Version 2.1.3a
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@6424 e7ae566f-a301-0410-adde-c780ea21d3b5
... | ... |
@@ -378,7 +378,13 @@ block. The effect would be as if |
378 | 378 |
were declared in all |
379 | 379 |
.B <connection> |
380 | 380 |
blocks below it. |
381 |
- |
|
381 |
+.\"********************************************************* |
|
382 |
+.TP |
|
383 |
+.B --proto-force p |
|
384 |
+When iterating through connection profiles, |
|
385 |
+only consider profiles using protocol |
|
386 |
+.B p |
|
387 |
+('tcp'|'udp'). |
|
382 | 388 |
.\"********************************************************* |
383 | 389 |
.TP |
384 | 390 |
.B --remote-random |
... | ... |
@@ -94,6 +94,7 @@ static const char usage_message[] = |
94 | 94 |
"--mode m : Major mode, m = 'p2p' (default, point-to-point) or 'server'.\n" |
95 | 95 |
"--proto p : Use protocol p for communicating with peer.\n" |
96 | 96 |
" p = udp (default), tcp-server, or tcp-client\n" |
97 |
+ "--proto-force p : only consider protocol p in list of connection profiles.\n" |
|
97 | 98 |
"--connect-retry n : For --proto tcp-client, number of seconds to wait\n" |
98 | 99 |
" between connection retries (default=%d).\n" |
99 | 100 |
"--connect-timeout n : For --proto tcp-client, connection timeout (in seconds).\n" |
... | ... |
@@ -693,6 +694,7 @@ init_options (struct options *o, const bool init_gc) |
693 | 693 |
o->route_delay_window = 30; |
694 | 694 |
o->max_routes = MAX_ROUTES_DEFAULT; |
695 | 695 |
o->resolve_retry_seconds = RESOLV_RETRY_INFINITE; |
696 |
+ o->proto_force = -1; |
|
696 | 697 |
#ifdef ENABLE_OCC |
697 | 698 |
o->occ = true; |
698 | 699 |
#endif |
... | ... |
@@ -2129,6 +2131,10 @@ options_postprocess_mutate_ce (struct options *o, struct connection_entry *ce) |
2129 | 2129 |
|
2130 | 2130 |
if (!ce->bind_local) |
2131 | 2131 |
ce->local_port = 0; |
2132 |
+ |
|
2133 |
+ /* if protocol forcing is enabled, disable all protocols except for the forced one */ |
|
2134 |
+ if (o->proto_force >= 0 && is_proto_tcp(o->proto_force) != is_proto_tcp(ce->proto)) |
|
2135 |
+ ce->flags |= CE_DISABLED; |
|
2132 | 2136 |
} |
2133 | 2137 |
|
2134 | 2138 |
static void |
... | ... |
@@ -4311,6 +4317,19 @@ add_option (struct options *options, |
4311 | 4311 |
} |
4312 | 4312 |
options->ce.proto = proto; |
4313 | 4313 |
} |
4314 |
+ else if (streq (p[0], "proto-force") && p[1]) |
|
4315 |
+ { |
|
4316 |
+ int proto_force; |
|
4317 |
+ VERIFY_PERMISSION (OPT_P_GENERAL); |
|
4318 |
+ proto_force = ascii2proto (p[1]); |
|
4319 |
+ if (proto_force < 0) |
|
4320 |
+ { |
|
4321 |
+ msg (msglevel, "Bad --proto-force protocol: '%s'", p[1]); |
|
4322 |
+ goto err; |
|
4323 |
+ } |
|
4324 |
+ options->proto_force = proto_force; |
|
4325 |
+ options->force_connection_list = true; |
|
4326 |
+ } |
|
4314 | 4327 |
#ifdef GENERAL_PROXY_SUPPORT |
4315 | 4328 |
else if (streq (p[0], "auto-proxy")) |
4316 | 4329 |
{ |
... | ... |
@@ -216,6 +216,8 @@ struct options |
216 | 216 |
bool tun_mtu_defined; /* true if user overriding parm with command line option */ |
217 | 217 |
bool link_mtu_defined; /* true if user overriding parm with command line option */ |
218 | 218 |
|
219 |
+ int proto_force; |
|
220 |
+ |
|
219 | 221 |
/* Advanced MTU negotiation and datagram fragmentation options */ |
220 | 222 |
int mtu_discover_type; /* used if OS supports setting Path MTU discovery options on socket */ |
221 | 223 |
|
... | ... |
@@ -509,6 +509,12 @@ legal_ipv4_port (int port) |
509 | 509 |
return port > 0 && port < 65536; |
510 | 510 |
} |
511 | 511 |
|
512 |
+static inline int |
|
513 |
+is_proto_tcp(const int p) |
|
514 |
+{ |
|
515 |
+ return p > 0; /* depends on the definition of PROTO_x */ |
|
516 |
+} |
|
517 |
+ |
|
512 | 518 |
static inline bool |
513 | 519 |
link_socket_proto_connection_oriented (int proto) |
514 | 520 |
{ |