Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Attempt to handle IPv6
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
  • Loading branch information
David Woodhouse authored and David Woodhouse committed Nov 2, 2009
1 parent f37d590 commit 1eb9308
Show file tree
Hide file tree
Showing 4 changed files with 46 additions and 12 deletions.
35 changes: 29 additions & 6 deletions cstp.c
Expand Up @@ -75,10 +75,13 @@ static int start_cstp_connection(struct openconnect_info *vpninfo)
struct vpn_option *old_dtls_opts = vpninfo->dtls_options;
const char *old_addr = vpninfo->vpn_addr;
const char *old_netmask = vpninfo->vpn_netmask;
const char *old_addr6 = vpninfo->vpn_addr6;
const char *old_netmask6 = vpninfo->vpn_netmask6;
struct split_include *inc;

/* Clear old options which will be overwritten */
vpninfo->vpn_addr = vpninfo->vpn_netmask = NULL;
vpninfo->vpn_addr6 = vpninfo->vpn_netmask6 = NULL;
vpninfo->cstp_options = vpninfo->dtls_options = NULL;
vpninfo->vpn_domain = vpninfo->vpn_proxy_pac = NULL;

Expand Down Expand Up @@ -217,9 +220,15 @@ static int start_cstp_connection(struct openconnect_info *vpninfo)
} else if (!strcmp(buf + 7, "MTU")) {
vpninfo->mtu = atol(colon);
} else if (!strcmp(buf + 7, "Address")) {
vpninfo->vpn_addr = new_option->value;
if (strchr(new_option->value, ':'))
vpninfo->vpn_addr6 = new_option->value;
else
vpninfo->vpn_addr = new_option->value;
} else if (!strcmp(buf + 7, "Netmask")) {
vpninfo->vpn_netmask = new_option->value;
if (strchr(new_option->value, ':'))
vpninfo->vpn_netmask6 = new_option->value;
else
vpninfo->vpn_netmask = new_option->value;
} else if (!strcmp(buf + 7, "DNS")) {
int j;
for (j = 0; j < 3; j++) {
Expand Down Expand Up @@ -257,26 +266,40 @@ static int start_cstp_connection(struct openconnect_info *vpninfo)
}
}

if (!vpninfo->vpn_addr) {
if (!vpninfo->vpn_addr && !vpninfo->vpn_addr6) {
vpninfo->progress(vpninfo, PRG_ERR, "No IP address received. Aborting\n");
return -EINVAL;
}
if (!vpninfo->vpn_netmask)
if (vpninfo->vpn_addr && !vpninfo->vpn_netmask)
vpninfo->vpn_netmask = "255.255.255.255";
if (old_addr) {
if (strcmp(old_addr, vpninfo->vpn_addr)) {
vpninfo->progress(vpninfo, PRG_ERR, "Reconnect gave different IP address (%s != %s)\n",
vpninfo->progress(vpninfo, PRG_ERR, "Reconnect gave different Legacy IP address (%s != %s)\n",
vpninfo->vpn_addr, old_addr);
return -EINVAL;
}
}
if (old_netmask) {
if (strcmp(old_netmask, vpninfo->vpn_netmask)) {
vpninfo->progress(vpninfo, PRG_ERR, "Reconnect gave different netmask (%s != %s)\n",
vpninfo->progress(vpninfo, PRG_ERR, "Reconnect gave different Legacy IP netmask (%s != %s)\n",
vpninfo->vpn_netmask, old_netmask);
return -EINVAL;
}
}
if (old_addr6) {
if (strcmp(old_addr6, vpninfo->vpn_addr6)) {
vpninfo->progress(vpninfo, PRG_ERR, "Reconnect gave different IPv6 address (%s != %s)\n",
vpninfo->vpn_addr6, old_addr6);
return -EINVAL;
}
}
if (old_netmask6) {
if (strcmp(old_netmask6, vpninfo->vpn_netmask6)) {
vpninfo->progress(vpninfo, PRG_ERR, "Reconnect gave different IPv6 netmask (%s != %s)\n",
vpninfo->vpn_netmask6, old_netmask6);
return -EINVAL;
}
}

while (old_dtls_opts) {
struct vpn_option *tmp = old_dtls_opts;
Expand Down
6 changes: 4 additions & 2 deletions main.c
Expand Up @@ -429,8 +429,10 @@ int main(int argc, char **argv)
fprintf(stderr, "Set up DTLS failed; using SSL instead\n");

vpninfo->progress(vpninfo, PRG_INFO,
"Connected %s as %s, using %s\n", vpninfo->ifname,
vpninfo->vpn_addr,
"Connected %s as %s%s%s, using %s\n", vpninfo->ifname,
vpninfo->vpn_addr?:"",
(vpninfo->vpn_addr6 && vpninfo->vpn_addr)?" + ":"",
vpninfo->vpn_addr6?:"",
(vpninfo->dtls_fd == -1) ?
(vpninfo->deflate ? "SSL + deflate" : "SSL")
: "DTLS");
Expand Down
2 changes: 2 additions & 0 deletions openconnect.h
Expand Up @@ -200,6 +200,8 @@ struct openconnect_info {
int mtu;
const char *vpn_addr;
const char *vpn_netmask;
const char *vpn_addr6;
const char *vpn_netmask6;
const char *vpn_dns[3];
const char *vpn_nbns[3];
const char *vpn_domain;
Expand Down
15 changes: 11 additions & 4 deletions tun.c
Expand Up @@ -191,8 +191,14 @@ static void set_script_env(struct openconnect_info *vpninfo)

setenv_int("INTERNAL_IP4_MTU", vpninfo->mtu);

setenv("INTERNAL_IP4_ADDRESS", vpninfo->vpn_addr, 1);
setenv("INTERNAL_IP4_NETMASK", vpninfo->vpn_netmask, 1);
if (vpninfo->vpn_addr) {
setenv("INTERNAL_IP4_ADDRESS", vpninfo->vpn_addr, 1);
setenv("INTERNAL_IP4_NETMASK", vpninfo->vpn_netmask, 1);
}
if (vpninfo->vpn_addr6) {
setenv("INTERNAL_IP6_ADDRESS", vpninfo->vpn_addr6, 1);
setenv("INTERNAL_IP6_NETMASK", vpninfo->vpn_netmask6, 1);
}

if (vpninfo->vpn_dns[0])
setenv("INTERNAL_IP4_DNS", vpninfo->vpn_dns[0], 1);
Expand Down Expand Up @@ -246,8 +252,9 @@ static void set_script_env(struct openconnect_info *vpninfo)

static int script_config_tun(struct openconnect_info *vpninfo)
{
if (vpninfo->peer_addr->sa_family != AF_INET) {
vpninfo->progress(vpninfo, PRG_ERR, "Script cannot handle anything but Legacy IP\n");
if (vpninfo->peer_addr->sa_family != AF_INET || !vpninfo->vpn_addr) {
vpninfo->progress(vpninfo, PRG_ERR,
"Script can only handle Legacy IP\n");
return -EINVAL;
}

Expand Down

0 comments on commit 1eb9308

Please sign in to comment.