Added --proto-force directive.

Version 2.1.3a

git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@6424 e7ae566f-a301-0410-adde-c780ea21d3b5

diff --git a/openvpn.8 b/openvpn.8
index f523609a178d3f4ac5f0ff7a5ce3e9fbd5f153d5..004a30b0f951bed613ab70ef1b1235e8c6d6259f 100644 (file)
--- a/openvpn.8
+++ b/openvpn.8
@@ -378,7 +378,13 @@ block.  The effect would be as if
 were declared in all
 .B <connection>
 blocks below it.
-
+.\"*********************************************************
+.TP
+.B --proto-force p
+When iterating through connection profiles,
+only consider profiles using protocol
+.B p
+('tcp'|'udp'). 
 .\"*********************************************************
 .TP
 .B --remote-random

diff --git a/options.c b/options.c
index b1ac26c113f72985e9298a79f5ec6a0f9b4127e0..5f1efc5ddbf7d73560836011818b4871c06be1b0 100644 (file)
--- a/options.c
+++ b/options.c
@@ -94,6 +94,7 @@ static const char usage_message[] =
   "--mode m        : Major mode, m = 'p2p' (default, point-to-point) or 'server'.\n"
   "--proto p       : Use protocol p for communicating with peer.\n"
   "                  p = udp (default), tcp-server, or tcp-client\n"
+  "--proto-force p : only consider protocol p in list of connection profiles.\n"
   "--connect-retry n : For --proto tcp-client, number of seconds to wait\n"
   "                    between connection retries (default=%d).\n"
   "--connect-timeout n : For --proto tcp-client, connection timeout (in seconds).\n"
@@ -693,6 +694,7 @@ init_options (struct options *o, const bool init_gc)
   o->route_delay_window = 30;
   o->max_routes = MAX_ROUTES_DEFAULT;
   o->resolve_retry_seconds = RESOLV_RETRY_INFINITE;
+  o->proto_force = -1;
 #ifdef ENABLE_OCC
   o->occ = true;
 #endif
@@ -2129,6 +2131,10 @@ options_postprocess_mutate_ce (struct options *o, struct connection_entry *ce)
 
   if (!ce->bind_local)
     ce->local_port = 0;
+
+  /* if protocol forcing is enabled, disable all protocols except for the forced one */
+  if (o->proto_force >= 0 && is_proto_tcp(o->proto_force) != is_proto_tcp(ce->proto))
+    ce->flags |= CE_DISABLED;
 }
 
 static void
@@ -4311,6 +4317,19 @@ add_option (struct options *options,
        }
       options->ce.proto = proto;
     }
+  else if (streq (p[0], "proto-force") && p[1])
+    {
+      int proto_force;
+      VERIFY_PERMISSION (OPT_P_GENERAL);
+      proto_force = ascii2proto (p[1]);
+      if (proto_force < 0)
+       {
+         msg (msglevel, "Bad --proto-force protocol: '%s'", p[1]);
+         goto err;
+       }
+      options->proto_force = proto_force;
+      options->force_connection_list = true;
+    }
 #ifdef GENERAL_PROXY_SUPPORT
   else if (streq (p[0], "auto-proxy"))
     {

diff --git a/options.h b/options.h
index 1d5fe4c2194a33241f82f2a251a748fd8a5468db..fc5db58d65bf2739943c83cdd356c6f4ab8e8b1b 100644 (file)
--- a/options.h
+++ b/options.h
@@ -216,6 +216,8 @@ struct options
   bool tun_mtu_defined;  /* true if user overriding parm with command line option */
   bool link_mtu_defined; /* true if user overriding parm with command line option */
 
+  int proto_force;
+
   /* Advanced MTU negotiation and datagram fragmentation options */
   int mtu_discover_type; /* used if OS supports setting Path MTU discovery options on socket */
 

diff --git a/socket.h b/socket.h
index cd24011efd48c00141f3e2ec934a14eba4e2f0dc..eef98d1bd216ebb172d31341d2bb5bc5da74de20 100644 (file)
--- a/socket.h
+++ b/socket.h
@@ -509,6 +509,12 @@ legal_ipv4_port (int port)
   return port > 0 && port < 65536;
 }
 
+static inline int
+is_proto_tcp(const int p)
+{
+  return p > 0; /* depends on the definition of PROTO_x */
+}
+
 static inline bool
 link_socket_proto_connection_oriented (int proto)
 {

diff --git a/version.m4 b/version.m4
index f37e1c2e9a36f89ff6798614cfc257e0a9b9143c..f0541e37e3151d80841c3a1079b77855232b0c35 100644 (file)
--- a/version.m4
+++ b/version.m4
@@ -1,5 +1,5 @@
 dnl define the OpenVPN version
-define(PRODUCT_VERSION,[2.1.3])
+define(PRODUCT_VERSION,[2.1.3a])
 dnl define the TAP version
 define(PRODUCT_TAP_ID,[tap0901])
 define(PRODUCT_TAP_WIN32_MIN_MAJOR,[9])