diff options
author | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2005-10-02 03:41:35 +0000 |
---|---|---|
committer | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2005-10-02 03:41:35 +0000 |
commit | 537073fd55b3e35720e759c5c13e9da128a2b0bb (patch) | |
tree | f4d544e3e85bc2a32b33f6400ff74ec8d3826302 | |
parent | Renamed sample-keys/tmp-ca.crt to ca.crt. (diff) | |
download | openvpn-537073fd55b3e35720e759c5c13e9da128a2b0bb.tar.xz |
version 2.1_beta1
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@588 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to '')
-rw-r--r-- | ChangeLog | 8 | ||||
-rw-r--r-- | errlevel.h | 4 | ||||
-rw-r--r-- | forward.c | 4 | ||||
-rw-r--r-- | init.c | 22 | ||||
-rw-r--r-- | lzo.c | 48 | ||||
-rw-r--r-- | lzo.h | 23 | ||||
-rw-r--r-- | multi.c | 3 | ||||
-rw-r--r-- | options.c | 28 | ||||
-rw-r--r-- | options.h | 5 | ||||
-rw-r--r-- | sig.c | 2 |
10 files changed, 112 insertions, 35 deletions
@@ -3,6 +3,14 @@ Copyright (C) 2002-2005 OpenVPN Solutions LLC <info@openvpn.net> $Id$ +2005.10.01 -- Version 2.1-beta2 + +* Made LZO setting pushable. +* Renamed sample-keys/tmp-ca.crt to ca.crt. +* Fixed bug where remove_iroutes_from_push_route_list + was missing routes if those routes had + an implied netmask (by omission) of 255.255.255.255. + 2005.09.26 -- Version 2.1-beta1 * Merged with 2.0.3-rc1 @@ -115,7 +115,7 @@ #define D_PID_DEBUG_LOW LOGLEV(7, 70, M_DEBUG) /* show low-freq packet-id debugging info */ #define D_MULTI_DEBUG LOGLEV(7, 70, M_DEBUG) /* show medium-freq multi debugging info */ #define D_MSS LOGLEV(7, 70, M_DEBUG) /* show MSS adjustments */ -#define D_COMP_LOW LOGLEV(7, 70, M_DEBUG) /* show adaptive compression state changes */ +#define D_COMP_LOW LOGLEV(3, 70, M_DEBUG) /* show adaptive compression state changes JYFIXME */ #define D_REMOTE_LIST LOGLEV(7, 70, M_DEBUG) /* show --remote list */ #define D_SCRIPT LOGLEV(7, 70, M_DEBUG) /* show parms & env vars passed to scripts */ #define D_SHOW_NET LOGLEV(7, 70, M_DEBUG) /* show routing table and adapter list */ @@ -142,7 +142,7 @@ #define D_TLS_DEBUG LOGLEV(9, 70, M_DEBUG) /* show detailed info from TLS routines */ #define D_CRYPTO_DEBUG LOGLEV(9, 70, M_DEBUG) /* show detailed info from crypto.c routines */ -#define D_COMP LOGLEV(9, 70, M_DEBUG) /* show compression info */ +#define D_COMP LOGLEV(4, 70, M_DEBUG) /* show compression info JYFIXME */ #define D_READ_WRITE LOGLEV(9, 70, M_DEBUG) /* show all tun/tcp/udp reads/writes/opens */ #define D_PACKET_CONTENT LOGLEV(9, 70, M_DEBUG) /* show before/after encryption packet content */ #define D_TLS_NO_SEND_KEY LOGLEV(9, 70, M_DEBUG) /* show when no data channel send-key exists */ @@ -397,7 +397,7 @@ encrypt_sign (struct context *c, bool comp_frag) { #ifdef USE_LZO /* Compress the packet. */ - if (c->options.comp_lzo) + if (lzo_defined (&c->c2.lzo_compwork)) lzo_compress (&c->c2.buf, b->lzo_compress_buf, &c->c2.lzo_compwork, &c->c2.frame); #endif #ifdef ENABLE_FRAGMENT @@ -764,7 +764,7 @@ process_incoming_link (struct context *c) #ifdef USE_LZO /* decompress the incoming packet */ - if (c->options.comp_lzo) + if (lzo_defined (&c->c2.lzo_compwork)) lzo_decompress (&c->c2.buf, c->c2.buffers->lzo_decompress_buf, &c->c2.lzo_compwork, &c->c2.frame); #endif @@ -956,6 +956,7 @@ pull_permission_mask (const struct context *c) | OPT_P_SETENV | OPT_P_SHAPER | OPT_P_TIMER + | OPT_P_COMP | OPT_P_PERSIST | OPT_P_MESSAGES | OPT_P_EXPLICIT_NOTIFY @@ -998,6 +999,17 @@ do_deferred_options (struct context *c, const unsigned int found) } #endif +#ifdef USE_LZO + if (found & OPT_P_COMP) + { + if (lzo_defined (&c->c2.lzo_compwork)) + { + msg (D_PUSH, "OPTIONS IMPORT: LZO parms modified"); + lzo_modify_flags (&c->c2.lzo_compwork, c->options.lzo); + } + } +#endif + if (found & OPT_P_SHAPER) { msg (D_PUSH, "OPTIONS IMPORT: traffic shaper enabled"); @@ -1474,7 +1486,7 @@ do_init_frame (struct context *c) /* * Initialize LZO compression library. */ - if (c->options.comp_lzo) + if (c->options.lzo & LZO_SELECTED) { lzo_adjust_frame_parameters (&c->c2.frame); @@ -1493,7 +1505,7 @@ do_init_frame (struct context *c) lzo_adjust_frame_parameters (&c->c2.frame_fragment_omit); /* omit LZO frame delta from final frame_fragment */ #endif } -#endif +#endif /* USE_LZO */ #ifdef ENABLE_SOCKS /* @@ -2404,8 +2416,8 @@ init_instance (struct context *c, const struct env_set *env, const unsigned int #ifdef USE_LZO /* initialize LZO compression library. */ - if (options->comp_lzo && (c->mode == CM_P2P || child)) - lzo_compress_init (&c->c2.lzo_compwork, options->comp_lzo_adaptive); + if ((options->lzo & LZO_SELECTED) && (c->mode == CM_P2P || child)) + lzo_compress_init (&c->c2.lzo_compwork, options->lzo); #endif /* initialize MTU variables */ @@ -2496,7 +2508,7 @@ close_instance (struct context *c) do_close_check_if_restart_permitted (c); #ifdef USE_LZO - if (c->options.comp_lzo) + if (lzo_defined (&c->c2.lzo_compwork)) lzo_compress_uninit (&c->c2.lzo_compwork); #endif @@ -44,9 +44,6 @@ lzo_adaptive_compress_test (struct lzo_adaptive_compress *ac) const bool save = ac->compress_state; const time_t local_now = now; - if (!ac->enabled) - return true; - if (!ac->compress_state) { if (local_now >= ac->next) @@ -84,11 +81,8 @@ lzo_adaptive_compress_test (struct lzo_adaptive_compress *ac) inline static void lzo_adaptive_compress_data (struct lzo_adaptive_compress *ac, int n_total, int n_comp) { - if (ac->enabled) - { - ac->n_total += n_total; - ac->n_comp += n_comp; - } + ac->n_total += n_total; + ac->n_comp += n_comp; } void lzo_adjust_frame_parameters (struct frame *frame) @@ -102,18 +96,19 @@ void lzo_adjust_frame_parameters (struct frame *frame) } void -lzo_compress_init (struct lzo_compress_workspace *lzowork, bool adaptive) +lzo_compress_init (struct lzo_compress_workspace *lzowork, unsigned int flags) { CLEAR (*lzowork); lzowork->wmem_size = LZO_WORKSPACE; - lzowork->ac.enabled = adaptive; + lzowork->flags = flags; if (lzo_init () != LZO_E_OK) msg (M_FATAL, "Cannot initialize LZO compression library"); lzowork->wmem = (lzo_voidp) lzo_malloc (lzowork->wmem_size); check_malloc_return (lzowork->wmem); msg (M_INFO, "LZO compression initialized"); + lzowork->defined = true; } void @@ -121,9 +116,24 @@ lzo_compress_uninit (struct lzo_compress_workspace *lzowork) { if (lzowork) { + ASSERT (lzowork->defined); lzo_free (lzowork->wmem); lzowork->wmem = NULL; + lzowork->defined = false; + } +} + +static inline bool +lzo_compression_enabled (struct lzo_compress_workspace *lzowork) +{ + if ((lzowork->flags & (LZO_SELECTED|LZO_ON)) == (LZO_SELECTED|LZO_ON)) + { + if (lzowork->flags & LZO_ADAPTIVE) + return lzo_adaptive_compress_test (&lzowork->ac); + else + return true; } + return false; } /* Magic numbers to tell our peer if we compressed or not */ @@ -139,6 +149,8 @@ lzo_compress (struct buffer *buf, struct buffer work, int err; bool compressed = false; + ASSERT (lzowork->defined); + if (buf->len <= 0) return; @@ -146,7 +158,7 @@ lzo_compress (struct buffer *buf, struct buffer work, * In order to attempt compression, length must be at least COMPRESS_THRESHOLD, * and our adaptive level must give the OK. */ - if (buf->len >= COMPRESS_THRESHOLD && lzo_adaptive_compress_test (&lzowork->ac)) + if (buf->len >= COMPRESS_THRESHOLD && lzo_compression_enabled (lzowork)) { ASSERT (buf_init (&work, FRAME_HEADROOM (frame))); ASSERT (buf_safe (&work, LZO_EXTRA_BUFFER (PAYLOAD_SIZE (frame)))); @@ -169,7 +181,8 @@ lzo_compress (struct buffer *buf, struct buffer work, lzowork->post_compress += work.len; /* tell adaptive level about our success or lack thereof in getting any size reduction */ - lzo_adaptive_compress_data(&lzowork->ac, buf->len, work.len); + if (lzowork->flags & LZO_ADAPTIVE) + lzo_adaptive_compress_data (&lzowork->ac, buf->len, work.len); } /* did compression save us anything ? */ @@ -195,6 +208,8 @@ lzo_decompress (struct buffer *buf, struct buffer work, uint8_t c; /* flag indicating whether or not our peer compressed */ int err; + ASSERT (lzowork->defined); + if (buf->len <= 0) return; @@ -235,11 +250,20 @@ lzo_decompress (struct buffer *buf, struct buffer work, } } +void +lzo_modify_flags (struct lzo_compress_workspace *lzowork, unsigned int flags) +{ + ASSERT (lzowork->defined); + lzowork->flags = flags; +} + /* * Print statistics */ void lzo_print_stats (const struct lzo_compress_workspace *lzo_compwork, struct status_output *so) { + ASSERT (lzo_compwork->defined); + status_printf (so, "pre-compress bytes," counter_format, lzo_compwork->pre_compress); status_printf (so, "post-compress bytes," counter_format, lzo_compwork->post_compress); status_printf (so, "pre-decompress bytes," counter_format, lzo_compwork->pre_decompress); @@ -22,6 +22,9 @@ * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ +#ifndef OPENVPN_LZO_H +#define OPENVPN_LZO_H + #ifdef USE_LZO #ifdef LZO_HEADER_DIR @@ -37,6 +40,11 @@ #include "common.h" #include "status.h" +/* LZO flags */ +#define LZO_SELECTED (1<<0) +#define LZO_ON (1<<1) +#define LZO_ADAPTIVE (1<<2) + /* * Use LZO compress routine lzo1x_1_15_compress which is described * as faster but needs a bit more memory than the standard routine. @@ -74,7 +82,6 @@ retest for n seconds */ struct lzo_adaptive_compress { - bool enabled; bool compress_state; time_t next; int n_total; @@ -90,6 +97,8 @@ struct lzo_compress_workspace lzo_voidp wmem; int wmem_size; struct lzo_adaptive_compress ac; + unsigned int flags; + bool defined; /* statistics */ counter_type pre_decompress; @@ -100,10 +109,12 @@ struct lzo_compress_workspace void lzo_adjust_frame_parameters(struct frame *frame); -void lzo_compress_init (struct lzo_compress_workspace *lzowork, bool adaptive); +void lzo_compress_init (struct lzo_compress_workspace *lzowork, unsigned int flags); void lzo_compress_uninit (struct lzo_compress_workspace *lzowork); +void lzo_modify_flags (struct lzo_compress_workspace *lzowork, unsigned int flags); + void lzo_compress (struct buffer *buf, struct buffer work, struct lzo_compress_workspace *lzowork, const struct frame* frame); @@ -114,4 +125,12 @@ void lzo_decompress (struct buffer *buf, struct buffer work, void lzo_print_stats (const struct lzo_compress_workspace *lzo_compwork, struct status_output *so); +static inline bool +lzo_defined (const struct lzo_compress_workspace *lzowork) +{ + return lzowork->defined; +} + + #endif /* USE_LZO */ +#endif @@ -1284,7 +1284,8 @@ multi_connection_established (struct multi_context *m, struct multi_instance *mi { struct gc_arena gc = gc_new (); unsigned int option_types_found = 0; - const unsigned int option_permissions_mask = OPT_P_INSTANCE|OPT_P_INHERIT|OPT_P_PUSH|OPT_P_TIMER|OPT_P_CONFIG|OPT_P_ECHO; + const unsigned int option_permissions_mask = + OPT_P_INSTANCE|OPT_P_INHERIT|OPT_P_PUSH|OPT_P_TIMER|OPT_P_CONFIG|OPT_P_ECHO|OPT_P_COMP; int cc_succeeded = true; /* client connect script status */ int cc_succeeded_count = 0; @@ -560,9 +560,6 @@ init_options (struct options *o) o->rcvbuf = 65536; o->sndbuf = 65536; #endif -#ifdef USE_LZO - o->comp_lzo_adaptive = true; -#endif #ifdef TARGET_LINUX o->tuntap_options.txqueuelen = 100; #endif @@ -1062,8 +1059,7 @@ show_settings (const struct options *o) SHOW_BOOL (fast_io); #ifdef USE_LZO - SHOW_BOOL (comp_lzo); - SHOW_BOOL (comp_lzo_adaptive); + SHOW_INT (lzo); #endif SHOW_STR (route_script); @@ -1833,7 +1829,7 @@ options_string (const struct options *o, } #ifdef USE_LZO - if (o->comp_lzo) + if (o->lzo & LZO_SELECTED) buf_printf (&out, ",comp-lzo"); #endif @@ -4318,12 +4314,28 @@ add_option (struct options *options, else if (streq (p[0], "comp-lzo")) { VERIFY_PERMISSION (OPT_P_COMP); - options->comp_lzo = true; + if (p[1]) + { + ++i; + if (streq (p[1], "yes")) + options->lzo = LZO_SELECTED|LZO_ON; + else if (streq (p[1], "no")) + options->lzo = LZO_SELECTED; + else if (streq (p[1], "adaptive")) + options->lzo = LZO_SELECTED|LZO_ON|LZO_ADAPTIVE; + else + { + msg (msglevel, "bad comp-lzo option: %s -- must be 'yes', 'no', or 'adaptive'", p[1]); + goto err; + } + } + else + options->lzo = LZO_SELECTED|LZO_ON|LZO_ADAPTIVE; } else if (streq (p[0], "comp-noadapt")) { VERIFY_PERMISSION (OPT_P_COMP); - options->comp_lzo_adaptive = false; + options->lzo &= ~LZO_ADAPTIVE; } #endif /* USE_LZO */ #ifdef USE_CRYPTO @@ -39,6 +39,7 @@ #include "plugin.h" #include "manage.h" #include "proxy.h" +#include "lzo.h" /* * Maximum number of parameters associated with an option, @@ -224,8 +225,8 @@ struct options bool fast_io; #ifdef USE_LZO - bool comp_lzo; - bool comp_lzo_adaptive; + /* LZO_x flags from lzo.h */ + unsigned int lzo; #endif /* buffer sizes */ @@ -239,7 +239,7 @@ print_status (const struct context *c, struct status_output *so) status_printf (so, "TCP/UDP write bytes," counter_format, c->c2.link_write_bytes); status_printf (so, "Auth read bytes," counter_format, c->c2.link_read_bytes_auth); #ifdef USE_LZO - if (c->options.comp_lzo) + if (lzo_defined (&c->c2.lzo_compwork)) lzo_print_stats (&c->c2.lzo_compwork, so); #endif #ifdef PACKET_TRUNCATION_CHECK |