From patchwork Thu Jun 23 22:37:44 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Antonio Quartulli X-Patchwork-Id: 2529 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director14.mail.ord1d.rsapps.net ([172.30.191.6]) by backend41.mail.ord1d.rsapps.net with LMTP id aC81EDJ4tWKjTwAAqwncew (envelope-from ) for ; Fri, 24 Jun 2022 04:39:14 -0400 Received: from proxy9.mail.ord1d.rsapps.net ([172.30.191.6]) by director14.mail.ord1d.rsapps.net with LMTP id APUJEDJ4tWJDaQAAeJ7fFg (envelope-from ) for ; Fri, 24 Jun 2022 04:39:14 -0400 Received: from smtp6.gate.ord1d ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy9.mail.ord1d.rsapps.net with LMTPS id sM7aDzJ4tWKdYwAA7h+8OQ (envelope-from ) for ; Fri, 24 Jun 2022 04:39:14 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp6.gate.ord1d.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=unstable.cc X-Suspicious-Flag: YES X-Classification-ID: 200d47ba-f399-11ec-b5c6-52540050e3e0-1-1 Received: from [216.105.38.7] ([216.105.38.7:60854] helo=lists.sourceforge.net) by smtp6.gate.ord1d.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 2F/81-26772-13875B26; Fri, 24 Jun 2022 04:39:14 -0400 Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.94.2) (envelope-from ) id 1o4epT-0000zD-PT; Fri, 24 Jun 2022 08:38:16 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1o4epK-0000yX-65 for openvpn-devel@lists.sourceforge.net; Fri, 24 Jun 2022 08:38:10 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=+i/B8TPq9MfsNHdU6MO8eklbJhuVayfxIUuwPbiqA84=; b=med2pvcfUAIqlP17G+mLMc8ab5 4+t4hBG8qtErWTVPfSC0cIAfUjATc1ZE27bnrhzZ2+mCuzE98UYkzaG6fdbmWKDBEy2ZelvNHeukF 4rnjbBbENN7YBawSer7SqHgjya2tjsVTNr4KBWCkohypbscmn88siuB8PoYQacGpTOYs=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:Cc:To:From :Sender:Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=+i/B8TPq9MfsNHdU6MO8eklbJhuVayfxIUuwPbiqA84=; b=j +px3g0fTqYKo1qHXG71sE9o7iVN/V2wwtNoQO86CxfQGi0O7vYMcc4E2x01K8X97DxIL54RSGf8Il +KKDPjLd0hG5I4Ep2eQuoj3JRSEaeodZ+sdZJ1qcz3asBIxvO5aKphYX2mNhngVy8hOv/2sbavwhO 8I6FmVGEBPWIfV6U=; Received: from s2.neomailbox.net ([5.148.176.60]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.94.2) id 1o4epG-00C2OV-J9 for openvpn-devel@lists.sourceforge.net; Fri, 24 Jun 2022 08:38:06 +0000 From: Antonio Quartulli To: openvpn-devel@lists.sourceforge.net Date: Fri, 24 Jun 2022 10:37:44 +0200 Message-Id: <20220624083809.23487-1-a@unstable.cc> MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: This patchset is *almost* the same as the previous patchset, but it got fragmented in multiple patches for easier review. I am not setting any version on these patches as they do not match previous versions. Content analysis details: (-0.0 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1o4epG-00C2OV-J9 Subject: [Openvpn-devel] [PATCH 00/25] ovpn-dco: introduce data-channel offload support X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Antonio Quartulli Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox This patchset is *almost* the same as the previous patchset, but it got fragmented in multiple patches for easier review. I am not setting any version on these patches as they do not match previous versions. The idea behind splitting patches is that they should be mergeable and compilable one-by-one. Ideally they should not introduce any regression in existing functionalities, however, it may not always be apossible to *test* the new code as it will require a subsequent patch to be used. Still we will be able to compile the new code and review it. While splitting patches, some ugly things have been fixed/changed..so hopefully splitting patches has already paid off a bit.. I hope this will help with getting this new functionality merged soon. This patchset reflects what is currently pushed to the "dco" branch. Best Regards, Antonio Quartulli (24): dco: introduce low-level code for handling ovpn-dco in the Linux kernel dco: add helper function to detect if DCO is enabled or not dco: use specific metric when installing routes dco: create DCO interface using SITNL dco: let open_tun_generic handle the DCO case dco: initialize context and save pointer in TLS object dco: add option check - disable DCO if conflict is detected dco: allow user to disable it at runtime dco: configure keys in DCO right after generating them dco: periodically check and possibly rotate/delete keys dco: split option parsing routines dco: check that pulled options are compatible dco: implement dco support for p2p/client code path dco: implement dco support for p2mp/server code path dco: add documentation for ovpn-dco-linux GitHub Actions: add Linux DCO build (on Ubuntu 20.04) dco: turn supported ciphers list into a function dco-win: implement GetOverlappedResultEx for mingw32 dco-win: add platform dependant check on incompatible options do_open_tun: restyle "can preserve TUN" check dco-win: introduce low-level code for handling ovpn-dco-win in Windows dco-win: implement ovpn-dco support in P2P Windows code path dco-win: add documentation to README.dco.md dco-win: update GH Actions config file Arne Schwabe (1): tun: extract close_tun_handle into its own fucntion and print correct type .github/workflows/build.yaml | 16 +- Changes.rst | 9 + README.dco.md | 132 +++ config-msvc.h | 2 + configure.ac | 37 + dev-tools/special-files.lst | 2 + doc/man-sections/advanced-options.rst | 13 + doc/man-sections/server-options.rst | 6 + src/compat/Makefile.am | 3 +- src/compat/compat-dco_get_overlapped_result.c | 46 + src/compat/compat.h | 8 + src/compat/compat.vcxproj | 1 + src/compat/compat.vcxproj.filters | 3 + src/openvpn/Makefile.am | 7 +- src/openvpn/dco.c | 621 ++++++++++++ src/openvpn/dco.h | 318 ++++++ src/openvpn/dco_internal.h | 79 ++ src/openvpn/dco_linux.c | 940 ++++++++++++++++++ src/openvpn/dco_linux.h | 59 ++ src/openvpn/dco_win.c | 402 ++++++++ src/openvpn/dco_win.h | 58 ++ src/openvpn/errlevel.h | 2 + src/openvpn/event.h | 3 + src/openvpn/forward.c | 89 +- src/openvpn/init.c | 456 ++++++--- src/openvpn/init.h | 4 +- src/openvpn/mtcp.c | 59 +- src/openvpn/mudp.c | 13 + src/openvpn/multi.c | 221 +++- src/openvpn/multi.h | 14 +- src/openvpn/networking_sitnl.c | 11 + src/openvpn/openvpn.vcxproj | 11 +- src/openvpn/openvpn.vcxproj.filters | 27 + src/openvpn/options.c | 53 +- src/openvpn/options.h | 15 + src/openvpn/ovpn-dco-win.h | 108 ++ src/openvpn/ovpn_dco_linux.h | 265 +++++ src/openvpn/socket.c | 94 +- src/openvpn/socket.h | 26 +- src/openvpn/ssl.c | 74 +- src/openvpn/ssl.h | 7 +- src/openvpn/ssl_common.h | 23 + src/openvpn/tun.c | 250 +++-- src/openvpn/tun.h | 64 +- 44 files changed, 4292 insertions(+), 359 deletions(-) create mode 100644 README.dco.md create mode 100644 src/compat/compat-dco_get_overlapped_result.c create mode 100644 src/openvpn/dco.c create mode 100644 src/openvpn/dco.h create mode 100644 src/openvpn/dco_internal.h create mode 100644 src/openvpn/dco_linux.c create mode 100644 src/openvpn/dco_linux.h create mode 100644 src/openvpn/dco_win.c create mode 100644 src/openvpn/dco_win.h create mode 100644 src/openvpn/ovpn-dco-win.h create mode 100644 src/openvpn/ovpn_dco_linux.h