[Openvpn-devel] dco-win: get driver version

Message ID	20231008112755.23568-1-frank@lichtenheld.com
State	Accepted
Headers	show Return-Path: <openvpn-devel-bounces@lists.sourceforge.net> Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; From: Frank Lichtenheld <frank@lichtenheld.com> To: openvpn-devel@lists.sourceforge.net Date: Sun, 8 Oct 2023 13:27:55 +0200 Message-Id: <20231008112755.23568-1-frank@lichtenheld.com> In-Reply-To: <gerrit.1696678214000.I1d0d909e7fca3f51b5c848f1a771a989ab040f17@gerrit.openvpn.net> References: <gerrit.1696678214000.I1d0d909e7fca3f51b5c848f1a771a989ab040f17@gerrit.openvpn.net> MIME-Version: 1.0 preview: From: Lev Stipakov <lev@openvpn.net> Print dco-win driver version using the new ioctl. Requires dco-win driver 1.0.0 or newer to work. Change-Id: I1d0d909e7fca3f51b5c848f1a771a989ab040f17 Signed-off-by: Lev Stipakov <lev@openvpn.net> Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org> --- Content analysis details: (-1.9 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [80.241.56.171 listed in list.dnswl.org] -1.0 RCVD_IN_MSPIKE_H5 RBL: Excellent reputation (+5) [80.241.56.171 listed in wl.mailspike.net] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.0 RCVD_IN_MSPIKE_WL Mailspike good senders Subject: [Openvpn-devel] [PATCH] dco-win: get driver version Precedence: list Cc: Lev Stipakov <lev@openvpn.net>, Arne Schwabe <arne-openvpn@rfc2549.org> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox
Series	[Openvpn-devel] dco-win: get driver version \| expand [Openvpn-devel] dco-win: get driver version

Message ID

20231008112755.23568-1-frank@lichtenheld.com

State

Accepted

Headers

Received-SPF: pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) client-ip=216.105.38.7;
From: Frank Lichtenheld <frank@lichtenheld.com>
To: openvpn-devel@lists.sourceforge.net
Date: Sun,  8 Oct 2023 13:27:55 +0200
Message-Id: <20231008112755.23568-1-frank@lichtenheld.com>
In-Reply-To: 
 <gerrit.1696678214000.I1d0d909e7fca3f51b5c848f1a771a989ab040f17@gerrit.openvpn.net>
References: 
 <gerrit.1696678214000.I1d0d909e7fca3f51b5c848f1a771a989ab040f17@gerrit.openvpn.net>
MIME-Version: 1.0
Subject: [Openvpn-devel] [PATCH] dco-win: get driver version
Precedence: list
Cc: Lev Stipakov <lev@openvpn.net>, Arne Schwabe <arne-openvpn@rfc2549.org>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: openvpn-devel-bounces@lists.sourceforge.net

Series

[Openvpn-devel] dco-win: get driver version | expand

Commit Message

Frank Lichtenheld Oct. 8, 2023, 11:27 a.m. UTC

From: Lev Stipakov <lev@openvpn.net>

Print dco-win driver version using the new ioctl.
Requires dco-win driver 1.0.0 or newer to work.

Change-Id: I1d0d909e7fca3f51b5c848f1a771a989ab040f17
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
---

This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to release/2.6.

Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/367
This mail reflects revision 3 of this Change.
Acked-by according to Gerrit (reflected above):
Arne Schwabe <arne-openvpn@rfc2549.org>

Comments

Gert Doering Oct. 15, 2023, 2:36 p.m. UTC | #1

This is a useful addition (as we discussed at the hackathon), for
future feature enhancements that require a minimum version of the
DCO-WIN driver ("new driver supports old+new openvpn.exe by means of
v1 and v2 IOCTLs, but new openvpn.exe has no compat layer for old
driver").

Uncrustify complains about ovpn_dco_win.h on commit, because the
exclusion list is not applied in our "commit hook" - but this is
known and accepted for this file ("import from other project").

I have compile-tested this on Ubuntu/MinGW and ran through GHA, and
also done a quick stare-at-code ("does it handle errors, like 'no driver'
or 'driver too old for this IOCTL'?") and this all looks good.

Your patch has been applied to the master and release/2.6 branch.

commit e8e5f8a4c4f8e01dc7317ac87a85d3204882d6bf (master)
commit c54e1b226e9d6709cdc2b243e6a961a6cd47c7c6 (release/2.6)
Author: Lev Stipakov
Date:   Sun Oct 8 13:27:55 2023 +0200

     dco-win: get driver version

     Signed-off-by: Lev Stipakov <lev@openvpn.net>
     Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
     Message-Id: <20231008112755.23568-1-frank@lichtenheld.com>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27174.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering

diff --git a/src/openvpn/dco_win.c b/src/openvpn/dco_win.c
index 53f1523..a775c82 100644
--- a/src/openvpn/dco_win.c
+++ b/src/openvpn/dco_win.c
@@ -386,7 +386,32 @@ 
 const char *
 dco_version_string(struct gc_arena *gc)
 {
-    return "v0";
+    OVPN_VERSION version;
+    ZeroMemory(&version, sizeof(OVPN_VERSION));
+
+    /* try to open device by symbolic name */
+    HANDLE h = CreateFile("\\\\.\\ovpn-dco", GENERIC_READ | GENERIC_WRITE,
+                          0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_SYSTEM | FILE_FLAG_OVERLAPPED, NULL);
+
+    if (h == INVALID_HANDLE_VALUE)
+    {
+        return "N/A";
+    }
+
+    DWORD bytes_returned = 0;
+    if (!DeviceIoControl(h, OVPN_IOCTL_GET_VERSION, NULL, 0,
+                         &version, sizeof(version), &bytes_returned, NULL))
+    {
+        CloseHandle(h);
+        return "N/A";
+    }
+
+    CloseHandle(h);
+
+    struct buffer out = alloc_buf_gc(256, gc);
+    buf_printf(&out, "%ld.%ld.%ld", version.Major, version.Minor, version.Patch);
+
+    return BSTR(&out);
 }
 
 int
diff --git a/src/openvpn/ovpn_dco_win.h b/src/openvpn/ovpn_dco_win.h
index cbbdf92..ea2a733 100644
--- a/src/openvpn/ovpn_dco_win.h
+++ b/src/openvpn/ovpn_dco_win.h
@@ -100,6 +100,12 @@ 
 	LONG MSS;
 } OVPN_SET_PEER, * POVPN_SET_PEER;
 
+typedef struct _OVPN_VERSION {
+    LONG Major;
+    LONG Minor;
+    LONG Patch;
+} OVPN_VERSION, * POVPN_VERSION;
+
 #define OVPN_IOCTL_NEW_PEER     CTL_CODE(FILE_DEVICE_UNKNOWN, 1, METHOD_BUFFERED, FILE_ANY_ACCESS)
 #define OVPN_IOCTL_GET_STATS    CTL_CODE(FILE_DEVICE_UNKNOWN, 2, METHOD_BUFFERED, FILE_ANY_ACCESS)
 #define OVPN_IOCTL_NEW_KEY      CTL_CODE(FILE_DEVICE_UNKNOWN, 3, METHOD_BUFFERED, FILE_ANY_ACCESS)
@@ -107,3 +113,4 @@ 
 #define OVPN_IOCTL_SET_PEER     CTL_CODE(FILE_DEVICE_UNKNOWN, 5, METHOD_BUFFERED, FILE_ANY_ACCESS)
 #define OVPN_IOCTL_START_VPN    CTL_CODE(FILE_DEVICE_UNKNOWN, 6, METHOD_BUFFERED, FILE_ANY_ACCESS)
 #define OVPN_IOCTL_DEL_PEER     CTL_CODE(FILE_DEVICE_UNKNOWN, 7, METHOD_BUFFERED, FILE_ANY_ACCESS)
+#define OVPN_IOCTL_GET_VERSION  CTL_CODE(FILE_DEVICE_UNKNOWN, 8, METHOD_BUFFERED, FILE_ANY_ACCESS)