On Sun, Apr 3, 2016 at 2:51 PM, Mike Auty <mike.a...@gmail.com> wrote:
>
> This patch add the new global "--vlan-tagging" boolean switch. This specifies
> whether openvpn should handle 802.1q tagged packets in any way.
>
> This patch also adds the new global '--vlan-accept tagged|untagged|all' which
> specifies the behaviour of the tap device with regards to 802.1q vlan tagged
> packets.
>
> This patch also adds the new "--vlan-pvid" integer option.
<snip>
> @@ -7178,6 +7224,45 @@ add_option (struct options *options,
> options->keying_material_exporter_length = ekm_length;
> }
> #endif
> +#ifdef ENABLE_VLAN_TAGGING
> + else if (streq (p[0], "vlan-tagging"))
> + {
> + VERIFY_PERMISSION (OPT_P_GENERAL);
> + options->vlan_tagging = true;
> + }
> + else if (streq (p[0], "vlan-accept") && p[1])
> + {
> + VERIFY_PERMISSION (OPT_P_GENERAL);
> + if (streq (p[1], "tagged"))
> + {
> + options->vlan_accept = VAF_ONLY_VLAN_TAGGED;
> + }
> + else if (streq (p[1], "untagged"))
> + {
> + options->vlan_accept = VAF_ONLY_UNTAGGED_OR_PRIORITY;
> + }
> + else if (streq (p[1], "all"))
> + {
> + options->vlan_accept = VAF_ALL;
> + }
> + else
> + {
> + msg (msglevel, "--vlan-accept must be 'tagged', 'untagged' or
> 'all'");
> + goto err;
> + }
> + }
> + else if (streq (p[0], "vlan-pvid") && p[1])
> + {
> + VERIFY_PERMISSION (OPT_P_GENERAL|OPT_P_INSTANCE);
> + options->vlan_pvid = positive_atoi (p[1]);
> + if (options->vlan_pvid < OPENVPN_8021Q_MIN_VID ||
> + options->vlan_pvid > OPENVPN_8021Q_MAX_VID)
> + {
> + msg (msglevel, "the parameter of --vlan-pvid parameters must be >=
> %u and <= %u", OPENVPN_8021Q_MIN_VID, OPENVPN_8021Q_MAX_VID);
> + goto err;
> + }
> + }
> +#endif
> else
> {
> int i;
NAK. This should include testing for extra parameters supplied in
error with the options, as the rest of the option-handling code does.
Something like the following (for each of the three new options):
+ else if (streq (p[0], "vlan-tagging") && !p[1])
