Lines 42-51
#include "manage.h"
Link Here
|
42 |
#include "memdbg.h" |
42 |
#include "memdbg.h" |
43 |
|
43 |
|
44 |
const int proto_overhead[] = { /* indexed by PROTO_x */ |
44 |
const int proto_overhead[] = { /* indexed by PROTO_x */ |
45 |
IPv4_UDP_HEADER_SIZE, |
45 |
0, |
|
|
46 |
IPv4_UDP_HEADER_SIZE, /* IPv4 */ |
46 |
IPv4_TCP_HEADER_SIZE, |
47 |
IPv4_TCP_HEADER_SIZE, |
47 |
IPv4_TCP_HEADER_SIZE, |
48 |
IPv4_TCP_HEADER_SIZE, |
48 |
IPv4_TCP_HEADER_SIZE |
49 |
#ifdef USE_PF_INET6 |
|
|
50 |
IPv6_UDP_HEADER_SIZE, /* IPv6 */ |
51 |
IPv6_TCP_HEADER_SIZE, |
52 |
IPv6_TCP_HEADER_SIZE, |
53 |
IPv6_TCP_HEADER_SIZE, |
54 |
#endif |
49 |
}; |
55 |
}; |
50 |
|
56 |
|
51 |
/* |
57 |
/* |
Lines 260-279
update_remote (const char* host,
Link Here
|
260 |
struct openvpn_sockaddr *addr, |
266 |
struct openvpn_sockaddr *addr, |
261 |
bool *changed) |
267 |
bool *changed) |
262 |
{ |
268 |
{ |
263 |
if (host && addr) |
269 |
switch(addr->addr.sa.sa_family) { |
264 |
{ |
270 |
case AF_INET: |
265 |
const in_addr_t new_addr = getaddr ( |
271 |
if (host && addr) |
266 |
GETADDR_RESOLVE|GETADDR_UPDATE_MANAGEMENT_STATE, |
272 |
{ |
267 |
host, |
273 |
const in_addr_t new_addr = getaddr ( |
268 |
1, |
274 |
GETADDR_RESOLVE|GETADDR_UPDATE_MANAGEMENT_STATE, |
269 |
NULL, |
275 |
host, |
270 |
NULL); |
276 |
1, |
271 |
if (new_addr && addr->sa.sin_addr.s_addr != new_addr) |
277 |
NULL, |
|
|
278 |
NULL); |
279 |
if (new_addr && addr->addr.in4.sin_addr.s_addr != new_addr) |
272 |
{ |
280 |
{ |
273 |
addr->sa.sin_addr.s_addr = new_addr; |
281 |
addr->addr.in4.sin_addr.s_addr = new_addr; |
274 |
*changed = true; |
282 |
*changed = true; |
275 |
} |
283 |
} |
276 |
} |
284 |
} |
|
|
285 |
break; |
286 |
#ifdef USE_PF_INET6 |
287 |
case AF_INET6: /* jjoFIXME: should adapt getaddr() for AF_INET6 */ |
288 |
if (host && addr) |
289 |
{ |
290 |
struct addrinfo hints , *ai; |
291 |
int err; |
292 |
memset(&hints, 0, sizeof hints); |
293 |
hints.ai_flags=AI_PASSIVE; |
294 |
hints.ai_family=AF_INET6; |
295 |
if ((err=getaddrinfo(host, NULL, &hints, &ai))==0) |
296 |
{ |
297 |
struct sockaddr_in6 *sin6=(struct sockaddr_in6*)ai->ai_addr; |
298 |
if (IN6_ARE_ADDR_EQUAL(&sin6->sin6_addr, &addr->addr.in6.sin6_addr)) |
299 |
{ |
300 |
int port=addr->addr.in6.sin6_port; /* backup current port for easier copy, restore later */ |
301 |
addr->addr.in6=*sin6; /* ipv6 requires also eg. sin6_scope_id => easy to full copy*/ |
302 |
addr->addr.in6.sin6_port=port; |
303 |
} |
304 |
freeaddrinfo(ai); |
305 |
} |
306 |
} |
307 |
break; |
308 |
#endif |
309 |
default: |
310 |
ASSERT(0); |
311 |
} |
277 |
} |
312 |
} |
278 |
|
313 |
|
279 |
static int |
314 |
static int |
Lines 531-536
#endif
Link Here
|
531 |
return sd; |
566 |
return sd; |
532 |
} |
567 |
} |
533 |
|
568 |
|
|
|
569 |
#ifdef USE_PF_INET6 |
570 |
static socket_descriptor_t |
571 |
create_socket_udp6 (const unsigned int flags) |
572 |
{ |
573 |
socket_descriptor_t sd; |
574 |
|
575 |
if ((sd = socket (PF_INET6, SOCK_DGRAM, IPPROTO_UDP)) < 0) |
576 |
msg (M_SOCKERR, "UDP: Cannot create UDP6 socket"); |
577 |
#if ENABLE_IP_PKTINFO |
578 |
else if (flags & SF_USE_IP_PKTINFO) |
579 |
{ |
580 |
int pad = 1; |
581 |
setsockopt (sd, IPPROTO_IPV6, IPV6_PKTINFO, (void*)&pad, sizeof(pad)); |
582 |
} |
583 |
#endif |
584 |
return sd; |
585 |
} |
586 |
|
587 |
static socket_descriptor_t |
588 |
create_socket_tcp6 (void) |
589 |
{ |
590 |
socket_descriptor_t sd; |
591 |
|
592 |
if ((sd = socket (PF_INET6, SOCK_STREAM, IPPROTO_TCP)) < 0) |
593 |
msg (M_SOCKERR, "Cannot create TCP6 socket"); |
594 |
|
595 |
/* set SO_REUSEADDR on socket */ |
596 |
{ |
597 |
int on = 1; |
598 |
if (setsockopt (sd, SOL_SOCKET, SO_REUSEADDR, |
599 |
(void *) &on, sizeof (on)) < 0) |
600 |
msg (M_SOCKERR, "TCP: Cannot setsockopt SO_REUSEADDR on TCP6 socket"); |
601 |
} |
602 |
|
603 |
return sd; |
604 |
} |
605 |
|
606 |
#endif |
534 |
static void |
607 |
static void |
535 |
create_socket (struct link_socket *sock) |
608 |
create_socket (struct link_socket *sock) |
536 |
{ |
609 |
{ |
Lines 549-554
#endif
Link Here
|
549 |
{ |
622 |
{ |
550 |
sock->sd = create_socket_tcp (); |
623 |
sock->sd = create_socket_tcp (); |
551 |
} |
624 |
} |
|
|
625 |
#ifdef USE_PF_INET6 |
626 |
else if (sock->info.proto == PROTO_TCPv6_SERVER |
627 |
|| sock->info.proto == PROTO_TCPv6_CLIENT) |
628 |
{ |
629 |
sock->sd = create_socket_tcp6 (); |
630 |
} |
631 |
else if (sock->info.proto == PROTO_UDPv6) |
632 |
{ |
633 |
sock->sd = create_socket_udp6 (sock->sockflags); |
634 |
} |
635 |
#endif |
552 |
else |
636 |
else |
553 |
{ |
637 |
{ |
554 |
ASSERT (0); |
638 |
ASSERT (0); |
Lines 586-592
socket_do_accept (socket_descriptor_t sd
Link Here
|
586 |
struct link_socket_actual *act, |
670 |
struct link_socket_actual *act, |
587 |
const bool nowait) |
671 |
const bool nowait) |
588 |
{ |
672 |
{ |
589 |
socklen_t remote_len = sizeof (act->dest.sa); |
673 |
/* af_addr_size WILL return 0 in this case if AFs other than AF_INET |
|
|
674 |
* are compiled because act is empty here. |
675 |
* could use getsockname() to support later remote_len check |
676 |
*/ |
677 |
socklen_t remote_len_af = af_addr_size(act->dest.addr.sa.sa_family); |
678 |
socklen_t remote_len = sizeof(act->dest.addr); |
590 |
socket_descriptor_t new_sd = SOCKET_UNDEFINED; |
679 |
socket_descriptor_t new_sd = SOCKET_UNDEFINED; |
591 |
|
680 |
|
592 |
CLEAR (*act); |
681 |
CLEAR (*act); |
Lines 594-600
socket_do_accept (socket_descriptor_t sd
Link Here
|
594 |
#ifdef HAVE_GETPEERNAME |
683 |
#ifdef HAVE_GETPEERNAME |
595 |
if (nowait) |
684 |
if (nowait) |
596 |
{ |
685 |
{ |
597 |
new_sd = getpeername (sd, (struct sockaddr *) &act->dest.sa, &remote_len); |
686 |
new_sd = getpeername (sd, &act->dest.addr.sa, &remote_len); |
598 |
|
687 |
|
599 |
if (!socket_defined (new_sd)) |
688 |
if (!socket_defined (new_sd)) |
600 |
msg (D_LINK_ERRORS | M_ERRNO_SOCK, "TCP: getpeername() failed"); |
689 |
msg (D_LINK_ERRORS | M_ERRNO_SOCK, "TCP: getpeername() failed"); |
Lines 607-613
#else
Link Here
|
607 |
#endif |
696 |
#endif |
608 |
else |
697 |
else |
609 |
{ |
698 |
{ |
610 |
new_sd = accept (sd, (struct sockaddr *) &act->dest.sa, &remote_len); |
699 |
new_sd = accept (sd, &act->dest.addr.sa, &remote_len); |
611 |
} |
700 |
} |
612 |
|
701 |
|
613 |
#if 0 /* For debugging only, test the effect of accept() failures */ |
702 |
#if 0 /* For debugging only, test the effect of accept() failures */ |
Lines 623-629
#endif
Link Here
|
623 |
{ |
712 |
{ |
624 |
msg (D_LINK_ERRORS | M_ERRNO_SOCK, "TCP: accept(%d) failed", sd); |
713 |
msg (D_LINK_ERRORS | M_ERRNO_SOCK, "TCP: accept(%d) failed", sd); |
625 |
} |
714 |
} |
626 |
else if (remote_len != sizeof (act->dest.sa)) |
715 |
/* only valid if we have remote_len_af!=0 */ |
|
|
716 |
else if (remote_len_af && remote_len != remote_len_af) |
627 |
{ |
717 |
{ |
628 |
msg (D_LINK_ERRORS, "TCP: Received strange incoming connection with unknown address length=%d", remote_len); |
718 |
msg (D_LINK_ERRORS, "TCP: Received strange incoming connection with unknown address length=%d", remote_len); |
629 |
openvpn_close_socket (new_sd); |
719 |
openvpn_close_socket (new_sd); |
Lines 724-730
socket_bind (socket_descriptor_t sd,
Link Here
|
724 |
{ |
814 |
{ |
725 |
struct gc_arena gc = gc_new (); |
815 |
struct gc_arena gc = gc_new (); |
726 |
|
816 |
|
727 |
if (bind (sd, (struct sockaddr *) &local->sa, sizeof (local->sa))) |
817 |
if (bind (sd, &local->addr.sa, af_addr_size(local->addr.sa.sa_family))) |
728 |
{ |
818 |
{ |
729 |
const int errnum = openvpn_errno_socket (); |
819 |
const int errnum = openvpn_errno_socket (); |
730 |
msg (M_FATAL, "%s: Socket bind failed on local address %s: %s", |
820 |
msg (M_FATAL, "%s: Socket bind failed on local address %s: %s", |
Lines 745-751
openvpn_connect (socket_descriptor_t sd,
Link Here
|
745 |
|
835 |
|
746 |
#ifdef CONNECT_NONBLOCK |
836 |
#ifdef CONNECT_NONBLOCK |
747 |
set_nonblock (sd); |
837 |
set_nonblock (sd); |
748 |
status = connect (sd, (struct sockaddr *) &remote->sa, sizeof (remote->sa)); |
838 |
status = connect (sd, &remote->addr.sa, af_addr_size(remote->addr.sa.sa_family)); |
749 |
if (status) |
839 |
if (status) |
750 |
status = openvpn_errno_socket (); |
840 |
status = openvpn_errno_socket (); |
751 |
if (status == EINPROGRESS) |
841 |
if (status == EINPROGRESS) |
Lines 829-901
socket_connect (socket_descriptor_t *sd,
Link Here
|
829 |
|
919 |
|
830 |
#ifdef CONNECT_NONBLOCK |
920 |
#ifdef CONNECT_NONBLOCK |
831 |
msg (M_INFO, "Attempting to establish TCP connection with %s [nonblock]", |
921 |
msg (M_INFO, "Attempting to establish TCP connection with %s [nonblock]", |
832 |
print_sockaddr (remote, &gc)); |
922 |
print_sockaddr (remote, &gc)); |
833 |
#else |
923 |
#else |
834 |
msg (M_INFO, "Attempting to establish TCP connection with %s", |
924 |
msg (M_INFO, "Attempting to establish TCP connection with %s", |
835 |
print_sockaddr (remote, &gc)); |
925 |
print_sockaddr (remote, &gc)); |
836 |
#endif |
926 |
#endif |
837 |
|
927 |
|
838 |
while (true) |
928 |
while (true) |
839 |
{ |
929 |
{ |
840 |
int status; |
930 |
int status; |
841 |
|
931 |
|
842 |
#ifdef ENABLE_MANAGEMENT |
932 |
#ifdef ENABLE_MANAGEMENT |
843 |
if (management) |
933 |
if (management) |
844 |
management_set_state (management, |
934 |
management_set_state (management, |
845 |
OPENVPN_STATE_TCP_CONNECT, |
935 |
OPENVPN_STATE_TCP_CONNECT, |
846 |
NULL, |
936 |
NULL, |
847 |
(in_addr_t)0, |
937 |
(in_addr_t)0, |
848 |
(in_addr_t)0); |
938 |
(in_addr_t)0); |
849 |
#endif |
939 |
#endif |
850 |
|
940 |
|
851 |
status = openvpn_connect (*sd, remote, connect_timeout, signal_received); |
941 |
status = openvpn_connect (*sd, remote, connect_timeout, signal_received); |
852 |
|
942 |
|
853 |
get_signal (signal_received); |
943 |
get_signal (signal_received); |
854 |
if (*signal_received) |
944 |
if (*signal_received) |
855 |
goto done; |
945 |
goto done; |
856 |
|
946 |
|
857 |
if (!status) |
947 |
if (!status) |
858 |
break; |
948 |
break; |
859 |
|
949 |
|
860 |
msg (D_LINK_ERRORS, |
950 |
msg (D_LINK_ERRORS, |
861 |
"TCP: connect to %s failed, will try again in %d seconds: %s", |
951 |
"TCP: connect to %s failed, will try again in %d seconds: %s", |
862 |
print_sockaddr (remote, &gc), |
952 |
print_sockaddr (remote, &gc), |
863 |
connect_retry_seconds, |
953 |
connect_retry_seconds, |
864 |
strerror_ts (status, &gc)); |
954 |
strerror_ts (status, &gc)); |
865 |
|
955 |
|
866 |
openvpn_close_socket (*sd); |
956 |
openvpn_close_socket (*sd); |
867 |
*sd = SOCKET_UNDEFINED; |
957 |
*sd = SOCKET_UNDEFINED; |
868 |
|
958 |
|
869 |
if (connect_retry_max > 0 && ++retry >= connect_retry_max) |
959 |
if (connect_retry_max > 0 && ++retry >= connect_retry_max) |
870 |
{ |
960 |
{ |
871 |
*signal_received = SIGUSR1; |
961 |
*signal_received = SIGUSR1; |
872 |
goto done; |
962 |
goto done; |
873 |
} |
963 |
} |
874 |
|
964 |
|
875 |
openvpn_sleep (connect_retry_seconds); |
965 |
openvpn_sleep (connect_retry_seconds); |
876 |
|
966 |
|
877 |
get_signal (signal_received); |
967 |
get_signal (signal_received); |
878 |
if (*signal_received) |
968 |
if (*signal_received) |
879 |
goto done; |
969 |
goto done; |
880 |
|
970 |
|
881 |
if (remote_list) |
971 |
switch(remote->addr.sa.sa_family) { |
|
|
972 |
case AF_INET: |
973 |
if (remote_list) |
882 |
{ |
974 |
{ |
883 |
remote_list_next (remote_list); |
975 |
remote_list_next (remote_list); |
884 |
remote_dynamic = remote_list_host (remote_list); |
976 |
remote_dynamic = remote_list_host (remote_list); |
885 |
remote->sa.sin_port = htons (remote_list_port (remote_list)); |
977 |
remote->addr.in4.sin_port = htons (remote_list_port (remote_list)); |
886 |
*remote_changed = true; |
978 |
*remote_changed = true; |
887 |
} |
979 |
} |
888 |
|
980 |
|
889 |
*sd = create_socket_tcp (); |
981 |
*sd = create_socket_tcp (); |
890 |
if (bind_local) |
982 |
if (bind_local) |
891 |
socket_bind (*sd, local, "TCP Client"); |
983 |
socket_bind (*sd, local, "TCP Client"); |
892 |
update_remote (remote_dynamic, remote, remote_changed); |
984 |
update_remote (remote_dynamic, remote, remote_changed); |
|
|
985 |
break; |
986 |
#ifdef USE_PF_INET6 |
987 |
case AF_INET6: |
988 |
if (remote_list) |
989 |
{ |
990 |
remote_list_next (remote_list); |
991 |
remote_dynamic = remote_list_host (remote_list); |
992 |
remote->addr.in6.sin6_port = htons (remote_list_port (remote_list)); |
993 |
*remote_changed = true; |
994 |
} |
995 |
*sd = create_socket_tcp6 (); |
996 |
if (bind_local) |
997 |
socket_bind (*sd, local, "TCP6 Client"); |
998 |
update_remote (remote_dynamic, remote, remote_changed); |
999 |
break; |
1000 |
#endif |
1001 |
default: |
1002 |
msg(M_FATAL, "Only TCP is supported for connection oriented, sa_family=%d", |
1003 |
remote->addr.sa.sa_family); |
893 |
} |
1004 |
} |
|
|
1005 |
} |
894 |
|
1006 |
|
895 |
msg (M_INFO, "TCP connection established with %s", |
1007 |
msg (M_INFO, "TCP connection established with %s", |
896 |
print_sockaddr (remote, &gc)); |
1008 |
print_sockaddr (remote, &gc)); |
897 |
|
1009 |
|
898 |
done: |
1010 |
done: |
899 |
gc_free (&gc); |
1011 |
gc_free (&gc); |
900 |
} |
1012 |
} |
901 |
|
1013 |
|
Lines 950-966
resolve_bind_local (struct link_socket *
Link Here
|
950 |
|
1062 |
|
951 |
/* resolve local address if undefined */ |
1063 |
/* resolve local address if undefined */ |
952 |
if (!addr_defined (&sock->info.lsa->local)) |
1064 |
if (!addr_defined (&sock->info.lsa->local)) |
953 |
{ |
1065 |
{ |
954 |
sock->info.lsa->local.sa.sin_family = AF_INET; |
1066 |
/* may return AF_{INET|INET6} guessed from local_host */ |
955 |
sock->info.lsa->local.sa.sin_addr.s_addr = |
1067 |
switch(addr_guess_family(sock->info.proto, sock->local_host)) { |
956 |
(sock->local_host ? getaddr (GETADDR_RESOLVE | GETADDR_WARN_ON_SIGNAL | GETADDR_FATAL, |
1068 |
case AF_INET: |
957 |
sock->local_host, |
1069 |
sock->info.lsa->local.addr.in4.sin_family = AF_INET; |
958 |
0, |
1070 |
sock->info.lsa->local.addr.in4.sin_addr.s_addr = |
959 |
NULL, |
1071 |
(sock->local_host ? getaddr (GETADDR_RESOLVE | GETADDR_WARN_ON_SIGNAL | GETADDR_FATAL, |
960 |
NULL) |
1072 |
sock->local_host, |
961 |
: htonl (INADDR_ANY)); |
1073 |
0, |
962 |
sock->info.lsa->local.sa.sin_port = htons (sock->local_port); |
1074 |
NULL, |
|
|
1075 |
NULL) |
1076 |
: htonl (INADDR_ANY)); |
1077 |
sock->info.lsa->local.addr.in4.sin_port = htons (sock->local_port); |
1078 |
break; |
1079 |
#ifdef USE_PF_INET6 |
1080 |
case AF_INET6: |
1081 |
{ |
1082 |
struct addrinfo hints , *ai; |
1083 |
int err; |
1084 |
memset(&hints, 0, sizeof hints); |
1085 |
hints.ai_flags=AI_PASSIVE; |
1086 |
hints.ai_family=AF_INET6; |
1087 |
/* if no local_host provided, ask for IN6ADDR_ANY ... */ |
1088 |
if ((err=getaddrinfo(sock->local_host? sock->local_host : "::", |
1089 |
NULL, &hints, &ai))==0) { |
1090 |
sock->info.lsa->local.addr.in6 = *((struct sockaddr_in6*)(ai->ai_addr)); |
1091 |
freeaddrinfo(ai); |
1092 |
} else { |
1093 |
msg (M_FATAL, "getaddrinfo() failed for local \"%s\": %s", |
1094 |
sock->local_host, |
1095 |
gai_strerror(err)); |
1096 |
} |
1097 |
sock->info.lsa->local.addr.in6.sin6_port = htons (sock->local_port); |
1098 |
} |
1099 |
break; |
1100 |
#endif |
963 |
} |
1101 |
} |
|
|
1102 |
} |
964 |
|
1103 |
|
965 |
/* bind to local address/port */ |
1104 |
/* bind to local address/port */ |
966 |
if (sock->bind_local) |
1105 |
if (sock->bind_local) |
Lines 984-1086
resolve_remote (struct link_socket *sock
Link Here
|
984 |
struct gc_arena gc = gc_new (); |
1123 |
struct gc_arena gc = gc_new (); |
985 |
|
1124 |
|
986 |
if (!sock->did_resolve_remote) |
1125 |
if (!sock->did_resolve_remote) |
|
|
1126 |
{ |
1127 |
/* resolve remote address if undefined */ |
1128 |
if (!addr_defined (&sock->info.lsa->remote)) |
987 |
{ |
1129 |
{ |
988 |
/* resolve remote address if undefined */ |
1130 |
switch(addr_guess_family(sock->info.proto, sock->remote_host)) |
989 |
if (!addr_defined (&sock->info.lsa->remote)) |
1131 |
{ |
990 |
{ |
1132 |
case AF_INET: |
991 |
sock->info.lsa->remote.sa.sin_family = AF_INET; |
1133 |
sock->info.lsa->remote.addr.in4.sin_family = AF_INET; |
992 |
sock->info.lsa->remote.sa.sin_addr.s_addr = 0; |
1134 |
sock->info.lsa->remote.addr.in4.sin_addr.s_addr = 0; |
993 |
|
1135 |
|
994 |
if (sock->remote_host) |
1136 |
if (sock->remote_host) |
995 |
{ |
1137 |
{ |
996 |
unsigned int flags = GETADDR_RESOLVE|GETADDR_UPDATE_MANAGEMENT_STATE; |
1138 |
unsigned int flags = GETADDR_RESOLVE|GETADDR_UPDATE_MANAGEMENT_STATE; |
997 |
int retry = 0; |
1139 |
int retry = 0; |
998 |
bool status = false; |
1140 |
bool status = false; |
999 |
|
1141 |
|
1000 |
if (remote_list_len (sock->remote_list) > 1 && sock->resolve_retry_seconds == RESOLV_RETRY_INFINITE) |
1142 |
if (remote_list_len (sock->remote_list) > 1 && sock->resolve_retry_seconds == RESOLV_RETRY_INFINITE) |
1001 |
{ |
1143 |
{ |
1002 |
if (phase == 2) |
1144 |
if (phase == 2) |
1003 |
flags |= (GETADDR_TRY_ONCE | GETADDR_FATAL); |
1145 |
flags |= (GETADDR_TRY_ONCE | GETADDR_FATAL); |
1004 |
retry = 0; |
1146 |
retry = 0; |
1005 |
} |
1147 |
} |
1006 |
else if (phase == 1) |
1148 |
else if (phase == 1) |
1007 |
{ |
1149 |
{ |
1008 |
if (sock->resolve_retry_seconds) |
1150 |
if (sock->resolve_retry_seconds) |
1009 |
{ |
1151 |
{ |
1010 |
retry = 0; |
1152 |
retry = 0; |
1011 |
} |
1153 |
} |
1012 |
else |
|
|
1013 |
{ |
1014 |
flags |= (GETADDR_FATAL | GETADDR_MENTION_RESOLVE_RETRY); |
1015 |
retry = 0; |
1016 |
} |
1017 |
} |
1018 |
else if (phase == 2) |
1019 |
{ |
1020 |
if (sock->resolve_retry_seconds) |
1021 |
{ |
1022 |
flags |= GETADDR_FATAL; |
1023 |
retry = sock->resolve_retry_seconds; |
1024 |
} |
1025 |
else |
1026 |
{ |
1027 |
ASSERT (0); |
1028 |
} |
1029 |
} |
1030 |
else |
1154 |
else |
1031 |
{ |
1155 |
{ |
1032 |
ASSERT (0); |
1156 |
flags |= (GETADDR_FATAL | GETADDR_MENTION_RESOLVE_RETRY); |
1033 |
} |
1157 |
retry = 0; |
1034 |
|
1158 |
} |
1035 |
sock->info.lsa->remote.sa.sin_addr.s_addr = getaddr ( |
1159 |
} |
1036 |
flags, |
1160 |
else if (phase == 2) |
1037 |
sock->remote_host, |
1161 |
{ |
1038 |
retry, |
1162 |
if (sock->resolve_retry_seconds) |
1039 |
&status, |
1163 |
{ |
1040 |
signal_received); |
1164 |
flags |= GETADDR_FATAL; |
1041 |
|
1165 |
retry = sock->resolve_retry_seconds; |
1042 |
dmsg (D_SOCKET_DEBUG, "RESOLVE_REMOTE flags=0x%04x phase=%d rrs=%d sig=%d status=%d", |
1166 |
} |
1043 |
flags, |
1167 |
else |
1044 |
phase, |
1168 |
{ |
1045 |
retry, |
1169 |
ASSERT (0); |
1046 |
signal_received ? *signal_received : -1, |
1170 |
} |
1047 |
status); |
1171 |
} |
|
|
1172 |
else |
1173 |
{ |
1174 |
ASSERT (0); |
1175 |
} |
1048 |
|
1176 |
|
|
|
1177 |
sock->info.lsa->remote.addr.in4.sin_addr.s_addr = getaddr ( |
1178 |
flags, |
1179 |
sock->remote_host, |
1180 |
retry, |
1181 |
&status, |
1182 |
signal_received); |
1183 |
|
1184 |
dmsg (D_SOCKET_DEBUG, "RESOLVE_REMOTE flags=0x%04x phase=%d rrs=%d sig=%d status=%d", |
1185 |
flags, |
1186 |
phase, |
1187 |
retry, |
1188 |
signal_received ? *signal_received : -1, |
1189 |
status); |
1190 |
|
1191 |
if (signal_received) |
1192 |
{ |
1193 |
if (*signal_received) |
1194 |
goto done; |
1195 |
} |
1196 |
if (!status) |
1197 |
{ |
1049 |
if (signal_received) |
1198 |
if (signal_received) |
1050 |
{ |
1199 |
*signal_received = SIGUSR1; |
1051 |
if (*signal_received) |
1200 |
goto done; |
1052 |
goto done; |
|
|
1053 |
} |
1054 |
if (!status) |
1055 |
{ |
1056 |
if (signal_received) |
1057 |
*signal_received = SIGUSR1; |
1058 |
goto done; |
1059 |
} |
1060 |
} |
1201 |
} |
|
|
1202 |
} |
1061 |
|
1203 |
|
1062 |
sock->info.lsa->remote.sa.sin_port = htons (sock->remote_port); |
1204 |
sock->info.lsa->remote.addr.in4.sin_port = htons (sock->remote_port); |
1063 |
} |
1205 |
break; |
1064 |
|
|
|
1065 |
/* should we re-use previous active remote address? */ |
1066 |
if (link_socket_actual_defined (&sock->info.lsa->actual)) |
1067 |
{ |
1068 |
msg (M_INFO, "TCP/UDP: Preserving recently used remote address: %s", |
1069 |
print_link_socket_actual (&sock->info.lsa->actual, &gc)); |
1070 |
if (remote_dynamic) |
1071 |
*remote_dynamic = NULL; |
1072 |
} |
1073 |
else |
1074 |
{ |
1075 |
CLEAR (sock->info.lsa->actual); |
1076 |
sock->info.lsa->actual.dest = sock->info.lsa->remote; |
1077 |
} |
1078 |
|
1206 |
|
1079 |
/* remember that we finished */ |
1207 |
#ifdef USE_PF_INET6 |
1080 |
sock->did_resolve_remote = true; |
1208 |
case AF_INET6: /* jjoFIXME: ipv6 signal logic */ |
|
|
1209 |
{ |
1210 |
struct addrinfo hints , *ai; |
1211 |
int err; |
1212 |
memset(&hints, 0, sizeof hints); |
1213 |
hints.ai_flags=0; |
1214 |
hints.ai_family=AF_INET6; |
1215 |
if ((err=getaddrinfo(sock->remote_host? sock->remote_host : "::" , NULL, &hints, &ai))==0) { |
1216 |
sock->info.lsa->remote.addr.in6 = *((struct sockaddr_in6*)(ai->ai_addr)); |
1217 |
freeaddrinfo(ai); |
1218 |
} else { |
1219 |
msg (M_FATAL, "getaddrinfo() failed for remote \"%s\": %s", |
1220 |
sock->remote_host, |
1221 |
gai_strerror(err)); |
1222 |
} |
1223 |
sock->info.lsa->remote.addr.in6.sin6_port = htons (sock->remote_port); |
1224 |
} |
1225 |
break; |
1226 |
#endif |
1227 |
} |
1228 |
} |
1229 |
/* should we re-use previous active remote address? */ |
1230 |
if (link_socket_actual_defined (&sock->info.lsa->actual)) |
1231 |
{ |
1232 |
msg (M_INFO, "TCP/UDP: Preserving recently used remote address: %s", |
1233 |
print_link_socket_actual (&sock->info.lsa->actual, &gc)); |
1234 |
if (remote_dynamic) |
1235 |
*remote_dynamic = NULL; |
1236 |
} |
1237 |
else |
1238 |
{ |
1239 |
CLEAR (sock->info.lsa->actual); |
1240 |
sock->info.lsa->actual.dest = sock->info.lsa->remote; |
1081 |
} |
1241 |
} |
1082 |
|
1242 |
|
1083 |
done: |
1243 |
/* remember that we finished */ |
|
|
1244 |
sock->did_resolve_remote = true; |
1245 |
} |
1246 |
|
1247 |
done: |
1084 |
gc_free (&gc); |
1248 |
gc_free (&gc); |
1085 |
} |
1249 |
} |
1086 |
|
1250 |
|
Lines 1310-1316
link_socket_init_phase2 (struct link_soc
Link Here
|
1310 |
goto done; |
1474 |
goto done; |
1311 |
|
1475 |
|
1312 |
/* TCP client/server */ |
1476 |
/* TCP client/server */ |
1313 |
if (sock->info.proto == PROTO_TCPv4_SERVER) |
1477 |
if (sock->info.proto == PROTO_TCPv4_SERVER |
|
|
1478 |
#ifdef USE_PF_INET6 |
1479 |
||sock->info.proto == PROTO_TCPv6_SERVER |
1480 |
#endif |
1481 |
) |
1314 |
{ |
1482 |
{ |
1315 |
switch (sock->mode) |
1483 |
switch (sock->mode) |
1316 |
{ |
1484 |
{ |
Lines 1345-1351
link_socket_init_phase2 (struct link_soc
Link Here
|
1345 |
ASSERT (0); |
1513 |
ASSERT (0); |
1346 |
} |
1514 |
} |
1347 |
} |
1515 |
} |
1348 |
else if (sock->info.proto == PROTO_TCPv4_CLIENT) |
1516 |
else if (sock->info.proto == PROTO_TCPv4_CLIENT |
|
|
1517 |
#ifdef USE_PF_INET6 |
1518 |
||sock->info.proto == PROTO_TCPv6_CLIENT |
1519 |
#endif |
1520 |
) |
1349 |
{ |
1521 |
{ |
1350 |
|
1522 |
|
1351 |
#ifdef GENERAL_PROXY_SUPPORT |
1523 |
#ifdef GENERAL_PROXY_SUPPORT |
Lines 1430-1437
#ifdef ENABLE_SOCKS
Link Here
|
1430 |
sock->remote_port = sock->proxy_dest_port; |
1602 |
sock->remote_port = sock->proxy_dest_port; |
1431 |
sock->did_resolve_remote = false; |
1603 |
sock->did_resolve_remote = false; |
1432 |
|
1604 |
|
1433 |
sock->info.lsa->actual.dest.sa.sin_addr.s_addr = 0; |
1605 |
addr_zero_host(&sock->info.lsa->actual.dest); |
1434 |
sock->info.lsa->remote.sa.sin_addr.s_addr = 0; |
1606 |
addr_zero_host(&sock->info.lsa->remote); |
1435 |
|
1607 |
|
1436 |
resolve_remote (sock, 1, NULL, signal_received); |
1608 |
resolve_remote (sock, 1, NULL, signal_received); |
1437 |
|
1609 |
|
Lines 1446-1452
#endif
Link Here
|
1446 |
if (remote_changed) |
1618 |
if (remote_changed) |
1447 |
{ |
1619 |
{ |
1448 |
msg (M_INFO, "TCP/UDP: Dynamic remote address changed during TCP connection establishment"); |
1620 |
msg (M_INFO, "TCP/UDP: Dynamic remote address changed during TCP connection establishment"); |
1449 |
sock->info.lsa->remote.sa.sin_addr.s_addr = sock->info.lsa->actual.dest.sa.sin_addr.s_addr; |
1621 |
addr_copy_host(&sock->info.lsa->remote, &sock->info.lsa->actual.dest); |
1450 |
} |
1622 |
} |
1451 |
} |
1623 |
} |
1452 |
|
1624 |
|
Lines 1618-1630
link_socket_bad_incoming_addr (struct bu
Link Here
|
1618 |
{ |
1790 |
{ |
1619 |
struct gc_arena gc = gc_new (); |
1791 |
struct gc_arena gc = gc_new (); |
1620 |
|
1792 |
|
1621 |
msg (D_LINK_ERRORS, |
1793 |
switch(from_addr->dest.addr.sa.sa_family) |
1622 |
"TCP/UDP: Incoming packet rejected from %s[%d], expected peer address: %s (allow this incoming source address/port by removing --remote or adding --float)", |
1794 |
{ |
1623 |
print_link_socket_actual (from_addr, &gc), |
1795 |
case AF_INET: |
1624 |
(int)from_addr->dest.sa.sin_family, |
1796 |
#ifdef USE_PF_INET6 |
1625 |
print_sockaddr (&info->lsa->remote, &gc)); |
1797 |
case AF_INET6: |
|
|
1798 |
#endif |
1799 |
msg (D_LINK_ERRORS, |
1800 |
"TCP/UDP: Incoming packet rejected from %s[%d], expected peer address: %s (allow this incoming source address/port by removing --remote or adding --float)", |
1801 |
print_link_socket_actual (from_addr, &gc), |
1802 |
(int)from_addr->dest.addr.sa.sa_family, |
1803 |
print_sockaddr (&info->lsa->remote, &gc)); |
1804 |
break; |
1805 |
} |
1626 |
buf->len = 0; |
1806 |
buf->len = 0; |
1627 |
|
|
|
1628 |
gc_free (&gc); |
1807 |
gc_free (&gc); |
1629 |
} |
1808 |
} |
1630 |
|
1809 |
|
Lines 1639-1648
link_socket_current_remote (const struct
Link Here
|
1639 |
{ |
1818 |
{ |
1640 |
const struct link_socket_addr *lsa = info->lsa; |
1819 |
const struct link_socket_addr *lsa = info->lsa; |
1641 |
|
1820 |
|
|
|
1821 |
/* |
1822 |
* This logic supports "redirect-gateway" semantic, which |
1823 |
* makes sense only for PF_INET routes over PF_INET endpoints |
1824 |
* |
1825 |
* Maybe in the future consider PF_INET6 endpoints also ... |
1826 |
* by now just ignore it |
1827 |
* |
1828 |
*/ |
1829 |
#if defined ( USE_PF_INET6 ) |
1830 |
if(lsa->actual.dest.addr.sa.sa_family != AF_INET) |
1831 |
return 0; |
1832 |
#else |
1833 |
ASSERT(lsa->actual.dest.addr.sa.sa_family == AF_INET); |
1834 |
#endif |
1835 |
|
1642 |
if (link_socket_actual_defined (&lsa->actual)) |
1836 |
if (link_socket_actual_defined (&lsa->actual)) |
1643 |
return ntohl (lsa->actual.dest.sa.sin_addr.s_addr); |
1837 |
return ntohl (lsa->actual.dest.addr.in4.sin_addr.s_addr); |
1644 |
else if (addr_defined (&lsa->remote)) |
1838 |
else if (addr_defined (&lsa->remote)) |
1645 |
return ntohl (lsa->remote.sa.sin_addr.s_addr); |
1839 |
return ntohl (lsa->remote.addr.in4.sin_addr.s_addr); |
1646 |
else |
1840 |
else |
1647 |
return 0; |
1841 |
return 0; |
1648 |
} |
1842 |
} |
Lines 1869-1895
print_sockaddr_ex (const struct openvpn_
Link Here
|
1869 |
const unsigned int flags, |
2063 |
const unsigned int flags, |
1870 |
struct gc_arena *gc) |
2064 |
struct gc_arena *gc) |
1871 |
{ |
2065 |
{ |
1872 |
if (addr) |
2066 |
struct buffer out; |
1873 |
{ |
2067 |
bool addr_is_defined; |
1874 |
struct buffer out = alloc_buf_gc (64, gc); |
2068 |
if (!addr) { |
1875 |
const int port = ntohs (addr->sa.sin_port); |
2069 |
return "[NULL]"; |
1876 |
|
2070 |
} |
1877 |
mutex_lock_static (L_INET_NTOA); |
2071 |
addr_is_defined = addr_defined (addr); |
1878 |
buf_printf (&out, "%s", (addr_defined (addr) ? inet_ntoa (addr->sa.sin_addr) : "[undef]")); |
2072 |
switch(addr->addr.sa.sa_family) { |
1879 |
mutex_unlock_static (L_INET_NTOA); |
2073 |
case AF_INET: |
1880 |
|
2074 |
{ |
1881 |
if (((flags & PS_SHOW_PORT) || (addr_defined (addr) && (flags & PS_SHOW_PORT_IF_DEFINED))) |
2075 |
const int port= ntohs (addr->addr.in4.sin_port); |
1882 |
&& port) |
2076 |
out = alloc_buf_gc (128, gc); |
|
|
2077 |
buf_puts (&out, "[AF_INET]"); |
2078 |
mutex_lock_static (L_INET_NTOA); |
2079 |
buf_puts (&out, (addr_is_defined ? inet_ntoa (addr->addr.in4.sin_addr) : "[undef]")); |
2080 |
mutex_unlock_static (L_INET_NTOA); |
2081 |
|
2082 |
if (((flags & PS_SHOW_PORT) || (addr_is_defined && (flags & PS_SHOW_PORT_IF_DEFINED))) |
2083 |
&& port) |
1883 |
{ |
2084 |
{ |
1884 |
if (separator) |
2085 |
if (separator) |
1885 |
buf_printf (&out, "%s", separator); |
2086 |
buf_printf (&out, "%s", separator); |
1886 |
|
2087 |
|
1887 |
buf_printf (&out, "%d", port); |
2088 |
buf_printf (&out, "%d", port); |
1888 |
} |
2089 |
} |
1889 |
return BSTR (&out); |
2090 |
} |
1890 |
} |
2091 |
break; |
1891 |
else |
2092 |
#ifdef USE_PF_INET6 |
1892 |
return "[NULL]"; |
2093 |
case AF_INET6: |
|
|
2094 |
{ |
2095 |
const int port= ntohs (addr->addr.in6.sin6_port); |
2096 |
char buf[INET6_ADDRSTRLEN] = "[undef]"; |
2097 |
out = alloc_buf_gc (128, gc); |
2098 |
buf_puts (&out, "[AF_INET6]"); |
2099 |
if (addr_is_defined) |
2100 |
{ |
2101 |
getnameinfo(&addr->addr.sa, sizeof (struct sockaddr_in6), |
2102 |
buf, sizeof (buf), NULL, 0, NI_NUMERICHOST); |
2103 |
buf_puts (&out, buf); |
2104 |
} |
2105 |
if (((flags & PS_SHOW_PORT) || (addr_is_defined && (flags & PS_SHOW_PORT_IF_DEFINED))) |
2106 |
&& port) |
2107 |
{ |
2108 |
if (separator) |
2109 |
buf_puts (&out, separator); |
2110 |
|
2111 |
buf_printf (&out, "%d", port); |
2112 |
} |
2113 |
} |
2114 |
break; |
2115 |
#endif |
2116 |
} |
2117 |
return BSTR (&out); |
1893 |
} |
2118 |
} |
1894 |
|
2119 |
|
1895 |
const char * |
2120 |
const char * |
Lines 1909-1920
print_link_socket_actual_ex (const struc
Link Here
|
1909 |
struct buffer out = alloc_buf_gc (128, gc); |
2134 |
struct buffer out = alloc_buf_gc (128, gc); |
1910 |
buf_printf (&out, "%s", print_sockaddr_ex (&act->dest, separator, flags, gc)); |
2135 |
buf_printf (&out, "%s", print_sockaddr_ex (&act->dest, separator, flags, gc)); |
1911 |
#if ENABLE_IP_PKTINFO |
2136 |
#if ENABLE_IP_PKTINFO |
1912 |
if ((flags & PS_SHOW_PKTINFO) && act->pi.ipi_spec_dst.s_addr) |
2137 |
if ((flags & PS_SHOW_PKTINFO) && addr_defined_ipi(act)) |
1913 |
{ |
2138 |
{ |
|
|
2139 |
switch(act->dest.addr.sa.sa_family) |
2140 |
{ |
2141 |
case AF_INET: |
2142 |
{ |
1914 |
struct openvpn_sockaddr sa; |
2143 |
struct openvpn_sockaddr sa; |
1915 |
CLEAR (sa); |
2144 |
CLEAR (sa); |
1916 |
sa.sa.sin_addr = act->pi.ipi_spec_dst; |
2145 |
sa.addr.in4.sin_addr = act->pi.in4.ipi_spec_dst; |
1917 |
buf_printf (&out, " (via %s)", print_sockaddr_ex (&sa, separator, 0, gc)); |
2146 |
buf_printf (&out, " (via %s)", print_sockaddr_ex (&sa, separator, 0, gc)); |
|
|
2147 |
} |
2148 |
break; |
2149 |
#ifdef USE_PF_INET6 |
2150 |
case AF_INET6: |
2151 |
{ |
2152 |
struct sockaddr_in6 sin6; |
2153 |
char buf[INET6_ADDRSTRLEN] = "[undef]"; |
2154 |
memset(&sin6, 0, sizeof sin6); |
2155 |
sin6.sin6_family = AF_INET6; |
2156 |
sin6.sin6_addr = act->pi.in6.ipi6_addr; |
2157 |
{ |
2158 |
if (getnameinfo((struct sockaddr *)&sin6, sizeof (struct sockaddr_in6), |
2159 |
buf, sizeof (buf), NULL, 0, NI_NUMERICHOST) == 0) |
2160 |
buf_printf (&out, " (via %s)", buf); |
2161 |
else |
2162 |
buf_printf (&out, " (via [getnameinfo() err])"); |
2163 |
} |
2164 |
} |
2165 |
break; |
2166 |
#endif |
2167 |
} |
2168 |
|
1918 |
} |
2169 |
} |
1919 |
#endif |
2170 |
#endif |
1920 |
return BSTR (&out); |
2171 |
return BSTR (&out); |
Lines 1950-1970
void
Link Here
|
1950 |
setenv_sockaddr (struct env_set *es, const char *name_prefix, const struct openvpn_sockaddr *addr, const bool flags) |
2201 |
setenv_sockaddr (struct env_set *es, const char *name_prefix, const struct openvpn_sockaddr *addr, const bool flags) |
1951 |
{ |
2202 |
{ |
1952 |
char name_buf[256]; |
2203 |
char name_buf[256]; |
|
|
2204 |
char buf[128]; |
1953 |
|
2205 |
|
1954 |
if (flags & SA_IP_PORT) |
2206 |
switch(addr->addr.sa.sa_family) { |
1955 |
openvpn_snprintf (name_buf, sizeof (name_buf), "%s_ip", name_prefix); |
2207 |
case AF_INET: |
1956 |
else |
2208 |
if (flags & SA_IP_PORT) |
1957 |
openvpn_snprintf (name_buf, sizeof (name_buf), "%s", name_prefix); |
2209 |
openvpn_snprintf (name_buf, sizeof (name_buf), "%s_ip", name_prefix); |
|
|
2210 |
else |
2211 |
openvpn_snprintf (name_buf, sizeof (name_buf), "%s", name_prefix); |
1958 |
|
2212 |
|
1959 |
mutex_lock_static (L_INET_NTOA); |
2213 |
mutex_lock_static (L_INET_NTOA); |
1960 |
setenv_str (es, name_buf, inet_ntoa (addr->sa.sin_addr)); |
2214 |
setenv_str (es, name_buf, inet_ntoa (addr->addr.in4.sin_addr)); |
1961 |
mutex_unlock_static (L_INET_NTOA); |
2215 |
mutex_unlock_static (L_INET_NTOA); |
|
|
2216 |
|
2217 |
if ((flags & SA_IP_PORT) && addr->addr.in4.sin_port) |
2218 |
{ |
2219 |
openvpn_snprintf (name_buf, sizeof (name_buf), "%s_port", name_prefix); |
2220 |
setenv_int (es, name_buf, ntohs (addr->addr.in4.sin_port)); |
2221 |
} |
2222 |
break; |
2223 |
#ifdef USE_PF_INET6 |
2224 |
case AF_INET6: |
2225 |
openvpn_snprintf (name_buf, sizeof (name_buf), "%s_ip6", name_prefix); |
2226 |
getnameinfo(&addr->addr.sa, sizeof (struct sockaddr_in6), |
2227 |
buf, sizeof(buf), NULL, 0, NI_NUMERICHOST); |
2228 |
setenv_str (es, name_buf, buf); |
1962 |
|
2229 |
|
1963 |
if ((flags & SA_IP_PORT) && addr->sa.sin_port) |
|
|
1964 |
{ |
1965 |
openvpn_snprintf (name_buf, sizeof (name_buf), "%s_port", name_prefix); |
2230 |
openvpn_snprintf (name_buf, sizeof (name_buf), "%s_port", name_prefix); |
1966 |
setenv_int (es, name_buf, ntohs (addr->sa.sin_port)); |
2231 |
setenv_int (es, name_buf, ntohs (addr->addr.in6.sin6_port)); |
1967 |
} |
2232 |
break; |
|
|
2233 |
#endif |
2234 |
} |
1968 |
} |
2235 |
} |
1969 |
|
2236 |
|
1970 |
void |
2237 |
void |
Lines 1974-1980
setenv_in_addr_t (struct env_set *es, co
Link Here
|
1974 |
{ |
2241 |
{ |
1975 |
struct openvpn_sockaddr si; |
2242 |
struct openvpn_sockaddr si; |
1976 |
CLEAR (si); |
2243 |
CLEAR (si); |
1977 |
si.sa.sin_addr.s_addr = htonl (addr); |
2244 |
si.addr.in4.sin_family = AF_INET; |
|
|
2245 |
si.addr.in4.sin_addr.s_addr = htonl (addr); |
1978 |
setenv_sockaddr (es, name_prefix, &si, flags); |
2246 |
setenv_sockaddr (es, name_prefix, &si, flags); |
1979 |
} |
2247 |
} |
1980 |
} |
2248 |
} |
Lines 1995-2010
setenv_link_socket_actual (struct env_se
Link Here
|
1995 |
struct proto_names { |
2263 |
struct proto_names { |
1996 |
const char *short_form; |
2264 |
const char *short_form; |
1997 |
const char *display_form; |
2265 |
const char *display_form; |
|
|
2266 |
bool is_dgram; |
2267 |
bool is_net; |
2268 |
sa_family_t proto_af; |
1998 |
}; |
2269 |
}; |
1999 |
|
2270 |
|
2000 |
/* Indexed by PROTO_x */ |
2271 |
/* Indexed by PROTO_x */ |
2001 |
static const struct proto_names proto_names[] = { |
2272 |
static const struct proto_names proto_names[PROTO_N] = { |
2002 |
{"udp", "UDPv4"}, |
2273 |
{"proto-uninitialized", "proto-NONE",0,0, AF_UNSPEC}, |
2003 |
{"tcp-server", "TCPv4_SERVER"}, |
2274 |
{"udp", "UDPv4",1,1, AF_INET}, |
2004 |
{"tcp-client", "TCPv4_CLIENT"}, |
2275 |
{"tcp-server", "TCPv4_SERVER",0,1, AF_INET}, |
2005 |
{"tcp", "TCPv4"} |
2276 |
{"tcp-client", "TCPv4_CLIENT",0,1, AF_INET}, |
|
|
2277 |
{"tcp", "TCPv4",0,1, AF_INET}, |
2278 |
#ifdef USE_PF_INET6 |
2279 |
{"udp6" ,"UDPv6",1,1, AF_INET6}, |
2280 |
{"tcp6-server","TCPv6_SERVER",0,1, AF_INET6}, |
2281 |
{"tcp6-client","TCPv6_CLIENT",0,1, AF_INET6}, |
2282 |
{"tcp6" ,"TCPv6",0,1, AF_INET6}, |
2283 |
#endif |
2006 |
}; |
2284 |
}; |
2007 |
|
2285 |
|
|
|
2286 |
bool |
2287 |
proto_is_net(int proto) |
2288 |
{ |
2289 |
if (proto < 0 || proto >= PROTO_N) |
2290 |
ASSERT(0); |
2291 |
return proto_names[proto].is_net; |
2292 |
} |
2293 |
bool |
2294 |
proto_is_dgram(int proto) |
2295 |
{ |
2296 |
if (proto < 0 || proto >= PROTO_N) |
2297 |
ASSERT(0); |
2298 |
return proto_names[proto].is_dgram; |
2299 |
} |
2300 |
bool |
2301 |
proto_is_udp(int proto) |
2302 |
{ |
2303 |
if (proto < 0 || proto >= PROTO_N) |
2304 |
ASSERT(0); |
2305 |
return proto_names[proto].is_dgram&&proto_names[proto].is_net; |
2306 |
} |
2307 |
bool |
2308 |
proto_is_tcp(int proto) |
2309 |
{ |
2310 |
if (proto < 0 || proto >= PROTO_N) |
2311 |
ASSERT(0); |
2312 |
return (!proto_names[proto].is_dgram)&&proto_names[proto].is_net; |
2313 |
} |
2314 |
|
2315 |
sa_family_t |
2316 |
proto_sa_family(int proto) |
2317 |
{ |
2318 |
if (proto < 0 || proto >= PROTO_N) |
2319 |
ASSERT(0); |
2320 |
return proto_names[proto].proto_af; |
2321 |
} |
2322 |
|
2008 |
int |
2323 |
int |
2009 |
ascii2proto (const char* proto_name) |
2324 |
ascii2proto (const char* proto_name) |
2010 |
{ |
2325 |
{ |
Lines 2044-2049
proto2ascii_all (struct gc_arena *gc)
Link Here
|
2044 |
return BSTR (&out); |
2359 |
return BSTR (&out); |
2045 |
} |
2360 |
} |
2046 |
|
2361 |
|
|
|
2362 |
int |
2363 |
addr_guess_family(int proto, const char *name) |
2364 |
{ |
2365 |
sa_family_t ret; |
2366 |
if (proto) { |
2367 |
return proto_sa_family(proto); /* already stamped */ |
2368 |
} |
2369 |
#ifdef USE_PF_UNIX |
2370 |
else if (name && name[0] == '/') { |
2371 |
return AF_UNIX; |
2372 |
} |
2373 |
#endif |
2374 |
#ifdef USE_PF_INET6 |
2375 |
else { |
2376 |
struct addrinfo hints , *ai; |
2377 |
int err; |
2378 |
memset(&hints, 0, sizeof hints); |
2379 |
hints.ai_flags=AI_NUMERICHOST; |
2380 |
if ((err=getaddrinfo(name, NULL, &hints, &ai))==0) { |
2381 |
ret=ai->ai_family; |
2382 |
freeaddrinfo(ai); |
2383 |
return ret; |
2384 |
} |
2385 |
} |
2386 |
#endif |
2387 |
return AF_INET; /* default */ |
2388 |
} |
2389 |
const char * |
2390 |
addr_family_name (int af) |
2391 |
{ |
2392 |
switch (af) { |
2393 |
case AF_INET: return "AF_INET"; |
2394 |
case AF_INET6: return "AF_INET6"; |
2395 |
#ifdef USE_PF_UNIX |
2396 |
case AF_UNIX: return "AF_UNIX"; |
2397 |
#endif |
2398 |
} |
2399 |
return "AF_UNSPEC"; |
2400 |
} |
2401 |
|
2047 |
/* |
2402 |
/* |
2048 |
* Given a local proto, return local proto |
2403 |
* Given a local proto, return local proto |
2049 |
* if !remote, or compatible remote proto |
2404 |
* if !remote, or compatible remote proto |
Lines 2058-2067
proto_remote (int proto, bool remote)
Link Here
|
2058 |
ASSERT (proto >= 0 && proto < PROTO_N); |
2413 |
ASSERT (proto >= 0 && proto < PROTO_N); |
2059 |
if (remote) |
2414 |
if (remote) |
2060 |
{ |
2415 |
{ |
2061 |
if (proto == PROTO_TCPv4_SERVER) |
2416 |
switch (proto) |
2062 |
return PROTO_TCPv4_CLIENT; |
2417 |
{ |
2063 |
if (proto == PROTO_TCPv4_CLIENT) |
2418 |
case PROTO_TCPv4_SERVER: return PROTO_TCPv4_CLIENT; |
2064 |
return PROTO_TCPv4_SERVER; |
2419 |
case PROTO_TCPv4_CLIENT: return PROTO_TCPv4_SERVER; |
|
|
2420 |
#ifdef USE_PF_INET6 |
2421 |
case PROTO_TCPv6_SERVER: return PROTO_TCPv6_CLIENT; |
2422 |
case PROTO_TCPv6_CLIENT: return PROTO_TCPv6_SERVER; |
2423 |
#endif |
2424 |
} |
2065 |
} |
2425 |
} |
2066 |
return proto; |
2426 |
return proto; |
2067 |
} |
2427 |
} |
Lines 2119-2129
#ifndef WIN32
Link Here
|
2119 |
|
2479 |
|
2120 |
#if ENABLE_IP_PKTINFO |
2480 |
#if ENABLE_IP_PKTINFO |
2121 |
|
2481 |
|
2122 |
struct openvpn_pktinfo |
2482 |
struct openvpn_in4_pktinfo |
2123 |
{ |
2483 |
{ |
2124 |
struct cmsghdr cmsghdr; |
2484 |
struct cmsghdr cmsghdr; |
2125 |
struct in_pktinfo in_pktinfo; |
2485 |
struct in_pktinfo pi; |
2126 |
}; |
2486 |
}; |
|
|
2487 |
#ifdef USE_PF_INET6 |
2488 |
struct openvpn_in6_pktinfo |
2489 |
{ |
2490 |
struct cmsghdr cmsghdr; |
2491 |
struct in6_pktinfo pi6; |
2492 |
}; |
2493 |
#endif |
2494 |
|
2495 |
union openvpn_pktinfo { |
2496 |
struct openvpn_in4_pktinfo cmsgpi; |
2497 |
#ifdef USE_PF_INET6 |
2498 |
struct openvpn_in6_pktinfo cmsgpi6; |
2499 |
#endif |
2500 |
}; |
2501 |
|
2127 |
|
2502 |
|
2128 |
static socklen_t |
2503 |
static socklen_t |
2129 |
link_socket_read_udp_posix_recvmsg (struct link_socket *sock, |
2504 |
link_socket_read_udp_posix_recvmsg (struct link_socket *sock, |
Lines 2132-2146
link_socket_read_udp_posix_recvmsg (stru
Link Here
|
2132 |
struct link_socket_actual *from) |
2507 |
struct link_socket_actual *from) |
2133 |
{ |
2508 |
{ |
2134 |
struct iovec iov; |
2509 |
struct iovec iov; |
2135 |
struct openvpn_pktinfo opi; |
2510 |
union openvpn_pktinfo opi; |
2136 |
struct msghdr mesg; |
2511 |
struct msghdr mesg; |
2137 |
socklen_t fromlen = sizeof (from->dest.sa); |
2512 |
socklen_t fromlen = sizeof (from->dest.addr); |
2138 |
|
2513 |
|
2139 |
iov.iov_base = BPTR (buf); |
2514 |
iov.iov_base = BPTR (buf); |
2140 |
iov.iov_len = maxsize; |
2515 |
iov.iov_len = maxsize; |
2141 |
mesg.msg_iov = &iov; |
2516 |
mesg.msg_iov = &iov; |
2142 |
mesg.msg_iovlen = 1; |
2517 |
mesg.msg_iovlen = 1; |
2143 |
mesg.msg_name = &from->dest.sa; |
2518 |
mesg.msg_name = &from->dest.addr; |
2144 |
mesg.msg_namelen = fromlen; |
2519 |
mesg.msg_namelen = fromlen; |
2145 |
mesg.msg_control = &opi; |
2520 |
mesg.msg_control = &opi; |
2146 |
mesg.msg_controllen = sizeof (opi); |
2521 |
mesg.msg_controllen = sizeof (opi); |
Lines 2157-2165
link_socket_read_udp_posix_recvmsg (stru
Link Here
|
2157 |
&& cmsg->cmsg_len >= sizeof (opi)) |
2532 |
&& cmsg->cmsg_len >= sizeof (opi)) |
2158 |
{ |
2533 |
{ |
2159 |
struct in_pktinfo *pkti = (struct in_pktinfo *) CMSG_DATA (cmsg); |
2534 |
struct in_pktinfo *pkti = (struct in_pktinfo *) CMSG_DATA (cmsg); |
2160 |
from->pi.ipi_ifindex = pkti->ipi_ifindex; |
2535 |
from->pi.in4.ipi_ifindex = pkti->ipi_ifindex; |
2161 |
from->pi.ipi_spec_dst = pkti->ipi_spec_dst; |
2536 |
from->pi.in4.ipi_spec_dst = pkti->ipi_spec_dst; |
|
|
2537 |
} |
2538 |
#ifdef USE_PF_INET6 |
2539 |
else if (cmsg != NULL |
2540 |
&& CMSG_NXTHDR (&mesg, cmsg) == NULL |
2541 |
&& cmsg->cmsg_level == IPPROTO_IPV6 |
2542 |
&& cmsg->cmsg_type == IPV6_PKTINFO |
2543 |
&& cmsg->cmsg_len >= sizeof (struct openvpn_in6_pktinfo)) |
2544 |
{ |
2545 |
struct in6_pktinfo *pkti6 = (struct in6_pktinfo *) CMSG_DATA (cmsg); |
2546 |
from->pi.in6.ipi6_ifindex = pkti6->ipi6_ifindex; |
2547 |
from->pi.in6.ipi6_addr = pkti6->ipi6_addr; |
2162 |
} |
2548 |
} |
|
|
2549 |
#endif |
2163 |
} |
2550 |
} |
2164 |
return fromlen; |
2551 |
return fromlen; |
2165 |
} |
2552 |
} |
Lines 2171-2188
link_socket_read_udp_posix (struct link_
Link Here
|
2171 |
int maxsize, |
2558 |
int maxsize, |
2172 |
struct link_socket_actual *from) |
2559 |
struct link_socket_actual *from) |
2173 |
{ |
2560 |
{ |
2174 |
socklen_t fromlen = sizeof (from->dest.sa); |
2561 |
socklen_t fromlen = sizeof (from->dest.addr); |
2175 |
from->dest.sa.sin_addr.s_addr = 0; |
2562 |
socklen_t expectedlen = af_addr_size(proto_sa_family(sock->info.proto)); |
|
|
2563 |
addr_zero_host(&from->dest); |
2176 |
ASSERT (buf_safe (buf, maxsize)); |
2564 |
ASSERT (buf_safe (buf, maxsize)); |
2177 |
#if ENABLE_IP_PKTINFO |
2565 |
#if ENABLE_IP_PKTINFO |
2178 |
if (sock->sockflags & SF_USE_IP_PKTINFO) |
2566 |
/* Both PROTO_UDPv4 and PROTO_UDPv6 */ |
|
|
2567 |
if (proto_is_udp(sock->info.proto) && sock->sockflags & SF_USE_IP_PKTINFO) |
2179 |
fromlen = link_socket_read_udp_posix_recvmsg (sock, buf, maxsize, from); |
2568 |
fromlen = link_socket_read_udp_posix_recvmsg (sock, buf, maxsize, from); |
2180 |
else |
2569 |
else |
2181 |
#endif |
2570 |
#endif |
2182 |
buf->len = recvfrom (sock->sd, BPTR (buf), maxsize, 0, |
2571 |
buf->len = recvfrom (sock->sd, BPTR (buf), maxsize, 0, |
2183 |
(struct sockaddr *) &from->dest.sa, &fromlen); |
2572 |
&from->dest.addr.sa, &fromlen); |
2184 |
if (fromlen != sizeof (from->dest.sa)) |
2573 |
if (buf->len >= 0 && expectedlen && fromlen != expectedlen) |
2185 |
bad_address_length (fromlen, sizeof (from->dest.sa)); |
2574 |
bad_address_length (fromlen, expectedlen); |
2186 |
return buf->len; |
2575 |
return buf->len; |
2187 |
} |
2576 |
} |
2188 |
|
2577 |
|
Lines 2219-2244
link_socket_write_udp_posix_sendmsg (str
Link Here
|
2219 |
struct iovec iov; |
2608 |
struct iovec iov; |
2220 |
struct msghdr mesg; |
2609 |
struct msghdr mesg; |
2221 |
struct cmsghdr *cmsg; |
2610 |
struct cmsghdr *cmsg; |
2222 |
struct in_pktinfo *pkti; |
|
|
2223 |
struct openvpn_pktinfo opi; |
2224 |
|
2611 |
|
2225 |
iov.iov_base = BPTR (buf); |
2612 |
iov.iov_base = BPTR (buf); |
2226 |
iov.iov_len = BLEN (buf); |
2613 |
iov.iov_len = BLEN (buf); |
2227 |
mesg.msg_iov = &iov; |
2614 |
mesg.msg_iov = &iov; |
2228 |
mesg.msg_iovlen = 1; |
2615 |
mesg.msg_iovlen = 1; |
2229 |
mesg.msg_name = &to->dest.sa; |
2616 |
switch (sock->info.lsa->remote.addr.sa.sa_family) |
2230 |
mesg.msg_namelen = sizeof (to->dest.sa); |
2617 |
{ |
2231 |
mesg.msg_control = &opi; |
2618 |
case AF_INET: { |
2232 |
mesg.msg_controllen = sizeof (opi); |
2619 |
struct openvpn_in4_pktinfo opi; |
2233 |
mesg.msg_flags = 0; |
2620 |
struct in_pktinfo *pkti; |
2234 |
cmsg = CMSG_FIRSTHDR (&mesg); |
2621 |
mesg.msg_name = &to->dest.addr.sa; |
2235 |
cmsg->cmsg_len = sizeof (opi); |
2622 |
mesg.msg_namelen = sizeof (struct sockaddr_in); |
2236 |
cmsg->cmsg_level = SOL_IP; |
2623 |
mesg.msg_control = &opi; |
2237 |
cmsg->cmsg_type = IP_PKTINFO; |
2624 |
mesg.msg_controllen = sizeof (opi); |
2238 |
pkti = (struct in_pktinfo *) CMSG_DATA (cmsg); |
2625 |
mesg.msg_flags = 0; |
2239 |
pkti->ipi_ifindex = to->pi.ipi_ifindex; |
2626 |
cmsg = CMSG_FIRSTHDR (&mesg); |
2240 |
pkti->ipi_spec_dst = to->pi.ipi_spec_dst; |
2627 |
cmsg->cmsg_len = sizeof (opi); |
2241 |
pkti->ipi_addr.s_addr = 0; |
2628 |
cmsg->cmsg_level = SOL_IP; |
|
|
2629 |
cmsg->cmsg_type = IP_PKTINFO; |
2630 |
pkti = (struct in_pktinfo *) CMSG_DATA (cmsg); |
2631 |
pkti->ipi_ifindex = to->pi.in4.ipi_ifindex; |
2632 |
pkti->ipi_spec_dst = to->pi.in4.ipi_spec_dst; |
2633 |
pkti->ipi_addr.s_addr = 0; |
2634 |
break; |
2635 |
} |
2636 |
#ifdef USE_PF_INET6 |
2637 |
case AF_INET6: { |
2638 |
struct openvpn_in6_pktinfo opi6; |
2639 |
struct in6_pktinfo *pkti6; |
2640 |
mesg.msg_name = &to->dest.addr.sa; |
2641 |
mesg.msg_namelen = sizeof (struct sockaddr_in6); |
2642 |
mesg.msg_control = &opi6; |
2643 |
mesg.msg_controllen = sizeof (opi6); |
2644 |
mesg.msg_flags = 0; |
2645 |
cmsg = CMSG_FIRSTHDR (&mesg); |
2646 |
cmsg->cmsg_len = sizeof (opi6); |
2647 |
cmsg->cmsg_level = IPPROTO_IPV6; |
2648 |
cmsg->cmsg_type = IPV6_PKTINFO; |
2649 |
pkti6 = (struct in6_pktinfo *) CMSG_DATA (cmsg); |
2650 |
pkti6->ipi6_ifindex = to->pi.in6.ipi6_ifindex; |
2651 |
pkti6->ipi6_addr = to->pi.in6.ipi6_addr; |
2652 |
break; |
2653 |
} |
2654 |
#endif |
2655 |
default: ASSERT(0); |
2656 |
} |
2242 |
return sendmsg (sock->sd, &mesg, 0); |
2657 |
return sendmsg (sock->sd, &mesg, 0); |
2243 |
} |
2658 |
} |
2244 |
|
2659 |
|
Lines 2382-2388
socket_send_queue (struct link_socket *s
Link Here
|
2382 |
{ |
2797 |
{ |
2383 |
/* set destination address for UDP writes */ |
2798 |
/* set destination address for UDP writes */ |
2384 |
sock->writes.addr_defined = true; |
2799 |
sock->writes.addr_defined = true; |
2385 |
sock->writes.addr = to->dest.sa; |
2800 |
sock->writes.addr = to->dest.addr.in4; |
2386 |
sock->writes.addrlen = sizeof (sock->writes.addr); |
2801 |
sock->writes.addrlen = sizeof (sock->writes.addr); |
2387 |
|
2802 |
|
2388 |
status = WSASendTo( |
2803 |
status = WSASendTo( |
Lines 2538-2547
socket_finalize (SOCKET s,
Link Here
|
2538 |
{ |
2953 |
{ |
2539 |
if (io->addrlen != sizeof (io->addr)) |
2954 |
if (io->addrlen != sizeof (io->addr)) |
2540 |
bad_address_length (io->addrlen, sizeof (io->addr)); |
2955 |
bad_address_length (io->addrlen, sizeof (io->addr)); |
2541 |
from->dest.sa = io->addr; |
2956 |
from->dest.addr.sa = io->addr; |
2542 |
} |
2957 |
} |
2543 |
else |
2958 |
else |
2544 |
CLEAR (from->dest.sa); |
2959 |
CLEAR (from->dest.addr.sa); |
2545 |
} |
2960 |
} |
2546 |
|
2961 |
|
2547 |
if (buf) |
2962 |
if (buf) |