OpenVPN3 accepts both IPv4 and IPv6 with option-dhcp DNS but throws
an error for option-dhcp DNS6.
This patch makes OpenVPN2 accept IPv4/IPv6 for both DNS and DNS6
V2: Put IPv6 parsing logic into own function similar as for for IPv4 DNS
V3: more documentation / help message adjustments
Acked-by: Selva Nair <selva.nair@gmail.com>
Message-Id: <1517391662-21325-1-git-send-email-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg16413.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
... | ... |
@@ -5852,17 +5852,13 @@ across the VPN. |
5852 | 5852 |
Set Connection\-specific DNS Suffix. |
5853 | 5853 |
|
5854 | 5854 |
.B DNS addr \-\- |
5855 |
-Set primary domain name server IPv4 address. Repeat |
|
5855 |
+Set primary domain name server IPv4 or IPv6 address. Repeat |
|
5856 | 5856 |
this option to set secondary DNS server addresses. |
5857 | 5857 |
|
5858 |
-.B DNS6 addr \-\- |
|
5859 |
-Set primary domain name server IPv6 address. Repeat |
|
5860 |
-this option to set secondary DNS server IPv6 addresses. |
|
5861 |
- |
|
5862 |
-Note: currently this is handled using netsh (the |
|
5863 |
-existing DHCP code can only do IPv4 DHCP, and that protocol only |
|
5864 |
-permits IPv4 addresses anywhere). The option will be put into the |
|
5865 |
-environment, so an |
|
5858 |
+Note: DNS IPv6 servers are currently set using netsh (the existing |
|
5859 |
+DHCP code can only do IPv4 DHCP, and that protocol only permits IPv4 |
|
5860 |
+addresses anywhere). The option will be put into the environment, so |
|
5861 |
+an |
|
5866 | 5862 |
.B \-\-up |
5867 | 5863 |
script could act upon it if needed. |
5868 | 5864 |
|
... | ... |
@@ -703,8 +703,7 @@ static const char usage_message[] = |
703 | 703 |
" which allow multiple addresses,\n" |
704 | 704 |
" --dhcp-option must be repeated.\n" |
705 | 705 |
" DOMAIN name : Set DNS suffix\n" |
706 |
- " DNS addr : Set domain name server address(es) (IPv4)\n" |
|
707 |
- " DNS6 addr : Set domain name server address(es) (IPv6)\n" |
|
706 |
+ " DNS addr : Set domain name server address(es) (IPv4 and IPv6)\n" |
|
708 | 707 |
" NTP : Set NTP server address(es)\n" |
709 | 708 |
" NBDD : Set NBDD server address(es)\n" |
710 | 709 |
" WINS addr : Set WINS server address(es)\n" |
... | ... |
@@ -1226,6 +1225,20 @@ show_tuntap_options(const struct tuntap_options *o) |
1226 | 1226 |
|
1227 | 1227 |
#if defined(_WIN32) || defined(TARGET_ANDROID) |
1228 | 1228 |
static void |
1229 |
+dhcp_option_dns6_parse(const char *parm, struct in6_addr *dns6_list, int *len, int msglevel) |
|
1230 |
+{ |
|
1231 |
+ struct in6_addr addr; |
|
1232 |
+ if (*len >= N_DHCP_ADDR) |
|
1233 |
+ { |
|
1234 |
+ msg(msglevel, "--dhcp-option DNS: maximum of %d IPv6 dns servers can be specified", |
|
1235 |
+ N_DHCP_ADDR); |
|
1236 |
+ } |
|
1237 |
+ else if (get_ipv6_addr(parm, &addr, NULL, msglevel)) |
|
1238 |
+ { |
|
1239 |
+ dns6_list[(*len)++] = addr; |
|
1240 |
+ } |
|
1241 |
+} |
|
1242 |
+static void |
|
1229 | 1243 |
dhcp_option_address_parse(const char *name, const char *parm, in_addr_t *array, int *len, int msglevel) |
1230 | 1244 |
{ |
1231 | 1245 |
if (*len >= N_DHCP_ADDR) |
... | ... |
@@ -7059,6 +7072,7 @@ add_option(struct options *options, |
7059 | 7059 |
{ |
7060 | 7060 |
struct tuntap_options *o = &options->tuntap_options; |
7061 | 7061 |
VERIFY_PERMISSION(OPT_P_IPWIN32); |
7062 |
+ bool ipv6dns = false; |
|
7062 | 7063 |
|
7063 | 7064 |
if (streq(p[1], "DOMAIN") && p[2]) |
7064 | 7065 |
{ |
... | ... |
@@ -7079,22 +7093,17 @@ add_option(struct options *options, |
7079 | 7079 |
} |
7080 | 7080 |
o->netbios_node_type = t; |
7081 | 7081 |
} |
7082 |
- else if (streq(p[1], "DNS") && p[2]) |
|
7082 |
+ else if ((streq(p[1], "DNS") || streq(p[1], "DNS6")) && p[2] && (!strstr(p[2], ":") || ipv6_addr_safe(p[2]))) |
|
7083 | 7083 |
{ |
7084 |
- dhcp_option_address_parse("DNS", p[2], o->dns, &o->dns_len, msglevel); |
|
7085 |
- } |
|
7086 |
- else if (streq(p[1], "DNS6") && p[2] && ipv6_addr_safe(p[2])) |
|
7087 |
- { |
|
7088 |
- struct in6_addr addr; |
|
7089 |
- foreign_option(options, p, 3, es); |
|
7090 |
- if (o->dns6_len >= N_DHCP_ADDR) |
|
7084 |
+ if (strstr(p[2], ":")) |
|
7091 | 7085 |
{ |
7092 |
- msg(msglevel, "--dhcp-option DNS6: maximum of %d dns servers can be specified", |
|
7093 |
- N_DHCP_ADDR); |
|
7086 |
+ ipv6dns=true; |
|
7087 |
+ foreign_option(options, p, 3, es); |
|
7088 |
+ dhcp_option_dns6_parse(p[2], o->dns6, &o->dns6_len, msglevel); |
|
7094 | 7089 |
} |
7095 |
- else if (get_ipv6_addr(p[2], &addr, NULL, msglevel)) |
|
7090 |
+ else |
|
7096 | 7091 |
{ |
7097 |
- o->dns6[o->dns6_len++] = addr; |
|
7092 |
+ dhcp_option_address_parse("DNS", p[2], o->dns, &o->dns_len, msglevel); |
|
7098 | 7093 |
} |
7099 | 7094 |
} |
7100 | 7095 |
else if (streq(p[1], "WINS") && p[2]) |
... | ... |
@@ -7122,7 +7131,7 @@ add_option(struct options *options, |
7122 | 7122 |
/* flag that we have options to give to the TAP driver's DHCPv4 server |
7123 | 7123 |
* - skipped for "DNS6", as that's not a DHCPv4 option |
7124 | 7124 |
*/ |
7125 |
- if (!streq(p[1], "DNS6")) |
|
7125 |
+ if (!ipv6dns) |
|
7126 | 7126 |
{ |
7127 | 7127 |
o->dhcp_options = true; |
7128 | 7128 |
} |