openvpn/dns_8h_source.html

/*

 *  OpenVPN -- An application to securely tunnel IP networks

 *             over a single UDP port, with support for SSL/TLS-based

 *             session authentication and key exchange,

 *             packet encryption, packet authentication, and

 *             packet compression.

 *

 *  Copyright (C) 2022-2025 OpenVPN Inc <sales@openvpn.net>

 *

 *  This program is free software; you can redistribute it and/or modify

 *  it under the terms of the GNU General Public License version 2

 *  as published by the Free Software Foundation.

 *

 *  This program is distributed in the hope that it will be useful,

 *  but WITHOUT ANY WARRANTY; without even the implied warranty of

 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 *  GNU General Public License for more details.

 *

 *  You should have received a copy of the GNU General Public License along

 *  with this program; if not, write to the Free Software Foundation, Inc.,

 *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

 */


#ifndef DNS_H

#define DNS_H


#include "buffer.h"

#include "env_set.h"

#include "tun.h"


enum dns_security {

    DNS_SECURITY_UNSET,

    DNS_SECURITY_NO,

    DNS_SECURITY_YES,

    DNS_SECURITY_OPTIONAL

};


enum dns_server_transport {

    DNS_TRANSPORT_UNSET,

    DNS_TRANSPORT_PLAIN,

    DNS_TRANSPORT_HTTPS,

    DNS_TRANSPORT_TLS

};


enum dns_updown_flags {

    DNS_UPDOWN_NO_FLAGS,

    DNS_UPDOWN_USER_SET,

    DNS_UPDOWN_FORCED

};


struct dns_domain {

    struct dns_domain *next;

    const char *name;

};


struct dns_server_addr {

    union {

        struct in_addr a4;

        struct in6_addr a6;

    } in;

    sa_family_t family;

    in_port_t port;

};


struct dns_server {

    struct dns_server *next;

    long priority;

    size_t addr_count;

    struct dns_server_addr addr[8];

    struct dns_domain *domains;

    enum dns_security dnssec;

    enum dns_server_transport transport;

    const char *sni;

};


struct dns_updown_runner_info {

    bool required;

    int fds[2];

#if !defined(_WIN32)

    pid_t pid;

#endif

};


#ifndef N_DHCP_ADDR

#define N_DHCP_ADDR 4

#endif


#ifndef N_SEARCH_LIST_LEN

#define N_SEARCH_LIST_LEN 10

#endif


struct dhcp_options {

    in_addr_t dns[N_DHCP_ADDR];

    int dns_len;


    struct in6_addr dns6[N_DHCP_ADDR];

    int dns6_len;


    const char *domain;

    const char *domain_search_list[N_SEARCH_LIST_LEN];

    int domain_search_list_len;

};


struct dns_options {

    struct dhcp_options from_dhcp;

    struct dns_domain *search_domains;

    struct dns_server *servers_prepull;

    struct dns_server *servers;

    struct gc_arena gc;

    const char *updown;

    enum dns_updown_flags updown_flags;

};


bool dns_server_priority_parse(long *priority, const char *str, bool pulled);


struct dns_server *dns_server_get(struct dns_server **entry, long priority, struct gc_arena *gc);


void dns_domain_list_append(struct dns_domain **entry, char **domains, struct gc_arena *gc);


bool dns_server_addr_parse(struct dns_server *server, const char *addr);


bool dns_options_verify(int msglevel, const struct dns_options *o);


struct dns_options clone_dns_options(const struct dns_options *o,

                                     struct gc_arena *gc);


void dns_options_preprocess_pull(struct dns_options *o);


void dns_options_postprocess_pull(struct dns_options *o);


void run_dns_up_down(bool up, struct options *o, const struct tuntap *tt,

                     struct dns_updown_runner_info *duri);


void show_dns_options(const struct dns_options *o);


static inline bool


dns_updown_user_set(const struct dns_options *o)

{

    return o->updown_flags == DNS_UPDOWN_USER_SET;

}


static inline bool


dns_updown_forced(const struct dns_options *o)

{

    return o->updown_flags == DNS_UPDOWN_FORCED;

}


#endif /* ifndef DNS_H */

buffer.h

dns_updown_user_set
static bool dns_updown_user_set(const struct dns_options *o)
Returns whether dns-updown is user defined.
Definition dns.h:209

dns_options_verify
bool dns_options_verify(int msglevel, const struct dns_options *o)
Checks validity of DNS options.
Definition dns.c:204

dns_domain_list_append
void dns_domain_list_append(struct dns_domain **entry, char **domains, struct gc_arena *gc)
Appends DNS domain parameters to a linked list.
Definition dns.c:148

run_dns_up_down
void run_dns_up_down(bool up, struct options *o, const struct tuntap *tt, struct dns_updown_runner_info *duri)
Invokes the action associated with bringing DNS up or down.
Definition dns.c:850

dns_options_postprocess_pull
void dns_options_postprocess_pull(struct dns_options *o)
Merges pulled DNS servers with static ones into an ordered list.
Definition dns.c:280

dns_server_addr_parse
bool dns_server_addr_parse(struct dns_server *server, const char *addr)
Parses a string IPv4 or IPv6 address and optional colon separated port, into a in_addr or in6_addr re...
Definition dns.c:62

dns_updown_flags
dns_updown_flags
Definition dns.h:45

DNS_UPDOWN_FORCED
@ DNS_UPDOWN_FORCED
Definition dns.h:48

DNS_UPDOWN_NO_FLAGS
@ DNS_UPDOWN_NO_FLAGS
Definition dns.h:46

DNS_UPDOWN_USER_SET
@ DNS_UPDOWN_USER_SET
Definition dns.h:47

dns_server_get
struct dns_server * dns_server_get(struct dns_server **entry, long priority, struct gc_arena *gc)
Find or create DNS server with priority in a linked list.
Definition dns.c:182

dns_security
dns_security
Definition dns.h:31

DNS_SECURITY_UNSET
@ DNS_SECURITY_UNSET
Definition dns.h:32

DNS_SECURITY_NO
@ DNS_SECURITY_NO
Definition dns.h:33

DNS_SECURITY_YES
@ DNS_SECURITY_YES
Definition dns.h:34

DNS_SECURITY_OPTIONAL
@ DNS_SECURITY_OPTIONAL
Definition dns.h:35

dns_server_priority_parse
bool dns_server_priority_parse(long *priority, const char *str, bool pulled)
Parses a string DNS server priority and validates it.
Definition dns.c:167

dns_updown_forced
static bool dns_updown_forced(const struct dns_options *o)
Returns whether dns-updown is forced to run.
Definition dns.h:220

dns_server_transport
dns_server_transport
Definition dns.h:38

DNS_TRANSPORT_PLAIN
@ DNS_TRANSPORT_PLAIN
Definition dns.h:40

DNS_TRANSPORT_UNSET
@ DNS_TRANSPORT_UNSET
Definition dns.h:39

DNS_TRANSPORT_TLS
@ DNS_TRANSPORT_TLS
Definition dns.h:42

DNS_TRANSPORT_HTTPS
@ DNS_TRANSPORT_HTTPS
Definition dns.h:41

clone_dns_options
struct dns_options clone_dns_options(const struct dns_options *o, struct gc_arena *gc)
Makes a deep copy of the passed DNS options.
Definition dns.c:258

show_dns_options
void show_dns_options(const struct dns_options *o)
Prints configured DNS options.
Definition dns.c:771

dns_options_preprocess_pull
void dns_options_preprocess_pull(struct dns_options *o)
Saves and resets the server options, so that pulled ones don't mix in.
Definition dns.c:273

env_set.h

dhcp_options
Definition dns.h:92

dhcp_options::dns6_len
int dns6_len
Definition dns.h:97

dhcp_options::domain_search_list
const char * domain_search_list[N_SEARCH_LIST_LEN]
Definition dns.h:100

dhcp_options::domain
const char * domain
Definition dns.h:99

dhcp_options::dns6
struct in6_addr dns6[N_DHCP_ADDR]
Definition dns.h:96

dhcp_options::dns_len
int dns_len
Definition dns.h:94

dhcp_options::dns
in_addr_t dns[N_DHCP_ADDR]
Definition dns.h:93

dhcp_options::domain_search_list_len
int domain_search_list_len
Definition dns.h:101

dns_domain
Definition dns.h:51

dns_domain::next
struct dns_domain * next
Definition dns.h:52

dns_domain::name
const char * name
Definition dns.h:53

dns_options
Definition dns.h:104

dns_options::servers
struct dns_server * servers
Definition dns.h:108

dns_options::updown
const char * updown
Definition dns.h:110

dns_options::from_dhcp
struct dhcp_options from_dhcp
Definition dns.h:105

dns_options::servers_prepull
struct dns_server * servers_prepull
Definition dns.h:107

dns_options::gc
struct gc_arena gc
Definition dns.h:109

dns_options::updown_flags
enum dns_updown_flags updown_flags
Definition dns.h:111

dns_options::search_domains
struct dns_domain * search_domains
Definition dns.h:106

dns_server_addr
Definition dns.h:56

dns_server_addr::a4
struct in_addr a4
Definition dns.h:58

dns_server_addr::in
union dns_server_addr::@0 in

dns_server_addr::family
sa_family_t family
Definition dns.h:61

dns_server_addr::a6
struct in6_addr a6
Definition dns.h:59

dns_server_addr::port
in_port_t port
Definition dns.h:62

dns_server
Definition dns.h:65

dns_server::addr
struct dns_server_addr addr[8]
Definition dns.h:69

dns_server::dnssec
enum dns_security dnssec
Definition dns.h:71

dns_server::next
struct dns_server * next
Definition dns.h:66

dns_server::priority
long priority
Definition dns.h:67

dns_server::addr_count
size_t addr_count
Definition dns.h:68

dns_server::domains
struct dns_domain * domains
Definition dns.h:70

dns_server::transport
enum dns_server_transport transport
Definition dns.h:72

dns_server::sni
const char * sni
Definition dns.h:73

dns_updown_runner_info
Definition dns.h:76

dns_updown_runner_info::required
bool required
Definition dns.h:77

dns_updown_runner_info::fds
int fds[2]
Definition dns.h:78

gc_arena
Garbage collection arena used to keep track of dynamically allocated memory.
Definition buffer.h:117

options
Definition options.h:251

tuntap
Definition tun.h:178

sa_family_t
unsigned short sa_family_t
Definition syshead.h:395

gc
struct gc_arena gc
Definition test_ssl.c:155

tun.h

N_SEARCH_LIST_LEN
#define N_SEARCH_LIST_LEN
Definition tun.h:126

N_DHCP_ADDR
#define N_DHCP_ADDR
Definition tun.h:108