From patchwork Tue Apr 21 05:46:12 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christopher Schenk X-Patchwork-Id: 1096 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director8.mail.ord1d.rsapps.net ([172.28.255.1]) by backend30.mail.ord1d.rsapps.net with LMTP id eNRiBR4an14eUgAAIUCqbw for ; Tue, 21 Apr 2020 12:06:54 -0400 Received: from proxy8.mail.ord1c.rsapps.net ([172.28.255.1]) by director8.mail.ord1d.rsapps.net with LMTP id QOAqBR4an148VAAAfY0hYg ; Tue, 21 Apr 2020 12:06:54 -0400 Received: from smtp5.gate.ord1c ([172.28.255.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy8.mail.ord1c.rsapps.net with LMTP id sO/YBB4an179egAAHz/atg ; Tue, 21 Apr 2020 12:06:54 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp5.gate.ord1c.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=fail (p=none; dis=none) header.from=mail.uni-paderborn.de X-Suspicious-Flag: YES X-Classification-ID: 1d1c93b0-83ea-11ea-b476-a4badb0b200d-1-1 Received: from [216.105.38.7] ([216.105.38.7:60774] helo=lists.sourceforge.net) by smtp5.gate.ord1c.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 52/22-28661-C1A1F9E5; Tue, 21 Apr 2020 12:06:53 -0400 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1jQvPG-0008Sm-9c; Tue, 21 Apr 2020 16:05:54 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jQvPE-0008Se-KG for openvpn-devel@lists.sourceforge.net; Tue, 21 Apr 2020 16:05:52 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=n2XOw9dwxxG8H3zYKg7fQfxMwBSt3wBUby8h9I9Zf74=; b=a+k+loG2nFir+uAPa+EPII1Dzz rkyCN0y72AB4vLXas+4+Z4bhEh51XJXiZUN3kSod+EHGr6B6C82qDVx3Z8to0R11yHJ003Nx8rVVo keogcTf8rwWQ4CtFDb+Thb0sle3QqOnqjiCWScWCranZbQUmrfNv1o2iMNMSDOJe4s8I=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=n2XOw9dwxxG8H3zYKg7fQfxMwBSt3wBUby8h9I9Zf74=; b=kHBgMfFpFMcqAV4/mSWTHe8wk9 MtsBoXBvzR1GEA9Ba6tCTOpY7YkEI+KHxQwL9R21nbUKRm6FB6QlJ5zQCsSKypHEkubcrXx24cPW9 Pghlms+h6BJTyQUAY+zUVSvNG/t2n3PAO7drjeglw79JdTjBaZbSbwNPM9/rmMdr6Vb4=; Received: from doohan.uni-paderborn.de ([131.234.189.16]) by sfi-mx-4.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.2) id 1jQvPA-0099l9-Q3 for openvpn-devel@lists.sourceforge.net; Tue, 21 Apr 2020 16:05:52 +0000 Received: from diego.uni-paderborn.de ([131.234.189.25] helo=localhost.localdomain) by mail.uni-paderborn.de with esmtp (Exim 4.93 doohan) id 1jQv6S-000MpX-G8 for openvpn-devel@lists.sourceforge.net; Tue, 21 Apr 2020 17:46:28 +0200 Received: from mail.uni-paderborn.de by diego with queue id 565257-1 for openvpn-devel@lists.sourceforge.net; Tue, 21 Apr 2020 15:46:26 GMT From: Christopher Schenk To: openvpn-devel@lists.sourceforge.net Date: Tue, 21 Apr 2020 17:46:12 +0200 Message-Id: <20200421154612.14140-1-cschenk@mail.uni-paderborn.de> X-Mailer: git-send-email 2.21.0.windows.1 In-Reply-To: <20200415182738.GL1431@greenie.muc.de> References: <20200415182738.GL1431@greenie.muc.de> MIME-Version: 1.0 X-PMX-Version: 6.4.9.2830568, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2020.4.21.153918, AntiVirus-Engine: 5.72.0, AntiVirus-Data: 2020.4.21.5720001 X-Sophos-SenderHistory: ip=178.203.236.5, fs=7677949, da=75093051, mc=3, sc=0, hc=3, sp=0, fso=7677949, re=0, sd=0, hd=0 X-IMT-Spam-Score: 0.0 () X-IMT-Authenticated-Sender: X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-Headers-End: 1jQvPA-0099l9-Q3 Subject: [Openvpn-devel] [PATCH] Set the correct mtu on windows based systems X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Signed-off-by: Christopher Schenk Acked-by: Gert Doering --- include/openvpn-msg.h | 10 +++- src/openvpn/tun.c | 89 +++++++++++++++++++++++++++++++++++ src/openvpnserv/interactive.c | 31 ++++++++++++ 3 files changed, 129 insertions(+), 1 deletion(-) diff --git a/include/openvpn-msg.h b/include/openvpn-msg.h index 3ed62069..a4789e34 100644 --- a/include/openvpn-msg.h +++ b/include/openvpn-msg.h @@ -39,7 +39,8 @@ typedef enum { msg_del_block_dns, msg_register_dns, msg_enable_dhcp, - msg_register_ring_buffers + msg_register_ring_buffers, + msg_set_mtu } message_type_t; typedef struct { @@ -127,4 +128,11 @@ typedef struct { HANDLE receive_tail_moved; } register_ring_buffers_message_t; +typedef struct { + message_header_t header; + interface_t iface; + short family; + int mtu; +} set_mtu_message_t; + #endif /* ifndef OPENVPN_MSG_H_ */ diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index 8e692977..0e6dfe72 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -73,6 +73,10 @@ static void netsh_ifconfig(const struct tuntap_options *to, const in_addr_t netmask, const unsigned int flags); +static void windows_set_mtu(const int iface_index, + const short family, + const int mtu); + static void netsh_set_dns6_servers(const struct in6_addr *addr_list, const int addr_len, const char *flex_name); @@ -214,6 +218,47 @@ out: return ret; } +static bool +do_set_mtu_service(const struct tuntap *tt, const short family, const int mtu) +{ + DWORD len; + bool ret = false; + ack_message_t ack; + struct gc_arena gc = gc_new(); + HANDLE pipe = tt->options.msg_channel; + const char *family_name = (family == AF_INET6) ? "IPv6" : "IPv4"; + set_mtu_message_t mtu_msg = { + .header = { + msg_set_mtu, + sizeof(set_mtu_message_t), + 0 + }, + .iface = {.index = tt->adapter_index,.name = tt->actual_name }, + .mtu = mtu, + .family = family + }; + + if (!send_msg_iservice(pipe, &mtu_msg, sizeof(mtu_msg), &ack, "Set_mtu")) + { + goto out; + } + + if (ack.error_number != NO_ERROR) + { + msg(M_NONFATAL, "TUN: setting %s mtu using service failed: %s [status=%u if_index=%d]", + family_name, strerror_win32(ack.error_number, &gc), ack.error_number, mtu_msg.iface.index); + } + else + { + msg(M_INFO, "%s MTU set to %d on interface %d using service", family_name, mtu, mtu_msg.iface.index); + ret = true; + } + +out: + gc_free(&gc); + return ret; +} + #endif /* ifdef _WIN32 */ #ifdef TARGET_SOLARIS @@ -1018,6 +1063,7 @@ do_ifconfig_ipv6(struct tuntap *tt, const char *ifname, int tun_mtu, do_address_service(true, AF_INET6, tt); add_route_connected_v6_net(tt, es); do_dns_service(true, AF_INET6, tt); + do_set_mtu_service(tt, AF_INET6, tun_mtu); } else { @@ -1035,6 +1081,7 @@ do_ifconfig_ipv6(struct tuntap *tt, const char *ifname, int tun_mtu, add_route_connected_v6_net(tt, es); /* set ipv6 dns servers if any are specified */ netsh_set_dns6_servers(tt->options.dns6, tt->options.dns6_len, ifname); + windows_set_mtu(tt->adapter_index, AF_INET6, tun_mtu); } #else /* platforms we have no IPv6 code for */ msg(M_FATAL, "Sorry, but I don't know how to do IPv6 'ifconfig' commands on this operating system. You should ifconfig your TUN/TAP device manually or use an --up script."); @@ -1404,6 +1451,14 @@ do_ifconfig_ipv4(struct tuntap *tt, const char *ifname, int tun_mtu, netsh_ifconfig(&tt->options, ifname, tt->local, tt->adapter_netmask, NI_IP_NETMASK|NI_OPTIONS); } + if (tt->options.msg_channel) + { + do_set_mtu_service(tt, AF_INET, tun_mtu); + } + else + { + windows_set_mtu(tt->adapter_index, AF_INET, tun_mtu); + } #else /* if defined(TARGET_LINUX) */ msg(M_FATAL, "Sorry, but I don't know how to do 'ifconfig' commands on this operating system. You should ifconfig your TUN/TAP device manually or use an --up script."); #endif /* if defined(TARGET_LINUX) */ @@ -5432,6 +5487,40 @@ out: return ret; } +static void +windows_set_mtu(const int iface_index, const short family, + const int mtu) +{ + DWORD err = 0; + struct gc_arena gc = gc_new(); + MIB_IPINTERFACE_ROW ipiface; + InitializeIpInterfaceEntry(&ipiface); + const char *family_name = (family == AF_INET6) ? "IPv6" : "IPv4"; + ipiface.Family = family; + ipiface.InterfaceIndex = iface_index; + err = GetIpInterfaceEntry(&ipiface); + if (err == NO_ERROR) + { + if (family == AF_INET) + { + ipiface.SitePrefixLength = 0; + } + ipiface.NlMtu = mtu; + err = SetIpInterfaceEntry(&ipiface); + } + + if (err != NO_ERROR) + { + msg(M_WARN, "TUN: Setting %s mtu failed: %s [status=%u if_index=%d]", + family_name, strerror_win32(err, &gc), err, iface_index); + } + else + { + msg(M_INFO, "Successfully set %s mtu on interface %d", family_name, iface_index); + } +} + + /* * Return a TAP name for netsh commands. */ diff --git a/src/openvpnserv/interactive.c b/src/openvpnserv/interactive.c index 04d64b97..207cc4ae 100644 --- a/src/openvpnserv/interactive.c +++ b/src/openvpnserv/interactive.c @@ -1286,6 +1286,29 @@ HandleRegisterRingBuffers(const register_ring_buffers_message_t *rrb, HANDLE ovp return err; } +static DWORD +HandleMTUMessage(const set_mtu_message_t *mtu) +{ + DWORD err = 0; + MIB_IPINTERFACE_ROW ipiface; + InitializeIpInterfaceEntry(&ipiface); + ipiface.Family = mtu->family; + ipiface.InterfaceIndex = mtu->iface.index; + err = GetIpInterfaceEntry(&ipiface); + if (err != NO_ERROR) + { + return err; + } + if (mtu->family == AF_INET) + { + ipiface.SitePrefixLength = 0; + } + ipiface.NlMtu = mtu->mtu; + + err = SetIpInterfaceEntry(&ipiface); + return err; +} + static VOID HandleMessage(HANDLE pipe, HANDLE ovpn_proc, ring_buffer_handles_t *ring_buffer_handles, DWORD bytes, DWORD count, LPHANDLE events, undo_lists_t *lists) @@ -1300,6 +1323,7 @@ HandleMessage(HANDLE pipe, HANDLE ovpn_proc, ring_buffer_handles_t *ring_buffer_ dns_cfg_message_t dns; enable_dhcp_message_t dhcp; register_ring_buffers_message_t rrb; + set_mtu_message_t mtu; } msg; ack_message_t ack = { .header = { @@ -1374,6 +1398,13 @@ HandleMessage(HANDLE pipe, HANDLE ovpn_proc, ring_buffer_handles_t *ring_buffer_ } break; + case msg_set_mtu: + if (msg.header.size == sizeof(msg.mtu)) + { + ack.error_number = HandleMTUMessage(&msg.mtu); + } + break; + default: ack.error_number = ERROR_MESSAGE_TYPE; MsgToEventLog(MSG_FLAGS_ERROR, TEXT("Unknown message type %d"), msg.header.type);