Menu
▾
▴
openvpn-devel — OpenVPN developers list
You can subscribe to this list here.
| 2002 |
Jan
|
Feb
|
Mar
|
Apr
(24) |
May
(14) |
Jun
(29) |
Jul
(33) |
Aug
(3) |
Sep
(8) |
Oct
(18) |
Nov
(1) |
Dec
(10) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2003 |
Jan
(3) |
Feb
(33) |
Mar
(7) |
Apr
(28) |
May
(30) |
Jun
(5) |
Jul
(10) |
Aug
(7) |
Sep
(32) |
Oct
(41) |
Nov
(20) |
Dec
(10) |
| 2004 |
Jan
(24) |
Feb
(18) |
Mar
(57) |
Apr
(40) |
May
(55) |
Jun
(48) |
Jul
(77) |
Aug
(15) |
Sep
(56) |
Oct
(80) |
Nov
(74) |
Dec
(52) |
| 2005 |
Jan
(38) |
Feb
(42) |
Mar
(39) |
Apr
(56) |
May
(79) |
Jun
(73) |
Jul
(16) |
Aug
(23) |
Sep
(68) |
Oct
(77) |
Nov
(52) |
Dec
(27) |
| 2006 |
Jan
(27) |
Feb
(18) |
Mar
(51) |
Apr
(62) |
May
(28) |
Jun
(50) |
Jul
(36) |
Aug
(33) |
Sep
(47) |
Oct
(50) |
Nov
(77) |
Dec
(13) |
| 2007 |
Jan
(15) |
Feb
(8) |
Mar
(14) |
Apr
(18) |
May
(25) |
Jun
(16) |
Jul
(16) |
Aug
(19) |
Sep
(32) |
Oct
(17) |
Nov
(5) |
Dec
(5) |
| 2008 |
Jan
(64) |
Feb
(25) |
Mar
(25) |
Apr
(6) |
May
(28) |
Jun
(20) |
Jul
(10) |
Aug
(27) |
Sep
(28) |
Oct
(59) |
Nov
(37) |
Dec
(43) |
| 2009 |
Jan
(40) |
Feb
(25) |
Mar
(12) |
Apr
(57) |
May
(46) |
Jun
(29) |
Jul
(39) |
Aug
(10) |
Sep
(20) |
Oct
(42) |
Nov
(50) |
Dec
(57) |
| 2010 |
Jan
(82) |
Feb
(165) |
Mar
(256) |
Apr
(260) |
May
(36) |
Jun
(87) |
Jul
(53) |
Aug
(89) |
Sep
(107) |
Oct
(51) |
Nov
(88) |
Dec
(117) |
| 2011 |
Jan
(69) |
Feb
(60) |
Mar
(113) |
Apr
(71) |
May
(67) |
Jun
(90) |
Jul
(88) |
Aug
(90) |
Sep
(48) |
Oct
(64) |
Nov
(69) |
Dec
(118) |
| 2012 |
Jan
(49) |
Feb
(528) |
Mar
(351) |
Apr
(190) |
May
(238) |
Jun
(193) |
Jul
(104) |
Aug
(100) |
Sep
(57) |
Oct
(41) |
Nov
(47) |
Dec
(51) |
| 2013 |
Jan
(94) |
Feb
(57) |
Mar
(96) |
Apr
(105) |
May
(77) |
Jun
(102) |
Jul
(27) |
Aug
(81) |
Sep
(32) |
Oct
(53) |
Nov
(127) |
Dec
(65) |
| 2014 |
Jan
(113) |
Feb
(59) |
Mar
(104) |
Apr
(259) |
May
(70) |
Jun
(70) |
Jul
(146) |
Aug
(45) |
Sep
(58) |
Oct
(149) |
Nov
(77) |
Dec
(83) |
| 2015 |
Jan
(53) |
Feb
(66) |
Mar
(86) |
Apr
(50) |
May
(135) |
Jun
(76) |
Jul
(151) |
Aug
(83) |
Sep
(97) |
Oct
(262) |
Nov
(245) |
Dec
(231) |
| 2016 |
Jan
(131) |
Feb
(233) |
Mar
(97) |
Apr
(138) |
May
(221) |
Jun
(254) |
Jul
(92) |
Aug
(248) |
Sep
(168) |
Oct
(275) |
Nov
(477) |
Dec
(445) |
| 2017 |
Jan
(218) |
Feb
(217) |
Mar
(146) |
Apr
(172) |
May
(216) |
Jun
(252) |
Jul
(164) |
Aug
(192) |
Sep
(190) |
Oct
(143) |
Nov
(255) |
Dec
(182) |
| 2018 |
Jan
(295) |
Feb
(164) |
Mar
(113) |
Apr
(147) |
May
(64) |
Jun
(262) |
Jul
(184) |
Aug
(90) |
Sep
(69) |
Oct
(364) |
Nov
(102) |
Dec
(101) |
| 2019 |
Jan
(119) |
Feb
(64) |
Mar
(64) |
Apr
(102) |
May
(57) |
Jun
(154) |
Jul
(84) |
Aug
(81) |
Sep
(76) |
Oct
(102) |
Nov
(233) |
Dec
(89) |
| 2020 |
Jan
(38) |
Feb
(170) |
Mar
(155) |
Apr
(172) |
May
(120) |
Jun
(223) |
Jul
(461) |
Aug
(227) |
Sep
(268) |
Oct
(113) |
Nov
(56) |
Dec
(124) |
| 2021 |
Jan
(121) |
Feb
(48) |
Mar
(334) |
Apr
(345) |
May
(207) |
Jun
(136) |
Jul
(71) |
Aug
(112) |
Sep
(122) |
Oct
(173) |
Nov
(184) |
Dec
(223) |
| 2022 |
Jan
(197) |
Feb
(206) |
Mar
(156) |
Apr
(212) |
May
(192) |
Jun
(170) |
Jul
(143) |
Aug
(380) |
Sep
(182) |
Oct
(148) |
Nov
(128) |
Dec
(269) |
| 2023 |
Jan
(248) |
Feb
(196) |
Mar
(264) |
Apr
(36) |
May
(123) |
Jun
(66) |
Jul
(120) |
Aug
(48) |
Sep
(157) |
Oct
(198) |
Nov
(300) |
Dec
(273) |
| 2024 |
Jan
(271) |
Feb
(147) |
Mar
(207) |
Apr
(78) |
May
(107) |
Jun
(168) |
Jul
(151) |
Aug
(51) |
Sep
(438) |
Oct
(221) |
Nov
(302) |
Dec
(357) |
| 2025 |
Jan
(451) |
Feb
(219) |
Mar
(326) |
Apr
(232) |
May
(306) |
Jun
(181) |
Jul
(452) |
Aug
(282) |
Sep
(620) |
Oct
(228) |
Nov
|
Dec
|
|
From: Gert D. <ge...@gr...> - 2025-09-26 20:53:26
|
Straightforward *and* an ACK from Antonio :-)
Your patch has been applied to the master branch.
commit 36a09c8dbfb68c9df745943886dc974513998c07
Author: Frank Lichtenheld
Date: Wed Sep 24 17:10:44 2025 +0200
dco: Change sd argument to dco_new_peer from int to socket_descriptor_t
Signed-off-by: Frank Lichtenheld <fr...@li...>
Acked-by: Antonio Quartulli <an...@ma...>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1195
Message-Id: <202...@li...>
URL: https://sourceforge.net/p/openvpn/mailman/message/59238248/
Signed-off-by: Gert Doering <ge...@gr...>
--
kind regards,
Gert Doering
|
|
From: cron2 (C. Review) <ge...@op...> - 2025-09-26 20:53:26
|
cron2 has uploaded a new patch set (#8) to the change originally created by flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/1195?usp=email ) The following approvals got outdated and were removed: Code-Review+2 by ordex Change subject: dco: Change sd argument to dco_new_peer from int to socket_descriptor_t ...................................................................... dco: Change sd argument to dco_new_peer from int to socket_descriptor_t Doesn't change anything for non-Win32 platforms. Change-Id: I28f856c1c156b54089d95b2e2539ecdb374cdd37 Signed-off-by: Frank Lichtenheld <fr...@li...> Acked-by: Antonio Quartulli <an...@ma...> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1195 Message-Id: <202...@li...> URL: https://sourceforge.net/p/openvpn/mailman/message/59238248/ Signed-off-by: Gert Doering <ge...@gr...> --- M src/openvpn/dco.c M src/openvpn/dco_internal.h M src/openvpn/dco_win.c 3 files changed, 4 insertions(+), 13 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/95/1195/8 diff --git a/src/openvpn/dco.c b/src/openvpn/dco.c index 2cf90af..6afc680 100644 --- a/src/openvpn/dco.c +++ b/src/openvpn/dco.c @@ -491,11 +491,6 @@ return true; } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Wconversion" -#endif - int dco_p2p_add_new_peer(struct context *c) { @@ -604,7 +599,7 @@ int peer_id = c->c2.tls_multi->peer_id; struct sockaddr *remoteaddr, *localaddr = NULL; struct sockaddr_storage local = { 0 }; - int sd = c->c2.link_sockets[0]->sd; + const socket_descriptor_t sd = c->c2.link_sockets[0]->sd; if (c->mode == CM_CHILD_TCP) @@ -650,10 +645,6 @@ return 0; } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic pop -#endif - void dco_install_iroute(struct multi_context *m, struct multi_instance *mi, struct mroute_addr *addr) { diff --git a/src/openvpn/dco_internal.h b/src/openvpn/dco_internal.h index 83013ef..86af003 100644 --- a/src/openvpn/dco_internal.h +++ b/src/openvpn/dco_internal.h @@ -59,7 +59,7 @@ * They are implemented by dco_linux.c */ -int dco_new_peer(dco_context_t *dco, unsigned int peerid, int sd, struct sockaddr *localaddr, +int dco_new_peer(dco_context_t *dco, unsigned int peerid, socket_descriptor_t sd, struct sockaddr *localaddr, struct sockaddr *remoteaddr, struct in_addr *vpn_ipv4, struct in6_addr *vpn_ipv6); int dco_del_peer(dco_context_t *dco, unsigned int peerid); diff --git a/src/openvpn/dco_win.c b/src/openvpn/dco_win.c index 7dd43d6..4dd307f 100644 --- a/src/openvpn/dco_win.c +++ b/src/openvpn/dco_win.c @@ -415,10 +415,10 @@ } int -dco_new_peer(dco_context_t *dco, unsigned int peerid, int sd, struct sockaddr *localaddr, +dco_new_peer(dco_context_t *dco, unsigned int peerid, socket_descriptor_t sd, struct sockaddr *localaddr, struct sockaddr *remoteaddr, struct in_addr *vpn_ipv4, struct in6_addr *vpn_ipv6) { - msg(D_DCO_DEBUG, "%s: peer-id %d, fd %d", __func__, peerid, sd); + msg(D_DCO_DEBUG, "%s: peer-id %d, fd " SOCKET_PRINTF, __func__, peerid, sd); if (dco->ifmode == DCO_MODE_P2P) { -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1195?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I28f856c1c156b54089d95b2e2539ecdb374cdd37 Gerrit-Change-Number: 1195 Gerrit-PatchSet: 8 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: ordex <an...@ma...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-MessageType: newpatchset |
|
From: cron2 (C. Review) <ge...@op...> - 2025-09-26 20:50:54
|
cron2 has submitted this change. ( http://gerrit.openvpn.net/c/openvpn/+/1212?usp=email ) Change subject: ssl_openssl: Use uint16_t internally for TLS versions ...................................................................... ssl_openssl: Use uint16_t internally for TLS versions libressl changed the API for the involved functions. Since uint16_t is a true subset of int it should be safe to switch to that for all OpenSSL variants. One trivial drive-by fix in unrelated code to be able to enable -Wconversion fully for the file. This just adds a cast where the comment says we intend a cast. Change-Id: I9ea87531afb553f789289787403900a4758b8e1c Signed-off-by: Frank Lichtenheld <fr...@li...> Acked-by: MaxF <ma...@ma...> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1212 Message-Id: <202...@gr...> URL: https://sourceforge.net/p/openvpn/mailman/message/59238230/ Signed-off-by: Gert Doering <ge...@gr...> --- M src/openvpn/ssl_openssl.c 1 file changed, 7 insertions(+), 25 deletions(-) diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c index 89deeaa..434df7d 100644 --- a/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c @@ -235,8 +235,8 @@ } /** Convert internal version number to openssl version number */ -static int -openssl_tls_version(int ver) +static uint16_t +openssl_tls_version(unsigned int ver) { if (ver == TLS_VER_1_0) { @@ -272,23 +272,18 @@ return 0; } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Wconversion" -#endif - static bool tls_ctx_set_tls_versions(struct tls_root_ctx *ctx, unsigned int ssl_flags) { - int tls_ver_min = + uint16_t tls_ver_min = openssl_tls_version((ssl_flags >> SSLF_TLS_VERSION_MIN_SHIFT) & SSLF_TLS_VERSION_MIN_MASK); - int tls_ver_max = + uint16_t tls_ver_max = openssl_tls_version((ssl_flags >> SSLF_TLS_VERSION_MAX_SHIFT) & SSLF_TLS_VERSION_MAX_MASK); if (!tls_ver_min) { /* Enforce at least TLS 1.0 */ - int cur_min = SSL_CTX_get_min_proto_version(ctx->ctx); + uint16_t cur_min = (uint16_t)SSL_CTX_get_min_proto_version(ctx->ctx); tls_ver_min = cur_min < TLS1_VERSION ? TLS1_VERSION : cur_min; } @@ -387,7 +382,7 @@ /* %.*s format specifier expects length of type int, so guarantee */ /* that length is small enough and cast to int. */ msg(D_LOW, "No valid translation found for TLS cipher '%.*s'", - constrain_int(current_cipher_len, 0, 256), current_cipher); + constrain_int((int)current_cipher_len, 0, 256), current_cipher); } else { @@ -429,10 +424,6 @@ } } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic pop -#endif - void tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers) { @@ -2522,11 +2513,6 @@ msg(D_HANDSHAKE, "%s%s%s%s%s", s1, s2, s3, s4, s5); } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Wconversion" -#endif - void show_available_tls_ciphers_list(const char *cipher_list, const char *tls_cert_profile, bool tls13) { @@ -2541,7 +2527,7 @@ #if defined(TLS1_3_VERSION) if (tls13) { - SSL_CTX_set_min_proto_version(tls_ctx.ctx, openssl_tls_version(TLS_VER_1_3)); + SSL_CTX_set_min_proto_version(tls_ctx.ctx, TLS1_3_VERSION); tls_ctx_restrict_ciphers_tls13(&tls_ctx, cipher_list); } else @@ -2594,10 +2580,6 @@ SSL_CTX_free(tls_ctx.ctx); } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic pop -#endif - /* * Show the Elliptic curves that are available for us to use * in the OpenSSL library. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1212?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I9ea87531afb553f789289787403900a4758b8e1c Gerrit-Change-Number: 1212 Gerrit-PatchSet: 3 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: MaxF <ma...@ma...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-MessageType: merged |
|
From: cron2 (C. Review) <ge...@op...> - 2025-09-26 20:50:52
|
cron2 has uploaded a new patch set (#3) to the change originally created by flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/1212?usp=email ) The following approvals got outdated and were removed: Code-Review+2 by MaxF Change subject: ssl_openssl: Use uint16_t internally for TLS versions ...................................................................... ssl_openssl: Use uint16_t internally for TLS versions libressl changed the API for the involved functions. Since uint16_t is a true subset of int it should be safe to switch to that for all OpenSSL variants. One trivial drive-by fix in unrelated code to be able to enable -Wconversion fully for the file. This just adds a cast where the comment says we intend a cast. Change-Id: I9ea87531afb553f789289787403900a4758b8e1c Signed-off-by: Frank Lichtenheld <fr...@li...> Acked-by: MaxF <ma...@ma...> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1212 Message-Id: <202...@gr...> URL: https://sourceforge.net/p/openvpn/mailman/message/59238230/ Signed-off-by: Gert Doering <ge...@gr...> --- M src/openvpn/ssl_openssl.c 1 file changed, 7 insertions(+), 25 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/12/1212/3 diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c index 89deeaa..434df7d 100644 --- a/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c @@ -235,8 +235,8 @@ } /** Convert internal version number to openssl version number */ -static int -openssl_tls_version(int ver) +static uint16_t +openssl_tls_version(unsigned int ver) { if (ver == TLS_VER_1_0) { @@ -272,23 +272,18 @@ return 0; } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Wconversion" -#endif - static bool tls_ctx_set_tls_versions(struct tls_root_ctx *ctx, unsigned int ssl_flags) { - int tls_ver_min = + uint16_t tls_ver_min = openssl_tls_version((ssl_flags >> SSLF_TLS_VERSION_MIN_SHIFT) & SSLF_TLS_VERSION_MIN_MASK); - int tls_ver_max = + uint16_t tls_ver_max = openssl_tls_version((ssl_flags >> SSLF_TLS_VERSION_MAX_SHIFT) & SSLF_TLS_VERSION_MAX_MASK); if (!tls_ver_min) { /* Enforce at least TLS 1.0 */ - int cur_min = SSL_CTX_get_min_proto_version(ctx->ctx); + uint16_t cur_min = (uint16_t)SSL_CTX_get_min_proto_version(ctx->ctx); tls_ver_min = cur_min < TLS1_VERSION ? TLS1_VERSION : cur_min; } @@ -387,7 +382,7 @@ /* %.*s format specifier expects length of type int, so guarantee */ /* that length is small enough and cast to int. */ msg(D_LOW, "No valid translation found for TLS cipher '%.*s'", - constrain_int(current_cipher_len, 0, 256), current_cipher); + constrain_int((int)current_cipher_len, 0, 256), current_cipher); } else { @@ -429,10 +424,6 @@ } } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic pop -#endif - void tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers) { @@ -2522,11 +2513,6 @@ msg(D_HANDSHAKE, "%s%s%s%s%s", s1, s2, s3, s4, s5); } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Wconversion" -#endif - void show_available_tls_ciphers_list(const char *cipher_list, const char *tls_cert_profile, bool tls13) { @@ -2541,7 +2527,7 @@ #if defined(TLS1_3_VERSION) if (tls13) { - SSL_CTX_set_min_proto_version(tls_ctx.ctx, openssl_tls_version(TLS_VER_1_3)); + SSL_CTX_set_min_proto_version(tls_ctx.ctx, TLS1_3_VERSION); tls_ctx_restrict_ciphers_tls13(&tls_ctx, cipher_list); } else @@ -2594,10 +2580,6 @@ SSL_CTX_free(tls_ctx.ctx); } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic pop -#endif - /* * Show the Elliptic curves that are available for us to use * in the OpenSSL library. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1212?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I9ea87531afb553f789289787403900a4758b8e1c Gerrit-Change-Number: 1212 Gerrit-PatchSet: 3 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: MaxF <ma...@ma...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-MessageType: newpatchset |
|
From: Gert D. <ge...@gr...> - 2025-09-26 20:50:43
|
Looked at this as well, makes sense, MaxF was faster with the +2 ;-)
Your patch has been applied to the master branch.
commit 04d24fbeb529991734cc0951037cd4a94376b025
Author: Frank Lichtenheld
Date: Wed Sep 24 17:02:55 2025 +0200
ssl_openssl: Use uint16_t internally for TLS versions
Signed-off-by: Frank Lichtenheld <fr...@li...>
Acked-by: MaxF <ma...@ma...>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1212
Message-Id: <202...@gr...>
URL: https://sourceforge.net/p/openvpn/mailman/message/59238230/
Signed-off-by: Gert Doering <ge...@gr...>
--
kind regards,
Gert Doering
|
|
From: cron2 (C. Review) <ge...@op...> - 2025-09-26 20:39:24
|
cron2 has submitted this change. ( http://gerrit.openvpn.net/c/openvpn/+/1220?usp=email ) Change subject: dco_linux: Fix -Wconversion warnings ...................................................................... dco_linux: Fix -Wconversion warnings Combination of using the correct types and some unavoidable safe size_t->int casts. Change-Id: I473d345d10fc406f76fbdb131c28cc4fc54822fd Signed-off-by: Frank Lichtenheld <fr...@li...> Acked-by: Antonio Quartulli <an...@ma...> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1220 Message-Id: <202...@gr...> URL: https://sourceforge.net/p/openvpn/mailman/message/59239172/ Signed-off-by: Gert Doering <ge...@gr...> --- M src/openvpn/dco_linux.c 1 file changed, 5 insertions(+), 14 deletions(-) diff --git a/src/openvpn/dco_linux.c b/src/openvpn/dco_linux.c index 395a38f..d46fa46 100644 --- a/src/openvpn/dco_linux.c +++ b/src/openvpn/dco_linux.c @@ -62,11 +62,6 @@ typedef int (*ovpn_nl_cb)(struct nl_msg *msg, void *arg); -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Wconversion" -#endif - /** * @brief resolves the netlink ID for ovpn-dco * @@ -110,7 +105,7 @@ } static struct nl_msg * -ovpn_dco_nlmsg_create(dco_context_t *dco, int cmd) +ovpn_dco_nlmsg_create(dco_context_t *dco, uint8_t cmd) { struct nl_msg *nl_msg = nlmsg_alloc(); if (!nl_msg) @@ -346,7 +341,7 @@ if (!(nlh->nlmsg_flags & NLM_F_CAPPED)) { - ack_len += err->msg.nlmsg_len - sizeof(*nlh); + ack_len += err->msg.nlmsg_len - (int)sizeof(*nlh); } if (len <= ack_len) @@ -360,8 +355,8 @@ nla_parse(tb_msg, OVPN_NLMSGERR_ATTR_MAX, attrs, len, NULL); if (tb_msg[NLMSGERR_ATTR_MSG]) { - len = strnlen((char *)nla_data(tb_msg[NLMSGERR_ATTR_MSG]), - nla_len(tb_msg[NLMSGERR_ATTR_MSG])); + len = (int)strnlen((char *)nla_data(tb_msg[NLMSGERR_ATTR_MSG]), + nla_len(tb_msg[NLMSGERR_ATTR_MSG])); msg(M_WARN, "kernel error: %*s", len, (char *)nla_data(tb_msg[NLMSGERR_ATTR_MSG])); } @@ -606,7 +601,7 @@ msg(D_DCO_DEBUG, "%s: slot %d, key-id %d, peer-id %d, cipher %s", __func__, slot, keyid, peerid, ciphername); - const size_t key_len = cipher_kt_key_size(ciphername); + const int key_len = cipher_kt_key_size(ciphername); const int nonce_tail_len = 8; struct nl_msg *nl_msg = ovpn_dco_nlmsg_create(dco, OVPN_CMD_KEY_NEW); @@ -1303,8 +1298,4 @@ return "AES-128-GCM:AES-256-GCM:AES-192-GCM:CHACHA20-POLY1305"; } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic pop -#endif - #endif /* defined(ENABLE_DCO) && defined(TARGET_LINUX) */ -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1220?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I473d345d10fc406f76fbdb131c28cc4fc54822fd Gerrit-Change-Number: 1220 Gerrit-PatchSet: 2 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: ordex <an...@ma...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-MessageType: merged |
|
From: cron2 (C. Review) <ge...@op...> - 2025-09-26 20:39:16
|
cron2 has uploaded a new patch set (#2) to the change originally created by flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/1220?usp=email ) The following approvals got outdated and were removed: Code-Review+2 by ordex Change subject: dco_linux: Fix -Wconversion warnings ...................................................................... dco_linux: Fix -Wconversion warnings Combination of using the correct types and some unavoidable safe size_t->int casts. Change-Id: I473d345d10fc406f76fbdb131c28cc4fc54822fd Signed-off-by: Frank Lichtenheld <fr...@li...> Acked-by: Antonio Quartulli <an...@ma...> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1220 Message-Id: <202...@gr...> URL: https://sourceforge.net/p/openvpn/mailman/message/59239172/ Signed-off-by: Gert Doering <ge...@gr...> --- M src/openvpn/dco_linux.c 1 file changed, 5 insertions(+), 14 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/20/1220/2 diff --git a/src/openvpn/dco_linux.c b/src/openvpn/dco_linux.c index 395a38f..d46fa46 100644 --- a/src/openvpn/dco_linux.c +++ b/src/openvpn/dco_linux.c @@ -62,11 +62,6 @@ typedef int (*ovpn_nl_cb)(struct nl_msg *msg, void *arg); -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Wconversion" -#endif - /** * @brief resolves the netlink ID for ovpn-dco * @@ -110,7 +105,7 @@ } static struct nl_msg * -ovpn_dco_nlmsg_create(dco_context_t *dco, int cmd) +ovpn_dco_nlmsg_create(dco_context_t *dco, uint8_t cmd) { struct nl_msg *nl_msg = nlmsg_alloc(); if (!nl_msg) @@ -346,7 +341,7 @@ if (!(nlh->nlmsg_flags & NLM_F_CAPPED)) { - ack_len += err->msg.nlmsg_len - sizeof(*nlh); + ack_len += err->msg.nlmsg_len - (int)sizeof(*nlh); } if (len <= ack_len) @@ -360,8 +355,8 @@ nla_parse(tb_msg, OVPN_NLMSGERR_ATTR_MAX, attrs, len, NULL); if (tb_msg[NLMSGERR_ATTR_MSG]) { - len = strnlen((char *)nla_data(tb_msg[NLMSGERR_ATTR_MSG]), - nla_len(tb_msg[NLMSGERR_ATTR_MSG])); + len = (int)strnlen((char *)nla_data(tb_msg[NLMSGERR_ATTR_MSG]), + nla_len(tb_msg[NLMSGERR_ATTR_MSG])); msg(M_WARN, "kernel error: %*s", len, (char *)nla_data(tb_msg[NLMSGERR_ATTR_MSG])); } @@ -606,7 +601,7 @@ msg(D_DCO_DEBUG, "%s: slot %d, key-id %d, peer-id %d, cipher %s", __func__, slot, keyid, peerid, ciphername); - const size_t key_len = cipher_kt_key_size(ciphername); + const int key_len = cipher_kt_key_size(ciphername); const int nonce_tail_len = 8; struct nl_msg *nl_msg = ovpn_dco_nlmsg_create(dco, OVPN_CMD_KEY_NEW); @@ -1303,8 +1298,4 @@ return "AES-128-GCM:AES-256-GCM:AES-192-GCM:CHACHA20-POLY1305"; } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic pop -#endif - #endif /* defined(ENABLE_DCO) && defined(TARGET_LINUX) */ -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1220?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I473d345d10fc406f76fbdb131c28cc4fc54822fd Gerrit-Change-Number: 1220 Gerrit-PatchSet: 2 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: ordex <an...@ma...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-MessageType: newpatchset |
|
From: Gert D. <ge...@gr...> - 2025-09-26 20:39:07
|
Looks reasonable, has an ACK by the owner of the code :-) and BB is
happy, so what shall I say... (except "mail archive is not working").
Your patch has been applied to the master branch.
commit b2d5d7110cee0f6d1065617098fa8de4d0e24754
Author: Frank Lichtenheld
Date: Fri Sep 26 16:24:36 2025 +0200
dco_linux: Fix -Wconversion warnings
Signed-off-by: Frank Lichtenheld <fr...@li...>
Acked-by: Antonio Quartulli <an...@ma...>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1220
Message-Id: <202...@gr...>
URL: https://sourceforge.net/p/openvpn/mailman/message/59239172/
Signed-off-by: Gert Doering <ge...@gr...>
--
kind regards,
Gert Doering
|
|
From: mrbff (C. Review) <ge...@op...> - 2025-09-26 20:06:15
|
mrbff has abandoned this change. ( http://gerrit.openvpn.net/c/openvpn/+/902?usp=email ) Change subject: route: handle default gateway (net_gateway) and nexthop towards VPN server separately ...................................................................... Abandoned -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/902?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ifc54be34101c0eb0f3dc479a9480d7219628cc76 Gerrit-Change-Number: 902 Gerrit-PatchSet: 1 Gerrit-Owner: mrbff <ma...@ma...> Gerrit-Reviewer: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-MessageType: abandon |
|
From: cron2 (C. Review) <ge...@op...> - 2025-09-26 17:12:23
|
cron2 has submitted this change. ( http://gerrit.openvpn.net/c/openvpn/+/1221?usp=email ) Change subject: dco_win: In dco_new_key, document size assumptions for the integer casts ...................................................................... dco_win: In dco_new_key, document size assumptions for the integer casts And make all casts explicit so that compiler doesn't complain. Change-Id: I612bf3b1c56d70a89fc04fad6fe36fd9fadfd258 Signed-off-by: Frank Lichtenheld <fr...@li...> Acked-by: MaxF <ma...@ma...> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1221 Message-Id: <202...@gr...> URL: https://www.mail-archive.com/ope...@li.../msg33229.html Signed-off-by: Gert Doering <ge...@gr...> --- M src/openvpn/dco_win.c 1 file changed, 5 insertions(+), 12 deletions(-) diff --git a/src/openvpn/dco_win.c b/src/openvpn/dco_win.c index 9e52859..7dd43d6 100644 --- a/src/openvpn/dco_win.c +++ b/src/openvpn/dco_win.c @@ -525,11 +525,6 @@ return 0; } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Wconversion" -#endif - int dco_new_key(dco_context_t *dco, unsigned int peerid, int keyid, dco_key_slot_t slot, const uint8_t *encrypt_key, const uint8_t *encrypt_iv, const uint8_t *decrypt_key, @@ -540,21 +535,23 @@ const int nonce_len = 8; size_t key_len = cipher_kt_key_size(ciphername); + ASSERT(key_len <= 32); OVPN_CRYPTO_DATA crypto_data; ZeroMemory(&crypto_data, sizeof(crypto_data)); crypto_data.CipherAlg = dco_get_cipher(ciphername); - crypto_data.KeyId = keyid; + ASSERT(keyid > 0 && keyid <= UCHAR_MAX); + crypto_data.KeyId = (unsigned char)keyid; crypto_data.PeerId = peerid; crypto_data.KeySlot = slot; CopyMemory(crypto_data.Encrypt.Key, encrypt_key, key_len); - crypto_data.Encrypt.KeyLen = (char)key_len; + crypto_data.Encrypt.KeyLen = (unsigned char)key_len; CopyMemory(crypto_data.Encrypt.NonceTail, encrypt_iv, nonce_len); CopyMemory(crypto_data.Decrypt.Key, decrypt_key, key_len); - crypto_data.Decrypt.KeyLen = (char)key_len; + crypto_data.Decrypt.KeyLen = (unsigned char)key_len; CopyMemory(crypto_data.Decrypt.NonceTail, decrypt_iv, nonce_len); ASSERT(crypto_data.CipherAlg > 0); @@ -570,10 +567,6 @@ return 0; } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic pop -#endif - int dco_del_key(dco_context_t *dco, unsigned int peerid, dco_key_slot_t slot) { -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1221?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I612bf3b1c56d70a89fc04fad6fe36fd9fadfd258 Gerrit-Change-Number: 1221 Gerrit-PatchSet: 2 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: MaxF <ma...@ma...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-MessageType: merged |
|
From: cron2 (C. Review) <ge...@op...> - 2025-09-26 17:12:17
|
cron2 has uploaded a new patch set (#2) to the change originally created by flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/1221?usp=email ) The following approvals got outdated and were removed: Code-Review+2 by MaxF Change subject: dco_win: In dco_new_key, document size assumptions for the integer casts ...................................................................... dco_win: In dco_new_key, document size assumptions for the integer casts And make all casts explicit so that compiler doesn't complain. Change-Id: I612bf3b1c56d70a89fc04fad6fe36fd9fadfd258 Signed-off-by: Frank Lichtenheld <fr...@li...> Acked-by: MaxF <ma...@ma...> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1221 Message-Id: <202...@gr...> URL: https://www.mail-archive.com/ope...@li.../msg33229.html Signed-off-by: Gert Doering <ge...@gr...> --- M src/openvpn/dco_win.c 1 file changed, 5 insertions(+), 12 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/21/1221/2 diff --git a/src/openvpn/dco_win.c b/src/openvpn/dco_win.c index 9e52859..7dd43d6 100644 --- a/src/openvpn/dco_win.c +++ b/src/openvpn/dco_win.c @@ -525,11 +525,6 @@ return 0; } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Wconversion" -#endif - int dco_new_key(dco_context_t *dco, unsigned int peerid, int keyid, dco_key_slot_t slot, const uint8_t *encrypt_key, const uint8_t *encrypt_iv, const uint8_t *decrypt_key, @@ -540,21 +535,23 @@ const int nonce_len = 8; size_t key_len = cipher_kt_key_size(ciphername); + ASSERT(key_len <= 32); OVPN_CRYPTO_DATA crypto_data; ZeroMemory(&crypto_data, sizeof(crypto_data)); crypto_data.CipherAlg = dco_get_cipher(ciphername); - crypto_data.KeyId = keyid; + ASSERT(keyid > 0 && keyid <= UCHAR_MAX); + crypto_data.KeyId = (unsigned char)keyid; crypto_data.PeerId = peerid; crypto_data.KeySlot = slot; CopyMemory(crypto_data.Encrypt.Key, encrypt_key, key_len); - crypto_data.Encrypt.KeyLen = (char)key_len; + crypto_data.Encrypt.KeyLen = (unsigned char)key_len; CopyMemory(crypto_data.Encrypt.NonceTail, encrypt_iv, nonce_len); CopyMemory(crypto_data.Decrypt.Key, decrypt_key, key_len); - crypto_data.Decrypt.KeyLen = (char)key_len; + crypto_data.Decrypt.KeyLen = (unsigned char)key_len; CopyMemory(crypto_data.Decrypt.NonceTail, decrypt_iv, nonce_len); ASSERT(crypto_data.CipherAlg > 0); @@ -570,10 +567,6 @@ return 0; } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic pop -#endif - int dco_del_key(dco_context_t *dco, unsigned int peerid, dco_key_slot_t slot) { -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1221?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I612bf3b1c56d70a89fc04fad6fe36fd9fadfd258 Gerrit-Change-Number: 1221 Gerrit-PatchSet: 2 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: MaxF <ma...@ma...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-MessageType: newpatchset |
|
From: Gert D. <ge...@gr...> - 2025-09-26 17:12:11
|
Looks reasonable... especially since there already was a (char) cast for
both KeyId and KeyLen, it was just missing the right signedness...
Your patch has been applied to the master branch.
commit e77c34370dbe0f894a2a927e18eb9f50a5820954
Author: Frank Lichtenheld
Date: Fri Sep 26 18:51:46 2025 +0200
dco_win: In dco_new_key, document size assumptions for the integer casts
Signed-off-by: Frank Lichtenheld <fr...@li...>
Acked-by: MaxF <ma...@ma...>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1221
Message-Id: <202...@gr...>
URL: https://www.mail-archive.com/ope...@li.../msg33229.html
Signed-off-by: Gert Doering <ge...@gr...>
--
kind regards,
Gert Doering
|
|
From: MaxF (C. Review) <ge...@op...> - 2025-09-26 17:08:53
|
Attention is currently required from: flichtenheld, plaisthos. MaxF has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/1153?usp=email ) Change subject: options: Review use of positive_atoi vs atoi_constrained ...................................................................... Patch Set 5: Code-Review+1 (1 comment) File src/openvpn/options.c: http://gerrit.openvpn.net/c/openvpn/+/1153/comment/b09f5803_fa7ecbdd : PS5, Line 7997: atoi_constrained(p[1], &options->max_routes_per_client, p[0], 1, INT_MAX, msglevel); This changes the program behavior. Before, it silently corrected max_routes_per_client to 1, now it exits with an error. Probably a good change, but I'm not sure if you intended this commit to change behavior. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1153?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Id440917f433aab1a7db608ba04fa95ba47c2ddde Gerrit-Change-Number: 1153 Gerrit-PatchSet: 5 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: MaxF <ma...@ma...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-Attention: plaisthos <arn...@rf...> Gerrit-Attention: flichtenheld <fr...@li...> Gerrit-Comment-Date: Fri, 26 Sep 2025 17:08:44 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes Gerrit-MessageType: comment |
|
From: cron2 (C. Review) <ge...@op...> - 2025-09-26 17:06:02
|
cron2 has submitted this change. ( http://gerrit.openvpn.net/c/openvpn/+/1215?usp=email ) Change subject: comp-lz4: Fix types in call to LZ4_decompress_safe ...................................................................... comp-lz4: Fix types in call to LZ4_decompress_safe This is ints all around but we uselessly threw some size_t conversions in there. Change-Id: Ie550dd4df65dc4fc13c839c3e745ba96e0c5c564 Signed-off-by: Frank Lichtenheld <fr...@li...> Acked-by: MaxF <ma...@ma...> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1215 Message-Id: <202...@gr...> URL: https://www.mail-archive.com/ope...@li.../msg33228.html Signed-off-by: Gert Doering <ge...@gr...> --- M src/openvpn/comp-lz4.c 1 file changed, 5 insertions(+), 15 deletions(-) diff --git a/src/openvpn/comp-lz4.c b/src/openvpn/comp-lz4.c index a78c664..53a5b3f 100644 --- a/src/openvpn/comp-lz4.c +++ b/src/openvpn/comp-lz4.c @@ -88,19 +88,13 @@ compv2_escape_data_ifneeded(buf); } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Wconversion" -#endif - static void -do_lz4_decompress(size_t zlen_max, struct buffer *work, struct buffer *buf, +do_lz4_decompress(int zlen_max, struct buffer *work, struct buffer *buf, struct compress_context *compctx) { - int uncomp_len; ASSERT(buf_safe(work, zlen_max)); - uncomp_len = LZ4_decompress_safe((const char *)BPTR(buf), (char *)BPTR(work), (size_t)BLEN(buf), - zlen_max); + int uncomp_len = LZ4_decompress_safe((const char *)BPTR(buf), (char *)BPTR(work), BLEN(buf), + zlen_max); if (uncomp_len <= 0) { dmsg(D_COMP_ERRORS, "LZ4 decompression error: %d", uncomp_len); @@ -118,15 +112,11 @@ *buf = *work; } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic pop -#endif - static void lz4_decompress(struct buffer *buf, struct buffer work, struct compress_context *compctx, const struct frame *frame) { - size_t zlen_max = frame->buf.payload_size; + int zlen_max = frame->buf.payload_size; uint8_t c; /* flag indicating whether or not our peer compressed */ if (buf->len <= 0) @@ -163,7 +153,7 @@ lz4v2_decompress(struct buffer *buf, struct buffer work, struct compress_context *compctx, const struct frame *frame) { - size_t zlen_max = frame->buf.payload_size; + int zlen_max = frame->buf.payload_size; uint8_t c; /* flag indicating whether or not our peer compressed */ if (buf->len <= 0) -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1215?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ie550dd4df65dc4fc13c839c3e745ba96e0c5c564 Gerrit-Change-Number: 1215 Gerrit-PatchSet: 2 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: MaxF <ma...@ma...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-MessageType: merged |
|
From: cron2 (C. Review) <ge...@op...> - 2025-09-26 17:06:01
|
cron2 has uploaded a new patch set (#2) to the change originally created by flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/1215?usp=email ) The following approvals got outdated and were removed: Code-Review+2 by MaxF Change subject: comp-lz4: Fix types in call to LZ4_decompress_safe ...................................................................... comp-lz4: Fix types in call to LZ4_decompress_safe This is ints all around but we uselessly threw some size_t conversions in there. Change-Id: Ie550dd4df65dc4fc13c839c3e745ba96e0c5c564 Signed-off-by: Frank Lichtenheld <fr...@li...> Acked-by: MaxF <ma...@ma...> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1215 Message-Id: <202...@gr...> URL: https://www.mail-archive.com/ope...@li.../msg33228.html Signed-off-by: Gert Doering <ge...@gr...> --- M src/openvpn/comp-lz4.c 1 file changed, 5 insertions(+), 15 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/15/1215/2 diff --git a/src/openvpn/comp-lz4.c b/src/openvpn/comp-lz4.c index a78c664..53a5b3f 100644 --- a/src/openvpn/comp-lz4.c +++ b/src/openvpn/comp-lz4.c @@ -88,19 +88,13 @@ compv2_escape_data_ifneeded(buf); } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Wconversion" -#endif - static void -do_lz4_decompress(size_t zlen_max, struct buffer *work, struct buffer *buf, +do_lz4_decompress(int zlen_max, struct buffer *work, struct buffer *buf, struct compress_context *compctx) { - int uncomp_len; ASSERT(buf_safe(work, zlen_max)); - uncomp_len = LZ4_decompress_safe((const char *)BPTR(buf), (char *)BPTR(work), (size_t)BLEN(buf), - zlen_max); + int uncomp_len = LZ4_decompress_safe((const char *)BPTR(buf), (char *)BPTR(work), BLEN(buf), + zlen_max); if (uncomp_len <= 0) { dmsg(D_COMP_ERRORS, "LZ4 decompression error: %d", uncomp_len); @@ -118,15 +112,11 @@ *buf = *work; } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic pop -#endif - static void lz4_decompress(struct buffer *buf, struct buffer work, struct compress_context *compctx, const struct frame *frame) { - size_t zlen_max = frame->buf.payload_size; + int zlen_max = frame->buf.payload_size; uint8_t c; /* flag indicating whether or not our peer compressed */ if (buf->len <= 0) @@ -163,7 +153,7 @@ lz4v2_decompress(struct buffer *buf, struct buffer work, struct compress_context *compctx, const struct frame *frame) { - size_t zlen_max = frame->buf.payload_size; + int zlen_max = frame->buf.payload_size; uint8_t c; /* flag indicating whether or not our peer compressed */ if (buf->len <= 0) -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1215?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ie550dd4df65dc4fc13c839c3e745ba96e0c5c564 Gerrit-Change-Number: 1215 Gerrit-PatchSet: 2 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: MaxF <ma...@ma...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-MessageType: newpatchset |
|
From: Gert D. <ge...@gr...> - 2025-09-26 17:05:54
|
Ints all around... and one set of #pragma gone again :-) - BB t_client
tests do test lz4, so the code is excercised.
Your patch has been applied to the master branch.
commit 2682fb541ef9068e9707a3a90c16038e6f516b0f
Author: Frank Lichtenheld
Date: Fri Sep 26 18:48:39 2025 +0200
comp-lz4: Fix types in call to LZ4_decompress_safe
Signed-off-by: Frank Lichtenheld <fr...@li...>
Acked-by: MaxF <ma...@ma...>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1215
Message-Id: <202...@gr...>
URL: https://www.mail-archive.com/ope...@li.../msg33228.html
Signed-off-by: Gert Doering <ge...@gr...>
--
kind regards,
Gert Doering
|
|
From: cron2 (C. Review) <ge...@op...> - 2025-09-26 17:02:41
|
cron2 has uploaded a new patch set (#2) to the change originally created by flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/1211?usp=email ) The following approvals got outdated and were removed: Code-Review+2 by uddr Change subject: GHA: Dependency updates September 2025 ...................................................................... GHA: Dependency updates September 2025 chore(deps): update dependency aws/aws-lc to v1.61.3 chore(deps): update vcpkg digest to 9c5c2a0 chore(deps): update github actions Change-Id: I6725b55c9e7bf5410bde09659131590d40bfee4d Signed-off-by: Frank Lichtenheld <fr...@li...> Acked-by: Yuriy Darnobyt <yur...@gm...> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1211 Message-Id: <202...@li...> URL: https://www.mail-archive.com/ope...@li.../msg33220.html Signed-off-by: Gert Doering <ge...@gr...> --- M .github/workflows/build.yaml M .github/workflows/coverity-scan.yml M .github/workflows/doxygen.yml 3 files changed, 28 insertions(+), 28 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/11/1211/2 diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index a306670..1cef154 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -14,7 +14,7 @@ sudo apt update && sudo apt install -y python3-pip pip3 install pre-commit - name: Checkout OpenVPN - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Run clang-format run: pre-commit run -a --show-diff-on-failure || true - name: Check for changes @@ -44,12 +44,12 @@ VCPKG_INSTALLED_DIR: ${{ github.workspace }}/vcpkg/installed steps: - name: Checkout OpenVPN - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - uses: lukka/get-cmake@6b3e96a9bc9976b8b546346fdd102effedae0ca8 # v4.0.3 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: lukka/get-cmake@2ecc21724e5215b0e567bc399a2602d2ecb48541 # v4.1.1 - name: Install vcpkg uses: lukka/run-vcpkg@5e0cab206a5ea620130caf672fce3e4a6b5666a1 # v11.5 with: - vcpkgGitCommitId: f33cc491c85a7d643c5ab6da1667c1458e6d7abf + vcpkgGitCommitId: 9c5c2a0ab75aff5bcd08142525f6ff7f6f7ddeee - name: Install dependencies run: ${VCPKG_ROOT}/vcpkg install openssl lz4 cmocka - name: configure OpenVPN with cmake @@ -77,13 +77,13 @@ - name: Install dependencies run: sudo apt update && sudo apt install -y mingw-w64 unzip build-essential wget python3-docutils man2html-base - name: Checkout OpenVPN - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - - uses: lukka/get-cmake@6b3e96a9bc9976b8b546346fdd102effedae0ca8 # v4.0.3 + - uses: lukka/get-cmake@2ecc21724e5215b0e567bc399a2602d2ecb48541 # v4.1.1 - name: Restore from cache and install vcpkg uses: lukka/run-vcpkg@5e0cab206a5ea620130caf672fce3e4a6b5666a1 # v11.5 with: - vcpkgGitCommitId: f33cc491c85a7d643c5ab6da1667c1458e6d7abf + vcpkgGitCommitId: 9c5c2a0ab75aff5bcd08142525f6ff7f6f7ddeee vcpkgJsonGlob: '**/mingw/vcpkg.json' - name: Run CMake with vcpkg.json manifest @@ -120,9 +120,9 @@ name: "mingw unittest ${{ matrix.test }} - ${{ matrix.arch }} - OSSL" steps: - name: Checkout OpenVPN - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Retrieve mingw unittest - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 + uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 with: name: openvpn-mingw-${{ matrix.arch }}-tests path: unittests @@ -164,7 +164,7 @@ - name: Install dependencies run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev libcap-ng-dev libnl-genl-3-dev linux-libc-dev man2html libcmocka-dev python3-docutils libtool automake autoconf ${SSLPKG} ${PKCS11PKG} - name: Checkout OpenVPN - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: autoconf run: autoreconf -fvi - name: configure @@ -194,7 +194,7 @@ - name: Install dependencies run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev libcap-ng-dev libnl-genl-3-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils libtool automake autoconf libmbedtls-dev - name: Checkout OpenVPN - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: autoconf run: autoreconf -fvi - name: configure @@ -234,7 +234,7 @@ - name: Install dependencies run: brew install ${{matrix.ssllib}} lzo lz4 man2html cmocka libtool automake autoconf - name: Checkout OpenVPN - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Set environment run: | cat >>$GITHUB_ENV <<EOF; @@ -266,8 +266,8 @@ runs-on: windows-2025 steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - uses: lukka/get-cmake@6b3e96a9bc9976b8b546346fdd102effedae0ca8 # v4.0.3 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: lukka/get-cmake@2ecc21724e5215b0e567bc399a2602d2ecb48541 # v4.1.1 - name: Install rst2html run: python -m pip install --upgrade pip docutils @@ -275,7 +275,7 @@ - name: Restore artifacts, or setup vcpkg (do not install any package) uses: lukka/run-vcpkg@5e0cab206a5ea620130caf672fce3e4a6b5666a1 # v11.5 with: - vcpkgGitCommitId: f33cc491c85a7d643c5ab6da1667c1458e6d7abf + vcpkgGitCommitId: 9c5c2a0ab75aff5bcd08142525f6ff7f6f7ddeee vcpkgJsonGlob: '**/windows/vcpkg.json' - name: Run CMake with vcpkg.json manifest (NO TESTS) @@ -334,7 +334,7 @@ - name: Install dependencies run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils libtool automake autoconf pkg-config libcap-ng-dev libnl-genl-3-dev - name: "libressl: checkout" - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: path: libressl # versioning=semver-coerced @@ -357,7 +357,7 @@ - name: "ldconfig" run: sudo ldconfig - name: Checkout OpenVPN - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: autoconf run: autoreconf -fvi - name: configure @@ -398,7 +398,7 @@ - name: Install dependencies run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils python3-jinja2 python3-jsonschema libtool automake autoconf pkg-config libcap-ng-dev libnl-genl-3-dev - name: "mbedtls: checkout" - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: path: mbedtls submodules: true @@ -412,7 +412,7 @@ run: sudo make install DESTDIR=/usr working-directory: mbedtls - name: Checkout OpenVPN - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: autoconf run: autoreconf -fvi - name: configure @@ -457,13 +457,13 @@ - name: Install dependencies run: sudo apt update && sudo apt install -y gcc golang make liblzo2-dev libpam0g-dev liblz4-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils python3-jinja2 python3-jsonschema libtool automake autoconf pkg-config libcap-ng-dev libnl-genl-3-dev - name: "AWS-LC: checkout" - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: path: aws-lc # versioning=semver-coerced repository: aws/aws-lc - ref: v1.55.0 - - uses: lukka/get-cmake@6b3e96a9bc9976b8b546346fdd102effedae0ca8 # v4.0.3 + ref: v1.61.3 + - uses: lukka/get-cmake@2ecc21724e5215b0e567bc399a2602d2ecb48541 # v4.1.1 - name: "AWS-LC: build" run: | mkdir build @@ -472,7 +472,7 @@ ninja install working-directory: aws-lc - name: Checkout OpenVPN - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: autoconf run: autoreconf -fvi - name: configure with AWS-LC diff --git a/.github/workflows/coverity-scan.yml b/.github/workflows/coverity-scan.yml index 222c57e..e90aa2e 100644 --- a/.github/workflows/coverity-scan.yml +++ b/.github/workflows/coverity-scan.yml @@ -13,7 +13,7 @@ steps: - name: Check submission cache id: check_submit - uses: actions/cache/restore@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 + uses: actions/cache/restore@0400d5f644dc74513175e3cd8d07132dd4860809 # v4.2.4 with: path: | cov-int @@ -25,7 +25,7 @@ - name: Checkout OpenVPN if: steps.check_submit.outputs.cache-hit != 'true' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Download Coverity Build Tool if: steps.check_submit.outputs.cache-hit != 'true' @@ -65,7 +65,7 @@ - name: Cache submission if: steps.check_submit.outputs.cache-hit != 'true' - uses: actions/cache/save@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 + uses: actions/cache/save@0400d5f644dc74513175e3cd8d07132dd4860809 # v4.2.4 with: path: | cov-int diff --git a/.github/workflows/doxygen.yml b/.github/workflows/doxygen.yml index 751258a..eaa7e4c 100644 --- a/.github/workflows/doxygen.yml +++ b/.github/workflows/doxygen.yml @@ -11,7 +11,7 @@ runs-on: ubuntu-24.04 if: ${{ github.repository_owner == 'openvpn' || github.event_name == 'workflow_dispatch' }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: path: openvpn @@ -35,7 +35,7 @@ touch doc/doxygen/html/.nojekyll - name: Upload static files as artifact id: deployment - uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3.0.1 + uses: actions/upload-pages-artifact@7b1f4a764d45c48632c6b24a0339c27f5614fb0b # v4.0.0 with: path: doxygen/doc/doxygen/html/ -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1211?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I6725b55c9e7bf5410bde09659131590d40bfee4d Gerrit-Change-Number: 1211 Gerrit-PatchSet: 2 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-Reviewer: uddr <yur...@gm...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-MessageType: newpatchset |
|
From: cron2 (C. Review) <ge...@op...> - 2025-09-26 17:02:37
|
cron2 has submitted this change. ( http://gerrit.openvpn.net/c/openvpn/+/1211?usp=email ) Change subject: GHA: Dependency updates September 2025 ...................................................................... GHA: Dependency updates September 2025 chore(deps): update dependency aws/aws-lc to v1.61.3 chore(deps): update vcpkg digest to 9c5c2a0 chore(deps): update github actions Change-Id: I6725b55c9e7bf5410bde09659131590d40bfee4d Signed-off-by: Frank Lichtenheld <fr...@li...> Acked-by: Yuriy Darnobyt <yur...@gm...> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1211 Message-Id: <202...@li...> URL: https://www.mail-archive.com/ope...@li.../msg33220.html Signed-off-by: Gert Doering <ge...@gr...> --- M .github/workflows/build.yaml M .github/workflows/coverity-scan.yml M .github/workflows/doxygen.yml 3 files changed, 28 insertions(+), 28 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index a306670..1cef154 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -14,7 +14,7 @@ sudo apt update && sudo apt install -y python3-pip pip3 install pre-commit - name: Checkout OpenVPN - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Run clang-format run: pre-commit run -a --show-diff-on-failure || true - name: Check for changes @@ -44,12 +44,12 @@ VCPKG_INSTALLED_DIR: ${{ github.workspace }}/vcpkg/installed steps: - name: Checkout OpenVPN - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - uses: lukka/get-cmake@6b3e96a9bc9976b8b546346fdd102effedae0ca8 # v4.0.3 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: lukka/get-cmake@2ecc21724e5215b0e567bc399a2602d2ecb48541 # v4.1.1 - name: Install vcpkg uses: lukka/run-vcpkg@5e0cab206a5ea620130caf672fce3e4a6b5666a1 # v11.5 with: - vcpkgGitCommitId: f33cc491c85a7d643c5ab6da1667c1458e6d7abf + vcpkgGitCommitId: 9c5c2a0ab75aff5bcd08142525f6ff7f6f7ddeee - name: Install dependencies run: ${VCPKG_ROOT}/vcpkg install openssl lz4 cmocka - name: configure OpenVPN with cmake @@ -77,13 +77,13 @@ - name: Install dependencies run: sudo apt update && sudo apt install -y mingw-w64 unzip build-essential wget python3-docutils man2html-base - name: Checkout OpenVPN - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - - uses: lukka/get-cmake@6b3e96a9bc9976b8b546346fdd102effedae0ca8 # v4.0.3 + - uses: lukka/get-cmake@2ecc21724e5215b0e567bc399a2602d2ecb48541 # v4.1.1 - name: Restore from cache and install vcpkg uses: lukka/run-vcpkg@5e0cab206a5ea620130caf672fce3e4a6b5666a1 # v11.5 with: - vcpkgGitCommitId: f33cc491c85a7d643c5ab6da1667c1458e6d7abf + vcpkgGitCommitId: 9c5c2a0ab75aff5bcd08142525f6ff7f6f7ddeee vcpkgJsonGlob: '**/mingw/vcpkg.json' - name: Run CMake with vcpkg.json manifest @@ -120,9 +120,9 @@ name: "mingw unittest ${{ matrix.test }} - ${{ matrix.arch }} - OSSL" steps: - name: Checkout OpenVPN - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Retrieve mingw unittest - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 + uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 with: name: openvpn-mingw-${{ matrix.arch }}-tests path: unittests @@ -164,7 +164,7 @@ - name: Install dependencies run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev libcap-ng-dev libnl-genl-3-dev linux-libc-dev man2html libcmocka-dev python3-docutils libtool automake autoconf ${SSLPKG} ${PKCS11PKG} - name: Checkout OpenVPN - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: autoconf run: autoreconf -fvi - name: configure @@ -194,7 +194,7 @@ - name: Install dependencies run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev libcap-ng-dev libnl-genl-3-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils libtool automake autoconf libmbedtls-dev - name: Checkout OpenVPN - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: autoconf run: autoreconf -fvi - name: configure @@ -234,7 +234,7 @@ - name: Install dependencies run: brew install ${{matrix.ssllib}} lzo lz4 man2html cmocka libtool automake autoconf - name: Checkout OpenVPN - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Set environment run: | cat >>$GITHUB_ENV <<EOF; @@ -266,8 +266,8 @@ runs-on: windows-2025 steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - uses: lukka/get-cmake@6b3e96a9bc9976b8b546346fdd102effedae0ca8 # v4.0.3 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: lukka/get-cmake@2ecc21724e5215b0e567bc399a2602d2ecb48541 # v4.1.1 - name: Install rst2html run: python -m pip install --upgrade pip docutils @@ -275,7 +275,7 @@ - name: Restore artifacts, or setup vcpkg (do not install any package) uses: lukka/run-vcpkg@5e0cab206a5ea620130caf672fce3e4a6b5666a1 # v11.5 with: - vcpkgGitCommitId: f33cc491c85a7d643c5ab6da1667c1458e6d7abf + vcpkgGitCommitId: 9c5c2a0ab75aff5bcd08142525f6ff7f6f7ddeee vcpkgJsonGlob: '**/windows/vcpkg.json' - name: Run CMake with vcpkg.json manifest (NO TESTS) @@ -334,7 +334,7 @@ - name: Install dependencies run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils libtool automake autoconf pkg-config libcap-ng-dev libnl-genl-3-dev - name: "libressl: checkout" - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: path: libressl # versioning=semver-coerced @@ -357,7 +357,7 @@ - name: "ldconfig" run: sudo ldconfig - name: Checkout OpenVPN - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: autoconf run: autoreconf -fvi - name: configure @@ -398,7 +398,7 @@ - name: Install dependencies run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils python3-jinja2 python3-jsonschema libtool automake autoconf pkg-config libcap-ng-dev libnl-genl-3-dev - name: "mbedtls: checkout" - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: path: mbedtls submodules: true @@ -412,7 +412,7 @@ run: sudo make install DESTDIR=/usr working-directory: mbedtls - name: Checkout OpenVPN - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: autoconf run: autoreconf -fvi - name: configure @@ -457,13 +457,13 @@ - name: Install dependencies run: sudo apt update && sudo apt install -y gcc golang make liblzo2-dev libpam0g-dev liblz4-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils python3-jinja2 python3-jsonschema libtool automake autoconf pkg-config libcap-ng-dev libnl-genl-3-dev - name: "AWS-LC: checkout" - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: path: aws-lc # versioning=semver-coerced repository: aws/aws-lc - ref: v1.55.0 - - uses: lukka/get-cmake@6b3e96a9bc9976b8b546346fdd102effedae0ca8 # v4.0.3 + ref: v1.61.3 + - uses: lukka/get-cmake@2ecc21724e5215b0e567bc399a2602d2ecb48541 # v4.1.1 - name: "AWS-LC: build" run: | mkdir build @@ -472,7 +472,7 @@ ninja install working-directory: aws-lc - name: Checkout OpenVPN - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: autoconf run: autoreconf -fvi - name: configure with AWS-LC diff --git a/.github/workflows/coverity-scan.yml b/.github/workflows/coverity-scan.yml index 222c57e..e90aa2e 100644 --- a/.github/workflows/coverity-scan.yml +++ b/.github/workflows/coverity-scan.yml @@ -13,7 +13,7 @@ steps: - name: Check submission cache id: check_submit - uses: actions/cache/restore@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 + uses: actions/cache/restore@0400d5f644dc74513175e3cd8d07132dd4860809 # v4.2.4 with: path: | cov-int @@ -25,7 +25,7 @@ - name: Checkout OpenVPN if: steps.check_submit.outputs.cache-hit != 'true' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Download Coverity Build Tool if: steps.check_submit.outputs.cache-hit != 'true' @@ -65,7 +65,7 @@ - name: Cache submission if: steps.check_submit.outputs.cache-hit != 'true' - uses: actions/cache/save@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 + uses: actions/cache/save@0400d5f644dc74513175e3cd8d07132dd4860809 # v4.2.4 with: path: | cov-int diff --git a/.github/workflows/doxygen.yml b/.github/workflows/doxygen.yml index 751258a..eaa7e4c 100644 --- a/.github/workflows/doxygen.yml +++ b/.github/workflows/doxygen.yml @@ -11,7 +11,7 @@ runs-on: ubuntu-24.04 if: ${{ github.repository_owner == 'openvpn' || github.event_name == 'workflow_dispatch' }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: path: openvpn @@ -35,7 +35,7 @@ touch doc/doxygen/html/.nojekyll - name: Upload static files as artifact id: deployment - uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3.0.1 + uses: actions/upload-pages-artifact@7b1f4a764d45c48632c6b24a0339c27f5614fb0b # v4.0.0 with: path: doxygen/doc/doxygen/html/ -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1211?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I6725b55c9e7bf5410bde09659131590d40bfee4d Gerrit-Change-Number: 1211 Gerrit-PatchSet: 2 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-Reviewer: uddr <yur...@gm...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-MessageType: merged |
|
From: Gert D. <ge...@gr...> - 2025-09-26 17:02:26
|
Github says that building and fetching artifacts and testing things
still works, so this must be fine :-)
Your patch has been applied to the master branch.
commit b5ee6fe3b5daea780881b6ff6529937ce6c52c73
Author: Frank Lichtenheld
Date: Fri Sep 26 13:54:15 2025 +0200
GHA: Dependency updates September 2025
Signed-off-by: Frank Lichtenheld <fr...@li...>
Acked-by: Yuriy Darnobyt <yur...@gm...>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1211
Message-Id: <202...@li...>
URL: https://www.mail-archive.com/ope...@li.../msg33220.html
Signed-off-by: Gert Doering <ge...@gr...>
--
kind regards,
Gert Doering
|
|
From: Gert D. <ge...@gr...> - 2025-09-26 16:51:59
|
From: Frank Lichtenheld <fr...@li...> And make all casts explicit so that compiler doesn't complain. Change-Id: I612bf3b1c56d70a89fc04fad6fe36fd9fadfd258 Signed-off-by: Frank Lichtenheld <fr...@li...> Acked-by: MaxF <ma...@ma...> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1221 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1221 This mail reflects revision 1 of this Change. Acked-by according to Gerrit (reflected above): MaxF <ma...@ma...> diff --git a/src/openvpn/dco_win.c b/src/openvpn/dco_win.c index 9e52859..7dd43d6 100644 --- a/src/openvpn/dco_win.c +++ b/src/openvpn/dco_win.c @@ -525,11 +525,6 @@ return 0; } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Wconversion" -#endif - int dco_new_key(dco_context_t *dco, unsigned int peerid, int keyid, dco_key_slot_t slot, const uint8_t *encrypt_key, const uint8_t *encrypt_iv, const uint8_t *decrypt_key, @@ -540,21 +535,23 @@ const int nonce_len = 8; size_t key_len = cipher_kt_key_size(ciphername); + ASSERT(key_len <= 32); OVPN_CRYPTO_DATA crypto_data; ZeroMemory(&crypto_data, sizeof(crypto_data)); crypto_data.CipherAlg = dco_get_cipher(ciphername); - crypto_data.KeyId = keyid; + ASSERT(keyid > 0 && keyid <= UCHAR_MAX); + crypto_data.KeyId = (unsigned char)keyid; crypto_data.PeerId = peerid; crypto_data.KeySlot = slot; CopyMemory(crypto_data.Encrypt.Key, encrypt_key, key_len); - crypto_data.Encrypt.KeyLen = (char)key_len; + crypto_data.Encrypt.KeyLen = (unsigned char)key_len; CopyMemory(crypto_data.Encrypt.NonceTail, encrypt_iv, nonce_len); CopyMemory(crypto_data.Decrypt.Key, decrypt_key, key_len); - crypto_data.Decrypt.KeyLen = (char)key_len; + crypto_data.Decrypt.KeyLen = (unsigned char)key_len; CopyMemory(crypto_data.Decrypt.NonceTail, decrypt_iv, nonce_len); ASSERT(crypto_data.CipherAlg > 0); @@ -570,10 +567,6 @@ return 0; } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic pop -#endif - int dco_del_key(dco_context_t *dco, unsigned int peerid, dco_key_slot_t slot) { |
|
From: Gert D. <ge...@gr...> - 2025-09-26 16:48:58
|
From: Frank Lichtenheld <fr...@li...> This is ints all around but we uselessly threw some size_t conversions in there. Change-Id: Ie550dd4df65dc4fc13c839c3e745ba96e0c5c564 Signed-off-by: Frank Lichtenheld <fr...@li...> Acked-by: MaxF <ma...@ma...> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1215 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1215 This mail reflects revision 1 of this Change. Acked-by according to Gerrit (reflected above): MaxF <ma...@ma...> diff --git a/src/openvpn/comp-lz4.c b/src/openvpn/comp-lz4.c index a78c664..53a5b3f 100644 --- a/src/openvpn/comp-lz4.c +++ b/src/openvpn/comp-lz4.c @@ -88,19 +88,13 @@ compv2_escape_data_ifneeded(buf); } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Wconversion" -#endif - static void -do_lz4_decompress(size_t zlen_max, struct buffer *work, struct buffer *buf, +do_lz4_decompress(int zlen_max, struct buffer *work, struct buffer *buf, struct compress_context *compctx) { - int uncomp_len; ASSERT(buf_safe(work, zlen_max)); - uncomp_len = LZ4_decompress_safe((const char *)BPTR(buf), (char *)BPTR(work), (size_t)BLEN(buf), - zlen_max); + int uncomp_len = LZ4_decompress_safe((const char *)BPTR(buf), (char *)BPTR(work), BLEN(buf), + zlen_max); if (uncomp_len <= 0) { dmsg(D_COMP_ERRORS, "LZ4 decompression error: %d", uncomp_len); @@ -118,15 +112,11 @@ *buf = *work; } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic pop -#endif - static void lz4_decompress(struct buffer *buf, struct buffer work, struct compress_context *compctx, const struct frame *frame) { - size_t zlen_max = frame->buf.payload_size; + int zlen_max = frame->buf.payload_size; uint8_t c; /* flag indicating whether or not our peer compressed */ if (buf->len <= 0) @@ -163,7 +153,7 @@ lz4v2_decompress(struct buffer *buf, struct buffer work, struct compress_context *compctx, const struct frame *frame) { - size_t zlen_max = frame->buf.payload_size; + int zlen_max = frame->buf.payload_size; uint8_t c; /* flag indicating whether or not our peer compressed */ if (buf->len <= 0) |
|
From: MaxF (C. Review) <ge...@op...> - 2025-09-26 16:16:55
|
Attention is currently required from: flichtenheld, plaisthos. MaxF has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/1206?usp=email ) Change subject: platform: Do not assume uid_t/gid_t are signed ...................................................................... Patch Set 2: Code-Review+2 (2 comments) File src/openvpn/platform.c: http://gerrit.openvpn.net/c/openvpn/+/1206/comment/cfa9da6d_0cb4d448 : PS2, Line 87: if (!pw) : { : msg(M_ERR, "failed to find UID for user %s", username); : } > Note the CLEAR() at the top of the function Oops, you're right! http://gerrit.openvpn.net/c/openvpn/+/1206/comment/65848078_10dc0c02 : PS2, Line 131: if (!gr) : { : msg(M_ERR, "failed to find GID for group %s", groupname); : } > Note the CLEAR() at the top of the function Done -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1206?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ie6b4c41d13544d5ba71d441cc794c7abd12408f3 Gerrit-Change-Number: 1206 Gerrit-PatchSet: 2 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: MaxF <ma...@ma...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-Attention: plaisthos <arn...@rf...> Gerrit-Attention: flichtenheld <fr...@li...> Gerrit-Comment-Date: Fri, 26 Sep 2025 16:16:40 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes Comment-In-Reply-To: flichtenheld <fr...@li...> Comment-In-Reply-To: MaxF <ma...@ma...> Gerrit-MessageType: comment |
|
From: MaxF (C. Review) <ge...@op...> - 2025-09-26 16:09:44
|
Attention is currently required from: flichtenheld, plaisthos. MaxF has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/1218?usp=email ) Change subject: crypto_epoch: Clean up type handling in ovpn_expand_label() ...................................................................... Patch Set 1: Code-Review-1 (2 comments) Patchset: PS1: One complaint, the rest looks good! File src/openvpn/crypto_epoch.c: http://gerrit.openvpn.net/c/openvpn/+/1218/comment/8a0fb279_f00e51d9 : PS1, Line 87: ASSERT(out_len <= UINT16_MAX); We should also check that out_len >= 0. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1218?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Iad717f0ff3c79ae199c8be5f93bc51bf258c68c3 Gerrit-Change-Number: 1218 Gerrit-PatchSet: 1 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: MaxF <ma...@ma...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-Attention: plaisthos <arn...@rf...> Gerrit-Attention: flichtenheld <fr...@li...> Gerrit-Comment-Date: Fri, 26 Sep 2025 16:09:29 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes Gerrit-MessageType: comment |
|
From: MaxF (C. Review) <ge...@op...> - 2025-09-26 15:57:42
|
Attention is currently required from: flichtenheld, plaisthos. MaxF has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/1217?usp=email ) Change subject: crypto: Make some casts to int explicit ...................................................................... Patch Set 1: (1 comment) File src/openvpn/crypto.c: http://gerrit.openvpn.net/c/openvpn/+/1217/comment/8d9d8626_7fe8921d : PS1, Line 1376: size = (int)(strlen(file) + 1); You say that there are limits imposed so that this is safe, but I can't find where that happens. I've looked at options.c and I don't see any limits on the length of tls_crypt_file for example. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1217?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I3b8dd8d5671e31dba2a23a0a78f36d9dda034b88 Gerrit-Change-Number: 1217 Gerrit-PatchSet: 1 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: MaxF <ma...@ma...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-Attention: plaisthos <arn...@rf...> Gerrit-Attention: flichtenheld <fr...@li...> Gerrit-Comment-Date: Fri, 26 Sep 2025 15:57:27 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Gerrit-MessageType: comment |
|
From: MaxF (C. Review) <ge...@op...> - 2025-09-26 15:34:09
|
Attention is currently required from: flichtenheld, plaisthos. MaxF has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/1215?usp=email ) Change subject: comp-lz4: Fix types in call to LZ4_decompress_safe ...................................................................... Patch Set 1: Code-Review+2 -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1215?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ie550dd4df65dc4fc13c839c3e745ba96e0c5c564 Gerrit-Change-Number: 1215 Gerrit-PatchSet: 1 Gerrit-Owner: flichtenheld <fr...@li...> Gerrit-Reviewer: MaxF <ma...@ma...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-Attention: plaisthos <arn...@rf...> Gerrit-Attention: flichtenheld <fr...@li...> Gerrit-Comment-Date: Fri, 26 Sep 2025 15:34:00 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment |
154 messages has been excluded from this view by a project administrator.
