+int setup_vpn_in_socket(const sockaddr_t *sa) {
+ int nfd;
+ char *addrstr;
+ int option;
+
+ nfd = socket(sa->sa.sa_family, SOCK_DGRAM, IPPROTO_UDP);
+
+ if(nfd < 0) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "Creating UDP socket failed: %s", sockstrerror(sockerrno));
+ return -1;
+ }
+
+#ifdef FD_CLOEXEC
+ fcntl(nfd, F_SETFD, FD_CLOEXEC);
+#endif
+
+#ifdef O_NONBLOCK
+ {
+ int flags = fcntl(nfd, F_GETFL);
+
+ if(fcntl(nfd, F_SETFL, flags | O_NONBLOCK) < 0) {
+ closesocket(nfd);
+ logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "fcntl",
+ strerror(errno));
+ return -1;
+ }
+ }
+#elif defined(WIN32)
+ {
+ unsigned long arg = 1;
+
+ if(ioctlsocket(nfd, FIONBIO, &arg) != 0) {
+ closesocket(nfd);
+ logger(DEBUG_ALWAYS, LOG_ERR, "Call to `%s' failed: %s", "ioctlsocket", sockstrerror(sockerrno));
+ return -1;
+ }
+ }
+#endif
+
+ option = 1;
+ setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, (void *)&option, sizeof(option));
+ setsockopt(nfd, SOL_SOCKET, SO_BROADCAST, (void *)&option, sizeof(option));
+
+ if(udp_rcvbuf && setsockopt(nfd, SOL_SOCKET, SO_RCVBUF, (void *)&udp_rcvbuf, sizeof(udp_rcvbuf))) {
+ logger(DEBUG_ALWAYS, LOG_WARNING, "Can't set UDP SO_RCVBUF to %i: %s", udp_rcvbuf, sockstrerror(sockerrno));
+ }
+
+ {
+ // The system may cap the requested buffer size.
+ // Read back the value and check if it is now as requested.
+ int udp_rcvbuf_actual = -1;
+ socklen_t optlen = sizeof(udp_rcvbuf_actual);
+
+ if(getsockopt(nfd, SOL_SOCKET, SO_RCVBUF, (void *)&udp_rcvbuf_actual, &optlen)) {
+ logger(DEBUG_ALWAYS, LOG_WARNING, "Can't read back UDP SO_RCVBUF: %s", sockstrerror(sockerrno));
+ } else if(optlen != sizeof(udp_rcvbuf_actual)) {
+ logger(DEBUG_ALWAYS, LOG_WARNING, "Can't read back UDP SO_RCVBUF: Unexpected returned optlen %jd", (intmax_t) optlen);
+ } else {
+ if(udp_rcvbuf_actual != udp_rcvbuf) {
+ logger(DEBUG_ALWAYS, LOG_WARNING, "Can't set UDP SO_RCVBUF to %i, the system set it to %i instead", udp_rcvbuf, udp_rcvbuf_actual);
+ }
+ }
+ }
+
+ if(udp_sndbuf && setsockopt(nfd, SOL_SOCKET, SO_SNDBUF, (void *)&udp_sndbuf, sizeof(udp_sndbuf))) {
+ logger(DEBUG_ALWAYS, LOG_WARNING, "Can't set UDP SO_SNDBUF to %i: %s", udp_sndbuf, sockstrerror(sockerrno));
+ }
+
+ {
+ // The system may cap the requested buffer size.
+ // Read back the value and check if it is now as requested.
+ int udp_sndbuf_actual = -1;
+ socklen_t optlen = sizeof(udp_sndbuf_actual);
+
+ if(getsockopt(nfd, SOL_SOCKET, SO_SNDBUF, (void *)&udp_sndbuf_actual, &optlen)) {
+ logger(DEBUG_ALWAYS, LOG_WARNING, "Can't read back UDP SO_SNDBUF: %s", sockstrerror(sockerrno));
+ } else if(optlen != sizeof(udp_sndbuf_actual)) {
+ logger(DEBUG_ALWAYS, LOG_WARNING, "Can't read back UDP SO_SNDBUF: Unexpected returned optlen %jd", (intmax_t) optlen);
+ } else {
+ if(udp_sndbuf_actual != udp_sndbuf) {
+ logger(DEBUG_ALWAYS, LOG_WARNING, "Can't set UDP SO_SNDBUF to %i, the system set it to %i instead", udp_sndbuf, udp_sndbuf_actual);
+ }
+ }
+ }
+
+#if defined(IPV6_V6ONLY)
+
+ if(sa->sa.sa_family == AF_INET6) {
+ setsockopt(nfd, IPPROTO_IPV6, IPV6_V6ONLY, (void *)&option, sizeof(option));
+ }
+
+#endif
+
+#if defined(IP_DONTFRAG) && !defined(IP_DONTFRAGMENT)
+#define IP_DONTFRAGMENT IP_DONTFRAG
+#endif
+
+#if defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DO)
+
+ if(myself->options & OPTION_PMTU_DISCOVERY) {
+ option = IP_PMTUDISC_DO;
+ setsockopt(nfd, IPPROTO_IP, IP_MTU_DISCOVER, (void *)&option, sizeof(option));
+ }