== Socket Rework == The current state of socket handling of openvpn is suboptimal. It lacks proper support of dual stack environments. There are some design decisions to be made beforehand. This a first list of things that should be discussed before beginning a rewrite. * Meaning of udp, udp6. At the moment udp forces AF_INET and udp6 AF_INET6. If no udp/tcp is specified the client will guess ipv4/ipv6 and stick to that guess * Remove udp6, add --ipv4 and --ipv6 options to force a protocol * tcp design is straightfoward * tcp-server resolves address with AI_PASSIVE, bind to all returned results * tcp-client resolve all adresses, iterate through them in the returned order * Behaviour of udp sockets if --mode client/server is specified * Same behavior as tcp-server/client * Behaviour of p2p udp peers without --mode client/server , now it is simply only socket is open for both peers, in dual stack this assumption breaks * ~~introduce udp-server and udp-client. Let udp-server bind/listen on all socket and udp-client only on the one currently trying to connect~~ * Both peer bind on all sockets but iterate through the socket when trying to connect * alternatively: explicit binding on a single IPv4 or IPv6 address for each side is needed, no failover to the other protocol family ("he who uses p2p mode knows what works") * behaviour of bind/remote if they different in the returned protocols * bind only IPv4 but remote IPv4/IPv6, issue warning * bind only IPv4 and remote IPv6, exit with error * Bind mode with --mode client * Default to --nobind * if --bind is specified, only bind the socket family that is currently connected, e.g. do not bind/listen on a IPv6 udp local socket if connecting to IPv4 socket. * Listening on multiple sockets is needed for dual stack anyway. So simultaneous udp/tcp is possible too: * like but uses all blocks at the same time * allow sockets to be created by plugins. * Remove http-proxy and socks proxy from main code path * add http-proxy plugin and socks proxy plugins