GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-11 17:26:58 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add udp-listen-host option for DTLS

Browse Source 
This option supports different listen addresses for tcp and
udp such as haproxy for tcp, but support dtls at the same time (haproxy
does not support UDP at the moment)
This commit is contained in:
Lele Long
2019-09-06 18:50:23 +08:00
parent c6b24c1898
commit 17ed47488d
8 changed files with 343 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/config.c
View File

@@ -720,6 +720,8 @@ static int cfg_ini_handler(void *_ctx, const char *section, const char *name, co
vhost->acct = talloc_strdup(pool, value);
} else if (strcmp(name, "listen-host") == 0) {
PREAD_STRING(pool, vhost->perm_config.listen_host);
} else if (strcmp(name, "udp-listen-host") == 0) {
PREAD_STRING(pool, vhost->perm_config.udp_listen_host);
} else if (strcmp(name, "listen-clear-file") == 0) {
if (!PWARN_ON_VHOST_STRDUP(vhost->name, "listen-clear-file", unix_conn_file))
PREAD_STRING(pool, vhost->perm_config.unix_conn_file);
@@ -785,7 +787,6 @@ static int cfg_ini_handler(void *_ctx, const char *section, const char *name, co
} else {
stage1_found = 0;
}
if (stage1_found)
goto exit;
}
@@ -1328,6 +1329,11 @@ static void check_cfg(vhost_cfg_st *vhost, vhost_cfg_st *defvhost, unsigned sile
if (config->no_compress_limit < MIN_NO_COMPRESS_LIMIT)
config->no_compress_limit = MIN_NO_COMPRESS_LIMIT;
/* use tcp listen host by default */
if (vhost->perm_config.udp_listen_host == NULL) {
vhost->perm_config.udp_listen_host = vhost->perm_config.listen_host;
}
#if !defined(HAVE_LIBSECCOMP)
if (config->isolate != 0 && !silent) {
fprintf(stderr, ERRSTR"%s'isolate-workers' is set to true, but not compiled with seccomp or Linux namespaces support\n", PREFIX_VHOST(vhost));

2
src/main.c
View File

@@ -419,7 +419,7 @@ listen_ports(void *pool, struct perm_cfg_st* config,
#endif
;
ret = getaddrinfo(config->listen_host, portname, &hints, &res);
ret = getaddrinfo(config->udp_listen_host, portname, &hints, &res);
if (ret != 0) {
fprintf(stderr, "getaddrinfo() failed: %s\n",
gai_strerror(ret));

1
src/vpn.h
View File

@@ -385,6 +385,7 @@ struct perm_cfg_st {
char *dh_params_file;
char *listen_host;
char *udp_listen_host;
char* unix_conn_file;
unsigned int port;
unsigned int udp_port;