Re: [Openvpn-devel] [PATCH v3 release/2.6] Allow certain DHCP options to be used without DHCP server
Hi,
On 07/02/2023 15:54, Lev Stipakov wrote:
From: Lev Stipakov
Followin DHCP options:
DOMAIN, ADAPTER_DOMAIN_SUFFIX, DNS, WINS
don't require DHCP server in order to be used.
This change allows those options to be used with dco and wintun
drivers. If an option specified which requires DHCP server and
tap-windows6 driver is not used, print a clear error message
instead of obscure reference to --ip-win32.
Reported-by: Marek Zarychta
Signed-off-by: Lev Stipakov
Code makes sense and does what it says.
Acked-by: Antonio Quartulli
However, please not that I did not test this code path explicitly as my
testing capabilities on Windows are pretty limited.
Cheers,
---
v3: replace SHOW_INT with SHOW_UNSIGNED
v2: replace enum with defines, which are more suitable
as bit flags
src/openvpn/options.c | 39 +++
src/openvpn/tun.h | 6 +-
2 files changed, 28 insertions(+), 17 deletions(-)
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 6ae3faf8..8cbffc5c 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -1290,7 +1290,7 @@ show_tuntap_options(const struct tuntap_options *o)
SHOW_INT(dhcp_masq_offset);
SHOW_INT(dhcp_lease_time);
SHOW_INT(tap_sleep);
-SHOW_BOOL(dhcp_options);
+SHOW_UNSIGNED(dhcp_options);
SHOW_BOOL(dhcp_renew);
SHOW_BOOL(dhcp_pre_release);
SHOW_STR(domain);
@@ -2478,12 +2478,20 @@ options_postprocess_verify_ce(const struct options
*options,
msg(M_USAGE, "On Windows, --ip-win32 doesn't make sense unless --ifconfig
is also used");
}
-if (options->tuntap_options.dhcp_options
-&& options->windows_driver != WINDOWS_DRIVER_WINTUN
-&& options->tuntap_options.ip_win32_type != IPW32_SET_DHCP_MASQ
-&& options->tuntap_options.ip_win32_type != IPW32_SET_ADAPTIVE)
+if (options->tuntap_options.dhcp_options & DHCP_OPTIONS_DHCP_REQUIRED)
{
-msg(M_USAGE, "--dhcp-option requires --ip-win32 dynamic or adaptive");
+const char *prefix = "Some dhcp-options require DHCP server";
+if (options->windows_driver != WINDOWS_DRIVER_TAP_WINDOWS6)
+{
+msg(M_USAGE, "%s, which is not supported by selected %s driver",
+prefix, print_windows_driver(options->windows_driver));
+}
+else if (options->tuntap_options.ip_win32_type != IPW32_SET_DHCP_MASQ
+ && options->tuntap_options.ip_win32_type !=
IPW32_SET_ADAPTIVE)
+{
+msg(M_USAGE, "%s, which requires --ip-win32 dynamic or adaptive",
+prefix);
+}
}
if (options->windows_driver == WINDOWS_DRIVER_WINTUN && dev != DEV_TYPE_TUN)
@@ -8083,16 +8091,17 @@ add_option(struct options *options,
{
struct tuntap_options *o = >tuntap_options;
VERIFY_PERMISSION(OPT_P_DHCPDNS);
-bool ipv6dns = false;
if ((streq(p[1], "DOMAIN") || streq(p[1], "ADAPTER_DOMAIN_SUFFIX"))
&& p[2] && !p[3])
{
o->domain = p[2];
+o->dhcp_options |= DHCP_OPTIONS_DHCP_OPTIONAL;
}
else if (streq(p[1], "NBS") && p[2] && !p[3])
{
o->netbios_scope = p[2];
+o->dhcp_options |= DHCP_OPTIONS_DHCP_REQUIRED;
}
else if (streq(p[1], "NBT") && p[2] && !p[3])
{
@@ -8104,31 +8113,35 @@ add_option(struct options *options,
goto err;
}
o->netbios_node_type = t;
+o->dhcp_options |= DHCP_OPTIONS_DHCP_REQUIRED;
}
else if ((streq(p[1], "DNS") || streq(p[1], "DNS6")) && p[2] && !p[3]
&& (!strstr(p[2], ":") || ipv6_addr_safe(p[2])))
{
if (strstr(p[2], ":"))
{
-ipv6dns = true;
dhcp_option_dns6_parse(p[2], o->dns6, >dns6_len, msglevel);
}
else
{
dhcp_option_address_parse("DNS", p[2], o->dns, >dns_len,
msglevel);
+o->dhcp_options |= DHCP_OPTIONS_DHCP_OPTIONAL;
}
}
else if (streq(p[1], "WINS") && p[2] && !p[3])
{
dhcp_option_address_parse("WINS", p[2], o->wins, >wins_len,
msglevel);
+o->dhcp_options |= DHCP_OPTIONS_DHCP_OPTIONAL;
}
else if (streq(p[1], "NTP") && p[2] && !p[3])
{
dhcp_option_address_parse("NTP", p[2], o->ntp, >ntp_len,
msglevel);
+o->dhcp_options |= DHCP_OPTIONS_DHCP_REQUIRED;
}
else if (streq(p[1], "NBDD") && p[2] && !p[3])
{
dhcp_option_address_parse("NBDD", p[2], o->nbdd, >nbdd_len,
msglevel);
+o->dhcp_options |= DHCP_OPTIONS_DHCP_REQUIRED;
}
else if (streq(p[1], "DOMAIN-SEARCH") && p[2] && !p[3])
{
@@ -8141,10 +8154,12 @@ add_option(struct options
[Openvpn-devel] [PATCH v3 release/2.6] Allow certain DHCP options to be used without DHCP server
From: Lev Stipakov
Followin DHCP options:
DOMAIN, ADAPTER_DOMAIN_SUFFIX, DNS, WINS
don't require DHCP server in order to be used.
This change allows those options to be used with dco and wintun
drivers. If an option specified which requires DHCP server and
tap-windows6 driver is not used, print a clear error message
instead of obscure reference to --ip-win32.
Reported-by: Marek Zarychta
Signed-off-by: Lev Stipakov
---
v3: replace SHOW_INT with SHOW_UNSIGNED
v2: replace enum with defines, which are more suitable
as bit flags
src/openvpn/options.c | 39 +++
src/openvpn/tun.h | 6 +-
2 files changed, 28 insertions(+), 17 deletions(-)
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 6ae3faf8..8cbffc5c 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -1290,7 +1290,7 @@ show_tuntap_options(const struct tuntap_options *o)
SHOW_INT(dhcp_masq_offset);
SHOW_INT(dhcp_lease_time);
SHOW_INT(tap_sleep);
-SHOW_BOOL(dhcp_options);
+SHOW_UNSIGNED(dhcp_options);
SHOW_BOOL(dhcp_renew);
SHOW_BOOL(dhcp_pre_release);
SHOW_STR(domain);
@@ -2478,12 +2478,20 @@ options_postprocess_verify_ce(const struct options
*options,
msg(M_USAGE, "On Windows, --ip-win32 doesn't make sense unless
--ifconfig is also used");
}
-if (options->tuntap_options.dhcp_options
-&& options->windows_driver != WINDOWS_DRIVER_WINTUN
-&& options->tuntap_options.ip_win32_type != IPW32_SET_DHCP_MASQ
-&& options->tuntap_options.ip_win32_type != IPW32_SET_ADAPTIVE)
+if (options->tuntap_options.dhcp_options & DHCP_OPTIONS_DHCP_REQUIRED)
{
-msg(M_USAGE, "--dhcp-option requires --ip-win32 dynamic or adaptive");
+const char *prefix = "Some dhcp-options require DHCP server";
+if (options->windows_driver != WINDOWS_DRIVER_TAP_WINDOWS6)
+{
+msg(M_USAGE, "%s, which is not supported by selected %s driver",
+prefix, print_windows_driver(options->windows_driver));
+}
+else if (options->tuntap_options.ip_win32_type != IPW32_SET_DHCP_MASQ
+ && options->tuntap_options.ip_win32_type !=
IPW32_SET_ADAPTIVE)
+{
+msg(M_USAGE, "%s, which requires --ip-win32 dynamic or adaptive",
+prefix);
+}
}
if (options->windows_driver == WINDOWS_DRIVER_WINTUN && dev !=
DEV_TYPE_TUN)
@@ -8083,16 +8091,17 @@ add_option(struct options *options,
{
struct tuntap_options *o = >tuntap_options;
VERIFY_PERMISSION(OPT_P_DHCPDNS);
-bool ipv6dns = false;
if ((streq(p[1], "DOMAIN") || streq(p[1], "ADAPTER_DOMAIN_SUFFIX"))
&& p[2] && !p[3])
{
o->domain = p[2];
+o->dhcp_options |= DHCP_OPTIONS_DHCP_OPTIONAL;
}
else if (streq(p[1], "NBS") && p[2] && !p[3])
{
o->netbios_scope = p[2];
+o->dhcp_options |= DHCP_OPTIONS_DHCP_REQUIRED;
}
else if (streq(p[1], "NBT") && p[2] && !p[3])
{
@@ -8104,31 +8113,35 @@ add_option(struct options *options,
goto err;
}
o->netbios_node_type = t;
+o->dhcp_options |= DHCP_OPTIONS_DHCP_REQUIRED;
}
else if ((streq(p[1], "DNS") || streq(p[1], "DNS6")) && p[2] && !p[3]
&& (!strstr(p[2], ":") || ipv6_addr_safe(p[2])))
{
if (strstr(p[2], ":"))
{
-ipv6dns = true;
dhcp_option_dns6_parse(p[2], o->dns6, >dns6_len, msglevel);
}
else
{
dhcp_option_address_parse("DNS", p[2], o->dns, >dns_len,
msglevel);
+o->dhcp_options |= DHCP_OPTIONS_DHCP_OPTIONAL;
}
}
else if (streq(p[1], "WINS") && p[2] && !p[3])
{
dhcp_option_address_parse("WINS", p[2], o->wins, >wins_len,
msglevel);
+o->dhcp_options |= DHCP_OPTIONS_DHCP_OPTIONAL;
}
else if (streq(p[1], "NTP") && p[2] && !p[3])
{
dhcp_option_address_parse("NTP", p[2], o->ntp, >ntp_len,
msglevel);
+o->dhcp_options |= DHCP_OPTIONS_DHCP_REQUIRED;
}
else if (streq(p[1], "NBDD") && p[2] && !p[3])
{
dhcp_option_address_parse("NBDD", p[2], o->nbdd, >nbdd_len,
msglevel);
+o->dhcp_options |= DHCP_OPTIONS_DHCP_REQUIRED;
}
else if (streq(p[1], "DOMAIN-SEARCH") && p[2] && !p[3])
{
@@ -8141,10 +8154,12 @@ add_option(struct options *options,
msg(msglevel, "--dhcp-option %s: maximum of %d search entries
can be specified",
p[1], N_SEARCH_LIST_LEN);
}
+o->dhcp_options |= DHCP_OPTIONS_DHCP_REQUIRED;
}
else if (streq(p[1], "DISABLE-NBT") && !p[2])
{
