openvpn/dco_8h_source.html

/*

 *  OpenVPN -- An application to securely tunnel IP networks

 *             over a single TCP/UDP port, with support for SSL/TLS-based

 *             session authentication and key exchange,

 *             packet encryption, packet authentication, and

 *             packet compression.

 *

 *  Copyright (C) 2021-2025 Arne Schwabe <arne@rfc2549.org>

 *  Copyright (C) 2021-2025 Antonio Quartulli <a@unstable.cc>

 *  Copyright (C) 2021-2025 OpenVPN Inc <sales@openvpn.net>

 *

 *  This program is free software; you can redistribute it and/or modify

 *  it under the terms of the GNU General Public License version 2

 *  as published by the Free Software Foundation.

 *

 *  This program is distributed in the hope that it will be useful,

 *  but WITHOUT ANY WARRANTY; without even the implied warranty of

 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 *  GNU General Public License for more details.

 *

 *  You should have received a copy of the GNU General Public License

 *  along with this program (see the file COPYING included with this

 *  distribution); if not, see <https://www.gnu.org/licenses/>.

 */

#ifndef DCO_H

#define DCO_H


#include "buffer.h"

#include "error.h"

#include "dco_internal.h"

#include "networking.h"


/* forward declarations (including other headers leads to nasty include

 * order problems)

 */

struct event_set;

struct key2;

struct key_state;

struct multi_context;

struct multi_instance;

struct mroute_addr;

struct options;

struct tls_multi;

struct tuntap;


#define DCO_IROUTE_METRIC  100

#define DCO_DEFAULT_METRIC 200


#if defined(ENABLE_DCO)


bool dco_available(msglvl_t msglevel);


const char *dco_version_string(struct gc_arena *gc);


bool dco_check_option(msglvl_t msglevel, const struct options *o);


bool dco_check_startup_option(msglvl_t msglevel, const struct options *o);


bool dco_check_pull_options(msglvl_t msglevel, const struct options *o);


bool ovpn_dco_init(struct context *c);


int open_tun_dco(struct tuntap *tt, openvpn_net_ctx_t *ctx, const char *dev);


void close_tun_dco(struct tuntap *tt, openvpn_net_ctx_t *ctx);


int dco_do_read(dco_context_t *dco);


void dco_event_set(dco_context_t *dco, struct event_set *es, void *arg);


int init_key_dco_bi(struct tls_multi *multi, struct key_state *ks, const struct key2 *key2,

                    int key_direction, const char *ciphername, bool server);


bool dco_update_keys(dco_context_t *dco, struct tls_multi *multi);

int dco_p2p_add_new_peer(struct context *c);


int dco_set_peer(dco_context_t *dco, unsigned int peerid, int keepalive_interval,

                 int keepalive_timeout, int mss);


void dco_remove_peer(struct context *c);


int dco_multi_add_new_peer(struct multi_context *m, struct multi_instance *mi);


void dco_install_iroute(struct multi_context *m, struct multi_instance *mi,

                        struct mroute_addr *addr);


void dco_delete_iroutes(struct multi_context *m, struct multi_instance *mi);


int dco_get_peer_stats_multi(dco_context_t *dco, const bool raise_sigusr1_on_err);


int dco_get_peer_stats(struct context *c, const bool raise_sigusr1_on_err);


const char *dco_get_supported_ciphers(void);


bool

dco_supports_epoch_data(struct context *c);

#else  /* if defined(ENABLE_DCO) */


typedef void *dco_context_t;


static inline bool


dco_available(msglvl_t msglevel)

{

    return false;

}


static inline const char *


dco_version_string(struct gc_arena *gc)

{

    return "not-compiled";

}


static inline bool


dco_check_option(msglvl_t msglevel, const struct options *o)

{

    return false;

}


static inline bool


dco_check_startup_option(msglvl_t msglevel, const struct options *o)

{

    return false;

}


static inline bool


dco_check_pull_options(msglvl_t msglevel, const struct options *o)

{

    return false;

}


static inline bool


ovpn_dco_init(struct context *c)

{

    return true;

}


static inline int


open_tun_dco(struct tuntap *tt, openvpn_net_ctx_t *ctx, const char *dev)

{

    return 0;

}


static inline void


close_tun_dco(struct tuntap *tt, openvpn_net_ctx_t *ctx)

{

}


static inline int


dco_do_read(dco_context_t *dco)

{

    ASSERT(false);

    return 0;

}


static inline void


dco_event_set(dco_context_t *dco, struct event_set *es, void *arg)

{

}


static inline int


init_key_dco_bi(struct tls_multi *multi, struct key_state *ks, const struct key2 *key2,

                int key_direction, const char *ciphername, bool server)

{

    return 0;

}


static inline bool


dco_update_keys(dco_context_t *dco, struct tls_multi *multi)

{

    ASSERT(false);

    return false;

}


static inline int


dco_p2p_add_new_peer(struct context *c)

{

    return 0;

}


static inline int


dco_set_peer(dco_context_t *dco, unsigned int peerid, int keepalive_interval, int keepalive_timeout,

             int mss)

{

    return 0;

}


static inline void


dco_remove_peer(struct context *c)

{

}


static inline int


dco_multi_add_new_peer(struct multi_context *m, struct multi_instance *mi)

{

    return 0;

}


static inline void


dco_install_iroute(struct multi_context *m, struct multi_instance *mi, struct mroute_addr *addr)

{

}


static inline void


dco_delete_iroutes(struct multi_context *m, struct multi_instance *mi)

{

}


static inline int


dco_get_peer_stats_multi(dco_context_t *dco, const bool raise_sigusr1_on_err)

{

    return 0;

}


static inline int


dco_get_peer_stats(struct context *c, const bool raise_sigusr1_on_err)

{

    return 0;

}


static inline const char *


dco_get_supported_ciphers(void)

{

    return "";

}


static inline bool


dco_supports_epoch_data(struct context *c)

{

    return false;

}


#endif /* defined(ENABLE_DCO) */

#endif /* ifndef DCO_H */

buffer.h

dco_get_peer_stats_multi
static int dco_get_peer_stats_multi(dco_context_t *dco, const bool raise_sigusr1_on_err)
Definition dco.h:368

dco_set_peer
static int dco_set_peer(dco_context_t *dco, unsigned int peerid, int keepalive_interval, int keepalive_timeout, int mss)
Definition dco.h:340

dco_get_supported_ciphers
static const char * dco_get_supported_ciphers(void)
Definition dco.h:380

dco_supports_epoch_data
static bool dco_supports_epoch_data(struct context *c)
Definition dco.h:386

dco_do_read
static int dco_do_read(dco_context_t *dco)
Definition dco.h:308

dco_event_set
static void dco_event_set(dco_context_t *dco, struct event_set *es, void *arg)
Definition dco.h:315

dco_remove_peer
static void dco_remove_peer(struct context *c)
Definition dco.h:347

open_tun_dco
static int open_tun_dco(struct tuntap *tt, openvpn_net_ctx_t *ctx, const char *dev)
Definition dco.h:297

dco_check_startup_option
static bool dco_check_startup_option(msglvl_t msglevel, const struct options *o)
Definition dco.h:279

dco_install_iroute
static void dco_install_iroute(struct multi_context *m, struct multi_instance *mi, struct mroute_addr *addr)
Definition dco.h:358

dco_check_pull_options
static bool dco_check_pull_options(msglvl_t msglevel, const struct options *o)
Definition dco.h:285

dco_available
static bool dco_available(msglvl_t msglevel)
Definition dco.h:261

ovpn_dco_init
static bool ovpn_dco_init(struct context *c)
Definition dco.h:291

dco_p2p_add_new_peer
static int dco_p2p_add_new_peer(struct context *c)
Definition dco.h:334

dco_check_option
static bool dco_check_option(msglvl_t msglevel, const struct options *o)
Definition dco.h:273

dco_update_keys
static bool dco_update_keys(dco_context_t *dco, struct tls_multi *multi)
Definition dco.h:327

dco_context_t
void * dco_context_t
Definition dco.h:258

dco_version_string
static const char * dco_version_string(struct gc_arena *gc)
Definition dco.h:267

dco_multi_add_new_peer
static int dco_multi_add_new_peer(struct multi_context *m, struct multi_instance *mi)
Definition dco.h:352

close_tun_dco
static void close_tun_dco(struct tuntap *tt, openvpn_net_ctx_t *ctx)
Definition dco.h:303

dco_delete_iroutes
static void dco_delete_iroutes(struct multi_context *m, struct multi_instance *mi)
Definition dco.h:363

dco_get_peer_stats
static int dco_get_peer_stats(struct context *c, const bool raise_sigusr1_on_err)
Definition dco.h:374

init_key_dco_bi
static int init_key_dco_bi(struct tls_multi *multi, struct key_state *ks, const struct key2 *key2, int key_direction, const char *ciphername, bool server)
Definition dco.h:320

dco_internal.h

networking.h

openvpn_net_ctx_t
void * openvpn_net_ctx_t
Definition networking.h:38

msglvl_t
unsigned int msglvl_t
Definition error.h:77

ASSERT
#define ASSERT(x)
Definition error.h:219

context
Contains all state information for one tunnel.
Definition openvpn.h:474

event_set
Definition event.h:131

gc_arena
Garbage collection arena used to keep track of dynamically allocated memory.
Definition buffer.h:116

key2
Container for bidirectional cipher and HMAC key material.
Definition crypto.h:240

key_state
Security parameter state of one TLS and data channel key session.
Definition ssl_common.h:208

mroute_addr
Definition mroute.h:78

multi_context
Main OpenVPN server state structure.
Definition multi.h:164

multi_instance
Server-mode state structure for one single VPN tunnel.
Definition multi.h:103

options
Definition options.h:255

tls_multi
Security parameter state for a single VPN tunnel.
Definition ssl_common.h:612

tuntap
Definition tun.h:183

tuntap::dco
dco_context_t dco
Definition tun.h:249

error.h

es
struct env_set * es
Definition test_pkcs11.c:138

gc
struct gc_arena gc
Definition test_ssl.c:131