Lines 36-45
Link Here
|
36 |
#include "memdbg.h" |
36 |
#include "memdbg.h" |
37 |
|
37 |
|
38 |
const int proto_overhead[] = { /* indexed by PROTO_x */ |
38 |
const int proto_overhead[] = { /* indexed by PROTO_x */ |
39 |
IPv4_UDP_HEADER_SIZE, |
39 |
0, |
|
|
40 |
IPv4_UDP_HEADER_SIZE, /* IPv4 */ |
40 |
IPv4_TCP_HEADER_SIZE, |
41 |
IPv4_TCP_HEADER_SIZE, |
41 |
IPv4_TCP_HEADER_SIZE, |
42 |
IPv4_TCP_HEADER_SIZE, |
42 |
IPv4_TCP_HEADER_SIZE |
43 |
#ifdef USE_PF_INET6 |
|
|
44 |
IPv6_UDP_HEADER_SIZE, /* IPv6 */ |
45 |
IPv6_TCP_HEADER_SIZE, |
46 |
IPv6_TCP_HEADER_SIZE, |
47 |
IPv6_TCP_HEADER_SIZE, |
48 |
#endif |
43 |
}; |
49 |
}; |
44 |
|
50 |
|
45 |
/* |
51 |
/* |
Lines 299-318
Link Here
|
299 |
struct openvpn_sockaddr *addr, |
305 |
struct openvpn_sockaddr *addr, |
300 |
bool *changed) |
306 |
bool *changed) |
301 |
{ |
307 |
{ |
302 |
if (host && addr) |
308 |
switch(addr->addr.sa.sa_family) { |
303 |
{ |
309 |
case AF_INET: |
304 |
const in_addr_t new_addr = getaddr ( |
310 |
if (host && addr) |
305 |
GETADDR_RESOLVE|GETADDR_UPDATE_MANAGEMENT_STATE, |
311 |
{ |
306 |
host, |
312 |
const in_addr_t new_addr = getaddr ( |
307 |
1, |
313 |
GETADDR_RESOLVE|GETADDR_UPDATE_MANAGEMENT_STATE, |
308 |
NULL, |
314 |
host, |
309 |
NULL); |
315 |
1, |
310 |
if (new_addr && addr->sa.sin_addr.s_addr != new_addr) |
316 |
NULL, |
|
|
317 |
NULL); |
318 |
if (new_addr && addr->addr.in4.sin_addr.s_addr != new_addr) |
311 |
{ |
319 |
{ |
312 |
addr->sa.sin_addr.s_addr = new_addr; |
320 |
addr->addr.in4.sin_addr.s_addr = new_addr; |
313 |
*changed = true; |
321 |
*changed = true; |
314 |
} |
322 |
} |
315 |
} |
323 |
} |
|
|
324 |
break; |
325 |
#ifdef USE_PF_INET6 |
326 |
case AF_INET6: /* jjoFIXME: should adapt getaddr() for AF_INET6 */ |
327 |
if (host && addr) |
328 |
{ |
329 |
struct addrinfo hints , *ai; |
330 |
int err; |
331 |
memset(&hints, 0, sizeof hints); |
332 |
hints.ai_flags=AI_PASSIVE; |
333 |
hints.ai_family=AF_INET6; |
334 |
if ((err=getaddrinfo(host, NULL, &hints, &ai))==0) |
335 |
{ |
336 |
struct sockaddr_in6 *sin6=(struct sockaddr_in6*)ai->ai_addr; |
337 |
if (IN6_ARE_ADDR_EQUAL(&sin6->sin6_addr, &addr->addr.in6.sin6_addr)) |
338 |
{ |
339 |
int port=addr->addr.in6.sin6_port; /* backup current port for easier copy, restore later */ |
340 |
addr->addr.in6=*sin6; /* ipv6 requires also eg. sin6_scope_id => easy to full copy*/ |
341 |
addr->addr.in6.sin6_port=port; |
342 |
} |
343 |
freeaddrinfo(ai); |
344 |
} |
345 |
} |
346 |
break; |
347 |
#endif |
348 |
default: |
349 |
ASSERT(0); |
350 |
} |
316 |
} |
351 |
} |
317 |
|
352 |
|
318 |
static int |
353 |
static int |
Lines 505-510
Link Here
|
505 |
return sd; |
540 |
return sd; |
506 |
} |
541 |
} |
507 |
|
542 |
|
|
|
543 |
#ifdef USE_PF_INET6 |
544 |
static socket_descriptor_t |
545 |
create_socket_udp6 (const unsigned int flags) |
546 |
{ |
547 |
socket_descriptor_t sd; |
548 |
|
549 |
if ((sd = socket (PF_INET6, SOCK_DGRAM, IPPROTO_UDP)) < 0) |
550 |
msg (M_SOCKERR, "UDP: Cannot create UDP6 socket"); |
551 |
#if ENABLE_IP_PKTINFO |
552 |
else if (flags & SF_USE_IP_PKTINFO) |
553 |
{ |
554 |
int pad = 1; |
555 |
setsockopt (sd, IPPROTO_IPV6, IPV6_PKTINFO, (void*)&pad, sizeof(pad)); |
556 |
} |
557 |
#endif |
558 |
return sd; |
559 |
} |
560 |
|
561 |
static socket_descriptor_t |
562 |
create_socket_tcp6 (void) |
563 |
{ |
564 |
socket_descriptor_t sd; |
565 |
|
566 |
if ((sd = socket (PF_INET6, SOCK_STREAM, IPPROTO_TCP)) < 0) |
567 |
msg (M_SOCKERR, "Cannot create TCP6 socket"); |
568 |
|
569 |
/* set SO_REUSEADDR on socket */ |
570 |
{ |
571 |
int on = 1; |
572 |
if (setsockopt (sd, SOL_SOCKET, SO_REUSEADDR, |
573 |
(void *) &on, sizeof (on)) < 0) |
574 |
msg (M_SOCKERR, "TCP: Cannot setsockopt SO_REUSEADDR on TCP6 socket"); |
575 |
} |
576 |
|
577 |
return sd; |
578 |
} |
579 |
|
580 |
#endif |
508 |
static void |
581 |
static void |
509 |
create_socket (struct link_socket *sock) |
582 |
create_socket (struct link_socket *sock) |
510 |
{ |
583 |
{ |
Lines 523-528
Link Here
|
523 |
{ |
596 |
{ |
524 |
sock->sd = create_socket_tcp (); |
597 |
sock->sd = create_socket_tcp (); |
525 |
} |
598 |
} |
|
|
599 |
#ifdef USE_PF_INET6 |
600 |
else if (sock->info.proto == PROTO_TCPv6_SERVER |
601 |
|| sock->info.proto == PROTO_TCPv6_CLIENT) |
602 |
{ |
603 |
sock->sd = create_socket_tcp6 (); |
604 |
} |
605 |
else if (sock->info.proto == PROTO_UDPv6) |
606 |
{ |
607 |
sock->sd = create_socket_udp6 (sock->sockflags); |
608 |
} |
609 |
#endif |
526 |
else |
610 |
else |
527 |
{ |
611 |
{ |
528 |
ASSERT (0); |
612 |
ASSERT (0); |
Lines 560-566
Link Here
|
560 |
struct link_socket_actual *act, |
644 |
struct link_socket_actual *act, |
561 |
const bool nowait) |
645 |
const bool nowait) |
562 |
{ |
646 |
{ |
563 |
socklen_t remote_len = sizeof (act->dest.sa); |
647 |
/* af_addr_size WILL return 0 in this case if AFs other than AF_INET |
|
|
648 |
* are compiled because act is empty here. |
649 |
* could use getsockname() to support later remote_len check |
650 |
*/ |
651 |
socklen_t remote_len_af = af_addr_size(act->dest.addr.sa.sa_family); |
652 |
socklen_t remote_len = sizeof(act->dest.addr); |
564 |
socket_descriptor_t new_sd = SOCKET_UNDEFINED; |
653 |
socket_descriptor_t new_sd = SOCKET_UNDEFINED; |
565 |
|
654 |
|
566 |
CLEAR (*act); |
655 |
CLEAR (*act); |
Lines 568-574
Link Here
|
568 |
#ifdef HAVE_GETPEERNAME |
657 |
#ifdef HAVE_GETPEERNAME |
569 |
if (nowait) |
658 |
if (nowait) |
570 |
{ |
659 |
{ |
571 |
new_sd = getpeername (sd, (struct sockaddr *) &act->dest.sa, &remote_len); |
660 |
new_sd = getpeername (sd, &act->dest.addr.sa, &remote_len); |
572 |
|
661 |
|
573 |
if (!socket_defined (new_sd)) |
662 |
if (!socket_defined (new_sd)) |
574 |
msg (D_LINK_ERRORS | M_ERRNO_SOCK, "TCP: getpeername() failed"); |
663 |
msg (D_LINK_ERRORS | M_ERRNO_SOCK, "TCP: getpeername() failed"); |
Lines 581-587
Link Here
|
581 |
#endif |
670 |
#endif |
582 |
else |
671 |
else |
583 |
{ |
672 |
{ |
584 |
new_sd = accept (sd, (struct sockaddr *) &act->dest.sa, &remote_len); |
673 |
new_sd = accept (sd, &act->dest.addr.sa, &remote_len); |
585 |
} |
674 |
} |
586 |
|
675 |
|
587 |
#if 0 /* For debugging only, test the effect of accept() failures */ |
676 |
#if 0 /* For debugging only, test the effect of accept() failures */ |
Lines 597-603
Link Here
|
597 |
{ |
686 |
{ |
598 |
msg (D_LINK_ERRORS | M_ERRNO_SOCK, "TCP: accept(%d) failed", sd); |
687 |
msg (D_LINK_ERRORS | M_ERRNO_SOCK, "TCP: accept(%d) failed", sd); |
599 |
} |
688 |
} |
600 |
else if (remote_len != sizeof (act->dest.sa)) |
689 |
/* only valid if we have remote_len_af!=0 */ |
|
|
690 |
else if (remote_len_af && remote_len != remote_len_af) |
601 |
{ |
691 |
{ |
602 |
msg (D_LINK_ERRORS, "TCP: Received strange incoming connection with unknown address length=%d", remote_len); |
692 |
msg (D_LINK_ERRORS, "TCP: Received strange incoming connection with unknown address length=%d", remote_len); |
603 |
openvpn_close_socket (new_sd); |
693 |
openvpn_close_socket (new_sd); |
Lines 698-704
Link Here
|
698 |
{ |
788 |
{ |
699 |
struct gc_arena gc = gc_new (); |
789 |
struct gc_arena gc = gc_new (); |
700 |
|
790 |
|
701 |
if (bind (sd, (struct sockaddr *) &local->sa, sizeof (local->sa))) |
791 |
if (bind (sd, &local->addr.sa, af_addr_size(local->addr.sa.sa_family))) |
702 |
{ |
792 |
{ |
703 |
const int errnum = openvpn_errno_socket (); |
793 |
const int errnum = openvpn_errno_socket (); |
704 |
msg (M_FATAL, "%s: Socket bind failed on local address %s: %s", |
794 |
msg (M_FATAL, "%s: Socket bind failed on local address %s: %s", |
Lines 719-725
Link Here
|
719 |
|
809 |
|
720 |
#ifdef CONNECT_NONBLOCK |
810 |
#ifdef CONNECT_NONBLOCK |
721 |
set_nonblock (sd); |
811 |
set_nonblock (sd); |
722 |
status = connect (sd, (struct sockaddr *) &remote->sa, sizeof (remote->sa)); |
812 |
status = connect (sd, &remote->addr.sa, af_addr_size(remote->addr.sa.sa_family)); |
723 |
if (status) |
813 |
if (status) |
724 |
status = openvpn_errno_socket (); |
814 |
status = openvpn_errno_socket (); |
725 |
if (status == EINPROGRESS) |
815 |
if (status == EINPROGRESS) |
Lines 854-870
Link Here
|
854 |
if (*signal_received) |
944 |
if (*signal_received) |
855 |
goto done; |
945 |
goto done; |
856 |
|
946 |
|
857 |
*sd = create_socket_tcp (); |
947 |
switch(remote->addr.sa.sa_family) { |
858 |
if (bind_local) |
948 |
case AF_INET: |
859 |
socket_bind (*sd, local, "TCP Client"); |
949 |
*sd = create_socket_tcp (); |
860 |
update_remote (remote_dynamic, remote, remote_changed); |
950 |
if (bind_local) |
861 |
} |
951 |
socket_bind (*sd, local, "TCP Client"); |
|
|
952 |
update_remote (remote_dynamic, remote, remote_changed); |
953 |
break; |
954 |
#ifdef USE_PF_INET6 |
955 |
case AF_INET6: |
956 |
*sd = create_socket_tcp6 (); |
957 |
if (bind_local) |
958 |
socket_bind (*sd, local, "TCP6 Client"); |
959 |
update_remote (remote_dynamic, remote, remote_changed); |
960 |
break; |
961 |
#endif |
962 |
default: |
963 |
msg(M_FATAL, "Only TCP is supported for connection oriented, sa_family=%d", |
964 |
remote->addr.sa.sa_family); |
965 |
} |
966 |
} |
862 |
|
967 |
|
863 |
msg (M_INFO, "TCP connection established with %s", |
968 |
msg (M_INFO, "TCP connection established with %s", |
864 |
print_sockaddr (remote, &gc)); |
969 |
print_sockaddr (remote, &gc)); |
865 |
|
970 |
|
866 |
done: |
971 |
done: |
867 |
gc_free (&gc); |
972 |
gc_free (&gc); |
868 |
} |
973 |
} |
869 |
|
974 |
|
870 |
/* For stream protocols, allocate a buffer to build up packet. |
975 |
/* For stream protocols, allocate a buffer to build up packet. |
Lines 918-934
Link Here
|
918 |
|
1023 |
|
919 |
/* resolve local address if undefined */ |
1024 |
/* resolve local address if undefined */ |
920 |
if (!addr_defined (&sock->info.lsa->local)) |
1025 |
if (!addr_defined (&sock->info.lsa->local)) |
921 |
{ |
1026 |
{ |
922 |
sock->info.lsa->local.sa.sin_family = AF_INET; |
1027 |
/* may return AF_{INET|INET6} guessed from local_host */ |
923 |
sock->info.lsa->local.sa.sin_addr.s_addr = |
1028 |
switch(addr_guess_family(sock->info.proto, sock->local_host)) { |
924 |
(sock->local_host ? getaddr (GETADDR_RESOLVE | GETADDR_WARN_ON_SIGNAL | GETADDR_FATAL, |
1029 |
case AF_INET: |
925 |
sock->local_host, |
1030 |
sock->info.lsa->local.addr.in4.sin_family = AF_INET; |
926 |
0, |
1031 |
sock->info.lsa->local.addr.in4.sin_addr.s_addr = |
927 |
NULL, |
1032 |
(sock->local_host ? getaddr (GETADDR_RESOLVE | GETADDR_WARN_ON_SIGNAL | GETADDR_FATAL, |
928 |
NULL) |
1033 |
sock->local_host, |
929 |
: htonl (INADDR_ANY)); |
1034 |
0, |
930 |
sock->info.lsa->local.sa.sin_port = htons (sock->local_port); |
1035 |
NULL, |
|
|
1036 |
NULL) |
1037 |
: htonl (INADDR_ANY)); |
1038 |
sock->info.lsa->local.addr.in4.sin_port = htons (sock->local_port); |
1039 |
break; |
1040 |
#ifdef USE_PF_INET6 |
1041 |
case AF_INET6: |
1042 |
{ |
1043 |
struct addrinfo hints , *ai; |
1044 |
int err; |
1045 |
memset(&hints, 0, sizeof hints); |
1046 |
hints.ai_flags=AI_PASSIVE; |
1047 |
hints.ai_family=AF_INET6; |
1048 |
/* if no local_host provided, ask for IN6ADDR_ANY ... */ |
1049 |
if ((err=getaddrinfo(sock->local_host? sock->local_host : "::", |
1050 |
NULL, &hints, &ai))==0) { |
1051 |
sock->info.lsa->local.addr.in6 = *((struct sockaddr_in6*)(ai->ai_addr)); |
1052 |
freeaddrinfo(ai); |
1053 |
} else { |
1054 |
msg (M_FATAL, "getaddrinfo() failed for local \"%s\": %s", |
1055 |
sock->local_host, |
1056 |
gai_strerror(err)); |
1057 |
} |
1058 |
sock->info.lsa->local.addr.in6.sin6_port = htons (sock->local_port); |
1059 |
} |
1060 |
break; |
1061 |
#endif |
931 |
} |
1062 |
} |
|
|
1063 |
} |
932 |
|
1064 |
|
933 |
/* bind to local address/port */ |
1065 |
/* bind to local address/port */ |
934 |
if (sock->bind_local) |
1066 |
if (sock->bind_local) |
Lines 955-1055
Link Here
|
955 |
{ |
1087 |
{ |
956 |
/* resolve remote address if undefined */ |
1088 |
/* resolve remote address if undefined */ |
957 |
if (!addr_defined (&sock->info.lsa->remote)) |
1089 |
if (!addr_defined (&sock->info.lsa->remote)) |
958 |
{ |
1090 |
{ |
959 |
sock->info.lsa->remote.sa.sin_family = AF_INET; |
1091 |
switch(addr_guess_family(sock->info.proto, sock->remote_host)) |
960 |
sock->info.lsa->remote.sa.sin_addr.s_addr = 0; |
1092 |
{ |
|
|
1093 |
case AF_INET: |
1094 |
sock->info.lsa->remote.addr.in4.sin_family = AF_INET; |
1095 |
sock->info.lsa->remote.addr.in4.sin_addr.s_addr = 0; |
961 |
|
1096 |
|
962 |
if (sock->remote_host) |
1097 |
if (sock->remote_host) |
963 |
{ |
1098 |
{ |
964 |
unsigned int flags = GETADDR_RESOLVE|GETADDR_UPDATE_MANAGEMENT_STATE; |
1099 |
unsigned int flags = GETADDR_RESOLVE|GETADDR_UPDATE_MANAGEMENT_STATE; |
965 |
int retry = 0; |
1100 |
int retry = 0; |
966 |
bool status = false; |
1101 |
bool status = false; |
967 |
|
1102 |
|
968 |
if (sock->connection_profiles_defined && sock->resolve_retry_seconds == RESOLV_RETRY_INFINITE) |
1103 |
if (sock->connection_profiles_defined && sock->resolve_retry_seconds == RESOLV_RETRY_INFINITE) |
969 |
{ |
1104 |
{ |
970 |
if (phase == 2) |
1105 |
if (phase == 2) |
971 |
flags |= (GETADDR_TRY_ONCE | GETADDR_FATAL); |
1106 |
flags |= (GETADDR_TRY_ONCE | GETADDR_FATAL); |
972 |
retry = 0; |
1107 |
retry = 0; |
973 |
} |
1108 |
} |
974 |
else if (phase == 1) |
1109 |
else if (phase == 1) |
975 |
{ |
1110 |
{ |
976 |
if (sock->resolve_retry_seconds) |
1111 |
if (sock->resolve_retry_seconds) |
977 |
{ |
1112 |
{ |
978 |
retry = 0; |
1113 |
retry = 0; |
979 |
} |
1114 |
} |
980 |
else |
|
|
981 |
{ |
982 |
flags |= (GETADDR_FATAL | GETADDR_MENTION_RESOLVE_RETRY); |
983 |
retry = 0; |
984 |
} |
985 |
} |
986 |
else if (phase == 2) |
987 |
{ |
988 |
if (sock->resolve_retry_seconds) |
989 |
{ |
990 |
flags |= GETADDR_FATAL; |
991 |
retry = sock->resolve_retry_seconds; |
992 |
} |
993 |
else |
1115 |
else |
994 |
{ |
1116 |
{ |
995 |
ASSERT (0); |
1117 |
flags |= (GETADDR_FATAL | GETADDR_MENTION_RESOLVE_RETRY); |
996 |
} |
1118 |
retry = 0; |
997 |
} |
1119 |
} |
998 |
else |
1120 |
} |
999 |
{ |
1121 |
else if (phase == 2) |
1000 |
ASSERT (0); |
1122 |
{ |
1001 |
} |
1123 |
if (sock->resolve_retry_seconds) |
1002 |
|
1124 |
{ |
1003 |
sock->info.lsa->remote.sa.sin_addr.s_addr = getaddr ( |
1125 |
flags |= GETADDR_FATAL; |
1004 |
flags, |
1126 |
retry = sock->resolve_retry_seconds; |
1005 |
sock->remote_host, |
1127 |
} |
1006 |
retry, |
1128 |
else |
1007 |
&status, |
1129 |
{ |
1008 |
signal_received); |
1130 |
ASSERT (0); |
1009 |
|
1131 |
} |
1010 |
dmsg (D_SOCKET_DEBUG, "RESOLVE_REMOTE flags=0x%04x phase=%d rrs=%d sig=%d status=%d", |
1132 |
} |
1011 |
flags, |
1133 |
else |
1012 |
phase, |
1134 |
{ |
1013 |
retry, |
1135 |
ASSERT (0); |
1014 |
signal_received ? *signal_received : -1, |
1136 |
} |
1015 |
status); |
1137 |
|
1016 |
|
1138 |
sock->info.lsa->remote.addr.in4.sin_addr.s_addr = getaddr ( |
1017 |
if (signal_received) |
1139 |
flags, |
1018 |
{ |
1140 |
sock->remote_host, |
1019 |
if (*signal_received) |
1141 |
retry, |
|
|
1142 |
&status, |
1143 |
signal_received); |
1144 |
|
1145 |
dmsg (D_SOCKET_DEBUG, "RESOLVE_REMOTE flags=0x%04x phase=%d rrs=%d sig=%d status=%d", |
1146 |
flags, |
1147 |
phase, |
1148 |
retry, |
1149 |
signal_received ? *signal_received : -1, |
1150 |
status); |
1151 |
|
1152 |
if (signal_received) |
1153 |
{ |
1154 |
if (*signal_received) |
1155 |
goto done; |
1156 |
} |
1157 |
if (!status) |
1158 |
{ |
1159 |
if (signal_received) |
1160 |
*signal_received = SIGUSR1; |
1020 |
goto done; |
1161 |
goto done; |
1021 |
} |
1162 |
} |
1022 |
if (!status) |
1163 |
} |
1023 |
{ |
|
|
1024 |
if (signal_received) |
1025 |
*signal_received = SIGUSR1; |
1026 |
goto done; |
1027 |
} |
1028 |
} |
1029 |
|
1164 |
|
1030 |
sock->info.lsa->remote.sa.sin_port = htons (sock->remote_port); |
1165 |
sock->info.lsa->remote.addr.in4.sin_port = htons (sock->remote_port); |
1031 |
} |
1166 |
break; |
1032 |
|
1167 |
|
|
|
1168 |
#ifdef USE_PF_INET6 |
1169 |
case AF_INET6: /* jjoFIXME: ipv6 signal logic */ |
1170 |
{ |
1171 |
struct addrinfo hints , *ai; |
1172 |
int err; |
1173 |
memset(&hints, 0, sizeof hints); |
1174 |
hints.ai_flags=0; |
1175 |
hints.ai_family=AF_INET6; |
1176 |
if ((err=getaddrinfo(sock->remote_host? sock->remote_host : "::" , NULL, &hints, &ai))==0) { |
1177 |
sock->info.lsa->remote.addr.in6 = *((struct sockaddr_in6*)(ai->ai_addr)); |
1178 |
freeaddrinfo(ai); |
1179 |
} else { |
1180 |
msg (M_FATAL, "getaddrinfo() failed for remote \"%s\": %s", |
1181 |
sock->remote_host, |
1182 |
gai_strerror(err)); |
1183 |
} |
1184 |
sock->info.lsa->remote.addr.in6.sin6_port = htons (sock->remote_port); |
1185 |
} |
1186 |
break; |
1187 |
#endif |
1188 |
} |
1189 |
} |
1033 |
/* should we re-use previous active remote address? */ |
1190 |
/* should we re-use previous active remote address? */ |
1034 |
if (link_socket_actual_defined (&sock->info.lsa->actual)) |
1191 |
if (link_socket_actual_defined (&sock->info.lsa->actual)) |
1035 |
{ |
1192 |
{ |
1036 |
msg (M_INFO, "TCP/UDP: Preserving recently used remote address: %s", |
1193 |
msg (M_INFO, "TCP/UDP: Preserving recently used remote address: %s", |
1037 |
print_link_socket_actual (&sock->info.lsa->actual, &gc)); |
1194 |
print_link_socket_actual (&sock->info.lsa->actual, &gc)); |
1038 |
if (remote_dynamic) |
1195 |
if (remote_dynamic) |
1039 |
*remote_dynamic = NULL; |
1196 |
*remote_dynamic = NULL; |
1040 |
} |
1197 |
} |
1041 |
else |
1198 |
else |
1042 |
{ |
1199 |
{ |
1043 |
CLEAR (sock->info.lsa->actual); |
1200 |
CLEAR (sock->info.lsa->actual); |
1044 |
sock->info.lsa->actual.dest = sock->info.lsa->remote; |
1201 |
sock->info.lsa->actual.dest = sock->info.lsa->remote; |
1045 |
} |
1202 |
} |
1046 |
|
|
|
1047 |
/* remember that we finished */ |
1203 |
/* remember that we finished */ |
1048 |
sock->did_resolve_remote = true; |
1204 |
sock->did_resolve_remote = true; |
1049 |
} |
1205 |
} |
1050 |
|
1206 |
|
1051 |
done: |
1207 |
done: |
1052 |
gc_free (&gc); |
1208 |
gc_free (&gc); |
1053 |
} |
1209 |
} |
1054 |
|
1210 |
|
1055 |
struct link_socket * |
1211 |
struct link_socket * |
Lines 1268-1274
Link Here
|
1268 |
goto done; |
1424 |
goto done; |
1269 |
|
1425 |
|
1270 |
/* TCP client/server */ |
1426 |
/* TCP client/server */ |
1271 |
if (sock->info.proto == PROTO_TCPv4_SERVER) |
1427 |
if (sock->info.proto == PROTO_TCPv4_SERVER |
|
|
1428 |
#ifdef USE_PF_INET6 |
1429 |
||sock->info.proto == PROTO_TCPv6_SERVER |
1430 |
#endif |
1431 |
) |
1272 |
{ |
1432 |
{ |
1273 |
switch (sock->mode) |
1433 |
switch (sock->mode) |
1274 |
{ |
1434 |
{ |
Lines 1303-1309
Link Here
|
1303 |
ASSERT (0); |
1463 |
ASSERT (0); |
1304 |
} |
1464 |
} |
1305 |
} |
1465 |
} |
1306 |
else if (sock->info.proto == PROTO_TCPv4_CLIENT) |
1466 |
else if (sock->info.proto == PROTO_TCPv4_CLIENT |
|
|
1467 |
#ifdef USE_PF_INET6 |
1468 |
||sock->info.proto == PROTO_TCPv6_CLIENT |
1469 |
#endif |
1470 |
) |
1307 |
{ |
1471 |
{ |
1308 |
|
1472 |
|
1309 |
#ifdef GENERAL_PROXY_SUPPORT |
1473 |
#ifdef GENERAL_PROXY_SUPPORT |
Lines 1388-1395
Link Here
|
1388 |
sock->remote_port = sock->proxy_dest_port; |
1552 |
sock->remote_port = sock->proxy_dest_port; |
1389 |
sock->did_resolve_remote = false; |
1553 |
sock->did_resolve_remote = false; |
1390 |
|
1554 |
|
1391 |
sock->info.lsa->actual.dest.sa.sin_addr.s_addr = 0; |
1555 |
addr_zero_host(&sock->info.lsa->actual.dest); |
1392 |
sock->info.lsa->remote.sa.sin_addr.s_addr = 0; |
1556 |
addr_zero_host(&sock->info.lsa->remote); |
1393 |
|
1557 |
|
1394 |
resolve_remote (sock, 1, NULL, signal_received); |
1558 |
resolve_remote (sock, 1, NULL, signal_received); |
1395 |
|
1559 |
|
Lines 1404-1410
Link Here
|
1404 |
if (remote_changed) |
1568 |
if (remote_changed) |
1405 |
{ |
1569 |
{ |
1406 |
msg (M_INFO, "TCP/UDP: Dynamic remote address changed during TCP connection establishment"); |
1570 |
msg (M_INFO, "TCP/UDP: Dynamic remote address changed during TCP connection establishment"); |
1407 |
sock->info.lsa->remote.sa.sin_addr.s_addr = sock->info.lsa->actual.dest.sa.sin_addr.s_addr; |
1571 |
addr_copy_host(&sock->info.lsa->remote, &sock->info.lsa->actual.dest); |
1408 |
} |
1572 |
} |
1409 |
} |
1573 |
} |
1410 |
|
1574 |
|
Lines 1593-1605
Link Here
|
1593 |
{ |
1757 |
{ |
1594 |
struct gc_arena gc = gc_new (); |
1758 |
struct gc_arena gc = gc_new (); |
1595 |
|
1759 |
|
1596 |
msg (D_LINK_ERRORS, |
1760 |
switch(from_addr->dest.addr.sa.sa_family) |
1597 |
"TCP/UDP: Incoming packet rejected from %s[%d], expected peer address: %s (allow this incoming source address/port by removing --remote or adding --float)", |
1761 |
{ |
1598 |
print_link_socket_actual (from_addr, &gc), |
1762 |
case AF_INET: |
1599 |
(int)from_addr->dest.sa.sin_family, |
1763 |
#ifdef USE_PF_INET6 |
1600 |
print_sockaddr (&info->lsa->remote, &gc)); |
1764 |
case AF_INET6: |
|
|
1765 |
#endif |
1766 |
msg (D_LINK_ERRORS, |
1767 |
"TCP/UDP: Incoming packet rejected from %s[%d], expected peer address: %s (allow this incoming source address/port by removing --remote or adding --float)", |
1768 |
print_link_socket_actual (from_addr, &gc), |
1769 |
(int)from_addr->dest.addr.sa.sa_family, |
1770 |
print_sockaddr (&info->lsa->remote, &gc)); |
1771 |
break; |
1772 |
} |
1601 |
buf->len = 0; |
1773 |
buf->len = 0; |
1602 |
|
|
|
1603 |
gc_free (&gc); |
1774 |
gc_free (&gc); |
1604 |
} |
1775 |
} |
1605 |
|
1776 |
|
Lines 1614-1623
Link Here
|
1614 |
{ |
1785 |
{ |
1615 |
const struct link_socket_addr *lsa = info->lsa; |
1786 |
const struct link_socket_addr *lsa = info->lsa; |
1616 |
|
1787 |
|
|
|
1788 |
/* |
1789 |
* This logic supports "redirect-gateway" semantic, which |
1790 |
* makes sense only for PF_INET routes over PF_INET endpoints |
1791 |
* |
1792 |
* Maybe in the future consider PF_INET6 endpoints also ... |
1793 |
* by now just ignore it |
1794 |
* |
1795 |
*/ |
1796 |
#if defined ( USE_PF_INET6 ) |
1797 |
if(lsa->actual.dest.addr.sa.sa_family != AF_INET) |
1798 |
return 0; |
1799 |
#else |
1800 |
ASSERT(lsa->actual.dest.addr.sa.sa_family == AF_INET); |
1801 |
#endif |
1802 |
|
1617 |
if (link_socket_actual_defined (&lsa->actual)) |
1803 |
if (link_socket_actual_defined (&lsa->actual)) |
1618 |
return ntohl (lsa->actual.dest.sa.sin_addr.s_addr); |
1804 |
return ntohl (lsa->actual.dest.addr.in4.sin_addr.s_addr); |
1619 |
else if (addr_defined (&lsa->remote)) |
1805 |
else if (addr_defined (&lsa->remote)) |
1620 |
return ntohl (lsa->remote.sa.sin_addr.s_addr); |
1806 |
return ntohl (lsa->remote.addr.in4.sin_addr.s_addr); |
1621 |
else |
1807 |
else |
1622 |
return 0; |
1808 |
return 0; |
1623 |
} |
1809 |
} |
Lines 1844-1871
Link Here
|
1844 |
const unsigned int flags, |
2030 |
const unsigned int flags, |
1845 |
struct gc_arena *gc) |
2031 |
struct gc_arena *gc) |
1846 |
{ |
2032 |
{ |
1847 |
if (addr) |
2033 |
struct buffer out; |
1848 |
{ |
2034 |
bool addr_is_defined; |
1849 |
struct buffer out = alloc_buf_gc (64, gc); |
2035 |
if (!addr) { |
1850 |
const int port = ntohs (addr->sa.sin_port); |
2036 |
return "[NULL]"; |
1851 |
|
2037 |
} |
1852 |
mutex_lock_static (L_INET_NTOA); |
2038 |
addr_is_defined = addr_defined (addr); |
1853 |
if (!(flags & PS_DONT_SHOW_ADDR)) |
2039 |
switch(addr->addr.sa.sa_family) { |
1854 |
buf_printf (&out, "%s", (addr_defined (addr) ? inet_ntoa (addr->sa.sin_addr) : "[undef]")); |
2040 |
case AF_INET: |
1855 |
mutex_unlock_static (L_INET_NTOA); |
2041 |
{ |
1856 |
|
2042 |
const int port= ntohs (addr->addr.in4.sin_port); |
1857 |
if (((flags & PS_SHOW_PORT) || (addr_defined (addr) && (flags & PS_SHOW_PORT_IF_DEFINED))) |
2043 |
out = alloc_buf_gc (128, gc); |
1858 |
&& port) |
2044 |
buf_puts (&out, "[AF_INET]"); |
1859 |
{ |
2045 |
mutex_lock_static (L_INET_NTOA); |
1860 |
if (separator) |
2046 |
buf_puts (&out, (addr_is_defined ? inet_ntoa (addr->addr.in4.sin_addr) : "[undef]")); |
1861 |
buf_printf (&out, "%s", separator); |
2047 |
mutex_unlock_static (L_INET_NTOA); |
1862 |
|
2048 |
|
1863 |
buf_printf (&out, "%d", port); |
2049 |
if (((flags & PS_SHOW_PORT) || (addr_is_defined && (flags & PS_SHOW_PORT_IF_DEFINED))) |
1864 |
} |
2050 |
&& port) |
1865 |
return BSTR (&out); |
2051 |
{ |
1866 |
} |
2052 |
if (separator) |
1867 |
else |
2053 |
buf_printf (&out, "%s", separator); |
1868 |
return "[NULL]"; |
2054 |
|
|
|
2055 |
buf_printf (&out, "%d", port); |
2056 |
} |
2057 |
} |
2058 |
break; |
2059 |
#ifdef USE_PF_INET6 |
2060 |
case AF_INET6: |
2061 |
{ |
2062 |
const int port= ntohs (addr->addr.in6.sin6_port); |
2063 |
char buf[INET6_ADDRSTRLEN] = "[undef]"; |
2064 |
out = alloc_buf_gc (128, gc); |
2065 |
buf_puts (&out, "[AF_INET6]"); |
2066 |
if (addr_is_defined) |
2067 |
{ |
2068 |
getnameinfo(&addr->addr.sa, sizeof (struct sockaddr_in6), |
2069 |
buf, sizeof (buf), NULL, 0, NI_NUMERICHOST); |
2070 |
buf_puts (&out, buf); |
2071 |
} |
2072 |
if (((flags & PS_SHOW_PORT) || (addr_is_defined && (flags & PS_SHOW_PORT_IF_DEFINED))) |
2073 |
&& port) |
2074 |
{ |
2075 |
if (separator) |
2076 |
buf_puts (&out, separator); |
2077 |
|
2078 |
buf_printf (&out, "%d", port); |
2079 |
} |
2080 |
} |
2081 |
break; |
2082 |
#endif |
2083 |
} |
2084 |
return BSTR (&out); |
1869 |
} |
2085 |
} |
1870 |
|
2086 |
|
1871 |
const char * |
2087 |
const char * |
Lines 1885-1896
Link Here
|
1885 |
struct buffer out = alloc_buf_gc (128, gc); |
2101 |
struct buffer out = alloc_buf_gc (128, gc); |
1886 |
buf_printf (&out, "%s", print_sockaddr_ex (&act->dest, separator, flags, gc)); |
2102 |
buf_printf (&out, "%s", print_sockaddr_ex (&act->dest, separator, flags, gc)); |
1887 |
#if ENABLE_IP_PKTINFO |
2103 |
#if ENABLE_IP_PKTINFO |
1888 |
if ((flags & PS_SHOW_PKTINFO) && act->pi.ipi_spec_dst.s_addr) |
2104 |
if ((flags & PS_SHOW_PKTINFO) && addr_defined_ipi(act)) |
1889 |
{ |
2105 |
{ |
|
|
2106 |
switch(act->dest.addr.sa.sa_family) |
2107 |
{ |
2108 |
case AF_INET: |
2109 |
{ |
1890 |
struct openvpn_sockaddr sa; |
2110 |
struct openvpn_sockaddr sa; |
1891 |
CLEAR (sa); |
2111 |
CLEAR (sa); |
1892 |
sa.sa.sin_addr = act->pi.ipi_spec_dst; |
2112 |
sa.addr.in4.sin_addr = act->pi.in4.ipi_spec_dst; |
1893 |
buf_printf (&out, " (via %s)", print_sockaddr_ex (&sa, separator, 0, gc)); |
2113 |
buf_printf (&out, " (via %s)", print_sockaddr_ex (&sa, separator, 0, gc)); |
|
|
2114 |
} |
2115 |
break; |
2116 |
#ifdef USE_PF_INET6 |
2117 |
case AF_INET6: |
2118 |
{ |
2119 |
struct sockaddr_in6 sin6; |
2120 |
char buf[INET6_ADDRSTRLEN] = "[undef]"; |
2121 |
memset(&sin6, 0, sizeof sin6); |
2122 |
sin6.sin6_family = AF_INET6; |
2123 |
sin6.sin6_addr = act->pi.in6.ipi6_addr; |
2124 |
{ |
2125 |
if (getnameinfo((struct sockaddr *)&sin6, sizeof (struct sockaddr_in6), |
2126 |
buf, sizeof (buf), NULL, 0, NI_NUMERICHOST) == 0) |
2127 |
buf_printf (&out, " (via %s)", buf); |
2128 |
else |
2129 |
buf_printf (&out, " (via [getnameinfo() err])"); |
2130 |
} |
2131 |
} |
2132 |
break; |
2133 |
#endif |
2134 |
} |
2135 |
|
1894 |
} |
2136 |
} |
1895 |
#endif |
2137 |
#endif |
1896 |
return BSTR (&out); |
2138 |
return BSTR (&out); |
Lines 1926-1946
Link Here
|
1926 |
setenv_sockaddr (struct env_set *es, const char *name_prefix, const struct openvpn_sockaddr *addr, const bool flags) |
2168 |
setenv_sockaddr (struct env_set *es, const char *name_prefix, const struct openvpn_sockaddr *addr, const bool flags) |
1927 |
{ |
2169 |
{ |
1928 |
char name_buf[256]; |
2170 |
char name_buf[256]; |
|
|
2171 |
char buf[128]; |
1929 |
|
2172 |
|
1930 |
if (flags & SA_IP_PORT) |
2173 |
switch(addr->addr.sa.sa_family) { |
1931 |
openvpn_snprintf (name_buf, sizeof (name_buf), "%s_ip", name_prefix); |
2174 |
case AF_INET: |
1932 |
else |
2175 |
if (flags & SA_IP_PORT) |
1933 |
openvpn_snprintf (name_buf, sizeof (name_buf), "%s", name_prefix); |
2176 |
openvpn_snprintf (name_buf, sizeof (name_buf), "%s_ip", name_prefix); |
|
|
2177 |
else |
2178 |
openvpn_snprintf (name_buf, sizeof (name_buf), "%s", name_prefix); |
1934 |
|
2179 |
|
1935 |
mutex_lock_static (L_INET_NTOA); |
2180 |
mutex_lock_static (L_INET_NTOA); |
1936 |
setenv_str (es, name_buf, inet_ntoa (addr->sa.sin_addr)); |
2181 |
setenv_str (es, name_buf, inet_ntoa (addr->addr.in4.sin_addr)); |
1937 |
mutex_unlock_static (L_INET_NTOA); |
2182 |
mutex_unlock_static (L_INET_NTOA); |
|
|
2183 |
|
2184 |
if ((flags & SA_IP_PORT) && addr->addr.in4.sin_port) |
2185 |
{ |
2186 |
openvpn_snprintf (name_buf, sizeof (name_buf), "%s_port", name_prefix); |
2187 |
setenv_int (es, name_buf, ntohs (addr->addr.in4.sin_port)); |
2188 |
} |
2189 |
break; |
2190 |
#ifdef USE_PF_INET6 |
2191 |
case AF_INET6: |
2192 |
openvpn_snprintf (name_buf, sizeof (name_buf), "%s_ip6", name_prefix); |
2193 |
getnameinfo(&addr->addr.sa, sizeof (struct sockaddr_in6), |
2194 |
buf, sizeof(buf), NULL, 0, NI_NUMERICHOST); |
2195 |
setenv_str (es, name_buf, buf); |
1938 |
|
2196 |
|
1939 |
if ((flags & SA_IP_PORT) && addr->sa.sin_port) |
|
|
1940 |
{ |
1941 |
openvpn_snprintf (name_buf, sizeof (name_buf), "%s_port", name_prefix); |
2197 |
openvpn_snprintf (name_buf, sizeof (name_buf), "%s_port", name_prefix); |
1942 |
setenv_int (es, name_buf, ntohs (addr->sa.sin_port)); |
2198 |
setenv_int (es, name_buf, ntohs (addr->addr.in6.sin6_port)); |
1943 |
} |
2199 |
break; |
|
|
2200 |
#endif |
2201 |
} |
1944 |
} |
2202 |
} |
1945 |
|
2203 |
|
1946 |
void |
2204 |
void |
Lines 1950-1956
Link Here
|
1950 |
{ |
2208 |
{ |
1951 |
struct openvpn_sockaddr si; |
2209 |
struct openvpn_sockaddr si; |
1952 |
CLEAR (si); |
2210 |
CLEAR (si); |
1953 |
si.sa.sin_addr.s_addr = htonl (addr); |
2211 |
si.addr.in4.sin_family = AF_INET; |
|
|
2212 |
si.addr.in4.sin_addr.s_addr = htonl (addr); |
1954 |
setenv_sockaddr (es, name_prefix, &si, flags); |
2213 |
setenv_sockaddr (es, name_prefix, &si, flags); |
1955 |
} |
2214 |
} |
1956 |
} |
2215 |
} |
Lines 1971-1986
Link Here
|
1971 |
struct proto_names { |
2230 |
struct proto_names { |
1972 |
const char *short_form; |
2231 |
const char *short_form; |
1973 |
const char *display_form; |
2232 |
const char *display_form; |
|
|
2233 |
bool is_dgram; |
2234 |
bool is_net; |
2235 |
sa_family_t proto_af; |
1974 |
}; |
2236 |
}; |
1975 |
|
2237 |
|
1976 |
/* Indexed by PROTO_x */ |
2238 |
/* Indexed by PROTO_x */ |
1977 |
static const struct proto_names proto_names[] = { |
2239 |
static const struct proto_names proto_names[PROTO_N] = { |
1978 |
{"udp", "UDPv4"}, |
2240 |
{"proto-uninitialized", "proto-NONE",0,0, AF_UNSPEC}, |
1979 |
{"tcp-server", "TCPv4_SERVER"}, |
2241 |
{"udp", "UDPv4",1,1, AF_INET}, |
1980 |
{"tcp-client", "TCPv4_CLIENT"}, |
2242 |
{"tcp-server", "TCPv4_SERVER",0,1, AF_INET}, |
1981 |
{"tcp", "TCPv4"} |
2243 |
{"tcp-client", "TCPv4_CLIENT",0,1, AF_INET}, |
|
|
2244 |
{"tcp", "TCPv4",0,1, AF_INET}, |
2245 |
#ifdef USE_PF_INET6 |
2246 |
{"udp6" ,"UDPv6",1,1, AF_INET6}, |
2247 |
{"tcp6-server","TCPv6_SERVER",0,1, AF_INET6}, |
2248 |
{"tcp6-client","TCPv6_CLIENT",0,1, AF_INET6}, |
2249 |
{"tcp6" ,"TCPv6",0,1, AF_INET6}, |
2250 |
#endif |
1982 |
}; |
2251 |
}; |
1983 |
|
2252 |
|
|
|
2253 |
bool |
2254 |
proto_is_net(int proto) |
2255 |
{ |
2256 |
if (proto < 0 || proto >= PROTO_N) |
2257 |
ASSERT(0); |
2258 |
return proto_names[proto].is_net; |
2259 |
} |
2260 |
bool |
2261 |
proto_is_dgram(int proto) |
2262 |
{ |
2263 |
if (proto < 0 || proto >= PROTO_N) |
2264 |
ASSERT(0); |
2265 |
return proto_names[proto].is_dgram; |
2266 |
} |
2267 |
bool |
2268 |
proto_is_udp(int proto) |
2269 |
{ |
2270 |
if (proto < 0 || proto >= PROTO_N) |
2271 |
ASSERT(0); |
2272 |
return proto_names[proto].is_dgram&&proto_names[proto].is_net; |
2273 |
} |
2274 |
bool |
2275 |
proto_is_tcp(int proto) |
2276 |
{ |
2277 |
if (proto < 0 || proto >= PROTO_N) |
2278 |
ASSERT(0); |
2279 |
return (!proto_names[proto].is_dgram)&&proto_names[proto].is_net; |
2280 |
} |
2281 |
|
2282 |
sa_family_t |
2283 |
proto_sa_family(int proto) |
2284 |
{ |
2285 |
if (proto < 0 || proto >= PROTO_N) |
2286 |
ASSERT(0); |
2287 |
return proto_names[proto].proto_af; |
2288 |
} |
2289 |
|
1984 |
int |
2290 |
int |
1985 |
ascii2proto (const char* proto_name) |
2291 |
ascii2proto (const char* proto_name) |
1986 |
{ |
2292 |
{ |
Lines 2020-2025
Link Here
|
2020 |
return BSTR (&out); |
2326 |
return BSTR (&out); |
2021 |
} |
2327 |
} |
2022 |
|
2328 |
|
|
|
2329 |
int |
2330 |
addr_guess_family(int proto, const char *name) |
2331 |
{ |
2332 |
sa_family_t ret; |
2333 |
if (proto) { |
2334 |
return proto_sa_family(proto); /* already stamped */ |
2335 |
} |
2336 |
#ifdef USE_PF_UNIX |
2337 |
else if (name && name[0] == '/') { |
2338 |
return AF_UNIX; |
2339 |
} |
2340 |
#endif |
2341 |
#ifdef USE_PF_INET6 |
2342 |
else { |
2343 |
struct addrinfo hints , *ai; |
2344 |
int err; |
2345 |
memset(&hints, 0, sizeof hints); |
2346 |
hints.ai_flags=AI_NUMERICHOST; |
2347 |
if ((err=getaddrinfo(name, NULL, &hints, &ai))==0) { |
2348 |
ret=ai->ai_family; |
2349 |
freeaddrinfo(ai); |
2350 |
return ret; |
2351 |
} |
2352 |
} |
2353 |
#endif |
2354 |
return AF_INET; /* default */ |
2355 |
} |
2356 |
const char * |
2357 |
addr_family_name (int af) |
2358 |
{ |
2359 |
switch (af) { |
2360 |
case AF_INET: return "AF_INET"; |
2361 |
case AF_INET6: return "AF_INET6"; |
2362 |
#ifdef USE_PF_UNIX |
2363 |
case AF_UNIX: return "AF_UNIX"; |
2364 |
#endif |
2365 |
} |
2366 |
return "AF_UNSPEC"; |
2367 |
} |
2368 |
|
2023 |
/* |
2369 |
/* |
2024 |
* Given a local proto, return local proto |
2370 |
* Given a local proto, return local proto |
2025 |
* if !remote, or compatible remote proto |
2371 |
* if !remote, or compatible remote proto |
Lines 2034-2043
Link Here
|
2034 |
ASSERT (proto >= 0 && proto < PROTO_N); |
2380 |
ASSERT (proto >= 0 && proto < PROTO_N); |
2035 |
if (remote) |
2381 |
if (remote) |
2036 |
{ |
2382 |
{ |
2037 |
if (proto == PROTO_TCPv4_SERVER) |
2383 |
switch (proto) |
2038 |
return PROTO_TCPv4_CLIENT; |
2384 |
{ |
2039 |
if (proto == PROTO_TCPv4_CLIENT) |
2385 |
case PROTO_TCPv4_SERVER: return PROTO_TCPv4_CLIENT; |
2040 |
return PROTO_TCPv4_SERVER; |
2386 |
case PROTO_TCPv4_CLIENT: return PROTO_TCPv4_SERVER; |
|
|
2387 |
#ifdef USE_PF_INET6 |
2388 |
case PROTO_TCPv6_SERVER: return PROTO_TCPv6_CLIENT; |
2389 |
case PROTO_TCPv6_CLIENT: return PROTO_TCPv6_SERVER; |
2390 |
#endif |
2391 |
} |
2041 |
} |
2392 |
} |
2042 |
return proto; |
2393 |
return proto; |
2043 |
} |
2394 |
} |
Lines 2096-2105
Link Here
|
2096 |
#if ENABLE_IP_PKTINFO |
2447 |
#if ENABLE_IP_PKTINFO |
2097 |
|
2448 |
|
2098 |
#pragma pack(1) /* needed to keep structure size consistent for 32 vs. 64-bit architectures */ |
2449 |
#pragma pack(1) /* needed to keep structure size consistent for 32 vs. 64-bit architectures */ |
2099 |
struct openvpn_pktinfo |
2450 |
struct openvpn_in4_pktinfo |
|
|
2451 |
{ |
2452 |
struct cmsghdr cmsghdr; |
2453 |
struct in_pktinfo pi; |
2454 |
}; |
2455 |
#ifdef USE_PF_INET6 |
2456 |
struct openvpn_in6_pktinfo |
2100 |
{ |
2457 |
{ |
2101 |
struct cmsghdr cmsghdr; |
2458 |
struct cmsghdr cmsghdr; |
2102 |
struct in_pktinfo in_pktinfo; |
2459 |
struct in6_pktinfo pi6; |
|
|
2460 |
}; |
2461 |
#endif |
2462 |
|
2463 |
union openvpn_pktinfo { |
2464 |
struct openvpn_in4_pktinfo cmsgpi; |
2465 |
#ifdef USE_PF_INET6 |
2466 |
struct openvpn_in6_pktinfo cmsgpi6; |
2467 |
#endif |
2103 |
}; |
2468 |
}; |
2104 |
#pragma pack() |
2469 |
#pragma pack() |
2105 |
|
2470 |
|
Lines 2110-2124
Link Here
|
2110 |
struct link_socket_actual *from) |
2475 |
struct link_socket_actual *from) |
2111 |
{ |
2476 |
{ |
2112 |
struct iovec iov; |
2477 |
struct iovec iov; |
2113 |
struct openvpn_pktinfo opi; |
2478 |
union openvpn_pktinfo opi; |
2114 |
struct msghdr mesg; |
2479 |
struct msghdr mesg; |
2115 |
socklen_t fromlen = sizeof (from->dest.sa); |
2480 |
socklen_t fromlen = sizeof (from->dest.addr); |
2116 |
|
2481 |
|
2117 |
iov.iov_base = BPTR (buf); |
2482 |
iov.iov_base = BPTR (buf); |
2118 |
iov.iov_len = maxsize; |
2483 |
iov.iov_len = maxsize; |
2119 |
mesg.msg_iov = &iov; |
2484 |
mesg.msg_iov = &iov; |
2120 |
mesg.msg_iovlen = 1; |
2485 |
mesg.msg_iovlen = 1; |
2121 |
mesg.msg_name = &from->dest.sa; |
2486 |
mesg.msg_name = &from->dest.addr; |
2122 |
mesg.msg_namelen = fromlen; |
2487 |
mesg.msg_namelen = fromlen; |
2123 |
mesg.msg_control = &opi; |
2488 |
mesg.msg_control = &opi; |
2124 |
mesg.msg_controllen = sizeof (opi); |
2489 |
mesg.msg_controllen = sizeof (opi); |
Lines 2135-2143
Link Here
|
2135 |
&& cmsg->cmsg_len >= sizeof (opi)) |
2500 |
&& cmsg->cmsg_len >= sizeof (opi)) |
2136 |
{ |
2501 |
{ |
2137 |
struct in_pktinfo *pkti = (struct in_pktinfo *) CMSG_DATA (cmsg); |
2502 |
struct in_pktinfo *pkti = (struct in_pktinfo *) CMSG_DATA (cmsg); |
2138 |
from->pi.ipi_ifindex = pkti->ipi_ifindex; |
2503 |
from->pi.in4.ipi_ifindex = pkti->ipi_ifindex; |
2139 |
from->pi.ipi_spec_dst = pkti->ipi_spec_dst; |
2504 |
from->pi.in4.ipi_spec_dst = pkti->ipi_spec_dst; |
2140 |
} |
2505 |
} |
|
|
2506 |
#ifdef USE_PF_INET6 |
2507 |
else if (cmsg != NULL |
2508 |
&& CMSG_NXTHDR (&mesg, cmsg) == NULL |
2509 |
&& cmsg->cmsg_level == IPPROTO_IPV6 |
2510 |
&& cmsg->cmsg_type == IPV6_PKTINFO |
2511 |
&& cmsg->cmsg_len >= sizeof (struct openvpn_in6_pktinfo)) |
2512 |
{ |
2513 |
struct in6_pktinfo *pkti6 = (struct in6_pktinfo *) CMSG_DATA (cmsg); |
2514 |
from->pi.in6.ipi6_ifindex = pkti6->ipi6_ifindex; |
2515 |
from->pi.in6.ipi6_addr = pkti6->ipi6_addr; |
2516 |
} |
2517 |
#endif |
2141 |
} |
2518 |
} |
2142 |
return fromlen; |
2519 |
return fromlen; |
2143 |
} |
2520 |
} |
Lines 2149-2166
Link Here
|
2149 |
int maxsize, |
2526 |
int maxsize, |
2150 |
struct link_socket_actual *from) |
2527 |
struct link_socket_actual *from) |
2151 |
{ |
2528 |
{ |
2152 |
socklen_t fromlen = sizeof (from->dest.sa); |
2529 |
socklen_t fromlen = sizeof (from->dest.addr); |
2153 |
from->dest.sa.sin_addr.s_addr = 0; |
2530 |
socklen_t expectedlen = af_addr_size(proto_sa_family(sock->info.proto)); |
|
|
2531 |
addr_zero_host(&from->dest); |
2154 |
ASSERT (buf_safe (buf, maxsize)); |
2532 |
ASSERT (buf_safe (buf, maxsize)); |
2155 |
#if ENABLE_IP_PKTINFO |
2533 |
#if ENABLE_IP_PKTINFO |
2156 |
if (sock->sockflags & SF_USE_IP_PKTINFO) |
2534 |
/* Both PROTO_UDPv4 and PROTO_UDPv6 */ |
|
|
2535 |
if (proto_is_udp(sock->info.proto) && sock->sockflags & SF_USE_IP_PKTINFO) |
2157 |
fromlen = link_socket_read_udp_posix_recvmsg (sock, buf, maxsize, from); |
2536 |
fromlen = link_socket_read_udp_posix_recvmsg (sock, buf, maxsize, from); |
2158 |
else |
2537 |
else |
2159 |
#endif |
2538 |
#endif |
2160 |
buf->len = recvfrom (sock->sd, BPTR (buf), maxsize, 0, |
2539 |
buf->len = recvfrom (sock->sd, BPTR (buf), maxsize, 0, |
2161 |
(struct sockaddr *) &from->dest.sa, &fromlen); |
2540 |
&from->dest.addr.sa, &fromlen); |
2162 |
if (fromlen != sizeof (from->dest.sa)) |
2541 |
if (buf->len >= 0 && expectedlen && fromlen != expectedlen) |
2163 |
bad_address_length (fromlen, sizeof (from->dest.sa)); |
2542 |
bad_address_length (fromlen, expectedlen); |
2164 |
return buf->len; |
2543 |
return buf->len; |
2165 |
} |
2544 |
} |
2166 |
|
2545 |
|
Lines 2197-2222
Link Here
|
2197 |
struct iovec iov; |
2576 |
struct iovec iov; |
2198 |
struct msghdr mesg; |
2577 |
struct msghdr mesg; |
2199 |
struct cmsghdr *cmsg; |
2578 |
struct cmsghdr *cmsg; |
2200 |
struct in_pktinfo *pkti; |
|
|
2201 |
struct openvpn_pktinfo opi; |
2202 |
|
2579 |
|
2203 |
iov.iov_base = BPTR (buf); |
2580 |
iov.iov_base = BPTR (buf); |
2204 |
iov.iov_len = BLEN (buf); |
2581 |
iov.iov_len = BLEN (buf); |
2205 |
mesg.msg_iov = &iov; |
2582 |
mesg.msg_iov = &iov; |
2206 |
mesg.msg_iovlen = 1; |
2583 |
mesg.msg_iovlen = 1; |
2207 |
mesg.msg_name = &to->dest.sa; |
2584 |
switch (sock->info.lsa->remote.addr.sa.sa_family) |
2208 |
mesg.msg_namelen = sizeof (to->dest.sa); |
2585 |
{ |
2209 |
mesg.msg_control = &opi; |
2586 |
case AF_INET: { |
2210 |
mesg.msg_controllen = sizeof (opi); |
2587 |
struct openvpn_in4_pktinfo opi; |
2211 |
mesg.msg_flags = 0; |
2588 |
struct in_pktinfo *pkti; |
2212 |
cmsg = CMSG_FIRSTHDR (&mesg); |
2589 |
mesg.msg_name = &to->dest.addr.sa; |
2213 |
cmsg->cmsg_len = sizeof (opi); |
2590 |
mesg.msg_namelen = sizeof (struct sockaddr_in); |
2214 |
cmsg->cmsg_level = SOL_IP; |
2591 |
mesg.msg_control = &opi; |
2215 |
cmsg->cmsg_type = IP_PKTINFO; |
2592 |
mesg.msg_controllen = sizeof (opi); |
2216 |
pkti = (struct in_pktinfo *) CMSG_DATA (cmsg); |
2593 |
mesg.msg_flags = 0; |
2217 |
pkti->ipi_ifindex = to->pi.ipi_ifindex; |
2594 |
cmsg = CMSG_FIRSTHDR (&mesg); |
2218 |
pkti->ipi_spec_dst = to->pi.ipi_spec_dst; |
2595 |
cmsg->cmsg_len = sizeof (opi); |
2219 |
pkti->ipi_addr.s_addr = 0; |
2596 |
cmsg->cmsg_level = SOL_IP; |
|
|
2597 |
cmsg->cmsg_type = IP_PKTINFO; |
2598 |
pkti = (struct in_pktinfo *) CMSG_DATA (cmsg); |
2599 |
pkti->ipi_ifindex = to->pi.in4.ipi_ifindex; |
2600 |
pkti->ipi_spec_dst = to->pi.in4.ipi_spec_dst; |
2601 |
pkti->ipi_addr.s_addr = 0; |
2602 |
break; |
2603 |
} |
2604 |
#ifdef USE_PF_INET6 |
2605 |
case AF_INET6: { |
2606 |
struct openvpn_in6_pktinfo opi6; |
2607 |
struct in6_pktinfo *pkti6; |
2608 |
mesg.msg_name = &to->dest.addr.sa; |
2609 |
mesg.msg_namelen = sizeof (struct sockaddr_in6); |
2610 |
mesg.msg_control = &opi6; |
2611 |
mesg.msg_controllen = sizeof (opi6); |
2612 |
mesg.msg_flags = 0; |
2613 |
cmsg = CMSG_FIRSTHDR (&mesg); |
2614 |
cmsg->cmsg_len = sizeof (opi6); |
2615 |
cmsg->cmsg_level = IPPROTO_IPV6; |
2616 |
cmsg->cmsg_type = IPV6_PKTINFO; |
2617 |
pkti6 = (struct in6_pktinfo *) CMSG_DATA (cmsg); |
2618 |
pkti6->ipi6_ifindex = to->pi.in6.ipi6_ifindex; |
2619 |
pkti6->ipi6_addr = to->pi.in6.ipi6_addr; |
2620 |
break; |
2621 |
} |
2622 |
#endif |
2623 |
default: ASSERT(0); |
2624 |
} |
2220 |
return sendmsg (sock->sd, &mesg, 0); |
2625 |
return sendmsg (sock->sd, &mesg, 0); |
2221 |
} |
2626 |
} |
2222 |
|
2627 |
|
Lines 2360-2366
Link Here
|
2360 |
{ |
2765 |
{ |
2361 |
/* set destination address for UDP writes */ |
2766 |
/* set destination address for UDP writes */ |
2362 |
sock->writes.addr_defined = true; |
2767 |
sock->writes.addr_defined = true; |
2363 |
sock->writes.addr = to->dest.sa; |
2768 |
sock->writes.addr = to->dest.addr.in4; |
2364 |
sock->writes.addrlen = sizeof (sock->writes.addr); |
2769 |
sock->writes.addrlen = sizeof (sock->writes.addr); |
2365 |
|
2770 |
|
2366 |
status = WSASendTo( |
2771 |
status = WSASendTo( |
Lines 2516-2525
Link Here
|
2516 |
{ |
2921 |
{ |
2517 |
if (io->addrlen != sizeof (io->addr)) |
2922 |
if (io->addrlen != sizeof (io->addr)) |
2518 |
bad_address_length (io->addrlen, sizeof (io->addr)); |
2923 |
bad_address_length (io->addrlen, sizeof (io->addr)); |
2519 |
from->dest.sa = io->addr; |
2924 |
from->dest.addr.sa = io->addr; |
2520 |
} |
2925 |
} |
2521 |
else |
2926 |
else |
2522 |
CLEAR (from->dest.sa); |
2927 |
CLEAR (from->dest.addr.sa); |
2523 |
} |
2928 |
} |
2524 |
|
2929 |
|
2525 |
if (buf) |
2930 |
if (buf) |