dco-win: enable mode server on supported configuration

Enable dco-win with mode server if driver supports it.

Disable for proto TCP or older drivers.

Change-Id: Iea4538cee075d50de836d1ef7652985186b2527c
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20241230193204.9897-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg30317.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/src/openvpn/dco.c b/src/openvpn/dco.c
index 8f2adb591b96b4a80d7a9b4c875faa7aff78d47e..b5a21369c6683bd8c869622b1af6ee3c2533bbde 100644 (file)
--- a/src/openvpn/dco.c
+++ b/src/openvpn/dco.c
@@ -43,6 +43,10 @@
 #include "tun.h"
 #include "tun_afunix.h"
 
+#if defined(_WIN32)
+#include "dco_win.h"
+#endif
+
 #ifdef HAVE_LIBCAPNG
 #include <cap-ng.h>
 #endif
@@ -235,7 +239,7 @@ dco_update_keys(dco_context_t *dco, struct tls_multi *multi)
 }
 
 static bool
-dco_check_option_ce(const struct connection_entry *ce, int msglevel)
+dco_check_option_ce(const struct connection_entry *ce, int msglevel, int mode)
 {
     if (ce->fragment)
     {
@@ -264,9 +268,15 @@ dco_check_option_ce(const struct connection_entry *ce, int msglevel)
 #endif
 
 #if defined(_WIN32)
-    if (!ce->remote)
+    if (!proto_is_udp(ce->proto) && mode == MODE_SERVER)
+    {
+        msg(msglevel, "NOTE: TCP transport disables data channel offload on Windows in server mode.");
+        return false;
+    }
+
+    if (!ce->remote && !dco_win_supports_multipeer())
     {
-        msg(msglevel, "NOTE: --remote is not defined, disabling data channel offload.");
+        msg(msglevel, "NOTE: --remote is not defined. This DCO version doesn't support multipeer. Disabling Data Channel Offload");
         return false;
     }
 #endif
@@ -316,7 +326,7 @@ dco_check_startup_option(int msglevel, const struct options *o)
         const struct connection_list *l = o->connection_list;
         for (int i = 0; i < l->len; ++i)
         {
-            if (!dco_check_option_ce(l->array[i], msglevel))
+            if (!dco_check_option_ce(l->array[i], msglevel, o->mode))
             {
                 return false;
             }
@@ -324,16 +334,16 @@ dco_check_startup_option(int msglevel, const struct options *o)
     }
     else
     {
-        if (!dco_check_option_ce(&o->ce, msglevel))
+        if (!dco_check_option_ce(&o->ce, msglevel, o->mode))
         {
             return false;
         }
     }
 
 #if defined(_WIN32)
-    if (o->mode == MODE_SERVER)
+    if ((o->mode == MODE_SERVER) && !dco_win_supports_multipeer())
     {
-        msg(msglevel, "--mode server is set. Disabling Data Channel Offload");
+        msg(msglevel, "--mode server is set. This DCO version doesn't support multipeer. Disabling Data Channel Offload");
         return false;
     }
 

diff --git a/src/openvpn/dco_win.c b/src/openvpn/dco_win.c
index f59bf8c42eaa65c357bb254444a925f98d605d56..46b2d03ce41d891a40a362129a1cce966134d82a 100644 (file)
--- a/src/openvpn/dco_win.c
+++ b/src/openvpn/dco_win.c
@@ -523,4 +523,11 @@ dco_get_supported_ciphers()
     }
 }
 
+bool
+dco_win_supports_multipeer(void)
+{
+    OVPN_VERSION ver = { 0 };
+    return dco_get_version(&ver) && ver.Major >= 2;
+}
+
 #endif /* defined(_WIN32) */

diff --git a/src/openvpn/dco_win.h b/src/openvpn/dco_win.h
index 48836299ad47d85270ba8a403916b54c869b84ed..7688516355394c5b33f8a9ce352068c902f710ac 100644 (file)
--- a/src/openvpn/dco_win.h
+++ b/src/openvpn/dco_win.h
@@ -48,6 +48,9 @@ dco_create_socket(HANDLE handle, struct addrinfo *remoteaddr, bool bind_local,
 void
 dco_start_tun(struct tuntap *tt);
 
+bool
+dco_win_supports_multipeer(void);
+
 #else /* if defined(ENABLE_DCO) && defined(_WIN32) */
 
 static inline void