ocserv: allow overriding hostname on the per-user configuration

This allows for the administrator to set specific hostnames, or even
empty hostname for specific users.

doc/sample.config

@@ -524,9 +524,9 @@ no-route = 192.168.5.0/255.255.255.0
 # based on a user or group. The syntax depends on the input accepted
 # by the commands route-add-cmd and route-del-cmd (see below). The no-udp
 # is a boolean option (e.g., no-udp = true), and will prevent a UDP session
-# for that specific user or group. Note also, that, any DNS or NBNS servers
-# present will overwrite the global ones, while any routes or no-routes set
-# will be appended to the default set.
+# for that specific user or group. The hostname option will set a
+# hostname to override any proposed by the user. Note also, that, any 
+# routes, no-routes, DNS or NBNS servers present will overwrite the global ones.
 
 #config-per-user = /etc/ocserv/config-per-user/
 #config-per-group = /etc/ocserv/config-per-group/

src/ipc.proto

@@ -59,6 +59,7 @@ message group_cfg_st
 	optional uint32 idle_timeout = 37;
 	optional uint32 mobile_idle_timeout = 38;
 	repeated fw_port_st fw_ports = 39;
+	optional string hostname = 40;
 }
 
 /* AUTH_COOKIE_REP */

src/main-worker-cmd.c

@@ -366,6 +366,7 @@ int handle_worker_commands(main_server_st * s, struct proc_st *proc)
 			if (tmsg->hostname) {
 				strlcpy(proc->hostname, tmsg->hostname,
 					 sizeof(proc->hostname));
+				mslog(s, proc, LOG_DEBUG, "setting worker hostname to '%s'", proc->hostname);
 				user_hostname_update(s, proc);
 			}
 

src/ocserv-args.def

@@ -636,14 +636,15 @@ no-route = 192.168.5.0/255.255.255.0
 #  keepalive, dpd, mobile-dpd, max-same-clients, tunnel-all-dns,
 #  restrict-user-to-routes, user-profile, cgroup, stats-report-time,
 #  mtu, idle-timeout, mobile-idle-timeout, restrict-user-to-ports,
-#  and session-timeout.
+#  hostname, and session-timeout.
 #
 # Note that the 'iroute' option allows to add routes on the server
 # based on a user or group. The syntax depends on the input accepted
 # by the commands route-add-cmd and route-del-cmd (see below). The no-udp
 # is a boolean option (e.g., no-udp = true), and will prevent a UDP session
-# for that specific user or group. Note also, that, any routes, no-routes, 
-# DNS or NBNS servers present will overwrite the global ones.
+# for that specific user or group. The hostname option will set a
+# hostname to override any proposed by the user. Note also, that, any 
+# routes, no-routes, DNS or NBNS servers present will overwrite the global ones.
 #
 # Also explicit addresses, are only allowed when they are odd. In that
 # case the next even address will be used as the remote address (in PtP).

src/sup-config/file.c

@@ -65,6 +65,7 @@ static struct cfg_options available_options[] = {
 	{ .name = "ipv6-subnet-prefix", .type = OPTION_NUMERIC },
 	{ .name = "explicit-ipv4", .type = OPTION_STRING },
 	{ .name = "explicit-ipv6", .type = OPTION_STRING },
+	{ .name = "hostname", .type = OPTION_STRING },
 	{ .name = "restrict-user-to-ports", .type = OPTION_STRING },
 	{ .name = "rx-data-per-sec", .type = OPTION_NUMERIC },
 	{ .name = "tx-data-per-sec", .type = OPTION_NUMERIC },
@@ -260,6 +261,8 @@ unsigned j;
 		}
 	}
 
+	READ_RAW_STRING("hostname", msg->config->hostname);
+
 	READ_RAW_NUMERIC("rx-data-per-sec", msg->config->rx_per_sec, msg->config->has_rx_per_sec);
 	READ_RAW_NUMERIC("tx-data-per-sec", msg->config->tx_per_sec, msg->config->has_tx_per_sec);
 	msg->config->rx_per_sec /= 1000; /* in kb */

src/worker-vpn.c

@@ -1404,6 +1404,9 @@ static int connect_handler(worker_st * ws)
 		return -1;
 	}
 
+	if (ws->user_config->hostname)
+		strlcpy(ws->req.hostname, ws->user_config->hostname, sizeof(ws->req.hostname));
+
 	FUZZ(ws->user_config->interim_update_secs, 5, rnd);
 	FUZZ(ws->config->rekey_time, 30, rnd);