summaryrefslogtreecommitdiffstats
path: root/route.c
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'feat_misc' into beta2.2David Sommerseth2010-11-181-22/+12
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: acinclude.m4 config-win32.h configure.ac misc.c thread.c thread.h - These conflicts was mainly due to feat_misc getting old and mostly caused by the pthread clean-up patches in feat_misc Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
| * Merged add_bypass_address() and add_host_route_if_nonlocal()David Sommerseth2010-11-181-22/+12
| | | | | | | | | | | | | | | | | | The add_host_route_if_nonlocal() function is too simple to really benefit from calling add_bypass_address() when this function is the only caller to this function. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net> Acked-by: Peter Stuge <peter@stuge.se>
* | Merge branch 'feat_misc' into beta2.2David Sommerseth2010-11-131-5/+3
|\| | | | | | | | | | | | | | | | | | | | | | | Conflicts: Makefile.am openvpn.8 options.c socket.c ssl.c - feat_misc is missing a lot of bugfix2.1 changes Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
| * Make "topology subnet" work on Solaris (ifconfig + route metric changes by ↵Gert Doering2010-11-121-5/+3
| | | | | | | | | | | | | | | | | | | | Kazuyoshi Aizawa, adding of local "connected subnet" route by me) Tested on OpenSolaris/i386, no impact for other TARGETs. Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Kazuyoshi Aizawa <admin2@whiteboard.ne.jp> Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* | Fix problem with special case route targets ('remote_host')Gert Doering2010-10-211-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The init_route() function will leave &netlist untouched for get_special_addr() routes ("remote_host" being one of them). netlist is on stack, contains random garbage, and netlist.len will not be 0 - thus, random stack data is copied from netlist.data[] until the route_list is full. This issue has been reported several places lately: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=600166 http://thread.gmane.org/gmane.network.openvpn.devel/4083 https://forums.openvpn.net/viewtopic.php?f=1&t=7201&p=8168 Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: David Sommerseth <dazo@users.sourceforge.net> Acked-by: James Yonan <james@openvpn.net> Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* | Implemented multi-address DNS expansion on the network field of routeJames Yonan2010-07-121-13/+40
| | | | | | | | | | | | | | | | | | | | | | | | commands. When only a single IP address is desired from a multi-address DNS expansion, use the first address rather than a random selection. Version 2.1.1l git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@6291 e7ae566f-a301-0410-adde-c780ea21d3b5
* | Implemented a key/value auth channel from client to server.James Yonan2010-06-011-1/+1
| | | | | | | | | | | | | | Version 2.1.1i git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5668 e7ae566f-a301-0410-adde-c780ea21d3b5
* | Updated copyright date to 2010.James Yonan2010-04-281-1/+1
|/ | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5599 e7ae566f-a301-0410-adde-c780ea21d3b5
* Eliminated the limitation on the number of options that can be pushedjames2009-09-271-1/+1
| | | | | | | | | | | | | to clients, including routes. Previously, all pushed options needed to fit within a 1024 byte options string. Remember that to make use of this feature to allow many routes to be pushed to clients, the client config file must specify the max-routes option, and the number of pushed routes cannot exceed this limit. Also, both server and client must include this commit. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4991 e7ae566f-a301-0410-adde-c780ea21d3b5
* The maximum number of "route" directives (specified in the configjames2009-09-171-9/+33
| | | | | | | | | | | | | | | | | file or pulled from a server) can now be configured via the new "max-routes" directive. Previously, the limit was set to 100 and fixed by a compile-time constant. Now the limit is dynamic and can be modified by the "max-routes" directive. If max-routes is not specified, the default limit is 100. Note that this change does not address the maximum size of the pushed options string sent from server to client, which is still controlled by the TLS_CHANNEL_BUF_SIZE compile-time constant. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4967 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added PLATFORM-SPECIFIC comment tag to platform-specific functionsjames2009-08-241-4/+4
| | | | | | | in route.c to make it easier to spot them. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4851 e7ae566f-a301-0410-adde-c780ea21d3b5
* Update copyright to 2009.james2009-05-301-1/+1
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4477 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added new 'autolocal' redirect-gateway flag. When enabled, the OpenVPNjames2009-05-241-23/+94
| | | | | | | | | | | | | | | | | | | | | | | | client will examine the routing table and determine whether (a) the OpenVPN server is reachable via a locally connected interface, or (b) traffic to the server must be forwarded through the default router. Only add a special bypass route for the OpenVPN server if (b) is true. If (a) is true, behave as if the 'local' flag is specified, and do not add a bypass route. The new 'autolocal' flag depends on the non-portable test_local_addr() function in route.c, which is currently only implemented for Windows. The 'autolocal' flag will act as a no-op on platforms that have not yet defined a test_local_addr() function. Increased TLS_CHANNEL_BUF_SIZE to 2048 from 1024 (this will allow for more option content to be pushed from server to client). Raised D_MULTI_DROPPED debug level to 4 from 3. Version 2.1_rc16b. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4446 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added "redirect-private" option which allows private subnetsjames2009-05-231-66/+72
| | | | | | | | | to be pushed to the client in such a way that they don't accidently obscure critical local addresses such as the DHCP server address and DNS server addresses. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4436 e7ae566f-a301-0410-adde-c780ea21d3b5
* Fixed some issues with C++ style comments that leaked into the code.james2009-01-271-1/+1
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3899 e7ae566f-a301-0410-adde-c780ea21d3b5
* * Added additional method parameter to --script-security to preservejames2008-11-171-2/+2
| | | | | | | | | | backward compatibility with system() call semantics used in OpenVPN 2.1_rc8 and earlier. To preserve backward compatibility use: script-security 3 system git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3495 e7ae566f-a301-0410-adde-c780ea21d3b5
* Copyright notice changed to reflect change in name ofjames2008-10-061-1/+1
| | | | | | | Telethra to OpenVPN Technologies. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3409 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added additional warnings to flag common gotchas:james2008-08-051-25/+51
| | | | | | | | | | | | | | | | | | | | | | * Warn when ethernet bridging that the IP address of the bridge adapter is probably not the same address that the LAN adapter was set to previously. * When running as a server, warn if the LAN network address is the all-popular 192.168.[0|1].x, since this condition commonly leads to subnet conflicts down the road. * Primarily on the client, check for subnet conflicts between the local LAN and the VPN subnet. Added a 'netmask' parameter to get_default_gateway, to return the netmask of the adapter containing the default gateway. Only implemented on Windows so far. Other platforms will return 255.255.255.0. Currently the netmask information is only used to warn about subnet conflicts. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3179 e7ae566f-a301-0410-adde-c780ea21d3b5
* Fixed minor issue with --redirect-gateway bypass-dhcp or bypass-dnsjames2008-08-041-1/+1
| | | | | | | | on Windows. If the bypass IP address is 0.0.0.0 or 255.255.255.255, ignore it. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3177 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added "--server-bridge" (without parameters) to enablejames2008-08-021-0/+10
| | | | | | | | | | | | | | | | | | | DHCP proxy mode: Configure server mode for ethernet bridging using a DHCP-proxy, where clients talk to the OpenVPN server-side DHCP server to receive their IP address allocation and DNS server addresses. Added "--route-gateway dhcp", to enable the extraction of the gateway address from a DHCP negotiation with the OpenVPN server-side LAN. Modified client.conf and server.conf to reflect new option modes. Incremented version to 2.1_rc9a. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3164 e7ae566f-a301-0410-adde-c780ea21d3b5
* Perform additional input validation on options pulledjames2008-07-261-16/+38
| | | | | | | by client from server. Fixes --iproute vulnerability. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3126 e7ae566f-a301-0410-adde-c780ea21d3b5
* Fixed compiler warnings in Windows build (MinGW).james2008-07-261-1/+1
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3125 e7ae566f-a301-0410-adde-c780ea21d3b5
* Completely revamped the system for calling external programs and scripts:james2008-07-261-70/+89
| | | | | | | | | | | | | | | | | | | | | | * All external programs and scripts are now called by execve() on unix and CreateProcess on Windows. * The system() function is no longer used. * Argument lists for external programs and scripts are now built by the new argv_printf function which natively outputs to string arrays (i.e. char *argv[] lists), never truncates its output, and eliminates the security issues inherent in formatting and parsing command lines, and dealing with argument quoting. * The --script-security directive has been added to offer policy controls on OpenVPN's execution of external programs and scripts. Also added a new plugin example (openvpn/plugin/examples/log.c) that logs information to stdout for every plugin method called by OpenVPN. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3122 e7ae566f-a301-0410-adde-c780ea21d3b5
* Copyright change OpenVPN Solutions LLC -> Telethra, Inc.james2008-07-141-1/+1
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3048 e7ae566f-a301-0410-adde-c780ea21d3b5
* Updated copyright notice to 2008.james2008-06-111-1/+1
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2995 e7ae566f-a301-0410-adde-c780ea21d3b5
* Moved branch into official BETA21 position.james2008-05-121-7/+28
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2959 e7ae566f-a301-0410-adde-c780ea21d3b5
* Allow OpenVPN to run completely unprivileged under Linuxjames2008-01-211-2/+4
| | | | | | | | | | by allowing openvpn --mktun to be used with --user and --group to set the UID/GID of the tun device node. Also added --iproute option to allow an alternative command to be executed in place of the default iproute2 command (Alon Bar-Lev). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2639 e7ae566f-a301-0410-adde-c780ea21d3b5
* Worked around an incompatibility in the Windows Vistajames2007-02-281-7/+25
| | | | | | | | | | version of CreateIpForwardEntry as described in http://www.nynaeve.net/?p=59 This issue would cause route additions using the IP Helper API to fail on Vista. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1748 e7ae566f-a301-0410-adde-c780ea21d3b5
* New try at AUTO_USERID.james2006-11-131-0/+149
| | | | | | | | | | | | | | Implemented AUTO_USERID using MD5(MAC address(primary network adapter)). Currently implemented for Linux and Windows. Basically if ENABLE_AUTO_USERID is defined, the --auth-user-pass option will not prompt for username/password, but will rather generate a unique username and blank password. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1459 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added --route-metric option to set a default route metricjames2006-04-131-3/+10
| | | | | | | for --route (Roy Marples). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1011 e7ae566f-a301-0410-adde-c780ea21d3b5
* svn merge -r 886:987 $SO/trunk/openvpn .james2006-04-051-0/+2
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@991 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added new option --route-method adaptive (Win32)james2005-12-221-2/+24
| | | | | | | | | which tries IP helper API first, then falls back to route.exe. Made --route-method adaptive the default. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@858 e7ae566f-a301-0410-adde-c780ea21d3b5
* Patch to support --topology subnet on Mac OS X (Mathias Sundman).james2005-12-051-2/+1
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@832 e7ae566f-a301-0410-adde-c780ea21d3b5
* svn merge -r 760:764 $SO/trunk/openvpnjames2005-11-031-3/+11
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@766 e7ae566f-a301-0410-adde-c780ea21d3b5
* Windows reliability changes:james2005-10-311-0/+2
| | | | | | | | | | | * Added code to make sure that the local PATH environmental variable points to the Windows system32 directory. * Added new --ip-win32 adaptive mode which tries 'dynamic' and then fails over to 'netsh' if the DHCP negotiation fails. * Made --ip-win32 adaptive the default. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@739 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added actual remote address used to the ">STATE" alertjames2005-10-201-0/+1
| | | | | | | in the management interface (Rolf Fokkens). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@701 e7ae566f-a301-0410-adde-c780ea21d3b5
* Modified get_default_gateway code for Linuxjames2005-10-201-13/+27
| | | | | | | | to return the route with the smallest metric if multiple 0.0.0.0/0.0.0.0 entries are present. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@692 e7ae566f-a301-0410-adde-c780ea21d3b5
* Modified get_default_gateway code for Windowsjames2005-10-201-10/+17
| | | | | | | | to return the route with the smallest metric if multiple 0.0.0.0/0.0.0.0 entries are present. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@691 e7ae566f-a301-0410-adde-c780ea21d3b5
* version 2.1_beta1james2005-09-261-36/+217
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@581 e7ae566f-a301-0410-adde-c780ea21d3b5
* This is the start of the BETA21 branch.james2005-09-261-0/+1776
It includes the --topology feature, and TAP-Win32 driver changes to allow non-admin access. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@580 e7ae566f-a301-0410-adde-c780ea21d3b5
generated by cgit (git 2.34.1) at 2024-05-04 09:07:49 +0000