Re: [Openvpn-devel] [Patch] Version 2: Fail if options have extra parameters
Hi, coming back to this, due to a bug introduced by this (Arne sent a patch), me not finding the original patch in release/2.3 (so I can't apply the fix), and I think there was a misunderstanding here :-) On Tue, Jun 02, 2015 at 08:43:26AM -0400, Jonathan K. Bullard wrote: > This is a new thread with version 2 of the patch; the first submission > included the wrong .patch file and was withdrawn. > > The attached patch causes an error if an option has extra > parameters; previously they were ignored (ticket #557 at > https://community.openvpn.net/openvpn/ticket/557). > > This feature was discussed on the openvpn-devel mailing list ( > http://thread.gmane.org/gmane.network.openvpn.devel/9599). > > The patch is for the master branch only -- the consensus of the > mailing list discussion was that the patch should not be included in > the 2.3 branch. I seem to remember that we said "no hard errors in 2.3", but *warnings* for 2.3 would be certainly acceptable and welcome. OTOH, looking at the current patch, it cannot reasonably easy turned into something that prints warnings only (because if there are extra arguments, the current patch will just ignore the option in question and all its arguments) - so we'd need to instrument every single clause with an if (p[MAXFORTHIS]) { msg(M_WARN, "WARNING: too many arguments for --xxx"); } which would be quite a lot of extra code... So, for the time being, I'll split Arne's patch from yesterday into "the master" and "the 2.3" fix (one of two chunks :) ) gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgp3k1YRcioXG.pgp Description: PGP signature
Re: [Openvpn-devel] [Patch] Version 2: Fail if options have extra parameters
On Wed, Jun 3, 2015 at 2:33 AM, Arne Schwabe wrote: > ACK. But some things I noticed (should go into separate patch) > > We do not catch > > --connection foo, it is silently ignored I noticed a few such problems, mostly in options that I couldn't find consistent documentation for. I didn't want to risk introducing problems until I understood them better. I expect to submit individual patches for each one at some point.
Re: [Openvpn-devel] [Patch] Version 2: Fail if options have extra parameters
Am 02.06.15 um 14:43 schrieb Jonathan K. Bullard: > This is a new thread with version 2 of the patch; the first submission > included the wrong .patch file and was withdrawn. > > The attached patch causes an error if an option has extra > parameters; previously they were ignored (ticket #557 at > https://community.openvpn.net/openvpn/ticket/557). > > This feature was discussed on the openvpn-devel mailing list ( > http://thread.gmane.org/gmane.network.openvpn.devel/9599). > > The patch is for the master branch only -- the consensus of the > mailing list discussion was that the patch should not be included in > the 2.3 branch. > > The (modified) message "Unrecognized option or missing or extra > parameter(s)" is used except for a few options: > > ACK. But some things I noticed (should go into separate patch) We do not catch --connection foo, it is silently ignored Arne
[Openvpn-devel] [Patch] Version 2: Fail if options have extra parameters
This is a new thread with version 2 of the patch; the first submission included the wrong .patch file and was withdrawn. The attached patch causes an error if an option has extra parameters; previously they were ignored (ticket #557 at https://community.openvpn.net/openvpn/ticket/557). This feature was discussed on the openvpn-devel mailing list ( http://thread.gmane.org/gmane.network.openvpn.devel/9599). The patch is for the master branch only -- the consensus of the mailing list discussion was that the patch should not be included in the 2.3 branch. The (modified) message "Unrecognized option or missing or extra parameter(s)" is used except for a few options: * The --help option: An extra parameter for --help generates a specific error message after showing the syntax message. This is done to help a user who tries "--help tls-cipher" or similar, hoping to get more information about the "tls-cipher" option. * The --dhcp-option option: It has its own similar message, into which " or extra" has been inserted. * Ten options such as --up that accept a command (instead of a path) already detect extra parameters and generate specific error messages that mention double-quoting commands which contain imbedded spaces. extra-parameters-v2.patch Description: Binary data