summaryrefslogtreecommitdiff
path: root/src/openvpn/proto.h
diff options
context:
space:
mode:
authorAlberto Gonzalez Iniesta <agi@inittab.org>2016-12-27 18:25:47 +0100
committerAlberto Gonzalez Iniesta <agi@inittab.org>2016-12-27 18:25:47 +0100
commit79f3537f69e125f19f59c36aa090120a63186a54 (patch)
tree2089a3b7dac990841dbc2e4d9b2f535b82dbb0af /src/openvpn/proto.h
parentf2137fedb30cb87448eb03b2f288920df6187571 (diff)
parent3a2bbdb05ca6a6996e424c9fb225cb0d53804125 (diff)
Merge tag 'upstream/2.4.0'
Upstream version 2.4.0
Diffstat (limited to 'src/openvpn/proto.h')
-rw-r--r--src/openvpn/proto.h263
1 files changed, 133 insertions, 130 deletions
diff --git a/src/openvpn/proto.h b/src/openvpn/proto.h
index 07612c8..bfcb36d 100644
--- a/src/openvpn/proto.h
+++ b/src/openvpn/proto.h
@@ -5,7 +5,7 @@
* packet encryption, packet authentication, and
* packet compression.
*
- * Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
+ * Copyright (C) 2002-2017 OpenVPN Technologies, Inc. <sales@openvpn.net>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2
@@ -53,72 +53,72 @@
*/
#define OPENVPN_ETH_ALEN 6 /* ethernet address length */
-struct openvpn_ethhdr
+struct openvpn_ethhdr
{
- uint8_t dest[OPENVPN_ETH_ALEN]; /* destination ethernet addr */
- uint8_t source[OPENVPN_ETH_ALEN]; /* source ethernet addr */
+ uint8_t dest[OPENVPN_ETH_ALEN]; /* destination ethernet addr */
+ uint8_t source[OPENVPN_ETH_ALEN]; /* source ethernet addr */
-# define OPENVPN_ETH_P_IPV4 0x0800 /* IPv4 protocol */
-# define OPENVPN_ETH_P_IPV6 0x86DD /* IPv6 protocol */
-# define OPENVPN_ETH_P_ARP 0x0806 /* ARP protocol */
- uint16_t proto; /* packet type ID field */
+#define OPENVPN_ETH_P_IPV4 0x0800 /* IPv4 protocol */
+#define OPENVPN_ETH_P_IPV6 0x86DD /* IPv6 protocol */
+#define OPENVPN_ETH_P_ARP 0x0806 /* ARP protocol */
+ uint16_t proto; /* packet type ID field */
};
struct openvpn_arp {
-# define ARP_MAC_ADDR_TYPE 0x0001
- uint16_t mac_addr_type; /* 0x0001 */
+#define ARP_MAC_ADDR_TYPE 0x0001
+ uint16_t mac_addr_type; /* 0x0001 */
- uint16_t proto_addr_type; /* 0x0800 */
- uint8_t mac_addr_size; /* 0x06 */
- uint8_t proto_addr_size; /* 0x04 */
+ uint16_t proto_addr_type; /* 0x0800 */
+ uint8_t mac_addr_size; /* 0x06 */
+ uint8_t proto_addr_size; /* 0x04 */
-# define ARP_REQUEST 0x0001
-# define ARP_REPLY 0x0002
- uint16_t arp_command; /* 0x0001 for ARP request, 0x0002 for ARP reply */
+#define ARP_REQUEST 0x0001
+#define ARP_REPLY 0x0002
+ uint16_t arp_command; /* 0x0001 for ARP request, 0x0002 for ARP reply */
- uint8_t mac_src[OPENVPN_ETH_ALEN];
- in_addr_t ip_src;
- uint8_t mac_dest[OPENVPN_ETH_ALEN];
- in_addr_t ip_dest;
+ uint8_t mac_src[OPENVPN_ETH_ALEN];
+ in_addr_t ip_src;
+ uint8_t mac_dest[OPENVPN_ETH_ALEN];
+ in_addr_t ip_dest;
};
struct openvpn_iphdr {
-# define OPENVPN_IPH_GET_VER(v) (((v) >> 4) & 0x0F)
-# define OPENVPN_IPH_GET_LEN(v) (((v) & 0x0F) << 2)
- uint8_t version_len;
+#define OPENVPN_IPH_GET_VER(v) (((v) >> 4) & 0x0F)
+#define OPENVPN_IPH_GET_LEN(v) (((v) & 0x0F) << 2)
+ uint8_t version_len;
- uint8_t tos;
- uint16_t tot_len;
- uint16_t id;
+ uint8_t tos;
+ uint16_t tot_len;
+ uint16_t id;
-# define OPENVPN_IP_OFFMASK 0x1fff
- uint16_t frag_off;
+#define OPENVPN_IP_OFFMASK 0x1fff
+ uint16_t frag_off;
- uint8_t ttl;
+ uint8_t ttl;
-# define OPENVPN_IPPROTO_IGMP 2 /* IGMP protocol */
-# define OPENVPN_IPPROTO_TCP 6 /* TCP protocol */
-# define OPENVPN_IPPROTO_UDP 17 /* UDP protocol */
- uint8_t protocol;
+#define OPENVPN_IPPROTO_IGMP 2 /* IGMP protocol */
+#define OPENVPN_IPPROTO_TCP 6 /* TCP protocol */
+#define OPENVPN_IPPROTO_UDP 17 /* UDP protocol */
+ uint8_t protocol;
- uint16_t check;
- uint32_t saddr;
- uint32_t daddr;
- /*The options start here. */
+ uint16_t check;
+ uint32_t saddr;
+ uint32_t daddr;
+ /*The options start here. */
};
/*
* IPv6 header
*/
struct openvpn_ipv6hdr {
- uint8_t version_prio;
- uint8_t flow_lbl[3];
- uint16_t payload_len;
- uint8_t nexthdr;
- uint8_t hop_limit;
-
- struct in6_addr saddr;
- struct in6_addr daddr;
+ uint8_t version_prio;
+ uint8_t flow_lbl[3];
+ uint16_t payload_len;
+ uint8_t nexthdr;
+ uint8_t hop_limit;
+
+ struct in6_addr saddr;
+ struct in6_addr daddr;
};
@@ -126,50 +126,50 @@ struct openvpn_ipv6hdr {
* UDP header
*/
struct openvpn_udphdr {
- uint16_t source;
- uint16_t dest;
- uint16_t len;
- uint16_t check;
+ uint16_t source;
+ uint16_t dest;
+ uint16_t len;
+ uint16_t check;
};
/*
* TCP header, per RFC 793.
*/
struct openvpn_tcphdr {
- uint16_t source; /* source port */
- uint16_t dest; /* destination port */
- uint32_t seq; /* sequence number */
- uint32_t ack_seq; /* acknowledgement number */
-
-# define OPENVPN_TCPH_GET_DOFF(d) (((d) & 0xF0) >> 2)
- uint8_t doff_res;
-
-# define OPENVPN_TCPH_FIN_MASK (1<<0)
-# define OPENVPN_TCPH_SYN_MASK (1<<1)
-# define OPENVPN_TCPH_RST_MASK (1<<2)
-# define OPENVPN_TCPH_PSH_MASK (1<<3)
-# define OPENVPN_TCPH_ACK_MASK (1<<4)
-# define OPENVPN_TCPH_URG_MASK (1<<5)
-# define OPENVPN_TCPH_ECE_MASK (1<<6)
-# define OPENVPN_TCPH_CWR_MASK (1<<7)
- uint8_t flags;
-
- uint16_t window;
- uint16_t check;
- uint16_t urg_ptr;
+ uint16_t source; /* source port */
+ uint16_t dest; /* destination port */
+ uint32_t seq; /* sequence number */
+ uint32_t ack_seq; /* acknowledgement number */
+
+#define OPENVPN_TCPH_GET_DOFF(d) (((d) & 0xF0) >> 2)
+ uint8_t doff_res;
+
+#define OPENVPN_TCPH_FIN_MASK (1<<0)
+#define OPENVPN_TCPH_SYN_MASK (1<<1)
+#define OPENVPN_TCPH_RST_MASK (1<<2)
+#define OPENVPN_TCPH_PSH_MASK (1<<3)
+#define OPENVPN_TCPH_ACK_MASK (1<<4)
+#define OPENVPN_TCPH_URG_MASK (1<<5)
+#define OPENVPN_TCPH_ECE_MASK (1<<6)
+#define OPENVPN_TCPH_CWR_MASK (1<<7)
+ uint8_t flags;
+
+ uint16_t window;
+ uint16_t check;
+ uint16_t urg_ptr;
};
-#define OPENVPN_TCPOPT_EOL 0
-#define OPENVPN_TCPOPT_NOP 1
-#define OPENVPN_TCPOPT_MAXSEG 2
+#define OPENVPN_TCPOPT_EOL 0
+#define OPENVPN_TCPOPT_NOP 1
+#define OPENVPN_TCPOPT_MAXSEG 2
#define OPENVPN_TCPOLEN_MAXSEG 4
struct ip_tcp_udp_hdr {
- struct openvpn_iphdr ip;
- union {
- struct openvpn_tcphdr tcp;
- struct openvpn_udphdr udp;
- } u;
+ struct openvpn_iphdr ip;
+ union {
+ struct openvpn_tcphdr tcp;
+ struct openvpn_udphdr udp;
+ } u;
};
#pragma pack()
@@ -183,28 +183,28 @@ struct ip_tcp_udp_hdr {
* is the checksum value to be updated.
*/
#define ADJUST_CHECKSUM(acc, cksum) { \
- int _acc = acc; \
- _acc += (cksum); \
- if (_acc < 0) { \
- _acc = -_acc; \
- _acc = (_acc >> 16) + (_acc & 0xffff); \
- _acc += _acc >> 16; \
- (cksum) = (uint16_t) ~_acc; \
- } else { \
- _acc = (_acc >> 16) + (_acc & 0xffff); \
- _acc += _acc >> 16; \
- (cksum) = (uint16_t) _acc; \
- } \
+ int _acc = acc; \
+ _acc += (cksum); \
+ if (_acc < 0) { \
+ _acc = -_acc; \
+ _acc = (_acc >> 16) + (_acc & 0xffff); \
+ _acc += _acc >> 16; \
+ (cksum) = (uint16_t) ~_acc; \
+ } else { \
+ _acc = (_acc >> 16) + (_acc & 0xffff); \
+ _acc += _acc >> 16; \
+ (cksum) = (uint16_t) _acc; \
+ } \
}
#define ADD_CHECKSUM_32(acc, u32) { \
- acc += (u32) & 0xffff; \
- acc += (u32) >> 16; \
+ acc += (u32) & 0xffff; \
+ acc += (u32) >> 16; \
}
#define SUB_CHECKSUM_32(acc, u32) { \
- acc -= (u32) & 0xffff; \
- acc -= (u32) >> 16; \
+ acc -= (u32) & 0xffff; \
+ acc -= (u32) >> 16; \
}
/*
@@ -216,61 +216,64 @@ struct ip_tcp_udp_hdr {
* (RFC 879, section 7).
*/
#define MTU_TO_MSS(mtu) (mtu - sizeof(struct openvpn_iphdr) \
- - sizeof(struct openvpn_tcphdr))
+ - sizeof(struct openvpn_tcphdr))
/*
* This returns an ip protocol version of packet inside tun
* and offset of IP header (via parameter).
*/
-inline static int get_tun_ip_ver(int tunnel_type, struct buffer *buf, int *ip_hdr_offset)
+inline static int
+get_tun_ip_ver(int tunnel_type, struct buffer *buf, int *ip_hdr_offset)
{
- int ip_ver = -1;
+ int ip_ver = -1;
- /* for tun get ip version from ip header */
- if (tunnel_type == DEV_TYPE_TUN)
+ /* for tun get ip version from ip header */
+ if (tunnel_type == DEV_TYPE_TUN)
{
- *ip_hdr_offset = 0;
- if (likely(BLEN (buf) >= (int) sizeof (struct openvpn_iphdr)))
- {
- ip_ver = OPENVPN_IPH_GET_VER (*BPTR(buf));
- }
+ *ip_hdr_offset = 0;
+ if (likely(BLEN(buf) >= (int) sizeof(struct openvpn_iphdr)))
+ {
+ ip_ver = OPENVPN_IPH_GET_VER(*BPTR(buf));
+ }
}
- else if (tunnel_type == DEV_TYPE_TAP)
+ else if (tunnel_type == DEV_TYPE_TAP)
{
- *ip_hdr_offset = (int)(sizeof (struct openvpn_ethhdr));
- /* for tap get ip version from eth header */
- if (likely(BLEN (buf) >= *ip_hdr_offset))
- {
- const struct openvpn_ethhdr *eh = (const struct openvpn_ethhdr *) BPTR (buf);
- uint16_t proto = ntohs (eh->proto);
- if (proto == OPENVPN_ETH_P_IPV6)
- {
- ip_ver = 6;
- }
- else if (proto == OPENVPN_ETH_P_IPV4)
- {
- ip_ver = 4;
- }
- }
+ *ip_hdr_offset = (int)(sizeof(struct openvpn_ethhdr));
+ /* for tap get ip version from eth header */
+ if (likely(BLEN(buf) >= *ip_hdr_offset))
+ {
+ const struct openvpn_ethhdr *eh = (const struct openvpn_ethhdr *) BPTR(buf);
+ uint16_t proto = ntohs(eh->proto);
+ if (proto == OPENVPN_ETH_P_IPV6)
+ {
+ ip_ver = 6;
+ }
+ else if (proto == OPENVPN_ETH_P_IPV4)
+ {
+ ip_ver = 4;
+ }
+ }
}
- return ip_ver;
+ return ip_ver;
}
/*
* If raw tunnel packet is IPv4 or IPv6, return true and increment
* buffer offset to start of IP header.
*/
-bool is_ipv4 (int tunnel_type, struct buffer *buf);
-bool is_ipv6 (int tunnel_type, struct buffer *buf);
+bool is_ipv4(int tunnel_type, struct buffer *buf);
+
+bool is_ipv6(int tunnel_type, struct buffer *buf);
#ifdef PACKET_TRUNCATION_CHECK
-void ipv4_packet_size_verify (const uint8_t *data,
- const int size,
- const int tunnel_type,
- const char
- *prefix,
- counter_type *errors);
-#endif
+void ipv4_packet_size_verify(const uint8_t *data,
+ const int size,
+ const int tunnel_type,
+ const char
+ *prefix,
+ counter_type *errors);
#endif
+
+#endif /* ifndef PROTO_H */