git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Antonio Quartulli <antonio@openvpn.net>
	Wed, 25 Jun 2025 14:08:11 +0000 (16:08 +0200)
committer	Antonio Quartulli <antonio@openvpn.net>
	Wed, 16 Jul 2025 09:51:30 +0000 (11:51 +0200)
commit	af52020fc5995dd3bcbc91b897daded755564be7
tree	e1001a5312531f1e173ccc25ce5398250ca16720	tree
parent	4c88cfcc6738466a33778c346061f7507403276a	commit \| diff

ovpn: reject unexpected netlink attributes

Netlink ops do not expect all attributes to be always set, however
this condition is not explicitly coded any where, leading the user
to believe that all sent attributes are somewhat processed.

Fix this behaviour by introducing explicit checks.

For CMD_OVPN_PEER_GET and CMD_OVPN_KEY_GET directly open-code the
needed condition in the related ops handlers.
While for all other ops use attribute subsets in the ovpn.yaml spec file.

Fixes: b7a63391aa98 ("ovpn: add basic netlink support")
Reported-by: Ralf Lici <ralf@mandelbit.com>
Closes: https://github.com/OpenVPN/ovpn-net-next/issues/19
Signed-off-by: Antonio Quartulli <antonio@openvpn.net>

Documentation/netlink/specs/ovpn.yaml		diff \| blob \| blame \| history
drivers/net/ovpn/netlink-gen.c		diff \| blob \| blame \| history
drivers/net/ovpn/netlink-gen.h		diff \| blob \| blame \| history
drivers/net/ovpn/netlink.c		diff \| blob \| blame \| history