From patchwork Fri Aug 12 03:06:50 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Antonio Quartulli X-Patchwork-Id: 2655 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director15.mail.ord1d.rsapps.net ([172.27.255.56]) by backend30.mail.ord1d.rsapps.net with LMTP id KeSTOKlQ9mJ3MwAAIUCqbw (envelope-from ) for ; Fri, 12 Aug 2022 09:07:53 -0400 Received: from proxy3.mail.iad3a.rsapps.net ([172.27.255.56]) by director15.mail.ord1d.rsapps.net with LMTP id EFl4N6lQ9mJUUwAAIcMcQg (envelope-from ) for ; Fri, 12 Aug 2022 09:07:53 -0400 Received: from smtp18.gate.iad3a ([172.27.255.56]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy3.mail.iad3a.rsapps.net with LMTPS id 6NacMKlQ9mJWbQAAYaqY3Q (envelope-from ) for ; Fri, 12 Aug 2022 09:07:53 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp18.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=fail (p=none; dis=none) header.from=unstable.cc X-Suspicious-Flag: YES X-Classification-ID: c5ded772-1a3f-11ed-bc4c-5254008b8116-1-1 Received: from [216.105.38.7] ([216.105.38.7:60412] helo=lists.sourceforge.net) by smtp18.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 09/77-08730-8A056F26; Fri, 12 Aug 2022 09:07:53 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1oMUMw-0001l1-61; Fri, 12 Aug 2022 13:06:30 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1oMUMu-0001ki-Fo for openvpn-devel@lists.sourceforge.net; Fri, 12 Aug 2022 13:06:28 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=I+JFJ0+Ue5g8NsspfTSNoWN8nmDFYqYB6EqpkKyLOZk=; b=GNk39G1QYBMW8ST557zfk/oehk 3vryytppuTlGmkXGmBsyWyW5DBlt86uooroctioLpKKtSG4OoHUquvbUrBImLIMsF6bBnjbxGkKkA ybO0ylPnJbLyMndGf4TJPwg8gPU23vhzfHvCACHIzgD5sDOhqzAsZg27f9ubSHkrD93s=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=I+JFJ0+Ue5g8NsspfTSNoWN8nmDFYqYB6EqpkKyLOZk=; b=bWDn3YXZDgZCGqOCY4Zmbxlhrb TPu2pNnpJR5NHUK/N19SZR2vzgScCjGzN0z7A24j0o3QKyA/hH+DD0jQJTCNFmFXqpAwBWNeXwkuj hblbhE9hZfBrOAqKB/p4Qv5YliJhqmob2BAX5MbWcRSTsRPdNcwhedoYlez8/ax4L6l8=; Received: from s2.neomailbox.net ([5.148.176.60]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.94.2) id 1oMUMt-00DFWw-FP for openvpn-devel@lists.sourceforge.net; Fri, 12 Aug 2022 13:06:28 +0000 From: Antonio Quartulli To: openvpn-devel@lists.sourceforge.net Date: Fri, 12 Aug 2022 15:06:50 +0200 Message-Id: <20220812130657.29899-4-a@unstable.cc> In-Reply-To: <20220812130657.29899-1-a@unstable.cc> References: <20220812130657.29899-1-a@unstable.cc> MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Some platforms may have different constraints in terms of incompatible opions, therefore we add a function that explicitly checks those. Also, add generic option check for when ovpn-dco-win is in use. Content analysis details: (1.0 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) X-Headers-End: 1oMUMt-00DFWw-FP Subject: [Openvpn-devel] [PATCH v100 03/10] dco-win: add platform dependant check on incompatible options X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Lev Stipakov , Antonio Quartulli Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Some platforms may have different constraints in terms of incompatible opions, therefore we add a function that explicitly checks those. Also, add generic option check for when ovpn-dco-win is in use. Signed-off-by: Antonio Quartulli Signed-off-by: Lev Stipakov --- src/openvpn/dco.c | 17 +++++++++++++++-- src/openvpn/options.c | 5 +++++ 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/src/openvpn/dco.c b/src/openvpn/dco.c index ac694d18..d330d917 100644 --- a/src/openvpn/dco.c +++ b/src/openvpn/dco.c @@ -221,7 +221,20 @@ dco_update_keys(dco_context_t *dco, struct tls_multi *multi) static bool dco_check_option_conflict_platform(int msglevel, const struct options *o) { -#if defined(TARGET_LINUX) +#if defined(_WIN32) + if (o->mode == MODE_SERVER) + { + msg(msglevel, "Only client and p2p data channel offload is supported " + "with ovpn-dco-win."); + return false; + } + + if (o->persist_tun) + { + msg(msglevel, "--persist-tun is not supported with ovpn-dco-win."); + return false; + } +#elif defined(TARGET_LINUX) /* if the device name is fixed, we need to check if an interface with this * name already exists. IF it does, it must be a DCO interface, otherwise * DCO has to be disabled in order to continue. @@ -246,7 +259,7 @@ dco_check_option_conflict_platform(int msglevel, const struct options *o) strerror(-ret), ret); } } -#endif /* if defined(TARGET_LINUX) */ +#endif /* if defined(_WIN32) */ return true; } diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 0ce3158b..90e59582 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -2450,6 +2450,11 @@ options_postprocess_verify_ce(const struct options *options, { msg(M_USAGE, "--windows-driver wintun requires --dev tun"); } + + if (options->windows_driver == WINDOWS_DRIVER_DCO) + { + dco_check_option_conflict(M_USAGE, options); + } #endif /* ifdef _WIN32 */ /*