version 2.1_beta1

git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@588 e7ae566f-a301-0410-adde-c780ea21d3b5
2025-05-09 05:31:05 +08:00 · 2005-10-02 03:41:35 +00:00 · 2005-10-02 03:41:35 +00:00 · 537073fd55
commit 537073fd55
parent c70caa7fd4
10 changed files with 112 additions and 35 deletions
--- a/8
+++ b/8
@ -3,6 +3,14 @@ Copyright (C) 2002-2005 OpenVPN Solutions LLC <info@openvpn.net>

 $Id$

+2005.10.01 -- Version 2.1-beta2
+
+* Made LZO setting pushable.
+* Renamed sample-keys/tmp-ca.crt to ca.crt.
+* Fixed bug where remove_iroutes_from_push_route_list
+  was missing routes if those routes had
+  an implied netmask (by omission) of 255.255.255.255. 
+
 2005.09.26 -- Version 2.1-beta1

 * Merged with 2.0.3-rc1
--- a/errlevel.h
+++ b/errlevel.h
@ -115,7 +115,7 @@
 #define D_PID_DEBUG_LOW      LOGLEV(7, 70, M_DEBUG)  /* show low-freq packet-id debugging info */
 #define D_MULTI_DEBUG        LOGLEV(7, 70, M_DEBUG)  /* show medium-freq multi debugging info */
 #define D_MSS                LOGLEV(7, 70, M_DEBUG)  /* show MSS adjustments */
-#define D_COMP_LOW           LOGLEV(7, 70, M_DEBUG)  /* show adaptive compression state changes */
+#define D_COMP_LOW           LOGLEV(3, 70, M_DEBUG)  /* show adaptive compression state changes JYFIXME */
 #define D_REMOTE_LIST        LOGLEV(7, 70, M_DEBUG)  /* show --remote list */
 #define D_SCRIPT             LOGLEV(7, 70, M_DEBUG)  /* show parms & env vars passed to scripts */
 #define D_SHOW_NET           LOGLEV(7, 70, M_DEBUG)  /* show routing table and adapter list */
@ -142,7 +142,7 @@

 #define D_TLS_DEBUG          LOGLEV(9, 70, M_DEBUG)  /* show detailed info from TLS routines */
 #define D_CRYPTO_DEBUG       LOGLEV(9, 70, M_DEBUG)  /* show detailed info from crypto.c routines */
-#define D_COMP               LOGLEV(9, 70, M_DEBUG)  /* show compression info */
+#define D_COMP               LOGLEV(4, 70, M_DEBUG)  /* show compression info JYFIXME */
 #define D_READ_WRITE         LOGLEV(9, 70, M_DEBUG)  /* show all tun/tcp/udp reads/writes/opens */
 #define D_PACKET_CONTENT     LOGLEV(9, 70, M_DEBUG)  /* show before/after encryption packet content */
 #define D_TLS_NO_SEND_KEY    LOGLEV(9, 70, M_DEBUG)  /* show when no data channel send-key exists */
--- a/forward.c
+++ b/forward.c
@ -397,7 +397,7 @@ encrypt_sign (struct context *c, bool comp_frag)
    {
 #ifdef USE_LZO
      /* Compress the packet. */
-      if (c->options.comp_lzo)
+      if (lzo_defined (&c->c2.lzo_compwork))
 	lzo_compress (&c->c2.buf, b->lzo_compress_buf, &c->c2.lzo_compwork, &c->c2.frame);
 #endif
 #ifdef ENABLE_FRAGMENT
@ -764,7 +764,7 @@ process_incoming_link (struct context *c)

 #ifdef USE_LZO
      /* decompress the incoming packet */
-      if (c->options.comp_lzo)
+      if (lzo_defined (&c->c2.lzo_compwork))
 	lzo_decompress (&c->c2.buf, c->c2.buffers->lzo_decompress_buf, &c->c2.lzo_compwork, &c->c2.frame);
 #endif

--- a/init.c
+++ b/init.c
@ -956,6 +956,7 @@ pull_permission_mask (const struct context *c)
    | OPT_P_SETENV
    | OPT_P_SHAPER
    | OPT_P_TIMER
+    | OPT_P_COMP
    | OPT_P_PERSIST
    | OPT_P_MESSAGES
    | OPT_P_EXPLICIT_NOTIFY
@ -998,6 +999,17 @@ do_deferred_options (struct context *c, const unsigned int found)
    }
 #endif

+#ifdef USE_LZO
+  if (found & OPT_P_COMP)
+    {
+      if (lzo_defined (&c->c2.lzo_compwork))
+	{
+	  msg (D_PUSH, "OPTIONS IMPORT: LZO parms modified");
+	  lzo_modify_flags (&c->c2.lzo_compwork, c->options.lzo);
+	}
+    }
+#endif
+
  if (found & OPT_P_SHAPER)
    {
      msg (D_PUSH, "OPTIONS IMPORT: traffic shaper enabled");
@ -1474,7 +1486,7 @@ do_init_frame (struct context *c)
  /*
   * Initialize LZO compression library.
   */
-  if (c->options.comp_lzo)
+  if (c->options.lzo & LZO_SELECTED)
    {
      lzo_adjust_frame_parameters (&c->c2.frame);

@ -1493,7 +1505,7 @@ do_init_frame (struct context *c)
      lzo_adjust_frame_parameters (&c->c2.frame_fragment_omit);	/* omit LZO frame delta from final frame_fragment */
 #endif
    }
-#endif
+#endif /* USE_LZO */

 #ifdef ENABLE_SOCKS
  /*
@ -2404,8 +2416,8 @@ init_instance (struct context *c, const struct env_set *env, const unsigned int

 #ifdef USE_LZO
  /* initialize LZO compression library. */
-  if (options->comp_lzo && (c->mode == CM_P2P || child))
-    lzo_compress_init (&c->c2.lzo_compwork, options->comp_lzo_adaptive);
+  if ((options->lzo & LZO_SELECTED) && (c->mode == CM_P2P || child))
+    lzo_compress_init (&c->c2.lzo_compwork, options->lzo);
 #endif

  /* initialize MTU variables */
@ -2496,7 +2508,7 @@ close_instance (struct context *c)
 	do_close_check_if_restart_permitted (c);

 #ifdef USE_LZO
-	if (c->options.comp_lzo)
+	if (lzo_defined (&c->c2.lzo_compwork))
 	  lzo_compress_uninit (&c->c2.lzo_compwork);
 #endif

--- a/lzo.c
+++ b/lzo.c
@ -44,9 +44,6 @@ lzo_adaptive_compress_test (struct lzo_adaptive_compress *ac)
  const bool save = ac->compress_state;
  const time_t local_now = now;

-  if (!ac->enabled)
-    return true;
-
  if (!ac->compress_state)
    {
      if (local_now >= ac->next)
@ -84,11 +81,8 @@ lzo_adaptive_compress_test (struct lzo_adaptive_compress *ac)
 inline static void
 lzo_adaptive_compress_data (struct lzo_adaptive_compress *ac, int n_total, int n_comp)
 {
-  if (ac->enabled)
-    {
-      ac->n_total += n_total;
-      ac->n_comp += n_comp;
-    }
+  ac->n_total += n_total;
+  ac->n_comp += n_comp;
 }

 void lzo_adjust_frame_parameters (struct frame *frame)
@ -102,18 +96,19 @@ void lzo_adjust_frame_parameters (struct frame *frame)
 }

 void
-lzo_compress_init (struct lzo_compress_workspace *lzowork, bool adaptive)
+lzo_compress_init (struct lzo_compress_workspace *lzowork, unsigned int flags)
 {
  CLEAR (*lzowork);

  lzowork->wmem_size = LZO_WORKSPACE;
-  lzowork->ac.enabled = adaptive;
+  lzowork->flags = flags;

  if (lzo_init () != LZO_E_OK)
    msg (M_FATAL, "Cannot initialize LZO compression library");
  lzowork->wmem = (lzo_voidp) lzo_malloc (lzowork->wmem_size);
  check_malloc_return (lzowork->wmem);
  msg (M_INFO, "LZO compression initialized");
+  lzowork->defined = true;
 }

 void
@ -121,11 +116,26 @@ lzo_compress_uninit (struct lzo_compress_workspace *lzowork)
 {
  if (lzowork)
    {
+      ASSERT (lzowork->defined);
      lzo_free (lzowork->wmem);
      lzowork->wmem = NULL;
+      lzowork->defined = false;
    }
 }

+static inline bool
+lzo_compression_enabled (struct lzo_compress_workspace *lzowork)
+{
+  if ((lzowork->flags & (LZO_SELECTED|LZO_ON)) == (LZO_SELECTED|LZO_ON))
+    {
+      if (lzowork->flags & LZO_ADAPTIVE)
+	return lzo_adaptive_compress_test (&lzowork->ac);
+      else
+	return true;
+    }
+  return false;
+}
+
 /* Magic numbers to tell our peer if we compressed or not */
 #define YES_COMPRESS 0x66
 #define NO_COMPRESS  0xFA
@ -139,6 +149,8 @@ lzo_compress (struct buffer *buf, struct buffer work,
  int err;
  bool compressed = false;

+  ASSERT (lzowork->defined);
+
  if (buf->len <= 0)
    return;

@ -146,7 +158,7 @@ lzo_compress (struct buffer *buf, struct buffer work,
   * In order to attempt compression, length must be at least COMPRESS_THRESHOLD,
   * and our adaptive level must give the OK.
   */
-  if (buf->len >= COMPRESS_THRESHOLD && lzo_adaptive_compress_test (&lzowork->ac))
+  if (buf->len >= COMPRESS_THRESHOLD && lzo_compression_enabled (lzowork))
    {
      ASSERT (buf_init (&work, FRAME_HEADROOM (frame)));
      ASSERT (buf_safe (&work, LZO_EXTRA_BUFFER (PAYLOAD_SIZE (frame))));
@ -169,7 +181,8 @@ lzo_compress (struct buffer *buf, struct buffer work,
      lzowork->post_compress += work.len;

      /* tell adaptive level about our success or lack thereof in getting any size reduction */
-      lzo_adaptive_compress_data(&lzowork->ac, buf->len, work.len);
+      if (lzowork->flags & LZO_ADAPTIVE)
+	lzo_adaptive_compress_data (&lzowork->ac, buf->len, work.len);
    }

  /* did compression save us anything ? */
@ -195,6 +208,8 @@ lzo_decompress (struct buffer *buf, struct buffer work,
  uint8_t c;		/* flag indicating whether or not our peer compressed */
  int err;

+  ASSERT (lzowork->defined);
+
  if (buf->len <= 0)
    return;

@ -235,11 +250,20 @@ lzo_decompress (struct buffer *buf, struct buffer work,
    }
 }

+void
+lzo_modify_flags (struct lzo_compress_workspace *lzowork, unsigned int flags)
+{
+  ASSERT (lzowork->defined);
+  lzowork->flags = flags;
+}
+
 /*
 * Print statistics
 */
 void lzo_print_stats (const struct lzo_compress_workspace *lzo_compwork, struct status_output *so)
 {
+  ASSERT (lzo_compwork->defined);
+
  status_printf (so, "pre-compress bytes," counter_format, lzo_compwork->pre_compress);
  status_printf (so, "post-compress bytes," counter_format, lzo_compwork->post_compress);
  status_printf (so, "pre-decompress bytes," counter_format, lzo_compwork->pre_decompress);
--- a/lzo.h
+++ b/lzo.h
@ -22,6 +22,9 @@
 *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */

+#ifndef OPENVPN_LZO_H
+#define OPENVPN_LZO_H
+
 #ifdef USE_LZO

 #ifdef LZO_HEADER_DIR
@ -37,6 +40,11 @@
 #include "common.h"
 #include "status.h"

+/* LZO flags */
+#define LZO_SELECTED   (1<<0)
+#define LZO_ON         (1<<1)
+#define LZO_ADAPTIVE   (1<<2)  
+
 /*
 * Use LZO compress routine lzo1x_1_15_compress which is described
 * as faster but needs a bit more memory than the standard routine.
@ -74,7 +82,6 @@
 				 retest for n seconds */

 struct lzo_adaptive_compress {
-  bool enabled;
  bool compress_state;
  time_t next;
  int n_total;
@ -90,6 +97,8 @@ struct lzo_compress_workspace
  lzo_voidp wmem;
  int wmem_size;
  struct lzo_adaptive_compress ac;
+  unsigned int flags;
+  bool defined;

  /* statistics */
  counter_type pre_decompress;
@ -100,10 +109,12 @@ struct lzo_compress_workspace

 void lzo_adjust_frame_parameters(struct frame *frame);

-void lzo_compress_init (struct lzo_compress_workspace *lzowork, bool adaptive);
+void lzo_compress_init (struct lzo_compress_workspace *lzowork, unsigned int flags);

 void lzo_compress_uninit (struct lzo_compress_workspace *lzowork);

+void lzo_modify_flags (struct lzo_compress_workspace *lzowork, unsigned int flags);
+
 void lzo_compress (struct buffer *buf, struct buffer work,
 		   struct lzo_compress_workspace *lzowork,
 		   const struct frame* frame);
@ -114,4 +125,12 @@ void lzo_decompress (struct buffer *buf, struct buffer work,

 void lzo_print_stats (const struct lzo_compress_workspace *lzo_compwork, struct status_output *so);

+static inline bool
+lzo_defined (const struct lzo_compress_workspace *lzowork)
+{
+  return lzowork->defined;
+}
+
+
 #endif /* USE_LZO */
+#endif
--- a/multi.c
+++ b/multi.c
@ -1284,7 +1284,8 @@ multi_connection_established (struct multi_context *m, struct multi_instance *mi
    {
      struct gc_arena gc = gc_new ();
      unsigned int option_types_found = 0;
-      const unsigned int option_permissions_mask = OPT_P_INSTANCE|OPT_P_INHERIT|OPT_P_PUSH|OPT_P_TIMER|OPT_P_CONFIG|OPT_P_ECHO;
+      const unsigned int option_permissions_mask =
+	OPT_P_INSTANCE|OPT_P_INHERIT|OPT_P_PUSH|OPT_P_TIMER|OPT_P_CONFIG|OPT_P_ECHO|OPT_P_COMP;
      int cc_succeeded = true; /* client connect script status */
      int cc_succeeded_count = 0;

--- a/options.c
+++ b/options.c
@ -560,9 +560,6 @@ init_options (struct options *o)
  o->rcvbuf = 65536;
  o->sndbuf = 65536;
 #endif
-#ifdef USE_LZO
-  o->comp_lzo_adaptive = true;
-#endif
 #ifdef TARGET_LINUX
  o->tuntap_options.txqueuelen = 100;
 #endif
@ -1062,8 +1059,7 @@ show_settings (const struct options *o)
  SHOW_BOOL (fast_io);

 #ifdef USE_LZO
-  SHOW_BOOL (comp_lzo);
-  SHOW_BOOL (comp_lzo_adaptive);
+  SHOW_INT (lzo);
 #endif

  SHOW_STR (route_script);
@ -1833,7 +1829,7 @@ options_string (const struct options *o,
    }

 #ifdef USE_LZO
-  if (o->comp_lzo)
+  if (o->lzo & LZO_SELECTED)
    buf_printf (&out, ",comp-lzo");
 #endif

@ -4318,12 +4314,28 @@ add_option (struct options *options,
  else if (streq (p[0], "comp-lzo"))
    {
      VERIFY_PERMISSION (OPT_P_COMP);
-      options->comp_lzo = true;
+      if (p[1])
+	{
+	  ++i;
+	  if (streq (p[1], "yes"))
+	    options->lzo = LZO_SELECTED|LZO_ON;
+	  else if (streq (p[1], "no"))
+	    options->lzo = LZO_SELECTED;
+	  else if (streq (p[1], "adaptive"))
+	    options->lzo = LZO_SELECTED|LZO_ON|LZO_ADAPTIVE;
+	  else
+	    {
+	      msg (msglevel, "bad comp-lzo option: %s -- must be 'yes', 'no', or 'adaptive'", p[1]);
+	      goto err;
+	    }
+	}
+      else
+	options->lzo = LZO_SELECTED|LZO_ON|LZO_ADAPTIVE;
    }
  else if (streq (p[0], "comp-noadapt"))
    {
      VERIFY_PERMISSION (OPT_P_COMP);
-      options->comp_lzo_adaptive = false;
+      options->lzo &= ~LZO_ADAPTIVE;
    }
 #endif /* USE_LZO */
 #ifdef USE_CRYPTO
--- a/options.h
+++ b/options.h
@ -39,6 +39,7 @@
 #include "plugin.h"
 #include "manage.h"
 #include "proxy.h"
+#include "lzo.h"

 /*
 * Maximum number of parameters associated with an option,
@ -224,8 +225,8 @@ struct options
  bool fast_io;

 #ifdef USE_LZO
-  bool comp_lzo;
-  bool comp_lzo_adaptive;
+  /* LZO_x flags from lzo.h */
+  unsigned int lzo;
 #endif

  /* buffer sizes */
--- a/sig.c
+++ b/sig.c
@ -239,7 +239,7 @@ print_status (const struct context *c, struct status_output *so)
  status_printf (so, "TCP/UDP write bytes," counter_format, c->c2.link_write_bytes);
  status_printf (so, "Auth read bytes," counter_format, c->c2.link_read_bytes_auth);
 #ifdef USE_LZO
-  if (c->options.comp_lzo)
+  if (lzo_defined (&c->c2.lzo_compwork))
    lzo_print_stats (&c->c2.lzo_compwork, so);
 #endif
 #ifdef PACKET_TRUNCATION_CHECK