diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2012-03-22 10:59:59 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2012-03-22 10:59:59 +0000 |
commit | 3cc0c95853fcb021a12c63581c971c65718cc685 (patch) | |
tree | 0c35ac6c657d2ed747d541f93d3fb75e32f2384c | |
parent | ab70e0bf119a65bcc337e60fe874c4695ba2960f (diff) | |
download | alpine_aports-3cc0c95853fcb021a12c63581c971c65718cc685.tar.bz2 alpine_aports-3cc0c95853fcb021a12c63581c971c65718cc685.tar.xz alpine_aports-3cc0c95853fcb021a12c63581c971c65718cc685.zip |
main/openvpn: upgrade to 2.2.2
rebase the ipv6 patch
-rw-r--r-- | main/openvpn/APKBUILD | 10 | ||||
-rw-r--r-- | main/openvpn/openvpn-2.2.2-ipv6.patch (renamed from main/openvpn/openvpn-2.2.0-ipv6-20110522-1.patch) | 986 |
2 files changed, 167 insertions, 829 deletions
diff --git a/main/openvpn/APKBUILD b/main/openvpn/APKBUILD index 7f96559a13..929cd73db5 100644 --- a/main/openvpn/APKBUILD +++ b/main/openvpn/APKBUILD | |||
@@ -1,7 +1,7 @@ | |||
1 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> | 1 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> |
2 | pkgname=openvpn | 2 | pkgname=openvpn |
3 | pkgver=2.2.0 | 3 | pkgver=2.2.2 |
4 | pkgrel=2 | 4 | pkgrel=0 |
5 | pkgdesc="A robust, and highly configurable VPN (Virtual Private Network)" | 5 | pkgdesc="A robust, and highly configurable VPN (Virtual Private Network)" |
6 | url="http://openvpn.sourceforge.net/" | 6 | url="http://openvpn.sourceforge.net/" |
7 | arch="all" | 7 | arch="all" |
@@ -15,7 +15,7 @@ source="http://swupdate.openvpn.net/community/releases/$pkgname-$pkgver.tar.gz | |||
15 | openvpn.confd | 15 | openvpn.confd |
16 | openvpn.up | 16 | openvpn.up |
17 | openvpn.down | 17 | openvpn.down |
18 | openvpn-2.2.0-ipv6-20110522-1.patch | 18 | openvpn-2.2.2-ipv6.patch |
19 | " | 19 | " |
20 | 20 | ||
21 | _builddir="$srcdir"/$pkgname-$pkgver | 21 | _builddir="$srcdir"/$pkgname-$pkgver |
@@ -88,9 +88,9 @@ doc() { | |||
88 | default_doc | 88 | default_doc |
89 | } | 89 | } |
90 | 90 | ||
91 | md5sums="4f440603eac45fec7be218b87d570834 openvpn-2.2.0.tar.gz | 91 | md5sums="c5181e27b7945fa6276d21873329c5c7 openvpn-2.2.2.tar.gz |
92 | ec99092827faa7226e9f548c2cd1d20c openvpn.initd | 92 | ec99092827faa7226e9f548c2cd1d20c openvpn.initd |
93 | 9eca88cac6294027ec1bb7be74185c3a openvpn.confd | 93 | 9eca88cac6294027ec1bb7be74185c3a openvpn.confd |
94 | dc72fecd1a1bcef937603057cd6574b1 openvpn.up | 94 | dc72fecd1a1bcef937603057cd6574b1 openvpn.up |
95 | dc3ff0bae442b9aedd947b8ffda1687a openvpn.down | 95 | dc3ff0bae442b9aedd947b8ffda1687a openvpn.down |
96 | 25172fa251672edc3f7a277b5d7f3f72 openvpn-2.2.0-ipv6-20110522-1.patch" | 96 | 51b1ddade743505b84d27db9ebfd6c0a openvpn-2.2.2-ipv6.patch" |
diff --git a/main/openvpn/openvpn-2.2.0-ipv6-20110522-1.patch b/main/openvpn/openvpn-2.2.2-ipv6.patch index 85819de42f..f8b8015ea6 100644 --- a/main/openvpn/openvpn-2.2.0-ipv6-20110522-1.patch +++ b/main/openvpn/openvpn-2.2.2-ipv6.patch | |||
@@ -1,626 +1,7 @@ | |||
1 | diff --git openvpn-2.2.0/ChangeLog.IPv6 openvpn-2.2-ipv6-20110522-1/ChangeLog.IPv6 | 1 | diff --git a/forward.c b/forward.c |
2 | new file mode 100644 | ||
3 | index 0000000..283fe6e | ||
4 | --- /dev/null | ||
5 | +++ openvpn-2.2-ipv6-20110522-1/ChangeLog.IPv6 | ||
6 | @@ -0,0 +1,440 @@ | ||
7 | +Do 31. Dez 15:32:40 CET 2009 Gert Doering | ||
8 | + | ||
9 | + * Basic IPv6 p2mp functionality implemented | ||
10 | + | ||
11 | + * new options: | ||
12 | + - server-ipv6 | ||
13 | + - ifconfig-ipv6 | ||
14 | + - ifconfig-ipv6-pool | ||
15 | + - route-ipv6 | ||
16 | + - iroute-ipv6 | ||
17 | + | ||
18 | + * modules touched: | ||
19 | + - init.c: init & setup IPv6 route list & add/delete IPv6 routes | ||
20 | + - tun.c: add "ifconfig" and "route" handling for IPv6 | ||
21 | + - multi.c: IPv6 ifconfig-pool assignments | ||
22 | + put to route-hash table | ||
23 | + push to client | ||
24 | + - pool.c: extend pools to handle IPv4+IPv6, and also return IPv6 address | ||
25 | + IPv6 address saved to file if ifconfig-pool-persist is set | ||
26 | + (but ignored on read due to the way pools work) | ||
27 | + - mroute.c: handle reading src/dst addresses from IPv6 packets | ||
28 | + (so multi.c can check against route-hash table) | ||
29 | + handle printing of IPv6 mroute_addr structure | ||
30 | + - helper.c: implement "server-ipv6" macro (->ifconfig-ipv6, pool, ...) | ||
31 | + - options.c: implement all the new options | ||
32 | + add helper functions for IPv6 address handling | ||
33 | + - forward.c: tell do_route() about IPv6 routes | ||
34 | + - route.c: handle IPv6 route lists + route option lists | ||
35 | + extend add_routes() to do IPv4 + IPv6 route lists | ||
36 | + extend delete_routes() to do IPv4 + IPv6 route lists | ||
37 | + implement add_route_ipv6(), delete_route_ipv6() to call | ||
38 | + system-dependend external program to do the work | ||
39 | + - push.c: handle pushing of "ifconfig-ipv6" option | ||
40 | + - socket.c: helper function to check & print IPv6 address strings | ||
41 | + | ||
42 | + * known issues: | ||
43 | + - operating system support on all but Linux (ifconfig, route) | ||
44 | + - route-ipv6 gateway handling | ||
45 | + - iroute-ipv6 not implemented | ||
46 | + - TAP support: ifconfig, routing (route needs gateway!) | ||
47 | + | ||
48 | + * release as patch 20091231-1 | ||
49 | + | ||
50 | +Thu Dec 31 17:02:08 CET 2009 | ||
51 | + | ||
52 | + * NetBSD port (NetBSD 3.1 on Sparc64) | ||
53 | + | ||
54 | + * mroute.c, socket.c: make byte/word access to in6_addr more portable | ||
55 | + | ||
56 | + * tun.c: fix IPv6 ifconfig arguments on NetBSD | ||
57 | + | ||
58 | + still doesn't work on NetBSD 3.1, "ifconfig tun0 inet6..." errors with | ||
59 | + | ||
60 | + ifconfig: SIOCAIFADDR: Address family not supported by protocol family | ||
61 | + | ||
62 | + (sys/net/if_tun.c, needs to be revision 1.80 or later, NetBSD PR 32944, | ||
63 | + included in NetBSD 4.0 and up) | ||
64 | + | ||
65 | + | ||
66 | +Fri Jan 1 14:07:15 CET 2010 | ||
67 | + | ||
68 | + * FreeBSD port (FreeBSD 6.3-p12 on i386) | ||
69 | + | ||
70 | + * tun.c: implement IPv6 ifconfig setting for FreeBSD | ||
71 | + | ||
72 | + * route.c: fix %s/%s argument to IPv6 route add/delete command for *BSD | ||
73 | + | ||
74 | + * TEST SUCCESS: FreeBSD 6.3-p12, server-ipv6, route-ipv6, ccd/iroute-ipv6 | ||
75 | + | ||
76 | + * multi.c: implement setting and deleting of iroute-ipv6 | ||
77 | + (multi_add_iroutes(), multi_del_iroutes()) | ||
78 | + * mroute.c: add mroute_helper_add_iroute6(), mroute_helper_del_iroute6() | ||
79 | + * mroute.h: add prototypes, increase MR_HELPER_NET_LEN to 129 (/0.../128) | ||
80 | + * multi.c: zeroize host part of IPv6 iroutes in multi_learn_in6_addr() | ||
81 | + * mroute.c: implement mroute_addr_mask_host_bits() for IPv6 | ||
82 | + | ||
83 | + * TEST SUCCESS: Linux 2.6.30 (Gentoo)/iproute2, server-ipv6, ccd/iroute-ipv6 | ||
84 | + | ||
85 | + * TEST SUCCESS: Linux 2.6.30 (Gentoo)/ifconfig, client-ipv6 | ||
86 | + | ||
87 | + * TEST FAIL: NetBSD 5.0, IPv6 client | ||
88 | + - "ifconfig tun0 .../64" does not create a "connected" route | ||
89 | + - adding routes fails | ||
90 | + | ||
91 | + --> more work to do here. | ||
92 | + | ||
93 | + * release as patch 20100101-1 | ||
94 | + | ||
95 | + * TEST FAIL: | ||
96 | + FreeBSD 6.3-p12 server "--topology subnet" | ||
97 | + Linux/ifconfig client | ||
98 | + - BSD sends ICMP6 neighbor solicitations, which are ignored by Linux | ||
99 | + - server tun interface is not in p2p mode, client tun interface *is* | ||
100 | + | ||
101 | + * TEST SUCCESS: non-ipv6 enabled client -> "--server-ipv6" server | ||
102 | + (warnings in the log file, but no malfunctions) | ||
103 | + | ||
104 | + | ||
105 | +Sat Jan 2 19:48:35 CET 2010 | ||
106 | + | ||
107 | + * tun.c: change "ipv6_support()", do not turn off tt->ipv6 unconditionally | ||
108 | + if we don't know about OS IPv6 support - just log warning | ||
109 | + | ||
110 | + * tun.c: implement "ifconfig inet6" setting for MacOS X / Darwin | ||
111 | + | ||
112 | + * route.c: split *BSD system dependent part of add/delete_route_ipv6() | ||
113 | + into FreeBSD/Dragonfly and NetBSD/Darwin/OpenBSD variants | ||
114 | + ("2001:db8::/64" vs. "2001:db8:: --prefixlen 64"). | ||
115 | + | ||
116 | + * tun.c: on MacOS X, NetBSD and OpenBSD, explicitely set on-link route | ||
117 | + | ||
118 | + * TEST SUCCESS: MacOS X, client-ipv6 with route-ipv6 | ||
119 | + | ||
120 | + | ||
121 | +Sun Jan 3 10:55:31 CET 2010 | ||
122 | + | ||
123 | + * route.c: NetBSD fails with "-iface tun0", needs gateway address | ||
124 | + (assume that the same syntax is needed for OpenBSD) | ||
125 | + | ||
126 | + * route.h: introduce "remote_endpoint_ipv6" into "struct route_ipv6_list" | ||
127 | + | ||
128 | + * init.c: pass "ifconfig_ipv6_remote" as gateway to init_route_ipv6_list() | ||
129 | + | ||
130 | + * route.c: | ||
131 | + - init_route_ipv6(): use "remote_endpoint_ipv6" as IPv6 gateway address | ||
132 | + if no gateway was specified explicitely | ||
133 | + | ||
134 | + - init_route_ipv6_list(): fill in "remote_endpoint_ipv6", if parseable | ||
135 | + | ||
136 | + - get rid of "GATEWAY-LESS ROUTE6" warning | ||
137 | + | ||
138 | + * route.c, add_route_ipv6() | ||
139 | + - explicitely clear host bits of base address, to be able to more | ||
140 | + easily set up "connected" /64 routes on NetBSD+Darwin | ||
141 | + | ||
142 | + - split system-dependent part between Darwin and NetBSD/OpenBSD | ||
143 | + (Darwin can use "-iface tun0", NetBSD/OpenBSD get gateway address) | ||
144 | + | ||
145 | + - change Solaris comments from "known-broken" to "unknown" | ||
146 | + | ||
147 | + * tun.c: rework NetBSD tunnel initialization and tun_read() / tun_write() | ||
148 | + to work the same way OpenBSD and NetBSD do - tunnel is put into | ||
149 | + "multi-af" mode, and all packet read/write activity is prepended by | ||
150 | + a 32 bit value specifying the address family. | ||
151 | + | ||
152 | + * TEST SUCCESS: NetBSD 5.0/Sparc64: client-ipv6 with route-ipv6 | ||
153 | + | ||
154 | + * TEST SUCCESS: MacOS X 10.5: client-ipv6 with route-ipv6 | ||
155 | + | ||
156 | + * (RE-)TEST SUCCESS: Linux/iproute2: server-ipv6 | ||
157 | + Linux/ifconfig: client-ipv6 | ||
158 | + FreeBSD 6.3: server-ipv6 | ||
159 | + | ||
160 | + * release as patch 20100103-1 | ||
161 | + | ||
162 | + * options.c: document all new options in "--help" | ||
163 | + | ||
164 | + * tun.c: fix typo in Solaris-specific section | ||
165 | + | ||
166 | + * socket.h, socket.c: change u_int32_t to uint32_t | ||
167 | + (Solaris - and all the rest of the code uses "uintNN" anyway) | ||
168 | + | ||
169 | +Mon Jan 4 17:46:58 CET 2010 | ||
170 | + | ||
171 | + * socket.c: rework add_in6_addr() to use 32-bit access to struct in6_addr | ||
172 | + (Solaris has no 16-bit values in union, but this is more elegant as well) | ||
173 | + | ||
174 | + * tun.c: fix "ifconfig inet6" command for Solaris | ||
175 | + | ||
176 | + * tun.c: make sure "tun0 inet6" is unplumbed first, cleanup leftovers | ||
177 | + | ||
178 | + * route.c: add routes with "metric 0" on solaris, otherwise they just | ||
179 | + don't work (someone who understands Solaris might want to fix this). | ||
180 | + | ||
181 | + * Solaris "sort of" works now - ifconfig works, route add does not give | ||
182 | + errors, "netstat -rn" looks right, but packets are discarded unless | ||
183 | + the routes are installed with "metric 0". So we just use "metric 0"... | ||
184 | + | ||
185 | + * CAVEAT: Solaris "ifconfig ... preferred" interferes with source address | ||
186 | + selection. So if there are any active IPv6 interfaces configured with | ||
187 | + "preferred", packets leaving out the tunnel will use the wrong source | ||
188 | + IPv6 address. Not fixable from within OpenVPN. | ||
189 | + | ||
190 | + * CAVEAT2: Solaris insists on doing DHCPv6 on tun0 interfaces by default, | ||
191 | + so DHCPv6 solicitation packets will be seen. Since the server end has | ||
192 | + no idea what to do with them, they are a harmless nuisance. Fixable | ||
193 | + on the Solaris side via "ndpd.conf" (see ``man ifconfig''). | ||
194 | + | ||
195 | + * release as patch 20100104-1 | ||
196 | + | ||
197 | +Fri Jan 8 10:00:50 CET 2010 | ||
198 | + | ||
199 | + * import into git repository | ||
200 | + | ||
201 | + * options.c: add sanity checks for most typical error cases | ||
202 | + (--ifconfig-ipv6-pool configured with no --ifconfig-ipv6, etc) | ||
203 | + | ||
204 | + * options.c: modify get_ipv6_addr() to be more flexible about netbits | ||
205 | + (optional now, default to /64) and to return the address-without-netbits | ||
206 | + string now (-> for options that want the IPv6 address in printable | ||
207 | + form, but without /nn) | ||
208 | + | ||
209 | + * options.c: modify --ifconfig-ipv6 to optionally accept /netbits, | ||
210 | + you can do now "ifconfig-ipv6 2001:df8::1/64 2001:df8::2" or just | ||
211 | + "ifconfig-ipv6 2001:df8::5 2001:df8::7", defaulting to /64 | ||
212 | + | ||
213 | + * options.h: add necessary structure elements for --ifconfig-ipv6-push | ||
214 | + | ||
215 | + * options.c: implement "parse options" side of --ifconfig-ipv6-push | ||
216 | + | ||
217 | +Tue Jan 12 22:42:09 CET 2010 | ||
218 | + | ||
219 | + * tun.c: in TARGET_NETBSD #ifdef, distinguish between "old" code | ||
220 | + (IPv4 only, but unmodified read/write) and "new" code (multi-af, | ||
221 | + extra 32 bit AF on read/write of the tun interface) - pre-4.0 | ||
222 | + NetBSD systems don't have TUNSIFHEAD, no way to have common code. | ||
223 | + | ||
224 | + * TEST SUCCESS: NetBSD 5.0/Sparc64: client-ipv6 with route-ipv6 (v4+v6) | ||
225 | + | ||
226 | + * TEST SUCCESS: NetBSD 3.1/Sparc64: client-ipv6 with route-ipv6 (v4-only) | ||
227 | + | ||
228 | +Thu Jan 14 15:41:50 CET 2010 | ||
229 | + | ||
230 | + * multi.c: if "--ifconfig-push" is used together with "--ifconfig-ipv6-pool" | ||
231 | + and no "--ifconfig-ipv6-push" is seen, issue warning - the current | ||
232 | + implementation of pools has IPv6 tied to IPv4, so if v4 does not use | ||
233 | + the pool, it breaks for IPv6. Not a *big* problem (since there is | ||
234 | + enough v6, just give those users a static v6 address as well), but needs | ||
235 | + to be pointed out clearly. | ||
236 | + | ||
237 | + * release as patch 20100114-1 | ||
238 | + | ||
239 | +Tue Feb 16 14:43:28 CET 2010 | ||
240 | + | ||
241 | + * options.c: print "IPv6 payload patch" release date in "--version" | ||
242 | + | ||
243 | + * tun.c: undo change to init_tun() (moving "bool tun" and call to | ||
244 | + "is_tun_p2p()" further up) - it wasn't needed and breaks "make check" | ||
245 | + | ||
246 | + * git stuff: rebase on David Sommerseth's openvpn-testing git tree | ||
247 | + | ||
248 | + * release as patch 20100216-1 | ||
249 | + | ||
250 | +Fri Feb 26 19:59:01 CET 2010 | ||
251 | + | ||
252 | + * init.c: initialize tuntap->ipv6 in do_init_tun() (to make sure it's | ||
253 | + always initialized early-enough, independent of the sequence of | ||
254 | + do_ifconfig()/open_tun() [see ifconfig_order() in tun.h]) | ||
255 | + | ||
256 | + * tun.c, init.c: remove "bool ipv6" argument to tuncfg(), open_tun() | ||
257 | + and open_tun_generic() - obsoleted by previous change | ||
258 | + | ||
259 | + * tun.c: remove ipv6_support() - original purpose was unclear, and all | ||
260 | + current platforms (except linux-very-old) fully support IPv6 now :-) | ||
261 | + | ||
262 | + * tun.c: initial implementation of "netsh" IPv6-ifconfig for Win32 | ||
263 | + | ||
264 | + * RE-TEST SUCCESS: Linux/i386/ifconfig, client-tun/net30, v4+v6 | ||
265 | + | ||
266 | +Sun Feb 28 17:05:57 CET 2010 | ||
267 | + | ||
268 | + * tun.c: NetBSD dependent part: correct destroying/re-creation of tun dev | ||
269 | + | ||
270 | + * tun.c: move adding of "connected" IPv6 prefix to new helper function, | ||
271 | + add_route_connected_v6_net() | ||
272 | + | ||
273 | + * RE-TEST SUCCESS: NetBSD 5.0/Sparc64, client-tun/net30, v4+v6 | ||
274 | + | ||
275 | + * RE-TEST SUCCESS: NetBSD 3.1/Sparc64: client-tun/net30, v4-only | ||
276 | + | ||
277 | + * RE-TEST SUCCESS: Linux/i386/iproute2: server-tun/net30, v4+v6 | ||
278 | + | ||
279 | + * tun.c: add #ifdef TARGET_DARWIN block for *_tun() functions, to | ||
280 | + be able to modify close_tun() for unconfiguring IPv6 | ||
281 | + | ||
282 | + * tun.c: on close_tun() on MacOS X, need to de-configure "lo0" route for | ||
283 | + configured IPv6 address | ||
284 | + | ||
285 | + * RE-TEST SUCCESS: MacOS X (10.5)/i386: client-tun/net30, v4+v6 | ||
286 | + | ||
287 | + * route.c: implement ipv6 route adding / deletion via "netsh" for WIN32 | ||
288 | + | ||
289 | + * TEST FAIL: Windows XP fails, because the tun/tap driver does not | ||
290 | + forward IPv6 frames kernel->userland if in "tun" mode | ||
291 | + | ||
292 | + * options.c: set IPv6 version to 20100228-1 | ||
293 | + | ||
294 | + * release as patch 20100228-1 | ||
295 | + | ||
296 | +Sun Mar 7 19:17:33 CET 2010 | ||
297 | + | ||
298 | + * options.c: set IPv6 version to 20100307-1 | ||
299 | + | ||
300 | + * TODO.IPv6: add note about OpenBSD TODO (#16) | ||
301 | + | ||
302 | + * route.c: set (and remove) "magic next hop" fe80::8 for IPv6 routes on | ||
303 | + Win32 | ||
304 | + | ||
305 | + * install-win32/settings.in: bump TAP driver version from 9.6 to 9.7 | ||
306 | + and TAP_RELDATE to "07/03/2010" | ||
307 | + | ||
308 | + * tap-win32/proto.h: add data types and definitions needed for IPv6 | ||
309 | + | ||
310 | + * tap-win32/types.h: add m_UserToTap_IPv6 ethernet header for IPv6 packets | ||
311 | + | ||
312 | + * tap-win32/tapdrvr.c: implement support for IPv6 in TUN mode: | ||
313 | + - IPv6 packets User->OS need correct ether type | ||
314 | + - IPv6 packets OS->User get correctly forwarded | ||
315 | + - IPv6 neighbour discovery packets for "fe80::8" (magic address | ||
316 | + installed as route-nexthop by OpenVPN.exe) get answered locally | ||
317 | + | ||
318 | + * TEST SUCCESS: WindowsXP/32bit: client-tun/net30, v4+v6 | ||
319 | + | ||
320 | + * tun.c: if IPv6 requested in TUN mode, and TUN/TAP driver version | ||
321 | + is older than 9.7, log warning and disable IPv6 (won't work anyway). | ||
322 | + | ||
323 | + * release as patch 20100307-1 | ||
324 | + | ||
325 | +Sat Jul 10 14:37:52 CEST 2010 | ||
326 | + | ||
327 | + * TEST SUCCESS: point-to-point tun mode with --ifconfig-ipv6 between | ||
328 | + Solaris10/sparc and Linux (Michal Ludvig) | ||
329 | + (using the whiteboard tun driver on Solaris, otherwise "no IPv6") | ||
330 | + | ||
331 | +Sun Aug 8 12:30:44 CEST 2010 | ||
332 | + | ||
333 | + * route.c: split NetBSD and OpenBSD parts of add_route_ipv6() and | ||
334 | + delete_route_ipv6(), implement OpenBSD variant | ||
335 | + (needs "-prefixlen nn" while NetBSD uses "/nn") | ||
336 | + | ||
337 | + * tun.c: implement IPv6 ifconfig for OpenBSD | ||
338 | + | ||
339 | + * tun.c: destroy tunX interface at tun_close() on OpenBSD (cleanup) | ||
340 | + | ||
341 | + * TEST SUCCESS: OpenBSD 4.7: client-tun/net30, v4+v6 | ||
342 | + | ||
343 | +Thu Sep 2 21:18:32 CEST 2010 | ||
344 | + | ||
345 | + * tun.c: the TAP binary in 2.2-beta3 has the IPv6 related changes, but | ||
346 | + the version number is 9.8 now -> check for 9.8, not 9.7 | ||
347 | + | ||
348 | +Wed Sep 22 22:20:37 CEST 2010 | ||
349 | + | ||
350 | + * tun.c: bugfix for Linux/iproute2/"topology subnet". Works :-) | ||
351 | + | ||
352 | + * TEST SUCCESS: Linux/ifconfig: client-tun/net30+subnet, v4+v6 | ||
353 | + | ||
354 | + * TEST SUCCESS: Linux/iproute2: client-tun/net30+subnet, v4+v6 | ||
355 | + | ||
356 | + * options.c: tag as 20100922-1 so "allmerged" users can see IPv6 change | ||
357 | + | ||
358 | +Fri Sep 24 17:57:41 CEST 2010 | ||
359 | + | ||
360 | + * TEST SUCCESS: Linux/<both>: client-tap, v4+v6, ping6 on connected addr | ||
361 | + | ||
362 | + * TEST FAIL: Linux/<both>: client-tap, v6, route6 (gateway missing) | ||
363 | + | ||
364 | +Do 21. Okt 19:36:49 CEST 2010 | ||
365 | + | ||
366 | + * t_client.sh.in: cherrypick commit f25fe91a40aa3f and 6f1e61b41be52 | ||
367 | + (proper exit codes to signal "SKIP" if we do not want to run) | ||
368 | + | ||
369 | +So 16. Jan 17:25:23 CET 2011 | ||
370 | + | ||
371 | + * tun.c, route.c: cherrypick 121755c2cb4891f and f0eac1a5979096c67 | ||
372 | + (TAP driver and "topology subnet" support for Solaris) | ||
373 | + | ||
374 | + * tun.c: add IPv6 configuration for TAP interfaces (<device>:1 inet6) | ||
375 | + | ||
376 | + * tun.c: on close_tun on Solaris, unplumb IPv6 TUN or TAP interfaces | ||
377 | + | ||
378 | + * TEST SUCCESS: OpenSolaris: client-tun, v4+v6 | ||
379 | + TEST SUCCESS: OpenSolaris: client-tap, v4+v6, ping6 on connected addr | ||
380 | + TEST FAIL: OpenSolaris: client-tap, v6, route6 (gateway missing) | ||
381 | + | ||
382 | +So 24. Apr 16:51:45 CEST 2011 | ||
383 | + | ||
384 | + * rebase to "beta2.2" branch (at 2.2RC2 tag) | ||
385 | + | ||
386 | + * mroute.c: remove mroute_helper_lock/_unlock() calls for IPv6 | ||
387 | + * socket.c: remove locking with L_INET_NTOA mutex | ||
388 | + (all the threading stuff got removed by David Sommerseth for 2.2) | ||
389 | + | ||
390 | + * mroute.c: remove duplicate mroute_helper_add_iroute6() and | ||
391 | + mroute_helper_del_iroute6() - "git rebase" artefact | ||
392 | + | ||
393 | + * ChangeLog.IPv6 and TODO.IPv6: add to commit | ||
394 | + | ||
395 | + * options.c: tag as 20110424-2 (2.2RC2) | ||
396 | + | ||
397 | + * TEST SUCCESS: Linux/ifconfig: client-tun/net30+subnet, v4+v6 | ||
398 | + | ||
399 | + * TEST SUCCESS: Linux/iproute2: client-tun/net30+subnet, v4+v6 | ||
400 | + | ||
401 | +Thu Apr 28 19:10:01 CEST 2011 | ||
402 | + | ||
403 | + * rebase to "origin/release/2.2" branch (at v2.2.0 tag) | ||
404 | + | ||
405 | +Thu May 19 20:51:12 CEST 2011 | ||
406 | + | ||
407 | + * include Windows "netsh add" -> "netsh set ... store=active" patch from | ||
408 | + Seth Mos, to fix restart problems on Windows due to persistant addresses | ||
409 | + | ||
410 | + * TEST SUCCESS: Windows XP SP3: client-tun/net30, v4+v6 | ||
411 | + | ||
412 | +Sat May 21 17:03:20 CEST 2011 | ||
413 | + | ||
414 | + * tun.c: Solaris cleanup (use CLEAR() to zero-out "ifr") | ||
415 | + | ||
416 | + * tun.c: Windows cleanup: remove route and IPv6 address on disconnect | ||
417 | + | ||
418 | + * route.c, route.h: remove "static" from delete_route_ipv6(), needed | ||
419 | + for ipv6-route cleanup on disconnect | ||
420 | + | ||
421 | + * TEST SUCCESS: Windows XP SP3: client-tun/net30, v4+v6 | ||
422 | + | ||
423 | + * TEST SUCCESS: Windows 7 Home Premium: client-tun/net30, v4+v6 | ||
424 | + | ||
425 | +So 22. Mai 14:46:12 CEST 2011 | ||
426 | + | ||
427 | + * Tony Lim: removing routes fails on windows if certain bits are set | ||
428 | + in the "host part" (others are silently ignored) --> | ||
429 | + | ||
430 | + * route.c: create print_in6_addr_netbits_only() helper, call from | ||
431 | + add_route_ipv6() and delete_route_ipv6() to get only network part | ||
432 | + of route-to-be-modified | ||
433 | + | ||
434 | + * route.c: set 'store=active' on adding routes on WIN32 as well (Tony Lim) | ||
435 | + | ||
436 | + * options.c: bump IPv6 release to 20110522-1 | ||
437 | + | ||
438 | + * TEST SUCCESS: Linux/iproute2: client-tun/net30+subnet, v4+v6 | ||
439 | + | ||
440 | + * TEST SUCCESS: Windows XP SP3: client-tun/net30, v4+v6 | ||
441 | + | ||
442 | + * TEST SUCCESS: Windows 7 Home Premium: client-tun/net30, v4+v6 | ||
443 | + | ||
444 | + * TEST SUCCESS: OpenBSD 4.7: client-tun/net30, v4+v6 | ||
445 | + TEST FAIL: OpenBSD 4.7: client-tun/subnet, v4 | ||
446 | + (seems to be due to "topology subnet has just not been implemented yet") | ||
447 | diff --git openvpn-2.2.0/README.IPv6 openvpn-2.2-ipv6-20110522-1/README.IPv6 | ||
448 | new file mode 100644 | ||
449 | index 0000000..ca578f2 | ||
450 | --- /dev/null | ||
451 | +++ openvpn-2.2-ipv6-20110522-1/README.IPv6 | ||
452 | @@ -0,0 +1,8 @@ | ||
453 | +This is an experimentally patched version of OpenVPN 2.1 with IPv6 | ||
454 | +payload support. | ||
455 | + | ||
456 | +Go here for release notes and documentation: | ||
457 | + | ||
458 | + http://www.greenie.net/ipv6/openvpn.html | ||
459 | + | ||
460 | +Gert Doering, 31.12.2009 | ||
461 | diff --git openvpn-2.2.0/TODO.IPv6 openvpn-2.2-ipv6-20110522-1/TODO.IPv6 | ||
462 | new file mode 100644 | ||
463 | index 0000000..167ca51 | ||
464 | --- /dev/null | ||
465 | +++ openvpn-2.2-ipv6-20110522-1/TODO.IPv6 | ||
466 | @@ -0,0 +1,153 @@ | ||
467 | +known issues for IPv6 payload support in OpenVPN | ||
468 | +----------------------------------------------- | ||
469 | + | ||
470 | +1.) "--topology subnet" doesn't work together with IPv6 payload on FreeBSD | ||
471 | + (verified for FreeBSD server, Linux/ifconfig client, problems | ||
472 | + with ICMP6 neighbor solicitations from BSD not being answered by Linux) | ||
473 | + | ||
474 | +2.) NetBSD IPv6 support doesn't work | ||
475 | + ("connected" route is not auto-created, "route-ipv6" adding fails) | ||
476 | + | ||
477 | + * fixed, 3.1.10 * | ||
478 | + | ||
479 | +3.) route deletion for IPv6 routes is not yet done | ||
480 | + | ||
481 | + * fixed for configured routes, 3.1.10 * | ||
482 | + * missing for manual-ifconfig-connected (NetBSD, Darwin, Win32) | ||
483 | + * fixed for Win32, 22.5.2011 | ||
484 | + | ||
485 | +4.) do "ifconfig tun0 inet6 unplumb" or "ifconfig tun0 destroy" for | ||
486 | + Solaris, *BSD, ... at program termination time, to clean up leftovers | ||
487 | + (unless tunnel persistance is desired). | ||
488 | + | ||
489 | + For Solaris, only the "ipv6 tun0" is affected, for the *BSDs all tun0 | ||
490 | + stay around. | ||
491 | + | ||
492 | +4a.) deconfigure IPv6 on tun interface on session termination, otherwise | ||
493 | + one could end up with something like this (on NetBSD): | ||
494 | + | ||
495 | +tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500 | ||
496 | + inet 10.9.0.18 -> 10.9.0.17 netmask 0xffffffff | ||
497 | + inet6 fe80::a00:20ff:fece:d299%tun0 -> prefixlen 64 scopeid 0x3 | ||
498 | + inet6 2001:608:4:eff::2000:3 -> prefixlen 64 | ||
499 | + inet6 2001:608:4:eff::1:3 -> prefixlen 64 | ||
500 | + | ||
501 | + (pool was changed, previous address still active on tun0, breakage) | ||
502 | + | ||
503 | + * semi-fixed for NetBSD, 28.2.10, always do tun0 destroy / tun0 create | ||
504 | + before actual ifconfig -- tunnel still lingers after OpenVPN quits | ||
505 | + | ||
506 | +4b.) verify this - on FreeBSD, tun0 is auto-destroyed if created by | ||
507 | + opening /dev/tun (and lingers if created by "ifconfig tun0 create") | ||
508 | + | ||
509 | + -> use for persistant tunnels on not-linux? | ||
510 | + | ||
511 | +5.) add new option "ifconfig-ipv6-push" | ||
512 | + (per-client static IPv6 assignment, -> radiusplugin, etc) | ||
513 | + | ||
514 | + * implemented, 14.1.10 * | ||
515 | + | ||
516 | +6.) add new option "route-ipv6-gateway" | ||
517 | + | ||
518 | +7.) add "full" gateway handling for IPv6 in route.c | ||
519 | + (right now, the routes are just sent down the tun interface, if the | ||
520 | + operating system in questions supports that, without care for the | ||
521 | + gateway address - which does not work for gateways that are supposed | ||
522 | + to point elsewhere. Also, it doesn't work for TAP interfaces. | ||
523 | + | ||
524 | +8.) full IPv6 support for TAP interfaces | ||
525 | + (main issue should be routes+gateway - and testing :-) ) | ||
526 | + | ||
527 | + test 2010/09/24: TAP itself works on linux/ifconfig+iproute2, but | ||
528 | + route-via-tap doesn't work at all (route points to "tap0" which fails) | ||
529 | + | ||
530 | +17:51:14.075412 fe:ab:6e:c5:53:71 > 33:33:ff:00:00:01, ethertype IPv6 (0x86dd), length 86: 2001:608:4:a053::1:0 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2001:608:4:a001::1, length 32 | ||
531 | + | ||
532 | + how is iroute-via-tap supposed to work?? | ||
533 | + | ||
534 | +9.) verify that iroute-ipv6 and route-ipv6 interact in the same way as | ||
535 | + documented for iroute/route: | ||
536 | + | ||
537 | + A's subnet, OpenVPN must push this route to all clients | ||
538 | + EXCEPT for A, since the subnet is already owned by A. | ||
539 | + OpenVPN accomplishes this by not | ||
540 | + not pushing a route to a client | ||
541 | + if it matches one of the client's iroutes. | ||
542 | + | ||
543 | +10.) extend "ifconfig-ipv6" to handle specification of /netbits, pushing | ||
544 | + of /netbits, and correctly ifconfig'ing this | ||
545 | + (default, if not specified: /64) | ||
546 | + | ||
547 | +11.) do not add ipv6-routes if tun-ipv6 is not set - complain instead | ||
548 | + | ||
549 | + * done * 12.1.10 | ||
550 | + | ||
551 | +12.) handle incoming [::] and [fe80:...] packets in tun-p2mp MULTI mode | ||
552 | + (most likely those are DAD packets) | ||
553 | + silently ignore DAD? | ||
554 | + Or accept-and-forward iff (multicast && client2client)? | ||
555 | + handle NS/NA | ||
556 | + | ||
557 | +13.) from Martin List-Petersen: | ||
558 | + | ||
559 | + One thing, and I guess this requires modifications in | ||
560 | + network-manager-openvpn: It also works, BUT ignores "push | ||
561 | + route-ipv6-gateway" and "push route-ipv6 ...." (obviously routes pushed | ||
562 | + from the server) entirely. | ||
563 | + | ||
564 | +14.) from ##openvpn-discussion: | ||
565 | + | ||
566 | + new features should be #ifdef'ed | ||
567 | + | ||
568 | + (check whether this is feasible at all) | ||
569 | + | ||
570 | +15.) IPv6 related environment variables | ||
571 | + | ||
572 | + - document all of them in openvpn.8 | ||
573 | + - make sure that all existing IPv4 stuff has IPv6 counterparts | ||
574 | + | ||
575 | +16.) OpenBSD | ||
576 | + - implement ifconfig/route for IPv6 | ||
577 | + - revert ifconfig/open_tun order to "normal" (separate commit!!!) | ||
578 | + (openvpn-devel, Subject: OpenBSD) | ||
579 | + - test | ||
580 | + | ||
581 | +17.) client-option (Elwood) | ||
582 | + - ignore-v6-push-options yes/no | ||
583 | + - ignore-v6-route-push ("as for IPv4 routes") | ||
584 | + | ||
585 | +18.) fail-save? "what if 'ip -6 addr add' fails" -> fail, or fallback to v4? | ||
586 | + (-> recomment setting "ignore-v6-push-options yes") | ||
587 | + | ||
588 | +19.) safety check: if connecting over IPv6 (v6 transport) and the pushed | ||
589 | + route-ipv6 network encompasses the server IPv6 address, make sure | ||
590 | + we at least log a warning (until we can fiddle with external routing | ||
591 | + to make this work correctly). | ||
592 | + | ||
593 | +20.) show "route add" / "route delete" commands for IPv6 in log file | ||
594 | + (we show the "ifconfig" commands, so why not the routes?) | ||
595 | + | ||
596 | + 2010-08-07: this is a null-feature - it's already there, but with | ||
597 | + different debug level (M_INFO vs. D_ROUTE) so user | ||
598 | + didn't notice | ||
599 | + | ||
600 | +21.) enable ipv6-only server operations | ||
601 | + - decouple ipv6 pool handling from ipv4 pool | ||
602 | + - make sure Rest of OpenVPN doesn't assume "there will always be IPv4" | ||
603 | + | ||
604 | +22.) implement --learn-address for IPv6 | ||
605 | + | ||
606 | +23.) FreeBSD 8 seems to require explicit setting of the "ifconfig" IPv6 | ||
607 | + route, while FreeBSD 6+7 don't --> more testing, and code fix | ||
608 | + | ||
609 | + workaround for the time being: just add | ||
610 | + | ||
611 | + server-ipv6 2001:608:4:a051::/64 | ||
612 | + route-ipv6 2001:608:4:a051::/64 | ||
613 | + | ||
614 | + to the config | ||
615 | + | ||
616 | + (problem + workaround applies both to tun and tap style devices) | ||
617 | + | ||
618 | +24.) implement link-local IPv6 addresses | ||
619 | + (OSPFv3 over TUN/multipoint does not work right now) | ||
620 | diff --git openvpn-2.2.0/forward.c openvpn-2.2-ipv6-20110522-1/forward.c | ||
621 | index 87d05cc..1f3d435 100644 | 2 | index 87d05cc..1f3d435 100644 |
622 | --- openvpn-2.2.0/forward.c | 3 | --- a/forward.c |
623 | +++ openvpn-2.2-ipv6-20110522-1/forward.c | 4 | +++ b/forward.c |
624 | @@ -262,7 +262,8 @@ send_control_channel_string (struct context *c, const char *str, int msglevel) | 5 | @@ -262,7 +262,8 @@ send_control_channel_string (struct context *c, const char *str, int msglevel) |
625 | static void | 6 | static void |
626 | check_add_routes_action (struct context *c, const bool errors) | 7 | check_add_routes_action (struct context *c, const bool errors) |
@@ -631,10 +12,10 @@ index 87d05cc..1f3d435 100644 | |||
631 | update_time (); | 12 | update_time (); |
632 | event_timeout_clear (&c->c2.route_wakeup); | 13 | event_timeout_clear (&c->c2.route_wakeup); |
633 | event_timeout_clear (&c->c2.route_wakeup_expire); | 14 | event_timeout_clear (&c->c2.route_wakeup_expire); |
634 | diff --git openvpn-2.2.0/helper.c openvpn-2.2-ipv6-20110522-1/helper.c | 15 | diff --git a/helper.c b/helper.c |
635 | index a9d7fd9..266b246 100644 | 16 | index a9d7fd9..266b246 100644 |
636 | --- openvpn-2.2.0/helper.c | 17 | --- a/helper.c |
637 | +++ openvpn-2.2-ipv6-20110522-1/helper.c | 18 | +++ b/helper.c |
638 | @@ -142,6 +142,55 @@ helper_client_server (struct options *o) | 19 | @@ -142,6 +142,55 @@ helper_client_server (struct options *o) |
639 | 20 | ||
640 | #if P2MP | 21 | #if P2MP |
@@ -691,10 +72,10 @@ index a9d7fd9..266b246 100644 | |||
691 | /* | 72 | /* |
692 | * | 73 | * |
693 | * HELPER DIRECTIVE: | 74 | * HELPER DIRECTIVE: |
694 | diff --git openvpn-2.2.0/init.c openvpn-2.2-ipv6-20110522-1/init.c | 75 | diff --git a/init.c b/init.c |
695 | index d47a4ef..7fc8eb7 100644 | 76 | index d47a4ef..7fc8eb7 100644 |
696 | --- openvpn-2.2.0/init.c | 77 | --- a/init.c |
697 | +++ openvpn-2.2-ipv6-20110522-1/init.c | 78 | +++ b/init.c |
698 | @@ -843,7 +843,7 @@ do_persist_tuntap (const struct options *options) | 79 | @@ -843,7 +843,7 @@ do_persist_tuntap (const struct options *options) |
699 | msg (M_FATAL|M_OPTERR, | 80 | msg (M_FATAL|M_OPTERR, |
700 | "options --mktun or --rmtun should only be used together with --dev"); | 81 | "options --mktun or --rmtun should only be used together with --dev"); |
@@ -832,10 +213,10 @@ index d47a4ef..7fc8eb7 100644 | |||
832 | 213 | ||
833 | /* actually close tun/tap device based on --down-pre flag */ | 214 | /* actually close tun/tap device based on --down-pre flag */ |
834 | if (!c->options.down_pre) | 215 | if (!c->options.down_pre) |
835 | diff --git openvpn-2.2.0/init.h openvpn-2.2-ipv6-20110522-1/init.h | 216 | diff --git a/init.h b/init.h |
836 | index cf5ca8a..5a1d1dc 100644 | 217 | index cf5ca8a..5a1d1dc 100644 |
837 | --- openvpn-2.2.0/init.h | 218 | --- a/init.h |
838 | +++ openvpn-2.2-ipv6-20110522-1/init.h | 219 | +++ b/init.h |
839 | @@ -63,6 +63,7 @@ void init_instance (struct context *c, const struct env_set *env, const unsigned | 220 | @@ -63,6 +63,7 @@ void init_instance (struct context *c, const struct env_set *env, const unsigned |
840 | 221 | ||
841 | void do_route (const struct options *options, | 222 | void do_route (const struct options *options, |
@@ -844,10 +225,10 @@ index cf5ca8a..5a1d1dc 100644 | |||
844 | const struct tuntap *tt, | 225 | const struct tuntap *tt, |
845 | const struct plugin_list *plugins, | 226 | const struct plugin_list *plugins, |
846 | struct env_set *es); | 227 | struct env_set *es); |
847 | diff --git openvpn-2.2.0/misc.c openvpn-2.2-ipv6-20110522-1/misc.c | 228 | diff --git a/misc.c b/misc.c |
848 | index 4067d85..9d351f4 100644 | 229 | index 4067d85..9d351f4 100644 |
849 | --- openvpn-2.2.0/misc.c | 230 | --- a/misc.c |
850 | +++ openvpn-2.2-ipv6-20110522-1/misc.c | 231 | +++ b/misc.c |
851 | @@ -1001,7 +1001,9 @@ setenv_str_ex (struct env_set *es, | 232 | @@ -1001,7 +1001,9 @@ setenv_str_ex (struct env_set *es, |
852 | { | 233 | { |
853 | const char *str = construct_name_value (name_tmp, val_tmp, &gc); | 234 | const char *str = construct_name_value (name_tmp, val_tmp, &gc); |
@@ -859,10 +240,10 @@ index 4067d85..9d351f4 100644 | |||
859 | } | 240 | } |
860 | else | 241 | else |
861 | env_set_del (es, name_tmp); | 242 | env_set_del (es, name_tmp); |
862 | diff --git openvpn-2.2.0/mroute.c openvpn-2.2-ipv6-20110522-1/mroute.c | 243 | diff --git a/mroute.c b/mroute.c |
863 | index 3debd80..3182f65 100644 | 244 | index 1b3488f..6cfec27 100644 |
864 | --- openvpn-2.2.0/mroute.c | 245 | --- a/mroute.c |
865 | +++ openvpn-2.2-ipv6-20110522-1/mroute.c | 246 | +++ b/mroute.c |
866 | @@ -88,12 +88,33 @@ mroute_get_in_addr_t (struct mroute_addr *ma, const in_addr_t src, unsigned int | 247 | @@ -88,12 +88,33 @@ mroute_get_in_addr_t (struct mroute_addr *ma, const in_addr_t src, unsigned int |
867 | } | 248 | } |
868 | } | 249 | } |
@@ -897,41 +278,44 @@ index 3debd80..3182f65 100644 | |||
897 | #ifdef ENABLE_PF | 278 | #ifdef ENABLE_PF |
898 | 279 | ||
899 | static unsigned int | 280 | static unsigned int |
900 | @@ -155,10 +176,29 @@ mroute_extract_addr_ipv4 (struct mroute_addr *src, | 281 | @@ -157,13 +178,29 @@ mroute_extract_addr_ipv4 (struct mroute_addr *src, |
901 | } | 282 | } |
902 | break; | 283 | break; |
903 | case 6: | 284 | case 6: |
904 | - { | 285 | - { |
905 | - msg (M_WARN, "Need IPv6 code in mroute_extract_addr_from_packet"); | 286 | - if( !ipv6warned ) { |
287 | - msg (M_WARN, "IPv6 in tun mode is not supported in OpenVPN 2.2"); | ||
288 | - ipv6warned = true; | ||
289 | - } | ||
906 | - break; | 290 | - break; |
907 | - } | 291 | - } |
908 | + if (BLEN (buf) >= (int) sizeof (struct openvpn_ipv6hdr)) | 292 | + if (BLEN (buf) >= (int) sizeof (struct openvpn_ipv6hdr)) |
909 | + { | 293 | + { |
910 | + const struct openvpn_ipv6hdr *ipv6 = (const struct openvpn_ipv6hdr *) BPTR (buf); | 294 | + const struct openvpn_ipv6hdr *ipv6 = (const struct openvpn_ipv6hdr *) BPTR (buf); |
911 | +#if 0 /* very basic debug */ | 295 | +#if 0 /* very basic debug */ |
912 | + struct gc_arena gc = gc_new (); | 296 | + struct gc_arena gc = gc_new (); |
913 | + msg( M_INFO, "IPv6 packet! src=%s, dst=%s", | 297 | + msg( M_INFO, "IPv6 packet! src=%s, dst=%s", |
914 | + print_in6_addr( ipv6->saddr, 0, &gc ), | 298 | + print_in6_addr( ipv6->saddr, 0, &gc ), |
915 | + print_in6_addr( ipv6->daddr, 0, &gc )); | 299 | + print_in6_addr( ipv6->daddr, 0, &gc )); |
916 | + gc_free (&gc); | 300 | + gc_free (&gc); |
917 | +#endif | 301 | +#endif |
918 | + | 302 | + |
919 | + mroute_get_in6_addr (src, ipv6->saddr, 0); | 303 | + mroute_get_in6_addr (src, ipv6->saddr, 0); |
920 | + mroute_get_in6_addr (dest, ipv6->daddr, 0); | 304 | + mroute_get_in6_addr (dest, ipv6->daddr, 0); |
921 | + | 305 | + |
922 | + if (mroute_is_mcast_ipv6 (ipv6->daddr)) | 306 | + if (mroute_is_mcast_ipv6 (ipv6->daddr)) |
923 | + ret |= MROUTE_EXTRACT_MCAST; | 307 | + ret |= MROUTE_EXTRACT_MCAST; |
924 | + | 308 | + |
925 | + ret |= MROUTE_EXTRACT_SUCCEEDED; | 309 | + ret |= MROUTE_EXTRACT_SUCCEEDED; |
926 | + } | 310 | + } |
927 | + break; | 311 | + break; |
928 | + default: | 312 | + default: |
929 | + msg (M_WARN, "IP packet with unknown IP version=%d seen", | 313 | + msg (M_WARN, "IP packet with unknown IP version=%d seen", |
930 | + OPENVPN_IPH_GET_VER (*BPTR(buf))); | 314 | + OPENVPN_IPH_GET_VER (*BPTR(buf))); |
931 | } | 315 | } |
932 | } | 316 | } |
933 | return ret; | 317 | return ret; |
934 | @@ -252,14 +292,36 @@ bool mroute_extract_openvpn_sockaddr (struct mroute_addr *addr, | 318 | @@ -257,14 +294,36 @@ bool mroute_extract_openvpn_sockaddr (struct mroute_addr *addr, |
935 | * Zero off the host bits in an address, leaving | 319 | * Zero off the host bits in an address, leaving |
936 | * only the network bits, using the netbits member of | 320 | * only the network bits, using the netbits member of |
937 | * struct mroute_addr as the controlling parameter. | 321 | * struct mroute_addr as the controlling parameter. |
@@ -971,7 +355,7 @@ index 3debd80..3182f65 100644 | |||
971 | } | 355 | } |
972 | 356 | ||
973 | /* | 357 | /* |
974 | @@ -337,17 +399,24 @@ mroute_addr_print_ex (const struct mroute_addr *ma, | 358 | @@ -342,17 +401,24 @@ mroute_addr_print_ex (const struct mroute_addr *ma, |
975 | } | 359 | } |
976 | break; | 360 | break; |
977 | case MR_ADDR_IPV6: | 361 | case MR_ADDR_IPV6: |
@@ -1007,7 +391,7 @@ index 3debd80..3182f65 100644 | |||
1007 | 391 | ||
1008 | /* | 392 | /* |
1009 | * mroute_helper's main job is keeping track of | 393 | * mroute_helper's main job is keeping track of |
1010 | @@ -418,6 +487,40 @@ mroute_helper_del_iroute (struct mroute_helper *mh, const struct iroute *ir) | 394 | @@ -423,6 +489,40 @@ mroute_helper_del_iroute (struct mroute_helper *mh, const struct iroute *ir) |
1011 | } | 395 | } |
1012 | } | 396 | } |
1013 | 397 | ||
@@ -1048,10 +432,10 @@ index 3debd80..3182f65 100644 | |||
1048 | void | 432 | void |
1049 | mroute_helper_free (struct mroute_helper *mh) | 433 | mroute_helper_free (struct mroute_helper *mh) |
1050 | { | 434 | { |
1051 | diff --git openvpn-2.2.0/mroute.h openvpn-2.2-ipv6-20110522-1/mroute.h | 435 | diff --git a/mroute.h b/mroute.h |
1052 | index 7265001..b72b5ff 100644 | 436 | index 7265001..b72b5ff 100644 |
1053 | --- openvpn-2.2.0/mroute.h | 437 | --- a/mroute.h |
1054 | +++ openvpn-2.2-ipv6-20110522-1/mroute.h | 438 | +++ b/mroute.h |
1055 | @@ -85,7 +85,7 @@ struct mroute_addr { | 439 | @@ -85,7 +85,7 @@ struct mroute_addr { |
1056 | /* | 440 | /* |
1057 | * Number of bits in an address. Should be raised for IPv6. | 441 | * Number of bits in an address. Should be raised for IPv6. |
@@ -1070,10 +454,10 @@ index 7265001..b72b5ff 100644 | |||
1070 | 454 | ||
1071 | /* | 455 | /* |
1072 | * Given a raw packet in buf, return the src and dest | 456 | * Given a raw packet in buf, return the src and dest |
1073 | diff --git openvpn-2.2.0/multi.c openvpn-2.2-ipv6-20110522-1/multi.c | 457 | diff --git a/multi.c b/multi.c |
1074 | index 22c0a3f..f703b8d 100644 | 458 | index 22c0a3f..f703b8d 100644 |
1075 | --- openvpn-2.2.0/multi.c | 459 | --- a/multi.c |
1076 | +++ openvpn-2.2-ipv6-20110522-1/multi.c | 460 | +++ b/multi.c |
1077 | @@ -316,25 +316,18 @@ multi_init (struct multi_context *m, struct context *t, bool tcp_mode, int threa | 461 | @@ -316,25 +316,18 @@ multi_init (struct multi_context *m, struct context *t, bool tcp_mode, int threa |
1078 | */ | 462 | */ |
1079 | if (t->options.ifconfig_pool_defined) | 463 | if (t->options.ifconfig_pool_defined) |
@@ -1310,11 +694,11 @@ index 22c0a3f..f703b8d 100644 | |||
1310 | /* add routes locally, pointing to new client, if | 694 | /* add routes locally, pointing to new client, if |
1311 | --iroute options have been specified */ | 695 | --iroute options have been specified */ |
1312 | multi_add_iroutes (m, mi); | 696 | multi_add_iroutes (m, mi); |
1313 | diff --git openvpn-2.2.0/openvpn.8 openvpn-2.2-ipv6-20110522-1/openvpn.8 | 697 | diff --git a/openvpn.8 b/openvpn.8 |
1314 | index 7d213f9..11fd5ad 100644 | 698 | index 67a9779..5322618 100644 |
1315 | --- openvpn-2.2.0/openvpn.8 | 699 | --- a/openvpn.8 |
1316 | +++ openvpn-2.2-ipv6-20110522-1/openvpn.8 | 700 | +++ b/openvpn.8 |
1317 | @@ -789,6 +789,8 @@ or | 701 | @@ -794,6 +794,8 @@ or |
1318 | .B \-\-dev tunX. | 702 | .B \-\-dev tunX. |
1319 | A warning will be displayed | 703 | A warning will be displayed |
1320 | if no specific IPv6 TUN support for your OS has been compiled into OpenVPN. | 704 | if no specific IPv6 TUN support for your OS has been compiled into OpenVPN. |
@@ -1323,7 +707,7 @@ index 7d213f9..11fd5ad 100644 | |||
1323 | .\"********************************************************* | 707 | .\"********************************************************* |
1324 | .TP | 708 | .TP |
1325 | .B \-\-dev-node node | 709 | .B \-\-dev-node node |
1326 | @@ -4936,6 +4938,57 @@ if certificates are stored as private objects. | 710 | @@ -4949,6 +4951,57 @@ if certificates are stored as private objects. |
1327 | .B \-\-verb | 711 | .B \-\-verb |
1328 | option can be used BEFORE this option to produce debugging information. | 712 | option can be used BEFORE this option to produce debugging information. |
1329 | .\"********************************************************* | 713 | .\"********************************************************* |
@@ -1381,10 +765,10 @@ index 7d213f9..11fd5ad 100644 | |||
1381 | .SH SCRIPTING AND ENVIRONMENTAL VARIABLES | 765 | .SH SCRIPTING AND ENVIRONMENTAL VARIABLES |
1382 | OpenVPN exports a series | 766 | OpenVPN exports a series |
1383 | of environmental variables for use by user-defined scripts. | 767 | of environmental variables for use by user-defined scripts. |
1384 | diff --git openvpn-2.2.0/openvpn.h openvpn-2.2-ipv6-20110522-1/openvpn.h | 768 | diff --git a/openvpn.h b/openvpn.h |
1385 | index 641bf93..e5e6e58 100644 | 769 | index 641bf93..e5e6e58 100644 |
1386 | --- openvpn-2.2.0/openvpn.h | 770 | --- a/openvpn.h |
1387 | +++ openvpn-2.2-ipv6-20110522-1/openvpn.h | 771 | +++ b/openvpn.h |
1388 | @@ -165,6 +165,9 @@ struct context_1 | 772 | @@ -165,6 +165,9 @@ struct context_1 |
1389 | /* list of --route directives */ | 773 | /* list of --route directives */ |
1390 | struct route_list *route_list; | 774 | struct route_list *route_list; |
@@ -1407,10 +791,10 @@ index 641bf93..e5e6e58 100644 | |||
1407 | /* client authentication state, CAS_SUCCEEDED must be 0 */ | 791 | /* client authentication state, CAS_SUCCEEDED must be 0 */ |
1408 | # define CAS_SUCCEEDED 0 | 792 | # define CAS_SUCCEEDED 0 |
1409 | # define CAS_PENDING 1 | 793 | # define CAS_PENDING 1 |
1410 | diff --git openvpn-2.2.0/options.c openvpn-2.2-ipv6-20110522-1/options.c | 794 | diff --git a/options.c b/options.c |
1411 | index 7708995..bf59e00 100644 | 795 | index 7a5e35d..8fdd8a5 100644 |
1412 | --- openvpn-2.2.0/options.c | 796 | --- a/options.c |
1413 | +++ openvpn-2.2-ipv6-20110522-1/options.c | 797 | +++ b/options.c |
1414 | @@ -79,6 +79,7 @@ const char title_string[] = | 798 | @@ -79,6 +79,7 @@ const char title_string[] = |
1415 | #ifdef ENABLE_EUREPHIA | 799 | #ifdef ENABLE_EUREPHIA |
1416 | " [eurephia]" | 800 | " [eurephia]" |
@@ -1419,7 +803,7 @@ index 7708995..bf59e00 100644 | |||
1419 | " built on " __DATE__ | 803 | " built on " __DATE__ |
1420 | ; | 804 | ; |
1421 | 805 | ||
1422 | @@ -171,6 +172,8 @@ static const char usage_message[] = | 806 | @@ -172,6 +173,8 @@ static const char usage_message[] = |
1423 | " addresses outside of the subnets used by either peer.\n" | 807 | " addresses outside of the subnets used by either peer.\n" |
1424 | " TAP: configure device to use IP address l as a local\n" | 808 | " TAP: configure device to use IP address l as a local\n" |
1425 | " endpoint and rn as a subnet mask.\n" | 809 | " endpoint and rn as a subnet mask.\n" |
@@ -1428,7 +812,7 @@ index 7708995..bf59e00 100644 | |||
1428 | "--ifconfig-noexec : Don't actually execute ifconfig/netsh command, instead\n" | 812 | "--ifconfig-noexec : Don't actually execute ifconfig/netsh command, instead\n" |
1429 | " pass --ifconfig parms by environment to scripts.\n" | 813 | " pass --ifconfig parms by environment to scripts.\n" |
1430 | "--ifconfig-nowarn : Don't warn if the --ifconfig option on this side of the\n" | 814 | "--ifconfig-nowarn : Don't warn if the --ifconfig option on this side of the\n" |
1431 | @@ -181,6 +184,10 @@ static const char usage_message[] = | 815 | @@ -182,6 +185,10 @@ static const char usage_message[] = |
1432 | " netmask default: 255.255.255.255\n" | 816 | " netmask default: 255.255.255.255\n" |
1433 | " gateway default: taken from --route-gateway or --ifconfig\n" | 817 | " gateway default: taken from --route-gateway or --ifconfig\n" |
1434 | " Specify default by leaving blank or setting to \"nil\".\n" | 818 | " Specify default by leaving blank or setting to \"nil\".\n" |
@@ -1439,7 +823,7 @@ index 7708995..bf59e00 100644 | |||
1439 | "--max-routes n : Specify the maximum number of routes that may be defined\n" | 823 | "--max-routes n : Specify the maximum number of routes that may be defined\n" |
1440 | " or pulled from a server.\n" | 824 | " or pulled from a server.\n" |
1441 | "--route-gateway gw|'dhcp' : Specify a default gateway for use with --route.\n" | 825 | "--route-gateway gw|'dhcp' : Specify a default gateway for use with --route.\n" |
1442 | @@ -369,6 +376,7 @@ static const char usage_message[] = | 826 | @@ -370,6 +377,7 @@ static const char usage_message[] = |
1443 | "\n" | 827 | "\n" |
1444 | "Multi-Client Server options (when --mode server is used):\n" | 828 | "Multi-Client Server options (when --mode server is used):\n" |
1445 | "--server network netmask : Helper option to easily configure server mode.\n" | 829 | "--server network netmask : Helper option to easily configure server mode.\n" |
@@ -1447,7 +831,7 @@ index 7708995..bf59e00 100644 | |||
1447 | "--server-bridge [IP netmask pool-start-IP pool-end-IP] : Helper option to\n" | 831 | "--server-bridge [IP netmask pool-start-IP pool-end-IP] : Helper option to\n" |
1448 | " easily configure ethernet bridging server mode.\n" | 832 | " easily configure ethernet bridging server mode.\n" |
1449 | "--push \"option\" : Push a config file option back to the peer for remote\n" | 833 | "--push \"option\" : Push a config file option back to the peer for remote\n" |
1450 | @@ -382,10 +390,16 @@ static const char usage_message[] = | 834 | @@ -383,10 +391,16 @@ static const char usage_message[] = |
1451 | "--ifconfig-pool-persist file [seconds] : Persist/unpersist ifconfig-pool\n" | 835 | "--ifconfig-pool-persist file [seconds] : Persist/unpersist ifconfig-pool\n" |
1452 | " data to file, at seconds intervals (default=600).\n" | 836 | " data to file, at seconds intervals (default=600).\n" |
1453 | " If seconds=0, file will be treated as read-only.\n" | 837 | " If seconds=0, file will be treated as read-only.\n" |
@@ -1464,7 +848,7 @@ index 7708995..bf59e00 100644 | |||
1464 | " Sets up internal routes only.\n" | 848 | " Sets up internal routes only.\n" |
1465 | " Only valid in a client-specific config file.\n" | 849 | " Only valid in a client-specific config file.\n" |
1466 | "--disable : Client is disabled.\n" | 850 | "--disable : Client is disabled.\n" |
1467 | @@ -870,6 +884,78 @@ get_ip_addr (const char *ip_string, int msglevel, bool *error) | 851 | @@ -871,6 +885,78 @@ get_ip_addr (const char *ip_string, int msglevel, bool *error) |
1468 | return ret; | 852 | return ret; |
1469 | } | 853 | } |
1470 | 854 | ||
@@ -1543,7 +927,7 @@ index 7708995..bf59e00 100644 | |||
1543 | static char * | 927 | static char * |
1544 | string_substitute (const char *src, int from, int to, struct gc_arena *gc) | 928 | string_substitute (const char *src, int from, int to, struct gc_arena *gc) |
1545 | { | 929 | { |
1546 | @@ -988,6 +1074,8 @@ show_p2mp_parms (const struct options *o) | 930 | @@ -989,6 +1075,8 @@ show_p2mp_parms (const struct options *o) |
1547 | #if P2MP_SERVER | 931 | #if P2MP_SERVER |
1548 | msg (D_SHOW_PARMS, " server_network = %s", print_in_addr_t (o->server_network, 0, &gc)); | 932 | msg (D_SHOW_PARMS, " server_network = %s", print_in_addr_t (o->server_network, 0, &gc)); |
1549 | msg (D_SHOW_PARMS, " server_netmask = %s", print_in_addr_t (o->server_netmask, 0, &gc)); | 933 | msg (D_SHOW_PARMS, " server_netmask = %s", print_in_addr_t (o->server_netmask, 0, &gc)); |
@@ -1552,7 +936,7 @@ index 7708995..bf59e00 100644 | |||
1552 | msg (D_SHOW_PARMS, " server_bridge_ip = %s", print_in_addr_t (o->server_bridge_ip, 0, &gc)); | 936 | msg (D_SHOW_PARMS, " server_bridge_ip = %s", print_in_addr_t (o->server_bridge_ip, 0, &gc)); |
1553 | msg (D_SHOW_PARMS, " server_bridge_netmask = %s", print_in_addr_t (o->server_bridge_netmask, 0, &gc)); | 937 | msg (D_SHOW_PARMS, " server_bridge_netmask = %s", print_in_addr_t (o->server_bridge_netmask, 0, &gc)); |
1554 | msg (D_SHOW_PARMS, " server_bridge_pool_start = %s", print_in_addr_t (o->server_bridge_pool_start, 0, &gc)); | 938 | msg (D_SHOW_PARMS, " server_bridge_pool_start = %s", print_in_addr_t (o->server_bridge_pool_start, 0, &gc)); |
1555 | @@ -1008,6 +1096,9 @@ show_p2mp_parms (const struct options *o) | 939 | @@ -1009,6 +1097,9 @@ show_p2mp_parms (const struct options *o) |
1556 | msg (D_SHOW_PARMS, " ifconfig_pool_netmask = %s", print_in_addr_t (o->ifconfig_pool_netmask, 0, &gc)); | 940 | msg (D_SHOW_PARMS, " ifconfig_pool_netmask = %s", print_in_addr_t (o->ifconfig_pool_netmask, 0, &gc)); |
1557 | SHOW_STR (ifconfig_pool_persist_filename); | 941 | SHOW_STR (ifconfig_pool_persist_filename); |
1558 | SHOW_INT (ifconfig_pool_persist_refresh_freq); | 942 | SHOW_INT (ifconfig_pool_persist_refresh_freq); |
@@ -1562,7 +946,7 @@ index 7708995..bf59e00 100644 | |||
1562 | SHOW_INT (n_bcast_buf); | 946 | SHOW_INT (n_bcast_buf); |
1563 | SHOW_INT (tcp_queue_limit); | 947 | SHOW_INT (tcp_queue_limit); |
1564 | SHOW_INT (real_hash_size); | 948 | SHOW_INT (real_hash_size); |
1565 | @@ -1021,6 +1112,9 @@ show_p2mp_parms (const struct options *o) | 949 | @@ -1022,6 +1113,9 @@ show_p2mp_parms (const struct options *o) |
1566 | SHOW_BOOL (push_ifconfig_defined); | 950 | SHOW_BOOL (push_ifconfig_defined); |
1567 | msg (D_SHOW_PARMS, " push_ifconfig_local = %s", print_in_addr_t (o->push_ifconfig_local, 0, &gc)); | 951 | msg (D_SHOW_PARMS, " push_ifconfig_local = %s", print_in_addr_t (o->push_ifconfig_local, 0, &gc)); |
1568 | msg (D_SHOW_PARMS, " push_ifconfig_remote_netmask = %s", print_in_addr_t (o->push_ifconfig_remote_netmask, 0, &gc)); | 952 | msg (D_SHOW_PARMS, " push_ifconfig_remote_netmask = %s", print_in_addr_t (o->push_ifconfig_remote_netmask, 0, &gc)); |
@@ -1572,7 +956,7 @@ index 7708995..bf59e00 100644 | |||
1572 | SHOW_BOOL (enable_c2c); | 956 | SHOW_BOOL (enable_c2c); |
1573 | SHOW_BOOL (duplicate_cn); | 957 | SHOW_BOOL (duplicate_cn); |
1574 | SHOW_INT (cf_max); | 958 | SHOW_INT (cf_max); |
1575 | @@ -1075,6 +1169,25 @@ option_iroute (struct options *o, | 959 | @@ -1076,6 +1170,25 @@ option_iroute (struct options *o, |
1576 | o->iroutes = ir; | 960 | o->iroutes = ir; |
1577 | } | 961 | } |
1578 | 962 | ||
@@ -1598,7 +982,7 @@ index 7708995..bf59e00 100644 | |||
1598 | #endif /* P2MP_SERVER */ | 982 | #endif /* P2MP_SERVER */ |
1599 | #endif /* P2MP */ | 983 | #endif /* P2MP */ |
1600 | 984 | ||
1601 | @@ -1112,6 +1225,13 @@ rol_check_alloc (struct options *options) | 985 | @@ -1113,6 +1226,13 @@ rol_check_alloc (struct options *options) |
1602 | options->routes = new_route_option_list (options->max_routes, &options->gc); | 986 | options->routes = new_route_option_list (options->max_routes, &options->gc); |
1603 | } | 987 | } |
1604 | 988 | ||
@@ -1612,7 +996,7 @@ index 7708995..bf59e00 100644 | |||
1612 | #ifdef ENABLE_DEBUG | 996 | #ifdef ENABLE_DEBUG |
1613 | static void | 997 | static void |
1614 | show_connection_entry (const struct connection_entry *o) | 998 | show_connection_entry (const struct connection_entry *o) |
1615 | @@ -1202,6 +1322,9 @@ show_settings (const struct options *o) | 999 | @@ -1203,6 +1323,9 @@ show_settings (const struct options *o) |
1616 | SHOW_STR (ifconfig_remote_netmask); | 1000 | SHOW_STR (ifconfig_remote_netmask); |
1617 | SHOW_BOOL (ifconfig_noexec); | 1001 | SHOW_BOOL (ifconfig_noexec); |
1618 | SHOW_BOOL (ifconfig_nowarn); | 1002 | SHOW_BOOL (ifconfig_nowarn); |
@@ -1622,7 +1006,7 @@ index 7708995..bf59e00 100644 | |||
1622 | 1006 | ||
1623 | #ifdef HAVE_GETTIMEOFDAY | 1007 | #ifdef HAVE_GETTIMEOFDAY |
1624 | SHOW_INT (shaper); | 1008 | SHOW_INT (shaper); |
1625 | @@ -1862,8 +1985,10 @@ options_postprocess_verify_ce (const struct options *options, const struct conne | 1009 | @@ -1863,8 +1986,10 @@ options_postprocess_verify_ce (const struct options *options, const struct conne |
1626 | if (options->connection_list) | 1010 | if (options->connection_list) |
1627 | msg (M_USAGE, "<connection> cannot be used with --mode server"); | 1011 | msg (M_USAGE, "<connection> cannot be used with --mode server"); |
1628 | #endif | 1012 | #endif |
@@ -1633,7 +1017,7 @@ index 7708995..bf59e00 100644 | |||
1633 | if (options->shaper) | 1017 | if (options->shaper) |
1634 | msg (M_USAGE, "--shaper cannot be used with --mode server"); | 1018 | msg (M_USAGE, "--shaper cannot be used with --mode server"); |
1635 | if (options->inetd) | 1019 | if (options->inetd) |
1636 | @@ -1888,6 +2013,11 @@ options_postprocess_verify_ce (const struct options *options, const struct conne | 1020 | @@ -1889,6 +2014,11 @@ options_postprocess_verify_ce (const struct options *options, const struct conne |
1637 | msg (M_USAGE, "--up-delay cannot be used with --mode server"); | 1021 | msg (M_USAGE, "--up-delay cannot be used with --mode server"); |
1638 | if (!options->ifconfig_pool_defined && options->ifconfig_pool_persist_filename) | 1022 | if (!options->ifconfig_pool_defined && options->ifconfig_pool_persist_filename) |
1639 | msg (M_USAGE, "--ifconfig-pool-persist must be used with --ifconfig-pool"); | 1023 | msg (M_USAGE, "--ifconfig-pool-persist must be used with --ifconfig-pool"); |
@@ -1645,7 +1029,7 @@ index 7708995..bf59e00 100644 | |||
1645 | if (options->auth_user_pass_file) | 1029 | if (options->auth_user_pass_file) |
1646 | msg (M_USAGE, "--auth-user-pass cannot be used with --mode server (it should be used on the client side only)"); | 1030 | msg (M_USAGE, "--auth-user-pass cannot be used with --mode server (it should be used on the client side only)"); |
1647 | if (options->ccd_exclusive && !options->client_config_dir) | 1031 | if (options->ccd_exclusive && !options->client_config_dir) |
1648 | @@ -1919,6 +2049,8 @@ options_postprocess_verify_ce (const struct options *options, const struct conne | 1032 | @@ -1920,6 +2050,8 @@ options_postprocess_verify_ce (const struct options *options, const struct conne |
1649 | */ | 1033 | */ |
1650 | if (options->ifconfig_pool_defined || options->ifconfig_pool_persist_filename) | 1034 | if (options->ifconfig_pool_defined || options->ifconfig_pool_persist_filename) |
1651 | msg (M_USAGE, "--ifconfig-pool/--ifconfig-pool-persist requires --mode server"); | 1035 | msg (M_USAGE, "--ifconfig-pool/--ifconfig-pool-persist requires --mode server"); |
@@ -1654,7 +1038,7 @@ index 7708995..bf59e00 100644 | |||
1654 | if (options->real_hash_size != defaults.real_hash_size | 1038 | if (options->real_hash_size != defaults.real_hash_size |
1655 | || options->virtual_hash_size != defaults.virtual_hash_size) | 1039 | || options->virtual_hash_size != defaults.virtual_hash_size) |
1656 | msg (M_USAGE, "--hash-size requires --mode server"); | 1040 | msg (M_USAGE, "--hash-size requires --mode server"); |
1657 | @@ -2460,6 +2592,8 @@ options_string (const struct options *o, | 1041 | @@ -2461,6 +2593,8 @@ options_string (const struct options *o, |
1658 | o->topology, | 1042 | o->topology, |
1659 | o->ifconfig_local, | 1043 | o->ifconfig_local, |
1660 | o->ifconfig_remote_netmask, | 1044 | o->ifconfig_remote_netmask, |
@@ -1663,7 +1047,7 @@ index 7708995..bf59e00 100644 | |||
1663 | (in_addr_t)0, | 1047 | (in_addr_t)0, |
1664 | (in_addr_t)0, | 1048 | (in_addr_t)0, |
1665 | false, | 1049 | false, |
1666 | @@ -3785,6 +3919,30 @@ add_option (struct options *options, | 1050 | @@ -3786,6 +3920,30 @@ add_option (struct options *options, |
1667 | goto err; | 1051 | goto err; |
1668 | } | 1052 | } |
1669 | } | 1053 | } |
@@ -1694,7 +1078,7 @@ index 7708995..bf59e00 100644 | |||
1694 | else if (streq (p[0], "ifconfig-noexec")) | 1078 | else if (streq (p[0], "ifconfig-noexec")) |
1695 | { | 1079 | { |
1696 | VERIFY_PERMISSION (OPT_P_UP); | 1080 | VERIFY_PERMISSION (OPT_P_UP); |
1697 | @@ -4585,6 +4743,26 @@ add_option (struct options *options, | 1081 | @@ -4586,6 +4744,26 @@ add_option (struct options *options, |
1698 | } | 1082 | } |
1699 | add_route_to_option_list (options->routes, p[1], p[2], p[3], p[4]); | 1083 | add_route_to_option_list (options->routes, p[1], p[2], p[3], p[4]); |
1700 | } | 1084 | } |
@@ -1721,7 +1105,7 @@ index 7708995..bf59e00 100644 | |||
1721 | else if (streq (p[0], "max-routes") && p[1]) | 1105 | else if (streq (p[0], "max-routes") && p[1]) |
1722 | { | 1106 | { |
1723 | int max_routes; | 1107 | int max_routes; |
1724 | @@ -4796,6 +4974,33 @@ add_option (struct options *options, | 1108 | @@ -4797,6 +4975,33 @@ add_option (struct options *options, |
1725 | } | 1109 | } |
1726 | } | 1110 | } |
1727 | } | 1111 | } |
@@ -1755,7 +1139,7 @@ index 7708995..bf59e00 100644 | |||
1755 | else if (streq (p[0], "server-bridge") && p[1] && p[2] && p[3] && p[4]) | 1139 | else if (streq (p[0], "server-bridge") && p[1] && p[2] && p[3] && p[4]) |
1756 | { | 1140 | { |
1757 | const int lev = M_WARN; | 1141 | const int lev = M_WARN; |
1758 | @@ -4880,6 +5085,28 @@ add_option (struct options *options, | 1142 | @@ -4881,6 +5086,28 @@ add_option (struct options *options, |
1759 | VERIFY_PERMISSION (OPT_P_GENERAL); | 1143 | VERIFY_PERMISSION (OPT_P_GENERAL); |
1760 | options->topology = TOP_P2P; | 1144 | options->topology = TOP_P2P; |
1761 | } | 1145 | } |
@@ -1784,7 +1168,7 @@ index 7708995..bf59e00 100644 | |||
1784 | else if (streq (p[0], "hash-size") && p[1] && p[2]) | 1168 | else if (streq (p[0], "hash-size") && p[1] && p[2]) |
1785 | { | 1169 | { |
1786 | int real, virtual; | 1170 | int real, virtual; |
1787 | @@ -5075,6 +5302,11 @@ add_option (struct options *options, | 1171 | @@ -5076,6 +5303,11 @@ add_option (struct options *options, |
1788 | } | 1172 | } |
1789 | option_iroute (options, p[1], netmask, msglevel); | 1173 | option_iroute (options, p[1], netmask, msglevel); |
1790 | } | 1174 | } |
@@ -1796,7 +1180,7 @@ index 7708995..bf59e00 100644 | |||
1796 | else if (streq (p[0], "ifconfig-push") && p[1] && p[2]) | 1180 | else if (streq (p[0], "ifconfig-push") && p[1] && p[2]) |
1797 | { | 1181 | { |
1798 | in_addr_t local, remote_netmask; | 1182 | in_addr_t local, remote_netmask; |
1799 | @@ -5113,6 +5345,43 @@ add_option (struct options *options, | 1183 | @@ -5114,6 +5346,43 @@ add_option (struct options *options, |
1800 | goto err; | 1184 | goto err; |
1801 | } | 1185 | } |
1802 | } | 1186 | } |
@@ -1840,10 +1224,10 @@ index 7708995..bf59e00 100644 | |||
1840 | else if (streq (p[0], "disable")) | 1224 | else if (streq (p[0], "disable")) |
1841 | { | 1225 | { |
1842 | VERIFY_PERMISSION (OPT_P_INSTANCE); | 1226 | VERIFY_PERMISSION (OPT_P_INSTANCE); |
1843 | diff --git openvpn-2.2.0/options.h openvpn-2.2-ipv6-20110522-1/options.h | 1227 | diff --git a/options.h b/options.h |
1844 | index 7f4c0cd..dd04ee8 100644 | 1228 | index dd49355..3b01597 100644 |
1845 | --- openvpn-2.2.0/options.h | 1229 | --- a/options.h |
1846 | +++ openvpn-2.2-ipv6-20110522-1/options.h | 1230 | +++ b/options.h |
1847 | @@ -205,6 +205,9 @@ struct options | 1231 | @@ -205,6 +205,9 @@ struct options |
1848 | int topology; /* one of the TOP_x values from proto.h */ | 1232 | int topology; /* one of the TOP_x values from proto.h */ |
1849 | const char *ifconfig_local; | 1233 | const char *ifconfig_local; |
@@ -1862,15 +1246,7 @@ index 7f4c0cd..dd04ee8 100644 | |||
1862 | bool route_nopull; | 1246 | bool route_nopull; |
1863 | bool route_gateway_via_dhcp; | 1247 | bool route_gateway_via_dhcp; |
1864 | bool allow_pull_fqdn; /* as a client, allow server to push a FQDN for certain parameters */ | 1248 | bool allow_pull_fqdn; /* as a client, allow server to push a FQDN for certain parameters */ |
1865 | @@ -355,12 +359,17 @@ struct options | 1249 | @@ -363,6 +367,9 @@ struct options |
1866 | struct plugin_option_list *plugin_list; | ||
1867 | #endif | ||
1868 | |||
1869 | + const char *tmp_dir; | ||
1870 | + | ||
1871 | #if P2MP | ||
1872 | |||
1873 | #if P2MP_SERVER | ||
1874 | bool server_defined; | 1250 | bool server_defined; |
1875 | in_addr_t server_network; | 1251 | in_addr_t server_network; |
1876 | in_addr_t server_netmask; | 1252 | in_addr_t server_netmask; |
@@ -1880,42 +1256,37 @@ index 7f4c0cd..dd04ee8 100644 | |||
1880 | 1256 | ||
1881 | # define SF_NOPOOL (1<<0) | 1257 | # define SF_NOPOOL (1<<0) |
1882 | # define SF_TCP_NODELAY_HELPER (1<<1) | 1258 | # define SF_TCP_NODELAY_HELPER (1<<1) |
1883 | @@ -382,24 +391,33 @@ struct options | 1259 | @@ -384,6 +391,11 @@ struct options |
1884 | in_addr_t ifconfig_pool_netmask; | 1260 | in_addr_t ifconfig_pool_netmask; |
1885 | const char *ifconfig_pool_persist_filename; | 1261 | const char *ifconfig_pool_persist_filename; |
1886 | int ifconfig_pool_persist_refresh_freq; | 1262 | int ifconfig_pool_persist_refresh_freq; |
1887 | + | 1263 | + |
1888 | + bool ifconfig_ipv6_pool_defined; /* IPv6 */ | 1264 | + bool ifconfig_ipv6_pool_defined; /* IPv6 */ |
1889 | + struct in6_addr ifconfig_ipv6_pool_base; /* IPv6 */ | 1265 | + struct in6_addr ifconfig_ipv6_pool_base; /* IPv6 */ |
1890 | + int ifconfig_ipv6_pool_netbits; /* IPv6 */ | 1266 | + int ifconfig_ipv6_pool_netbits; /* IPv6 */ |
1891 | + | 1267 | + |
1892 | int real_hash_size; | 1268 | int real_hash_size; |
1893 | int virtual_hash_size; | 1269 | int virtual_hash_size; |
1894 | const char *client_connect_script; | 1270 | const char *client_connect_script; |
1895 | const char *client_disconnect_script; | 1271 | @@ -395,12 +407,17 @@ struct options |
1896 | const char *learn_address_script; | ||
1897 | - const char *tmp_dir; | ||
1898 | const char *client_config_dir; | ||
1899 | bool ccd_exclusive; | ||
1900 | bool disable; | ||
1901 | int n_bcast_buf; | 1272 | int n_bcast_buf; |
1902 | int tcp_queue_limit; | 1273 | int tcp_queue_limit; |
1903 | struct iroute *iroutes; | 1274 | struct iroute *iroutes; |
1904 | + struct iroute_ipv6 *iroutes_ipv6; /* IPv6 */ | 1275 | + struct iroute_ipv6 *iroutes_ipv6; /* IPv6 */ |
1905 | bool push_ifconfig_defined; | 1276 | bool push_ifconfig_defined; |
1906 | in_addr_t push_ifconfig_local; | 1277 | in_addr_t push_ifconfig_local; |
1907 | in_addr_t push_ifconfig_remote_netmask; | 1278 | in_addr_t push_ifconfig_remote_netmask; |
1908 | bool push_ifconfig_constraint_defined; | 1279 | bool push_ifconfig_constraint_defined; |
1909 | in_addr_t push_ifconfig_constraint_network; | 1280 | in_addr_t push_ifconfig_constraint_network; |
1910 | in_addr_t push_ifconfig_constraint_netmask; | 1281 | in_addr_t push_ifconfig_constraint_netmask; |
1911 | + bool push_ifconfig_ipv6_defined; /* IPv6 */ | 1282 | + bool push_ifconfig_ipv6_defined; /* IPv6 */ |
1912 | + struct in6_addr push_ifconfig_ipv6_local; /* IPv6 */ | 1283 | + struct in6_addr push_ifconfig_ipv6_local; /* IPv6 */ |
1913 | + int push_ifconfig_ipv6_netbits; /* IPv6 */ | 1284 | + int push_ifconfig_ipv6_netbits; /* IPv6 */ |
1914 | + struct in6_addr push_ifconfig_ipv6_remote; /* IPv6 */ | 1285 | + struct in6_addr push_ifconfig_ipv6_remote; /* IPv6 */ |
1915 | bool enable_c2c; | 1286 | bool enable_c2c; |
1916 | bool duplicate_cn; | 1287 | bool duplicate_cn; |
1917 | int cf_max; | 1288 | int cf_max; |
1918 | @@ -722,6 +740,10 @@ void options_string_import (struct options *options, | 1289 | @@ -723,6 +740,10 @@ void options_string_import (struct options *options, |
1919 | unsigned int *option_types_found, | 1290 | unsigned int *option_types_found, |
1920 | struct env_set *es); | 1291 | struct env_set *es); |
1921 | 1292 | ||
@@ -1926,10 +1297,10 @@ index 7f4c0cd..dd04ee8 100644 | |||
1926 | /* | 1297 | /* |
1927 | * inline functions | 1298 | * inline functions |
1928 | */ | 1299 | */ |
1929 | diff --git openvpn-2.2.0/pool.c openvpn-2.2-ipv6-20110522-1/pool.c | 1300 | diff --git a/pool.c b/pool.c |
1930 | index 84333df..60dc520 100644 | 1301 | index 84333df..60dc520 100644 |
1931 | --- openvpn-2.2.0/pool.c | 1302 | --- a/pool.c |
1932 | +++ openvpn-2.2-ipv6-20110522-1/pool.c | 1303 | +++ b/pool.c |
1933 | @@ -132,7 +132,10 @@ ifconfig_pool_verify_range (const int msglevel, const in_addr_t start, const in_ | 1304 | @@ -132,7 +132,10 @@ ifconfig_pool_verify_range (const int msglevel, const in_addr_t start, const in_ |
1934 | } | 1305 | } |
1935 | 1306 | ||
@@ -2078,10 +1449,10 @@ index 84333df..60dc520 100644 | |||
2078 | if (h < 0) | 1449 | if (h < 0) |
2079 | break; | 1450 | break; |
2080 | msg (M_INFO | M_NOPREFIX, "IFCONFIG_POOL TEST pass 3: l=%s r=%s cn=%s", | 1451 | msg (M_INFO | M_NOPREFIX, "IFCONFIG_POOL TEST pass 3: l=%s r=%s cn=%s", |
2081 | diff --git openvpn-2.2.0/pool.h openvpn-2.2-ipv6-20110522-1/pool.h | 1452 | diff --git a/pool.h b/pool.h |
2082 | index 81264a9..fc9d6ab 100644 | 1453 | index 81264a9..fc9d6ab 100644 |
2083 | --- openvpn-2.2.0/pool.h | 1454 | --- a/pool.h |
2084 | +++ openvpn-2.2-ipv6-20110522-1/pool.h | 1455 | +++ b/pool.h |
2085 | @@ -52,6 +52,9 @@ struct ifconfig_pool | 1456 | @@ -52,6 +52,9 @@ struct ifconfig_pool |
2086 | int size; | 1457 | int size; |
2087 | int type; | 1458 | int type; |
@@ -2108,10 +1479,10 @@ index 81264a9..fc9d6ab 100644 | |||
2108 | 1479 | ||
2109 | bool ifconfig_pool_release (struct ifconfig_pool* pool, ifconfig_pool_handle hand, const bool hard); | 1480 | bool ifconfig_pool_release (struct ifconfig_pool* pool, ifconfig_pool_handle hand, const bool hard); |
2110 | 1481 | ||
2111 | diff --git openvpn-2.2.0/proto.h openvpn-2.2-ipv6-20110522-1/proto.h | 1482 | diff --git a/proto.h b/proto.h |
2112 | index 55f0832..b8e8997 100644 | 1483 | index 55f0832..b8e8997 100644 |
2113 | --- openvpn-2.2.0/proto.h | 1484 | --- a/proto.h |
2114 | +++ openvpn-2.2-ipv6-20110522-1/proto.h | 1485 | +++ b/proto.h |
2115 | @@ -108,6 +108,21 @@ struct openvpn_iphdr { | 1486 | @@ -108,6 +108,21 @@ struct openvpn_iphdr { |
2116 | }; | 1487 | }; |
2117 | 1488 | ||
@@ -2134,10 +1505,10 @@ index 55f0832..b8e8997 100644 | |||
2134 | * UDP header | 1505 | * UDP header |
2135 | */ | 1506 | */ |
2136 | struct openvpn_udphdr { | 1507 | struct openvpn_udphdr { |
2137 | diff --git openvpn-2.2.0/push.c openvpn-2.2-ipv6-20110522-1/push.c | 1508 | diff --git a/push.c b/push.c |
2138 | index 08c7f99..1fd8bea 100644 | 1509 | index 08c7f99..1fd8bea 100644 |
2139 | --- openvpn-2.2.0/push.c | 1510 | --- a/push.c |
2140 | +++ openvpn-2.2-ipv6-20110522-1/push.c | 1511 | +++ b/push.c |
2141 | @@ -189,8 +189,26 @@ send_push_reply (struct context *c) | 1512 | @@ -189,8 +189,26 @@ send_push_reply (struct context *c) |
2142 | const int safe_cap = BCAP (&buf) - extra; | 1513 | const int safe_cap = BCAP (&buf) - extra; |
2143 | bool push_sent = false; | 1514 | bool push_sent = false; |
@@ -2165,10 +1536,10 @@ index 08c7f99..1fd8bea 100644 | |||
2165 | while (e) | 1536 | while (e) |
2166 | { | 1537 | { |
2167 | if (e->enable) | 1538 | if (e->enable) |
2168 | diff --git openvpn-2.2.0/route.c openvpn-2.2-ipv6-20110522-1/route.c | 1539 | diff --git a/route.c b/route.c |
2169 | index b5092fe..7c81f75 100644 | 1540 | index b5092fe..7c81f75 100644 |
2170 | --- openvpn-2.2.0/route.c | 1541 | --- a/route.c |
2171 | +++ openvpn-2.2-ipv6-20110522-1/route.c | 1542 | +++ b/route.c |
2172 | @@ -35,6 +35,7 @@ | 1543 | @@ -35,6 +35,7 @@ |
2173 | #include "socket.h" | 1544 | #include "socket.h" |
2174 | #include "manage.h" | 1545 | #include "manage.h" |
@@ -2835,10 +2206,10 @@ index b5092fe..7c81f75 100644 | |||
2835 | /* | 2206 | /* |
2836 | * The --redirect-gateway option requires OS-specific code below | 2207 | * The --redirect-gateway option requires OS-specific code below |
2837 | * to get the current default gateway. | 2208 | * to get the current default gateway. |
2838 | diff --git openvpn-2.2.0/route.h openvpn-2.2-ipv6-20110522-1/route.h | 2209 | diff --git a/route.h b/route.h |
2839 | index c5cbb7c..6a7704f 100644 | 2210 | index c5cbb7c..6a7704f 100644 |
2840 | --- openvpn-2.2.0/route.h | 2211 | --- a/route.h |
2841 | +++ openvpn-2.2-ipv6-20110522-1/route.h | 2212 | +++ b/route.h |
2842 | @@ -92,6 +92,19 @@ struct route_option_list { | 2213 | @@ -92,6 +92,19 @@ struct route_option_list { |
2843 | struct route_option routes[EMPTY_ARRAY_SIZE]; | 2214 | struct route_option routes[EMPTY_ARRAY_SIZE]; |
2844 | }; | 2215 | }; |
@@ -2960,10 +2331,10 @@ index c5cbb7c..6a7704f 100644 | |||
2960 | 2331 | ||
2961 | bool is_special_addr (const char *addr_str); | 2332 | bool is_special_addr (const char *addr_str); |
2962 | 2333 | ||
2963 | diff --git openvpn-2.2.0/socket.c openvpn-2.2-ipv6-20110522-1/socket.c | 2334 | diff --git a/socket.c b/socket.c |
2964 | index 4720398..c04edc9 100644 | 2335 | index 4720398..c04edc9 100644 |
2965 | --- openvpn-2.2.0/socket.c | 2336 | --- a/socket.c |
2966 | +++ openvpn-2.2-ipv6-20110522-1/socket.c | 2337 | +++ b/socket.c |
2967 | @@ -342,6 +342,24 @@ ip_addr_dotted_quad_safe (const char *dotted_quad) | 2338 | @@ -342,6 +342,24 @@ ip_addr_dotted_quad_safe (const char *dotted_quad) |
2968 | } | 2339 | } |
2969 | } | 2340 | } |
@@ -3104,10 +2475,10 @@ index 4720398..c04edc9 100644 | |||
3104 | int | 2475 | int |
3105 | socket_recv_queue (struct link_socket *sock, int maxsize) | 2476 | socket_recv_queue (struct link_socket *sock, int maxsize) |
3106 | { | 2477 | { |
3107 | diff --git openvpn-2.2.0/socket.h openvpn-2.2-ipv6-20110522-1/socket.h | 2478 | diff --git a/socket.h b/socket.h |
3108 | index eef98d1..17943e7 100644 | 2479 | index eef98d1..17943e7 100644 |
3109 | --- openvpn-2.2.0/socket.h | 2480 | --- a/socket.h |
3110 | +++ openvpn-2.2-ipv6-20110522-1/socket.h | 2481 | +++ b/socket.h |
3111 | @@ -351,6 +351,8 @@ const char *print_link_socket_actual (const struct link_socket_actual *act, | 2482 | @@ -351,6 +351,8 @@ const char *print_link_socket_actual (const struct link_socket_actual *act, |
3112 | #define IA_EMPTY_IF_UNDEF (1<<0) | 2483 | #define IA_EMPTY_IF_UNDEF (1<<0) |
3113 | #define IA_NET_ORDER (1<<1) | 2484 | #define IA_NET_ORDER (1<<1) |
@@ -3125,10 +2496,10 @@ index eef98d1..17943e7 100644 | |||
3125 | 2496 | ||
3126 | socket_descriptor_t create_socket_tcp (void); | 2497 | socket_descriptor_t create_socket_tcp (void); |
3127 | 2498 | ||
3128 | diff --git openvpn-2.2.0/syshead.h openvpn-2.2-ipv6-20110522-1/syshead.h | 2499 | diff --git a/syshead.h b/syshead.h |
3129 | index 63b82ba..a01c2c4 100644 | 2500 | index b81ce59..fe4af3f 100644 |
3130 | --- openvpn-2.2.0/syshead.h | 2501 | --- a/syshead.h |
3131 | +++ openvpn-2.2-ipv6-20110522-1/syshead.h | 2502 | +++ b/syshead.h |
3132 | @@ -28,6 +28,10 @@ | 2503 | @@ -28,6 +28,10 @@ |
3133 | /* | 2504 | /* |
3134 | * Only include if not during configure | 2505 | * Only include if not during configure |
@@ -3150,10 +2521,10 @@ index 63b82ba..a01c2c4 100644 | |||
3150 | #endif | 2521 | #endif |
3151 | 2522 | ||
3152 | #ifdef HAVE_SYS_MMAN_H | 2523 | #ifdef HAVE_SYS_MMAN_H |
3153 | diff --git openvpn-2.2.0/tun.c openvpn-2.2-ipv6-20110522-1/tun.c | 2524 | diff --git a/tun.c b/tun.c |
3154 | index 59e87dc..cea1784 100644 | 2525 | index d03e8c7..4be71de 100644 |
3155 | --- openvpn-2.2.0/tun.c | 2526 | --- a/tun.c |
3156 | +++ openvpn-2.2-ipv6-20110522-1/tun.c | 2527 | +++ b/tun.c |
3157 | @@ -56,13 +56,14 @@ static void netsh_ifconfig (const struct tuntap_options *to, | 2528 | @@ -56,13 +56,14 @@ static void netsh_ifconfig (const struct tuntap_options *to, |
3158 | const in_addr_t ip, | 2529 | const in_addr_t ip, |
3159 | const in_addr_t netmask, | 2530 | const in_addr_t netmask, |
@@ -3618,23 +2989,7 @@ index 59e87dc..cea1784 100644 | |||
3618 | 2989 | ||
3619 | /* | 2990 | /* |
3620 | * We handle --dev null specially, we do not open /dev/null for this. | 2991 | * We handle --dev null specially, we do not open /dev/null for this. |
3621 | @@ -1215,13 +1457,13 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6 | 2992 | @@ -1222,9 +1464,9 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6 |
3622 | close (tt->fd); | ||
3623 | tt->fd = -1; | ||
3624 | } | ||
3625 | - open_tun_generic (dev, dev_type, dev_node, ipv6, false, true, tt); | ||
3626 | + open_tun_generic (dev, dev_type, dev_node, false, true, tt); | ||
3627 | } | ||
3628 | |||
3629 | #else | ||
3630 | |||
3631 | void | ||
3632 | -open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6, struct tuntap *tt) | ||
3633 | +open_tun (const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt) | ||
3634 | { | ||
3635 | ASSERT (0); | ||
3636 | } | ||
3637 | @@ -1231,9 +1473,9 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6 | ||
3638 | #else | 2993 | #else |
3639 | 2994 | ||
3640 | void | 2995 | void |
@@ -3646,7 +3001,7 @@ index 59e87dc..cea1784 100644 | |||
3646 | } | 3001 | } |
3647 | 3002 | ||
3648 | #endif /* HAVE_LINUX_IF_TUN_H */ | 3003 | #endif /* HAVE_LINUX_IF_TUN_H */ |
3649 | @@ -1253,7 +1495,7 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6 | 3004 | @@ -1244,7 +1486,7 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6 |
3650 | #endif | 3005 | #endif |
3651 | 3006 | ||
3652 | void | 3007 | void |
@@ -3655,7 +3010,7 @@ index 59e87dc..cea1784 100644 | |||
3655 | { | 3010 | { |
3656 | struct tuntap *tt; | 3011 | struct tuntap *tt; |
3657 | 3012 | ||
3658 | @@ -1261,7 +1503,7 @@ tuncfg (const char *dev, const char *dev_type, const char *dev_node, bool ipv6, | 3013 | @@ -1252,7 +1494,7 @@ tuncfg (const char *dev, const char *dev_type, const char *dev_node, bool ipv6, |
3659 | clear_tuntap (tt); | 3014 | clear_tuntap (tt); |
3660 | tt->type = dev_type_enum (dev, dev_type); | 3015 | tt->type = dev_type_enum (dev, dev_type); |
3661 | tt->options = *options; | 3016 | tt->options = *options; |
@@ -3664,7 +3019,7 @@ index 59e87dc..cea1784 100644 | |||
3664 | if (ioctl (tt->fd, TUNSETPERSIST, persist_mode) < 0) | 3019 | if (ioctl (tt->fd, TUNSETPERSIST, persist_mode) < 0) |
3665 | msg (M_ERR, "Cannot ioctl TUNSETPERSIST(%d) %s", persist_mode, dev); | 3020 | msg (M_ERR, "Cannot ioctl TUNSETPERSIST(%d) %s", persist_mode, dev); |
3666 | if (username != NULL) | 3021 | if (username != NULL) |
3667 | @@ -1404,7 +1646,7 @@ read_tun (struct tuntap* tt, uint8_t *buf, int len) | 3022 | @@ -1395,7 +1637,7 @@ read_tun (struct tuntap* tt, uint8_t *buf, int len) |
3668 | #endif | 3023 | #endif |
3669 | 3024 | ||
3670 | void | 3025 | void |
@@ -3673,7 +3028,7 @@ index 59e87dc..cea1784 100644 | |||
3673 | { | 3028 | { |
3674 | int if_fd, ip_muxid, arp_muxid, arp_fd, ppa = -1; | 3029 | int if_fd, ip_muxid, arp_muxid, arp_fd, ppa = -1; |
3675 | struct lifreq ifr; | 3030 | struct lifreq ifr; |
3676 | @@ -1415,8 +1657,11 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6 | 3031 | @@ -1406,8 +1648,11 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6 |
3677 | bool is_tun; | 3032 | bool is_tun; |
3678 | struct strioctl strioc_if, strioc_ppa; | 3033 | struct strioctl strioc_if, strioc_ppa; |
3679 | 3034 | ||
@@ -3687,7 +3042,7 @@ index 59e87dc..cea1784 100644 | |||
3687 | 3042 | ||
3688 | if (tt->type == DEV_TYPE_NULL) | 3043 | if (tt->type == DEV_TYPE_NULL) |
3689 | { | 3044 | { |
3690 | @@ -1570,6 +1815,18 @@ solaris_close_tun (struct tuntap *tt) | 3045 | @@ -1561,6 +1806,18 @@ solaris_close_tun (struct tuntap *tt) |
3691 | { | 3046 | { |
3692 | if (tt) | 3047 | if (tt) |
3693 | { | 3048 | { |
@@ -3706,7 +3061,7 @@ index 59e87dc..cea1784 100644 | |||
3706 | if (tt->ip_fd >= 0) | 3061 | if (tt->ip_fd >= 0) |
3707 | { | 3062 | { |
3708 | struct lifreq ifr; | 3063 | struct lifreq ifr; |
3709 | @@ -1622,11 +1879,20 @@ close_tun (struct tuntap *tt) | 3064 | @@ -1613,11 +1870,20 @@ close_tun (struct tuntap *tt) |
3710 | } | 3065 | } |
3711 | 3066 | ||
3712 | static void | 3067 | static void |
@@ -3728,7 +3083,7 @@ index 59e87dc..cea1784 100644 | |||
3728 | argv_printf (&argv, | 3083 | argv_printf (&argv, |
3729 | "%s %s unplumb", | 3084 | "%s %s unplumb", |
3730 | IFCONFIG_PATH, | 3085 | IFCONFIG_PATH, |
3731 | @@ -1683,9 +1949,9 @@ read_tun (struct tuntap* tt, uint8_t *buf, int len) | 3086 | @@ -1674,9 +1940,9 @@ read_tun (struct tuntap* tt, uint8_t *buf, int len) |
3732 | */ | 3087 | */ |
3733 | 3088 | ||
3734 | void | 3089 | void |
@@ -3740,7 +3095,7 @@ index 59e87dc..cea1784 100644 | |||
3740 | 3095 | ||
3741 | /* Enable multicast on the interface */ | 3096 | /* Enable multicast on the interface */ |
3742 | if (tt->fd >= 0) | 3097 | if (tt->fd >= 0) |
3743 | @@ -1706,12 +1972,31 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6 | 3098 | @@ -1697,12 +1963,31 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6 |
3744 | } | 3099 | } |
3745 | } | 3100 | } |
3746 | 3101 | ||
@@ -3772,7 +3127,7 @@ index 59e87dc..cea1784 100644 | |||
3772 | free (tt); | 3127 | free (tt); |
3773 | } | 3128 | } |
3774 | } | 3129 | } |
3775 | @@ -1774,33 +2059,51 @@ read_tun (struct tuntap* tt, uint8_t *buf, int len) | 3130 | @@ -1765,33 +2050,51 @@ read_tun (struct tuntap* tt, uint8_t *buf, int len) |
3776 | #elif defined(TARGET_NETBSD) | 3131 | #elif defined(TARGET_NETBSD) |
3777 | 3132 | ||
3778 | /* | 3133 | /* |
@@ -3835,7 +3190,7 @@ index 59e87dc..cea1784 100644 | |||
3835 | if (tt) | 3190 | if (tt) |
3836 | { | 3191 | { |
3837 | close_tun_generic (tt); | 3192 | close_tun_generic (tt); |
3838 | @@ -1808,6 +2111,65 @@ close_tun (struct tuntap *tt) | 3193 | @@ -1799,6 +2102,65 @@ close_tun (struct tuntap *tt) |
3839 | } | 3194 | } |
3840 | } | 3195 | } |
3841 | 3196 | ||
@@ -3901,7 +3256,7 @@ index 59e87dc..cea1784 100644 | |||
3901 | int | 3256 | int |
3902 | write_tun (struct tuntap* tt, uint8_t *buf, int len) | 3257 | write_tun (struct tuntap* tt, uint8_t *buf, int len) |
3903 | { | 3258 | { |
3904 | @@ -1819,6 +2181,7 @@ read_tun (struct tuntap* tt, uint8_t *buf, int len) | 3259 | @@ -1810,6 +2172,7 @@ read_tun (struct tuntap* tt, uint8_t *buf, int len) |
3905 | { | 3260 | { |
3906 | return read (tt->fd, buf, len); | 3261 | return read (tt->fd, buf, len); |
3907 | } | 3262 | } |
@@ -3909,7 +3264,7 @@ index 59e87dc..cea1784 100644 | |||
3909 | 3264 | ||
3910 | #elif defined(TARGET_FREEBSD) | 3265 | #elif defined(TARGET_FREEBSD) |
3911 | 3266 | ||
3912 | @@ -1832,9 +2195,9 @@ freebsd_modify_read_write_return (int len) | 3267 | @@ -1823,9 +2186,9 @@ freebsd_modify_read_write_return (int len) |
3913 | } | 3268 | } |
3914 | 3269 | ||
3915 | void | 3270 | void |
@@ -3921,7 +3276,7 @@ index 59e87dc..cea1784 100644 | |||
3921 | 3276 | ||
3922 | if (tt->fd >= 0 && tt->type == DEV_TYPE_TUN) | 3277 | if (tt->fd >= 0 && tt->type == DEV_TYPE_TUN) |
3923 | { | 3278 | { |
3924 | @@ -1920,9 +2283,9 @@ dragonfly_modify_read_write_return (int len) | 3279 | @@ -1911,9 +2274,9 @@ dragonfly_modify_read_write_return (int len) |
3925 | } | 3280 | } |
3926 | 3281 | ||
3927 | void | 3282 | void |
@@ -3933,7 +3288,7 @@ index 59e87dc..cea1784 100644 | |||
3933 | 3288 | ||
3934 | if (tt->fd >= 0) | 3289 | if (tt->fd >= 0) |
3935 | { | 3290 | { |
3936 | @@ -1991,6 +2354,61 @@ read_tun (struct tuntap* tt, uint8_t *buf, int len) | 3291 | @@ -1982,6 +2345,61 @@ read_tun (struct tuntap* tt, uint8_t *buf, int len) |
3937 | return read (tt->fd, buf, len); | 3292 | return read (tt->fd, buf, len); |
3938 | } | 3293 | } |
3939 | 3294 | ||
@@ -3995,7 +3350,7 @@ index 59e87dc..cea1784 100644 | |||
3995 | #elif defined(WIN32) | 3350 | #elif defined(WIN32) |
3996 | 3351 | ||
3997 | int | 3352 | int |
3998 | @@ -3976,7 +4394,7 @@ fork_register_dns_action (struct tuntap *tt) | 3353 | @@ -3967,7 +4385,7 @@ fork_register_dns_action (struct tuntap *tt) |
3999 | } | 3354 | } |
4000 | 3355 | ||
4001 | void | 3356 | void |
@@ -4004,7 +3359,7 @@ index 59e87dc..cea1784 100644 | |||
4004 | { | 3359 | { |
4005 | struct gc_arena gc = gc_new (); | 3360 | struct gc_arena gc = gc_new (); |
4006 | char device_path[256]; | 3361 | char device_path[256]; |
4007 | @@ -3987,7 +4405,7 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6 | 3362 | @@ -3978,7 +4396,7 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6 |
4008 | 3363 | ||
4009 | /*netcmd_semaphore_lock ();*/ | 3364 | /*netcmd_semaphore_lock ();*/ |
4010 | 3365 | ||
@@ -4013,24 +3368,7 @@ index 59e87dc..cea1784 100644 | |||
4013 | 3368 | ||
4014 | if (tt->type == DEV_TYPE_NULL) | 3369 | if (tt->type == DEV_TYPE_NULL) |
4015 | { | 3370 | { |
4016 | @@ -4109,6 +4527,16 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6 | 3371 | @@ -4432,6 +4850,26 @@ close_tun (struct tuntap *tt) |
4017 | msg (M_FATAL, "ERROR: This version of " PACKAGE_NAME " requires a TAP-Win32 driver that is at least version %d.%d -- If you recently upgraded your " PACKAGE_NAME " distribution, a reboot is probably required at this point to get Windows to see the new driver.", | ||
4018 | TAP_WIN32_MIN_MAJOR, | ||
4019 | TAP_WIN32_MIN_MINOR); | ||
4020 | + | ||
4021 | + /* usage of numeric constants is ugly, but this is really tied to | ||
4022 | + * *this* version of the driver | ||
4023 | + */ | ||
4024 | + if ( tt->ipv6 && tt->type == DEV_TYPE_TUN && | ||
4025 | + info[0] == 9 && info[1] < 8) | ||
4026 | + { | ||
4027 | + msg( M_INFO, "WARNING: Tap-Win32 driver version %d.%d does not support IPv6 in TUN mode. IPv6 will be disabled. Upgrade to Tap-Win32 9.8 (2.2-beta3 release or later) or use TAP mode to get IPv6", (int) info[0], (int) info[1] ); | ||
4028 | + tt->ipv6 = false; | ||
4029 | + } | ||
4030 | } | ||
4031 | |||
4032 | /* get driver MTU */ | ||
4033 | @@ -4433,6 +4861,26 @@ close_tun (struct tuntap *tt) | ||
4034 | 3372 | ||
4035 | if (tt) | 3373 | if (tt) |
4036 | { | 3374 | { |
@@ -4057,7 +3395,7 @@ index 59e87dc..cea1784 100644 | |||
4057 | #if 1 | 3395 | #if 1 |
4058 | if (tt->ipapi_context_defined) | 3396 | if (tt->ipapi_context_defined) |
4059 | { | 3397 | { |
4060 | @@ -4536,9 +4984,9 @@ ipset2ascii_all (struct gc_arena *gc) | 3398 | @@ -4535,9 +4973,9 @@ ipset2ascii_all (struct gc_arena *gc) |
4061 | #else /* generic */ | 3399 | #else /* generic */ |
4062 | 3400 | ||
4063 | void | 3401 | void |
@@ -4069,10 +3407,10 @@ index 59e87dc..cea1784 100644 | |||
4069 | } | 3407 | } |
4070 | 3408 | ||
4071 | void | 3409 | void |
4072 | diff --git openvpn-2.2.0/tun.h openvpn-2.2-ipv6-20110522-1/tun.h | 3410 | diff --git a/tun.h b/tun.h |
4073 | index 011ab54..f28b8d8 100644 | 3411 | index 011ab54..f28b8d8 100644 |
4074 | --- openvpn-2.2.0/tun.h | 3412 | --- a/tun.h |
4075 | +++ openvpn-2.2-ipv6-20110522-1/tun.h | 3413 | +++ b/tun.h |
4076 | @@ -130,6 +130,7 @@ struct tuntap | 3414 | @@ -130,6 +130,7 @@ struct tuntap |
4077 | int topology; /* one of the TOP_x values */ | 3415 | int topology; /* one of the TOP_x values */ |
4078 | 3416 | ||
@@ -4119,10 +3457,10 @@ index 011ab54..f28b8d8 100644 | |||
4119 | in_addr_t local_public, | 3457 | in_addr_t local_public, |
4120 | in_addr_t remote_public, | 3458 | in_addr_t remote_public, |
4121 | const bool strict_warn, | 3459 | const bool strict_warn, |
4122 | diff --git openvpn-2.2.0/win32.c openvpn-2.2-ipv6-20110522-1/win32.c | 3460 | diff --git a/win32.c b/win32.c |
4123 | index 2b7bf7b..cf6cc2d 100644 | 3461 | index 2b7bf7b..cf6cc2d 100644 |
4124 | --- openvpn-2.2.0/win32.c | 3462 | --- a/win32.c |
4125 | +++ openvpn-2.2-ipv6-20110522-1/win32.c | 3463 | +++ b/win32.c |
4126 | @@ -874,16 +874,21 @@ win_safe_filename (const char *fn) | 3464 | @@ -874,16 +874,21 @@ win_safe_filename (const char *fn) |
4127 | static char * | 3465 | static char * |
4128 | env_block (const struct env_set *es) | 3466 | env_block (const struct env_set *es) |
@@ -4164,10 +3502,10 @@ index 2b7bf7b..cf6cc2d 100644 | |||
4164 | *p = '\0'; | 3502 | *p = '\0'; |
4165 | return ret; | 3503 | return ret; |
4166 | } | 3504 | } |
4167 | diff --git openvpn-2.2.0/win32.h openvpn-2.2-ipv6-20110522-1/win32.h | 3505 | diff --git a/win32.h b/win32.h |
4168 | index b6a162e..829933f 100644 | 3506 | index b6a162e..829933f 100644 |
4169 | --- openvpn-2.2.0/win32.h | 3507 | --- a/win32.h |
4170 | +++ openvpn-2.2-ipv6-20110522-1/win32.h | 3508 | +++ b/win32.h |
4171 | @@ -269,6 +269,8 @@ char *get_win_sys_path (void); | 3509 | @@ -269,6 +269,8 @@ char *get_win_sys_path (void); |
4172 | 3510 | ||
4173 | /* call self in a subprocess */ | 3511 | /* call self in a subprocess */ |