Acked-by: Gert Doering <g...@greenie.muc.de>
Thanks. I have not actually tested this, but we've discussed this
at length before - so this is "obviously correct".
The problem here (for readers of the list only) is that "a single packet"
is sufficient to keep the connection active if "--inactive ... 0" is
used - and "0 bytes" will be "abort". With "if (new_bytes >= 0)", the
condition is always true in the DCO path, even if 0 packets have been
seen, so it never triggers.
It does cause an off-by-one, so if the limit is "1000 bytes", on DCO
it will need 1001 bytes now, while non-DCO will be fine with 1000 bytes,
but we decided that generally this is not "a single byte" precise, but
"lots of traffic" or "not much", so this is acceptable for a simpler
condition that people can actually understand in half a year...
Your patch has been applied to the master and release/2.6 branch.
commit 6c64b46b15476351ca19f9a8f3cb8185aa2c7e07 (master)
commit a3c9458d233d35d2afdb866aaa602bebaabf2f59 (release/2.6)
Author: Lev Stipakov
Date: Wed Mar 22 13:34:08 2023 +0200
Fix '--inactive <time> 0' behavior for DCO
Signed-off-by: Lev Stipakov <l...@openvpn.net>
Acked-by: Gert Doering <g...@greenie.muc.de>
Message-Id: <20230322113408.2057-1-lstipa...@gmail.com>
URL:
https://www.mail-archive.com/search?l=mid&q=20230322113408.2057-1-lstipa...@gmail.com
Signed-off-by: Gert Doering <g...@greenie.muc.de>
--
kind regards,
Gert Doering
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
