Attention is currently required from: plaisthos.
Hello plaisthos,
I'd like you to do a code review.
Please visit
http://gerrit.openvpn.net/c/openvpn/+/863?usp=email
to review the following change.
Change subject: Remove unused function check_subnet_conflict
......................................................................
Remove unused function check_subnet_conflict
This has been #if 0 for over a decade. Let's just
remove this.
Change-Id: If570253e57371e4126b0e8aa4c349e2051cb8b00
Signed-off-by: Frank Lichtenheld <[email protected]>
---
M src/openvpn/route.c
M src/openvpn/tun.c
M src/openvpn/tun.h
3 files changed, 0 insertions(+), 52 deletions(-)
git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/63/863/1
diff --git a/src/openvpn/route.c b/src/openvpn/route.c
index 278233f..b8ede01 100644
--- a/src/openvpn/route.c
+++ b/src/openvpn/route.c
@@ -1218,7 +1218,6 @@
for (r = rl->routes; r; r = r->next)
{
- check_subnet_conflict(r->network, r->netmask, "route");
if (flags & ROUTE_DELETE_FIRST)
{
delete_route(r, tt, flags, &rl->rgi, es, ctx);
diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c
index 9dce8da..3f2ec4a 100644
--- a/src/openvpn/tun.c
+++ b/src/openvpn/tun.c
@@ -626,44 +626,6 @@
gc_free(&gc);
}
-/*
- * Issue a warning if ip/netmask (on the virtual IP network) conflicts with
- * the settings on the local LAN. This is designed to flag issues where
- * (for example) the OpenVPN server LAN is running on 192.168.1.x, but then
- * an OpenVPN client tries to connect from a public location that is also
running
- * off of a router set to 192.168.1.x.
- */
-void
-check_subnet_conflict(const in_addr_t ip,
- const in_addr_t netmask,
- const char *prefix)
-{
-#if 0 /* too many false positives */
- struct gc_arena gc = gc_new();
- in_addr_t lan_gw = 0;
- in_addr_t lan_netmask = 0;
-
- if (get_default_gateway(&lan_gw, &lan_netmask) && lan_netmask)
- {
- const in_addr_t lan_network = lan_gw & lan_netmask;
- const in_addr_t network = ip & netmask;
-
- /* do the two subnets defined by network/netmask and
lan_network/lan_netmask intersect? */
- if ((network & lan_netmask) == lan_network
- || (lan_network & netmask) == network)
- {
- msg(M_WARN, "WARNING: potential %s subnet conflict between local
LAN [%s/%s] and remote VPN [%s/%s]",
- prefix,
- print_in_addr_t(lan_network, 0, &gc),
- print_in_addr_t(lan_netmask, 0, &gc),
- print_in_addr_t(network, 0, &gc),
- print_in_addr_t(netmask, 0, &gc));
- }
- }
- gc_free(&gc);
-#endif /* if 0 */
-}
-
void
warn_on_use_of_common_subnets(openvpn_net_ctx_t *ctx)
{
@@ -922,15 +884,6 @@
tt->remote_netmask);
}
}
-
- if (!tun_p2p)
- {
- check_subnet_conflict(tt->local, tt->remote_netmask, "TUN/TAP
adapter");
- }
- else
- {
- check_subnet_conflict(tt->local, IPV4_NETMASK_HOST, "TUN/TAP
adapter");
- }
}
#ifdef _WIN32
diff --git a/src/openvpn/tun.h b/src/openvpn/tun.h
index a5b9a48..911e58b 100644
--- a/src/openvpn/tun.h
+++ b/src/openvpn/tun.h
@@ -355,10 +355,6 @@
bool is_tun_p2p(const struct tuntap *tt);
-void check_subnet_conflict(const in_addr_t ip,
- const in_addr_t netmask,
- const char *prefix);
-
void warn_on_use_of_common_subnets(openvpn_net_ctx_t *ctx);
/**
--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/863?usp=email
To unsubscribe, or for help writing mail filters, visit
http://gerrit.openvpn.net/settings
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: If570253e57371e4126b0e8aa4c349e2051cb8b00
Gerrit-Change-Number: 863
Gerrit-PatchSet: 1
Gerrit-Owner: flichtenheld <[email protected]>
Gerrit-Reviewer: plaisthos <[email protected]>
Gerrit-CC: openvpn-devel <[email protected]>
Gerrit-Attention: plaisthos <[email protected]>
Gerrit-MessageType: newchange
_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
