summaryrefslogtreecommitdiff
path: root/src/openvpn/mroute.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/openvpn/mroute.h')
-rw-r--r--src/openvpn/mroute.h214
1 files changed, 214 insertions, 0 deletions
diff --git a/src/openvpn/mroute.h b/src/openvpn/mroute.h
new file mode 100644
index 0000000..b72b5ff
--- /dev/null
+++ b/src/openvpn/mroute.h
@@ -0,0 +1,214 @@
+/*
+ * OpenVPN -- An application to securely tunnel IP networks
+ * over a single TCP/UDP port, with support for SSL/TLS-based
+ * session authentication and key exchange,
+ * packet encryption, packet authentication, and
+ * packet compression.
+ *
+ * Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program (see the file COPYING included with this
+ * distribution); if not, write to the Free Software Foundation, Inc.,
+ * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+#ifndef MROUTE_H
+#define MROUTE_H
+
+#if P2MP_SERVER
+
+#include "buffer.h"
+#include "list.h"
+#include "route.h"
+
+#define IP_MCAST_SUBNET_MASK ((in_addr_t)240<<24)
+#define IP_MCAST_NETWORK ((in_addr_t)224<<24)
+
+/* Return status values for mroute_extract_addr_from_packet */
+
+#define MROUTE_EXTRACT_SUCCEEDED (1<<0)
+#define MROUTE_EXTRACT_BCAST (1<<1)
+#define MROUTE_EXTRACT_MCAST (1<<2)
+#define MROUTE_EXTRACT_IGMP (1<<3)
+
+#define MROUTE_SEC_EXTRACT_SUCCEEDED (1<<(0+MROUTE_SEC_SHIFT))
+#define MROUTE_SEC_EXTRACT_BCAST (1<<(1+MROUTE_SEC_SHIFT))
+#define MROUTE_SEC_EXTRACT_MCAST (1<<(2+MROUTE_SEC_SHIFT))
+#define MROUTE_SEC_EXTRACT_IGMP (1<<(3+MROUTE_SEC_SHIFT))
+
+#define MROUTE_SEC_SHIFT 4
+
+/*
+ * Choose the largest address possible with
+ * any of our supported types, which is IPv6
+ * with port number.
+ */
+#define MR_MAX_ADDR_LEN 20
+
+/*
+ * Address Types
+ */
+#define MR_ADDR_NONE 0
+#define MR_ADDR_ETHER 1
+#define MR_ADDR_IPV4 2
+#define MR_ADDR_IPV6 3
+#define MR_ADDR_MASK 3
+
+/* Address type mask indicating that port # is part of address */
+#define MR_WITH_PORT 4
+
+/* Address type mask indicating that netbits is part of address */
+#define MR_WITH_NETBITS 8
+
+/* Indicates than IPv4 addr was extracted from ARP packet */
+#define MR_ARP 16
+
+struct mroute_addr {
+ uint8_t len; /* length of address */
+ uint8_t unused;
+ uint8_t type; /* MR_ADDR/MR_WITH flags */
+ uint8_t netbits; /* number of bits in network part of address,
+ valid if MR_WITH_NETBITS is set */
+ uint8_t addr[MR_MAX_ADDR_LEN]; /* actual address */
+};
+
+/*
+ * Number of bits in an address. Should be raised for IPv6.
+ */
+#define MR_HELPER_NET_LEN 129
+
+/*
+ * Used to help maintain CIDR routing table.
+ */
+struct mroute_helper {
+ unsigned int cache_generation; /* incremented when route added */
+ int ageable_ttl_secs; /* host route cache entry time-to-live*/
+ int n_net_len; /* length of net_len array */
+ uint8_t net_len[MR_HELPER_NET_LEN]; /* CIDR netlengths in descending order */
+ int net_len_refcount[MR_HELPER_NET_LEN]; /* refcount of each netlength */
+};
+
+struct openvpn_sockaddr;
+
+bool mroute_extract_openvpn_sockaddr (struct mroute_addr *addr,
+ const struct openvpn_sockaddr *osaddr,
+ bool use_port);
+
+bool mroute_learnable_address (const struct mroute_addr *addr);
+
+uint32_t mroute_addr_hash_function (const void *key, uint32_t iv);
+bool mroute_addr_compare_function (const void *key1, const void *key2);
+
+void mroute_addr_init (struct mroute_addr *addr);
+
+const char *mroute_addr_print (const struct mroute_addr *ma,
+ struct gc_arena *gc);
+
+#define MAPF_SUBNET (1<<0)
+#define MAPF_IA_EMPTY_IF_UNDEF (1<<1)
+#define MAPF_SHOW_ARP (1<<2)
+const char *mroute_addr_print_ex (const struct mroute_addr *ma,
+ const unsigned int flags,
+ struct gc_arena *gc);
+
+void mroute_addr_mask_host_bits (struct mroute_addr *ma);
+
+struct mroute_helper *mroute_helper_init (int ageable_ttl_secs);
+void mroute_helper_free (struct mroute_helper *mh);
+void mroute_helper_add_iroute (struct mroute_helper *mh, const struct iroute *ir);
+void mroute_helper_del_iroute (struct mroute_helper *mh, const struct iroute *ir);
+void mroute_helper_add_iroute6 (struct mroute_helper *mh, const struct iroute_ipv6 *ir6);
+void mroute_helper_del_iroute6 (struct mroute_helper *mh, const struct iroute_ipv6 *ir6);
+
+/*
+ * Given a raw packet in buf, return the src and dest
+ * addresses of the packet.
+ */
+static inline unsigned int
+mroute_extract_addr_from_packet (struct mroute_addr *src,
+ struct mroute_addr *dest,
+ struct mroute_addr *esrc,
+ struct mroute_addr *edest,
+ const struct buffer *buf,
+ int tunnel_type)
+{
+ unsigned int mroute_extract_addr_ipv4 (struct mroute_addr *src,
+ struct mroute_addr *dest,
+ const struct buffer *buf);
+
+ unsigned int mroute_extract_addr_ether (struct mroute_addr *src,
+ struct mroute_addr *dest,
+ struct mroute_addr *esrc,
+ struct mroute_addr *edest,
+ const struct buffer *buf);
+ unsigned int ret = 0;
+ verify_align_4 (buf);
+ if (tunnel_type == DEV_TYPE_TUN)
+ ret = mroute_extract_addr_ipv4 (src, dest, buf);
+ else if (tunnel_type == DEV_TYPE_TAP)
+ ret = mroute_extract_addr_ether (src, dest, esrc, edest, buf);
+ return ret;
+}
+
+static inline bool
+mroute_addr_equal (const struct mroute_addr *a1, const struct mroute_addr *a2)
+{
+ if (a1->type != a2->type)
+ return false;
+ if (a1->netbits != a2->netbits)
+ return false;
+ if (a1->len != a2->len)
+ return false;
+ return memcmp (a1->addr, a2->addr, a1->len) == 0;
+}
+
+static inline const uint8_t *
+mroute_addr_hash_ptr (const struct mroute_addr *a)
+{
+ /* NOTE: depends on ordering of struct mroute_addr */
+ return (uint8_t *) &a->type;
+}
+
+static inline uint32_t
+mroute_addr_hash_len (const struct mroute_addr *a)
+{
+ return (uint32_t) a->len + 2;
+}
+
+static inline void
+mroute_extract_in_addr_t (struct mroute_addr *dest, const in_addr_t src)
+{
+ dest->type = MR_ADDR_IPV4;
+ dest->netbits = 0;
+ dest->len = 4;
+ *(in_addr_t*)dest->addr = htonl (src);
+}
+
+static inline in_addr_t
+in_addr_t_from_mroute_addr (const struct mroute_addr *addr)
+{
+ if ((addr->type & MR_ADDR_MASK) == MR_ADDR_IPV4 && addr->netbits == 0 && addr->len == 4)
+ return ntohl(*(in_addr_t*)addr->addr);
+ else
+ return 0;
+}
+
+static inline void
+mroute_addr_reset (struct mroute_addr *ma)
+{
+ ma->len = 0;
+ ma->type = MR_ADDR_NONE;
+}
+
+#endif /* P2MP_SERVER */
+#endif /* MROUTE_H */