| Message ID | 20211207121137.3221-1-a@unstable.cc |
|---|---|
| Headers | show |
| Series | Introduce ovpn-dco(-win) support | expand |
Hi, 1) 7/8 should be squashed into 6/8, because 6/8 "ovpn-dco-win: introduce windows data-channel offload support" breaks mingw i686 build, which 7/8 "ovpn-dco-win: fix mingw i686 build" fixes. 2) Patch 6/8 "ovpn-dco-win: introduce windows data-channel offload support" has commented out certain msvc defines - this was needed because back then (when patch was originally written) MSVC didn't support lzo/pkcs11, but now everything is supported (we build releases with MSVC) and those defines needed to be brought back. I have fixed that in my branch: https://github.com/lstipakov/openvpn/commit/5f09bce8a50778fca9904f916f5b1073046aee84 and this needs to be squashed into 6/8 3) At the moment this doesn't compile with GitHub actions because of a) missing ovpn-dco-win vcpkg port and b) "generic" build system code has a bug in regards to ovpn-dco-win support. This is the fix for MSVC/vcpkg: https://github.com/lstipakov/openvpn/commit/96a38f88254ae6ffee1cc262a295e62edecb213a and this is for generic build system: https://github.com/lstipakov/openvpn/commit/3058675e63a84e93bd5612238ecbd41cca463a0a As before they needed to be squashed into "feature" commits and not added separately as "fixes" All those fixes are in my repo and GitHub Actions are green: https://github.com/lstipakov/openvpn/actions/runs/1551278629 -Lev
Hi, On 08/12/2021 08:49, Lev Stipakov wrote: > All those fixes are in my repo and GitHub Actions are green: > https://github.com/lstipakov/openvpn/actions/runs/1551278629 > Thanks for providing these fixes, Lev. I have squashed all your new patches and I have also applied some minor corrections to make sure everything would still build. Now GH Actions are all green again. Thanks a lot. Best Regards,
This is a first implementation of the ovpn-dco support in OpenVPN2. It is sent as RFC because it is not intended for final review/merge, but rather to collect additional feedback and allow users to test it. This implementation supports both dco for Linux and for Windows. * For Linux, please get the ovpn-dco kernel module source at: https://gitlab.com/openvpn/ovpn-dco (alternatively, it is also packaged on various distributions along with OpenVPN3-for-Linux) * For Windows, a snapshot of the driver can be found on: https://github.com/OpenVPN/ovpn-dco-win/actions (note that "test signing" must be enabled on your Windows box, for the driver to be accepted. Instructions to enable this mode are here: https://github.com/OpenVPN/ovpn-dco-win/blob/master/README.md#installation DO IT AT YOUR OWN RISK) In the meantime the code is still being rearranged a bit and a newer version, including all collected feedback, will be sent later on. Known expected changes are: * refactoring of the networking API implementation * tun open logic (i.e. merge it with the current logic used by other platforms) * options handling When running ./configure, if --enable-dco is specified, then DCO_INCLUDEDIR must be defined and should point to where the ovpn-dco header can be found. For example, it can be configure'd like this: ./configure --enable-dco DCO_INCLUDEDIR=/path/to/include/uapi/ ovpn-dco is enabled opportunistically, which means that it is always on, unless some conflicting option has been chosen (because ovpn-dco does not support all known openvpn options) or if disabled explicitly. Feel free to test/break/comment. Any input is highly appreciated. Best Regards, Antonio Quartulli (2): networking: silence warnings about unused arguments ovpn-dco: force user to set DCO_INCLUDEDIR Arne Schwabe (5): networking: remove duplicate methods from networking_sitnl.c sitnl: implement net_iface_new and net_iface_del ovpn-dco: introduce linux data-channel offload support tun: extract close_tun_handle into its own fucntion and print correct type ovpn-dco-win: introduce windows data-channel offload support Lev Stipakov (1): ovpn-dco-win: fix mingw i686 build Changes.rst | 7 + README.dco.md | 132 +++ config-msvc.h | 12 +- configure.ac | 66 ++ doc/man-sections/advanced-options.rst | 13 + src/compat/Makefile.am | 3 +- src/compat/compat-dco_get_overlapped_result.c | 44 + src/compat/compat.h | 6 + src/compat/compat.vcxproj | 1 + src/compat/compat.vcxproj.filters | 3 + src/openvpn/Makefile.am | 9 +- src/openvpn/crypto.c | 10 + src/openvpn/crypto.h | 6 + src/openvpn/dco.c | 272 ++++++ src/openvpn/dco.h | 119 +++ src/openvpn/errlevel.h | 2 + src/openvpn/event.h | 3 + src/openvpn/forward.c | 66 +- src/openvpn/init.c | 195 +++- src/openvpn/init.h | 2 +- src/openvpn/mtcp.c | 61 +- src/openvpn/mudp.c | 13 + src/openvpn/multi.c | 278 +++++- src/openvpn/multi.h | 6 +- src/openvpn/networking.h | 11 +- src/openvpn/networking_linuxdco.c | 848 ++++++++++++++++++ src/openvpn/networking_linuxdco.h | 85 ++ src/openvpn/networking_sitnl.c | 116 ++- src/openvpn/networking_sitnl.h | 28 + src/openvpn/networking_windco.c | 306 +++++++ src/openvpn/networking_windco.h | 47 + src/openvpn/openvpn.vcxproj | 6 +- src/openvpn/openvpn.vcxproj.filters | 12 + src/openvpn/options.c | 181 +++- src/openvpn/options.h | 41 + src/openvpn/socket.c | 125 ++- src/openvpn/socket.h | 58 +- src/openvpn/ssl.c | 6 +- src/openvpn/ssl_common.h | 13 + src/openvpn/ssl_ncp.c | 2 +- src/openvpn/tun.c | 130 ++- src/openvpn/tun.h | 60 +- tests/unit_tests/openvpn/test_networking.c | 27 +- 43 files changed, 3265 insertions(+), 166 deletions(-) create mode 100644 README.dco.md create mode 100644 src/compat/compat-dco_get_overlapped_result.c create mode 100644 src/openvpn/dco.c create mode 100644 src/openvpn/dco.h create mode 100644 src/openvpn/networking_linuxdco.c create mode 100644 src/openvpn/networking_linuxdco.h create mode 100644 src/openvpn/networking_windco.c create mode 100644 src/openvpn/networking_windco.h