Re: [Openvpn-devel] [PATCH v2] convert *_inline attributes to bool
On 10/01/17 22:35, Steffan Karger wrote: >> @@ -5154,7 +5194,8 @@ add_option(struct options *options, >> { >> options->plugin_list = plugin_option_list_new(>gc); >> } >> -if (!plugin_option_list_add(options->plugin_list, [1], >> >gc)) >> +if (!plugin_option_list_add(options->plugin_list, [1], is_inline, >> +>gc)) > Can we inline a plugin? I wouldn't think so, but I've been surprised by > our option parser before ;-) (Arne or David might know this.) Oh dear ... No it should be possible to inline a plug-in. Our code uses dlopen() to load plug-ins, which expects a full path. So I would expect to see dlopen() fail. And no, we should not ever be able to inline a plug-in. I'll probably get nightmares this night due to all the potential security issues related to this. Neither should any of the script-hooks be possible to inline. > If not, you don't need to add the is_inline argument to > plugin_option_list_add(), but just add a 'false' when someone down the > chain calls make_extended_arg_array(). Yes, that sounds reasonable. -- kind regards, David Sommerseth OpenVPN Technologies, Inc signature.asc Description: OpenPGP digital signature -- Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today. http://sdm.link/xeonphi___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH applied] management: >REMOTE operation would overwrite ce change indicator
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Your patch has been applied to the following branches commit e81f313a71e548638d9e9679226ee84b3b614f13 (master) commit a853cd060eb61df77055cbb92e97ad7f245f2316 (release/2.4) Author: David Sommerseth Date: Tue Jan 10 21:34:32 2017 +0100 management: >REMOTE operation would overwrite ce change indicator Signed-off-by: David SommersethAcked-by: Selva Nair Message-Id: <1484080473-10415-1-git-send-email-dav...@openvpn.net> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13851.html Signed-off-by: David Sommerseth - -- kind regards, David Sommerseth -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBAgAGBQJYduPjAAoJEIbPlEyWcf3yns0P/RNsveEAvleUcBQNlJ9rzKL4 XYojnRhbdGzuuNQhgWj+49+HG9gYgCy4XrRRcMEaw/trwBZVOSF9viI10HNuUSnT fHO3sIFNHMgEUPNiP2GGzEiD1EEgE2hAKLjaCjTzvfLKvOiC9ZaH+WTj71Q0ppax XLsM/B5g6OiD4X5ZPsgJ+ZY2yyb7Mxe/DOFI05pkZ59CA2t0vMP1kKSjf2le+51+ iCcvfDV0Fx9px5JGOtsrkI/K0Wp59ip3N18xqYp15Wd2wj3ANv9zA0mfp1ZK/jDz cIRoA/qG2pS7txgyVvbtDyfmYJnWTnmnBP+hhR859ykhUSBUyQN6zliwhCislqv9 36glnIkbbmyXCYIAPIxx7Fh6ZKnh+whu+RQ+GR1cPR5rl08qofZPR7JygdJDx/as i4JR51fFpFBd94zsQpf1NYBPoORccgsbzyl8y6dNOkkdyCl5pxkOmScUuIUzCMwP UFalNUH2kopEGwwZCXf+aTvpkQ7Q8UMhctCsX/EqcGcOzBzJ9eZV7mzvhwknkYMV QPgmR+YpWki4CGDnHSv43mTs87yRbY7xcn+u4002/Yv0F1HxRzL8Lz2RfvDD5eJA ppvOaVCDvEIObsdCIP29Fa0g7YA0F1h8e1BV98qF12WEC1v+S8d4qiAAHyN4aeQt r4MDwMpTCh1tFH2I9vj5 =X0eo -END PGP SIGNATURE- -- Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today. http://sdm.link/xeonphi ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH applied] man: fix formatting for alternative option
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ACK. Your patch has been applied to the following branches commit d0d8a4b5f875bc802117647b20a3caa6d4fdb375 (master) commit 6204fccb2441b5bae8b3f6e0b31a4a0b232fc8e6 (release/2.4) Author: Christian Hesse Date: Wed Dec 28 08:54:20 2016 +0100 man: fix formatting for alternative option Signed-off-by: Christian HesseAcked-by: David Sommerseth Message-Id: <20161228075420.348-1-l...@eworm.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13747.html Signed-off-by: David Sommerseth - -- kind regards, David Sommerseth -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBAgAGBQJYduNYAAoJEIbPlEyWcf3ylKUP/RZKG/qSinrHo2O2Fu6sJyWL eT9i6KurQLGR8MTKm6csPyLAX0NA+JYhuRgOUIMV3QLb44De0DMIufalVpfUIlyg wOuqI9rnX8vU7+FVeHw8aivBtPWM4oFSJOQ8+sDy/pWFvJYa5QyLFIPtG1oHo/Fx lHeOfCK1PqRcTggmze6PH1eTJjLwC7EprjFJZmfa8XLhfsKehwFdEFO5/bhGFwLN Out2bjtAQXSIaFRlGQB77Y7pQYSYVjvcmdWBuzE4lxnmenVjvW4gQA5mTXbj1AfI l57dG+B2Ahx0k5mGbItW7+g5pfo8xsXTAV7o44b/S1L4Uuy7FuE4ABiM+KVEuH3a kpnVgdS375Nx00Sc4TyB5jkkb034TvgcGf0xTtsg5mLY+vijh5UvOw/k+tIbcot2 oKE7Dp5WWcMND+g3lIFdxiCO0zU9gVLVn4YNurtOrWmQedTxEUinVhbNxnDTjBlq fMmRjz79nDgnSwjidUGDT038/P2R/j1ONrLWUcCFRtj0bZU0aLo+mM8DHVn/2gVH g6HSIOfNfoIeN2lehMzS/LmfZZdpN7qqWPxu4/kXNlHhldn+szVtyBupqFLV+G5M aoMS/CIvM7rAJ9U9UVpQsUJBExRxzcKjw+fkyy0nHQda93BSv4vIZ67TVEjJz0NR MXe9EingHPRVe/w3zz5F =jAlj -END PGP SIGNATURE- -- Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today. http://sdm.link/xeonphi ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH v2] More broadly enforce Allman style and braces-around-conditionals
On 23/12/16 23:40, Steffan Karger wrote: > We want { and } aligned, which means also adding a newline between each > for() and {, while() and {, etc. > > Also, we agreed to always use braces with conditionals. The previous > uncrustify config added these for if()s, now also add these for while() > and for(). > > Signed-off-by: Steffan Karger> --- > This patch replaces the "Add nl_for_brace=add to uncrustify.conf" patch. > > v2: also add nl_do_brace=add and mod_full_brace_do=add > > dev-tools/uncrustify.conf | 8 + > src/compat/compat-daemon.c | 3 +- > src/compat/compat-dirname.c| 7 +++- > src/compat/compat-inet_ntop.c | 3 +- > src/compat/compat-inet_pton.c | 3 +- > src/compat/compat-versionhelpers.h | 36 ++--- > src/openvpn/argv.c | 10 ++ > src/openvpn/base64.c | 11 +-- > src/openvpn/buffer.c | 9 +- > src/openvpn/buffer.h | 2 ++ > src/openvpn/comp-lz4.c | 3 +- > src/openvpn/compstub.c | 3 +- > src/openvpn/console.c | 6 ++-- > src/openvpn/crypto.c | 18 +++ > src/openvpn/crypto.h | 3 +- > src/openvpn/crypto_mbedtls.h | 3 +- > src/openvpn/crypto_openssl.c | 6 ++-- > src/openvpn/cryptoapi.c| 9 -- > src/openvpn/dhcp.c | 11 +-- > src/openvpn/error.c| 3 +- > src/openvpn/error.h| 3 +- > src/openvpn/event.c| 4 +++ > src/openvpn/fragment.c | 9 +- > src/openvpn/gremlin.c | 15 ++--- > src/openvpn/httpdigest.c | 3 +- > src/openvpn/init.c | 11 ++- > src/openvpn/interval.h | 3 +- > src/openvpn/list.c | 6 ++-- > src/openvpn/lzo.c | 3 +- > src/openvpn/manage.c | 15 +++-- > src/openvpn/mbuf.c | 3 +- > src/openvpn/memdbg.h | 3 +- > src/openvpn/misc.c | 9 +- > src/openvpn/mroute.c | 3 +- > src/openvpn/mss.c | 3 +- > src/openvpn/mtcp.c | 3 +- > src/openvpn/multi.c| 14 ++-- > src/openvpn/ntlm.c | 14 +--- > src/openvpn/occ.c | 3 +- > src/openvpn/openvpn.c | 6 ++-- > src/openvpn/options.c | 52 +++--- > src/openvpn/otime.h| 3 +- > src/openvpn/packet_id.c| 3 +- > src/openvpn/perf.c | 5 ++- > src/openvpn/perf.h | 9 -- > src/openvpn/pkcs11.c | 66 > +- > src/openvpn/plugin.c | 11 ++- > src/openvpn/pool.c | 2 ++ > src/openvpn/proxy.c| 10 -- > src/openvpn/reliable.c | 7 +++- > src/openvpn/route.c| 13 +++- > src/openvpn/route.h| 3 +- > src/openvpn/schedule.c | 4 +++ > src/openvpn/session_id.c | 3 +- > src/openvpn/shaper.c | 3 +- > src/openvpn/socket.c | 12 +-- > src/openvpn/socket.h | 24 +- > src/openvpn/ssl.c | 26 +++ > src/openvpn/ssl_mbedtls.c | 8 +++-- > src/openvpn/ssl_openssl.c | 3 +- > src/openvpn/ssl_verify.c | 6 > src/openvpn/ssl_verify_mbedtls.c | 2 ++ > src/openvpn/ssl_verify_openssl.c | 3 +- > src/openvpn/tls_crypt.c| 6 ++-- > src/openvpn/tun.c | 26 +++ > src/openvpn/win32.c| 8 +++-- > src/openvpnserv/automatic.c| 3 +- > src/openvpnserv/interactive.c | 5 ++- > src/plugins/auth-pam/utils.c | 5 ++- > src/plugins/down-root/down-root.c | 2 ++ > 70 files changed, 479 insertions(+), 144 deletions(-) > So I tried to apply this one, but there are some odd issues now. Did you apply your changes against the proper branch locally? Because a couple of these ones are really odd. > --- a/src/openvpn/crypto_openssl.c > +++ b/src/openvpn/crypto_openssl.c > @@ -558,7 +559,8 @@ cipher_kt_iv_size(const EVP_CIPHER *cipher_kt) > } > > int > -cipher_kt_block_size(const EVP_CIPHER *cipher) { > +cipher_kt_block_size(const EVP_CIPHER *cipher) > +{ > /* > * OpenSSL reports OFB/CFB/GCM cipher block sizes as '1 byte'. To work > * around that, try to replace the mode with 'CBC' and return the block > size For some odd reason, this hunk does not apply ... not even with 'patch -p1'. > --- a/src/openvpn/memdbg.h > +++ b/src/openvpn/memdbg.h > @@ -90,7 +90,8 @@ > #include "dmalloc.h" > > static inline void * > -openvpn_dmalloc(const char *file, int line, size_t size) { > +openvpn_dmalloc(const char *file, int line, size_t size) > +{ >
Re: [Openvpn-devel] [PATCH 2/2] management: Remove a redundant #ifdef block
On Tue, Jan 10, 2017 at 3:34 PM, David Sommersethwrote: > Bascially removes two independent #ifdef ENABLE_MANAGEMENT blocks into > a single block, which makes the logic flow more easy to read. > > Signed-off-by: David Sommerseth > Cc: Selva Nair > --- > src/openvpn/init.c | 6 +- > 1 file changed, 1 insertion(+), 5 deletions(-) > > diff --git a/src/openvpn/init.c b/src/openvpn/init.c > index 4786232..5296345 100644 > --- a/src/openvpn/init.c > +++ b/src/openvpn/init.c > @@ -414,11 +414,7 @@ next_connection_entry(struct context *c) > break; > } > } > -else > -#endif > - > -#ifdef ENABLE_MANAGEMENT > -if (ce_defined && management && management_query_proxy_enabled > (management)) > +else if (ce_defined && management && > management_query_proxy_enabled(management)) > { > ce_defined = ce_management_query_proxy(c); > if (IS_SIG(c)) > One more ifdef gone, and good riddance! ACK. -- Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today. http://sdm.link/xeonphi___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel