Hi,

Thanks a lot for bringing this problem to our attention.

On 01/02/2025 08:54, Gert Doering wrote:
@@ -616,10 +621,15 @@ dco_multi_add_new_peer(struct multi_context *m, struct 
multi_instance *mi)
          vpn_addr6 = &c->c2.push_ifconfig_ipv6_local;
      }
+ struct link_socket *ls = c->c2.link_sockets[0];
      if (dco_multi_get_localaddr(m, mi, &local))
      {
          localaddr = (struct sockaddr *)&local;
      }
+    else if (ls->bind_local && ls->info.lsa->bind_local)
+    {
+        localaddr = ls->info.lsa->bind_local->ai_addr;
+    }

Not sure about that.  If the socket is bound, the kernel knows about
the binding (because we pass the socket to the kernel).  You're sure this
is needed?

As already questioned by Gert, I can confirm that this is not expected, because DCO should automatically pick any source address that was bound to the socket.

This said, DCO seems to not be doing this and therefore the bound source address is not respected.

Therefore this is a bug that needs fixing in DCO and should not be worked-around by userspace.

Hence, I'd suggest to drop the hunk about and rather fix the issue in DCO.
while looking at this patch, I have already identified where DCO needs adjustments, therefore it's likely that the next DCO revision will have this fixed.

Regards,


gert



_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

--
Antonio Quartulli



_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Reply via email to