mirror of
https://github.com/OpenVPN/openvpn.git
synced 2025-05-09 05:31:05 +08:00
564a21094e
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5599 e7ae566f-a301-0410-adde-c780ea21d3b5
203 lines
5.4 KiB
C
203 lines
5.4 KiB
C
/*
|
|
* OpenVPN -- An application to securely tunnel IP networks
|
|
* over a single TCP/UDP port, with support for SSL/TLS-based
|
|
* session authentication and key exchange,
|
|
* packet encryption, packet authentication, and
|
|
* packet compression.
|
|
*
|
|
* Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License version 2
|
|
* as published by the Free Software Foundation.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program (see the file COPYING included with this
|
|
* distribution); if not, write to the Free Software Foundation, Inc.,
|
|
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
*/
|
|
|
|
#ifndef PROTO_H
|
|
#define PROTO_H
|
|
|
|
#include "common.h"
|
|
#include "buffer.h"
|
|
|
|
#pragma pack(1)
|
|
|
|
/*
|
|
* Tunnel types
|
|
*/
|
|
#define DEV_TYPE_UNDEF 0
|
|
#define DEV_TYPE_NULL 1
|
|
#define DEV_TYPE_TUN 2 /* point-to-point IP tunnel */
|
|
#define DEV_TYPE_TAP 3 /* ethernet (802.3) tunnel */
|
|
|
|
/* TUN topologies */
|
|
|
|
#define TOP_UNDEF 0
|
|
#define TOP_NET30 1
|
|
#define TOP_P2P 2
|
|
#define TOP_SUBNET 3
|
|
|
|
/*
|
|
* IP and Ethernet protocol structs. For portability,
|
|
* OpenVPN needs its own definitions of these structs, and
|
|
* names have been adjusted to avoid collisions with
|
|
* native structs.
|
|
*/
|
|
|
|
#define OPENVPN_ETH_ALEN 6 /* ethernet address length */
|
|
struct openvpn_ethhdr
|
|
{
|
|
uint8_t dest[OPENVPN_ETH_ALEN]; /* destination ethernet addr */
|
|
uint8_t source[OPENVPN_ETH_ALEN]; /* source ethernet addr */
|
|
|
|
# define OPENVPN_ETH_P_IPV4 0x0800 /* IPv4 protocol */
|
|
# define OPENVPN_ETH_P_IPV6 0x86DD /* IPv6 protocol */
|
|
# define OPENVPN_ETH_P_ARP 0x0806 /* ARP protocol */
|
|
uint16_t proto; /* packet type ID field */
|
|
};
|
|
|
|
struct openvpn_arp {
|
|
# define ARP_MAC_ADDR_TYPE 0x0001
|
|
uint16_t mac_addr_type; /* 0x0001 */
|
|
|
|
uint16_t proto_addr_type; /* 0x0800 */
|
|
uint8_t mac_addr_size; /* 0x06 */
|
|
uint8_t proto_addr_size; /* 0x04 */
|
|
|
|
# define ARP_REQUEST 0x0001
|
|
# define ARP_REPLY 0x0002
|
|
uint16_t arp_command; /* 0x0001 for ARP request, 0x0002 for ARP reply */
|
|
|
|
uint8_t mac_src[OPENVPN_ETH_ALEN];
|
|
in_addr_t ip_src;
|
|
uint8_t mac_dest[OPENVPN_ETH_ALEN];
|
|
in_addr_t ip_dest;
|
|
};
|
|
|
|
struct openvpn_iphdr {
|
|
# define OPENVPN_IPH_GET_VER(v) (((v) >> 4) & 0x0F)
|
|
# define OPENVPN_IPH_GET_LEN(v) (((v) & 0x0F) << 2)
|
|
uint8_t version_len;
|
|
|
|
uint8_t tos;
|
|
uint16_t tot_len;
|
|
uint16_t id;
|
|
|
|
# define OPENVPN_IP_OFFMASK 0x1fff
|
|
uint16_t frag_off;
|
|
|
|
uint8_t ttl;
|
|
|
|
# define OPENVPN_IPPROTO_IGMP 2 /* IGMP protocol */
|
|
# define OPENVPN_IPPROTO_TCP 6 /* TCP protocol */
|
|
# define OPENVPN_IPPROTO_UDP 17 /* UDP protocol */
|
|
uint8_t protocol;
|
|
|
|
uint16_t check;
|
|
uint32_t saddr;
|
|
uint32_t daddr;
|
|
/*The options start here. */
|
|
};
|
|
|
|
/*
|
|
* UDP header
|
|
*/
|
|
struct openvpn_udphdr {
|
|
uint16_t source;
|
|
uint16_t dest;
|
|
uint16_t len;
|
|
uint16_t check;
|
|
};
|
|
|
|
/*
|
|
* TCP header, per RFC 793.
|
|
*/
|
|
struct openvpn_tcphdr {
|
|
uint16_t source; /* source port */
|
|
uint16_t dest; /* destination port */
|
|
uint32_t seq; /* sequence number */
|
|
uint32_t ack_seq; /* acknowledgement number */
|
|
|
|
# define OPENVPN_TCPH_GET_DOFF(d) (((d) & 0xF0) >> 2)
|
|
uint8_t doff_res;
|
|
|
|
# define OPENVPN_TCPH_FIN_MASK (1<<0)
|
|
# define OPENVPN_TCPH_SYN_MASK (1<<1)
|
|
# define OPENVPN_TCPH_RST_MASK (1<<2)
|
|
# define OPENVPN_TCPH_PSH_MASK (1<<3)
|
|
# define OPENVPN_TCPH_ACK_MASK (1<<4)
|
|
# define OPENVPN_TCPH_URG_MASK (1<<5)
|
|
# define OPENVPN_TCPH_ECE_MASK (1<<6)
|
|
# define OPENVPN_TCPH_CWR_MASK (1<<7)
|
|
uint8_t flags;
|
|
|
|
uint16_t window;
|
|
uint16_t check;
|
|
uint16_t urg_ptr;
|
|
};
|
|
|
|
#define OPENVPN_TCPOPT_EOL 0
|
|
#define OPENVPN_TCPOPT_NOP 1
|
|
#define OPENVPN_TCPOPT_MAXSEG 2
|
|
#define OPENVPN_TCPOLEN_MAXSEG 4
|
|
|
|
#pragma pack()
|
|
|
|
/*
|
|
* The following macro is used to update an
|
|
* internet checksum. "acc" is a 32-bit
|
|
* accumulation of all the changes to the
|
|
* checksum (adding in old 16-bit words and
|
|
* subtracting out new words), and "cksum"
|
|
* is the checksum value to be updated.
|
|
*/
|
|
#define ADJUST_CHECKSUM(acc, cksum) { \
|
|
(acc) += (cksum); \
|
|
if ((acc) < 0) { \
|
|
(acc) = -(acc); \
|
|
(acc) = ((acc) >> 16) + ((acc) & 0xffff); \
|
|
(acc) += (acc) >> 16; \
|
|
(cksum) = (uint16_t) ~(acc); \
|
|
} else { \
|
|
(acc) = ((acc) >> 16) + ((acc) & 0xffff); \
|
|
(acc) += (acc) >> 16; \
|
|
(cksum) = (uint16_t) (acc); \
|
|
} \
|
|
}
|
|
|
|
/*
|
|
* We are in a "liberal" position with respect to MSS,
|
|
* i.e. we assume that MSS can be calculated from MTU
|
|
* by subtracting out only the IP and TCP header sizes
|
|
* without options.
|
|
*
|
|
* (RFC 879, section 7).
|
|
*/
|
|
#define MTU_TO_MSS(mtu) (mtu - sizeof(struct openvpn_iphdr) \
|
|
- sizeof(struct openvpn_tcphdr))
|
|
|
|
/*
|
|
* If raw tunnel packet is IPv4, return true and increment
|
|
* buffer offset to start of IP header.
|
|
*/
|
|
bool is_ipv4 (int tunnel_type, struct buffer *buf);
|
|
|
|
#ifdef PACKET_TRUNCATION_CHECK
|
|
void ipv4_packet_size_verify (const uint8_t *data,
|
|
const int size,
|
|
const int tunnel_type,
|
|
const char
|
|
*prefix,
|
|
counter_type *errors);
|
|
#endif
|
|
|
|
#endif
|