diff options
Diffstat (limited to '')
| -rw-r--r-- | options.c | 32 |
1 files changed, 20 insertions, 12 deletions
@@ -180,6 +180,8 @@ static const char usage_message[] = " --route-up script using environmental variables.\n" "--route-nopull : When used with --client or --pull, accept options pushed\n" " by server EXCEPT for routes.\n" + "--allow-pull-fqdn : Allow client to pull DNS names from server for\n" + " --ifconfig, --route, and --route-gateway.\n" "--redirect-gateway [flags]: (Experimental) Automatically execute routing\n" " commands to redirect all outgoing IP traffic through the\n" " VPN. Add 'local' flag if both " PACKAGE_NAME " servers are directly\n" @@ -890,7 +892,7 @@ dhcp_option_address_parse (const char *name, const char *parm, in_addr_t *array, } else { - if (ip_addr_dotted_quad_safe (parm)) + if (ip_addr_dotted_quad_safe (parm)) /* FQDN -- IP address only */ { bool error = false; const in_addr_t addr = get_ip_addr (parm, msglevel, &error); @@ -1227,6 +1229,7 @@ show_settings (const struct options *o) SHOW_BOOL (route_delay_defined); SHOW_BOOL (route_nopull); SHOW_BOOL (route_gateway_via_dhcp); + SHOW_BOOL (allow_pull_fqdn); if (o->routes) print_route_options (o->routes, D_SHOW_PARMS); @@ -3433,7 +3436,7 @@ add_option (struct options *options, else if (streq (p[0], "lladdr") && p[1]) { VERIFY_PERMISSION (OPT_P_UP); - if (ip_addr_dotted_quad_safe (p[1])) + if (ip_addr_dotted_quad_safe (p[1])) /* FQDN -- IP address only */ options->lladdr = p[1]; else { @@ -3461,14 +3464,14 @@ add_option (struct options *options, else if (streq (p[0], "ifconfig") && p[1] && p[2]) { VERIFY_PERMISSION (OPT_P_UP); - if (ip_addr_dotted_quad_safe (p[1]) && ip_addr_dotted_quad_safe (p[2])) + if (ip_or_dns_addr_safe (p[1], options->allow_pull_fqdn) && ip_or_dns_addr_safe (p[2], options->allow_pull_fqdn)) /* FQDN -- may be DNS name */ { options->ifconfig_local = p[1]; options->ifconfig_remote_netmask = p[2]; } else { - msg (msglevel, "ifconfig parms '%s' and '%s' must be IP addresses", p[1], p[2]); + msg (msglevel, "ifconfig parms '%s' and '%s' must be valid addresses", p[1], p[2]); goto err; } } @@ -4217,19 +4220,19 @@ add_option (struct options *options, rol_check_alloc (options); if (pull_mode) { - if (!ip_addr_dotted_quad_safe (p[1]) && !is_special_addr (p[1])) + if (!ip_or_dns_addr_safe (p[1], options->allow_pull_fqdn) && !is_special_addr (p[1])) /* FQDN -- may be DNS name */ { - msg (msglevel, "route parameter network/IP '%s' is not an IP address", p[1]); + msg (msglevel, "route parameter network/IP '%s' must be a valid address", p[1]); goto err; } - if (p[2] && !ip_addr_dotted_quad_safe (p[2])) + if (p[2] && !ip_addr_dotted_quad_safe (p[2])) /* FQDN -- must be IP address */ { - msg (msglevel, "route parameter netmask '%s' is not an IP address", p[2]); + msg (msglevel, "route parameter netmask '%s' must be an IP address", p[2]); goto err; } - if (p[3] && !ip_addr_dotted_quad_safe (p[3]) && !is_special_addr (p[3])) + if (p[3] && !ip_or_dns_addr_safe (p[3], options->allow_pull_fqdn) && !is_special_addr (p[3])) /* FQDN -- may be DNS name */ { - msg (msglevel, "route parameter gateway '%s' is not an IP address", p[3]); + msg (msglevel, "route parameter gateway '%s' must be a valid address", p[3]); goto err; } } @@ -4244,13 +4247,13 @@ add_option (struct options *options, } else { - if (ip_addr_dotted_quad_safe (p[1]) || is_special_addr (p[1])) + if (ip_or_dns_addr_safe (p[1], options->allow_pull_fqdn) || is_special_addr (p[1])) /* FQDN -- may be DNS name */ { options->route_default_gateway = p[1]; } else { - msg (msglevel, "route-gateway parm '%s' must be an IP address", p[1]); + msg (msglevel, "route-gateway parm '%s' must be a valid address", p[1]); goto err; } } @@ -4294,6 +4297,11 @@ add_option (struct options *options, VERIFY_PERMISSION (OPT_P_GENERAL); options->route_nopull = true; } + else if (streq (p[0], "allow-pull-fqdn")) + { + VERIFY_PERMISSION (OPT_P_GENERAL); + options->allow_pull_fqdn = true; + } else if (streq (p[0], "redirect-gateway")) { int j; |