Attention is currently required from: cron2, flichtenheld, plaisthos.
Hello flichtenheld, plaisthos,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/1210?usp=email
to look at the new patch set (#2).
Change subject: redirect-gateway: Only redirect traffic through TUN if address
families match
......................................................................
redirect-gateway: Only redirect traffic through TUN if address families match
Fixes an ifconfig push-reply bug where, if the remote is switched and the new
TUN has a different address family, the previous ifconfig options remain
assigned to the new TUN.
Adds a check in do_init_route_ipv6_list() to add default routes toward the TUN
only if the TUN has IPv6 addresses.
Change-Id: Ib3458a9ed2eb38e00184c4a92659b83b97fe476c
---
M src/openvpn/init.c
M src/openvpn/options.c
2 files changed, 13 insertions(+), 1 deletion(-)
git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/10/1210/2
diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index f8a0fee..aaa0573 100644
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -1523,7 +1523,7 @@
/* redirect (IPv6) gateway to VPN? if yes, add a few more specifics
*/
- if (options->routes_ipv6->flags & RG_REROUTE_GW)
+ if (options->routes_ipv6->flags & RG_REROUTE_GW &&
options->ifconfig_ipv6_local)
{
char *opt_list[] = { "::/3", "2000::/4", "3000::/4", "fc00::/7", NULL
};
int i;
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index f35738d..185233f 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -5470,6 +5470,18 @@
const msglvl_t msglevel = D_PUSH_ERRORS | M_OPTERR;
unsigned int update_options_found = 0;
+ /* When receiving a PUSH_REPLY, reset the ifconfig options to prevent
+ * stale data conflicts. This could be necessary when the new address has a
+ * different address family than the previous one. */
+ if (!is_update)
+ {
+ options->ifconfig_local = NULL;
+ options->ifconfig_remote_netmask = NULL;
+ options->ifconfig_ipv6_local = NULL;
+ options->ifconfig_ipv6_netbits = 0;
+ options->ifconfig_ipv6_remote = NULL;
+ }
+
while (buf_parse(buf, ',', line, sizeof(line)))
{
char *p[MAX_PARMS + 1];
--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/1210?usp=email
To unsubscribe, or for help writing mail filters, visit
http://gerrit.openvpn.net/settings?usp=email
Gerrit-MessageType: newpatchset
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: Ib3458a9ed2eb38e00184c4a92659b83b97fe476c
Gerrit-Change-Number: 1210
Gerrit-PatchSet: 2
Gerrit-Owner: mrbff <[email protected]>
Gerrit-Reviewer: flichtenheld <[email protected]>
Gerrit-Reviewer: plaisthos <[email protected]>
Gerrit-CC: cron2 <[email protected]>
Gerrit-CC: openvpn-devel <[email protected]>
Gerrit-Attention: plaisthos <[email protected]>
Gerrit-Attention: cron2 <[email protected]>
Gerrit-Attention: flichtenheld <[email protected]>
_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
