24 #elif defined(_MSC_VER)
42 #if defined(__MINGW32__)
43 const IN_ADDR in4addr_any = { 0 };
50 const char *device_guid;
73 for (
int i = 0; i < 20; ++i)
75 MIB_IPINTERFACE_ROW row = {.InterfaceIndex = idx, .Family = AF_INET};
76 if (GetIpInterfaceEntry(&row) != ERROR_NOT_FOUND)
95 DWORD bytes_returned = 0;
97 &bytes_returned, NULL))
99 msg(
M_ERR,
"DeviceIoControl(OVPN_IOCTL_START_VPN) failed");
113 typedef BOOL (WINAPI *get_overlapped_result_ex_t)(HANDLE, LPOVERLAPPED, LPDWORD, DWORD, BOOL);
114 get_overlapped_result_ex_t get_overlapped_result_ex =
115 (get_overlapped_result_ex_t)GetProcAddress(GetModuleHandle(
"Kernel32.dll"),
116 "GetOverlappedResultEx");
118 if (get_overlapped_result_ex == NULL)
120 msg(
M_ERR,
"Failed to load GetOverlappedResult()");
123 DWORD timeout_msec = timeout * 1000;
124 const int poll_interval_ms = 50;
126 while (timeout_msec > 0)
128 timeout_msec -= poll_interval_ms;
131 if (get_overlapped_result_ex(handle, ov, &transferred, poll_interval_ms, FALSE) != 0)
137 DWORD err = GetLastError();
138 if ((err != WAIT_TIMEOUT) && (err != ERROR_IO_INCOMPLETE))
147 if (*signal_received)
162 struct addrinfo *bind,
int timeout,
169 struct sockaddr *local = NULL;
170 struct sockaddr *remote = remoteaddr->ai_addr;
172 if (remoteaddr->ai_protocol == IPPROTO_TCP
173 || remoteaddr->ai_socktype == SOCK_STREAM)
185 while (bind && !local)
187 if (bind->ai_family == remote->sa_family)
189 local = bind->ai_addr;
191 bind = bind->ai_next;
197 msg(
M_FATAL,
"DCO: Socket bind failed: Address to bind lacks %s record",
201 if (remote->sa_family == AF_INET6)
203 peer.
Remote.
Addr6 = *((SOCKADDR_IN6 *)(remoteaddr->ai_addr));
215 else if (remote->sa_family == AF_INET)
217 peer.
Remote.
Addr4 = *((SOCKADDR_IN *)(remoteaddr->ai_addr));
234 OVERLAPPED ov = { 0 };
235 if (!DeviceIoControl(handle,
OVPN_IOCTL_NEW_PEER, &peer,
sizeof(peer), NULL, 0, NULL, &ov))
237 DWORD err = GetLastError();
238 if (err != ERROR_IO_PENDING)
240 msg(
M_ERR,
"DeviceIoControl(OVPN_IOCTL_NEW_PEER) failed");
251 struct sockaddr *localaddr,
struct sockaddr *remoteaddr,
252 struct in_addr *remote_in4,
struct in6_addr *remote_in6)
263 DWORD bytes_returned = 0;
265 0, NULL, 0, &bytes_returned, NULL))
275 int keepalive_interval,
int keepalive_timeout,
int mss)
277 msg(
D_DCO_DEBUG,
"%s: peer-id %d, keepalive %d/%d, mss %d", __func__,
278 peerid, keepalive_interval, keepalive_timeout, mss);
286 DWORD bytes_returned = 0;
288 sizeof(peer), NULL, 0, &bytes_returned, NULL))
299 const uint8_t *encrypt_key,
const uint8_t *encrypt_iv,
300 const uint8_t *decrypt_key,
const uint8_t *decrypt_iv,
301 const char *ciphername)
304 __func__, slot, keyid, peerid, ciphername);
306 const int nonce_len = 8;
310 ZeroMemory(&crypto_data,
sizeof(crypto_data));
312 crypto_data.
CipherAlg = dco_get_cipher(ciphername);
313 crypto_data.
KeyId = keyid;
314 crypto_data.
PeerId = peerid;
317 CopyMemory(crypto_data.
Encrypt.
Key, encrypt_key, key_len);
321 CopyMemory(crypto_data.
Decrypt.
Key, decrypt_key, key_len);
327 DWORD bytes_returned = 0;
330 sizeof(crypto_data), NULL, 0, &bytes_returned, NULL))
332 msg(
M_ERR,
"DeviceIoControl(OVPN_IOCTL_NEW_KEY) failed");
340 msg(
D_DCO,
"%s: peer-id %d, slot %d called but ignored", __func__, peerid,
351 DWORD bytes_returned = 0;
353 &bytes_returned, NULL))
355 msg(
M_ERR,
"DeviceIoControl(OVPN_IOCTL_SWAP_KEYS) failed");
365 HANDLE h = CreateFile(
"\\\\.\\ovpn-dco", GENERIC_READ | GENERIC_WRITE,
366 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_SYSTEM | FILE_FLAG_OVERLAPPED, NULL);
368 if (h != INVALID_HANDLE_VALUE)
374 DWORD err = GetLastError();
375 if (err == ERROR_ACCESS_DENIED)
384 msg(msglevel,
"Note: ovpn-dco-win driver is missing, disabling data channel offload.");
422 DWORD bytes_returned = 0;
424 &stats,
sizeof(stats), &bytes_returned, NULL))
455 NTSTATUS
status = BCryptOpenAlgorithmProvider(&h, L
"CHACHA20_POLY1305", NULL, 0);
456 if (BCRYPT_SUCCESS(
status))
458 BCryptCloseAlgorithmProvider(h, 0);
459 return "AES-128-GCM:AES-256-GCM:AES-192-GCM:CHACHA20-POLY1305";
463 return "AES-128-GCM:AES-256-GCM:AES-192-GCM";