From patchwork Sat Aug 13 11:39:20 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Antonio Quartulli <a@unstable.cc>
X-Patchwork-Id: 2677
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Delivered-To: patchwork@openvpn.net
Received: from director15.mail.ord1d.rsapps.net ([172.30.191.6])
	by backend30.mail.ord1d.rsapps.net with LMTP
	id kGvPByUa+GKsOgAAIUCqbw
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	for <patchwork@openvpn.net>; Sat, 13 Aug 2022 17:39:49 -0400
Received: from proxy16.mail.ord1d.rsapps.net ([172.30.191.6])
	by director15.mail.ord1d.rsapps.net with LMTP
	id KNeyByUa+GKOIQAAIcMcQg
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	for <patchwork@openvpn.net>; Sat, 13 Aug 2022 17:39:49 -0400
Received: from smtp23.gate.ord1d ([172.30.191.6])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	by proxy16.mail.ord1d.rsapps.net with LMTPS
	id SFGCByUa+GLYCAAAetu3IA
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	for <patchwork@openvpn.net>; Sat, 13 Aug 2022 17:39:49 -0400
X-Spam-Threshold: 95
X-Spam-Score: 0
X-Spam-Flag: NO
X-Virus-Scanned: OK
X-Orig-To: openvpnslackdevel@openvpn.net
X-Originating-Ip: [216.105.38.7]
Authentication-Results: smtp23.gate.ord1d.rsapps.net;
 iprev=pass policy.iprev="216.105.38.7";
 spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net"
 smtp.helo="lists.sourceforge.net";
 dkim=fail (signature verification failed) header.d=sourceforge.net;
 dkim=fail (signature verification failed) header.d=sf.net;
 dkim=fail (signature verification failed) header.d=unstable.cc;
 dmarc=fail (p=none; dis=none) header.from=unstable.cc
X-Suspicious-Flag: YES
X-Classification-ID: 747c1860-1b50-11ed-8860-525400bfb165-1-1
Received: from [216.105.38.7] ([216.105.38.7:43722]
 helo=lists.sourceforge.net)
	by smtp23.gate.ord1d.rsapps.net (envelope-from
 <openvpn-devel-bounces@lists.sourceforge.net>)
	(ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384)
	id 10/0B-04302-42A18F26; Sat, 13 Aug 2022 17:39:48 -0400
Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com)
	by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1oMyqH-0002ck-2h;
	Sat, 13 Aug 2022 21:38:49 +0000
Received: from [172.30.20.202] (helo=mx.sourceforge.net)
 by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
 (envelope-from <a@unstable.cc>) id 1oMyqD-0002cd-1L
 for openvpn-devel@lists.sourceforge.net;
 Sat, 13 Aug 2022 21:38:45 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References:
 In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:
 Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
 Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=uNhPM8o8n+R1yC5Pf/owlgwoB4RsMXFxXega+iHizew=; b=b/ZkuGz8Yx0W1sQYnrqucY3pNA
 hMAKsyzjOgWVAIfY5FXxUNvFwSTLxeOLR/CpjpL6upNB1HxPz5j8xyc1idaVLMXQWT6Bl8j1mvjJD
 X8N/wA2MF9lvy5+HWa6HmBJXAcInDltoCNwfy9q2sFhl3yUneliq9H22VqWfryl6Bd7s=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id:
 Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
 List-Post:List-Owner:List-Archive;
 bh=uNhPM8o8n+R1yC5Pf/owlgwoB4RsMXFxXega+iHizew=; b=QfDWF8hUXPb/jX25y2QXxUwqJK
 3sJ0P2l/+cA9HkQjxhzpXUE9V4BMUI1agID3j62+Po5H6SumK3/0TVAoWsQ9BnjcThV8HfSXMBdEp
 Hbw0qrZkBcwY/XYSsZMVrm0WpxaWcnNVOHtIWbW9XtDZjyKI2VhFOkruJaNzKZCs880Y=;
Received: from wilbur.contactoffice.com ([212.3.242.68])
 by sfi-mx-2.v28.lw.sourceforge.com with esmtps
 (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95)
 id 1oMyqB-0007Dw-SE for openvpn-devel@lists.sourceforge.net;
 Sat, 13 Aug 2022 21:38:44 +0000
Received: from smtpauth2.co-bxl (smtpauth2.co-bxl [10.2.0.24])
 by wilbur.contactoffice.com (Postfix) with ESMTP id B3B57971;
 Sat, 13 Aug 2022 23:38:37 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1660426717;
 s=20220809-q8oc; d=unstable.cc; i=a@unstable.cc;
 h=From:Cc:Date:Message-Id:In-Reply-To:References:MIME-Version:Content-Transfer-Encoding;
 l=1783; bh=uNhPM8o8n+R1yC5Pf/owlgwoB4RsMXFxXega+iHizew=;
 b=GJ9LlVUeHGmoJ4I6SHlKjiRn6r8a9Wgo3iBzOGfnnOajLLd2+dfGp+u95F23uXfD
 WbbkrTpVflKY8fv7hPkiYaEbtzzR9dlhH7u+4CpE5JLJpw4MTzM5mIluLN5t1Izw1SJ
 dPiKUHK/4JFtKDzW/5QKYYuiGAReb7SjwBPiSSXFDrjo5sVfgwOq6OCNOysg3zuGmyQ
 FN9VGHwBhaqsyh1bqQPD8BwOc/TEU76VJibmQUqNdUHKazeRvSKeuja9oncQDzf5mU4
 B7vt/rPYVkviyjEtUpHIy8k7p7gq5FzN4GURR9mtl7qNM+2DtGVSpvJ586eOoHS3/O5
 sc/1PrwavA==
Received: by smtp.mailfence.com with ESMTPSA ;
 Sat, 13 Aug 2022 23:38:35 +0200 (CEST)
From: Antonio Quartulli <a@unstable.cc>
To: openvpn-devel@lists.sourceforge.net
Date: Sat, 13 Aug 2022 23:39:20 +0200
Message-Id: <20220813213920.18959-1-a@unstable.cc>
X-Mailer: git-send-email 2.35.1
In-Reply-To: <20220813204224.22576-6-a@unstable.cc>
References: 
MIME-Version: 1.0
X-Spam-Status: No, hits=-1.0 required=4.7 symbols=ALL_TRUSTED,
 T_SCC_BODY_TEXT_LINE device=10.2.0.21
X-ContactOffice-Account: com:375058688
X-Spam-Report: Spam detection software,
 running on the system "util-spamd-1.v13.lw.sourceforge.com",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview: On Windows the high level API should still use the
 link_socket
 object to read and write packets. For this reason, even if dco_installed
 is true, we still need to rely on the classic link_socket object [...]
 Content analysis details:   (-0.9 points, 6.0 required)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 -0.7 RCVD_IN_DNSWL_LOW      RBL: Sender listed at https://www.dnswl.org/,
 low trust [212.3.242.68 listed in list.dnswl.org]
 -0.0 SPF_PASS               SPF: sender matches SPF record
 -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
 -0.1 DKIM_VALID_EF          Message has a valid DKIM or DK signature from
 envelope-from domain
 0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
 not necessarily
 valid
 -0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from
 author's domain
X-Headers-End: 1oMyqB-0007Dw-SE
Subject: [Openvpn-devel] [PATCH v102 6/7] dco-win: ensure the DCO API is not
 used when running on Windows
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Cc: Antonio Quartulli <a@unstable.cc>
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox

On Windows the high level API should still use the link_socket object to
read and write packets. For this reason, even if dco_installed is true,
we still need to rely on the classic link_socket object.

Signed-off-by: Antonio Quartulli <a@unstable.cc>
Acked-by: Lev Stipakov <lstipakov@gmail.com>
---
Changes from v101:
* add defined(TARGET_FREEBSD) to the #if guard

Changes from v100:
* removed ASSERTs (moved to previous patch)
* improve comment text in forward.c
---
 src/openvpn/forward.c | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/src/openvpn/forward.c b/src/openvpn/forward.c
index f6d416a3..8b95af64 100644
--- a/src/openvpn/forward.c
+++ b/src/openvpn/forward.c
@@ -1601,6 +1601,26 @@ process_ip_header(struct context *c, unsigned int flags, struct buffer *buf)
     }
 }
 
+/* Linux-like DCO implementations pass the socket to the kernel and
+ * disallow usage of it from userland, so (control) packets sent and
+ * received by OpenVPN need to go through the DCO interface.
+ *
+ * Windows DCO needs control packets to be sent via the normal
+ * Socket API.
+ *
+ * Hide that complexity (...especially if more platforms show up
+ * in future...) in a small inline function.
+ */
+static bool
+should_use_dco_socket(struct link_socket *sock)
+{
+#if defined(TARGET_LINUX) || defined(TARGET_FREEBSD)
+    return sock->info.dco_installed;
+#else
+    return false;
+#endif
+}
+
 /*
  * Input: c->c2.to_link
  */
@@ -1674,7 +1694,7 @@ process_outgoing_link(struct context *c)
                 socks_preprocess_outgoing_link(c, &to_addr, &size_delta);
 
                 /* Send packet */
-                if (c->c2.link_socket->info.dco_installed)
+                if (should_use_dco_socket(c->c2.link_socket))
                 {
                     size = dco_do_write(&c->c1.tuntap->dco,
                                         c->c2.tls_multi->peer_id,