[Openvpn-devel,00/21] Big buffer/frame refactoring patch set

Message ID	20211207170211.3275837-1-arne@rfc2549.org
Headers	show Return-Path: <openvpn-devel-bounces@lists.sourceforge.net> From: Arne Schwabe <arne@rfc2549.org> To: openvpn-devel@lists.sourceforge.net Date: Tue, 7 Dec 2021 18:01:50 +0100 Message-Id: <20211207170211.3275837-1-arne@rfc2549.org> MIME-Version: 1.0 preview: This patchset refactores a lot of the buffer related code. It mainly uses the approach of simplifying the buffer sizes by always allocating buffers with worst case overhead instead of trying a save < [...] Content analysis details: (0.3 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record Subject: [Openvpn-devel] [PATCH 00/21] Big buffer/frame refactoring patch set Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox
Series	Big buffer/frame refactoring patch set \| expand [Openvpn-devel,00/21] Big buffer/frame refactoring patch set [Openvpn-devel,01/21] Remove max_size from buffer_list_new [Openvpn-devel,02/21] Deprecate link-mtu [Openvpn-devel,03/21] Remove align_adjust frame code [Openvpn-devel,04/21] Fix triggering assertion of ks->authticated after tls_deauthenticate [Openvpn-devel,05/21] Document frame related function and variables a bit more [Openvpn-devel,06/21] Remove post_open_mtu code [Openvpn-devel,07/21] Add helper functions to calculate header/payload sizes [Openvpn-devel,08/21] Decouple MSS fix calculation from frame calculation [Openvpn-devel,09/21] Rework occ link-mtu calculation [Openvpn-devel,10/21] Change buffer allocation calculation and checks to be more static [Openvpn-devel,11/21] Remove pointless do_init_frame_tls function [Openvpn-devel,12/21] Fix datagram_overhead and assorted functions [Openvpn-devel,13/21] Implement optional mtu parameter for mssfix [Openvpn-devel,14/21] Add mtu paramter to --fragment and change fragment calculation [Openvpn-devel,15/21] Update fragment and mssfix related warnings [Openvpn-devel,16/21] Remove link_mtu parameter when running up/down scripts [Openvpn-devel,17/21] Use new frame header methods to calculate OCC_MTU_LOAD payload size [Openvpn-devel,18/21] Remove extra_link from frame [Openvpn-devel,19/21] Replace TUN_MTU_SIZE with frame->tun_mtu [Openvpn-devel,20/21] Remove frame->link_mtu [Openvpn-devel,21/21] Remove frame.extra_frame and frame.extra_buffer

Message ID

20211207170211.3275837-1-arne@rfc2549.org

Headers

From: Arne Schwabe <arne@rfc2549.org>
To: openvpn-devel@lists.sourceforge.net
Date: Tue,  7 Dec 2021 18:01:50 +0100
Message-Id: <20211207170211.3275837-1-arne@rfc2549.org>
MIME-Version: 1.0
Subject: [Openvpn-devel] [PATCH 00/21] Big buffer/frame refactoring patch set
Precedence: list
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: openvpn-devel-bounces@lists.sourceforge.net

Series

Big buffer/frame refactoring patch set | expand

Message

Arne Schwabe Dec. 7, 2021, 6:01 a.m. UTC

This patchset refactores a lot of the buffer related code. It mainly
uses the approach of simplifying the buffer sizes by always allocating
buffers with worst case overhead instead of trying a save < 100 bytes
and complicating the code.

It also moves to central functions that calculate the various overheads
from the small little functions scattered all over the source code.

And last but not least, this patch set also corrects the MSS and
fragment size calculation to take into account the real overhead
that is present after NCP. It also adds a a 'mtu' keyword to both
options so the desired real outer packet can be specified.

The patchset also deprecates link-mtu as this options is no longer
working well as intended since neither encryption/authentication
overhead is fixed (NCP) nor is the encapsulation overhead constant
(IPv4 vs IPv6) and link-mtu basically assumes that the overhead is
constant.

This patchset needs the "Cleanup crypto and use string isntead internal
types" patch set applied first or will have conflicts.

Arne Schwabe (21):
  Remove max_size from buffer_list_new
  Deprecate link-mtu
  Remove align_adjust frame code
  Fix triggering assertion of ks->authticated after tls_deauthenticate
  Document frame related function and variables a bit more
  Remove post_open_mtu code
  Add helper functions to calculate header/payload sizes
  Decouple MSS fix calculation from frame calculation
  Rework occ link-mtu calculation
  Change buffer allocation calculation and checks to be more static
  Remove pointless do_init_frame_tls function
  Fix datagram_overhead and assorted functions
  Implement optional mtu parameter for mssfix
  Add mtu paramter to --fragment and change fragment calculation
  Update fragment and mssfix related warnings
  Remove link_mtu parameter when running up/down scripts
  Use new frame header methods to calculate OCC_MTU_LOAD payload size
  Remove extra_link from frame
  Replace TUN_MTU_SIZE with frame->tun_mtu
  Remove frame->link_mtu
  Remove frame.extra_frame and frame.extra_buffer

 Changes.rst                            |   9 +
 doc/man-sections/link-options.rst      |  42 ++--
 src/openvpn/buffer.c                   |   7 +-
 src/openvpn/buffer.h                   |   4 +-
 src/openvpn/comp-lz4.c                 |   4 +-
 src/openvpn/comp.c                     |  15 --
 src/openvpn/comp.h                     |   4 -
 src/openvpn/crypto.c                   |  64 ++++--
 src/openvpn/crypto.h                   |  23 +-
 src/openvpn/forward.c                  |  32 +--
 src/openvpn/fragment.c                 |   9 +-
 src/openvpn/init.c                     | 302 +++++++++++--------------
 src/openvpn/init.h                     |   2 +-
 src/openvpn/lzo.c                      |   2 +-
 src/openvpn/manage.c                   |   4 +-
 src/openvpn/mss.c                      | 154 +++++++++++++
 src/openvpn/mss.h                      |  14 ++
 src/openvpn/mtu.c                      | 179 +++++++++------
 src/openvpn/mtu.h                      | 253 ++++++++++-----------
 src/openvpn/multi.c                    |   7 +-
 src/openvpn/multi.h                    |   2 +-
 src/openvpn/occ.c                      |  34 ++-
 src/openvpn/options.c                  |  82 ++-----
 src/openvpn/options.h                  |   7 +-
 src/openvpn/ping.c                     |   2 +-
 src/openvpn/proto.h                    |  11 -
 src/openvpn/reliable.c                 |   7 -
 src/openvpn/reliable.h                 |   3 -
 src/openvpn/socket.c                   |  34 +--
 src/openvpn/socket.h                   |  19 +-
 src/openvpn/socks.c                    |  11 +-
 src/openvpn/socks.h                    |   2 -
 src/openvpn/ssl.c                      |  99 ++++----
 src/openvpn/ssl.h                      |  10 +-
 src/openvpn/ssl_common.h               |   3 +-
 src/openvpn/tls_crypt.c                |  10 -
 src/openvpn/tls_crypt.h                |   5 -
 src/openvpn/tun.c                      |   1 -
 src/openvpn/tun.h                      |   4 -
 src/openvpn/win32.c                    |   2 +-
 tests/unit_tests/openvpn/Makefile.am   |   6 +-
 tests/unit_tests/openvpn/test_buffer.c |  22 +-
 tests/unit_tests/openvpn/test_crypto.c | 128 ++++++++++-
 tests/unit_tests/openvpn/test_misc.c   |   1 +
 44 files changed, 900 insertions(+), 735 deletions(-)