2 * OpenVPN -- An application to securely tunnel IP networks
3 * over a single TCP/UDP port, with support for SSL/TLS-based
4 * session authentication and key exchange,
5 * packet encryption, packet authentication, and
8 * Copyright (C) 2002-2009 OpenVPN Technologies, Inc. <sales@openvpn.net>
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License version 2
12 * as published by the Free Software Foundation.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with this program (see the file COPYING included with this
21 * distribution); if not, write to the Free Software Foundation, Inc.,
22 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
34 #define IP_MCAST_SUBNET_MASK ((in_addr_t)240<<24)
35 #define IP_MCAST_NETWORK ((in_addr_t)224<<24)
37 /* Return status values for mroute_extract_addr_from_packet */
39 #define MROUTE_EXTRACT_SUCCEEDED (1<<0)
40 #define MROUTE_EXTRACT_BCAST (1<<1)
41 #define MROUTE_EXTRACT_MCAST (1<<2)
42 #define MROUTE_EXTRACT_IGMP (1<<3)
44 #define MROUTE_SEC_EXTRACT_SUCCEEDED (1<<(0+MROUTE_SEC_SHIFT))
45 #define MROUTE_SEC_EXTRACT_BCAST (1<<(1+MROUTE_SEC_SHIFT))
46 #define MROUTE_SEC_EXTRACT_MCAST (1<<(2+MROUTE_SEC_SHIFT))
47 #define MROUTE_SEC_EXTRACT_IGMP (1<<(3+MROUTE_SEC_SHIFT))
49 #define MROUTE_SEC_SHIFT 4
52 * Choose the largest address possible with
53 * any of our supported types, which is IPv6
56 #define MR_MAX_ADDR_LEN 20
61 #define MR_ADDR_NONE 0
62 #define MR_ADDR_ETHER 1
63 #define MR_ADDR_IPV4 2
64 #define MR_ADDR_IPV6 3
65 #define MR_ADDR_MASK 3
67 /* Address type mask indicating that port # is part of address */
68 #define MR_WITH_PORT 4
70 /* Address type mask indicating that netbits is part of address */
71 #define MR_WITH_NETBITS 8
73 /* Indicates than IPv4 addr was extracted from ARP packet */
77 uint8_t len
; /* length of address */
79 uint8_t type
; /* MR_ADDR/MR_WITH flags */
80 uint8_t netbits
; /* number of bits in network part of address,
81 valid if MR_WITH_NETBITS is set */
82 uint8_t addr
[MR_MAX_ADDR_LEN
]; /* actual address */
86 * Number of bits in an address. Should be raised for IPv6.
88 #define MR_HELPER_NET_LEN 32
91 * Used to help maintain CIDR routing table.
93 struct mroute_helper
{
94 /*MUTEX_DEFINE (mutex);*/
95 unsigned int cache_generation
; /* incremented when route added */
96 int ageable_ttl_secs
; /* host route cache entry time-to-live*/
97 int n_net_len
; /* length of net_len array */
98 uint8_t net_len
[MR_HELPER_NET_LEN
]; /* CIDR netlengths in descending order */
99 int net_len_refcount
[MR_HELPER_NET_LEN
]; /* refcount of each netlength */
102 struct openvpn_sockaddr
;
104 bool mroute_extract_openvpn_sockaddr (struct mroute_addr
*addr
,
105 const struct openvpn_sockaddr
*osaddr
,
108 bool mroute_learnable_address (const struct mroute_addr
*addr
);
110 uint32_t mroute_addr_hash_function (const void *key
, uint32_t iv
);
111 bool mroute_addr_compare_function (const void *key1
, const void *key2
);
113 void mroute_addr_init (struct mroute_addr
*addr
);
115 const char *mroute_addr_print (const struct mroute_addr
*ma
,
116 struct gc_arena
*gc
);
118 #define MAPF_SUBNET (1<<0)
119 #define MAPF_IA_EMPTY_IF_UNDEF (1<<1)
120 #define MAPF_SHOW_ARP (1<<2)
121 const char *mroute_addr_print_ex (const struct mroute_addr
*ma
,
122 const unsigned int flags
,
123 struct gc_arena
*gc
);
125 void mroute_addr_mask_host_bits (struct mroute_addr
*ma
);
127 struct mroute_helper
*mroute_helper_init (int ageable_ttl_secs
);
128 void mroute_helper_free (struct mroute_helper
*mh
);
129 void mroute_helper_add_iroute (struct mroute_helper
*mh
, const struct iroute
*ir
);
130 void mroute_helper_del_iroute (struct mroute_helper
*mh
, const struct iroute
*ir
);
133 * Given a raw packet in buf, return the src and dest
134 * addresses of the packet.
136 static inline unsigned int
137 mroute_extract_addr_from_packet (struct mroute_addr
*src
,
138 struct mroute_addr
*dest
,
139 struct mroute_addr
*esrc
,
140 struct mroute_addr
*edest
,
141 const struct buffer
*buf
,
144 unsigned int mroute_extract_addr_ipv4 (struct mroute_addr
*src
,
145 struct mroute_addr
*dest
,
146 const struct buffer
*buf
);
148 unsigned int mroute_extract_addr_ether (struct mroute_addr
*src
,
149 struct mroute_addr
*dest
,
150 struct mroute_addr
*esrc
,
151 struct mroute_addr
*edest
,
152 const struct buffer
*buf
);
153 unsigned int ret
= 0;
154 verify_align_4 (buf
);
155 if (tunnel_type
== DEV_TYPE_TUN
)
156 ret
= mroute_extract_addr_ipv4 (src
, dest
, buf
);
157 else if (tunnel_type
== DEV_TYPE_TAP
)
158 ret
= mroute_extract_addr_ether (src
, dest
, esrc
, edest
, buf
);
163 mroute_helper_lock (struct mroute_helper
*mh
)
165 /*mutex_lock (&mh->mutex);*/
169 mroute_helper_unlock (struct mroute_helper
*mh
)
171 /*mutex_unlock (&mh->mutex);*/
175 mroute_addr_equal (const struct mroute_addr
*a1
, const struct mroute_addr
*a2
)
177 if (a1
->type
!= a2
->type
)
179 if (a1
->netbits
!= a2
->netbits
)
181 if (a1
->len
!= a2
->len
)
183 return memcmp (a1
->addr
, a2
->addr
, a1
->len
) == 0;
186 static inline const uint8_t *
187 mroute_addr_hash_ptr (const struct mroute_addr
*a
)
189 /* NOTE: depends on ordering of struct mroute_addr */
190 return (uint8_t *) &a
->type
;
193 static inline uint32_t
194 mroute_addr_hash_len (const struct mroute_addr
*a
)
196 return (uint32_t) a
->len
+ 2;
200 mroute_extract_in_addr_t (struct mroute_addr
*dest
, const in_addr_t src
)
202 dest
->type
= MR_ADDR_IPV4
;
205 *(in_addr_t
*)dest
->addr
= htonl (src
);
208 static inline in_addr_t
209 in_addr_t_from_mroute_addr (const struct mroute_addr
*addr
)
211 if ((addr
->type
& MR_ADDR_MASK
) == MR_ADDR_IPV4
&& addr
->netbits
== 0 && addr
->len
== 4)
212 return ntohl(*(in_addr_t
*)addr
->addr
);
218 mroute_addr_reset (struct mroute_addr
*ma
)
221 ma
->type
= MR_ADDR_NONE
;
224 #endif /* P2MP_SERVER */
225 #endif /* MROUTE_H */