2
* OpenVPN -- An application to securely tunnel IP networks
3
* over a single TCP/UDP port, with support for SSL/TLS-based
4
* session authentication and key exchange,
5
* packet encryption, packet authentication, and
8
* Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
10
* This program is free software; you can redistribute it and/or modify
11
* it under the terms of the GNU General Public License version 2
12
* as published by the Free Software Foundation.
14
* This program is distributed in the hope that it will be useful,
15
* but WITHOUT ANY WARRANTY; without even the implied warranty of
16
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17
* GNU General Public License for more details.
19
* You should have received a copy of the GNU General Public License
20
* along with this program (see the file COPYING included with this
21
* distribution); if not, write to the Free Software Foundation, Inc.,
22
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
34
#define IP_MCAST_SUBNET_MASK ((in_addr_t)240<<24)
35
#define IP_MCAST_NETWORK ((in_addr_t)224<<24)
37
/* Return status values for mroute_extract_addr_from_packet */
39
#define MROUTE_EXTRACT_SUCCEEDED (1<<0)
40
#define MROUTE_EXTRACT_BCAST (1<<1)
41
#define MROUTE_EXTRACT_MCAST (1<<2)
42
#define MROUTE_EXTRACT_IGMP (1<<3)
44
#define MROUTE_SEC_EXTRACT_SUCCEEDED (1<<(0+MROUTE_SEC_SHIFT))
45
#define MROUTE_SEC_EXTRACT_BCAST (1<<(1+MROUTE_SEC_SHIFT))
46
#define MROUTE_SEC_EXTRACT_MCAST (1<<(2+MROUTE_SEC_SHIFT))
47
#define MROUTE_SEC_EXTRACT_IGMP (1<<(3+MROUTE_SEC_SHIFT))
49
#define MROUTE_SEC_SHIFT 4
52
* Choose the largest address possible with
53
* any of our supported types, which is IPv6
56
#define MR_MAX_ADDR_LEN 20
61
#define MR_ADDR_NONE 0
62
#define MR_ADDR_ETHER 1
63
#define MR_ADDR_IPV4 2
64
#define MR_ADDR_IPV6 3
65
#define MR_ADDR_MASK 3
67
/* Address type mask indicating that port # is part of address */
68
#define MR_WITH_PORT 4
70
/* Address type mask indicating that netbits is part of address */
71
#define MR_WITH_NETBITS 8
73
/* Indicates than IPv4 addr was extracted from ARP packet */
77
uint8_t len; /* length of address */
79
uint8_t type; /* MR_ADDR/MR_WITH flags */
80
uint8_t netbits; /* number of bits in network part of address,
81
valid if MR_WITH_NETBITS is set */
82
uint8_t addr[MR_MAX_ADDR_LEN]; /* actual address */
86
* Number of bits in an address. Should be raised for IPv6.
88
#define MR_HELPER_NET_LEN 129
91
* Used to help maintain CIDR routing table.
93
struct mroute_helper {
94
unsigned int cache_generation; /* incremented when route added */
95
int ageable_ttl_secs; /* host route cache entry time-to-live*/
96
int n_net_len; /* length of net_len array */
97
uint8_t net_len[MR_HELPER_NET_LEN]; /* CIDR netlengths in descending order */
98
int net_len_refcount[MR_HELPER_NET_LEN]; /* refcount of each netlength */
101
struct openvpn_sockaddr;
103
bool mroute_extract_openvpn_sockaddr (struct mroute_addr *addr,
104
const struct openvpn_sockaddr *osaddr,
107
bool mroute_learnable_address (const struct mroute_addr *addr);
109
uint32_t mroute_addr_hash_function (const void *key, uint32_t iv);
110
bool mroute_addr_compare_function (const void *key1, const void *key2);
112
void mroute_addr_init (struct mroute_addr *addr);
114
const char *mroute_addr_print (const struct mroute_addr *ma,
115
struct gc_arena *gc);
117
#define MAPF_SUBNET (1<<0)
118
#define MAPF_IA_EMPTY_IF_UNDEF (1<<1)
119
#define MAPF_SHOW_ARP (1<<2)
120
const char *mroute_addr_print_ex (const struct mroute_addr *ma,
121
const unsigned int flags,
122
struct gc_arena *gc);
124
void mroute_addr_mask_host_bits (struct mroute_addr *ma);
126
struct mroute_helper *mroute_helper_init (int ageable_ttl_secs);
127
void mroute_helper_free (struct mroute_helper *mh);
128
void mroute_helper_add_iroute (struct mroute_helper *mh, const struct iroute *ir);
129
void mroute_helper_del_iroute (struct mroute_helper *mh, const struct iroute *ir);
130
void mroute_helper_add_iroute6 (struct mroute_helper *mh, const struct iroute_ipv6 *ir6);
131
void mroute_helper_del_iroute6 (struct mroute_helper *mh, const struct iroute_ipv6 *ir6);
134
* Given a raw packet in buf, return the src and dest
135
* addresses of the packet.
137
static inline unsigned int
138
mroute_extract_addr_from_packet (struct mroute_addr *src,
139
struct mroute_addr *dest,
140
struct mroute_addr *esrc,
141
struct mroute_addr *edest,
142
const struct buffer *buf,
145
unsigned int mroute_extract_addr_ipv4 (struct mroute_addr *src,
146
struct mroute_addr *dest,
147
const struct buffer *buf);
149
unsigned int mroute_extract_addr_ether (struct mroute_addr *src,
150
struct mroute_addr *dest,
151
struct mroute_addr *esrc,
152
struct mroute_addr *edest,
153
const struct buffer *buf);
154
unsigned int ret = 0;
155
verify_align_4 (buf);
156
if (tunnel_type == DEV_TYPE_TUN)
157
ret = mroute_extract_addr_ipv4 (src, dest, buf);
158
else if (tunnel_type == DEV_TYPE_TAP)
159
ret = mroute_extract_addr_ether (src, dest, esrc, edest, buf);
164
mroute_addr_equal (const struct mroute_addr *a1, const struct mroute_addr *a2)
166
if (a1->type != a2->type)
168
if (a1->netbits != a2->netbits)
170
if (a1->len != a2->len)
172
return memcmp (a1->addr, a2->addr, a1->len) == 0;
175
static inline const uint8_t *
176
mroute_addr_hash_ptr (const struct mroute_addr *a)
178
/* NOTE: depends on ordering of struct mroute_addr */
179
return (uint8_t *) &a->type;
182
static inline uint32_t
183
mroute_addr_hash_len (const struct mroute_addr *a)
185
return (uint32_t) a->len + 2;
189
mroute_extract_in_addr_t (struct mroute_addr *dest, const in_addr_t src)
191
dest->type = MR_ADDR_IPV4;
194
*(in_addr_t*)dest->addr = htonl (src);
197
static inline in_addr_t
198
in_addr_t_from_mroute_addr (const struct mroute_addr *addr)
200
if ((addr->type & MR_ADDR_MASK) == MR_ADDR_IPV4 && addr->netbits == 0 && addr->len == 4)
201
return ntohl(*(in_addr_t*)addr->addr);
207
mroute_addr_reset (struct mroute_addr *ma)
210
ma->type = MR_ADDR_NONE;
213
#endif /* P2MP_SERVER */
214
#endif /* MROUTE_H */