search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
svn cleanup
[anytun.git] / openvpn / socket.h
blobb1510c3baca37727dfb13a53a2a23013c4f4a71f
1 /*
2 * OpenVPN -- An application to securely tunnel IP networks
3 * over a single TCP/UDP port, with support for SSL/TLS-based
4 * session authentication and key exchange,
5 * packet encryption, packet authentication, and
6 * packet compression.
7 *
8 * Copyright (C) 2002-2005 OpenVPN Solutions LLC <info@openvpn.net>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License version 2
12 * as published by the Free Software Foundation.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program (see the file COPYING included with this
21 * distribution); if not, write to the Free Software Foundation, Inc.,
22 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 */
24
25 #ifndef SOCKET_H
26 #define SOCKET_H
27
28 #include "buffer.h"
29 #include "common.h"
30 #include "error.h"
31 #include "proto.h"
32 #include "mtu.h"
33 #include "win32.h"
34 #include "event.h"
35 #include "proxy.h"
36 #include "socks.h"
37 #include "misc.h"
38
39 /*
40 * OpenVPN's default port number as assigned by IANA.
41 */
42 #define OPENVPN_PORT 1194
43
44 /*
45 * Number of seconds that "resolv-retry infinite"
46 * represents.
47 */
48 #define RESOLV_RETRY_INFINITE 1000000000
49
50 #define REMOTE_LIST_SIZE 64
51
52 struct remote_entry
53 {
54 const char *hostname;
55 int port;
56 };
57
58 struct remote_list
59 {
60 int len;
61 int current;
62 bool no_advance;
63 struct remote_entry array[REMOTE_LIST_SIZE];
64 };
65
66 /*
67 * packet_size_type is used to communicate packet size
68 * over the wire when stream oriented protocols are
69 * being used
70 */
71
72 typedef uint16_t packet_size_type;
73
74 /* convert a packet_size_type from host to network order */
75 #define htonps(x) htons(x)
76
77 /* convert a packet_size_type from network to host order */
78 #define ntohps(x) ntohs(x)
79
80 /* IP addresses which are persistant across SIGUSR1s */
81 struct link_socket_addr
82 {
83 struct sockaddr_in local;
84 struct sockaddr_in remote; /* initial remote */
85 struct sockaddr_in actual; /* remote may change due to --float */
86 };
87
88 struct link_socket_info
89 {
90 struct link_socket_addr *lsa;
91 bool connection_established;
92 const char *ipchange_command;
93 const struct plugin_list *plugins;
94 bool remote_float;
95 int proto; /* Protocol (PROTO_x defined below) */
96 int mtu_changed; /* Set to true when mtu value is changed */
97 };
98
99 /*
100 * Used to extract packets encapsulated in streams into a buffer,
101 * in this case IP packets embedded in a TCP stream.
102 */
103 struct stream_buf
104 {
105 struct buffer buf_init;
106 struct buffer residual;
107 int maxlen;
108 bool residual_fully_formed;
109
110 struct buffer buf;
111 struct buffer next;
112 int len; /* -1 if not yet known */
113
114 bool error; /* if true, fatal TCP error has occurred,
115 requiring that connection be restarted */
116 };
117
118 /*
119 * Used to set socket buffer sizes
120 */
121 struct socket_buffer_size
122 {
123 int rcvbuf;
124 int sndbuf;
125 };
126
127 /*
128 * This is the main socket structure used by OpenVPN. The SOCKET_
129 * defines try to abstract away our implementation differences between
130 * using sockets on Posix vs. Win32.
131 */
132 struct link_socket
133 {
134 struct link_socket_info info;
135
136 socket_descriptor_t sd;
137
138 #ifdef ENABLE_SOCKS
139 socket_descriptor_t ctrl_sd; /* only used for UDP over Socks */
140 #endif
141
142 #ifdef WIN32
143 struct overlapped_io reads;
144 struct overlapped_io writes;
145 struct rw_handle rw_handle;
146 struct rw_handle listen_handle; /* For listening on TCP socket in server mode */
147 #endif
148
149 /* used for printing status info only */
150 unsigned int rwflags_debug;
151
152 /* used for long-term queueing of pre-accepted socket listen */
153 bool listen_persistent_queued;
154
155 /* set on initial call to init phase 1 */
156 struct remote_list *remote_list;
157 const char *remote_host;
158 int remote_port;
159 const char *local_host;
160 int local_port;
161 bool bind_local;
162
163 # define INETD_NONE 0
164 # define INETD_WAIT 1
165 # define INETD_NOWAIT 2
166 int inetd;
167
168 # define LS_MODE_DEFAULT 0
169 # define LS_MODE_TCP_LISTEN 1
170 # define LS_MODE_TCP_ACCEPT_FROM 2
171 int mode;
172
173 int resolve_retry_seconds;
174 int connect_retry_seconds;
175 int mtu_discover_type;
176
177 struct socket_buffer_size socket_buffer_sizes;
178
179 int mtu; /* OS discovered MTU, or 0 if unknown */
180
181 bool did_resolve_remote;
182
183 /* for stream sockets */
184 struct stream_buf stream_buf;
185 struct buffer stream_buf_data;
186 bool stream_reset;
187
188 #ifdef ENABLE_HTTP_PROXY
189 /* HTTP proxy */
190 struct http_proxy_info *http_proxy;
191 #endif
192
193 #ifdef ENABLE_SOCKS
194 /* Socks proxy */
195 struct socks_proxy_info *socks_proxy;
196 struct sockaddr_in socks_relay; /* Socks UDP relay address */
197 #endif
198
199 #if defined(ENABLE_HTTP_PROXY) || defined(ENABLE_SOCKS)
200 /* The OpenVPN server we will use the proxy to connect to */
201 const char *proxy_dest_host;
202 int proxy_dest_port;
203 #endif
204
205 #if PASSTOS_CAPABILITY
206 /* used to get/set TOS. */
207 uint8_t ptos;
208 bool ptos_defined;
209 #endif
210
211 #ifdef ENABLE_DEBUG
212 int gremlin; /* --gremlin bits */
213 #endif
214 };
215
216 /*
217 * Some Posix/Win32 differences.
218 */
219
220 #ifndef MSG_NOSIGNAL
221 #define MSG_NOSIGNAL 0
222 #endif
223
224 #ifdef WIN32
225
226 #define openvpn_close_socket(s) closesocket(s)
227
228 int socket_recv_queue (struct link_socket *sock, int maxsize);
229
230 int socket_send_queue (struct link_socket *sock,
231 struct buffer *buf,
232 const struct sockaddr_in *to);
233
234 int socket_finalize (
235 SOCKET s,
236 struct overlapped_io *io,
237 struct buffer *buf,
238 struct sockaddr_in *from);
239
240 #else
241
242 #define openvpn_close_socket(s) close(s)
243
244 #endif
245
246 struct link_socket *link_socket_new (void);
247
248 /*
249 * Initialize link_socket object.
250 */
251
252 void
253 link_socket_init_phase1 (struct link_socket *sock,
254 const char *local_host,
255 struct remote_list *remote_list,
256 int local_port,
257 int proto,
258 int mode,
259 const struct link_socket *accept_from,
260 #ifdef ENABLE_HTTP_PROXY
261 struct http_proxy_info *http_proxy,
262 #endif
263 #ifdef ENABLE_SOCKS
264 struct socks_proxy_info *socks_proxy,
265 #endif
266 #ifdef ENABLE_DEBUG
267 int gremlin,
268 #endif
269 bool bind_local,
270 bool remote_float,
271 int inetd,
272 struct link_socket_addr *lsa,
273 const char *ipchange_command,
274 const struct plugin_list *plugins,
275 int resolve_retry_seconds,
276 int connect_retry_seconds,
277 int mtu_discover_type,
278 int rcvbuf,
279 int sndbuf);
280
281 void link_socket_init_phase2 (struct link_socket *sock,
282 const struct frame *frame,
283 volatile int *signal_received);
284
285 void link_socket_post_fork (const struct link_socket *sock,
286 const struct sockaddr_in *remote);
287
288 void socket_adjust_frame_parameters (struct frame *frame, int proto);
289
290 void frame_adjust_path_mtu (struct frame *frame, int pmtu, int proto);
291
292 void link_socket_close (struct link_socket *sock);
293
294 const char *print_sockaddr_ex (const struct sockaddr_in *addr,
295 bool do_port,
296 const char* separator,
297 struct gc_arena *gc);
298
299 const char *print_sockaddr (const struct sockaddr_in *addr,
300 struct gc_arena *gc);
301
302 #define IA_EMPTY_IF_UNDEF (1<<0)
303 #define IA_NET_ORDER (1<<1)
304 const char *print_in_addr_t (in_addr_t addr, unsigned int flags, struct gc_arena *gc);
305
306 #define SA_IP_PORT (1<<0)
307 #define SA_SET_IF_NONZERO (1<<1)
308 void setenv_sockaddr (struct env_set *es,
309 const char *name_prefix,
310 const struct sockaddr_in *addr,
311 const bool flags);
312
313 void setenv_in_addr_t (struct env_set *es,
314 const char *name_prefix,
315 in_addr_t addr,
316 const bool flags);
317
318 void bad_address_length (int actual, int expected);
319
320 in_addr_t link_socket_current_remote (const struct link_socket_info *info);
321
322 void link_socket_connection_initiated (const struct buffer *buf,
323 struct link_socket_info *info,
324 const struct sockaddr_in *addr,
325 const char *common_name,
326 struct env_set *es);
327
328 void link_socket_bad_incoming_addr (struct buffer *buf,
329 const struct link_socket_info *info,
330 const struct sockaddr_in *from_addr);
331
332 void link_socket_bad_outgoing_addr (void);
333
334 void setenv_trusted (struct env_set *es, const struct link_socket_info *info);
335
336 void remote_list_randomize (struct remote_list *l);
337
338 /*
339 * Low-level functions
340 */
341
342 /* return values of openvpn_inet_aton */
343 #define OIA_HOSTNAME 0
344 #define OIA_IP 1
345 #define OIA_ERROR -1
346 int openvpn_inet_aton (const char *dotted_quad, struct in_addr *addr);
347
348 socket_descriptor_t create_socket_tcp (void);
349
350 socket_descriptor_t socket_do_accept (socket_descriptor_t sd,
351 struct sockaddr_in *remote,
352 const bool nowait);
353
354 /*
355 * DNS resolution
356 */
357
358 #define GETADDR_RESOLVE (1<<0)
359 #define GETADDR_FATAL (1<<1)
360 #define GETADDR_HOST_ORDER (1<<2)
361 #define GETADDR_MENTION_RESOLVE_RETRY (1<<3)
362 #define GETADDR_FATAL_ON_SIGNAL (1<<4)
363 #define GETADDR_WARN_ON_SIGNAL (1<<5)
364 #define GETADDR_MSG_VIRT_OUT (1<<6)
365 #define GETADDR_TRY_ONCE (1<<7)
366
367 in_addr_t getaddr (unsigned int flags,
368 const char *hostname,
369 int resolve_retry_seconds,
370 bool *succeeded,
371 volatile int *signal_received);
372
373 /*
374 * Transport protocol naming and other details.
375 */
376
377 #define PROTO_UDPv4 0
378 #define PROTO_TCPv4_SERVER 1
379 #define PROTO_TCPv4_CLIENT 2
380 #define PROTO_TCPv4 3
381 #define PROTO_N 4
382
383 int ascii2proto (const char* proto_name);
384 const char *proto2ascii (int proto, bool display_form);
385 const char *proto2ascii_all (struct gc_arena *gc);
386 int proto_remote (int proto, bool remote);
387
388 /*
389 * Overhead added to packets by various protocols.
390 */
391 #define IPv4_UDP_HEADER_SIZE 28
392 #define IPv4_TCP_HEADER_SIZE 40
393 #define IPv6_UDP_HEADER_SIZE 40
394
395 static const int proto_overhead[] = { /* indexed by PROTO_x */
396 IPv4_UDP_HEADER_SIZE,
397 IPv4_TCP_HEADER_SIZE,
398 IPv4_TCP_HEADER_SIZE
399 };
400
401 static inline int
402 datagram_overhead (int proto)
403 {
404 ASSERT (proto >= 0 && proto < PROTO_N);
405 return proto_overhead [proto];
406 }
407
408 /*
409 * Misc inline functions
410 */
411
412 static inline int
413 remote_list_len (const struct remote_list *rl)
414 {
415 if (rl)
416 return rl->len;
417 else
418 return 0;
419 }
420
421 static inline bool
422 legal_ipv4_port (int port)
423 {
424 return port > 0 && port < 65536;
425 }
426
427 static inline bool
428 link_socket_proto_connection_oriented (int proto)
429 {
430 return proto == PROTO_TCPv4_SERVER || proto == PROTO_TCPv4_CLIENT;
431 }
432
433 static inline bool
434 link_socket_connection_oriented (const struct link_socket *sock)
435 {
436 if (sock)
437 return link_socket_proto_connection_oriented (sock->info.proto);
438 else
439 return false;
440 }
441
442 static inline bool
443 addr_defined (const struct sockaddr_in *addr)
444 {
445 return addr->sin_addr.s_addr != 0;
446 }
447
448 static inline bool
449 addr_match (const struct sockaddr_in *a1, const struct sockaddr_in *a2)
450 {
451 return a1->sin_addr.s_addr == a2->sin_addr.s_addr;
452 }
453
454 static inline in_addr_t
455 addr_host (const struct sockaddr_in *s)
456 {
457 return ntohl (s->sin_addr.s_addr);
458 }
459
460 static inline bool
461 addr_port_match (const struct sockaddr_in *a1, const struct sockaddr_in *a2)
462 {
463 return a1->sin_addr.s_addr == a2->sin_addr.s_addr
464 && a1->sin_port == a2->sin_port;
465 }
466
467 static inline bool
468 addr_match_proto (const struct sockaddr_in *a1,
469 const struct sockaddr_in *a2,
470 const int proto)
471 {
472 return link_socket_proto_connection_oriented (proto)
473 ? addr_match (a1, a2)
474 : addr_port_match (a1, a2);
475 }
476
477 static inline bool
478 socket_connection_reset (const struct link_socket *sock, int status)
479 {
480 if (link_socket_connection_oriented (sock))
481 {
482 if (sock->stream_reset || sock->stream_buf.error)
483 return true;
484 else if (status < 0)
485 {
486 const int err = openvpn_errno_socket ();
487 #ifdef WIN32
488 return err == WSAECONNRESET || err == WSAECONNABORTED;
489 #else
490 return err == ECONNRESET;
491 #endif
492 }
493 }
494 return false;
495 }
496
497 static inline bool
498 link_socket_verify_incoming_addr (struct buffer *buf,
499 const struct link_socket_info *info,
500 const struct sockaddr_in *from_addr)
501 {
502 if (buf->len > 0)
503 {
504 if (from_addr->sin_family != AF_INET)
505 return false;
506 if (!addr_defined (from_addr))
507 return false;
508 if (info->remote_float || !addr_defined (&info->lsa->remote))
509 return true;
510 if (addr_match_proto (from_addr, &info->lsa->remote, info->proto))
511 return true;
512 }
513 return false;
514 }
515
516 static inline void
517 link_socket_get_outgoing_addr (struct buffer *buf,
518 const struct link_socket_info *info,
519 struct sockaddr_in *addr)
520 {
521 if (buf->len > 0)
522 {
523 struct link_socket_addr *lsa = info->lsa;
524 if (addr_defined (&lsa->actual))
525 {
526 addr->sin_family = lsa->actual.sin_family;
527 addr->sin_addr.s_addr = lsa->actual.sin_addr.s_addr;
528 addr->sin_port = lsa->actual.sin_port;
529 }
530 else
531 {
532 link_socket_bad_outgoing_addr ();
533 buf->len = 0;
534 }
535 }
536 }
537
538 static inline void
539 link_socket_set_outgoing_addr (const struct buffer *buf,
540 struct link_socket_info *info,
541 const struct sockaddr_in *addr,
542 const char *common_name,
543 struct env_set *es)
544 {
545 if (!buf || buf->len > 0)
546 {
547 struct link_socket_addr *lsa = info->lsa;
548 if (
549 /* new or changed address? */
550 (!info->connection_established
551 || !addr_match_proto (addr, &lsa->actual, info->proto))
552 /* address undef or address == remote or --float */
553 && (info->remote_float
554 || !addr_defined (&lsa->remote)
555 || addr_match_proto (addr, &lsa->remote, info->proto))
556 )
557 {
558 link_socket_connection_initiated (buf, info, addr, common_name, es);
559 }
560 }
561 }
562
563 /*
564 * Stream buffer handling -- stream_buf is a helper class
565 * to assist in the packetization of stream transport protocols
566 * such as TCP.
567 */
568
569 void stream_buf_init (struct stream_buf *sb, struct buffer *buf);
570 void stream_buf_close (struct stream_buf* sb);
571 bool stream_buf_added (struct stream_buf *sb, int length_added);
572
573 static inline bool
574 stream_buf_read_setup (struct link_socket* sock)
575 {
576 bool stream_buf_read_setup_dowork (struct link_socket* sock);
577 if (link_socket_connection_oriented (sock))
578 return stream_buf_read_setup_dowork (sock);
579 else
580 return true;
581 }
582
583 /*
584 * Socket Read Routines
585 */
586
587 int link_socket_read_tcp (struct link_socket *sock,
588 struct buffer *buf);
589
590 #ifdef WIN32
591
592 static inline int
593 link_socket_read_udp_win32 (struct link_socket *sock,
594 struct buffer *buf,
595 struct sockaddr_in *from)
596 {
597 return socket_finalize (sock->sd, &sock->reads, buf, from);
598 }
599
600 #else
601
602 int link_socket_read_udp_posix (struct link_socket *sock,
603 struct buffer *buf,
604 int maxsize,
605 struct sockaddr_in *from);
606
607 #endif
608
609 /* read a TCP or UDP packet from link */
610 static inline int
611 link_socket_read (struct link_socket *sock,
612 struct buffer *buf,
613 int maxsize,
614 struct sockaddr_in *from)
615 {
616 if (sock->info.proto == PROTO_UDPv4)
617 {
618 int res;
619
620 #ifdef WIN32
621 res = link_socket_read_udp_win32 (sock, buf, from);
622 #else
623 res = link_socket_read_udp_posix (sock, buf, maxsize, from);
624 #endif
625 return res;
626 }
627 else if (sock->info.proto == PROTO_TCPv4_SERVER || sock->info.proto == PROTO_TCPv4_CLIENT)
628 {
629 /* from address was returned by accept */
630 *from = sock->info.lsa->actual;
631 return link_socket_read_tcp (sock, buf);
632 }
633 else
634 {
635 ASSERT (0);
636 return -1; /* NOTREACHED */
637 }
638 }
639
640 /*
641 * Socket Write routines
642 */
643
644 int link_socket_write_tcp (struct link_socket *sock,
645 struct buffer *buf,
646 struct sockaddr_in *to);
647
648 #ifdef WIN32
649
650 static inline int
651 link_socket_write_win32 (struct link_socket *sock,
652 struct buffer *buf,
653 struct sockaddr_in *to)
654 {
655 int err = 0;
656 int status = 0;
657 if (overlapped_io_active (&sock->writes))
658 {
659 status = socket_finalize (sock->sd, &sock->writes, NULL, NULL);
660 if (status < 0)
661 err = WSAGetLastError ();
662 }
663 socket_send_queue (sock, buf, to);
664 if (status < 0)
665 {
666 WSASetLastError (err);
667 return status;
668 }
669 else
670 return BLEN (buf);
671 }
672
673 #else
674
675 static inline int
676 link_socket_write_udp_posix (struct link_socket *sock,
677 struct buffer *buf,
678 struct sockaddr_in *to)
679 {
680 return sendto (sock->sd, BPTR (buf), BLEN (buf), 0,
681 (struct sockaddr *) to,
682 (socklen_t) sizeof (*to));
683 }
684
685 static inline int
686 link_socket_write_tcp_posix (struct link_socket *sock,
687 struct buffer *buf,
688 struct sockaddr_in *to)
689 {
690 return send (sock->sd, BPTR (buf), BLEN (buf), MSG_NOSIGNAL);
691 }
692
693 #endif
694
695 static inline int
696 link_socket_write_udp (struct link_socket *sock,
697 struct buffer *buf,
698 struct sockaddr_in *to)
699 {
700 #ifdef WIN32
701 return link_socket_write_win32 (sock, buf, to);
702 #else
703 return link_socket_write_udp_posix (sock, buf, to);
704 #endif
705 }
706
707 /* write a TCP or UDP packet to link */
708 static inline int
709 link_socket_write (struct link_socket *sock,
710 struct buffer *buf,
711 struct sockaddr_in *to)
712 {
713 if (sock->info.proto == PROTO_UDPv4)
714 {
715 return link_socket_write_udp (sock, buf, to);
716 }
717 else if (sock->info.proto == PROTO_TCPv4_SERVER || sock->info.proto == PROTO_TCPv4_CLIENT)
718 {
719 return link_socket_write_tcp (sock, buf, to);
720 }
721 else
722 {
723 ASSERT (0);
724 return -1; /* NOTREACHED */
725 }
726 }
727
728 #if PASSTOS_CAPABILITY
729
730 /*
731 * Extract TOS bits. Assumes that ipbuf is a valid IPv4 packet.
732 */
733 static inline void
734 link_socket_extract_tos (struct link_socket *ls, const struct buffer *ipbuf)
735 {
736 if (ls && ipbuf)
737 {
738 struct openvpn_iphdr *iph = (struct openvpn_iphdr *) BPTR (ipbuf);
739 ls->ptos = iph->tos;
740 ls->ptos_defined = true;
741 }
742 }
743
744 /*
745 * Set socket properties to reflect TOS bits which were extracted
746 * from tunnel packet.
747 */
748 static inline void
749 link_socket_set_tos (struct link_socket *ls)
750 {
751 if (ls && ls->ptos_defined)
752 setsockopt (ls->sd, IPPROTO_IP, IP_TOS, &ls->ptos, sizeof (ls->ptos));
753 }
754
755 #endif
756
757 /*
758 * Socket I/O wait functions
759 */
760
761 static inline bool
762 socket_read_residual (const struct link_socket *s)
763 {
764 return s && s->stream_buf.residual_fully_formed;
765 }
766
767 static inline event_t
768 socket_event_handle (const struct link_socket *s)
769 {
770 #ifdef WIN32
771 return &s->rw_handle;
772 #else
773 return s->sd;
774 #endif
775 }
776
777 event_t socket_listen_event_handle (struct link_socket *s);
778
779 unsigned int
780 socket_set (struct link_socket *s,
781 struct event_set *es,
782 unsigned int rwflags,
783 void *arg,
784 unsigned int *persistent);
785
786 static inline void
787 socket_set_listen_persistent (struct link_socket *s,
788 struct event_set *es,
789 void *arg)
790 {
791 if (s && !s->listen_persistent_queued)
792 {
793 event_ctl (es, socket_listen_event_handle (s), EVENT_READ, arg);
794 s->listen_persistent_queued = true;
795 }
796 }
797
798 static inline void
799 socket_reset_listen_persistent (struct link_socket *s)
800 {
801 #ifdef WIN32
802 reset_net_event_win32 (&s->listen_handle, s->sd);
803 #endif
804 }
805
806 const char *socket_stat (const struct link_socket *s, unsigned int rwflags, struct gc_arena *gc);
807
808 #endif /* SOCKET_H */
Implementation of SATP