]>
Commit | Line | Data |
---|---|---|
27b50dc5 | 1 | diff -ur openvpn-2.0_rc16/configure.ac openvpn-2.0_rc16MH/configure.ac |
2 | --- openvpn-2.0_rc16/configure.ac 2005-02-20 11:46:15.000000000 -0700 | |
3 | +++ openvpn-2.0_rc16MH/configure.ac 2005-02-26 00:21:45.000000000 -0700 | |
4 | @@ -89,6 +89,12 @@ | |
5 | [FRAGMENT="yes"] | |
6 | ) | |
7 | ||
8 | +AC_ARG_ENABLE(multihome, | |
9 | + [ --disable-multihome Disable multi-homed UDP server support (--multihome)], | |
10 | + [MULTIHOME="$enableval"], | |
11 | + [MULTIHOME="yes"] | |
12 | +) | |
13 | + | |
14 | AC_ARG_ENABLE(debug, | |
15 | [ --disable-debug Disable debugging support (disable gremlin and verb 7+ messages)], | |
16 | [DEBUG="$enableval"], | |
17 | @@ -326,6 +332,11 @@ | |
18 | [AC_DEFINE(HAVE_CMSGHDR, 1, [struct cmsghdr needed for extended socket error support])], | |
19 | [], | |
20 | [#include "syshead.h"]) | |
21 | +AC_CHECK_TYPE( | |
22 | + [struct in_pktinfo], | |
23 | + [AC_DEFINE(HAVE_IN_PKTINFO, 1, [struct in_pktinfo needed for IP_PKTINFO support])], | |
24 | + [], | |
25 | + [#include "syshead.h"]) | |
26 | ||
27 | AC_CHECK_SIZEOF(unsigned int) | |
28 | AC_CHECK_SIZEOF(unsigned long) | |
29 | @@ -351,7 +362,7 @@ | |
30 | getpass strerror syslog openlog mlockall getgrnam setgid dnl | |
31 | setgroups stat flock readv writev setsockopt getsockopt dnl | |
32 | setsid chdir gettimeofday putenv getpeername unlink dnl | |
33 | - poll chsize ftruncate) | |
34 | + poll chsize ftruncate sendmsg recvmsg) | |
35 | AC_CACHE_SAVE | |
36 | ||
37 | dnl Required library functions | |
38 | @@ -568,6 +579,11 @@ | |
39 | AC_DEFINE(ENABLE_HTTP_PROXY, 1, [Enable HTTP proxy support]) | |
40 | fi | |
41 | ||
42 | +dnl compile --multihome option | |
43 | +if test "$MULTIHOME" = "yes"; then | |
44 | + AC_DEFINE(ENABLE_MULTIHOME, 1, [Enable multi-homed UDP server capability]) | |
45 | +fi | |
46 | + | |
47 | dnl enable debugging | |
48 | if test "$DEBUG" = "yes"; then | |
49 | AC_DEFINE(ENABLE_DEBUG, 1, [Enable debugging support]) | |
50 | diff -ur openvpn-2.0_rc16/forward.c openvpn-2.0_rc16MH/forward.c | |
51 | --- openvpn-2.0_rc16/forward.c 2005-02-05 01:55:10.000000000 -0700 | |
52 | +++ openvpn-2.0_rc16MH/forward.c 2005-02-25 20:52:18.000000000 -0700 | |
53 | @@ -563,12 +563,12 @@ | |
54 | ||
55 | static inline void | |
56 | socks_preprocess_outgoing_link (struct context *c, | |
57 | - struct sockaddr_in **to_addr, | |
58 | + struct link_socket_actual **to_addr, | |
59 | int *size_delta) | |
60 | { | |
61 | if (c->c2.link_socket->socks_proxy && c->c2.link_socket->info.proto == PROTO_UDPv4) | |
62 | { | |
63 | - *size_delta += socks_process_outgoing_udp (&c->c2.to_link, &c->c2.to_link_addr); | |
64 | + *size_delta += socks_process_outgoing_udp (&c->c2.to_link, c->c2.to_link_addr); | |
65 | *to_addr = &c->c2.link_socket->socks_relay; | |
66 | } | |
67 | } | |
68 | @@ -607,7 +607,11 @@ | |
69 | ||
70 | c->c2.buf = c->c2.buffers->read_link_buf; | |
71 | ASSERT (buf_init (&c->c2.buf, FRAME_HEADROOM_ADJ (&c->c2.frame, FRAME_HEADROOM_MARKER_READ_LINK))); | |
72 | - status = link_socket_read (c->c2.link_socket, &c->c2.buf, MAX_RW_SIZE_LINK (&c->c2.frame), &c->c2.from); | |
73 | + | |
74 | + status = link_socket_read (c->c2.link_socket, | |
75 | + &c->c2.buf, | |
76 | + MAX_RW_SIZE_LINK (&c->c2.frame), | |
77 | + &c->c2.from); | |
78 | ||
79 | if (socket_connection_reset (c->c2.link_socket, status)) | |
80 | { | |
81 | @@ -677,7 +681,7 @@ | |
82 | msg (D_LINK_RW, "%s READ [%d] from %s: %s", | |
83 | proto2ascii (lsi->proto, true), | |
84 | BLEN (&c->c2.buf), | |
85 | - print_sockaddr (&c->c2.from, &gc), | |
86 | + print_link_socket_actual (&c->c2.from, &gc), | |
87 | PROTO_DUMP (&c->c2.buf, &gc)); | |
88 | ||
89 | /* | |
90 | @@ -947,7 +951,7 @@ | |
91 | * packet to remote over the TCP/UDP port. | |
92 | */ | |
93 | int size = 0; | |
94 | - ASSERT (addr_defined (&c->c2.to_link_addr)); | |
95 | + ASSERT (link_socket_actual_defined (c->c2.to_link_addr)); | |
96 | ||
97 | #ifdef ENABLE_DEBUG | |
98 | /* In gremlin-test mode, we may choose to drop this packet */ | |
99 | @@ -982,12 +986,12 @@ | |
100 | msg (D_LINK_RW, "%s WRITE [%d] to %s: %s", | |
101 | proto2ascii (c->c2.link_socket->info.proto, true), | |
102 | BLEN (&c->c2.to_link), | |
103 | - print_sockaddr (&c->c2.to_link_addr, &gc), | |
104 | + print_link_socket_actual (c->c2.to_link_addr, &gc), | |
105 | PROTO_DUMP (&c->c2.to_link, &gc)); | |
106 | ||
107 | /* Packet send complexified by possible Socks5 usage */ | |
108 | { | |
109 | - struct sockaddr_in *to_addr = &c->c2.to_link_addr; | |
110 | + struct link_socket_actual *to_addr = c->c2.to_link_addr; | |
111 | #ifdef ENABLE_SOCKS | |
112 | int size_delta = 0; | |
113 | #endif | |
114 | @@ -997,7 +1001,9 @@ | |
115 | socks_preprocess_outgoing_link (c, &to_addr, &size_delta); | |
116 | #endif | |
117 | /* Send packet */ | |
118 | - size = link_socket_write (c->c2.link_socket, &c->c2.to_link, to_addr); | |
119 | + size = link_socket_write (c->c2.link_socket, | |
120 | + &c->c2.to_link, | |
121 | + to_addr); | |
122 | ||
123 | #ifdef ENABLE_SOCKS | |
124 | /* Undo effect of prepend */ | |
125 | @@ -1021,7 +1027,7 @@ | |
126 | if (size != BLEN (&c->c2.to_link)) | |
127 | msg (D_LINK_ERRORS, | |
128 | "TCP/UDP packet was truncated/expanded on write to %s (tried=%d,actual=%d)", | |
129 | - print_sockaddr (&c->c2.to_link_addr, &gc), | |
130 | + print_link_socket_actual (c->c2.to_link_addr, &gc), | |
131 | BLEN (&c->c2.to_link), | |
132 | size); | |
133 | } | |
134 | @@ -1030,7 +1036,7 @@ | |
135 | { | |
136 | if (c->c2.to_link.len > 0) | |
137 | msg (D_LINK_ERRORS, "TCP/UDP packet too large on write to %s (tried=%d,max=%d)", | |
138 | - print_sockaddr (&c->c2.to_link_addr, &gc), | |
139 | + print_link_socket_actual (c->c2.to_link_addr, &gc), | |
140 | c->c2.to_link.len, | |
141 | EXPANDED_SIZE (&c->c2.frame)); | |
142 | } | |
143 | diff -ur openvpn-2.0_rc16/init.c openvpn-2.0_rc16MH/init.c | |
144 | --- openvpn-2.0_rc16/init.c 2005-02-17 13:36:08.000000000 -0700 | |
145 | +++ openvpn-2.0_rc16MH/init.c 2005-02-25 21:12:42.000000000 -0700 | |
146 | @@ -1651,6 +1651,13 @@ | |
147 | static void | |
148 | do_init_socket_1 (struct context *c, int mode) | |
149 | { | |
150 | + unsigned int flags = 0; | |
151 | + | |
152 | +#if ENABLE_IP_PKTINFO | |
153 | + if (c->options.multihome) | |
154 | + flags |= SF_USE_IP_PKTINFO; | |
155 | +#endif | |
156 | + | |
157 | link_socket_init_phase1 (c->c2.link_socket, | |
158 | c->options.local, | |
159 | c->c1.remote_list, | |
160 | @@ -1677,7 +1684,8 @@ | |
161 | c->options.connect_retry_seconds, | |
162 | c->options.mtu_discover_type, | |
163 | c->options.rcvbuf, | |
164 | - c->options.sndbuf); | |
165 | + c->options.sndbuf, | |
166 | + flags); | |
167 | } | |
168 | ||
169 | /* | |
170 | diff -ur openvpn-2.0_rc16/manage.c openvpn-2.0_rc16MH/manage.c | |
171 | --- openvpn-2.0_rc16/manage.c 2005-01-14 21:04:11.000000000 -0700 | |
172 | +++ openvpn-2.0_rc16MH/manage.c 2005-02-24 20:13:31.000000000 -0700 | |
173 | @@ -746,13 +746,16 @@ | |
174 | man_accept (struct management *man) | |
175 | { | |
176 | struct gc_arena gc = gc_new (); | |
177 | + struct link_socket_actual act; | |
178 | ||
179 | /* | |
180 | * Accept the TCP client. | |
181 | */ | |
182 | - man->connection.sd_cli = socket_do_accept (man->connection.sd_top, &man->connection.remote, false); | |
183 | + man->connection.sd_cli = socket_do_accept (man->connection.sd_top, &act, false); | |
184 | if (socket_defined (man->connection.sd_cli)) | |
185 | { | |
186 | + man->connection.remote = act.dest; | |
187 | + | |
188 | if (socket_defined (man->connection.sd_top)) | |
189 | { | |
190 | #ifdef WIN32 | |
191 | @@ -1121,9 +1124,9 @@ | |
192 | /* | |
193 | * Initialize socket address | |
194 | */ | |
195 | - ms->local.sin_family = AF_INET; | |
196 | - ms->local.sin_addr.s_addr = 0; | |
197 | - ms->local.sin_port = htons (port); | |
198 | + ms->local.sa.sin_family = AF_INET; | |
199 | + ms->local.sa.sin_addr.s_addr = 0; | |
200 | + ms->local.sa.sin_port = htons (port); | |
201 | ||
202 | /* | |
203 | * Run management over tunnel, or | |
204 | @@ -1135,7 +1138,7 @@ | |
205 | } | |
206 | else | |
207 | { | |
208 | - ms->local.sin_addr.s_addr = getaddr | |
209 | + ms->local.sa.sin_addr.s_addr = getaddr | |
210 | (GETADDR_RESOLVE|GETADDR_WARN_ON_SIGNAL|GETADDR_FATAL, addr, 0, NULL, NULL); | |
211 | } | |
212 | ||
213 | @@ -1382,7 +1385,7 @@ | |
214 | && man->connection.state == MS_INITIAL) | |
215 | { | |
216 | /* listen on our local TUN/TAP IP address */ | |
217 | - man->settings.local.sin_addr.s_addr = htonl (tun_local_ip); | |
218 | + man->settings.local.sa.sin_addr.s_addr = htonl (tun_local_ip); | |
219 | man_connection_init (man); | |
220 | } | |
221 | ||
222 | diff -ur openvpn-2.0_rc16/manage.h openvpn-2.0_rc16MH/manage.h | |
223 | --- openvpn-2.0_rc16/manage.h 2005-01-09 17:46:29.000000000 -0700 | |
224 | +++ openvpn-2.0_rc16MH/manage.h 2005-02-24 20:01:50.000000000 -0700 | |
225 | @@ -186,7 +186,7 @@ | |
226 | ||
227 | struct man_settings { | |
228 | bool defined; | |
229 | - struct sockaddr_in local; | |
230 | + struct openvpn_sockaddr local; | |
231 | bool up_query_passwords; | |
232 | bool management_over_tunnel; | |
233 | struct user_pass up; | |
234 | @@ -213,7 +213,7 @@ | |
235 | ||
236 | socket_descriptor_t sd_top; | |
237 | socket_descriptor_t sd_cli; | |
238 | - struct sockaddr_in remote; | |
239 | + struct openvpn_sockaddr remote; | |
240 | ||
241 | #ifdef WIN32 | |
242 | struct net_event_win32 ne32; | |
243 | diff -ur openvpn-2.0_rc16/mroute.c openvpn-2.0_rc16MH/mroute.c | |
244 | --- openvpn-2.0_rc16/mroute.c 2005-01-09 17:46:41.000000000 -0700 | |
245 | +++ openvpn-2.0_rc16MH/mroute.c 2005-02-24 20:20:57.000000000 -0700 | |
246 | @@ -169,28 +169,29 @@ | |
247 | } | |
248 | ||
249 | /* | |
250 | - * Translate a struct sockaddr_in (saddr) | |
251 | + * Translate a struct openvpn_sockaddr (osaddr) | |
252 | * to a struct mroute_addr (addr). | |
253 | */ | |
254 | -bool | |
255 | -mroute_extract_sockaddr_in (struct mroute_addr *addr, const struct sockaddr_in *saddr, bool use_port) | |
256 | +bool mroute_extract_openvpn_sockaddr (struct mroute_addr *addr, | |
257 | + const struct openvpn_sockaddr *osaddr, | |
258 | + bool use_port) | |
259 | { | |
260 | - if (saddr->sin_family == AF_INET) | |
261 | + if (osaddr->sa.sin_family == AF_INET) | |
262 | { | |
263 | if (use_port) | |
264 | { | |
265 | addr->type = MR_ADDR_IPV4 | MR_WITH_PORT; | |
266 | addr->netbits = 0; | |
267 | addr->len = 6; | |
268 | - memcpy (addr->addr, &saddr->sin_addr.s_addr, 4); | |
269 | - memcpy (addr->addr + 4, &saddr->sin_port, 2); | |
270 | + memcpy (addr->addr, &osaddr->sa.sin_addr.s_addr, 4); | |
271 | + memcpy (addr->addr + 4, &osaddr->sa.sin_port, 2); | |
272 | } | |
273 | else | |
274 | { | |
275 | addr->type = MR_ADDR_IPV4; | |
276 | addr->netbits = 0; | |
277 | addr->len = 4; | |
278 | - memcpy (addr->addr, &saddr->sin_addr.s_addr, 4); | |
279 | + memcpy (addr->addr, &osaddr->sa.sin_addr.s_addr, 4); | |
280 | } | |
281 | return true; | |
282 | } | |
283 | diff -ur openvpn-2.0_rc16/mroute.h openvpn-2.0_rc16MH/mroute.h | |
284 | --- openvpn-2.0_rc16/mroute.h 2005-01-09 17:46:41.000000000 -0700 | |
285 | +++ openvpn-2.0_rc16MH/mroute.h 2005-02-24 20:19:05.000000000 -0700 | |
286 | @@ -95,9 +95,11 @@ | |
287 | struct buffer *buf, | |
288 | int tunnel_type); | |
289 | ||
290 | -bool mroute_extract_sockaddr_in (struct mroute_addr *addr, | |
291 | - const struct sockaddr_in *saddr, | |
292 | - bool use_port); | |
293 | +struct openvpn_sockaddr; | |
294 | + | |
295 | +bool mroute_extract_openvpn_sockaddr (struct mroute_addr *addr, | |
296 | + const struct openvpn_sockaddr *osaddr, | |
297 | + bool use_port); | |
298 | ||
299 | bool mroute_learnable_address (const struct mroute_addr *addr); | |
300 | ||
301 | diff -ur openvpn-2.0_rc16/mtcp.c openvpn-2.0_rc16MH/mtcp.c | |
302 | --- openvpn-2.0_rc16/mtcp.c 2005-02-05 01:55:09.000000000 -0700 | |
303 | +++ openvpn-2.0_rc16MH/mtcp.c 2005-02-24 20:18:27.000000000 -0700 | |
304 | @@ -160,7 +160,7 @@ | |
305 | ASSERT (mi->context.c2.link_socket); | |
306 | ASSERT (mi->context.c2.link_socket->info.lsa); | |
307 | ASSERT (mi->context.c2.link_socket->mode == LS_MODE_TCP_ACCEPT_FROM); | |
308 | - if (!mroute_extract_sockaddr_in (&mi->real, &mi->context.c2.link_socket->info.lsa->actual, true)) | |
309 | + if (!mroute_extract_openvpn_sockaddr (&mi->real, &mi->context.c2.link_socket->info.lsa->actual.dest, true)) | |
310 | { | |
311 | msg (D_MULTI_ERRORS, "MULTI TCP: TCP client address is undefined"); | |
312 | return false; | |
313 | diff -ur openvpn-2.0_rc16/mudp.c openvpn-2.0_rc16MH/mudp.c | |
314 | --- openvpn-2.0_rc16/mudp.c 2005-02-05 01:55:09.000000000 -0700 | |
315 | +++ openvpn-2.0_rc16MH/mudp.c 2005-02-24 20:23:14.000000000 -0700 | |
316 | @@ -52,7 +52,7 @@ | |
317 | struct multi_instance *mi = NULL; | |
318 | struct hash *hash = m->hash; | |
319 | ||
320 | - if (mroute_extract_sockaddr_in (&real, &m->top.c2.from, true)) | |
321 | + if (mroute_extract_openvpn_sockaddr (&real, &m->top.c2.from.dest, true)) | |
322 | { | |
323 | struct hash_element *he; | |
324 | const uint32_t hv = hash_value (hash, &real); | |
325 | diff -ur openvpn-2.0_rc16/multi.c openvpn-2.0_rc16MH/multi.c | |
326 | --- openvpn-2.0_rc16/multi.c 2005-01-18 22:23:17.000000000 -0700 | |
327 | +++ openvpn-2.0_rc16MH/multi.c 2005-02-24 20:27:42.000000000 -0700 | |
328 | @@ -939,13 +939,13 @@ | |
329 | in_addr_t a, | |
330 | int netbits) /* -1 if host route, otherwise # of network bits in address */ | |
331 | { | |
332 | - struct sockaddr_in remote_si; | |
333 | + struct openvpn_sockaddr remote_si; | |
334 | struct mroute_addr addr; | |
335 | ||
336 | CLEAR (remote_si); | |
337 | - remote_si.sin_family = AF_INET; | |
338 | - remote_si.sin_addr.s_addr = htonl (a); | |
339 | - ASSERT (mroute_extract_sockaddr_in (&addr, &remote_si, false)); | |
340 | + remote_si.sa.sin_family = AF_INET; | |
341 | + remote_si.sa.sin_addr.s_addr = htonl (a); | |
342 | + ASSERT (mroute_extract_openvpn_sockaddr (&addr, &remote_si, false)); | |
343 | ||
344 | if (netbits >= 0) | |
345 | { | |
346 | @@ -2009,15 +2009,15 @@ | |
347 | struct multi_context *m = (struct multi_context *) arg; | |
348 | struct hash_iterator hi; | |
349 | struct hash_element *he; | |
350 | - struct sockaddr_in saddr; | |
351 | + struct openvpn_sockaddr saddr; | |
352 | struct mroute_addr maddr; | |
353 | int count = 0; | |
354 | ||
355 | CLEAR (saddr); | |
356 | - saddr.sin_family = AF_INET; | |
357 | - saddr.sin_addr.s_addr = htonl (addr); | |
358 | - saddr.sin_port = htons (port); | |
359 | - if (mroute_extract_sockaddr_in (&maddr, &saddr, true)) | |
360 | + saddr.sa.sin_family = AF_INET; | |
361 | + saddr.sa.sin_addr.s_addr = htonl (addr); | |
362 | + saddr.sa.sin_port = htons (port); | |
363 | + if (mroute_extract_openvpn_sockaddr (&maddr, &saddr, true)) | |
364 | { | |
365 | hash_iterator_init (m->iter, &hi, true); | |
366 | while ((he = hash_iterator_next (&hi))) | |
367 | diff -ur openvpn-2.0_rc16/openvpn.h openvpn-2.0_rc16MH/openvpn.h | |
368 | --- openvpn-2.0_rc16/openvpn.h 2005-01-09 17:46:29.000000000 -0700 | |
369 | +++ openvpn-2.0_rc16MH/openvpn.h 2005-02-24 18:53:27.000000000 -0700 | |
370 | @@ -210,8 +210,8 @@ | |
371 | struct link_socket_info *link_socket_info; | |
372 | const struct link_socket *accept_from; /* possibly do accept() on a parent link_socket */ | |
373 | ||
374 | - struct sockaddr_in to_link_addr; /* IP address of remote */ | |
375 | - struct sockaddr_in from; /* address of incoming datagram */ | |
376 | + struct link_socket_actual *to_link_addr; /* IP address of remote */ | |
377 | + struct link_socket_actual from; /* address of incoming datagram */ | |
378 | ||
379 | /* MTU frame parameters */ | |
380 | struct frame frame; | |
381 | diff -ur openvpn-2.0_rc16/options.c openvpn-2.0_rc16MH/options.c | |
382 | --- openvpn-2.0_rc16/options.c 2005-02-10 19:18:08.000000000 -0700 | |
383 | +++ openvpn-2.0_rc16MH/options.c 2005-02-25 21:11:12.000000000 -0700 | |
384 | @@ -172,6 +172,9 @@ | |
385 | "--ping-timer-rem: Run the --ping-exit/--ping-restart timer only if we have a\n" | |
386 | " remote address.\n" | |
387 | "--ping n : Ping remote once every n seconds over TCP/UDP port.\n" | |
388 | +#if ENABLE_IP_PKTINFO | |
389 | + "--multihome : Configure a multi-homed UDP server.\n" | |
390 | +#endif | |
391 | "--fast-io : (experimental) Optimize TUN/TAP/UDP writes.\n" | |
392 | #ifdef ENABLE_OCC | |
393 | "--explicit-exit-notify n : (experimental) on exit, send exit signal to remote.\n" | |
394 | @@ -1034,6 +1037,10 @@ | |
395 | SHOW_INT (rcvbuf); | |
396 | SHOW_INT (sndbuf); | |
397 | ||
398 | +#if ENABLE_IP_PKTINFO | |
399 | + SHOW_BOOL (multihome); | |
400 | +#endif | |
401 | + | |
402 | #ifdef ENABLE_HTTP_PROXY | |
403 | if (o->http_proxy_options) | |
404 | show_http_proxy_options (o->http_proxy_options); | |
405 | @@ -2997,6 +3004,13 @@ | |
406 | VERIFY_PERMISSION (OPT_P_GENERAL); | |
407 | options->mlock = true; | |
408 | } | |
409 | +#if ENABLE_IP_PKTINFO | |
410 | + else if (streq (p[0], "multihome")) | |
411 | + { | |
412 | + VERIFY_PERMISSION (OPT_P_GENERAL); | |
413 | + options->multihome = true; | |
414 | + } | |
415 | +#endif | |
416 | else if (streq (p[0], "verb") && p[1]) | |
417 | { | |
418 | ++i; | |
419 | diff -ur openvpn-2.0_rc16/options.h openvpn-2.0_rc16MH/options.h | |
420 | --- openvpn-2.0_rc16/options.h 2005-02-10 16:37:25.000000000 -0700 | |
421 | +++ openvpn-2.0_rc16MH/options.h 2005-02-25 21:11:13.000000000 -0700 | |
422 | @@ -223,6 +223,10 @@ | |
423 | /* optimize TUN/TAP/UDP writes */ | |
424 | bool fast_io; | |
425 | ||
426 | +#if ENABLE_IP_PKTINFO | |
427 | + bool multihome; | |
428 | +#endif | |
429 | + | |
430 | #ifdef USE_LZO | |
431 | bool comp_lzo; | |
432 | bool comp_lzo_adaptive; | |
433 | diff -ur openvpn-2.0_rc16/ping-inline.h openvpn-2.0_rc16MH/ping-inline.h | |
434 | --- openvpn-2.0_rc16/ping-inline.h 2005-01-09 17:46:41.000000000 -0700 | |
435 | +++ openvpn-2.0_rc16MH/ping-inline.h 2005-02-24 19:56:53.000000000 -0700 | |
436 | @@ -38,7 +38,7 @@ | |
437 | && event_timeout_trigger (&c->c2.ping_rec_interval, | |
438 | &c->c2.timeval, | |
439 | (!c->options.ping_timer_remote | |
440 | - || addr_defined (&c->c1.link_socket_addr.actual)) | |
441 | + || link_socket_actual_defined (&c->c1.link_socket_addr.actual)) | |
442 | ? ETT_DEFAULT : 15)) | |
443 | check_ping_restart_dowork (c); | |
444 | } | |
445 | Only in openvpn-2.0_rc16MH/plugin: common | |
446 | diff -ur openvpn-2.0_rc16/socket.c openvpn-2.0_rc16MH/socket.c | |
447 | --- openvpn-2.0_rc16/socket.c 2005-02-05 01:42:13.000000000 -0700 | |
448 | +++ openvpn-2.0_rc16MH/socket.c 2005-02-25 21:41:34.000000000 -0700 | |
449 | @@ -237,7 +237,7 @@ | |
450 | ||
451 | static void | |
452 | update_remote (const char* host, | |
453 | - struct sockaddr_in *addr, | |
454 | + struct openvpn_sockaddr *addr, | |
455 | bool *changed) | |
456 | { | |
457 | if (host && addr) | |
458 | @@ -248,9 +248,9 @@ | |
459 | 1, | |
460 | NULL, | |
461 | NULL); | |
462 | - if (new_addr && addr->sin_addr.s_addr != new_addr) | |
463 | + if (new_addr && addr->sa.sin_addr.s_addr != new_addr) | |
464 | { | |
465 | - addr->sin_addr.s_addr = new_addr; | |
466 | + addr->sa.sin_addr.s_addr = new_addr; | |
467 | *changed = true; | |
468 | } | |
469 | } | |
470 | @@ -440,12 +440,19 @@ | |
471 | } | |
472 | ||
473 | static socket_descriptor_t | |
474 | -create_socket_udp (void) | |
475 | +create_socket_udp (const unsigned int flags) | |
476 | { | |
477 | socket_descriptor_t sd; | |
478 | ||
479 | if ((sd = socket (PF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) | |
480 | msg (M_SOCKERR, "UDP: Cannot create UDP socket"); | |
481 | +#if ENABLE_IP_PKTINFO | |
482 | + else if (flags & SF_USE_IP_PKTINFO) | |
483 | + { | |
484 | + int pad = 1; | |
485 | + setsockopt (sd, SOL_IP, IP_PKTINFO, (void*)&pad, sizeof(pad)); | |
486 | + } | |
487 | +#endif | |
488 | return sd; | |
489 | } | |
490 | ||
491 | @@ -455,7 +462,7 @@ | |
492 | /* create socket */ | |
493 | if (sock->info.proto == PROTO_UDPv4) | |
494 | { | |
495 | - sock->sd = create_socket_udp (); | |
496 | + sock->sd = create_socket_udp (sock->socket_flags); | |
497 | ||
498 | #ifdef ENABLE_SOCKS | |
499 | if (sock->socks_proxy) | |
500 | @@ -479,7 +486,7 @@ | |
501 | ||
502 | static void | |
503 | socket_do_listen (socket_descriptor_t sd, | |
504 | - const struct sockaddr_in *local, | |
505 | + const struct openvpn_sockaddr *local, | |
506 | bool do_listen, | |
507 | bool do_set_nonblock) | |
508 | { | |
509 | @@ -501,16 +508,18 @@ | |
510 | ||
511 | socket_descriptor_t | |
512 | socket_do_accept (socket_descriptor_t sd, | |
513 | - struct sockaddr_in *remote, | |
514 | + struct link_socket_actual *act, | |
515 | const bool nowait) | |
516 | { | |
517 | - socklen_t remote_len = sizeof (*remote); | |
518 | + socklen_t remote_len = sizeof (act->dest.sa); | |
519 | socket_descriptor_t new_sd = SOCKET_UNDEFINED; | |
520 | ||
521 | + CLEAR (*act); | |
522 | + | |
523 | #ifdef HAVE_GETPEERNAME | |
524 | if (nowait) | |
525 | { | |
526 | - new_sd = getpeername (sd, (struct sockaddr *) remote, &remote_len); | |
527 | + new_sd = getpeername (sd, (struct sockaddr *) &act->dest.sa, &remote_len); | |
528 | ||
529 | if (!socket_defined (new_sd)) | |
530 | msg (D_LINK_ERRORS | M_ERRNO_SOCK, "TCP: getpeername() failed"); | |
2b9fb954 | 531 | @@ -522,7 +531,7 @@ |
27b50dc5 | 532 | #endif |
533 | else | |
534 | { | |
535 | - new_sd = accept (sd, (struct sockaddr *) remote, &remote_len); | |
536 | + new_sd = accept (sd, (struct sockaddr *) &act->dest.sa, &remote_len); | |
537 | } | |
2b9fb954 AZ |
538 | |
539 | #if 0 /* For debugging only, test the effect of accept() failures */ | |
540 | @@ -538,7 +547,7 @@ | |
27b50dc5 | 541 | { |
542 | msg (D_LINK_ERRORS | M_ERRNO_SOCK, "TCP: accept(%d) failed", sd); | |
543 | } | |
544 | - else if (remote_len != sizeof (*remote)) | |
545 | + else if (remote_len != sizeof (act->dest.sa)) | |
546 | { | |
547 | msg (D_LINK_ERRORS, "TCP: Received strange incoming connection with unknown address length=%d", remote_len); | |
548 | openvpn_close_socket (new_sd); | |
549 | @@ -540,28 +549,30 @@ | |
550 | } | |
551 | ||
552 | static void | |
553 | -tcp_connection_established (const struct sockaddr_in *remote) | |
554 | +tcp_connection_established (const struct link_socket_actual *act) | |
555 | { | |
556 | struct gc_arena gc = gc_new (); | |
557 | msg (M_INFO, "TCP connection established with %s", | |
558 | - print_sockaddr (remote, &gc)); | |
559 | + print_link_socket_actual (act, &gc)); | |
560 | gc_free (&gc); | |
561 | } | |
562 | ||
563 | static int | |
564 | socket_listen_accept (socket_descriptor_t sd, | |
565 | - struct sockaddr_in *remote, | |
566 | + struct link_socket_actual *act, | |
567 | const char *remote_dynamic, | |
568 | bool *remote_changed, | |
569 | - const struct sockaddr_in *local, | |
570 | + const struct openvpn_sockaddr *local, | |
571 | bool do_listen, | |
572 | bool nowait, | |
573 | volatile int *signal_received) | |
574 | { | |
575 | struct gc_arena gc = gc_new (); | |
576 | - struct sockaddr_in remote_verify = *remote; | |
577 | + //struct openvpn_sockaddr *remote = &act->dest; | |
578 | + struct openvpn_sockaddr remote_verify = act->dest; | |
579 | int new_sd = SOCKET_UNDEFINED; | |
580 | ||
581 | + CLEAR (*act); | |
582 | socket_do_listen (sd, local, do_listen, true); | |
583 | ||
584 | while (true) | |
585 | @@ -590,17 +601,17 @@ | |
586 | if (status <= 0) | |
587 | continue; | |
588 | ||
589 | - new_sd = socket_do_accept (sd, remote, nowait); | |
590 | + new_sd = socket_do_accept (sd, act, nowait); | |
591 | ||
592 | if (socket_defined (new_sd)) | |
593 | { | |
594 | update_remote (remote_dynamic, &remote_verify, remote_changed); | |
595 | if (addr_defined (&remote_verify) | |
596 | - && !addr_match (&remote_verify, remote)) | |
597 | + && !addr_match (&remote_verify, &act->dest)) | |
598 | { | |
599 | msg (M_WARN, | |
600 | "TCP NOTE: Rejected connection attempt from %s due to --remote setting", | |
601 | - print_sockaddr (remote, &gc)); | |
602 | + print_link_socket_actual (act, &gc)); | |
603 | if (openvpn_close_socket (new_sd)) | |
604 | msg (M_SOCKERR, "TCP: close socket failed (new_sd)"); | |
605 | } | |
606 | @@ -613,7 +624,7 @@ | |
607 | if (!nowait && openvpn_close_socket (sd)) | |
608 | msg (M_SOCKERR, "TCP: close socket failed (sd)"); | |
609 | ||
610 | - tcp_connection_established (remote); | |
611 | + tcp_connection_established (act); | |
612 | ||
613 | gc_free (&gc); | |
614 | return new_sd; | |
615 | @@ -621,7 +632,7 @@ | |
616 | ||
617 | static void | |
618 | socket_connect (socket_descriptor_t *sd, | |
619 | - struct sockaddr_in *remote, | |
620 | + struct openvpn_sockaddr *remote, | |
621 | struct remote_list *remote_list, | |
622 | const char *remote_dynamic, | |
623 | bool *remote_changed, | |
624 | @@ -634,8 +645,8 @@ | |
625 | print_sockaddr (remote, &gc)); | |
626 | while (true) | |
627 | { | |
628 | - const int status = connect (*sd, (struct sockaddr *) remote, | |
629 | - sizeof (*remote)); | |
630 | + const int status = connect (*sd, (struct sockaddr *) &remote->sa, | |
631 | + sizeof (remote->sa)); | |
632 | ||
633 | get_signal (signal_received); | |
634 | if (*signal_received) | |
635 | @@ -656,7 +667,7 @@ | |
636 | { | |
637 | remote_list_next (remote_list); | |
638 | remote_dynamic = remote_list_host (remote_list); | |
639 | - remote->sin_port = htons (remote_list_port (remote_list)); | |
640 | + remote->sa.sin_port = htons (remote_list_port (remote_list)); | |
641 | *remote_changed = true; | |
642 | } | |
643 | ||
644 | @@ -716,22 +727,22 @@ | |
645 | /* resolve local address if undefined */ | |
646 | if (!addr_defined (&sock->info.lsa->local)) | |
647 | { | |
648 | - sock->info.lsa->local.sin_family = AF_INET; | |
649 | - sock->info.lsa->local.sin_addr.s_addr = | |
650 | + sock->info.lsa->local.sa.sin_family = AF_INET; | |
651 | + sock->info.lsa->local.sa.sin_addr.s_addr = | |
652 | (sock->local_host ? getaddr (GETADDR_RESOLVE | GETADDR_WARN_ON_SIGNAL | GETADDR_FATAL, | |
653 | sock->local_host, | |
654 | 0, | |
655 | NULL, | |
656 | NULL) | |
657 | : htonl (INADDR_ANY)); | |
658 | - sock->info.lsa->local.sin_port = htons (sock->local_port); | |
659 | + sock->info.lsa->local.sa.sin_port = htons (sock->local_port); | |
660 | } | |
661 | ||
662 | /* bind to local address/port */ | |
663 | if (sock->bind_local) | |
664 | { | |
665 | - if (bind (sock->sd, (struct sockaddr *) &sock->info.lsa->local, | |
666 | - sizeof (sock->info.lsa->local))) | |
667 | + if (bind (sock->sd, (struct sockaddr *) &sock->info.lsa->local.sa, | |
668 | + sizeof (sock->info.lsa->local.sa))) | |
669 | { | |
670 | const int errnum = openvpn_errno_socket (); | |
671 | msg (M_FATAL, "TCP/UDP: Socket bind failed on local address %s: %s", | |
672 | @@ -755,8 +766,8 @@ | |
673 | /* resolve remote address if undefined */ | |
674 | if (!addr_defined (&sock->info.lsa->remote)) | |
675 | { | |
676 | - sock->info.lsa->remote.sin_family = AF_INET; | |
677 | - sock->info.lsa->remote.sin_addr.s_addr = 0; | |
678 | + sock->info.lsa->remote.sa.sin_family = AF_INET; | |
679 | + sock->info.lsa->remote.sa.sin_addr.s_addr = 0; | |
680 | ||
681 | if (sock->remote_host) | |
682 | { | |
683 | @@ -794,7 +805,7 @@ | |
684 | ASSERT (0); | |
685 | } | |
686 | ||
687 | - sock->info.lsa->remote.sin_addr.s_addr = getaddr ( | |
688 | + sock->info.lsa->remote.sa.sin_addr.s_addr = getaddr ( | |
689 | flags, | |
690 | sock->remote_host, | |
691 | retry, | |
692 | @@ -821,19 +832,22 @@ | |
693 | } | |
694 | } | |
695 | ||
696 | - sock->info.lsa->remote.sin_port = htons (sock->remote_port); | |
697 | + sock->info.lsa->remote.sa.sin_port = htons (sock->remote_port); | |
698 | } | |
699 | ||
700 | /* should we re-use previous active remote address? */ | |
701 | - if (addr_defined (&sock->info.lsa->actual)) | |
702 | + if (link_socket_actual_defined (&sock->info.lsa->actual)) | |
703 | { | |
704 | msg (M_INFO, "TCP/UDP: Preserving recently used remote address: %s", | |
705 | - print_sockaddr (&sock->info.lsa->actual, &gc)); | |
706 | + print_link_socket_actual (&sock->info.lsa->actual, &gc)); | |
707 | if (remote_dynamic) | |
708 | *remote_dynamic = NULL; | |
709 | } | |
710 | else | |
711 | - sock->info.lsa->actual = sock->info.lsa->remote; | |
712 | + { | |
713 | + CLEAR (sock->info.lsa->actual); | |
714 | + sock->info.lsa->actual.dest = sock->info.lsa->remote; | |
715 | + } | |
716 | ||
717 | /* remember that we finished */ | |
718 | sock->did_resolve_remote = true; | |
719 | @@ -884,7 +898,8 @@ | |
720 | int connect_retry_seconds, | |
721 | int mtu_discover_type, | |
722 | int rcvbuf, | |
723 | - int sndbuf) | |
724 | + int sndbuf, | |
725 | + const unsigned int socket_flags) | |
726 | { | |
727 | const char *remote_host; | |
728 | int remote_port; | |
729 | @@ -920,6 +935,8 @@ | |
730 | sock->socket_buffer_sizes.rcvbuf = rcvbuf; | |
731 | sock->socket_buffer_sizes.sndbuf = sndbuf; | |
732 | ||
733 | + sock->socket_flags = socket_flags; | |
734 | + | |
735 | sock->info.proto = proto; | |
736 | sock->info.remote_float = remote_float; | |
737 | sock->info.lsa = lsa; | |
738 | @@ -1097,7 +1114,7 @@ | |
739 | else if (sock->info.proto == PROTO_TCPv4_CLIENT) | |
740 | { | |
741 | socket_connect (&sock->sd, | |
742 | - &sock->info.lsa->actual, | |
743 | + &sock->info.lsa->actual.dest, | |
744 | sock->remote_list, | |
745 | remote_dynamic, | |
746 | &remote_changed, | |
747 | @@ -1135,7 +1152,7 @@ | |
748 | else if (sock->info.proto == PROTO_UDPv4 && sock->socks_proxy) | |
749 | { | |
750 | socket_connect (&sock->ctrl_sd, | |
751 | - &sock->info.lsa->actual, | |
752 | + &sock->info.lsa->actual.dest, | |
753 | NULL, | |
754 | remote_dynamic, | |
755 | &remote_changed, | |
756 | @@ -1147,7 +1164,8 @@ | |
757 | ||
758 | establish_socks_proxy_udpassoc (sock->socks_proxy, | |
759 | sock->ctrl_sd, | |
760 | - sock->sd, &sock->socks_relay, | |
761 | + sock->sd, | |
762 | + &sock->socks_relay.dest, | |
763 | signal_received); | |
764 | ||
765 | if (*signal_received) | |
766 | @@ -1156,8 +1174,9 @@ | |
767 | sock->remote_host = sock->proxy_dest_host; | |
768 | sock->remote_port = sock->proxy_dest_port; | |
769 | sock->did_resolve_remote = false; | |
770 | - sock->info.lsa->actual.sin_addr.s_addr = 0; | |
771 | - sock->info.lsa->remote.sin_addr.s_addr = 0; | |
772 | + | |
773 | + sock->info.lsa->actual.dest.sa.sin_addr.s_addr = 0; | |
774 | + sock->info.lsa->remote.sa.sin_addr.s_addr = 0; | |
775 | ||
776 | resolve_remote (sock, 1, NULL, signal_received); | |
777 | ||
778 | @@ -1172,7 +1191,7 @@ | |
779 | if (remote_changed) | |
780 | { | |
781 | msg (M_INFO, "TCP/UDP: Dynamic remote address changed during TCP connection establishment"); | |
782 | - sock->info.lsa->remote.sin_addr.s_addr = sock->info.lsa->actual.sin_addr.s_addr; | |
783 | + sock->info.lsa->remote.sa.sin_addr.s_addr = sock->info.lsa->actual.dest.sa.sin_addr.s_addr; | |
784 | } | |
785 | } | |
786 | ||
787 | @@ -1206,12 +1225,15 @@ | |
788 | msg (M_INFO, "%s link local%s: %s", | |
789 | proto2ascii (sock->info.proto, true), | |
790 | (sock->bind_local ? " (bound)" : ""), | |
791 | - print_sockaddr_ex (&sock->info.lsa->local, sock->bind_local, ":", &gc)); | |
792 | + print_sockaddr_ex (&sock->info.lsa->local, ":", sock->bind_local ? PS_SHOW_PORT : 0, &gc)); | |
793 | ||
794 | /* print active remote address */ | |
795 | msg (M_INFO, "%s link remote: %s", | |
796 | proto2ascii (sock->info.proto, true), | |
797 | - print_sockaddr_ex (&sock->info.lsa->actual, addr_defined (&sock->info.lsa->actual), ":", &gc)); | |
798 | + print_link_socket_actual_ex (&sock->info.lsa->actual, | |
799 | + ":", | |
800 | + PS_SHOW_PORT_IF_DEFINED, | |
801 | + &gc)); | |
802 | ||
803 | done: | |
804 | gc_free (&gc); | |
805 | @@ -1276,19 +1298,19 @@ | |
806 | void | |
807 | setenv_trusted (struct env_set *es, const struct link_socket_info *info) | |
808 | { | |
809 | - setenv_sockaddr (es, "trusted", &info->lsa->actual, SA_IP_PORT); | |
810 | + setenv_link_socket_actual (es, "trusted", &info->lsa->actual, SA_IP_PORT); | |
811 | } | |
812 | ||
813 | void | |
814 | link_socket_connection_initiated (const struct buffer *buf, | |
815 | struct link_socket_info *info, | |
816 | - const struct sockaddr_in *addr, | |
817 | + const struct link_socket_actual *act, | |
818 | const char *common_name, | |
819 | struct env_set *es) | |
820 | { | |
821 | struct gc_arena gc = gc_new (); | |
822 | ||
823 | - info->lsa->actual = *addr; /* Note: skip this line for --force-dest */ | |
824 | + info->lsa->actual = *act; /* Note: skip this line for --force-dest */ | |
825 | setenv_trusted (es, info); | |
826 | info->connection_established = true; | |
827 | ||
828 | @@ -1297,7 +1319,7 @@ | |
829 | struct buffer out = alloc_buf_gc (256, &gc); | |
830 | if (common_name) | |
831 | buf_printf (&out, "[%s] ", common_name); | |
832 | - buf_printf (&out, "Peer Connection Initiated with %s", print_sockaddr (&info->lsa->actual, &gc)); | |
833 | + buf_printf (&out, "Peer Connection Initiated with %s", print_link_socket_actual (&info->lsa->actual, &gc)); | |
834 | msg (M_INFO, "%s", BSTR (&out)); | |
835 | } | |
836 | ||
837 | @@ -1307,7 +1329,7 @@ | |
838 | /* Process --ipchange plugin */ | |
839 | if (plugin_defined (info->plugins, OPENVPN_PLUGIN_IPCHANGE)) | |
840 | { | |
841 | - const char *addr_ascii = print_sockaddr_ex (&info->lsa->actual, true, " ", &gc); | |
842 | + const char *addr_ascii = print_sockaddr_ex (&info->lsa->actual.dest, " ", PS_SHOW_PORT, &gc); | |
843 | if (plugin_call (info->plugins, OPENVPN_PLUGIN_IPCHANGE, addr_ascii, es)) | |
844 | msg (M_WARN, "WARNING: ipchange plugin call failed"); | |
845 | } | |
846 | @@ -1319,7 +1341,7 @@ | |
847 | setenv_str (es, "script_type", "ipchange"); | |
848 | buf_printf (&out, "%s %s", | |
849 | info->ipchange_command, | |
850 | - print_sockaddr_ex (&info->lsa->actual, true, " ", &gc)); | |
851 | + print_sockaddr_ex (&info->lsa->actual.dest, " ", PS_SHOW_PORT, &gc)); | |
852 | system_check (BSTR (&out), es, S_SCRIPT, "ip-change command failed"); | |
853 | } | |
854 | ||
855 | @@ -1329,14 +1351,14 @@ | |
856 | void | |
857 | link_socket_bad_incoming_addr (struct buffer *buf, | |
858 | const struct link_socket_info *info, | |
859 | - const struct sockaddr_in *from_addr) | |
860 | + const struct link_socket_actual *from_addr) | |
861 | { | |
862 | struct gc_arena gc = gc_new (); | |
863 | ||
864 | msg (D_LINK_ERRORS, | |
865 | "TCP/UDP: Incoming packet rejected from %s[%d], expected peer address: %s (allow this incoming source address/port by removing --remote or adding --float)", | |
866 | - print_sockaddr (from_addr, &gc), | |
867 | - (int)from_addr->sin_family, | |
868 | + print_link_socket_actual (from_addr, &gc), | |
869 | + (int)from_addr->dest.sa.sin_family, | |
870 | print_sockaddr (&info->lsa->remote, &gc)); | |
871 | buf->len = 0; | |
872 | ||
873 | @@ -1354,10 +1376,10 @@ | |
874 | { | |
875 | const struct link_socket_addr *lsa = info->lsa; | |
876 | ||
877 | - if (addr_defined (&lsa->actual)) | |
878 | - return ntohl (lsa->actual.sin_addr.s_addr); | |
879 | + if (link_socket_actual_defined (&lsa->actual)) | |
880 | + return ntohl (lsa->actual.dest.sa.sin_addr.s_addr); | |
881 | else if (addr_defined (&lsa->remote)) | |
882 | - return ntohl (lsa->remote.sin_addr.s_addr); | |
883 | + return ntohl (lsa->remote.sa.sin_addr.s_addr); | |
884 | else | |
885 | return 0; | |
886 | } | |
887 | @@ -1550,29 +1572,69 @@ | |
888 | */ | |
889 | ||
890 | const char * | |
891 | -print_sockaddr (const struct sockaddr_in *addr, struct gc_arena *gc) | |
892 | +print_sockaddr (const struct openvpn_sockaddr *addr, struct gc_arena *gc) | |
893 | { | |
894 | - return print_sockaddr_ex(addr, true, ":", gc); | |
895 | + return print_sockaddr_ex (addr, ":", PS_SHOW_PORT, gc); | |
896 | } | |
897 | ||
898 | const char * | |
899 | -print_sockaddr_ex (const struct sockaddr_in *addr, bool do_port, const char* separator, struct gc_arena *gc) | |
900 | +print_sockaddr_ex (const struct openvpn_sockaddr *addr, | |
901 | + const char* separator, | |
902 | + const unsigned int flags, | |
903 | + struct gc_arena *gc) | |
904 | { | |
905 | - struct buffer out = alloc_buf_gc (64, gc); | |
906 | - const int port = ntohs (addr->sin_port); | |
907 | + if (addr) | |
908 | + { | |
909 | + struct buffer out = alloc_buf_gc (64, gc); | |
910 | + const int port = ntohs (addr->sa.sin_port); | |
911 | ||
912 | - mutex_lock_static (L_INET_NTOA); | |
913 | - buf_printf (&out, "%s", (addr_defined (addr) ? inet_ntoa (addr->sin_addr) : "[undef]")); | |
914 | - mutex_unlock_static (L_INET_NTOA); | |
915 | + mutex_lock_static (L_INET_NTOA); | |
916 | + buf_printf (&out, "%s", (addr_defined (addr) ? inet_ntoa (addr->sa.sin_addr) : "[undef]")); | |
917 | + mutex_unlock_static (L_INET_NTOA); | |
918 | ||
919 | - if (do_port && port) | |
920 | - { | |
921 | - if (separator) | |
922 | - buf_printf (&out, "%s", separator); | |
923 | + if (((flags & PS_SHOW_PORT) || (addr_defined (addr) && (flags & PS_SHOW_PORT_IF_DEFINED))) | |
924 | + && port) | |
925 | + { | |
926 | + if (separator) | |
927 | + buf_printf (&out, "%s", separator); | |
928 | ||
929 | - buf_printf (&out, "%d", port); | |
930 | + buf_printf (&out, "%d", port); | |
931 | + } | |
932 | + return BSTR (&out); | |
933 | } | |
934 | - return BSTR (&out); | |
935 | + else | |
936 | + return "[NULL]"; | |
937 | +} | |
938 | + | |
939 | +const char * | |
940 | +print_link_socket_actual (const struct link_socket_actual *act, struct gc_arena *gc) | |
941 | +{ | |
942 | + return print_link_socket_actual_ex (act, ":", PS_SHOW_PORT|PS_SHOW_PKTINFO, gc); | |
943 | +} | |
944 | + | |
945 | +const char * | |
946 | +print_link_socket_actual_ex (const struct link_socket_actual *act, | |
947 | + const char *separator, | |
948 | + const unsigned int flags, | |
949 | + struct gc_arena *gc) | |
950 | +{ | |
951 | + if (act) | |
952 | + { | |
953 | + struct buffer out = alloc_buf_gc (128, gc); | |
954 | + buf_printf (&out, "%s", print_sockaddr_ex (&act->dest, separator, flags, gc)); | |
955 | +#if ENABLE_IP_PKTINFO | |
956 | + if ((flags & PS_SHOW_PKTINFO) && act->pi.ipi_spec_dst.s_addr) | |
957 | + { | |
958 | + struct openvpn_sockaddr sa; | |
959 | + CLEAR (sa); | |
960 | + sa.sa.sin_addr = act->pi.ipi_spec_dst; | |
961 | + buf_printf (&out, " (via %s)", print_sockaddr_ex (&sa, separator, 0, gc)); | |
962 | + } | |
963 | +#endif | |
964 | + return BSTR (&out); | |
965 | + } | |
966 | + else | |
967 | + return "[NULL]"; | |
968 | } | |
969 | ||
970 | /* | |
971 | @@ -1599,7 +1661,7 @@ | |
972 | ||
973 | /* set environmental variables for ip/port in *addr */ | |
974 | void | |
975 | -setenv_sockaddr (struct env_set *es, const char *name_prefix, const struct sockaddr_in *addr, const bool flags) | |
976 | +setenv_sockaddr (struct env_set *es, const char *name_prefix, const struct openvpn_sockaddr *addr, const bool flags) | |
977 | { | |
978 | char name_buf[256]; | |
979 | ||
980 | @@ -1609,13 +1671,13 @@ | |
981 | openvpn_snprintf (name_buf, sizeof (name_buf), "%s", name_prefix); | |
982 | ||
983 | mutex_lock_static (L_INET_NTOA); | |
984 | - setenv_str (es, name_buf, inet_ntoa (addr->sin_addr)); | |
985 | + setenv_str (es, name_buf, inet_ntoa (addr->sa.sin_addr)); | |
986 | mutex_unlock_static (L_INET_NTOA); | |
987 | ||
988 | - if ((flags & SA_IP_PORT) && addr->sin_port) | |
989 | + if ((flags & SA_IP_PORT) && addr->sa.sin_port) | |
990 | { | |
991 | openvpn_snprintf (name_buf, sizeof (name_buf), "%s_port", name_prefix); | |
992 | - setenv_int (es, name_buf, ntohs (addr->sin_port)); | |
993 | + setenv_int (es, name_buf, ntohs (addr->sa.sin_port)); | |
994 | } | |
995 | } | |
996 | ||
997 | @@ -1624,13 +1686,22 @@ | |
998 | { | |
999 | if (addr || !(flags & SA_SET_IF_NONZERO)) | |
1000 | { | |
1001 | - struct sockaddr_in si; | |
1002 | + struct openvpn_sockaddr si; | |
1003 | CLEAR (si); | |
1004 | - si.sin_addr.s_addr = htonl (addr); | |
1005 | + si.sa.sin_addr.s_addr = htonl (addr); | |
1006 | setenv_sockaddr (es, name_prefix, &si, flags); | |
1007 | } | |
1008 | } | |
1009 | ||
1010 | +void | |
1011 | +setenv_link_socket_actual (struct env_set *es, | |
1012 | + const char *name_prefix, | |
1013 | + const struct link_socket_actual *act, | |
1014 | + const bool flags) | |
1015 | +{ | |
1016 | + setenv_sockaddr (es, name_prefix, &act->dest, flags); | |
1017 | +} | |
1018 | + | |
1019 | /* | |
1020 | * Convert protocol names between index and ascii form. | |
1021 | */ | |
1022 | @@ -1760,19 +1831,72 @@ | |
1023 | ||
1024 | #ifndef WIN32 | |
1025 | ||
1026 | +#if ENABLE_IP_PKTINFO | |
1027 | + | |
1028 | +struct openvpn_pktinfo | |
1029 | +{ | |
1030 | + struct cmsghdr cmsghdr; | |
1031 | + struct in_pktinfo in_pktinfo; | |
1032 | +}; | |
1033 | + | |
1034 | +static socklen_t | |
1035 | +link_socket_read_udp_posix_recvmsg (struct link_socket *sock, | |
1036 | + struct buffer *buf, | |
1037 | + int maxsize, | |
1038 | + struct link_socket_actual *from) | |
1039 | +{ | |
1040 | + struct iovec iov; | |
1041 | + struct openvpn_pktinfo opi; | |
1042 | + struct msghdr mesg; | |
1043 | + socklen_t fromlen = sizeof (from->dest.sa); | |
1044 | + | |
1045 | + iov.iov_base = BPTR (buf); | |
1046 | + iov.iov_len = maxsize; | |
1047 | + mesg.msg_iov = &iov; | |
1048 | + mesg.msg_iovlen = 1; | |
1049 | + mesg.msg_name = &from->dest.sa; | |
1050 | + mesg.msg_namelen = fromlen; | |
1051 | + mesg.msg_control = &opi; | |
1052 | + mesg.msg_controllen = sizeof (opi); | |
1053 | + buf->len = recvmsg (sock->sd, &mesg, 0); | |
1054 | + if (buf->len >= 0) | |
1055 | + { | |
1056 | + struct cmsghdr *cmsg; | |
1057 | + fromlen = mesg.msg_namelen; | |
1058 | + cmsg = CMSG_FIRSTHDR (&mesg); | |
1059 | + if (cmsg != NULL | |
1060 | + && CMSG_NXTHDR (&mesg, cmsg) == NULL | |
1061 | + && cmsg->cmsg_level == SOL_IP | |
1062 | + && cmsg->cmsg_type == IP_PKTINFO | |
1063 | + && cmsg->cmsg_len >= sizeof (opi)) | |
1064 | + { | |
1065 | + struct in_pktinfo *pkti = (struct in_pktinfo *) CMSG_DATA (cmsg); | |
1066 | + from->pi.ipi_ifindex = pkti->ipi_ifindex; | |
1067 | + from->pi.ipi_spec_dst = pkti->ipi_spec_dst; | |
1068 | + } | |
1069 | + } | |
1070 | + return fromlen; | |
1071 | +} | |
1072 | +#endif | |
1073 | + | |
1074 | int | |
1075 | link_socket_read_udp_posix (struct link_socket *sock, | |
1076 | struct buffer *buf, | |
1077 | int maxsize, | |
1078 | - struct sockaddr_in *from) | |
1079 | + struct link_socket_actual *from) | |
1080 | { | |
1081 | - socklen_t fromlen = sizeof (*from); | |
1082 | - CLEAR (*from); | |
1083 | + socklen_t fromlen = sizeof (from->dest.sa); | |
1084 | + from->dest.sa.sin_addr.s_addr = 0; | |
1085 | ASSERT (buf_safe (buf, maxsize)); | |
1086 | - buf->len = recvfrom (sock->sd, BPTR (buf), maxsize, 0, | |
1087 | - (struct sockaddr *) from, &fromlen); | |
1088 | - if (fromlen != sizeof (*from)) | |
1089 | - bad_address_length (fromlen, sizeof (*from)); | |
1090 | +#if ENABLE_IP_PKTINFO | |
1091 | + if (sock->socket_flags & SF_USE_IP_PKTINFO) | |
1092 | + fromlen = link_socket_read_udp_posix_recvmsg (sock, buf, maxsize, from); | |
1093 | + else | |
1094 | +#endif | |
1095 | + buf->len = recvfrom (sock->sd, BPTR (buf), maxsize, 0, | |
1096 | + (struct sockaddr *) &from->dest.sa, &fromlen); | |
1097 | + if (fromlen != sizeof (from->dest.sa)) | |
1098 | + bad_address_length (fromlen, sizeof (from->dest.sa)); | |
1099 | return buf->len; | |
1100 | } | |
1101 | ||
1102 | @@ -1785,7 +1909,7 @@ | |
1103 | int | |
1104 | link_socket_write_tcp (struct link_socket *sock, | |
1105 | struct buffer *buf, | |
1106 | - struct sockaddr_in *to) | |
1107 | + struct link_socket_actual *to) | |
1108 | { | |
1109 | packet_size_type len = BLEN (buf); | |
1110 | dmsg (D_STREAM_DEBUG, "STREAM: WRITE %d offset=%d", (int)len, buf->offset); | |
1111 | @@ -1799,6 +1923,41 @@ | |
1112 | #endif | |
1113 | } | |
1114 | ||
1115 | +#if ENABLE_IP_PKTINFO | |
1116 | + | |
1117 | +int | |
1118 | +link_socket_write_udp_posix_sendmsg (struct link_socket *sock, | |
1119 | + struct buffer *buf, | |
1120 | + struct link_socket_actual *to) | |
1121 | +{ | |
1122 | + struct iovec iov; | |
1123 | + struct msghdr mesg; | |
1124 | + struct cmsghdr *cmsg; | |
1125 | + struct in_pktinfo *pkti; | |
1126 | + struct openvpn_pktinfo opi; | |
1127 | + | |
1128 | + iov.iov_base = BPTR (buf); | |
1129 | + iov.iov_len = BLEN (buf); | |
1130 | + mesg.msg_iov = &iov; | |
1131 | + mesg.msg_iovlen = 1; | |
1132 | + mesg.msg_name = &to->dest.sa; | |
1133 | + mesg.msg_namelen = sizeof (to->dest.sa); | |
1134 | + mesg.msg_control = &opi; | |
1135 | + mesg.msg_controllen = sizeof (opi); | |
1136 | + mesg.msg_flags = 0; | |
1137 | + cmsg = CMSG_FIRSTHDR (&mesg); | |
1138 | + cmsg->cmsg_len = sizeof (opi); | |
1139 | + cmsg->cmsg_level = SOL_IP; | |
1140 | + cmsg->cmsg_type = IP_PKTINFO; | |
1141 | + pkti = (struct in_pktinfo *) CMSG_DATA (cmsg); | |
1142 | + pkti->ipi_ifindex = to->pi.ipi_ifindex; | |
1143 | + pkti->ipi_spec_dst = to->pi.ipi_spec_dst; | |
1144 | + pkti->ipi_addr.s_addr = 0; | |
1145 | + return sendmsg (sock->sd, &mesg, 0); | |
1146 | +} | |
1147 | + | |
1148 | +#endif | |
1149 | + | |
1150 | /* | |
1151 | * Win32 overlapped socket I/O functions. | |
1152 | */ | |
1153 | @@ -1913,7 +2072,7 @@ | |
1154 | } | |
1155 | ||
1156 | int | |
1157 | -socket_send_queue (struct link_socket *sock, struct buffer *buf, const struct sockaddr_in *to) | |
1158 | +socket_send_queue (struct link_socket *sock, struct buffer *buf, const struct link_socket_actual *to) | |
1159 | { | |
1160 | if (sock->writes.iostate == IOSTATE_INITIAL) | |
1161 | { | |
1162 | @@ -1937,7 +2096,7 @@ | |
1163 | { | |
1164 | /* set destination address for UDP writes */ | |
1165 | sock->writes.addr_defined = true; | |
1166 | - sock->writes.addr = *to; | |
1167 | + sock->writes.addr = to->dest.sa; | |
1168 | sock->writes.addrlen = sizeof (sock->writes.addr); | |
1169 | ||
1170 | status = WSASendTo( | |
1171 | @@ -2013,11 +2172,10 @@ | |
1172 | } | |
1173 | ||
1174 | int | |
1175 | -socket_finalize ( | |
1176 | - SOCKET s, | |
1177 | +socket_finalize (SOCKET s, | |
1178 | struct overlapped_io *io, | |
1179 | struct buffer *buf, | |
1180 | - struct sockaddr_in *from) | |
1181 | + struct link_socket_actual *from) | |
1182 | { | |
1183 | int ret = -1; | |
1184 | BOOL status; | |
1185 | @@ -2094,10 +2252,10 @@ | |
1186 | { | |
1187 | if (io->addrlen != sizeof (io->addr)) | |
1188 | bad_address_length (io->addrlen, sizeof (io->addr)); | |
1189 | - *from = io->addr; | |
1190 | + from->dest.sa = io->addr; | |
1191 | } | |
1192 | else | |
1193 | - CLEAR (*from); | |
1194 | + CLEAR (from->dest.sa); | |
1195 | } | |
1196 | ||
1197 | if (buf) | |
1198 | diff -ur openvpn-2.0_rc16/socket.h openvpn-2.0_rc16MH/socket.h | |
1199 | --- openvpn-2.0_rc16/socket.h 2005-02-05 01:36:31.000000000 -0700 | |
1200 | +++ openvpn-2.0_rc16MH/socket.h 2005-02-25 21:13:53.000000000 -0700 | |
1201 | @@ -78,12 +78,29 @@ | |
1202 | /* convert a packet_size_type from network to host order */ | |
1203 | #define ntohps(x) ntohs(x) | |
1204 | ||
1205 | +/* OpenVPN sockaddr struct */ | |
1206 | +struct openvpn_sockaddr | |
1207 | +{ | |
1208 | + int dummy; // JYFIXME | |
1209 | + struct sockaddr_in sa; | |
1210 | +}; | |
1211 | + | |
1212 | +/* actual address of remote, based on source address of received packets */ | |
1213 | +struct link_socket_actual | |
1214 | +{ | |
1215 | + int dummy; // JYFIXME | |
1216 | + struct openvpn_sockaddr dest; | |
1217 | +#if ENABLE_IP_PKTINFO | |
1218 | + struct in_pktinfo pi; | |
1219 | +#endif | |
1220 | +}; | |
1221 | + | |
1222 | /* IP addresses which are persistant across SIGUSR1s */ | |
1223 | struct link_socket_addr | |
1224 | { | |
1225 | - struct sockaddr_in local; | |
1226 | - struct sockaddr_in remote; /* initial remote */ | |
1227 | - struct sockaddr_in actual; /* remote may change due to --float */ | |
1228 | + struct openvpn_sockaddr local; | |
1229 | + struct openvpn_sockaddr remote; /* initial remote */ | |
1230 | + struct link_socket_actual actual; /* reply to this address */ | |
1231 | }; | |
1232 | ||
1233 | struct link_socket_info | |
1234 | @@ -186,6 +203,9 @@ | |
1235 | struct buffer stream_buf_data; | |
1236 | bool stream_reset; | |
1237 | ||
1238 | +# define SF_USE_IP_PKTINFO (1<<0) | |
1239 | + unsigned int socket_flags; | |
1240 | + | |
1241 | #ifdef ENABLE_HTTP_PROXY | |
1242 | /* HTTP proxy */ | |
1243 | struct http_proxy_info *http_proxy; | |
1244 | @@ -194,7 +214,7 @@ | |
1245 | #ifdef ENABLE_SOCKS | |
1246 | /* Socks proxy */ | |
1247 | struct socks_proxy_info *socks_proxy; | |
1248 | - struct sockaddr_in socks_relay; /* Socks UDP relay address */ | |
1249 | + struct link_socket_actual socks_relay; /* Socks UDP relay address */ | |
1250 | #endif | |
1251 | ||
1252 | #if defined(ENABLE_HTTP_PROXY) || defined(ENABLE_SOCKS) | |
1253 | @@ -230,13 +250,13 @@ | |
1254 | ||
1255 | int socket_send_queue (struct link_socket *sock, | |
1256 | struct buffer *buf, | |
1257 | - const struct sockaddr_in *to); | |
1258 | + const struct link_socket_actual *to); | |
1259 | ||
1260 | int socket_finalize ( | |
1261 | SOCKET s, | |
1262 | struct overlapped_io *io, | |
1263 | struct buffer *buf, | |
1264 | - struct sockaddr_in *from); | |
1265 | + struct link_socket_actual *from); | |
1266 | ||
1267 | #else | |
1268 | ||
1269 | @@ -277,29 +297,41 @@ | |
1270 | int connect_retry_seconds, | |
1271 | int mtu_discover_type, | |
1272 | int rcvbuf, | |
1273 | - int sndbuf); | |
1274 | + int sndbuf, | |
1275 | + const unsigned int socket_flags); | |
1276 | ||
1277 | void link_socket_init_phase2 (struct link_socket *sock, | |
1278 | const struct frame *frame, | |
1279 | volatile int *signal_received); | |
1280 | ||
1281 | -void link_socket_post_fork (const struct link_socket *sock, | |
1282 | - const struct sockaddr_in *remote); | |
1283 | - | |
1284 | void socket_adjust_frame_parameters (struct frame *frame, int proto); | |
1285 | ||
1286 | void frame_adjust_path_mtu (struct frame *frame, int pmtu, int proto); | |
1287 | ||
1288 | void link_socket_close (struct link_socket *sock); | |
1289 | ||
1290 | -const char *print_sockaddr_ex (const struct sockaddr_in *addr, | |
1291 | - bool do_port, | |
1292 | +#define PS_SHOW_PORT_IF_DEFINED (1<<0) | |
1293 | +#define PS_SHOW_PORT (1<<1) | |
1294 | +#define PS_SHOW_PKTINFO (1<<2) | |
1295 | + | |
1296 | +const char *print_sockaddr_ex (const struct openvpn_sockaddr *addr, | |
1297 | const char* separator, | |
1298 | + const unsigned int flags, | |
1299 | struct gc_arena *gc); | |
1300 | ||
1301 | -const char *print_sockaddr (const struct sockaddr_in *addr, | |
1302 | + | |
1303 | +const char *print_sockaddr (const struct openvpn_sockaddr *addr, | |
1304 | struct gc_arena *gc); | |
1305 | ||
1306 | +const char *print_link_socket_actual_ex (const struct link_socket_actual *act, | |
1307 | + const char* separator, | |
1308 | + const unsigned int flags, | |
1309 | + struct gc_arena *gc); | |
1310 | + | |
1311 | +const char *print_link_socket_actual (const struct link_socket_actual *act, | |
1312 | + struct gc_arena *gc); | |
1313 | + | |
1314 | + | |
1315 | #define IA_EMPTY_IF_UNDEF (1<<0) | |
1316 | #define IA_NET_ORDER (1<<1) | |
1317 | const char *print_in_addr_t (in_addr_t addr, unsigned int flags, struct gc_arena *gc); | |
1318 | @@ -308,7 +340,7 @@ | |
1319 | #define SA_SET_IF_NONZERO (1<<1) | |
1320 | void setenv_sockaddr (struct env_set *es, | |
1321 | const char *name_prefix, | |
1322 | - const struct sockaddr_in *addr, | |
1323 | + const struct openvpn_sockaddr *addr, | |
1324 | const bool flags); | |
1325 | ||
1326 | void setenv_in_addr_t (struct env_set *es, | |
1327 | @@ -316,19 +348,24 @@ | |
1328 | in_addr_t addr, | |
1329 | const bool flags); | |
1330 | ||
1331 | +void setenv_link_socket_actual (struct env_set *es, | |
1332 | + const char *name_prefix, | |
1333 | + const struct link_socket_actual *act, | |
1334 | + const bool flags); | |
1335 | + | |
1336 | void bad_address_length (int actual, int expected); | |
1337 | ||
1338 | in_addr_t link_socket_current_remote (const struct link_socket_info *info); | |
1339 | ||
1340 | void link_socket_connection_initiated (const struct buffer *buf, | |
1341 | struct link_socket_info *info, | |
1342 | - const struct sockaddr_in *addr, | |
1343 | + const struct link_socket_actual *addr, | |
1344 | const char *common_name, | |
1345 | struct env_set *es); | |
1346 | ||
1347 | void link_socket_bad_incoming_addr (struct buffer *buf, | |
1348 | const struct link_socket_info *info, | |
1349 | - const struct sockaddr_in *from_addr); | |
1350 | + const struct link_socket_actual *from_addr); | |
1351 | ||
1352 | void link_socket_bad_outgoing_addr (void); | |
1353 | ||
1354 | @@ -349,7 +386,7 @@ | |
1355 | socket_descriptor_t create_socket_tcp (void); | |
1356 | ||
1357 | socket_descriptor_t socket_do_accept (socket_descriptor_t sd, | |
1358 | - struct sockaddr_in *remote, | |
1359 | + struct link_socket_actual *act, | |
1360 | const bool nowait); | |
1361 | ||
1362 | /* | |
1363 | @@ -440,33 +477,39 @@ | |
1364 | } | |
1365 | ||
1366 | static inline bool | |
1367 | -addr_defined (const struct sockaddr_in *addr) | |
1368 | +addr_defined (const struct openvpn_sockaddr *addr) | |
1369 | { | |
1370 | - return addr->sin_addr.s_addr != 0; | |
1371 | + return addr->sa.sin_addr.s_addr != 0; | |
1372 | } | |
1373 | ||
1374 | static inline bool | |
1375 | -addr_match (const struct sockaddr_in *a1, const struct sockaddr_in *a2) | |
1376 | +link_socket_actual_defined (const struct link_socket_actual *act) | |
1377 | { | |
1378 | - return a1->sin_addr.s_addr == a2->sin_addr.s_addr; | |
1379 | + return act && addr_defined (&act->dest); | |
1380 | +} | |
1381 | + | |
1382 | +static inline bool | |
1383 | +addr_match (const struct openvpn_sockaddr *a1, const struct openvpn_sockaddr *a2) | |
1384 | +{ | |
1385 | + return a1->sa.sin_addr.s_addr == a2->sa.sin_addr.s_addr; | |
1386 | } | |
1387 | ||
1388 | static inline in_addr_t | |
1389 | -addr_host (const struct sockaddr_in *s) | |
1390 | +addr_host (const struct openvpn_sockaddr *s) | |
1391 | { | |
1392 | - return ntohl (s->sin_addr.s_addr); | |
1393 | + return ntohl (s->sa.sin_addr.s_addr); | |
1394 | } | |
1395 | ||
1396 | static inline bool | |
1397 | -addr_port_match (const struct sockaddr_in *a1, const struct sockaddr_in *a2) | |
1398 | +addr_port_match (const struct openvpn_sockaddr *a1, const struct openvpn_sockaddr *a2) | |
1399 | { | |
1400 | - return a1->sin_addr.s_addr == a2->sin_addr.s_addr | |
1401 | - && a1->sin_port == a2->sin_port; | |
1402 | + return a1->sa.sin_addr.s_addr == a2->sa.sin_addr.s_addr | |
1403 | + && a1->sa.sin_port == a2->sa.sin_port; | |
1404 | } | |
1405 | ||
1406 | static inline bool | |
1407 | -addr_match_proto (const struct sockaddr_in *a1, | |
1408 | - const struct sockaddr_in *a2, | |
1409 | +addr_match_proto (const struct openvpn_sockaddr *a1, | |
1410 | + const struct openvpn_sockaddr *a2, | |
1411 | const int proto) | |
1412 | { | |
1413 | return link_socket_proto_connection_oriented (proto) | |
1414 | @@ -475,6 +518,12 @@ | |
1415 | } | |
1416 | ||
1417 | static inline bool | |
1418 | +link_socket_actual_match (const struct link_socket_actual *a1, const struct link_socket_actual *a2) | |
1419 | +{ | |
1420 | + return addr_port_match (&a1->dest, &a2->dest); | |
1421 | +} | |
1422 | + | |
1423 | +static inline bool | |
1424 | socket_connection_reset (const struct link_socket *sock, int status) | |
1425 | { | |
1426 | if (link_socket_connection_oriented (sock)) | |
1427 | @@ -497,17 +546,17 @@ | |
1428 | static inline bool | |
1429 | link_socket_verify_incoming_addr (struct buffer *buf, | |
1430 | const struct link_socket_info *info, | |
1431 | - const struct sockaddr_in *from_addr) | |
1432 | + const struct link_socket_actual *from_addr) | |
1433 | { | |
1434 | if (buf->len > 0) | |
1435 | { | |
1436 | - if (from_addr->sin_family != AF_INET) | |
1437 | + if (from_addr->dest.sa.sin_family != AF_INET) | |
1438 | return false; | |
1439 | - if (!addr_defined (from_addr)) | |
1440 | + if (!link_socket_actual_defined (from_addr)) | |
1441 | return false; | |
1442 | if (info->remote_float || !addr_defined (&info->lsa->remote)) | |
1443 | return true; | |
1444 | - if (addr_match_proto (from_addr, &info->lsa->remote, info->proto)) | |
1445 | + if (addr_match_proto (&from_addr->dest, &info->lsa->remote, info->proto)) | |
1446 | return true; | |
1447 | } | |
1448 | return false; | |
1449 | @@ -516,21 +565,18 @@ | |
1450 | static inline void | |
1451 | link_socket_get_outgoing_addr (struct buffer *buf, | |
1452 | const struct link_socket_info *info, | |
1453 | - struct sockaddr_in *addr) | |
1454 | + struct link_socket_actual **act) | |
1455 | { | |
1456 | if (buf->len > 0) | |
1457 | { | |
1458 | struct link_socket_addr *lsa = info->lsa; | |
1459 | - if (addr_defined (&lsa->actual)) | |
1460 | - { | |
1461 | - addr->sin_family = lsa->actual.sin_family; | |
1462 | - addr->sin_addr.s_addr = lsa->actual.sin_addr.s_addr; | |
1463 | - addr->sin_port = lsa->actual.sin_port; | |
1464 | - } | |
1465 | + if (link_socket_actual_defined (&lsa->actual)) | |
1466 | + *act = &lsa->actual; | |
1467 | else | |
1468 | { | |
1469 | link_socket_bad_outgoing_addr (); | |
1470 | buf->len = 0; | |
1471 | + *act = NULL; | |
1472 | } | |
1473 | } | |
1474 | } | |
1475 | @@ -538,7 +584,7 @@ | |
1476 | static inline void | |
1477 | link_socket_set_outgoing_addr (const struct buffer *buf, | |
1478 | struct link_socket_info *info, | |
1479 | - const struct sockaddr_in *addr, | |
1480 | + const struct link_socket_actual *act, | |
1481 | const char *common_name, | |
1482 | struct env_set *es) | |
1483 | { | |
1484 | @@ -548,14 +594,14 @@ | |
1485 | if ( | |
1486 | /* new or changed address? */ | |
1487 | (!info->connection_established | |
1488 | - || !addr_match_proto (addr, &lsa->actual, info->proto)) | |
1489 | + || !addr_match_proto (&act->dest, &lsa->actual.dest, info->proto)) | |
1490 | /* address undef or address == remote or --float */ | |
1491 | && (info->remote_float | |
1492 | || !addr_defined (&lsa->remote) | |
1493 | - || addr_match_proto (addr, &lsa->remote, info->proto)) | |
1494 | + || addr_match_proto (&act->dest, &lsa->remote, info->proto)) | |
1495 | ) | |
1496 | { | |
1497 | - link_socket_connection_initiated (buf, info, addr, common_name, es); | |
1498 | + link_socket_connection_initiated (buf, info, act, common_name, es); | |
1499 | } | |
1500 | } | |
1501 | } | |
1502 | @@ -592,7 +638,7 @@ | |
1503 | static inline int | |
1504 | link_socket_read_udp_win32 (struct link_socket *sock, | |
1505 | struct buffer *buf, | |
1506 | - struct sockaddr_in *from) | |
1507 | + struct link_socket_actual *from) | |
1508 | { | |
1509 | return socket_finalize (sock->sd, &sock->reads, buf, from); | |
1510 | } | |
1511 | @@ -602,7 +648,7 @@ | |
1512 | int link_socket_read_udp_posix (struct link_socket *sock, | |
1513 | struct buffer *buf, | |
1514 | int maxsize, | |
1515 | - struct sockaddr_in *from); | |
1516 | + struct link_socket_actual *from); | |
1517 | ||
1518 | #endif | |
1519 | ||
1520 | @@ -611,7 +657,7 @@ | |
1521 | link_socket_read (struct link_socket *sock, | |
1522 | struct buffer *buf, | |
1523 | int maxsize, | |
1524 | - struct sockaddr_in *from) | |
1525 | + struct link_socket_actual *from) | |
1526 | { | |
1527 | if (sock->info.proto == PROTO_UDPv4) | |
1528 | { | |
1529 | @@ -627,7 +673,7 @@ | |
1530 | else if (sock->info.proto == PROTO_TCPv4_SERVER || sock->info.proto == PROTO_TCPv4_CLIENT) | |
1531 | { | |
1532 | /* from address was returned by accept */ | |
1533 | - *from = sock->info.lsa->actual; | |
1534 | + from->dest.sa = sock->info.lsa->actual.dest.sa; | |
1535 | return link_socket_read_tcp (sock, buf); | |
1536 | } | |
1537 | else | |
1538 | @@ -643,14 +689,14 @@ | |
1539 | ||
1540 | int link_socket_write_tcp (struct link_socket *sock, | |
1541 | struct buffer *buf, | |
1542 | - struct sockaddr_in *to); | |
1543 | + struct link_socket_actual *to); | |
1544 | ||
1545 | #ifdef WIN32 | |
1546 | ||
1547 | static inline int | |
1548 | link_socket_write_win32 (struct link_socket *sock, | |
1549 | struct buffer *buf, | |
1550 | - struct sockaddr_in *to) | |
1551 | + struct link_socket_actual *to) | |
1552 | { | |
1553 | int err = 0; | |
1554 | int status = 0; | |
1555 | @@ -675,17 +721,26 @@ | |
1556 | static inline int | |
1557 | link_socket_write_udp_posix (struct link_socket *sock, | |
1558 | struct buffer *buf, | |
1559 | - struct sockaddr_in *to) | |
1560 | + struct link_socket_actual *to) | |
1561 | { | |
1562 | - return sendto (sock->sd, BPTR (buf), BLEN (buf), 0, | |
1563 | - (struct sockaddr *) to, | |
1564 | - (socklen_t) sizeof (*to)); | |
1565 | +#if ENABLE_IP_PKTINFO | |
1566 | + int link_socket_write_udp_posix_sendmsg (struct link_socket *sock, | |
1567 | + struct buffer *buf, | |
1568 | + struct link_socket_actual *to); | |
1569 | + | |
1570 | + if (sock->socket_flags & SF_USE_IP_PKTINFO) | |
1571 | + return link_socket_write_udp_posix_sendmsg (sock, buf, to); | |
1572 | + else | |
1573 | +#endif | |
1574 | + return sendto (sock->sd, BPTR (buf), BLEN (buf), 0, | |
1575 | + (struct sockaddr *) &to->dest.sa, | |
1576 | + (socklen_t) sizeof (to->dest.sa)); | |
1577 | } | |
1578 | ||
1579 | static inline int | |
1580 | link_socket_write_tcp_posix (struct link_socket *sock, | |
1581 | struct buffer *buf, | |
1582 | - struct sockaddr_in *to) | |
1583 | + struct link_socket_actual *to) | |
1584 | { | |
1585 | return send (sock->sd, BPTR (buf), BLEN (buf), MSG_NOSIGNAL); | |
1586 | } | |
1587 | @@ -695,7 +750,7 @@ | |
1588 | static inline int | |
1589 | link_socket_write_udp (struct link_socket *sock, | |
1590 | struct buffer *buf, | |
1591 | - struct sockaddr_in *to) | |
1592 | + struct link_socket_actual *to) | |
1593 | { | |
1594 | #ifdef WIN32 | |
1595 | return link_socket_write_win32 (sock, buf, to); | |
1596 | @@ -708,7 +763,7 @@ | |
1597 | static inline int | |
1598 | link_socket_write (struct link_socket *sock, | |
1599 | struct buffer *buf, | |
1600 | - struct sockaddr_in *to) | |
1601 | + struct link_socket_actual *to) | |
1602 | { | |
1603 | if (sock->info.proto == PROTO_UDPv4) | |
1604 | { | |
1605 | diff -ur openvpn-2.0_rc16/socks.c openvpn-2.0_rc16MH/socks.c | |
1606 | --- openvpn-2.0_rc16/socks.c 2005-01-09 17:46:29.000000000 -0700 | |
1607 | +++ openvpn-2.0_rc16MH/socks.c 2005-02-24 22:52:32.000000000 -0700 | |
1608 | @@ -149,7 +149,8 @@ | |
1609 | } | |
1610 | ||
1611 | static bool | |
1612 | -recv_socks_reply (socket_descriptor_t sd, struct sockaddr_in *addr, | |
1613 | +recv_socks_reply (socket_descriptor_t sd, | |
1614 | + struct openvpn_sockaddr *addr, | |
1615 | volatile int *signal_received) | |
1616 | { | |
1617 | char atyp = '\0'; | |
1618 | @@ -160,9 +161,9 @@ | |
1619 | ||
1620 | if (addr != NULL) | |
1621 | { | |
1622 | - addr->sin_family = AF_INET; | |
1623 | - addr->sin_addr.s_addr = htonl (INADDR_ANY); | |
1624 | - addr->sin_port = htons (0); | |
1625 | + addr->sa.sin_family = AF_INET; | |
1626 | + addr->sa.sin_addr.s_addr = htonl (INADDR_ANY); | |
1627 | + addr->sa.sin_port = htons (0); | |
1628 | } | |
1629 | ||
1630 | while (len < 4 + alen + 2) | |
1631 | @@ -249,8 +250,8 @@ | |
1632 | /* ATYP == 1 (IP V4 address) */ | |
1633 | if (atyp == '\x01' && addr != NULL) | |
1634 | { | |
1635 | - memcpy (&addr->sin_addr, buf + 4, sizeof (addr->sin_addr)); | |
1636 | - memcpy (&addr->sin_port, buf + 8, sizeof (addr->sin_port)); | |
1637 | + memcpy (&addr->sa.sin_addr, buf + 4, sizeof (addr->sa.sin_addr)); | |
1638 | + memcpy (&addr->sa.sin_port, buf + 8, sizeof (addr->sa.sin_port)); | |
1639 | } | |
1640 | ||
1641 | ||
1642 | @@ -311,7 +312,7 @@ | |
1643 | establish_socks_proxy_udpassoc (struct socks_proxy_info *p, | |
1644 | socket_descriptor_t ctrl_sd, /* already open to proxy */ | |
1645 | socket_descriptor_t udp_sd, | |
1646 | - struct sockaddr_in *relay_addr, | |
1647 | + struct openvpn_sockaddr *relay_addr, | |
1648 | volatile int *signal_received) | |
1649 | { | |
1650 | if (!socks_handshake (ctrl_sd, signal_received)) | |
1651 | @@ -353,7 +354,7 @@ | |
1652 | */ | |
1653 | void | |
1654 | socks_process_incoming_udp (struct buffer *buf, | |
1655 | - struct sockaddr_in *from) | |
1656 | + struct link_socket_actual *from) | |
1657 | { | |
1658 | int atyp; | |
1659 | ||
1660 | @@ -368,8 +369,8 @@ | |
1661 | if (atyp != 1) /* ATYP == 1 (IP V4) */ | |
1662 | goto error; | |
1663 | ||
1664 | - buf_read (buf, &from->sin_addr, sizeof (from->sin_addr)); | |
1665 | - buf_read (buf, &from->sin_port, sizeof (from->sin_port)); | |
1666 | + buf_read (buf, &from->dest.sa.sin_addr, sizeof (from->dest.sa.sin_addr)); | |
1667 | + buf_read (buf, &from->dest.sa.sin_port, sizeof (from->dest.sa.sin_port)); | |
1668 | ||
1669 | return; | |
1670 | ||
1671 | @@ -386,7 +387,7 @@ | |
1672 | */ | |
1673 | int | |
1674 | socks_process_outgoing_udp (struct buffer *buf, | |
1675 | - struct sockaddr_in *to) | |
1676 | + const struct link_socket_actual *to) | |
1677 | { | |
1678 | /* | |
1679 | * Get a 10 byte subset buffer prepended to buf -- | |
1680 | @@ -401,8 +402,8 @@ | |
1681 | buf_write_u16 (&head, 0); /* RSV = 0 */ | |
1682 | buf_write_u8 (&head, 0); /* FRAG = 0 */ | |
1683 | buf_write_u8 (&head, '\x01'); /* ATYP = 1 (IP V4) */ | |
1684 | - buf_write (&head, &to->sin_addr, sizeof (to->sin_addr)); | |
1685 | - buf_write (&head, &to->sin_port, sizeof (to->sin_port)); | |
1686 | + buf_write (&head, &to->dest.sa.sin_addr, sizeof (to->dest.sa.sin_addr)); | |
1687 | + buf_write (&head, &to->dest.sa.sin_port, sizeof (to->dest.sa.sin_port)); | |
1688 | ||
1689 | return 10; | |
1690 | } | |
1691 | diff -ur openvpn-2.0_rc16/socks.h openvpn-2.0_rc16MH/socks.h | |
1692 | --- openvpn-2.0_rc16/socks.h 2005-01-09 17:46:29.000000000 -0700 | |
1693 | +++ openvpn-2.0_rc16MH/socks.h 2005-02-24 22:52:11.000000000 -0700 | |
1694 | @@ -35,6 +35,9 @@ | |
1695 | ||
1696 | #include "buffer.h" | |
1697 | ||
1698 | +struct openvpn_sockaddr; | |
1699 | +struct link_socket_actual; | |
1700 | + | |
1701 | struct socks_proxy_info { | |
1702 | bool defined; | |
1703 | bool retry; | |
1704 | @@ -59,14 +62,14 @@ | |
1705 | void establish_socks_proxy_udpassoc (struct socks_proxy_info *p, | |
1706 | socket_descriptor_t ctrl_sd, /* already open to proxy */ | |
1707 | socket_descriptor_t udp_sd, | |
1708 | - struct sockaddr_in *relay_addr, | |
1709 | + struct openvpn_sockaddr *relay_addr, | |
1710 | volatile int *signal_received); | |
1711 | ||
1712 | void socks_process_incoming_udp (struct buffer *buf, | |
1713 | - struct sockaddr_in *from); | |
1714 | + struct link_socket_actual *from); | |
1715 | ||
1716 | int socks_process_outgoing_udp (struct buffer *buf, | |
1717 | - struct sockaddr_in *to); | |
1718 | + const struct link_socket_actual *to); | |
1719 | ||
1720 | #endif | |
1721 | #endif | |
1722 | diff -ur openvpn-2.0_rc16/ssl.c openvpn-2.0_rc16MH/ssl.c | |
2b9fb954 AZ |
1723 | --- openvpn-2.0_rc16/ssl.c.orig 2005-12-13 17:10:01.000000000 +0000 |
1724 | +++ openvpn-2.0_rc16MH/ssl.c 2006-04-06 20:23:48.000000000 +0000 | |
1725 | @@ -373,7 +373,7 @@ | |
27b50dc5 | 1726 | static void |
1727 | setenv_untrusted (struct tls_session *session) | |
1728 | { | |
1729 | - setenv_sockaddr (session->opt->es, "untrusted", &session->untrusted_sockaddr, SA_IP_PORT); | |
1730 | + setenv_link_socket_actual (session->opt->es, "untrusted", &session->untrusted_addr, SA_IP_PORT); | |
1731 | } | |
1732 | ||
1733 | static void | |
2b9fb954 | 1734 | @@ -1814,7 +1814,7 @@ |
27b50dc5 | 1735 | write_control_auth (struct tls_session *session, |
1736 | struct key_state *ks, | |
1737 | struct buffer *buf, | |
1738 | - struct sockaddr_in *to_link_addr, | |
1739 | + struct link_socket_actual **to_link_addr, | |
1740 | int opcode, | |
1741 | int max_ack, | |
1742 | bool prepend_ack) | |
2b9fb954 | 1743 | @@ -1822,7 +1822,7 @@ |
27b50dc5 | 1744 | uint8_t *header; |
1745 | struct buffer null = clear_buf (); | |
1746 | ||
1747 | - ASSERT (addr_defined (&ks->remote_addr)); | |
1748 | + ASSERT (link_socket_actual_defined (&ks->remote_addr)); | |
1749 | ASSERT (reliable_ack_write | |
1750 | (ks->rec_ack, buf, &ks->session_id_remote, max_ack, prepend_ack)); | |
1751 | ASSERT (session_id_write_prepend (&session->session_id, buf)); | |
2b9fb954 | 1752 | @@ -1834,7 +1834,7 @@ |
27b50dc5 | 1753 | openvpn_encrypt (buf, null, &session->tls_auth, NULL); |
1754 | ASSERT (swap_hmac (buf, &session->tls_auth, false)); | |
1755 | } | |
1756 | - *to_link_addr = ks->remote_addr; | |
1757 | + *to_link_addr = &ks->remote_addr; | |
1758 | } | |
1759 | ||
1760 | /* | |
2b9fb954 | 1761 | @@ -1843,7 +1843,7 @@ |
27b50dc5 | 1762 | static bool |
1763 | read_control_auth (struct buffer *buf, | |
1764 | const struct crypto_options *co, | |
1765 | - const struct sockaddr_in *from) | |
1766 | + const struct link_socket_actual *from) | |
1767 | { | |
1768 | struct gc_arena gc = gc_new (); | |
1769 | ||
2b9fb954 | 1770 | @@ -1856,7 +1856,7 @@ |
27b50dc5 | 1771 | { |
1772 | msg (D_TLS_ERRORS, | |
1773 | "TLS Error: cannot locate HMAC in incoming packet from %s", | |
1774 | - print_sockaddr (from, &gc)); | |
1775 | + print_link_socket_actual (from, &gc)); | |
1776 | gc_free (&gc); | |
1777 | return false; | |
1778 | } | |
2b9fb954 | 1779 | @@ -1868,7 +1868,7 @@ |
27b50dc5 | 1780 | { |
1781 | msg (D_TLS_ERRORS, | |
1782 | "TLS Error: incoming packet authentication failed from %s", | |
1783 | - print_sockaddr (from, &gc)); | |
1784 | + print_link_socket_actual (from, &gc)); | |
1785 | gc_free (&gc); | |
1786 | return false; | |
1787 | } | |
2b9fb954 | 1788 | @@ -2757,7 +2757,7 @@ |
27b50dc5 | 1789 | tls_process (struct tls_multi *multi, |
1790 | struct tls_session *session, | |
1791 | struct buffer *to_link, | |
1792 | - struct sockaddr_in *to_link_addr, | |
1793 | + struct link_socket_actual **to_link_addr, | |
1794 | struct link_socket_info *to_link_socket_info, | |
1795 | interval_t *wakeup) | |
1796 | { | |
2b9fb954 | 1797 | @@ -3151,7 +3151,7 @@ |
27b50dc5 | 1798 | bool |
1799 | tls_multi_process (struct tls_multi *multi, | |
1800 | struct buffer *to_link, | |
1801 | - struct sockaddr_in *to_link_addr, | |
1802 | + struct link_socket_actual **to_link_addr, | |
1803 | struct link_socket_info *to_link_socket_info, | |
1804 | interval_t *wakeup) | |
1805 | { | |
2b9fb954 | 1806 | @@ -3177,7 +3177,7 @@ |
27b50dc5 | 1807 | |
1808 | /* set initial remote address */ | |
1809 | if (i == TM_ACTIVE && ks->state == S_INITIAL && | |
1810 | - addr_defined (&to_link_socket_info->lsa->actual)) | |
1811 | + link_socket_actual_defined (&to_link_socket_info->lsa->actual)) | |
1812 | ks->remote_addr = to_link_socket_info->lsa->actual; | |
1813 | ||
1814 | dmsg (D_TLS_DEBUG, | |
2b9fb954 | 1815 | @@ -3186,17 +3186,30 @@ |
27b50dc5 | 1816 | state_name (ks->state), |
1817 | session_id_print (&session->session_id, &gc), | |
1818 | session_id_print (&ks->session_id_remote, &gc), | |
1819 | - print_sockaddr (&ks->remote_addr, &gc)); | |
1820 | + print_link_socket_actual (&ks->remote_addr, &gc)); | |
1821 | ||
1822 | - if (ks->state >= S_INITIAL && addr_defined (&ks->remote_addr)) | |
1823 | + if (ks->state >= S_INITIAL && link_socket_actual_defined (&ks->remote_addr)) | |
1824 | { | |
1825 | + struct link_socket_actual *tla = NULL; | |
1826 | + | |
1827 | update_time (); | |
1828 | ||
1829 | - if (tls_process (multi, session, to_link, to_link_addr, | |
1830 | + if (tls_process (multi, session, to_link, &tla, | |
1831 | to_link_socket_info, wakeup)) | |
1832 | active = true; | |
1833 | ||
1834 | /* | |
1835 | + * If tls_process produced an outgoing packet, | |
1836 | + * return the link_socket_actual object (which | |
1837 | + * contains the outgoing address). | |
1838 | + */ | |
1839 | + if (tla) | |
1840 | + { | |
1841 | + multi->to_link_addr = *tla; | |
1842 | + *to_link_addr = &multi->to_link_addr; | |
1843 | + } | |
1844 | + | |
1845 | + /* | |
1846 | * If tls_process hits an error: | |
1847 | * (1) If the session has an unexpired lame duck key, preserve it. | |
1848 | * (2) Reinitialize the session. | |
2b9fb954 | 1849 | @@ -3315,7 +3328,7 @@ |
27b50dc5 | 1850 | |
1851 | bool | |
1852 | tls_pre_decrypt (struct tls_multi *multi, | |
1853 | - struct sockaddr_in *from, | |
1854 | + const struct link_socket_actual *from, | |
1855 | struct buffer *buf, | |
1856 | struct crypto_options *opt) | |
1857 | { | |
2b9fb954 | 1858 | @@ -3357,7 +3370,7 @@ |
27b50dc5 | 1859 | if (DECRYPT_KEY_ENABLED (multi, ks) |
1860 | && key_id == ks->key_id | |
1861 | && ks->authenticated | |
1862 | - && addr_port_match(from, &ks->remote_addr)) | |
1863 | + && link_socket_actual_match (from, &ks->remote_addr)) | |
1864 | { | |
1865 | /* return appropriate data channel decrypt key in opt */ | |
1866 | opt->key_ctx_bi = &ks->key; | |
2b9fb954 | 1867 | @@ -3370,7 +3383,7 @@ |
27b50dc5 | 1868 | ks->n_bytes += buf->len; |
1869 | dmsg (D_TLS_DEBUG, | |
1870 | "TLS: data channel, key_id=%d, IP=%s", | |
1871 | - key_id, print_sockaddr (from, &gc)); | |
1872 | + key_id, print_link_socket_actual (from, &gc)); | |
1873 | gc_free (&gc); | |
1874 | return ret; | |
1875 | } | |
2b9fb954 | 1876 | @@ -3383,14 +3396,14 @@ |
27b50dc5 | 1877 | key_id, |
1878 | ks->key_id, | |
1879 | ks->authenticated, | |
1880 | - addr_port_match (from, &ks->remote_addr)); | |
1881 | + link_socket_actual_match (from, &ks->remote_addr)); | |
1882 | } | |
1883 | #endif | |
1884 | } | |
1885 | ||
1886 | msg (D_TLS_ERRORS, | |
1887 | "TLS Error: local/remote TLS keys are out of sync: %s [%d]", | |
1888 | - print_sockaddr (from, &gc), key_id); | |
1889 | + print_link_socket_actual (from, &gc), key_id); | |
1890 | goto error; | |
1891 | } | |
1892 | else /* control channel packet */ | |
2b9fb954 | 1893 | @@ -3404,7 +3417,7 @@ |
27b50dc5 | 1894 | { |
1895 | msg (D_TLS_ERRORS, | |
1896 | "TLS Error: unknown opcode received from %s op=%d", | |
1897 | - print_sockaddr (from, &gc), op); | |
1898 | + print_link_socket_actual (from, &gc), op); | |
1899 | goto error; | |
1900 | } | |
1901 | ||
2b9fb954 | 1902 | @@ -3419,7 +3432,7 @@ |
27b50dc5 | 1903 | { |
1904 | msg (D_TLS_ERRORS, | |
1905 | "TLS Error: client->client or server->server connection attempted from %s", | |
1906 | - print_sockaddr (from, &gc)); | |
1907 | + print_link_socket_actual (from, &gc)); | |
1908 | goto error; | |
1909 | } | |
1910 | } | |
2b9fb954 | 1911 | @@ -3428,7 +3441,7 @@ |
27b50dc5 | 1912 | * Authenticate Packet |
1913 | */ | |
1914 | dmsg (D_TLS_DEBUG, "TLS: control channel, op=%s, IP=%s", | |
1915 | - packet_opcode_name (op), print_sockaddr (from, &gc)); | |
1916 | + packet_opcode_name (op), print_link_socket_actual (from, &gc)); | |
1917 | ||
1918 | /* get remote session-id */ | |
1919 | { | |
2b9fb954 | 1920 | @@ -3438,7 +3451,7 @@ |
27b50dc5 | 1921 | { |
1922 | msg (D_TLS_ERRORS, | |
1923 | "TLS Error: session-id not found in packet from %s", | |
1924 | - print_sockaddr (from, &gc)); | |
1925 | + print_link_socket_actual (from, &gc)); | |
1926 | goto error; | |
1927 | } | |
1928 | } | |
2b9fb954 | 1929 | @@ -3455,9 +3468,9 @@ |
27b50dc5 | 1930 | state_name (ks->state), |
1931 | session_id_print (&session->session_id, &gc), | |
1932 | session_id_print (&sid, &gc), | |
1933 | - print_sockaddr (from, &gc), | |
1934 | + print_link_socket_actual (from, &gc), | |
1935 | session_id_print (&ks->session_id_remote, &gc), | |
1936 | - print_sockaddr (&ks->remote_addr, &gc)); | |
1937 | + print_link_socket_actual (&ks->remote_addr, &gc)); | |
1938 | ||
1939 | if (session_id_equal (&ks->session_id_remote, &sid)) | |
1940 | /* found a match */ | |
2b9fb954 | 1941 | @@ -3502,7 +3515,7 @@ |
27b50dc5 | 1942 | { |
1943 | msg (D_TLS_ERRORS, | |
2b9fb954 | 1944 | "TLS Error: Cannot accept new session request from %s due to session context expire or --single-session [1]", |
27b50dc5 | 1945 | - print_sockaddr (from, &gc)); |
1946 | + print_link_socket_actual (from, &gc)); | |
1947 | goto error; | |
1948 | } | |
1949 | ||
2b9fb954 | 1950 | @@ -3518,13 +3531,13 @@ |
27b50dc5 | 1951 | |
1952 | msg (D_TLS_DEBUG_LOW, | |
1953 | "TLS: Initial packet from %s, sid=%s", | |
1954 | - print_sockaddr (from, &gc), | |
1955 | + print_link_socket_actual (from, &gc), | |
1956 | session_id_print (&sid, &gc)); | |
1957 | ||
1958 | do_burst = true; | |
1959 | new_link = true; | |
1960 | i = TM_ACTIVE; | |
1961 | - session->untrusted_sockaddr = *from; | |
1962 | + session->untrusted_addr = *from; | |
1963 | } | |
1964 | } | |
1965 | ||
2b9fb954 | 1966 | @@ -3544,7 +3557,7 @@ |
27b50dc5 | 1967 | { |
1968 | msg (D_TLS_ERRORS, | |
2b9fb954 | 1969 | "TLS Error: Cannot accept new session request from %s due to session context expire or --single-session [2]", |
27b50dc5 | 1970 | - print_sockaddr (from, &gc)); |
1971 | + print_link_socket_actual (from, &gc)); | |
1972 | goto error; | |
1973 | } | |
1974 | ||
2b9fb954 | 1975 | @@ -3567,11 +3580,11 @@ |
27b50dc5 | 1976 | */ |
1977 | msg (D_TLS_DEBUG_LOW, | |
1978 | "TLS: new session incoming connection from %s", | |
1979 | - print_sockaddr (from, &gc)); | |
1980 | + print_link_socket_actual (from, &gc)); | |
1981 | ||
1982 | new_link = true; | |
1983 | i = TM_UNTRUSTED; | |
1984 | - session->untrusted_sockaddr = *from; | |
1985 | + session->untrusted_addr = *from; | |
1986 | } | |
1987 | else | |
1988 | { | |
2b9fb954 | 1989 | @@ -3585,7 +3598,7 @@ |
27b50dc5 | 1990 | { |
1991 | msg (D_TLS_ERRORS, | |
1992 | "TLS Error: Unroutable control packet received from %s (si=%d op=%s)", | |
1993 | - print_sockaddr (from, &gc), | |
1994 | + print_link_socket_actual (from, &gc), | |
1995 | i, | |
1996 | packet_opcode_name (op)); | |
1997 | goto error; | |
2b9fb954 | 1998 | @@ -3594,10 +3607,10 @@ |
27b50dc5 | 1999 | /* |
2000 | * Verify remote IP address | |
2001 | */ | |
2002 | - if (!new_link && !addr_port_match (&ks->remote_addr, from)) | |
2003 | + if (!new_link && !link_socket_actual_match (&ks->remote_addr, from)) | |
2004 | { | |
2005 | msg (D_TLS_ERRORS, "TLS Error: Received control packet from unexpected IP addr: %s", | |
2006 | - print_sockaddr (from, &gc)); | |
2007 | + print_link_socket_actual (from, &gc)); | |
2008 | goto error; | |
2009 | } | |
2010 | ||
2b9fb954 | 2011 | @@ -3659,11 +3672,11 @@ |
27b50dc5 | 2012 | ks->remote_addr = *from; |
2013 | ++multi->n_sessions; | |
2014 | } | |
2015 | - else if (!addr_port_match (&ks->remote_addr, from)) | |
2016 | + else if (!link_socket_actual_match (&ks->remote_addr, from)) | |
2017 | { | |
2018 | msg (D_TLS_ERRORS, | |
2019 | "TLS Error: Existing session control channel packet from unknown IP address: %s", | |
2020 | - print_sockaddr (from, &gc)); | |
2021 | + print_link_socket_actual (from, &gc)); | |
2022 | goto error; | |
2023 | } | |
2024 | ||
2b9fb954 | 2025 | @@ -3761,8 +3774,9 @@ |
27b50dc5 | 2026 | */ |
2027 | bool | |
2028 | tls_pre_decrypt_lite (const struct tls_auth_standalone *tas, | |
2029 | - const struct sockaddr_in *from, | |
2030 | + const struct link_socket_actual *from, | |
2031 | const struct buffer *buf) | |
2032 | + | |
2033 | { | |
2034 | struct gc_arena gc = gc_new (); | |
2035 | bool ret = false; | |
2b9fb954 | 2036 | @@ -3789,7 +3803,7 @@ |
27b50dc5 | 2037 | */ |
2038 | dmsg (D_TLS_STATE_ERRORS, | |
2039 | "TLS State Error: No TLS state for client %s, opcode=%d", | |
2040 | - print_sockaddr (from, &gc), | |
2041 | + print_link_socket_actual (from, &gc), | |
2042 | op); | |
2043 | goto error; | |
2044 | } | |
2b9fb954 | 2045 | @@ -3799,7 +3813,7 @@ |
27b50dc5 | 2046 | dmsg (D_TLS_STATE_ERRORS, |
2047 | "TLS State Error: Unknown key ID (%d) received from %s -- 0 was expected", | |
2048 | key_id, | |
2049 | - print_sockaddr (from, &gc)); | |
2050 | + print_link_socket_actual (from, &gc)); | |
2051 | goto error; | |
2052 | } | |
2053 | ||
2b9fb954 | 2054 | @@ -3808,7 +3822,7 @@ |
27b50dc5 | 2055 | dmsg (D_TLS_STATE_ERRORS, |
2056 | "TLS State Error: Large packet (size %d) received from %s -- a packet no larger than %d bytes was expected", | |
2057 | buf->len, | |
2058 | - print_sockaddr (from, &gc), | |
2059 | + print_link_socket_actual (from, &gc), | |
2060 | EXPANDED_SIZE_DYNAMIC (&tas->frame)); | |
2061 | goto error; | |
2062 | } | |
2063 | diff -ur openvpn-2.0_rc16/ssl.h openvpn-2.0_rc16MH/ssl.h | |
2064 | --- openvpn-2.0_rc16/ssl.h 2005-01-18 22:59:20.000000000 -0700 | |
2065 | +++ openvpn-2.0_rc16MH/ssl.h 2005-02-25 14:47:49.000000000 -0700 | |
2066 | @@ -345,8 +345,8 @@ | |
2067 | time_t must_die; /* this object is destroyed at this time */ | |
2068 | ||
2069 | int initial_opcode; /* our initial P_ opcode */ | |
2070 | - struct session_id session_id_remote; /* peer's random session ID */ | |
2071 | - struct sockaddr_in remote_addr; /* peer's IP addr */ | |
2072 | + struct session_id session_id_remote; /* peer's random session ID */ | |
2073 | + struct link_socket_actual remote_addr; /* peer's IP addr */ | |
2074 | struct packet_id packet_id; /* for data channel, to prevent replay attacks */ | |
2075 | ||
2076 | struct key_ctx_bi key; /* data channel keys for encrypt/decrypt/hmac */ | |
2077 | @@ -489,7 +489,7 @@ | |
2078 | bool verified; /* true if peer certificate was verified against CA */ | |
2079 | ||
2080 | /* not-yet-authenticated incoming client */ | |
2081 | - struct sockaddr_in untrusted_sockaddr; | |
2082 | + struct link_socket_actual untrusted_addr; | |
2083 | ||
2084 | struct key_state key[KS_SIZE]; | |
2085 | }; | |
2086 | @@ -536,6 +536,12 @@ | |
2087 | struct key_state *save_ks; /* temporary pointer used between pre/post routines */ | |
2088 | ||
2089 | /* | |
2090 | + * Used to return outgoing address from | |
2091 | + * tls_multi_process. | |
2092 | + */ | |
2093 | + struct link_socket_actual to_link_addr; | |
2094 | + | |
2095 | + /* | |
2096 | * Number of sessions negotiated thus far. | |
2097 | */ | |
2098 | int n_sessions; | |
2099 | @@ -591,19 +597,19 @@ | |
2100 | ||
2101 | bool tls_multi_process (struct tls_multi *multi, | |
2102 | struct buffer *to_link, | |
2103 | - struct sockaddr_in *to_link_addr, | |
2104 | + struct link_socket_actual **to_link_addr, | |
2105 | struct link_socket_info *to_link_socket_info, | |
2106 | interval_t *wakeup); | |
2107 | ||
2108 | void tls_multi_free (struct tls_multi *multi, bool clear); | |
2109 | ||
2110 | bool tls_pre_decrypt (struct tls_multi *multi, | |
2111 | - struct sockaddr_in *from, | |
2112 | + const struct link_socket_actual *from, | |
2113 | struct buffer *buf, | |
2114 | struct crypto_options *opt); | |
2115 | ||
2116 | bool tls_pre_decrypt_lite (const struct tls_auth_standalone *tas, | |
2117 | - const struct sockaddr_in *from, | |
2118 | + const struct link_socket_actual *from, | |
2119 | const struct buffer *buf); | |
2120 | ||
2121 | void tls_pre_encrypt (struct tls_multi *multi, | |
2122 | diff -ur openvpn-2.0_rc16/syshead.h openvpn-2.0_rc16MH/syshead.h | |
2123 | --- openvpn-2.0_rc16/syshead.h 2005-01-09 17:46:27.000000000 -0700 | |
2124 | +++ openvpn-2.0_rc16MH/syshead.h 2005-02-25 21:23:50.000000000 -0700 | |
2125 | @@ -291,6 +291,15 @@ | |
2126 | #endif | |
2127 | ||
2128 | /* | |
2129 | + * Does this platform support linux-style IP_PKTINFO? | |
2130 | + */ | |
2131 | +#if defined(ENABLE_MULTIHOME) && defined(HAVE_IN_PKTINFO) && defined(IP_PKTINFO) && defined(HAVE_MSGHDR) && defined(HAVE_CMSGHDR) && defined(HAVE_IOVEC) && defined(CMSG_FIRSTHDR) && defined(CMSG_NXTHDR) && defined(HAVE_RECVMSG) && defined(HAVE_SENDMSG) | |
2132 | +#define ENABLE_IP_PKTINFO 1 | |
2133 | +#else | |
2134 | +#define ENABLE_IP_PKTINFO 0 | |
2135 | +#endif | |
2136 | + | |
2137 | +/* | |
2138 | * Disable ESEC | |
2139 | */ | |
2140 | #if 0 |