GitList

Browse code

Disable DCO if proxy is set via management

Commit

45a1cb2a ("Disable DCO if proxy is set via management")

attempted to disable DCO when proxy is set via management interface. However,
at least on Windows this doesn't work, since:

- setting tuntap_options->disable_dco to true is not enough to disable DCO
- at this point it is a bit too late, since we've already done DCO-specific
adjustments

Since proxy can be set via management only if --management-query-proxy is
specified, the better way is to add a check to dco_check_startup_option().

Github: fixes OpenVPN/openvpn#522

Change-Id: I16d6a9fefa317d7d4a195e786618328445bdbca8
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20240318181744.20625-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg28415.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit fd6b8395f6cee8a61111c28f335ec25ed6db11f7)

Lev Stipakov authored on 2024/03/19 03:17:44
Showing 2 changed files

src/openvpn/dco.c index d7c9d48..78243b1 100644
src/openvpn/init.c index 93b40fd..9f43b62 100644

src/openvpn/dco.c

History View file @ 462fed5

@@ -387,6 +387,12 @@ dco_check_startup_option(int msglevel, const struct options *o)
                              return false;
+                         }
                     +    if (o->management_flags & MF_QUERY_PROXY)
                     +    {
                     +        msg(msglevel, "Note: --management-query-proxy disables data channel offload.");
                     +        return false;
                     +    }
+                    +
                          /* now that all options have been confirmed to be supported, check
                           * if DCO is truly available on the system
                           */

src/openvpn/init.c

History View file @ 462fed5

@@ -221,12 +221,6 @@ management_callback_proxy_cmd(void *arg, const char **p)
     }
     else if (p[2] && p[3])
     {
-        if (dco_enabled(&c->options))
-        {
-            msg(M_INFO, "Proxy set via management, disabling Data Channel Offload.");
-            c->options.tuntap_options.disable_dco = true;
-        }
-
         if (streq(p[1], "HTTP"))
         {
             struct http_proxy_options *ho;

...	...	@@ -221,12 +221,6 @@ management_callback_proxy_cmd(void arg, const char *p)
221	221	}
222	222	else if (p[2] && p[3])
223	223	{
224		- if (dco_enabled(&c->options))
225		- {
226		- msg(M_INFO, "Proxy set via management, disabling Data Channel Offload.");
227		- c->options.tuntap_options.disable_dco = true;
228		- }
229		-
230	224	if (streq(p[1], "HTTP"))
231	225	{
232	226	struct http_proxy_options *ho;