From dbb6ea3a52664be89b2cd745eaba32519b8c273e Mon Sep 17 00:00:00 2001 From: Gerhard Rieger Date: Fri, 16 Nov 2012 21:08:46 +0100 Subject: [PATCH] allow tun/tap specification without IP address --- CHANGES | 2 ++ doc/socat.yo | 13 +++++++------ xio-tun.c | 51 ++++++++++++++++++++++++++------------------------- 3 files changed, 35 insertions(+), 31 deletions(-) diff --git a/CHANGES b/CHANGES index aecf384..6029f00 100644 --- a/CHANGES +++ b/CHANGES @@ -133,6 +133,8 @@ new features: added option max-children that limits the number of concurrent child processes. Thanks to Sam Liddicott for providing the patch. + Till Maas added support for tun/tap addresses without IP address + ####################### V 2.0.0-b7: security: diff --git a/doc/socat.yo b/doc/socat.yo index 531a5e1..2c8b295 100644 --- a/doc/socat.yo +++ b/doc/socat.yo @@ -1021,12 +1021,13 @@ label(ADDRESS_TCP6_LISTEN)dit(bf(tt(TCP6-LISTEN:))) Additional useful option: link(ipv6only)(OPTION_IPV6_V6ONLY)nl() Option groups: link(FD)(GROUP_FD),link(SOCKET)(GROUP_SOCKET),link(LISTEN)(GROUP_LISTEN),link(CHILD)(GROUP_CHILD),link(RANGE)(GROUP_RANGE),link(IP6)(GROUP_IP6),link(TCP)(GROUP_TCP),link(RETRY)(GROUP_RETRY) nl() -label(ADDRESS_TUN)dit(bf(tt(TUN:/))) - Creates a Linux TUN/TAP device and assignes to it the address and netmask - defined by the parameters. The resulting network interface is ready for use - by other processes; socat() serves its "wire side". This address requires read - and write access to the tunnel cloning device, usually code(/dev/net/tun). - nl() +label(ADDRESS_TUN)dit(bf(tt(TUN[:/]))) + Creates a Linux TUN/TAP device and optionally assignes it the address and + netmask given by the parameters. The resulting network interface is almost + ready for use by other processes; socat serves its "wire side". This address + requires read and write access to the tunnel cloning device, usually + code(/dev/net/tun), as well as permission to set some tt(ioctl()s). + bf(Option iff-up is required to immediately activate the interface!)nl() Option groups: link(FD)(GROUP_FD),link(NAMED)(GROUP_NAMED),link(OPEN)(GROUP_OPEN),link(TUN)(GROUP_TUN) nl() Useful options: link(iff-up)(OPTION_IFF_UP), diff --git a/xio-tun.c b/xio-tun.c index c98da81..0fd92ac 100644 --- a/xio-tun.c +++ b/xio-tun.c @@ -83,8 +83,8 @@ static int xioopen_tun(int argc, const char *argv[], struct opt *opts, int xiofl char *ifaddr; int result; - if (argc != 2) { - Error2("%s: wrong number of parameters (%d instead of 1)", + if (argc > 2 || argc < 0) { + Error2("%s: wrong number of parameters (%d instead of 0 or 1)", argv[0], argc-1); } @@ -152,30 +152,31 @@ static int xioopen_tun(int argc, const char *argv[], struct opt *opts, int xiofl } /*--------------------- setting interface address and netmask ------------*/ - if ((ifaddr = strdup(argv[1])) == NULL) { - Error1("strdup(\"%s\"): out of memory", argv[1]); - return STAT_RETRYLATER; + if (argc == 2) { + if ((ifaddr = strdup(argv[1])) == NULL) { + Error1("strdup(\"%s\"): out of memory", argv[1]); + return STAT_RETRYLATER; + } + if ((result = xioparsenetwork(ifaddr, pf, &network)) != STAT_OK) { + /*! recover */ + return result; + } + socket_init(pf, (union sockaddr_union *)&ifr.ifr_addr); + ((struct sockaddr_in *)&ifr.ifr_addr)->sin_addr = + network.netaddr.ip4.sin_addr; + if (Ioctl(sockfd, SIOCSIFADDR, &ifr) < 0) { + Error4("ioctl(%d, SIOCSIFADDR, {\"%s\", \"%s\"}: %s", + sockfd, ifr.ifr_name, ifaddr, strerror(errno)); + } + ((struct sockaddr_in *)&ifr.ifr_netmask)->sin_addr = + network.netmask.ip4.sin_addr; + if (Ioctl(sockfd, SIOCSIFNETMASK, &ifr) < 0) { + Error4("ioctl(%d, SIOCSIFNETMASK, {\"0x%08u\", \"%s\"}, %s", + sockfd, ((struct sockaddr_in *)&ifr.ifr_netmask)->sin_addr.s_addr, + ifaddr, strerror(errno)); + } + free(ifaddr); } - if ((result = xioparsenetwork(ifaddr, pf, &network)) != STAT_OK) { - /*! recover */ - return result; - } - socket_init(pf, (union sockaddr_union *)&ifr.ifr_addr); - ((struct sockaddr_in *)&ifr.ifr_addr)->sin_addr = - network.netaddr.ip4.sin_addr; - if (Ioctl(sockfd, SIOCSIFADDR, &ifr) < 0) { - Error4("ioctl(%d, SIOCSIFADDR, {\"%s\", \"%s\"}: %s", - sockfd, ifr.ifr_name, ifaddr, strerror(errno)); - } - ((struct sockaddr_in *)&ifr.ifr_netmask)->sin_addr = - network.netmask.ip4.sin_addr; - if (Ioctl(sockfd, SIOCSIFNETMASK, &ifr) < 0) { - Error4("ioctl(%d, SIOCSIFNETMASK, {\"0x%08u\", \"%s\"}, %s", - sockfd, ((struct sockaddr_in *)&ifr.ifr_netmask)->sin_addr.s_addr, - ifaddr, strerror(errno)); - } - free(ifaddr); - /*--------------------- setting interface flags --------------------------*/ applyopts_single(&xfd->stream, opts, PH_FD);