From patchwork Wed Jul 23 06:07:41 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 4319 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:9111:b0:671:5a2c:6455 with SMTP id h17csp749662maf; Tue, 22 Jul 2025 23:08:01 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCV/rupHW7MROVvYhWZrqASqfmveZJiEOlQRTK6ieTgfqtIOFbpsQktca6DBbwnZbzcTHfy+8ff0dN4=@openvpn.net X-Google-Smtp-Source: AGHT+IGo5HSDuW0b2nNTW1oSywhcwHU7xDuxtCZGLjBF5pHRw7UC6PRjqtZohZe0ILGJklpthzUe X-Received: by 2002:a05:6870:d283:b0:2e4:c018:e5d7 with SMTP id 586e51a60fabf-306c6ec5b5emr1103967fac.3.1753250881069; Tue, 22 Jul 2025 23:08:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1753250881; cv=none; d=google.com; s=arc-20240605; b=CtasGP7ikaWR8WD9xb+0qZF4hna++XH2A8X4Q/80tTyoUoFTZM6hrkgr7rlEvRBlQ4 LiVgrI1NaZGXehIaTReo9fgcQlNIu+qkZXOZmwqqvGUZDMc1FKTrSYelhZPAXqM5nCTE pjodqHFTf23HQEXuUrn+05Tvmkw+xl0KtNPHMDZv4aUUTH8GhF5eorv8SlnFDj2EHfjy XoD+hitLuzgxq8Y+mcWHW6+KtwHavX9TMkVMSB71QseEOHIceCy2D+3gBnR8GXXJ7mql GV6sJaSZKa9OxQz0Ps2jdrf3PCAMQr6YGwmJHu3kqBtQyQmpZOsGyVk+ua+0e6DNjpDs x1Dg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=rCZCzgfEOWcEj+6dYxuvOo9xonvJmkejRFSu4Dljhc8=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=ZKBBxVtOakxY4vwxw48cDu/Kh+xZ034MFbK3qE7l4GphP2M3boOootmOt28RGtJJFR 5NkU0hCL8PRVRfBvRMMpgvdihzo5DLLOrIV99IlvdTjph1qgMgTqEDOBHndeAXppUeIr 95OqgqyA7Vqr7PaI6GAUdtgMX6b72/NIc/S0H7OVbrCXYTJ38YjHfy1fLHAvZRN3d96A PHANnNXOX6Bf3KR8H7TsDQZBIhQt+5UBffFCyK2XR9wQ6kYuTatc4KxTSx6P1wWD6PLn tyfUD2+JS/XCRuvy5YFpALRDXVcnvbJ8VojoNeVFesWZPoiEnV7s+9xk+nSUytuKV13c 0sUQ==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=QTkitjuu; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=frnDsZcj; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b="awO/Hz/H"; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 586e51a60fabf-30101bd7574si5896541fac.79.2025.07.22.23.08.00 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 22 Jul 2025 23:08:00 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=QTkitjuu; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=frnDsZcj; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b="awO/Hz/H"; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=rCZCzgfEOWcEj+6dYxuvOo9xonvJmkejRFSu4Dljhc8=; b=QTkitjuuO0D4povlsZdqyp/rt7 8+UKFGzjyglvitkeXxPZxompIFYA6lBgdieQpQeznGAWkH4vgNII0PX+0QeoZjw+pWJxs2SDnMwDV JgmqOLPriaCOx96q1u/xPIWfoMmqJTED1j8Qbut1OxcywgyceRlHNK6uhoEKqpChndWM=; Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1ueSdy-0006Qs-Jt; Wed, 23 Jul 2025 06:07:58 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1ueSdx-0006Qh-2s for openvpn-devel@lists.sourceforge.net; Wed, 23 Jul 2025 06:07:57 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=EzOfqdSnnS9EQAmNOwuZ//HR4Ful9GoxTCsgrBmdjWQ=; b=frnDsZcjSEIue2n7HCd4cZCfHM Fw21ENzDlZ7EaREqNqBQdKfIOd8o/DF9jsGhhSYOm+7NtRmHXCOZT6dHNDjNhz7I5rMIhigFtES4i bv8dG1MCS0kmh3BnUYwqkuQM5FgtGns0Od2r25detM6ItyXjAHnSNgd+IwyfPwFEmkjA=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=EzOfqdSnnS9EQAmNOwuZ//HR4Ful9GoxTCsgrBmdjWQ=; b=awO/Hz/HYOiUqhlM0g4pfXmqQl YKJLjmZnqwpkAVmtmXGRjF2/Io3hfKXi4OKDH+QANDxB41L1lPqI9p2vXyeFuvFRCaA8U5Cq51zdd 2LBsNGhu9qSdf+05Kc9/erGGSzQAda/BJECA1cuLLeUq/n9oIGUSwwzR3fjzmc4FXsRI=; Received: from [193.149.48.143] (helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1ueSdv-0006u5-DG for openvpn-devel@lists.sourceforge.net; Wed, 23 Jul 2025 06:07:56 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.17.1.9/8.17.1.9) with ESMTP id 56N67mP8019559 for ; Wed, 23 Jul 2025 08:07:48 +0200 Received: (from gert@localhost) by blue.greenie.muc.de (8.17.1.9/8.17.1.9/Submit) id 56N67mj0019557 for openvpn-devel@lists.sourceforge.net; Wed, 23 Jul 2025 08:07:48 +0200 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Wed, 23 Jul 2025 08:07:41 +0200 Message-ID: <20250723060747.19524-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.49.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: 1.3 (+) X-Spam-Report: Spam detection software, running on the system "sfi-spamd-1.hosts.colo.sdot.me", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Antonio Quartulli In preparation for the implementation of a generic netlink message parser, move all parsing functions above ovpn_handle_msg(). The latter is soon going to become a generic message parser which will invoke specific handlers, thus they are required to be defined earlier in the file. Content analysis details: (1.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS X-Headers-End: 1ueSdv-0006u5-DG Subject: [Openvpn-devel] [PATCH v2] dco_linux: rearrange functions X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1838416796014462332?= X-GMAIL-MSGID: =?utf-8?q?1838416796014462332?= From: Antonio Quartulli In preparation for the implementation of a generic netlink message parser, move all parsing functions above ovpn_handle_msg(). The latter is soon going to become a generic message parser which will invoke specific handlers, thus they are required to be defined earlier in the file. No functional change is intended. This patch is only meant to reduce entropy in the patch which will do the real netlink parser change. Better reviewed with: git show --color-moved Change-Id: I94004579aef4a1ccccdbcf8edd7b722e5a611c72 Signed-off-by: Antonio Quartulli Acked-by: Gert Doering --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1098 This mail reflects revision 2 of this Change. Acked-by according to Gerrit (reflected above): Gert Doering diff --git a/src/openvpn/dco_linux.c b/src/openvpn/dco_linux.c index 13506a1..ec6efaa 100644 --- a/src/openvpn/dco_linux.c +++ b/src/openvpn/dco_linux.c @@ -812,6 +812,150 @@ return false; } +/* libnl < 3.11.0 does not implement nla_get_uint() */ +static uint64_t +ovpn_nla_get_uint(struct nlattr *attr) +{ + if (nla_len(attr) == sizeof(uint32_t)) + { + return nla_get_u32(attr); + } + else + { + return nla_get_u64(attr); + } +} + +static void +dco_update_peer_stat(struct context_2 *c2, struct nlattr *tb[], uint32_t id) +{ + if (tb[OVPN_A_PEER_LINK_RX_BYTES]) + { + c2->dco_read_bytes = ovpn_nla_get_uint(tb[OVPN_A_PEER_LINK_RX_BYTES]); + msg(D_DCO_DEBUG, "%s / dco_read_bytes: " counter_format, __func__, + c2->dco_read_bytes); + } + else + { + msg(M_WARN, "%s: no link RX bytes provided in reply for peer %u", + __func__, id); + } + + if (tb[OVPN_A_PEER_LINK_TX_BYTES]) + { + c2->dco_write_bytes = ovpn_nla_get_uint(tb[OVPN_A_PEER_LINK_TX_BYTES]); + msg(D_DCO_DEBUG, "%s / dco_write_bytes: " counter_format, __func__, + c2->dco_write_bytes); + } + else + { + msg(M_WARN, "%s: no link TX bytes provided in reply for peer %u", + __func__, id); + } + + if (tb[OVPN_A_PEER_VPN_RX_BYTES]) + { + c2->tun_read_bytes = ovpn_nla_get_uint(tb[OVPN_A_PEER_VPN_RX_BYTES]); + msg(D_DCO_DEBUG, "%s / tun_read_bytes: " counter_format, __func__, + c2->tun_read_bytes); + } + else + { + msg(M_WARN, "%s: no VPN RX bytes provided in reply for peer %u", + __func__, id); + } + + if (tb[OVPN_A_PEER_VPN_TX_BYTES]) + { + c2->tun_write_bytes = ovpn_nla_get_uint(tb[OVPN_A_PEER_VPN_TX_BYTES]); + msg(D_DCO_DEBUG, "%s / tun_write_bytes: " counter_format, __func__, + c2->tun_write_bytes); + } + else + { + msg(M_WARN, "%s: no VPN TX bytes provided in reply for peer %u", + __func__, id); + } +} + +static int +dco_parse_peer_multi(struct nl_msg *msg, void *arg) +{ + struct nlattr *tb[OVPN_A_MAX + 1]; + struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); + + msg(D_DCO_DEBUG, "%s: parsing message...", __func__); + + nla_parse(tb, OVPN_A_MAX, genlmsg_attrdata(gnlh, 0), + genlmsg_attrlen(gnlh, 0), NULL); + + if (!tb[OVPN_A_PEER]) + { + return NL_SKIP; + } + + struct nlattr *tb_peer[OVPN_A_PEER_MAX + 1]; + nla_parse_nested(tb_peer, OVPN_A_PEER_MAX, tb[OVPN_A_PEER], NULL); + + if (!tb_peer[OVPN_A_PEER_ID]) + { + msg(M_WARN, "%s: no peer-id provided in reply", __func__); + return NL_SKIP; + } + + struct multi_context *m = arg; + uint32_t peer_id = nla_get_u32(tb_peer[OVPN_A_PEER_ID]); + + if (peer_id >= m->max_clients || !m->instances[peer_id]) + { + msg(M_WARN, "%s: cannot store DCO stats for peer %u", __func__, + peer_id); + return NL_SKIP; + } + + dco_update_peer_stat(&m->instances[peer_id]->context.c2, tb_peer, peer_id); + + return NL_OK; +} + +static int +dco_parse_peer(struct nl_msg *msg, void *arg) +{ + struct context *c = arg; + struct nlattr *tb[OVPN_A_MAX + 1]; + struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); + + msg(D_DCO_DEBUG, "%s: parsing message...", __func__); + + nla_parse(tb, OVPN_A_MAX, genlmsg_attrdata(gnlh, 0), + genlmsg_attrlen(gnlh, 0), NULL); + + if (!tb[OVPN_A_PEER]) + { + msg(D_DCO_DEBUG, "%s: malformed reply", __func__); + return NL_SKIP; + } + + struct nlattr *tb_peer[OVPN_A_PEER_MAX + 1]; + nla_parse_nested(tb_peer, OVPN_A_PEER_MAX, tb[OVPN_A_PEER], NULL); + + if (!tb_peer[OVPN_A_PEER_ID]) + { + msg(M_WARN, "%s: no peer-id provided in reply", __func__); + return NL_SKIP; + } + + uint32_t peer_id = nla_get_u32(tb_peer[OVPN_A_PEER_ID]); + if (c->c2.tls_multi->dco_peer_id != peer_id) + { + return NL_SKIP; + } + + dco_update_peer_stat(&c->c2, tb_peer, peer_id); + + return NL_OK; +} + /* This function parses any netlink message sent by ovpn-dco to userspace */ static int ovpn_handle_msg(struct nl_msg *msg, void *arg) @@ -994,112 +1138,6 @@ return ovpn_nl_recvmsgs(dco, __func__); } -/* libnl < 3.11.0 does not implement nla_get_uint() */ -static uint64_t -ovpn_nla_get_uint(struct nlattr *attr) -{ - if (nla_len(attr) == sizeof(uint32_t)) - { - return nla_get_u32(attr); - } - else - { - return nla_get_u64(attr); - } -} - -static void -dco_update_peer_stat(struct context_2 *c2, struct nlattr *tb[], uint32_t id) -{ - if (tb[OVPN_A_PEER_LINK_RX_BYTES]) - { - c2->dco_read_bytes = ovpn_nla_get_uint(tb[OVPN_A_PEER_LINK_RX_BYTES]); - msg(D_DCO_DEBUG, "%s / dco_read_bytes: " counter_format, __func__, - c2->dco_read_bytes); - } - else - { - msg(M_WARN, "%s: no link RX bytes provided in reply for peer %u", - __func__, id); - } - - if (tb[OVPN_A_PEER_LINK_TX_BYTES]) - { - c2->dco_write_bytes = ovpn_nla_get_uint(tb[OVPN_A_PEER_LINK_TX_BYTES]); - msg(D_DCO_DEBUG, "%s / dco_write_bytes: " counter_format, __func__, - c2->dco_write_bytes); - } - else - { - msg(M_WARN, "%s: no link TX bytes provided in reply for peer %u", - __func__, id); - } - - if (tb[OVPN_A_PEER_VPN_RX_BYTES]) - { - c2->tun_read_bytes = ovpn_nla_get_uint(tb[OVPN_A_PEER_VPN_RX_BYTES]); - msg(D_DCO_DEBUG, "%s / tun_read_bytes: " counter_format, __func__, - c2->tun_read_bytes); - } - else - { - msg(M_WARN, "%s: no VPN RX bytes provided in reply for peer %u", - __func__, id); - } - - if (tb[OVPN_A_PEER_VPN_TX_BYTES]) - { - c2->tun_write_bytes = ovpn_nla_get_uint(tb[OVPN_A_PEER_VPN_TX_BYTES]); - msg(D_DCO_DEBUG, "%s / tun_write_bytes: " counter_format, __func__, - c2->tun_write_bytes); - } - else - { - msg(M_WARN, "%s: no VPN TX bytes provided in reply for peer %u", - __func__, id); - } -} - -int -dco_parse_peer_multi(struct nl_msg *msg, void *arg) -{ - struct nlattr *tb[OVPN_A_MAX + 1]; - struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); - - msg(D_DCO_DEBUG, "%s: parsing message...", __func__); - - nla_parse(tb, OVPN_A_MAX, genlmsg_attrdata(gnlh, 0), - genlmsg_attrlen(gnlh, 0), NULL); - - if (!tb[OVPN_A_PEER]) - { - return NL_SKIP; - } - - struct nlattr *tb_peer[OVPN_A_PEER_MAX + 1]; - nla_parse_nested(tb_peer, OVPN_A_PEER_MAX, tb[OVPN_A_PEER], NULL); - - if (!tb_peer[OVPN_A_PEER_ID]) - { - msg(M_WARN, "%s: no peer-id provided in reply", __func__); - return NL_SKIP; - } - - struct multi_context *m = arg; - uint32_t peer_id = nla_get_u32(tb_peer[OVPN_A_PEER_ID]); - - if (peer_id >= m->max_clients || !m->instances[peer_id]) - { - msg(M_WARN, "%s: cannot store DCO stats for peer %u", __func__, - peer_id); - return NL_SKIP; - } - - dco_update_peer_stat(&m->instances[peer_id]->context.c2, tb_peer, peer_id); - - return NL_OK; -} - int dco_get_peer_stats_multi(dco_context_t *dco, struct multi_context *m, const bool raise_sigusr1_on_err) @@ -1124,44 +1162,6 @@ return ret; } -static int -dco_parse_peer(struct nl_msg *msg, void *arg) -{ - struct context *c = arg; - struct nlattr *tb[OVPN_A_MAX + 1]; - struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); - - msg(D_DCO_DEBUG, "%s: parsing message...", __func__); - - nla_parse(tb, OVPN_A_MAX, genlmsg_attrdata(gnlh, 0), - genlmsg_attrlen(gnlh, 0), NULL); - - if (!tb[OVPN_A_PEER]) - { - msg(D_DCO_DEBUG, "%s: malformed reply", __func__); - return NL_SKIP; - } - - struct nlattr *tb_peer[OVPN_A_PEER_MAX + 1]; - nla_parse_nested(tb_peer, OVPN_A_PEER_MAX, tb[OVPN_A_PEER], NULL); - - if (!tb_peer[OVPN_A_PEER_ID]) - { - msg(M_WARN, "%s: no peer-id provided in reply", __func__); - return NL_SKIP; - } - - uint32_t peer_id = nla_get_u32(tb_peer[OVPN_A_PEER_ID]); - if (c->c2.tls_multi->dco_peer_id != peer_id) - { - return NL_SKIP; - } - - dco_update_peer_stat(&c->c2, tb_peer, peer_id); - - return NL_OK; -} - int dco_get_peer_stats(struct context *c, const bool raise_sigusr1_on_err) {