From patchwork Fri Feb 27 22:47:39 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 4783 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:292f:b0:83c:d90d:321 with SMTP id f15csp432202maw; Fri, 27 Feb 2026 14:48:05 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCWmuje2sjnhVGorx/JNzZJwdpgXRD53LG9wAx0w03Bx59fnbxLB9r7BzRVpTLluuiutNVg3ddLNiWg=@openvpn.net X-Received: by 2002:a05:6808:4f62:b0:45e:ecd9:ed9f with SMTP id 5614622812f47-464becd55b7mr2374602b6e.21.1772232485085; Fri, 27 Feb 2026 14:48:05 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1772232485; cv=none; d=google.com; s=arc-20240605; b=aI7WLQf7kmloMYVo1FgbGU1bd9j5tbdqRPlQUs+YinWyazFjaoSM6lEaE+lcwuKnzz 8ELlm3nHsgdm8fQjZokVtrht6IMkJf2pllNv0Y5xCf3o06qDW81ACoO4fro4iXKssFaH R778IPLO2S6n8ya0LPU+4PEk16/+SVWim7onVLUCUvxLTgR3sP6mf7xBs7WfIiDAmNnK OOFt77ECAiLE002VNCc5uEHnLC1RsM1+Qkcg9mBLJiaC31BlxEcjztwCnh3JkOapAsE4 OraHEFEX5u67RJYrKyH+spBHFo3REAckWbmPLwEAlPG/NyS32HdaAIGFmodLT2XJc1uw o/Vw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=dbHNrlDQcUP0AwBQOO+t79w8HbBM/cNbUPyltcEVfvE=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=InbAGKdL/d6x0e+DMMw1L1q1JbECDu0D/qQdjTPmusqHMaciFpXSZYHGVKNRN/nBhB mG06w74DcOiHzSTR/uptiqz/9DVKIjohpEkqBO0hYwYElAqsg9QQtSYSWHK3lOskz8gp LJH82YfFY/NZxRNjuAumdv9S3Z16R5pfnaGg4qJaoouP8x4GsovIbPc6Gr9zVfuSPjp0 fNUs+GwJhzsAuNQdLdsM65ERJ5lk8P2HD2rAxfgGIARcMVvHVTyyC5W1dmSgD+EYpSXx 3yqFWhmwS5jJz56ngHxpEPAQhG/8WOlc0tiQeZRsn27wGXx9gDcS3tcK1hOlIXdo7yZe Y7yQ==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=SCQHJBxZ; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b="IZs/VcXS"; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b="iOYie/yg"; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 5614622812f47-464bb37d98asi2315406b6e.57.2026.02.27.14.48.04 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 27 Feb 2026 14:48:05 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=SCQHJBxZ; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b="IZs/VcXS"; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b="iOYie/yg"; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=dbHNrlDQcUP0AwBQOO+t79w8HbBM/cNbUPyltcEVfvE=; b=SCQHJBxZzrflekx47uLLh+FlK1 JNPdbnyAPVICnJ+4VN/tK1k7P/gyZOJUfJZ8NyhDK/lZagNez8+HgQWnG8Vdm1GQPNauJfzHiezYf RXnGiGW2Pg2M0l3I3PtMyreFMax0Wcf+/8aUZlxdv4UzRpBU2/73vzuoYPCY2/2NknDc=; Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1vw6cq-00083D-Hq; Fri, 27 Feb 2026 22:48:00 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1vw6cp-000835-Ai for openvpn-devel@lists.sourceforge.net; Fri, 27 Feb 2026 22:47:59 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=UIl3N9gFaSY8Oib60lWKd7JGN5adqyDmgvNS2SB9JdY=; b=IZs/VcXSfwiVylHpUyVwA4ovgL cbDMvOYQh+Q+Hiu18nl/8Fgx/AEOftKR4vqAAde7zjuLpFey8vvh5o2DgNHSMA0gIlDJ6RhsZhqVw 6+teOtleMUZYAyfkklODYrUiSnq5rDs4sL9842Pjx3Egwp+VWXnp2r9k2dWjVMFRgBeg=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=UIl3N9gFaSY8Oib60lWKd7JGN5adqyDmgvNS2SB9JdY=; b=iOYie/yg4XRKnCCwRdu7m36JYk IEEWfdKnX3PZS1ku4anK1afOyopyQH5Jbe1yY4M4gUb8e3lj6wVGNPKcot7h6aL69iBQj/kCPH28s Oqjj1yQJncXPV6X7tV2hgteQEUiEDoWCAjgRw9a0huGGAKf70ulivQxantsrf6JfyKGQ=; Received: from [193.149.48.129] (helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1vw6co-00037r-8M for openvpn-devel@lists.sourceforge.net; Fri, 27 Feb 2026 22:47:59 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.18.1/8.18.1) with ESMTP id 61RMlkIw003192 for ; Fri, 27 Feb 2026 23:47:46 +0100 Received: (from gert@localhost) by blue.greenie.muc.de (8.18.1/8.18.1/Submit) id 61RMlkmI003191 for openvpn-devel@lists.sourceforge.net; Fri, 27 Feb 2026 23:47:46 +0100 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Fri, 27 Feb 2026 23:47:39 +0100 Message-ID: <20260227224745.3175-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.52.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: 1.3 (+) X-Spam-Report: Spam detection software, running on the system "sfi-spamd-1.hosts.colo.sdot.me", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: DCO FreeBSD uses ioctl() calls for userland -> driver communication, on a socket() file descriptor. The original code uses AF_INET sockets, which fails if using a kernel compiled without IPv4 support. Content analysis details: (1.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS X-Headers-End: 1vw6co-00037r-8M Subject: [Openvpn-devel] [PATCH v1] dco_freebsd: use AF_LOCAL sockets for ioctl() communication with DCO driver X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1858320450055248273?= X-GMAIL-MSGID: =?utf-8?q?1858320450055248273?= DCO FreeBSD uses ioctl() calls for userland -> driver communication, on a socket() file descriptor. The original code uses AF_INET sockets, which fails if using a kernel compiled without IPv4 support. The kernel side ioctl() handling does not differentiate between AF_INET, AF_INET6 and AF_LOCAL sockets, and only the latter are guaranteed to be present. While add it, add a clear message if the socket() call in dco_available() fails (it will lead to disabling of DCO). FreeBSD PR: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=286263 Reported-by: Marek Zarychta Change-Id: I84fe7a11391eafde3660d25a3c99094a0c525f3d Signed-off-by: Gert Doering Acked-by: Antonio Quartulli Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1551 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1551 This mail reflects revision 1 of this Change. Acked-by according to Gerrit (reflected above): Antonio Quartulli diff --git a/src/openvpn/dco_freebsd.c b/src/openvpn/dco_freebsd.c index ee3a5d0..718cd8b 100644 --- a/src/openvpn/dco_freebsd.c +++ b/src/openvpn/dco_freebsd.c @@ -205,7 +205,7 @@ return -1; } - dco->fd = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0); + dco->fd = socket(AF_LOCAL, SOCK_DGRAM | SOCK_CLOEXEC, 0); if (dco->fd != -1) { dco->open = true; @@ -715,9 +715,10 @@ * loaded, or built into the kernel. */ (void)kldload("if_ovpn"); - fd = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0); + fd = socket(AF_LOCAL, SOCK_DGRAM | SOCK_CLOEXEC, 0); if (fd < 0) { + msg(M_WARN | M_ERRNO, "%s: socket() failed, disabling data channel offload", __func__); return false; }