Hi, Frank Observing behavior is not desired, indeed. I'll look into -- Best Regards, Vladislav Grishenko
> -----Original Message----- > From: Frank Lichtenheld <fr...@lichtenheld.com> > Sent: Thursday, December 1, 2022 6:37 PM > To: Gert Doering <g...@greenie.muc.de> > Cc: openvpn-devel@lists.sourceforge.net > Subject: Re: [Openvpn-devel] [PATCH v14] Add DNS SRV remote host discovery > support > > I have several nitpicks with this patch which I can enumerate later, but there is at > least one critical issue which prevents me from ACKing this: > > # src/openvpn/openvpn --client --tls-cert-profile insecure --ca ../ca.crt --cert > ../t_client.c\ > rt --key ../t_client.key --remote-cert-tls server --comp-lzo --verb 3 --dev tun -- > proto tcp4 --r\ > emote-srv lichtenheld.net --writepid ../tests/t_client-flichtenheld-TUXEDO- > InfinityBook-S-15-17-Gen7\ > -20221201-141818/openvpn-1.pid --setenv TESTNUM 1 --setenv TOP_BUILDDIR > .. --script-security 2 --up \ ./update_t_client_ips.sh > 2022-12-01 14:18:20 WARNING: Compression for receiving enabled. > Compression has been used in the pas\ t to break encryption. Sent packets are > not compressed unless "allow-compression yes" is also set. > 2022-12-01 14:18:20 Note: --cipher is not set. OpenVPN versions before 2.5 > defaulted to BF-CBC as fa\ llback when cipher negotiation failed in this case. If > you need this fallback please add '--data-cip\ hers-fallback BF-CBC' to your > configuration and/or add BF-CBC to --data-ciphers. > 2022-12-01 14:18:20 OpenVPN 2.6_git [git:master/c98fe8b90271df5c] x86_64- > pc-linux-gnu [SSL (OpenSSL)\ ] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built > on Dec 1 2022 > 2022-12-01 14:18:20 library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10 > 2022-12-01 14:18:21 Resolved remote service host: conn-test- > server.openvpn.org:51194,udp4 prio 0 wei\ ght 0 > 2022-12-01 14:18:21 Resolved remote service host: conn-test- > server.openvpn.org:51194,tcp4-client pri\ o 0 weight 0 > 2022-12-01 14:18:21 NOTE: the current --script-security setting may allow this > configuration to call\ user-defined scripts > 2022-12-01 14:18:21 TCP/UDP: Preserving recently used remote address: > [AF_INET]199.102.77.82:51194 > 2022-12-01 14:18:21 Socket Buffers: R=[212992->212992] S=[212992->212992] > 2022-12-01 14:18:21 UDPv4 link local: (not bound) > 2022-12-01 14:18:21 UDPv4 link remote: [AF_INET]199.102.77.82:51194 > > As you can see it ignores the "--proto tcp4" if no proto was specified in -- > remote-srv. > This is inconsistent with how --remote works. I don't think this can be the > desired behaviour. > > Regards, > -- > Frank Lichtenheld > > > _______________________________________________ > Openvpn-devel mailing list > Openvpn-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-devel _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
