#include "syshead.h"#include "forward.h"#include "init.h"#include "push.h"#include "gremlin.h"#include "mss.h"#include "event.h"#include "occ.h"#include "pf.h"#include "ping.h"#include "ps.h"#include "dhcp.h"#include "common.h"#include "ssl_verify.h"#include "memdbg.h"#include "mstats.h"
Go to the source code of this file.
Macros | |
| #define | MAX_ICMPV6LEN 1280 |
Functions | |
| static void | check_tls (struct context *c) |
| static void | check_tls_errors (struct context *c) |
| static void | check_incoming_control_channel (struct context *c) |
| static void | check_connection_established (struct context *c) |
| static void | check_add_routes (struct context *c) |
| static void | check_inactivity_timeout (struct context *c) |
| static void | check_server_poll_timeout (struct context *c) |
| static void | check_scheduled_exit (struct context *c) |
| static void | check_status_file (struct context *c) |
| static void | check_fragment (struct context *c) |
| static void | check_push_request (struct context *c) |
| static void | check_packet_id_persist_flush (struct context *c) |
| static void | context_immediate_reschedule (struct context *c) |
| static void | context_reschedule_sec (struct context *c, int sec) |
| void | check_tls_dowork (struct context *c) |
| void | check_tls_errors_co (struct context *c) |
| void | check_tls_errors_nco (struct context *c) |
| void | check_incoming_control_channel_dowork (struct context *c) |
| void | check_push_request_dowork (struct context *c) |
| void | check_connection_established_dowork (struct context *c) |
| bool | send_control_channel_string (struct context *c, const char *str, int msglevel) |
| static void | check_add_routes_action (struct context *c, const bool errors) |
| void | check_add_routes_dowork (struct context *c) |
| void | check_inactivity_timeout_dowork (struct context *c) |
| int | get_server_poll_remaining_time (struct event_timeout *server_poll_timeout) |
| void | check_server_poll_timeout_dowork (struct context *c) |
| void | schedule_exit (struct context *c, const int n_seconds, const int signal) |
| void | check_scheduled_exit_dowork (struct context *c) |
| void | check_status_file_dowork (struct context *c) |
| void | check_fragment_dowork (struct context *c) |
| static void | buffer_turnover (const uint8_t *orig_buf, struct buffer *dest_stub, struct buffer *src_stub, struct buffer *storage) |
| void | encrypt_sign (struct context *c, bool comp_frag) |
| Process a data channel packet that will be sent through a VPN tunnel. More... | |
| static void | process_coarse_timers (struct context *c) |
| static void | check_coarse_timers_dowork (struct context *c) |
| static void | check_coarse_timers (struct context *c) |
| static void | check_timeout_random_component_dowork (struct context *c) |
| static void | check_timeout_random_component (struct context *c) |
| static void | socks_postprocess_incoming_link (struct context *c) |
| static void | socks_preprocess_outgoing_link (struct context *c, struct link_socket_actual **to_addr, int *size_delta) |
| static void | link_socket_write_post_size_adjust (int *size, int size_delta, struct buffer *buf) |
| void | read_incoming_link (struct context *c) |
| Read a packet from the external network interface. More... | |
| bool | process_incoming_link_part1 (struct context *c, struct link_socket_info *lsi, bool floated) |
| Starts processing a packet read from the external network interface. More... | |
| void | process_incoming_link_part2 (struct context *c, struct link_socket_info *lsi, const uint8_t *orig_buf) |
| Continues processing a packet read from the external network interface. More... | |
| static void | process_incoming_link (struct context *c) |
| void | read_incoming_tun (struct context *c) |
| Read a packet from the virtual tun/tap network interface. More... | |
| static void | drop_if_recursive_routing (struct context *c, struct buffer *buf) |
| Drops UDP packets which OS decided to route via tun. More... | |
| void | process_incoming_tun (struct context *c) |
| Process a packet read from the virtual tun/tap network interface. More... | |
| void | ipv6_send_icmp_unreachable (struct context *c, struct buffer *buf, bool client) |
| Forges a IPv6 ICMP packet with a no route to host error code from the IPv6 packet in buf and sends it directly back to the client via the tun device when used on a client and via the link if used on the server. More... | |
| void | process_ip_header (struct context *c, unsigned int flags, struct buffer *buf) |
| void | process_outgoing_link (struct context *c) |
| Write a packet to the external network interface. More... | |
| void | process_outgoing_tun (struct context *c) |
| Write a packet to the virtual tun/tap network interface. More... | |
| void | pre_select (struct context *c) |
| void | io_wait_dowork (struct context *c, const unsigned int flags) |
| void | process_io (struct context *c) |
Variables | |
| counter_type | link_read_bytes_global |
| counter_type | link_write_bytes_global |
Macro Definition Documentation
◆ MAX_ICMPV6LEN
| #define MAX_ICMPV6LEN 1280 |
Referenced by ipv6_send_icmp_unreachable().
Function Documentation
◆ buffer_turnover()
|
inlinestatic |
Definition at line 657 of file forward.c.
References buf_assign(), and buffer::data.
Referenced by encrypt_sign(), and process_incoming_link_part2().
◆ check_add_routes()
|
inlinestatic |
Definition at line 160 of file forward.c.
References context::c2, check_add_routes_dowork(), ETT_DEFAULT, event_timeout_trigger(), context_2::route_wakeup, and context_2::timeval.
Referenced by process_coarse_timers().
◆ check_add_routes_action()
Definition at line 508 of file forward.c.
References context::c1, context::c2, do_route(), context_2::es, event_timeout_clear(), initialization_sequence_completed(), ISC_ERRORS, context::options, context::plugins, context_1::route_ipv6_list, context_1::route_list, context_2::route_wakeup, context_2::route_wakeup_expire, context_1::tuntap, and update_time().
Referenced by check_add_routes_dowork().
◆ check_add_routes_dowork()
| void check_add_routes_dowork | ( | struct context * | c | ) |
Definition at line 519 of file forward.c.
References context::c1, context::c2, check_add_routes_action(), D_ROUTE, ETT_DEFAULT, event_timeout_init(), event_timeout_reset(), event_timeout_trigger(), M_INFO, M_NOPREFIX, msg, event_timeout::n, now, context::persist, context_2::ping_rec_interval, register_signal(), context_persist::restart_sleep_seconds, context_1::route_list, context_2::route_wakeup, context_2::route_wakeup_expire, show_adapters(), show_routes(), SIGHUP, test_routes(), context_2::timeval, tun_standby(), context_1::tuntap, and update_time().
Referenced by check_add_routes().
◆ check_coarse_timers()
|
inlinestatic |
Definition at line 849 of file forward.c.
References context::c2, check_coarse_timers_dowork(), context_2::coarse_timer_wakeup, context_reschedule_sec(), and now.
Referenced by pre_select().
◆ check_coarse_timers_dowork()
|
static |
Definition at line 831 of file forward.c.
References BIG_TIMEOUT, context::c2, context_2::coarse_timer_wakeup, D_INTERVAL, dmsg, now, process_coarse_timers(), and context_2::timeval.
Referenced by check_coarse_timers().
◆ check_connection_established()
|
inlinestatic |
Definition at line 146 of file forward.c.
References context::c2, check_connection_established_dowork(), event_timeout_defined(), and context_2::wait_for_connect.
Referenced by process_coarse_timers().
◆ check_connection_established_dowork()
| void check_connection_established_dowork | ( | struct context * | c | ) |
Definition at line 430 of file forward.c.
References context::c2, CONNECTION_ESTABLISHED, do_up(), ETT_DEFAULT, event_timeout_clear(), event_timeout_init(), event_timeout_trigger(), management_set_state(), now, OPENVPN_STATE_GET_CONFIG, context::options, options::pull, context_2::push_request_interval, reset_coarse_timers(), context_2::timeval, context_2::tls_multi, and context_2::wait_for_connect.
Referenced by check_connection_established().
◆ check_fragment()
|
inlinestatic |
Definition at line 239 of file forward.c.
References context::c2, check_fragment_dowork(), and context_2::fragment.
Referenced by pre_select().
◆ check_fragment_dowork()
| void check_fragment_dowork | ( | struct context * | c | ) |
Definition at line 627 of file forward.c.
References ASSERT, context_2::buf, context::c2, options::ce, encrypt_sign(), context_2::fragment, fragment_housekeeping(), fragment_outgoing_defined(), fragment_ready_to_send(), frame_adjust_path_mtu(), context_2::frame_fragment, get_link_socket_info(), buffer::len, context_2::link_socket, link_socket::mtu, link_socket_info::mtu_changed, context::options, connection_entry::proto, context_2::timeval, and context_2::to_link.
Referenced by check_fragment().
◆ check_inactivity_timeout()
|
inlinestatic |
Definition at line 174 of file forward.c.
References context::c2, check_inactivity_timeout_dowork(), ETT_DEFAULT, event_timeout_trigger(), context_2::inactivity_interval, options::inactivity_timeout, context::options, and context_2::timeval.
Referenced by process_coarse_timers().
◆ check_inactivity_timeout_dowork()
| void check_inactivity_timeout_dowork | ( | struct context * | c | ) |
Definition at line 557 of file forward.c.
References M_INFO, msg, register_signal(), and SIGTERM.
Referenced by check_inactivity_timeout().
◆ check_incoming_control_channel()
|
inlinestatic |
Definition at line 129 of file forward.c.
References context::c2, check_incoming_control_channel_dowork(), context_2::tls_multi, and tls_test_payload_len().
Referenced by pre_select().
◆ check_incoming_control_channel_dowork()
| void check_incoming_control_channel_dowork | ( | struct context * | c | ) |
Definition at line 367 of file forward.c.
References alloc_buf_gc(), BSTR, buf_null_terminate(), buf_string_match_head_str(), context::c2, CC_CRLF, CC_PRINT, D_PUSH_ERRORS, gc_free(), gc_new(), incoming_push_message(), msg, receive_auth_failed(), server_pushed_signal(), string_mod(), context_2::tls_multi, tls_rec_payload(), and tls_test_payload_len().
Referenced by check_incoming_control_channel().
◆ check_packet_id_persist_flush()
|
inlinestatic |
Definition at line 272 of file forward.c.
References context::c1, context::c2, ETT_DEFAULT, event_timeout_trigger(), packet_id_persist_enabled(), context_2::packet_id_persist_interval, packet_id_persist_save(), context_1::pid_persist, and context_2::timeval.
Referenced by process_coarse_timers().
◆ check_push_request()
|
inlinestatic |
Definition at line 256 of file forward.c.
References context::c2, check_push_request_dowork(), ETT_DEFAULT, event_timeout_trigger(), context_2::push_request_interval, and context_2::timeval.
Referenced by process_coarse_timers().
◆ check_push_request_dowork()
| void check_push_request_dowork | ( | struct context * | c | ) |
Definition at line 416 of file forward.c.
References context::c2, event_timeout_modify_wakeup(), PUSH_REQUEST_INTERVAL, context_2::push_request_interval, and send_push_request().
Referenced by check_push_request().
◆ check_scheduled_exit()
|
inlinestatic |
Definition at line 203 of file forward.c.
References context::c2, check_scheduled_exit_dowork(), ETT_DEFAULT, event_timeout_defined(), event_timeout_trigger(), context_2::scheduled_exit, and context_2::timeval.
Referenced by process_coarse_timers().
◆ check_scheduled_exit_dowork()
| void check_scheduled_exit_dowork | ( | struct context * | c | ) |
Definition at line 603 of file forward.c.
References context::c2, register_signal(), and context_2::scheduled_exit_signal.
Referenced by check_scheduled_exit().
◆ check_server_poll_timeout()
|
inlinestatic |
Definition at line 188 of file forward.c.
References context::c2, options::ce, check_server_poll_timeout_dowork(), connection_entry::connect_timeout, ETT_DEFAULT, event_timeout_trigger(), context::options, context_2::server_poll_interval, and context_2::timeval.
Referenced by process_coarse_timers().
◆ check_server_poll_timeout_dowork()
| void check_server_poll_timeout_dowork | ( | struct context * | c | ) |
Definition at line 573 of file forward.c.
References ASSERT, context::c2, event_timeout_reset(), M_INFO, msg, context::persist, register_signal(), context_persist::restart_sleep_seconds, context_2::server_poll_interval, SIGUSR1, tls_initial_packet_received(), and context_2::tls_multi.
Referenced by check_server_poll_timeout().
◆ check_status_file()
|
inlinestatic |
Definition at line 221 of file forward.c.
References context::c1, context::c2, check_status_file_dowork(), context_1::status_output, status_trigger_tv(), and context_2::timeval.
Referenced by process_coarse_timers().
◆ check_status_file_dowork()
| void check_status_file_dowork | ( | struct context * | c | ) |
Definition at line 614 of file forward.c.
References context::c1, print_status(), and context_1::status_output.
Referenced by check_status_file().
◆ check_timeout_random_component()
|
inlinestatic |
Definition at line 874 of file forward.c.
References context::c2, check_timeout_random_component_dowork(), now, context_2::timeout_random_component, context_2::timeval, tv_add(), and context_2::update_timeout_random_component.
Referenced by pre_select().
◆ check_timeout_random_component_dowork()
|
static |
Definition at line 863 of file forward.c.
References context::c2, D_INTERVAL, dmsg, get_random(), now, context_2::timeout_random_component, and context_2::update_timeout_random_component.
Referenced by check_timeout_random_component().
◆ check_tls()
|
inlinestatic |
Definition at line 84 of file forward.c.
References context::c2, check_tls_dowork(), and context_2::tls_multi.
Referenced by pre_select().
◆ check_tls_dowork()
| void check_tls_dowork | ( | struct context * | c | ) |
Definition at line 317 of file forward.c.
References BIG_TIMEOUT, context::c2, context_reschedule_sec(), get_link_socket_info(), interval_action(), interval_future_trigger(), interval_schedule_wakeup(), interval_test(), register_signal(), SIGTERM, context_2::tls_multi, tls_multi_process(), TLSMP_ACTIVE, TLSMP_KILL, context_2::tmp_int, context_2::to_link, context_2::to_link_addr, and update_time().
Referenced by check_tls().
◆ check_tls_errors()
|
inlinestatic |
Definition at line 99 of file forward.c.
References context::c2, check_tls_errors_co(), check_tls_errors_nco(), context_2::link_socket, link_socket_connection_oriented(), tls_multi::n_hard_errors, tls_multi::n_soft_errors, context_2::tls_exit_signal, and context_2::tls_multi.
Referenced by pre_select().
◆ check_tls_errors_co()
| void check_tls_errors_co | ( | struct context * | c | ) |
Definition at line 348 of file forward.c.
References context::c2, D_STREAM_ERRORS, msg, register_signal(), and context_2::tls_exit_signal.
Referenced by check_tls_errors().
◆ check_tls_errors_nco()
| void check_tls_errors_nco | ( | struct context * | c | ) |
Definition at line 355 of file forward.c.
References context::c2, register_signal(), and context_2::tls_exit_signal.
Referenced by check_tls_errors().
◆ context_immediate_reschedule()
|
inlinestatic |
Definition at line 286 of file forward.c.
References context::c2, and context_2::timeval.
Referenced by send_control_channel_string().
◆ context_reschedule_sec()
|
inlinestatic |
Definition at line 293 of file forward.c.
References context::c2, and context_2::timeval.
Referenced by check_coarse_timers(), and check_tls_dowork().
◆ drop_if_recursive_routing()
Drops UDP packets which OS decided to route via tun.
On Windows and OS X when netwotk adapter is disabled or disconnected, platform starts to use tun as external interface. When packet is sent to tun, it comes to openvpn, encapsulated and sent to routing table, which sends it again to tun.
Definition at line 1303 of file forward.c.
References openvpn_sockaddr::addr, BLEN, BPTR, context_2::buf, context::c1, context::c2, D_LOW, openvpn_iphdr::daddr, openvpn_ipv6hdr::daddr, link_socket_actual::dest, gc_free(), gc_new(), get_tun_ip_ver(), openvpn_sockaddr::in4, openvpn_sockaddr::in6, IN6_ARE_ADDR_EQUAL, buffer::len, msg, print_link_socket_actual(), openvpn_sockaddr::sa, context_2::to_link_addr, TUNNEL_TYPE, and context_1::tuntap.
Referenced by process_incoming_tun().
◆ get_server_poll_remaining_time()
| int get_server_poll_remaining_time | ( | struct event_timeout * | server_poll_timeout | ) |
Definition at line 564 of file forward.c.
References event_timeout_remaining(), max_int(), and update_time().
Referenced by establish_http_proxy_passthru(), phase2_socks_client(), and phase2_tcp_client().
◆ io_wait_dowork()
| void io_wait_dowork | ( | struct context * | c, |
| const unsigned int | flags | ||
| ) |
Definition at line 1985 of file forward.c.
References event_set_return::arg, context::c1, context::c2, check_debug_level(), check_status(), D_EVENT_WAIT, dmsg, ES_ERROR, ES_TIMEOUT, event_ctl(), EVENT_READ, event_reset(), context_2::event_set, context_2::event_set_status, event_wait(), EVENT_WRITE, get_signal(), IOW_CHECK_RESIDUAL, IOW_FRAG, IOW_MBUF, IOW_READ_LINK, IOW_READ_TUN, IOW_READ_TUN_FORCE, IOW_SHAPER, IOW_TO_LINK, IOW_TO_TUN, IOW_WAIT_SIGNAL, context_2::link_socket, management_socket_set(), max_int(), options::mode, MODE_SERVER, context::options, event_set_return::rwflags, shaper_soonest_event(), show_wait_status(), context::sig, signal_info::signal_received, SIZE, SOCKET_READ, socket_read_residual(), socket_set(), status, context_2::timeval, TO_LINK_FRAG, tun_set(), context_1::tuntap, update_time(), and wait_signal().
Referenced by io_wait().
◆ ipv6_send_icmp_unreachable()
Forges a IPv6 ICMP packet with a no route to host error code from the IPv6 packet in buf and sends it directly back to the client via the tun device when used on a client and via the link if used on the server.
- Parameters
-
buf - The buf containing the packet for which the icmp6 unreachable should be constructed. client - determines whether to the send packet back via tun or link
Definition at line 1452 of file forward.c.
References ASSERT, context_buffers::aux_buf, BLEN, BPTR, buf_copy_n(), buf_init, buf_safe(), buf_write_prepend(), context_2::buffers, context::c1, context::c2, CLEAR, openvpn_ipv6hdr::daddr, openvpn_ethhdr::dest, DEV_TYPE_TAP, context_2::frame, openvpn_icmp6hdr::icmp6_cksum, openvpn_icmp6hdr::icmp6_code, openvpn_icmp6hdr::icmp6_type, options::ifconfig_ipv6_remote, inet_pton(), ip_checksum(), is_ipv6(), MAX_ICMPV6LEN, min_int(), openvpn_ipv6hdr::nexthdr, OPENVPN_ETH_ALEN, OPENVPN_ETH_P_IPV6, OPENVPN_ICMP6_DESTINATION_UNREACHABLE, OPENVPN_ICMP6_DU_NOROUTE, OPENVPN_IPPROTO_ICMPV6, context::options, openvpn_ipv6hdr::payload_len, openvpn_ethhdr::proto, openvpn_ipv6hdr::saddr, openvpn_ethhdr::source, context_2::to_link, context_2::to_tun, TUN_MTU_SIZE, TUNNEL_TYPE, context_1::tuntap, and openvpn_ipv6hdr::version_prio.
Referenced by process_ip_header().
◆ link_socket_write_post_size_adjust()
|
inlinestatic |
Definition at line 914 of file forward.c.
References buf_advance().
Referenced by process_outgoing_link().
◆ pre_select()
| void pre_select | ( | struct context * | c | ) |
Definition at line 1921 of file forward.c.
References BIG_TIMEOUT, context::c1, context::c2, check_coarse_timers(), check_debug_level(), check_fragment(), check_incoming_control_channel(), check_send_occ_msg(), check_timeout_random_component(), check_tls(), check_tls_errors(), D_TAP_WIN_DEBUG, context::sig, signal_info::signal_received, context_2::timeval, tun_show_debug(), context_1::tuntap, and tuntap_defined().
Referenced by multi_process_post(), and tunnel_point_to_point().
◆ process_coarse_timers()
|
static |
Definition at line 757 of file forward.c.
References context::c2, check_add_routes(), check_connection_established(), check_inactivity_timeout(), check_packet_id_persist_flush(), check_ping_restart(), check_ping_send(), check_push_request(), check_scheduled_exit(), check_send_occ_load_test(), check_send_occ_req(), check_server_poll_timeout(), check_status_file(), context_2::explicit_exit_notification_time_wait, process_explicit_exit_notification_timer_wakeup(), context::sig, signal_info::signal_received, and context_2::tls_multi.
Referenced by check_coarse_timers_dowork().
◆ process_incoming_link()
|
static |
Definition at line 1225 of file forward.c.
References context_2::buf, context::c2, buffer::data, get_link_socket_info(), perf_pop(), PERF_PROC_IN_LINK, perf_push(), process_incoming_link_part1(), and process_incoming_link_part2().
Referenced by process_io().
◆ process_io()
| void process_io | ( | struct context * | c | ) |
Definition at line 2183 of file forward.c.
References ASSERT, context::c2, context_2::event_set_status, IS_SIG, management_io(), MANAGEMENT_READ, MANAGEMENT_WRITE, process_incoming_link(), process_incoming_tun(), process_outgoing_link(), process_outgoing_tun(), read_incoming_link(), read_incoming_tun(), SOCKET_READ, SOCKET_WRITE, status, TUN_READ, and TUN_WRITE.
Referenced by tunnel_point_to_point().
◆ process_ip_header()
Definition at line 1578 of file forward.c.
References options::block_ipv6, context::c1, context::c2, options::ce, options::client_nat, client_nat_transform(), CN_INCOMING, CN_OUTGOING, dhcp_extract_router_msg(), context_2::es, context_2::frame, in_addr_t, ipv6_send_icmp_unreachable(), is_ipv4(), is_ipv6(), buffer::len, context_2::link_socket, mss_fixup_ipv4(), mss_fixup_ipv6(), connection_entry::mssfix, MTU_TO_MSS, context::options, PASSTOS_CAPABILITY, PIP_MSSFIX, PIP_OUTGOING, PIPV4_CLIENT_NAT, PIPV4_EXTRACT_DHCP_ROUTER, PIPV4_PASSTOS, PIPV6_IMCP_NOHOST_CLIENT, PIPV6_IMCP_NOHOST_SERVER, options::route_gateway_via_dhcp, context_1::route_list, route_list_add_vpn_gateway(), TUN_MTU_SIZE_DYNAMIC, TUNNEL_TYPE, and context_1::tuntap.
Referenced by multi_get_queue(), process_incoming_tun(), and process_outgoing_tun().
◆ schedule_exit()
| void schedule_exit | ( | struct context * | c, |
| const int | n_seconds, | ||
| const int | signal | ||
| ) |
Definition at line 589 of file forward.c.
References context::c2, D_SCHED_EXIT, event_timeout_init(), msg, now, reset_coarse_timers(), context_2::scheduled_exit, context_2::scheduled_exit_signal, context_2::tls_multi, tls_set_single_session(), and update_time().
Referenced by send_auth_failed(), and send_restart().
◆ send_control_channel_string()
Definition at line 473 of file forward.c.
References context::c2, context_immediate_reschedule(), gc_free(), gc_new(), interval_action(), msg, sanitize_control_message(), tls_common_name(), context_2::tls_multi, tls_send_payload(), and context_2::tmp_int.
Referenced by multi_push_restart_schedule_exit(), send_auth_failed(), send_push_options(), send_push_reply(), send_push_request(), and send_restart().
◆ socks_postprocess_incoming_link()
|
inlinestatic |
Definition at line 892 of file forward.c.
References context_2::buf, context::c2, context_2::from, link_socket::info, context_2::link_socket, link_socket_info::proto, PROTO_UDP, socks_process_incoming_udp(), and link_socket::socks_proxy.
Referenced by read_incoming_link().
◆ socks_preprocess_outgoing_link()
|
inlinestatic |
Definition at line 901 of file forward.c.
References context::c2, link_socket::info, context_2::link_socket, link_socket_info::proto, PROTO_UDP, socks_process_outgoing_udp(), link_socket::socks_proxy, link_socket::socks_relay, context_2::to_link, and context_2::to_link_addr.
Referenced by process_outgoing_link().
Variable Documentation
◆ link_read_bytes_global
| counter_type link_read_bytes_global |
Definition at line 50 of file forward.c.
Referenced by man_load_stats(), and process_incoming_link_part1().
◆ link_write_bytes_global
| counter_type link_write_bytes_global |
Definition at line 51 of file forward.c.
Referenced by man_load_stats(), and process_outgoing_link().
