Menu
▾
▴
openvpn-devel — OpenVPN developers list
You can subscribe to this list here.
| 2002 |
Jan
|
Feb
|
Mar
|
Apr
(24) |
May
(14) |
Jun
(29) |
Jul
(33) |
Aug
(3) |
Sep
(8) |
Oct
(18) |
Nov
(1) |
Dec
(10) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2003 |
Jan
(3) |
Feb
(33) |
Mar
(7) |
Apr
(28) |
May
(30) |
Jun
(5) |
Jul
(10) |
Aug
(7) |
Sep
(32) |
Oct
(41) |
Nov
(20) |
Dec
(10) |
| 2004 |
Jan
(24) |
Feb
(18) |
Mar
(57) |
Apr
(40) |
May
(55) |
Jun
(48) |
Jul
(77) |
Aug
(15) |
Sep
(56) |
Oct
(80) |
Nov
(74) |
Dec
(52) |
| 2005 |
Jan
(38) |
Feb
(42) |
Mar
(39) |
Apr
(56) |
May
(79) |
Jun
(73) |
Jul
(16) |
Aug
(23) |
Sep
(68) |
Oct
(77) |
Nov
(52) |
Dec
(27) |
| 2006 |
Jan
(27) |
Feb
(18) |
Mar
(51) |
Apr
(62) |
May
(28) |
Jun
(50) |
Jul
(36) |
Aug
(33) |
Sep
(47) |
Oct
(50) |
Nov
(77) |
Dec
(13) |
| 2007 |
Jan
(15) |
Feb
(8) |
Mar
(14) |
Apr
(18) |
May
(25) |
Jun
(16) |
Jul
(16) |
Aug
(19) |
Sep
(32) |
Oct
(17) |
Nov
(5) |
Dec
(5) |
| 2008 |
Jan
(64) |
Feb
(25) |
Mar
(25) |
Apr
(6) |
May
(28) |
Jun
(20) |
Jul
(10) |
Aug
(27) |
Sep
(28) |
Oct
(59) |
Nov
(37) |
Dec
(43) |
| 2009 |
Jan
(40) |
Feb
(25) |
Mar
(12) |
Apr
(57) |
May
(46) |
Jun
(29) |
Jul
(39) |
Aug
(10) |
Sep
(20) |
Oct
(42) |
Nov
(50) |
Dec
(57) |
| 2010 |
Jan
(82) |
Feb
(165) |
Mar
(256) |
Apr
(260) |
May
(36) |
Jun
(87) |
Jul
(53) |
Aug
(89) |
Sep
(107) |
Oct
(51) |
Nov
(88) |
Dec
(117) |
| 2011 |
Jan
(69) |
Feb
(60) |
Mar
(113) |
Apr
(71) |
May
(67) |
Jun
(90) |
Jul
(88) |
Aug
(90) |
Sep
(48) |
Oct
(64) |
Nov
(69) |
Dec
(118) |
| 2012 |
Jan
(49) |
Feb
(528) |
Mar
(351) |
Apr
(190) |
May
(238) |
Jun
(193) |
Jul
(104) |
Aug
(100) |
Sep
(57) |
Oct
(41) |
Nov
(47) |
Dec
(51) |
| 2013 |
Jan
(94) |
Feb
(57) |
Mar
(96) |
Apr
(105) |
May
(77) |
Jun
(102) |
Jul
(27) |
Aug
(81) |
Sep
(32) |
Oct
(53) |
Nov
(127) |
Dec
(65) |
| 2014 |
Jan
(113) |
Feb
(59) |
Mar
(104) |
Apr
(259) |
May
(70) |
Jun
(70) |
Jul
(146) |
Aug
(45) |
Sep
(58) |
Oct
(149) |
Nov
(77) |
Dec
(83) |
| 2015 |
Jan
(53) |
Feb
(66) |
Mar
(86) |
Apr
(50) |
May
(135) |
Jun
(76) |
Jul
(151) |
Aug
(83) |
Sep
(97) |
Oct
(262) |
Nov
(245) |
Dec
(231) |
| 2016 |
Jan
(131) |
Feb
(233) |
Mar
(97) |
Apr
(138) |
May
(221) |
Jun
(254) |
Jul
(92) |
Aug
(248) |
Sep
(168) |
Oct
(275) |
Nov
(477) |
Dec
(445) |
| 2017 |
Jan
(218) |
Feb
(217) |
Mar
(146) |
Apr
(172) |
May
(216) |
Jun
(252) |
Jul
(164) |
Aug
(192) |
Sep
(190) |
Oct
(143) |
Nov
(255) |
Dec
(182) |
| 2018 |
Jan
(295) |
Feb
(164) |
Mar
(113) |
Apr
(147) |
May
(64) |
Jun
(262) |
Jul
(184) |
Aug
(90) |
Sep
(69) |
Oct
(364) |
Nov
(102) |
Dec
(101) |
| 2019 |
Jan
(119) |
Feb
(64) |
Mar
(64) |
Apr
(102) |
May
(57) |
Jun
(154) |
Jul
(84) |
Aug
(81) |
Sep
(76) |
Oct
(102) |
Nov
(233) |
Dec
(89) |
| 2020 |
Jan
(38) |
Feb
(170) |
Mar
(155) |
Apr
(172) |
May
(120) |
Jun
(223) |
Jul
(461) |
Aug
(227) |
Sep
(268) |
Oct
(113) |
Nov
(56) |
Dec
(124) |
| 2021 |
Jan
(121) |
Feb
(48) |
Mar
(334) |
Apr
(345) |
May
(207) |
Jun
(136) |
Jul
(71) |
Aug
(112) |
Sep
(122) |
Oct
(173) |
Nov
(184) |
Dec
(223) |
| 2022 |
Jan
(197) |
Feb
(206) |
Mar
(156) |
Apr
(212) |
May
(192) |
Jun
(170) |
Jul
(143) |
Aug
(380) |
Sep
(182) |
Oct
(148) |
Nov
(128) |
Dec
(269) |
| 2023 |
Jan
(248) |
Feb
(196) |
Mar
(264) |
Apr
(36) |
May
(123) |
Jun
(66) |
Jul
(120) |
Aug
(48) |
Sep
(157) |
Oct
(198) |
Nov
(300) |
Dec
(273) |
| 2024 |
Jan
(271) |
Feb
(147) |
Mar
(207) |
Apr
(78) |
May
(107) |
Jun
(168) |
Jul
(151) |
Aug
(51) |
Sep
(438) |
Oct
(221) |
Nov
(302) |
Dec
(357) |
| 2025 |
Jan
(451) |
Feb
(219) |
Mar
(326) |
Apr
(232) |
May
(306) |
Jun
(181) |
Jul
(452) |
Aug
(166) |
Sep
|
Oct
|
Nov
|
Dec
|
|
From: cron2 (C. Review) <ge...@op...> - 2025-07-28 10:35:56
|
Hello flichtenheld, ordex, plaisthos,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/1117?usp=email
to look at the new patch set (#4).
The following approvals got outdated and were removed:
Code-Review+2 by ordex
Change subject: mudp.c, multi.c, multi_io.c: get rid of 'all three DCO platforms' #ifdefs
......................................................................
mudp.c, multi.c, multi_io.c: get rid of 'all three DCO platforms' #ifdefs
With commit b66b80b2a all three platforms with DCO support have DCO float
notifications now, so the #ifdef inside multi_process_incoming_dco() is
no longer needed.
Also, the whole notification block (process_incoming_del_peer() and
multi_process_incoming_dco()) was surrounded by an
#ifdef ENABLE_DCO "and all 3 platforms"
which is also not making sense anymore (if we add a fourth DCO platform,
we need to aim for having "all notifications from day 1", at least having
the stubs and defines).
Last not least, the event stuff in mudp.c and multi_io.c had grown the
same construct - and we'll need events for any future DCO platform, too.
So, fix those #ifdef as well, while at it.
Change-Id: I6977d23b5289eba5db436608e0500216e0e689ec
Signed-off-by: Gert Doering <ge...@gr...>
Acked-by: Antonio Quartulli <an...@ma...>
Message-Id: <202...@gr...>
URL: https://www.mail-archive.com/ope...@li.../msg32377.html
Signed-off-by: Gert Doering <ge...@gr...>
---
M src/openvpn/mudp.c
M src/openvpn/multi.c
M src/openvpn/multi_io.c
3 files changed, 5 insertions(+), 11 deletions(-)
git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/17/1117/4
diff --git a/src/openvpn/mudp.c b/src/openvpn/mudp.c
index ee8446a..118c954 100644
--- a/src/openvpn/mudp.c
+++ b/src/openvpn/mudp.c
@@ -412,8 +412,7 @@
multi_process_file_closed(m, mpp_flags);
}
#endif
-#if defined(ENABLE_DCO) \
- && (defined(TARGET_LINUX) || defined(TARGET_FREEBSD) || defined(TARGET_WIN32))
+#if defined(ENABLE_DCO)
else if (status & DCO_READ)
{
if (!IS_SIG(&m->top))
diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c
index 49f5320..b2d2b6c 100644
--- a/src/openvpn/multi.c
+++ b/src/openvpn/multi.c
@@ -3337,8 +3337,7 @@
}
#endif
-#if defined(ENABLE_DCO) \
- && (defined(TARGET_LINUX) || defined(TARGET_FREEBSD) || defined(TARGET_WIN32))
+#if defined(ENABLE_DCO)
static void
process_incoming_del_peer(struct multi_context *m, struct multi_instance *mi,
dco_context_t *dco)
@@ -3409,7 +3408,6 @@
{
process_incoming_del_peer(m, mi, dco);
}
-#if defined(TARGET_LINUX) || defined(TARGET_WIN32) || defined(TARGET_FREEBSD)
else if (dco->dco_message_type == OVPN_CMD_FLOAT_PEER)
{
ASSERT(mi->context.c2.link_sockets[0]);
@@ -3419,7 +3417,6 @@
multi_process_float(m, mi, mi->context.c2.link_sockets[0]);
CLEAR(dco->dco_float_peer_ss);
}
-#endif /* if defined(TARGET_LINUX) || defined(TARGET_WIN32) */
else if (dco->dco_message_type == OVPN_CMD_SWAP_KEYS)
{
tls_session_soft_reset(mi->context.c2.tls_multi);
@@ -3452,7 +3449,7 @@
dco->dco_write_bytes = 0;
return ret > 0;
}
-#endif /* if defined(ENABLE_DCO) && defined(TARGET_LINUX) */
+#endif /* if defined(ENABLE_DCO) */
/*
* Process packets in the TCP/UDP socket -> TUN/TAP interface direction,
diff --git a/src/openvpn/multi_io.c b/src/openvpn/multi_io.c
index 4854f4b..102ee2f 100644
--- a/src/openvpn/multi_io.c
+++ b/src/openvpn/multi_io.c
@@ -191,8 +191,7 @@
}
tun_set(m->top.c1.tuntap, m->multi_io->es, EVENT_READ, MULTI_IO_TUN, persistent);
-#if defined(ENABLE_DCO) \
- && (defined(TARGET_LINUX) || defined(TARGET_FREEBSD) || defined(TARGET_WIN32))
+#if defined(ENABLE_DCO)
dco_event_set(&m->top.c1.tuntap->dco, m->multi_io->es, MULTI_IO_DCO);
#endif
@@ -526,8 +525,7 @@
multi_io_action(m, mi, TA_INITIAL, false);
}
}
-#if defined(ENABLE_DCO) \
- && (defined(TARGET_LINUX) || defined(TARGET_FREEBSD) || defined(TARGET_WIN32))
+#if defined(ENABLE_DCO)
/* incoming data on DCO? */
else if (e->arg == MULTI_IO_DCO)
{
--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/1117?usp=email
To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: I6977d23b5289eba5db436608e0500216e0e689ec
Gerrit-Change-Number: 1117
Gerrit-PatchSet: 4
Gerrit-Owner: cron2 <ge...@gr...>
Gerrit-Reviewer: flichtenheld <fr...@li...>
Gerrit-Reviewer: ordex <an...@ma...>
Gerrit-Reviewer: plaisthos <arn...@rf...>
Gerrit-CC: openvpn-devel <ope...@li...>
Gerrit-MessageType: newpatchset
|
|
From: cron2 (C. Review) <ge...@op...> - 2025-07-28 10:35:55
|
cron2 has submitted this change. ( http://gerrit.openvpn.net/c/openvpn/+/1117?usp=email ) Change subject: mudp.c, multi.c, multi_io.c: get rid of 'all three DCO platforms' #ifdefs ...................................................................... mudp.c, multi.c, multi_io.c: get rid of 'all three DCO platforms' #ifdefs With commit b66b80b2a all three platforms with DCO support have DCO float notifications now, so the #ifdef inside multi_process_incoming_dco() is no longer needed. Also, the whole notification block (process_incoming_del_peer() and multi_process_incoming_dco()) was surrounded by an #ifdef ENABLE_DCO "and all 3 platforms" which is also not making sense anymore (if we add a fourth DCO platform, we need to aim for having "all notifications from day 1", at least having the stubs and defines). Last not least, the event stuff in mudp.c and multi_io.c had grown the same construct - and we'll need events for any future DCO platform, too. So, fix those #ifdef as well, while at it. Change-Id: I6977d23b5289eba5db436608e0500216e0e689ec Signed-off-by: Gert Doering <ge...@gr...> Acked-by: Antonio Quartulli <an...@ma...> Message-Id: <202...@gr...> URL: https://www.mail-archive.com/ope...@li.../msg32377.html Signed-off-by: Gert Doering <ge...@gr...> --- M src/openvpn/mudp.c M src/openvpn/multi.c M src/openvpn/multi_io.c 3 files changed, 5 insertions(+), 11 deletions(-) diff --git a/src/openvpn/mudp.c b/src/openvpn/mudp.c index ee8446a..118c954 100644 --- a/src/openvpn/mudp.c +++ b/src/openvpn/mudp.c @@ -412,8 +412,7 @@ multi_process_file_closed(m, mpp_flags); } #endif -#if defined(ENABLE_DCO) \ - && (defined(TARGET_LINUX) || defined(TARGET_FREEBSD) || defined(TARGET_WIN32)) +#if defined(ENABLE_DCO) else if (status & DCO_READ) { if (!IS_SIG(&m->top)) diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index 49f5320..b2d2b6c 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -3337,8 +3337,7 @@ } #endif -#if defined(ENABLE_DCO) \ - && (defined(TARGET_LINUX) || defined(TARGET_FREEBSD) || defined(TARGET_WIN32)) +#if defined(ENABLE_DCO) static void process_incoming_del_peer(struct multi_context *m, struct multi_instance *mi, dco_context_t *dco) @@ -3409,7 +3408,6 @@ { process_incoming_del_peer(m, mi, dco); } -#if defined(TARGET_LINUX) || defined(TARGET_WIN32) || defined(TARGET_FREEBSD) else if (dco->dco_message_type == OVPN_CMD_FLOAT_PEER) { ASSERT(mi->context.c2.link_sockets[0]); @@ -3419,7 +3417,6 @@ multi_process_float(m, mi, mi->context.c2.link_sockets[0]); CLEAR(dco->dco_float_peer_ss); } -#endif /* if defined(TARGET_LINUX) || defined(TARGET_WIN32) */ else if (dco->dco_message_type == OVPN_CMD_SWAP_KEYS) { tls_session_soft_reset(mi->context.c2.tls_multi); @@ -3452,7 +3449,7 @@ dco->dco_write_bytes = 0; return ret > 0; } -#endif /* if defined(ENABLE_DCO) && defined(TARGET_LINUX) */ +#endif /* if defined(ENABLE_DCO) */ /* * Process packets in the TCP/UDP socket -> TUN/TAP interface direction, diff --git a/src/openvpn/multi_io.c b/src/openvpn/multi_io.c index 4854f4b..102ee2f 100644 --- a/src/openvpn/multi_io.c +++ b/src/openvpn/multi_io.c @@ -191,8 +191,7 @@ } tun_set(m->top.c1.tuntap, m->multi_io->es, EVENT_READ, MULTI_IO_TUN, persistent); -#if defined(ENABLE_DCO) \ - && (defined(TARGET_LINUX) || defined(TARGET_FREEBSD) || defined(TARGET_WIN32)) +#if defined(ENABLE_DCO) dco_event_set(&m->top.c1.tuntap->dco, m->multi_io->es, MULTI_IO_DCO); #endif @@ -526,8 +525,7 @@ multi_io_action(m, mi, TA_INITIAL, false); } } -#if defined(ENABLE_DCO) \ - && (defined(TARGET_LINUX) || defined(TARGET_FREEBSD) || defined(TARGET_WIN32)) +#if defined(ENABLE_DCO) /* incoming data on DCO? */ else if (e->arg == MULTI_IO_DCO) { -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1117?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I6977d23b5289eba5db436608e0500216e0e689ec Gerrit-Change-Number: 1117 Gerrit-PatchSet: 4 Gerrit-Owner: cron2 <ge...@gr...> Gerrit-Reviewer: flichtenheld <fr...@li...> Gerrit-Reviewer: ordex <an...@ma...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-MessageType: merged |
|
From: Gert D. <ge...@gr...> - 2025-07-28 10:35:54
|
Just for reference: we saw quite a few build errors in BB, but these are
due to "fedora 42 on arm 64" (only!) being different about <stdint.h>,
which is addressed in gerrit #1118. Unrelated to any recent patch.
Patch has been applied to the master branch.
commit 6d0e38370b62488374a09336652ab415776955fc
Author: Gert Doering
Date: Mon Jul 28 10:42:49 2025 +0200
mudp.c, multi.c, multi_io.c: get rid of 'all three DCO platforms' #ifdefs
Signed-off-by: Gert Doering <ge...@gr...>
Acked-by: Antonio Quartulli <an...@ma...>
Message-Id: <202...@gr...>
URL: https://www.mail-archive.com/ope...@li.../msg32377.html
Signed-off-by: Gert Doering <ge...@gr...>
--
kind regards,
Gert Doering
|
|
From: cron2 (C. Review) <ge...@op...> - 2025-07-28 10:08:35
|
Attention is currently required from: flichtenheld, plaisthos.
Hello plaisthos, flichtenheld,
I'd like you to do a code review.
Please visit
http://gerrit.openvpn.net/c/openvpn/+/1118?usp=email
to review the following change.
Change subject: unit_tests/plugins/auth-pam: fix stdint.h related build error on fedora 42
......................................................................
unit_tests/plugins/auth-pam: fix stdint.h related build error on fedora 42
add <stdint.h> to test_search_and_replace.c to fix build error on
fedora 42 / arm64 ("error: uintptr_t undeclared")
Change-Id: I2ab13767b5aa858e024b45be3d161bf6090de763
Signed-off-by: Gert Doering <ge...@gr...>
---
M tests/unit_tests/plugins/auth-pam/test_search_and_replace.c
1 file changed, 1 insertion(+), 0 deletions(-)
git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/18/1118/1
diff --git a/tests/unit_tests/plugins/auth-pam/test_search_and_replace.c b/tests/unit_tests/plugins/auth-pam/test_search_and_replace.c
index d40467f..50b241d 100644
--- a/tests/unit_tests/plugins/auth-pam/test_search_and_replace.c
+++ b/tests/unit_tests/plugins/auth-pam/test_search_and_replace.c
@@ -2,6 +2,7 @@
#include <unistd.h>
#include <stdlib.h>
#include <stdarg.h>
+#include <stdint.h>
#include <string.h>
#include <setjmp.h>
#include <cmocka.h>
--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/1118?usp=email
To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: I2ab13767b5aa858e024b45be3d161bf6090de763
Gerrit-Change-Number: 1118
Gerrit-PatchSet: 1
Gerrit-Owner: cron2 <ge...@gr...>
Gerrit-Reviewer: flichtenheld <fr...@li...>
Gerrit-Reviewer: plaisthos <arn...@rf...>
Gerrit-CC: openvpn-devel <ope...@li...>
Gerrit-Attention: plaisthos <arn...@rf...>
Gerrit-Attention: flichtenheld <fr...@li...>
Gerrit-MessageType: newchange
|
|
From: flichtenheld (C. Review) <ge...@op...> - 2025-07-28 10:04:23
|
Attention is currently required from: plaisthos. flichtenheld has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/1113?usp=email ) Change subject: management: resync timer on bytecount interval change ...................................................................... Patch Set 2: -Code-Review -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1113?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ic0035d52e0ea123398318870d2f4d21af927a602 Gerrit-Change-Number: 1113 Gerrit-PatchSet: 2 Gerrit-Owner: ralf_lici <ra...@ma...> Gerrit-Reviewer: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-Attention: plaisthos <arn...@rf...> Gerrit-Comment-Date: Mon, 28 Jul 2025 10:04:10 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment |
|
From: Gert D. <ge...@gr...> - 2025-07-28 08:43:04
|
With commit b66b80b2a all three platforms with DCO support have DCO float notifications now, so the #ifdef inside multi_process_incoming_dco() is no longer needed. Also, the whole notification block (process_incoming_del_peer() and multi_process_incoming_dco()) was surrounded by an #ifdef ENABLE_DCO "and all 3 platforms" which is also not making sense anymore (if we add a fourth DCO platform, we need to aim for having "all notifications from day 1", at least having the stubs and defines). Last not least, the event stuff in mudp.c and multi_io.c had grown the same construct - and we'll need events for any future DCO platform, too. So, fix those #ifdef as well, while at it. Change-Id: I6977d23b5289eba5db436608e0500216e0e689ec Signed-off-by: Gert Doering <ge...@gr...> Acked-by: Antonio Quartulli <an...@ma...> --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1117 This mail reflects revision 3 of this Change. Acked-by according to Gerrit (reflected above): Antonio Quartulli <an...@ma...> diff --git a/src/openvpn/mudp.c b/src/openvpn/mudp.c index ee8446a..118c954 100644 --- a/src/openvpn/mudp.c +++ b/src/openvpn/mudp.c @@ -412,8 +412,7 @@ multi_process_file_closed(m, mpp_flags); } #endif -#if defined(ENABLE_DCO) \ - && (defined(TARGET_LINUX) || defined(TARGET_FREEBSD) || defined(TARGET_WIN32)) +#if defined(ENABLE_DCO) else if (status & DCO_READ) { if (!IS_SIG(&m->top)) diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index 49f5320..b2d2b6c 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -3337,8 +3337,7 @@ } #endif -#if defined(ENABLE_DCO) \ - && (defined(TARGET_LINUX) || defined(TARGET_FREEBSD) || defined(TARGET_WIN32)) +#if defined(ENABLE_DCO) static void process_incoming_del_peer(struct multi_context *m, struct multi_instance *mi, dco_context_t *dco) @@ -3409,7 +3408,6 @@ { process_incoming_del_peer(m, mi, dco); } -#if defined(TARGET_LINUX) || defined(TARGET_WIN32) || defined(TARGET_FREEBSD) else if (dco->dco_message_type == OVPN_CMD_FLOAT_PEER) { ASSERT(mi->context.c2.link_sockets[0]); @@ -3419,7 +3417,6 @@ multi_process_float(m, mi, mi->context.c2.link_sockets[0]); CLEAR(dco->dco_float_peer_ss); } -#endif /* if defined(TARGET_LINUX) || defined(TARGET_WIN32) */ else if (dco->dco_message_type == OVPN_CMD_SWAP_KEYS) { tls_session_soft_reset(mi->context.c2.tls_multi); @@ -3452,7 +3449,7 @@ dco->dco_write_bytes = 0; return ret > 0; } -#endif /* if defined(ENABLE_DCO) && defined(TARGET_LINUX) */ +#endif /* if defined(ENABLE_DCO) */ /* * Process packets in the TCP/UDP socket -> TUN/TAP interface direction, diff --git a/src/openvpn/multi_io.c b/src/openvpn/multi_io.c index 4854f4b..102ee2f 100644 --- a/src/openvpn/multi_io.c +++ b/src/openvpn/multi_io.c @@ -191,8 +191,7 @@ } tun_set(m->top.c1.tuntap, m->multi_io->es, EVENT_READ, MULTI_IO_TUN, persistent); -#if defined(ENABLE_DCO) \ - && (defined(TARGET_LINUX) || defined(TARGET_FREEBSD) || defined(TARGET_WIN32)) +#if defined(ENABLE_DCO) dco_event_set(&m->top.c1.tuntap->dco, m->multi_io->es, MULTI_IO_DCO); #endif @@ -526,8 +525,7 @@ multi_io_action(m, mi, TA_INITIAL, false); } } -#if defined(ENABLE_DCO) \ - && (defined(TARGET_LINUX) || defined(TARGET_FREEBSD) || defined(TARGET_WIN32)) +#if defined(ENABLE_DCO) /* incoming data on DCO? */ else if (e->arg == MULTI_IO_DCO) { |
|
From: ordex (C. Review) <ge...@op...> - 2025-07-28 08:38:27
|
Attention is currently required from: cron2, flichtenheld, plaisthos. ordex has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/1117?usp=email ) Change subject: mudp.c, multi.c, multi_io.c: get rid of "all three DCO platforms" #ifdefs ...................................................................... Patch Set 3: Code-Review+2 (1 comment) Patchset: PS3: it makes sense! thanks for cleaning this up. I started at the code and compiled tested it. Now this opens up more clean up options....i.e. moving the ugly defined(ENABLE_DCO) checks somewhere else. but that's for another day. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1117?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I6977d23b5289eba5db436608e0500216e0e689ec Gerrit-Change-Number: 1117 Gerrit-PatchSet: 3 Gerrit-Owner: cron2 <ge...@gr...> Gerrit-Reviewer: flichtenheld <fr...@li...> Gerrit-Reviewer: ordex <an...@ma...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-Attention: plaisthos <arn...@rf...> Gerrit-Attention: cron2 <ge...@gr...> Gerrit-Attention: flichtenheld <fr...@li...> Gerrit-Comment-Date: Mon, 28 Jul 2025 08:38:18 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes Gerrit-MessageType: comment |
|
From: cron2 (C. Review) <ge...@op...> - 2025-07-28 08:25:43
|
Attention is currently required from: flichtenheld, plaisthos.
Hello flichtenheld, plaisthos,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/1117?usp=email
to look at the new patch set (#3).
Change subject: mudp.c, multi.c, multi_io.c: get rid of "all three DCO platforms" #ifdefs
......................................................................
mudp.c, multi.c, multi_io.c: get rid of "all three DCO platforms" #ifdefs
With commit b66b80b2a all three platforms with DCO support have DCO float
notifications now, so the #ifdef inside multi_process_incoming_dco() is
no longer needed.
Also, the whole notification block (process_incoming_del_peer() and
multi_process_incoming_dco()) was surrounded by an
#ifdef ENABLE_DCO "and all 3 platforms"
which is also not making sense anymore (if we add a fourth DCO platform,
we need to aim for having "all notifications from day 1", at least having
the stubs and defines).
Last not least, the event stuff in mudp.c and multi_io.c had grown the
same construct - and we'll need events for any future DCO platform, too.
So, fix those #ifdef as well, while at it.
Change-Id: I6977d23b5289eba5db436608e0500216e0e689ec
Signed-off-by: Gert Doering <ge...@gr...>
---
M src/openvpn/mudp.c
M src/openvpn/multi.c
M src/openvpn/multi_io.c
3 files changed, 5 insertions(+), 11 deletions(-)
git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/17/1117/3
diff --git a/src/openvpn/mudp.c b/src/openvpn/mudp.c
index ee8446a..118c954 100644
--- a/src/openvpn/mudp.c
+++ b/src/openvpn/mudp.c
@@ -412,8 +412,7 @@
multi_process_file_closed(m, mpp_flags);
}
#endif
-#if defined(ENABLE_DCO) \
- && (defined(TARGET_LINUX) || defined(TARGET_FREEBSD) || defined(TARGET_WIN32))
+#if defined(ENABLE_DCO)
else if (status & DCO_READ)
{
if (!IS_SIG(&m->top))
diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c
index 49f5320..b2d2b6c 100644
--- a/src/openvpn/multi.c
+++ b/src/openvpn/multi.c
@@ -3337,8 +3337,7 @@
}
#endif
-#if defined(ENABLE_DCO) \
- && (defined(TARGET_LINUX) || defined(TARGET_FREEBSD) || defined(TARGET_WIN32))
+#if defined(ENABLE_DCO)
static void
process_incoming_del_peer(struct multi_context *m, struct multi_instance *mi,
dco_context_t *dco)
@@ -3409,7 +3408,6 @@
{
process_incoming_del_peer(m, mi, dco);
}
-#if defined(TARGET_LINUX) || defined(TARGET_WIN32) || defined(TARGET_FREEBSD)
else if (dco->dco_message_type == OVPN_CMD_FLOAT_PEER)
{
ASSERT(mi->context.c2.link_sockets[0]);
@@ -3419,7 +3417,6 @@
multi_process_float(m, mi, mi->context.c2.link_sockets[0]);
CLEAR(dco->dco_float_peer_ss);
}
-#endif /* if defined(TARGET_LINUX) || defined(TARGET_WIN32) */
else if (dco->dco_message_type == OVPN_CMD_SWAP_KEYS)
{
tls_session_soft_reset(mi->context.c2.tls_multi);
@@ -3452,7 +3449,7 @@
dco->dco_write_bytes = 0;
return ret > 0;
}
-#endif /* if defined(ENABLE_DCO) && defined(TARGET_LINUX) */
+#endif /* if defined(ENABLE_DCO) */
/*
* Process packets in the TCP/UDP socket -> TUN/TAP interface direction,
diff --git a/src/openvpn/multi_io.c b/src/openvpn/multi_io.c
index 4854f4b..102ee2f 100644
--- a/src/openvpn/multi_io.c
+++ b/src/openvpn/multi_io.c
@@ -191,8 +191,7 @@
}
tun_set(m->top.c1.tuntap, m->multi_io->es, EVENT_READ, MULTI_IO_TUN, persistent);
-#if defined(ENABLE_DCO) \
- && (defined(TARGET_LINUX) || defined(TARGET_FREEBSD) || defined(TARGET_WIN32))
+#if defined(ENABLE_DCO)
dco_event_set(&m->top.c1.tuntap->dco, m->multi_io->es, MULTI_IO_DCO);
#endif
@@ -526,8 +525,7 @@
multi_io_action(m, mi, TA_INITIAL, false);
}
}
-#if defined(ENABLE_DCO) \
- && (defined(TARGET_LINUX) || defined(TARGET_FREEBSD) || defined(TARGET_WIN32))
+#if defined(ENABLE_DCO)
/* incoming data on DCO? */
else if (e->arg == MULTI_IO_DCO)
{
--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/1117?usp=email
To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: I6977d23b5289eba5db436608e0500216e0e689ec
Gerrit-Change-Number: 1117
Gerrit-PatchSet: 3
Gerrit-Owner: cron2 <ge...@gr...>
Gerrit-Reviewer: flichtenheld <fr...@li...>
Gerrit-Reviewer: plaisthos <arn...@rf...>
Gerrit-CC: openvpn-devel <ope...@li...>
Gerrit-Attention: plaisthos <arn...@rf...>
Gerrit-Attention: flichtenheld <fr...@li...>
Gerrit-MessageType: newpatchset
|
|
From: cron2 (C. Review) <ge...@op...> - 2025-07-28 08:12:54
|
Attention is currently required from: flichtenheld, plaisthos.
Hello flichtenheld, plaisthos,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/1117?usp=email
to look at the new patch set (#2).
Change subject: multi.c: get rid of #ifdef surrounding DCO float notifications
......................................................................
multi.c: get rid of #ifdef surrounding DCO float notifications
With commit b66b80b2a all three platforms with DCO support have DCO float
notifications now, so the #ifdef inside multi_process_incoming_dco() is
no longer needed.
Change-Id: I6977d23b5289eba5db436608e0500216e0e689ec
Signed-off-by: Gert Doering <ge...@gr...>
---
M src/openvpn/multi.c
1 file changed, 0 insertions(+), 2 deletions(-)
git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/17/1117/2
diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c
index 49f5320..3a25a70 100644
--- a/src/openvpn/multi.c
+++ b/src/openvpn/multi.c
@@ -3409,7 +3409,6 @@
{
process_incoming_del_peer(m, mi, dco);
}
-#if defined(TARGET_LINUX) || defined(TARGET_WIN32) || defined(TARGET_FREEBSD)
else if (dco->dco_message_type == OVPN_CMD_FLOAT_PEER)
{
ASSERT(mi->context.c2.link_sockets[0]);
@@ -3419,7 +3418,6 @@
multi_process_float(m, mi, mi->context.c2.link_sockets[0]);
CLEAR(dco->dco_float_peer_ss);
}
-#endif /* if defined(TARGET_LINUX) || defined(TARGET_WIN32) */
else if (dco->dco_message_type == OVPN_CMD_SWAP_KEYS)
{
tls_session_soft_reset(mi->context.c2.tls_multi);
--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/1117?usp=email
To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: I6977d23b5289eba5db436608e0500216e0e689ec
Gerrit-Change-Number: 1117
Gerrit-PatchSet: 2
Gerrit-Owner: cron2 <ge...@gr...>
Gerrit-Reviewer: flichtenheld <fr...@li...>
Gerrit-Reviewer: plaisthos <arn...@rf...>
Gerrit-CC: openvpn-devel <ope...@li...>
Gerrit-Attention: plaisthos <arn...@rf...>
Gerrit-Attention: flichtenheld <fr...@li...>
Gerrit-MessageType: newpatchset
|
|
From: cron2 (C. Review) <ge...@op...> - 2025-07-28 08:10:28
|
Attention is currently required from: flichtenheld, plaisthos.
Hello plaisthos, flichtenheld,
I'd like you to do a code review.
Please visit
http://gerrit.openvpn.net/c/openvpn/+/1117?usp=email
to review the following change.
Change subject: multi.c get rid of #ifdef surrounding DCO float notifications
......................................................................
multi.c get rid of #ifdef surrounding DCO float notifications
With commit b66b80b2a all three platforms with DCO support have DCO float
notifications now, so the #ifdef inside multi_process_incoming_dco() is
no longer needed.
Change-Id: I6977d23b5289eba5db436608e0500216e0e689ec
Signed-off-by: Gert Doering <ge...@gr...>
---
M src/openvpn/multi.c
1 file changed, 0 insertions(+), 2 deletions(-)
git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/17/1117/1
diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c
index 49f5320..3a25a70 100644
--- a/src/openvpn/multi.c
+++ b/src/openvpn/multi.c
@@ -3409,7 +3409,6 @@
{
process_incoming_del_peer(m, mi, dco);
}
-#if defined(TARGET_LINUX) || defined(TARGET_WIN32) || defined(TARGET_FREEBSD)
else if (dco->dco_message_type == OVPN_CMD_FLOAT_PEER)
{
ASSERT(mi->context.c2.link_sockets[0]);
@@ -3419,7 +3418,6 @@
multi_process_float(m, mi, mi->context.c2.link_sockets[0]);
CLEAR(dco->dco_float_peer_ss);
}
-#endif /* if defined(TARGET_LINUX) || defined(TARGET_WIN32) */
else if (dco->dco_message_type == OVPN_CMD_SWAP_KEYS)
{
tls_session_soft_reset(mi->context.c2.tls_multi);
--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/1117?usp=email
To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: I6977d23b5289eba5db436608e0500216e0e689ec
Gerrit-Change-Number: 1117
Gerrit-PatchSet: 1
Gerrit-Owner: cron2 <ge...@gr...>
Gerrit-Reviewer: flichtenheld <fr...@li...>
Gerrit-Reviewer: plaisthos <arn...@rf...>
Gerrit-CC: openvpn-devel <ope...@li...>
Gerrit-Attention: plaisthos <arn...@rf...>
Gerrit-Attention: flichtenheld <fr...@li...>
Gerrit-MessageType: newchange
|
|
From: Gert D. <ge...@gr...> - 2025-07-28 08:05:22
|
Thanks. Tested, works (and I already got chided for my lack of faith). Uncrustify complained about whitespace conventions, so I've adjusted those (whitespace-only, no code changes), and the patch did not apply "as is" because Antonio changed a bit in dco_freebsd.h in the mean time so one line of diff context was different - trivial fix. I tested this with the kernel patch in https://reviews.freebsd.org/D51468, on top of a 14.2-RELEASE-p4 kernel - v4/v4 float on an udp4 socket, v4/v4 and v6/v6 float on an udp6 dual-stack socket. Running an "old binary" on top of a "very new kernel" has a bit of risk - if a client floats, userland will see an "Unknown kernel notification 2" and kill the instance SIGTERM[soft,ovpn-dco: unknown reason] received, client-instance exiting this is somewhat unavoidable as userland depends on having the kernel constant available. So, for the sake of the archives - if you upgrade your FreeBSD and an OpenVPN server kills clients on float, upgrade your userland (old server + old kernel would not support float at all, and clients will just time out). Your patch has been applied to the master branch. commit b66b80b2ab73bb422826911b675798e6b789ef03 Author: Kristof Provost Date: Wed Jul 23 10:36:49 2025 +0200 dco: support float notifications on FreeBSD Signed-off-by: Kristof Provost <kpr...@ne...> Acked-by: Gert Doering <ge...@gr...> Message-Id: <202...@ne...> URL: https://www.mail-archive.com/ope...@li.../msg32282.html Signed-off-by: Gert Doering <ge...@gr...> -- kind regards, Gert Doering |
|
From: cron2 (C. Review) <ge...@op...> - 2025-07-27 12:22:32
|
Attention is currently required from: flichtenheld, mrbff, plaisthos, stipa. cron2 has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/810?usp=email ) Change subject: PUSH_UPDATE: Added update_option() function. ...................................................................... Patch Set 22: Code-Review+2 -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/810?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ia45c99e6df7b3ad24020c10b8a9b3577984ecdc2 Gerrit-Change-Number: 810 Gerrit-PatchSet: 22 Gerrit-Owner: mrbff <ma...@ma...> Gerrit-Reviewer: cron2 <ge...@gr...> Gerrit-Reviewer: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-Reviewer: stipa <lst...@gm...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-Attention: plaisthos <arn...@rf...> Gerrit-Attention: flichtenheld <fr...@li...> Gerrit-Attention: mrbff <ma...@ma...> Gerrit-Attention: stipa <lst...@gm...> Gerrit-Comment-Date: Sun, 27 Jul 2025 12:22:09 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment |
|
From: cron2 (C. Review) <ge...@op...> - 2025-07-27 12:21:24
|
Attention is currently required from: flichtenheld, mrbff, plaisthos, stipa. cron2 has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/809?usp=email ) Change subject: PUSH_UPDATE: Added remove_option() and do_update(). ...................................................................... Patch Set 22: Code-Review+2 -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/809?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I507180d7397b6959844a30908010132bc3411067 Gerrit-Change-Number: 809 Gerrit-PatchSet: 22 Gerrit-Owner: mrbff <ma...@ma...> Gerrit-Reviewer: cron2 <ge...@gr...> Gerrit-Reviewer: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-Reviewer: stipa <lst...@gm...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-Attention: plaisthos <arn...@rf...> Gerrit-Attention: flichtenheld <fr...@li...> Gerrit-Attention: mrbff <ma...@ma...> Gerrit-Attention: stipa <lst...@gm...> Gerrit-Comment-Date: Sun, 27 Jul 2025 12:21:09 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment |
|
From: cron2 (C. Review) <ge...@op...> - 2025-07-27 12:19:51
|
Attention is currently required from: flichtenheld, mrbff, stipa. cron2 has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/808?usp=email ) Change subject: PUSH_UPDATE: Allow OpenVPN in client mode to receive and handle PUSH UPDATE control messages to allow options updating at runtime. ...................................................................... Patch Set 21: Code-Review-1 (3 comments) Patchset: PS21: I'm fine with most of the new version, but I'm still not really happy with `apply_push_options()`. Sorry. File src/openvpn/options.c: http://gerrit.openvpn.net/c/openvpn/+/808/comment/f3fc7445_db3c4290 : PS21, Line 5524: { please get rid of this extra `if()` level. Both conditions are checked again inside, so this is not really adding anything but an indent level. http://gerrit.openvpn.net/c/openvpn/+/808/comment/37cf1615_f21e2c77 : PS21, Line 5532: || (options->pull_filter_list && !apply_pull_filter(options, &line[i]))) I find this very hard to understand, even if it's a bit more space-efficient than having two `if()` clauses with their own error handling - but the latter would make the whole flow easier to understand. Maybe just leaving the `option->pull_filter_list` check inside `apply_pull_filter()` (as it was) would already make this easier to read. Yes, we'd waste a function call per received push-option, but this is not a critical code path. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/808?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I6ecd4cb47571cc8c20e46de8595c742aeec6064a Gerrit-Change-Number: 808 Gerrit-PatchSet: 21 Gerrit-Owner: mrbff <ma...@ma...> Gerrit-Reviewer: cron2 <ge...@gr...> Gerrit-Reviewer: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-Reviewer: stipa <lst...@gm...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-Attention: flichtenheld <fr...@li...> Gerrit-Attention: mrbff <ma...@ma...> Gerrit-Attention: stipa <lst...@gm...> Gerrit-Comment-Date: Sun, 27 Jul 2025 12:19:36 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes Gerrit-MessageType: comment |
|
From: cron2 (C. Review) <ge...@op...> - 2025-07-27 11:02:45
|
Attention is currently required from: flichtenheld, ordex, plaisthos. cron2 has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/1116?usp=email ) Change subject: dco: drop client prefix after DCO PEER_FLOAT notification ...................................................................... Patch Set 2: (1 comment) Patchset: PS2: Here's another one... counter timer triggering while an outgoing TLS renegotiation is in progress ``` Jul 27 12:33:36 ubuntu2004 tun-udp-p2mp[298589]: udp6:[2001:608:0:814::fb00:14]:33827 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bits RSA, signature: RSA-SHA256, peer temporary key: 253 bits X25519, peer signing digest/type: SHA256 RSASSA-PSS Jul 27 12:33:36 ubuntu2004 kernel: [443346.370968] tun1: del peer 1 Jul 27 12:33:36 ubuntu2004 kernel: [443346.370974] tun1: deleting peer with id 1, reason 1 Jul 27 12:33:36 ubuntu2004 tun-udp-p2mp[298589]: udp6:[2001:608:0:814::fb00:14]:33827 [freebsd-14-amd64] Peer Connection Initiated with [AF_INET6]2001:608:0:814::fb00:14:33827 Jul 27 12:33:36 ubuntu2004 tun-udp-p2mp[298589]: freebsd-14-amd64/udp6:[2001:608:0:814::fb00:14]:33827 peer-id=2 dco_get_peer: peer-id -1 Jul 27 12:33:36 ubuntu2004 tun-udp-p2mp[298589]: freebsd-14-amd64/udp6:[2001:608:0:814::fb00:14]:33827 peer-id=2 ovpn-dco: received netlink message type=31 cmd=3 flags=0x0002 Jul 27 12:33:36 ubuntu2004 tun-udp-p2mp[298589]: freebsd-14-amd64/udp6:[2001:608:0:814::fb00:14]:33827 peer-id=2 ovpn_handle_peer: parsing message for peer 0... Jul 27 12:33:36 ubuntu2004 tun-udp-p2mp[298589]: freebsd-14-amd64/udp6:[2001:608:0:814::fb00:14]:33827 peer-id=2 dco_update_peer_stat / dco_read_bytes(0): 440 Jul 27 12:33:36 ubuntu2004 tun-udp-p2mp[298589]: freebsd-14-amd64/udp6:[2001:608:0:814::fb00:14]:33827 peer-id=2 dco_update_peer_stat / dco_write_bytes(0): 480 ``` in this case resetting the prefix would mess up prefix logging for the TLS handshake, so it's not the right approach anyway. Digging through error.c I found something half-forgotten... ``` /* set up client prefix */ if (flags & M_NOIPREFIX) { prefix = NULL; } else { prefix = msg_get_prefix(); } ``` so I think the *right* approach is to use `msg(...|M_NOIPREFIX, ...)` for everything that is not normally related to a particular MI instance - like, most of the DCO events. Magic -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1116?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I1ad5df0f6785ffe9becd9f83329a9335d1a36f24 Gerrit-Change-Number: 1116 Gerrit-PatchSet: 2 Gerrit-Owner: ordex <an...@ma...> Gerrit-Reviewer: cron2 <ge...@gr...> Gerrit-Reviewer: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-Attention: plaisthos <arn...@rf...> Gerrit-Attention: flichtenheld <fr...@li...> Gerrit-Attention: ordex <an...@ma...> Gerrit-Comment-Date: Sun, 27 Jul 2025 11:02:31 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Gerrit-MessageType: comment |
|
From: cron2 (C. Review) <ge...@op...> - 2025-07-27 10:46:03
|
cron2 has submitted this change. ( http://gerrit.openvpn.net/c/openvpn/+/1114?usp=email ) Change subject: dco_linux: clean up PEER_GET trigger and parser ...................................................................... dco_linux: clean up PEER_GET trigger and parser This patch is intended to reduce code duplication and cleanup the DCO code around the PEER_GET command. Specifically it: * unified PEER_GET reply parser for `multi` and `non-multi` case * unified PEER_GET request trigger for `multi` and `non-multi` case * dropped struct multi_context from the argument list of dco_get_peer_stats_multi() Github: closes OpenVPN/openvpn#800 Change-Id: Icbc70225d53ca678b8c22ed437b424c16e199d66 Signed-off-by: Antonio Quartulli <an...@ma...> Acked-by: Gert Doering <ge...@gr...> Message-Id: <202...@gr...> URL: https://www.mail-archive.com/ope...@li.../msg32361.html Signed-off-by: Gert Doering <ge...@gr...> --- M src/openvpn/dco.h M src/openvpn/dco_freebsd.c M src/openvpn/dco_freebsd.h M src/openvpn/dco_linux.c M src/openvpn/dco_win.c M src/openvpn/multi.c 6 files changed, 53 insertions(+), 112 deletions(-) diff --git a/src/openvpn/dco.h b/src/openvpn/dco.h index 9078417..2ce0eb1 100644 --- a/src/openvpn/dco.h +++ b/src/openvpn/dco.h @@ -230,11 +230,9 @@ * Update traffic statistics for all peers * * @param dco DCO device context - * @param m the server context * @param raise_sigusr1_on_err whether to raise SIGUSR1 on error **/ -int dco_get_peer_stats_multi(dco_context_t *dco, struct multi_context *m, - const bool raise_sigusr1_on_err); +int dco_get_peer_stats_multi(dco_context_t *dco, const bool raise_sigusr1_on_err); /** * Update traffic statistics for single peer @@ -374,8 +372,7 @@ } static inline int -dco_get_peer_stats_multi(dco_context_t *dco, struct multi_context *m, - const bool raise_sigusr1_on_err) +dco_get_peer_stats_multi(dco_context_t *dco, const bool raise_sigusr1_on_err) { return 0; } diff --git a/src/openvpn/dco_freebsd.c b/src/openvpn/dco_freebsd.c index 98d8fb5..78ee9a1 100644 --- a/src/openvpn/dco_freebsd.c +++ b/src/openvpn/dco_freebsd.c @@ -167,6 +167,8 @@ bool ovpn_dco_init(struct context *c) { + c->c1.tuntap->dco.c = c; + if (open_fd(&c->c1.tuntap->dco) < 0) { msg(M_ERR, "Failed to open socket"); @@ -713,8 +715,7 @@ } int -dco_get_peer_stats_multi(dco_context_t *dco, struct multi_context *m, - const bool raise_sigusr1_on_err) +dco_get_peer_stats_multi(dco_context_t *dco, const bool raise_sigusr1_on_err) { struct ifdrv drv; @@ -774,7 +775,7 @@ const nvlist_t *peer = nvpeers[i]; uint32_t peerid = nvlist_get_number(peer, "peerid"); - dco_update_peer_stat(m, peerid, nvlist_get_nvlist(peer, "bytes")); + dco_update_peer_stat(dco->c->multi, peerid, nvlist_get_nvlist(peer, "bytes")); } nvlist_destroy(nvl); diff --git a/src/openvpn/dco_freebsd.h b/src/openvpn/dco_freebsd.h index e1a054e..e926af5 100644 --- a/src/openvpn/dco_freebsd.h +++ b/src/openvpn/dco_freebsd.h @@ -57,6 +57,8 @@ int dco_del_peer_reason; uint64_t dco_read_bytes; uint64_t dco_write_bytes; + + struct context *c; } dco_context_t; #endif /* defined(ENABLE_DCO) && defined(TARGET_FREEBSD) */ diff --git a/src/openvpn/dco_linux.c b/src/openvpn/dco_linux.c index 728fb7e..9ad3d51 100644 --- a/src/openvpn/dco_linux.c +++ b/src/openvpn/dco_linux.c @@ -877,53 +877,8 @@ } static int -ovpn_handle_peer_multi(dco_context_t *dco, struct nlattr *attrs[]) -{ - msg(D_DCO_DEBUG, "%s: parsing message...", __func__); - - /* this function assumes openvpn is running in multipeer mode as - * it accesses c->multi - */ - if (dco->ifmode != OVPN_MODE_MP) - { - msg(M_WARN, "%s: can't parse 'multi-peer' message on P2P instance", __func__); - return NL_SKIP; - } - - if (!attrs[OVPN_A_PEER]) - { - return NL_SKIP; - } - - struct nlattr *tb_peer[OVPN_A_PEER_MAX + 1]; - nla_parse_nested(tb_peer, OVPN_A_PEER_MAX, attrs[OVPN_A_PEER], NULL); - - if (!tb_peer[OVPN_A_PEER_ID]) - { - msg(M_WARN, "ovpn-dco: no peer-id provided in (MULTI) PEER_GET reply"); - return NL_SKIP; - } - - struct multi_context *m = dco->c->multi; - uint32_t peer_id = nla_get_u32(tb_peer[OVPN_A_PEER_ID]); - - if (peer_id >= m->max_clients || !m->instances[peer_id]) - { - msg(M_WARN, "%s: cannot store DCO stats for peer %u", __func__, - peer_id); - return NL_SKIP; - } - - dco_update_peer_stat(&m->instances[peer_id]->context.c2, tb_peer, peer_id); - - return NL_OK; -} - -static int ovpn_handle_peer(dco_context_t *dco, struct nlattr *attrs[]) { - msg(D_DCO_DEBUG, "%s: parsing message...", __func__); - if (!attrs[OVPN_A_PEER]) { msg(D_DCO_DEBUG, "%s: malformed reply", __func__); @@ -942,12 +897,25 @@ uint32_t peer_id = nla_get_u32(tb_peer[OVPN_A_PEER_ID]); struct context_2 *c2; + msg(D_DCO_DEBUG, "%s: parsing message for peer %u...", __func__, peer_id); + if (dco->ifmode == OVPN_MODE_P2P) { c2 = &dco->c->c2; + if (c2->tls_multi->dco_peer_id != peer_id) + { + return NL_SKIP; + } } else { + if (peer_id >= dco->c->multi->max_clients) + { + msg(M_WARN, "%s: received out of bound peer_id %u (max=%u)", __func__, peer_id, + dco->c->multi->max_clients); + return NL_SKIP; + } + struct multi_instance *mi = dco->c->multi->instances[peer_id]; if (!mi) { @@ -958,14 +926,6 @@ c2 = &mi->context.c2; } - /* at this point this check should never fail for MP mode, - * but it's still fully valid for P2P mode - */ - if (c2->tls_multi->dco_peer_id != peer_id) - { - return NL_SKIP; - } - dco_update_peer_stat(c2, tb_peer, peer_id); return NL_OK; @@ -1176,17 +1136,7 @@ { case OVPN_CMD_PEER_GET: { - /* this message is part of a peer list dump, hence triggered - * by a MP/server instance - */ - if (nlh->nlmsg_flags & NLM_F_MULTI) - { - return ovpn_handle_peer_multi(dco, attrs); - } - else - { - return ovpn_handle_peer(dco, attrs); - } + return ovpn_handle_peer(dco, attrs); } case OVPN_CMD_PEER_DEL_NTF: @@ -1221,52 +1171,32 @@ return ovpn_nl_recvmsgs(dco, __func__); } -int -dco_get_peer_stats_multi(dco_context_t *dco, struct multi_context *m, - const bool raise_sigusr1_on_err) +static int +dco_get_peer(dco_context_t *dco, int peer_id, const bool raise_sigusr1_on_err) { - msg(D_DCO_DEBUG, "%s", __func__); - - struct nl_msg *nl_msg = ovpn_dco_nlmsg_create(dco, OVPN_CMD_PEER_GET); - - nlmsg_hdr(nl_msg)->nlmsg_flags |= NLM_F_DUMP; - - int ret = ovpn_nl_msg_send(dco, nl_msg, __func__); - - nlmsg_free(nl_msg); - - if (raise_sigusr1_on_err && ret < 0) - { - msg(M_WARN, "Error retrieving DCO peer stats: the underlying DCO peer" - "may have been deleted from the kernel without notifying " - "userspace. Restarting the session"); - register_signal(m->top.sig, SIGUSR1, "dco peer stats error"); - } - return ret; -} - -int -dco_get_peer_stats(struct context *c, const bool raise_sigusr1_on_err) -{ - int peer_id = c->c2.tls_multi->dco_peer_id; - if (peer_id == -1) + /* peer_id == -1 means "dump all peers", but this is allowed in MP mode only. + * If it happens in P2P mode it means that the DCO peer was deleted and we + * can simply bail out + */ + if (peer_id == -1 && dco->ifmode == OVPN_MODE_P2P) { return 0; } msg(D_DCO_DEBUG, "%s: peer-id %d", __func__, peer_id); - if (!c->c1.tuntap) - { - return 0; - } - - dco_context_t *dco = &c->c1.tuntap->dco; struct nl_msg *nl_msg = ovpn_dco_nlmsg_create(dco, OVPN_CMD_PEER_GET); struct nlattr *attr = nla_nest_start(nl_msg, OVPN_A_PEER); int ret = -EMSGSIZE; - NLA_PUT_U32(nl_msg, OVPN_A_PEER_ID, peer_id); + if (peer_id != -1) + { + NLA_PUT_U32(nl_msg, OVPN_A_PEER_ID, peer_id); + } + else + { + nlmsg_hdr(nl_msg)->nlmsg_flags |= NLM_F_DUMP; + } nla_nest_end(nl_msg, attr); ret = ovpn_nl_msg_send(dco, nl_msg, __func__); @@ -1279,11 +1209,23 @@ msg(M_WARN, "Error retrieving DCO peer stats: the underlying DCO peer" "may have been deleted from the kernel without notifying " "userspace. Restarting the session"); - register_signal(c->sig, SIGUSR1, "dco peer stats error"); + register_signal(dco->c->sig, SIGUSR1, "dco peer stats error"); } return ret; } +int +dco_get_peer_stats(struct context *c, const bool raise_sigusr1_on_err) +{ + return dco_get_peer(&c->c1.tuntap->dco, c->c2.tls_multi->dco_peer_id, raise_sigusr1_on_err); +} + +int +dco_get_peer_stats_multi(dco_context_t *dco, const bool raise_sigusr1_on_err) +{ + return dco_get_peer(dco, -1, raise_sigusr1_on_err); +} + bool dco_available(int msglevel) { diff --git a/src/openvpn/dco_win.c b/src/openvpn/dco_win.c index e5a33a0..995b121 100644 --- a/src/openvpn/dco_win.c +++ b/src/openvpn/dco_win.c @@ -715,8 +715,7 @@ } int -dco_get_peer_stats_multi(dco_context_t *dco, struct multi_context *m, - const bool raise_sigusr1_on_err) +dco_get_peer_stats_multi(dco_context_t *dco, const bool raise_sigusr1_on_err) { /* Not implemented. */ return 0; diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index 8de5854..c90ed5b 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -551,7 +551,7 @@ { if (dco_enabled(&m->top.options)) { - if (dco_get_peer_stats_multi(&m->top.c1.tuntap->dco, m, false) < 0) + if (dco_get_peer_stats_multi(&m->top.c1.tuntap->dco, false) < 0) { return; } @@ -862,7 +862,7 @@ if (dco_enabled(&m->top.options)) { - if (dco_get_peer_stats_multi(&m->top.c1.tuntap->dco, m, true) < 0) + if (dco_get_peer_stats_multi(&m->top.c1.tuntap->dco, true) < 0) { return; } -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1114?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Icbc70225d53ca678b8c22ed437b424c16e199d66 Gerrit-Change-Number: 1114 Gerrit-PatchSet: 4 Gerrit-Owner: ordex <an...@ma...> Gerrit-Reviewer: cron2 <ge...@gr...> Gerrit-Reviewer: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-MessageType: merged |
|
From: cron2 (C. Review) <ge...@op...> - 2025-07-27 10:45:55
|
cron2 has uploaded a new patch set (#4) to the change originally created by ordex. ( http://gerrit.openvpn.net/c/openvpn/+/1114?usp=email ) The following approvals got outdated and were removed: Code-Review+2 by cron2 Change subject: dco_linux: clean up PEER_GET trigger and parser ...................................................................... dco_linux: clean up PEER_GET trigger and parser This patch is intended to reduce code duplication and cleanup the DCO code around the PEER_GET command. Specifically it: * unified PEER_GET reply parser for `multi` and `non-multi` case * unified PEER_GET request trigger for `multi` and `non-multi` case * dropped struct multi_context from the argument list of dco_get_peer_stats_multi() Github: closes OpenVPN/openvpn#800 Change-Id: Icbc70225d53ca678b8c22ed437b424c16e199d66 Signed-off-by: Antonio Quartulli <an...@ma...> Acked-by: Gert Doering <ge...@gr...> Message-Id: <202...@gr...> URL: https://www.mail-archive.com/ope...@li.../msg32361.html Signed-off-by: Gert Doering <ge...@gr...> --- M src/openvpn/dco.h M src/openvpn/dco_freebsd.c M src/openvpn/dco_freebsd.h M src/openvpn/dco_linux.c M src/openvpn/dco_win.c M src/openvpn/multi.c 6 files changed, 53 insertions(+), 112 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/14/1114/4 diff --git a/src/openvpn/dco.h b/src/openvpn/dco.h index 9078417..2ce0eb1 100644 --- a/src/openvpn/dco.h +++ b/src/openvpn/dco.h @@ -230,11 +230,9 @@ * Update traffic statistics for all peers * * @param dco DCO device context - * @param m the server context * @param raise_sigusr1_on_err whether to raise SIGUSR1 on error **/ -int dco_get_peer_stats_multi(dco_context_t *dco, struct multi_context *m, - const bool raise_sigusr1_on_err); +int dco_get_peer_stats_multi(dco_context_t *dco, const bool raise_sigusr1_on_err); /** * Update traffic statistics for single peer @@ -374,8 +372,7 @@ } static inline int -dco_get_peer_stats_multi(dco_context_t *dco, struct multi_context *m, - const bool raise_sigusr1_on_err) +dco_get_peer_stats_multi(dco_context_t *dco, const bool raise_sigusr1_on_err) { return 0; } diff --git a/src/openvpn/dco_freebsd.c b/src/openvpn/dco_freebsd.c index 98d8fb5..78ee9a1 100644 --- a/src/openvpn/dco_freebsd.c +++ b/src/openvpn/dco_freebsd.c @@ -167,6 +167,8 @@ bool ovpn_dco_init(struct context *c) { + c->c1.tuntap->dco.c = c; + if (open_fd(&c->c1.tuntap->dco) < 0) { msg(M_ERR, "Failed to open socket"); @@ -713,8 +715,7 @@ } int -dco_get_peer_stats_multi(dco_context_t *dco, struct multi_context *m, - const bool raise_sigusr1_on_err) +dco_get_peer_stats_multi(dco_context_t *dco, const bool raise_sigusr1_on_err) { struct ifdrv drv; @@ -774,7 +775,7 @@ const nvlist_t *peer = nvpeers[i]; uint32_t peerid = nvlist_get_number(peer, "peerid"); - dco_update_peer_stat(m, peerid, nvlist_get_nvlist(peer, "bytes")); + dco_update_peer_stat(dco->c->multi, peerid, nvlist_get_nvlist(peer, "bytes")); } nvlist_destroy(nvl); diff --git a/src/openvpn/dco_freebsd.h b/src/openvpn/dco_freebsd.h index e1a054e..e926af5 100644 --- a/src/openvpn/dco_freebsd.h +++ b/src/openvpn/dco_freebsd.h @@ -57,6 +57,8 @@ int dco_del_peer_reason; uint64_t dco_read_bytes; uint64_t dco_write_bytes; + + struct context *c; } dco_context_t; #endif /* defined(ENABLE_DCO) && defined(TARGET_FREEBSD) */ diff --git a/src/openvpn/dco_linux.c b/src/openvpn/dco_linux.c index 728fb7e..9ad3d51 100644 --- a/src/openvpn/dco_linux.c +++ b/src/openvpn/dco_linux.c @@ -877,53 +877,8 @@ } static int -ovpn_handle_peer_multi(dco_context_t *dco, struct nlattr *attrs[]) -{ - msg(D_DCO_DEBUG, "%s: parsing message...", __func__); - - /* this function assumes openvpn is running in multipeer mode as - * it accesses c->multi - */ - if (dco->ifmode != OVPN_MODE_MP) - { - msg(M_WARN, "%s: can't parse 'multi-peer' message on P2P instance", __func__); - return NL_SKIP; - } - - if (!attrs[OVPN_A_PEER]) - { - return NL_SKIP; - } - - struct nlattr *tb_peer[OVPN_A_PEER_MAX + 1]; - nla_parse_nested(tb_peer, OVPN_A_PEER_MAX, attrs[OVPN_A_PEER], NULL); - - if (!tb_peer[OVPN_A_PEER_ID]) - { - msg(M_WARN, "ovpn-dco: no peer-id provided in (MULTI) PEER_GET reply"); - return NL_SKIP; - } - - struct multi_context *m = dco->c->multi; - uint32_t peer_id = nla_get_u32(tb_peer[OVPN_A_PEER_ID]); - - if (peer_id >= m->max_clients || !m->instances[peer_id]) - { - msg(M_WARN, "%s: cannot store DCO stats for peer %u", __func__, - peer_id); - return NL_SKIP; - } - - dco_update_peer_stat(&m->instances[peer_id]->context.c2, tb_peer, peer_id); - - return NL_OK; -} - -static int ovpn_handle_peer(dco_context_t *dco, struct nlattr *attrs[]) { - msg(D_DCO_DEBUG, "%s: parsing message...", __func__); - if (!attrs[OVPN_A_PEER]) { msg(D_DCO_DEBUG, "%s: malformed reply", __func__); @@ -942,12 +897,25 @@ uint32_t peer_id = nla_get_u32(tb_peer[OVPN_A_PEER_ID]); struct context_2 *c2; + msg(D_DCO_DEBUG, "%s: parsing message for peer %u...", __func__, peer_id); + if (dco->ifmode == OVPN_MODE_P2P) { c2 = &dco->c->c2; + if (c2->tls_multi->dco_peer_id != peer_id) + { + return NL_SKIP; + } } else { + if (peer_id >= dco->c->multi->max_clients) + { + msg(M_WARN, "%s: received out of bound peer_id %u (max=%u)", __func__, peer_id, + dco->c->multi->max_clients); + return NL_SKIP; + } + struct multi_instance *mi = dco->c->multi->instances[peer_id]; if (!mi) { @@ -958,14 +926,6 @@ c2 = &mi->context.c2; } - /* at this point this check should never fail for MP mode, - * but it's still fully valid for P2P mode - */ - if (c2->tls_multi->dco_peer_id != peer_id) - { - return NL_SKIP; - } - dco_update_peer_stat(c2, tb_peer, peer_id); return NL_OK; @@ -1176,17 +1136,7 @@ { case OVPN_CMD_PEER_GET: { - /* this message is part of a peer list dump, hence triggered - * by a MP/server instance - */ - if (nlh->nlmsg_flags & NLM_F_MULTI) - { - return ovpn_handle_peer_multi(dco, attrs); - } - else - { - return ovpn_handle_peer(dco, attrs); - } + return ovpn_handle_peer(dco, attrs); } case OVPN_CMD_PEER_DEL_NTF: @@ -1221,52 +1171,32 @@ return ovpn_nl_recvmsgs(dco, __func__); } -int -dco_get_peer_stats_multi(dco_context_t *dco, struct multi_context *m, - const bool raise_sigusr1_on_err) +static int +dco_get_peer(dco_context_t *dco, int peer_id, const bool raise_sigusr1_on_err) { - msg(D_DCO_DEBUG, "%s", __func__); - - struct nl_msg *nl_msg = ovpn_dco_nlmsg_create(dco, OVPN_CMD_PEER_GET); - - nlmsg_hdr(nl_msg)->nlmsg_flags |= NLM_F_DUMP; - - int ret = ovpn_nl_msg_send(dco, nl_msg, __func__); - - nlmsg_free(nl_msg); - - if (raise_sigusr1_on_err && ret < 0) - { - msg(M_WARN, "Error retrieving DCO peer stats: the underlying DCO peer" - "may have been deleted from the kernel without notifying " - "userspace. Restarting the session"); - register_signal(m->top.sig, SIGUSR1, "dco peer stats error"); - } - return ret; -} - -int -dco_get_peer_stats(struct context *c, const bool raise_sigusr1_on_err) -{ - int peer_id = c->c2.tls_multi->dco_peer_id; - if (peer_id == -1) + /* peer_id == -1 means "dump all peers", but this is allowed in MP mode only. + * If it happens in P2P mode it means that the DCO peer was deleted and we + * can simply bail out + */ + if (peer_id == -1 && dco->ifmode == OVPN_MODE_P2P) { return 0; } msg(D_DCO_DEBUG, "%s: peer-id %d", __func__, peer_id); - if (!c->c1.tuntap) - { - return 0; - } - - dco_context_t *dco = &c->c1.tuntap->dco; struct nl_msg *nl_msg = ovpn_dco_nlmsg_create(dco, OVPN_CMD_PEER_GET); struct nlattr *attr = nla_nest_start(nl_msg, OVPN_A_PEER); int ret = -EMSGSIZE; - NLA_PUT_U32(nl_msg, OVPN_A_PEER_ID, peer_id); + if (peer_id != -1) + { + NLA_PUT_U32(nl_msg, OVPN_A_PEER_ID, peer_id); + } + else + { + nlmsg_hdr(nl_msg)->nlmsg_flags |= NLM_F_DUMP; + } nla_nest_end(nl_msg, attr); ret = ovpn_nl_msg_send(dco, nl_msg, __func__); @@ -1279,11 +1209,23 @@ msg(M_WARN, "Error retrieving DCO peer stats: the underlying DCO peer" "may have been deleted from the kernel without notifying " "userspace. Restarting the session"); - register_signal(c->sig, SIGUSR1, "dco peer stats error"); + register_signal(dco->c->sig, SIGUSR1, "dco peer stats error"); } return ret; } +int +dco_get_peer_stats(struct context *c, const bool raise_sigusr1_on_err) +{ + return dco_get_peer(&c->c1.tuntap->dco, c->c2.tls_multi->dco_peer_id, raise_sigusr1_on_err); +} + +int +dco_get_peer_stats_multi(dco_context_t *dco, const bool raise_sigusr1_on_err) +{ + return dco_get_peer(dco, -1, raise_sigusr1_on_err); +} + bool dco_available(int msglevel) { diff --git a/src/openvpn/dco_win.c b/src/openvpn/dco_win.c index e5a33a0..995b121 100644 --- a/src/openvpn/dco_win.c +++ b/src/openvpn/dco_win.c @@ -715,8 +715,7 @@ } int -dco_get_peer_stats_multi(dco_context_t *dco, struct multi_context *m, - const bool raise_sigusr1_on_err) +dco_get_peer_stats_multi(dco_context_t *dco, const bool raise_sigusr1_on_err) { /* Not implemented. */ return 0; diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index 8de5854..c90ed5b 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -551,7 +551,7 @@ { if (dco_enabled(&m->top.options)) { - if (dco_get_peer_stats_multi(&m->top.c1.tuntap->dco, m, false) < 0) + if (dco_get_peer_stats_multi(&m->top.c1.tuntap->dco, false) < 0) { return; } @@ -862,7 +862,7 @@ if (dco_enabled(&m->top.options)) { - if (dco_get_peer_stats_multi(&m->top.c1.tuntap->dco, m, true) < 0) + if (dco_get_peer_stats_multi(&m->top.c1.tuntap->dco, true) < 0) { return; } -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1114?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Icbc70225d53ca678b8c22ed437b424c16e199d66 Gerrit-Change-Number: 1114 Gerrit-PatchSet: 4 Gerrit-Owner: ordex <an...@ma...> Gerrit-Reviewer: cron2 <ge...@gr...> Gerrit-Reviewer: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-MessageType: newpatchset |
|
From: Gert D. <ge...@gr...> - 2025-07-27 10:45:37
|
Nice :-) - stared at the code, tested on Linux, FreeBSD (because of the
change to dco_freebsd.c). The affected Windows function is a no-op, so
"BB compiled this fine" is good enough for me.
(I only tested p2mp server side, as that's what we've spent most of the
time with all the float changes - since p2p client side is basically
using the exact same code before and afterwards, *this* change would not
break it)
There is more work to do in this counter arena ("BYTECOUNT" for server,
at least, and also test BYTECOUNT on all clients).
Your patch has been applied to the master branch.
commit d1f2afc26bc8cc1837c2c12981e7eb6afdd4fcf6
Author: Antonio Quartulli
Date: Sun Jul 27 12:22:40 2025 +0200
dco_linux: clean up PEER_GET trigger and parser
Signed-off-by: Antonio Quartulli <an...@ma...>
Acked-by: Gert Doering <ge...@gr...>
Message-Id: <202...@gr...>
URL: https://www.mail-archive.com/ope...@li.../msg32361.html
Signed-off-by: Gert Doering <ge...@gr...>
--
kind regards,
Gert Doering
|
|
From: cron2 (C. Review) <ge...@op...> - 2025-07-27 10:39:11
|
Attention is currently required from: flichtenheld, ordex, plaisthos. cron2 has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/1116?usp=email ) Change subject: dco: drop client prefix after DCO PEER_FLOAT notification ...................................................................... Patch Set 2: Code-Review-1 (1 comment) Patchset: PS2: Actually it is just fixing one particular symptom, but we can get there in other paths as well - here's a reconnect that happened to trigger the "query stats now!" timer ``` Jul 27 12:14:55 ubuntu2004 tun-udp-p2mp[297683]: freebsd-74-amd64/udp6:194.97.140.3:62210 peer-id=2 sitnl_send: checking for received messages Jul 27 12:14:55 ubuntu2004 tun-udp-p2mp[297683]: freebsd-74-amd64/udp6:194.97.140.3:62210 peer-id=2 sitnl_send: rtnl: received 36 bytes Jul 27 12:14:55 ubuntu2004 tun-udp-p2mp[297683]: freebsd-74-amd64/udp6:194.97.140.3:62210 peer-id=2 net_route_v6_del: fd00:abcd:220:201::/64 via fd00:abcd:220:2::1006 dev tun1 table 0 metric 100 Jul 27 12:14:55 ubuntu2004 tun-udp-p2mp[297683]: freebsd-74-amd64/udp6:194.97.140.3:62210 peer-id=2 sitnl_send: checking for received messages Jul 27 12:14:55 ubuntu2004 tun-udp-p2mp[297683]: freebsd-74-amd64/udp6:194.97.140.3:62210 peer-id=2 sitnl_send: rtnl: received 36 bytes Jul 27 12:14:55 ubuntu2004 tun-udp-p2mp[297683]: freebsd-74-amd64/udp6:194.97.140.3:62210 peer-id=2 net_route_v6_del: fd00:abcd:220:200::74/128 via fd00:abcd:220:2::1006 dev tun1 table 0 metric 100 Jul 27 12:14:55 ubuntu2004 tun-udp-p2mp[297683]: freebsd-74-amd64/udp6:194.97.140.3:62210 peer-id=2 sitnl_send: checking for received messages Jul 27 12:14:55 ubuntu2004 tun-udp-p2mp[297683]: freebsd-74-amd64/udp6:194.97.140.3:62210 peer-id=2 sitnl_send: rtnl: received 36 bytes Jul 27 12:14:55 ubuntu2004 tun-udp-p2mp[297683]: freebsd-74-amd64/udp6:194.97.140.3:62210 peer-id=2 dco_get_peer: peer-id -1 Jul 27 12:14:55 ubuntu2004 tun-udp-p2mp[297683]: freebsd-74-amd64/udp6:194.97.140.3:62210 peer-id=2 ovpn-dco: received netlink message type=31 cmd=3 flags=0x0002 Jul 27 12:14:55 ubuntu2004 tun-udp-p2mp[297683]: freebsd-74-amd64/udp6:194.97.140.3:62210 peer-id=2 ovpn_handle_peer: parsing message for peer 0... Jul 27 12:14:55 ubuntu2004 tun-udp-p2mp[297683]: freebsd-74-amd64/udp6:194.97.140.3:62210 peer-id=2 ovpn_handle_peer: received data for a non-existing peer 0 Jul 27 12:14:55 ubuntu2004 tun-udp-p2mp[297683]: freebsd-74-amd64/udp6:194.97.140.3:62210 peer-id=2 ovpn-dco: received netlink message type=31 cmd=3 flags=0x0002 Jul 27 12:14:55 ubuntu2004 tun-udp-p2mp[297683]: freebsd-74-amd64/udp6:194.97.140.3:62210 peer-id=2 ovpn_handle_peer: parsing message for peer 1... Jul 27 12:14:55 ubuntu2004 tun-udp-p2mp[297683]: freebsd-74-amd64/udp6:194.97.140.3:62210 peer-id=2 dco_update_peer_stat / dco_read_bytes(1): 1064936 Jul 27 12:14:55 ubuntu2004 tun-udp-p2mp[297683]: freebsd-74-amd64/udp6:194.97.140.3:62210 peer-id=2 dco_update_peer_stat / dco_write_bytes(1): 1064360 Jul 27 12:14:55 ubuntu2004 tun-udp-p2mp[297683]: freebsd-74-amd64/udp6:194.97.140.3:62210 peer-id=2 dco_update_peer_stat / tun_read_bytes(1): 1040000 Jul 27 12:14:55 ubuntu2004 tun-udp-p2mp[297683]: freebsd-74-amd64/udp6:194.97.140.3:62210 peer-id=2 dco_update_peer_stat / tun_write_bytes(1): 1040000 ``` no float involved, but still we have a "peer-id=2" prefix for "peer 1" counters. So I would suggest to move the `clear_prefix()` call into the DCO functions that deal with incoming messages, most of which will not deal with "the client that is currently listed in the prefix". Maybe `ovpn_handle_msg()` (which would need the quivalent patch for FreeBSD and Windows)? Or something generic in `dco.c` that deals with DCO events? -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1116?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I1ad5df0f6785ffe9becd9f83329a9335d1a36f24 Gerrit-Change-Number: 1116 Gerrit-PatchSet: 2 Gerrit-Owner: ordex <an...@ma...> Gerrit-Reviewer: cron2 <ge...@gr...> Gerrit-Reviewer: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-Attention: plaisthos <arn...@rf...> Gerrit-Attention: flichtenheld <fr...@li...> Gerrit-Attention: ordex <an...@ma...> Gerrit-Comment-Date: Sun, 27 Jul 2025 10:39:01 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes Gerrit-MessageType: comment |
|
From: Gert D. <ge...@gr...> - 2025-07-27 10:24:28
|
From: Antonio Quartulli <an...@ma...> multi_process_float() will possibly float a client and also generate and set its new prefix. However, after processing the PEER_FLOAT_NTF message, we were not clearing the prefix, thus effectivly making the generated prefix permanent until the next set_prefix() call. Clear the prefix right after calling multi_process_float() to avoid printing messages with the wrong prefix. Github: closes OpenVPN/openvpn#799 Change-Id: I1ad5df0f6785ffe9becd9f83329a9335d1a36f24 Signed-off-by: Antonio Quartulli <an...@ma...> Acked-by: Gert Doering <ge...@gr...> --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1116 This mail reflects revision 2 of this Change. Acked-by according to Gerrit (reflected above): Gert Doering <ge...@gr...> diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index c90ed5b..44210cb 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -3417,6 +3417,10 @@ &m->top.c2.from.dest, (struct sockaddr *)&dco->dco_float_peer_ss); multi_process_float(m, mi, mi->context.c2.link_sockets[0]); + /* multi_process_float() generated and set a new peer prefix, but we + * don't to keep it at this point. + */ + clear_prefix(); CLEAR(dco->dco_float_peer_ss); } #endif /* if defined(TARGET_LINUX) || defined(TARGET_WIN32) */ |
|
From: cron2 (C. Review) <ge...@op...> - 2025-07-27 10:24:21
|
Attention is currently required from: flichtenheld, ordex, plaisthos. cron2 has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/1116?usp=email ) Change subject: dco: drop client prefix after DCO PEER_FLOAT notification ...................................................................... Patch Set 2: Code-Review+2 (1 comment) Patchset: PS2: This does fix the problem observed. I'm not 100% sure it is the best place to reset the prefix (maybe we want to do it for incoming DCO messages instead?), but let's fix the obvious issue first. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1116?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I1ad5df0f6785ffe9becd9f83329a9335d1a36f24 Gerrit-Change-Number: 1116 Gerrit-PatchSet: 2 Gerrit-Owner: ordex <an...@ma...> Gerrit-Reviewer: cron2 <ge...@gr...> Gerrit-Reviewer: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-Attention: plaisthos <arn...@rf...> Gerrit-Attention: flichtenheld <fr...@li...> Gerrit-Attention: ordex <an...@ma...> Gerrit-Comment-Date: Sun, 27 Jul 2025 10:24:07 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes Gerrit-MessageType: comment |
|
From: Gert D. <ge...@gr...> - 2025-07-27 10:22:54
|
From: Antonio Quartulli <an...@ma...> This patch is intended to reduce code duplication and cleanup the DCO code around the PEER_GET command. Specifically it: * unified PEER_GET reply parser for `multi` and `non-multi` case * unified PEER_GET request trigger for `multi` and `non-multi` case * dropped struct multi_context from the argument list of dco_get_peer_stats_multi() Github: closes OpenVPN/openvpn#800 Change-Id: Icbc70225d53ca678b8c22ed437b424c16e199d66 Signed-off-by: Antonio Quartulli <an...@ma...> Acked-by: Gert Doering <ge...@gr...> --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1114 This mail reflects revision 3 of this Change. Acked-by according to Gerrit (reflected above): Gert Doering <ge...@gr...> diff --git a/src/openvpn/dco.h b/src/openvpn/dco.h index 9078417..2ce0eb1 100644 --- a/src/openvpn/dco.h +++ b/src/openvpn/dco.h @@ -230,11 +230,9 @@ * Update traffic statistics for all peers * * @param dco DCO device context - * @param m the server context * @param raise_sigusr1_on_err whether to raise SIGUSR1 on error **/ -int dco_get_peer_stats_multi(dco_context_t *dco, struct multi_context *m, - const bool raise_sigusr1_on_err); +int dco_get_peer_stats_multi(dco_context_t *dco, const bool raise_sigusr1_on_err); /** * Update traffic statistics for single peer @@ -374,8 +372,7 @@ } static inline int -dco_get_peer_stats_multi(dco_context_t *dco, struct multi_context *m, - const bool raise_sigusr1_on_err) +dco_get_peer_stats_multi(dco_context_t *dco, const bool raise_sigusr1_on_err) { return 0; } diff --git a/src/openvpn/dco_freebsd.c b/src/openvpn/dco_freebsd.c index 98d8fb5..78ee9a1 100644 --- a/src/openvpn/dco_freebsd.c +++ b/src/openvpn/dco_freebsd.c @@ -167,6 +167,8 @@ bool ovpn_dco_init(struct context *c) { + c->c1.tuntap->dco.c = c; + if (open_fd(&c->c1.tuntap->dco) < 0) { msg(M_ERR, "Failed to open socket"); @@ -713,8 +715,7 @@ } int -dco_get_peer_stats_multi(dco_context_t *dco, struct multi_context *m, - const bool raise_sigusr1_on_err) +dco_get_peer_stats_multi(dco_context_t *dco, const bool raise_sigusr1_on_err) { struct ifdrv drv; @@ -774,7 +775,7 @@ const nvlist_t *peer = nvpeers[i]; uint32_t peerid = nvlist_get_number(peer, "peerid"); - dco_update_peer_stat(m, peerid, nvlist_get_nvlist(peer, "bytes")); + dco_update_peer_stat(dco->c->multi, peerid, nvlist_get_nvlist(peer, "bytes")); } nvlist_destroy(nvl); diff --git a/src/openvpn/dco_freebsd.h b/src/openvpn/dco_freebsd.h index e1a054e..e926af5 100644 --- a/src/openvpn/dco_freebsd.h +++ b/src/openvpn/dco_freebsd.h @@ -57,6 +57,8 @@ int dco_del_peer_reason; uint64_t dco_read_bytes; uint64_t dco_write_bytes; + + struct context *c; } dco_context_t; #endif /* defined(ENABLE_DCO) && defined(TARGET_FREEBSD) */ diff --git a/src/openvpn/dco_linux.c b/src/openvpn/dco_linux.c index 728fb7e..9ad3d51 100644 --- a/src/openvpn/dco_linux.c +++ b/src/openvpn/dco_linux.c @@ -877,53 +877,8 @@ } static int -ovpn_handle_peer_multi(dco_context_t *dco, struct nlattr *attrs[]) -{ - msg(D_DCO_DEBUG, "%s: parsing message...", __func__); - - /* this function assumes openvpn is running in multipeer mode as - * it accesses c->multi - */ - if (dco->ifmode != OVPN_MODE_MP) - { - msg(M_WARN, "%s: can't parse 'multi-peer' message on P2P instance", __func__); - return NL_SKIP; - } - - if (!attrs[OVPN_A_PEER]) - { - return NL_SKIP; - } - - struct nlattr *tb_peer[OVPN_A_PEER_MAX + 1]; - nla_parse_nested(tb_peer, OVPN_A_PEER_MAX, attrs[OVPN_A_PEER], NULL); - - if (!tb_peer[OVPN_A_PEER_ID]) - { - msg(M_WARN, "ovpn-dco: no peer-id provided in (MULTI) PEER_GET reply"); - return NL_SKIP; - } - - struct multi_context *m = dco->c->multi; - uint32_t peer_id = nla_get_u32(tb_peer[OVPN_A_PEER_ID]); - - if (peer_id >= m->max_clients || !m->instances[peer_id]) - { - msg(M_WARN, "%s: cannot store DCO stats for peer %u", __func__, - peer_id); - return NL_SKIP; - } - - dco_update_peer_stat(&m->instances[peer_id]->context.c2, tb_peer, peer_id); - - return NL_OK; -} - -static int ovpn_handle_peer(dco_context_t *dco, struct nlattr *attrs[]) { - msg(D_DCO_DEBUG, "%s: parsing message...", __func__); - if (!attrs[OVPN_A_PEER]) { msg(D_DCO_DEBUG, "%s: malformed reply", __func__); @@ -942,12 +897,25 @@ uint32_t peer_id = nla_get_u32(tb_peer[OVPN_A_PEER_ID]); struct context_2 *c2; + msg(D_DCO_DEBUG, "%s: parsing message for peer %u...", __func__, peer_id); + if (dco->ifmode == OVPN_MODE_P2P) { c2 = &dco->c->c2; + if (c2->tls_multi->dco_peer_id != peer_id) + { + return NL_SKIP; + } } else { + if (peer_id >= dco->c->multi->max_clients) + { + msg(M_WARN, "%s: received out of bound peer_id %u (max=%u)", __func__, peer_id, + dco->c->multi->max_clients); + return NL_SKIP; + } + struct multi_instance *mi = dco->c->multi->instances[peer_id]; if (!mi) { @@ -958,14 +926,6 @@ c2 = &mi->context.c2; } - /* at this point this check should never fail for MP mode, - * but it's still fully valid for P2P mode - */ - if (c2->tls_multi->dco_peer_id != peer_id) - { - return NL_SKIP; - } - dco_update_peer_stat(c2, tb_peer, peer_id); return NL_OK; @@ -1176,17 +1136,7 @@ { case OVPN_CMD_PEER_GET: { - /* this message is part of a peer list dump, hence triggered - * by a MP/server instance - */ - if (nlh->nlmsg_flags & NLM_F_MULTI) - { - return ovpn_handle_peer_multi(dco, attrs); - } - else - { - return ovpn_handle_peer(dco, attrs); - } + return ovpn_handle_peer(dco, attrs); } case OVPN_CMD_PEER_DEL_NTF: @@ -1221,52 +1171,32 @@ return ovpn_nl_recvmsgs(dco, __func__); } -int -dco_get_peer_stats_multi(dco_context_t *dco, struct multi_context *m, - const bool raise_sigusr1_on_err) +static int +dco_get_peer(dco_context_t *dco, int peer_id, const bool raise_sigusr1_on_err) { - msg(D_DCO_DEBUG, "%s", __func__); - - struct nl_msg *nl_msg = ovpn_dco_nlmsg_create(dco, OVPN_CMD_PEER_GET); - - nlmsg_hdr(nl_msg)->nlmsg_flags |= NLM_F_DUMP; - - int ret = ovpn_nl_msg_send(dco, nl_msg, __func__); - - nlmsg_free(nl_msg); - - if (raise_sigusr1_on_err && ret < 0) - { - msg(M_WARN, "Error retrieving DCO peer stats: the underlying DCO peer" - "may have been deleted from the kernel without notifying " - "userspace. Restarting the session"); - register_signal(m->top.sig, SIGUSR1, "dco peer stats error"); - } - return ret; -} - -int -dco_get_peer_stats(struct context *c, const bool raise_sigusr1_on_err) -{ - int peer_id = c->c2.tls_multi->dco_peer_id; - if (peer_id == -1) + /* peer_id == -1 means "dump all peers", but this is allowed in MP mode only. + * If it happens in P2P mode it means that the DCO peer was deleted and we + * can simply bail out + */ + if (peer_id == -1 && dco->ifmode == OVPN_MODE_P2P) { return 0; } msg(D_DCO_DEBUG, "%s: peer-id %d", __func__, peer_id); - if (!c->c1.tuntap) - { - return 0; - } - - dco_context_t *dco = &c->c1.tuntap->dco; struct nl_msg *nl_msg = ovpn_dco_nlmsg_create(dco, OVPN_CMD_PEER_GET); struct nlattr *attr = nla_nest_start(nl_msg, OVPN_A_PEER); int ret = -EMSGSIZE; - NLA_PUT_U32(nl_msg, OVPN_A_PEER_ID, peer_id); + if (peer_id != -1) + { + NLA_PUT_U32(nl_msg, OVPN_A_PEER_ID, peer_id); + } + else + { + nlmsg_hdr(nl_msg)->nlmsg_flags |= NLM_F_DUMP; + } nla_nest_end(nl_msg, attr); ret = ovpn_nl_msg_send(dco, nl_msg, __func__); @@ -1279,11 +1209,23 @@ msg(M_WARN, "Error retrieving DCO peer stats: the underlying DCO peer" "may have been deleted from the kernel without notifying " "userspace. Restarting the session"); - register_signal(c->sig, SIGUSR1, "dco peer stats error"); + register_signal(dco->c->sig, SIGUSR1, "dco peer stats error"); } return ret; } +int +dco_get_peer_stats(struct context *c, const bool raise_sigusr1_on_err) +{ + return dco_get_peer(&c->c1.tuntap->dco, c->c2.tls_multi->dco_peer_id, raise_sigusr1_on_err); +} + +int +dco_get_peer_stats_multi(dco_context_t *dco, const bool raise_sigusr1_on_err) +{ + return dco_get_peer(dco, -1, raise_sigusr1_on_err); +} + bool dco_available(int msglevel) { diff --git a/src/openvpn/dco_win.c b/src/openvpn/dco_win.c index e5a33a0..995b121 100644 --- a/src/openvpn/dco_win.c +++ b/src/openvpn/dco_win.c @@ -715,8 +715,7 @@ } int -dco_get_peer_stats_multi(dco_context_t *dco, struct multi_context *m, - const bool raise_sigusr1_on_err) +dco_get_peer_stats_multi(dco_context_t *dco, const bool raise_sigusr1_on_err) { /* Not implemented. */ return 0; diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index a62c57a..c5691ff 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -551,7 +551,7 @@ { if (dco_enabled(&m->top.options)) { - if (dco_get_peer_stats_multi(&m->top.c1.tuntap->dco, m, false) < 0) + if (dco_get_peer_stats_multi(&m->top.c1.tuntap->dco, false) < 0) { return; } @@ -862,7 +862,7 @@ if (dco_enabled(&m->top.options)) { - if (dco_get_peer_stats_multi(&m->top.c1.tuntap->dco, m, true) < 0) + if (dco_get_peer_stats_multi(&m->top.c1.tuntap->dco, true) < 0) { return; } |
|
From: cron2 (C. Review) <ge...@op...> - 2025-07-27 10:22:04
|
Attention is currently required from: flichtenheld, ordex, plaisthos. cron2 has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/1114?usp=email ) Change subject: dco_linux: clean up PEER_GET trigger and parser ...................................................................... Patch Set 3: Code-Review+2 -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1114?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Icbc70225d53ca678b8c22ed437b424c16e199d66 Gerrit-Change-Number: 1114 Gerrit-PatchSet: 3 Gerrit-Owner: ordex <an...@ma...> Gerrit-Reviewer: cron2 <ge...@gr...> Gerrit-Reviewer: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-Attention: plaisthos <arn...@rf...> Gerrit-Attention: flichtenheld <fr...@li...> Gerrit-Attention: ordex <an...@ma...> Gerrit-Comment-Date: Sun, 27 Jul 2025 10:21:49 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment |
|
From: cron2 (C. Review) <ge...@op...> - 2025-07-26 15:16:40
|
cron2 has submitted this change. ( http://gerrit.openvpn.net/c/openvpn/+/1115?usp=email ) Change subject: multi: make some multi_*() functions static ...................................................................... multi: make some multi_*() functions static multi_process_float() and multi_print_status() are both invoked only within multi.c, which is where they is defined. For this reason we can make them static and drop their declaration from multi.h. Change-Id: Id5e06f0822a3e7e4ad1b6f93caaefdb6a8cfe547 Signed-off-by: Antonio Quartulli <an...@ma...> Acked-by: Gert Doering <ge...@gr...> Message-Id: <202...@gr...> URL: https://www.mail-archive.com/ope...@li.../msg32356.html Signed-off-by: Gert Doering <ge...@gr...> --- M src/openvpn/multi.c M src/openvpn/multi.h 2 files changed, 10 insertions(+), 15 deletions(-) diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index a62c57a..8de5854 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -849,7 +849,7 @@ * If status file is defined, write to file. * If status file is NULL, write to syslog. */ -void +static void multi_print_status(struct multi_context *m, struct status_output *so, const int version) { if (m->hash) @@ -3210,7 +3210,15 @@ return ret; } -void +/** + * Handles peer floating. + * + * If peer is floated to a taken address, either drops packet + * (if peer that owns address has different CN) or disconnects + * existing peer. Updates multi_instance with new address, + * updates hashtables in multi_context. + */ +static void multi_process_float(struct multi_context *m, struct multi_instance *mi, struct link_socket *sock) { diff --git a/src/openvpn/multi.h b/src/openvpn/multi.h index 8b2704c..3c821d7 100644 --- a/src/openvpn/multi.h +++ b/src/openvpn/multi.h @@ -270,17 +270,6 @@ bool multi_process_timeout(struct multi_context *m, const unsigned int mpp_flags); -/** - * Handles peer floating. - * - * If peer is floated to a taken address, either drops packet - * (if peer that owns address has different CN) or disconnects - * existing peer. Updates multi_instance with new address, - * updates hashtables in multi_context. - */ -void multi_process_float(struct multi_context *m, struct multi_instance *mi, - struct link_socket *sock); - #define MPP_PRE_SELECT (1<<0) #define MPP_CONDITIONAL_PRE_SELECT (1<<1) #define MPP_CLOSE_ON_SIGNAL (1<<2) @@ -370,8 +359,6 @@ void multi_process_drop_outgoing_tun(struct multi_context *m, const unsigned int mpp_flags); -void multi_print_status(struct multi_context *m, struct status_output *so, const int version); - struct multi_instance *multi_get_queue(struct mbuf_set *ms); void multi_add_mbuf(struct multi_context *m, -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1115?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Id5e06f0822a3e7e4ad1b6f93caaefdb6a8cfe547 Gerrit-Change-Number: 1115 Gerrit-PatchSet: 3 Gerrit-Owner: ordex <an...@ma...> Gerrit-Reviewer: cron2 <ge...@gr...> Gerrit-Reviewer: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-MessageType: merged |
|
From: cron2 (C. Review) <ge...@op...> - 2025-07-26 15:16:40
|
cron2 has uploaded a new patch set (#3) to the change originally created by ordex. ( http://gerrit.openvpn.net/c/openvpn/+/1115?usp=email ) The following approvals got outdated and were removed: Code-Review+2 by cron2 Change subject: multi: make some multi_*() functions static ...................................................................... multi: make some multi_*() functions static multi_process_float() and multi_print_status() are both invoked only within multi.c, which is where they is defined. For this reason we can make them static and drop their declaration from multi.h. Change-Id: Id5e06f0822a3e7e4ad1b6f93caaefdb6a8cfe547 Signed-off-by: Antonio Quartulli <an...@ma...> Acked-by: Gert Doering <ge...@gr...> Message-Id: <202...@gr...> URL: https://www.mail-archive.com/ope...@li.../msg32356.html Signed-off-by: Gert Doering <ge...@gr...> --- M src/openvpn/multi.c M src/openvpn/multi.h 2 files changed, 10 insertions(+), 15 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/15/1115/3 diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index a62c57a..8de5854 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -849,7 +849,7 @@ * If status file is defined, write to file. * If status file is NULL, write to syslog. */ -void +static void multi_print_status(struct multi_context *m, struct status_output *so, const int version) { if (m->hash) @@ -3210,7 +3210,15 @@ return ret; } -void +/** + * Handles peer floating. + * + * If peer is floated to a taken address, either drops packet + * (if peer that owns address has different CN) or disconnects + * existing peer. Updates multi_instance with new address, + * updates hashtables in multi_context. + */ +static void multi_process_float(struct multi_context *m, struct multi_instance *mi, struct link_socket *sock) { diff --git a/src/openvpn/multi.h b/src/openvpn/multi.h index 8b2704c..3c821d7 100644 --- a/src/openvpn/multi.h +++ b/src/openvpn/multi.h @@ -270,17 +270,6 @@ bool multi_process_timeout(struct multi_context *m, const unsigned int mpp_flags); -/** - * Handles peer floating. - * - * If peer is floated to a taken address, either drops packet - * (if peer that owns address has different CN) or disconnects - * existing peer. Updates multi_instance with new address, - * updates hashtables in multi_context. - */ -void multi_process_float(struct multi_context *m, struct multi_instance *mi, - struct link_socket *sock); - #define MPP_PRE_SELECT (1<<0) #define MPP_CONDITIONAL_PRE_SELECT (1<<1) #define MPP_CLOSE_ON_SIGNAL (1<<2) @@ -370,8 +359,6 @@ void multi_process_drop_outgoing_tun(struct multi_context *m, const unsigned int mpp_flags); -void multi_print_status(struct multi_context *m, struct status_output *so, const int version); - struct multi_instance *multi_get_queue(struct mbuf_set *ms); void multi_add_mbuf(struct multi_context *m, -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1115?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Id5e06f0822a3e7e4ad1b6f93caaefdb6a8cfe547 Gerrit-Change-Number: 1115 Gerrit-PatchSet: 3 Gerrit-Owner: ordex <an...@ma...> Gerrit-Reviewer: cron2 <ge...@gr...> Gerrit-Reviewer: flichtenheld <fr...@li...> Gerrit-Reviewer: plaisthos <arn...@rf...> Gerrit-CC: openvpn-devel <ope...@li...> Gerrit-MessageType: newpatchset |
153 messages has been excluded from this view by a project administrator.
