From 50f2fb88f6e0e3e7897a6a24a6870afab914bdf3 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Mon, 29 Dec 2014 20:09:58 +0200 Subject: [PATCH] simplify the input of IPv6 networks The prefix is specified as part of the network. --- doc/sample.config | 3 +-- src/config.c | 28 +++++++++++++++++++++++++++- src/ocserv-args.def | 5 ++--- src/sup-config/file.c | 8 +++++++- src/vpn.h | 1 + 5 files changed, 38 insertions(+), 7 deletions(-) diff --git a/doc/sample.config b/doc/sample.config index b3bb967a..6250acf4 100644 --- a/doc/sample.config +++ b/doc/sample.config @@ -269,8 +269,7 @@ dns = 192.168.1.2 #nbns = 192.168.1.3 # The IPv6 subnet that leases will be given from. -#ipv6-network = fc00:: -#ipv6-prefix = 16 +ipv6-network = fda9:4efe:7e3b:03ea::/64 # The domains over which the provided DNS should be used. Use # multiple lines for multiple domains. diff --git a/src/config.c b/src/config.c index b47a2be7..9bb648ee 100644 --- a/src/config.c +++ b/src/config.c @@ -367,6 +367,28 @@ static char *get_brackets_string2(void *pool, const char *str) return talloc_strndup(pool, p, len); } +/* Parses the string ::1/prefix, to return prefix + * and modify the string to contain the network only. + */ +unsigned extract_prefix(char *network) +{ + char *p; + unsigned prefix; + + if (network == NULL) + return 0; + + p = strchr(network, '/'); + + if (p == NULL) + return 0; + + prefix = atoi(p+1); + *p = 0; + + return prefix; +} + const struct auth_mod_st *get_auth_mod(void) { return amod; @@ -646,7 +668,11 @@ unsigned force_cert_auth; READ_STRING("ipv6-network", config->network.ipv6); - READ_NUMERIC("ipv6-prefix", prefix); + prefix = extract_prefix(config->network.ipv6); + if (prefix == 0) { + READ_NUMERIC("ipv6-prefix", prefix); + } + if (prefix > 0) { config->network.ipv6_prefix = prefix; diff --git a/src/ocserv-args.def b/src/ocserv-args.def index bd25e188..bf79a8e9 100644 --- a/src/ocserv-args.def +++ b/src/ocserv-args.def @@ -362,8 +362,7 @@ dns = 192.168.1.2 #nbns = 192.168.1.3 # The IPv6 subnet that leases will be given from. -#ipv6-network = fc00:: -#ipv6-prefix = 16 +#ipv6-network = fda9:4efe:7e3b:03ea::/64 # The domains over which the provided DNS should be used. Use # multiple lines for multiple domains. @@ -421,7 +420,7 @@ route = 192.168.5.0/255.255.255.0 # per group. Each file name on these directories must match the username # or the groupname. # The options allowed in the configuration files are dns, nbns, -# ipv?-network, ipv4-netmask, ipv6-prefix, rx/tx-per-sec, iroute, route, +# ipv?-network, ipv4-netmask, rx/tx-per-sec, iroute, route, # net-priority, deny-roaming, no-udp, user-profile, require-cert, and cgroup. # # Note that the 'iroute' option allows to add routes on the server diff --git a/src/sup-config/file.c b/src/sup-config/file.c index ba9202f4..fe483b1c 100644 --- a/src/sup-config/file.c +++ b/src/sup-config/file.c @@ -204,7 +204,13 @@ unsigned prefix = 0; READ_RAW_STRING("ipv6-network", msg->ipv6_net); READ_RAW_STRING("ipv4-netmask", msg->ipv4_netmask); - READ_RAW_NUMERIC("ipv6-prefix", msg->ipv6_prefix, msg->has_ipv6_prefix); + msg->ipv6_prefix = extract_prefix(msg->ipv6_net); + if (msg->ipv6_prefix == 0) { + READ_RAW_NUMERIC("ipv6-prefix", msg->ipv6_prefix, msg->has_ipv6_prefix); + } else { + msg->has_ipv6_prefix = 1; + } + if (msg->has_ipv6_prefix != 0) { if (valid_ipv6_prefix(msg->ipv6_prefix) == 0) { syslog(LOG_ERR, "unknown ipv6-prefix '%u' in %s", prefix, file); diff --git a/src/vpn.h b/src/vpn.h index 5d134e39..3dc8c660 100644 --- a/src/vpn.h +++ b/src/vpn.h @@ -317,6 +317,7 @@ struct main_server_st; #include +unsigned extract_prefix(char *network); char *human_addr2(const struct sockaddr *sa, socklen_t salen, void *buf, size_t buflen, unsigned full);