[Openvpn-devel] Don't overwrite socket flags when using DCO on Windows

Message ID 20230324121818.2358-1-lstipakov@gmail.com
State Accepted
Headers show
Series [Openvpn-devel] Don't overwrite socket flags when using DCO on Windows | expand

Commit Message

Lev Stipakov March 24, 2023, 12:18 p.m. UTC
From: Lev Stipakov <lev@openvpn.net>

Socket flags can be pushed, in which case they overwrite
existing value. We use socket flags to distingust between
DCO handle and socket on Windows. If server pushes --socket-flags,
we treat DCO handle as socket and everything explodes.

Fix by making link_socket_update_flags() update flags
(like name suggests) instead of overwriting them. Also
do not set TCP_NODELAY on DCO handle on Windows because
it doesn't make sense.

Change-Id: Ia34d73ca49041cb0ce22b84751cdbff57de96048
Signed-off-by: Lev Stipakov <lev@openvpn.net>
 src/openvpn/socket.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)


Gert Doering March 24, 2023, 12:37 p.m. UTC | #1
Acked-by: Gert Doering <gert@greenie.muc.de>

"Because it makes sense".  We didn't discover this before as it needs
a server actually pushing sock-options *and* a DCO-on-Windows client
(*and* TCP?).

I haven't actually tested this, but discussed this beforehand with
Lev, and he has (and the change looks good).

Your patch has been applied to the master and release/2.6 branch.

commit 82e7d5cfd81f03f045ace2bf1d3590b79441ea17 (master)
commit cfc5228f9aeaa99c75fb7538435780e4dd7fb7de (release/2.6)
Author: Lev Stipakov
Date:   Fri Mar 24 14:18:18 2023 +0200

     Don't overwrite socket flags when using DCO on Windows

     Signed-off-by: Lev Stipakov <lev@openvpn.net>
     Acked-by: Gert Doering <gert@greenie.muc.de>
     Message-Id: <20230324121818.2358-1-lstipakov@gmail.com>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26513.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>

kind regards,

Gert Doering


diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c
index 216f2ad7..ab8cc754 100644
--- a/src/openvpn/socket.c
+++ b/src/openvpn/socket.c
@@ -957,7 +957,8 @@  socket_set_mark(socket_descriptor_t sd, int mark)
 static bool
 socket_set_flags(socket_descriptor_t sd, unsigned int sockflags)
-    if (sockflags & SF_TCP_NODELAY)
+    /* SF_TCP_NODELAY doesn't make sense for dco-win */
+    if ((sockflags & SF_TCP_NODELAY) && (!(sockflags & SF_DCO_WIN)))
         return socket_set_tcp_nodelay(sd, 1);
@@ -972,7 +973,8 @@  link_socket_update_flags(struct link_socket *ls, unsigned int sockflags)
     if (ls && socket_defined(ls->sd))
-        return socket_set_flags(ls->sd, ls->sockflags = sockflags);
+        ls->sockflags |= sockflags;
+        return socket_set_flags(ls->sd, ls->sockflags);