@@ -46,6 +46,7 @@
#include "route.h"
#include "win32.h"
#include "block_dns.h"
+#include "sitnl.h"
#include "memdbg.h"
@@ -883,10 +884,12 @@ do_ifconfig(struct tuntap *tt,
if (tt->did_ifconfig_setup)
{
bool tun = false;
+#if !defined(TARGET_LINUX)
const char *ifconfig_local = NULL;
const char *ifconfig_remote_netmask = NULL;
const char *ifconfig_broadcast = NULL;
const char *ifconfig_ipv6_local = NULL;
+#endif
bool do_ipv6 = false;
struct argv argv = argv_new();
@@ -898,18 +901,23 @@ do_ifconfig(struct tuntap *tt,
*/
tun = is_tun_p2p(tt);
+#if !defined(TARGET_LINUX)
/*
* Set ifconfig parameters
*/
ifconfig_local = print_in_addr_t(tt->local, 0, &gc);
ifconfig_remote_netmask = print_in_addr_t(tt->remote_netmask, 0, &gc);
+#endif
if (tt->did_ifconfig_ipv6_setup)
{
+#if !defined(TARGET_LINUX)
ifconfig_ipv6_local = print_in6_addr(tt->local_ipv6, 0, &gc);
+#endif
do_ipv6 = true;
}
+#if !defined(TARGET_LINUX)
/*
* If TAP-style device, generate broadcast address.
*/
@@ -917,6 +925,7 @@ do_ifconfig(struct tuntap *tt,
{
ifconfig_broadcast = print_in_addr_t(tt->broadcast, 0, &gc);
}
+#endif
#ifdef ENABLE_MANAGEMENT
if (management)
@@ -933,102 +942,43 @@ do_ifconfig(struct tuntap *tt,
#if defined(TARGET_LINUX)
-#ifdef ENABLE_IPROUTE
- /*
- * Set the MTU for the device
- */
- argv_printf(&argv,
- "%s link set dev %s up mtu %d",
- iproute_path,
- actual,
- tun_mtu
- );
- argv_msg(M_INFO, &argv);
- openvpn_execve_check(&argv, es, S_FATAL, "Linux ip link set failed");
-
- if (tun)
- {
-
- /*
- * Set the address for the device
- */
- argv_printf(&argv,
- "%s addr add dev %s local %s peer %s",
- iproute_path,
- actual,
- ifconfig_local,
- ifconfig_remote_netmask
- );
- argv_msg(M_INFO, &argv);
- openvpn_execve_check(&argv, es, S_FATAL, "Linux ip addr add failed");
- }
- else
+ if (sitnl_iface_mtu_set(actual, tun_mtu) < 0)
{
- argv_printf(&argv,
- "%s addr add dev %s %s/%d broadcast %s",
- iproute_path,
- actual,
- ifconfig_local,
- netmask_to_netbits2(tt->remote_netmask),
- ifconfig_broadcast
- );
- argv_msg(M_INFO, &argv);
- openvpn_execve_check(&argv, es, S_FATAL, "Linux ip addr add failed");
+ msg(M_FATAL, "Linux can't set mtu (%d) on %s", tun_mtu, actual);
}
- if (do_ipv6)
+
+ if (sitnl_iface_up(actual, true) < 0)
{
- argv_printf( &argv,
- "%s -6 addr add %s/%d dev %s",
- iproute_path,
- ifconfig_ipv6_local,
- tt->netbits_ipv6,
- actual
- );
- argv_msg(M_INFO, &argv);
- openvpn_execve_check(&argv, es, S_FATAL, "Linux ip -6 addr add failed");
+ msg(M_FATAL, "Linux can't bring %s up", actual);
}
- tt->did_ifconfig = true;
-#else /* ifdef ENABLE_IPROUTE */
+
if (tun)
{
- argv_printf(&argv,
- "%s %s %s pointopoint %s mtu %d",
- IFCONFIG_PATH,
- actual,
- ifconfig_local,
- ifconfig_remote_netmask,
- tun_mtu
- );
+ if (sitnl_addr_ptp_v4_add(actual, &tt->local,
+ &tt->remote_netmask) < 0)
+ {
+ msg(M_FATAL, "Linux can't add IP to TUN interface %s", actual);
+ }
}
else
{
- argv_printf(&argv,
- "%s %s %s netmask %s mtu %d broadcast %s",
- IFCONFIG_PATH,
- actual,
- ifconfig_local,
- ifconfig_remote_netmask,
- tun_mtu,
- ifconfig_broadcast
- );
+ if (sitnl_addr_v4_add(actual, &tt->local,
+ netmask_to_netbits2(tt->remote_netmask),
+ &tt->remote_netmask) < 0)
+ {
+ msg(M_FATAL, "Linux can't add IP to TAP interface %s", actual);
+ }
}
- argv_msg(M_INFO, &argv);
- openvpn_execve_check(&argv, es, S_FATAL, "Linux ifconfig failed");
if (do_ipv6)
{
- argv_printf(&argv,
- "%s %s add %s/%d",
- IFCONFIG_PATH,
- actual,
- ifconfig_ipv6_local,
- tt->netbits_ipv6
- );
- argv_msg(M_INFO, &argv);
- openvpn_execve_check(&argv, es, S_FATAL, "Linux ifconfig inet6 failed");
+ if (sitnl_addr_v6_add(actual, &tt->local_ipv6,
+ tt->netbits_ipv6) < 0)
+ {
+ msg(M_FATAL, "Linux can't add IPv6 to interface %s", actual);
+ }
}
tt->did_ifconfig = true;
-#endif /*ENABLE_IPROUTE*/
#elif defined(TARGET_ANDROID)
if (do_ipv6)
@@ -2103,77 +2053,44 @@ tuncfg(const char *dev, const char *dev_type, const char *dev_node, int persist_
void
close_tun(struct tuntap *tt)
{
- if (tt)
+ if (!tt)
{
- if (tt->type != DEV_TYPE_NULL && tt->did_ifconfig)
- {
- struct argv argv = argv_new();
- struct gc_arena gc = gc_new();
+ return;
+ }
-#ifdef ENABLE_IPROUTE
- if (is_tun_p2p(tt))
+ if (tt->type != DEV_TYPE_NULL && tt->did_ifconfig)
+ {
+ int netbits = netmask_to_netbits2(tt->remote_netmask);
+ if (is_tun_p2p(tt))
+ {
+ if (sitnl_addr_ptp_v4_del(tt->actual_name, &tt->local) < 0)
{
- argv_printf(&argv,
- "%s addr del dev %s local %s peer %s",
- iproute_path,
- tt->actual_name,
- print_in_addr_t(tt->local, 0, &gc),
- print_in_addr_t(tt->remote_netmask, 0, &gc)
- );
+ msg(M_WARN, "Linux can't del IP from TUN iface %s",
+ tt->actual_name);
}
- else
+ }
+ else
+ {
+ if (sitnl_addr_v4_del(tt->actual_name, &tt->local, netbits) < 0)
{
- argv_printf(&argv,
- "%s addr del dev %s %s/%d",
- iproute_path,
- tt->actual_name,
- print_in_addr_t(tt->local, 0, &gc),
- netmask_to_netbits2(tt->remote_netmask)
- );
+ msg(M_WARN, "Linux can't del IP from TAP iface %s",
+ tt->actual_name);
}
-#else /* ifdef ENABLE_IPROUTE */
- argv_printf(&argv,
- "%s %s 0.0.0.0",
- IFCONFIG_PATH,
- tt->actual_name
- );
-#endif /* ifdef ENABLE_IPROUTE */
-
- argv_msg(M_INFO, &argv);
- openvpn_execve_check(&argv, NULL, 0, "Linux ip addr del failed");
+ }
- if (tt->did_ifconfig_ipv6_setup)
+ if (tt->did_ifconfig_ipv6_setup)
+ {
+ if (sitnl_addr_v6_del(tt->actual_name, &tt->local_ipv6,
+ tt->netbits_ipv6) < 0)
{
- const char *ifconfig_ipv6_local = print_in6_addr(tt->local_ipv6, 0, &gc);
-
-#ifdef ENABLE_IPROUTE
- argv_printf(&argv, "%s -6 addr del %s/%d dev %s",
- iproute_path,
- ifconfig_ipv6_local,
- tt->netbits_ipv6,
- tt->actual_name
- );
- argv_msg(M_INFO, &argv);
- openvpn_execve_check(&argv, NULL, 0, "Linux ip -6 addr del failed");
-#else /* ifdef ENABLE_IPROUTE */
- argv_printf(&argv,
- "%s %s del %s/%d",
- IFCONFIG_PATH,
- tt->actual_name,
- ifconfig_ipv6_local,
- tt->netbits_ipv6
- );
- argv_msg(M_INFO, &argv);
- openvpn_execve_check(&argv, NULL, 0, "Linux ifconfig inet6 del failed");
-#endif
+ msg(M_WARN, "Linux can't del IPv6 from iface %s",
+ tt->actual_name);
}
-
- argv_reset(&argv);
- gc_free(&gc);
}
- close_tun_generic(tt);
- free(tt);
}
+
+ close_tun_generic(tt);
+ free(tt);
}
int
Signed-off-by: Antonio Quartulli <a@unstable.cc> --- src/openvpn/tun.c | 199 ++++++++++++++++-------------------------------------- 1 file changed, 58 insertions(+), 141 deletions(-)