From patchwork Tue Sep 24 12:43:28 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 3866 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:10cd:b0:5b9:581e:f939 with SMTP id j13csp2722404mae; Tue, 24 Sep 2024 05:43:45 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCVLH5HZvSneYoExrzVDiDJEDhToVAyozbCWCJKTn7SJLWvk0V1pWsd0zcTCF5jvTo8LfZ4xe292RdQ=@openvpn.net X-Google-Smtp-Source: AGHT+IGWd3Ox/l2jCoEcjUKyFVonfNlD854cXfq8lnpu1Q8j2a0jLGYOPjGHlh+zY+34+Ra3qUKU X-Received: by 2002:a05:6e02:1d12:b0:3a1:a57a:40a4 with SMTP id e9e14a558f8ab-3a1a57a418bmr19492585ab.14.1727181825466; Tue, 24 Sep 2024 05:43:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1727181825; cv=none; d=google.com; s=arc-20240605; b=Ezct5emaEUpXMU06FKHAzTxKj8tA+paqOr5dqPgO5Iy2GgbWEb3eSgGiTgXTljQotd wPt+y0CF0YnVY6emIOQ5a4fQ4cNlb+C1f4fwExifEgUCf1FG1UddKBTQCgAvAK/dIaH2 8CrOg2vldUfZgWpm4Lsllh4kCDk5j94c1Qalt+lsav4DDy5C76aHk/2bqI3C2qjaOvrF X0wedIBc395e/8Nrz02RQCaULzmCR93thKgnupKY+y1lbyTFzwpSu/JRpPHH5jlM8OXh LkXr4A3HpXS4GeWYLbUX/TLyvDp7lYzyHA7F2V77x2wCBXGSx2nKEhub19P19anslLRn i6dQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature; bh=+jO1NIm3zRKEY83C6iUwqcLNb6+w57ohY+OXtlLFXGM=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=j4MsdM5AC0ZoXC4cSdrMkHr8De5N9J7jx/iMlaQwi/dmYCYvWLJ5cUogVBdaeWu236 28VrzhfzR0iIpnSDVx2GAx0ogQvWgl7ge0lULN5qWR6yvy6z6Eyf/DkjwMUVzVrQ3G+g 1gN62JSpdaXBPtcKNtHiCAZQsTQuoG2sPoIadilkLX/YmvE37tRgG0PTNa7j49F0Xfud CmIZ1U8hhQJpre04KK3zafk/0A2MzUmLrGojc95zgPGw43WJ/RVgfJWV3KJhGBHffAUq dAS27MhDi3iPJi+7Al/FuTfxE6D1Y8TcLrfWxD1leDFAuDx52+pzEx2b4L/0ztoA4Udf iqwg==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=MlJKfmbs; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=cQ1LTUFN; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id e9e14a558f8ab-3a1a572d816si5740195ab.205.2024.09.24.05.43.45 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 24 Sep 2024 05:43:45 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=MlJKfmbs; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=cQ1LTUFN; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from [127.0.0.1] (helo=sfs-ml-3.v29.lw.sourceforge.com) by sfs-ml-3.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1st4tL-0006tk-E3; Tue, 24 Sep 2024 12:43:42 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-3.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1st4tK-0006te-FT for openvpn-devel@lists.sourceforge.net; Tue, 24 Sep 2024 12:43:41 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=KvksSV04fXsV8CG1Neqymqot5BwCI80Zt0TL0yd8j+Q=; b=MlJKfmbsbxRNWZiKE30soZr46t RgfFTGz9QLqT3eJ8vfmSMUDxgRSyblv0ZJ8snF8cJ0MaEcrYnURsONgTVe65rNZuVmBw/w+R6cFYv M++JoDWue3akilh28abhZUCDk91+z4TAlZVLBFTiBiDD6Jdf7xHtXNBqBCKeaopLgS3c=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=KvksSV04fXsV8CG1Neqymqot5BwCI80Zt0TL0yd8j+Q=; b=cQ1LTUFN/IaI5zcU0WucWQr4DS 2Npol3XRVTtFh3W8BPvd/Tt7CpOyxxXfuMIhLzaXaVZDjkAQFnUpQWfGcfof2vzaGWn04jTHtGNQA NTukYOya/qSIeRJ1g9Op/SiOJCCuHV+gZLPiTQaWb/p/uGOvS6qmjeWu+/E1QaqcNZLg=; Received: from dhcp-174.greenie.muc.de ([193.149.48.174] helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1st4tI-0000Ua-Es for openvpn-devel@lists.sourceforge.net; Tue, 24 Sep 2024 12:43:41 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.17.1.9/8.17.1.9) with ESMTP id 48OChSTj003047 for ; Tue, 24 Sep 2024 14:43:28 +0200 Received: (from gert@localhost) by blue.greenie.muc.de (8.17.1.9/8.17.1.9/Submit) id 48OChSxO003046 for openvpn-devel@lists.sourceforge.net; Tue, 24 Sep 2024 14:43:28 +0200 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Tue, 24 Sep 2024 14:43:28 +0200 Message-ID: <20240924124328.3037-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.44.2 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: -0.0 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Arne Schwabe Change-Id: I5987ebb7c38ab176eed7efc004ea54f606a77a12 Signed-off-by: Arne Schwabe Acked-by: Gert Doering --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Content analysis details: (-0.0 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record -0.0 SPF_HELO_PASS SPF: HELO matches SPF record X-Headers-End: 1st4tI-0000Ua-Es Subject: [Openvpn-devel] [PATCH v11] Change dev null to be a driver type instead of a special mode of tun/tap X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1811081409401622151?= X-GMAIL-MSGID: =?utf-8?q?1811081409401622151?= From: Arne Schwabe Change-Id: I5987ebb7c38ab176eed7efc004ea54f606a77a12 Signed-off-by: Arne Schwabe Acked-by: Gert Doering --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/748 This mail reflects revision 11 of this Change. Acked-by according to Gerrit (reflected above): Gert Doering diff --git a/src/openvpn/dco.c b/src/openvpn/dco.c index ecef455..7864db3 100644 --- a/src/openvpn/dco.c +++ b/src/openvpn/dco.c @@ -306,6 +306,13 @@ return false; } + if (is_dev_type(o->dev, o->dev_type, "null")) + { + msg(msglevel, "Note: null tun type selected, disabling data channel " + "offload"); + return false; + } + if (o->connection_list) { const struct connection_list *l = o->connection_list; diff --git a/src/openvpn/init.c b/src/openvpn/init.c index 1a14e19..fbf2c5b 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -1764,6 +1764,10 @@ /* Using AF_UNIX trumps using DCO */ c->c1.tuntap->backend_driver = DRIVER_AFUNIX; } + else if (is_dev_type(c->options.dev, c->options.dev_type, "null")) + { + c->c1.tuntap->backend_driver = DRIVER_NULL; + } #ifdef _WIN32 else { @@ -1858,7 +1862,12 @@ open_tun_backend(struct context *c) { struct tuntap *tt = c->c1.tuntap; - if (tt->backend_driver == DRIVER_AFUNIX) + + if (tt->backend_driver == DRIVER_NULL) + { + open_tun_null(c->c1.tuntap); + } + else if (tt->backend_driver == DRIVER_AFUNIX) { open_tun_afunix(&c->options, c->c2.frame.tun_mtu, tt, c->c2.es); } @@ -2059,6 +2068,11 @@ { close_tun_afunix(c->c1.tuntap); } + else if (c->c1.tuntap->backend_driver == DRIVER_NULL) + { + free(c->c1.tuntap->actual_name); + free(c->c1.tuntap); + } else { close_tun(c->c1.tuntap, &c->net_ctx); diff --git a/src/openvpn/proto.h b/src/openvpn/proto.h index 4b6d6d6..a160fb6 100644 --- a/src/openvpn/proto.h +++ b/src/openvpn/proto.h @@ -33,7 +33,6 @@ * Tunnel types */ #define DEV_TYPE_UNDEF 0 -#define DEV_TYPE_NULL 1 #define DEV_TYPE_TUN 2 /* point-to-point IP tunnel */ #define DEV_TYPE_TAP 3 /* ethernet (802.3) tunnel */ diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index b305b64..770e806 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -75,6 +75,9 @@ case DRIVER_AFUNIX: return "unix"; + case DRIVER_NULL: + return "null"; + case DRIVER_UTUN: return "utun"; @@ -463,7 +466,9 @@ int dev_type_enum(const char *dev, const char *dev_type) { - if (is_dev_type(dev, dev_type, "tun")) + /* We pretend that the null device is also a tun device but it does not + * really matter as it will discard everything anyway */ + if (is_dev_type(dev, dev_type, "tun") || is_dev_type(dev, dev_type, "null")) { return DEV_TYPE_TUN; } @@ -471,10 +476,6 @@ { return DEV_TYPE_TAP; } - else if (is_dev_type(dev, dev_type, "null")) - { - return DEV_TYPE_NULL; - } else { return DEV_TYPE_UNDEF; @@ -492,9 +493,6 @@ case DEV_TYPE_TAP: return "tap"; - case DEV_TYPE_NULL: - return "null"; - default: return "[unknown-dev-type]"; } @@ -768,8 +766,7 @@ bool tun_p2p = false; if (tt->type == DEV_TYPE_TAP - || (tt->type == DEV_TYPE_TUN && tt->topology == TOP_SUBNET) - || tt->type == DEV_TYPE_NULL) + || (tt->type == DEV_TYPE_TUN && tt->topology == TOP_SUBNET)) { tun_p2p = false; } @@ -780,7 +777,6 @@ else { msg(M_FATAL, "Error: problem with tun vs. tap setting"); /* JYFIXME -- needs to be caught earlier, in init_tun? */ - } return tun_p2p; } @@ -1748,7 +1744,7 @@ void undo_ifconfig(struct tuntap *tt, openvpn_net_ctx_t *ctx) { - if (tt->type != DEV_TYPE_NULL) + if (tt->backend_driver != DRIVER_NULL) { if (tt->did_ifconfig_setup) { @@ -1779,13 +1775,6 @@ #endif } -static void -open_null(struct tuntap *tt) -{ - tt->actual_name = string_alloc("null", NULL); -} - - #if defined (TARGET_OPENBSD) || (defined(TARGET_DARWIN) && HAVE_NET_IF_UTUN_H) /* @@ -1901,78 +1890,72 @@ char dynamic_name[256]; bool dynamic_opened = false; - if (tt->type == DEV_TYPE_NULL) + /* + * --dev-node specified, so open an explicit device node + */ + if (dev_node) { - open_null(tt); + snprintf(tunname, sizeof(tunname), "%s", dev_node); } else { /* - * --dev-node specified, so open an explicit device node + * dynamic open is indicated by --dev specified without + * explicit unit number. Try opening /dev/[dev]n + * where n = [0, 255]. */ - if (dev_node) + + if (!tun_name_is_fixed(dev)) { - snprintf(tunname, sizeof(tunname), "%s", dev_node); + for (int i = 0; i < 256; ++i) + { + snprintf(tunname, sizeof(tunname), + "/dev/%s%d", dev, i); + snprintf(dynamic_name, sizeof(dynamic_name), + "%s%d", dev, i); + if ((tt->fd = open(tunname, O_RDWR)) > 0) + { + dynamic_opened = true; + break; + } + msg(D_READ_WRITE | M_ERRNO, "Tried opening %s (failed)", tunname); + } + if (!dynamic_opened) + { + msg(M_FATAL, "Cannot allocate TUN/TAP dev dynamically"); + } } + /* + * explicit unit number specified + */ else { - /* - * dynamic open is indicated by --dev specified without - * explicit unit number. Try opening /dev/[dev]n - * where n = [0, 255]. - */ - - if (!tun_name_is_fixed(dev)) - { - for (int i = 0; i < 256; ++i) - { - snprintf(tunname, sizeof(tunname), - "/dev/%s%d", dev, i); - snprintf(dynamic_name, sizeof(dynamic_name), - "%s%d", dev, i); - if ((tt->fd = open(tunname, O_RDWR)) > 0) - { - dynamic_opened = true; - break; - } - msg(D_READ_WRITE | M_ERRNO, "Tried opening %s (failed)", tunname); - } - if (!dynamic_opened) - { - msg(M_FATAL, "Cannot allocate TUN/TAP dev dynamically"); - } - } - /* - * explicit unit number specified - */ - else - { - snprintf(tunname, sizeof(tunname), "/dev/%s", dev); - } + snprintf(tunname, sizeof(tunname), "/dev/%s", dev); } - - if (!dynamic_opened) - { - /* has named device existed before? if so, don't destroy at end */ - if (if_nametoindex( dev ) > 0) - { - msg(M_INFO, "TUN/TAP device %s exists previously, keep at program end", dev ); - tt->persistent_if = true; - } - - if ((tt->fd = open(tunname, O_RDWR)) < 0) - { - msg(M_ERR, "Cannot open TUN/TAP dev %s", tunname); - } - } - - set_nonblock(tt->fd); - set_cloexec(tt->fd); /* don't pass fd to scripts */ - msg(M_INFO, "TUN/TAP device %s opened", tunname); - - /* tt->actual_name is passed to up and down scripts and used as the ifconfig dev name */ - tt->actual_name = string_alloc(dynamic_opened ? dynamic_name : dev, NULL); } + + if (!dynamic_opened) + { + /* has named device existed before? if so, don't destroy at end */ + if (if_nametoindex( dev ) > 0) + { + msg(M_INFO, "TUN/TAP device %s exists previously, keep at program end", dev ); + tt->persistent_if = true; + } + + if ((tt->fd = open(tunname, O_RDWR)) < 0) + { + msg(M_ERR, "Cannot open TUN/TAP dev %s", tunname); + } + } + + set_nonblock(tt->fd); + set_cloexec(tt->fd); /* don't pass fd to scripts */ + msg(M_INFO, "TUN/TAP device %s opened", tunname); + + /* tt->actual_name is passed to up and down scripts and used as the ifconfig dev name */ + tt->actual_name = string_alloc(dynamic_opened ? dynamic_name : dev, NULL); + } #endif /* !_WIN32 && !TARGET_LINUX && !TARGET_FREEBSD*/ @@ -1984,12 +1967,6 @@ char dynamic_name[256]; bool dynamic_opened = false; - if (tt->type == DEV_TYPE_NULL) - { - open_null(tt); - return; - } - /* * unlike "open_tun_generic()", DCO on Linux and FreeBSD follows * the device naming model of "non-DCO linux", that is: @@ -2172,14 +2149,7 @@ { struct ifreq ifr; - /* - * We handle --dev null specially, we do not open /dev/null for this. - */ - if (tt->type == DEV_TYPE_NULL) - { - open_null(tt); - } - else if (tun_dco_enabled(tt)) + if (tun_dco_enabled(tt)) { open_tun_dco_generic(dev, dev_type, tt, ctx); } @@ -2404,12 +2374,6 @@ */ CLEAR(ifr); - if (tt->type == DEV_TYPE_NULL) - { - open_null(tt); - return; - } - if (tt->type == DEV_TYPE_TUN) { ip_node = "/dev/udp"; @@ -3488,12 +3452,6 @@ char dynamic_name[20]; const char *p; - if (tt->type == DEV_TYPE_NULL) - { - open_null(tt); - return; - } - if (tt->type == DEV_TYPE_TUN) { msg(M_FATAL, "no support for 'tun' devices on AIX" ); @@ -6835,12 +6793,7 @@ msg( M_INFO, "open_tun"); - if (tt->type == DEV_TYPE_NULL) - { - open_null(tt); - return; - } - else if (tt->type != DEV_TYPE_TAP && tt->type != DEV_TYPE_TUN) + if (tt->type != DEV_TYPE_TAP && tt->type != DEV_TYPE_TUN) { msg(M_FATAL|M_NOPREFIX, "Unknown virtual device type: '%s'", dev); } diff --git a/src/openvpn/tun.h b/src/openvpn/tun.h index a38aef0..b2c1b01 100644 --- a/src/openvpn/tun.h +++ b/src/openvpn/tun.h @@ -51,6 +51,7 @@ * This is always defined. We error out if a user tries to open this type * of backend on unsupported platforms. */ DRIVER_AFUNIX, + DRIVER_NULL, DRIVER_DCO, /** macOS internal tun driver */ DRIVER_UTUN @@ -784,4 +785,10 @@ { return tt && tt->type != DEV_TYPE_UNDEF; } + +static inline void +open_tun_null(struct tuntap *tt) +{ + tt->actual_name = string_alloc("null", NULL); +} #endif /* TUN_H */