv_entry() for servinfo vs addrinfo cache split > add check for mixed --remote and --remote-srv > add doxygen dns srv functions comments > use query_servinfo() for both unix and windows > fix undefined NS_MAXMSG issue on macOS > fix undefined EAI_NODATA issue on FreeBSD > fix man and msg() indents > rebase against master
It has taken us way too long to properly look into this patch, and with 2.6_alpha looming, it's "now or 2.7". As expected, this no longer applies due to conflicts all over the place - this is easily fixed, and I've done so (and will send a v13 based on current master in the next mail). There are other changes related to intermediate commits, like the removal of "--explicit-exit-notify & TCP is not allowed" check, also adjusted, extra projects in openvpn.vcproj, etc. - I think I have covered all of them. The crucial issue right now is that the whole resolver stuff does not build on OpenBSD, because there is no ns_initparse() and friends - but there *is* an getrrsetbyname(), which seems to do the same thing, except "not available on Linux". There are various posts online that describe the problem, and the possible solution space - like this one https://fossil-users.fossil-scm.narkive.com/wEIH279H/smtp-c-build-failures so you could basically do - add private ns_initparse() function, as they do in "vlmcsd" (whatever that is) - https://github.com/sunflyer/vlmcsd/blob/master/dns_srv.c - use getrrsetbyname(), and add that via "compat" source if a target platform does not have it - this is what OpenSSH does - add #ifdefs to disable --srv functionality on OpenBSD (which is not really where we want to go) - require libbind on OpenBSD, and ensure includes & libraries are handled in the proper order (<arpa/nameser.h> etc. needs to be pulled from /usr/local/include/bind/ etc.) (this is also not really what we want, adding extra prerequisites) Unfortunately, without someone actually doing this work, this patch can not be applied - it will break a fully supported platform. I'm sorry that it took me over a year to get to the "fix this or it can't go in" point - I thought that this was all sorted out already in the EAI_NODATA round, and all I had to do was "come up with some test scenario and then merge". gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
