summaryrefslogtreecommitdiff
path: root/src/openvpn/proto.c
diff options
context:
space:
mode:
authorAlberto Gonzalez Iniesta <agi@inittab.org>2016-12-27 18:25:47 +0100
committerAlberto Gonzalez Iniesta <agi@inittab.org>2016-12-27 18:25:47 +0100
commit79f3537f69e125f19f59c36aa090120a63186a54 (patch)
tree2089a3b7dac990841dbc2e4d9b2f535b82dbb0af /src/openvpn/proto.c
parentf2137fedb30cb87448eb03b2f288920df6187571 (diff)
parent3a2bbdb05ca6a6996e424c9fb225cb0d53804125 (diff)
Merge tag 'upstream/2.4.0'
Upstream version 2.4.0
Diffstat (limited to 'src/openvpn/proto.c')
-rw-r--r--src/openvpn/proto.c160
1 files changed, 88 insertions, 72 deletions
diff --git a/src/openvpn/proto.c b/src/openvpn/proto.c
index 7b58e6a..40e0714 100644
--- a/src/openvpn/proto.c
+++ b/src/openvpn/proto.c
@@ -5,7 +5,7 @@
* packet encryption, packet authentication, and
* packet compression.
*
- * Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
+ * Copyright (C) 2002-2017 OpenVPN Technologies, Inc. <sales@openvpn.net>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2
@@ -41,48 +41,60 @@
*/
static
bool
-is_ipv_X ( int tunnel_type, struct buffer *buf, int ip_ver )
+is_ipv_X( int tunnel_type, struct buffer *buf, int ip_ver )
{
- int offset;
- const struct openvpn_iphdr *ih;
+ int offset;
+ const struct openvpn_iphdr *ih;
- verify_align_4 (buf);
- if (tunnel_type == DEV_TYPE_TUN)
+ verify_align_4(buf);
+ if (tunnel_type == DEV_TYPE_TUN)
{
- if (BLEN (buf) < (int) sizeof (struct openvpn_iphdr))
- return false;
- offset = 0;
+ if (BLEN(buf) < (int) sizeof(struct openvpn_iphdr))
+ {
+ return false;
+ }
+ offset = 0;
}
- else if (tunnel_type == DEV_TYPE_TAP)
+ else if (tunnel_type == DEV_TYPE_TAP)
{
- const struct openvpn_ethhdr *eh;
- if (BLEN (buf) < (int)(sizeof (struct openvpn_ethhdr)
- + sizeof (struct openvpn_iphdr)))
- return false;
- eh = (const struct openvpn_ethhdr *) BPTR (buf);
- if (ntohs (eh->proto) != (ip_ver == 6 ? OPENVPN_ETH_P_IPV6 : OPENVPN_ETH_P_IPV4))
- return false;
- offset = sizeof (struct openvpn_ethhdr);
+ const struct openvpn_ethhdr *eh;
+ if (BLEN(buf) < (int)(sizeof(struct openvpn_ethhdr)
+ + sizeof(struct openvpn_iphdr)))
+ {
+ return false;
+ }
+ eh = (const struct openvpn_ethhdr *) BPTR(buf);
+ if (ntohs(eh->proto) != (ip_ver == 6 ? OPENVPN_ETH_P_IPV6 : OPENVPN_ETH_P_IPV4))
+ {
+ return false;
+ }
+ offset = sizeof(struct openvpn_ethhdr);
+ }
+ else
+ {
+ return false;
}
- else
- return false;
- ih = (const struct openvpn_iphdr *) (BPTR (buf) + offset);
+ ih = (const struct openvpn_iphdr *) (BPTR(buf) + offset);
- /* IP version is stored in the same bits for IPv4 or IPv6 header */
- if (OPENVPN_IPH_GET_VER (ih->version_len) == ip_ver)
- return buf_advance (buf, offset);
- else
- return false;
+ /* IP version is stored in the same bits for IPv4 or IPv6 header */
+ if (OPENVPN_IPH_GET_VER(ih->version_len) == ip_ver)
+ {
+ return buf_advance(buf, offset);
+ }
+ else
+ {
+ return false;
+ }
}
bool
-is_ipv4 (int tunnel_type, struct buffer *buf)
+is_ipv4(int tunnel_type, struct buffer *buf)
{
return is_ipv_X( tunnel_type, buf, 4 );
}
bool
-is_ipv6 (int tunnel_type, struct buffer *buf)
+is_ipv6(int tunnel_type, struct buffer *buf)
{
return is_ipv_X( tunnel_type, buf, 6 );
}
@@ -90,52 +102,56 @@ is_ipv6 (int tunnel_type, struct buffer *buf)
#ifdef PACKET_TRUNCATION_CHECK
void
-ipv4_packet_size_verify (const uint8_t *data,
- const int size,
- const int tunnel_type,
- const char *prefix,
- counter_type *errors)
+ipv4_packet_size_verify(const uint8_t *data,
+ const int size,
+ const int tunnel_type,
+ const char *prefix,
+ counter_type *errors)
{
- if (size > 0)
+ if (size > 0)
{
- struct buffer buf;
-
- buf_set_read (&buf, data, size);
-
- if (is_ipv4 (tunnel_type, &buf))
- {
- const struct openvpn_iphdr *pip;
- int hlen;
- int totlen;
- const char *msgstr = "PACKET SIZE INFO";
- unsigned int msglevel = D_PACKET_TRUNC_DEBUG;
-
- if (BLEN (&buf) < (int) sizeof (struct openvpn_iphdr))
- return;
-
- verify_align_4 (&buf);
- pip = (struct openvpn_iphdr *) BPTR (&buf);
-
- hlen = OPENVPN_IPH_GET_LEN (pip->version_len);
- totlen = ntohs (pip->tot_len);
-
- if (BLEN (&buf) != totlen)
- {
- msgstr = "PACKET TRUNCATION ERROR";
- msglevel = D_PACKET_TRUNC_ERR;
- if (errors)
- ++(*errors);
- }
-
- msg (msglevel, "%s %s: size=%d totlen=%d hlen=%d errcount=" counter_format,
- msgstr,
- prefix,
- BLEN (&buf),
- totlen,
- hlen,
- errors ? *errors : (counter_type)0);
- }
+ struct buffer buf;
+
+ buf_set_read(&buf, data, size);
+
+ if (is_ipv4(tunnel_type, &buf))
+ {
+ const struct openvpn_iphdr *pip;
+ int hlen;
+ int totlen;
+ const char *msgstr = "PACKET SIZE INFO";
+ unsigned int msglevel = D_PACKET_TRUNC_DEBUG;
+
+ if (BLEN(&buf) < (int) sizeof(struct openvpn_iphdr))
+ {
+ return;
+ }
+
+ verify_align_4(&buf);
+ pip = (struct openvpn_iphdr *) BPTR(&buf);
+
+ hlen = OPENVPN_IPH_GET_LEN(pip->version_len);
+ totlen = ntohs(pip->tot_len);
+
+ if (BLEN(&buf) != totlen)
+ {
+ msgstr = "PACKET TRUNCATION ERROR";
+ msglevel = D_PACKET_TRUNC_ERR;
+ if (errors)
+ {
+ ++(*errors);
+ }
+ }
+
+ msg(msglevel, "%s %s: size=%d totlen=%d hlen=%d errcount=" counter_format,
+ msgstr,
+ prefix,
+ BLEN(&buf),
+ totlen,
+ hlen,
+ errors ? *errors : (counter_type)0);
+ }
}
}
-#endif
+#endif /* ifdef PACKET_TRUNCATION_CHECK */