The branch main has been updated by kp:
URL:
https://cgit.FreeBSD.org/src/commit/?id=66de89d4c29827f0b33561afb0900208da0d3d05
commit 66de89d4c29827f0b33561afb0900208da0d3d05
Author: Kristof Provost <k...@freebsd.org>
AuthorDate: 2022-11-26 12:52:40 +0000
Commit: Kristof Provost <k...@freebsd.org>
CommitDate: 2022-12-14 05:48:58 +0000
if_ovpn: remove OVPN_SEND_PKT
OpenVPN userspace no longer uses the ioctl interface to send control
packets. It instead uses the socket directly.
The use of OVPN_SEND_PKT was never released, so we can remove this
without worrying about compatibility.
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D37602
---
sys/net/if_ovpn.c | 52 ----------------------------------------------------
sys/net/if_ovpn.h | 2 +-
2 files changed, 1 insertion(+), 53 deletions(-)
diff --git a/sys/net/if_ovpn.c b/sys/net/if_ovpn.c
index 0f326512b236..256d7d56bada 100644
--- a/sys/net/if_ovpn.c
+++ b/sys/net/if_ovpn.c
@@ -932,55 +932,6 @@ ovpn_del_key(struct ifnet *ifp, const nvlist_t *nvl)
return (0);
}
-static int
-ovpn_send_pkt(struct ifnet *ifp, const nvlist_t *nvl)
-{
- struct epoch_tracker et;
- struct ovpn_softc *sc = ifp->if_softc;
- struct mbuf *m;
- const uint8_t *pkt;
- size_t pktlen;
- uint32_t peerid;
- int ret;
-
- if (nvl == NULL)
- return (EINVAL);
-
- if (! nvlist_exists_binary(nvl, "packet"))
- return (EINVAL);
- pkt = nvlist_get_binary(nvl, "packet", &pktlen);
-
- if (! nvlist_exists_number(nvl, "peerid"))
- return (EINVAL);
-
- peerid = nvlist_get_number(nvl, "peerid");
-
- /*
- * Check that userspace isn't giving us a data packet. That might lead
- * to IV re-use, which would be bad.
- */
- if ((pkt[0] >> OVPN_OP_SHIFT) == OVPN_OP_DATA_V2)
- return (EINVAL);
-
- m = m_get2(pktlen, M_WAITOK, MT_DATA, M_PKTHDR);
- if (m == NULL)
- return (ENOMEM);
-
- m->m_len = m->m_pkthdr.len = pktlen;
- m_copyback(m, 0, m->m_len, pkt);
-
- /* Now prepend IP/UDP headers and transmit the mbuf. */
- NET_EPOCH_ENTER(et);
- ret = ovpn_encap(sc, peerid, m);
- NET_EPOCH_EXIT(et);
- if (ret == 0)
- OVPN_COUNTER_ADD(sc, sent_ctrl_pkts, 1);
- else
- OVPN_COUNTER_ADD(sc, lost_ctrl_pkts_out, 1);
-
- return (ret);
-}
-
static void
ovpn_send_ping(void *arg)
{
@@ -1170,9 +1121,6 @@ ovpn_ioctl_set(struct ifnet *ifp, struct ifdrv *ifd)
case OVPN_DEL_KEY:
ret = ovpn_del_key(ifp, nvl);
break;
- case OVPN_SEND_PKT:
- ret = ovpn_send_pkt(ifp, nvl);
- break;
case OVPN_SET_PEER:
ret = ovpn_set_peer(ifp, nvl);
break;
diff --git a/sys/net/if_ovpn.h b/sys/net/if_ovpn.h
index 3db36f5b0539..5ea2ae6dd2ec 100644
--- a/sys/net/if_ovpn.h
+++ b/sys/net/if_ovpn.h
@@ -62,7 +62,7 @@ enum ovpn_key_cipher {
#define OVPN_DEL_KEY _IO ('D', 6)
#define OVPN_SET_PEER _IO ('D', 7)
#define OVPN_START_VPN _IO ('D', 8)
-#define OVPN_SEND_PKT _IO ('D', 9)
+/* OVPN_SEND_PKT _IO ('D', 9) */
#define OVPN_POLL_PKT _IO ('D', 10)
#define OVPN_GET_PKT _IO ('D', 11)
#define OVPN_SET_IFMODE _IO ('D', 12)
