From: Lev Stipakov Date: Mon, 30 Dec 2024 19:32:04 +0000 (+0100) Subject: dco-win: enable mode server on supported configuration X-Git-Tag: v2.7_alpha1~129 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7fac3716a9cb4d0c104d18b4dc939d73736a4ef3;p=thirdparty%2Fopenvpn.git dco-win: enable mode server on supported configuration Enable dco-win with mode server if driver supports it. Disable for proto TCP or older drivers. Change-Id: Iea4538cee075d50de836d1ef7652985186b2527c Signed-off-by: Lev Stipakov Acked-by: Gert Doering Message-Id: <20241230193204.9897-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg30317.html Signed-off-by: Gert Doering --- diff --git a/src/openvpn/dco.c b/src/openvpn/dco.c index 8f2adb59..b5a21369 100644 --- a/src/openvpn/dco.c +++ b/src/openvpn/dco.c @@ -43,6 +43,10 @@ #include "tun.h" #include "tun_afunix.h" +#if defined(_WIN32) +#include "dco_win.h" +#endif + #ifdef HAVE_LIBCAPNG #include #endif @@ -235,7 +239,7 @@ dco_update_keys(dco_context_t *dco, struct tls_multi *multi) } static bool -dco_check_option_ce(const struct connection_entry *ce, int msglevel) +dco_check_option_ce(const struct connection_entry *ce, int msglevel, int mode) { if (ce->fragment) { @@ -264,9 +268,15 @@ dco_check_option_ce(const struct connection_entry *ce, int msglevel) #endif #if defined(_WIN32) - if (!ce->remote) + if (!proto_is_udp(ce->proto) && mode == MODE_SERVER) + { + msg(msglevel, "NOTE: TCP transport disables data channel offload on Windows in server mode."); + return false; + } + + if (!ce->remote && !dco_win_supports_multipeer()) { - msg(msglevel, "NOTE: --remote is not defined, disabling data channel offload."); + msg(msglevel, "NOTE: --remote is not defined. This DCO version doesn't support multipeer. Disabling Data Channel Offload"); return false; } #endif @@ -316,7 +326,7 @@ dco_check_startup_option(int msglevel, const struct options *o) const struct connection_list *l = o->connection_list; for (int i = 0; i < l->len; ++i) { - if (!dco_check_option_ce(l->array[i], msglevel)) + if (!dco_check_option_ce(l->array[i], msglevel, o->mode)) { return false; } @@ -324,16 +334,16 @@ dco_check_startup_option(int msglevel, const struct options *o) } else { - if (!dco_check_option_ce(&o->ce, msglevel)) + if (!dco_check_option_ce(&o->ce, msglevel, o->mode)) { return false; } } #if defined(_WIN32) - if (o->mode == MODE_SERVER) + if ((o->mode == MODE_SERVER) && !dco_win_supports_multipeer()) { - msg(msglevel, "--mode server is set. Disabling Data Channel Offload"); + msg(msglevel, "--mode server is set. This DCO version doesn't support multipeer. Disabling Data Channel Offload"); return false; } diff --git a/src/openvpn/dco_win.c b/src/openvpn/dco_win.c index f59bf8c4..46b2d03c 100644 --- a/src/openvpn/dco_win.c +++ b/src/openvpn/dco_win.c @@ -523,4 +523,11 @@ dco_get_supported_ciphers() } } +bool +dco_win_supports_multipeer(void) +{ + OVPN_VERSION ver = { 0 }; + return dco_get_version(&ver) && ver.Major >= 2; +} + #endif /* defined(_WIN32) */ diff --git a/src/openvpn/dco_win.h b/src/openvpn/dco_win.h index 48836299..76885163 100644 --- a/src/openvpn/dco_win.h +++ b/src/openvpn/dco_win.h @@ -48,6 +48,9 @@ dco_create_socket(HANDLE handle, struct addrinfo *remoteaddr, bool bind_local, void dco_start_tun(struct tuntap *tt); +bool +dco_win_supports_multipeer(void); + #else /* if defined(ENABLE_DCO) && defined(_WIN32) */ static inline void