[enable_x509_alt_username="no"]
)
-AC_ARG_ENABLE(
- [server],
- [AS_HELP_STRING([--disable-server], [disable server support only (but retain client support) @<:@default=yes@:>@])],
- ,
- [enable_server="yes"]
-)
-
AC_ARG_ENABLE(
[plugins],
[AS_HELP_STRING([--disable-plugins], [disable plug-in support @<:@default=yes@:>@])],
fi
test "${ac_cv_header_sys_uio_h}" = "yes" && AC_DEFINE([HAVE_IOVEC], [1], [struct iovec needed for IPv6 support])
-test "${enable_server}" = "no" && AC_DEFINE([ENABLE_CLIENT_ONLY], [1], [Enable client capability only])
test "${enable_management}" = "yes" && AC_DEFINE([ENABLE_MANAGEMENT], [1], [Enable management server capability])
test "${enable_multihome}" = "yes" && AC_DEFINE([ENABLE_MULTIHOME], [1], [Enable multi-homed UDP server capability])
test "${enable_debug}" = "yes" && AC_DEFINE([ENABLE_DEBUG], [1], [Enable debugging support])
SEARCH_INCLUDES = YES
INCLUDE_PATH =
INCLUDE_FILE_PATTERNS =
-PREDEFINED = _WIN32 NTLM USE_LZO ENABLE_FRAGMENT P2MP P2MP_SERVER ENABLE_CRYPTO_OPENSSL ENABLE_PLUGIN ENABLE_MANAGEMENT ENABLE_OCC HAVE_GETTIMEOFDAY
+PREDEFINED = _WIN32 NTLM USE_LZO ENABLE_FRAGMENT P2MP ENABLE_CRYPTO_OPENSSL ENABLE_PLUGIN ENABLE_MANAGEMENT ENABLE_OCC HAVE_GETTIMEOFDAY
EXPAND_AS_DEFINED =
SKIP_FUNCTION_MACROS = YES
#---------------------------------------------------------------------------
const uint8_t *orig_buf = c->c2.buf.data;
struct crypto_options *co = NULL;
-#if P2MP_SERVER
/*
* Drop non-TLS outgoing packet if client-connect script/plugin
* has not yet succeeded.
{
c->c2.buf.len = 0;
}
-#endif
if (comp_frag)
{
{
co = &c->c2.crypto_options;
}
-#if P2MP_SERVER
+
/*
* Drop non-TLS packet if client-connect script/plugin has not
* yet succeeded.
{
c->c2.buf.len = 0;
}
-#endif
/* authenticate and decrypt the incoming packet */
decrypt_status = openvpn_decrypt(&c->c2.buf, c->c2.buffers->decrypt_buf,
#include "memdbg.h"
-#if P2MP_SERVER
static const char *
print_netmask(int netbits, struct gc_arena *gc)
gc_free(&gc);
}
-#endif /* if P2MP_SERVER */
/*
* Process server, server-bridge, and client helper
struct gc_arena gc = gc_new();
#if P2MP
-#if P2MP_SERVER
/*
* Get tun/tap/null device type
}
}
else
-#endif /* P2MP_SERVER */
/*
* HELPER DIRECTIVE:
o->ping_send_timeout = o->keepalive_ping;
o->ping_rec_timeout = o->keepalive_timeout;
}
-#if P2MP_SERVER
else if (o->mode == MODE_SERVER)
{
o->ping_rec_timeout_action = PING_RESTART;
push_option(o, print_str_int("ping", o->keepalive_ping, &o->gc), M_USAGE);
push_option(o, print_str_int("ping-restart", o->keepalive_timeout, &o->gc), M_USAGE);
}
-#endif
else
{
ASSERT(0);
void
helper_tcp_nodelay(struct options *o)
{
-#if P2MP_SERVER
if (o->server_flags & SF_TCP_NODELAY_HELPER)
{
if (o->mode == MODE_SERVER)
o->sockflags |= SF_TCP_NODELAY;
}
}
-#endif
}
}
-#if P2MP_SERVER
/*
* Initialise the auth-token key context
*/
c->options.auth_token_secret_file,
c->options.auth_token_secret_file_inline);
}
-#endif
/*
* Initialize the persistent component of OpenVPN's TLS mode,
/* initialize tls-auth/crypt/crypt-v2 key */
do_init_tls_wrap_key(c);
-#if P2MP_SERVER
/* initialise auth-token crypto support */
do_init_auth_token_key(c);
-#endif
#if 0 /* was: #if ENABLE_INLINE_FILES -- Note that enabling this code will break restarts */
if (options->priv_key_file_inline)
to.mda_context = &c->c2.mda_context;
#endif
-#if P2MP_SERVER
to.auth_user_pass_verify_script = options->auth_user_pass_verify_script;
to.auth_user_pass_verify_script_via_file = options->auth_user_pass_verify_script_via_file;
to.tmp_dir = options->tmp_dir;
to.auth_token_lifetime = options->auth_token_lifetime;
to.auth_token_call_auth = options->auth_token_call_auth;
to.auth_token_key = c->c1.ks.auth_token_key;
-#endif
to.x509_track = options->x509_track;
msg(M_WARN, "WARNING: using --pull/--client and --ifconfig together is probably not what you want");
}
-#if P2MP_SERVER
if (o->server_bridge_defined | o->server_bridge_proxy_dhcp)
{
msg(M_WARN, "NOTE: when bridging your LAN adapter with the TAP adapter, note that the new bridge adapter will often take on its own IP address that is different from what the LAN adapter was previously set to");
msg(M_WARN, "WARNING: --keepalive option is missing from server config");
}
}
-#endif /* if P2MP_SERVER */
#endif /* if P2MP */
if (!o->replay)
static void
do_open_ifconfig_pool_persist(struct context *c)
{
-#if P2MP_SERVER
if (!c->c1.ifconfig_pool_persist && c->options.ifconfig_pool_persist_filename)
{
c->c1.ifconfig_pool_persist = ifconfig_pool_persist_init(c->options.ifconfig_pool_persist_filename,
c->options.ifconfig_pool_persist_refresh_freq);
c->c1.ifconfig_pool_persist_owned = true;
}
-#endif
}
static void
do_close_ifconfig_pool_persist(struct context *c)
{
-#if P2MP_SERVER
if (!(c->sig->signal_received == SIGUSR1))
{
if (c->c1.ifconfig_pool_persist && c->c1.ifconfig_pool_persist_owned)
c->c1.ifconfig_pool_persist_owned = false;
}
}
-#endif
}
/*
/* detach c1 ownership */
dest->c1.tuntap_owned = false;
dest->c1.status_output_owned = false;
-#if P2MP_SERVER
dest->c1.ifconfig_pool_persist_owned = false;
-#endif
/* detach c2 ownership */
dest->c2.event_set_owned = false;
#include "syshead.h"
-#if P2MP_SERVER
#include "integer.h"
#include "list.h"
/*-------------------------------------- report the result */
return c;
}
-
-#else /* if P2MP_SERVER */
-static void
-dummy(void)
-{
-}
-#endif /* P2MP_SERVER */
* client instances over various key spaces.
*/
-#if P2MP_SERVER
-
/* define this to enable special list test mode */
/*#define LIST_TEST*/
return ret;
}
-#endif /* P2MP_SERVER */
#endif /* LIST */
return ret;
}
-#if P2MP_SERVER
-
/* helper to parse peer_info received from multi client, validate
* (this is untrusted data) and put into environment
*/
return element_count;
}
-#endif /* P2MP_SERVER */
extern const char *iproute_path;
#endif
-#if P2MP_SERVER
/* helper to parse peer_info received from multi client, validate
* (this is untrusted data) and put into environment */
bool validate_peer_info_line(char *line);
void output_peer_info_env(struct env_set *es, const char *peer_info);
-#endif /* P2MP_SERVER */
-
/**
* Returns the occurrences of 'delimiter' in a string +1
* This is typically used to find out the number elements in a
#include "syshead.h"
-#if P2MP_SERVER
#include "mroute.h"
#include "proto.h"
{
free(mh);
}
-
-#else /* if P2MP_SERVER */
-static void
-dummy(void)
-{
-}
-#endif /* P2MP_SERVER */
#ifndef MROUTE_H
#define MROUTE_H
-#if P2MP_SERVER
-
#include "buffer.h"
#include "list.h"
#include "route.h"
ma->type = MR_ADDR_NONE;
}
-#endif /* P2MP_SERVER */
#endif /* MROUTE_H */
#include "syshead.h"
-#if P2MP_SERVER
-
#include "multi.h"
#include "forward.h"
multi_top_free(&multi);
close_instance(top);
}
-
-#endif /* if P2MP_SERVER */
#ifndef MTCP_H
#define MTCP_H
-#if P2MP_SERVER
-
#include "event.h"
/*
void multi_tcp_delete_event(struct multi_tcp *mtcp, event_t event);
-#endif /* if P2MP_SERVER */
#endif /* ifndef MTCP_H */
#include "syshead.h"
-#if P2MP_SERVER
-
#include "multi.h"
#include <inttypes.h>
#include "forward.h"
tunnel_server_udp_single_threaded(top);
}
-#endif /* if P2MP_SERVER */
#ifndef MUDP_H
#define MUDP_H
-#if P2MP_SERVER
-
struct context;
struct multi_context;
*/
struct multi_instance *multi_get_create_instance_udp(struct multi_context *m, bool *floated);
-#endif
-#endif
+#endif /* ifndef MUDP_H */
#include "syshead.h"
-#if P2MP_SERVER
-
#include "forward.h"
#include "multi.h"
#include "push.h"
tunnel_server_tcp(top);
}
}
-
-#else /* if P2MP_SERVER */
-static void
-dummy(void)
-{
-}
-#endif /* P2MP_SERVER */
#ifndef MULTI_H
#define MULTI_H
-#if P2MP_SERVER
-
#include "init.h"
#include "forward.h"
#include "mroute.h"
m->pending = mi;
}
-#endif /* P2MP_SERVER */
#endif /* MULTI_H */
tunnel_point_to_point(&c);
break;
-#if P2MP_SERVER
case MODE_SERVER:
tunnel_server(&c);
break;
-#endif
default:
ASSERT(0);
}
bool socks_proxy_owned;
#if P2MP
-
-#if P2MP_SERVER
/* persist --ifconfig-pool db to file */
struct ifconfig_pool_persist *ifconfig_pool_persist;
bool ifconfig_pool_persist_owned;
-#endif
/* if client mode, hash of option strings we pulled from server */
struct sha256_digest pulled_options_digest_save;
#if P2MP
-#if P2MP_SERVER
/* --ifconfig endpoints to be pushed to client */
bool push_reply_deferred;
#ifdef ENABLE_ASYNC_PUSH
#define CAS_PARTIAL 3 /* at least one client-connect script/plugin
* succeeded while a later one in the chain failed */
int context_auth;
-#endif /* if P2MP_SERVER */
struct event_timeout push_request_interval;
int n_sent_push_requests;
"--vlan-accept tagged|untagged|all : Set VLAN tagging mode. Default is 'all'.\n"
"--vlan-pvid v : Sets the Port VLAN Identifier. Defaults to 1.\n"
#if P2MP
-#if P2MP_SERVER
"\n"
"Multi-Client Server options (when --mode server is used):\n"
"--server network netmask : Helper option to easily configure server mode.\n"
" sessions to a web server at host:port. dir specifies an\n"
" optional directory to write origin IP:port data.\n"
#endif
-#endif /* if P2MP_SERVER */
"\n"
"Client options (when connecting to a multi-client server):\n"
"--client : Helper option to easily configure client mode.\n"
#endif
o->vlan_accept = VLAN_ALL;
o->vlan_pvid = 1;
-#if P2MP_SERVER
o->real_hash_size = 256;
o->virtual_hash_size = 256;
o->n_bcast_buf = 256;
o->max_routes_per_client = 256;
o->stale_routes_check_interval = 0;
o->ifconfig_pool_persist_refresh_freq = 600;
-#endif
#if P2MP
o->scheduled_exit_interval = 5;
#endif
#endif /* ENABLE_PKCS11 */
/* P2MP server context features */
-#if P2MP_SERVER
o->auth_token_generate = false;
/* Set default --tmp-dir */
o->tmp_dir = "/tmp";
}
#endif /* _WIN32 */
-#endif /* P2MP_SERVER */
o->allow_recursive_routing = false;
}
{
struct gc_arena gc = gc_new();
-#if P2MP_SERVER
msg(D_SHOW_PARMS, " server_network = %s", print_in_addr_t(o->server_network, 0, &gc));
msg(D_SHOW_PARMS, " server_netmask = %s", print_in_addr_t(o->server_netmask, 0, &gc));
msg(D_SHOW_PARMS, " server_network_ipv6 = %s", print_in6_addr(o->server_network_ipv6, 0, &gc) );
SHOW_BOOL(vlan_tagging);
msg(D_SHOW_PARMS, " vlan_accept = %s", print_vlan_accept(o->vlan_accept));
SHOW_INT(vlan_pvid);
-#endif /* P2MP_SERVER */
SHOW_BOOL(client);
SHOW_BOOL(pull);
#endif /* ! ENABLE_SMALL */
-#if P2MP_SERVER
-
static void
option_iroute(struct options *o,
const char *network_str,
ir->next = o->iroutes_ipv6;
o->iroutes_ipv6 = ir;
}
-#endif /* P2MP_SERVER */
#endif /* P2MP */
#ifndef ENABLE_SMALL
gc_detach(&o->gc);
o->routes = NULL;
o->client_nat = NULL;
-#if P2MP_SERVER
clone_push_list(o);
-#endif
}
void
msg(M_USAGE, "TCP server mode allows at most one --remote address");
}
-#if P2MP_SERVER
-
/*
* Check consistency of --mode server options.
*/
msg(M_USAGE, "--vlan-tagging requires --mode server");
}
}
-#endif /* P2MP_SERVER */
if (options->keysize)
{
{
const int dev = dev_type_enum(o->dev, o->dev_type);
-#if P2MP_SERVER
if (o->server_defined || o->server_bridge_defined || o->server_bridge_proxy_dhcp)
{
if (ce->proto == PROTO_TCP)
ce->proto = PROTO_TCP_SERVER;
}
}
-#endif
+
#if P2MP
if (o->client)
{
}
remap_redirect_gateway_flags(options);
-#endif /* ifdef _WIN32 */
-#if P2MP_SERVER
/*
* Check consistency of --mode server options.
*/
if (options->mode == MODE_SERVER)
{
-#ifdef _WIN32
/*
* We need to explicitly set --tap-sleep because
* we do not schedule event timers in the top-level context.
options->tuntap_options.tap_sleep = options->route_delay;
}
options->route_delay_defined = false;
-#endif
}
-#endif
+#endif /* ifdef _WIN32 */
#ifdef DEFAULT_PKCS11_MODULE
/* If p11-kit is present on the system then load its p11-kit-proxy.so
/* ** Config related ** */
errs |= check_file_access_chroot(options->chroot_dir, CHKACC_FILE, options->tls_export_cert,
R_OK|W_OK|X_OK, "--tls-export-cert");
-#if P2MP_SERVER
errs |= check_file_access_chroot(options->chroot_dir, CHKACC_FILE, options->client_config_dir,
R_OK|X_OK, "--client-config-dir");
errs |= check_file_access_chroot(options->chroot_dir, CHKACC_FILE, options->tmp_dir,
R_OK|W_OK|X_OK, "Temporary directory (--tmp-dir)");
-#endif /* P2MP_SERVER */
-
if (errs)
{
msg(M_USAGE, "Please correct these errors.");
{
options->mode = MODE_POINT_TO_POINT;
}
-#if P2MP_SERVER
else if (streq(p[1], "server"))
{
options->mode = MODE_SERVER;
}
-#endif
else
{
msg(msglevel, "Bad --mode parameter: %s", p[1]);
}
#endif
#if P2MP
-#if P2MP_SERVER
else if (streq(p[0], "server") && p[1] && p[2] && !p[4])
{
const int lev = M_WARN;
options->stale_routes_ageing_time = ageing_time;
options->stale_routes_check_interval = check_interval;
}
-#endif /* P2MP_SERVER */
else if (streq(p[0], "client") && !p[1])
{
#if P2MP
-#if P2MP_SERVER
/* the tmp dir is for now only used in the P2P server context */
const char *tmp_dir;
bool server_defined;
char *port_share_port;
const char *port_share_journal_dir;
#endif
-#endif /* if P2MP_SERVER */
bool client;
bool pull; /* client pull of config options from server */
#if P2MP
#define PULL_DEFINED(opt) ((opt)->pull)
-#if P2MP_SERVER
#define PUSH_DEFINED(opt) ((opt)->push_list)
#endif
-#endif
#ifndef PULL_DEFINED
#define PULL_DEFINED(opt) (false)
#if P2MP
-#ifdef P2MP_SERVER
static char push_reply_cmd[] = "PUSH_REPLY";
-#endif
/*
* Auth username/password
}
}
-#if P2MP_SERVER
/**
* Add an option to the given push list by providing a format string.
*
send_control_channel_string(c, kill_msg ? kill_msg : "RESTART", D_PUSH);
}
-#endif /* if P2MP_SERVER */
-
/*
* Push/Pull
*/
}
}
-#if P2MP_SERVER
/**
* Prepare push option for auth-token
* @param tls_multi tls multi context of VPN tunnel
}
}
}
-#endif /* if P2MP_SERVER */
-#if P2MP_SERVER
int
process_incoming_push_request(struct context *c)
{
return ret;
}
-#endif /* if P2MP_SERVER */
static void
push_update_digest(md_ctx_t *ctx, struct buffer *buf, const struct options *opt)
int ret = PUSH_MSG_ERROR;
struct buffer buf = *buffer;
-#if P2MP_SERVER
if (buf_string_compare_advance(&buf, "PUSH_REQUEST"))
{
ret = process_incoming_push_request(c);
}
- else
-#endif
-
- if (honor_received_options && buf_string_compare_advance(&buf, "PUSH_REPLY"))
+ else if (honor_received_options
+ && buf_string_compare_advance(&buf, "PUSH_REPLY"))
{
const uint8_t ch = buf_read_u8(&buf);
if (ch == ',')
return ret;
}
-#if P2MP_SERVER
/*
* Remove iroutes from the push_list.
}
}
-#endif /* if P2MP_SERVER */
-
#endif /* if P2MP */
void incoming_push_message(struct context *c, const struct buffer *buffer);
-#if P2MP_SERVER
void clone_push_list(struct options *o);
void push_option(struct options *o, const char *opt, int msglevel);
*/
void send_push_reply_auth_token(struct tls_multi *multi);
-#endif
#endif /* if P2MP */
#endif /* ifndef PUSH_H */
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
-#if !defined(PUSHLIST_H) && P2MP && P2MP_SERVER
+#if !defined(PUSHLIST_H) && P2MP
#define PUSHLIST_H
/* parameters to be pushed to peer */
struct push_entry *tail;
};
-
-#endif
+#endif /* if !defined(PUSHLIST_H) && P2MP */
#include "syshead.h"
-#if P2MP_SERVER
-
#include "buffer.h"
#include "misc.h"
#include "crypto.h"
}
#endif /* ifdef SCHEDULE_TEST */
-#endif /* if P2MP_SERVER */
* a ping or scheduling a TLS renegotiation.
*/
-#if P2MP_SERVER
-
/* define to enable a special test mode */
/*#define SCHEDULE_TEST*/
return ret;
}
-#endif /* if P2MP_SERVER */
#endif /* ifndef SCHEDULE_H */
ASSERT(multi);
-#if P2MP_SERVER
auth_set_client_reason(multi, NULL);
free(multi->peer_info);
-#endif
if (multi->locked_cn)
{
username_status = read_string(buf, up->username, USER_PASS_LEN);
password_status = read_string(buf, up->password, USER_PASS_LEN);
-#if P2MP_SERVER
/* get peer info from control channel */
free(multi->peer_info);
multi->peer_info = read_string_alloc(buf);
session->opt->ncp_enabled = false;
}
}
-#endif /* if P2MP_SERVER */
if (tls_session_user_pass_enabled(session))
{
const char *tmp_dir;
const char *auth_user_pass_file;
-#ifdef P2MP_SERVER
bool auth_token_generate; /**< Generate auth-tokens on successful
* user/pass auth,seet via
* options->auth_token_generate. */
unsigned int auth_token_lifetime;
struct key_ctx auth_token_key;
-#endif
/* use the client-config-dir as a positive authenticator */
const char *client_config_dir_exclusive;
time_t tas_last;
#endif
-#ifdef P2MP_SERVER
/*
* An error message to send to client on AUTH_FAILED
*/
* over control channel.
*/
char *peer_info;
-#endif
char *auth_token; /**< If server sends a generated auth-token,
* this is the token to use for future
* user/pass authentications in this session.
ssl_ctx->priv_key));
/* Initialise SSL verification */
-#if P2MP_SERVER
if (session->opt->ssl_flags & SSLF_CLIENT_CERT_OPTIONAL)
{
mbedtls_ssl_conf_authmode(ks_ssl->ssl_config, MBEDTLS_SSL_VERIFY_OPTIONAL);
}
else if (!(session->opt->ssl_flags & SSLF_CLIENT_CERT_NOT_REQUIRED))
-#endif
{
mbedtls_ssl_conf_authmode(ks_ssl->ssl_config, MBEDTLS_SSL_VERIFY_REQUIRED);
}
/* Require peer certificate verification */
int verify_flags = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
-#if P2MP_SERVER
if (ssl_flags & SSLF_CLIENT_CERT_NOT_REQUIRED)
{
verify_flags = 0;
{
verify_flags = SSL_VERIFY_PEER;
}
-#endif
SSL_CTX_set_verify(ctx->ctx, verify_flags, verify_callback);
SSL_CTX_set_info_callback(ctx->ctx, info_callback);
set_common_name(session, up->username);
}
-#if P2MP_SERVER
if ((session->opt->auth_token_generate))
{
/*
*/
send_push_reply_auth_token(multi);
}
-#endif
#ifdef ENABLE_DEF_AUTH
msg(D_HANDSHAKE, "TLS: Username/Password authentication %s for username '%s' %s",
ks->auth_deferred ? "deferred" : "succeeded",
#endif
-#ifdef P2MP_SERVER
/**
* Sets the reason why authentication of a client failed. This be will send to the client
* when the AUTH_FAILED message is sent
*/
void auth_set_client_reason(struct tls_multi *multi, const char *client_reason);
-#endif
-
static inline const char *
tls_client_reason(struct tls_multi *multi)
{
#define P2MP 0
#endif
-#if P2MP && !defined(ENABLE_CLIENT_ONLY)
-#define P2MP_SERVER 1
-#else
-#define P2MP_SERVER 0
-#endif
-
/*
* HTTPS port sharing capability
*/
-#if defined(ENABLE_PORT_SHARE) && P2MP_SERVER && defined(SCM_RIGHTS) && defined(HAVE_MSGHDR) && defined(HAVE_CMSGHDR) && defined(HAVE_IOVEC) && defined(CMSG_FIRSTHDR) && defined(CMSG_NXTHDR) && defined(HAVE_RECVMSG) && defined(HAVE_SENDMSG)
+#if defined(ENABLE_PORT_SHARE) && defined(SCM_RIGHTS) && defined(HAVE_MSGHDR) && defined(HAVE_CMSGHDR) && defined(HAVE_IOVEC) && defined(CMSG_FIRSTHDR) && defined(CMSG_NXTHDR) && defined(HAVE_RECVMSG) && defined(HAVE_SENDMSG)
#define PORT_SHARE 1
#else
#define PORT_SHARE 0
/*
* Enable deferred authentication?
*/
-#if defined(ENABLE_DEF_AUTH) && P2MP_SERVER && defined(ENABLE_PLUGIN)
+#if defined(ENABLE_DEF_AUTH) && defined(ENABLE_PLUGIN)
#define PLUGIN_DEF_AUTH
#endif
-#if defined(ENABLE_DEF_AUTH) && P2MP_SERVER && defined(ENABLE_MANAGEMENT)
+#if defined(ENABLE_DEF_AUTH) && defined(ENABLE_MANAGEMENT)
#define MANAGEMENT_DEF_AUTH
#endif
#if !defined(PLUGIN_DEF_AUTH) && !defined(MANAGEMENT_DEF_AUTH)
/*
* Enable packet filter?
*/
-#if defined(ENABLE_PF) && P2MP_SERVER && defined(ENABLE_PLUGIN) && defined(HAVE_STAT)
+#if defined(ENABLE_PF) && defined(ENABLE_PLUGIN) && defined(HAVE_STAT)
#define PLUGIN_PF
#endif
-#if defined(ENABLE_PF) && P2MP_SERVER && defined(MANAGEMENT_DEF_AUTH)
+#if defined(ENABLE_PF) && defined(MANAGEMENT_DEF_AUTH)
#define MANAGEMENT_PF
#endif
#if !defined(PLUGIN_PF) && !defined(MANAGEMENT_PF)
#include "syshead.h"
-#if P2MP_SERVER
-
#include "multi.h"
#include "options.h"
#include "vlan.h"
vlan_encapsulate(&mi->context, &mi->context.c2.to_tun);
}
}
-
-#endif /* P2MP_SERVER */
#ifndef VLAN_H
#define VLAN_H
-#if P2MP_SERVER
-
#include "buffer.h"
#include "mroute.h"
#include "openvpn.h"
void
vlan_process_outgoing_tun(struct multi_context *m, struct multi_instance *mi);
-#endif /* P2MP_SERVER */
-
#endif /* VLAN_H */
projects / thirdparty / openvpn.git / commitdiff
