OpenVPN
helper.c
Go to the documentation of this file.
1 /*
2  * OpenVPN -- An application to securely tunnel IP networks
3  * over a single TCP/UDP port, with support for SSL/TLS-based
4  * session authentication and key exchange,
5  * packet encryption, packet authentication, and
6  * packet compression.
7  *
8  * Copyright (C) 2002-2024 OpenVPN Inc <sales@openvpn.net>
9  *
10  * This program is free software; you can redistribute it and/or modify
11  * it under the terms of the GNU General Public License version 2
12  * as published by the Free Software Foundation.
13  *
14  * This program is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17  * GNU General Public License for more details.
18  *
19  * You should have received a copy of the GNU General Public License along
20  * with this program; if not, write to the Free Software Foundation, Inc.,
21  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22  */
23 
24 #ifdef HAVE_CONFIG_H
25 #include "config.h"
26 #endif
27 
28 #include "syshead.h"
29 
30 #include "forward.h"
31 #include "helper.h"
32 #include "pool.h"
33 #include "push.h"
34 
35 #include "memdbg.h"
36 
37 
38 static const char *
39 print_netmask(int netbits, struct gc_arena *gc)
40 {
41  struct buffer out = alloc_buf_gc(128, gc);
42  const in_addr_t netmask = netbits_to_netmask(netbits);
43 
44  buf_printf(&out, "%s (/%d)", print_in_addr_t(netmask, 0, gc), netbits);
45 
46  return BSTR(&out);
47 }
48 
49 static const char *
50 print_opt_route_gateway(const in_addr_t route_gateway, struct gc_arena *gc)
51 {
52  struct buffer out = alloc_buf_gc(128, gc);
53  ASSERT(route_gateway);
54  buf_printf(&out, "route-gateway %s", print_in_addr_t(route_gateway, 0, gc));
55  return BSTR(&out);
56 }
57 
58 static const char *
59 print_opt_route_gateway_dhcp(struct gc_arena *gc)
60 {
61  struct buffer out = alloc_buf_gc(32, gc);
62  buf_printf(&out, "route-gateway dhcp");
63  return BSTR(&out);
64 }
65 
66 static const char *
67 print_opt_route(const in_addr_t network, const in_addr_t netmask, struct gc_arena *gc)
68 {
69  struct buffer out = alloc_buf_gc(128, gc);
70  ASSERT(network);
71 
72  if (netmask)
73  {
74  buf_printf(&out, "route %s %s",
75  print_in_addr_t(network, 0, gc),
76  print_in_addr_t(netmask, 0, gc));
77  }
78  else
79  {
80  buf_printf(&out, "route %s",
81  print_in_addr_t(network, 0, gc));
82  }
83 
84  return BSTR(&out);
85 }
86 
87 static const char *
88 print_opt_topology(const int topology, struct gc_arena *gc)
89 {
90  struct buffer out = alloc_buf_gc(128, gc);
91 
92  buf_printf(&out, "topology %s", print_topology(topology));
93 
94  return BSTR(&out);
95 }
96 
97 static const char *
98 print_str_int(const char *str, const int i, struct gc_arena *gc)
99 {
100  struct buffer out = alloc_buf_gc(128, gc);
101  buf_printf(&out, "%s %d", str, i);
102  return BSTR(&out);
103 }
104 
105 static const char *
106 print_str(const char *str, struct gc_arena *gc)
107 {
108  struct buffer out = alloc_buf_gc(128, gc);
109  buf_printf(&out, "%s", str);
110  return BSTR(&out);
111 }
112 
113 static void
114 helper_add_route(const in_addr_t network, const in_addr_t netmask, struct options *o)
115 {
116  rol_check_alloc(o);
117  add_route_to_option_list(o->routes,
118  print_in_addr_t(network, 0, &o->gc),
119  print_in_addr_t(netmask, 0, &o->gc),
120  NULL,
121  NULL);
122 }
123 
124 static void
125 verify_common_subnet(const char *opt, const in_addr_t a, const in_addr_t b, const in_addr_t subnet)
126 {
127  struct gc_arena gc = gc_new();
128  if ((a & subnet) != (b & subnet))
129  {
130  msg(M_USAGE, "%s IP addresses %s and %s are not in the same %s subnet",
131  opt,
132  print_in_addr_t(a, 0, &gc),
133  print_in_addr_t(b, 0, &gc),
134  print_in_addr_t(subnet, 0, &gc));
135  }
136  gc_free(&gc);
137 }
138 
139 
143 void
144 helper_setdefault_topology(struct options *o)
145 {
146  if (o->topology != TOP_UNDEF)
147  {
148  return;
149  }
150  int dev = dev_type_enum(o->dev, o->dev_type);
151  if (dev != DEV_TYPE_TUN)
152  {
153  return;
154  }
155  if (o->mode == MODE_SERVER)
156  {
157  o->topology = TOP_SUBNET;
158  }
159  else
160  {
161  o->topology = TOP_NET30;
162  }
163 }
164 
165 
166 /*
167  * Process server, server-bridge, and client helper
168  * directives after the parameters themselves have been
169  * parsed and placed in struct options.
170  */
171 void
172 helper_client_server(struct options *o)
173 {
174  struct gc_arena gc = gc_new();
175 
176  /*
177  * Get tun/tap/null device type
178  */
179  const int dev = dev_type_enum(o->dev, o->dev_type);
180 
181  /*
182  *
183  * HELPER DIRECTIVE for IPv6
184  *
185  * server-ipv6 2001:db8::/64
186  *
187  * EXPANDS TO:
188  *
189  * tun-ipv6
190  * push "tun-ipv6"
191  * ifconfig-ipv6 2001:db8::1 2001:db8::2
192  * if !nopool:
193  * ifconfig-ipv6-pool 2001:db8::1000/64
194  *
195  */
196  if (o->server_ipv6_defined)
197  {
198  if (o->client)
199  {
200  msg(M_USAGE, "--server-ipv6 and --client cannot be used together");
201  }
202 
203  if (o->server_flags & SF_NOPOOL)
204  {
205  msg(M_USAGE, "--server-ipv6 is incompatible with 'nopool' option");
206  }
207  if (o->ifconfig_ipv6_pool_defined)
208  {
209  msg(M_USAGE, "--server-ipv6 already defines an ifconfig-ipv6-pool, so you can't also specify --ifconfig-pool explicitly");
210  }
211 
212  o->mode = MODE_SERVER;
213  o->tls_server = true;
214 
215  /* local ifconfig is "base address + 1" and "+2" */
216  o->ifconfig_ipv6_local =
217  print_in6_addr( add_in6_addr( o->server_network_ipv6, 1), 0, &o->gc );
218  o->ifconfig_ipv6_remote =
219  print_in6_addr( add_in6_addr( o->server_network_ipv6, 2), 0, &o->gc );
220  o->ifconfig_ipv6_netbits = o->server_netbits_ipv6;
221 
222  /* basic sanity check */
223  ASSERT(o->server_netbits_ipv6 >= 64 && o->server_netbits_ipv6 <= 124);
224 
225  o->ifconfig_ipv6_pool_defined = true;
226  /* For large enough pools we keep the original behaviour of adding
227  * 0x1000 when computing the base.
228  *
229  * Smaller pools can't get that far, therefore we just increase by 2
230  */
231  o->ifconfig_ipv6_pool_base = add_in6_addr(o->server_network_ipv6,
232  o->server_netbits_ipv6 < 112 ? 0x1000 : 2);
233  o->ifconfig_ipv6_pool_netbits = o->server_netbits_ipv6;
234 
235  push_option(o, "tun-ipv6", M_USAGE);
236  }
237 
238  /*
239  *
240  * HELPER DIRECTIVE:
241  *
242  * server 10.8.0.0 255.255.255.0
243  *
244  * EXPANDS TO:
245  *
246  * mode server
247  * tls-server
248  * push "topology [topology]"
249  *
250  * if tun AND (topology == net30 OR topology == p2p):
251  * ifconfig 10.8.0.1 10.8.0.2
252  * if !nopool:
253  * ifconfig-pool 10.8.0.4 10.8.0.251
254  * route 10.8.0.0 255.255.255.0
255  * if client-to-client:
256  * push "route 10.8.0.0 255.255.255.0"
257  * else if topology == net30:
258  * push "route 10.8.0.1"
259  *
260  * if tap OR (tun AND topology == subnet):
261  * ifconfig 10.8.0.1 255.255.255.0
262  * if !nopool:
263  * ifconfig-pool 10.8.0.2 10.8.0.254 255.255.255.0
264  * push "route-gateway 10.8.0.1"
265  * if route-gateway unset:
266  * route-gateway 10.8.0.2
267  */
268 
269  if (o->server_defined)
270  {
271  int netbits = -2;
272  bool status = false;
273 
274  if (o->client)
275  {
276  msg(M_USAGE, "--server and --client cannot be used together");
277  }
278 
279  if (o->server_bridge_defined || o->server_bridge_proxy_dhcp)
280  {
281  msg(M_USAGE, "--server and --server-bridge cannot be used together");
282  }
283 
284  if (o->shared_secret_file)
285  {
286  msg(M_USAGE, "--server and --secret cannot be used together (you must use SSL/TLS keys)");
287  }
288 
289  if (!(o->server_flags & SF_NOPOOL) && o->ifconfig_pool_defined)
290  {
291  msg(M_USAGE, "--server already defines an ifconfig-pool, so you can't also specify --ifconfig-pool explicitly");
292  }
293 
294  if (!(dev == DEV_TYPE_TAP || dev == DEV_TYPE_TUN))
295  {
296  msg(M_USAGE, "--server directive only makes sense with --dev tun or --dev tap");
297  }
298 
299  status = netmask_to_netbits(o->server_network, o->server_netmask, &netbits);
300  if (!status)
301  {
302  msg(M_USAGE, "--server directive network/netmask combination is invalid");
303  }
304 
305  if (netbits < 0)
306  {
307  msg(M_USAGE, "--server directive netmask is invalid");
308  }
309 
310  if (netbits < IFCONFIG_POOL_MIN_NETBITS)
311  {
312  msg(M_USAGE, "--server directive netmask allows for too many host addresses (subnet must be %s or higher)",
313  print_netmask(IFCONFIG_POOL_MIN_NETBITS, &gc));
314  }
315 
316  if (dev == DEV_TYPE_TUN)
317  {
318  int pool_end_reserve = 4;
319 
320  if (netbits > 29)
321  {
322  msg(M_USAGE, "--server directive when used with --dev tun must define a subnet of %s or lower",
323  print_netmask(29, &gc));
324  }
325 
326  if (netbits == 29)
327  {
328  pool_end_reserve = 0;
329  }
330 
331  o->mode = MODE_SERVER;
332  o->tls_server = true;
333  /* Need to know topology now */
334  helper_setdefault_topology(o);
335 
336  if (o->topology == TOP_NET30 || o->topology == TOP_P2P)
337  {
338  o->ifconfig_local = print_in_addr_t(o->server_network + 1, 0, &o->gc);
339  o->ifconfig_remote_netmask = print_in_addr_t(o->server_network + 2, 0, &o->gc);
340 
341  if (!(o->server_flags & SF_NOPOOL))
342  {
343  o->ifconfig_pool_defined = true;
344  o->ifconfig_pool_start = o->server_network + 4;
345  o->ifconfig_pool_end = (o->server_network | ~o->server_netmask) - pool_end_reserve;
346  ifconfig_pool_verify_range(M_USAGE, o->ifconfig_pool_start, o->ifconfig_pool_end);
347  }
348 
349  helper_add_route(o->server_network, o->server_netmask, o);
350  if (o->enable_c2c)
351  {
352  push_option(o, print_opt_route(o->server_network, o->server_netmask, &o->gc), M_USAGE);
353  }
354  else if (o->topology == TOP_NET30)
355  {
356  push_option(o, print_opt_route(o->server_network + 1, 0, &o->gc), M_USAGE);
357  }
358  }
359  else if (o->topology == TOP_SUBNET)
360  {
361  o->ifconfig_local = print_in_addr_t(o->server_network + 1, 0, &o->gc);
362  o->ifconfig_remote_netmask = print_in_addr_t(o->server_netmask, 0, &o->gc);
363 
364  if (!(o->server_flags & SF_NOPOOL))
365  {
366  o->ifconfig_pool_defined = true;
367  o->ifconfig_pool_start = o->server_network + 2;
368  o->ifconfig_pool_end = (o->server_network | ~o->server_netmask) - 1;
369  ifconfig_pool_verify_range(M_USAGE, o->ifconfig_pool_start, o->ifconfig_pool_end);
370  }
371  o->ifconfig_pool_netmask = o->server_netmask;
372 
373  push_option(o, print_opt_route_gateway(o->server_network + 1, &o->gc), M_USAGE);
374  if (!o->route_default_gateway)
375  {
376  o->route_default_gateway = print_in_addr_t(o->server_network + 2, 0, &o->gc);
377  }
378  }
379  else
380  {
381  ASSERT(0);
382  }
383 
384  push_option(o, print_opt_topology(o->topology, &o->gc), M_USAGE);
385 
386  if (o->topology == TOP_NET30 && !(o->server_flags & SF_NOPOOL))
387  {
388  msg(M_WARN, "WARNING: --topology net30 support for server "
389  "configs with IPv4 pools will be removed in a future "
390  "release. Please migrate to --topology subnet as soon "
391  "as possible.");
392  }
393  }
394  else if (dev == DEV_TYPE_TAP)
395  {
396  if (netbits > 30)
397  {
398  msg(M_USAGE, "--server directive when used with --dev tap must define a subnet of %s or lower",
399  print_netmask(30, &gc));
400  }
401 
402  o->mode = MODE_SERVER;
403  o->tls_server = true;
404  o->ifconfig_local = print_in_addr_t(o->server_network + 1, 0, &o->gc);
405  o->ifconfig_remote_netmask = print_in_addr_t(o->server_netmask, 0, &o->gc);
406 
407  if (!(o->server_flags & SF_NOPOOL))
408  {
409  o->ifconfig_pool_defined = true;
410  o->ifconfig_pool_start = o->server_network + 2;
411  o->ifconfig_pool_end = (o->server_network | ~o->server_netmask) - 1;
412  ifconfig_pool_verify_range(M_USAGE, o->ifconfig_pool_start, o->ifconfig_pool_end);
413  }
414  o->ifconfig_pool_netmask = o->server_netmask;
415 
416  push_option(o, print_opt_route_gateway(o->server_network + 1, &o->gc), M_USAGE);
417  }
418  else
419  {
420  ASSERT(0);
421  }
422 
423  /* set push-ifconfig-constraint directive */
424  if ((dev == DEV_TYPE_TAP || o->topology == TOP_SUBNET))
425  {
426  o->push_ifconfig_constraint_defined = true;
427  o->push_ifconfig_constraint_network = o->server_network;
428  o->push_ifconfig_constraint_netmask = o->server_netmask;
429  }
430  }
431 
432  /*
433  * HELPER DIRECTIVE:
434  *
435  * server-bridge 10.8.0.4 255.255.255.0 10.8.0.128 10.8.0.254
436  *
437  * EXPANDS TO:
438  *
439  * mode server
440  * tls-server
441  *
442  * ifconfig-pool 10.8.0.128 10.8.0.254 255.255.255.0
443  * push "route-gateway 10.8.0.4"
444  *
445  * OR
446  *
447  * server-bridge
448  *
449  * EXPANDS TO:
450  *
451  * mode server
452  * tls-server
453  *
454  * if !nogw:
455  * push "route-gateway dhcp"
456  */
457  else if (o->server_bridge_defined || o->server_bridge_proxy_dhcp)
458  {
459  if (o->client)
460  {
461  msg(M_USAGE, "--server-bridge and --client cannot be used together");
462  }
463 
464  if (!(o->server_flags & SF_NOPOOL) && o->ifconfig_pool_defined)
465  {
466  msg(M_USAGE, "--server-bridge already defines an ifconfig-pool, so you can't also specify --ifconfig-pool explicitly");
467  }
468 
469  if (o->shared_secret_file)
470  {
471  msg(M_USAGE, "--server-bridge and --secret cannot be used together (you must use SSL/TLS keys)");
472  }
473 
474  if (dev != DEV_TYPE_TAP)
475  {
476  msg(M_USAGE, "--server-bridge directive only makes sense with --dev tap");
477  }
478 
479  if (o->server_bridge_defined)
480  {
481  verify_common_subnet("--server-bridge", o->server_bridge_ip, o->server_bridge_pool_start, o->server_bridge_netmask);
482  verify_common_subnet("--server-bridge", o->server_bridge_pool_start, o->server_bridge_pool_end, o->server_bridge_netmask);
483  verify_common_subnet("--server-bridge", o->server_bridge_ip, o->server_bridge_pool_end, o->server_bridge_netmask);
484  }
485 
486  o->mode = MODE_SERVER;
487  o->tls_server = true;
488 
489  if (o->server_bridge_defined)
490  {
491  o->ifconfig_pool_defined = true;
492  o->ifconfig_pool_start = o->server_bridge_pool_start;
493  o->ifconfig_pool_end = o->server_bridge_pool_end;
494  ifconfig_pool_verify_range(M_USAGE, o->ifconfig_pool_start, o->ifconfig_pool_end);
495  o->ifconfig_pool_netmask = o->server_bridge_netmask;
496  push_option(o, print_opt_route_gateway(o->server_bridge_ip, &o->gc), M_USAGE);
497  }
498  else if (o->server_bridge_proxy_dhcp && !(o->server_flags & SF_NO_PUSH_ROUTE_GATEWAY))
499  {
500  push_option(o, print_opt_route_gateway_dhcp(&o->gc), M_USAGE);
501  }
502  }
503  else
504  /*
505  * HELPER DIRECTIVE:
506  *
507  * client
508  *
509  * EXPANDS TO:
510  *
511  * pull
512  * tls-client
513  */
514  if (o->client)
515  {
516  o->pull = true;
517  o->tls_client = true;
518  }
519 
520  gc_free(&gc);
521 }
522 
523 /*
524  *
525  * HELPER DIRECTIVE:
526  *
527  * keepalive 10 60
528  *
529  * EXPANDS TO:
530  *
531  * if mode server:
532  * ping 10
533  * ping-restart 120
534  * push "ping 10"
535  * push "ping-restart 60"
536  * else
537  * ping 10
538  * ping-restart 60
539  */
540 void
541 helper_keepalive(struct options *o)
542 {
543  if (o->keepalive_ping || o->keepalive_timeout)
544  {
545  /*
546  * Sanity checks.
547  */
548  if (o->keepalive_ping <= 0 || o->keepalive_timeout <= 0)
549  {
550  msg(M_USAGE, "--keepalive parameters must be > 0");
551  }
552  if (o->keepalive_ping * 2 > o->keepalive_timeout)
553  {
554  msg(M_USAGE, "the second parameter to --keepalive (restart timeout=%d) must be at least twice the value of the first parameter (ping interval=%d). A ratio of 1:5 or 1:6 would be even better. Recommended setting is --keepalive 10 60.",
555  o->keepalive_timeout,
556  o->keepalive_ping);
557  }
558  if (o->ping_send_timeout || o->ping_rec_timeout)
559  {
560  msg(M_USAGE, "--keepalive conflicts with --ping, --ping-exit, or --ping-restart. If you use --keepalive, you don't need any of the other --ping directives.");
561  }
562 
563  /*
564  * Expand.
565  */
566  if (o->mode == MODE_POINT_TO_POINT)
567  {
568  o->ping_rec_timeout_action = PING_RESTART;
569  o->ping_send_timeout = o->keepalive_ping;
570  o->ping_rec_timeout = o->keepalive_timeout;
571  }
572  else if (o->mode == MODE_SERVER)
573  {
574  o->ping_rec_timeout_action = PING_RESTART;
575  o->ping_send_timeout = o->keepalive_ping;
576  o->ping_rec_timeout = o->keepalive_timeout * 2;
577  push_option(o, print_str_int("ping", o->keepalive_ping, &o->gc), M_USAGE);
578  push_option(o, print_str_int("ping-restart", o->keepalive_timeout, &o->gc), M_USAGE);
579  }
580  else
581  {
582  ASSERT(0);
583  }
584  }
585 }
586 
587 /*
588  *
589  * HELPER DIRECTIVE:
590  *
591  * tcp-nodelay
592  *
593  * EXPANDS TO:
594  *
595  * if mode server:
596  * socket-flags TCP_NODELAY
597  * push "socket-flags TCP_NODELAY"
598  */
599 void
600 helper_tcp_nodelay(struct options *o)
601 {
602  if (o->server_flags & SF_TCP_NODELAY_HELPER)
603  {
604  if (o->mode == MODE_SERVER)
605  {
606  o->sockflags |= SF_TCP_NODELAY;
607  push_option(o, print_str("socket-flags TCP_NODELAY", &o->gc), M_USAGE);
608  }
609  else
610  {
611  o->sockflags |= SF_TCP_NODELAY;
612  }
613  }
614 }
options::keepalive_timeout
int keepalive_timeout
Definition: options.h:328
options::server_network_ipv6
struct in6_addr server_network_ipv6
Definition: options.h:455
helper_setdefault_topology
void helper_setdefault_topology(struct options *o)
Set –topology default depending on –mode.
Definition: helper.c:144
netmask_to_netbits
bool netmask_to_netbits(const in_addr_t network, const in_addr_t netmask, int *netbits)
Definition: route.c:3928
helper_client_server
void helper_client_server(struct options *o)
Definition: helper.c:172
SF_NO_PUSH_ROUTE_GATEWAY
#define SF_NO_PUSH_ROUTE_GATEWAY
Definition: options.h:460
gc_new
static struct gc_arena gc_new(void)
Definition: buffer.h:1030
SF_TCP_NODELAY_HELPER
#define SF_TCP_NODELAY_HELPER
Definition: options.h:459
DEV_TYPE_TUN
#define DEV_TYPE_TUN
Definition: proto.h:37
forward.h
options::keepalive_ping
int keepalive_ping
Definition: options.h:327
options::server_flags
unsigned int server_flags
Definition: options.h:461
options::enable_c2c
bool enable_c2c
Definition: options.h:509
options::server_network
in_addr_t server_network
Definition: options.h:452
print_netmask
static const char * print_netmask(int netbits, struct gc_arena *gc)
Definition: helper.c:39
options::server_bridge_ip
in_addr_t server_bridge_ip
Definition: options.h:466
options::topology
int topology
Definition: options.h:307
BSTR
#define BSTR(buf)
Definition: buffer.h:129
options::dev_type
const char * dev_type
Definition: options.h:304
options::tls_client
bool tls_client
Definition: options.h:574
options::shared_secret_file
const char * shared_secret_file
Definition: options.h:552
alloc_buf_gc
struct buffer alloc_buf_gc(size_t size, struct gc_arena *gc)
Definition: buffer.c:88
verify_common_subnet
static void verify_common_subnet(const char *opt, const in_addr_t a, const in_addr_t b, const in_addr_t subnet)
Definition: helper.c:125
options::server_defined
bool server_defined
Definition: options.h:451
options::mode
int mode
Definition: options.h:247
print_opt_route
static const char * print_opt_route(const in_addr_t network, const in_addr_t netmask, struct gc_arena *gc)
Definition: helper.c:67
options::ifconfig_ipv6_pool_defined
bool ifconfig_ipv6_pool_defined
Definition: options.h:479
SF_TCP_NODELAY
#define SF_TCP_NODELAY
Definition: socket.h:205
TOP_SUBNET
#define TOP_SUBNET
Definition: proto.h:45
MODE_SERVER
#define MODE_SERVER
Definition: options.h:246
options::tls_server
bool tls_server
Definition: options.h:573
add_route_to_option_list
void add_route_to_option_list(struct route_option_list *l, const char *network, const char *netmask, const char *gateway, const char *metric)
Definition: route.c:510
PING_RESTART
#define PING_RESTART
Definition: options.h:341
SF_NOPOOL
#define SF_NOPOOL
Definition: options.h:458
push_option
void push_option(struct options *o, const char *opt, int msglevel)
Definition: push.c:869
options::dev
const char * dev
Definition: options.h:303
ASSERT
#define ASSERT(x)
Definition: error.h:195
helper_tcp_nodelay
void helper_tcp_nodelay(struct options *o)
Definition: helper.c:600
print_in6_addr
const char * print_in6_addr(struct in6_addr a6, unsigned int flags, struct gc_arena *gc)
Definition: socket.c:2924
print_topology
const char * print_topology(const int topology)
Definition: options.c:4738
options::server_netmask
in_addr_t server_netmask
Definition: options.h:453
options::ping_send_timeout
int ping_send_timeout
Definition: options.h:335
options::client
bool client
Definition: options.h:538
options::ifconfig_ipv6_netbits
int ifconfig_ipv6_netbits
Definition: options.h:311
IFCONFIG_POOL_MIN_NETBITS
#define IFCONFIG_POOL_MIN_NETBITS
Definition: pool.h:33
push.h
M_WARN
#define M_WARN
Definition: error.h:91
options::push_ifconfig_constraint_defined
bool push_ifconfig_constraint_defined
Definition: options.h:500
options::server_netbits_ipv6
unsigned int server_netbits_ipv6
Definition: options.h:456
options
Definition: options.h:236
pool.h
options::gc
struct gc_arena gc
Definition: options.h:238
print_str
static const char * print_str(const char *str, struct gc_arena *gc)
Definition: helper.c:106
helper_keepalive
void helper_keepalive(struct options *o)
Definition: helper.c:541
options::ifconfig_pool_netmask
in_addr_t ifconfig_pool_netmask
Definition: options.h:475
options::server_ipv6_defined
bool server_ipv6_defined
Definition: options.h:454
TOP_UNDEF
#define TOP_UNDEF
Definition: proto.h:42
DEV_TYPE_TAP
#define DEV_TYPE_TAP
Definition: proto.h:38
options::ping_rec_timeout
int ping_rec_timeout
Definition: options.h:336
buffer
Wrapper structure for dynamically allocated memory.
Definition: buffer.h:60
print_in_addr_t
const char * print_in_addr_t(in_addr_t addr, unsigned int flags, struct gc_arena *gc)
Definition: socket.c:2904
print_opt_topology
static const char * print_opt_topology(const int topology, struct gc_arena *gc)
Definition: helper.c:88
options::server_bridge_proxy_dhcp
bool server_bridge_proxy_dhcp
Definition: options.h:463
syshead.h
options::server_bridge_pool_start
in_addr_t server_bridge_pool_start
Definition: options.h:468
gc_arena
Garbage collection arena used to keep track of dynamically allocated memory.
Definition: buffer.h:116
MODE_POINT_TO_POINT
#define MODE_POINT_TO_POINT
Definition: options.h:245
options::server_bridge_netmask
in_addr_t server_bridge_netmask
Definition: options.h:467
TOP_P2P
#define TOP_P2P
Definition: proto.h:44
rol_check_alloc
void rol_check_alloc(struct options *options)
Definition: options.c:1683
options::ifconfig_pool_end
in_addr_t ifconfig_pool_end
Definition: options.h:474
print_str_int
static const char * print_str_int(const char *str, const int i, struct gc_arena *gc)
Definition: helper.c:98
options::ifconfig_pool_defined
bool ifconfig_pool_defined
Definition: options.h:472
netbits_to_netmask
static in_addr_t netbits_to_netmask(const int netbits)
Definition: route.h:379
status
static SERVICE_STATUS status
Definition: interactive.c:53
gc_free
static void gc_free(struct gc_arena *a)
Definition: buffer.h:1038
print_opt_route_gateway
static const char * print_opt_route_gateway(const in_addr_t route_gateway, struct gc_arena *gc)
Definition: helper.c:50
options::ifconfig_remote_netmask
const char * ifconfig_remote_netmask
Definition: options.h:309
options::routes
struct route_option_list * routes
Definition: options.h:418
options::ifconfig_ipv6_pool_netbits
int ifconfig_ipv6_pool_netbits
Definition: options.h:481
helper_add_route
static void helper_add_route(const in_addr_t network, const in_addr_t netmask, struct options *o)
Definition: helper.c:114
options::server_bridge_pool_end
in_addr_t server_bridge_pool_end
Definition: options.h:469
options::sockflags
unsigned int sockflags
Definition: options.h:406
TOP_NET30
#define TOP_NET30
Definition: proto.h:43
config.h
options::ifconfig_pool_start
in_addr_t ifconfig_pool_start
Definition: options.h:473
options::ifconfig_ipv6_pool_base
struct in6_addr ifconfig_ipv6_pool_base
Definition: options.h:480
options::ifconfig_ipv6_local
const char * ifconfig_ipv6_local
Definition: options.h:310
print_opt_route_gateway_dhcp
static const char * print_opt_route_gateway_dhcp(struct gc_arena *gc)
Definition: helper.c:59
helper.h
options::push_ifconfig_constraint_network
in_addr_t push_ifconfig_constraint_network
Definition: options.h:501
ifconfig_pool_verify_range
bool ifconfig_pool_verify_range(const int msglevel, const in_addr_t start, const in_addr_t end)
Definition: pool.c:121
add_in6_addr
struct in6_addr add_in6_addr(struct in6_addr base, uint32_t add)
Definition: socket.c:2955
options::ifconfig_local
const char * ifconfig_local
Definition: options.h:308
memdbg.h
options::ping_rec_timeout_action
int ping_rec_timeout_action
Definition: options.h:342
M_USAGE
#define M_USAGE
Definition: error.h:106
msg
#define msg(flags,...)
Definition: error.h:144
options::ifconfig_ipv6_remote
const char * ifconfig_ipv6_remote
Definition: options.h:312
buf_printf
bool buf_printf(struct buffer *buf, const char *format,...)
Definition: buffer.c:240
options::server_bridge_defined
bool server_bridge_defined
Definition: options.h:465
options::push_ifconfig_constraint_netmask
in_addr_t push_ifconfig_constraint_netmask
Definition: options.h:502
options::pull
bool pull
Definition: options.h:539
dev_type_enum
int dev_type_enum(const char *dev, const char *dev_type)
Definition: tun.c:436
options::route_default_gateway
const char * route_default_gateway
Definition: options.h:411
Generated by   doxygen 1.8.17