[Openvpn-devel] [M] Change in openvpn[master]: multipeer: introduce asymmetric peer-id

Tue, 05 Aug 2025 05:23:08 -0700 

Attention is currently required from: flichtenheld, its_Giaan.

plaisthos has posted comments on this change. ( 
http://gerrit.openvpn.net/c/openvpn/+/1089?usp=email )

Change subject: multipeer: introduce asymmetric peer-id
......................................................................


Patch Set 2:

(2 comments)

File src/openvpn/push.c:

http://gerrit.openvpn.net/c/openvpn/+/1089/comment/098ded6f_b8a7adfd :
PS2, Line 657:                         tls_multi->rx_peer_id);
> ok but what about the mapping? we're using the current peer-id assigned by 
> the server as index to ke […]
Yes, but the idea of the protocol is:

- server pushes peer-id: client uses *same* peer-id for send and receive.
- server pushes nothing but has ID= in its own peer-info, client reconigses 
that the peer is supporting assymetric peer-id and uses the peer's ID for 
sending packets and expecting the id the ID it send in peerinfo for incoming 
packets.


File src/openvpn/ssl_ncp.c:

http://gerrit.openvpn.net/c/openvpn/+/1089/comment/d2c5201c_e34ffb2d :
PS2, Line 474:                 multi->rx_peer_id = (peerid[0] << 16) + 
(peerid[1] << 8) + peerid[2];
> So you're saying we should keep the peer_id field and also the rx_peer_id and 
> tx_peer_id but use the […]
I missing the code that implements the asymmetric peer-id here completely is 
what I am saying. Either the code to parse the ID=xyz of the peer is completely 
missing or I overlooked it.



--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/1089?usp=email
To unsubscribe, or for help writing mail filters, visit 
http://gerrit.openvpn.net/settings

Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: I0a13ee90b6706acf20eabcee3bab3f2dff639bf9
Gerrit-Change-Number: 1089
Gerrit-PatchSet: 2
Gerrit-Owner: its_Giaan <gianma...@mandelbit.com>
Gerrit-Reviewer: flichtenheld <fr...@lichtenheld.com>
Gerrit-Reviewer: plaisthos <arne-open...@rfc2549.org>
Gerrit-CC: openvpn-devel <openvpn-devel@lists.sourceforge.net>
Gerrit-Attention: its_Giaan <gianma...@mandelbit.com>
Gerrit-Attention: flichtenheld <fr...@lichtenheld.com>
Gerrit-Comment-Date: Tue, 05 Aug 2025 12:22:11 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Comment-In-Reply-To: plaisthos <arne-open...@rfc2549.org>
Comment-In-Reply-To: its_Giaan <gianma...@mandelbit.com>
Gerrit-MessageType: comment

_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel






















					Reply via email to