git: 66de89d4c298 - main - if_ovpn: remove OVPN_SEND_PKT

From: Kristof Provost <kp_at_FreeBSD.org>
Date: Wed, 14 Dec 2022 05:49:41 UTC
The branch main has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=66de89d4c29827f0b33561afb0900208da0d3d05

commit 66de89d4c29827f0b33561afb0900208da0d3d05
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2022-11-26 12:52:40 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2022-12-14 05:48:58 +0000

    if_ovpn: remove OVPN_SEND_PKT
    
    OpenVPN userspace no longer uses the ioctl interface to send control
    packets. It instead uses the socket directly.
    The use of OVPN_SEND_PKT was never released, so we can remove this
    without worrying about compatibility.
    
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    Differential Revision:  https://reviews.freebsd.org/D37602
---
 sys/net/if_ovpn.c | 52 ----------------------------------------------------
 sys/net/if_ovpn.h |  2 +-
 2 files changed, 1 insertion(+), 53 deletions(-)

diff --git a/sys/net/if_ovpn.c b/sys/net/if_ovpn.c
index 0f326512b236..256d7d56bada 100644
--- a/sys/net/if_ovpn.c
+++ b/sys/net/if_ovpn.c
@@ -932,55 +932,6 @@ ovpn_del_key(struct ifnet *ifp, const nvlist_t *nvl)
 	return (0);
 }
 
-static int
-ovpn_send_pkt(struct ifnet *ifp, const nvlist_t *nvl)
-{
-	struct epoch_tracker et;
-	struct ovpn_softc *sc = ifp->if_softc;
-	struct mbuf *m;
-	const uint8_t *pkt;
-	size_t pktlen;
-	uint32_t peerid;
-	int ret;
-
-	if (nvl == NULL)
-		return (EINVAL);
-
-	if (! nvlist_exists_binary(nvl, "packet"))
-		return (EINVAL);
-	pkt = nvlist_get_binary(nvl, "packet", &pktlen);
-
-	if (! nvlist_exists_number(nvl, "peerid"))
-		return (EINVAL);
-
-	peerid = nvlist_get_number(nvl, "peerid");
-
-	/*
-	 * Check that userspace isn't giving us a data packet. That might lead
-	 * to IV re-use, which would be bad.
-	 */
-	if ((pkt[0] >> OVPN_OP_SHIFT) == OVPN_OP_DATA_V2)
-		return (EINVAL);
-
-	m = m_get2(pktlen, M_WAITOK, MT_DATA, M_PKTHDR);
-	if (m == NULL)
-		return (ENOMEM);
-
-	m->m_len = m->m_pkthdr.len = pktlen;
-	m_copyback(m, 0, m->m_len, pkt);
-
-	/* Now prepend IP/UDP headers and transmit the mbuf. */
-	NET_EPOCH_ENTER(et);
-	ret = ovpn_encap(sc, peerid, m);
-	NET_EPOCH_EXIT(et);
-	if (ret == 0)
-		OVPN_COUNTER_ADD(sc, sent_ctrl_pkts, 1);
-	else
-		OVPN_COUNTER_ADD(sc, lost_ctrl_pkts_out, 1);
-
-	return (ret);
-}
-
 static void
 ovpn_send_ping(void *arg)
 {
@@ -1170,9 +1121,6 @@ ovpn_ioctl_set(struct ifnet *ifp, struct ifdrv *ifd)
 	case OVPN_DEL_KEY:
 		ret = ovpn_del_key(ifp, nvl);
 		break;
-	case OVPN_SEND_PKT:
-		ret = ovpn_send_pkt(ifp, nvl);
-		break;
 	case OVPN_SET_PEER:
 		ret = ovpn_set_peer(ifp, nvl);
 		break;
diff --git a/sys/net/if_ovpn.h b/sys/net/if_ovpn.h
index 3db36f5b0539..5ea2ae6dd2ec 100644
--- a/sys/net/if_ovpn.h
+++ b/sys/net/if_ovpn.h
@@ -62,7 +62,7 @@ enum ovpn_key_cipher {
 #define OVPN_DEL_KEY		_IO  ('D', 6)
 #define OVPN_SET_PEER		_IO  ('D', 7)
 #define OVPN_START_VPN		_IO  ('D', 8)
-#define OVPN_SEND_PKT		_IO  ('D', 9)
+/* OVPN_SEND_PKT		_IO  ('D', 9) */
 #define OVPN_POLL_PKT		_IO  ('D', 10)
 #define OVPN_GET_PKT		_IO  ('D', 11)
 #define OVPN_SET_IFMODE		_IO  ('D', 12)