)]}'
{"id":"openvpn~1727","triplet_id":"openvpn~master~Idb59ecd119331b198792ad1379bec8600211651b","project":"openvpn","branch":"master","topic":"multipeer","attention_set":{"1000001":{"account":{"_account_id":1000001,"name":"flichtenheld","display_name":"Frank Lichtenheld","email":"frank@lichtenheld.com","username":"flichtenheld","status":"OpenVPN Inc."},"last_update":"2026-06-22 15:31:08.000000000","reason":"Vote got outdated and was removed: Code-Review-1"}},"removed_from_attention_set":{"1000003":{"account":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"},"last_update":"2026-06-22 15:29:40.000000000","reason":"\u003cGERRIT_ACCOUNT_1000003\u003e replied on the change","reason_account":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"}}},"hashtags":[],"change_id":"Idb59ecd119331b198792ad1379bec8600211651b","subject":"Add lookup of multi session by session id","status":"NEW","created":"2026-06-22 13:23:08.000000000","updated":"2026-06-25 13:37:02.000000000","submit_type":"CHERRY_PICK","submittable":false,"total_comment_count":3,"unresolved_comment_count":0,"has_review_started":true,"meta_rev_id":"fb3ecd0b1860ba1fab4d792f0a4c319cbade4e0e","_number":1727,"virtual_id_number":1727,"owner":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"},"actions":{},"labels":{"Code-Review":{"all":[{"value":0,"permitted_voting_range":{"min":-2,"max":2},"_account_id":1000001,"name":"flichtenheld","display_name":"Frank Lichtenheld","email":"frank@lichtenheld.com","username":"flichtenheld","status":"OpenVPN Inc."}],"values":{"-2":"This shall not be submitted","-1":"I would prefer this is not submitted as is"," 0":"No score","+1":"Looks good to me, but someone else must approve","+2":"Looks good to me, approved"},"description":"","default_value":0}},"removable_reviewers":[],"reviewers":{"REVIEWER":[{"_account_id":1000001,"name":"flichtenheld","display_name":"Frank Lichtenheld","email":"frank@lichtenheld.com","username":"flichtenheld","status":"OpenVPN Inc."}],"CC":[{"_account_id":1000026,"name":"openvpn-devel","email":"openvpn-devel@lists.sourceforge.net","username":"openvpn-devel"}]},"pending_reviewers":{},"reviewer_updates":[{"updated":"2026-06-22 13:23:19.000000000","updated_by":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"},"reviewer":{"_account_id":1000026,"name":"openvpn-devel","email":"openvpn-devel@lists.sourceforge.net","username":"openvpn-devel"},"state":"CC"},{"updated":"2026-06-22 14:03:17.000000000","updated_by":{"_account_id":1000001,"name":"flichtenheld","display_name":"Frank Lichtenheld","email":"frank@lichtenheld.com","username":"flichtenheld","status":"OpenVPN Inc."},"reviewer":{"_account_id":1000001,"name":"flichtenheld","display_name":"Frank Lichtenheld","email":"frank@lichtenheld.com","username":"flichtenheld","status":"OpenVPN Inc."},"state":"REVIEWER"}],"messages":[{"id":"2ecf9ce964744ee446b1f6f88103c891ffb31af0","tag":"autogenerated:gerrit:newPatchSet","author":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"},"date":"2026-06-22 13:23:08.000000000","message":"Uploaded patch set 1.","accounts_in_message":[],"_revision_number":1},{"id":"92b8562acaa637bd0ec95e40359025d0eddc9dda","author":{"_account_id":1000001,"name":"flichtenheld","display_name":"Frank Lichtenheld","email":"frank@lichtenheld.com","username":"flichtenheld","status":"OpenVPN Inc."},"date":"2026-06-22 14:03:17.000000000","message":"Patch Set 1: Code-Review-1\n\n(2 comments)","accounts_in_message":[],"_revision_number":1},{"id":"eeb4e7911d1e4393d85318cba58fbdc0f5930a28","author":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"},"date":"2026-06-22 15:29:40.000000000","message":"Patch Set 1:\n\n(1 comment)","accounts_in_message":[],"_revision_number":1},{"id":"ad763b11d42f06e8a03c37d437b95c4a984ac681","tag":"autogenerated:gerrit:newPatchSet","author":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"},"date":"2026-06-22 15:31:08.000000000","message":"Uploaded patch set 2.\n\nOutdated Votes:\n* Code-Review-1 (copy condition: \"changekind:NO_CHANGE OR changekind:TRIVIAL_REBASE OR is:MIN\")\n","accounts_in_message":[],"_revision_number":2},{"id":"fb3ecd0b1860ba1fab4d792f0a4c319cbade4e0e","tag":"autogenerated:gerrit:newPatchSet","author":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"},"date":"2026-06-25 13:37:02.000000000","message":"Uploaded patch set 3.","accounts_in_message":[],"_revision_number":3}],"current_revision_number":3,"current_revision":"3d148280b63a069b8d6879a7d9be7e5175292aa9","revisions":{"43b6031f882d58e4d5b9790c558b913926128399":{"kind":"REWORK","_number":1,"created":"2026-06-22 13:23:08.000000000","uploader":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"},"ref":"refs/changes/27/1727/1","fetch":{"anonymous http":{"url":"http://gerrit.openvpn.net/openvpn","ref":"refs/changes/27/1727/1","commands":{"Branch":"git fetch http://gerrit.openvpn.net/openvpn refs/changes/27/1727/1 \u0026\u0026 git checkout -b change-1727 FETCH_HEAD","Checkout":"git fetch http://gerrit.openvpn.net/openvpn refs/changes/27/1727/1 \u0026\u0026 git checkout FETCH_HEAD","Cherry Pick":"git fetch http://gerrit.openvpn.net/openvpn refs/changes/27/1727/1 \u0026\u0026 git cherry-pick FETCH_HEAD","Format Patch":"git fetch http://gerrit.openvpn.net/openvpn refs/changes/27/1727/1 \u0026\u0026 git format-patch -1 --stdout FETCH_HEAD","Pull":"git pull http://gerrit.openvpn.net/openvpn refs/changes/27/1727/1","Reset To":"git fetch http://gerrit.openvpn.net/openvpn refs/changes/27/1727/1 \u0026\u0026 git reset --hard FETCH_HEAD"}}},"commit":{"parents":[{"commit":"c6be58f905f2caf0c4f8049671b0cf1aad287c28","subject":"Split multi_get_create_instance_udp into data and control parts"}],"author":{"name":"Arne Schwabe","email":"arne@rfc2549.org","date":"2026-01-07 16:45:14.000000000","tz":60},"committer":{"name":"Arne Schwabe","email":"arne@rfc2549.org","date":"2026-06-22 13:14:54.000000000","tz":120},"subject":"Add lookup of multi session by session id","message":"Add lookup of multi session by session id\n\nThis refactors the way that we lookup control channel packets for UDP\npackets from other peers. Instead of looking them up by their source\nIP address, we lookup the session ids instead.\n\nIt also has the consequence that we can have multiple ongoing\nsessions from the same source IP address and the new session will\ngo through all the connect steps like an initial session.\n\nThe check if the new session can take over the old session\u0027s IP\nis now also the same as for floating.\n\nThis eliminates a whole class of bugs that we currently have that\nbreak connection if the reconnecting client has different\ncapabilities as the setup and negotiation is inherited from the\nprevious client currently. Currently there is at least one bug\nregarding the dynamic tls-crypt in this situation.\n\nThis also changes the user visible behaviour for clients\nreconnecting from the same IP and port. They are now almost\nbehaving like clients that reconnect from a different IP\naddress. These now do the whole renegotiation and run\nconnect scripts/plugins and all the things are normally\nskipped when reconnecting from the same IP and port.\n\nThe only difference is that duplicate-cn does not\nallow both connection.\n\nThis will also eventually allow us to get rid of TM_INITIAL\nslot as we now do no longer need to keep an ongoing and a\nnew session anymore. Currently the p2p mode still needs\nthe extra session slot for the new session so we cannot\nremove it just yet.\n\nThis now allows a multiple pending session from the\nsame source IP and port. Previously a client would need\nto use a different ports to create multiple pending\nsession. This change does not make it really easier to\nexhaust all pending session than before.\n\nChange-Id: Idb59ecd119331b198792ad1379bec8600211651b\nSigned-off-by: Arne Schwabe \u003carne@rfc2549.org\u003e\n"},"branch":"refs/heads/master"},"0fefdd1d70ac3f8183ca1d136e37071853a692c1":{"kind":"REWORK","_number":2,"created":"2026-06-22 15:31:08.000000000","uploader":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"},"ref":"refs/changes/27/1727/2","fetch":{"anonymous http":{"url":"http://gerrit.openvpn.net/openvpn","ref":"refs/changes/27/1727/2","commands":{"Branch":"git fetch http://gerrit.openvpn.net/openvpn refs/changes/27/1727/2 \u0026\u0026 git checkout -b change-1727 FETCH_HEAD","Checkout":"git fetch http://gerrit.openvpn.net/openvpn refs/changes/27/1727/2 \u0026\u0026 git checkout FETCH_HEAD","Cherry Pick":"git fetch http://gerrit.openvpn.net/openvpn refs/changes/27/1727/2 \u0026\u0026 git cherry-pick FETCH_HEAD","Format Patch":"git fetch http://gerrit.openvpn.net/openvpn refs/changes/27/1727/2 \u0026\u0026 git format-patch -1 --stdout FETCH_HEAD","Pull":"git pull http://gerrit.openvpn.net/openvpn refs/changes/27/1727/2","Reset To":"git fetch http://gerrit.openvpn.net/openvpn refs/changes/27/1727/2 \u0026\u0026 git reset --hard FETCH_HEAD"}}},"commit":{"parents":[{"commit":"74eff7b260954fa3a0a44e4ae9708104bbe05503","subject":"Split multi_get_create_instance_udp into data and control parts"}],"author":{"name":"Arne Schwabe","email":"arne@rfc2549.org","date":"2026-01-07 16:45:14.000000000","tz":60},"committer":{"name":"Arne Schwabe","email":"arne@rfc2549.org","date":"2026-06-22 15:30:51.000000000","tz":120},"subject":"Add lookup of multi session by session id","message":"Add lookup of multi session by session id\n\nThis refactors the way that we lookup control channel packets for UDP\npackets from other peers. Instead of looking them up by their source\nIP address, we lookup the session ids instead.\n\nIt also has the consequence that we can have multiple ongoing\nsessions from the same source IP address and the new session will\ngo through all the connect steps like an initial session.\n\nThe check if the new session can take over the old session\u0027s IP\nis now also the same as for floating.\n\nThis eliminates a whole class of bugs that we currently have that\nbreak connection if the reconnecting client has different\ncapabilities as the setup and negotiation is inherited from the\nprevious client currently. Currently there is at least one bug\nregarding the dynamic tls-crypt in this situation.\n\nThis also changes the user visible behaviour for clients\nreconnecting from the same IP and port. They are now almost\nbehaving like clients that reconnect from a different IP\naddress. These now do the whole renegotiation and run\nconnect scripts/plugins and all the things are normally\nskipped when reconnecting from the same IP and port.\n\nThe only difference is that duplicate-cn does not\nallow both connection.\n\nThis will also eventually allow us to get rid of TM_INITIAL\nslot as we now do no longer need to keep an ongoing and a\nnew session anymore. Currently the p2p mode still needs\nthe extra session slot for the new session so we cannot\nremove it just yet.\n\nThis now allows a multiple pending session from the\nsame source IP and port. Previously a client would need\nto use a different ports to create multiple pending\nsession. This change does not make it really easier to\nexhaust all pending session than before.\n\nChange-Id: Idb59ecd119331b198792ad1379bec8600211651b\nSigned-off-by: Arne Schwabe \u003carne@rfc2549.org\u003e\n"},"branch":"refs/heads/master"},"3d148280b63a069b8d6879a7d9be7e5175292aa9":{"kind":"REWORK","_number":3,"created":"2026-06-25 13:37:02.000000000","uploader":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"},"ref":"refs/changes/27/1727/3","fetch":{"anonymous http":{"url":"http://gerrit.openvpn.net/openvpn","ref":"refs/changes/27/1727/3","commands":{"Branch":"git fetch http://gerrit.openvpn.net/openvpn refs/changes/27/1727/3 \u0026\u0026 git checkout -b change-1727 FETCH_HEAD","Checkout":"git fetch http://gerrit.openvpn.net/openvpn refs/changes/27/1727/3 \u0026\u0026 git checkout FETCH_HEAD","Cherry Pick":"git fetch http://gerrit.openvpn.net/openvpn refs/changes/27/1727/3 \u0026\u0026 git cherry-pick FETCH_HEAD","Format Patch":"git fetch http://gerrit.openvpn.net/openvpn refs/changes/27/1727/3 \u0026\u0026 git format-patch -1 --stdout FETCH_HEAD","Pull":"git pull http://gerrit.openvpn.net/openvpn refs/changes/27/1727/3","Reset To":"git fetch http://gerrit.openvpn.net/openvpn refs/changes/27/1727/3 \u0026\u0026 git reset --hard FETCH_HEAD"}}},"commit":{"parents":[{"commit":"30112912578226bfe2e750920037a567b6ca5a16","subject":"Split multi_get_create_instance_udp into data and control parts"}],"author":{"name":"Arne Schwabe","email":"arne@rfc2549.org","date":"2026-01-07 16:45:14.000000000","tz":60},"committer":{"name":"Arne Schwabe","email":"arne@rfc2549.org","date":"2026-06-25 13:36:34.000000000","tz":120},"subject":"Add lookup of multi session by session id","message":"Add lookup of multi session by session id\n\nThis refactors the way that we lookup control channel packets for UDP\npackets from other peers. Instead of looking them up by their source\nIP address, we lookup the session ids instead.\n\nIt also has the consequence that we can have multiple ongoing\nsessions from the same source IP address and the new session will\ngo through all the connect steps like an initial session.\n\nThe check if the new session can take over the old session\u0027s IP\nis now also the same as for floating.\n\nThis eliminates a whole class of bugs that we currently have that\nbreak connection if the reconnecting client has different\ncapabilities as the setup and negotiation is inherited from the\nprevious client currently. Currently there is at least one bug\nregarding the dynamic tls-crypt in this situation.\n\nThis also changes the user visible behaviour for clients\nreconnecting from the same IP and port. They are now almost\nbehaving like clients that reconnect from a different IP\naddress. These now do the whole renegotiation and run\nconnect scripts/plugins and all the things are normally\nskipped when reconnecting from the same IP and port.\n\nThe only difference is that duplicate-cn does not\nallow both connection.\n\nThis will also eventually allow us to get rid of TM_INITIAL\nslot as we now do no longer need to keep an ongoing and a\nnew session anymore. Currently the p2p mode still needs\nthe extra session slot for the new session so we cannot\nremove it just yet.\n\nThis now allows a multiple pending session from the\nsame source IP and port. Previously a client would need\nto use a different ports to create multiple pending\nsession. This change does not make it really easier to\nexhaust all pending session than before.\n\nChange-Id: Idb59ecd119331b198792ad1379bec8600211651b\nSigned-off-by: Arne Schwabe \u003carne@rfc2549.org\u003e\n"},"branch":"refs/heads/master"}},"requirements":[{"status":"NOT_READY","fallback_text":"All required checks must pass","type":"checks_pass"}],"submit_records":[{"rule_name":"gerrit~DefaultSubmitRule","status":"NOT_READY","labels":[{"label":"Code-Review","status":"NEED"}]},{"rule_name":"checks~ChecksSubmitRule","status":"NOT_READY","requirements":[{"status":"NOT_READY","fallback_text":"All required checks must pass","type":"checks_pass"}]}],"submit_requirements":[{"name":"Code-Review","status":"UNSATISFIED","is_legacy":true,"submittability_expression_result":{"expression":"label:Code-Review\u003dMAX -label:Code-Review\u003dMIN","fulfilled":false,"status":"FAIL","passing_atoms":[],"failing_atoms":["label:Code-Review\u003dMAX","-label:Code-Review\u003dMIN"]}},{"name":"checks~ChecksSubmitRule","status":"UNSATISFIED","is_legacy":true,"submittability_expression_result":{"expression":"rule:checks~ChecksSubmitRule","fulfilled":false,"status":"FAIL","passing_atoms":[],"failing_atoms":["checks~ChecksSubmitRule"]}}]}
