Re: [Openvpn-devel] [PATCH v3 release/2.6] Allow certain DHCP options to be used without DHCP server
Hi, On 07/02/2023 15:54, Lev Stipakov wrote: From: Lev Stipakov Followin DHCP options: DOMAIN, ADAPTER_DOMAIN_SUFFIX, DNS, WINS don't require DHCP server in order to be used. This change allows those options to be used with dco and wintun drivers. If an option specified which requires DHCP server and tap-windows6 driver is not used, print a clear error message instead of obscure reference to --ip-win32. Reported-by: Marek Zarychta Signed-off-by: Lev Stipakov Code makes sense and does what it says. Acked-by: Antonio Quartulli However, please not that I did not test this code path explicitly as my testing capabilities on Windows are pretty limited. Cheers, --- v3: replace SHOW_INT with SHOW_UNSIGNED v2: replace enum with defines, which are more suitable as bit flags src/openvpn/options.c | 39 +++ src/openvpn/tun.h | 6 +- 2 files changed, 28 insertions(+), 17 deletions(-) diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 6ae3faf8..8cbffc5c 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -1290,7 +1290,7 @@ show_tuntap_options(const struct tuntap_options *o) SHOW_INT(dhcp_masq_offset); SHOW_INT(dhcp_lease_time); SHOW_INT(tap_sleep); -SHOW_BOOL(dhcp_options); +SHOW_UNSIGNED(dhcp_options); SHOW_BOOL(dhcp_renew); SHOW_BOOL(dhcp_pre_release); SHOW_STR(domain); @@ -2478,12 +2478,20 @@ options_postprocess_verify_ce(const struct options *options, msg(M_USAGE, "On Windows, --ip-win32 doesn't make sense unless --ifconfig is also used"); } -if (options->tuntap_options.dhcp_options -&& options->windows_driver != WINDOWS_DRIVER_WINTUN -&& options->tuntap_options.ip_win32_type != IPW32_SET_DHCP_MASQ -&& options->tuntap_options.ip_win32_type != IPW32_SET_ADAPTIVE) +if (options->tuntap_options.dhcp_options & DHCP_OPTIONS_DHCP_REQUIRED) { -msg(M_USAGE, "--dhcp-option requires --ip-win32 dynamic or adaptive"); +const char *prefix = "Some dhcp-options require DHCP server"; +if (options->windows_driver != WINDOWS_DRIVER_TAP_WINDOWS6) +{ +msg(M_USAGE, "%s, which is not supported by selected %s driver", +prefix, print_windows_driver(options->windows_driver)); +} +else if (options->tuntap_options.ip_win32_type != IPW32_SET_DHCP_MASQ + && options->tuntap_options.ip_win32_type != IPW32_SET_ADAPTIVE) +{ +msg(M_USAGE, "%s, which requires --ip-win32 dynamic or adaptive", +prefix); +} } if (options->windows_driver == WINDOWS_DRIVER_WINTUN && dev != DEV_TYPE_TUN) @@ -8083,16 +8091,17 @@ add_option(struct options *options, { struct tuntap_options *o = >tuntap_options; VERIFY_PERMISSION(OPT_P_DHCPDNS); -bool ipv6dns = false; if ((streq(p[1], "DOMAIN") || streq(p[1], "ADAPTER_DOMAIN_SUFFIX")) && p[2] && !p[3]) { o->domain = p[2]; +o->dhcp_options |= DHCP_OPTIONS_DHCP_OPTIONAL; } else if (streq(p[1], "NBS") && p[2] && !p[3]) { o->netbios_scope = p[2]; +o->dhcp_options |= DHCP_OPTIONS_DHCP_REQUIRED; } else if (streq(p[1], "NBT") && p[2] && !p[3]) { @@ -8104,31 +8113,35 @@ add_option(struct options *options, goto err; } o->netbios_node_type = t; +o->dhcp_options |= DHCP_OPTIONS_DHCP_REQUIRED; } else if ((streq(p[1], "DNS") || streq(p[1], "DNS6")) && p[2] && !p[3] && (!strstr(p[2], ":") || ipv6_addr_safe(p[2]))) { if (strstr(p[2], ":")) { -ipv6dns = true; dhcp_option_dns6_parse(p[2], o->dns6, >dns6_len, msglevel); } else { dhcp_option_address_parse("DNS", p[2], o->dns, >dns_len, msglevel); +o->dhcp_options |= DHCP_OPTIONS_DHCP_OPTIONAL; } } else if (streq(p[1], "WINS") && p[2] && !p[3]) { dhcp_option_address_parse("WINS", p[2], o->wins, >wins_len, msglevel); +o->dhcp_options |= DHCP_OPTIONS_DHCP_OPTIONAL; } else if (streq(p[1], "NTP") && p[2] && !p[3]) { dhcp_option_address_parse("NTP", p[2], o->ntp, >ntp_len, msglevel); +o->dhcp_options |= DHCP_OPTIONS_DHCP_REQUIRED; } else if (streq(p[1], "NBDD") && p[2] && !p[3]) { dhcp_option_address_parse("NBDD", p[2], o->nbdd, >nbdd_len, msglevel); +o->dhcp_options |= DHCP_OPTIONS_DHCP_REQUIRED; } else if (streq(p[1], "DOMAIN-SEARCH") && p[2] && !p[3]) { @@ -8141,10 +8154,12 @@ add_option(struct options
[Openvpn-devel] [PATCH v3 release/2.6] Allow certain DHCP options to be used without DHCP server
From: Lev Stipakov Followin DHCP options: DOMAIN, ADAPTER_DOMAIN_SUFFIX, DNS, WINS don't require DHCP server in order to be used. This change allows those options to be used with dco and wintun drivers. If an option specified which requires DHCP server and tap-windows6 driver is not used, print a clear error message instead of obscure reference to --ip-win32. Reported-by: Marek Zarychta Signed-off-by: Lev Stipakov --- v3: replace SHOW_INT with SHOW_UNSIGNED v2: replace enum with defines, which are more suitable as bit flags src/openvpn/options.c | 39 +++ src/openvpn/tun.h | 6 +- 2 files changed, 28 insertions(+), 17 deletions(-) diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 6ae3faf8..8cbffc5c 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -1290,7 +1290,7 @@ show_tuntap_options(const struct tuntap_options *o) SHOW_INT(dhcp_masq_offset); SHOW_INT(dhcp_lease_time); SHOW_INT(tap_sleep); -SHOW_BOOL(dhcp_options); +SHOW_UNSIGNED(dhcp_options); SHOW_BOOL(dhcp_renew); SHOW_BOOL(dhcp_pre_release); SHOW_STR(domain); @@ -2478,12 +2478,20 @@ options_postprocess_verify_ce(const struct options *options, msg(M_USAGE, "On Windows, --ip-win32 doesn't make sense unless --ifconfig is also used"); } -if (options->tuntap_options.dhcp_options -&& options->windows_driver != WINDOWS_DRIVER_WINTUN -&& options->tuntap_options.ip_win32_type != IPW32_SET_DHCP_MASQ -&& options->tuntap_options.ip_win32_type != IPW32_SET_ADAPTIVE) +if (options->tuntap_options.dhcp_options & DHCP_OPTIONS_DHCP_REQUIRED) { -msg(M_USAGE, "--dhcp-option requires --ip-win32 dynamic or adaptive"); +const char *prefix = "Some dhcp-options require DHCP server"; +if (options->windows_driver != WINDOWS_DRIVER_TAP_WINDOWS6) +{ +msg(M_USAGE, "%s, which is not supported by selected %s driver", +prefix, print_windows_driver(options->windows_driver)); +} +else if (options->tuntap_options.ip_win32_type != IPW32_SET_DHCP_MASQ + && options->tuntap_options.ip_win32_type != IPW32_SET_ADAPTIVE) +{ +msg(M_USAGE, "%s, which requires --ip-win32 dynamic or adaptive", +prefix); +} } if (options->windows_driver == WINDOWS_DRIVER_WINTUN && dev != DEV_TYPE_TUN) @@ -8083,16 +8091,17 @@ add_option(struct options *options, { struct tuntap_options *o = >tuntap_options; VERIFY_PERMISSION(OPT_P_DHCPDNS); -bool ipv6dns = false; if ((streq(p[1], "DOMAIN") || streq(p[1], "ADAPTER_DOMAIN_SUFFIX")) && p[2] && !p[3]) { o->domain = p[2]; +o->dhcp_options |= DHCP_OPTIONS_DHCP_OPTIONAL; } else if (streq(p[1], "NBS") && p[2] && !p[3]) { o->netbios_scope = p[2]; +o->dhcp_options |= DHCP_OPTIONS_DHCP_REQUIRED; } else if (streq(p[1], "NBT") && p[2] && !p[3]) { @@ -8104,31 +8113,35 @@ add_option(struct options *options, goto err; } o->netbios_node_type = t; +o->dhcp_options |= DHCP_OPTIONS_DHCP_REQUIRED; } else if ((streq(p[1], "DNS") || streq(p[1], "DNS6")) && p[2] && !p[3] && (!strstr(p[2], ":") || ipv6_addr_safe(p[2]))) { if (strstr(p[2], ":")) { -ipv6dns = true; dhcp_option_dns6_parse(p[2], o->dns6, >dns6_len, msglevel); } else { dhcp_option_address_parse("DNS", p[2], o->dns, >dns_len, msglevel); +o->dhcp_options |= DHCP_OPTIONS_DHCP_OPTIONAL; } } else if (streq(p[1], "WINS") && p[2] && !p[3]) { dhcp_option_address_parse("WINS", p[2], o->wins, >wins_len, msglevel); +o->dhcp_options |= DHCP_OPTIONS_DHCP_OPTIONAL; } else if (streq(p[1], "NTP") && p[2] && !p[3]) { dhcp_option_address_parse("NTP", p[2], o->ntp, >ntp_len, msglevel); +o->dhcp_options |= DHCP_OPTIONS_DHCP_REQUIRED; } else if (streq(p[1], "NBDD") && p[2] && !p[3]) { dhcp_option_address_parse("NBDD", p[2], o->nbdd, >nbdd_len, msglevel); +o->dhcp_options |= DHCP_OPTIONS_DHCP_REQUIRED; } else if (streq(p[1], "DOMAIN-SEARCH") && p[2] && !p[3]) { @@ -8141,10 +8154,12 @@ add_option(struct options *options, msg(msglevel, "--dhcp-option %s: maximum of %d search entries can be specified", p[1], N_SEARCH_LIST_LEN); } +o->dhcp_options |= DHCP_OPTIONS_DHCP_REQUIRED; } else if (streq(p[1], "DISABLE-NBT") && !p[2]) {