OpenVPN
socket.c
Go to the documentation of this file.
1/*
2 * OpenVPN -- An application to securely tunnel IP networks
3 * over a single TCP/UDP port, with support for SSL/TLS-based
4 * session authentication and key exchange,
5 * packet encryption, packet authentication, and
6 * packet compression.
7 *
8 * Copyright (C) 2002-2025 OpenVPN Inc <sales@openvpn.net>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License version 2
12 * as published by the Free Software Foundation.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, see <https://www.gnu.org/licenses/>.
21 */
22
23#ifdef HAVE_CONFIG_H
24#include "config.h"
25#endif
26
27#include "syshead.h"
28
29#include "socket.h"
30#include "fdmisc.h"
31#include "misc.h"
32#include "gremlin.h"
33#include "plugin.h"
34#include "ps.h"
35#include "run_command.h"
36#include "manage.h"
37#include "misc.h"
38#include "manage.h"
39#include "openvpn.h"
40#include "forward.h"
41
42#include "memdbg.h"
43
44bool
46{
47 int i;
48
49 for (i = 0; i < c->c1.link_sockets_num; i++)
50 {
52 {
53 return true;
54 }
55 }
56 return false;
57}
58
59/*
60 * Convert sockflags/getaddr_flags into getaddr_flags
61 */
62static unsigned int
63sf2gaf(const unsigned int getaddr_flags, const unsigned int sockflags)
64{
65 if (sockflags & SF_HOST_RANDOMIZE)
66 {
67 return getaddr_flags | GETADDR_RANDOMIZE;
68 }
69 else
70 {
71 return getaddr_flags;
72 }
73}
74
75#if defined(__GNUC__) || defined(__clang__)
76#pragma GCC diagnostic push
77#pragma GCC diagnostic ignored "-Wconversion"
78#endif
79
80/*
81 * Functions related to the translation of DNS names to IP addresses.
82 */
83static int
84get_addr_generic(sa_family_t af, unsigned int flags, const char *hostname, void *network,
85 unsigned int *netbits, int resolve_retry_seconds, struct signal_info *sig_info,
86 msglvl_t msglevel)
87{
88 char *endp, *sep, *var_host = NULL;
89 struct addrinfo *ai = NULL;
90 unsigned long bits;
91 uint8_t max_bits;
92 int ret = -1;
93
94 if (!hostname)
95 {
96 msg(M_NONFATAL, "Can't resolve null hostname!");
97 goto out;
98 }
99
100 /* assign family specific default values */
101 switch (af)
102 {
103 case AF_INET:
104 bits = 0;
105 max_bits = sizeof(in_addr_t) * 8;
106 break;
107
108 case AF_INET6:
109 bits = 64;
110 max_bits = sizeof(struct in6_addr) * 8;
111 break;
112
113 default:
114 msg(M_WARN, "Unsupported AF family passed to getaddrinfo for %s (%d)", hostname, af);
115 goto out;
116 }
117
118 /* we need to modify the hostname received as input, but we don't want to
119 * touch it directly as it might be a constant string.
120 *
121 * Therefore, we clone the string here and free it at the end of the
122 * function */
123 var_host = strdup(hostname);
124 if (!var_host)
125 {
126 msg(M_NONFATAL | M_ERRNO, "Can't allocate hostname buffer for getaddrinfo");
127 goto out;
128 }
129
130 /* check if this hostname has a /bits suffix */
131 sep = strchr(var_host, '/');
132 if (sep)
133 {
134 bits = strtoul(sep + 1, &endp, 10);
135 if ((*endp != '\0') || (bits > max_bits))
136 {
137 msg(msglevel, "IP prefix '%s': invalid '/bits' spec (%s)", hostname, sep + 1);
138 goto out;
139 }
140 *sep = '\0';
141 }
142
143 ret = openvpn_getaddrinfo(flags & ~GETADDR_HOST_ORDER, var_host, NULL, resolve_retry_seconds,
144 sig_info, af, &ai);
145 if ((ret == 0) && network)
146 {
147 struct in6_addr *ip6;
148 in_addr_t *ip4;
149
150 switch (af)
151 {
152 case AF_INET:
153 ip4 = network;
154 *ip4 = ((struct sockaddr_in *)ai->ai_addr)->sin_addr.s_addr;
155
156 if (flags & GETADDR_HOST_ORDER)
157 {
158 *ip4 = ntohl(*ip4);
159 }
160 break;
161
162 case AF_INET6:
163 ip6 = network;
164 *ip6 = ((struct sockaddr_in6 *)ai->ai_addr)->sin6_addr;
165 break;
166
167 default:
168 /* can't get here because 'af' was previously checked */
169 msg(M_WARN, "Unsupported AF family for %s (%d)", var_host, af);
170 goto out;
171 }
172 }
173
174 if (netbits)
175 {
176 *netbits = bits;
177 }
178
179 /* restore '/' separator, if any */
180 if (sep)
181 {
182 *sep = '/';
183 }
184out:
185 freeaddrinfo(ai);
186 free(var_host);
187
188 return ret;
189}
190
191in_addr_t
192getaddr(unsigned int flags, const char *hostname, int resolve_retry_seconds, bool *succeeded,
193 struct signal_info *sig_info)
194{
195 in_addr_t addr;
196 int status;
197
198 status = get_addr_generic(AF_INET, flags, hostname, &addr, NULL, resolve_retry_seconds,
199 sig_info, M_WARN);
200 if (status == 0)
201 {
202 if (succeeded)
203 {
204 *succeeded = true;
205 }
206 return addr;
207 }
208 else
209 {
210 if (succeeded)
211 {
212 *succeeded = false;
213 }
214 return 0;
215 }
216}
217
218bool
219get_ipv6_addr(const char *hostname, struct in6_addr *network, unsigned int *netbits,
220 msglvl_t msglevel)
221{
222 if (get_addr_generic(AF_INET6, GETADDR_RESOLVE, hostname, network, netbits, 0, NULL, msglevel)
223 < 0)
224 {
225 return false;
226 }
227
228 return true; /* parsing OK, values set */
229}
230
231static inline bool
232streqnull(const char *a, const char *b)
233{
234 if (a == NULL && b == NULL)
235 {
236 return true;
237 }
238 else if (a == NULL || b == NULL)
239 {
240 return false;
241 }
242 else
243 {
244 return streq(a, b);
245 }
246}
247
248/*
249 * get_cached_dns_entry return 0 on success and -1
250 * otherwise. (like getaddrinfo)
251 */
252static int
253get_cached_dns_entry(struct cached_dns_entry *dns_cache, const char *hostname, const char *servname,
254 int ai_family, unsigned int resolve_flags, struct addrinfo **ai)
255{
256 struct cached_dns_entry *ph;
257 unsigned int flags;
258
259 /* Only use flags that are relevant for the structure */
260 flags = resolve_flags & GETADDR_CACHE_MASK;
261
262 for (ph = dns_cache; ph; ph = ph->next)
263 {
265 && ph->ai_family == ai_family && ph->flags == flags)
266 {
267 *ai = ph->ai;
268 return 0;
269 }
270 }
271 return -1;
272}
273
274
275static int
276do_preresolve_host(struct context *c, const char *hostname, const char *servname, const int af,
277 const unsigned int flags)
278{
279 struct addrinfo *ai;
280 int status;
281
282 if (get_cached_dns_entry(c->c1.dns_cache, hostname, servname, af, flags, &ai) == 0)
283 {
284 /* entry already cached, return success */
285 return 0;
286 }
287
288 status = openvpn_getaddrinfo(flags, hostname, servname, c->options.resolve_retry_seconds, NULL,
289 af, &ai);
290 if (status == 0)
291 {
292 struct cached_dns_entry *ph;
293
294 ALLOC_OBJ_CLEAR_GC(ph, struct cached_dns_entry, &c->gc);
295 ph->ai = ai;
296 ph->hostname = hostname;
297 ph->servname = servname;
299
300 if (!c->c1.dns_cache)
301 {
302 c->c1.dns_cache = ph;
303 }
304 else
305 {
306 struct cached_dns_entry *prev = c->c1.dns_cache;
307 while (prev->next)
308 {
309 prev = prev->next;
310 }
311 prev->next = ph;
312 }
313
315 }
316 return status;
317}
318
319void
321{
322 struct connection_list *l = c->options.connection_list;
325
326
327 for (int i = 0; i < l->len; ++i)
328 {
329 int status;
330 const char *remote;
331 unsigned int flags = preresolve_flags;
332
333 struct connection_entry *ce = l->array[i];
334
335 if (proto_is_dgram(ce->proto))
336 {
338 }
339
341 {
343 }
344
345 if (c->options.ip_remote_hint)
346 {
348 }
349 else
350 {
351 remote = ce->remote;
352 }
353
354 /* HTTP remote hostname does not need to be resolved */
355 if (!ce->http_proxy_options)
356 {
358 if (status != 0)
359 {
360 goto err;
361 }
362 }
363
364 /* Preresolve proxy */
365 if (ce->http_proxy_options)
366 {
368 ce->http_proxy_options->port, ce->af, preresolve_flags);
369
370 if (status != 0)
371 {
372 goto err;
373 }
374 }
375
376 if (ce->socks_proxy_server)
377 {
378 status =
380 if (status != 0)
381 {
382 goto err;
383 }
384 }
385
386 if (ce->bind_local)
387 {
389 flags &= ~GETADDR_RANDOMIZE;
390
391 for (int j = 0; j < ce->local_list->len; j++)
392 {
393 struct local_entry *le = ce->local_list->array[j];
394
395 if (!le->local)
396 {
397 continue;
398 }
399
400 status = do_preresolve_host(c, le->local, le->port, ce->af, flags);
401 if (status != 0)
402 {
403 goto err;
404 }
405 }
406 }
407 }
408 return;
409
410err:
411 throw_signal_soft(SIGHUP, "Preresolving failed");
412}
413
414static int
416{
417#if defined(SOL_SOCKET) && defined(SO_SNDBUF)
418 int val;
419 socklen_t len;
420
421 len = sizeof(val);
422 if (getsockopt(sd, SOL_SOCKET, SO_SNDBUF, (void *)&val, &len) == 0 && len == sizeof(val))
423 {
424 return val;
425 }
426#endif
427 return 0;
428}
429
430static void
432{
433#if defined(SOL_SOCKET) && defined(SO_SNDBUF)
434 if (setsockopt(sd, SOL_SOCKET, SO_SNDBUF, (void *)&size, sizeof(size)) != 0)
435 {
436 msg(M_WARN, "NOTE: setsockopt SO_SNDBUF=%d failed", size);
437 }
438#endif
439}
440
441static int
443{
444#if defined(SOL_SOCKET) && defined(SO_RCVBUF)
445 int val;
446 socklen_t len;
447
448 len = sizeof(val);
449 if (getsockopt(sd, SOL_SOCKET, SO_RCVBUF, (void *)&val, &len) == 0 && len == sizeof(val))
450 {
451 return val;
452 }
453#endif
454 return 0;
455}
456
457static bool
459{
460#if defined(SOL_SOCKET) && defined(SO_RCVBUF)
461 if (setsockopt(sd, SOL_SOCKET, SO_RCVBUF, (void *)&size, sizeof(size)) != 0)
462 {
463 msg(M_WARN, "NOTE: setsockopt SO_RCVBUF=%d failed", size);
464 return false;
465 }
466 return true;
467#endif
468}
469
470void
471socket_set_buffers(socket_descriptor_t fd, const struct socket_buffer_size *sbs, bool reduce_size)
472{
473 if (sbs)
474 {
475 const int sndbuf_old = socket_get_sndbuf(fd);
476 const int rcvbuf_old = socket_get_rcvbuf(fd);
477
478 if (sbs->sndbuf && (reduce_size || sndbuf_old < sbs->sndbuf))
479 {
480 socket_set_sndbuf(fd, sbs->sndbuf);
481 }
482
483 if (sbs->rcvbuf && (reduce_size || rcvbuf_old < sbs->rcvbuf))
484 {
485 socket_set_rcvbuf(fd, sbs->rcvbuf);
486 }
487
488 msg(D_OSBUF, "Socket Buffers: R=[%d->%d] S=[%d->%d]", rcvbuf_old, socket_get_rcvbuf(fd),
489 sndbuf_old, socket_get_sndbuf(fd));
490 }
491}
492
493/*
494 * Set other socket options
495 */
496
497static bool
499{
500#if defined(_WIN32) || (defined(IPPROTO_TCP) && defined(TCP_NODELAY))
501 if (setsockopt(sd, IPPROTO_TCP, TCP_NODELAY, (void *)&state, sizeof(state)) != 0)
502 {
503 msg(M_WARN, "NOTE: setsockopt TCP_NODELAY=%d failed", state);
504 return false;
505 }
506 else
507 {
508 dmsg(D_OSBUF, "Socket flags: TCP_NODELAY=%d succeeded", state);
509 return true;
510 }
511#else /* if defined(_WIN32) || (defined(IPPROTO_TCP) && defined(TCP_NODELAY)) */
512 msg(M_WARN, "NOTE: setsockopt TCP_NODELAY=%d failed (No kernel support)", state);
513 return false;
514#endif
515}
516
517static inline void
519{
520#if defined(TARGET_LINUX) && HAVE_DECL_SO_MARK
521 if (mark && setsockopt(sd, SOL_SOCKET, SO_MARK, (void *)&mark, sizeof(mark)) != 0)
522 {
523 msg(M_WARN, "NOTE: setsockopt SO_MARK=%d failed", mark);
524 }
525#endif
526}
527
528static bool
529socket_set_flags(socket_descriptor_t sd, unsigned int sockflags)
530{
531 /* SF_TCP_NODELAY doesn't make sense for dco-win */
532 if ((sockflags & SF_TCP_NODELAY) && (!(sockflags & SF_DCO_WIN)))
533 {
534 return socket_set_tcp_nodelay(sd, 1);
535 }
536 else
537 {
538 return true;
539 }
540}
541
542bool
543link_socket_update_flags(struct link_socket *sock, unsigned int sockflags)
544{
545 if (sock && socket_defined(sock->sd))
546 {
547 sock->sockflags |= sockflags;
548 return socket_set_flags(sock->sd, sock->sockflags);
549 }
550 else
551 {
552 return false;
553 }
554}
555
556void
557link_socket_update_buffer_sizes(struct link_socket *sock, int rcvbuf, int sndbuf)
558{
559 if (sock && socket_defined(sock->sd))
560 {
561 sock->socket_buffer_sizes.sndbuf = sndbuf;
562 sock->socket_buffer_sizes.rcvbuf = rcvbuf;
563 socket_set_buffers(sock->sd, &sock->socket_buffer_sizes, true);
564 }
565}
566
567/*
568 * SOCKET INITIALIZATION CODE.
569 * Create a TCP/UDP socket
570 */
571
573create_socket_tcp(struct addrinfo *addrinfo)
574{
576
577 ASSERT(addrinfo);
578 ASSERT(addrinfo->ai_socktype == SOCK_STREAM);
579
580 if ((sd = socket(addrinfo->ai_family, addrinfo->ai_socktype, addrinfo->ai_protocol)) < 0)
581 {
582 msg(M_ERR, "Cannot create TCP socket");
583 }
584
585#ifndef _WIN32 /* using SO_REUSEADDR on Windows will cause bind to succeed on port conflicts! */
586 /* set SO_REUSEADDR on socket */
587 {
588 int on = 1;
589 if (setsockopt(sd, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on)) < 0)
590 {
591 msg(M_ERR, "TCP: Cannot setsockopt SO_REUSEADDR on TCP socket");
592 }
593 }
594#endif
595
596 /* set socket file descriptor to not pass across execs, so that
597 * scripts don't have access to it */
598 set_cloexec(sd);
599
600 return sd;
601}
602
604create_socket_udp(struct addrinfo *addrinfo, const unsigned int flags)
605{
607
608 ASSERT(addrinfo);
609 ASSERT(addrinfo->ai_socktype == SOCK_DGRAM);
610
611 if ((sd = socket(addrinfo->ai_family, addrinfo->ai_socktype, addrinfo->ai_protocol)) < 0)
612 {
613 msg(M_ERR, "UDP: Cannot create UDP/UDP6 socket");
614 }
615#if ENABLE_IP_PKTINFO
616 else if (flags & SF_USE_IP_PKTINFO)
617 {
618 int pad = 1;
619 if (addrinfo->ai_family == AF_INET)
620 {
621#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
622 if (setsockopt(sd, SOL_IP, IP_PKTINFO, (void *)&pad, sizeof(pad)) < 0)
623 {
624 msg(M_ERR, "UDP: failed setsockopt for IP_PKTINFO");
625 }
626#elif defined(IP_RECVDSTADDR)
627 if (setsockopt(sd, IPPROTO_IP, IP_RECVDSTADDR, (void *)&pad, sizeof(pad)) < 0)
628 {
629 msg(M_ERR, "UDP: failed setsockopt for IP_RECVDSTADDR");
630 }
631#else /* if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST) */
632#error ENABLE_IP_PKTINFO is set without IP_PKTINFO xor IP_RECVDSTADDR (fix syshead.h)
633#endif
634 }
635 else if (addrinfo->ai_family == AF_INET6)
636 {
637#ifndef IPV6_RECVPKTINFO /* Some older Darwin platforms require this */
638 if (setsockopt(sd, IPPROTO_IPV6, IPV6_PKTINFO, (void *)&pad, sizeof(pad)) < 0)
639#else
640 if (setsockopt(sd, IPPROTO_IPV6, IPV6_RECVPKTINFO, (void *)&pad, sizeof(pad)) < 0)
641#endif
642 {
643 msg(M_ERR, "UDP: failed setsockopt for IPV6_RECVPKTINFO");
644 }
645 }
646 }
647#endif /* if ENABLE_IP_PKTINFO */
648
649 /* set socket file descriptor to not pass across execs, so that
650 * scripts don't have access to it */
651 set_cloexec(sd);
652
653 return sd;
654}
655
656static void
657bind_local(struct link_socket *sock, const sa_family_t ai_family)
658{
659 /* bind to local address/port */
660 if (sock->bind_local)
661 {
662 if (sock->socks_proxy && sock->info.proto == PROTO_UDP)
663 {
664 socket_bind(sock->ctrl_sd, sock->info.lsa->bind_local, ai_family, "SOCKS", false);
665 }
666 else
667 {
668 socket_bind(sock->sd, sock->info.lsa->bind_local, ai_family, "TCP/UDP",
669 sock->info.bind_ipv6_only);
670 }
671 }
672}
673
674static void
675create_socket(struct link_socket *sock, struct addrinfo *addr)
676{
677 if (addr->ai_protocol == IPPROTO_UDP || addr->ai_socktype == SOCK_DGRAM)
678 {
679 sock->sd = create_socket_udp(addr, sock->sockflags);
681
682 /* Assume that control socket and data socket to the socks proxy
683 * are using the same IP family */
684 if (sock->socks_proxy)
685 {
686 /* Construct a temporary addrinfo to create the socket,
687 * currently resolve two remote addresses is not supported,
688 * TODO: Rewrite the whole resolve_remote */
689 struct addrinfo addrinfo_tmp = *addr;
690 addrinfo_tmp.ai_socktype = SOCK_STREAM;
691 addrinfo_tmp.ai_protocol = IPPROTO_TCP;
692 sock->ctrl_sd = create_socket_tcp(&addrinfo_tmp);
693 }
694 }
695 else if (addr->ai_protocol == IPPROTO_TCP || addr->ai_socktype == SOCK_STREAM)
696 {
697 sock->sd = create_socket_tcp(addr);
698 }
699 else
700 {
701 ASSERT(0);
702 }
703 /* Set af field of sock->info, so it always reflects the address family
704 * of the created socket */
705 sock->info.af = addr->ai_family;
706
707 /* set socket buffers based on --sndbuf and --rcvbuf options */
708 socket_set_buffers(sock->sd, &sock->socket_buffer_sizes, true);
709
710 /* set socket to --mark packets with given value */
711 socket_set_mark(sock->sd, sock->mark);
712
713#if defined(TARGET_LINUX)
714 if (sock->bind_dev)
715 {
716 msg(M_INFO, "Using bind-dev %s", sock->bind_dev);
717 if (setsockopt(sock->sd, SOL_SOCKET, SO_BINDTODEVICE, sock->bind_dev,
718 strlen(sock->bind_dev) + 1)
719 != 0)
720 {
721 msg(M_WARN | M_ERRNO, "WARN: setsockopt SO_BINDTODEVICE=%s failed", sock->bind_dev);
722 }
723 }
724#endif
725
726 bind_local(sock, addr->ai_family);
727}
728
729#ifdef TARGET_ANDROID
730static void
731protect_fd_nonlocal(int fd, const struct sockaddr *addr)
732{
733 if (!management)
734 {
735 msg(M_FATAL, "Required management interface not available.");
736 }
737
738 /* pass socket FD to management interface to pass on to VPNService API
739 * as "protected socket" (exempt from being routed into tunnel)
740 */
741 if (addr_local(addr))
742 {
743 msg(D_SOCKET_DEBUG, "Address is local, not protecting socket fd %d", fd);
744 return;
745 }
746
747 msg(D_SOCKET_DEBUG, "Protecting socket fd %d", fd);
748 management->connection.fdtosend = fd;
749 management_android_control(management, "PROTECTFD", __func__);
750}
751#endif
752
753/*
754 * Functions used for establishing a TCP stream connection.
755 */
756static void
757socket_do_listen(socket_descriptor_t sd, const struct addrinfo *local, bool do_listen,
758 bool do_set_nonblock)
759{
760 struct gc_arena gc = gc_new();
761 if (do_listen)
762 {
763 ASSERT(local);
764 msg(M_INFO, "Listening for incoming TCP connection on %s",
765 print_sockaddr(local->ai_addr, &gc));
766 if (listen(sd, 32))
767 {
768 msg(M_ERR, "TCP: listen() failed");
769 }
770 }
771
772 /* set socket to non-blocking mode */
773 if (do_set_nonblock)
774 {
775 set_nonblock(sd);
776 }
777
778 gc_free(&gc);
779}
780
782socket_do_accept(socket_descriptor_t sd, struct link_socket_actual *act, const bool nowait)
783{
784 /* af_addr_size WILL return 0 in this case if AFs other than AF_INET
785 * are compiled because act is empty here.
786 * could use getsockname() to support later remote_len check
787 */
788 socklen_t remote_len_af = af_addr_size(act->dest.addr.sa.sa_family);
789 socklen_t remote_len = sizeof(act->dest.addr);
791
792 CLEAR(*act);
793
794 if (nowait)
795 {
796 new_sd = getpeername(sd, &act->dest.addr.sa, &remote_len);
797
798 if (!socket_defined(new_sd))
799 {
800 msg(D_LINK_ERRORS | M_ERRNO, "TCP: getpeername() failed");
801 }
802 else
803 {
804 new_sd = sd;
805 }
806 }
807 else
808 {
809 new_sd = accept(sd, &act->dest.addr.sa, &remote_len);
810 }
811
812#if 0 /* For debugging only, test the effect of accept() failures */
813 {
814 static int foo = 0;
815 ++foo;
816 if (foo & 1)
817 {
818 new_sd = -1;
819 }
820 }
821#endif
822
823 if (!socket_defined(new_sd))
824 {
825 msg(D_LINK_ERRORS | M_ERRNO, "TCP: accept(%d) failed", (int)sd);
826 }
827 /* only valid if we have remote_len_af!=0 */
828 else if (remote_len_af && remote_len != remote_len_af)
829 {
831 "TCP: Received strange incoming connection with unknown address length=%d", remote_len);
832 openvpn_close_socket(new_sd);
833 new_sd = SOCKET_UNDEFINED;
834 }
835 else
836 {
837 /* set socket file descriptor to not pass across execs, so that
838 * scripts don't have access to it */
839 set_cloexec(sd);
840 }
841 return new_sd;
842}
843
844static void
846{
847 struct gc_arena gc = gc_new();
848 msg(M_INFO, "TCP connection established with %s", print_link_socket_actual(act, &gc));
849 gc_free(&gc);
850}
851
854 const char *remote_dynamic, const struct addrinfo *local, bool do_listen,
855 bool nowait, volatile int *signal_received)
856{
857 struct gc_arena gc = gc_new();
858 /* struct openvpn_sockaddr *remote = &act->dest; */
859 struct openvpn_sockaddr remote_verify = act->dest;
861
862 CLEAR(*act);
863 socket_do_listen(sd, local, do_listen, true);
864
865 while (true)
866 {
867 int status;
868 fd_set reads;
869 struct timeval tv;
870
871 FD_ZERO(&reads);
872 openvpn_fd_set(sd, &reads);
873 tv.tv_sec = 0;
874 tv.tv_usec = 0;
875
876 status = select(sd + 1, &reads, NULL, NULL, &tv);
877
878 get_signal(signal_received);
879 if (*signal_received)
880 {
881 gc_free(&gc);
882 return sd;
883 }
884
885 if (status < 0)
886 {
887 msg(D_LINK_ERRORS | M_ERRNO, "TCP: select() failed");
888 }
889
890 if (status <= 0)
891 {
893 continue;
894 }
895
896 new_sd = socket_do_accept(sd, act, nowait);
897
898 if (socket_defined(new_sd))
899 {
900 struct addrinfo *ai = NULL;
901 if (remote_dynamic)
902 {
903 openvpn_getaddrinfo(0, remote_dynamic, NULL, 1, NULL,
904 remote_verify.addr.sa.sa_family, &ai);
905 }
906
907 if (ai && !addrlist_match(&remote_verify, ai))
908 {
909 msg(M_WARN, "TCP NOTE: Rejected connection attempt from %s due to --remote setting",
911 if (openvpn_close_socket(new_sd))
912 {
913 msg(M_ERR, "TCP: close socket failed (new_sd)");
914 }
915 freeaddrinfo(ai);
916 }
917 else
918 {
919 if (ai)
920 {
921 freeaddrinfo(ai);
922 }
923 break;
924 }
925 }
927 }
928
929 if (!nowait && openvpn_close_socket(sd))
930 {
931 msg(M_ERR, "TCP: close socket failed (sd)");
932 }
933
935
936 gc_free(&gc);
937 return new_sd;
938}
939
940void
941socket_bind(socket_descriptor_t sd, struct addrinfo *local, int ai_family, const char *prefix,
942 bool ipv6only)
943{
944 struct gc_arena gc = gc_new();
945
946 /* FIXME (schwabe)
947 * getaddrinfo for the bind address might return multiple AF_INET/AF_INET6
948 * entries for the requested protocol.
949 * For example if an address has multiple A records
950 * What is the correct way to deal with it?
951 */
952
953 struct addrinfo *cur;
954
955 ASSERT(local);
956
957
958 /* find the first addrinfo with correct ai_family */
959 for (cur = local; cur; cur = cur->ai_next)
960 {
961 if (cur->ai_family == ai_family)
962 {
963 break;
964 }
965 }
966 if (!cur)
967 {
968 msg(M_FATAL, "%s: Socket bind failed: Addr to bind has no %s record", prefix,
969 addr_family_name(ai_family));
970 }
971
972 if (ai_family == AF_INET6)
973 {
974 int v6only = ipv6only ? 1 : 0; /* setsockopt must have an "int" */
975
976 msg(M_INFO, "setsockopt(IPV6_V6ONLY=%d)", v6only);
977 if (setsockopt(sd, IPPROTO_IPV6, IPV6_V6ONLY, (void *)&v6only, sizeof(v6only)))
978 {
979 msg(M_NONFATAL | M_ERRNO, "Setting IPV6_V6ONLY=%d failed", v6only);
980 }
981 }
982 if (bind(sd, cur->ai_addr, cur->ai_addrlen))
983 {
984 msg(M_FATAL | M_ERRNO, "%s: Socket bind failed on local address %s", prefix,
985 print_sockaddr_ex(local->ai_addr, ":", PS_SHOW_PORT, &gc));
986 }
987 gc_free(&gc);
988}
989
990int
991openvpn_connect(socket_descriptor_t sd, const struct sockaddr *remote, int connect_timeout,
992 volatile int *signal_received)
993{
994 int status = 0;
995
996#ifdef TARGET_ANDROID
997 protect_fd_nonlocal(sd, remote);
998#endif
999 set_nonblock(sd);
1000 status = connect(sd, remote, af_addr_size(remote->sa_family));
1001 if (status)
1002 {
1004 }
1005 if (
1006#ifdef _WIN32
1007 status == WSAEWOULDBLOCK
1008#else
1009 status == EINPROGRESS
1010#endif
1011 )
1012 {
1013 while (true)
1014 {
1015#if POLL
1016 struct pollfd fds[1];
1017 fds[0].fd = sd;
1018 fds[0].events = POLLOUT;
1019 status = poll(fds, 1, (connect_timeout > 0) ? 1000 : 0);
1020#else
1021 fd_set writes;
1022 struct timeval tv;
1023
1024 FD_ZERO(&writes);
1025 openvpn_fd_set(sd, &writes);
1026 tv.tv_sec = (connect_timeout > 0) ? 1 : 0;
1027 tv.tv_usec = 0;
1028
1029 status = select(sd + 1, NULL, &writes, NULL, &tv);
1030#endif
1031 if (signal_received)
1032 {
1033 get_signal(signal_received);
1034 if (*signal_received)
1035 {
1036 status = 0;
1037 break;
1038 }
1039 }
1040 if (status < 0)
1041 {
1043 break;
1044 }
1045 if (status <= 0)
1046 {
1047 if (--connect_timeout < 0)
1048 {
1049#ifdef _WIN32
1050 status = WSAETIMEDOUT;
1051#else
1052 status = ETIMEDOUT;
1053#endif
1054 break;
1055 }
1057 continue;
1058 }
1059
1060 /* got it */
1061 {
1062 int val = 0;
1063 socklen_t len;
1064
1065 len = sizeof(val);
1066 if (getsockopt(sd, SOL_SOCKET, SO_ERROR, (void *)&val, &len) == 0
1067 && len == sizeof(val))
1068 {
1069 status = val;
1070 }
1071 else
1072 {
1074 }
1075 break;
1076 }
1077 }
1078 }
1079
1080 return status;
1081}
1082
1083void
1084set_actual_address(struct link_socket_actual *actual, struct addrinfo *ai)
1085{
1086 CLEAR(*actual);
1087 ASSERT(ai);
1088
1089 if (ai->ai_family == AF_INET)
1090 {
1091 actual->dest.addr.in4 = *((struct sockaddr_in *)ai->ai_addr);
1092 }
1093 else if (ai->ai_family == AF_INET6)
1094 {
1095 actual->dest.addr.in6 = *((struct sockaddr_in6 *)ai->ai_addr);
1096 }
1097 else
1098 {
1099 ASSERT(0);
1100 }
1101}
1102
1103static void
1104socket_connect(socket_descriptor_t *sd, const struct sockaddr *dest, const int connect_timeout,
1105 struct signal_info *sig_info)
1106{
1107 struct gc_arena gc = gc_new();
1108 int status;
1109
1110 msg(M_INFO, "Attempting to establish TCP connection with %s", print_sockaddr(dest, &gc));
1111
1112#ifdef ENABLE_MANAGEMENT
1113 if (management)
1114 {
1115 management_set_state(management, OPENVPN_STATE_TCP_CONNECT, NULL, NULL, NULL, NULL, NULL);
1116 }
1117#endif
1118
1119 /* Set the actual address */
1120 status = openvpn_connect(*sd, dest, connect_timeout, &sig_info->signal_received);
1121
1122 get_signal(&sig_info->signal_received);
1123 if (sig_info->signal_received)
1124 {
1125 goto done;
1126 }
1127
1128 if (status)
1129 {
1130 msg(D_LINK_ERRORS, "TCP: connect to %s failed: %s", print_sockaddr(dest, &gc),
1131 strerror(status));
1132
1134 *sd = SOCKET_UNDEFINED;
1135 register_signal(sig_info, SIGUSR1, "connection-failed");
1136 }
1137 else
1138 {
1139 msg(M_INFO, "TCP connection established with %s", print_sockaddr(dest, &gc));
1140 }
1141
1142done:
1143 gc_free(&gc);
1144}
1145
1146/*
1147 * Stream buffer handling prototypes -- stream_buf is a helper class
1148 * to assist in the packetization of stream transport protocols
1149 * such as TCP.
1150 */
1151
1152static void stream_buf_init(struct stream_buf *sb, struct buffer *buf, const unsigned int sockflags,
1153 const int proto);
1154
1155static void stream_buf_close(struct stream_buf *sb);
1156
1157static bool stream_buf_added(struct stream_buf *sb, int length_added);
1158
1159/* For stream protocols, allocate a buffer to build up packet.
1160 * Called after frame has been finalized. */
1161
1162static void
1163socket_frame_init(const struct frame *frame, struct link_socket *sock)
1164{
1165#ifdef _WIN32
1166 overlapped_io_init(&sock->reads, frame, FALSE);
1167 overlapped_io_init(&sock->writes, frame, TRUE);
1168 sock->rw_handle.read = sock->reads.overlapped.hEvent;
1169 sock->rw_handle.write = sock->writes.overlapped.hEvent;
1170#endif
1171
1173 {
1174#ifdef _WIN32
1175 stream_buf_init(&sock->stream_buf, &sock->reads.buf_init, sock->sockflags,
1176 sock->info.proto);
1177#else
1179
1181 sock->info.proto);
1182#endif
1183 }
1184}
1185
1186static void
1188{
1189 struct gc_arena gc = gc_new();
1190
1191 /* resolve local address if undefined */
1192 if (!sock->info.lsa->bind_local)
1193 {
1195 int status;
1196
1197 if (proto_is_dgram(sock->info.proto))
1198 {
1199 flags |= GETADDR_DATAGRAM;
1200 }
1201
1202 /* will return AF_{INET|INET6}from local_host */
1203 status = get_cached_dns_entry(sock->dns_cache, sock->local_host, sock->local_port, af,
1204 flags, &sock->info.lsa->bind_local);
1205
1206 if (status)
1207 {
1208 status = openvpn_getaddrinfo(flags, sock->local_host, sock->local_port, 0, NULL, af,
1209 &sock->info.lsa->bind_local);
1210 }
1211
1212 if (status != 0)
1213 {
1214 msg(M_FATAL, "getaddrinfo() failed for local \"%s:%s\": %s", sock->local_host,
1215 sock->local_port, gai_strerror(status));
1216 }
1217
1218 /* the address family returned by openvpn_getaddrinfo() should be
1219 * taken into consideration only if we really passed an hostname
1220 * to resolve. Otherwise its value is not useful to us and may
1221 * actually break our socket, i.e. when it returns AF_INET
1222 * but our remote is v6 only.
1223 */
1224 if (sock->local_host)
1225 {
1226 /* the resolved 'local entry' might have a different family than
1227 * what was globally configured
1228 */
1229 sock->info.af = sock->info.lsa->bind_local->ai_family;
1230 }
1231 }
1232
1233 gc_free(&gc);
1234}
1235
1236static void
1237resolve_remote(struct link_socket *sock, int phase, const char **remote_dynamic,
1238 struct signal_info *sig_info)
1239{
1240 volatile int *signal_received = sig_info ? &sig_info->signal_received : NULL;
1241 struct gc_arena gc = gc_new();
1242
1243 /* resolve remote address if undefined */
1244 if (!sock->info.lsa->remote_list)
1245 {
1246 if (sock->remote_host)
1247 {
1248 unsigned int flags =
1250 int retry = 0;
1251 int status = -1;
1252 struct addrinfo *ai;
1253 if (proto_is_dgram(sock->info.proto))
1254 {
1255 flags |= GETADDR_DATAGRAM;
1256 }
1257
1259 {
1260 if (phase == 2)
1261 {
1262 flags |= (GETADDR_TRY_ONCE | GETADDR_FATAL);
1263 }
1264 retry = 0;
1265 }
1266 else if (phase == 1)
1267 {
1268 if (sock->resolve_retry_seconds)
1269 {
1270 retry = 0;
1271 }
1272 else
1273 {
1275 retry = 0;
1276 }
1277 }
1278 else if (phase == 2)
1279 {
1280 if (sock->resolve_retry_seconds)
1281 {
1282 flags |= GETADDR_FATAL;
1283 retry = sock->resolve_retry_seconds;
1284 }
1285 else
1286 {
1287 ASSERT(0);
1288 }
1289 }
1290 else
1291 {
1292 ASSERT(0);
1293 }
1294
1295
1297 sock->info.af, flags, &ai);
1298 if (status)
1299 {
1300 status = openvpn_getaddrinfo(flags, sock->remote_host, sock->remote_port, retry,
1301 sig_info, sock->info.af, &ai);
1302 }
1303
1304 if (status == 0)
1305 {
1306 sock->info.lsa->remote_list = ai;
1307 sock->info.lsa->current_remote = ai;
1308
1309 dmsg(D_SOCKET_DEBUG, "RESOLVE_REMOTE flags=0x%04x phase=%d rrs=%d sig=%d status=%d",
1310 flags, phase, retry, signal_received ? *signal_received : -1, status);
1311 }
1312 if (signal_received && *signal_received)
1313 {
1314 goto done;
1315 }
1316 if (status != 0)
1317 {
1318 if (signal_received)
1319 {
1320 /* potential overwrite of signal */
1321 register_signal(sig_info, SIGUSR1, "socks-resolve-failure");
1322 }
1323 goto done;
1324 }
1325 }
1326 }
1327
1328 /* should we re-use previous active remote address? */
1330 {
1331 msg(M_INFO, "TCP/UDP: Preserving recently used remote address: %s",
1333 if (remote_dynamic)
1334 {
1335 *remote_dynamic = NULL;
1336 }
1337 }
1338 else
1339 {
1340 CLEAR(sock->info.lsa->actual);
1341 if (sock->info.lsa->current_remote)
1342 {
1344 }
1345 }
1346
1347done:
1348 gc_free(&gc);
1349}
1350
1351
1352struct link_socket *
1354{
1355 struct link_socket *sock;
1356
1357 ALLOC_OBJ_CLEAR(sock, struct link_socket);
1358 sock->sd = SOCKET_UNDEFINED;
1359 sock->ctrl_sd = SOCKET_UNDEFINED;
1361 sock->ev_arg.u.sock = sock;
1362
1363 return sock;
1364}
1365
1366void
1367link_socket_init_phase1(struct context *c, int sock_index, int mode)
1368{
1369 struct link_socket *sock = c->c2.link_sockets[sock_index];
1370 struct options *o = &c->options;
1371 ASSERT(sock);
1372
1373 const char *host = o->ce.local_list->array[sock_index]->local;
1374 const char *port = o->ce.local_list->array[sock_index]->port;
1375 int proto = o->ce.local_list->array[sock_index]->proto;
1376 const char *remote_host = o->ce.remote;
1377 const char *remote_port = o->ce.remote_port;
1378
1379 if (remote_host)
1380 {
1381 proto = o->ce.proto;
1382 }
1383
1384 if (c->mode == CM_CHILD_TCP || c->mode == CM_CHILD_UDP)
1385 {
1386 struct link_socket *tmp_sock = NULL;
1387 if (c->mode == CM_CHILD_TCP)
1388 {
1389 tmp_sock = (struct link_socket *)c->c2.accept_from;
1390 }
1391 else if (c->mode == CM_CHILD_UDP)
1392 {
1393 tmp_sock = c->c2.link_sockets[0];
1394 }
1395
1396 host = tmp_sock->local_host;
1397 port = tmp_sock->local_port;
1398 proto = tmp_sock->info.proto;
1399 }
1400
1401 sock->local_host = host;
1402 sock->local_port = port;
1403 sock->remote_host = remote_host;
1404 sock->remote_port = remote_port;
1405 sock->dns_cache = c->c1.dns_cache;
1406 sock->http_proxy = c->c1.http_proxy;
1407 sock->socks_proxy = c->c1.socks_proxy;
1408 sock->bind_local = o->ce.bind_local;
1411
1412#ifdef ENABLE_DEBUG
1413 sock->gremlin = o->gremlin;
1414#endif
1415
1418
1419 sock->sockflags = o->sockflags;
1420
1421#if PORT_SHARE
1422 if (o->port_share_host && o->port_share_port)
1423 {
1424 sock->sockflags |= SF_PORT_SHARE;
1425 }
1426#endif
1427
1428 sock->mark = o->mark;
1429 sock->bind_dev = o->bind_dev;
1430 sock->info.proto = proto;
1431 sock->info.af = o->ce.af;
1432 sock->info.remote_float = o->ce.remote_float;
1433 sock->info.lsa = &c->c1.link_socket_addrs[sock_index];
1435 sock->info.ipchange_command = o->ipchange;
1436 sock->info.plugins = c->plugins;
1438
1439 sock->mode = mode;
1441 {
1442 ASSERT(c->c2.accept_from);
1444 sock->sd = c->c2.accept_from->sd;
1445 /* inherit (possibly guessed) info AF from parent context */
1446 sock->info.af = c->c2.accept_from->info.af;
1447 }
1448
1449 /* are we running in HTTP proxy mode? */
1450 if (sock->http_proxy)
1451 {
1453
1454 /* the proxy server */
1456 sock->remote_port = c->c1.http_proxy->options.port;
1457
1458 /* the OpenVPN server we will use the proxy to connect to */
1461 }
1462 /* or in Socks proxy mode? */
1463 else if (sock->socks_proxy)
1464 {
1465 /* the proxy server */
1466 sock->remote_host = c->c1.socks_proxy->server;
1467 sock->remote_port = c->c1.socks_proxy->port;
1468
1469 /* the OpenVPN server we will use the proxy to connect to */
1472 }
1473 else
1474 {
1475 sock->remote_host = remote_host;
1476 sock->remote_port = remote_port;
1477 }
1478
1479 /* bind behavior for TCP server vs. client */
1480 if (sock->info.proto == PROTO_TCP_SERVER)
1481 {
1482 if (sock->mode == LS_MODE_TCP_ACCEPT_FROM)
1483 {
1484 sock->bind_local = false;
1485 }
1486 else
1487 {
1488 sock->bind_local = true;
1489 }
1490 }
1491
1493 {
1494 if (sock->bind_local)
1495 {
1496 resolve_bind_local(sock, sock->info.af);
1497 }
1498 resolve_remote(sock, 1, NULL, NULL);
1499 }
1500}
1501
1502static void
1504{
1505 /* set misc socket parameters */
1506 socket_set_flags(sock->sd, sock->sockflags);
1507
1508 /* set socket to non-blocking mode */
1509 set_nonblock(sock->sd);
1510
1511 /* set Path MTU discovery options on the socket */
1512 set_mtu_discover_type(sock->sd, sock->mtu_discover_type, sock->info.af);
1513
1514#if EXTENDED_SOCKET_ERROR_CAPABILITY
1515 /* if the OS supports it, enable extended error passing on the socket */
1516 set_sock_extended_error_passing(sock->sd, sock->info.af);
1517#endif
1518}
1519
1520
1521static void
1523{
1524 struct gc_arena gc = gc_new();
1525 const msglvl_t msglevel = (sock->mode == LS_MODE_TCP_ACCEPT_FROM) ? D_INIT_MEDIUM : M_INFO;
1526
1527 /* print local address */
1528 if (sock->bind_local)
1529 {
1530 sa_family_t ai_family = sock->info.lsa->actual.dest.addr.sa.sa_family;
1531 /* Socket is always bound on the first matching address,
1532 * For bound sockets with no remote addr this is the element of
1533 * the list */
1534 struct addrinfo *cur;
1535 for (cur = sock->info.lsa->bind_local; cur; cur = cur->ai_next)
1536 {
1537 if (!ai_family || ai_family == cur->ai_family)
1538 {
1539 break;
1540 }
1541 }
1542 ASSERT(cur);
1543 msg(msglevel, "%s link local (bound): %s",
1544 proto2ascii(sock->info.proto, sock->info.af, true), print_sockaddr(cur->ai_addr, &gc));
1545 }
1546 else
1547 {
1548 msg(msglevel, "%s link local: (not bound)",
1549 proto2ascii(sock->info.proto, sock->info.af, true));
1550 }
1551
1552 /* print active remote address */
1553 msg(msglevel, "%s link remote: %s", proto2ascii(sock->info.proto, sock->info.af, true),
1555 gc_free(&gc);
1556}
1557
1558static void
1559phase2_tcp_server(struct link_socket *sock, const char *remote_dynamic,
1560 struct signal_info *sig_info)
1561{
1562 ASSERT(sig_info);
1563 volatile int *signal_received = &sig_info->signal_received;
1564 switch (sock->mode)
1565 {
1566 case LS_MODE_DEFAULT:
1567 sock->sd =
1568 socket_listen_accept(sock->sd, &sock->info.lsa->actual, remote_dynamic,
1569 sock->info.lsa->bind_local, true, false, signal_received);
1570 break;
1571
1572 case LS_MODE_TCP_LISTEN:
1573 socket_do_listen(sock->sd, sock->info.lsa->bind_local, true, false);
1574 break;
1575
1577 sock->sd = socket_do_accept(sock->sd, &sock->info.lsa->actual, false);
1578 if (!socket_defined(sock->sd))
1579 {
1580 register_signal(sig_info, SIGTERM, "socket-undefined");
1581 return;
1582 }
1584 break;
1585
1586 default:
1587 ASSERT(0);
1588 }
1589}
1590
1591
1592static void
1593phase2_tcp_client(struct link_socket *sock, struct signal_info *sig_info)
1594{
1595 bool proxy_retry = false;
1596 do
1597 {
1598 socket_connect(&sock->sd, sock->info.lsa->current_remote->ai_addr,
1600
1601 if (sig_info->signal_received)
1602 {
1603 return;
1604 }
1605
1606 if (sock->http_proxy)
1607 {
1608 proxy_retry = establish_http_proxy_passthru(
1609 sock->http_proxy, sock->sd, sock->proxy_dest_host, sock->proxy_dest_port,
1610 sock->server_poll_timeout, &sock->stream_buf.residual, sig_info);
1611 }
1612 else if (sock->socks_proxy)
1613 {
1616 sig_info);
1617 }
1618 if (proxy_retry)
1619 {
1620 openvpn_close_socket(sock->sd);
1621 sock->sd = create_socket_tcp(sock->info.lsa->current_remote);
1622 }
1623
1624 } while (proxy_retry);
1625}
1626
1627static void
1628phase2_socks_client(struct link_socket *sock, struct signal_info *sig_info)
1629{
1630 socket_connect(&sock->ctrl_sd, sock->info.lsa->current_remote->ai_addr,
1632
1633 if (sig_info->signal_received)
1634 {
1635 return;
1636 }
1637
1639 sock->server_poll_timeout, sig_info);
1640
1641 if (sig_info->signal_received)
1642 {
1643 return;
1644 }
1645
1646 sock->remote_host = sock->proxy_dest_host;
1647 sock->remote_port = sock->proxy_dest_port;
1648
1650 if (sock->info.lsa->remote_list)
1651 {
1652 freeaddrinfo(sock->info.lsa->remote_list);
1653 sock->info.lsa->current_remote = NULL;
1654 sock->info.lsa->remote_list = NULL;
1655 }
1656
1657 resolve_remote(sock, 1, NULL, sig_info);
1658}
1659
1660#if defined(_WIN32)
1661static void
1662create_socket_dco_win(struct context *c, struct link_socket *sock, struct signal_info *sig_info)
1663{
1664 /* in P2P mode we must have remote resolved at this point */
1665 struct addrinfo *remoteaddr = sock->info.lsa->current_remote;
1666 if ((c->options.mode == MODE_POINT_TO_POINT) && (!remoteaddr))
1667 {
1668 return;
1669 }
1670
1671 if (!c->c1.tuntap)
1672 {
1673 struct tuntap *tt;
1674 ALLOC_OBJ_CLEAR(tt, struct tuntap);
1675
1678
1679 const char *device_guid = NULL; /* not used */
1680 tun_open_device(tt, c->options.dev_node, &device_guid, &c->gc);
1681
1682 /* Ensure we can "safely" cast the handle to a socket */
1683 static_assert(sizeof(sock->sd) == sizeof(tt->hand), "HANDLE and SOCKET size differs");
1684
1685 c->c1.tuntap = tt;
1686 }
1687
1688 if (c->options.mode == MODE_SERVER)
1689 {
1690 dco_mp_start_vpn(c->c1.tuntap->hand, sock);
1691 }
1692 else
1693 {
1694 dco_p2p_new_peer(c->c1.tuntap->hand, &c->c1.tuntap->dco_new_peer_ov, sock, sig_info);
1695 }
1696 sock->sockflags |= SF_DCO_WIN;
1697
1698 if (sig_info->signal_received)
1699 {
1700 return;
1701 }
1702
1703 sock->sd = (SOCKET)c->c1.tuntap->hand;
1704 linksock_print_addr(sock);
1705}
1706#endif /* if defined(_WIN32) */
1707
1708/* finalize socket initialization */
1709void
1711{
1712 const struct frame *frame = &c->c2.frame;
1713 struct signal_info *sig_info = c->sig;
1714
1715 const char *remote_dynamic = NULL;
1716 struct signal_info sig_save = { 0 };
1717
1718 ASSERT(sock);
1719 ASSERT(sig_info);
1720
1721 if (sig_info->signal_received)
1722 {
1723 sig_save = *sig_info;
1724 sig_save.signal_received = signal_reset(sig_info, 0);
1725 }
1726
1727 /* initialize buffers */
1728 socket_frame_init(frame, sock);
1729
1730 /*
1731 * Pass a remote name to connect/accept so that
1732 * they can test for dynamic IP address changes
1733 * and throw a SIGUSR1 if appropriate.
1734 */
1735 if (sock->resolve_retry_seconds)
1736 {
1737 remote_dynamic = sock->remote_host;
1738 }
1739
1740 /* Second chance to resolv/create socket */
1741 resolve_remote(sock, 2, &remote_dynamic, sig_info);
1742
1743 /* If a valid remote has been found, create the socket with its addrinfo */
1744#if defined(_WIN32)
1745 if (dco_enabled(&c->options))
1746 {
1747 create_socket_dco_win(c, sock, sig_info);
1748 goto done;
1749 }
1750#endif
1751 if (sock->info.lsa->current_remote)
1752 {
1753 create_socket(sock, sock->info.lsa->current_remote);
1754 }
1755
1756 /* If socket has not already been created create it now */
1757 if (sock->sd == SOCKET_UNDEFINED)
1758 {
1759 /* If we have no --remote and have still not figured out the
1760 * protocol family to use we will use the first of the bind */
1761
1762 if (sock->bind_local && !sock->remote_host && sock->info.lsa->bind_local)
1763 {
1764 /* Warn if this is because neither v4 or v6 was specified
1765 * and we should not connect a remote */
1766 if (sock->info.af == AF_UNSPEC)
1767 {
1768 msg(M_WARN, "Could not determine IPv4/IPv6 protocol. Using %s",
1769 addr_family_name(sock->info.lsa->bind_local->ai_family));
1770 sock->info.af = sock->info.lsa->bind_local->ai_family;
1771 }
1772 create_socket(sock, sock->info.lsa->bind_local);
1773 }
1774 }
1775
1776 /* Socket still undefined, give a warning and abort connection */
1777 if (sock->sd == SOCKET_UNDEFINED)
1778 {
1779 msg(M_WARN, "Could not determine IPv4/IPv6 protocol");
1780 register_signal(sig_info, SIGUSR1, "Could not determine IPv4/IPv6 protocol");
1781 goto done;
1782 }
1783
1784 if (sig_info->signal_received)
1785 {
1786 goto done;
1787 }
1788
1789 if (sock->info.proto == PROTO_TCP_SERVER)
1790 {
1791 phase2_tcp_server(sock, remote_dynamic, sig_info);
1792 }
1793 else if (sock->info.proto == PROTO_TCP_CLIENT)
1794 {
1795 phase2_tcp_client(sock, sig_info);
1796 }
1797 else if (sock->info.proto == PROTO_UDP && sock->socks_proxy)
1798 {
1799 phase2_socks_client(sock, sig_info);
1800 }
1801#ifdef TARGET_ANDROID
1802 if (sock->sd != -1)
1803 {
1804 protect_fd_nonlocal(sock->sd, &sock->info.lsa->actual.dest.addr.sa);
1805 }
1806#endif
1807 if (sig_info->signal_received)
1808 {
1809 goto done;
1810 }
1811
1813 linksock_print_addr(sock);
1814
1815done:
1816 if (sig_save.signal_received)
1817 {
1818 /* Always restore the saved signal -- register/throw_signal will handle priority */
1819 if (sig_save.source == SIG_SOURCE_HARD && sig_info == &siginfo_static)
1820 {
1821 throw_signal(sig_save.signal_received);
1822 }
1823 else
1824 {
1825 register_signal(sig_info, sig_save.signal_received, sig_save.signal_text);
1826 }
1827 }
1828}
1829
1830void
1832{
1833 if (sock)
1834 {
1835#ifdef ENABLE_DEBUG
1836 const int gremlin = GREMLIN_CONNECTION_FLOOD_LEVEL(sock->gremlin);
1837#else
1838 const int gremlin = 0;
1839#endif
1840
1841 if (socket_defined(sock->sd))
1842 {
1843#ifdef _WIN32
1844 close_net_event_win32(&sock->listen_handle, sock->sd, 0);
1845#endif
1846 if (!gremlin)
1847 {
1848 msg(D_LOW, "TCP/UDP: Closing socket");
1849 if (openvpn_close_socket(sock->sd))
1850 {
1851 msg(M_WARN | M_ERRNO, "TCP/UDP: Close Socket failed");
1852 }
1853 }
1854 sock->sd = SOCKET_UNDEFINED;
1855#ifdef _WIN32
1856 if (!gremlin)
1857 {
1858 overlapped_io_close(&sock->reads);
1860 }
1861#endif
1862 }
1863
1864 if (socket_defined(sock->ctrl_sd))
1865 {
1866 if (openvpn_close_socket(sock->ctrl_sd))
1867 {
1868 msg(M_WARN | M_ERRNO, "TCP/UDP: Close Socket (ctrl_sd) failed");
1869 }
1870 sock->ctrl_sd = SOCKET_UNDEFINED;
1871 }
1872
1874 free_buf(&sock->stream_buf_data);
1875 if (!gremlin)
1876 {
1877 free(sock);
1878 }
1879 }
1880}
1881
1882void
1883setenv_trusted(struct env_set *es, const struct link_socket_info *info)
1884{
1885 setenv_link_socket_actual(es, "trusted", &info->lsa->actual, SA_IP_PORT);
1886}
1887
1888static void
1889ipchange_fmt(const bool include_cmd, struct argv *argv, const struct link_socket_info *info,
1890 struct gc_arena *gc)
1891{
1892 const char *host = print_sockaddr_ex(&info->lsa->actual.dest.addr.sa, " ", PS_SHOW_PORT, gc);
1893 if (include_cmd)
1894 {
1896 argv_printf_cat(argv, "%s", host);
1897 }
1898 else
1899 {
1900 argv_printf(argv, "%s", host);
1901 }
1902}
1903
1904void
1906 const struct link_socket_actual *act, const char *common_name,
1907 struct env_set *es)
1908{
1909 struct gc_arena gc = gc_new();
1910
1911 info->lsa->actual = *act; /* Note: skip this line for --force-dest */
1912 setenv_trusted(es, info);
1913 info->connection_established = true;
1914
1915 /* Print connection initiated message, with common name if available */
1916 {
1917 struct buffer out = alloc_buf_gc(256, &gc);
1918 if (common_name)
1919 {
1920 buf_printf(&out, "[%s] ", common_name);
1921 }
1922 buf_printf(&out, "Peer Connection Initiated with %s",
1924 msg(M_INFO, "%s", BSTR(&out));
1925 }
1926
1927 /* set environmental vars */
1928 setenv_str(es, "common_name", common_name);
1929
1930 /* Process --ipchange plugin */
1932 {
1933 struct argv argv = argv_new();
1934 ipchange_fmt(false, &argv, info, &gc);
1937 {
1938 msg(M_WARN, "WARNING: ipchange plugin call failed");
1939 }
1940 argv_free(&argv);
1941 }
1942
1943 /* Process --ipchange option */
1944 if (info->ipchange_command)
1945 {
1946 struct argv argv = argv_new();
1947 setenv_str(es, "script_type", "ipchange");
1948 ipchange_fmt(true, &argv, info, &gc);
1949 openvpn_run_script(&argv, es, 0, "--ipchange");
1950 argv_free(&argv);
1951 }
1952
1953 gc_free(&gc);
1954}
1955
1956void
1958 const struct link_socket_actual *from_addr)
1959{
1960 struct gc_arena gc = gc_new();
1961 struct addrinfo *ai;
1962
1963 switch (from_addr->dest.addr.sa.sa_family)
1964 {
1965 case AF_INET:
1966 case AF_INET6:
1968 "TCP/UDP: Incoming packet rejected from %s[%d], expected peer address: %s (allow this incoming source address/port by removing --remote or adding --float)",
1969 print_link_socket_actual(from_addr, &gc), (int)from_addr->dest.addr.sa.sa_family,
1970 print_sockaddr_ex(info->lsa->remote_list->ai_addr, ":", PS_SHOW_PORT, &gc));
1971 /* print additional remote addresses */
1972 for (ai = info->lsa->remote_list->ai_next; ai; ai = ai->ai_next)
1973 {
1974 msg(D_LINK_ERRORS, "or from peer address: %s",
1975 print_sockaddr_ex(ai->ai_addr, ":", PS_SHOW_PORT, &gc));
1976 }
1977 break;
1978 }
1979 buf->len = 0;
1980 gc_free(&gc);
1981}
1982
1983void
1985{
1986 dmsg(D_READ_WRITE, "TCP/UDP: No outgoing address to send packet");
1987}
1988
1989in_addr_t
1991{
1992 const struct link_socket_addr *lsa = info->lsa;
1993
1994 /*
1995 * This logic supports "redirect-gateway" semantic, which
1996 * makes sense only for PF_INET routes over PF_INET endpoints
1997 *
1998 * Maybe in the future consider PF_INET6 endpoints also ...
1999 * by now just ignore it
2000 *
2001 * For --remote entries with multiple addresses this
2002 * only return the actual endpoint we have successfully connected to
2003 */
2004 if (lsa->actual.dest.addr.sa.sa_family != AF_INET)
2005 {
2006 return IPV4_INVALID_ADDR;
2007 }
2008
2010 {
2011 return ntohl(lsa->actual.dest.addr.in4.sin_addr.s_addr);
2012 }
2013 else if (lsa->current_remote)
2014 {
2015 return ntohl(((struct sockaddr_in *)lsa->current_remote->ai_addr)->sin_addr.s_addr);
2016 }
2017 else
2018 {
2019 return 0;
2020 }
2021}
2022
2023const struct in6_addr *
2025{
2026 const struct link_socket_addr *lsa = info->lsa;
2027
2028 /* This logic supports "redirect-gateway" semantic,
2029 * for PF_INET6 routes over PF_INET6 endpoints
2030 *
2031 * For --remote entries with multiple addresses this
2032 * only return the actual endpoint we have successfully connected to
2033 */
2034 if (lsa->actual.dest.addr.sa.sa_family != AF_INET6)
2035 {
2036 return NULL;
2037 }
2038
2040 {
2041 return &(lsa->actual.dest.addr.in6.sin6_addr);
2042 }
2043 else if (lsa->current_remote)
2044 {
2045 return &(((struct sockaddr_in6 *)lsa->current_remote->ai_addr)->sin6_addr);
2046 }
2047 else
2048 {
2049 return NULL;
2050 }
2051}
2052
2053/*
2054 * Return a status string describing socket state.
2055 */
2056const char *
2057socket_stat(const struct link_socket *s, unsigned int rwflags, struct gc_arena *gc)
2058{
2059 struct buffer out = alloc_buf_gc(64, gc);
2060 if (s)
2061 {
2062 if (rwflags & EVENT_READ)
2063 {
2064 buf_printf(&out, "S%s", (s->rwflags_debug & EVENT_READ) ? "R" : "r");
2065#ifdef _WIN32
2066 buf_printf(&out, "%s", overlapped_io_state_ascii(&s->reads));
2067#endif
2068 }
2069 if (rwflags & EVENT_WRITE)
2070 {
2071 buf_printf(&out, "S%s", (s->rwflags_debug & EVENT_WRITE) ? "W" : "w");
2072#ifdef _WIN32
2074#endif
2075 }
2076 }
2077 else
2078 {
2079 buf_printf(&out, "S?");
2080 }
2081 return BSTR(&out);
2082}
2083
2084/*
2085 * Stream buffer functions, used to packetize a TCP
2086 * stream connection.
2087 */
2088
2089static inline void
2091{
2092 dmsg(D_STREAM_DEBUG, "STREAM: RESET");
2093 sb->residual_fully_formed = false;
2094 sb->buf = sb->buf_init;
2095 buf_reset(&sb->next);
2096 sb->len = -1;
2097}
2098
2099static void
2100stream_buf_init(struct stream_buf *sb, struct buffer *buf, const unsigned int sockflags,
2101 const int proto)
2102{
2103 sb->buf_init = *buf;
2104 sb->maxlen = sb->buf_init.len;
2105 sb->buf_init.len = 0;
2106 sb->residual = alloc_buf(sb->maxlen);
2107 sb->error = false;
2108#if PORT_SHARE
2109 sb->port_share_state =
2110 ((sockflags & SF_PORT_SHARE) && (proto == PROTO_TCP_SERVER)) ? PS_ENABLED : PS_DISABLED;
2111#endif
2113
2114 dmsg(D_STREAM_DEBUG, "STREAM: INIT maxlen=%d", sb->maxlen);
2115}
2116
2117static inline void
2119{
2120 /* set up 'next' for next i/o read */
2121 sb->next = sb->buf;
2122 sb->next.offset = sb->buf.offset + sb->buf.len;
2123 sb->next.len = (sb->len >= 0 ? sb->len : sb->maxlen) - sb->buf.len;
2124 dmsg(D_STREAM_DEBUG, "STREAM: SET NEXT, buf=[%d,%d] next=[%d,%d] len=%d maxlen=%d",
2125 sb->buf.offset, sb->buf.len, sb->next.offset, sb->next.len, sb->len, sb->maxlen);
2126 ASSERT(sb->next.len > 0);
2127 ASSERT(buf_safe(&sb->buf, sb->next.len));
2128}
2129
2130static inline void
2132{
2133 dmsg(D_STREAM_DEBUG, "STREAM: GET FINAL len=%d", buf_defined(&sb->buf) ? sb->buf.len : -1);
2134 ASSERT(buf_defined(&sb->buf));
2135 *buf = sb->buf;
2136}
2137
2138static inline void
2140{
2141 dmsg(D_STREAM_DEBUG, "STREAM: GET NEXT len=%d", buf_defined(&sb->next) ? sb->next.len : -1);
2142 ASSERT(buf_defined(&sb->next));
2143 *buf = sb->next;
2144}
2145
2146bool
2148{
2150 {
2152 ASSERT(buf_init(&sock->stream_buf.residual, 0));
2154 dmsg(D_STREAM_DEBUG, "STREAM: RESIDUAL FULLY FORMED [%s], len=%d",
2155 sock->stream_buf.residual_fully_formed ? "YES" : "NO", sock->stream_buf.residual.len);
2156 }
2157
2159 {
2161 }
2162 return !sock->stream_buf.residual_fully_formed;
2163}
2164
2165static bool
2167{
2168 dmsg(D_STREAM_DEBUG, "STREAM: ADD length_added=%d", length_added);
2169 if (length_added > 0)
2170 {
2171 sb->buf.len += length_added;
2172 }
2173
2174 /* if length unknown, see if we can get the length prefix from
2175 * the head of the buffer */
2176 if (sb->len < 0 && sb->buf.len >= (int)sizeof(packet_size_type))
2177 {
2179
2180#if PORT_SHARE
2181 if (sb->port_share_state == PS_ENABLED)
2182 {
2183 if (!is_openvpn_protocol(&sb->buf))
2184 {
2185 msg(D_STREAM_ERRORS, "Non-OpenVPN client protocol detected");
2186 sb->port_share_state = PS_FOREIGN;
2187 sb->error = true;
2188 return false;
2189 }
2190 else
2191 {
2192 sb->port_share_state = PS_DISABLED;
2193 }
2194 }
2195#endif
2196
2197 ASSERT(buf_read(&sb->buf, &net_size, sizeof(net_size)));
2198 sb->len = ntohps(net_size);
2199
2200 if (sb->len < 1 || sb->len > sb->maxlen)
2201 {
2202 msg(M_WARN,
2203 "WARNING: Bad encapsulated packet length from peer (%d), which must be > 0 and <= %d -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]",
2204 sb->len, sb->maxlen);
2206 sb->error = true;
2207 return false;
2208 }
2209 }
2210
2211 /* is our incoming packet fully read? */
2212 if (sb->len > 0 && sb->buf.len >= sb->len)
2213 {
2214 /* save any residual data that's part of the next packet */
2215 ASSERT(buf_init(&sb->residual, 0));
2216 if (sb->buf.len > sb->len)
2217 {
2218 ASSERT(buf_copy_excess(&sb->residual, &sb->buf, sb->len));
2219 }
2220 dmsg(D_STREAM_DEBUG, "STREAM: ADD returned TRUE, buf_len=%d, residual_len=%d",
2221 BLEN(&sb->buf), BLEN(&sb->residual));
2222 return true;
2223 }
2224 else
2225 {
2226 dmsg(D_STREAM_DEBUG, "STREAM: ADD returned FALSE (have=%d need=%d)", sb->buf.len, sb->len);
2228 return false;
2229 }
2230}
2231
2232static void
2234{
2235 free_buf(&sb->residual);
2236}
2237
2238/*
2239 * The listen event is a special event whose sole purpose is
2240 * to tell us that there's a new incoming connection on a
2241 * TCP socket, for use in server mode.
2242 */
2243event_t
2245{
2246#ifdef _WIN32
2248 {
2250 }
2251 return &s->listen_handle;
2252#else /* ifdef _WIN32 */
2253 return s->sd;
2254#endif
2255}
2256
2257
2258/*
2259 * Bad incoming address lengths that differ from what
2260 * we expect are considered to be fatal errors.
2261 */
2262void
2264{
2265 msg(M_FATAL,
2266 "ERROR: received strange incoming packet with an address length of %d -- we only accept address lengths of %d.",
2267 actual, expected);
2268}
2269
2270/*
2271 * Socket Read Routines
2272 */
2273
2274int
2275link_socket_read_tcp(struct link_socket *sock, struct buffer *buf)
2276{
2277 int len = 0;
2278
2280 {
2281 /* with Linux-DCO, we sometimes try to access a socket that is
2282 * already installed in the kernel and has no valid file descriptor
2283 * anymore. This is a bug.
2284 * Handle by resetting client instance instead of crashing.
2285 */
2286 if (sock->sd == SOCKET_UNDEFINED)
2287 {
2288 msg(M_INFO, "BUG: link_socket_read_tcp(): sock->sd==-1, reset client instance");
2289 sock->stream_reset = true; /* reset client instance */
2290 return buf->len = 0; /* nothing to read */
2291 }
2292
2293#ifdef _WIN32
2294 sockethandle_t sh = { .s = sock->sd };
2295 len = sockethandle_finalize(sh, &sock->reads, buf, NULL);
2296#else
2297 struct buffer frag;
2299 len = recv(sock->sd, BPTR(&frag), BLEN(&frag), MSG_NOSIGNAL);
2300#endif
2301
2302 if (!len)
2303 {
2304 sock->stream_reset = true;
2305 }
2306 if (len <= 0)
2307 {
2308 return buf->len = len;
2309 }
2310 }
2311
2313 || stream_buf_added(&sock->stream_buf, len)) /* packet complete? */
2314 {
2315 stream_buf_get_final(&sock->stream_buf, buf);
2317 return buf->len;
2318 }
2319 else
2320 {
2321 return buf->len = 0; /* no error, but packet is still incomplete */
2322 }
2323}
2324
2325#ifndef _WIN32
2326
2327#if ENABLE_IP_PKTINFO
2328
2329/* make the buffer large enough to handle ancillary socket data for
2330 * both IPv4 and IPv6 destination addresses, plus padding (see RFC 2292)
2331 */
2332#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
2333#define PKTINFO_BUF_SIZE \
2334 max_int(CMSG_SPACE(sizeof(struct in6_pktinfo)), CMSG_SPACE(sizeof(struct in_pktinfo)))
2335#else
2336#define PKTINFO_BUF_SIZE \
2337 max_int(CMSG_SPACE(sizeof(struct in6_pktinfo)), CMSG_SPACE(sizeof(struct in_addr)))
2338#endif
2339
2340static socklen_t
2341link_socket_read_udp_posix_recvmsg(struct link_socket *sock, struct buffer *buf,
2342 struct link_socket_actual *from)
2343{
2344 struct iovec iov;
2345 uint8_t pktinfo_buf[PKTINFO_BUF_SIZE];
2346 struct msghdr mesg = { 0 };
2347 socklen_t fromlen = sizeof(from->dest.addr);
2348
2349 ASSERT(sock->sd >= 0); /* can't happen */
2350
2351 iov.iov_base = BPTR(buf);
2352 iov.iov_len = buf_forward_capacity_total(buf);
2353 mesg.msg_iov = &iov;
2354 mesg.msg_iovlen = 1;
2355 mesg.msg_name = &from->dest.addr;
2356 mesg.msg_namelen = fromlen;
2357 mesg.msg_control = pktinfo_buf;
2358 mesg.msg_controllen = sizeof pktinfo_buf;
2359 buf->len = recvmsg(sock->sd, &mesg, 0);
2360 if (buf->len >= 0)
2361 {
2362 struct cmsghdr *cmsg;
2363 fromlen = mesg.msg_namelen;
2364 cmsg = CMSG_FIRSTHDR(&mesg);
2365 if (cmsg != NULL && CMSG_NXTHDR(&mesg, cmsg) == NULL
2366#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
2367 && cmsg->cmsg_level == SOL_IP && cmsg->cmsg_type == IP_PKTINFO
2368 && cmsg->cmsg_len >= CMSG_LEN(sizeof(struct in_pktinfo)))
2369#elif defined(IP_RECVDSTADDR)
2370 && cmsg->cmsg_level == IPPROTO_IP && cmsg->cmsg_type == IP_RECVDSTADDR
2371 && cmsg->cmsg_len >= CMSG_LEN(sizeof(struct in_addr)))
2372#else /* if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST) */
2373#error ENABLE_IP_PKTINFO is set without IP_PKTINFO xor IP_RECVDSTADDR (fix syshead.h)
2374#endif
2375 {
2376#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
2377 struct in_pktinfo *pkti = (struct in_pktinfo *)CMSG_DATA(cmsg);
2378 from->pi.in4.ipi_ifindex = pkti->ipi_ifindex;
2379 from->pi.in4.ipi_spec_dst = pkti->ipi_spec_dst;
2380#elif defined(IP_RECVDSTADDR)
2381 from->pi.in4 = *(struct in_addr *)CMSG_DATA(cmsg);
2382#else /* if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST) */
2383#error ENABLE_IP_PKTINFO is set without IP_PKTINFO xor IP_RECVDSTADDR (fix syshead.h)
2384#endif
2385 }
2386 else if (cmsg != NULL && CMSG_NXTHDR(&mesg, cmsg) == NULL
2387 && cmsg->cmsg_level == IPPROTO_IPV6 && cmsg->cmsg_type == IPV6_PKTINFO
2388 && cmsg->cmsg_len >= CMSG_LEN(sizeof(struct in6_pktinfo)))
2389 {
2390 struct in6_pktinfo *pkti6 = (struct in6_pktinfo *)CMSG_DATA(cmsg);
2391 from->pi.in6.ipi6_ifindex = pkti6->ipi6_ifindex;
2392 from->pi.in6.ipi6_addr = pkti6->ipi6_addr;
2393 }
2394 else if (cmsg != NULL)
2395 {
2396 msg(M_WARN,
2397 "CMSG received that cannot be parsed (cmsg_level=%d, cmsg_type=%d, cmsg=len=%d)",
2398 (int)cmsg->cmsg_level, (int)cmsg->cmsg_type, (int)cmsg->cmsg_len);
2399 }
2400 }
2401
2402 return fromlen;
2403}
2404#endif /* if ENABLE_IP_PKTINFO */
2405
2406int
2407link_socket_read_udp_posix(struct link_socket *sock, struct buffer *buf,
2408 struct link_socket_actual *from)
2409{
2410 socklen_t fromlen = sizeof(from->dest.addr);
2411 socklen_t expectedlen = af_addr_size(sock->info.af);
2412 addr_zero_host(&from->dest);
2413
2414 ASSERT(sock->sd >= 0); /* can't happen */
2415
2416#if ENABLE_IP_PKTINFO
2417 /* Both PROTO_UDPv4 and PROTO_UDPv6 */
2418 if (sock->info.proto == PROTO_UDP && sock->sockflags & SF_USE_IP_PKTINFO)
2419 {
2420 fromlen = link_socket_read_udp_posix_recvmsg(sock, buf, from);
2421 }
2422 else
2423#endif
2424 {
2425 buf->len = recvfrom(sock->sd, BPTR(buf), buf_forward_capacity(buf), 0, &from->dest.addr.sa,
2426 &fromlen);
2427 }
2428 /* FIXME: won't do anything when sock->info.af == AF_UNSPEC */
2429 if (buf->len >= 0 && expectedlen && fromlen != expectedlen)
2430 {
2431 bad_address_length(fromlen, expectedlen);
2432 }
2433 return buf->len;
2434}
2435
2436#endif /* ifndef _WIN32 */
2437
2438/*
2439 * Socket Write Routines
2440 */
2441
2442ssize_t
2443link_socket_write_tcp(struct link_socket *sock, struct buffer *buf, struct link_socket_actual *to)
2444{
2445 packet_size_type len = BLEN(buf);
2446 dmsg(D_STREAM_DEBUG, "STREAM: WRITE %d offset=%d", (int)len, buf->offset);
2447 ASSERT(len <= sock->stream_buf.maxlen);
2448 len = htonps(len);
2449 ASSERT(buf_write_prepend(buf, &len, sizeof(len)));
2450#ifdef _WIN32
2451 return link_socket_write_win32(sock, buf, to);
2452#else
2453 return link_socket_write_tcp_posix(sock, buf);
2454#endif
2455}
2456
2457#if defined(__GNUC__) || defined(__clang__)
2458#pragma GCC diagnostic pop
2459#endif
2460
2461#if ENABLE_IP_PKTINFO
2462
2463ssize_t
2464link_socket_write_udp_posix_sendmsg(struct link_socket *sock, struct buffer *buf,
2465 struct link_socket_actual *to)
2466{
2467 struct iovec iov;
2468 struct msghdr mesg;
2469 struct cmsghdr *cmsg;
2470 uint8_t pktinfo_buf[PKTINFO_BUF_SIZE];
2471
2472 iov.iov_base = BPTR(buf);
2473 iov.iov_len = BLEN(buf);
2474 mesg.msg_iov = &iov;
2475 mesg.msg_iovlen = 1;
2476 switch (to->dest.addr.sa.sa_family)
2477 {
2478 case AF_INET:
2479 {
2480 mesg.msg_name = &to->dest.addr.sa;
2481 mesg.msg_namelen = sizeof(struct sockaddr_in);
2482 mesg.msg_control = pktinfo_buf;
2483 mesg.msg_flags = 0;
2484#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
2485 mesg.msg_controllen = CMSG_SPACE(sizeof(struct in_pktinfo));
2486 cmsg = CMSG_FIRSTHDR(&mesg);
2487 cmsg->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
2488 cmsg->cmsg_level = SOL_IP;
2489 cmsg->cmsg_type = IP_PKTINFO;
2490 {
2491 struct in_pktinfo *pkti;
2492 pkti = (struct in_pktinfo *)CMSG_DATA(cmsg);
2493 pkti->ipi_ifindex = to->pi.in4.ipi_ifindex;
2494 pkti->ipi_spec_dst = to->pi.in4.ipi_spec_dst;
2495 pkti->ipi_addr.s_addr = 0;
2496 }
2497#elif defined(IP_RECVDSTADDR)
2498 ASSERT(CMSG_SPACE(sizeof(struct in_addr)) <= sizeof(pktinfo_buf));
2499 mesg.msg_controllen = CMSG_SPACE(sizeof(struct in_addr));
2500 cmsg = CMSG_FIRSTHDR(&mesg);
2501 cmsg->cmsg_len = CMSG_LEN(sizeof(struct in_addr));
2502 cmsg->cmsg_level = IPPROTO_IP;
2503 cmsg->cmsg_type = IP_RECVDSTADDR;
2504 *(struct in_addr *)CMSG_DATA(cmsg) = to->pi.in4;
2505#else /* if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST) */
2506#error ENABLE_IP_PKTINFO is set without IP_PKTINFO xor IP_RECVDSTADDR (fix syshead.h)
2507#endif /* if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST) */
2508 break;
2509 }
2510
2511 case AF_INET6:
2512 {
2513 struct in6_pktinfo *pkti6;
2514 mesg.msg_name = &to->dest.addr.sa;
2515 mesg.msg_namelen = sizeof(struct sockaddr_in6);
2516
2517 ASSERT(CMSG_SPACE(sizeof(struct in6_pktinfo)) <= sizeof(pktinfo_buf));
2518 mesg.msg_control = pktinfo_buf;
2519 mesg.msg_controllen = CMSG_SPACE(sizeof(struct in6_pktinfo));
2520 mesg.msg_flags = 0;
2521 cmsg = CMSG_FIRSTHDR(&mesg);
2522 cmsg->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo));
2523 cmsg->cmsg_level = IPPROTO_IPV6;
2524 cmsg->cmsg_type = IPV6_PKTINFO;
2525
2526 pkti6 = (struct in6_pktinfo *)CMSG_DATA(cmsg);
2527 pkti6->ipi6_ifindex = to->pi.in6.ipi6_ifindex;
2528 pkti6->ipi6_addr = to->pi.in6.ipi6_addr;
2529 break;
2530 }
2531
2532 default:
2533 ASSERT(0);
2534 }
2535 return sendmsg(sock->sd, &mesg, 0);
2536}
2537
2538#endif /* if ENABLE_IP_PKTINFO */
2539
2540/*
2541 * Win32 overlapped socket I/O functions.
2542 */
2543
2544#ifdef _WIN32
2545
2546static int
2548{
2549 if (socket_is_dco_win(sock))
2550 {
2551 return GetLastError();
2552 }
2553
2554 return WSAGetLastError();
2555}
2556
2557int
2558socket_recv_queue(struct link_socket *sock, int maxsize)
2559{
2560 if (sock->reads.iostate == IOSTATE_INITIAL)
2561 {
2562 WSABUF wsabuf[1];
2563 int status;
2564
2565 /* reset buf to its initial state */
2566 if (proto_is_udp(sock->info.proto))
2567 {
2568 sock->reads.buf = sock->reads.buf_init;
2569 }
2570 else if (proto_is_tcp(sock->info.proto))
2571 {
2572 stream_buf_get_next(&sock->stream_buf, &sock->reads.buf);
2573 }
2574 else
2575 {
2576 ASSERT(0);
2577 }
2578
2579 /* Win32 docs say it's okay to allocate the wsabuf on the stack */
2580 wsabuf[0].buf = BSTR(&sock->reads.buf);
2581 wsabuf[0].len = maxsize ? maxsize : BLEN(&sock->reads.buf);
2582
2583 /* check for buffer overflow */
2584 ASSERT(wsabuf[0].len <= BLEN(&sock->reads.buf));
2585
2586 /* the overlapped read will signal this event on I/O completion */
2587 ASSERT(ResetEvent(sock->reads.overlapped.hEvent));
2588 sock->reads.flags = 0;
2589
2590 if (socket_is_dco_win(sock))
2591 {
2592 status = ReadFile((HANDLE)sock->sd, wsabuf[0].buf, wsabuf[0].len, &sock->reads.size,
2593 &sock->reads.overlapped);
2594 /* Readfile status is inverted from WSARecv */
2595 status = !status;
2596 }
2597 else if (proto_is_udp(sock->info.proto))
2598 {
2599 sock->reads.addr_defined = true;
2600 sock->reads.addrlen = sizeof(sock->reads.addr6);
2601 status = WSARecvFrom(sock->sd, wsabuf, 1, &sock->reads.size, &sock->reads.flags,
2602 (struct sockaddr *)&sock->reads.addr, &sock->reads.addrlen,
2603 &sock->reads.overlapped, NULL);
2604 }
2605 else if (proto_is_tcp(sock->info.proto))
2606 {
2607 sock->reads.addr_defined = false;
2608 status = WSARecv(sock->sd, wsabuf, 1, &sock->reads.size, &sock->reads.flags,
2609 &sock->reads.overlapped, NULL);
2610 }
2611 else
2612 {
2613 status = 0;
2614 ASSERT(0);
2615 }
2616
2617 if (!status) /* operation completed immediately? */
2618 {
2619 /* FIXME: won't do anything when sock->info.af == AF_UNSPEC */
2620 int af_len = af_addr_size(sock->info.af);
2621 if (sock->reads.addr_defined && af_len && sock->reads.addrlen != af_len)
2622 {
2623 bad_address_length(sock->reads.addrlen, af_len);
2624 }
2626
2627 /* since we got an immediate return, we must signal the event object ourselves */
2628 ASSERT(SetEvent(sock->reads.overlapped.hEvent));
2629 sock->reads.status = 0;
2630
2631 dmsg(D_WIN32_IO, "WIN32 I/O: Socket Receive immediate return [%d,%d]",
2632 (int)wsabuf[0].len, (int)sock->reads.size);
2633 }
2634 else
2635 {
2637 if (status == WSA_IO_PENDING) /* operation queued? */
2638 {
2640 sock->reads.status = status;
2641 dmsg(D_WIN32_IO, "WIN32 I/O: Socket Receive queued [%d]", (int)wsabuf[0].len);
2642 }
2643 else /* error occurred */
2644 {
2645 struct gc_arena gc = gc_new();
2646 ASSERT(SetEvent(sock->reads.overlapped.hEvent));
2648 sock->reads.status = status;
2649 dmsg(D_WIN32_IO, "WIN32 I/O: Socket Receive error [%d]: %s", (int)wsabuf[0].len,
2651 gc_free(&gc);
2652 }
2653 }
2654 }
2655 return sock->reads.iostate;
2656}
2657
2658int
2659socket_send_queue(struct link_socket *sock, struct buffer *buf, const struct link_socket_actual *to)
2660{
2661 if (sock->writes.iostate == IOSTATE_INITIAL)
2662 {
2663 WSABUF wsabuf[1];
2664 int status;
2665
2666 /* make a private copy of buf */
2667 sock->writes.buf = sock->writes.buf_init;
2668 sock->writes.buf.len = 0;
2669 ASSERT(buf_copy(&sock->writes.buf, buf));
2670
2671 /* Win32 docs say it's okay to allocate the wsabuf on the stack */
2672 wsabuf[0].buf = BSTR(&sock->writes.buf);
2673 wsabuf[0].len = BLEN(&sock->writes.buf);
2674
2675 /* the overlapped write will signal this event on I/O completion */
2676 ASSERT(ResetEvent(sock->writes.overlapped.hEvent));
2677 sock->writes.flags = 0;
2678
2679 if (socket_is_dco_win(sock))
2680 {
2681 status = WriteFile((HANDLE)sock->sd, wsabuf[0].buf, wsabuf[0].len, &sock->writes.size,
2682 &sock->writes.overlapped);
2683
2684 /* WriteFile status is inverted from WSASendTo */
2685 status = !status;
2686 }
2687 else if (proto_is_udp(sock->info.proto))
2688 {
2689 /* set destination address for UDP writes */
2690 sock->writes.addr_defined = true;
2691 if (to->dest.addr.sa.sa_family == AF_INET6)
2692 {
2693 sock->writes.addr6 = to->dest.addr.in6;
2694 sock->writes.addrlen = sizeof(sock->writes.addr6);
2695 }
2696 else
2697 {
2698 sock->writes.addr = to->dest.addr.in4;
2699 sock->writes.addrlen = sizeof(sock->writes.addr);
2700 }
2701
2702 status = WSASendTo(sock->sd, wsabuf, 1, &sock->writes.size, sock->writes.flags,
2703 (struct sockaddr *)&sock->writes.addr, sock->writes.addrlen,
2704 &sock->writes.overlapped, NULL);
2705 }
2706 else if (proto_is_tcp(sock->info.proto))
2707 {
2708 /* destination address for TCP writes was established on connection initiation */
2709 sock->writes.addr_defined = false;
2710
2711 status = WSASend(sock->sd, wsabuf, 1, &sock->writes.size, sock->writes.flags,
2712 &sock->writes.overlapped, NULL);
2713 }
2714 else
2715 {
2716 status = 0;
2717 ASSERT(0);
2718 }
2719
2720 if (!status) /* operation completed immediately? */
2721 {
2723
2724 /* since we got an immediate return, we must signal the event object ourselves */
2725 ASSERT(SetEvent(sock->writes.overlapped.hEvent));
2726
2727 sock->writes.status = 0;
2728
2729 dmsg(D_WIN32_IO, "WIN32 I/O: Socket Send immediate return [%d,%d]", (int)wsabuf[0].len,
2730 (int)sock->writes.size);
2731 }
2732 else
2733 {
2735 /* both status code have the identical value */
2736 if (status == WSA_IO_PENDING || status == ERROR_IO_PENDING) /* operation queued? */
2737 {
2739 sock->writes.status = status;
2740 dmsg(D_WIN32_IO, "WIN32 I/O: Socket Send queued [%d]", (int)wsabuf[0].len);
2741 }
2742 else /* error occurred */
2743 {
2744 struct gc_arena gc = gc_new();
2745 ASSERT(SetEvent(sock->writes.overlapped.hEvent));
2747 sock->writes.status = status;
2748
2749 dmsg(D_WIN32_IO, "WIN32 I/O: Socket Send error [%d]: %s", (int)wsabuf[0].len,
2751
2752 gc_free(&gc);
2753 }
2754 }
2755 }
2756 return sock->writes.iostate;
2757}
2758
2759void
2760read_sockaddr_from_overlapped(struct overlapped_io *io, struct sockaddr *dst, int overlapped_ret)
2761{
2762 if (overlapped_ret >= 0 && io->addr_defined)
2763 {
2764 /* TODO(jjo): streamline this mess */
2765 /* in this func we don't have relevant info about the PF_ of this
2766 * endpoint, as link_socket_actual will be zero for the 1st received packet
2767 *
2768 * Test for inets PF_ possible sizes
2769 */
2770 switch (io->addrlen)
2771 {
2772 case sizeof(struct sockaddr_in):
2773 case sizeof(struct sockaddr_in6):
2774 /* TODO(jjo): for some reason (?) I'm getting 24,28 for AF_INET6
2775 * under _WIN32*/
2776 case sizeof(struct sockaddr_in6) - 4:
2777 break;
2778
2779 default:
2780 bad_address_length(io->addrlen, af_addr_size(io->addr.sin_family));
2781 }
2782
2783 switch (io->addr.sin_family)
2784 {
2785 case AF_INET:
2786 memcpy(dst, &io->addr, sizeof(struct sockaddr_in));
2787 break;
2788
2789 case AF_INET6:
2790 memcpy(dst, &io->addr6, sizeof(struct sockaddr_in6));
2791 break;
2792 }
2793 }
2794 else
2795 {
2796 CLEAR(*dst);
2797 }
2798}
2799
2809static int
2810read_sockaddr_from_packet(struct buffer *buf, struct sockaddr *dst)
2811{
2812 int sa_len = 0;
2813
2814 const struct sockaddr *sa = (const struct sockaddr *)BPTR(buf);
2815 switch (sa->sa_family)
2816 {
2817 case AF_INET:
2818 sa_len = sizeof(struct sockaddr_in);
2819 if (buf_len(buf) < sa_len)
2820 {
2821 msg(M_FATAL,
2822 "ERROR: received incoming packet with too short length of %d -- must be at least %d.",
2823 buf_len(buf), sa_len);
2824 }
2825 memcpy(dst, sa, sa_len);
2826 buf_advance(buf, sa_len);
2827 break;
2828
2829 case AF_INET6:
2830 sa_len = sizeof(struct sockaddr_in6);
2831 if (buf_len(buf) < sa_len)
2832 {
2833 msg(M_FATAL,
2834 "ERROR: received incoming packet with too short length of %d -- must be at least %d.",
2835 buf_len(buf), sa_len);
2836 }
2837 memcpy(dst, sa, sa_len);
2838 buf_advance(buf, sa_len);
2839 break;
2840
2841 default:
2842 msg(M_FATAL, "ERROR: received incoming packet with invalid address family %d.",
2843 sa->sa_family);
2844 }
2845
2846 return sa_len;
2847}
2848
2849/* Returns the number of bytes successfully read */
2850int
2852 struct link_socket_actual *from)
2853{
2854 int ret = -1;
2855 BOOL status;
2856
2857 switch (io->iostate)
2858 {
2859 case IOSTATE_QUEUED:
2861 if (status)
2862 {
2863 /* successful return for a queued operation */
2864 if (buf)
2865 {
2866 *buf = io->buf;
2867 }
2868 ret = io->size;
2870 ASSERT(ResetEvent(io->overlapped.hEvent));
2871
2872 dmsg(D_WIN32_IO, "WIN32 I/O: Completion success [%d]", ret);
2873 }
2874 else
2875 {
2876 /* error during a queued operation */
2877 ret = -1;
2878 if (SocketHandleGetLastError(sh) != ERROR_IO_INCOMPLETE)
2879 {
2880 /* if no error (i.e. just not finished yet), then DON'T execute this code */
2882 ASSERT(ResetEvent(io->overlapped.hEvent));
2883 msg(D_WIN32_IO | M_ERRNO, "WIN32 I/O: Completion error");
2884 }
2885 }
2886 break;
2887
2890 ASSERT(ResetEvent(io->overlapped.hEvent));
2891 if (io->status)
2892 {
2893 /* error return for a non-queued operation */
2895 ret = -1;
2896 msg(D_WIN32_IO | M_ERRNO, "WIN32 I/O: Completion non-queued error");
2897 }
2898 else
2899 {
2900 /* successful return for a non-queued operation */
2901 if (buf)
2902 {
2903 *buf = io->buf;
2904 }
2905 ret = io->size;
2906 dmsg(D_WIN32_IO, "WIN32 I/O: Completion non-queued success [%d]", ret);
2907 }
2908 break;
2909
2910 case IOSTATE_INITIAL: /* were we called without proper queueing? */
2912 ret = -1;
2913 dmsg(D_WIN32_IO, "WIN32 I/O: Completion BAD STATE");
2914 break;
2915
2916 default:
2917 ASSERT(0);
2918 }
2919
2920 if (from && ret > 0 && sh.is_handle && sh.prepend_sa)
2921 {
2922 ret -= read_sockaddr_from_packet(buf, &from->dest.addr.sa);
2923 }
2924
2925 if (!sh.is_handle && from)
2926 {
2927 read_sockaddr_from_overlapped(io, &from->dest.addr.sa, ret);
2928 }
2929
2930 if (buf)
2931 {
2932 buf->len = ret;
2933 }
2934 return ret;
2935}
2936
2937#endif /* _WIN32 */
2938
2939/*
2940 * Socket event notification
2941 */
2942
2943unsigned int
2944socket_set(struct link_socket *s, struct event_set *es, unsigned int rwflags, void *arg,
2945 unsigned int *persistent)
2946{
2947 if (s)
2948 {
2949 if ((rwflags & EVENT_READ) && !stream_buf_read_setup(s))
2950 {
2951 ASSERT(!persistent);
2952 rwflags &= ~EVENT_READ;
2953 }
2954
2955#ifdef _WIN32
2956 if (rwflags & EVENT_READ)
2957 {
2958 socket_recv_queue(s, 0);
2959 }
2960#endif
2961
2962 /* if persistent is defined, call event_ctl only if rwflags has changed since last call */
2963 if (!persistent || *persistent != rwflags)
2964 {
2965 event_ctl(es, socket_event_handle(s), rwflags, arg);
2966 if (persistent)
2967 {
2968 *persistent = rwflags;
2969 }
2970 }
2971
2972 s->rwflags_debug = rwflags;
2973 }
2974 return rwflags;
2975}
2976
2977void
2979{
2980 if (sd && socket_defined(*sd))
2981 {
2983 *sd = SOCKET_UNDEFINED;
2984 }
2985}
2986
2987#if UNIX_SOCK_SUPPORT
2988
2989/*
2990 * code for unix domain sockets
2991 */
2992
2993const char *
2994sockaddr_unix_name(const struct sockaddr_un *local, const char *null)
2995{
2996 if (local && local->sun_family == PF_UNIX)
2997 {
2998 return local->sun_path;
2999 }
3000 else
3001 {
3002 return null;
3003 }
3004}
3005
3007create_socket_unix(void)
3008{
3010
3011 if ((sd = socket(PF_UNIX, SOCK_STREAM, 0)) < 0)
3012 {
3013 msg(M_ERR, "Cannot create unix domain socket");
3014 }
3015
3016 /* set socket file descriptor to not pass across execs, so that
3017 * scripts don't have access to it */
3018 set_cloexec(sd);
3019
3020 return sd;
3021}
3022
3023void
3024socket_bind_unix(socket_descriptor_t sd, struct sockaddr_un *local, const char *prefix)
3025{
3026 struct gc_arena gc = gc_new();
3027 const mode_t orig_umask = umask(0);
3028
3029 if (bind(sd, (struct sockaddr *)local, sizeof(struct sockaddr_un)))
3030 {
3031 msg(M_FATAL | M_ERRNO, "%s: Socket bind[%d] failed on unix domain socket %s", prefix,
3032 (int)sd, sockaddr_unix_name(local, "NULL"));
3033 }
3034
3035 umask(orig_umask);
3036 gc_free(&gc);
3037}
3038
3040socket_accept_unix(socket_descriptor_t sd, struct sockaddr_un *remote)
3041{
3042 socklen_t remote_len = sizeof(struct sockaddr_un);
3044
3045 CLEAR(*remote);
3046 ret = accept(sd, (struct sockaddr *)remote, &remote_len);
3047 if (ret >= 0)
3048 {
3049 /* set socket file descriptor to not pass across execs, so that
3050 * scripts don't have access to it */
3051 set_cloexec(ret);
3052 }
3053 return ret;
3054}
3055
3056int
3057socket_connect_unix(socket_descriptor_t sd, struct sockaddr_un *remote)
3058{
3059 int status = connect(sd, (struct sockaddr *)remote, sizeof(struct sockaddr_un));
3060 if (status)
3061 {
3063 }
3064 return status;
3065}
3066
3067void
3068sockaddr_unix_init(struct sockaddr_un *local, const char *path)
3069{
3070 local->sun_family = PF_UNIX;
3071 strncpynt(local->sun_path, path, sizeof(local->sun_path));
3072}
3073
3074void
3075socket_delete_unix(const struct sockaddr_un *local)
3076{
3077 const char *name = sockaddr_unix_name(local, NULL);
3078 if (name && strlen(name))
3079 {
3080 unlink(name);
3081 }
3082}
3083
3084bool
3085unix_socket_get_peer_uid_gid(const socket_descriptor_t sd, int *uid, int *gid)
3086{
3087#ifdef HAVE_GETPEEREID
3088 uid_t u;
3089 gid_t g;
3090 if (getpeereid(sd, &u, &g) == -1)
3091 {
3092 return false;
3093 }
3094 if (uid)
3095 {
3096 *uid = u;
3097 }
3098 if (gid)
3099 {
3100 *gid = g;
3101 }
3102 return true;
3103#elif defined(SO_PEERCRED)
3104 struct ucred peercred;
3105 socklen_t so_len = sizeof(peercred);
3106 if (getsockopt(sd, SOL_SOCKET, SO_PEERCRED, &peercred, &so_len) == -1)
3107 {
3108 return false;
3109 }
3110 if (uid)
3111 {
3112 *uid = peercred.uid;
3113 }
3114 if (gid)
3115 {
3116 *gid = peercred.gid;
3117 }
3118 return true;
3119#else /* ifdef HAVE_GETPEEREID */
3120 return false;
3121#endif /* ifdef HAVE_GETPEEREID */
3122}
3123
3124#endif /* if UNIX_SOCK_SUPPORT */
void argv_parse_cmd(struct argv *argres, const char *cmdstr)
Parses a command string, tokenizes it and puts each element into a separate struct argv argument slot...
Definition argv.c:481
void argv_free(struct argv *a)
Frees all memory allocations allocated by the struct argv related functions.
Definition argv.c:101
bool argv_printf(struct argv *argres, const char *format,...)
printf() variant which populates a struct argv.
Definition argv.c:438
bool argv_printf_cat(struct argv *argres, const char *format,...)
printf() inspired argv concatenation.
Definition argv.c:462
struct argv argv_new(void)
Allocates a new struct argv and ensures it is initialised.
Definition argv.c:87
void free_buf(struct buffer *buf)
Definition buffer.c:184
bool buf_printf(struct buffer *buf, const char *format,...)
Definition buffer.c:241
struct buffer alloc_buf_gc(size_t size, struct gc_arena *gc)
Definition buffer.c:89
struct buffer alloc_buf(size_t size)
Definition buffer.c:63
void gc_addspecial(void *addr, void(*free_function)(void *), struct gc_arena *a)
Definition buffer.c:438
#define BSTR(buf)
Definition buffer.h:128
static bool buf_copy(struct buffer *dest, const struct buffer *src)
Definition buffer.h:704
#define BPTR(buf)
Definition buffer.h:123
static bool buf_copy_excess(struct buffer *dest, struct buffer *src, int len)
Definition buffer.h:739
static bool buf_write_prepend(struct buffer *dest, const void *src, int size)
Definition buffer.h:672
static void buf_reset(struct buffer *buf)
Definition buffer.h:303
static bool buf_safe(const struct buffer *buf, size_t len)
Definition buffer.h:518
static bool buf_read(struct buffer *src, void *dest, int size)
Definition buffer.h:762
static bool buf_advance(struct buffer *buf, int size)
Definition buffer.h:616
static int buf_len(const struct buffer *buf)
Definition buffer.h:253
static int buf_forward_capacity(const struct buffer *buf)
Definition buffer.h:539
#define ALLOC_OBJ_CLEAR_GC(dptr, type, gc)
Definition buffer.h:1079
#define BLEN(buf)
Definition buffer.h:126
static void strncpynt(char *dest, const char *src, size_t maxlen)
Definition buffer.h:361
static void gc_free(struct gc_arena *a)
Definition buffer.h:1015
#define ALLOC_OBJ_CLEAR(dptr, type)
Definition buffer.h:1042
static bool buf_defined(const struct buffer *buf)
Definition buffer.h:228
#define buf_init(buf, offset)
Definition buffer.h:209
static void gc_freeaddrinfo_callback(void *addr)
Definition buffer.h:215
static struct gc_arena gc_new(void)
Definition buffer.h:1007
static int buf_forward_capacity_total(const struct buffer *buf)
Definition buffer.h:557
#define HAVE_IPI_SPEC_DST
Definition config.h:231
#define HAVE_IN_PKTINFO
Definition config.h:219
void dco_mp_start_vpn(HANDLE handle, struct link_socket *sock)
Initializes and binds the kernel UDP transport socket for multipeer mode.
Definition dco_win.c:283
void dco_p2p_new_peer(HANDLE handle, OVERLAPPED *ov, struct link_socket *sock, struct signal_info *sig_info)
Definition dco_win.c:327
void setenv_str(struct env_set *es, const char *name, const char *value)
Definition env_set.c:307
#define D_WIN32_IO
Definition errlevel.h:172
#define D_STREAM_ERRORS
Definition errlevel.h:62
#define D_SOCKET_DEBUG
Definition errlevel.h:139
#define D_STREAM_DEBUG
Definition errlevel.h:171
#define D_INIT_MEDIUM
Definition errlevel.h:103
#define D_READ_WRITE
Definition errlevel.h:166
#define D_OSBUF
Definition errlevel.h:90
#define D_LOW
Definition errlevel.h:96
#define M_INFO
Definition errlevel.h:54
#define D_LINK_ERRORS
Definition errlevel.h:56
#define EVENT_WRITE
Definition event.h:39
#define EVENT_READ
Definition event.h:38
@ EVENT_ARG_LINK_SOCKET
Definition event.h:138
static void event_ctl(struct event_set *es, event_t event, unsigned int rwflags, void *arg)
Definition event.h:183
void set_nonblock(socket_descriptor_t fd)
Definition fdmisc.c:68
void set_cloexec(socket_descriptor_t fd)
Definition fdmisc.c:78
static void openvpn_fd_set(socket_descriptor_t fd, fd_set *setp)
Definition fdmisc.h:39
int get_server_poll_remaining_time(struct event_timeout *server_poll_timeout)
Definition forward.c:503
Interface functions to the internal and external multiplexers.
static SERVICE_STATUS status
Definition interactive.c:51
void management_set_state(struct management *man, const int state, const char *detail, const in_addr_t *tun_local_ip, const struct in6_addr *tun_local_ip6, const struct openvpn_sockaddr *local, const struct openvpn_sockaddr *remote)
Definition manage.c:2796
void management_sleep(const int n)
A sleep function that services the management layer for n seconds rather than doing nothing.
Definition manage.c:4147
#define OPENVPN_STATE_TCP_CONNECT
Definition manage.h:461
void alloc_buf_sock_tun(struct buffer *buf, const struct frame *frame)
Definition mtu.c:41
void set_mtu_discover_type(socket_descriptor_t sd, int mtu_type, sa_family_t proto_af)
Definition mtu.c:218
#define OPENVPN_PLUGIN_IPCHANGE
#define OPENVPN_PLUGIN_FUNC_SUCCESS
#define CLEAR(x)
Definition basic.h:32
const char * strerror_win32(DWORD errnum, struct gc_arena *gc)
Definition error.c:780
#define M_FATAL
Definition error.h:90
#define M_NONFATAL
Definition error.h:91
#define dmsg(flags,...)
Definition error.h:172
#define M_ERR
Definition error.h:106
#define openvpn_errno()
Definition error.h:71
#define msg(flags,...)
Definition error.h:152
unsigned int msglvl_t
Definition error.h:77
#define ASSERT(x)
Definition error.h:219
#define M_WARN
Definition error.h:92
#define M_ERRNO
Definition error.h:95
#define CM_CHILD_TCP
Definition openvpn.h:486
#define CM_CHILD_UDP
Definition openvpn.h:485
#define MODE_POINT_TO_POINT
Definition options.h:260
#define MODE_SERVER
Definition options.h:261
#define streq(x, y)
Definition options.h:727
static bool dco_enabled(const struct options *o)
Returns whether the current configuration has dco enabled.
Definition options.h:936
bool plugin_defined(const struct plugin_list *pl, const int type)
Definition plugin.c:904
static int plugin_call(const struct plugin_list *pl, const int type, const struct argv *av, struct plugin_return *pr, struct env_set *es)
Definition plugin.h:195
bool establish_http_proxy_passthru(struct http_proxy_info *p, socket_descriptor_t sd, const char *host, const char *port, struct event_timeout *server_poll_timeout, struct buffer *lookahead, struct signal_info *sig_info)
Definition proxy.c:630
static int openvpn_run_script(const struct argv *a, const struct env_set *es, const unsigned int flags, const char *hook)
Will run a script and return the exit code of the script if between 0 and 255, -1 otherwise.
Definition run_command.h:89
void throw_signal_soft(const int signum, const char *signal_text)
Throw a soft global signal.
Definition sig.c:204
int signal_reset(struct signal_info *si, int signum)
Clear the signal if its current value equals signum.
Definition sig.c:262
void throw_signal(const int signum)
Throw a hard signal.
Definition sig.c:175
struct signal_info siginfo_static
Definition sig.c:44
void register_signal(struct signal_info *si, int signum, const char *signal_text)
Register a soft signal in the signal_info struct si respecting priority.
Definition sig.c:228
#define SIG_SOURCE_HARD
Definition sig.h:30
static void get_signal(volatile int *sig)
Copy the global signal_received (if non-zero) to the passed-in argument sig.
Definition sig.h:109
void link_socket_init_phase1(struct context *c, int sock_index, int mode)
Definition socket.c:1367
static int get_cached_dns_entry(struct cached_dns_entry *dns_cache, const char *hostname, const char *servname, int ai_family, unsigned int resolve_flags, struct addrinfo **ai)
Definition socket.c:253
static void resolve_bind_local(struct link_socket *sock, const sa_family_t af)
Definition socket.c:1187
static int socket_get_sndbuf(socket_descriptor_t sd)
Definition socket.c:415
static void socket_set_sndbuf(socket_descriptor_t sd, int size)
Definition socket.c:431
static socket_descriptor_t socket_listen_accept(socket_descriptor_t sd, struct link_socket_actual *act, const char *remote_dynamic, const struct addrinfo *local, bool do_listen, bool nowait, volatile int *signal_received)
Definition socket.c:853
void link_socket_init_phase2(struct context *c, struct link_socket *sock)
Definition socket.c:1710
int socket_send_queue(struct link_socket *sock, struct buffer *buf, const struct link_socket_actual *to)
Definition socket.c:2659
static void ipchange_fmt(const bool include_cmd, struct argv *argv, const struct link_socket_info *info, struct gc_arena *gc)
Definition socket.c:1889
static int socket_get_last_error(const struct link_socket *sock)
Definition socket.c:2547
ssize_t link_socket_write_tcp(struct link_socket *sock, struct buffer *buf, struct link_socket_actual *to)
Definition socket.c:2443
void link_socket_update_buffer_sizes(struct link_socket *sock, int rcvbuf, int sndbuf)
Definition socket.c:557
static socket_descriptor_t create_socket_udp(struct addrinfo *addrinfo, const unsigned int flags)
Definition socket.c:604
static void phase2_tcp_server(struct link_socket *sock, const char *remote_dynamic, struct signal_info *sig_info)
Definition socket.c:1559
static void create_socket(struct link_socket *sock, struct addrinfo *addr)
Definition socket.c:675
const struct in6_addr * link_socket_current_remote_ipv6(const struct link_socket_info *info)
Definition socket.c:2024
void set_actual_address(struct link_socket_actual *actual, struct addrinfo *ai)
Definition socket.c:1084
static bool socket_set_rcvbuf(socket_descriptor_t sd, int size)
Definition socket.c:458
static void stream_buf_set_next(struct stream_buf *sb)
Definition socket.c:2118
const char * socket_stat(const struct link_socket *s, unsigned int rwflags, struct gc_arena *gc)
Definition socket.c:2057
static int do_preresolve_host(struct context *c, const char *hostname, const char *servname, const int af, const unsigned int flags)
Definition socket.c:276
void bad_address_length(int actual, int expected)
Definition socket.c:2263
static bool stream_buf_added(struct stream_buf *sb, int length_added)
Definition socket.c:2166
event_t socket_listen_event_handle(struct link_socket *s)
Definition socket.c:2244
void sd_close(socket_descriptor_t *sd)
Definition socket.c:2978
static void linksock_print_addr(struct link_socket *sock)
Definition socket.c:1522
static void socket_set_mark(socket_descriptor_t sd, int mark)
Definition socket.c:518
static void stream_buf_close(struct stream_buf *sb)
Definition socket.c:2233
static void stream_buf_get_final(struct stream_buf *sb, struct buffer *buf)
Definition socket.c:2131
static void socket_connect(socket_descriptor_t *sd, const struct sockaddr *dest, const int connect_timeout, struct signal_info *sig_info)
Definition socket.c:1104
static void bind_local(struct link_socket *sock, const sa_family_t ai_family)
Definition socket.c:657
bool stream_buf_read_setup_dowork(struct link_socket *sock)
Definition socket.c:2147
static void phase2_socks_client(struct link_socket *sock, struct signal_info *sig_info)
Definition socket.c:1628
static bool socket_set_tcp_nodelay(socket_descriptor_t sd, int state)
Definition socket.c:498
static int get_addr_generic(sa_family_t af, unsigned int flags, const char *hostname, void *network, unsigned int *netbits, int resolve_retry_seconds, struct signal_info *sig_info, msglvl_t msglevel)
Definition socket.c:84
socket_descriptor_t socket_do_accept(socket_descriptor_t sd, struct link_socket_actual *act, const bool nowait)
Definition socket.c:782
static void socket_do_listen(socket_descriptor_t sd, const struct addrinfo *local, bool do_listen, bool do_set_nonblock)
Definition socket.c:757
int socket_recv_queue(struct link_socket *sock, int maxsize)
Definition socket.c:2558
void link_socket_close(struct link_socket *sock)
Definition socket.c:1831
bool get_ipv6_addr(const char *hostname, struct in6_addr *network, unsigned int *netbits, msglvl_t msglevel)
Translate an IPv6 addr or hostname from string form to in6_addr.
Definition socket.c:219
void link_socket_connection_initiated(struct link_socket_info *info, const struct link_socket_actual *act, const char *common_name, struct env_set *es)
Definition socket.c:1905
void socket_set_buffers(socket_descriptor_t fd, const struct socket_buffer_size *sbs, bool reduce_size)
Sets the receive and send buffer sizes of a socket descriptor.
Definition socket.c:471
static bool streqnull(const char *a, const char *b)
Definition socket.c:232
static void phase2_set_socket_flags(struct link_socket *sock)
Definition socket.c:1503
static void resolve_remote(struct link_socket *sock, int phase, const char **remote_dynamic, struct signal_info *sig_info)
Definition socket.c:1237
void link_socket_bad_outgoing_addr(void)
Definition socket.c:1984
int sockethandle_finalize(sockethandle_t sh, struct overlapped_io *io, struct buffer *buf, struct link_socket_actual *from)
Definition socket.c:2851
in_addr_t link_socket_current_remote(const struct link_socket_info *info)
Definition socket.c:1990
static int socket_get_rcvbuf(socket_descriptor_t sd)
Definition socket.c:442
int link_socket_read_tcp(struct link_socket *sock, struct buffer *buf)
Definition socket.c:2275
int openvpn_connect(socket_descriptor_t sd, const struct sockaddr *remote, int connect_timeout, volatile int *signal_received)
Definition socket.c:991
unsigned int socket_set(struct link_socket *s, struct event_set *es, unsigned int rwflags, void *arg, unsigned int *persistent)
Definition socket.c:2944
static unsigned int sf2gaf(const unsigned int getaddr_flags, const unsigned int sockflags)
Definition socket.c:63
void do_preresolve(struct context *c)
Definition socket.c:320
void link_socket_bad_incoming_addr(struct buffer *buf, const struct link_socket_info *info, const struct link_socket_actual *from_addr)
Definition socket.c:1957
static void phase2_tcp_client(struct link_socket *sock, struct signal_info *sig_info)
Definition socket.c:1593
void socket_bind(socket_descriptor_t sd, struct addrinfo *local, int ai_family, const char *prefix, bool ipv6only)
Definition socket.c:941
socket_descriptor_t create_socket_tcp(struct addrinfo *addrinfo)
Definition socket.c:573
static void socket_frame_init(const struct frame *frame, struct link_socket *sock)
Definition socket.c:1163
static void stream_buf_reset(struct stream_buf *sb)
Definition socket.c:2090
static void stream_buf_get_next(struct stream_buf *sb, struct buffer *buf)
Definition socket.c:2139
static void create_socket_dco_win(struct context *c, struct link_socket *sock, struct signal_info *sig_info)
Definition socket.c:1662
static void tcp_connection_established(const struct link_socket_actual *act)
Definition socket.c:845
static bool socket_set_flags(socket_descriptor_t sd, unsigned int sockflags)
Definition socket.c:529
struct link_socket * link_socket_new(void)
Definition socket.c:1353
static int read_sockaddr_from_packet(struct buffer *buf, struct sockaddr *dst)
Extracts a sockaddr from a packet payload.
Definition socket.c:2810
bool sockets_read_residual(const struct context *c)
Definition socket.c:45
in_addr_t getaddr(unsigned int flags, const char *hostname, int resolve_retry_seconds, bool *succeeded, struct signal_info *sig_info)
Translate an IPv4 addr or hostname from string form to in_addr_t.
Definition socket.c:192
void setenv_trusted(struct env_set *es, const struct link_socket_info *info)
Definition socket.c:1883
void read_sockaddr_from_overlapped(struct overlapped_io *io, struct sockaddr *dst, int overlapped_ret)
Definition socket.c:2760
bool link_socket_update_flags(struct link_socket *sock, unsigned int sockflags)
Definition socket.c:543
static void stream_buf_init(struct stream_buf *sb, struct buffer *buf, const unsigned int sockflags, const int proto)
Definition socket.c:2100
static event_t socket_event_handle(const struct link_socket *sock)
Definition socket.h:738
#define IPV4_INVALID_ADDR
Definition socket.h:327
static BOOL SocketHandleGetOverlappedResult(sockethandle_t sh, struct overlapped_io *io)
Definition socket.h:269
#define LS_MODE_TCP_ACCEPT_FROM
Definition socket.h:181
#define SF_DCO_WIN
Definition socket.h:196
static bool link_socket_connection_oriented(const struct link_socket *sock)
Definition socket.h:379
static bool stream_buf_read_setup(struct link_socket *sock)
Definition socket.h:504
static void SocketHandleSetLastError(sockethandle_t sh, DWORD err)
Definition socket.h:283
static int SocketHandleGetLastError(sockethandle_t sh)
Definition socket.h:277
static void SocketHandleSetInvalError(sockethandle_t sh)
Definition socket.h:289
#define SF_TCP_NODELAY
Definition socket.h:192
#define RESOLV_RETRY_INFINITE
Definition socket.h:48
#define SF_USE_IP_PKTINFO
Definition socket.h:191
#define LS_MODE_DEFAULT
Definition socket.h:179
#define MSG_NOSIGNAL
Definition socket.h:242
uint16_t packet_size_type
Definition socket.h:56
static bool socket_is_dco_win(const struct link_socket *s)
Returns true if we are on Windows and this link is running on DCO-WIN.
Definition socket.h:522
#define SF_HOST_RANDOMIZE
Definition socket.h:194
#define SF_GETADDRINFO_DGRAM
Definition socket.h:195
#define LS_MODE_TCP_LISTEN
Definition socket.h:180
#define SF_PORT_SHARE
Definition socket.h:193
#define ntohps(x)
Definition socket.h:62
static int link_socket_write_win32(struct link_socket *sock, struct buffer *buf, struct link_socket_actual *to)
Definition socket.h:596
#define openvpn_close_socket(s)
Definition socket.h:247
#define htonps(x)
Definition socket.h:59
const char * proto2ascii(int proto, sa_family_t af, bool display_form)
int openvpn_getaddrinfo(unsigned int flags, const char *hostname, const char *servname, int resolve_retry_seconds, struct signal_info *sig_info, int ai_family, struct addrinfo **res)
const char * print_sockaddr_ex(const struct sockaddr *sa, const char *separator, const unsigned int flags, struct gc_arena *gc)
Definition socket_util.c:38
void setenv_link_socket_actual(struct env_set *es, const char *name_prefix, const struct link_socket_actual *act, const unsigned int flags)
const char * print_link_socket_actual(const struct link_socket_actual *act, struct gc_arena *gc)
const char * print_link_socket_actual_ex(const struct link_socket_actual *act, const char *separator, const unsigned int flags, struct gc_arena *gc)
const char * addr_family_name(int af)
static const char * print_sockaddr(const struct sockaddr *addr, struct gc_arena *gc)
Definition socket_util.h:77
#define GETADDR_CACHE_MASK
static bool link_socket_actual_defined(const struct link_socket_actual *act)
#define GETADDR_TRY_ONCE
#define SA_IP_PORT
Definition socket_util.h:99
#define GETADDR_PASSIVE
static bool proto_is_udp(int proto)
Returns if the protocol being used is UDP.
#define GETADDR_FATAL
#define GETADDR_UPDATE_MANAGEMENT_STATE
static bool addr_local(const struct sockaddr *addr)
#define PS_SHOW_PORT
Definition socket_util.h:31
@ PROTO_UDP
@ PROTO_TCP_CLIENT
@ PROTO_TCP_SERVER
#define GETADDR_HOST_ORDER
#define PS_SHOW_PORT_IF_DEFINED
Definition socket_util.h:30
#define GETADDR_RANDOMIZE
#define GETADDR_DATAGRAM
static bool proto_is_tcp(int proto)
returns if the proto is a TCP variant (tcp-server, tcp-client or tcp)
static void addr_zero_host(struct openvpn_sockaddr *addr)
static bool proto_is_dgram(int proto)
Return if the protocol is datagram (UDP)
static int af_addr_size(sa_family_t af)
#define GETADDR_RESOLVE
#define GETADDR_MENTION_RESOLVE_RETRY
#define GETADDR_WARN_ON_SIGNAL
static bool addrlist_match(const struct openvpn_sockaddr *a1, const struct addrinfo *addrlist)
void establish_socks_proxy_passthru(struct socks_proxy_info *p, socket_descriptor_t sd, const char *host, const char *servname, struct event_timeout *server_poll_timeout, struct signal_info *sig_info)
Definition socks.c:383
void establish_socks_proxy_udpassoc(struct socks_proxy_info *p, socket_descriptor_t ctrl_sd, struct openvpn_sockaddr *relay_addr, struct event_timeout *server_poll_timeout, struct signal_info *sig_info)
Definition socks.c:451
Definition argv.h:35
Wrapper structure for dynamically allocated memory.
Definition buffer.h:60
int len
Length in bytes of the actual content within the allocated memory.
Definition buffer.h:65
int offset
Offset in bytes of the actual content within the allocated memory.
Definition buffer.h:63
Definition socket.h:66
const char * hostname
Definition socket.h:67
int ai_family
Definition socket.h:69
const char * servname
Definition socket.h:68
unsigned int flags
Definition socket.h:70
struct addrinfo * ai
Definition socket.h:71
struct cached_dns_entry * next
Definition socket.h:72
Definition options.h:104
struct local_list * local_list
Definition options.h:105
bool bind_local
Definition options.h:115
const char * remote
Definition options.h:111
const char * socks_proxy_port
Definition options.h:121
struct http_proxy_options * http_proxy_options
Definition options.h:119
bool bind_ipv6_only
Definition options.h:114
bool remote_float
Definition options.h:112
const char * remote_port
Definition options.h:110
const char * socks_proxy_server
Definition options.h:120
int mtu_discover_type
Definition options.h:136
int proto
Definition options.h:106
sa_family_t af
Definition options.h:107
unsigned int flags
Definition options.h:159
struct connection_entry ** array
Definition options.h:201
struct link_socket_addr * link_socket_addrs
Local and remote addresses on the external network.
Definition openvpn.h:159
int link_sockets_num
Definition openvpn.h:158
struct http_proxy_info * http_proxy
Definition openvpn.h:189
struct socks_proxy_info * socks_proxy
Definition openvpn.h:193
struct cached_dns_entry * dns_cache
Definition openvpn.h:167
struct tuntap * tuntap
Tun/tap virtual network interface.
Definition openvpn.h:172
struct event_timeout server_poll_interval
Definition openvpn.h:408
const struct link_socket * accept_from
Definition openvpn.h:242
struct frame frame
Definition openvpn.h:248
struct link_socket ** link_sockets
Definition openvpn.h:237
Contains all state information for one tunnel.
Definition openvpn.h:474
int mode
Role of this context within the OpenVPN process.
Definition openvpn.h:487
struct signal_info * sig
Internal error signaling object.
Definition openvpn.h:503
struct plugin_list * plugins
List of plug-ins.
Definition openvpn.h:505
struct context_2 c2
Level 2 context.
Definition openvpn.h:517
struct options options
Options loaded from command line or configuration file.
Definition openvpn.h:475
struct gc_arena gc
Garbage collection arena for allocations done in the scope of this context structure.
Definition openvpn.h:495
struct context_1 c1
Level 1 context.
Definition openvpn.h:516
struct link_socket * sock
Definition event.h:148
union event_arg::@1 u
event_arg_t type
Definition event.h:144
Packet geometry parameters.
Definition mtu.h:103
Garbage collection arena used to keep track of dynamically allocated memory.
Definition buffer.h:116
struct http_proxy_options options
Definition proxy.h:70
const char * port
Definition proxy.h:47
const char * server
Definition proxy.h:46
Definition options.h:97
const char * port
Definition options.h:99
int proto
Definition options.h:100
const char * local
Definition options.h:98
struct local_entry ** array
Definition options.h:193
struct man_connection connection
Definition manage.h:335
union openvpn_sockaddr::@27 addr
struct sockaddr sa
Definition socket_util.h:42
struct sockaddr_in in4
Definition socket_util.h:43
struct sockaddr_in6 in6
Definition socket_util.h:44
int resolve_retry_seconds
Definition options.h:367
int rcvbuf
Definition options.h:416
const char * ip_remote_hint
Definition options.h:369
HANDLE msg_channel
Definition options.h:695
struct connection_entry ce
Definition options.h:290
const char * ipchange
Definition options.h:317
int mode
Definition options.h:262
char * bind_dev
Definition options.h:421
int sndbuf
Definition options.h:417
int mark
Definition options.h:420
unsigned int sockflags
Definition options.h:424
const char * dev_node
Definition options.h:320
DWORD flags
Definition win32.h:211
struct buffer buf
Definition win32.h:221
DWORD size
Definition win32.h:210
OVERLAPPED overlapped
Definition win32.h:209
struct buffer buf_init
Definition win32.h:220
int addrlen
Definition win32.h:219
bool addr_defined
Definition win32.h:213
int iostate
Definition win32.h:208
struct sockaddr_in6 addr6
Definition win32.h:217
struct sockaddr_in addr
Definition win32.h:216
HANDLE write
Definition win32.h:82
HANDLE read
Definition win32.h:81
const char * signal_text
Definition sig.h:44
volatile int signal_received
Definition sig.h:42
volatile int source
Definition sig.h:43
bool is_handle
Definition socket.h:261
bool prepend_sa
Definition socket.h:262
char server[128]
Definition socks.h:40
const char * port
Definition socks.h:41
struct buffer buf
Definition socket.h:109
struct buffer residual
Definition socket.h:105
bool residual_fully_formed
Definition socket.h:107
int maxlen
Definition socket.h:106
HANDLE msg_channel
Definition tun.h:88
Definition tun.h:183
enum tun_driver_type backend_driver
The backend driver that used for this tun/tap device.
Definition tun.h:193
OVERLAPPED dco_new_peer_ov
Definition tun.h:220
struct tuntap_options options
Definition tun.h:205
HANDLE hand
Definition tun.h:218
unsigned short sa_family_t
Definition syshead.h:396
#define SOCKET_UNDEFINED
Definition syshead.h:438
#define SOL_IP
Definition syshead.h:389
SOCKET socket_descriptor_t
Definition syshead.h:440
static int socket_defined(const socket_descriptor_t sd)
Definition syshead.h:448
#define ENABLE_IP_PKTINFO
Definition syshead.h:381
struct env_set * es
struct gc_arena gc
Definition test_ssl.c:131
void tun_open_device(struct tuntap *tt, const char *dev_node, const char **device_guid, struct gc_arena *gc)
Definition tun.c:6239
@ DRIVER_DCO
Definition tun.h:53
void init_net_event_win32(struct rw_handle *event, long network_events, socket_descriptor_t sd, unsigned int flags)
Definition win32.c:219
void overlapped_io_init(struct overlapped_io *o, const struct frame *frame, BOOL event_state)
Definition win32.c:169
void close_net_event_win32(struct rw_handle *event, socket_descriptor_t sd, unsigned int flags)
Definition win32.c:274
char * overlapped_io_state_ascii(const struct overlapped_io *o)
Definition win32.c:198
void overlapped_io_close(struct overlapped_io *o)
Definition win32.c:185
static bool defined_net_event_win32(const struct rw_handle *event)
Definition win32.h:93
#define IOSTATE_IMMEDIATE_RETURN
Definition win32.h:207
#define IOSTATE_INITIAL
Definition win32.h:205
#define IOSTATE_QUEUED
Definition win32.h:206