mirror of
https://gitlab.com/openconnect/ocserv.git
synced 2026-02-10 00:37:00 +08:00
Allow prefixes in specifying the IPv4 network
This commit is contained in:
Nikos Mavrogiannopoulos
28
src/common.c
28
src/common.c
@@ -232,6 +232,34 @@ char* ipv6_prefix_to_mask(void *pool, unsigned prefix)
|
||||
}
|
||||
}
|
||||
|
||||
/* returns an allocated string with the mask to apply for the prefix
|
||||
*/
|
||||
char* ipv4_prefix_to_mask(void *pool, unsigned prefix)
|
||||
{
|
||||
switch (prefix) {
|
||||
case 8:
|
||||
return talloc_strdup(pool, "255.0.0.0");
|
||||
case 16:
|
||||
return talloc_strdup(pool, "255.255.0.0");
|
||||
case 24:
|
||||
return talloc_strdup(pool, "255.255.255.0");
|
||||
case 25:
|
||||
return talloc_strdup(pool, "255.255.255.128");
|
||||
case 26:
|
||||
return talloc_strdup(pool, "255.255.255.192");
|
||||
case 27:
|
||||
return talloc_strdup(pool, "255.255.255.224");
|
||||
case 28:
|
||||
return talloc_strdup(pool, "255.255.255.240");
|
||||
case 29:
|
||||
return talloc_strdup(pool, "255.255.255.248");
|
||||
case 30:
|
||||
return talloc_strdup(pool, "255.255.255.252");
|
||||
default:
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
/* Sends message + socketfd */
|
||||
int send_socket_msg(void *pool, int fd, uint8_t cmd,
|
||||
int socketfd,
|
||||
|
||||
@@ -43,6 +43,7 @@ ssize_t force_read_timeout(int sockfd, void *buf, size_t len, unsigned sec);
|
||||
ssize_t recv_timeout(int sockfd, void *buf, size_t len, unsigned sec);
|
||||
int ip_cmp(const struct sockaddr_storage *s1, const struct sockaddr_storage *s2, size_t n);
|
||||
char* ipv6_prefix_to_mask(void *pool, unsigned prefix);
|
||||
char* ipv4_prefix_to_mask(void *pool, unsigned prefix);
|
||||
inline static int valid_ipv6_prefix(unsigned prefix)
|
||||
{
|
||||
switch (prefix) {
|
||||
|
||||
@@ -402,6 +402,7 @@ unsigned j, i, mand;
|
||||
char** auth = NULL;
|
||||
unsigned auth_size = 0;
|
||||
unsigned prefix = 0, auto_select_group = 0;
|
||||
unsigned prefix4 = 0;
|
||||
char *tmp;
|
||||
unsigned force_cert_auth;
|
||||
|
||||
@@ -664,7 +665,13 @@ unsigned force_cert_auth;
|
||||
READ_STRING("proxy-url", config->proxy_url);
|
||||
|
||||
READ_STRING("ipv4-network", config->network.ipv4);
|
||||
READ_STRING("ipv4-netmask", config->network.ipv4_netmask);
|
||||
|
||||
prefix4 = extract_prefix(config->network.ipv4);
|
||||
if (prefix4 == 0) {
|
||||
READ_STRING("ipv4-netmask", config->network.ipv4_netmask);
|
||||
} else {
|
||||
config->network.ipv4_netmask = ipv4_prefix_to_mask(config, prefix4);
|
||||
}
|
||||
|
||||
READ_STRING("ipv6-network", config->network.ipv6);
|
||||
|
||||
|
||||
@@ -353,6 +353,9 @@ default-domain = example.com
|
||||
ipv4-network = 192.168.1.0
|
||||
ipv4-netmask = 255.255.255.0
|
||||
|
||||
# An alternative way of specifying the network:
|
||||
#ipv4-network = 192.168.1.0/24
|
||||
|
||||
# The advertized DNS server. Use multiple lines for
|
||||
# multiple servers.
|
||||
# dns = fc00::4be0
|
||||
|
||||
Reference in New Issue
Block a user