From patchwork Tue Jun 28 08:58:41 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Antonio Quartulli X-Patchwork-Id: 2564 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director15.mail.ord1d.rsapps.net ([172.28.255.1]) by backend30.mail.ord1d.rsapps.net with LMTP id eLcsNZRPu2JpXQAAIUCqbw (envelope-from ) for ; Tue, 28 Jun 2022 14:59:32 -0400 Received: from proxy9.mail.ord1c.rsapps.net ([172.28.255.1]) by director15.mail.ord1d.rsapps.net with LMTP id EPHENJRPu2IKLwAAIcMcQg (envelope-from ) for ; Tue, 28 Jun 2022 14:59:32 -0400 Received: from smtp28.gate.ord1c ([172.28.255.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy9.mail.ord1c.rsapps.net with LMTPS id gOpMNJRPu2IKJgAAgxtkuw (envelope-from ) for ; Tue, 28 Jun 2022 14:59:32 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp28.gate.ord1c.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=unstable.cc X-Suspicious-Flag: YES X-Classification-ID: 719e5316-f714-11ec-a9dd-a0369f1890f1-1-1 Received: from [216.105.38.7] ([216.105.38.7:33092] helo=lists.sourceforge.net) by smtp28.gate.ord1c.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id E3/D0-31896-49F4BB26; Tue, 28 Jun 2022 14:59:32 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.94.2) (envelope-from ) id 1o6GPw-0007rm-J1; Tue, 28 Jun 2022 18:58:32 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1o6GPu-0007rg-Q1 for openvpn-devel@lists.sourceforge.net; Tue, 28 Jun 2022 18:58:30 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=TJ3F7pVaBOVF4mrmouZD3TPA8E1lNhqY1xQe0I8sdnE=; b=l/4Ykf7dD+/ayNjfc4KMvBLMLI 5LumiRQPIHOJVgZLddbN3sh9XrAT28+3OiBJ2K1QXT3iAXWmTUtAR2+WQ0JgfOOKy+VVwsp0htYHx Jr8AeN07UberGZARQPtkPoh3Nu0JafqBxL1Y2VtywkPMrvw7A7VeYG4cAl4/24tVKAwo=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=TJ3F7pVaBOVF4mrmouZD3TPA8E1lNhqY1xQe0I8sdnE=; b=d1pR4LRxRl7bGXCbq4s8XfKeLk oIhF2cRCREJlcNDNWME8sPNngPq01LXi7riqPcMy9U7QjQ+rVJam/uauWyD6fg7YpMcWKYnoUqSQs QwQIjyXyWVyIVesV7w/Wt5gR3XmS87/ZCUXBSaMroOSs2aj+3Kb9gkbUyBYSOsBoUoYk=; Received: from s2.neomailbox.net ([5.148.176.60]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.94.2) id 1o6GPt-0001XS-Di for openvpn-devel@lists.sourceforge.net; Tue, 28 Jun 2022 18:58:30 +0000 From: Antonio Quartulli To: openvpn-devel@lists.sourceforge.net Date: Tue, 28 Jun 2022 20:58:41 +0200 Message-Id: <20220628185841.4282-1-a@unstable.cc> In-Reply-To: <20220624083809.23487-6-a@unstable.cc> References: <20220624083809.23487-6-a@unstable.cc> MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: open_tun_generic already contains the logic required to find a device name when not specified b the user. For this reason the DCO case can easily leverage on function and avoid code duplication. Signed-off-by: Antonio Quartulli --- Content analysis details: (0.0 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1o6GPt-0001XS-Di Subject: [Openvpn-devel] [PATCH v2 05/25] dco: let open_tun_generic handle the DCO case X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Antonio Quartulli Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox open_tun_generic already contains the logic required to find a device name when not specified b the user. For this reason the DCO case can easily leverage on function and avoid code duplication. Signed-off-by: Antonio Quartulli --- Changes from v1: * improved INFO message when device already exists as per Arne's request src/openvpn/init.c | 2 +- src/openvpn/tun.c | 133 +++++++++++++++++++++++++++++++++------------ src/openvpn/tun.h | 2 +- 3 files changed, 101 insertions(+), 36 deletions(-) diff --git a/src/openvpn/init.c b/src/openvpn/init.c index 03221cbb..c9d05c31 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -1763,7 +1763,7 @@ do_open_tun(struct context *c) #endif /* open the tun device */ open_tun(c->options.dev, c->options.dev_type, c->options.dev_node, - c->c1.tuntap); + c->c1.tuntap, &c->net_ctx); /* set the hardware address */ if (c->options.lladdr) diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index e12f0369..ebab8e6c 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -1718,10 +1718,10 @@ read_tun_header(struct tuntap *tt, uint8_t *buf, int len) #endif /* if defined (TARGET_OPENBSD) || (defined(TARGET_DARWIN) && HAVE_NET_IF_UTUN_H) */ -#if !(defined(_WIN32) || defined(TARGET_LINUX)) +#if !defined(_WIN32) static void open_tun_generic(const char *dev, const char *dev_type, const char *dev_node, - bool dynamic, struct tuntap *tt) + bool dynamic, struct tuntap *tt, openvpn_net_ctx_t *ctx) { char tunname[256]; char dynamic_name[256]; @@ -1739,6 +1739,7 @@ open_tun_generic(const char *dev, const char *dev_type, const char *dev_node, if (dev_node) { openvpn_snprintf(tunname, sizeof(tunname), "%s", dev_node); + strncpynt(dynamic_name, dev_node, sizeof(dynamic_name)); } else { @@ -1780,6 +1781,19 @@ open_tun_generic(const char *dev, const char *dev_type, const char *dev_node, "/dev/%s%d", dev, i); openvpn_snprintf(dynamic_name, sizeof(dynamic_name), "%s%d", dev, i); +#if defined(TARGET_LINUX) + if (!tt->options.disable_dco) + { + if (open_tun_dco(tt, ctx, dynamic_name) == 0) + { + dynamic_opened = true; + strncpynt(tunname, dynamic_name, + sizeof(dynamic_name)); + break; + } + } + else +#endif if ((tt->fd = open(tunname, O_RDWR)) > 0) { dynamic_opened = true; @@ -1798,33 +1812,57 @@ open_tun_generic(const char *dev, const char *dev_type, const char *dev_node, else { openvpn_snprintf(tunname, sizeof(tunname), "/dev/%s", dev); + strncpynt(dynamic_name, dev, sizeof(dynamic_name)); } } - if (!dynamic_opened) +#if defined(TARGET_LINUX) + if (!tt->options.disable_dco) { - /* has named device existed before? if so, don't destroy at end */ - if (if_nametoindex( dev ) > 0) + if (!dynamic_opened) { - msg(M_INFO, "TUN/TAP device %s exists previously, keep at program end", dev ); - tt->persistent_if = true; + int ret = open_tun_dco(tt, ctx, dynamic_name); + if (ret == -EEXIST) + { + msg(M_INFO, "DCO device %s already exists, won't be destroyed at shutdown", + dynamic_name); + tt->persistent_if = true; + } + else if (ret < 0) + { + msg(M_ERR, "Cannot open TUN/TAP dev %s: %d", dynamic_name, ret); + } + dynamic_opened = true; } - - if ((tt->fd = open(tunname, O_RDWR)) < 0) + } + else +#endif + { + if (!dynamic_opened) { - msg(M_ERR, "Cannot open TUN/TAP dev %s", tunname); + /* has named device existed before? if so, don't destroy at end */ + if (if_nametoindex( dev ) > 0) + { + msg(M_INFO, "TUN/TAP device %s exists previously, keep at program end", dev ); + tt->persistent_if = true; + } + + if ((tt->fd = open(tunname, O_RDWR)) < 0) + { + msg(M_ERR, "Cannot open TUN/TAP dev %s", tunname); + } } + set_nonblock(tt->fd); + set_cloexec(tt->fd); /* don't pass fd to scripts */ } - set_nonblock(tt->fd); - set_cloexec(tt->fd); /* don't pass fd to scripts */ msg(M_INFO, "TUN/TAP device %s opened", tunname); /* tt->actual_name is passed to up and down scripts and used as the ifconfig dev name */ tt->actual_name = string_alloc(dynamic_opened ? dynamic_name : dev, NULL); } } -#endif /* !_WIN32 && !TARGET_LINUX */ +#endif /* !_WIN32 */ #if !defined(_WIN32) static void @@ -1842,7 +1880,8 @@ close_tun_generic(struct tuntap *tt) #if defined (TARGET_ANDROID) void -open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt) +open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt, + openvpn_net_ctx_t *ctx) { #define ANDROID_TUNNAME "vpnservice-tun" struct user_pass up; @@ -1939,7 +1978,8 @@ read_tun(struct tuntap *tt, uint8_t *buf, int len) #if !PEDANTIC void -open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt) +open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt, + openvpn_net_ctx_t *ctx) { struct ifreq ifr; @@ -1950,6 +1990,12 @@ open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tun { open_null(tt); } +#if defined(TARGET_LINUX) + else if (!tt->options.disable_dco) + { + open_tun_generic(dev, dev_type, dev_node, true, tt, ctx); + } +#endif else { /* @@ -2056,7 +2102,8 @@ open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tun #else /* if !PEDANTIC */ void -open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt) +open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt, + openvpn_net_ctx_t *ctx) { ASSERT(0); } @@ -2081,7 +2128,7 @@ tuncfg(const char *dev, const char *dev_type, const char *dev_node, clear_tuntap(tt); tt->type = dev_type_enum(dev, dev_type); tt->options = *options; - open_tun(dev, dev_type, dev_node, tt); + open_tun(dev, dev_type, dev_node, tt, ctx); if (ioctl(tt->fd, TUNSETPERSIST, persist_mode) < 0) { msg(M_ERR, "Cannot ioctl TUNSETPERSIST(%d) %s", persist_mode, dev); @@ -2199,7 +2246,16 @@ close_tun(struct tuntap *tt, openvpn_net_ctx_t *ctx) net_ctx_reset(ctx); } - close_tun_generic(tt); +#ifdef TARGET_LINUX + if (!tt->options.disable_dco) + { + close_tun_dco(tt, ctx); + } + else +#endif + { + close_tun_generic(tt); + } free(tt); } @@ -2222,7 +2278,8 @@ read_tun(struct tuntap *tt, uint8_t *buf, int len) #endif void -open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt) +open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt, + openvpn_net_ctx_t *ctx) { int if_fd, ip_muxid, arp_muxid, arp_fd, ppa = -1; struct lifreq ifr; @@ -2574,9 +2631,10 @@ read_tun(struct tuntap *tt, uint8_t *buf, int len) #elif defined(TARGET_OPENBSD) void -open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt) +open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt, + openvpn_net_ctx_t *ctx) { - open_tun_generic(dev, dev_type, dev_node, true, tt); + open_tun_generic(dev, dev_type, dev_node, true, tt, ctx); /* Enable multicast on the interface */ if (tt->fd >= 0) @@ -2668,9 +2726,10 @@ read_tun(struct tuntap *tt, uint8_t *buf, int len) */ void -open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt) +open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt, + openvpn_net_ctx_t *ctx) { - open_tun_generic(dev, dev_type, dev_node, true, tt); + open_tun_generic(dev, dev_type, dev_node, true, tt, ctx); if (tt->fd >= 0) { @@ -2808,9 +2867,10 @@ freebsd_modify_read_write_return(int len) } void -open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt) +open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt, + openvpn_net_ctx_t *ctx) { - open_tun_generic(dev, dev_type, dev_node, true, tt); + open_tun_generic(dev, dev_type, dev_node, true, tt, ctx); if (tt->fd >= 0 && tt->type == DEV_TYPE_TUN) { @@ -2936,9 +2996,10 @@ dragonfly_modify_read_write_return(int len) } void -open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt) +open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt, + openvpn_net_ctx_t *ctx) { - open_tun_generic(dev, dev_type, dev_node, true, tt); + open_tun_generic(dev, dev_type, dev_node, true, tt, ctx); if (tt->fd >= 0) { @@ -3164,7 +3225,8 @@ open_darwin_utun(const char *dev, const char *dev_type, const char *dev_node, st #endif /* ifdef HAVE_NET_IF_UTUN_H */ void -open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt) +open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt, + openvpn_net_ctx_t *ctx) { #ifdef HAVE_NET_IF_UTUN_H /* If dev_node does not start start with utun assume regular tun/tap */ @@ -3190,7 +3252,7 @@ open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tun { /* No explicit utun and utun failed, try the generic way) */ msg(M_INFO, "Failed to open utun device. Falling back to /dev/tun device"); - open_tun_generic(dev, dev_type, NULL, true, tt); + open_tun_generic(dev, dev_type, NULL, true, tt, ctx); } else { @@ -3213,7 +3275,7 @@ open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tun dev_node = NULL; } - open_tun_generic(dev, dev_type, dev_node, true, tt); + open_tun_generic(dev, dev_type, dev_node, true, tt, ctx); } } @@ -3271,7 +3333,8 @@ read_tun(struct tuntap *tt, uint8_t *buf, int len) #elif defined(TARGET_AIX) void -open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt) +open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt, + openvpn_net_ctx_t *ctx) { char tunname[256]; char dynamic_name[20]; @@ -6580,7 +6643,8 @@ tuntap_post_open(struct tuntap *tt, const char *device_guid) } void -open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt) +open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt, + openvpn_net_ctx_t *ctx) { const char *device_guid = NULL; @@ -6881,9 +6945,10 @@ ipset2ascii_all(struct gc_arena *gc) #else /* generic */ void -open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt) +open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt, + openvpn_net_ctx_t *ctx) { - open_tun_generic(dev, dev_type, dev_node, true, tt); + open_tun_generic(dev, dev_type, dev_node, true, tt, ctx); } void diff --git a/src/openvpn/tun.h b/src/openvpn/tun.h index 5fcea590..cf02bf43 100644 --- a/src/openvpn/tun.h +++ b/src/openvpn/tun.h @@ -249,7 +249,7 @@ tuntap_ring_empty(struct tuntap *tt) */ void open_tun(const char *dev, const char *dev_type, const char *dev_node, - struct tuntap *tt); + struct tuntap *tt, openvpn_net_ctx_t *ctx); void close_tun(struct tuntap *tt, openvpn_net_ctx_t *ctx);