OpenVPN/openvpn
1
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn.git synced 2025-05-09 21:51:05 +08:00
Code Issues Packages Projects Releases Wiki Activity

Treat dhcp-option DNS6 and DNS identical

Browse Source 
OpenVPN3 accepts both IPv4 and IPv6 with option-dhcp DNS but throws
an error for option-dhcp DNS6.

This patch makes OpenVPN2 accept IPv4/IPv6 for both DNS and DNS6

V2: Put IPv6 parsing logic into own function similar as for for IPv4 DNS
V3: more documentation / help message adjustments

Acked-by: Selva Nair <selva.nair@gmail.com>
Message-Id: <1517391662-21325-1-git-send-email-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg16413.html

Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 849006bf17bba524e6f3344598adcbe41bedf450)
This commit is contained in:
Arne Schwabe 2018-01-31 10:41:02 +01:00 committed by Gert Doering
parent 6da18bf370
commit 61a72ecd59
2 changed files with 29 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
doc/openvpn.8
View File

@ -5837,17 +5837,13 @@ across the VPN.
Set Connection\-specific DNS Suffix. Set Connection\-specific DNS Suffix.
.B DNS addr \-\- .B DNS addr \-\-
Set primary domain name server IPv4 address. Repeat Set primary domain name server IPv4 or IPv6 address. Repeat
this option to set secondary DNS server addresses. this option to set secondary DNS server addresses.
.B DNS6 addr \-\- Note: DNS IPv6 servers are currently set using netsh (the existing
Set primary domain name server IPv6 address. Repeat DHCP code can only do IPv4 DHCP, and that protocol only permits IPv4
this option to set secondary DNS server IPv6 addresses. addresses anywhere). The option will be put into the environment, so
an
Note: currently this is handled using netsh (the
existing DHCP code can only do IPv4 DHCP, and that protocol only
permits IPv4 addresses anywhere). The option will be put into the
environment, so an
.B \-\-up .B \-\-up
script could act upon it if needed. script could act upon it if needed.

39
src/openvpn/options.c
View File

@ -707,8 +707,7 @@ static const char usage_message[] =
" which allow multiple addresses,\n" " which allow multiple addresses,\n"
" --dhcp-option must be repeated.\n" " --dhcp-option must be repeated.\n"
" DOMAIN name : Set DNS suffix\n" " DOMAIN name : Set DNS suffix\n"
" DNS addr : Set domain name server address(es) (IPv4)\n" " DNS addr : Set domain name server address(es) (IPv4 and IPv6)\n"
" DNS6 addr : Set domain name server address(es) (IPv6)\n"
" NTP : Set NTP server address(es)\n" " NTP : Set NTP server address(es)\n"
" NBDD : Set NBDD server address(es)\n" " NBDD : Set NBDD server address(es)\n"
" WINS addr : Set WINS server address(es)\n" " WINS addr : Set WINS server address(es)\n"
@ -1235,6 +1234,20 @@ show_tuntap_options(const struct tuntap_options *o)
#if defined(_WIN32) || defined(TARGET_ANDROID) #if defined(_WIN32) || defined(TARGET_ANDROID)
static void static void
dhcp_option_dns6_parse(const char *parm, struct in6_addr *dns6_list, int *len, int msglevel)
{
struct in6_addr addr;
if (*len >= N_DHCP_ADDR)
{
msg(msglevel, "--dhcp-option DNS: maximum of %d IPv6 dns servers can be specified",
N_DHCP_ADDR);
}
else if (get_ipv6_addr(parm, &addr, NULL, msglevel))
{
dns6_list[(*len)++] = addr;
}
}
static void
dhcp_option_address_parse(const char *name, const char *parm, in_addr_t *array, int *len, int msglevel) dhcp_option_address_parse(const char *name, const char *parm, in_addr_t *array, int *len, int msglevel)
{ {
if (*len >= N_DHCP_ADDR) if (*len >= N_DHCP_ADDR)
@ -7129,6 +7142,7 @@ add_option(struct options *options,
{ {
struct tuntap_options *o = &options->tuntap_options; struct tuntap_options *o = &options->tuntap_options;
VERIFY_PERMISSION(OPT_P_IPWIN32); VERIFY_PERMISSION(OPT_P_IPWIN32);
bool ipv6dns = false;
if (streq(p[1], "DOMAIN") && p[2]) if (streq(p[1], "DOMAIN") && p[2])
{ {
@ -7149,22 +7163,17 @@ add_option(struct options *options,
} }
o->netbios_node_type = t; o->netbios_node_type = t;
} }
else if (streq(p[1], "DNS") && p[2]) else if ((streq(p[1], "DNS") || streq(p[1], "DNS6")) && p[2] && (!strstr(p[2], ":") || ipv6_addr_safe(p[2])))
{ {
dhcp_option_address_parse("DNS", p[2], o->dns, &o->dns_len, msglevel); if (strstr(p[2], ":"))
}
else if (streq(p[1], "DNS6") && p[2] && ipv6_addr_safe(p[2]))
{
struct in6_addr addr;
foreign_option(options, p, 3, es);
if (o->dns6_len >= N_DHCP_ADDR)
{ {
msg(msglevel, "--dhcp-option DNS6: maximum of %d dns servers can be specified", ipv6dns=true;
N_DHCP_ADDR); foreign_option(options, p, 3, es);
dhcp_option_dns6_parse(p[2], o->dns6, &o->dns6_len, msglevel);
} }
else if (get_ipv6_addr(p[2], &addr, NULL, msglevel)) else
{ {
o->dns6[o->dns6_len++] = addr; dhcp_option_address_parse("DNS", p[2], o->dns, &o->dns_len, msglevel);
} }
} }
else if (streq(p[1], "WINS") && p[2]) else if (streq(p[1], "WINS") && p[2])
@ -7192,7 +7201,7 @@ add_option(struct options *options,
/* flag that we have options to give to the TAP driver's DHCPv4 server /* flag that we have options to give to the TAP driver's DHCPv4 server
* - skipped for "DNS6", as that's not a DHCPv4 option * - skipped for "DNS6", as that's not a DHCPv4 option
*/ */
if (!streq(p[1], "DNS6")) if (!ipv6dns)
{ {
o->dhcp_options = true; o->dhcp_options = true;
} }