Added the split-dns config option.

src/config.c

@@ -51,6 +51,7 @@ static struct cfg_options available_options[] = {
 	{ .name = "auth", .type = OPTION_MULTI_LINE, .mandatory = 1 },
 	{ .name = "route", .type = OPTION_MULTI_LINE, .mandatory = 0 },
 	{ .name = "custom-header", .type = OPTION_MULTI_LINE, .mandatory = 0 },
+	{ .name = "split-dns", .type = OPTION_MULTI_LINE, .mandatory = 0 },
 	{ .name = "listen-host", .type = OPTION_STRING, .mandatory = 0 },
 	{ .name = "tcp-port", .type = OPTION_NUMERIC, .mandatory = 0 },
 	{ .name = "udp-port", .type = OPTION_NUMERIC, .mandatory = 0 },
@@ -414,6 +415,7 @@ unsigned force_cert_auth;
 		config->network.ipv6_netmask = ipv6_prefix_to_mask(prefix);
 
 	READ_MULTI_LINE("custom-header", config->custom_header, config->custom_header_size);
+	READ_MULTI_LINE("split-dns", config->split_dns, config->split_dns_size);
 
 	READ_MULTI_LINE("route", config->network.routes, config->network.routes_size);
 	READ_MULTI_LINE("dns", config->network.dns, config->network.dns_size);
@@ -615,6 +617,9 @@ unsigned i;
 	for (i=0;i<config->custom_header_size;i++)
 		DEL(config->custom_header[i]);
 	DEL(config->custom_header);
+	for (i=0;i<config->split_dns_size;i++)
+		DEL(config->split_dns[i]);
+	DEL(config->split_dns);
 
 	return;
 }

src/ocserv-args.def

@@ -254,7 +254,8 @@ default-domain = example.com
 ipv4-network = 192.168.1.0
 ipv4-netmask = 255.255.255.0
 
-# The DNS advertized server
+# The advertized DNS server. Use multiple lines for
+# multiple servers.
 # dns = fc00::4be0
 dns = 192.168.1.2
 
@@ -265,6 +266,10 @@ dns = 192.168.1.2
 #ipv6-network = fc00::
 #ipv6-prefix = 16
 
+# The domains over which the provided DNS should be used. Use
+# multiple lines for multiple domains.
+#split-dns = example.com
+
 # Prior to leasing any IP from the pool ping it to verify that
 # it is not in use by another (unrelated to this server) host.
 ping-leases = false

src/vpn.h

@@ -184,6 +184,9 @@ struct cfg_st {
 	char **custom_header;
 	unsigned custom_header_size;;
 
+	char **split_dns;
+	unsigned split_dns_size;;
+
 	char* socket_file_prefix;
 	time_t cookie_validity;	/* in seconds */
 	time_t min_reauth_time;	/* after a failed auth, how soon one can reauthenticate -> in seconds */

src/worker-vpn.c

@@ -1177,6 +1177,13 @@ static int connect_handler(worker_st * ws)
 		SEND_ERR(ret);
 	}
 
+	for (i = 0; i < ws->config->split_dns_size; i++) {
+		oclog(ws, LOG_DEBUG, "adding split DNS %s", ws->config->split_dns[i]);
+		ret = tls_printf(ws->session,
+				 "X-CSTP-Split-DNS: %s\r\n", ws->config->split_dns[i]);
+		SEND_ERR(ret);
+	}
+
 	for (i = 0; i < ws->vinfo.routes_size; i++) {
 		if (req->no_ipv6 != 0 && strchr(ws->vinfo.routes[i], ':') != 0)
 			continue;