#include "syshead.h"#include "forward.h"#include "init.h"#include "push.h"#include "gremlin.h"#include "mss.h"#include "event.h"#include "occ.h"#include "pf.h"#include "ping.h"#include "ps.h"#include "dhcp.h"#include "common.h"#include "ssl_verify.h"#include "memdbg.h"#include "mstats.h"
Go to the source code of this file.
Macros | |
| #define | MAX_ICMPV6LEN 1280 |
Functions | |
| static void | check_tls_errors (struct context *c) |
| static void | context_immediate_reschedule (struct context *c) |
| static void | context_reschedule_sec (struct context *c, int sec) |
| void | check_tls (struct context *c) |
| void | check_tls_errors_co (struct context *c) |
| void | check_tls_errors_nco (struct context *c) |
| void | check_incoming_control_channel (struct context *c) |
| void | check_push_request (struct context *c) |
| void | check_connection_established (struct context *c) |
| bool | send_control_channel_string_dowork (struct tls_multi *multi, const char *str, int msglevel) |
| void | reschedule_multi_process (struct context *c) |
| Reschedule tls_multi_process. More... | |
| bool | send_control_channel_string (struct context *c, const char *str, int msglevel) |
| static void | check_add_routes_action (struct context *c, const bool errors) |
| void | check_add_routes (struct context *c) |
| void | check_inactivity_timeout (struct context *c) |
| int | get_server_poll_remaining_time (struct event_timeout *server_poll_timeout) |
| void | check_server_poll_timeout (struct context *c) |
| void | schedule_exit (struct context *c, const int n_seconds, const int signal) |
| void | check_scheduled_exit (struct context *c) |
| void | check_status_file (struct context *c) |
| void | check_fragment (struct context *c) |
| static void | buffer_turnover (const uint8_t *orig_buf, struct buffer *dest_stub, struct buffer *src_stub, struct buffer *storage) |
| void | encrypt_sign (struct context *c, bool comp_frag) |
| Process a data channel packet that will be sent through a VPN tunnel. More... | |
| static void | process_coarse_timers (struct context *c) |
| static void | check_coarse_timers (struct context *c) |
| static void | check_timeout_random_component_dowork (struct context *c) |
| static void | check_timeout_random_component (struct context *c) |
| static void | socks_postprocess_incoming_link (struct context *c) |
| static void | socks_preprocess_outgoing_link (struct context *c, struct link_socket_actual **to_addr, int *size_delta) |
| static void | link_socket_write_post_size_adjust (int *size, int size_delta, struct buffer *buf) |
| void | read_incoming_link (struct context *c) |
| Read a packet from the external network interface. More... | |
| bool | process_incoming_link_part1 (struct context *c, struct link_socket_info *lsi, bool floated) |
| Starts processing a packet read from the external network interface. More... | |
| void | process_incoming_link_part2 (struct context *c, struct link_socket_info *lsi, const uint8_t *orig_buf) |
| Continues processing a packet read from the external network interface. More... | |
| static void | process_incoming_link (struct context *c) |
| void | read_incoming_tun (struct context *c) |
| Read a packet from the virtual tun/tap network interface. More... | |
| static void | drop_if_recursive_routing (struct context *c, struct buffer *buf) |
| Drops UDP packets which OS decided to route via tun. More... | |
| void | process_incoming_tun (struct context *c) |
| Process a packet read from the virtual tun/tap network interface. More... | |
| void | ipv6_send_icmp_unreachable (struct context *c, struct buffer *buf, bool client) |
| Forges a IPv6 ICMP packet with a no route to host error code from the IPv6 packet in buf and sends it directly back to the client via the tun device when used on a client and via the link if used on the server. More... | |
| void | process_ip_header (struct context *c, unsigned int flags, struct buffer *buf) |
| void | process_outgoing_link (struct context *c) |
| Write a packet to the external network interface. More... | |
| void | process_outgoing_tun (struct context *c) |
| Write a packet to the virtual tun/tap network interface. More... | |
| void | pre_select (struct context *c) |
| void | io_wait_dowork (struct context *c, const unsigned int flags) |
| void | process_io (struct context *c) |
Variables | |
| counter_type | link_read_bytes_global |
| counter_type | link_write_bytes_global |
Macro Definition Documentation
◆ MAX_ICMPV6LEN
| #define MAX_ICMPV6LEN 1280 |
Referenced by ipv6_send_icmp_unreachable().
Function Documentation
◆ buffer_turnover()
|
inlinestatic |
Definition at line 509 of file forward.c.
References buf_assign(), and buffer::data.
Referenced by encrypt_sign(), and process_incoming_link_part2().
◆ check_add_routes()
| void check_add_routes | ( | struct context * | c | ) |
Definition at line 374 of file forward.c.
References context::c1, context::c2, check_add_routes_action(), D_ROUTE, ETT_DEFAULT, event_timeout_init(), event_timeout_reset(), event_timeout_trigger(), M_INFO, M_NOPREFIX, msg, event_timeout::n, now, context::persist, context_2::ping_rec_interval, register_signal(), context_persist::restart_sleep_seconds, context_1::route_list, context_2::route_wakeup, context_2::route_wakeup_expire, show_adapters(), show_routes(), SIGHUP, test_routes(), context_2::timeval, tun_standby(), context_1::tuntap, and update_time().
Referenced by process_coarse_timers().
◆ check_add_routes_action()
|
static |
Definition at line 363 of file forward.c.
References context::c1, context::c2, do_route(), context_2::es, event_timeout_clear(), initialization_sequence_completed(), ISC_ERRORS, context::net_ctx, context::options, context::plugins, context_1::route_ipv6_list, context_1::route_list, context_2::route_wakeup, context_2::route_wakeup_expire, context_1::tuntap, and update_time().
Referenced by check_add_routes().
◆ check_coarse_timers()
|
static |
Definition at line 708 of file forward.c.
References BIG_TIMEOUT, context::c2, context_2::coarse_timer_wakeup, context_reschedule_sec(), D_INTERVAL, dmsg, now, process_coarse_timers(), and context_2::timeval.
Referenced by pre_select().
◆ check_connection_established()
| void check_connection_established | ( | struct context * | c | ) |
Definition at line 280 of file forward.c.
References context::c2, CONNECTION_ESTABLISHED, do_up(), event_timeout_clear(), event_timeout_init(), options::handshake_window, management_set_state(), now, OPENVPN_STATE_GET_CONFIG, context::options, options::pull, context_2::push_request_interval, context_2::push_request_timeout, reset_coarse_timers(), context_2::tls_multi, and context_2::wait_for_connect.
Referenced by process_coarse_timers().
◆ check_fragment()
| void check_fragment | ( | struct context * | c | ) |
Definition at line 479 of file forward.c.
References ASSERT, context_2::buf, context::c2, options::ce, encrypt_sign(), context_2::fragment, fragment_housekeeping(), fragment_outgoing_defined(), fragment_ready_to_send(), frame_adjust_path_mtu(), context_2::frame_fragment, get_link_socket_info(), buffer::len, context_2::link_socket, link_socket::mtu, link_socket_info::mtu_changed, context::options, connection_entry::proto, context_2::timeval, and context_2::to_link.
Referenced by pre_select().
◆ check_inactivity_timeout()
| void check_inactivity_timeout | ( | struct context * | c | ) |
Definition at line 412 of file forward.c.
References M_INFO, msg, register_signal(), and SIGTERM.
Referenced by process_coarse_timers().
◆ check_incoming_control_channel()
| void check_incoming_control_channel | ( | struct context * | c | ) |
Definition at line 197 of file forward.c.
References alloc_buf_gc(), ASSERT, BSTR, buf_null_terminate(), buf_string_match_head_str(), context::c2, CC_CRLF, CC_PRINT, D_PUSH_ERRORS, gc_free(), gc_new(), incoming_push_message(), msg, receive_auth_failed(), receive_auth_pending(), receive_cr_response(), server_pushed_info(), server_pushed_signal(), string_mod(), context_2::tls_multi, tls_rec_payload(), and tls_test_payload_len().
Referenced by pre_select().
◆ check_push_request()
| void check_push_request | ( | struct context * | c | ) |
Definition at line 262 of file forward.c.
References context::c2, event_timeout_modify_wakeup(), PUSH_REQUEST_INTERVAL, context_2::push_request_interval, and send_push_request().
Referenced by process_coarse_timers().
◆ check_scheduled_exit()
| void check_scheduled_exit | ( | struct context * | c | ) |
Definition at line 457 of file forward.c.
References context::c2, register_signal(), and context_2::scheduled_exit_signal.
Referenced by process_coarse_timers().
◆ check_server_poll_timeout()
| void check_server_poll_timeout | ( | struct context * | c | ) |
Definition at line 427 of file forward.c.
References ASSERT, context::c2, event_timeout_reset(), M_INFO, msg, context::persist, register_signal(), context_persist::restart_sleep_seconds, context_2::server_poll_interval, SIGUSR1, tls_initial_packet_received(), and context_2::tls_multi.
Referenced by process_coarse_timers().
◆ check_status_file()
| void check_status_file | ( | struct context * | c | ) |
Definition at line 466 of file forward.c.
References context::c1, print_status(), and context_1::status_output.
Referenced by process_coarse_timers().
◆ check_timeout_random_component()
|
inlinestatic |
Definition at line 743 of file forward.c.
References context::c2, check_timeout_random_component_dowork(), now, context_2::timeout_random_component, context_2::timeval, tv_add(), and context_2::update_timeout_random_component.
Referenced by pre_select().
◆ check_timeout_random_component_dowork()
|
static |
Definition at line 732 of file forward.c.
References context::c2, D_INTERVAL, dmsg, get_random(), now, context_2::timeout_random_component, and context_2::update_timeout_random_component.
Referenced by check_timeout_random_component().
◆ check_tls()
| void check_tls | ( | struct context * | c | ) |
Definition at line 142 of file forward.c.
References BIG_TIMEOUT, context::c2, tls_multi::client_reason, context_reschedule_sec(), get_link_socket_info(), interval_action(), interval_future_trigger(), interval_schedule_wakeup(), interval_test(), options::mode, MODE_SERVER, context::options, register_signal(), send_auth_failed(), SIGTERM, context_2::tls_multi, tls_multi_process(), TLSMP_ACTIVE, TLSMP_KILL, context_2::tmp_int, context_2::to_link, context_2::to_link_addr, and update_time().
Referenced by pre_select().
◆ check_tls_errors()
|
inlinestatic |
Definition at line 85 of file forward.c.
References context::c2, check_tls_errors_co(), check_tls_errors_nco(), context_2::link_socket, link_socket_connection_oriented(), tls_multi::n_hard_errors, tls_multi::n_soft_errors, context_2::tls_exit_signal, and context_2::tls_multi.
Referenced by pre_select().
◆ check_tls_errors_co()
| void check_tls_errors_co | ( | struct context * | c | ) |
Definition at line 180 of file forward.c.
References context::c2, D_STREAM_ERRORS, msg, register_signal(), and context_2::tls_exit_signal.
Referenced by check_tls_errors().
◆ check_tls_errors_nco()
| void check_tls_errors_nco | ( | struct context * | c | ) |
Definition at line 187 of file forward.c.
References context::c2, register_signal(), and context_2::tls_exit_signal.
Referenced by check_tls_errors().
◆ context_immediate_reschedule()
|
inlinestatic |
Definition at line 111 of file forward.c.
References context::c2, and context_2::timeval.
Referenced by reschedule_multi_process().
◆ context_reschedule_sec()
|
inlinestatic |
Definition at line 118 of file forward.c.
References context::c2, and context_2::timeval.
Referenced by check_coarse_timers(), and check_tls().
◆ drop_if_recursive_routing()
Drops UDP packets which OS decided to route via tun.
On Windows and OS X when netwotk adapter is disabled or disconnected, platform starts to use tun as external interface. When packet is sent to tun, it comes to openvpn, encapsulated and sent to routing table, which sends it again to tun.
Definition at line 1177 of file forward.c.
References openvpn_sockaddr::addr, BLEN, BPTR, context_2::buf, context::c1, context::c2, D_LOW, openvpn_iphdr::daddr, openvpn_ipv6hdr::daddr, link_socket_actual::dest, gc_free(), gc_new(), get_tun_ip_ver(), openvpn_sockaddr::in4, openvpn_sockaddr::in6, IN6_ARE_ADDR_EQUAL, buffer::len, msg, print_link_socket_actual(), openvpn_sockaddr::sa, context_2::to_link_addr, TUNNEL_TYPE, and context_1::tuntap.
Referenced by process_incoming_tun().
◆ get_server_poll_remaining_time()
| int get_server_poll_remaining_time | ( | struct event_timeout * | server_poll_timeout | ) |
Definition at line 419 of file forward.c.
References event_timeout_remaining(), max_int(), and update_time().
Referenced by establish_http_proxy_passthru(), phase2_socks_client(), and phase2_tcp_client().
◆ io_wait_dowork()
| void io_wait_dowork | ( | struct context * | c, |
| const unsigned int | flags | ||
| ) |
Definition at line 1864 of file forward.c.
References event_set_return::arg, context::c1, context::c2, check_debug_level(), check_status(), D_EVENT_WAIT, dmsg, ERR_SHIFT, ES_ERROR, ES_TIMEOUT, event_ctl(), EVENT_READ, event_reset(), context_2::event_set, context_2::event_set_status, event_wait(), EVENT_WRITE, FILE_SHIFT, get_signal(), IOW_CHECK_RESIDUAL, IOW_FRAG, IOW_MBUF, IOW_READ_LINK, IOW_READ_TUN, IOW_READ_TUN_FORCE, IOW_SHAPER, IOW_TO_LINK, IOW_TO_TUN, IOW_WAIT_SIGNAL, context_2::link_socket, MANAGEMENT_SHIFT, management_socket_set(), max_int(), options::mode, MODE_SERVER, context::options, event_set_return::rwflags, context_2::shaper, options::shaper, shaper_delay(), shaper_soonest_event(), show_wait_status(), context::sig, signal_info::signal_received, SIZE, SOCKET_READ, socket_read_residual(), socket_set(), SOCKET_SHIFT, status, context_2::timeval, TO_LINK_FRAG, tun_set(), TUN_SHIFT, context_1::tuntap, tuntap_is_wintun(), update_time(), and wait_signal().
Referenced by io_wait().
◆ ipv6_send_icmp_unreachable()
Forges a IPv6 ICMP packet with a no route to host error code from the IPv6 packet in buf and sends it directly back to the client via the tun device when used on a client and via the link if used on the server.
- Parameters
-
buf - The buf containing the packet for which the icmp6 unreachable should be constructed. client - determines whether to the send packet back via tun or link
Definition at line 1326 of file forward.c.
References ASSERT, context_buffers::aux_buf, BLEN, BPTR, buf_copy_n(), buf_init, buf_safe(), buf_write_prepend(), context_2::buffers, context::c1, context::c2, CLEAR, openvpn_ipv6hdr::daddr, openvpn_ethhdr::dest, DEV_TYPE_TAP, context_2::frame, openvpn_icmp6hdr::icmp6_cksum, openvpn_icmp6hdr::icmp6_code, openvpn_icmp6hdr::icmp6_type, options::ifconfig_ipv6_remote, ip_checksum(), is_ipv6(), MAX_ICMPV6LEN, min_int(), openvpn_ipv6hdr::nexthdr, OPENVPN_ETH_ALEN, OPENVPN_ETH_P_IPV6, OPENVPN_ICMP6_DESTINATION_UNREACHABLE, OPENVPN_ICMP6_DU_NOROUTE, OPENVPN_IPPROTO_ICMPV6, context::options, openvpn_ipv6hdr::payload_len, openvpn_ethhdr::proto, openvpn_ipv6hdr::saddr, openvpn_ethhdr::source, context_2::to_link, context_2::to_tun, TUN_MTU_SIZE, TUNNEL_TYPE, context_1::tuntap, and openvpn_ipv6hdr::version_prio.
Referenced by process_ip_header().
◆ link_socket_write_post_size_adjust()
|
inlinestatic |
Definition at line 783 of file forward.c.
References buf_advance().
Referenced by process_outgoing_link().
◆ pre_select()
| void pre_select | ( | struct context * | c | ) |
Definition at line 1792 of file forward.c.
References BIG_TIMEOUT, context::c1, context::c2, check_coarse_timers(), check_debug_level(), check_fragment(), check_incoming_control_channel(), check_send_occ_msg(), check_timeout_random_component(), check_tls(), check_tls_errors(), D_TAP_WIN_DEBUG, context_2::fragment, context::sig, signal_info::signal_received, context_2::timeval, context_2::tls_multi, tls_test_payload_len(), tun_show_debug(), context_1::tuntap, and tuntap_defined().
Referenced by multi_process_post(), and tunnel_point_to_point().
◆ process_coarse_timers()
|
static |
Definition at line 608 of file forward.c.
References context::c1, context::c2, options::ce, check_add_routes(), check_connection_established(), check_inactivity_timeout(), check_ping_restart(), check_ping_send(), check_push_request(), check_scheduled_exit(), check_send_occ_load_test(), check_send_occ_req(), check_server_poll_timeout(), check_status_file(), connection_entry::connect_timeout, status_output::et, ETT_DEFAULT, event_timeout_trigger(), context_2::explicit_exit_notification_time_wait, context_2::inactivity_interval, options::inactivity_timeout, context::options, packet_id_persist_enabled(), context_2::packet_id_persist_interval, packet_id_persist_save(), context_1::pid_persist, process_explicit_exit_notification_timer_wakeup(), context_2::push_request_interval, context_2::route_wakeup, context_2::scheduled_exit, context_2::server_poll_interval, context::sig, signal_info::signal_received, context_1::status_output, context_2::timeval, context_2::tls_multi, and context_2::wait_for_connect.
Referenced by check_coarse_timers().
◆ process_incoming_link()
|
static |
Definition at line 1083 of file forward.c.
References context_2::buf, context::c2, buffer::data, get_link_socket_info(), perf_pop(), PERF_PROC_IN_LINK, perf_push(), process_incoming_link_part1(), and process_incoming_link_part2().
Referenced by process_io().
◆ process_io()
| void process_io | ( | struct context * | c | ) |
Definition at line 2071 of file forward.c.
References ASSERT, context::c2, context_2::event_set_status, IS_SIG, management_io(), MANAGEMENT_READ, MANAGEMENT_WRITE, process_incoming_link(), process_incoming_tun(), process_outgoing_link(), process_outgoing_tun(), read_incoming_link(), read_incoming_tun(), SOCKET_READ, SOCKET_WRITE, status, TUN_READ, and TUN_WRITE.
Referenced by tunnel_point_to_point().
◆ process_ip_header()
Definition at line 1452 of file forward.c.
References options::block_ipv6, context::c1, context::c2, options::ce, options::client_nat, client_nat_transform(), CN_INCOMING, CN_OUTGOING, dhcp_extract_router_msg(), context_2::es, context_2::frame, in_addr_t, ipv6_send_icmp_unreachable(), is_ipv4(), is_ipv6(), buffer::len, context_2::link_socket, mss_fixup_ipv4(), mss_fixup_ipv6(), connection_entry::mssfix, MTU_TO_MSS, context::options, PASSTOS_CAPABILITY, PIP_MSSFIX, PIP_OUTGOING, PIPV4_CLIENT_NAT, PIPV4_EXTRACT_DHCP_ROUTER, PIPV4_PASSTOS, PIPV6_IMCP_NOHOST_CLIENT, PIPV6_IMCP_NOHOST_SERVER, options::route_gateway_via_dhcp, context_1::route_list, route_list_add_vpn_gateway(), TUN_MTU_SIZE_DYNAMIC, TUNNEL_TYPE, and context_1::tuntap.
Referenced by multi_get_queue(), process_incoming_tun(), and process_outgoing_tun().
◆ reschedule_multi_process()
| void reschedule_multi_process | ( | struct context * | c | ) |
Reschedule tls_multi_process.
NOTE: in multi-client mode, usually calling the function is insufficient to reschedule the client instance object unless multi_schedule_context_wakeup(m, mi) is also called.
Definition at line 339 of file forward.c.
References context::c2, context_immediate_reschedule(), interval_action(), and context_2::tmp_int.
Referenced by management_client_pending_auth(), and send_control_channel_string().
◆ schedule_exit()
| void schedule_exit | ( | struct context * | c, |
| const int | n_seconds, | ||
| const int | signal | ||
| ) |
Definition at line 443 of file forward.c.
References context::c2, D_SCHED_EXIT, event_timeout_init(), msg, now, reset_coarse_timers(), context_2::scheduled_exit, context_2::scheduled_exit_signal, context_2::tls_multi, tls_set_single_session(), and update_time().
Referenced by send_auth_failed(), and send_restart().
◆ send_control_channel_string()
| bool send_control_channel_string | ( | struct context * | c, |
| const char * | str, | ||
| int | msglevel | ||
| ) |
Definition at line 346 of file forward.c.
References context::c2, reschedule_multi_process(), send_control_channel_string_dowork(), and context_2::tls_multi.
Referenced by management_callback_send_cc_message(), multi_push_restart_schedule_exit(), send_auth_failed(), send_push_options(), send_push_reply(), send_push_request(), and send_restart().
◆ send_control_channel_string_dowork()
| bool send_control_channel_string_dowork | ( | struct tls_multi * | multi, |
| const char * | str, | ||
| int | msglevel | ||
| ) |
Definition at line 321 of file forward.c.
References gc_free(), gc_new(), msg, sanitize_control_message(), tls_common_name(), and tls_send_payload().
Referenced by send_auth_pending_messages(), send_control_channel_string(), and send_push_reply_auth_token().
◆ socks_postprocess_incoming_link()
|
inlinestatic |
Definition at line 761 of file forward.c.
References context_2::buf, context::c2, context_2::from, link_socket::info, context_2::link_socket, link_socket_info::proto, PROTO_UDP, socks_process_incoming_udp(), and link_socket::socks_proxy.
Referenced by read_incoming_link().
◆ socks_preprocess_outgoing_link()
|
inlinestatic |
Definition at line 770 of file forward.c.
References context::c2, link_socket::info, context_2::link_socket, link_socket_info::proto, PROTO_UDP, socks_process_outgoing_udp(), link_socket::socks_proxy, link_socket::socks_relay, context_2::to_link, and context_2::to_link_addr.
Referenced by process_outgoing_link().
Variable Documentation
◆ link_read_bytes_global
| counter_type link_read_bytes_global |
Definition at line 50 of file forward.c.
Referenced by man_load_stats(), and process_incoming_link_part1().
◆ link_write_bytes_global
| counter_type link_write_bytes_global |
Definition at line 51 of file forward.c.
Referenced by man_load_stats(), and process_outgoing_link().
