|
Lines 36-45
Link Here
|
| 36 |
#include "memdbg.h" |
36 |
#include "memdbg.h" |
| 37 |
|
37 |
|
| 38 |
const int proto_overhead[] = { /* indexed by PROTO_x */ |
38 |
const int proto_overhead[] = { /* indexed by PROTO_x */ |
| 39 |
IPv4_UDP_HEADER_SIZE, |
39 |
0, |
|
|
40 |
IPv4_UDP_HEADER_SIZE, /* IPv4 */ |
| 40 |
IPv4_TCP_HEADER_SIZE, |
41 |
IPv4_TCP_HEADER_SIZE, |
| 41 |
IPv4_TCP_HEADER_SIZE, |
42 |
IPv4_TCP_HEADER_SIZE, |
| 42 |
IPv4_TCP_HEADER_SIZE |
43 |
#ifdef USE_PF_INET6 |
|
|
44 |
IPv6_UDP_HEADER_SIZE, /* IPv6 */ |
| 45 |
IPv6_TCP_HEADER_SIZE, |
| 46 |
IPv6_TCP_HEADER_SIZE, |
| 47 |
IPv6_TCP_HEADER_SIZE, |
| 48 |
#endif |
| 43 |
}; |
49 |
}; |
| 44 |
|
50 |
|
| 45 |
/* |
51 |
/* |
|
Lines 299-318
Link Here
|
| 299 |
struct openvpn_sockaddr *addr, |
305 |
struct openvpn_sockaddr *addr, |
| 300 |
bool *changed) |
306 |
bool *changed) |
| 301 |
{ |
307 |
{ |
| 302 |
if (host && addr) |
308 |
switch(addr->addr.sa.sa_family) { |
| 303 |
{ |
309 |
case AF_INET: |
| 304 |
const in_addr_t new_addr = getaddr ( |
310 |
if (host && addr) |
| 305 |
GETADDR_RESOLVE|GETADDR_UPDATE_MANAGEMENT_STATE, |
311 |
{ |
| 306 |
host, |
312 |
const in_addr_t new_addr = getaddr ( |
| 307 |
1, |
313 |
GETADDR_RESOLVE|GETADDR_UPDATE_MANAGEMENT_STATE, |
| 308 |
NULL, |
314 |
host, |
| 309 |
NULL); |
315 |
1, |
| 310 |
if (new_addr && addr->sa.sin_addr.s_addr != new_addr) |
316 |
NULL, |
|
|
317 |
NULL); |
| 318 |
if (new_addr && addr->addr.in4.sin_addr.s_addr != new_addr) |
| 311 |
{ |
319 |
{ |
| 312 |
addr->sa.sin_addr.s_addr = new_addr; |
320 |
addr->addr.in4.sin_addr.s_addr = new_addr; |
| 313 |
*changed = true; |
321 |
*changed = true; |
| 314 |
} |
322 |
} |
| 315 |
} |
323 |
} |
|
|
324 |
break; |
| 325 |
#ifdef USE_PF_INET6 |
| 326 |
case AF_INET6: /* jjoFIXME: should adapt getaddr() for AF_INET6 */ |
| 327 |
if (host && addr) |
| 328 |
{ |
| 329 |
struct addrinfo hints , *ai; |
| 330 |
int err; |
| 331 |
memset(&hints, 0, sizeof hints); |
| 332 |
hints.ai_flags=AI_PASSIVE; |
| 333 |
hints.ai_family=AF_INET6; |
| 334 |
if ((err=getaddrinfo(host, NULL, &hints, &ai))==0) |
| 335 |
{ |
| 336 |
struct sockaddr_in6 *sin6=(struct sockaddr_in6*)ai->ai_addr; |
| 337 |
if (IN6_ARE_ADDR_EQUAL(&sin6->sin6_addr, &addr->addr.in6.sin6_addr)) |
| 338 |
{ |
| 339 |
int port=addr->addr.in6.sin6_port; /* backup current port for easier copy, restore later */ |
| 340 |
addr->addr.in6=*sin6; /* ipv6 requires also eg. sin6_scope_id => easy to full copy*/ |
| 341 |
addr->addr.in6.sin6_port=port; |
| 342 |
} |
| 343 |
freeaddrinfo(ai); |
| 344 |
} |
| 345 |
} |
| 346 |
break; |
| 347 |
#endif |
| 348 |
default: |
| 349 |
ASSERT(0); |
| 350 |
} |
| 316 |
} |
351 |
} |
| 317 |
|
352 |
|
| 318 |
static int |
353 |
static int |
|
Lines 505-510
Link Here
|
| 505 |
return sd; |
540 |
return sd; |
| 506 |
} |
541 |
} |
| 507 |
|
542 |
|
|
|
543 |
#ifdef USE_PF_INET6 |
| 544 |
static socket_descriptor_t |
| 545 |
create_socket_udp6 (const unsigned int flags) |
| 546 |
{ |
| 547 |
socket_descriptor_t sd; |
| 548 |
|
| 549 |
if ((sd = socket (PF_INET6, SOCK_DGRAM, IPPROTO_UDP)) < 0) |
| 550 |
msg (M_SOCKERR, "UDP: Cannot create UDP6 socket"); |
| 551 |
#if ENABLE_IP_PKTINFO |
| 552 |
else if (flags & SF_USE_IP_PKTINFO) |
| 553 |
{ |
| 554 |
int pad = 1; |
| 555 |
setsockopt (sd, IPPROTO_IPV6, IPV6_PKTINFO, (void*)&pad, sizeof(pad)); |
| 556 |
} |
| 557 |
#endif |
| 558 |
return sd; |
| 559 |
} |
| 560 |
|
| 561 |
static socket_descriptor_t |
| 562 |
create_socket_tcp6 (void) |
| 563 |
{ |
| 564 |
socket_descriptor_t sd; |
| 565 |
|
| 566 |
if ((sd = socket (PF_INET6, SOCK_STREAM, IPPROTO_TCP)) < 0) |
| 567 |
msg (M_SOCKERR, "Cannot create TCP6 socket"); |
| 568 |
|
| 569 |
/* set SO_REUSEADDR on socket */ |
| 570 |
{ |
| 571 |
int on = 1; |
| 572 |
if (setsockopt (sd, SOL_SOCKET, SO_REUSEADDR, |
| 573 |
(void *) &on, sizeof (on)) < 0) |
| 574 |
msg (M_SOCKERR, "TCP: Cannot setsockopt SO_REUSEADDR on TCP6 socket"); |
| 575 |
} |
| 576 |
|
| 577 |
return sd; |
| 578 |
} |
| 579 |
|
| 580 |
#endif |
| 508 |
static void |
581 |
static void |
| 509 |
create_socket (struct link_socket *sock) |
582 |
create_socket (struct link_socket *sock) |
| 510 |
{ |
583 |
{ |
|
Lines 523-528
Link Here
|
| 523 |
{ |
596 |
{ |
| 524 |
sock->sd = create_socket_tcp (); |
597 |
sock->sd = create_socket_tcp (); |
| 525 |
} |
598 |
} |
|
|
599 |
#ifdef USE_PF_INET6 |
| 600 |
else if (sock->info.proto == PROTO_TCPv6_SERVER |
| 601 |
|| sock->info.proto == PROTO_TCPv6_CLIENT) |
| 602 |
{ |
| 603 |
sock->sd = create_socket_tcp6 (); |
| 604 |
} |
| 605 |
else if (sock->info.proto == PROTO_UDPv6) |
| 606 |
{ |
| 607 |
sock->sd = create_socket_udp6 (sock->sockflags); |
| 608 |
} |
| 609 |
#endif |
| 526 |
else |
610 |
else |
| 527 |
{ |
611 |
{ |
| 528 |
ASSERT (0); |
612 |
ASSERT (0); |
|
Lines 560-566
Link Here
|
| 560 |
struct link_socket_actual *act, |
644 |
struct link_socket_actual *act, |
| 561 |
const bool nowait) |
645 |
const bool nowait) |
| 562 |
{ |
646 |
{ |
| 563 |
socklen_t remote_len = sizeof (act->dest.sa); |
647 |
/* af_addr_size WILL return 0 in this case if AFs other than AF_INET |
|
|
648 |
* are compiled because act is empty here. |
| 649 |
* could use getsockname() to support later remote_len check |
| 650 |
*/ |
| 651 |
socklen_t remote_len_af = af_addr_size(act->dest.addr.sa.sa_family); |
| 652 |
socklen_t remote_len = sizeof(act->dest.addr); |
| 564 |
socket_descriptor_t new_sd = SOCKET_UNDEFINED; |
653 |
socket_descriptor_t new_sd = SOCKET_UNDEFINED; |
| 565 |
|
654 |
|
| 566 |
CLEAR (*act); |
655 |
CLEAR (*act); |
|
Lines 568-574
Link Here
|
| 568 |
#ifdef HAVE_GETPEERNAME |
657 |
#ifdef HAVE_GETPEERNAME |
| 569 |
if (nowait) |
658 |
if (nowait) |
| 570 |
{ |
659 |
{ |
| 571 |
new_sd = getpeername (sd, (struct sockaddr *) &act->dest.sa, &remote_len); |
660 |
new_sd = getpeername (sd, &act->dest.addr.sa, &remote_len); |
| 572 |
|
661 |
|
| 573 |
if (!socket_defined (new_sd)) |
662 |
if (!socket_defined (new_sd)) |
| 574 |
msg (D_LINK_ERRORS | M_ERRNO_SOCK, "TCP: getpeername() failed"); |
663 |
msg (D_LINK_ERRORS | M_ERRNO_SOCK, "TCP: getpeername() failed"); |
|
Lines 581-587
Link Here
|
| 581 |
#endif |
670 |
#endif |
| 582 |
else |
671 |
else |
| 583 |
{ |
672 |
{ |
| 584 |
new_sd = accept (sd, (struct sockaddr *) &act->dest.sa, &remote_len); |
673 |
new_sd = accept (sd, &act->dest.addr.sa, &remote_len); |
| 585 |
} |
674 |
} |
| 586 |
|
675 |
|
| 587 |
#if 0 /* For debugging only, test the effect of accept() failures */ |
676 |
#if 0 /* For debugging only, test the effect of accept() failures */ |
|
Lines 597-603
Link Here
|
| 597 |
{ |
686 |
{ |
| 598 |
msg (D_LINK_ERRORS | M_ERRNO_SOCK, "TCP: accept(%d) failed", sd); |
687 |
msg (D_LINK_ERRORS | M_ERRNO_SOCK, "TCP: accept(%d) failed", sd); |
| 599 |
} |
688 |
} |
| 600 |
else if (remote_len != sizeof (act->dest.sa)) |
689 |
/* only valid if we have remote_len_af!=0 */ |
|
|
690 |
else if (remote_len_af && remote_len != remote_len_af) |
| 601 |
{ |
691 |
{ |
| 602 |
msg (D_LINK_ERRORS, "TCP: Received strange incoming connection with unknown address length=%d", remote_len); |
692 |
msg (D_LINK_ERRORS, "TCP: Received strange incoming connection with unknown address length=%d", remote_len); |
| 603 |
openvpn_close_socket (new_sd); |
693 |
openvpn_close_socket (new_sd); |
|
Lines 698-704
Link Here
|
| 698 |
{ |
788 |
{ |
| 699 |
struct gc_arena gc = gc_new (); |
789 |
struct gc_arena gc = gc_new (); |
| 700 |
|
790 |
|
| 701 |
if (bind (sd, (struct sockaddr *) &local->sa, sizeof (local->sa))) |
791 |
if (bind (sd, &local->addr.sa, af_addr_size(local->addr.sa.sa_family))) |
| 702 |
{ |
792 |
{ |
| 703 |
const int errnum = openvpn_errno_socket (); |
793 |
const int errnum = openvpn_errno_socket (); |
| 704 |
msg (M_FATAL, "%s: Socket bind failed on local address %s: %s", |
794 |
msg (M_FATAL, "%s: Socket bind failed on local address %s: %s", |
|
Lines 719-725
Link Here
|
| 719 |
|
809 |
|
| 720 |
#ifdef CONNECT_NONBLOCK |
810 |
#ifdef CONNECT_NONBLOCK |
| 721 |
set_nonblock (sd); |
811 |
set_nonblock (sd); |
| 722 |
status = connect (sd, (struct sockaddr *) &remote->sa, sizeof (remote->sa)); |
812 |
status = connect (sd, &remote->addr.sa, af_addr_size(remote->addr.sa.sa_family)); |
| 723 |
if (status) |
813 |
if (status) |
| 724 |
status = openvpn_errno_socket (); |
814 |
status = openvpn_errno_socket (); |
| 725 |
if (status == EINPROGRESS) |
815 |
if (status == EINPROGRESS) |
|
Lines 854-870
Link Here
|
| 854 |
if (*signal_received) |
944 |
if (*signal_received) |
| 855 |
goto done; |
945 |
goto done; |
| 856 |
|
946 |
|
| 857 |
*sd = create_socket_tcp (); |
947 |
switch(remote->addr.sa.sa_family) { |
| 858 |
if (bind_local) |
948 |
case AF_INET: |
| 859 |
socket_bind (*sd, local, "TCP Client"); |
949 |
*sd = create_socket_tcp (); |
| 860 |
update_remote (remote_dynamic, remote, remote_changed); |
950 |
if (bind_local) |
| 861 |
} |
951 |
socket_bind (*sd, local, "TCP Client"); |
|
|
952 |
update_remote (remote_dynamic, remote, remote_changed); |
| 953 |
break; |
| 954 |
#ifdef USE_PF_INET6 |
| 955 |
case AF_INET6: |
| 956 |
*sd = create_socket_tcp6 (); |
| 957 |
if (bind_local) |
| 958 |
socket_bind (*sd, local, "TCP6 Client"); |
| 959 |
update_remote (remote_dynamic, remote, remote_changed); |
| 960 |
break; |
| 961 |
#endif |
| 962 |
default: |
| 963 |
msg(M_FATAL, "Only TCP is supported for connection oriented, sa_family=%d", |
| 964 |
remote->addr.sa.sa_family); |
| 965 |
} |
| 966 |
} |
| 862 |
|
967 |
|
| 863 |
msg (M_INFO, "TCP connection established with %s", |
968 |
msg (M_INFO, "TCP connection established with %s", |
| 864 |
print_sockaddr (remote, &gc)); |
969 |
print_sockaddr (remote, &gc)); |
| 865 |
|
970 |
|
| 866 |
done: |
971 |
done: |
| 867 |
gc_free (&gc); |
972 |
gc_free (&gc); |
| 868 |
} |
973 |
} |
| 869 |
|
974 |
|
| 870 |
/* For stream protocols, allocate a buffer to build up packet. |
975 |
/* For stream protocols, allocate a buffer to build up packet. |
|
Lines 918-934
Link Here
|
| 918 |
|
1023 |
|
| 919 |
/* resolve local address if undefined */ |
1024 |
/* resolve local address if undefined */ |
| 920 |
if (!addr_defined (&sock->info.lsa->local)) |
1025 |
if (!addr_defined (&sock->info.lsa->local)) |
| 921 |
{ |
1026 |
{ |
| 922 |
sock->info.lsa->local.sa.sin_family = AF_INET; |
1027 |
/* may return AF_{INET|INET6} guessed from local_host */ |
| 923 |
sock->info.lsa->local.sa.sin_addr.s_addr = |
1028 |
switch(addr_guess_family(sock->info.proto, sock->local_host)) { |
| 924 |
(sock->local_host ? getaddr (GETADDR_RESOLVE | GETADDR_WARN_ON_SIGNAL | GETADDR_FATAL, |
1029 |
case AF_INET: |
| 925 |
sock->local_host, |
1030 |
sock->info.lsa->local.addr.in4.sin_family = AF_INET; |
| 926 |
0, |
1031 |
sock->info.lsa->local.addr.in4.sin_addr.s_addr = |
| 927 |
NULL, |
1032 |
(sock->local_host ? getaddr (GETADDR_RESOLVE | GETADDR_WARN_ON_SIGNAL | GETADDR_FATAL, |
| 928 |
NULL) |
1033 |
sock->local_host, |
| 929 |
: htonl (INADDR_ANY)); |
1034 |
0, |
| 930 |
sock->info.lsa->local.sa.sin_port = htons (sock->local_port); |
1035 |
NULL, |
|
|
1036 |
NULL) |
| 1037 |
: htonl (INADDR_ANY)); |
| 1038 |
sock->info.lsa->local.addr.in4.sin_port = htons (sock->local_port); |
| 1039 |
break; |
| 1040 |
#ifdef USE_PF_INET6 |
| 1041 |
case AF_INET6: |
| 1042 |
{ |
| 1043 |
struct addrinfo hints , *ai; |
| 1044 |
int err; |
| 1045 |
memset(&hints, 0, sizeof hints); |
| 1046 |
hints.ai_flags=AI_PASSIVE; |
| 1047 |
hints.ai_family=AF_INET6; |
| 1048 |
/* if no local_host provided, ask for IN6ADDR_ANY ... */ |
| 1049 |
if ((err=getaddrinfo(sock->local_host? sock->local_host : "::", |
| 1050 |
NULL, &hints, &ai))==0) { |
| 1051 |
sock->info.lsa->local.addr.in6 = *((struct sockaddr_in6*)(ai->ai_addr)); |
| 1052 |
freeaddrinfo(ai); |
| 1053 |
} else { |
| 1054 |
msg (M_FATAL, "getaddrinfo() failed for local \"%s\": %s", |
| 1055 |
sock->local_host, |
| 1056 |
gai_strerror(err)); |
| 1057 |
} |
| 1058 |
sock->info.lsa->local.addr.in6.sin6_port = htons (sock->local_port); |
| 1059 |
} |
| 1060 |
break; |
| 1061 |
#endif |
| 931 |
} |
1062 |
} |
|
|
1063 |
} |
| 932 |
|
1064 |
|
| 933 |
/* bind to local address/port */ |
1065 |
/* bind to local address/port */ |
| 934 |
if (sock->bind_local) |
1066 |
if (sock->bind_local) |
|
Lines 955-1055
Link Here
|
| 955 |
{ |
1087 |
{ |
| 956 |
/* resolve remote address if undefined */ |
1088 |
/* resolve remote address if undefined */ |
| 957 |
if (!addr_defined (&sock->info.lsa->remote)) |
1089 |
if (!addr_defined (&sock->info.lsa->remote)) |
| 958 |
{ |
1090 |
{ |
| 959 |
sock->info.lsa->remote.sa.sin_family = AF_INET; |
1091 |
switch(addr_guess_family(sock->info.proto, sock->remote_host)) |
| 960 |
sock->info.lsa->remote.sa.sin_addr.s_addr = 0; |
1092 |
{ |
|
|
1093 |
case AF_INET: |
| 1094 |
sock->info.lsa->remote.addr.in4.sin_family = AF_INET; |
| 1095 |
sock->info.lsa->remote.addr.in4.sin_addr.s_addr = 0; |
| 961 |
|
1096 |
|
| 962 |
if (sock->remote_host) |
1097 |
if (sock->remote_host) |
| 963 |
{ |
1098 |
{ |
| 964 |
unsigned int flags = GETADDR_RESOLVE|GETADDR_UPDATE_MANAGEMENT_STATE; |
1099 |
unsigned int flags = GETADDR_RESOLVE|GETADDR_UPDATE_MANAGEMENT_STATE; |
| 965 |
int retry = 0; |
1100 |
int retry = 0; |
| 966 |
bool status = false; |
1101 |
bool status = false; |
| 967 |
|
1102 |
|
| 968 |
if (sock->connection_profiles_defined && sock->resolve_retry_seconds == RESOLV_RETRY_INFINITE) |
1103 |
if (sock->connection_profiles_defined && sock->resolve_retry_seconds == RESOLV_RETRY_INFINITE) |
| 969 |
{ |
1104 |
{ |
| 970 |
if (phase == 2) |
1105 |
if (phase == 2) |
| 971 |
flags |= (GETADDR_TRY_ONCE | GETADDR_FATAL); |
1106 |
flags |= (GETADDR_TRY_ONCE | GETADDR_FATAL); |
| 972 |
retry = 0; |
1107 |
retry = 0; |
| 973 |
} |
1108 |
} |
| 974 |
else if (phase == 1) |
1109 |
else if (phase == 1) |
| 975 |
{ |
1110 |
{ |
| 976 |
if (sock->resolve_retry_seconds) |
1111 |
if (sock->resolve_retry_seconds) |
| 977 |
{ |
1112 |
{ |
| 978 |
retry = 0; |
1113 |
retry = 0; |
| 979 |
} |
1114 |
} |
| 980 |
else |
|
|
| 981 |
{ |
| 982 |
flags |= (GETADDR_FATAL | GETADDR_MENTION_RESOLVE_RETRY); |
| 983 |
retry = 0; |
| 984 |
} |
| 985 |
} |
| 986 |
else if (phase == 2) |
| 987 |
{ |
| 988 |
if (sock->resolve_retry_seconds) |
| 989 |
{ |
| 990 |
flags |= GETADDR_FATAL; |
| 991 |
retry = sock->resolve_retry_seconds; |
| 992 |
} |
| 993 |
else |
1115 |
else |
| 994 |
{ |
1116 |
{ |
| 995 |
ASSERT (0); |
1117 |
flags |= (GETADDR_FATAL | GETADDR_MENTION_RESOLVE_RETRY); |
| 996 |
} |
1118 |
retry = 0; |
| 997 |
} |
1119 |
} |
| 998 |
else |
1120 |
} |
| 999 |
{ |
1121 |
else if (phase == 2) |
| 1000 |
ASSERT (0); |
1122 |
{ |
| 1001 |
} |
1123 |
if (sock->resolve_retry_seconds) |
| 1002 |
|
1124 |
{ |
| 1003 |
sock->info.lsa->remote.sa.sin_addr.s_addr = getaddr ( |
1125 |
flags |= GETADDR_FATAL; |
| 1004 |
flags, |
1126 |
retry = sock->resolve_retry_seconds; |
| 1005 |
sock->remote_host, |
1127 |
} |
| 1006 |
retry, |
1128 |
else |
| 1007 |
&status, |
1129 |
{ |
| 1008 |
signal_received); |
1130 |
ASSERT (0); |
| 1009 |
|
1131 |
} |
| 1010 |
dmsg (D_SOCKET_DEBUG, "RESOLVE_REMOTE flags=0x%04x phase=%d rrs=%d sig=%d status=%d", |
1132 |
} |
| 1011 |
flags, |
1133 |
else |
| 1012 |
phase, |
1134 |
{ |
| 1013 |
retry, |
1135 |
ASSERT (0); |
| 1014 |
signal_received ? *signal_received : -1, |
1136 |
} |
| 1015 |
status); |
1137 |
|
| 1016 |
|
1138 |
sock->info.lsa->remote.addr.in4.sin_addr.s_addr = getaddr ( |
| 1017 |
if (signal_received) |
1139 |
flags, |
| 1018 |
{ |
1140 |
sock->remote_host, |
| 1019 |
if (*signal_received) |
1141 |
retry, |
|
|
1142 |
&status, |
| 1143 |
signal_received); |
| 1144 |
|
| 1145 |
dmsg (D_SOCKET_DEBUG, "RESOLVE_REMOTE flags=0x%04x phase=%d rrs=%d sig=%d status=%d", |
| 1146 |
flags, |
| 1147 |
phase, |
| 1148 |
retry, |
| 1149 |
signal_received ? *signal_received : -1, |
| 1150 |
status); |
| 1151 |
|
| 1152 |
if (signal_received) |
| 1153 |
{ |
| 1154 |
if (*signal_received) |
| 1155 |
goto done; |
| 1156 |
} |
| 1157 |
if (!status) |
| 1158 |
{ |
| 1159 |
if (signal_received) |
| 1160 |
*signal_received = SIGUSR1; |
| 1020 |
goto done; |
1161 |
goto done; |
| 1021 |
} |
1162 |
} |
| 1022 |
if (!status) |
1163 |
} |
| 1023 |
{ |
|
|
| 1024 |
if (signal_received) |
| 1025 |
*signal_received = SIGUSR1; |
| 1026 |
goto done; |
| 1027 |
} |
| 1028 |
} |
| 1029 |
|
1164 |
|
| 1030 |
sock->info.lsa->remote.sa.sin_port = htons (sock->remote_port); |
1165 |
sock->info.lsa->remote.addr.in4.sin_port = htons (sock->remote_port); |
| 1031 |
} |
1166 |
break; |
| 1032 |
|
1167 |
|
|
|
1168 |
#ifdef USE_PF_INET6 |
| 1169 |
case AF_INET6: /* jjoFIXME: ipv6 signal logic */ |
| 1170 |
{ |
| 1171 |
struct addrinfo hints , *ai; |
| 1172 |
int err; |
| 1173 |
memset(&hints, 0, sizeof hints); |
| 1174 |
hints.ai_flags=0; |
| 1175 |
hints.ai_family=AF_INET6; |
| 1176 |
if ((err=getaddrinfo(sock->remote_host? sock->remote_host : "::" , NULL, &hints, &ai))==0) { |
| 1177 |
sock->info.lsa->remote.addr.in6 = *((struct sockaddr_in6*)(ai->ai_addr)); |
| 1178 |
freeaddrinfo(ai); |
| 1179 |
} else { |
| 1180 |
msg (M_FATAL, "getaddrinfo() failed for remote \"%s\": %s", |
| 1181 |
sock->remote_host, |
| 1182 |
gai_strerror(err)); |
| 1183 |
} |
| 1184 |
sock->info.lsa->remote.addr.in6.sin6_port = htons (sock->remote_port); |
| 1185 |
} |
| 1186 |
break; |
| 1187 |
#endif |
| 1188 |
} |
| 1189 |
} |
| 1033 |
/* should we re-use previous active remote address? */ |
1190 |
/* should we re-use previous active remote address? */ |
| 1034 |
if (link_socket_actual_defined (&sock->info.lsa->actual)) |
1191 |
if (link_socket_actual_defined (&sock->info.lsa->actual)) |
| 1035 |
{ |
1192 |
{ |
| 1036 |
msg (M_INFO, "TCP/UDP: Preserving recently used remote address: %s", |
1193 |
msg (M_INFO, "TCP/UDP: Preserving recently used remote address: %s", |
| 1037 |
print_link_socket_actual (&sock->info.lsa->actual, &gc)); |
1194 |
print_link_socket_actual (&sock->info.lsa->actual, &gc)); |
| 1038 |
if (remote_dynamic) |
1195 |
if (remote_dynamic) |
| 1039 |
*remote_dynamic = NULL; |
1196 |
*remote_dynamic = NULL; |
| 1040 |
} |
1197 |
} |
| 1041 |
else |
1198 |
else |
| 1042 |
{ |
1199 |
{ |
| 1043 |
CLEAR (sock->info.lsa->actual); |
1200 |
CLEAR (sock->info.lsa->actual); |
| 1044 |
sock->info.lsa->actual.dest = sock->info.lsa->remote; |
1201 |
sock->info.lsa->actual.dest = sock->info.lsa->remote; |
| 1045 |
} |
1202 |
} |
| 1046 |
|
|
|
| 1047 |
/* remember that we finished */ |
1203 |
/* remember that we finished */ |
| 1048 |
sock->did_resolve_remote = true; |
1204 |
sock->did_resolve_remote = true; |
| 1049 |
} |
1205 |
} |
| 1050 |
|
1206 |
|
| 1051 |
done: |
1207 |
done: |
| 1052 |
gc_free (&gc); |
1208 |
gc_free (&gc); |
| 1053 |
} |
1209 |
} |
| 1054 |
|
1210 |
|
| 1055 |
struct link_socket * |
1211 |
struct link_socket * |
|
Lines 1268-1274
Link Here
|
| 1268 |
goto done; |
1424 |
goto done; |
| 1269 |
|
1425 |
|
| 1270 |
/* TCP client/server */ |
1426 |
/* TCP client/server */ |
| 1271 |
if (sock->info.proto == PROTO_TCPv4_SERVER) |
1427 |
if (sock->info.proto == PROTO_TCPv4_SERVER |
|
|
1428 |
#ifdef USE_PF_INET6 |
| 1429 |
||sock->info.proto == PROTO_TCPv6_SERVER |
| 1430 |
#endif |
| 1431 |
) |
| 1272 |
{ |
1432 |
{ |
| 1273 |
switch (sock->mode) |
1433 |
switch (sock->mode) |
| 1274 |
{ |
1434 |
{ |
|
Lines 1303-1309
Link Here
|
| 1303 |
ASSERT (0); |
1463 |
ASSERT (0); |
| 1304 |
} |
1464 |
} |
| 1305 |
} |
1465 |
} |
| 1306 |
else if (sock->info.proto == PROTO_TCPv4_CLIENT) |
1466 |
else if (sock->info.proto == PROTO_TCPv4_CLIENT |
|
|
1467 |
#ifdef USE_PF_INET6 |
| 1468 |
||sock->info.proto == PROTO_TCPv6_CLIENT |
| 1469 |
#endif |
| 1470 |
) |
| 1307 |
{ |
1471 |
{ |
| 1308 |
|
1472 |
|
| 1309 |
#ifdef GENERAL_PROXY_SUPPORT |
1473 |
#ifdef GENERAL_PROXY_SUPPORT |
|
Lines 1388-1395
Link Here
|
| 1388 |
sock->remote_port = sock->proxy_dest_port; |
1552 |
sock->remote_port = sock->proxy_dest_port; |
| 1389 |
sock->did_resolve_remote = false; |
1553 |
sock->did_resolve_remote = false; |
| 1390 |
|
1554 |
|
| 1391 |
sock->info.lsa->actual.dest.sa.sin_addr.s_addr = 0; |
1555 |
addr_zero_host(&sock->info.lsa->actual.dest); |
| 1392 |
sock->info.lsa->remote.sa.sin_addr.s_addr = 0; |
1556 |
addr_zero_host(&sock->info.lsa->remote); |
| 1393 |
|
1557 |
|
| 1394 |
resolve_remote (sock, 1, NULL, signal_received); |
1558 |
resolve_remote (sock, 1, NULL, signal_received); |
| 1395 |
|
1559 |
|
|
Lines 1404-1410
Link Here
|
| 1404 |
if (remote_changed) |
1568 |
if (remote_changed) |
| 1405 |
{ |
1569 |
{ |
| 1406 |
msg (M_INFO, "TCP/UDP: Dynamic remote address changed during TCP connection establishment"); |
1570 |
msg (M_INFO, "TCP/UDP: Dynamic remote address changed during TCP connection establishment"); |
| 1407 |
sock->info.lsa->remote.sa.sin_addr.s_addr = sock->info.lsa->actual.dest.sa.sin_addr.s_addr; |
1571 |
addr_copy_host(&sock->info.lsa->remote, &sock->info.lsa->actual.dest); |
| 1408 |
} |
1572 |
} |
| 1409 |
} |
1573 |
} |
| 1410 |
|
1574 |
|
|
Lines 1593-1605
Link Here
|
| 1593 |
{ |
1757 |
{ |
| 1594 |
struct gc_arena gc = gc_new (); |
1758 |
struct gc_arena gc = gc_new (); |
| 1595 |
|
1759 |
|
| 1596 |
msg (D_LINK_ERRORS, |
1760 |
switch(from_addr->dest.addr.sa.sa_family) |
| 1597 |
"TCP/UDP: Incoming packet rejected from %s[%d], expected peer address: %s (allow this incoming source address/port by removing --remote or adding --float)", |
1761 |
{ |
| 1598 |
print_link_socket_actual (from_addr, &gc), |
1762 |
case AF_INET: |
| 1599 |
(int)from_addr->dest.sa.sin_family, |
1763 |
#ifdef USE_PF_INET6 |
| 1600 |
print_sockaddr (&info->lsa->remote, &gc)); |
1764 |
case AF_INET6: |
|
|
1765 |
#endif |
| 1766 |
msg (D_LINK_ERRORS, |
| 1767 |
"TCP/UDP: Incoming packet rejected from %s[%d], expected peer address: %s (allow this incoming source address/port by removing --remote or adding --float)", |
| 1768 |
print_link_socket_actual (from_addr, &gc), |
| 1769 |
(int)from_addr->dest.addr.sa.sa_family, |
| 1770 |
print_sockaddr (&info->lsa->remote, &gc)); |
| 1771 |
break; |
| 1772 |
} |
| 1601 |
buf->len = 0; |
1773 |
buf->len = 0; |
| 1602 |
|
|
|
| 1603 |
gc_free (&gc); |
1774 |
gc_free (&gc); |
| 1604 |
} |
1775 |
} |
| 1605 |
|
1776 |
|
|
Lines 1614-1623
Link Here
|
| 1614 |
{ |
1785 |
{ |
| 1615 |
const struct link_socket_addr *lsa = info->lsa; |
1786 |
const struct link_socket_addr *lsa = info->lsa; |
| 1616 |
|
1787 |
|
|
|
1788 |
/* |
| 1789 |
* This logic supports "redirect-gateway" semantic, which |
| 1790 |
* makes sense only for PF_INET routes over PF_INET endpoints |
| 1791 |
* |
| 1792 |
* Maybe in the future consider PF_INET6 endpoints also ... |
| 1793 |
* by now just ignore it |
| 1794 |
* |
| 1795 |
*/ |
| 1796 |
#if defined ( USE_PF_INET6 ) |
| 1797 |
if(lsa->actual.dest.addr.sa.sa_family != AF_INET) |
| 1798 |
return 0; |
| 1799 |
#else |
| 1800 |
ASSERT(lsa->actual.dest.addr.sa.sa_family == AF_INET); |
| 1801 |
#endif |
| 1802 |
|
| 1617 |
if (link_socket_actual_defined (&lsa->actual)) |
1803 |
if (link_socket_actual_defined (&lsa->actual)) |
| 1618 |
return ntohl (lsa->actual.dest.sa.sin_addr.s_addr); |
1804 |
return ntohl (lsa->actual.dest.addr.in4.sin_addr.s_addr); |
| 1619 |
else if (addr_defined (&lsa->remote)) |
1805 |
else if (addr_defined (&lsa->remote)) |
| 1620 |
return ntohl (lsa->remote.sa.sin_addr.s_addr); |
1806 |
return ntohl (lsa->remote.addr.in4.sin_addr.s_addr); |
| 1621 |
else |
1807 |
else |
| 1622 |
return 0; |
1808 |
return 0; |
| 1623 |
} |
1809 |
} |
|
Lines 1844-1871
Link Here
|
| 1844 |
const unsigned int flags, |
2030 |
const unsigned int flags, |
| 1845 |
struct gc_arena *gc) |
2031 |
struct gc_arena *gc) |
| 1846 |
{ |
2032 |
{ |
| 1847 |
if (addr) |
2033 |
struct buffer out; |
| 1848 |
{ |
2034 |
bool addr_is_defined; |
| 1849 |
struct buffer out = alloc_buf_gc (64, gc); |
2035 |
if (!addr) { |
| 1850 |
const int port = ntohs (addr->sa.sin_port); |
2036 |
return "[NULL]"; |
| 1851 |
|
2037 |
} |
| 1852 |
mutex_lock_static (L_INET_NTOA); |
2038 |
addr_is_defined = addr_defined (addr); |
| 1853 |
if (!(flags & PS_DONT_SHOW_ADDR)) |
2039 |
switch(addr->addr.sa.sa_family) { |
| 1854 |
buf_printf (&out, "%s", (addr_defined (addr) ? inet_ntoa (addr->sa.sin_addr) : "[undef]")); |
2040 |
case AF_INET: |
| 1855 |
mutex_unlock_static (L_INET_NTOA); |
2041 |
{ |
| 1856 |
|
2042 |
const int port= ntohs (addr->addr.in4.sin_port); |
| 1857 |
if (((flags & PS_SHOW_PORT) || (addr_defined (addr) && (flags & PS_SHOW_PORT_IF_DEFINED))) |
2043 |
out = alloc_buf_gc (128, gc); |
| 1858 |
&& port) |
2044 |
buf_puts (&out, "[AF_INET]"); |
| 1859 |
{ |
2045 |
mutex_lock_static (L_INET_NTOA); |
| 1860 |
if (separator) |
2046 |
buf_puts (&out, (addr_is_defined ? inet_ntoa (addr->addr.in4.sin_addr) : "[undef]")); |
| 1861 |
buf_printf (&out, "%s", separator); |
2047 |
mutex_unlock_static (L_INET_NTOA); |
| 1862 |
|
2048 |
|
| 1863 |
buf_printf (&out, "%d", port); |
2049 |
if (((flags & PS_SHOW_PORT) || (addr_is_defined && (flags & PS_SHOW_PORT_IF_DEFINED))) |
| 1864 |
} |
2050 |
&& port) |
| 1865 |
return BSTR (&out); |
2051 |
{ |
| 1866 |
} |
2052 |
if (separator) |
| 1867 |
else |
2053 |
buf_printf (&out, "%s", separator); |
| 1868 |
return "[NULL]"; |
2054 |
|
|
|
2055 |
buf_printf (&out, "%d", port); |
| 2056 |
} |
| 2057 |
} |
| 2058 |
break; |
| 2059 |
#ifdef USE_PF_INET6 |
| 2060 |
case AF_INET6: |
| 2061 |
{ |
| 2062 |
const int port= ntohs (addr->addr.in6.sin6_port); |
| 2063 |
char buf[INET6_ADDRSTRLEN] = "[undef]"; |
| 2064 |
out = alloc_buf_gc (128, gc); |
| 2065 |
buf_puts (&out, "[AF_INET6]"); |
| 2066 |
if (addr_is_defined) |
| 2067 |
{ |
| 2068 |
getnameinfo(&addr->addr.sa, sizeof (struct sockaddr_in6), |
| 2069 |
buf, sizeof (buf), NULL, 0, NI_NUMERICHOST); |
| 2070 |
buf_puts (&out, buf); |
| 2071 |
} |
| 2072 |
if (((flags & PS_SHOW_PORT) || (addr_is_defined && (flags & PS_SHOW_PORT_IF_DEFINED))) |
| 2073 |
&& port) |
| 2074 |
{ |
| 2075 |
if (separator) |
| 2076 |
buf_puts (&out, separator); |
| 2077 |
|
| 2078 |
buf_printf (&out, "%d", port); |
| 2079 |
} |
| 2080 |
} |
| 2081 |
break; |
| 2082 |
#endif |
| 2083 |
} |
| 2084 |
return BSTR (&out); |
| 1869 |
} |
2085 |
} |
| 1870 |
|
2086 |
|
| 1871 |
const char * |
2087 |
const char * |
|
Lines 1885-1896
Link Here
|
| 1885 |
struct buffer out = alloc_buf_gc (128, gc); |
2101 |
struct buffer out = alloc_buf_gc (128, gc); |
| 1886 |
buf_printf (&out, "%s", print_sockaddr_ex (&act->dest, separator, flags, gc)); |
2102 |
buf_printf (&out, "%s", print_sockaddr_ex (&act->dest, separator, flags, gc)); |
| 1887 |
#if ENABLE_IP_PKTINFO |
2103 |
#if ENABLE_IP_PKTINFO |
| 1888 |
if ((flags & PS_SHOW_PKTINFO) && act->pi.ipi_spec_dst.s_addr) |
2104 |
if ((flags & PS_SHOW_PKTINFO) && addr_defined_ipi(act)) |
| 1889 |
{ |
2105 |
{ |
|
|
2106 |
switch(act->dest.addr.sa.sa_family) |
| 2107 |
{ |
| 2108 |
case AF_INET: |
| 2109 |
{ |
| 1890 |
struct openvpn_sockaddr sa; |
2110 |
struct openvpn_sockaddr sa; |
| 1891 |
CLEAR (sa); |
2111 |
CLEAR (sa); |
| 1892 |
sa.sa.sin_addr = act->pi.ipi_spec_dst; |
2112 |
sa.addr.in4.sin_addr = act->pi.in4.ipi_spec_dst; |
| 1893 |
buf_printf (&out, " (via %s)", print_sockaddr_ex (&sa, separator, 0, gc)); |
2113 |
buf_printf (&out, " (via %s)", print_sockaddr_ex (&sa, separator, 0, gc)); |
|
|
2114 |
} |
| 2115 |
break; |
| 2116 |
#ifdef USE_PF_INET6 |
| 2117 |
case AF_INET6: |
| 2118 |
{ |
| 2119 |
struct sockaddr_in6 sin6; |
| 2120 |
char buf[INET6_ADDRSTRLEN] = "[undef]"; |
| 2121 |
memset(&sin6, 0, sizeof sin6); |
| 2122 |
sin6.sin6_family = AF_INET6; |
| 2123 |
sin6.sin6_addr = act->pi.in6.ipi6_addr; |
| 2124 |
{ |
| 2125 |
if (getnameinfo((struct sockaddr *)&sin6, sizeof (struct sockaddr_in6), |
| 2126 |
buf, sizeof (buf), NULL, 0, NI_NUMERICHOST) == 0) |
| 2127 |
buf_printf (&out, " (via %s)", buf); |
| 2128 |
else |
| 2129 |
buf_printf (&out, " (via [getnameinfo() err])"); |
| 2130 |
} |
| 2131 |
} |
| 2132 |
break; |
| 2133 |
#endif |
| 2134 |
} |
| 2135 |
|
| 1894 |
} |
2136 |
} |
| 1895 |
#endif |
2137 |
#endif |
| 1896 |
return BSTR (&out); |
2138 |
return BSTR (&out); |
|
Lines 1926-1946
Link Here
|
| 1926 |
setenv_sockaddr (struct env_set *es, const char *name_prefix, const struct openvpn_sockaddr *addr, const bool flags) |
2168 |
setenv_sockaddr (struct env_set *es, const char *name_prefix, const struct openvpn_sockaddr *addr, const bool flags) |
| 1927 |
{ |
2169 |
{ |
| 1928 |
char name_buf[256]; |
2170 |
char name_buf[256]; |
|
|
2171 |
char buf[128]; |
| 1929 |
|
2172 |
|
| 1930 |
if (flags & SA_IP_PORT) |
2173 |
switch(addr->addr.sa.sa_family) { |
| 1931 |
openvpn_snprintf (name_buf, sizeof (name_buf), "%s_ip", name_prefix); |
2174 |
case AF_INET: |
| 1932 |
else |
2175 |
if (flags & SA_IP_PORT) |
| 1933 |
openvpn_snprintf (name_buf, sizeof (name_buf), "%s", name_prefix); |
2176 |
openvpn_snprintf (name_buf, sizeof (name_buf), "%s_ip", name_prefix); |
|
|
2177 |
else |
| 2178 |
openvpn_snprintf (name_buf, sizeof (name_buf), "%s", name_prefix); |
| 1934 |
|
2179 |
|
| 1935 |
mutex_lock_static (L_INET_NTOA); |
2180 |
mutex_lock_static (L_INET_NTOA); |
| 1936 |
setenv_str (es, name_buf, inet_ntoa (addr->sa.sin_addr)); |
2181 |
setenv_str (es, name_buf, inet_ntoa (addr->addr.in4.sin_addr)); |
| 1937 |
mutex_unlock_static (L_INET_NTOA); |
2182 |
mutex_unlock_static (L_INET_NTOA); |
|
|
2183 |
|
| 2184 |
if ((flags & SA_IP_PORT) && addr->addr.in4.sin_port) |
| 2185 |
{ |
| 2186 |
openvpn_snprintf (name_buf, sizeof (name_buf), "%s_port", name_prefix); |
| 2187 |
setenv_int (es, name_buf, ntohs (addr->addr.in4.sin_port)); |
| 2188 |
} |
| 2189 |
break; |
| 2190 |
#ifdef USE_PF_INET6 |
| 2191 |
case AF_INET6: |
| 2192 |
openvpn_snprintf (name_buf, sizeof (name_buf), "%s_ip6", name_prefix); |
| 2193 |
getnameinfo(&addr->addr.sa, sizeof (struct sockaddr_in6), |
| 2194 |
buf, sizeof(buf), NULL, 0, NI_NUMERICHOST); |
| 2195 |
setenv_str (es, name_buf, buf); |
| 1938 |
|
2196 |
|
| 1939 |
if ((flags & SA_IP_PORT) && addr->sa.sin_port) |
|
|
| 1940 |
{ |
| 1941 |
openvpn_snprintf (name_buf, sizeof (name_buf), "%s_port", name_prefix); |
2197 |
openvpn_snprintf (name_buf, sizeof (name_buf), "%s_port", name_prefix); |
| 1942 |
setenv_int (es, name_buf, ntohs (addr->sa.sin_port)); |
2198 |
setenv_int (es, name_buf, ntohs (addr->addr.in6.sin6_port)); |
| 1943 |
} |
2199 |
break; |
|
|
2200 |
#endif |
| 2201 |
} |
| 1944 |
} |
2202 |
} |
| 1945 |
|
2203 |
|
| 1946 |
void |
2204 |
void |
|
Lines 1950-1956
Link Here
|
| 1950 |
{ |
2208 |
{ |
| 1951 |
struct openvpn_sockaddr si; |
2209 |
struct openvpn_sockaddr si; |
| 1952 |
CLEAR (si); |
2210 |
CLEAR (si); |
| 1953 |
si.sa.sin_addr.s_addr = htonl (addr); |
2211 |
si.addr.in4.sin_family = AF_INET; |
|
|
2212 |
si.addr.in4.sin_addr.s_addr = htonl (addr); |
| 1954 |
setenv_sockaddr (es, name_prefix, &si, flags); |
2213 |
setenv_sockaddr (es, name_prefix, &si, flags); |
| 1955 |
} |
2214 |
} |
| 1956 |
} |
2215 |
} |
|
Lines 1971-1986
Link Here
|
| 1971 |
struct proto_names { |
2230 |
struct proto_names { |
| 1972 |
const char *short_form; |
2231 |
const char *short_form; |
| 1973 |
const char *display_form; |
2232 |
const char *display_form; |
|
|
2233 |
bool is_dgram; |
| 2234 |
bool is_net; |
| 2235 |
sa_family_t proto_af; |
| 1974 |
}; |
2236 |
}; |
| 1975 |
|
2237 |
|
| 1976 |
/* Indexed by PROTO_x */ |
2238 |
/* Indexed by PROTO_x */ |
| 1977 |
static const struct proto_names proto_names[] = { |
2239 |
static const struct proto_names proto_names[PROTO_N] = { |
| 1978 |
{"udp", "UDPv4"}, |
2240 |
{"proto-uninitialized", "proto-NONE",0,0, AF_UNSPEC}, |
| 1979 |
{"tcp-server", "TCPv4_SERVER"}, |
2241 |
{"udp", "UDPv4",1,1, AF_INET}, |
| 1980 |
{"tcp-client", "TCPv4_CLIENT"}, |
2242 |
{"tcp-server", "TCPv4_SERVER",0,1, AF_INET}, |
| 1981 |
{"tcp", "TCPv4"} |
2243 |
{"tcp-client", "TCPv4_CLIENT",0,1, AF_INET}, |
|
|
2244 |
{"tcp", "TCPv4",0,1, AF_INET}, |
| 2245 |
#ifdef USE_PF_INET6 |
| 2246 |
{"udp6" ,"UDPv6",1,1, AF_INET6}, |
| 2247 |
{"tcp6-server","TCPv6_SERVER",0,1, AF_INET6}, |
| 2248 |
{"tcp6-client","TCPv6_CLIENT",0,1, AF_INET6}, |
| 2249 |
{"tcp6" ,"TCPv6",0,1, AF_INET6}, |
| 2250 |
#endif |
| 1982 |
}; |
2251 |
}; |
| 1983 |
|
2252 |
|
|
|
2253 |
bool |
| 2254 |
proto_is_net(int proto) |
| 2255 |
{ |
| 2256 |
if (proto < 0 || proto >= PROTO_N) |
| 2257 |
ASSERT(0); |
| 2258 |
return proto_names[proto].is_net; |
| 2259 |
} |
| 2260 |
bool |
| 2261 |
proto_is_dgram(int proto) |
| 2262 |
{ |
| 2263 |
if (proto < 0 || proto >= PROTO_N) |
| 2264 |
ASSERT(0); |
| 2265 |
return proto_names[proto].is_dgram; |
| 2266 |
} |
| 2267 |
bool |
| 2268 |
proto_is_udp(int proto) |
| 2269 |
{ |
| 2270 |
if (proto < 0 || proto >= PROTO_N) |
| 2271 |
ASSERT(0); |
| 2272 |
return proto_names[proto].is_dgram&&proto_names[proto].is_net; |
| 2273 |
} |
| 2274 |
bool |
| 2275 |
proto_is_tcp(int proto) |
| 2276 |
{ |
| 2277 |
if (proto < 0 || proto >= PROTO_N) |
| 2278 |
ASSERT(0); |
| 2279 |
return (!proto_names[proto].is_dgram)&&proto_names[proto].is_net; |
| 2280 |
} |
| 2281 |
|
| 2282 |
sa_family_t |
| 2283 |
proto_sa_family(int proto) |
| 2284 |
{ |
| 2285 |
if (proto < 0 || proto >= PROTO_N) |
| 2286 |
ASSERT(0); |
| 2287 |
return proto_names[proto].proto_af; |
| 2288 |
} |
| 2289 |
|
| 1984 |
int |
2290 |
int |
| 1985 |
ascii2proto (const char* proto_name) |
2291 |
ascii2proto (const char* proto_name) |
| 1986 |
{ |
2292 |
{ |
|
Lines 2020-2025
Link Here
|
| 2020 |
return BSTR (&out); |
2326 |
return BSTR (&out); |
| 2021 |
} |
2327 |
} |
| 2022 |
|
2328 |
|
|
|
2329 |
int |
| 2330 |
addr_guess_family(int proto, const char *name) |
| 2331 |
{ |
| 2332 |
sa_family_t ret; |
| 2333 |
if (proto) { |
| 2334 |
return proto_sa_family(proto); /* already stamped */ |
| 2335 |
} |
| 2336 |
#ifdef USE_PF_UNIX |
| 2337 |
else if (name && name[0] == '/') { |
| 2338 |
return AF_UNIX; |
| 2339 |
} |
| 2340 |
#endif |
| 2341 |
#ifdef USE_PF_INET6 |
| 2342 |
else { |
| 2343 |
struct addrinfo hints , *ai; |
| 2344 |
int err; |
| 2345 |
memset(&hints, 0, sizeof hints); |
| 2346 |
hints.ai_flags=AI_NUMERICHOST; |
| 2347 |
if ((err=getaddrinfo(name, NULL, &hints, &ai))==0) { |
| 2348 |
ret=ai->ai_family; |
| 2349 |
freeaddrinfo(ai); |
| 2350 |
return ret; |
| 2351 |
} |
| 2352 |
} |
| 2353 |
#endif |
| 2354 |
return AF_INET; /* default */ |
| 2355 |
} |
| 2356 |
const char * |
| 2357 |
addr_family_name (int af) |
| 2358 |
{ |
| 2359 |
switch (af) { |
| 2360 |
case AF_INET: return "AF_INET"; |
| 2361 |
case AF_INET6: return "AF_INET6"; |
| 2362 |
#ifdef USE_PF_UNIX |
| 2363 |
case AF_UNIX: return "AF_UNIX"; |
| 2364 |
#endif |
| 2365 |
} |
| 2366 |
return "AF_UNSPEC"; |
| 2367 |
} |
| 2368 |
|
| 2023 |
/* |
2369 |
/* |
| 2024 |
* Given a local proto, return local proto |
2370 |
* Given a local proto, return local proto |
| 2025 |
* if !remote, or compatible remote proto |
2371 |
* if !remote, or compatible remote proto |
|
Lines 2034-2043
Link Here
|
| 2034 |
ASSERT (proto >= 0 && proto < PROTO_N); |
2380 |
ASSERT (proto >= 0 && proto < PROTO_N); |
| 2035 |
if (remote) |
2381 |
if (remote) |
| 2036 |
{ |
2382 |
{ |
| 2037 |
if (proto == PROTO_TCPv4_SERVER) |
2383 |
switch (proto) |
| 2038 |
return PROTO_TCPv4_CLIENT; |
2384 |
{ |
| 2039 |
if (proto == PROTO_TCPv4_CLIENT) |
2385 |
case PROTO_TCPv4_SERVER: return PROTO_TCPv4_CLIENT; |
| 2040 |
return PROTO_TCPv4_SERVER; |
2386 |
case PROTO_TCPv4_CLIENT: return PROTO_TCPv4_SERVER; |
|
|
2387 |
#ifdef USE_PF_INET6 |
| 2388 |
case PROTO_TCPv6_SERVER: return PROTO_TCPv6_CLIENT; |
| 2389 |
case PROTO_TCPv6_CLIENT: return PROTO_TCPv6_SERVER; |
| 2390 |
#endif |
| 2391 |
} |
| 2041 |
} |
2392 |
} |
| 2042 |
return proto; |
2393 |
return proto; |
| 2043 |
} |
2394 |
} |
|
Lines 2096-2105
Link Here
|
| 2096 |
#if ENABLE_IP_PKTINFO |
2447 |
#if ENABLE_IP_PKTINFO |
| 2097 |
|
2448 |
|
| 2098 |
#pragma pack(1) /* needed to keep structure size consistent for 32 vs. 64-bit architectures */ |
2449 |
#pragma pack(1) /* needed to keep structure size consistent for 32 vs. 64-bit architectures */ |
| 2099 |
struct openvpn_pktinfo |
2450 |
struct openvpn_in4_pktinfo |
|
|
2451 |
{ |
| 2452 |
struct cmsghdr cmsghdr; |
| 2453 |
struct in_pktinfo pi; |
| 2454 |
}; |
| 2455 |
#ifdef USE_PF_INET6 |
| 2456 |
struct openvpn_in6_pktinfo |
| 2100 |
{ |
2457 |
{ |
| 2101 |
struct cmsghdr cmsghdr; |
2458 |
struct cmsghdr cmsghdr; |
| 2102 |
struct in_pktinfo in_pktinfo; |
2459 |
struct in6_pktinfo pi6; |
|
|
2460 |
}; |
| 2461 |
#endif |
| 2462 |
|
| 2463 |
union openvpn_pktinfo { |
| 2464 |
struct openvpn_in4_pktinfo cmsgpi; |
| 2465 |
#ifdef USE_PF_INET6 |
| 2466 |
struct openvpn_in6_pktinfo cmsgpi6; |
| 2467 |
#endif |
| 2103 |
}; |
2468 |
}; |
| 2104 |
#pragma pack() |
2469 |
#pragma pack() |
| 2105 |
|
2470 |
|
|
Lines 2110-2124
Link Here
|
| 2110 |
struct link_socket_actual *from) |
2475 |
struct link_socket_actual *from) |
| 2111 |
{ |
2476 |
{ |
| 2112 |
struct iovec iov; |
2477 |
struct iovec iov; |
| 2113 |
struct openvpn_pktinfo opi; |
2478 |
union openvpn_pktinfo opi; |
| 2114 |
struct msghdr mesg; |
2479 |
struct msghdr mesg; |
| 2115 |
socklen_t fromlen = sizeof (from->dest.sa); |
2480 |
socklen_t fromlen = sizeof (from->dest.addr); |
| 2116 |
|
2481 |
|
| 2117 |
iov.iov_base = BPTR (buf); |
2482 |
iov.iov_base = BPTR (buf); |
| 2118 |
iov.iov_len = maxsize; |
2483 |
iov.iov_len = maxsize; |
| 2119 |
mesg.msg_iov = &iov; |
2484 |
mesg.msg_iov = &iov; |
| 2120 |
mesg.msg_iovlen = 1; |
2485 |
mesg.msg_iovlen = 1; |
| 2121 |
mesg.msg_name = &from->dest.sa; |
2486 |
mesg.msg_name = &from->dest.addr; |
| 2122 |
mesg.msg_namelen = fromlen; |
2487 |
mesg.msg_namelen = fromlen; |
| 2123 |
mesg.msg_control = &opi; |
2488 |
mesg.msg_control = &opi; |
| 2124 |
mesg.msg_controllen = sizeof (opi); |
2489 |
mesg.msg_controllen = sizeof (opi); |
|
Lines 2135-2143
Link Here
|
| 2135 |
&& cmsg->cmsg_len >= sizeof (opi)) |
2500 |
&& cmsg->cmsg_len >= sizeof (opi)) |
| 2136 |
{ |
2501 |
{ |
| 2137 |
struct in_pktinfo *pkti = (struct in_pktinfo *) CMSG_DATA (cmsg); |
2502 |
struct in_pktinfo *pkti = (struct in_pktinfo *) CMSG_DATA (cmsg); |
| 2138 |
from->pi.ipi_ifindex = pkti->ipi_ifindex; |
2503 |
from->pi.in4.ipi_ifindex = pkti->ipi_ifindex; |
| 2139 |
from->pi.ipi_spec_dst = pkti->ipi_spec_dst; |
2504 |
from->pi.in4.ipi_spec_dst = pkti->ipi_spec_dst; |
| 2140 |
} |
2505 |
} |
|
|
2506 |
#ifdef USE_PF_INET6 |
| 2507 |
else if (cmsg != NULL |
| 2508 |
&& CMSG_NXTHDR (&mesg, cmsg) == NULL |
| 2509 |
&& cmsg->cmsg_level == IPPROTO_IPV6 |
| 2510 |
&& cmsg->cmsg_type == IPV6_PKTINFO |
| 2511 |
&& cmsg->cmsg_len >= sizeof (struct openvpn_in6_pktinfo)) |
| 2512 |
{ |
| 2513 |
struct in6_pktinfo *pkti6 = (struct in6_pktinfo *) CMSG_DATA (cmsg); |
| 2514 |
from->pi.in6.ipi6_ifindex = pkti6->ipi6_ifindex; |
| 2515 |
from->pi.in6.ipi6_addr = pkti6->ipi6_addr; |
| 2516 |
} |
| 2517 |
#endif |
| 2141 |
} |
2518 |
} |
| 2142 |
return fromlen; |
2519 |
return fromlen; |
| 2143 |
} |
2520 |
} |
|
Lines 2149-2166
Link Here
|
| 2149 |
int maxsize, |
2526 |
int maxsize, |
| 2150 |
struct link_socket_actual *from) |
2527 |
struct link_socket_actual *from) |
| 2151 |
{ |
2528 |
{ |
| 2152 |
socklen_t fromlen = sizeof (from->dest.sa); |
2529 |
socklen_t fromlen = sizeof (from->dest.addr); |
| 2153 |
from->dest.sa.sin_addr.s_addr = 0; |
2530 |
socklen_t expectedlen = af_addr_size(proto_sa_family(sock->info.proto)); |
|
|
2531 |
addr_zero_host(&from->dest); |
| 2154 |
ASSERT (buf_safe (buf, maxsize)); |
2532 |
ASSERT (buf_safe (buf, maxsize)); |
| 2155 |
#if ENABLE_IP_PKTINFO |
2533 |
#if ENABLE_IP_PKTINFO |
| 2156 |
if (sock->sockflags & SF_USE_IP_PKTINFO) |
2534 |
/* Both PROTO_UDPv4 and PROTO_UDPv6 */ |
|
|
2535 |
if (proto_is_udp(sock->info.proto) && sock->sockflags & SF_USE_IP_PKTINFO) |
| 2157 |
fromlen = link_socket_read_udp_posix_recvmsg (sock, buf, maxsize, from); |
2536 |
fromlen = link_socket_read_udp_posix_recvmsg (sock, buf, maxsize, from); |
| 2158 |
else |
2537 |
else |
| 2159 |
#endif |
2538 |
#endif |
| 2160 |
buf->len = recvfrom (sock->sd, BPTR (buf), maxsize, 0, |
2539 |
buf->len = recvfrom (sock->sd, BPTR (buf), maxsize, 0, |
| 2161 |
(struct sockaddr *) &from->dest.sa, &fromlen); |
2540 |
&from->dest.addr.sa, &fromlen); |
| 2162 |
if (fromlen != sizeof (from->dest.sa)) |
2541 |
if (buf->len >= 0 && expectedlen && fromlen != expectedlen) |
| 2163 |
bad_address_length (fromlen, sizeof (from->dest.sa)); |
2542 |
bad_address_length (fromlen, expectedlen); |
| 2164 |
return buf->len; |
2543 |
return buf->len; |
| 2165 |
} |
2544 |
} |
| 2166 |
|
2545 |
|
|
Lines 2197-2222
Link Here
|
| 2197 |
struct iovec iov; |
2576 |
struct iovec iov; |
| 2198 |
struct msghdr mesg; |
2577 |
struct msghdr mesg; |
| 2199 |
struct cmsghdr *cmsg; |
2578 |
struct cmsghdr *cmsg; |
| 2200 |
struct in_pktinfo *pkti; |
|
|
| 2201 |
struct openvpn_pktinfo opi; |
| 2202 |
|
2579 |
|
| 2203 |
iov.iov_base = BPTR (buf); |
2580 |
iov.iov_base = BPTR (buf); |
| 2204 |
iov.iov_len = BLEN (buf); |
2581 |
iov.iov_len = BLEN (buf); |
| 2205 |
mesg.msg_iov = &iov; |
2582 |
mesg.msg_iov = &iov; |
| 2206 |
mesg.msg_iovlen = 1; |
2583 |
mesg.msg_iovlen = 1; |
| 2207 |
mesg.msg_name = &to->dest.sa; |
2584 |
switch (sock->info.lsa->remote.addr.sa.sa_family) |
| 2208 |
mesg.msg_namelen = sizeof (to->dest.sa); |
2585 |
{ |
| 2209 |
mesg.msg_control = &opi; |
2586 |
case AF_INET: { |
| 2210 |
mesg.msg_controllen = sizeof (opi); |
2587 |
struct openvpn_in4_pktinfo opi; |
| 2211 |
mesg.msg_flags = 0; |
2588 |
struct in_pktinfo *pkti; |
| 2212 |
cmsg = CMSG_FIRSTHDR (&mesg); |
2589 |
mesg.msg_name = &to->dest.addr.sa; |
| 2213 |
cmsg->cmsg_len = sizeof (opi); |
2590 |
mesg.msg_namelen = sizeof (struct sockaddr_in); |
| 2214 |
cmsg->cmsg_level = SOL_IP; |
2591 |
mesg.msg_control = &opi; |
| 2215 |
cmsg->cmsg_type = IP_PKTINFO; |
2592 |
mesg.msg_controllen = sizeof (opi); |
| 2216 |
pkti = (struct in_pktinfo *) CMSG_DATA (cmsg); |
2593 |
mesg.msg_flags = 0; |
| 2217 |
pkti->ipi_ifindex = to->pi.ipi_ifindex; |
2594 |
cmsg = CMSG_FIRSTHDR (&mesg); |
| 2218 |
pkti->ipi_spec_dst = to->pi.ipi_spec_dst; |
2595 |
cmsg->cmsg_len = sizeof (opi); |
| 2219 |
pkti->ipi_addr.s_addr = 0; |
2596 |
cmsg->cmsg_level = SOL_IP; |
|
|
2597 |
cmsg->cmsg_type = IP_PKTINFO; |
| 2598 |
pkti = (struct in_pktinfo *) CMSG_DATA (cmsg); |
| 2599 |
pkti->ipi_ifindex = to->pi.in4.ipi_ifindex; |
| 2600 |
pkti->ipi_spec_dst = to->pi.in4.ipi_spec_dst; |
| 2601 |
pkti->ipi_addr.s_addr = 0; |
| 2602 |
break; |
| 2603 |
} |
| 2604 |
#ifdef USE_PF_INET6 |
| 2605 |
case AF_INET6: { |
| 2606 |
struct openvpn_in6_pktinfo opi6; |
| 2607 |
struct in6_pktinfo *pkti6; |
| 2608 |
mesg.msg_name = &to->dest.addr.sa; |
| 2609 |
mesg.msg_namelen = sizeof (struct sockaddr_in6); |
| 2610 |
mesg.msg_control = &opi6; |
| 2611 |
mesg.msg_controllen = sizeof (opi6); |
| 2612 |
mesg.msg_flags = 0; |
| 2613 |
cmsg = CMSG_FIRSTHDR (&mesg); |
| 2614 |
cmsg->cmsg_len = sizeof (opi6); |
| 2615 |
cmsg->cmsg_level = IPPROTO_IPV6; |
| 2616 |
cmsg->cmsg_type = IPV6_PKTINFO; |
| 2617 |
pkti6 = (struct in6_pktinfo *) CMSG_DATA (cmsg); |
| 2618 |
pkti6->ipi6_ifindex = to->pi.in6.ipi6_ifindex; |
| 2619 |
pkti6->ipi6_addr = to->pi.in6.ipi6_addr; |
| 2620 |
break; |
| 2621 |
} |
| 2622 |
#endif |
| 2623 |
default: ASSERT(0); |
| 2624 |
} |
| 2220 |
return sendmsg (sock->sd, &mesg, 0); |
2625 |
return sendmsg (sock->sd, &mesg, 0); |
| 2221 |
} |
2626 |
} |
| 2222 |
|
2627 |
|
|
Lines 2360-2366
Link Here
|
| 2360 |
{ |
2765 |
{ |
| 2361 |
/* set destination address for UDP writes */ |
2766 |
/* set destination address for UDP writes */ |
| 2362 |
sock->writes.addr_defined = true; |
2767 |
sock->writes.addr_defined = true; |
| 2363 |
sock->writes.addr = to->dest.sa; |
2768 |
sock->writes.addr = to->dest.addr.in4; |
| 2364 |
sock->writes.addrlen = sizeof (sock->writes.addr); |
2769 |
sock->writes.addrlen = sizeof (sock->writes.addr); |
| 2365 |
|
2770 |
|
| 2366 |
status = WSASendTo( |
2771 |
status = WSASendTo( |
|
Lines 2516-2525
Link Here
|
| 2516 |
{ |
2921 |
{ |
| 2517 |
if (io->addrlen != sizeof (io->addr)) |
2922 |
if (io->addrlen != sizeof (io->addr)) |
| 2518 |
bad_address_length (io->addrlen, sizeof (io->addr)); |
2923 |
bad_address_length (io->addrlen, sizeof (io->addr)); |
| 2519 |
from->dest.sa = io->addr; |
2924 |
from->dest.addr.sa = io->addr; |
| 2520 |
} |
2925 |
} |
| 2521 |
else |
2926 |
else |
| 2522 |
CLEAR (from->dest.sa); |
2927 |
CLEAR (from->dest.addr.sa); |
| 2523 |
} |
2928 |
} |
| 2524 |
|
2929 |
|
| 2525 |
if (buf) |
2930 |
if (buf) |
