Ticket #271: 0002-Added-support-for-the-Snappy-compression-algorithm.patch
File 0002-Added-support-for-the-Snappy-compression-algorithm.patch, 61.4 KB (added by , 11 years ago) |
---|
-
configure.ac
From 45f43a41caf14692e908cc83dbeb9767b7375af3 Mon Sep 17 00:00:00 2001 From: James Yonan <james@openvpn.net> Date: Tue, 18 Sep 2012 08:33:34 +0200 Subject: [PATCH 2/2] Added support for the Snappy compression algorithm Added support for the Snappy compression algorithm which has shown to have considerably better compression speed than LZO at a comparable compression ratio. To enable Snappy add: compress snappy to both client and server config files. Alternatively, enable compression framing on the client: compress and have the server selectively push "compress snappy" to the client. This change also extends the client capability handshake to include IV_SNAPPY so the server can be aware that a connecting client supports Snappy. Note that the Snappy implementation also includes an improved framing approach where the first byte of the compressed payload is replaced by the compression control byte (the first payload byte is moved to the end of the packet). This solves off-by-one alignment issues, which improves performance on ARM. By default, the configure script will try to build with Snappy support. To disable, use the --disable-snappy option. The --enable-lzo-stub configure directive is now --enable-comp-stub (because it's not actually "lzo" but "compression-enabled packet framing") Add compression overhead to extra buffer unconditionally, as long as USE_COMP is defined. OpenVPN SVN r8206 (2.1.21a) and r8212 (2.1.21b) Signed-off-by: Gert Doering <gert@greenie.muc.de> --- configure.ac | 65 ++++++++++++-- doc/openvpn.8 | 22 ++++- src/openvpn/Makefile.am | 4 + src/openvpn/comp.c | 135 ++++++++++++++++++++++++++++ src/openvpn/comp.h | 171 ++++++++++++++++++++++++++++++++++++ src/openvpn/compstub.c | 118 +++++++++++++++++++++++++ src/openvpn/forward.c | 12 +-- src/openvpn/init.c | 100 +++++++++++++++------ src/openvpn/lzo.c | 154 +++++++++++--------------------- src/openvpn/lzo.h | 222 +---------------------------------------------- src/openvpn/openvpn.h | 16 ++-- src/openvpn/options.c | 100 +++++++++++++++++---- src/openvpn/options.h | 7 +- src/openvpn/sig.c | 6 +- src/openvpn/snappy.c | 189 ++++++++++++++++++++++++++++++++++++++++ src/openvpn/snappy.h | 39 +++++++++ src/openvpn/ssl.c | 6 +- src/openvpn/ssl_common.h | 5 ++ src/openvpn/syshead.h | 7 ++ 19 files changed, 975 insertions(+), 403 deletions(-) create mode 100644 src/openvpn/comp.c create mode 100644 src/openvpn/comp.h create mode 100644 src/openvpn/compstub.c create mode 100644 src/openvpn/snappy.c create mode 100644 src/openvpn/snappy.h diff --git a/configure.ac b/configure.ac index 7b35e50..5da5772 100644
a b AC_ARG_ENABLE( 46 46 [enable_lzo="yes"] 47 47 ) 48 48 49 AC_ARG_ENABLE( 50 [lzo-stub], 51 [AS_HELP_STRING([--enable-lzo-stub], [don't compile LZO compression support but still allow limited interoperability with LZO-enabled peers @<:@default=no@:>@])], 52 , 53 [enable_lzo_stub="no"] 49 AC_ARG_ENABLE(snappy, 50 [ --disable-snappy Disable Snappy compression support], 51 [enable_snappy="$enableval"], 52 [enable_snappy="yes"] 53 ) 54 55 AC_ARG_ENABLE(comp-stub, 56 [ --enable-comp-stub Don't compile compression support but still allow limited interoperability with compression-enabled peers], 57 [enable_comp_stub="$enableval"], 58 [enable_comp_stub="no"] 54 59 ) 55 60 56 61 AC_ARG_ENABLE( … … if test "${have_lzo}" = "yes"; then 895 900 CFLAGS="${saved_CFLAGS}" 896 901 fi 897 902 903 dnl 904 dnl check for Snappy library 905 dnl 906 907 AC_ARG_VAR([SNAPPY_CFLAGS], [C compiler flags for snappy]) 908 AC_ARG_VAR([SNAPPY_LIBS], [linker flags for snappy]) 909 if test "$enable_snappy" = "yes" && test "$enable_comp_stub" = "no"; then 910 AC_CHECKING([for Snappy Library and Header files]) 911 havesnappylib=1 912 913 # if SNAPPY_LIBS is set, we assume it will work, otherwise test 914 if test -z "${SNAPPY_LIBS}"; then 915 AC_CHECK_LIB(snappy, snappy_compress, 916 [ SNAPPY_LIBS="-lsnappy" ], 917 [ 918 AC_MSG_RESULT([Snappy library not found.]) 919 havesnappylib=0 920 ]) 921 fi 922 923 saved_CFLAGS="${CFLAGS}" 924 CFLAGS="${CFLAGS} ${SNAPPY_CFLAGS}" 925 AC_CHECK_HEADER(snappy-c.h, 926 , 927 [ 928 AC_MSG_RESULT([Snappy headers not found.]) 929 havesnappylib=0 930 ]) 931 932 if test $havesnappylib = 0 ; then 933 AC_MSG_RESULT([Snappy library available from http://code.google.com/p/snappy/]) 934 AC_MSG_ERROR([Or try ./configure --disable-snappy OR ./configure --enable-comp-stub]) 935 fi 936 OPTIONAL_SNAPPY_CFLAGS="${SNAPPY_CFLAGS}" 937 OPTIONAL_SNAPPY_LIBS="${SNAPPY_LIBS}" 938 AC_DEFINE(ENABLE_SNAPPY, 1, [Enable Snappy compression library]) 939 CFLAGS="${saved_CFLAGS}" 940 fi 941 942 898 943 AC_MSG_CHECKING([git checkout]) 899 944 GIT_CHECKOUT="no" 900 945 if test -n "${GIT}" -a -d "${srcdir}/.git"; then … … if test "${enable_lzo}" = "yes"; then 1003 1048 OPTIONAL_LZO_LIBS="${LZO_LIBS}" 1004 1049 AC_DEFINE([ENABLE_LZO], [1], [Enable LZO compression library]) 1005 1050 fi 1006 if test "${enable_ lzo_stub}" = "yes"; then1007 test "${enable_lzo}" = "yes" && AC_MSG_ERROR([Cannot have both lzo stub and lzo enabled])1008 AC_DEFINE([ENABLE_LZO_STUB], [1], [Enable LZO stub capability])1009 AC_DEFINE([ENABLE_ LZO], [1], [Enable LZO compression library])1051 if test "${enable_comp_stub}" = "yes"; then 1052 test "${enable_lzo}" = "yes" && AC_MSG_ERROR([Cannot have both comp stub and lzo enabled (use --disable-lzo)]) 1053 test "${enable_snappy}" = "yes" && AC_MSG_ERROR([Cannot have both comp stub and snappy enabled (use --disable-snappy)]) 1054 AC_DEFINE([ENABLE_COMP_STUB], [1], [Enable compression stub capability]) 1010 1055 fi 1011 1056 1012 1057 if test "${enable_pkcs11}" = "yes"; then … … AC_SUBST([OPTIONAL_CRYPTO_CFLAGS]) 1060 1105 AC_SUBST([OPTIONAL_CRYPTO_LIBS]) 1061 1106 AC_SUBST([OPTIONAL_LZO_CFLAGS]) 1062 1107 AC_SUBST([OPTIONAL_LZO_LIBS]) 1108 AC_SUBST([OPTIONAL_SNAPPY_CFLAGS]) 1109 AC_SUBST([OPTIONAL_SNAPPY_LIBS]) 1063 1110 AC_SUBST([OPTIONAL_PKCS11_HELPER_CFLAGS]) 1064 1111 AC_SUBST([OPTIONAL_PKCS11_HELPER_LIBS]) 1065 1112 -
doc/openvpn.8
diff --git a/doc/openvpn.8 b/doc/openvpn.8 index d590714..cab1ed7 100644
a b consecutive messages in the same category. This is useful to 2352 2352 limit repetitive logging of similar message types. 2353 2353 .\"********************************************************* 2354 2354 .TP 2355 .B \-\-compress [algorithm] 2356 Enable a compression algorithm. 2357 2358 The 2359 .B algorithm 2360 parameter may be "snappy", "lzo", or empty. Snappy and LZO 2361 are different compression algorithms, with Snappy generally 2362 offering the best performance. 2363 2364 If the 2365 .B algorithm 2366 parameter is empty, compression will be turned off, but the packet 2367 framing for compression will still be enabled, allowing a different 2368 setting to be pushed later. 2369 .\"********************************************************* 2370 .TP 2355 2371 .B \-\-comp-lzo [mode] 2356 Use fastLZO compression \-\- may add up to 1 byte per2372 Use LZO compression \-\- may add up to 1 byte per 2357 2373 packet for incompressible data. 2358 2374 .B mode 2359 2375 may be "yes", "no", or "adaptive" (default). 2360 2376 2377 This option is deprecated in favor of the newer 2378 .B --compress 2379 option. 2380 2361 2381 In a server mode setup, it is possible to selectively turn 2362 2382 compression on or off for individual clients. 2363 2383 -
src/openvpn/Makefile.am
diff --git a/src/openvpn/Makefile.am b/src/openvpn/Makefile.am index 5d38628..70e19c2 100644
a b AM_CFLAGS = \ 26 26 $(TAP_CFLAGS) \ 27 27 $(OPTIONAL_CRYPTO_CFLAGS) \ 28 28 $(OPTIONAL_LZO_CFLAGS) \ 29 $(OPTIONAL_SNAPPY_CFLAGS) \ 29 30 $(OPTIONAL_PKCS11_HELPER_CFLAGS) 30 31 if WIN32 31 32 # we want unicode entry point but not the macro … … openvpn_SOURCES = \ 41 42 circ_list.h \ 42 43 clinat.c clinat.h \ 43 44 common.h \ 45 comp.c comp.h compstub.c \ 44 46 crypto.c crypto.h crypto_backend.h \ 45 47 crypto_openssl.c crypto_openssl.h \ 46 48 crypto_polarssl.c crypto_polarssl.h \ … … openvpn_SOURCES = \ 98 100 session_id.c session_id.h \ 99 101 shaper.c shaper.h \ 100 102 sig.c sig.h \ 103 snappy.c snappy.h \ 101 104 socket.c socket.h \ 102 105 socks.c socks.h \ 103 106 ssl.c ssl.h ssl_backend.h \ … … openvpn_LDADD = \ 116 119 $(top_builddir)/src/compat/libcompat.la \ 117 120 $(SOCKETS_LIBS) \ 118 121 $(OPTIONAL_LZO_LIBS) \ 122 $(OPTIONAL_SNAPPY_LIBS) \ 119 123 $(OPTIONAL_PKCS11_HELPER_LIBS) \ 120 124 $(OPTIONAL_CRYPTO_LIBS) \ 121 125 $(OPTIONAL_SELINUX_LIBS) \ -
new file src/openvpn/comp.c
diff --git a/src/openvpn/comp.c b/src/openvpn/comp.c new file mode 100644 index 0000000..9692257
- + 1 /* 2 * OpenVPN -- An application to securely tunnel IP networks 3 * over a single UDP port, with support for SSL/TLS-based 4 * session authentication and key exchange, 5 * packet encryption, packet authentication, and 6 * packet compression. 7 * 8 * Copyright (C) 2002-2012 OpenVPN Technologies, Inc. <sales@openvpn.net> 9 * 10 * This program is free software; you can redistribute it and/or modify 11 * it under the terms of the GNU General Public License version 2 12 * as published by the Free Software Foundation. 13 * 14 * This program is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 * GNU General Public License for more details. 18 * 19 * You should have received a copy of the GNU General Public License 20 * along with this program (see the file COPYING included with this 21 * distribution); if not, write to the Free Software Foundation, Inc., 22 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23 */ 24 25 #ifdef HAVE_CONFIG_H 26 #include "config.h" 27 #elif defined(_MSC_VER) 28 #include "config-msvc.h" 29 #endif 30 31 #include "syshead.h" 32 33 #ifdef USE_COMP 34 35 #include "comp.h" 36 #include "error.h" 37 #include "otime.h" 38 39 #include "memdbg.h" 40 41 struct compress_context * 42 comp_init(const struct compress_options *opt) 43 { 44 struct compress_context *compctx = NULL; 45 switch (opt->alg) 46 { 47 case COMP_ALG_STUB: 48 ALLOC_OBJ_CLEAR (compctx, struct compress_context); 49 compctx->flags = opt->flags; 50 compctx->alg = comp_stub_alg; 51 (*compctx->alg.compress_init)(compctx); 52 break; 53 #ifdef ENABLE_LZO 54 case COMP_ALG_LZO: 55 ALLOC_OBJ_CLEAR (compctx, struct compress_context); 56 compctx->flags = opt->flags; 57 compctx->alg = lzo_alg; 58 (*compctx->alg.compress_init)(compctx); 59 break; 60 #endif 61 #ifdef ENABLE_SNAPPY 62 case COMP_ALG_SNAPPY: 63 ALLOC_OBJ_CLEAR (compctx, struct compress_context); 64 compctx->flags = opt->flags; 65 compctx->alg = snappy_alg; 66 (*compctx->alg.compress_init)(compctx); 67 break; 68 #endif 69 } 70 return compctx; 71 } 72 73 void 74 comp_uninit(struct compress_context *compctx) 75 { 76 if (compctx) 77 { 78 (*compctx->alg.compress_uninit)(compctx); 79 free(compctx); 80 } 81 } 82 83 void 84 comp_add_to_extra_frame(struct frame *frame) 85 { 86 /* Leave room for our one-byte compressed/didn't-compress prefix byte. */ 87 frame_add_to_extra_frame (frame, COMP_PREFIX_LEN); 88 } 89 90 void 91 comp_add_to_extra_buffer(struct frame *frame) 92 { 93 /* Leave room for compression buffer to expand in worst case scenario 94 where data is totally uncompressible */ 95 frame_add_to_extra_buffer (frame, COMP_EXTRA_BUFFER (EXPANDED_SIZE(frame))); 96 } 97 98 void 99 comp_print_stats (const struct compress_context *compctx, struct status_output *so) 100 { 101 if (compctx) 102 { 103 status_printf (so, "pre-compress bytes," counter_format, compctx->pre_compress); 104 status_printf (so, "post-compress bytes," counter_format, compctx->post_compress); 105 status_printf (so, "pre-decompress bytes," counter_format, compctx->pre_decompress); 106 status_printf (so, "post-decompress bytes," counter_format, compctx->post_decompress); 107 } 108 } 109 110 /* 111 * Tell our peer which compression algorithms we support. 112 */ 113 void 114 comp_generate_peer_info_string(const struct compress_options *opt, struct buffer *out) 115 { 116 if (opt) 117 { 118 bool lzo_avail = false; 119 if (!(opt->flags & COMP_F_ADVERTISE_STUBS_ONLY)) 120 { 121 #if defined(ENABLE_SNAPPY) 122 buf_printf (out, "IV_SNAPPY=1\n"); 123 #endif 124 #if defined(ENABLE_LZO) 125 buf_printf (out, "IV_LZO=1\n"); 126 lzo_avail = true; 127 #endif 128 } 129 if (!lzo_avail) 130 buf_printf (out, "IV_LZO_STUB=1\n"); 131 buf_printf (out, "IV_COMP_STUB=1\n"); 132 } 133 } 134 135 #endif /* USE_COMP */ -
new file src/openvpn/comp.h
diff --git a/src/openvpn/comp.h b/src/openvpn/comp.h new file mode 100644 index 0000000..0d2f1bc
- + 1 /* 2 * OpenVPN -- An application to securely tunnel IP networks 3 * over a single UDP port, with support for SSL/TLS-based 4 * session authentication and key exchange, 5 * packet encryption, packet authentication, and 6 * packet compression. 7 * 8 * Copyright (C) 2002-2012 OpenVPN Technologies, Inc. <sales@openvpn.net> 9 * 10 * This program is free software; you can redistribute it and/or modify 11 * it under the terms of the GNU General Public License version 2 12 * as published by the Free Software Foundation. 13 * 14 * This program is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 * GNU General Public License for more details. 18 * 19 * You should have received a copy of the GNU General Public License 20 * along with this program (see the file COPYING included with this 21 * distribution); if not, write to the Free Software Foundation, Inc., 22 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23 */ 24 25 /* 26 * Generic compression support. Currently we support 27 * Snappy and LZO 2. 28 */ 29 #ifndef OPENVPN_COMP_H 30 #define OPENVPN_COMP_H 31 32 #ifdef USE_COMP 33 34 #include "buffer.h" 35 #include "mtu.h" 36 #include "common.h" 37 #include "status.h" 38 39 /* algorithms */ 40 #define COMP_ALG_UNDEF 0 41 #define COMP_ALG_STUB 1 /* support compression command byte and framing without actual compression */ 42 #define COMP_ALG_LZO 2 /* LZO algorithm */ 43 #define COMP_ALG_SNAPPY 3 /* Snappy algorithm */ 44 45 /* Compression flags */ 46 #define COMP_F_ADAPTIVE (1<<0) /* COMP_ALG_LZO only */ 47 #define COMP_F_ASYM (1<<1) /* only downlink is compressed, not uplink */ 48 #define COMP_F_SWAP (1<<2) /* initial command byte is swapped with last byte in buffer to preserve payload alignment */ 49 #define COMP_F_ADVERTISE_STUBS_ONLY (1<<3) /* tell server that we only support compression stubs */ 50 51 /* 52 * Length of prepended prefix on compressed packets 53 */ 54 #define COMP_PREFIX_LEN 1 55 56 /* 57 * Prefix bytes 58 */ 59 #define NO_COMPRESS_BYTE 0xFA 60 #define NO_COMPRESS_BYTE_SWAP 0xFB /* to maintain payload alignment, replace this byte with last byte of packet */ 61 62 /* 63 * Compress worst case size expansion (for any algorithm) 64 * 65 * LZO: len + len/8 + 128 + 3 66 * Snappy: len + len/6 + 32 67 */ 68 #define COMP_EXTRA_BUFFER(len) ((len)/6 + 128 + 3 + COMP_PREFIX_LEN) 69 70 /* 71 * Don't try to compress any packet smaller than this. 72 */ 73 #define COMPRESS_THRESHOLD 100 74 75 /* Forward declaration of compression context */ 76 struct compress_context; 77 78 /* 79 * Virtual methods and other static info for each compression algorithm 80 */ 81 struct compress_alg 82 { 83 const char *name; 84 void (*compress_init)(struct compress_context *compctx); 85 void (*compress_uninit)(struct compress_context *compctx); 86 void (*compress)(struct buffer *buf, struct buffer work, 87 struct compress_context *compctx, 88 const struct frame* frame); 89 90 void (*decompress)(struct buffer *buf, struct buffer work, 91 struct compress_context *compctx, 92 const struct frame* frame); 93 }; 94 95 /* 96 * Headers for each compression implementation 97 */ 98 #ifdef ENABLE_LZO 99 #include "lzo.h" 100 #endif 101 102 #ifdef ENABLE_SNAPPY 103 #include "snappy.h" 104 #endif 105 106 /* 107 * Information that basically identifies a compression 108 * algorithm and related flags. 109 */ 110 struct compress_options 111 { 112 int alg; 113 unsigned int flags; 114 }; 115 116 /* 117 * Workspace union of all supported compression algorithms 118 */ 119 union compress_workspace_union 120 { 121 #ifdef ENABLE_LZO 122 struct lzo_compress_workspace lzo; 123 #endif 124 #ifdef ENABLE_SNAPPY 125 struct snappy_workspace snappy; 126 #endif 127 }; 128 129 /* 130 * Context for active compression session 131 */ 132 struct compress_context 133 { 134 unsigned int flags; 135 struct compress_alg alg; 136 union compress_workspace_union wu; 137 138 /* statistics */ 139 counter_type pre_decompress; 140 counter_type post_decompress; 141 counter_type pre_compress; 142 counter_type post_compress; 143 }; 144 145 extern const struct compress_alg comp_stub_alg; 146 147 struct compress_context *comp_init(const struct compress_options *opt); 148 149 void comp_uninit(struct compress_context *compctx); 150 151 void comp_add_to_extra_frame(struct frame *frame); 152 void comp_add_to_extra_buffer(struct frame *frame); 153 154 void comp_print_stats (const struct compress_context *compctx, struct status_output *so); 155 156 void comp_generate_peer_info_string(const struct compress_options *opt, struct buffer *out); 157 158 static inline bool 159 comp_enabled(const struct compress_options *info) 160 { 161 return info->alg != COMP_ALG_UNDEF; 162 } 163 164 static inline bool 165 comp_unswapped_prefix(const struct compress_options *info) 166 { 167 return !(info->flags & COMP_F_SWAP); 168 } 169 170 #endif /* USE_COMP */ 171 #endif -
new file src/openvpn/compstub.c
diff --git a/src/openvpn/compstub.c b/src/openvpn/compstub.c new file mode 100644 index 0000000..2ab7163
- + 1 /* 2 * OpenVPN -- An application to securely tunnel IP networks 3 * over a single UDP port, with support for SSL/TLS-based 4 * session authentication and key exchange, 5 * packet encryption, packet authentication, and 6 * packet compression. 7 * 8 * Copyright (C) 2002-2012 OpenVPN Technologies, Inc. <sales@openvpn.net> 9 * 10 * This program is free software; you can redistribute it and/or modify 11 * it under the terms of the GNU General Public License version 2 12 * as published by the Free Software Foundation. 13 * 14 * This program is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 * GNU General Public License for more details. 18 * 19 * You should have received a copy of the GNU General Public License 20 * along with this program (see the file COPYING included with this 21 * distribution); if not, write to the Free Software Foundation, Inc., 22 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23 */ 24 25 #ifdef HAVE_CONFIG_H 26 #include "config.h" 27 #elif defined(_MSC_VER) 28 #include "config-msvc.h" 29 #endif 30 31 #include "syshead.h" 32 33 #if defined(USE_COMP) 34 35 #include "comp.h" 36 #include "error.h" 37 #include "otime.h" 38 39 #include "memdbg.h" 40 41 static void 42 stub_compress_init (struct compress_context *compctx) 43 { 44 } 45 46 static void 47 stub_compress_uninit (struct compress_context *compctx) 48 { 49 } 50 51 static void 52 stub_compress (struct buffer *buf, struct buffer work, 53 struct compress_context *compctx, 54 const struct frame* frame) 55 { 56 if (buf->len <= 0) 57 return; 58 if (compctx->flags & COMP_F_SWAP) 59 { 60 uint8_t *head = BPTR (buf); 61 uint8_t *tail = BEND (buf); 62 ASSERT (buf_safe (buf, 1)); 63 ++buf->len; 64 65 /* move head byte of payload to tail */ 66 *tail = *head; 67 *head = NO_COMPRESS_BYTE_SWAP; 68 } 69 else 70 { 71 uint8_t *header = buf_prepend (buf, 1); 72 *header = NO_COMPRESS_BYTE; 73 } 74 } 75 76 static void 77 stub_decompress (struct buffer *buf, struct buffer work, 78 struct compress_context *compctx, 79 const struct frame* frame) 80 { 81 uint8_t c; 82 if (buf->len <= 0) 83 return; 84 if (compctx->flags & COMP_F_SWAP) 85 { 86 uint8_t *head = BPTR (buf); 87 c = *head; 88 --buf->len; 89 *head = *BEND (buf); 90 if (c != NO_COMPRESS_BYTE_SWAP) 91 { 92 dmsg (D_COMP_ERRORS, "Bad compression stub (swap) decompression header byte: %d", c); 93 buf->len = 0; 94 } 95 } 96 else 97 { 98 c = *BPTR (buf); 99 ASSERT (buf_advance (buf, 1)); 100 if (c != NO_COMPRESS_BYTE) 101 { 102 dmsg (D_COMP_ERRORS, "Bad compression stub decompression header byte: %d", c); 103 buf->len = 0; 104 } 105 } 106 } 107 108 const struct compress_alg comp_stub_alg = { 109 "stub", 110 stub_compress_init, 111 stub_compress_uninit, 112 stub_compress, 113 stub_decompress 114 }; 115 116 #else 117 static void dummy(void) {} 118 #endif /* USE_STUB */ -
src/openvpn/forward.c
diff --git a/src/openvpn/forward.c b/src/openvpn/forward.c index 024cd58..447b86d 100644
a b encrypt_sign (struct context *c, bool comp_frag) 444 444 445 445 if (comp_frag) 446 446 { 447 #ifdef ENABLE_LZO447 #ifdef USE_COMP 448 448 /* Compress the packet. */ 449 if ( lzo_defined (&c->c2.lzo_compwork))450 lzo_compress (&c->c2.buf, b->lzo_compress_buf, &c->c2.lzo_compwork, &c->c2.frame);449 if (c->c2.comp_context) 450 (*c->c2.comp_context->alg.compress)(&c->c2.buf, b->compress_buf, c->c2.comp_context, &c->c2.frame); 451 451 #endif 452 452 #ifdef ENABLE_FRAGMENT 453 453 if (c->c2.fragment) … … process_incoming_link (struct context *c) 846 846 fragment_incoming (c->c2.fragment, &c->c2.buf, &c->c2.frame_fragment); 847 847 #endif 848 848 849 #ifdef ENABLE_LZO849 #ifdef USE_COMP 850 850 /* decompress the incoming packet */ 851 if ( lzo_defined (&c->c2.lzo_compwork))852 lzo_decompress (&c->c2.buf, c->c2.buffers->lzo_decompress_buf, &c->c2.lzo_compwork, &c->c2.frame);851 if (c->c2.comp_context) 852 (*c->c2.comp_context->alg.decompress)(&c->c2.buf, c->c2.buffers->decompress_buf, c->c2.comp_context, &c->c2.frame); 853 853 #endif 854 854 855 855 #ifdef PACKET_TRUNCATION_CHECK -
src/openvpn/init.c
diff --git a/src/openvpn/init.c b/src/openvpn/init.c index 979ba23..16501fd 100644
a b do_deferred_options (struct context *c, const unsigned int found) 1746 1746 } 1747 1747 #endif 1748 1748 1749 #ifdef ENABLE_LZO1749 #ifdef USE_COMP 1750 1750 if (found & OPT_P_COMP) 1751 1751 { 1752 if (lzo_defined (&c->c2.lzo_compwork)) 1753 { 1754 msg (D_PUSH, "OPTIONS IMPORT: LZO parms modified"); 1755 lzo_modify_flags (&c->c2.lzo_compwork, c->options.lzo); 1756 } 1752 msg (D_PUSH, "OPTIONS IMPORT: compression parms modified"); 1753 comp_uninit (c->c2.comp_context); 1754 c->c2.comp_context = comp_init (&c->options.comp); 1757 1755 } 1758 1756 #endif 1759 1757 … … do_init_crypto_tls (struct context *c, const unsigned int flags) 2248 2246 #endif 2249 2247 #endif 2250 2248 2249 #ifdef USE_COMP 2250 to.comp_options = options->comp; 2251 #endif 2252 2251 2253 /* TLS handshake authentication (--tls-auth) */ 2252 2254 if (options->tls_auth_file) 2253 2255 { … … do_init_crypto (struct context *c, const unsigned int flags) 2330 2332 static void 2331 2333 do_init_frame (struct context *c) 2332 2334 { 2333 #ifdef ENABLE_LZO2335 #ifdef USE_COMP 2334 2336 /* 2335 * Initialize LZO compression library.2337 * modify frame parameters if compression is enabled 2336 2338 */ 2337 if (c ->options.lzo & LZO_SELECTED)2339 if (comp_enabled(&c->options.comp)) 2338 2340 { 2339 lzo_adjust_frame_parameters(&c->c2.frame);2341 comp_add_to_extra_frame (&c->c2.frame); 2340 2342 2343 #if !defined(ENABLE_SNAPPY) 2341 2344 /* 2342 * LZO usage affects buffer alignment. 2345 * Compression usage affects buffer alignment when non-swapped algs 2346 * such as LZO is used. 2347 * Newer algs like Snappy and comp-stub with COMP_F_SWAP don't need 2348 * any special alignment because of the control-byte swap approach. 2349 * LZO alignment (on the other hand) is problematic because 2350 * the presence of the control byte means that either the output of 2351 * decryption must be written to an unaligned buffer, or the input 2352 * to compression (or packet dispatch if packet is uncompressed) 2353 * must be read from an unaligned buffer. 2354 * This code tries to align the input to compression (or packet 2355 * dispatch if packet is uncompressed) at the cost of requiring 2356 * decryption output to be written to an unaligned buffer, so 2357 * it's more of a tradeoff than an optimal solution and we don't 2358 * include it when we are doing a modern build with Snappy. 2359 * Strictly speaking, on the server it would be better to execute 2360 * this code for every connection after we decide the compression 2361 * method, but currently the frame code doesn't appear to be 2362 * flexible enough for this, since the frame is already established 2363 * before it is known which compression options will be pushed. 2343 2364 */ 2344 if ( CIPHER_ENABLED (c))2365 if (comp_unswapped_prefix (&c->options.comp) && CIPHER_ENABLED (c)) 2345 2366 { 2346 frame_add_to_align_adjust (&c->c2.frame, LZO_PREFIX_LEN);2367 frame_add_to_align_adjust (&c->c2.frame, COMP_PREFIX_LEN); 2347 2368 frame_or_align_flags (&c->c2.frame, 2348 2369 FRAME_HEADROOM_MARKER_FRAGMENT 2349 2370 |FRAME_HEADROOM_MARKER_DECRYPT); 2350 2371 } 2372 #endif 2351 2373 2352 2374 #ifdef ENABLE_FRAGMENT 2353 lzo_adjust_frame_parameters (&c->c2.frame_fragment_omit); /* omit LZOframe delta from final frame_fragment */2375 comp_add_to_extra_frame (&c->c2.frame_fragment_omit); /* omit compression frame delta from final frame_fragment */ 2354 2376 #endif 2355 2377 } 2356 #endif /* ENABLE_LZO*/2378 #endif /* USE_COMP */ 2357 2379 2358 2380 #ifdef ENABLE_SOCKS 2359 2381 /* … … do_init_frame (struct context *c) 2382 2404 */ 2383 2405 frame_finalize_options (c, NULL); 2384 2406 2407 #ifdef USE_COMP 2408 /* 2409 * Modify frame parameters if compression is compiled in. 2410 * Should be called after frame_finalize_options. 2411 */ 2412 comp_add_to_extra_buffer (&c->c2.frame); 2413 #ifdef ENABLE_FRAGMENT 2414 comp_add_to_extra_buffer (&c->c2.frame_fragment_omit); /* omit compression frame delta from final frame_fragment */ 2415 #endif 2416 #endif /* USE_COMP */ 2417 2385 2418 #ifdef ENABLE_FRAGMENT 2386 2419 /* 2387 2420 * Set frame parameter for fragment code. This is necessary because … … init_context_buffers (const struct frame *frame) 2513 2546 b->decrypt_buf = alloc_buf (BUF_SIZE (frame)); 2514 2547 #endif 2515 2548 2516 #ifdef ENABLE_LZO2517 b-> lzo_compress_buf = alloc_buf (BUF_SIZE (frame));2518 b-> lzo_decompress_buf = alloc_buf (BUF_SIZE (frame));2549 #ifdef USE_COMP 2550 b->compress_buf = alloc_buf (BUF_SIZE (frame)); 2551 b->decompress_buf = alloc_buf (BUF_SIZE (frame)); 2519 2552 #endif 2520 2553 2521 2554 return b; … … free_context_buffers (struct context_buffers *b) 2530 2563 free_buf (&b->read_tun_buf); 2531 2564 free_buf (&b->aux_buf); 2532 2565 2533 #ifdef ENABLE_LZO2534 free_buf (&b-> lzo_compress_buf);2535 free_buf (&b-> lzo_decompress_buf);2566 #ifdef USE_COMP 2567 free_buf (&b->compress_buf); 2568 free_buf (&b->decompress_buf); 2536 2569 #endif 2537 2570 2538 2571 #ifdef ENABLE_CRYPTO … … init_instance (struct context *c, const struct env_set *env, const unsigned int 3364 3397 goto sig; 3365 3398 } 3366 3399 3367 #ifdef ENABLE_LZO3368 /* initialize LZOcompression library. */3369 if ( (options->lzo & LZO_SELECTED) && (c->mode == CM_P2P || child))3370 lzo_compress_init (&c->c2.lzo_compwork, options->lzo);3400 #ifdef USE_COMP 3401 /* initialize compression library. */ 3402 if (comp_enabled(&options->comp) && (c->mode == CM_P2P || child)) 3403 c->c2.comp_context = comp_init (&options->comp); 3371 3404 #endif 3372 3405 3373 3406 /* initialize MTU variables */ … … close_instance (struct context *c) 3481 3514 /* if xinetd/inetd mode, don't allow restart */ 3482 3515 do_close_check_if_restart_permitted (c); 3483 3516 3484 #ifdef ENABLE_LZO 3485 if (lzo_defined (&c->c2.lzo_compwork)) 3486 lzo_compress_uninit (&c->c2.lzo_compwork); 3517 #ifdef USE_COMP 3518 if (c->c2.comp_context) 3519 { 3520 comp_uninit (c->c2.comp_context); 3521 c->c2.comp_context = NULL; 3522 } 3487 3523 #endif 3488 3524 3489 3525 /* free buffers */ … … inherit_context_child (struct context *dest, 3607 3643 dest->c2.link_socket_info->lsa = &dest->c1.link_socket_addr; 3608 3644 dest->c2.link_socket_info->connection_established = false; 3609 3645 } 3646 3647 #ifdef USE_COMP 3648 dest->c2.comp_context = NULL; 3649 #endif 3610 3650 } 3611 3651 3612 3652 void … … inherit_context_top (struct context *dest, 3655 3695 dest->c2.event_set = NULL; 3656 3696 if (proto_is_dgram(src->options.ce.proto)) 3657 3697 do_event_set_init (dest, false); 3698 3699 #ifdef USE_COMP 3700 dest->c2.comp_context = NULL; 3701 #endif 3658 3702 } 3659 3703 3660 3704 void -
src/openvpn/lzo.c
diff --git a/src/openvpn/lzo.c b/src/openvpn/lzo.c index 195b819..daa02ed 100644
a b 34 34 35 35 #include "syshead.h" 36 36 37 #if def ENABLE_LZO37 #if defined(ENABLE_LZO) 38 38 39 #include " lzo.h"39 #include "comp.h" 40 40 #include "error.h" 41 41 #include "otime.h" 42 42 43 43 #include "memdbg.h" 44 44 45 #ifndef ENABLE_LZO_STUB 45 /* Initial command byte to tell our peer if we compressed */ 46 #define LZO_COMPRESS_BYTE 0x66 47 46 48 /** 47 49 * Perform adaptive compression housekeeping. 48 50 * … … lzo_adaptive_compress_data (struct lzo_adaptive_compress *ac, int n_total, int n 97 99 ac->n_comp += n_comp; 98 100 } 99 101 100 #endif /* ENABLE_LZO_STUB */ 101 102 void lzo_adjust_frame_parameters (struct frame *frame) 103 { 104 /* Leave room for our one-byte compressed/didn't-compress prefix byte. */ 105 frame_add_to_extra_frame (frame, LZO_PREFIX_LEN); 106 107 /* Leave room for compression buffer to expand in worst case scenario 108 where data is totally uncompressible */ 109 frame_add_to_extra_buffer (frame, LZO_EXTRA_BUFFER (EXPANDED_SIZE(frame))); 110 } 111 112 void 113 lzo_compress_init (struct lzo_compress_workspace *lzowork, unsigned int flags) 102 static void 103 lzo_compress_init (struct compress_context *compctx) 114 104 { 115 CLEAR (*lzowork); 116 117 lzowork->flags = flags; 118 #ifndef ENABLE_LZO_STUB 119 lzowork->wmem_size = LZO_WORKSPACE; 120 105 msg (D_INIT_MEDIUM, "LZO compression initializing"); 106 ASSERT(!(compctx->flags & COMP_F_SWAP)); 107 compctx->wu.lzo.wmem_size = LZO_WORKSPACE; 121 108 if (lzo_init () != LZO_E_OK) 122 109 msg (M_FATAL, "Cannot initialize LZO compression library"); 123 lzowork->wmem = (lzo_voidp) lzo_malloc (lzowork->wmem_size); 124 check_malloc_return (lzowork->wmem); 125 msg (D_INIT_MEDIUM, "LZO compression initialized"); 126 #else 127 msg (D_INIT_MEDIUM, "LZO stub compression initialized"); 128 #endif 129 lzowork->defined = true; 110 compctx->wu.lzo.wmem = (lzo_voidp) lzo_malloc (compctx->wu.lzo.wmem_size); 111 check_malloc_return (compctx->wu.lzo.wmem); 130 112 } 131 113 132 void133 lzo_compress_uninit (struct lzo_compress_workspace *lzowork)114 static void 115 lzo_compress_uninit (struct compress_context *compctx) 134 116 { 135 if (lzowork) 136 { 137 ASSERT (lzowork->defined); 138 #ifndef ENABLE_LZO_STUB 139 lzo_free (lzowork->wmem); 140 lzowork->wmem = NULL; 141 #endif 142 lzowork->defined = false; 143 } 117 lzo_free (compctx->wu.lzo.wmem); 118 compctx->wu.lzo.wmem = NULL; 144 119 } 145 120 146 121 static inline bool 147 lzo_compression_enabled (struct lzo_compress_workspace *lzowork)122 lzo_compression_enabled (struct compress_context *compctx) 148 123 { 149 #ifndef ENABLE_LZO_STUB 150 if ((lzowork->flags & (LZO_SELECTED|LZO_ON)) == (LZO_SELECTED|LZO_ON)) 124 if (compctx->flags & COMP_F_ASYM) 125 return false; 126 else 151 127 { 152 if ( lzowork->flags & LZO_ADAPTIVE)153 return lzo_adaptive_compress_test (& lzowork->ac);128 if (compctx->flags & COMP_F_ADAPTIVE) 129 return lzo_adaptive_compress_test (&compctx->wu.lzo.ac); 154 130 else 155 131 return true; 156 132 } 157 #endif158 return false;159 133 } 160 134 161 void135 static void 162 136 lzo_compress (struct buffer *buf, struct buffer work, 163 struct lzo_compress_workspace *lzowork,137 struct compress_context *compctx, 164 138 const struct frame* frame) 165 139 { 166 #ifndef ENABLE_LZO_STUB167 140 lzo_uint zlen = 0; 168 141 int err; 169 142 bool compressed = false; 170 #endif171 172 ASSERT (lzowork->defined);173 143 174 144 if (buf->len <= 0) 175 145 return; 176 146 177 #ifndef ENABLE_LZO_STUB178 147 /* 179 148 * In order to attempt compression, length must be at least COMPRESS_THRESHOLD, 180 149 * and our adaptive level must give the OK. 181 150 */ 182 if (buf->len >= COMPRESS_THRESHOLD && lzo_compression_enabled ( lzowork))151 if (buf->len >= COMPRESS_THRESHOLD && lzo_compression_enabled (compctx)) 183 152 { 153 const size_t ps = PAYLOAD_SIZE (frame); 184 154 ASSERT (buf_init (&work, FRAME_HEADROOM (frame))); 185 ASSERT (buf_safe (&work, LZO_EXTRA_BUFFER (PAYLOAD_SIZE (frame))));155 ASSERT (buf_safe (&work, ps + COMP_EXTRA_BUFFER (ps))); 186 156 187 if ( !(buf->len <= PAYLOAD_SIZE (frame)))157 if (buf->len > ps) 188 158 { 189 159 dmsg (D_COMP_ERRORS, "LZO compression buffer overflow"); 190 160 buf->len = 0; 191 161 return; 192 162 } 193 163 194 err = LZO_COMPRESS (BPTR (buf), BLEN (buf), BPTR (&work), &zlen, lzowork->wmem);164 err = LZO_COMPRESS (BPTR (buf), BLEN (buf), BPTR (&work), &zlen, compctx->wu.lzo.wmem); 195 165 if (err != LZO_E_OK) 196 166 { 197 167 dmsg (D_COMP_ERRORS, "LZO compression error: %d", err); … … lzo_compress (struct buffer *buf, struct buffer work, 203 173 work.len = zlen; 204 174 compressed = true; 205 175 206 dmsg (D_COMP, " compress %d -> %d", buf->len, work.len);207 lzowork->pre_compress += buf->len;208 lzowork->post_compress += work.len;176 dmsg (D_COMP, "LZO compress %d -> %d", buf->len, work.len); 177 compctx->pre_compress += buf->len; 178 compctx->post_compress += work.len; 209 179 210 180 /* tell adaptive level about our success or lack thereof in getting any size reduction */ 211 if ( lzowork->flags & LZO_ADAPTIVE)212 lzo_adaptive_compress_data (& lzowork->ac, buf->len, work.len);181 if (compctx->flags & COMP_F_ADAPTIVE) 182 lzo_adaptive_compress_data (&compctx->wu.lzo.ac, buf->len, work.len); 213 183 } 214 184 215 185 /* did compression save us anything ? */ 216 186 if (compressed && work.len < buf->len) 217 187 { 218 188 uint8_t *header = buf_prepend (&work, 1); 219 *header = YES_COMPRESS;189 *header = LZO_COMPRESS_BYTE; 220 190 *buf = work; 221 191 } 222 192 else 223 #endif224 193 { 225 194 uint8_t *header = buf_prepend (buf, 1); 226 *header = NO_COMPRESS ;195 *header = NO_COMPRESS_BYTE; 227 196 } 228 197 } 229 198 230 void199 static void 231 200 lzo_decompress (struct buffer *buf, struct buffer work, 232 struct lzo_compress_workspace *lzowork,201 struct compress_context *compctx, 233 202 const struct frame* frame) 234 203 { 235 #ifndef ENABLE_LZO_STUB236 204 lzo_uint zlen = EXPANDED_SIZE (frame); 237 205 int err; 238 #endif239 206 uint8_t c; /* flag indicating whether or not our peer compressed */ 240 207 241 ASSERT (lzowork->defined);242 243 208 if (buf->len <= 0) 244 209 return; 245 210 … … lzo_decompress (struct buffer *buf, struct buffer work, 248 213 c = *BPTR (buf); 249 214 ASSERT (buf_advance (buf, 1)); 250 215 251 if (c == YES_COMPRESS) /* packet was compressed */216 if (c == LZO_COMPRESS_BYTE) /* packet was compressed */ 252 217 { 253 #ifndef ENABLE_LZO_STUB254 218 ASSERT (buf_safe (&work, zlen)); 255 219 err = LZO_DECOMPRESS (BPTR (buf), BLEN (buf), BPTR (&work), &zlen, 256 lzowork->wmem);220 compctx->wu.lzo.wmem); 257 221 if (err != LZO_E_OK) 258 222 { 259 223 dmsg (D_COMP_ERRORS, "LZO decompression error: %d", err); … … lzo_decompress (struct buffer *buf, struct buffer work, 264 228 ASSERT (buf_safe (&work, zlen)); 265 229 work.len = zlen; 266 230 267 dmsg (D_COMP, " decompress %d -> %d", buf->len, work.len);268 lzowork->pre_decompress += buf->len;269 lzowork->post_decompress += work.len;231 dmsg (D_COMP, "LZO decompress %d -> %d", buf->len, work.len); 232 compctx->pre_decompress += buf->len; 233 compctx->post_decompress += work.len; 270 234 271 235 *buf = work; 272 #else273 dmsg (D_COMP_ERRORS, "LZO decompression error: LZO capability not compiled");274 buf->len = 0;275 return;276 #endif277 236 } 278 else if (c == NO_COMPRESS ) /* packet was not compressed */237 else if (c == NO_COMPRESS_BYTE) /* packet was not compressed */ 279 238 { 280 239 ; 281 240 } … … lzo_decompress (struct buffer *buf, struct buffer work, 286 245 } 287 246 } 288 247 289 void 290 lzo_modify_flags (struct lzo_compress_workspace *lzowork, unsigned int flags) 291 { 292 ASSERT (lzowork->defined); 293 lzowork->flags = flags; 294 } 295 296 void lzo_print_stats (const struct lzo_compress_workspace *lzo_compwork, struct status_output *so) 297 { 298 ASSERT (lzo_compwork->defined); 299 300 #ifndef ENABLE_LZO_STUB 301 status_printf (so, "pre-compress bytes," counter_format, lzo_compwork->pre_compress); 302 status_printf (so, "post-compress bytes," counter_format, lzo_compwork->post_compress); 303 status_printf (so, "pre-decompress bytes," counter_format, lzo_compwork->pre_decompress); 304 status_printf (so, "post-decompress bytes," counter_format, lzo_compwork->post_decompress); 305 #endif 306 } 248 const struct compress_alg lzo_alg = { 249 "lzo", 250 lzo_compress_init, 251 lzo_compress_uninit, 252 lzo_compress, 253 lzo_decompress 254 }; 307 255 308 256 #else 309 257 static void dummy(void) {} -
src/openvpn/lzo.h
diff --git a/src/openvpn/lzo.h b/src/openvpn/lzo.h index 472204d..f33e587 100644
a b 32 32 */ 33 33 34 34 35 #if def ENABLE_LZO35 #if defined(ENABLE_LZO) 36 36 37 37 /** 38 38 * @addtogroup compression 39 39 * @{ 40 40 */ 41 41 42 #ifndef ENABLE_LZO_STUB43 42 #if defined(HAVE_LZO_LZOUTIL_H) 44 43 #include "lzo/lzoutil.h" 45 44 #elif defined(HAVE_LZOUTIL_H) … … 50 49 #elif defined(HAVE_LZO1X_H) 51 50 #include "lzo1x.h" 52 51 #endif 53 #endif54 52 55 53 #include "buffer.h" 56 54 #include "mtu.h" 57 55 #include "common.h" 58 56 #include "status.h" 59 57 60 /**************************************************************************/ 61 /** @name Bit-flags which control data channel packet compression *//******/ 62 /** @{ */ 63 #define LZO_SELECTED (1<<0) /**< Bit-flag indicating that compression 64 * of data channel packets is enabled. */ 65 #define LZO_ON (1<<1) /**< Bit-flag indicating that compression 66 * of data channel packets is active. */ 67 #define LZO_ADAPTIVE (1<<2) /**< Bit-flag indicating that adaptive 68 * compression of data channel packets 69 * has been selected. */ 70 /** @} name Bit-flags which control data channel packet compression *//****/ 58 extern const struct compress_alg lzo_alg; 71 59 72 60 /**************************************************************************/ 73 61 /** @name LZO library interface defines *//** @{ *//***********************/ 74 #ifndef ENABLE_LZO_STUB75 62 #define LZO_COMPRESS lzo1x_1_15_compress 76 63 /**< LZO library compression function. 77 64 * … … 93 80 * verify the integrity of incoming 94 81 * packets, you might want to consider 95 82 * using the non-safe version. */ 96 #endif /* ENABLE_LZO_STUB */97 83 /** @} name LZO library interface *//**************************************/ 98 84 99 85 100 86 /**************************************************************************/ 101 /** @name Miscellaneous compression defines *//** @{ *//*******************/102 #define LZO_EXTRA_BUFFER(len) ((len)/8 + 128 + 3)103 /**< LZO 2.0 worst-case size expansion. */104 #ifndef ENABLE_LZO_STUB105 #define COMPRESS_THRESHOLD 100 /**< Minimum packet size to attempt106 * compression. */107 #endif /* ENABLE_LZO_STUB */108 /** @} name Miscellaneous compression defines *//**************************/109 110 111 /**************************************************************************/112 /** @name Compression header defines *//** @{ *//**************************/113 #define LZO_PREFIX_LEN 1 /**< Length in bytes of prepended114 * compression header. */115 #define YES_COMPRESS 0x66 /**< Single-byte compression header116 * indicating this packet has been117 * compressed. */118 #define NO_COMPRESS 0xFA /**< Single-byte compression header119 * indicating this packet has not been120 * compressed. */121 /** @} name Compression header defines *//*********************************/122 123 /**************************************************************************/124 87 /** @name Adaptive compression defines *//** @{ *//************************/ 125 #ifndef ENABLE_LZO_STUB126 88 #define AC_SAMP_SEC 2 /**< Number of seconds in a sample period. */ 127 89 #define AC_MIN_BYTES 1000 /**< Minimum number of bytes a sample 128 90 * period must contain for it to be … … 132 94 * turned off. */ 133 95 #define AC_OFF_SEC 60 /**< Seconds to wait after compression has 134 96 * been turned off before retesting. */ 135 #endif /* ENABLE_LZO_STUB */136 97 /** @} name Adaptive compression defines *//*******************************/ 137 98 138 #ifndef ENABLE_LZO_STUB139 140 99 /** 141 100 * Adaptive compression state. 142 101 */ … … struct lzo_adaptive_compress { 147 106 int n_comp; 148 107 }; 149 108 150 #endif /* ENABLE_LZO_STUB */151 152 109 153 110 /** 154 111 * State for the compression and decompression routines. … … struct lzo_adaptive_compress { 162 119 */ 163 120 struct lzo_compress_workspace 164 121 { 165 bool defined;166 unsigned int flags;167 #ifndef ENABLE_LZO_STUB168 122 lzo_voidp wmem; 169 123 int wmem_size; 170 124 struct lzo_adaptive_compress ac; 171 172 /* statistics */173 counter_type pre_decompress;174 counter_type post_decompress;175 counter_type pre_compress;176 counter_type post_compress;177 #endif178 125 }; 179 126 180 181 /**************************************************************************/182 /** @name Functions for initialization and cleanup *//** @{ *//************/183 184 /**185 * Adjust %frame parameters for data channel payload compression.186 *187 * Data channel packet compression requires a single-byte header to188 * indicate whether a packet has been compressed or not. The packet189 * handling buffers must also allow for worst-case payload compression190 * where the compressed content size is actually larger than the original191 * content size. This function adjusts the parameters of a given frame192 * structure to include the header and allow for worst-case compression193 * expansion.194 *195 * @param frame - The frame structure to adjust.196 */197 void lzo_adjust_frame_parameters(struct frame *frame);198 199 /**200 * Initialize a compression workspace structure.201 *202 * This function initializes the given workspace structure \a lzowork.203 * This includes allocating a work buffer for internal use and setting its204 * flags to the given value of \a flags.205 *206 * This function also initializes the lzo library.207 *208 * @param lzowork - A pointer to the workspace structure to209 * initialize.210 * @param flags - The initial flags to set in the workspace211 * structure.212 */213 void lzo_compress_init (struct lzo_compress_workspace *lzowork, unsigned int flags);214 215 /**216 * Cleanup a compression workspace structure.217 *218 * This function cleans up the given workspace structure \a lzowork. This219 * includes freeing the structure's internal work buffer.220 *221 * @param lzowork - A pointer to the workspace structure to clean up.222 */223 void lzo_compress_uninit (struct lzo_compress_workspace *lzowork);224 225 /**226 * Set a workspace structure's flags.227 *228 * @param lzowork - The workspace structure of which to modify the229 * flags.230 * @param flags - The new value to assign to the workspace231 * structure's flags.232 */233 void lzo_modify_flags (struct lzo_compress_workspace *lzowork, unsigned int flags);234 235 /** @} name Functions for initialization and cleanup *//*******************/236 237 238 /**************************************************************************/239 /** @name Function for packets to be sent to a remote OpenVPN peer *//*****/240 /** @{ */241 242 /**243 * Process an outgoing packet according to a VPN tunnel's settings.244 * @ingroup compression245 *246 * This function processes the packet contained in \a buf. Its behavior247 * depends on the settings contained within \a lzowork. If compression is248 * enabled and active, this function compresses the packet. After249 * compression, the size of the uncompressed and compressed packets are250 * compared, and the smallest is used.251 *252 * This function prepends a one-byte header indicating whether the packet253 * was or was not compressed, so as to let the peer know how to handle the254 * packet.255 *256 * If an error occurs during processing, an error message is logged and257 * the length of \a buf is set to zero.258 *259 * @param buf - A pointer to the buffer containing the outgoing260 * packet. This pointer will be modified to point261 * to the processed packet on return.262 * @param work - A preallocated working buffer.263 * @param lzowork - The compression workspace structure associated264 * with this VPN tunnel.265 * @param frame - The frame parameters of this tunnel.266 *267 * @return Void.\n On return, \a buf will point to a buffer containing268 * the processed, possibly compressed, packet data with a compression269 * header prepended.270 */271 void lzo_compress (struct buffer *buf, struct buffer work,272 struct lzo_compress_workspace *lzowork,273 const struct frame* frame);274 275 /** @} name Function for packets to be sent to a remote OpenVPN peer *//***/276 277 278 /**************************************************************************/279 /** @name Function for packets received from a remote OpenVPN peer *//*****/280 /** @{ */281 282 /**283 * Inspect an incoming packet and decompress if it is compressed.284 *285 * This function inspects the incoming packet contained in \a buf. If its286 * one-byte compression header indicates that it was compressed (i.e. \c287 * YES_COMPRESS), then it will be decompressed. If its header indicates288 * that it was not compressed (i.e. \c NO_COMPRESS), then the buffer is289 * not modified except for removing the compression header.290 *291 * If an error occurs during processing, for example if the compression292 * header has a value other than \c YES_COMPRESS or \c NO_COMPRESS, then293 * the error is logged and the length of \a buf is set to zero.294 *295 * @param buf - A pointer to the buffer containing the incoming296 * packet. This pointer will be modified to point297 * to the processed packet on return.298 * @param work - A preallocated working buffer.299 * @param lzowork - The compression workspace structure associated300 * with this VPN tunnel.301 * @param frame - The frame parameters of this tunnel.302 *303 * @return Void.\n On return, \a buf will point to a buffer containing304 * the uncompressed packet data and the one-byte compression header305 * will have been removed.306 */307 void lzo_decompress (struct buffer *buf, struct buffer work,308 struct lzo_compress_workspace *lzowork,309 const struct frame* frame);310 311 /** @} name Function for packets received from a remote OpenVPN peer *//***/312 313 314 /**************************************************************************/315 /** @name Utility functions *//** @{ *//***********************************/316 317 /**318 * Print statistics on compression and decompression performance.319 *320 * @param lzo_compwork - The workspace structure from which to get the321 * statistics.322 * @param so - The status output structure to which to write the323 * statistics.324 */325 void lzo_print_stats (const struct lzo_compress_workspace *lzo_compwork, struct status_output *so);326 327 /**328 * Check whether compression is enabled for a workspace structure.329 *330 * @param lzowork - The workspace structure to check.331 *332 * @return true if compression is enabled; false otherwise.333 */334 static inline bool335 lzo_defined (const struct lzo_compress_workspace *lzowork)336 {337 return lzowork->defined;338 }339 340 /** @} name Utility functions *//******************************************/341 342 343 127 /** @} addtogroup compression */ 344 128 345 129 346 #endif /* ENABLE_LZO */130 #endif /* ENABLE_LZO && USE_COMP */ 347 131 #endif -
src/openvpn/openvpn.h
diff --git a/src/openvpn/openvpn.h b/src/openvpn/openvpn.h index bdfa685..606a4f5 100644
a b 31 31 #include "crypto.h" 32 32 #include "ssl.h" 33 33 #include "packet_id.h" 34 #include " lzo.h"34 #include "comp.h" 35 35 #include "tun.h" 36 36 #include "interval.h" 37 37 #include "status.h" … … struct context_buffers 104 104 struct buffer decrypt_buf; 105 105 #endif 106 106 107 /* workspace buffers for LZOcompression */108 #ifdef ENABLE_LZO109 struct buffer lzo_compress_buf;110 struct buffer lzo_decompress_buf;107 /* workspace buffers for compression */ 108 #ifdef USE_COMP 109 struct buffer compress_buf; 110 struct buffer decompress_buf; 111 111 #endif 112 112 113 113 /* … … struct context_2 372 372 373 373 #endif /* ENABLE_CRYPTO */ 374 374 375 #ifdef ENABLE_LZO376 struct lzo_compress_workspace lzo_compwork;377 /**< Compression workspaceused by the375 #ifdef USE_COMP 376 struct compress_context *comp_context; 377 /**< Compression context used by the 378 378 * \link compression Data Channel 379 379 * Compression module\endlink. */ 380 380 #endif -
src/openvpn/options.c
diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 88ed88a..cb5778f 100644
a b const char title_string[] = 84 84 #endif /* defined(ENABLE_CRYPTO_POLARSSL) */ 85 85 #endif /* ENABLE_SSL */ 86 86 #endif /* ENABLE_CRYPTO */ 87 #ifdef USE_COMP 87 88 #ifdef ENABLE_LZO 88 #ifdef ENABLE_LZO_STUB89 " [LZO (STUB)]"90 #else91 89 " [LZO]" 92 90 #endif 91 #ifdef ENABLE_SNAPPY 92 " [SNAPPY]" 93 #endif 94 #ifdef ENABLE_COMP_STUB 95 " [COMP_STUB]" 93 96 #endif 97 #endif /* USE_COMP */ 94 98 #if EPOLL 95 99 " [EPOLL]" 96 100 #endif … … static const char usage_message[] = 362 366 #ifdef ENABLE_DEBUG 363 367 "--gremlin mask : Special stress testing mode (for debugging only).\n" 364 368 #endif 365 #ifdef ENABLE_LZO 366 "--comp-lzo : Use fast LZO compression -- may add up to 1 byte per\n" 369 #if defined(USE_COMP) 370 "--compress alg : Use compression algorithm alg\n" 371 #if defined(ENABLE_LZO) 372 "--comp-lzo : Use LZO compression -- may add up to 1 byte per\n" 367 373 " packet for uncompressible data.\n" 368 374 "--comp-noadapt : Don't use adaptive compression when --comp-lzo\n" 369 375 " is specified.\n" 370 376 #endif 377 #endif 371 378 #ifdef ENABLE_MANAGEMENT 372 379 "--management ip port [pass] : Enable a TCP server on ip:port to handle\n" 373 380 " management functions. pass is a password file\n" … … show_settings (const struct options *o) 1509 1516 1510 1517 SHOW_BOOL (fast_io); 1511 1518 1512 #ifdef ENABLE_LZO 1513 SHOW_INT (lzo); 1519 #ifdef USE_COMP 1520 SHOW_INT (comp.alg); 1521 SHOW_INT (comp.flags); 1514 1522 #endif 1515 1523 1516 1524 SHOW_STR (route_script); … … pre_pull_restore (struct options *o) 2877 2885 * the other end of the connection] 2878 2886 * 2879 2887 * --comp-lzo 2888 * --compress alg 2880 2889 * --fragment 2881 2890 * 2882 2891 * Crypto Options: … … options_string (const struct options *o, 2958 2967 tt = NULL; 2959 2968 } 2960 2969 2961 #ifdef ENABLE_LZO2962 if (o-> lzo & LZO_SELECTED)2963 buf_printf (&out, ",comp-lzo"); 2970 #ifdef USE_COMP 2971 if (o->comp.alg != COMP_ALG_UNDEF) 2972 buf_printf (&out, ",comp-lzo"); /* for compatibility, this simply indicates that compression context is active, not necessarily LZO per-se */ 2964 2973 #endif 2965 2974 2966 2975 #ifdef ENABLE_FRAGMENT … … add_option (struct options *options, 6132 6141 options->passtos = true; 6133 6142 } 6134 6143 #endif 6135 #if def ENABLE_LZO6144 #if defined(USE_COMP) 6136 6145 else if (streq (p[0], "comp-lzo")) 6137 6146 { 6138 6147 VERIFY_PERMISSION (OPT_P_COMP); 6139 if (p[1]) 6148 6149 #if defined(ENABLE_LZO) 6150 if (p[1] && streq (p[1], "no")) 6151 #endif 6152 { 6153 options->comp.alg = COMP_ALG_STUB; 6154 options->comp.flags = 0; 6155 } 6156 #if defined(ENABLE_LZO) 6157 else if (p[1]) 6140 6158 { 6141 6159 if (streq (p[1], "yes")) 6142 options->lzo = LZO_SELECTED|LZO_ON; 6143 else if (streq (p[1], "no")) 6144 options->lzo = LZO_SELECTED; 6160 { 6161 options->comp.alg = COMP_ALG_LZO; 6162 options->comp.flags = 0; 6163 } 6145 6164 else if (streq (p[1], "adaptive")) 6146 options->lzo = LZO_SELECTED|LZO_ON|LZO_ADAPTIVE; 6165 { 6166 options->comp.alg = COMP_ALG_LZO; 6167 options->comp.flags = COMP_F_ADAPTIVE; 6168 } 6147 6169 else 6148 6170 { 6149 6171 msg (msglevel, "bad comp-lzo option: %s -- must be 'yes', 'no', or 'adaptive'", p[1]); … … add_option (struct options *options, 6151 6173 } 6152 6174 } 6153 6175 else 6154 options->lzo = LZO_SELECTED|LZO_ON|LZO_ADAPTIVE; 6176 { 6177 options->comp.alg = COMP_ALG_LZO; 6178 options->comp.flags = COMP_F_ADAPTIVE; 6179 } 6180 #endif 6155 6181 } 6156 6182 else if (streq (p[0], "comp-noadapt")) 6157 6183 { 6158 6184 VERIFY_PERMISSION (OPT_P_COMP); 6159 options->lzo &= ~LZO_ADAPTIVE; 6185 options->comp.flags &= ~COMP_F_ADAPTIVE; 6186 } 6187 else if (streq (p[0], "compress")) 6188 { 6189 VERIFY_PERMISSION (OPT_P_COMP); 6190 if (p[1]) 6191 { 6192 if (streq (p[1], "stub")) 6193 { 6194 options->comp.alg = COMP_ALG_STUB; 6195 options->comp.flags = (COMP_F_SWAP|COMP_F_ADVERTISE_STUBS_ONLY); 6196 } 6197 #if defined(ENABLE_LZO) 6198 else if (streq (p[1], "lzo")) 6199 { 6200 options->comp.alg = COMP_ALG_LZO; 6201 options->comp.flags = 0; 6202 } 6203 #endif 6204 #if defined(ENABLE_SNAPPY) 6205 else if (streq (p[1], "snappy")) 6206 { 6207 options->comp.alg = COMP_ALG_SNAPPY; 6208 options->comp.flags = COMP_F_SWAP; 6209 } 6210 #endif 6211 else 6212 { 6213 msg (msglevel, "bad comp option: %s", p[1]); 6214 goto err; 6215 } 6216 } 6217 else 6218 { 6219 options->comp.alg = COMP_ALG_STUB; 6220 options->comp.flags = COMP_F_SWAP; 6221 } 6160 6222 } 6161 #endif /* ENABLE_LZO*/6223 #endif /* USE_COMP */ 6162 6224 #ifdef ENABLE_CRYPTO 6163 6225 else if (streq (p[0], "show-ciphers")) 6164 6226 { -
src/openvpn/options.h
diff --git a/src/openvpn/options.h b/src/openvpn/options.h index db1d3f7..9d7aaf2 100644
a b 39 39 #include "plugin.h" 40 40 #include "manage.h" 41 41 #include "proxy.h" 42 #include " lzo.h"42 #include "comp.h" 43 43 #include "pushlist.h" 44 44 #include "clinat.h" 45 45 … … struct options 314 314 /* optimize TUN/TAP/UDP writes */ 315 315 bool fast_io; 316 316 317 #ifdef ENABLE_LZO 318 /* LZO_x flags from lzo.h */ 319 unsigned int lzo; 317 #ifdef USE_COMP 318 struct compress_options comp; 320 319 #endif 321 320 322 321 /* buffer sizes */ -
src/openvpn/sig.c
diff --git a/src/openvpn/sig.c b/src/openvpn/sig.c index 0ebde24..5dee92b 100644
a b print_status (const struct context *c, struct status_output *so) 265 265 status_printf (so, "TCP/UDP read bytes," counter_format, c->c2.link_read_bytes); 266 266 status_printf (so, "TCP/UDP write bytes," counter_format, c->c2.link_write_bytes); 267 267 status_printf (so, "Auth read bytes," counter_format, c->c2.link_read_bytes_auth); 268 #ifdef ENABLE_LZO269 if ( lzo_defined (&c->c2.lzo_compwork))270 lzo_print_stats (&c->c2.lzo_compwork, so);268 #ifdef USE_COMP 269 if (c->c2.comp_context) 270 comp_print_stats (c->c2.comp_context, so); 271 271 #endif 272 272 #ifdef PACKET_TRUNCATION_CHECK 273 273 status_printf (so, "TUN read truncations," counter_format, c->c2.n_trunc_tun_read); -
new file src/openvpn/snappy.c
diff --git a/src/openvpn/snappy.c b/src/openvpn/snappy.c new file mode 100644 index 0000000..24440ba
- + 1 /* 2 * OpenVPN -- An application to securely tunnel IP networks 3 * over a single UDP port, with support for SSL/TLS-based 4 * session authentication and key exchange, 5 * packet encryption, packet authentication, and 6 * packet compression. 7 * 8 * Copyright (C) 2002-2012 OpenVPN Technologies, Inc. <sales@openvpn.net> 9 * 10 * This program is free software; you can redistribute it and/or modify 11 * it under the terms of the GNU General Public License version 2 12 * as published by the Free Software Foundation. 13 * 14 * This program is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 * GNU General Public License for more details. 18 * 19 * You should have received a copy of the GNU General Public License 20 * along with this program (see the file COPYING included with this 21 * distribution); if not, write to the Free Software Foundation, Inc., 22 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23 */ 24 25 #ifdef HAVE_CONFIG_H 26 #include "config.h" 27 #elif defined(_MSC_VER) 28 #include "config-msvc.h" 29 #endif 30 31 #include "syshead.h" 32 33 #if defined(ENABLE_SNAPPY) 34 35 #include "snappy-c.h" 36 37 #include "comp.h" 38 #include "error.h" 39 #include "otime.h" 40 41 #include "memdbg.h" 42 43 /* Initial command byte to tell our peer if we compressed */ 44 #define SNAPPY_COMPRESS_BYTE 0x68 45 46 static void 47 snap_compress_init (struct compress_context *compctx) 48 { 49 msg (D_INIT_MEDIUM, "Snappy compression initializing"); 50 ASSERT(compctx->flags & COMP_F_SWAP); 51 } 52 53 static void 54 snap_compress_uninit (struct compress_context *compctx) 55 { 56 } 57 58 static void 59 snap_compress (struct buffer *buf, struct buffer work, 60 struct compress_context *compctx, 61 const struct frame* frame) 62 { 63 snappy_status status; 64 bool compressed = false; 65 66 if (buf->len <= 0) 67 return; 68 69 /* 70 * In order to attempt compression, length must be at least COMPRESS_THRESHOLD. 71 */ 72 if (buf->len >= COMPRESS_THRESHOLD) 73 { 74 const size_t ps = PAYLOAD_SIZE (frame); 75 size_t zlen = ps + COMP_EXTRA_BUFFER (ps); 76 77 ASSERT (buf_init (&work, FRAME_HEADROOM (frame))); 78 ASSERT (buf_safe (&work, zlen)); 79 80 if (buf->len > ps) 81 { 82 dmsg (D_COMP_ERRORS, "Snappy compression buffer overflow"); 83 buf->len = 0; 84 return; 85 } 86 87 status = snappy_compress((const char *)BPTR(buf), (size_t)BLEN(buf), (char *)BPTR(&work), &zlen); 88 if (status != SNAPPY_OK) 89 { 90 dmsg (D_COMP_ERRORS, "Snappy compression error: %d", status); 91 buf->len = 0; 92 return; 93 } 94 95 ASSERT (buf_safe (&work, zlen)); 96 work.len = zlen; 97 compressed = true; 98 99 dmsg (D_COMP, "Snappy compress %d -> %d", buf->len, work.len); 100 compctx->pre_compress += buf->len; 101 compctx->post_compress += work.len; 102 } 103 104 /* did compression save us anything? */ 105 { 106 uint8_t comp_head_byte = NO_COMPRESS_BYTE_SWAP; 107 if (compressed && work.len < buf->len) 108 { 109 *buf = work; 110 comp_head_byte = SNAPPY_COMPRESS_BYTE; 111 } 112 113 { 114 uint8_t *head = BPTR (buf); 115 uint8_t *tail = BEND (buf); 116 ASSERT (buf_safe (buf, 1)); 117 ++buf->len; 118 119 /* move head byte of payload to tail */ 120 *tail = *head; 121 *head = comp_head_byte; 122 } 123 } 124 } 125 126 static void 127 snap_decompress (struct buffer *buf, struct buffer work, 128 struct compress_context *compctx, 129 const struct frame* frame) 130 { 131 size_t zlen = EXPANDED_SIZE (frame); 132 snappy_status status; 133 uint8_t c; /* flag indicating whether or not our peer compressed */ 134 135 if (buf->len <= 0) 136 return; 137 138 ASSERT (buf_init (&work, FRAME_HEADROOM (frame))); 139 140 /* do unframing/swap (assumes buf->len > 0) */ 141 { 142 uint8_t *head = BPTR (buf); 143 c = *head; 144 --buf->len; 145 *head = *BEND (buf); 146 } 147 148 if (c == SNAPPY_COMPRESS_BYTE) /* packet was compressed */ 149 { 150 ASSERT (buf_safe (&work, zlen)); 151 status = snappy_uncompress((const char *)BPTR(buf), (size_t)BLEN(buf), (char *)BPTR(&work), &zlen); 152 if (status != SNAPPY_OK) 153 { 154 dmsg (D_COMP_ERRORS, "Snappy decompression error: %d", status); 155 buf->len = 0; 156 return; 157 } 158 159 ASSERT (buf_safe (&work, zlen)); 160 work.len = zlen; 161 162 dmsg (D_COMP, "Snappy decompress %d -> %d", buf->len, work.len); 163 compctx->pre_decompress += buf->len; 164 compctx->post_decompress += work.len; 165 166 *buf = work; 167 } 168 else if (c == NO_COMPRESS_BYTE_SWAP) /* packet was not compressed */ 169 { 170 ; 171 } 172 else 173 { 174 dmsg (D_COMP_ERRORS, "Bad Snappy decompression header byte: %d", c); 175 buf->len = 0; 176 } 177 } 178 179 const struct compress_alg snappy_alg = { 180 "snappy", 181 snap_compress_init, 182 snap_compress_uninit, 183 snap_compress, 184 snap_decompress 185 }; 186 187 #else 188 static void dummy(void) {} 189 #endif /* ENABLE_SNAPPY */ -
new file src/openvpn/snappy.h
diff --git a/src/openvpn/snappy.h b/src/openvpn/snappy.h new file mode 100644 index 0000000..361a631
- + 1 /* 2 * OpenVPN -- An application to securely tunnel IP networks 3 * over a single UDP port, with support for SSL/TLS-based 4 * session authentication and key exchange, 5 * packet encryption, packet authentication, and 6 * packet compression. 7 * 8 * Copyright (C) 2002-2012 OpenVPN Technologies, Inc. <sales@openvpn.net> 9 * 10 * This program is free software; you can redistribute it and/or modify 11 * it under the terms of the GNU General Public License version 2 12 * as published by the Free Software Foundation. 13 * 14 * This program is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 * GNU General Public License for more details. 18 * 19 * You should have received a copy of the GNU General Public License 20 * along with this program (see the file COPYING included with this 21 * distribution); if not, write to the Free Software Foundation, Inc., 22 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23 */ 24 25 #ifndef OPENVPN_SNAPPY_H 26 #define OPENVPN_SNAPPY_H 27 28 #if defined(ENABLE_SNAPPY) 29 30 #include "buffer.h" 31 32 extern const struct compress_alg snappy_alg; 33 34 struct snappy_workspace 35 { 36 }; 37 38 #endif /* ENABLE_SNAPPY */ 39 #endif -
src/openvpn/ssl.c
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index 43b3980..cf36191 100644
a b push_peer_info(struct buffer *buf, struct tls_session *session) 1809 1809 buf_printf (&out, "IV_HWADDR=%s\n", format_hex_ex (rgi.hwaddr, 6, 0, 1, ":", &gc)); 1810 1810 } 1811 1811 1812 /* push LZOstatus */1813 #ifdef ENABLE_LZO_STUB1814 buf_printf (&out, "IV_LZO_STUB=1\n");1812 /* push compression status */ 1813 #ifdef USE_COMP 1814 comp_generate_peer_info_string(&session->opt->comp_options, &out); 1815 1815 #endif 1816 1816 1817 1817 /* push env vars that begin with UV_ */ -
src/openvpn/ssl_common.h
diff --git a/src/openvpn/ssl_common.h b/src/openvpn/ssl_common.h index c62294f..47dbefb 100644
a b struct tls_options 285 285 struct env_set *es; 286 286 const struct plugin_list *plugins; 287 287 288 /* compression parms */ 289 #ifdef USE_COMP 290 struct compress_options comp_options; 291 #endif 292 288 293 /* configuration file boolean options */ 289 294 # define SSLF_CLIENT_CERT_NOT_REQUIRED (1<<0) 290 295 # define SSLF_USERNAME_AS_COMMON_NAME (1<<1) -
src/openvpn/syshead.h
diff --git a/src/openvpn/syshead.h b/src/openvpn/syshead.h index 4db29cc..629ee80 100644
a b socket_defined (const socket_descriptor_t sd) 720 720 #define ENABLE_CLIENT_NAT 721 721 722 722 /* 723 * Compression support 724 */ 725 #if defined(ENABLE_SNAPPY) || defined(ENABLE_LZO) || defined(ENABLE_COMP_STUB) 726 #define USE_COMP 727 #endif 728 729 /* 723 730 * Enable --memstats option 724 731 */ 725 732 #ifdef TARGET_LINUX