#if ENABLE_IP_PKTINFO
" [MH]"
#endif
-#ifdef USE_PF_INET6
" [PF_INET6]"
-#endif
" [IPv6 payload 20110522-1 (2.2.0)]"
" built on " __DATE__
;
"--proto p : Use protocol p for communicating with peer.\n"
" p = udp (default), tcp-server, or tcp-client\n"
"--proto-force p : only consider protocol p in list of connection profiles.\n"
-#ifdef USE_PF_INET6
" p = udp6, tcp6-server, or tcp6-client (ipv6)\n"
-#endif
"--connect-retry n : For --proto tcp-client, number of seconds to wait\n"
" between connection retries (default=%d).\n"
"--connect-timeout n : For --proto tcp-client, connection timeout (in seconds).\n"
*/
if (ce->connect_retry_defined && ce->proto != PROTO_TCPv4_CLIENT
-#ifdef USE_PF_INET6
- && ce->proto != PROTO_TCPv6_CLIENT
-#endif
- )
- msg (M_USAGE, "--connect-retry doesn't make sense unless also used with --proto tcp-client"
-#ifdef USE_PF_INET6
- " or tcp6-client"
-#endif
- );
+ && ce->proto != PROTO_TCPv6_CLIENT)
+ msg (M_USAGE, "--connect-retry doesn't make sense unless also used with "
+ "--proto tcp-client or tcp6-client");
if (ce->connect_timeout_defined && ce->proto != PROTO_TCPv4_CLIENT
-#ifdef USE_PF_INET6
- && ce->proto != PROTO_TCPv6_CLIENT
-#endif
- )
- msg (M_USAGE, "--connect-timeout doesn't make sense unless also used with --proto tcp-client"
-#ifdef USE_PF_INET6
- " or tcp6-client"
-#endif
- );
+ && ce->proto != PROTO_TCPv6_CLIENT)
+ msg (M_USAGE, "--connect-timeout doesn't make sense unless also used with "
+ "--proto tcp-client or tcp6-client");
/*
* Sanity check on MTU parameters
#endif
if (!ce->remote && (ce->proto == PROTO_TCPv4_CLIENT
-#ifdef USE_PF_INET6
- || ce->proto == PROTO_TCPv6_CLIENT
-#endif
- ))
+ || ce->proto == PROTO_TCPv6_CLIENT))
msg (M_USAGE, "--remote MUST be used in TCP Client mode");
#ifdef ENABLE_HTTP_PROXY
msg (M_USAGE, "--socks-proxy can not be used in TCP Server mode");
#endif
- if ((ce->proto == PROTO_TCPv4_SERVER
-#ifdef USE_PF_INET6
- || ce->proto == PROTO_TCPv6_SERVER
-#endif
- )
- && connection_list_defined (options))
+ if ((ce->proto == PROTO_TCPv4_SERVER || ce->proto == PROTO_TCPv6_SERVER)
+ && connection_list_defined (options))
msg (M_USAGE, "TCP server mode allows at most one --remote address");
#if P2MP_SERVER
if (options->pull)
msg (M_USAGE, "--pull cannot be used with --mode server");
if (!(proto_is_udp(ce->proto) || ce->proto == PROTO_TCPv4_SERVER
-#ifdef USE_PF_INET6
- || ce->proto == PROTO_TCPv6_SERVER
-#endif
- ))
- msg (M_USAGE, "--mode server currently only supports --proto udp or --proto tcp-server"
-#ifdef USE_PF_INET6
- " or proto tcp6-server"
-#endif
- );
+ || ce->proto == PROTO_TCPv6_SERVER))
+ msg (M_USAGE, "--mode server currently only supports "
+ "--proto udp or --proto tcp-server or proto tcp6-server");
#if PORT_SHARE
if ((options->port_share_host || options->port_share_port) &&
- (ce->proto != PROTO_TCPv4_SERVER
-#ifdef USE_PF_INET6
- && ce->proto != PROTO_TCPv6_SERVER
-#endif
- ))
- msg (M_USAGE, "--port-share only works in TCP server mode (--proto tcp-server"
-#ifdef USE_PF_INET6
- " or tcp6-server"
-#endif
- ")");
+ (ce->proto != PROTO_TCPv4_SERVER && ce->proto != PROTO_TCPv6_SERVER))
+ msg (M_USAGE, "--port-share only works in TCP server mode "
+ "(--proto tcp-server or tcp6-server)");
#endif
if (!options->tls_server)
msg (M_USAGE, "--mode server requires --tls-server");
if (options->ipchange)
msg (M_USAGE, "--ipchange cannot be used with --mode server (use --client-connect instead)");
if (!(proto_is_dgram(ce->proto) || ce->proto == PROTO_TCPv4_SERVER
-#ifdef USE_PF_INET6
- || ce->proto == PROTO_TCPv6_SERVER
-#endif
- ))
- msg (M_USAGE, "--mode server currently only supports --proto udp or --proto tcp-server"
-#ifdef USE_PF_INET6
- " or --proto tcp6-server"
-#endif
- );
+ || ce->proto == PROTO_TCPv6_SERVER))
+ msg (M_USAGE, "--mode server currently only supports "
+ "--proto udp or --proto tcp-server or --proto tcp6-server");
if (!proto_is_udp(ce->proto) && (options->cf_max || options->cf_per))
msg (M_USAGE, "--connect-freq only works with --mode server --proto udp. Try --max-clients instead.");
if (!(dev == DEV_TYPE_TAP || (dev == DEV_TYPE_TUN && options->topology == TOP_SUBNET)) && options->ifconfig_pool_netmask)
{
if (ce->proto == PROTO_TCPv4)
ce->proto = PROTO_TCPv4_CLIENT;
-#ifdef USE_PF_INET6
else if (ce->proto == PROTO_TCPv6)
ce->proto = PROTO_TCPv6_CLIENT;
-#endif
}
#endif
IPv4_UDP_HEADER_SIZE, /* IPv4 */
IPv4_TCP_HEADER_SIZE,
IPv4_TCP_HEADER_SIZE,
-#ifdef USE_PF_INET6
IPv6_UDP_HEADER_SIZE, /* IPv6 */
IPv6_TCP_HEADER_SIZE,
IPv6_TCP_HEADER_SIZE,
IPv6_TCP_HEADER_SIZE,
-#endif
};
/*
return (flags & GETADDR_HOST_ORDER) ? ntohl (ia.s_addr) : ia.s_addr;
}
-#ifdef USE_PF_INET6
/*
* Translate IPv6 addr or hostname into struct addrinfo
* If resolve error, try again for
gc_free (&gc);
return success;
}
-#endif /* USE_PF_INET6 */
/*
* We do our own inet_aton because the glibc function
}
}
break;
-#ifdef USE_PF_INET6
case AF_INET6:
if (host && addr)
{
}
}
break;
-#endif
default:
ASSERT(0);
}
return sd;
}
-#ifdef USE_PF_INET6
static socket_descriptor_t
create_socket_udp6 (const unsigned int flags)
{
return sd;
}
-#endif
static void
create_socket (struct link_socket *sock)
{
{
sock->sd = create_socket_tcp ();
}
-#ifdef USE_PF_INET6
else if (sock->info.proto == PROTO_TCPv6_SERVER
|| sock->info.proto == PROTO_TCPv6_CLIENT)
{
sock->sd = create_socket_udp6 (sock->sockflags);
sock->sockflags |= SF_GETADDRINFO_DGRAM;
}
-#endif
else
{
ASSERT (0);
if (*signal_received)
goto done;
-#ifdef USE_PF_INET6
switch(local->addr.sa.sa_family)
{
case PF_INET6:
*sd = create_socket_tcp6 ();
break;
case PF_INET:
-#endif
*sd = create_socket_tcp ();
-#ifdef USE_PF_INET6
break;
}
-#endif
if (bind_local)
socket_bind (*sd, local, "TCP Client");
/* resolve local address if undefined */
if (!addr_defined (&sock->info.lsa->local))
{
-#ifdef USE_PF_INET6
/* may return AF_{INET|INET6} guessed from local_host */
switch(addr_guess_family(sock->info.proto, sock->local_host))
{
case AF_INET:
-#endif
sock->info.lsa->local.addr.in4.sin_family = AF_INET;
sock->info.lsa->local.addr.in4.sin_addr.s_addr =
(sock->local_host ? getaddr (GETADDR_RESOLVE | GETADDR_WARN_ON_SIGNAL | GETADDR_FATAL,
NULL)
: htonl (INADDR_ANY));
sock->info.lsa->local.addr.in4.sin_port = htons (sock->local_port);
-#ifdef USE_PF_INET6
break;
case AF_INET6:
{
}
break;
}
-#endif /* USE_PF_INET6 */
}
/* bind to local address/port */
volatile int *signal_received)
{
struct gc_arena gc = gc_new ();
-#ifdef USE_PF_INET6
int af;
-#endif
if (!sock->did_resolve_remote)
{
/* resolve remote address if undefined */
if (!addr_defined (&sock->info.lsa->remote))
{
-#ifdef USE_PF_INET6
af = addr_guess_family(sock->info.proto, sock->remote_host);
switch(af)
{
case AF_INET:
-#endif
sock->info.lsa->remote.addr.in4.sin_family = AF_INET;
sock->info.lsa->remote.addr.in4.sin_addr.s_addr = 0;
-#ifdef USE_PF_INET6
break;
case AF_INET6:
CLEAR(sock->info.lsa->remote.addr.in6);
sock->info.lsa->remote.addr.in6.sin6_addr = in6addr_any;
break;
}
-#endif
if (sock->remote_host)
{
ASSERT (0);
}
-#ifdef USE_PF_INET6
switch(af)
{
case AF_INET:
-#endif
sock->info.lsa->remote.addr.in4.sin_addr.s_addr = getaddr (
flags,
sock->remote_host,
retry,
&status,
signal_received);
-#ifdef USE_PF_INET6
break;
case AF_INET6:
status = getaddr6 (
&sock->info.lsa->remote.addr.in6);
break;
}
-#endif
dmsg (D_SOCKET_DEBUG, "RESOLVE_REMOTE flags=0x%04x phase=%d rrs=%d sig=%d status=%d",
flags,
goto done;
}
}
-#ifdef USE_PF_INET6
switch(af)
{
case AF_INET:
-#endif
sock->info.lsa->remote.addr.in4.sin_port = htons (sock->remote_port);
-#ifdef USE_PF_INET6
break;
case AF_INET6:
sock->info.lsa->remote.addr.in6.sin6_port = htons (sock->remote_port);
break;
}
-#endif
}
/* should we re-use previous active remote address? */
{
ASSERT (accept_from);
ASSERT (sock->info.proto == PROTO_TCPv4_SERVER
-#ifdef USE_PF_INET6
|| sock->info.proto == PROTO_TCPv6_SERVER
-#endif
);
ASSERT (!sock->inetd);
sock->sd = accept_from->sd;
if (sock->inetd)
{
ASSERT (sock->info.proto != PROTO_TCPv4_CLIENT
-#ifdef USE_PF_INET6
- && sock->info.proto != PROTO_TCPv6_CLIENT
-#endif
- );
+ && sock->info.proto != PROTO_TCPv6_CLIENT);
ASSERT (socket_defined (inetd_socket_descriptor));
sock->sd = inetd_socket_descriptor;
}
if (sock->inetd)
{
if (sock->info.proto == PROTO_TCPv4_SERVER
-#ifdef USE_PF_INET6
- || sock->info.proto == PROTO_TCPv6_SERVER
-#endif
- ) {
+ || sock->info.proto == PROTO_TCPv6_SERVER) {
/* AF_INET as default (and fallback) for inetd */
sock->info.lsa->actual.dest.addr.sa.sa_family = AF_INET;
-#ifdef USE_PF_INET6
#ifdef HAVE_GETSOCKNAME
{
/* inetd: hint family type for dest = local's */
msg (M_WARN, "inetd(%s): this OS does not provide the getsockname() "
"function, using AF_INET",
proto2ascii(sock->info.proto, false));
-#endif
#endif
sock->sd =
socket_listen_accept (sock->sd,
/* TCP client/server */
if (sock->info.proto == PROTO_TCPv4_SERVER
-#ifdef USE_PF_INET6
- ||sock->info.proto == PROTO_TCPv6_SERVER
-#endif
- )
+ ||sock->info.proto == PROTO_TCPv6_SERVER)
{
switch (sock->mode)
{
}
}
else if (sock->info.proto == PROTO_TCPv4_CLIENT
-#ifdef USE_PF_INET6
- ||sock->info.proto == PROTO_TCPv6_CLIENT
-#endif
- )
+ ||sock->info.proto == PROTO_TCPv6_CLIENT)
{
#ifdef GENERAL_PROXY_SUPPORT
switch(from_addr->dest.addr.sa.sa_family)
{
case AF_INET:
-#ifdef USE_PF_INET6
case AF_INET6:
-#endif
msg (D_LINK_ERRORS,
"TCP/UDP: Incoming packet rejected from %s[%d], expected peer address: %s (allow this incoming source address/port by removing --remote or adding --float)",
print_link_socket_actual (from_addr, &gc),
* by now just ignore it
*
*/
-#ifdef USE_PF_INET6
if (lsa->actual.dest.addr.sa.sa_family != AF_INET)
return IPV4_INVALID_ADDR;
-#else
- ASSERT (lsa->actual.dest.addr.sa.sa_family == AF_INET);
-#endif
if (link_socket_actual_defined (&lsa->actual))
return ntohl (lsa->actual.dest.addr.in4.sin_addr.s_addr);
if (!addr_is_defined) {
return "[undef]";
}
-#ifdef USE_PF_INET6
switch(addr->addr.sa.sa_family)
{
case AF_INET:
-#endif
{
const int port= ntohs (addr->addr.in4.sin_port);
buf_puts (&out, "[AF_INET]");
buf_printf (&out, "%d", port);
}
}
-#ifdef USE_PF_INET6
break;
case AF_INET6:
{
default:
ASSERT(0);
}
-#endif
return BSTR (&out);
}
#if ENABLE_IP_PKTINFO
if ((flags & PS_SHOW_PKTINFO) && addr_defined_ipi(act))
{
-#ifdef USE_PF_INET6
switch(act->dest.addr.sa.sa_family)
{
case AF_INET:
-#endif
{
struct openvpn_sockaddr sa;
CLEAR (sa);
print_sockaddr_ex (&sa, separator, 0, gc),
ifname);
}
-#ifdef USE_PF_INET6
break;
case AF_INET6:
{
}
break;
}
-#endif /* USE_PF_INET6 */
-
}
#endif
return BSTR (&out);
{
char name_buf[256];
-#ifdef USE_PF_INET6
char buf[128];
switch(addr->addr.sa.sa_family)
{
case AF_INET:
-#endif
if (flags & SA_IP_PORT)
openvpn_snprintf (name_buf, sizeof (name_buf), "%s_ip", name_prefix);
else
openvpn_snprintf (name_buf, sizeof (name_buf), "%s_port", name_prefix);
setenv_int (es, name_buf, ntohs (addr->addr.in4.sin_port));
}
-#ifdef USE_PF_INET6
break;
case AF_INET6:
openvpn_snprintf (name_buf, sizeof (name_buf), "%s_ip6", name_prefix);
}
break;
}
-#endif
}
void
{"tcp-server", "TCPv4_SERVER",0,1, AF_INET},
{"tcp-client", "TCPv4_CLIENT",0,1, AF_INET},
{"tcp", "TCPv4",0,1, AF_INET},
-#ifdef USE_PF_INET6
{"udp6" ,"UDPv6",1,1, AF_INET6},
{"tcp6-server","TCPv6_SERVER",0,1, AF_INET6},
{"tcp6-client","TCPv6_CLIENT",0,1, AF_INET6},
{"tcp6" ,"TCPv6",0,1, AF_INET6},
-#endif
};
bool
int
addr_guess_family(int proto, const char *name)
{
-#ifdef USE_PF_INET6
unsigned short ret;
-#endif
if (proto)
{
return proto_sa_family(proto); /* already stamped */
}
-#ifdef USE_PF_INET6
else
{
struct addrinfo hints , *ai;
return ret;
}
}
-#endif
return AF_INET; /* default */
}
const char *
{
case PROTO_TCPv4_SERVER: return PROTO_TCPv4_CLIENT;
case PROTO_TCPv4_CLIENT: return PROTO_TCPv4_SERVER;
-#ifdef USE_PF_INET6
case PROTO_TCPv6_SERVER: return PROTO_TCPv6_CLIENT;
case PROTO_TCPv6_CLIENT: return PROTO_TCPv6_SERVER;
-#endif
}
}
return proto;
struct in_addr pi4;
#endif
};
-#ifdef USE_PF_INET6
struct openvpn_in6_pktinfo
{
struct cmsghdr cmsghdr;
struct in6_pktinfo pi6;
};
-#endif
union openvpn_pktinfo {
struct openvpn_in4_pktinfo msgpi4;
-#ifdef USE_PF_INET6
struct openvpn_in6_pktinfo msgpi6;
-#endif
};
#pragma pack()
#error ENABLE_IP_PKTINFO is set without IP_PKTINFO xor IP_RECVDSTADDR (fix syshead.h)
#endif
}
-#ifdef USE_PF_INET6
else if (cmsg != NULL
&& CMSG_NXTHDR (&mesg, cmsg) == NULL
&& cmsg->cmsg_level == IPPROTO_IPV6
from->pi.in6.ipi6_ifindex = pkti6->ipi6_ifindex;
from->pi.in6.ipi6_addr = pkti6->ipi6_addr;
}
-#endif
}
return fromlen;
}
#endif
break;
}
-#ifdef USE_PF_INET6
case AF_INET6:
{
struct openvpn_in6_pktinfo msgpi6;
pkti6->ipi6_addr = to->pi.in6.ipi6_addr;
break;
}
-#endif
default: ASSERT(0);
}
return sendmsg (sock->sd, &mesg, 0);
if (proto_is_udp(sock->info.proto))
{
sock->reads.addr_defined = true;
-#ifdef USE_PF_INET6
if (sock->info.proto == PROTO_UDPv6)
sock->reads.addrlen = sizeof (sock->reads.addr6);
else
-#endif
sock->reads.addrlen = sizeof (sock->reads.addr);
status = WSARecvFrom(
sock->sd,
if (!status) /* operation completed immediately? */
{
-#ifdef USE_PF_INET6
int addrlen = af_addr_size(sock->info.lsa->local.addr.sa.sa_family);
if (sock->reads.addr_defined && sock->reads.addrlen != addrlen)
bad_address_length (sock->reads.addrlen, addrlen);
-#else
- if (sock->reads.addr_defined && sock->reads.addrlen != sizeof (sock->reads.addr))
- bad_address_length (sock->reads.addrlen, sizeof (sock->reads.addr));
-#endif
-
sock->reads.iostate = IOSTATE_IMMEDIATE_RETURN;
/* since we got an immediate return, we must signal the event object ourselves */
{
/* set destination address for UDP writes */
sock->writes.addr_defined = true;
-#ifdef USE_PF_INET6
if (sock->info.proto == PROTO_UDPv6)
{
sock->writes.addr6 = to->dest.addr.in6;
sock->writes.addrlen = sizeof (sock->writes.addr6);
}
else
-#endif
{
sock->writes.addr = to->dest.addr.in4;
sock->writes.addrlen = sizeof (sock->writes.addr);
if (from)
{
if (ret >= 0 && io->addr_defined)
-#ifdef USE_PF_INET6
{
/* TODO(jjo): streamline this mess */
/* in this func we dont have relevant info about the PF_ of this
{
case sizeof(struct sockaddr_in):
case sizeof(struct sockaddr_in6):
- /* TODO(jjo): for some reason (?) I'm getting 24,28 for AF_INET6 */
+ /* TODO(jjo): for some reason (?) I'm getting 24,28 for AF_INET6
+ * under WIN32*/
case sizeof(struct sockaddr_in6)-4:
break;
default:
break;
}
}
-#else
- {
- if (io->addrlen != sizeof (io->addr))
- bad_address_length (io->addrlen, sizeof (io->addr));
- from->dest.addr.in4 = io->addr;
- }
-#endif
else
CLEAR (from->dest.addr);
}
union {
struct sockaddr sa;
struct sockaddr_in in4;
-#ifdef USE_PF_INET6
struct sockaddr_in6 in6;
-#endif
} addr;
};
#ifdef IP_RECVDSTADDR
struct in_addr in4;
#endif
-#ifdef USE_PF_INET6
struct in6_pktinfo in6;
-#endif
} pi;
#endif
};
void bad_address_length (int actual, int expected);
-#ifdef USE_PF_INET6
/* IPV4_INVALID_ADDR: returned by link_socket_current_remote()
* to ease redirect-gateway logic for ipv4 tunnels on ipv6 endpoints
*/
#define IPV4_INVALID_ADDR 0xffffffff
-#endif
in_addr_t link_socket_current_remote (const struct link_socket_info *info);
void link_socket_connection_initiated (const struct buffer *buf,
PROTO_TCPv4_SERVER,
PROTO_TCPv4_CLIENT,
PROTO_TCPv4,
-#ifdef USE_PF_INET6
PROTO_UDPv6,
PROTO_TCPv6_SERVER,
PROTO_TCPv6_CLIENT,
PROTO_TCPv6,
-#endif
PROTO_N
};
if (!addr) return 0;
switch (addr->addr.sa.sa_family) {
case AF_INET: return addr->addr.in4.sin_addr.s_addr != 0;
-#ifdef USE_PF_INET6
case AF_INET6: return !IN6_IS_ADDR_UNSPECIFIED(&addr->addr.in6.sin6_addr);
-#endif
default: return 0;
}
}
#ifdef IP_RECVDSTADDR
case AF_INET: return lsa->pi.in4.s_addr != 0;
#endif
-#ifdef USE_PF_INET6
case AF_INET6: return !IN6_IS_ADDR_UNSPECIFIED(&lsa->pi.in6.ipi6_addr);
-#endif
default: return 0;
}
#else
switch(a1->addr.sa.sa_family) {
case AF_INET:
return a1->addr.in4.sin_addr.s_addr == a2->addr.in4.sin_addr.s_addr;
-#ifdef USE_PF_INET6
case AF_INET6:
return IN6_ARE_ADDR_EQUAL(&a1->addr.in6.sin6_addr, &a2->addr.in6.sin6_addr);
-#endif
}
ASSERT(0);
return false;
* possible clash: non sense for now given
* that we do ifconfig only IPv4
*/
-#if defined(USE_PF_INET6)
if(addr->addr.sa.sa_family != AF_INET)
return 0;
-#else
- ASSERT(addr->addr.sa.sa_family == AF_INET);
-#endif
return ntohl (addr->addr.in4.sin_addr.s_addr);
}
case AF_INET:
return a1->addr.in4.sin_addr.s_addr == a2->addr.in4.sin_addr.s_addr
&& a1->addr.in4.sin_port == a2->addr.in4.sin_port;
-#ifdef USE_PF_INET6
case AF_INET6:
return IN6_ARE_ADDR_EQUAL(&a1->addr.in6.sin6_addr, &a2->addr.in6.sin6_addr)
&& a1->addr.in6.sin6_port == a2->addr.in6.sin6_port;
-#endif
}
ASSERT(0);
return false;
case AF_INET:
addr->addr.in4.sin_addr.s_addr = 0;
break;
-#ifdef USE_PF_INET6
case AF_INET6:
memset(&addr->addr.in6.sin6_addr, 0, sizeof (struct in6_addr));
break;
-#endif
}
}
case AF_INET:
dst->addr.in4.sin_addr.s_addr = src->addr.in4.sin_addr.s_addr;
break;
-#ifdef USE_PF_INET6
case AF_INET6:
dst->addr.in6.sin6_addr = src->addr.in6.sin6_addr;
break;
-#endif
}
}
static inline int
af_addr_size(unsigned short af)
{
-#if defined(USE_PF_INET6) || defined (USE_PF_UNIX)
switch(af) {
case AF_INET: return sizeof (struct sockaddr_in);
-#ifdef USE_PF_UNIX
- case AF_UNIX: return sizeof (struct sockaddr_un);
-#endif
-#ifdef USE_PF_INET6
case AF_INET6: return sizeof (struct sockaddr_in6);
-#endif
default:
#if 0
/* could be called from socket_do_accept() with empty addr */
#endif
return 0;
}
-#else /* only AF_INET */
- return sizeof(struct sockaddr_in);
-#endif
}
static inline bool
if (buf->len > 0)
{
switch (from_addr->dest.addr.sa.sa_family) {
-#ifdef USE_PF_INET6
case AF_INET6:
-#endif
case AF_INET:
if (!link_socket_actual_defined (from_addr))
return false;
projects / thirdparty / openvpn.git / commitdiff
