diff options
author | Alberto Gonzalez Iniesta <agi@inittab.org> | 2016-12-27 18:25:47 +0100 |
---|---|---|
committer | Alberto Gonzalez Iniesta <agi@inittab.org> | 2016-12-27 18:25:47 +0100 |
commit | 79f3537f69e125f19f59c36aa090120a63186a54 (patch) | |
tree | 2089a3b7dac990841dbc2e4d9b2f535b82dbb0af /src/openvpn/proto.h | |
parent | f2137fedb30cb87448eb03b2f288920df6187571 (diff) | |
parent | 3a2bbdb05ca6a6996e424c9fb225cb0d53804125 (diff) |
Merge tag 'upstream/2.4.0'
Upstream version 2.4.0
Diffstat (limited to 'src/openvpn/proto.h')
-rw-r--r-- | src/openvpn/proto.h | 263 |
1 files changed, 133 insertions, 130 deletions
diff --git a/src/openvpn/proto.h b/src/openvpn/proto.h index 07612c8..bfcb36d 100644 --- a/src/openvpn/proto.h +++ b/src/openvpn/proto.h @@ -5,7 +5,7 @@ * packet encryption, packet authentication, and * packet compression. * - * Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net> + * Copyright (C) 2002-2017 OpenVPN Technologies, Inc. <sales@openvpn.net> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 @@ -53,72 +53,72 @@ */ #define OPENVPN_ETH_ALEN 6 /* ethernet address length */ -struct openvpn_ethhdr +struct openvpn_ethhdr { - uint8_t dest[OPENVPN_ETH_ALEN]; /* destination ethernet addr */ - uint8_t source[OPENVPN_ETH_ALEN]; /* source ethernet addr */ + uint8_t dest[OPENVPN_ETH_ALEN]; /* destination ethernet addr */ + uint8_t source[OPENVPN_ETH_ALEN]; /* source ethernet addr */ -# define OPENVPN_ETH_P_IPV4 0x0800 /* IPv4 protocol */ -# define OPENVPN_ETH_P_IPV6 0x86DD /* IPv6 protocol */ -# define OPENVPN_ETH_P_ARP 0x0806 /* ARP protocol */ - uint16_t proto; /* packet type ID field */ +#define OPENVPN_ETH_P_IPV4 0x0800 /* IPv4 protocol */ +#define OPENVPN_ETH_P_IPV6 0x86DD /* IPv6 protocol */ +#define OPENVPN_ETH_P_ARP 0x0806 /* ARP protocol */ + uint16_t proto; /* packet type ID field */ }; struct openvpn_arp { -# define ARP_MAC_ADDR_TYPE 0x0001 - uint16_t mac_addr_type; /* 0x0001 */ +#define ARP_MAC_ADDR_TYPE 0x0001 + uint16_t mac_addr_type; /* 0x0001 */ - uint16_t proto_addr_type; /* 0x0800 */ - uint8_t mac_addr_size; /* 0x06 */ - uint8_t proto_addr_size; /* 0x04 */ + uint16_t proto_addr_type; /* 0x0800 */ + uint8_t mac_addr_size; /* 0x06 */ + uint8_t proto_addr_size; /* 0x04 */ -# define ARP_REQUEST 0x0001 -# define ARP_REPLY 0x0002 - uint16_t arp_command; /* 0x0001 for ARP request, 0x0002 for ARP reply */ +#define ARP_REQUEST 0x0001 +#define ARP_REPLY 0x0002 + uint16_t arp_command; /* 0x0001 for ARP request, 0x0002 for ARP reply */ - uint8_t mac_src[OPENVPN_ETH_ALEN]; - in_addr_t ip_src; - uint8_t mac_dest[OPENVPN_ETH_ALEN]; - in_addr_t ip_dest; + uint8_t mac_src[OPENVPN_ETH_ALEN]; + in_addr_t ip_src; + uint8_t mac_dest[OPENVPN_ETH_ALEN]; + in_addr_t ip_dest; }; struct openvpn_iphdr { -# define OPENVPN_IPH_GET_VER(v) (((v) >> 4) & 0x0F) -# define OPENVPN_IPH_GET_LEN(v) (((v) & 0x0F) << 2) - uint8_t version_len; +#define OPENVPN_IPH_GET_VER(v) (((v) >> 4) & 0x0F) +#define OPENVPN_IPH_GET_LEN(v) (((v) & 0x0F) << 2) + uint8_t version_len; - uint8_t tos; - uint16_t tot_len; - uint16_t id; + uint8_t tos; + uint16_t tot_len; + uint16_t id; -# define OPENVPN_IP_OFFMASK 0x1fff - uint16_t frag_off; +#define OPENVPN_IP_OFFMASK 0x1fff + uint16_t frag_off; - uint8_t ttl; + uint8_t ttl; -# define OPENVPN_IPPROTO_IGMP 2 /* IGMP protocol */ -# define OPENVPN_IPPROTO_TCP 6 /* TCP protocol */ -# define OPENVPN_IPPROTO_UDP 17 /* UDP protocol */ - uint8_t protocol; +#define OPENVPN_IPPROTO_IGMP 2 /* IGMP protocol */ +#define OPENVPN_IPPROTO_TCP 6 /* TCP protocol */ +#define OPENVPN_IPPROTO_UDP 17 /* UDP protocol */ + uint8_t protocol; - uint16_t check; - uint32_t saddr; - uint32_t daddr; - /*The options start here. */ + uint16_t check; + uint32_t saddr; + uint32_t daddr; + /*The options start here. */ }; /* * IPv6 header */ struct openvpn_ipv6hdr { - uint8_t version_prio; - uint8_t flow_lbl[3]; - uint16_t payload_len; - uint8_t nexthdr; - uint8_t hop_limit; - - struct in6_addr saddr; - struct in6_addr daddr; + uint8_t version_prio; + uint8_t flow_lbl[3]; + uint16_t payload_len; + uint8_t nexthdr; + uint8_t hop_limit; + + struct in6_addr saddr; + struct in6_addr daddr; }; @@ -126,50 +126,50 @@ struct openvpn_ipv6hdr { * UDP header */ struct openvpn_udphdr { - uint16_t source; - uint16_t dest; - uint16_t len; - uint16_t check; + uint16_t source; + uint16_t dest; + uint16_t len; + uint16_t check; }; /* * TCP header, per RFC 793. */ struct openvpn_tcphdr { - uint16_t source; /* source port */ - uint16_t dest; /* destination port */ - uint32_t seq; /* sequence number */ - uint32_t ack_seq; /* acknowledgement number */ - -# define OPENVPN_TCPH_GET_DOFF(d) (((d) & 0xF0) >> 2) - uint8_t doff_res; - -# define OPENVPN_TCPH_FIN_MASK (1<<0) -# define OPENVPN_TCPH_SYN_MASK (1<<1) -# define OPENVPN_TCPH_RST_MASK (1<<2) -# define OPENVPN_TCPH_PSH_MASK (1<<3) -# define OPENVPN_TCPH_ACK_MASK (1<<4) -# define OPENVPN_TCPH_URG_MASK (1<<5) -# define OPENVPN_TCPH_ECE_MASK (1<<6) -# define OPENVPN_TCPH_CWR_MASK (1<<7) - uint8_t flags; - - uint16_t window; - uint16_t check; - uint16_t urg_ptr; + uint16_t source; /* source port */ + uint16_t dest; /* destination port */ + uint32_t seq; /* sequence number */ + uint32_t ack_seq; /* acknowledgement number */ + +#define OPENVPN_TCPH_GET_DOFF(d) (((d) & 0xF0) >> 2) + uint8_t doff_res; + +#define OPENVPN_TCPH_FIN_MASK (1<<0) +#define OPENVPN_TCPH_SYN_MASK (1<<1) +#define OPENVPN_TCPH_RST_MASK (1<<2) +#define OPENVPN_TCPH_PSH_MASK (1<<3) +#define OPENVPN_TCPH_ACK_MASK (1<<4) +#define OPENVPN_TCPH_URG_MASK (1<<5) +#define OPENVPN_TCPH_ECE_MASK (1<<6) +#define OPENVPN_TCPH_CWR_MASK (1<<7) + uint8_t flags; + + uint16_t window; + uint16_t check; + uint16_t urg_ptr; }; -#define OPENVPN_TCPOPT_EOL 0 -#define OPENVPN_TCPOPT_NOP 1 -#define OPENVPN_TCPOPT_MAXSEG 2 +#define OPENVPN_TCPOPT_EOL 0 +#define OPENVPN_TCPOPT_NOP 1 +#define OPENVPN_TCPOPT_MAXSEG 2 #define OPENVPN_TCPOLEN_MAXSEG 4 struct ip_tcp_udp_hdr { - struct openvpn_iphdr ip; - union { - struct openvpn_tcphdr tcp; - struct openvpn_udphdr udp; - } u; + struct openvpn_iphdr ip; + union { + struct openvpn_tcphdr tcp; + struct openvpn_udphdr udp; + } u; }; #pragma pack() @@ -183,28 +183,28 @@ struct ip_tcp_udp_hdr { * is the checksum value to be updated. */ #define ADJUST_CHECKSUM(acc, cksum) { \ - int _acc = acc; \ - _acc += (cksum); \ - if (_acc < 0) { \ - _acc = -_acc; \ - _acc = (_acc >> 16) + (_acc & 0xffff); \ - _acc += _acc >> 16; \ - (cksum) = (uint16_t) ~_acc; \ - } else { \ - _acc = (_acc >> 16) + (_acc & 0xffff); \ - _acc += _acc >> 16; \ - (cksum) = (uint16_t) _acc; \ - } \ + int _acc = acc; \ + _acc += (cksum); \ + if (_acc < 0) { \ + _acc = -_acc; \ + _acc = (_acc >> 16) + (_acc & 0xffff); \ + _acc += _acc >> 16; \ + (cksum) = (uint16_t) ~_acc; \ + } else { \ + _acc = (_acc >> 16) + (_acc & 0xffff); \ + _acc += _acc >> 16; \ + (cksum) = (uint16_t) _acc; \ + } \ } #define ADD_CHECKSUM_32(acc, u32) { \ - acc += (u32) & 0xffff; \ - acc += (u32) >> 16; \ + acc += (u32) & 0xffff; \ + acc += (u32) >> 16; \ } #define SUB_CHECKSUM_32(acc, u32) { \ - acc -= (u32) & 0xffff; \ - acc -= (u32) >> 16; \ + acc -= (u32) & 0xffff; \ + acc -= (u32) >> 16; \ } /* @@ -216,61 +216,64 @@ struct ip_tcp_udp_hdr { * (RFC 879, section 7). */ #define MTU_TO_MSS(mtu) (mtu - sizeof(struct openvpn_iphdr) \ - - sizeof(struct openvpn_tcphdr)) + - sizeof(struct openvpn_tcphdr)) /* * This returns an ip protocol version of packet inside tun * and offset of IP header (via parameter). */ -inline static int get_tun_ip_ver(int tunnel_type, struct buffer *buf, int *ip_hdr_offset) +inline static int +get_tun_ip_ver(int tunnel_type, struct buffer *buf, int *ip_hdr_offset) { - int ip_ver = -1; + int ip_ver = -1; - /* for tun get ip version from ip header */ - if (tunnel_type == DEV_TYPE_TUN) + /* for tun get ip version from ip header */ + if (tunnel_type == DEV_TYPE_TUN) { - *ip_hdr_offset = 0; - if (likely(BLEN (buf) >= (int) sizeof (struct openvpn_iphdr))) - { - ip_ver = OPENVPN_IPH_GET_VER (*BPTR(buf)); - } + *ip_hdr_offset = 0; + if (likely(BLEN(buf) >= (int) sizeof(struct openvpn_iphdr))) + { + ip_ver = OPENVPN_IPH_GET_VER(*BPTR(buf)); + } } - else if (tunnel_type == DEV_TYPE_TAP) + else if (tunnel_type == DEV_TYPE_TAP) { - *ip_hdr_offset = (int)(sizeof (struct openvpn_ethhdr)); - /* for tap get ip version from eth header */ - if (likely(BLEN (buf) >= *ip_hdr_offset)) - { - const struct openvpn_ethhdr *eh = (const struct openvpn_ethhdr *) BPTR (buf); - uint16_t proto = ntohs (eh->proto); - if (proto == OPENVPN_ETH_P_IPV6) - { - ip_ver = 6; - } - else if (proto == OPENVPN_ETH_P_IPV4) - { - ip_ver = 4; - } - } + *ip_hdr_offset = (int)(sizeof(struct openvpn_ethhdr)); + /* for tap get ip version from eth header */ + if (likely(BLEN(buf) >= *ip_hdr_offset)) + { + const struct openvpn_ethhdr *eh = (const struct openvpn_ethhdr *) BPTR(buf); + uint16_t proto = ntohs(eh->proto); + if (proto == OPENVPN_ETH_P_IPV6) + { + ip_ver = 6; + } + else if (proto == OPENVPN_ETH_P_IPV4) + { + ip_ver = 4; + } + } } - return ip_ver; + return ip_ver; } /* * If raw tunnel packet is IPv4 or IPv6, return true and increment * buffer offset to start of IP header. */ -bool is_ipv4 (int tunnel_type, struct buffer *buf); -bool is_ipv6 (int tunnel_type, struct buffer *buf); +bool is_ipv4(int tunnel_type, struct buffer *buf); + +bool is_ipv6(int tunnel_type, struct buffer *buf); #ifdef PACKET_TRUNCATION_CHECK -void ipv4_packet_size_verify (const uint8_t *data, - const int size, - const int tunnel_type, - const char - *prefix, - counter_type *errors); -#endif +void ipv4_packet_size_verify(const uint8_t *data, + const int size, + const int tunnel_type, + const char + *prefix, + counter_type *errors); #endif + +#endif /* ifndef PROTO_H */ |