openvpn/comp_8c_source.html

/*

 *  OpenVPN -- An application to securely tunnel IP networks

 *             over a single UDP port, with support for SSL/TLS-based

 *             session authentication and key exchange,

 *             packet encryption, packet authentication, and

 *             packet compression.

 *

 *  Copyright (C) 2002-2025 OpenVPN Inc <sales@openvpn.net>

 *

 *  This program is free software; you can redistribute it and/or modify

 *  it under the terms of the GNU General Public License version 2

 *  as published by the Free Software Foundation.

 *

 *  This program is distributed in the hope that it will be useful,

 *  but WITHOUT ANY WARRANTY; without even the implied warranty of

 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 *  GNU General Public License for more details.

 *

 *  You should have received a copy of the GNU General Public License along

 *  with this program; if not, see <https://www.gnu.org/licenses/>.

 */


#ifdef HAVE_CONFIG_H

#include "config.h"

#endif


#include "syshead.h"


#include "comp.h"

#include "error.h"


#ifdef USE_COMP


#include "otime.h"


#include "memdbg.h"


struct compress_context *

comp_init(const struct compress_options *opt)

{

    struct compress_context *compctx = NULL;

    switch (opt->alg)

    {

        case COMP_ALG_STUB:

            ALLOC_OBJ_CLEAR(compctx, struct compress_context);

            compctx->flags = opt->flags;

            compctx->alg = comp_stub_alg;

            break;


        case COMP_ALGV2_UNCOMPRESSED:

            ALLOC_OBJ_CLEAR(compctx, struct compress_context);

            compctx->flags = opt->flags;

            compctx->alg = compv2_stub_alg;

            break;


#ifdef ENABLE_LZO

        case COMP_ALG_LZO:

            ALLOC_OBJ_CLEAR(compctx, struct compress_context);

            compctx->flags = opt->flags;

            compctx->alg = lzo_alg;

            break;


#endif

#ifdef ENABLE_LZ4

        case COMP_ALG_LZ4:

            ALLOC_OBJ_CLEAR(compctx, struct compress_context);

            compctx->flags = opt->flags;

            compctx->alg = lz4_alg;

            break;


        case COMP_ALGV2_LZ4:

            ALLOC_OBJ_CLEAR(compctx, struct compress_context);

            compctx->flags = opt->flags;

            compctx->alg = lz4v2_alg;

            break;

#endif

    }

    if (compctx)

    {

        (*compctx->alg.compress_init)(compctx);

    }


    return compctx;

}


/* In the v2 compression schemes, an uncompressed packet has

 * has no opcode in front, unless the first byte is 0x50. In this

 * case the packet needs to be escaped */

void

compv2_escape_data_ifneeded(struct buffer *buf)

{

    uint8_t *head = BPTR(buf);

    if (head[0] != COMP_ALGV2_INDICATOR_BYTE)

    {

        return;

    }


    /* Header is 0x50 */

    ASSERT(buf_prepend(buf, 2));


    head = BPTR(buf);

    head[0] = COMP_ALGV2_INDICATOR_BYTE;

    head[1] = COMP_ALGV2_UNCOMPRESSED;

}


void

comp_uninit(struct compress_context *compctx)

{

    if (compctx)

    {

        (*compctx->alg.compress_uninit)(compctx);

        free(compctx);

    }

}


void

comp_print_stats(const struct compress_context *compctx, struct status_output *so)

{

    if (compctx)

    {

        status_printf(so, "pre-compress bytes," counter_format, compctx->pre_compress);

        status_printf(so, "post-compress bytes," counter_format, compctx->post_compress);

        status_printf(so, "pre-decompress bytes," counter_format, compctx->pre_decompress);

        status_printf(so, "post-decompress bytes," counter_format, compctx->post_decompress);

    }

}


/*

 * Tell our peer which compression algorithms we support.

 */

void

comp_generate_peer_info_string(const struct compress_options *opt, struct buffer *out)

{

    if (!opt || opt->flags & COMP_F_ALLOW_NOCOMP_ONLY)

    {

        return;

    }


    bool lzo_avail = false;

    if (!(opt->flags & COMP_F_ADVERTISE_STUBS_ONLY))

    {

#if defined(ENABLE_LZ4)

        buf_printf(out, "IV_LZ4=1\n");

        buf_printf(out, "IV_LZ4v2=1\n");

#endif

#if defined(ENABLE_LZO)

        buf_printf(out, "IV_LZO=1\n");

        lzo_avail = true;

#endif

    }

    if (!lzo_avail)

    {

        buf_printf(out, "IV_LZO_STUB=1\n");

    }

    buf_printf(out, "IV_COMP_STUB=1\n");

    buf_printf(out, "IV_COMP_STUBv2=1\n");

}

#endif /* USE_COMP */


bool


check_compression_settings_valid(struct compress_options *info, msglvl_t msglevel)

{

    /*

     * We also allow comp-stub-v2 here as it technically allows escaping of

     * weird mac address and IPv5 protocol but practically always is used

     * as an way to disable all framing.

     */

    if (info->alg != COMP_ALGV2_UNCOMPRESSED && info->alg != COMP_ALG_UNDEF

        && (info->flags & COMP_F_ALLOW_NOCOMP_ONLY))

    {

#ifdef USE_COMP

        msg(msglevel, "Compression or compression stub framing is not allowed "

                      "since data-channel offloading is enabled.");

#else

        msg(msglevel, "Compression or compression stub framing is not allowed "

                      "since OpenVPN was built without compression support.");

#endif

        return false;

    }


    if ((info->flags & COMP_F_ALLOW_STUB_ONLY) && comp_non_stub_enabled(info))

    {

        msg(msglevel, "Compression is not allowed since allow-compression is "

                      "set to 'stub-only'");

        return false;

    }

#ifndef ENABLE_LZ4

    if (info->alg == COMP_ALGV2_LZ4 || info->alg == COMP_ALG_LZ4)

    {

        msg(msglevel, "OpenVPN is compiled without LZ4 support. Requested "

                      "compression cannot be enabled.");

        return false;

    }

#endif

#ifndef ENABLE_LZO

    if (info->alg == COMP_ALG_LZO)

    {

        msg(msglevel, "OpenVPN is compiled without LZO support. Requested "

                      "compression cannot be enabled.");

        return false;

    }

#endif

    return true;

}


buf_printf
bool buf_printf(struct buffer *buf, const char *format,...)
Definition buffer.c:241

BPTR
#define BPTR(buf)
Definition buffer.h:123

buf_prepend
static uint8_t * buf_prepend(struct buffer *buf, int size)
Definition buffer.h:604

ALLOC_OBJ_CLEAR
#define ALLOC_OBJ_CLEAR(dptr, type)
Definition buffer.h:1052

counter_format
#define counter_format
Definition common.h:32

check_compression_settings_valid
bool check_compression_settings_valid(struct compress_options *info, msglvl_t msglevel)
Checks if the compression settings are valid.
Definition comp.c:162

comp.h

COMP_F_ALLOW_STUB_ONLY
#define COMP_F_ALLOW_STUB_ONLY
Only accept stub compression, even with COMP_F_ADVERTISE_STUBS_ONLY we still accept other compression...
Definition comp.h:45

COMP_ALG_LZ4
#define COMP_ALG_LZ4
LZ4 algorithm.
Definition comp.h:59

COMP_ALGV2_LZ4
#define COMP_ALGV2_LZ4
Definition comp.h:64

COMP_F_ALLOW_NOCOMP_ONLY
#define COMP_F_ALLOW_NOCOMP_ONLY
Do not allow compression framing (breaks DCO)
Definition comp.h:51

COMP_ALGV2_UNCOMPRESSED
#define COMP_ALGV2_UNCOMPRESSED
Definition comp.h:63

COMP_ALG_STUB
#define COMP_ALG_STUB
support compression command byte and framing without actual compression
Definition comp.h:56

COMP_ALG_LZO
#define COMP_ALG_LZO
LZO algorithm.
Definition comp.h:57

COMP_F_ADVERTISE_STUBS_ONLY
#define COMP_F_ADVERTISE_STUBS_ONLY
tell server that we only support compression stubs
Definition comp.h:42

comp_non_stub_enabled
static bool comp_non_stub_enabled(const struct compress_options *info)
Definition comp.h:81

COMP_ALG_UNDEF
#define COMP_ALG_UNDEF
Definition comp.h:54

memdbg.h

msg
#define msg(flags,...)
Definition error.h:152

msglvl_t
unsigned int msglvl_t
Definition error.h:77

ASSERT
#define ASSERT(x)
Definition error.h:219

otime.h

status_printf
void status_printf(struct status_output *so, const char *format,...)
Definition status.c:217

buffer
Wrapper structure for dynamically allocated memory.
Definition buffer.h:60

compress_options
Definition comp.h:75

compress_options::flags
unsigned int flags
Definition comp.h:77

compress_options::alg
int alg
Definition comp.h:76

status_output
Definition status.h:49

syshead.h

error.h