Attention is currently required from: flichtenheld, its_Giaan, ordex, plaisthos.
cron2 has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/765?usp=email ) Change subject: mroute: adapt to new protocol handling and hashing improvements ...................................................................... Patch Set 14: Code-Review-2 (8 comments) Patchset: PS14: There is a couple of things that need looking at - the forward.c hunk should go to a patch in the series that actually deals with socket arrays, and also very very closely checked for correctness - the `proto` initialization in the maddr could be done in a more elegant way - `mroute_addr_hash_len()` needs to be fixed File src/openvpn/forward.c: http://gerrit.openvpn.net/c/openvpn/+/765/comment/3e5d8af2_a31c87b9 : PS14, Line 1132: for (int i = 0; i < c->c1.link_sockets_num; i++) I assume this hunk is needed, but it's sort of "outside the scope of mroute handling" (so should either move to #764 or be mentioned in the commit message - I think "moving" is more reasonable). Also I am not sure it is *correct* - if I read this correctly, the effect is now `if (!decrypt_status && we have *any* listening TCP socket) { SIGUSR1; }` no? As it's walking the whole array, not checking the socket where this packet was received. http://gerrit.openvpn.net/c/openvpn/+/765/comment/35afcb51_f6ae0b38 : PS14, Line 1135: /* on the instance context we have only one socket, so just check the first one */ whatever the outcome is, this comment is no longer correct :-) File src/openvpn/mroute.h: http://gerrit.openvpn.net/c/openvpn/+/765/comment/cad156ad_89f96d93 : PS14, Line 225: return (uint32_t) a->len + 2; if you change the start of the to-be-hashed block, but all the existing data should still be hashed, this looks like you also must increase the length by +1? File src/openvpn/mudp.c: http://gerrit.openvpn.net/c/openvpn/+/765/comment/7a2c3469_2b108655 : PS14, Line 196: m->local.proto = real.proto; This is a bit confusing. I can see the assignment to `real.proto` (because mroute_extract_openvpn_sockaddr() cannot do it) but what is `m->local`, and who is poulating the rest of it? File src/openvpn/multi.c: http://gerrit.openvpn.net/c/openvpn/+/765/comment/ff5809d5_e5708d45 : PS14, Line 1156: struct mroute_addr *addr, this looks wrong. A lookup function should not modify its arguments. I see calls to `multi_get_instance_by_virtual_addr()` being prepared by `mroute_extract_addr_from_packet()` calls - so if that function sets `proto = 0` (or just `CLEAR()`s the mroutes) we do not need to do anything here. http://gerrit.openvpn.net/c/openvpn/+/765/comment/8164b377_9ec4fcaa : PS14, Line 3356: see comment above - now you're actually setting `proto` in the caller, even if I do not agree this is the right place - so the change to `multi_get_instance_by_virtual_addr()` is definitely not needed. I'd still move this into `mroute_extract_addr_from_packet()`, with the comment. http://gerrit.openvpn.net/c/openvpn/+/765/comment/81dba5d2_42f25dc3 : PS14, Line 3561: dest.proto = src.proto; same thing -> `mroute_extract_addr_from_packet()` -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/765?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ic66eccb5058fe9c0fae64d8e2ca88728068a92ab Gerrit-Change-Number: 765 Gerrit-PatchSet: 14 Gerrit-Owner: its_Giaan <gianma...@mandelbit.com> Gerrit-Reviewer: cron2 <g...@greenie.muc.de> Gerrit-Reviewer: flichtenheld <fr...@lichtenheld.com> Gerrit-Reviewer: plaisthos <arne-open...@rfc2549.org> Gerrit-CC: openvpn-devel <openvpn-devel@lists.sourceforge.net> Gerrit-CC: ordex <a...@unstable.cc> Gerrit-Attention: plaisthos <arne-open...@rfc2549.org> Gerrit-Attention: its_Giaan <gianma...@mandelbit.com> Gerrit-Attention: flichtenheld <fr...@lichtenheld.com> Gerrit-Attention: ordex <a...@unstable.cc> Gerrit-Comment-Date: Fri, 24 Jan 2025 08:00:10 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes Gerrit-MessageType: comment
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel