From patchwork Mon Nov 28 11:16:42 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 2865 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director14.mail.ord1d.rsapps.net ([172.31.255.6]) by backend30.mail.ord1d.rsapps.net with LMTP id QKyFGsaZhGO7bAAAIUCqbw (envelope-from ) for ; Mon, 28 Nov 2022 06:21:42 -0500 Received: from proxy9.mail.iad3b.rsapps.net ([172.31.255.6]) by director14.mail.ord1d.rsapps.net with LMTP id 6FMnGsaZhGMaQQAAeJ7fFg (envelope-from ) for ; Mon, 28 Nov 2022 06:21:42 -0500 Received: from smtp12.gate.iad3b ([172.31.255.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy9.mail.iad3b.rsapps.net with LMTPS id SLUKNMWZhGMhFgAAC4PSzw (envelope-from ) for ; Mon, 28 Nov 2022 06:21:41 -0500 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp12.gate.iad3b.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=greenie.muc.de X-Suspicious-Flag: YES X-Classification-ID: d4e81df4-6f0e-11ed-ad79-525400ae1f9d-1-1 Received: from [216.105.38.7] ([216.105.38.7:39206] helo=lists.sourceforge.net) by smtp12.gate.iad3b.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 7F/00-08564-5C994836; Mon, 28 Nov 2022 06:21:41 -0500 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1ozcBj-00030K-Of; Mon, 28 Nov 2022 11:20:39 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1ozcBi-000300-6R for openvpn-devel@lists.sourceforge.net; Mon, 28 Nov 2022 11:20:38 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=47ZteRUGpj3HMlIEvZu6caYI8KV15Jzl8RJSl1wnhtU=; b=IuZ72mCw/UUx6rIohsjXepDYrh YBuEfpsQ4VhBF0UsdB8haii1ZkAT6BeWCZN9vNa6mfoPHPRJt30HwcNxvujTewyoa2dG5O2Vb1ToX Ms0qktmkxQmDlLMzfZVWFtH85y0ACldCwu3oaUZzKuSKT6kNSvNeIokEW+davb33AO3Q=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=47ZteRUGpj3HMlIEvZu6caYI8KV15Jzl8RJSl1wnhtU=; b=MGBHpB6fqF1CGJie6JqLIVpdhV +aaWmMYTb4vve+7/zYKYCbkJnC83fVouTqwpMAl0auEaI5r2KPQ6jo0Kr9giOqOw0GFbAQCT00eCN pU+E43jIaDbg0WFrfxmqb7QbxSl9KHfJYvilamEPYlE3lXooYizNCY5uWeFwXL79sYbA=; Received: from dhcp-174.greenie.muc.de ([193.149.48.174] helo=blue.greenie.muc.de) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1ozcBg-00GZQy-6d for openvpn-devel@lists.sourceforge.net; Mon, 28 Nov 2022 11:20:38 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.17.1/8.17.1) with ESMTP id 2ASBGiLE003535 for ; Mon, 28 Nov 2022 12:16:44 +0100 Received: (from gert@localhost) by blue.greenie.muc.de (8.17.1.9/8.17.1.9/Submit) id 2ASBGipJ003534 for openvpn-devel@lists.sourceforge.net; Mon, 28 Nov 2022 12:16:44 +0100 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Mon, 28 Nov 2022 12:16:42 +0100 Message-Id: <20221128111642.3483-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20221126141041.5098-1-gert@greenie.muc.de> References: <20221126141041.5098-1-gert@greenie.muc.de> MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Instead of fully removing PORTS, keep "this is what you want to do for porting OpenVPN to a new platform" section, and update the PLATFORMS part to better reflect current status. v2: drop "2.2+" from Linux, and name the fruitish thing "macOS" Content analysis details: (-0.0 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record -0.0 SPF_HELO_PASS SPF: HELO matches SPF record X-Headers-End: 1ozcBg-00GZQy-6d Subject: [Openvpn-devel] [PATCH v2] Update PORTS X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Instead of fully removing PORTS, keep "this is what you want to do for porting OpenVPN to a new platform" section, and update the PLATFORMS part to better reflect current status. v2: drop "2.2+" from Linux, and name the fruitish thing "macOS" Signed-off-by: Gert Doering Acked-by: Frank Lichtenheld --- PORTS | 43 +++++++++++++++++++++++++------------------ 1 file changed, 25 insertions(+), 18 deletions(-) diff --git a/PORTS b/PORTS index ff76850d..2e5133b0 100644 --- a/PORTS +++ b/PORTS @@ -11,20 +11,31 @@ Copyright (C) 2002-2022 OpenVPN Inc PLATFORM STATUS: - * Linux 2.2+ (supported) - * Solaris (supported) - * OpenBSD 3.0 (supported but pthreads are broken) - * Max OS X Darwin +Tier 1 platforms - actively tested for every source commit, across +multiple operating system versions + + * Windows 7 and newer + * Windows Server 2012 and newer + * Linux * FreeBSD + * macOS + +Tier 2 platforms - it worked at some point, but is not actively tested +on "latest OS, latest OS libraries" so might break if larger changes +are done on the platform side + + * OpenBSD * NetBSD - * Windows - * 64 bit platforms -- I have heard reports that - OpenVPN runs on Alpha Linux and FreeBSD. - * ARM -- I have heard of at least one case - where OpenVPN was successfully built and - run on the ARM architecture. + * DragonFly BSD + * Solaris + * AIX + +For underlying CPU architecture, everything 32 bit or 64 bit (Intel, AMD, +ARM, PowerPC, SPARC*) should work fine. 16 bit Architectures are unlikely +to work. + -PORTING NOTES: +PORTING GUIDELINE TO A NEW PLATFORM: * Make sure that OpenSSL will build on your platform. @@ -42,7 +53,7 @@ PORTING NOTES: function in tun.c to generate a correct "ifconfig" command for your platform. Note that OpenVPN determines the ifconfig path at ./configure time. - * Add an ifconfig_order() variant for your OS so + * Possibly add an ifconfig_order() variant for your OS so openvpn knows whether to call ifconfig before or after tun/tap dev open. * Add an #ifdef TARGET_YOUROS block in tun.c and define @@ -77,12 +88,8 @@ PORTING NOTES: disabled with an explicit ioctl call if cross-platform compatibility is to be preserved. You can see some examples of this in tun.c. - * If your system supports pthreads, try building - with ./configure --enable-pthread and do a stress - test in TLS mode. - * Try the ultimate stress test which is --gremlin - --reneg-sec 10 in TLS mode (preferably with pthreads - enabled), then do a flood ping across the tunnel + * Try the ultimate stress test which is --gremlin --reneg-sec 10 + in TLS mode then do a flood ping across the tunnel (ping -f remote-endpoint) in both directions and let it run overnight. --gremlin will induce massive corruption and packet loss, but you win if you