6fbf66fa |
/*
* OpenVPN -- An application to securely tunnel IP networks
* over a single TCP/UDP port, with support for SSL/TLS-based
* session authentication and key exchange,
* packet encryption, packet authentication, and
* packet compression.
* |
58716979 |
* Copyright (C) 2002-2017 OpenVPN Technologies, Inc. <sales@openvpn.net> |
6fbf66fa |
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* |
caa54ac3 |
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
6fbf66fa |
*/
#ifndef MROUTE_H
#define MROUTE_H
#if P2MP_SERVER
#include "buffer.h"
#include "list.h"
#include "route.h"
|
8cac9b98 |
#include <stddef.h>
|
6fbf66fa |
#define IP_MCAST_SUBNET_MASK ((in_addr_t)240<<24)
#define IP_MCAST_NETWORK ((in_addr_t)224<<24)
/* Return status values for mroute_extract_addr_from_packet */ |
90efcacb |
#define MROUTE_EXTRACT_SUCCEEDED (1<<0)
#define MROUTE_EXTRACT_BCAST (1<<1)
#define MROUTE_EXTRACT_MCAST (1<<2)
#define MROUTE_EXTRACT_IGMP (1<<3)
#define MROUTE_SEC_EXTRACT_SUCCEEDED (1<<(0+MROUTE_SEC_SHIFT))
#define MROUTE_SEC_EXTRACT_BCAST (1<<(1+MROUTE_SEC_SHIFT))
#define MROUTE_SEC_EXTRACT_MCAST (1<<(2+MROUTE_SEC_SHIFT))
#define MROUTE_SEC_EXTRACT_IGMP (1<<(3+MROUTE_SEC_SHIFT))
#define MROUTE_SEC_SHIFT 4 |
6fbf66fa |
/*
* Choose the largest address possible with
* any of our supported types, which is IPv6
* with port number.
*/
#define MR_MAX_ADDR_LEN 20
/*
* Address Types
*/
#define MR_ADDR_NONE 0
#define MR_ADDR_ETHER 1
#define MR_ADDR_IPV4 2
#define MR_ADDR_IPV6 3
#define MR_ADDR_MASK 3
/* Address type mask indicating that port # is part of address */
#define MR_WITH_PORT 4
/* Address type mask indicating that netbits is part of address */
#define MR_WITH_NETBITS 8
|
90efcacb |
/* Indicates than IPv4 addr was extracted from ARP packet */
#define MR_ARP 16
|
6fbf66fa |
struct mroute_addr { |
81d882d5 |
uint8_t len; /* length of address */
uint8_t unused;
uint8_t type; /* MR_ADDR/MR_WITH flags */
uint8_t netbits; /* number of bits in network part of address,
* valid if MR_WITH_NETBITS is set */
union {
uint8_t raw_addr[MR_MAX_ADDR_LEN]; /* actual address */
uint8_t eth_addr[OPENVPN_ETH_ALEN];
struct {
in_addr_t addr; /* _network order_ IPv4 address */
in_port_t port; /* _network order_ TCP/UDP port */
} v4;
struct {
struct in6_addr addr;
in_port_t port; /* _network order_ TCP/UDP port */
} v6;
struct {
uint8_t prefix[12];
in_addr_t addr; /* _network order_ IPv4 address */
} v4mappedv6;
} |
9223336a |
#ifndef HAVE_ANONYMOUS_UNION_SUPPORT
/* Wrappers to support compilers that do not grok anonymous unions */ |
81d882d5 |
mroute_union |
9223336a |
#define raw_addr mroute_union.raw_addr
#define eth_addr mroute_union.eth_addr
#define v4 mroute_union.v4
#define v6 mroute_union.v6
#define v4mappedv6 mroute_union.v4mappedv6
#endif |
81d882d5 |
; |
6fbf66fa |
};
|
8cac9b98 |
/* Double-check that struct packing works as expected */ |
81d882d5 |
static_assert(offsetof(struct mroute_addr, v4.port) ==
offsetof(struct mroute_addr, v4) + 4,
"Unexpected struct packing of v4");
static_assert(offsetof(struct mroute_addr, v6.port) ==
offsetof(struct mroute_addr, v6) + 16,
"Unexpected struct packing of v6");
static_assert(offsetof(struct mroute_addr, v4mappedv6.addr) ==
offsetof(struct mroute_addr, v4mappedv6) + 12,
"Unexpected struct packing of v4mappedv6"); |
8cac9b98 |
|
6fbf66fa |
/* |
90efcacb |
* Number of bits in an address. Should be raised for IPv6. |
6fbf66fa |
*/ |
512cda46 |
#define MR_HELPER_NET_LEN 129 |
6fbf66fa |
/*
* Used to help maintain CIDR routing table.
*/
struct mroute_helper { |
81d882d5 |
unsigned int cache_generation; /* incremented when route added */
int ageable_ttl_secs; /* host route cache entry time-to-live*/
int n_net_len; /* length of net_len array */
uint8_t net_len[MR_HELPER_NET_LEN]; /* CIDR netlengths in descending order */
int net_len_refcount[MR_HELPER_NET_LEN]; /* refcount of each netlength */ |
6fbf66fa |
};
|
8bc93d7f |
struct openvpn_sockaddr;
|
81d882d5 |
bool mroute_extract_openvpn_sockaddr(struct mroute_addr *addr,
const struct openvpn_sockaddr *osaddr,
bool use_port); |
6fbf66fa |
|
a19c56db |
bool mroute_learnable_address(const struct mroute_addr *addr,
struct gc_arena *gc); |
6fbf66fa |
|
81d882d5 |
uint32_t mroute_addr_hash_function(const void *key, uint32_t iv); |
6fbf66fa |
|
81d882d5 |
bool mroute_addr_compare_function(const void *key1, const void *key2); |
6fbf66fa |
|
81d882d5 |
void mroute_addr_init(struct mroute_addr *addr);
const char *mroute_addr_print(const struct mroute_addr *ma,
struct gc_arena *gc); |
6fbf66fa |
|
90efcacb |
#define MAPF_SUBNET (1<<0)
#define MAPF_IA_EMPTY_IF_UNDEF (1<<1)
#define MAPF_SHOW_ARP (1<<2) |
81d882d5 |
const char *mroute_addr_print_ex(const struct mroute_addr *ma,
const unsigned int flags,
struct gc_arena *gc);
void mroute_addr_mask_host_bits(struct mroute_addr *ma);
struct mroute_helper *mroute_helper_init(int ageable_ttl_secs);
void mroute_helper_free(struct mroute_helper *mh); |
90efcacb |
|
81d882d5 |
void mroute_helper_add_iroute46(struct mroute_helper *mh, int netbits); |
6fbf66fa |
|
81d882d5 |
void mroute_helper_del_iroute46(struct mroute_helper *mh, int netbits); |
6fbf66fa |
|
90efcacb |
/*
* Given a raw packet in buf, return the src and dest
* addresses of the packet.
*/
static inline unsigned int |
81d882d5 |
mroute_extract_addr_from_packet(struct mroute_addr *src,
struct mroute_addr *dest,
struct mroute_addr *esrc,
struct mroute_addr *edest,
const struct buffer *buf,
int tunnel_type) |
90efcacb |
{ |
3b38c43b |
unsigned int mroute_extract_addr_ip(struct mroute_addr *src,
struct mroute_addr *dest,
const struct buffer *buf); |
81d882d5 |
unsigned int mroute_extract_addr_ether(struct mroute_addr *src,
struct mroute_addr *dest,
struct mroute_addr *esrc,
struct mroute_addr *edest,
const struct buffer *buf);
unsigned int ret = 0;
verify_align_4(buf);
if (tunnel_type == DEV_TYPE_TUN)
{ |
3b38c43b |
ret = mroute_extract_addr_ip(src, dest, buf); |
81d882d5 |
}
else if (tunnel_type == DEV_TYPE_TAP)
{
ret = mroute_extract_addr_ether(src, dest, esrc, edest, buf);
}
return ret; |
90efcacb |
}
|
6fbf66fa |
static inline bool |
81d882d5 |
mroute_addr_equal(const struct mroute_addr *a1, const struct mroute_addr *a2) |
6fbf66fa |
{ |
81d882d5 |
if (a1->type != a2->type)
{
return false;
}
if (a1->netbits != a2->netbits)
{
return false;
}
if (a1->len != a2->len)
{
return false;
}
return memcmp(a1->raw_addr, a2->raw_addr, a1->len) == 0; |
6fbf66fa |
}
static inline const uint8_t * |
81d882d5 |
mroute_addr_hash_ptr(const struct mroute_addr *a) |
6fbf66fa |
{ |
81d882d5 |
/* NOTE: depends on ordering of struct mroute_addr */
return (uint8_t *) &a->type; |
6fbf66fa |
}
static inline uint32_t |
81d882d5 |
mroute_addr_hash_len(const struct mroute_addr *a) |
6fbf66fa |
{ |
81d882d5 |
return (uint32_t) a->len + 2; |
6fbf66fa |
}
static inline void |
81d882d5 |
mroute_extract_in_addr_t(struct mroute_addr *dest, const in_addr_t src) |
6fbf66fa |
{ |
81d882d5 |
dest->type = MR_ADDR_IPV4;
dest->netbits = 0;
dest->len = 4;
dest->v4.addr = htonl(src); |
6fbf66fa |
}
|
47ae8457 |
static inline in_addr_t |
81d882d5 |
in_addr_t_from_mroute_addr(const struct mroute_addr *addr) |
47ae8457 |
{ |
81d882d5 |
if ((addr->type & MR_ADDR_MASK) == MR_ADDR_IPV4 && addr->netbits == 0 && addr->len == 4)
{
return ntohl(addr->v4.addr);
}
else
{
return 0;
} |
47ae8457 |
}
|
90efcacb |
static inline void |
81d882d5 |
mroute_addr_reset(struct mroute_addr *ma) |
90efcacb |
{ |
81d882d5 |
ma->len = 0;
ma->type = MR_ADDR_NONE; |
90efcacb |
}
|
6fbf66fa |
#endif /* P2MP_SERVER */
#endif /* MROUTE_H */ |