Ticket #271: 8206.patch

init.c

@@ -1710 +1710 @@
     }
 #endif
 
-#ifdef USE_LZO
+#ifdef USE_COMP
   if (found & OPT_P_COMP)
     {
-      if (lzo_defined (&c->c2.lzo_compwork))
-        {
-          msg (D_PUSH, "OPTIONS IMPORT: LZO parms modified");
-          lzo_modify_flags (&c->c2.lzo_compwork, c->options.lzo);
-        }
+      msg (D_PUSH, "OPTIONS IMPORT: compression parms modified");
+      comp_uninit (c->c2.comp_context);
+      c->c2.comp_context = comp_init (&c->options.comp);
     }
 #endif
 
@@ -2198 +2196 @@
   to.sci = &options->sc_info;
 #endif
 
+#ifdef USE_COMP
+  to.comp_options = options->comp;
+#endif  
+
   /* TLS handshake authentication (--tls-auth) */
   if (options->tls_auth_file)
     {
@@ -2280 +2282 @@
 static void
 do_init_frame (struct context *c)
 {
-#ifdef USE_LZO
+#ifdef USE_COMP
   /*
-   * Initialize LZO compression library.
+   * modify frame parameters if compression is enabled
    */
-  if (c->options.lzo & LZO_SELECTED)
+  if (comp_enabled(&c->options.comp))
     {
-      lzo_adjust_frame_parameters (&c->c2.frame);
+      comp_add_to_extra_frame (&c->c2.frame);
 
+#if !defined(USE_SNAPPY)
       /*
-       * LZO usage affects buffer alignment.
+       * Compression usage affects buffer alignment when non-swapped algs
+       * such as LZO is used.
+       * Newer algs like Snappy and comp-stub with COMP_F_SWAP don't need
+       * any special alignment because of the control-byte swap approach.
+       * LZO alignment (on the other hand) is problematic because
+       * the presence of the control byte means that either the output of
+       * decryption must be written to an unaligned buffer, or the input
+       * to compression (or packet dispatch if packet is uncompressed)
+       * must be read from an unaligned buffer.
+       * This code tries to align the input to compression (or packet
+       * dispatch if packet is uncompressed) at the cost of requiring
+       * decryption output to be written to an unaligned buffer, so
+       * it's more of a tradeoff than an optimal solution and we don't
+       * include it when we are doing a modern build with Snappy.
+       * Strictly speaking, on the server it would be better to execute
+       * this code for every connection after we decide the compression
+       * method, but currently the frame code doesn't appear to be
+       * flexible enough for this, since the frame is already established
+       * before it is known which compression options will be pushed.
        */
-      if (CIPHER_ENABLED (c))
+      if (comp_unswapped_prefix (&c->options.comp) && CIPHER_ENABLED (c))
         {
-          frame_add_to_align_adjust (&c->c2.frame, LZO_PREFIX_LEN);
+          frame_add_to_align_adjust (&c->c2.frame, COMP_PREFIX_LEN);
           frame_or_align_flags (&c->c2.frame,
                                 FRAME_HEADROOM_MARKER_FRAGMENT
                                 |FRAME_HEADROOM_MARKER_DECRYPT);
         }
+#endif
 
 #ifdef ENABLE_FRAGMENT
-      lzo_adjust_frame_parameters (&c->c2.frame_fragment_omit); /* omit LZO frame delta from final frame_fragment */
+      comp_add_to_extra_frame (&c->c2.frame_fragment_omit); /* omit compression frame delta from final frame_fragment */
 #endif
     }
-#endif /* USE_LZO */
+#endif /* USE_COMP */
 
 #ifdef ENABLE_SOCKS
   /*
@@ -2332 +2354 @@
    */
   frame_finalize_options (c, NULL);
 
+#ifdef USE_COMP
+  /*
+   * Modify frame parameters if compression is enabled.
+   * Should be called after frame_finalize_options.
+   */
+  if (comp_enabled(&c->options.comp))
+    {
+      comp_add_to_extra_buffer (&c->c2.frame);
 #ifdef ENABLE_FRAGMENT
+      comp_add_to_extra_buffer (&c->c2.frame_fragment_omit); /* omit compression frame delta from final frame_fragment */
+#endif
+    }
+#endif /* USE_COMP */
+
+#ifdef ENABLE_FRAGMENT
   /*
    * Set frame parameter for fragment code.  This is necessary because
    * the fragmentation code deals with payloads which have already been
@@ -2474 +2510 @@
   b->decrypt_buf = alloc_buf (BUF_SIZE (frame));
 #endif
 
-#ifdef USE_LZO
-  b->lzo_compress_buf = alloc_buf (BUF_SIZE (frame));
-  b->lzo_decompress_buf = alloc_buf (BUF_SIZE (frame));
+#ifdef USE_COMP
+  b->compress_buf = alloc_buf (BUF_SIZE (frame));
+  b->decompress_buf = alloc_buf (BUF_SIZE (frame));
 #endif
 
   return b;
@@ -2491 +2527 @@
       free_buf (&b->read_tun_buf);
       free_buf (&b->aux_buf);
 
-#ifdef USE_LZO
-      free_buf (&b->lzo_compress_buf);
-      free_buf (&b->lzo_decompress_buf);
+#ifdef USE_COMP
+      free_buf (&b->compress_buf);
+      free_buf (&b->decompress_buf);
 #endif
 
 #ifdef USE_CRYPTO
@@ -3327 +3363 @@
       goto sig;
   }
 
-#ifdef USE_LZO
-  /* initialize LZO compression library. */
-  if ((options->lzo & LZO_SELECTED) && (c->mode == CM_P2P || child))
-    lzo_compress_init (&c->c2.lzo_compwork, options->lzo);
+#ifdef USE_COMP
+  /* initialize compression library. */
+  if (comp_enabled(&options->comp) && (c->mode == CM_P2P || child))
+    c->c2.comp_context = comp_init (&options->comp);
 #endif
 
   /* initialize MTU variables */
@@ -3444 +3480 @@
         /* if xinetd/inetd mode, don't allow restart */
         do_close_check_if_restart_permitted (c);
 
-#ifdef USE_LZO
-        if (lzo_defined (&c->c2.lzo_compwork))
-          lzo_compress_uninit (&c->c2.lzo_compwork);
+#ifdef USE_COMP
+        if (c->c2.comp_context)
+          {
+            comp_uninit (c->c2.comp_context);
+            c->c2.comp_context = NULL;
+          }
 #endif
 
         /* free buffers */
@@ -3579 +3618 @@
       dest->c2.link_socket_info->lsa = &dest->c1.link_socket_addr;
       dest->c2.link_socket_info->connection_established = false;
     }
+
+#ifdef USE_COMP
+  dest->c2.comp_context = NULL;
+#endif
 }
 
 void
@@ -3627 +3670 @@
   dest->c2.event_set = NULL;
   if (src->options.ce.proto == PROTO_UDPv4)
     do_event_set_init (dest, false);
+
+#ifdef USE_COMP
+  dest->c2.comp_context = NULL;
+#endif
 }
 
 void

configure.ac

@@ -69 +69 @@
    [LZO="yes"]
 )
 
-AC_ARG_ENABLE(lzo-stub,
-   [  --enable-lzo-stub       Don't compile LZO compression support but still allow limited interoperability with LZO-enabled peers],
-   [LZO_STUB="$enableval"],
-   [LZO_STUB="no"]
+AC_ARG_ENABLE(snappy,
+   [  --disable-snappy        Disable Snappy compression support],
+   [SNAPPY="$enableval"],
+   [SNAPPY="yes"]
 )
 
+AC_ARG_ENABLE(comp-stub,
+   [  --enable-comp-stub      Don't compile compression support but still allow limited interoperability with compression-enabled peers],
+   [COMP_STUB="$enableval"],
+   [COMP_STUB="no"]
+)
+
 AC_ARG_ENABLE(crypto,
    [  --disable-crypto        Disable OpenSSL crypto support],
    [CRYPTO="$enableval"],
@@ -240 +246 @@
    [LDFLAGS="$LDFLAGS -L$withval"] 
 )
 
+AC_ARG_WITH(snappy-headers,
+   [  --with-snappy-headers=DIR  Snappy Include files location],
+   [SNAPPY_HDR_DIR="$withval"]
+   [CPPFLAGS="$CPPFLAGS -I$withval"] 
+)
+
+AC_ARG_WITH(snappy-lib,
+   [  --with-snappy-lib=DIR      Snappy Library location],
+   [LDFLAGS="$LDFLAGS -L$withval"] 
+)
+
 AC_ARG_WITH(pkcs11-helper-headers,
    [  --with-pkcs11-helper-headers=DIR pkcs11-helper Include files location],
    [PKCS11_HELPER_HDR_DIR="$withval"]
@@ -329 +346 @@
 
 dnl Checks for programs.
 AC_PROG_CC
+AC_PROG_CXX
 AC_PROG_INSTALL
 AC_PROG_GCC_TRADITIONAL
 AC_GNU_SOURCE
@@ -663 +681 @@
 dnl check for LZO library
 dnl
 
-if test "$LZO" = "yes" && test "$LZO_STUB" = "no"; then
+if test "$LZO" = "yes" && test "$COMP_STUB" = "no"; then
    LZO_H=""
    AC_CHECKING([for LZO Library and Header files])
    AC_CHECK_HEADER(lzo/lzo1x.h,
@@ -693 +711 @@
    else
      AC_MSG_RESULT([LZO headers were not found])
      AC_MSG_RESULT([LZO library available from http://www.oberhumer.com/opensource/lzo/])
-     AC_MSG_ERROR([Or try ./configure --disable-lzo OR ./configure --enable-lzo-stub])
+     AC_MSG_ERROR([Or try ./configure --disable-lzo OR ./configure --enable-comp-stub])
    fi
 fi
 
+dnl
+dnl check for Snappy library
+dnl
+
+if test "$SNAPPY" = "yes" && test "$COMP_STUB" = "no"; then
+   havesnappylib=0
+   AC_LANG_PUSH([C++])
+   AC_CHECKING([for Snappy Library and Header files])
+   AC_CHECK_HEADER(snappy-c.h,
+        [AC_CHECK_LIB(snappy, snappy_compress,
+            [
+                   OPENVPN_ADD_LIBS(-lstdc++)
+                   OPENVPN_ADD_LIBS(-lsnappy)
+                   AC_DEFINE(USE_SNAPPY, 1, [Use Snappy compression library])
+                   havesnappylib=1
+            ],
+            [AC_MSG_RESULT([Snappy library not found.])]
+        )],
+        [AC_MSG_RESULT([Snappy headers not found.])]
+   )
+   AC_LANG_POP([C++])
+   if test $havesnappylib = 0 ; then
+     AC_MSG_RESULT([Snappy library available from http://code.google.com/p/snappy/])
+     AC_MSG_ERROR([Or try ./configure --disable-snappy OR ./configure --enable-comp-stub])
+   fi
+fi
+
 dnl enable multi-client mode
-if test "$LZO_STUB" = "yes"; then
-   AC_DEFINE(LZO_STUB, 1, [Enable LZO stub capability])
+if test "$COMP_STUB" = "yes"; then
+   AC_DEFINE(COMP_STUB, 1, [Enable compression stub capability])
 fi
 
 dnl

version.m4

@@ -1 +1 @@
 dnl define the OpenVPN version
-define(PRODUCT_VERSION,[2.1.20])
+define(PRODUCT_VERSION,[2.1.21a])
 dnl define the TAP version
 define(PRODUCT_TAP_ID,[tap0901])
 define(PRODUCT_TAP_WIN32_MIN_MAJOR,[9])

lzo.c

@@ -24 +24 @@
 
 #include "syshead.h"
 
-#ifdef USE_LZO
+#if defined(USE_LZO) && defined(USE_COMP)
 
-#include "lzo.h"
+#include "comp.h"
 #include "error.h"
 #include "otime.h"
 
 #include "memdbg.h"
 
-#ifndef LZO_STUB
+/* Initial command byte to tell our peer if we compressed */
+#define LZO_COMPRESS_BYTE 0x66
 
 static bool
 lzo_adaptive_compress_test (struct lzo_adaptive_compress *ac)
@@ -81 +82 @@
   ac->n_comp += n_comp;
 }
 
-#endif /* LZO_STUB */
-
-void lzo_adjust_frame_parameters (struct frame *frame)
+static void
+lzo_compress_init (struct compress_context *compctx)
 {
-  /* Leave room for our one-byte compressed/didn't-compress prefix byte. */
-  frame_add_to_extra_frame (frame, LZO_PREFIX_LEN);
-
-  /* Leave room for compression buffer to expand in worst case scenario
-     where data is totally uncompressible */
-  frame_add_to_extra_buffer (frame, LZO_EXTRA_BUFFER (EXPANDED_SIZE(frame)));
-}
-
-void
-lzo_compress_init (struct lzo_compress_workspace *lzowork, unsigned int flags)
-{
-  CLEAR (*lzowork);
-
-  lzowork->flags = flags;
-#ifndef LZO_STUB
-  lzowork->wmem_size = LZO_WORKSPACE;
-
+  msg (D_INIT_MEDIUM, "LZO compression initializing");
+  ASSERT(!(compctx->flags & COMP_F_SWAP));
+  compctx->wu.lzo.wmem_size = LZO_WORKSPACE;
   if (lzo_init () != LZO_E_OK)
     msg (M_FATAL, "Cannot initialize LZO compression library");
-  lzowork->wmem = (lzo_voidp) lzo_malloc (lzowork->wmem_size);
-  check_malloc_return (lzowork->wmem);
-  msg (D_INIT_MEDIUM, "LZO compression initialized");
-#else
-  msg (D_INIT_MEDIUM, "LZO stub compression initialized");
-#endif
-  lzowork->defined = true;
+  compctx->wu.lzo.wmem = (lzo_voidp) lzo_malloc (compctx->wu.lzo.wmem_size);
+  check_malloc_return (compctx->wu.lzo.wmem);
 }
 
-void
-lzo_compress_uninit (struct lzo_compress_workspace *lzowork)
+static void
+lzo_compress_uninit (struct compress_context *compctx)
 {
-  if (lzowork)
-    {
-      ASSERT (lzowork->defined);
-#ifndef LZO_STUB
-      lzo_free (lzowork->wmem);
-      lzowork->wmem = NULL;
-#endif
-      lzowork->defined = false;
-    }
+  lzo_free (compctx->wu.lzo.wmem);
+  compctx->wu.lzo.wmem = NULL;
 }
 
 static inline bool
-lzo_compression_enabled (struct lzo_compress_workspace *lzowork)
+lzo_compression_enabled (struct compress_context *compctx)
 {
-#ifndef LZO_STUB
-  if ((lzowork->flags & (LZO_SELECTED|LZO_ON)) == (LZO_SELECTED|LZO_ON))
+  if (compctx->flags & COMP_F_ASYM)
+    return false;
+  else
     {
-      if (lzowork->flags & LZO_ADAPTIVE)
-        return lzo_adaptive_compress_test (&lzowork->ac);
+      if (compctx->flags & COMP_F_ADAPTIVE)
+        return lzo_adaptive_compress_test (&compctx->wu.lzo.ac);
       else
         return true;
     }
-#endif
-  return false;
 }
 
-/* Magic numbers to tell our peer if we compressed or not */
-#define YES_COMPRESS 0x66
-#define NO_COMPRESS  0xFA
-
-void
+static void
 lzo_compress (struct buffer *buf, struct buffer work,
-              struct lzo_compress_workspace *lzowork,
+              struct compress_context *compctx,
               const struct frame* frame)
 {
-#ifndef LZO_STUB
   lzo_uint zlen = 0;
   int err;
   bool compressed = false;
-#endif
 
-  ASSERT (lzowork->defined);
-
   if (buf->len <= 0)
     return;
 
-#ifndef LZO_STUB
   /*
    * In order to attempt compression, length must be at least COMPRESS_THRESHOLD,
    * and our adaptive level must give the OK.
    */
-  if (buf->len >= COMPRESS_THRESHOLD && lzo_compression_enabled (lzowork))
+  if (buf->len >= COMPRESS_THRESHOLD && lzo_compression_enabled (compctx))
     {
+      const size_t ps = PAYLOAD_SIZE (frame);
       ASSERT (buf_init (&work, FRAME_HEADROOM (frame)));
-      ASSERT (buf_safe (&work, LZO_EXTRA_BUFFER (PAYLOAD_SIZE (frame))));
+      ASSERT (buf_safe (&work, ps + COMP_EXTRA_BUFFER (ps)));
 
-      if (!(buf->len <= PAYLOAD_SIZE (frame)))
+      if (buf->len > ps)
         {
           dmsg (D_COMP_ERRORS, "LZO compression buffer overflow");
           buf->len = 0;
           return;
         }
 
-      err = LZO_COMPRESS (BPTR (buf), BLEN (buf), BPTR (&work), &zlen, lzowork->wmem);
+      err = LZO_COMPRESS (BPTR (buf), BLEN (buf), BPTR (&work), &zlen, compctx->wu.lzo.wmem);
       if (err != LZO_E_OK)
         {
           dmsg (D_COMP_ERRORS, "LZO compression error: %d", err);
@@ -191 +156 @@
       work.len = zlen;
       compressed = true;
 
-      dmsg (D_COMP, "compress %d -> %d", buf->len, work.len);
-      lzowork->pre_compress += buf->len;
-      lzowork->post_compress += work.len;
+      dmsg (D_COMP, "LZO compress %d -> %d", buf->len, work.len);
+      compctx->pre_compress += buf->len;
+      compctx->post_compress += work.len;
 
       /* tell adaptive level about our success or lack thereof in getting any size reduction */
-      if (lzowork->flags & LZO_ADAPTIVE)
-        lzo_adaptive_compress_data (&lzowork->ac, buf->len, work.len);
+      if (compctx->flags & COMP_F_ADAPTIVE)
+        lzo_adaptive_compress_data (&compctx->wu.lzo.ac, buf->len, work.len);
     }
 
   /* did compression save us anything ? */
   if (compressed && work.len < buf->len)
     {
       uint8_t *header = buf_prepend (&work, 1);
-      *header = YES_COMPRESS;
+      *header = LZO_COMPRESS_BYTE;
       *buf = work;
     }
   else
-#endif
     {
       uint8_t *header = buf_prepend (buf, 1);
-      *header = NO_COMPRESS;
+      *header = NO_COMPRESS_BYTE;
     }
 }
 
-void
+static void
 lzo_decompress (struct buffer *buf, struct buffer work,
-                struct lzo_compress_workspace *lzowork,
+                struct compress_context *compctx,
                 const struct frame* frame)
 {
-#ifndef LZO_STUB
   lzo_uint zlen = EXPANDED_SIZE (frame);
   int err;
-#endif
   uint8_t c;            /* flag indicating whether or not our peer compressed */
 
-  ASSERT (lzowork->defined);
-
   if (buf->len <= 0)
     return;
 
@@ -236 +196 @@
   c = *BPTR (buf);
   ASSERT (buf_advance (buf, 1));
 
-  if (c == YES_COMPRESS)        /* packet was compressed */
+  if (c == LZO_COMPRESS_BYTE)   /* packet was compressed */
     {
-#ifndef LZO_STUB
       ASSERT (buf_safe (&work, zlen));
       err = LZO_DECOMPRESS (BPTR (buf), BLEN (buf), BPTR (&work), &zlen,
-                            lzowork->wmem);
+                            compctx->wu.lzo.wmem);
       if (err != LZO_E_OK)
         {
           dmsg (D_COMP_ERRORS, "LZO decompression error: %d", err);
@@ -252 +211 @@
       ASSERT (buf_safe (&work, zlen));
       work.len = zlen;
 
-      dmsg (D_COMP, "decompress %d -> %d", buf->len, work.len);
-      lzowork->pre_decompress += buf->len;
-      lzowork->post_decompress += work.len;
+      dmsg (D_COMP, "LZO decompress %d -> %d", buf->len, work.len);
+      compctx->pre_decompress += buf->len;
+      compctx->post_decompress += work.len;
 
       *buf = work;
-#else
-      dmsg (D_COMP_ERRORS, "LZO decompression error: LZO capability not compiled");
-      buf->len = 0;
-      return;
-#endif
     }
-  else if (c == NO_COMPRESS)    /* packet was not compressed */
+  else if (c == NO_COMPRESS_BYTE)       /* packet was not compressed */
     {
       ;
     }
@@ -274 +228 @@
     }
 }
 
-void
-lzo_modify_flags (struct lzo_compress_workspace *lzowork, unsigned int flags)
-{
-  ASSERT (lzowork->defined);
-  lzowork->flags = flags;
-}
+const struct compress_alg lzo_alg = {
+  "lzo",
+  lzo_compress_init,
+  lzo_compress_uninit,
+  lzo_compress,
+  lzo_decompress
+};
 
-/*
- * Print statistics
- */
-void lzo_print_stats (const struct lzo_compress_workspace *lzo_compwork, struct status_output *so)
-{
-  ASSERT (lzo_compwork->defined);
-
-#ifndef LZO_STUB
-  status_printf (so, "pre-compress bytes," counter_format, lzo_compwork->pre_compress);
-  status_printf (so, "post-compress bytes," counter_format, lzo_compwork->post_compress);
-  status_printf (so, "pre-decompress bytes," counter_format, lzo_compwork->pre_decompress);
-  status_printf (so, "post-decompress bytes," counter_format, lzo_compwork->post_decompress);
-#endif
-}
-
 #else
 static void dummy(void) {}
 #endif /* USE_LZO */

lzo.h

@@ -25 +25 @@
 #ifndef OPENVPN_LZO_H
 #define OPENVPN_LZO_H
 
-#ifdef USE_LZO
+#if defined(USE_LZO) && defined(USE_COMP)
 
-#ifndef LZO_STUB
 #ifdef LZO_HEADER_DIR
 #include "lzo/lzoutil.h"
 #include "lzo/lzo1x.h"
@@ -35 +34 @@
 #include "lzoutil.h"
 #include "lzo1x.h"
 #endif
-#endif
 
 #include "buffer.h"
 #include "mtu.h"
 #include "common.h"
 #include "status.h"
 
-/* LZO flags */
-#define LZO_SELECTED   (1<<0)
-#define LZO_ON         (1<<1)
-#define LZO_ADAPTIVE   (1<<2)  
+extern const struct compress_alg lzo_alg;
 
 /*
- * Length of prepended prefix on LZO packets
- */ 
-#define LZO_PREFIX_LEN 1
-
-/*
- * LZO 2.0 worst case size expansion
- */
-#define LZO_EXTRA_BUFFER(len) ((len)/8 + 128 + 3)
-
-#ifndef LZO_STUB
-
-/*
  * Use LZO compress routine lzo1x_1_15_compress which is described
  * as faster but needs a bit more memory than the standard routine.
  * Use safe decompress (i.e. check for buffer overflows).
@@ -73 +56 @@
 #define LZO_DECOMPRESS  lzo1x_decompress_safe
 
 /*
- * Don't try to compress any packet smaller than this.
- */
-#define COMPRESS_THRESHOLD 100
-
-/*
  * Adaptive compress parameters
  */
 #define AC_SAMP_SEC    2      /* number of seconds in sample period */
@@ -95 +73 @@
   int n_comp;
 };
 
-#endif /* LZO_STUB */
-
 /*
  * Compress and Uncompress routines.
  */
 
 struct lzo_compress_workspace
 {
-  bool defined;
-  unsigned int flags;
-#ifndef LZO_STUB
   lzo_voidp wmem;
   int wmem_size;
   struct lzo_adaptive_compress ac;
-
-  /* statistics */
-  counter_type pre_decompress;
-  counter_type post_decompress;
-  counter_type pre_compress;
-  counter_type post_compress;
-#endif
 };
 
-void lzo_adjust_frame_parameters(struct frame *frame);
-
-void lzo_compress_init (struct lzo_compress_workspace *lzowork, unsigned int flags);
-
-void lzo_compress_uninit (struct lzo_compress_workspace *lzowork);
-
-void lzo_modify_flags (struct lzo_compress_workspace *lzowork, unsigned int flags);
-
-void lzo_compress (struct buffer *buf, struct buffer work,
-                   struct lzo_compress_workspace *lzowork,
-                   const struct frame* frame);
-
-void lzo_decompress (struct buffer *buf, struct buffer work,
-                     struct lzo_compress_workspace *lzowork,
-                     const struct frame* frame);
-
-void lzo_print_stats (const struct lzo_compress_workspace *lzo_compwork, struct status_output *so);
-
-static inline bool
-lzo_defined (const struct lzo_compress_workspace *lzowork)
-{
-  return lzowork->defined;
-}
-
-
 #endif /* USE_LZO */
 #endif

openvpn.8

@@ -2256 +2256 @@
 limit repetitive logging of similar message types.
 .\"*********************************************************
 .TP
+.B --compress [algorithm]
+Enable a compression algorithm.
+
+The
+.B algorithm
+parameter may be "snappy", "lzo", "stub", or "no".  Snappy and LZO
+are different compression algorithms, with Snappy generally
+offering the best performance.
+
+"no" indicates that compression should be turned off, but the packet
+framing for compression is still enabled, allowing a different
+setting to be later pushed.
+.\"*********************************************************
+.TP
 .B --comp-lzo [mode]
-Use fast LZO compression -- may add up to 1 byte per
+Use LZO compression -- may add up to 1 byte per
 packet for incompressible data.
 .B mode
 may be "yes", "no", or "adaptive" (default).
 
+This option is deprecated in favor of the newer
+.B --compress
+option.
+
 In a server mode setup, it is possible to selectively turn
 compression on or off for individual clients.
 

sig.c

@@ -264 +264 @@
   status_printf (so, "TCP/UDP read bytes," counter_format, c->c2.link_read_bytes);
   status_printf (so, "TCP/UDP write bytes," counter_format, c->c2.link_write_bytes);
   status_printf (so, "Auth read bytes," counter_format, c->c2.link_read_bytes_auth);
-#ifdef USE_LZO
-  if (lzo_defined (&c->c2.lzo_compwork))
-    lzo_print_stats (&c->c2.lzo_compwork, so);
+#ifdef USE_COMP
+  if (c->c2.comp_context)
+    comp_print_stats (c->c2.comp_context, so);
 #endif
 #ifdef PACKET_TRUNCATION_CHECK
   status_printf (so, "TUN read truncations," counter_format, c->c2.n_trunc_tun_read);

comp.c

@@ +1 @@
+/*
+ *  OpenVPN -- An application to securely tunnel IP networks
+ *             over a single UDP port, with support for SSL/TLS-based
+ *             session authentication and key exchange,
+ *             packet encryption, packet authentication, and
+ *             packet compression.
+ *
+ *  Copyright (C) 2002-2012 OpenVPN Technologies, Inc. <sales@openvpn.net>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2
+ *  as published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program (see the file COPYING included with this
+ *  distribution); if not, write to the Free Software Foundation, Inc.,
+ *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+#include "syshead.h"
+
+#ifdef USE_COMP
+
+#include "comp.h"
+#include "error.h"
+#include "otime.h"
+
+#include "memdbg.h"
+
+struct compress_context *
+comp_init(const struct compress_options *opt)
+{
+  struct compress_context *compctx = NULL;
+  switch (opt->alg)
+    {
+    case COMP_ALG_STUB:
+      ALLOC_OBJ_CLEAR (compctx, struct compress_context);
+      compctx->flags = opt->flags;
+      compctx->alg = comp_stub_alg;
+      (*compctx->alg.compress_init)(compctx);
+      break;
+#ifdef USE_LZO
+    case COMP_ALG_LZO:
+      ALLOC_OBJ_CLEAR (compctx, struct compress_context);
+      compctx->flags = opt->flags;
+      compctx->alg = lzo_alg;
+      (*compctx->alg.compress_init)(compctx);
+      break;
+#endif
+#ifdef USE_SNAPPY
+    case COMP_ALG_SNAPPY:
+      ALLOC_OBJ_CLEAR (compctx, struct compress_context);
+      compctx->flags = opt->flags;
+      compctx->alg = snappy_alg;
+      (*compctx->alg.compress_init)(compctx);
+      break;
+#endif
+    }
+  return compctx;
+}
+
+void
+comp_uninit(struct compress_context *compctx)
+{
+  if (compctx)
+    {
+      (*compctx->alg.compress_uninit)(compctx);
+      free(compctx);
+    }
+}
+
+void
+comp_add_to_extra_frame(struct frame *frame)
+{
+  /* Leave room for our one-byte compressed/didn't-compress prefix byte. */
+  frame_add_to_extra_frame (frame, COMP_PREFIX_LEN);
+}
+
+void
+comp_add_to_extra_buffer(struct frame *frame)
+{
+  /* Leave room for compression buffer to expand in worst case scenario
+     where data is totally uncompressible */
+  frame_add_to_extra_buffer (frame, COMP_EXTRA_BUFFER (EXPANDED_SIZE(frame)));
+}
+
+void
+comp_print_stats (const struct compress_context *compctx, struct status_output *so)
+{
+  if (compctx)
+    {
+      status_printf (so, "pre-compress bytes," counter_format, compctx->pre_compress);
+      status_printf (so, "post-compress bytes," counter_format, compctx->post_compress);
+      status_printf (so, "pre-decompress bytes," counter_format, compctx->pre_decompress);
+      status_printf (so, "post-decompress bytes," counter_format, compctx->post_decompress);
+    }
+}
+
+/*
+ * Tell our peer which compression algorithms we support.
+ */
+void
+comp_generate_peer_info_string(const struct compress_options *opt, struct buffer *out)
+{
+  if (opt)
+    {
+      bool lzo_avail = false;
+      if (!(opt->flags & COMP_F_ADVERTISE_STUBS_ONLY))
+        {
+#if defined(USE_SNAPPY)
+          buf_printf (out, "IV_SNAPPY=1\n");
+#endif
+#if defined(USE_LZO)
+          buf_printf (out, "IV_LZO=1\n");
+          lzo_avail = true;
+#endif
+        }
+      if (!lzo_avail)
+        buf_printf (out, "IV_LZO_STUB=1\n");
+      buf_printf (out, "IV_COMP_STUB=1\n");
+    }
+}
+
+#endif /* USE_COMP */

ssl.c

@@ -3941 +3941 @@
           buf_printf (&out, "IV_HWADDR=%s\n", format_hex_ex (rgi.hwaddr, 6, 0, 1, ":", &gc));
       }
 
-      /* push LZO status */
-#ifdef LZO_STUB
-      buf_printf (&out, "IV_LZO_STUB=1\n");
+      /* push compression status */
+#ifdef USE_COMP
+      comp_generate_peer_info_string(&session->opt->comp_options, &out);
 #endif
 
       /* push env vars that begin with UV_ */

comp.h

@@ +1 @@
+/*
+ *  OpenVPN -- An application to securely tunnel IP networks
+ *             over a single UDP port, with support for SSL/TLS-based
+ *             session authentication and key exchange,
+ *             packet encryption, packet authentication, and
+ *             packet compression.
+ *
+ *  Copyright (C) 2002-2012 OpenVPN Technologies, Inc. <sales@openvpn.net>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2
+ *  as published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program (see the file COPYING included with this
+ *  distribution); if not, write to the Free Software Foundation, Inc.,
+ *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+/*
+ * Generic compression support.  Currently we support
+ * Snappy and LZO 2.
+ */
+#ifndef OPENVPN_COMP_H
+#define OPENVPN_COMP_H
+
+#ifdef USE_COMP
+
+#include "buffer.h"
+#include "mtu.h"
+#include "common.h"
+#include "status.h"
+
+/* algorithms */
+#define COMP_ALG_UNDEF  0
+#define COMP_ALG_STUB   1 /* support compression command byte and framing without actual compression */
+#define COMP_ALG_LZO    2 /* LZO algorithm */
+#define COMP_ALG_SNAPPY 3 /* Snappy algorithm */
+
+/* Compression flags */
+#define COMP_F_ADAPTIVE   (1<<0) /* COMP_ALG_LZO only */
+#define COMP_F_ASYM       (1<<1) /* only downlink is compressed, not uplink */
+#define COMP_F_SWAP       (1<<2) /* initial command byte is swapped with last byte in buffer to preserve payload alignment */
+#define COMP_F_ADVERTISE_STUBS_ONLY (1<<3) /* tell server that we only support compression stubs */
+
+/*
+ * Length of prepended prefix on compressed packets
+ */ 
+#define COMP_PREFIX_LEN 1
+
+/*
+ * Prefix bytes
+ */
+#define NO_COMPRESS_BYTE      0xFA
+#define NO_COMPRESS_BYTE_SWAP 0xFB /* to maintain payload alignment, replace this byte with last byte of packet */
+
+/*
+ * Compress worst case size expansion (for any algorithm)
+ *
+ * LZO:    len + len/8 + 128 + 3
+ * Snappy: len + len/6 + 32
+ */
+#define COMP_EXTRA_BUFFER(len) ((len)/6 + 128 + 3 + COMP_PREFIX_LEN)
+
+/*
+ * Don't try to compress any packet smaller than this.
+ */
+#define COMPRESS_THRESHOLD 100
+
+/* Forward declaration of compression context */
+struct compress_context;
+
+/*
+ * Virtual methods and other static info for each compression algorithm
+ */
+struct compress_alg
+{
+  const char *name;
+  void (*compress_init)(struct compress_context *compctx);
+  void (*compress_uninit)(struct compress_context *compctx);
+  void (*compress)(struct buffer *buf, struct buffer work,
+                   struct compress_context *compctx,
+                   const struct frame* frame);
+
+  void (*decompress)(struct buffer *buf, struct buffer work,
+                     struct compress_context *compctx,
+                     const struct frame* frame);
+};
+
+/*
+ * Headers for each compression implementation
+ */
+#ifdef USE_LZO
+#include "lzo.h"
+#endif
+
+#ifdef USE_SNAPPY
+#include "snappy.h"
+#endif
+
+/*
+ * Information that basically identifies a compression
+ * algorithm and related flags.
+ */
+struct compress_options
+{
+  int alg;
+  unsigned int flags;
+};
+
+/*
+ * Workspace union of all supported compression algorithms
+ */
+union compress_workspace_union
+{
+#ifdef USE_LZO
+  struct lzo_compress_workspace lzo;
+#endif
+#ifdef USE_SNAPPY
+  struct snappy_workspace snappy;
+#endif
+};
+
+/*
+ * Context for active compression session
+ */
+struct compress_context
+{
+  unsigned int flags;
+  struct compress_alg alg;
+  union compress_workspace_union wu;
+
+  /* statistics */
+  counter_type pre_decompress;
+  counter_type post_decompress;
+  counter_type pre_compress;
+  counter_type post_compress;
+};
+
+extern const struct compress_alg comp_stub_alg;
+
+struct compress_context *comp_init(const struct compress_options *opt);
+
+void comp_uninit(struct compress_context *compctx);
+
+void comp_add_to_extra_frame(struct frame *frame);
+void comp_add_to_extra_buffer(struct frame *frame);
+
+void comp_print_stats (const struct compress_context *compctx, struct status_output *so);
+
+void comp_generate_peer_info_string(const struct compress_options *opt, struct buffer *out);
+
+static inline bool
+comp_enabled(const struct compress_options *info)
+{
+  return info->alg != COMP_ALG_UNDEF;
+}
+
+static inline bool
+comp_unswapped_prefix(const struct compress_options *info)
+{
+  return !(info->flags & COMP_F_SWAP);
+}
+
+#endif /* USE_COMP */
+#endif

syshead.h

@@ -709 +709 @@
 #define ENABLE_CLIENT_NAT
 
 /*
- * Support LZO as a stub in client? (LZO lib not included, but we
- * we still support LZO protocol changes that allow us to
- * communicate with an LZO-enabled server)
+ * Compression support
  */
-#ifdef LZO_STUB
-#undef USE_LZO
-#undef LZO_VERSION_NUM
-#define USE_LZO 1
-#define LZO_VERSION_NUM "STUB"
+#if defined(USE_SNAPPY) || defined(USE_LZO) || defined(COMP_STUB)
+#define USE_COMP
 #endif
 
 /*

ssl.h

@@ -499 +499 @@
   struct env_set *es;
   const struct plugin_list *plugins;
 
+  /* compression parms */
+#ifdef USE_COMP
+  struct compress_options comp_options;
+#endif  
+
   /* configuration file boolean options */
 # define SSLF_CLIENT_CERT_NOT_REQUIRED (1<<0)
 # define SSLF_USERNAME_AS_COMMON_NAME  (1<<1)

openvpn.h

@@ -31 +31 @@
 #include "crypto.h"
 #include "ssl.h"
 #include "packet_id.h"
-#include "lzo.h"
+#include "comp.h"
 #include "tun.h"
 #include "interval.h"
 #include "status.h"
@@ -104 +104 @@
   struct buffer decrypt_buf;
 #endif
 
-  /* workspace buffers for LZO compression */
-#ifdef USE_LZO
-  struct buffer lzo_compress_buf;
-  struct buffer lzo_decompress_buf;
+  /* workspace buffers for compression */
+#ifdef USE_COMP
+  struct buffer compress_buf;
+  struct buffer decompress_buf;
 #endif
 
   /*
@@ -339 +339 @@
 #endif /* USE_CRYPTO */
 
   /*
-   * LZO compression library workspace.
+   * compression context
    */
-#ifdef USE_LZO
-  struct lzo_compress_workspace lzo_compwork;
+#ifdef USE_COMP
+  struct compress_context *comp_context;
 #endif
 
   /*

Makefile.am

@@ -80 +80 @@
         circ_list.h \
         clinat.c clinat.h \
         common.h \
+        comp.c comp.h compstub.c \
         config-win32.h \
         crypto.c crypto.h \
         dhcp.c dhcp.h \
@@ -134 +135 @@
         session_id.c session_id.h \
         shaper.c shaper.h \
         sig.c sig.h \
+        snappy.c snappy.h \
         socket.c socket.h \
         socks.c socks.h \
         ssl.c ssl.h \

options.c

@@ -59 +59 @@
   " [CRYPTO]"
 #endif
 #endif
+#ifdef USE_COMP
 #ifdef USE_LZO
   " [LZO" LZO_VERSION_NUM "]"
 #endif
+#ifdef USE_SNAPPY
+  " [SNAPPY]"
+#endif
+#endif
 #if EPOLL
   " [EPOLL]"
 #endif
@@ -324 +329 @@
 #ifdef ENABLE_DEBUG
   "--gremlin mask  : Special stress testing mode (for debugging only).\n"
 #endif
-#ifdef USE_LZO
-  "--comp-lzo      : Use fast LZO compression -- may add up to 1 byte per\n"
+#if defined(USE_COMP)
+  "--compress alg  : Use compression algorithm alg\n"
+#if defined(USE_LZO)
+  "--comp-lzo      : Use LZO compression -- may add up to 1 byte per\n"
   "                  packet for uncompressible data.\n"
   "--comp-noadapt  : Don't use adaptive compression when --comp-lzo\n"
   "                  is specified.\n"
 #endif
+#endif
 #ifdef ENABLE_MANAGEMENT
   "--management ip port [pass] : Enable a TCP server on ip:port to handle\n"
   "                  management functions.  pass is a password file\n"
@@ -1333 +1341 @@
 
   SHOW_BOOL (fast_io);
 
-#ifdef USE_LZO
-  SHOW_INT (lzo);
+#ifdef USE_COMP
+  SHOW_INT (comp.alg);
+  SHOW_INT (comp.flags);
 #endif
 
   SHOW_STR (route_script);
@@ -2477 +2486 @@
  *                 the other end of the connection]
  *
  * --comp-lzo
+ * --compress alg
  * --fragment
  *
  * Crypto Options:
@@ -2551 +2561 @@
       tt = NULL;
     }
 
-#ifdef USE_LZO
-  if (o->lzo & LZO_SELECTED)
-    buf_printf (&out, ",comp-lzo");
+#ifdef USE_COMP
+  if (o->comp.alg != COMP_ALG_UNDEF)
+    buf_printf (&out, ",comp-lzo"); /* for compatibility, this simply indicates that compression context is active, not necessarily LZO per-se */
 #endif
 
 #ifdef ENABLE_FRAGMENT
@@ -5569 +5579 @@
       options->passtos = true;
     }
 #endif
-#ifdef USE_LZO
+#if defined(USE_COMP)
   else if (streq (p[0], "comp-lzo"))
     {
       VERIFY_PERMISSION (OPT_P_COMP);
-      if (p[1])
+
+#if defined(USE_LZO)
+      if (p[1] && streq (p[1], "no"))
+#endif
         {
+          options->comp.alg = COMP_ALG_STUB;
+          options->comp.flags = 0;
+        }
+#if defined(USE_LZO)
+      else if (p[1])
+        {
           if (streq (p[1], "yes"))
-            options->lzo = LZO_SELECTED|LZO_ON;
-          else if (streq (p[1], "no"))
-            options->lzo = LZO_SELECTED;
+            {
+              options->comp.alg = COMP_ALG_LZO;
+              options->comp.flags = 0;
+            }
           else if (streq (p[1], "adaptive"))
-            options->lzo = LZO_SELECTED|LZO_ON|LZO_ADAPTIVE;
+            {
+              options->comp.alg = COMP_ALG_LZO;
+              options->comp.flags = COMP_F_ADAPTIVE;
+            }
           else
             {
               msg (msglevel, "bad comp-lzo option: %s -- must be 'yes', 'no', or 'adaptive'", p[1]);
@@ -5588 +5611 @@
             }
         }
       else
-        options->lzo = LZO_SELECTED|LZO_ON|LZO_ADAPTIVE;
+        {
+          options->comp.alg = COMP_ALG_LZO;
+          options->comp.flags = COMP_F_ADAPTIVE;
+        }
+#endif
     }
   else if (streq (p[0], "comp-noadapt"))
     {
       VERIFY_PERMISSION (OPT_P_COMP);
-      options->lzo &= ~LZO_ADAPTIVE;
+      options->comp.flags &= ~COMP_F_ADAPTIVE;
     }
-#endif /* USE_LZO */
+  else if (streq (p[0], "compress"))
+    {
+      VERIFY_PERMISSION (OPT_P_COMP);
+      if (p[1])
+        {
+          if (streq (p[1], "no"))
+            {
+              options->comp.alg = COMP_ALG_STUB;
+              options->comp.flags = COMP_F_SWAP;
+            }
+          if (streq (p[1], "stub"))
+            {
+              options->comp.alg = COMP_ALG_STUB;
+              options->comp.flags = (COMP_F_SWAP|COMP_F_ADVERTISE_STUBS_ONLY);
+            }
+#if defined(USE_LZO)
+          else if (streq (p[1], "lzo"))
+            {
+              options->comp.alg = COMP_ALG_LZO;
+              options->comp.flags = 0;
+            }
+#endif
+#if defined(USE_SNAPPY)
+          else if (streq (p[1], "snappy"))
+            {
+              options->comp.alg = COMP_ALG_SNAPPY;
+              options->comp.flags = COMP_F_SWAP;
+            }
+#endif
+          else
+            {
+              msg (msglevel, "bad comp option: %s", p[1]);
+              goto err;
+            }
+        }
+      else
+        {
+          options->comp.alg = COMP_ALG_STUB;
+          options->comp.flags = COMP_F_SWAP;
+        }
+    }
+#endif /* USE_COMP */
 #ifdef USE_CRYPTO
   else if (streq (p[0], "show-ciphers"))
     {

options.h

@@ -39 +39 @@
 #include "plugin.h"
 #include "manage.h"
 #include "proxy.h"
-#include "lzo.h"
+#include "comp.h"
 #include "pushlist.h"
 #include "clinat.h"
 
@@ -335 +335 @@
   /* optimize TUN/TAP/UDP writes */
   bool fast_io;
 
-#ifdef USE_LZO
-  /* LZO_x flags from lzo.h */
-  unsigned int lzo;
+#ifdef USE_COMP
+  struct compress_options comp;
 #endif
 
   /* buffer sizes */

forward.c

@@ -437 +437 @@
 
   if (comp_frag)
     {
-#ifdef USE_LZO
+#ifdef USE_COMP
       /* Compress the packet. */
-      if (lzo_defined (&c->c2.lzo_compwork))
-        lzo_compress (&c->c2.buf, b->lzo_compress_buf, &c->c2.lzo_compwork, &c->c2.frame);
+      if (c->c2.comp_context)
+        (*c->c2.comp_context->alg.compress)(&c->c2.buf, b->compress_buf, c->c2.comp_context, &c->c2.frame);
 #endif
 #ifdef ENABLE_FRAGMENT
       if (c->c2.fragment)
@@ -849 +849 @@
         fragment_incoming (c->c2.fragment, &c->c2.buf, &c->c2.frame_fragment);
 #endif
 
-#ifdef USE_LZO
+#ifdef USE_COMP
       /* decompress the incoming packet */
-      if (lzo_defined (&c->c2.lzo_compwork))
-        lzo_decompress (&c->c2.buf, c->c2.buffers->lzo_decompress_buf, &c->c2.lzo_compwork, &c->c2.frame);
+      if (c->c2.comp_context)
+        (*c->c2.comp_context->alg.decompress)(&c->c2.buf, c->c2.buffers->decompress_buf, c->c2.comp_context, &c->c2.frame);
 #endif
 
 #ifdef PACKET_TRUNCATION_CHECK

compstub.c

@@ +1 @@
+/*
+ *  OpenVPN -- An application to securely tunnel IP networks
+ *             over a single UDP port, with support for SSL/TLS-based
+ *             session authentication and key exchange,
+ *             packet encryption, packet authentication, and
+ *             packet compression.
+ *
+ *  Copyright (C) 2002-2012 OpenVPN Technologies, Inc. <sales@openvpn.net>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2
+ *  as published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program (see the file COPYING included with this
+ *  distribution); if not, write to the Free Software Foundation, Inc.,
+ *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+#include "syshead.h"
+
+#if defined(USE_COMP)
+
+#include "comp.h"
+#include "error.h"
+#include "otime.h"
+
+#include "memdbg.h"
+
+static void
+stub_compress_init (struct compress_context *compctx)
+{
+}
+
+static void
+stub_compress_uninit (struct compress_context *compctx)
+{
+}
+
+static void
+stub_compress (struct buffer *buf, struct buffer work,
+               struct compress_context *compctx,
+               const struct frame* frame)
+{
+  if (buf->len <= 0)
+    return;
+  if (compctx->flags & COMP_F_SWAP)
+    {
+      uint8_t *head = BPTR (buf);
+      uint8_t *tail  = BEND (buf);
+      ASSERT (buf_safe (buf, 1));
+      ++buf->len;
+
+      /* move head byte of payload to tail */
+      *tail = *head;
+      *head = NO_COMPRESS_BYTE_SWAP;
+    }
+  else
+    {
+      uint8_t *header = buf_prepend (buf, 1);
+      *header = NO_COMPRESS_BYTE;
+    }
+}
+
+static void
+stub_decompress (struct buffer *buf, struct buffer work,
+                 struct compress_context *compctx,
+                 const struct frame* frame)
+{
+  uint8_t c;
+  if (buf->len <= 0)
+    return;
+  if (compctx->flags & COMP_F_SWAP)
+    {
+      uint8_t *head = BPTR (buf);
+      c = *head;
+      --buf->len;
+      *head = *BEND (buf);
+      if (c != NO_COMPRESS_BYTE_SWAP)
+        {
+          dmsg (D_COMP_ERRORS, "Bad compression stub (swap) decompression header byte: %d", c);
+          buf->len = 0;
+        }
+    }
+  else
+    {
+      c = *BPTR (buf);
+      ASSERT (buf_advance (buf, 1));
+      if (c != NO_COMPRESS_BYTE)
+        {
+          dmsg (D_COMP_ERRORS, "Bad compression stub decompression header byte: %d", c);
+          buf->len = 0;
+        }
+    }
+}
+
+const struct compress_alg comp_stub_alg = {
+  "stub",
+  stub_compress_init,
+  stub_compress_uninit,
+  stub_compress,
+  stub_decompress
+};
+
+#else
+static void dummy(void) {}
+#endif /* USE_STUB */

snappy.c

@@ +1 @@
+/*
+ *  OpenVPN -- An application to securely tunnel IP networks
+ *             over a single UDP port, with support for SSL/TLS-based
+ *             session authentication and key exchange,
+ *             packet encryption, packet authentication, and
+ *             packet compression.
+ *
+ *  Copyright (C) 2002-2012 OpenVPN Technologies, Inc. <sales@openvpn.net>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2
+ *  as published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program (see the file COPYING included with this
+ *  distribution); if not, write to the Free Software Foundation, Inc.,
+ *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+#include "syshead.h"
+
+#if defined(USE_SNAPPY) && defined(USE_COMP)
+
+#include "snappy-c.h"
+
+#include "comp.h"
+#include "error.h"
+#include "otime.h"
+
+#include "memdbg.h"
+
+/* Initial command byte to tell our peer if we compressed */
+#define SNAPPY_COMPRESS_BYTE 0x68
+
+static void
+snap_compress_init (struct compress_context *compctx)
+{
+  msg (D_INIT_MEDIUM, "Snappy compression initializing");
+  ASSERT(compctx->flags & COMP_F_SWAP);
+}
+
+static void
+snap_compress_uninit (struct compress_context *compctx)
+{
+}
+
+static void
+snap_compress (struct buffer *buf, struct buffer work,
+               struct compress_context *compctx,
+               const struct frame* frame)
+{
+  snappy_status status;
+  bool compressed = false;
+
+  if (buf->len <= 0)
+    return;
+
+  /*
+   * In order to attempt compression, length must be at least COMPRESS_THRESHOLD.
+   */
+  if (buf->len >= COMPRESS_THRESHOLD)
+    {
+      const size_t ps = PAYLOAD_SIZE (frame);
+      size_t zlen = ps + COMP_EXTRA_BUFFER (ps);
+
+      ASSERT (buf_init (&work, FRAME_HEADROOM (frame)));
+      ASSERT (buf_safe (&work, zlen));
+
+      if (buf->len > ps)
+        {
+          dmsg (D_COMP_ERRORS, "Snappy compression buffer overflow");
+          buf->len = 0;
+          return;
+        }
+
+      status = snappy_compress((const char *)BPTR(buf), (size_t)BLEN(buf), (char *)BPTR(&work), &zlen);
+      if (status != SNAPPY_OK)
+        {
+          dmsg (D_COMP_ERRORS, "Snappy compression error: %d", status);
+          buf->len = 0;
+          return;
+        }
+
+      ASSERT (buf_safe (&work, zlen));
+      work.len = zlen;
+      compressed = true;
+
+      dmsg (D_COMP, "Snappy compress %d -> %d", buf->len, work.len);
+      compctx->pre_compress += buf->len;
+      compctx->post_compress += work.len;
+    }
+
+  /* did compression save us anything? */
+  {
+    uint8_t comp_head_byte = NO_COMPRESS_BYTE_SWAP;
+    if (compressed && work.len < buf->len)
+      {
+        *buf = work;
+        comp_head_byte = SNAPPY_COMPRESS_BYTE;
+      }
+
+    {
+      uint8_t *head = BPTR (buf);
+      uint8_t *tail  = BEND (buf);
+      ASSERT (buf_safe (buf, 1));
+      ++buf->len;
+
+      /* move head byte of payload to tail */
+      *tail = *head;
+      *head = comp_head_byte;
+    }
+  }
+}
+
+static void
+snap_decompress (struct buffer *buf, struct buffer work,
+                 struct compress_context *compctx,
+                 const struct frame* frame)
+{
+  size_t zlen = EXPANDED_SIZE (frame);
+  snappy_status status;
+  uint8_t c;            /* flag indicating whether or not our peer compressed */
+
+  if (buf->len <= 0)
+    return;
+
+  ASSERT (buf_init (&work, FRAME_HEADROOM (frame)));
+
+  /* do unframing/swap (assumes buf->len > 0) */
+  {
+    uint8_t *head = BPTR (buf);
+    c = *head;
+    --buf->len;
+    *head = *BEND (buf);
+  }
+
+  if (c == SNAPPY_COMPRESS_BYTE)        /* packet was compressed */
+    {
+      ASSERT (buf_safe (&work, zlen));
+      status = snappy_uncompress((const char *)BPTR(buf), (size_t)BLEN(buf), (char *)BPTR(&work), &zlen);
+      if (status != SNAPPY_OK)
+        {
+          dmsg (D_COMP_ERRORS, "Snappy decompression error: %d", status);
+          buf->len = 0;
+          return;
+        }
+
+      ASSERT (buf_safe (&work, zlen));
+      work.len = zlen;
+
+      dmsg (D_COMP, "Snappy decompress %d -> %d", buf->len, work.len);
+      compctx->pre_decompress += buf->len;
+      compctx->post_decompress += work.len;
+
+      *buf = work;
+    }
+  else if (c == NO_COMPRESS_BYTE_SWAP)  /* packet was not compressed */
+    {
+      ;
+    }
+  else
+    {
+      dmsg (D_COMP_ERRORS, "Bad Snappy decompression header byte: %d", c);
+      buf->len = 0;
+    }
+}
+
+const struct compress_alg snappy_alg = {
+  "snappy",
+  snap_compress_init,
+  snap_compress_uninit,
+  snap_compress,
+  snap_decompress
+};
+
+#else
+static void dummy(void) {}
+#endif /* USE_SNAPPY */

snappy.h

@@ +1 @@
+/*
+ *  OpenVPN -- An application to securely tunnel IP networks
+ *             over a single UDP port, with support for SSL/TLS-based
+ *             session authentication and key exchange,
+ *             packet encryption, packet authentication, and
+ *             packet compression.
+ *
+ *  Copyright (C) 2002-2012 OpenVPN Technologies, Inc. <sales@openvpn.net>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2
+ *  as published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program (see the file COPYING included with this
+ *  distribution); if not, write to the Free Software Foundation, Inc.,
+ *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+#ifndef OPENVPN_SNAPPY_H
+#define OPENVPN_SNAPPY_H
+
+#if defined(USE_SNAPPY) && defined(USE_COMP)
+
+#include "buffer.h"
+
+extern const struct compress_alg snappy_alg;
+
+struct snappy_workspace
+{
+};
+
+#endif /* USE_SNAPPY */
+#endif