Treat dhcp-option DNS6 and DNS identical

OpenVPN3 accepts both IPv4 and IPv6 with option-dhcp DNS but throws an error for option-dhcp DNS6. This patch makes OpenVPN2 accept IPv4/IPv6 for both DNS and DNS6 V2: Put IPv6 parsing logic into own function similar as for for IPv4 DNS V3: more documentation / help message adjustments Acked-by: Selva Nair <selva.nair@gmail.com> Message-Id: <1517391662-21325-1-git-send-email-arne@rfc2549.org> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg16413.html Signed-off-by: Gert Doering <gert@greenie.muc.de> (cherry picked from commit 849006bf17bba524e6f3344598adcbe41bedf450)
2025-05-09 21:51:05 +08:00 · 2018-01-31 10:41:02 +01:00 · 2018-01-31 10:41:02 +01:00 · 61a72ecd59
commit 61a72ecd59
parent 6da18bf370
2 changed files with 29 additions and 24 deletions
--- a/doc/openvpn.8
+++ b/doc/openvpn.8
@ -5837,17 +5837,13 @@ across the VPN.
 Set Connection\-specific DNS Suffix.

 .B DNS addr \-\-
-Set primary domain name server IPv4 address.  Repeat
+Set primary domain name server IPv4 or IPv6 address.  Repeat
 this option to set secondary DNS server addresses.

-.B DNS6 addr \-\-
-Set primary domain name server IPv6 address.  Repeat
-this option to set secondary DNS server IPv6 addresses.
-
-Note: currently this is handled using netsh (the
-existing DHCP code can only do IPv4 DHCP, and that protocol only
-permits IPv4 addresses anywhere).  The option will be put into the
-environment, so an
+Note: DNS IPv6 servers are currently set using netsh (the existing
+DHCP code can only do IPv4 DHCP, and that protocol only permits IPv4
+addresses anywhere).  The option will be put into the environment, so
+an
 .B \-\-up
 script could act upon it if needed.

--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@ -707,8 +707,7 @@ static const char usage_message[] =
    "                    which allow multiple addresses,\n"
    "                    --dhcp-option must be repeated.\n"
    "                    DOMAIN name : Set DNS suffix\n"
-    "                    DNS addr    : Set domain name server address(es) (IPv4)\n"
-    "                    DNS6 addr   : Set domain name server address(es) (IPv6)\n"
+    "                    DNS addr    : Set domain name server address(es) (IPv4 and IPv6)\n"
    "                    NTP         : Set NTP server address(es)\n"
    "                    NBDD        : Set NBDD server address(es)\n"
    "                    WINS addr   : Set WINS server address(es)\n"
@ -1235,6 +1234,20 @@ show_tuntap_options(const struct tuntap_options *o)

 #if defined(_WIN32) || defined(TARGET_ANDROID)
 static void
+dhcp_option_dns6_parse(const char *parm, struct in6_addr *dns6_list, int *len, int msglevel)
+{
+    struct in6_addr addr;
+    if (*len >= N_DHCP_ADDR)
+    {
+        msg(msglevel, "--dhcp-option DNS: maximum of %d IPv6 dns servers can be specified",
+            N_DHCP_ADDR);
+    }
+    else if (get_ipv6_addr(parm, &addr, NULL, msglevel))
+    {
+        dns6_list[(*len)++] = addr;
+    }
+}
+static void
 dhcp_option_address_parse(const char *name, const char *parm, in_addr_t *array, int *len, int msglevel)
 {
    if (*len >= N_DHCP_ADDR)
@ -7129,6 +7142,7 @@ add_option(struct options *options,
    {
        struct tuntap_options *o = &options->tuntap_options;
        VERIFY_PERMISSION(OPT_P_IPWIN32);
+        bool ipv6dns = false;

        if (streq(p[1], "DOMAIN") && p[2])
        {
@ -7149,23 +7163,18 @@ add_option(struct options *options,
            }
            o->netbios_node_type = t;
        }
-        else if (streq(p[1], "DNS") && p[2])
+        else if ((streq(p[1], "DNS") || streq(p[1], "DNS6")) && p[2] && (!strstr(p[2], ":") || ipv6_addr_safe(p[2])))
+        {
+            if (strstr(p[2], ":"))
+            {
+                ipv6dns=true;
+                foreign_option(options, p, 3, es);
+                dhcp_option_dns6_parse(p[2], o->dns6, &o->dns6_len, msglevel);
+            }
+            else
            {
                dhcp_option_address_parse("DNS", p[2], o->dns, &o->dns_len, msglevel);
            }
-        else if (streq(p[1], "DNS6") && p[2] && ipv6_addr_safe(p[2]))
-        {
-            struct in6_addr addr;
-            foreign_option(options, p, 3, es);
-            if (o->dns6_len >= N_DHCP_ADDR)
-            {
-                msg(msglevel, "--dhcp-option DNS6: maximum of %d dns servers can be specified",
-                    N_DHCP_ADDR);
-            }
-            else if (get_ipv6_addr(p[2], &addr, NULL, msglevel))
-            {
-                o->dns6[o->dns6_len++] = addr;
-            }
        }
        else if (streq(p[1], "WINS") && p[2])
        {
@ -7192,7 +7201,7 @@ add_option(struct options *options,
        /* flag that we have options to give to the TAP driver's DHCPv4 server
         *  - skipped for "DNS6", as that's not a DHCPv4 option
         */
-        if (!streq(p[1], "DNS6"))
+        if (!ipv6dns)
        {
            o->dhcp_options = true;
        }