summaryrefslogtreecommitdiff
path: root/src/openvpn/options.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/openvpn/options.c')
-rw-r--r--src/openvpn/options.c86
1 files changed, 59 insertions, 27 deletions
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 8bf82c5..658ca53 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -1983,7 +1983,8 @@ connection_entry_load_re(struct connection_entry *ce, const struct remote_entry
}
static void
-options_postprocess_verify_ce(const struct options *options, const struct connection_entry *ce)
+options_postprocess_verify_ce(const struct options *options,
+ const struct connection_entry *ce)
{
struct options defaults;
int dev = DEV_TYPE_UNDEF;
@@ -2011,7 +2012,9 @@ options_postprocess_verify_ce(const struct options *options, const struct connec
*/
if (ce->proto == PROTO_TCP)
{
- msg(M_USAGE, "--proto tcp is ambiguous in this context. Please specify --proto tcp-server or --proto tcp-client");
+ msg(M_USAGE,
+ "--proto tcp is ambiguous in this context. Please specify "
+ "--proto tcp-server or --proto tcp-client");
}
/*
@@ -2051,8 +2054,9 @@ options_postprocess_verify_ce(const struct options *options, const struct connec
if (options->inetd)
{
- msg(M_WARN, "DEPRECATED OPTION: --inetd mode is deprecated "
- "and will be removed in OpenVPN 2.6");
+ msg(M_WARN,
+ "DEPRECATED OPTION: --inetd mode is deprecated and will be removed "
+ "in OpenVPN 2.6");
}
if (options->lladdr && dev != DEV_TYPE_TAP)
@@ -2065,7 +2069,9 @@ options_postprocess_verify_ce(const struct options *options, const struct connec
*/
if (options->ce.tun_mtu_defined && options->ce.link_mtu_defined)
{
- msg(M_USAGE, "only one of --tun-mtu or --link-mtu may be defined (note that --ifconfig implies --link-mtu %d)", LINK_MTU_DEFAULT);
+ msg(M_USAGE,
+ "only one of --tun-mtu or --link-mtu may be defined (note that "
+ "--ifconfig implies --link-mtu %d)", LINK_MTU_DEFAULT);
}
if (!proto_is_udp(ce->proto) && options->mtu_test)
@@ -2092,18 +2098,23 @@ options_postprocess_verify_ce(const struct options *options, const struct connec
if (string_defined_equal(ce->remote, options->ifconfig_local)
|| string_defined_equal(ce->remote, options->ifconfig_remote_netmask))
{
- msg(M_USAGE, "--local and --remote addresses must be distinct from --ifconfig addresses");
+ msg(M_USAGE,
+ "--local and --remote addresses must be distinct from --ifconfig "
+ "addresses");
}
if (string_defined_equal(ce->local, options->ifconfig_local)
|| string_defined_equal(ce->local, options->ifconfig_remote_netmask))
{
- msg(M_USAGE, "--local addresses must be distinct from --ifconfig addresses");
+ msg(M_USAGE,
+ "--local addresses must be distinct from --ifconfig addresses");
}
- if (string_defined_equal(options->ifconfig_local, options->ifconfig_remote_netmask))
+ if (string_defined_equal(options->ifconfig_local,
+ options->ifconfig_remote_netmask))
{
- msg(M_USAGE, "local and remote/netmask --ifconfig addresses must be different");
+ msg(M_USAGE,
+ "local and remote/netmask --ifconfig addresses must be different");
}
if (ce->bind_defined && !ce->bind_local)
@@ -2113,12 +2124,14 @@ options_postprocess_verify_ce(const struct options *options, const struct connec
if (ce->local && !ce->bind_local)
{
- msg(M_USAGE, "--local and --nobind don't make sense when used together");
+ msg(M_USAGE,
+ "--local and --nobind don't make sense when used together");
}
if (ce->local_port_defined && !ce->bind_local)
{
- msg(M_USAGE, "--lport and --nobind don't make sense when used together");
+ msg(M_USAGE,
+ "--lport and --nobind don't make sense when used together");
}
if (!ce->remote && !ce->bind_local)
@@ -2181,10 +2194,11 @@ options_postprocess_verify_ce(const struct options *options, const struct connec
}
if (options->tuntap_options.dhcp_options
+ && options->windows_driver != WINDOWS_DRIVER_WINTUN
&& options->tuntap_options.ip_win32_type != IPW32_SET_DHCP_MASQ
&& options->tuntap_options.ip_win32_type != IPW32_SET_ADAPTIVE)
{
- msg(M_USAGE, "--dhcp-options requires --ip-win32 dynamic or adaptive");
+ msg(M_USAGE, "--dhcp-option requires --ip-win32 dynamic or adaptive");
}
if (options->windows_driver == WINDOWS_DRIVER_WINTUN && dev != DEV_TYPE_TUN)
@@ -2206,7 +2220,8 @@ options_postprocess_verify_ce(const struct options *options, const struct connec
if (!proto_is_udp(ce->proto) && ce->explicit_exit_notification)
{
- msg(M_USAGE, "--explicit-exit-notify can only be used with --proto udp");
+ msg(M_USAGE,
+ "--explicit-exit-notify can only be used with --proto udp");
}
if (!ce->remote && ce->proto == PROTO_TCP_CLIENT)
@@ -2216,16 +2231,21 @@ options_postprocess_verify_ce(const struct options *options, const struct connec
if ((ce->http_proxy_options) && ce->proto != PROTO_TCP_CLIENT)
{
- msg(M_USAGE, "--http-proxy MUST be used in TCP Client mode (i.e. --proto tcp-client)");
+ msg(M_USAGE,
+ "--http-proxy MUST be used in TCP Client mode (i.e. --proto "
+ "tcp-client)");
}
+
if ((ce->http_proxy_options) && !ce->http_proxy_options->server)
{
- msg(M_USAGE, "--http-proxy not specified but other http proxy options present");
+ msg(M_USAGE,
+ "--http-proxy not specified but other http proxy options present");
}
if (ce->http_proxy_options && ce->socks_proxy_server)
{
- msg(M_USAGE, "--http-proxy can not be used together with --socks-proxy");
+ msg(M_USAGE,
+ "--http-proxy can not be used together with --socks-proxy");
}
if (ce->socks_proxy_server && ce->proto == PROTO_TCP_SERVER)
@@ -2291,8 +2311,9 @@ options_postprocess_verify_ce(const struct options *options, const struct connec
{
msg(M_USAGE, "--socks-proxy cannot be used with --mode server");
}
- /* <connection> blocks force to have a remote embedded, so we check for the
- * --remote and bail out if it is present */
+ /* <connection> blocks force to have a remote embedded, so we check
+ * for the --remote and bail out if it is present
+ */
if (options->connection_list->len >1
|| options->connection_list->array[0]->remote)
{
@@ -2309,12 +2330,15 @@ options_postprocess_verify_ce(const struct options *options, const struct connec
}
if (options->ipchange)
{
- msg(M_USAGE, "--ipchange cannot be used with --mode server (use --client-connect instead)");
+ msg(M_USAGE,
+ "--ipchange cannot be used with --mode server (use "
+ "--client-connect instead)");
}
if (!(proto_is_dgram(ce->proto) || ce->proto == PROTO_TCP_SERVER))
{
- msg(M_USAGE, "--mode server currently only supports "
- "--proto udp or --proto tcp-server or --proto tcp6-server");
+ msg(M_USAGE,
+ "--mode server currently only supports --proto udp or --proto "
+ "tcp-server or --proto tcp6-server");
}
if (!proto_is_udp(ce->proto) && (options->cf_max || options->cf_per))
{
@@ -2816,12 +2840,14 @@ options_postprocess_mutate_ce(struct options *o, struct connection_entry *ce)
}
#endif
- if (ce->proto == PROTO_TCP_CLIENT && !ce->local && !ce->local_port_defined && !ce->bind_defined)
+ if (ce->proto == PROTO_TCP_CLIENT && !ce->local
+ && !ce->local_port_defined && !ce->bind_defined)
{
ce->bind_local = false;
}
- if (ce->proto == PROTO_UDP && ce->socks_proxy_server && !ce->local && !ce->local_port_defined && !ce->bind_defined)
+ if (ce->proto == PROTO_UDP && ce->socks_proxy_server && !ce->local
+ && !ce->local_port_defined && !ce->bind_defined)
{
ce->bind_local = false;
}
@@ -2831,7 +2857,9 @@ options_postprocess_mutate_ce(struct options *o, struct connection_entry *ce)
ce->local_port = NULL;
}
- /* if protocol forcing is enabled, disable all protocols except for the forced one */
+ /* if protocol forcing is enabled, disable all protocols
+ * except for the forced one
+ */
if (o->proto_force >= 0 && o->proto_force != ce->proto)
{
ce->flags |= CE_DISABLED;
@@ -5689,7 +5717,9 @@ add_option(struct options *options,
const sa_family_t af = ascii2af(p[3]);
if (proto < 0)
{
- msg(msglevel, "remote: bad protocol associated with host %s: '%s'", p[1], p[3]);
+ msg(msglevel,
+ "remote: bad protocol associated with host %s: '%s'",
+ p[1], p[3]);
goto err;
}
re.proto = proto;
@@ -6209,7 +6239,8 @@ add_option(struct options *options,
af = ascii2af(p[1]);
if (proto < 0)
{
- msg(msglevel, "Bad protocol: '%s'. Allowed protocols with --proto option: %s",
+ msg(msglevel,
+ "Bad protocol: '%s'. Allowed protocols with --proto option: %s",
p[1],
proto2ascii_all(&gc));
goto err;
@@ -7439,7 +7470,8 @@ add_option(struct options *options,
VERIFY_PERMISSION(OPT_P_IPWIN32);
bool ipv6dns = false;
- if (streq(p[1], "DOMAIN") && p[2])
+ if ((streq(p[1], "DOMAIN") || streq(p[1], "ADAPTER_DOMAIN_SUFFIX"))
+ && p[2])
{
o->domain = p[2];
}