Hi, On Wed, Nov 17, 2021 at 06:54:24PM +0100, Max Fillinger wrote: > When running with --ifconfig-noexec on Linux, OpenVPN may still delete > the ip address from the tun interface on exit, because it tries to undo > the ifconfig that did not actually happen. > > This commit reintroduces the did_ifconfig member to struct tuntap so > that we can check if ifconfig was actually done before trying to undo > it. It's behind an #ifdef because it's only used on Linux, and that was > the reason why it was removed before. > > Signed-off-by: Max Fillinger <[email protected]>
I'm sure that this will work, but I wonder why we need to do this
in such a complicated way - the code here is
close_tun(struct tuntap *tt, openvpn_net_ctx_t *ctx)
...
if (tt->did_ifconfig_setup)
{
undo_ifconfig_ipv4(tt, ctx);
}
if (tt->did_ifconfig_ipv6_setup)
{
undo_ifconfig_ipv6(tt, ctx);
}
... so why is "did_ifconfig_setup" true, if ifconfig wasn't done?
Or, phrased differently, what is did_ifconfig_setup used for, across
the code, and can we just "not set it to true" if ifconfig-noexec
is in effect? Or does it have nasty side effects?
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany [email protected]
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
