Message ID | 20220224165557.22060-2-kprovost@netgate.com |
---|---|
State | Awaiting Upstream |
Headers | show |
Series | [Openvpn-devel,1/2] dco: process DCO control packets | expand |
Hi Kristof, On 24/02/2022 17:55, Kristof Provost via Openvpn-devel wrote: > From: Kristof Provost <kp@FreeBSD.org> > > If control packets come in through the DCO interface (i.e. via > dco_do_read()) we must process them through process_incoming_link(). > This doesn't currently manifest, because Linux passes control packets > through the regular socket, not via the DCO netlink interface, but other > platforms will not. This is an interesting catch - actually also ovpn-dco on Linux is expected to send control packets over netlink. However, due to a little glitch packets were still sent over the UDP socket (this is expected only for the initial handshake). Once this bug has been fixed, I could see that indeed process_incoming_dco() wasn't operating as it should and this patch was required. I have squashed a modified version of this patch directly in my dco branch as it is needed to make ovpn-dco work. Thanks a lot! Best Regards,
diff --git a/src/openvpn/forward.c b/src/openvpn/forward.c index cd956cb3..c16f32fc 100644 --- a/src/openvpn/forward.c +++ b/src/openvpn/forward.c @@ -1104,8 +1104,16 @@ process_incoming_link(struct context *c) static void process_incoming_dco(struct context *c) { + struct link_socket_info *lsi = get_link_socket_info(c); + msg(M_INFO, __func__); dco_do_read(&c->c1.tuntap->dco); + + c->c2.buf = c->c1.tuntap->dco.dco_packet_in; + c->c2.from = lsi->lsa->actual; + + process_incoming_link(c); + buf_init(&c->c1.tuntap->dco.dco_packet_in, 0); } /*