summaryrefslogtreecommitdiffstats
path: root/socket.c
Commit message (Collapse)AuthorAgeFilesLines
* fix ipv6 compilation under macosx >= 1070 - v3JuanJo Ciarlante2011-09-211-2/+1
| | | | | | | | | | | | | - use __APPLE_USE_RFC_3542 for macosx build environment >= 1070 - define SOL_IP from IPPROTO_IP if it's missing In Linux man 7 ip says: "Using SOL_IP socket options level isn't portable, BSD-based stacks use IPPROTO_IP level." Signed-off-by: JuanJo Ciarlante <jjo+ml@google.com> Tested-by: Eric F Crist <ecrist@secure-computing.net> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* add --mark option to set SO_MARK sockoptHeiko Hund2011-08-311-0/+13
| | | | | | Signed-off-by: Heiko Hund <heiko.hund@sophos.com> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* USE_PF_INET6 by default for v2.3JuanJo Ciarlante2011-08-251-106/+6
| | | | | | | | | | | | | | | | | - put all #ifdef'd code in place, kill the cpp symbol, - thus in v2.3 it's not actually possible to --disable-ipv6 :) RATIONALE: #1 some wacky compilers choke on #ifdef'd constructions for concatenated strings, and given that: #2 v2.3 has already transport ipv6 by default => doesn't justify putting effort on #1 to keep USE_PF_INET6 ifdef wraps. Signed-off-by: JuanJo Ciarlante <jjo+ml@google.com> Signed-off-by: Samuli Seppänen <samuli@openvpn.net> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* Replace 32-bit-based add_in6_addr() implementation by an 8-bit based oneGert Doering2011-08-251-18/+16
| | | | | | | | | | Windows has no 32-bit accessor to the union inside "struct in6_addr", and the 8-bit accessor is the only common denominator across BSD, Solaris, Linux and Windows... Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Samuli Seppänen <samuli@openvpn.net> Signed-off-by: David Sommerseth <davids@redhat.com>
* Fix a Visual Studio 2008 build issue in socket.cSamuli Seppänen2011-08-251-1/+2
| | | | | | | Signed-off-by: Gert Doering <gert@greenie.muc.de> Signed-off-by: Samuli Seppänen <samuli@openvpn.net> Acked-by: Gert Doering <gert@greenie.muc.de> Signed-off-by: David Sommerseth <davids@redhat.com>
* Fixed a number of fatal build errors on Visual Studio 2008Samuli Seppänen2011-08-251-0/+4
| | | | | | | | | | Partially fixes ticket #137 Signed-off-by: Gert Doering <gert@greenie.muc.de> Signed-off-by: Samuli Seppänen <samuli@openvpn.net> Tested-by: Samuli Seppänen <samuli@openvpn.net> Acked-by: Gert Doering <gert@greenie.muc.de> Signed-off-by: David Sommerseth <davids@redhat.com>
* Merge branch 'svn-branch-2.1' into mergeDavid Sommerseth2011-04-261-15/+19
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Pulling in changes from James' 2.1/openvpn branch in SVN. Conflicts: buffer.c init.c manage.h multi.c openvpn.8 options.c ssl.c version.m4 win/sign.py Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
| * Reduce log verbosity at level 3, with a focus on removing excessive log ↵James Yonan2011-04-251-15/+19
| | | | | | | | | | | | | | | | verbosity generated by port-share activity. Version 2.1.3k git-svn-id: http://svn.openvpn.net/projects/branches/BETA21@7033 e7ae566f-a301-0410-adde-c780ea21d3b5
* | Merge branch 'feat_ipv6_payload'David Sommerseth2011-04-251-0/+119
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: options.c - feat_ipv6_payload and feat_ip6_transport both updates this file with presence information Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
| * | rebased to 2.2RC2 (beta 2.2 branch)Gert Doering2011-04-241-3/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | removed mutex locking stuff (no more threading in 2.2) fixed rebase/merge artifacts in mroute.c add current ChangeLog.IPv6 and TODO.IPv6 to commit tag as ipv6-20110424-2 Signed-off-by: Gert Doering <gert@greenie.muc.de>
| * | * make ipv6_payload compile under windowzeJuanJo Ciarlante2011-04-241-0/+52
| | | | | | | | | | | | | | | | | | | | | - create inet_ntop() and inet_pton() wrap-implementations using WSAAddressToString() and WSAStringToAddress() functions - add relevant win32-only headers to syshead.h NOTE: syshead.h changes are already included in ipv6_transport
| * | Enable IPv6 Payload in OpenVPN p2mp tun server mode. 20100104-1 release.Gert Doering2011-04-241-0/+70
| | | | | | | | | | | | (cherry picked from commit ec9dce6387afd198881493bfebf13bb121e8a56b)
* | | * ipv6-0.4.16: fix mingw32 buildJuanJo Ciarlante2011-03-271-0/+4
| | |
* | | * ipv6-0.4.15b: rebase over openvpn-testing-masterJuanJo Ciarlante2011-03-271-12/+14
| | |
* | | * ipv6-0.4.15: add --multihome support to xBSDJuanJo Ciarlante2011-03-251-1/+44
| | | | | | | | | | | | | | | - _both_ for IPv4 (which was missing) and for IPv6 - tested on OpenBSD 4.7, FreeBSD 8.1
* | | * ipv6-0.4.14: fix xinetd usage:JuanJo Ciarlante2011-03-251-2/+34
| | | | | | | | | | | | | | | | | | - closes http://bugs.debian.org/574164 - also needed for --disable-ipv6 builds - supports IPv6 from xinetd
* | | * fix --multihome for ipv6: IPV6_RECVPKTINFOJuanJo Ciarlante2011-03-251-10/+17
| | | | | | | | | | | | | | | | | | - setsockopt IPV6_RECVPKTINFO (not IPV6_PKTINFO!) - do check for setsockopt() failures - append %<iface> in INFO msg
* | | * fix --multihome for ipv4: cmsg_len must compare against in_pktinfoJuanJo Ciarlante2011-03-251-13/+14
| | | | | | | | | | | | size, not the full 4+6 union, also use saner variable names.
* | | * polished redirect-gateway (ipv4 on ipv6 endpoints) supportJuanJo Ciarlante2011-03-251-1/+1
| | |
* | | * (prototype) fix for supporting "redirect-gateway" for tunneled ipv4 over ↵JuanJo Ciarlante2011-03-251-1/+1
| | | | | | | | | | | | ipv6 endpoints
* | | * no new funcionality, just small cleanups:JuanJo Ciarlante2011-03-251-36/+11
| | | | | | | | | | | | | | | | | | - cmdline options help: add tcp6/udp6 missing messages - win32: expand usage of proto_is_udp(), proto_is_tcp() - replace some memset(&obj, 0, sizeof obj) by openvpn's CLEAR(obj)
* | | * fixed segfault for undef address family in print_sockaddr_ex (thanks Marcel!)JuanJo Ciarlante2011-03-251-4/+4
| | |
* | | * socket.c: better buf logic in print_sockaddr_exJuanJo Ciarlante2011-03-251-3/+3
| | |
* | | * fix multi-tcp crash (corrected assertion)JuanJo Ciarlante2011-03-251-1/+5
| | |
* | | * correctly setup hints.ai_socktype for getaddrinfo(),JuanJo Ciarlante2011-03-251-6/+10
| | | | | | | | | | | | althought sorta hacky, see TODO.ipv6.
* | | * ipv6 on win32 "milestone": 1st snapshot that passes all unittestsJuanJo Ciarlante2011-03-251-9/+86
| | |
* | | * fixed win32 non-ipv6 buildJuanJo Ciarlante2011-03-251-7/+9
| | |
* | | * important fix for tcp6 reconnectionJuanJo Ciarlante2011-03-251-1/+14
| | | | | | | | | | | | was incorrectly creating a PF_INET socket
* | | * support --disable-ipv6 build properly:JuanJo Ciarlante2011-03-251-26/+33
| | | | | | | | | | | | | | | - tests now are pass (and fail) properly for ipv6/4 builds * more GNU indenting
* | | * socket.c: use USE_PF_INET6 in switch constructs to actually toss them out,JuanJo Ciarlante2011-03-251-206/+226
| | | | | | | | | | | | GNU indentation for my deltas
* | | * migrated all getaddrinfo() to getaddr6JuanJo Ciarlante2011-03-251-133/+101
| | | | | | | | | | | | * tests Ok: {loopback,remote}{udp,tcp}{4,6}
* | | * created getaddr6(), use it from resolve_remote()JuanJo Ciarlante2011-03-251-15/+265
| | | | | | | | | | | | | | | next: merge ipv{4,6} signal logic into one inside resolve_remote() * passes {loopback,remote}{udp,tcp}{4,6} tests
* | | * rebased openvpn-2.1_rc1b.jjo.20061206.d.patchJuanJo Ciarlante2011-03-251-103/+490
|/ / | | | | | | | | * passes {udp,tcp}x{v4,v6} loopback tests * passes {udp,tcp}x{v6} remote tests
* | Extend the v3 plug-in API to send over X509 certificatesDavid Sommerseth2011-03-251-1/+1
| | | | | | | | | | | | | | | | | | The certificates sent to the plug-in API will only happen during the OPENVPN_PLUGIN_TLS_VERIFY phase and will contain a pointer to the OpenSSL X509 certificate data. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net> Acked-by: James Yonan <james@openvpn.net>
* | Merge branch 'feat_misc' into beta2.2David Sommerseth2010-11-181-7/+0
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: acinclude.m4 config-win32.h configure.ac misc.c thread.c thread.h - These conflicts was mainly due to feat_misc getting old and mostly caused by the pthread clean-up patches in feat_misc Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
| * | Clean-up: Remove pthread and mutex locking codeDavid Sommerseth2010-11-141-7/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This code was not activated at all, and hard coded as disabled in syshead.h with this code snippet: /* * Pthread support is currently experimental (and quite unfinished). */ #if 1 /* JYFIXME -- if defined, disable pthread */ #undef USE_PTHREAD #endif So no matter if --enable-pthread when running ./configure or not, this feature was never enabled in reality. Further, by removing the blocker code above made OpenVPN uncompilable in the current state. As the threading part needs to be completely rewritten and pthreading will not be supported in OpenVPN 2.x, removing this code seems most reasonable. In addition, a lot of mutex locking code was also removed, as they were practically NOP functions, due to pthreading being forcefully disabled Signed-off-by: David Sommerseth <dazo@users.sourceforge.net> Acked-by: James Yonan <james@openvpn.net>
| * | Revamped the script-security warning logging (version 2)David Sommerseth2010-04-291-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The main task of this patch is to avoid reporting the SCRIPT_SECURITY_WARNING over and over again, in addition to not show this warning when it should not be a problem. This general warning should now only appear once, and only when --script-security is not set, 0 or 1. In all other cases this warning should not appear. In addition, this warning will come close to the script-hook which most probably will fail. It will also give a little bit more concrete hint on which script-hook which failed. If --script-security is 2 or 3, only the execve failure itself will be shown. This message will on the other hand be shown repeatedly. This is a new rewritten version which simplifies the implementaion of the new openvpn_run_script() function. It was considered to remove it completely, but due to code clearity and easy of use it was decided to make this function a static inline function instead. Anyhow, this function will enforce openvpn_execve_check() to be called with the S_SCRIPT flag. Patch ACKed on the developers meeting 2009-04-29. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net> Acked-by: James Yonan <james@openvpn.net>
| * | Do not randomize resolving of IP addresses in getaddr()David Sommerseth2010-02-181-3/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Based on a discussion on the mailing list and in the IRC meeting Feb 18, it was decided to remove get_random() from the getaddr() function as that can conflict with round-robin/randomization done by DNS servers. This change must be documented in the release notes. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* | | Revamped the script-security warning logging (version 2)David Sommerseth2010-10-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The main task of this patch is to avoid reporting the SCRIPT_SECURITY_WARNING over and over again, in addition to not show this warning when it should not be a problem. This general warning should now only appear once, and only when --script-security is not set, 0 or 1. In all other cases this warning should not appear. In addition, this warning will come close to the script-hook which most probably will fail. It will also give a little bit more concrete hint on which script-hook which failed. If --script-security is 2 or 3, only the execve failure itself will be shown. This message will on the other hand be shown repeatedly. This is a new rewritten version which simplifies the implementaion of the new openvpn_run_script() function. It was considered to remove it completely, but due to code clearity and easy of use it was decided to make this function a static inline function instead. Anyhow, this function will enforce openvpn_execve_check() to be called with the S_SCRIPT flag. Patch ACKed on the developers meeting 2009-04-29. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net> Acked-by: James Yonan <james@openvpn.net>
* | | Debian patch: Fix spelling in log messageAlberto Gonzalez Iniesta2010-10-211-1/+1
| |/ |/| | | | | | | Signed-off-by: David Sommerseth <dazo@users.sourceforge.net> Acked-by: David Sommerseth <dazo@users.sourceforge.net>
* | Fixed typo: missing comment close.James Yonan2010-07-261-1/+1
| | | | | | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@6347 e7ae566f-a301-0410-adde-c780ea21d3b5
* | Implemented multi-address DNS expansion on the network field of routeJames Yonan2010-07-121-2/+32
| | | | | | | | | | | | | | | | | | | | | | | | commands. When only a single IP address is desired from a multi-address DNS expansion, use the first address rather than a random selection. Version 2.1.1l git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@6291 e7ae566f-a301-0410-adde-c780ea21d3b5
* | Fixed issue on Windows with MSVC compiler, where TCP_NODELAY supportJames Yonan2010-05-091-1/+1
| | | | | | | | | | | | | | was not being compiled in. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5620 e7ae566f-a301-0410-adde-c780ea21d3b5
* | Updated copyright date to 2010.James Yonan2010-04-281-1/+1
| | | | | | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5599 e7ae566f-a301-0410-adde-c780ea21d3b5
* | Set socket buffers (SO_SNDBUF and SO_RCVBUF) immediately afterJames Yonan2010-03-301-3/+4
|/ | | | | | | | | socket is created rather than waiting until after connect/listen. Version 2.1.1d git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5514 e7ae566f-a301-0410-adde-c780ea21d3b5
* Added --remote-random-hostname option.james2009-08-221-5/+28
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4843 e7ae566f-a301-0410-adde-c780ea21d3b5
* Update copyright to 2009.james2009-05-301-1/+1
| | | | git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4477 e7ae566f-a301-0410-adde-c780ea21d3b5
* Allow "management-client" directive to be usedjames2009-04-101-0/+10
| | | | | | | with unix domain sockets. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4128 e7ae566f-a301-0410-adde-c780ea21d3b5
* Copyright notice changed to reflect change in name ofjames2008-10-061-1/+1
| | | | | | | Telethra to OpenVPN Technologies. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3409 e7ae566f-a301-0410-adde-c780ea21d3b5
* Management interface can now listen on a unixjames2008-09-301-0/+122
| | | | | | | | | | | | | domain socket, for example: management /tmp/openvpn unix Also added management-client-user and management-client-group directives to control which processes are allowed to connect to the socket. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3396 e7ae566f-a301-0410-adde-c780ea21d3b5
generated by cgit (git 2.34.1) at 2024-11-16 15:18:59 +0000