summaryrefslogtreecommitdiffstats
path: root/src/openvpn/route.c
Commit message (Collapse)AuthorAgeFilesLines
* get_default_gateway_ipv6(): Win32 implementation using GetBestRoute2()Gert Doering2015-10-061-6/+86
| | | | | | | | | | | | | | | | | | | | | | | To get access to that functionality, bump Windows API level for MinGW compilation from NTDDI_WINXP/_WIN32_WINNT_WINXP to ..._VISTA, and shuffle around WIN32 includes a bit in syshead.h MinGW 32 seems to be broken regarding MIB_TCP_STATE enum, so add typedef for that - surrounding #ifdefs found by googling do not work yet -> TODO! Extend add_route_ipv6() and delete_route_ipv6() to handle routes not on the tap adapter but on ifindex-addressed interfaces ("interface=nn"), and while at it, fix deletion of IPv6 routes with gateway address. NOTE: this breaks Windows XP compatibility as GetBestRoute2() is not available there, so even when not using IPv6, the binary will not run. (Lightly) tested on Win7/64. Signed-off-by: Gert Doering <gert@greenie.muc.de> Lazy-ACK-by: Gert Doering <gert@greenie.muc.de> Message-Id: <1441985627-14822-11-git-send-email-gert@greenie.muc.de> URL: http://article.gmane.org/gmane.network.openvpn.devel/10085
* Repair test_local_addr() on WIN32Gert Doering2015-09-251-1/+1
| | | | | | | | | | | | | Intermediate result was stored in a "bool" variable, but the actual range of results is 0/1/2 - so "2" (TLA_LOCAL) never worked. Change to "int". Diagnosed by "dferbas" in trac #609 (thanks). Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Steffan Karger <steffan.karger@fox-it.com> Message-Id: <1443162970-38210-1-git-send-email-gert@greenie.muc.de> URL: http://article.gmane.org/gmane.network.openvpn.devel/10168
* Fix IPv6 host routes to LAN gateway on OpenSolarisGert Doering2015-09-201-5/+12
| | | | | | | | | | | | | | | The tun/tap routes need to be set with "metric 0", while this will prevent routes to LAN gateways from being installed. So, set metric 0 only if no other interface is requested... (Note: OpenSolaris can not specify host+interface gateways, so we just use the GW addresses - it seems to still work for fe80:: addresses, however it is done internally. NUD maybe?) Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Arne Schwabe <arne@rfc2549.org> Message-Id: <1441985627-14822-10-git-send-email-gert@greenie.muc.de> URL: http://article.gmane.org/gmane.network.openvpn.devel/10092
* get_default_gateway_ipv6(): *BSD / MacOS / Solaris PF_ROUTE implementationGert Doering2015-09-201-4/+183
| | | | | | | | | | | | | | | | | | | As for IPv4, a common implementation for all (supported) BSD families and Solaris. Supporting the latter requires separate implementations for IPv4 and IPv6, unfortunately, so it's quite a bit of duplicate code. Further, extend add_route_ipv6() and delete_route_ipv6() to handle link-local gateway addresses that require "gateway + interface" in scoped notation ("fe80::1%em0"). Tested on FreeBSD 7.4/amd64, 9.3/sparc64, 10.0/amd64, NetBSD 5.1/amd64, OpenBSD 4.9/i386, MacOS X 10.5/32 and 10.10/64 and OpenSolaris 10.11/i386. Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Arne Schwabe <arne@rfc2549.org> Message-Id: <1441985627-14822-9-git-send-email-gert@greenie.muc.de> URL: http://article.gmane.org/gmane.network.openvpn.devel/10082
* Do not install a host route for the VPN on AndroidArne Schwabe2015-09-171-1/+7
| | | | | | | | | | Routing loops are avoided using the VPNService API protect API Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <1442485438-15704-1-git-send-email-arne@rfc2549.org> URL: http://article.gmane.org/gmane.network.openvpn.devel/10135 Signed-off-by: Gert Doering <gert@greenie.muc.de>
* Implement handling of overlapping IPv6 routes with IPv6 remote VPN server ↵Gert Doering2015-09-171-11/+121
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | address - socket.[ch]: add link_socket_current_remote_ipv6() helper to extract current address of remote VPN server (if IPv6, NULL otherwise), IPv6 equivalent to link_socket_current_remote() - init.c: pass remote VPN server address to init_route_ipv6_list() (link_socket_current_remote_ipv6()) - route.h: add route_ipv6_gateway_info to route_ipv6_list, and reorder structures so that this actually compiles. Add iface/adapter_index to struct route_ipv6 (for non-tun/tap routes). - route.[ch]: add "const" to *dest argument to get_default_gateway_ipv6() - route.c: add route_ipv6_match_host() helper to check whether an IPv6 address is matched by a given "route_ipv6" IPv6 route) - route.c: init_route_ipv6_list() - call get_default_gateway_ipv6() - check to-be-installed IPv6 routes against VPN server address (if IPv6) - if an overlap is seen, add a host route for the VPN server address via the just-discovered gateway to the list of IPv6 routes to be installed (rl6->routes_ipv6) - warn if overlap is detected but platform code has not been able to discover IPv6 default gateway - route.c: add_route_ipv6() / delete_route_ipv6(): set "device" to "external default gateway interface" (r6->iface) instead of TUN/TAP device (if set), which nicely enables arbitrary gateway/interface combinations for Linux - ssl.c: add "IV_RGI6=1" to push-peer-info data to let server know we can handle pushed IPv6 routes that overlap with server IPv6 address - tun.c: when adding/removing on-link routes, CLEAR(r6) first to ensure new struct route_ipv6 members are cleared Tested on Linux with iproute2 and /bin/route, on eth and tun routes. Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Arne Schwabe <arne@rfc2549.org> Message-Id: <1441985627-14822-7-git-send-email-gert@greenie.muc.de> URL: http://article.gmane.org/gmane.network.openvpn.devel/10089
* get_default_gateway_ipv6(): Linux / Netlink implementation.Gert Doering2015-09-171-12/+136
| | | | | | | | | | Using "netlink socket" directly, without external netlink helper libraries. For this very simple case, it's easy enough. Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Arne Schwabe <arne@rfc2549.org> Message-Id: <1441985627-14822-6-git-send-email-gert@greenie.muc.de> URL: http://article.gmane.org/gmane.network.openvpn.devel/10091
* Use pseudo gw as default gw on Android as a workaround for not being able to ↵Arne Schwabe2015-09-151-0/+14
| | | | | | | | | | read /proc/net/route Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <1442309019-7586-5-git-send-email-arne@rfc2549.org> URL: http://article.gmane.org/gmane.network.openvpn.devel/10111 Signed-off-by: Gert Doering <gert@greenie.muc.de>
* Don't redirect the gateway on Android even if requestedArne Schwabe2015-09-151-0/+4
| | | | | | | | | | Routing loops are avoided using the VPNService API Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <1442309019-7586-4-git-send-email-arne@rfc2549.org> URL: http://article.gmane.org/gmane.network.openvpn.devel/10113 Signed-off-by: Gert Doering <gert@greenie.muc.de>
* Create basic infrastructure for IPv6 default gateway handling / redirection.Gert Doering2015-09-151-3/+73
| | | | | | | | | | | | | | | | | | | | | | | | | - introduce get_default_gateway_ipv6() and add stub functions with the implementation plan to the 4 major code blocks here (Windows, Linux/Android, *BSD and Solaris, "others") - add &rgi6 to print_default_gateway(), and teach it to print v4, v6 or both, depending on the calling environment - unlike IPv4 (today), get_default_gateway_ipv6() is passed the actual target IPv6 address of the server we're looking for, so we can handle more complicated routing setups ("default to eth0, vpn server to ppp0") correctly - consequently, --show-gateway has an optional parameter now, the IPv6 address to look up (for debugging) - document --show-gateway and the extra option in openvpn.8 Acked-by: Arne Schwabe <arne@rfc2549.org> Message-Id: <1441985627-14822-5-git-send-email-gert@greenie.muc.de> URL: http://article.gmane.org/gmane.network.openvpn.devel/10087 Signed-off-by: Gert Doering <gert@greenie.muc.de>
* refactor struct route_ipv6_list, bring in line with struct route_list againGert Doering2015-09-141-11/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | adjust "struct route_ipv6_list" (and all users) to reflect changes to "struct route_list" done in commit 7fb0e07e, namely: - new member "rl6->iflags" (RL_* flags) - new member "rl6->spec_flags" (RTSA_* flags) - new member "rl6->remote_host_ipv6" (--remote address we're talking to) - "rl6->routes_added" --> "rl6->iflags & RL_ROUTES_ADDED" - "rl6->did_redirect_default_gateway" --> "rl6->iflags & RL_DID_REDIRECT_DEFAULT_GATEWAY" - "rl6->did_local" --> "rl6->iflags & RL_DID_LOCAL" - "rl6->remote_endpoint_defined" --> "rl6->spec_flags & RTSA_REMOTE_ENDPOINT" - "rl6->default_metric_defined" --> "rl6->spec_flags & RTSA_DEFAULT_METRIC" deviating from IPv4 route_list, there is no "route_special_addr spec" sub-struct, because it's not considered useful (rl->spec.flags becomes rl6->spec_flags, the IPv6 equivalent of everything else in rl->spec just lives inside struct route_ipv6_list) Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Arne Schwabe <arne@rfc2549.org> Message-Id: <1441985627-14822-3-git-send-email-gert@greenie.muc.de> URL: http://article.gmane.org/gmane.network.openvpn.devel/10084
* refactor struct route_ipv6, bring in line with struct route_ipv4 againGert Doering2015-09-141-17/+18
| | | | | | | | | | | | | | | adjust "struct route_ipv6" (and all users) to reflect changes to "struct route_ipv4" done in commit 7fb0e07e, namely: - new member "r6->flags" - "r6->defined" becomes "r6->flags & RT_DEFINED" - "r6->metric_defined" becomes "r6->flags & RT_METRIC_DEFINED" - route addition status is stored in "r6->flags & RT_ADDED" Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Arne Schwabe <arne@rfc2549.org> Message-Id: <1441985627-14822-2-git-send-email-gert@greenie.muc.de> URL: http://article.gmane.org/gmane.network.openvpn.devel/10083
* Fix --redirect-private in --dev tap mode.Guy Yur2015-06-011-1/+1
| | | | | | | | | | | | | | | | | | | | When specifying redirect-private option and not specifying route-gateway or ifconfig options, OpenVPN fails to add the route to the remote host with the following message: NOTE: unable to redirect default gateway -- VPN gateway parameter (--route-gateway or --ifconfig) is missing In redirect_default_route_to_vpn() the check for remote endpoint happens even though it is not used by redirect-private - make check conditional on RG_REROUTE_GW (= --redirect-gateway). Trac #261 Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <20150531120327.GE382@greenie.muc.de> URL: http://article.gmane.org/gmane.network.openvpn.devel/9761 Signed-off-by: Gert Doering <gert@greenie.muc.de>
* Remove count_netmask_bits(), convert users to use netmask_to_netbits2()Gert Doering2015-03-081-2/+2
| | | | | | | | | | | | The previous Linux/iproute2 code converted binary netmasks to string representation (print_in_addr_t()), just to immediately scanf() it back to binary to count bits. netmask_to_netbits2() directly works on the in_addr_t. Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Steffan Karger <steffan.karger@fox-it.com> Message-Id: <1419713983-16272-1-git-send-email-gert@greenie.muc.de> URL: http://article.gmane.org/gmane.network.openvpn.devel/9360
* Default gateway can't be determined on illumos/Solaris platformsAlexander Pyhalov2014-12-311-2/+19
| | | | | | | | | | The logic which is used on BSD is preserved. The only distinction is that illumos doesn't provide sa_len field in sockaddr structures. Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <1413315802-62359-5-git-send-email-alp@rsu.ru> URL: http://article.gmane.org/gmane.network.openvpn.devel/9129 Signed-off-by: Gert Doering <gert@greenie.muc.de>
* fix warnings on WindowsHeiko Hund2014-11-171-1/+1
| | | | | | | | | | Just add a few valid casts that shut up mingw gcc. Signed-off-by: Heiko Hund <heiko.hund@sophos.com> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <1416068708-6871-2-git-send-email-heiko.hund@sophos.com> URL: http://article.gmane.org/gmane.network.openvpn.devel/9229 Signed-off-by: Gert Doering <gert@greenie.muc.de>
* Implement on-link route adding for iproute2Philipp Hagemeister2014-10-141-4/+7
| | | | | | | | | | | | | | This is an OpenPGP/MIME signed message (RFC 4880 and 3156) Currently, when compiling with --enable-iproute2 , OpenVPN does not create a correct route when the user is connected to the Internet without a gateway (e.g. via ppp). This patch implements the corresponding FIXME. Signed-off-by: Philipp Hagemeister <phihag@phihag.de> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <54259015.2030005@phihag.de> URL: http://article.gmane.org/gmane.network.openvpn.devel/9056 Signed-off-by: Gert Doering <gert@greenie.muc.de>
* implement adding/deleting routes on AIX, for IPv4 and IPv6Gert Doering2014-07-071-0/+60
| | | | | | | | | | | | | AIX only has TAP interfaces, so always use gateway address as next hop, not interface name. AIX route works much more reliable if passed netbits than netmask - do so (introducing a new helper function netmask_to_netbits2()) Acked-by: Arne Schwabe <arne@rfc2549.org> Message-Id: <1402409073-54067216-4-git-send-email-gert@greenie.muc.de> URL: http://article.gmane.org/gmane.network.openvpn.devel/8785 Signed-off-by: Gert Doering <gert@greenie.muc.de>
* Merge get_default_gateway() implementation for all 4+1 BSD variants.Gert Doering2014-05-261-225/+21
| | | | | | | | | | | | | | | | | | | | | | This was 3 times mostly the same code, with the 4 traditional BSDs only differing in a single line, while MacOS X had more refined code to do not only gateway determination, but also netmask, interface name and MAC address. The MacOS X code works perfectly well on the other BSDs *if* one macro is #ifdef'ed to use "(uint32_t)" on MacOS X and "(long)" on all other BSDs, 32 and 64 bit variants. API change by OSX when going to 64bit. Tested on FreeBSD 8.3/i386, FreeBSD 9.1/amd64, NetbSD 5.1/amd64, OpenBSD 4.9/i386, OpenBSD 5.4/amd64 (= all affected platforms except DragonFly BSD). See also trac#42 and trac#340. Signed-off-by: Gert Doering <gert@greenie.muc.de> Lazy-Ack-by: Gert Doering <gert@greenie.muc.de> Message-Id: <1389706398-26922-1-git-send-email-gert@greenie.muc.de> URL: http://article.gmane.org/gmane.network.openvpn.devel/8233
* Conditionalize calls to print_default_gateway on !ENABLE_SMALLGert Doering2014-04-301-1/+1
| | | | | | | | | | | | | Calls to print_default_gateway() depended on #ifdef ENABLE_DEBUG, but the actual function wasn't compiled in #ifdef ENABLE_SMALL, so the combination "configure --enable-small --enable-debug" didn't work. Fix. Fix trac #397 Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Steffan Karger <steffan.karger@fox-it.com> Message-Id: <1398805779-29376-1-git-send-email-gert@greenie.muc.de> URL: http://article.gmane.org/gmane.network.openvpn.devel/8670
* IPv6 address/route delete fix for Win8Gert Doering2014-04-131-1/+7
| | | | | | | | | | | | | Use "store=active" for IPv6 address and route deletion - seems to be required on Windows 8 and up, and not doing it will break OpenVPN reconnection (old addresses are not properly deleted, thus address can not be configured on connect). Reported-by: Cedric <cedric+openvpn@bgtn.net> Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Cedric Tabary <cedric+openvpn@bgtn.net> Message-Id: <20140413170648.GU16637@greenie.muc.de> URL: http://article.gmane.org/gmane.network.openvpn.devel/8499
* fix route struct nameHeiko Hund2014-04-011-1/+1
| | | | | | | | | | This slipped in with commit d0085293. Signed-off-by: Heiko Hund <heiko.hund@sophos.com> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <1396346803-31772-1-git-send-email-heiko.hund@sophos.com> URL: http://article.gmane.org/gmane.network.openvpn.devel/8421 Signed-off-by: Gert Doering <gert@greenie.muc.de>
* Add gateway and device to android control messagesArne Schwabe2014-03-231-3/+6
| | | | | | | | Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <1395407925-25518-9-git-send-email-arne@rfc2549.org> URL: http://article.gmane.org/gmane.network.openvpn.devel/8368 Signed-off-by: Gert Doering <gert@greenie.muc.de>
* Introduce an option to resolve dns names in advance for --remote, --local ↵Arne Schwabe2014-03-231-1/+1
| | | | | | | | | | | | | | | and --http-proxy Also introduce x_gc_addspeical function that allows to add objects with a custom free function to the gc. Some additional addrinfo cleanup Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <1395576786-17507-1-git-send-email-arne@rfc2549.org> URL: http://article.gmane.org/gmane.network.openvpn.devel/8386 Signed-off-by: Gert Doering <gert@greenie.muc.de>
* grow route lists dynamicallyHeiko Hund2014-02-231-133/+101
| | | | | | | | | | | | | This removes the need for the --max-routes option. Instead of allocating a fixed size array for the route(-option)s they are managed in linked lists instead. Signed-off-by: Heiko Hund <heiko.hund@sophos.com> Acked-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <1392746395-19246-1-git-send-email-heiko.hund@sophos.com> URL: http://article.gmane.org/gmane.network.openvpn.devel/8295 Signed-off-by: Gert Doering <gert@greenie.muc.de>
* Replace copied structure elements with including <net/route.h>Gert Doering2014-01-161-93/+2
| | | | | | | | | | | | | | | | | | | | | | The code for FreeBSD, Dragonfly, OpenBSD and NetBSD contained copies of structures from <net/route.h> (struct rt_msghdr in particular). OpenBSD changed some structure elements, making OpenVPN incompatible, depending on the specific OpenBSD version. Clean up: remove copied definitions, replace by including <net/route.h> directly - this could not be done originally due to a conflict with "struct route" in OpenVPN and <net/route.h>, cleaned up by the previous commit. Tested on FreeBSD 9.1-RELEASE, NetBSD 5.1, OpenBSD 4.9 (route.c compiles with no warnings, and "openvpn --show-gateway" works, which is the only part of the code that uses the structures in question). Fix trac #340 Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Arne Schwabe <arne@rfc2549.org> Message-Id: <1389650074-18455-2-git-send-email-gert@greenie.muc.de> URL: http://article.gmane.org/gmane.network.openvpn.devel/8230
* Rename 'struct route' to 'struct route_ipv4'Gert Doering2014-01-161-18/+18
| | | | | | | | | | | | To fix trac #340, we need to rename our "struct route" to avoid a collision with "struct route" from <net/route.h> on *BSD. No functional changes. Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Arne Schwabe <arne@rfc2549.org> Message-Id: <1389650074-18455-1-git-send-email-gert@greenie.muc.de> URL: http://article.gmane.org/gmane.network.openvpn.devel/8231
* Change the type of all ports in openvpn to const char* and let getaddrinfo ↵Arne Schwabe2013-11-221-2/+2
| | | | | | | | | | | | | | | | | resolve the port together with the hostname. This delays error reporting from config parsing to resolving of host addresses. But it allows statements like remote openvpn.example.org openvpn port https management localhost ntp Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <1385064495-25877-1-git-send-email-arne@rfc2549.org> URL: http://article.gmane.org/gmane.network.openvpn.devel/8018 Signed-off-by: Gert Doering <gert@greenie.muc.de>
* PATCHv3 Remove unused variables or put them to the defines they are being ↵Arne Schwabe2013-06-201-1/+0
| | | | | | | | | | used in Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <1366059999-31731-1-git-send-email-arne@rfc2549.org> URL: http://article.gmane.org/gmane.network.openvpn.devel/7511 Signed-off-by: Gert Doering <gert@greenie.muc.de>
* Fix NULL-pointer crash in route_list_add_vpn_gateway().Gert Doering2013-05-181-0/+1
| | | | | | | | | | | | | | | Add ASSERT() check to route_list_add_vpn_gateway() to ensure that *rl is valid (and if not, crash with a somewhat more meaningful message than "segmentation violation"). For the actual bugfix, change init code to always allocate a "struct route_list" for IPv4, even if no --route options have been seen in the config. Fix trac#281 and trac#258. Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Josh Cepek <josh.cepek@usa.net> Message-Id: <1367608404-2257-1-git-send-email-gert@greenie.muc.de> URL: http://article.gmane.org/gmane.network.openvpn.devel/7581
* Android platform specific changes.Arne Schwabe2013-05-011-2/+16
| | | | | | | | | | | | | On Android 4.0 (TARGET_ANDROID) the real opening of the tun is handled by the (Java) application controlling OpenVPN. Instead of calling ifconfig/route call the management to do the work. When running openvpn as root openvpn should be compiled as TARGET_LINUX Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <1367350151-23089-1-git-send-email-arne@rfc2549.org> URL: http://article.gmane.org/gmane.network.openvpn.devel/7570 Signed-off-by: Gert Doering <gert@greenie.muc.de>
* Fix directly connected routes for "topology subnet" on Solaris.Gert Doering2013-03-271-6/+9
| | | | | | | | | | | | | | This basically brings back the previously-working metric setting for directly connected routes (add a "0" to the "route add" command) on Solaris/OpenSolaris. It was working in f0eac1a59790, and got broken by the route.c/route.h refactoring in 576dc96ca1ef1 - the patch un-does that change to the TARGET_SOLARIS code, plus adds some more descriptive comments. Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Josh Cepek <josh.cepek@usa.net> Message-Id: <1364314175-20758-1-git-send-email-gert@greenie.muc.de> URL: http://article.gmane.org/gmane.network.openvpn.devel/7460
* Fix parameter listing in non-debug builds at verb 4Josh Cepek2013-03-141-1/+1
| | | | | | | | | | | | | | | | | | | | | | | When built with enable_debug=no, the parameter output expected at --verb 4 is not printed due to use of #ifdef ENABLE_DEBUG in the responsible code sections. This appears to be a mistake when looking at the configure help text for enable_small and enable_debug. This change keys the relevant code off of enable_small instead, including the parameter listing when enale_small=no (the configure-script default.) Most of this code is in options.c, with some callers present in plugin.c/h and route.c/h. No function code is changed, just the #ifdef values to use the small feature instead of debug. This means builds no longer need enable_debug=yes in order to get the expected log output at verb 4. Signed-off-by: Josh Cepek <josh.cepek@usa.net> Acked-by: Arne Schwabe <arne@rfc2549.org> Message-Id: <437RBuq1U8032S07.1361465626@web07.cms.usa.net> URL: http://article.gmane.org/gmane.network.openvpn.devel/7361 Signed-off-by: Gert Doering <gert@greenie.muc.de>
* The get_default_gateway() function uses warn() instead of msg()David Sommerseth2012-11-291-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A report on #openvpn pointed out that in his setup three warnings appeard on the console when starting up. $ sudo /usr/local/etc/rc.d/openvpn restart Stopping openvpn. Waiting for PIDS: 33031. Starting openvpn. openvpn: writing to routing socket: No such process openvpn: writing to routing socket: No such process openvpn: writing to routing socket: No such process $ This setup is on FreeBSD using jails with strict access to the routing table. After looking at the code path, this error was found in the BSD sections for get_default_gateway(). But it was using the warn() call instead of msg(M_WARN|M_ERRNO, ...) which causes these warnings to go to stderr instead of the log file. The warning string is also slightly modified to better explain what fails. Reported-by: Thomas Steen Rasmussen <thomas@gibfest.dk> Tested-by: Thomas Steen Rasmussen <thomas@gibfest.dk> Signed-off-by: David Sommerseth <davids@redhat.com> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: 1354194972-5388-1-git-send-email-dazo@users.sourceforge.net URL: http://article.gmane.org/gmane.network.openvpn.devel/7149
* Merge getaddr_multi and getaddr6 into one functionArne Schwabe2012-09-021-23/+22
| | | | | | | | | | | | | | | | | | | the getaddr6 and getaddr_mutli functions are duplicates of each other. Since we always require getaddrinfo to be present both function are merge into one openvpn_getaddrinfo. This functions also returns a standard struct addrinfo* so our resolve interface is closer to the standard unix interface. The getaddr function is a wrapper which provides backward compatibility for IPv4 addresses. Ipv6 calls and calls to getaddr_multi are replaced with the new interface. Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: 1344333837-22076-1-git-send-email-arne@rfc2549.org URL: http://article.gmane.org/gmane.network.openvpn.devel/6959 Signed-off-by: David Sommerseth <davids@redhat.com> [DS: Applied proper indenting on the changes wherever needed]
* Add missing pieces to IPv6 route gateway handling.Gert Doering2012-06-131-11/+64
| | | | | | | | | | | | | | | | | | | | | OpenVPN on Linux (iproute2+ifconfig), FreeBSD and MacOS X (Darwin) normally points routes directly towards the "tun" interface, obviating the need for a gateway. For "tap" interfaces, now add gateway spec to linux route command, and replace "-iface <dev>" with gateway spec (both together do not work) on FreeBSD and MacOS X. Also adapt "route delete" appropriately, otherwise route will not be found. All other platforms already use the gateway address for tun and tap, because there's no way to install a route "towards an interface" there. Remove warning about missing IPv6 route gateway handling. Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: David Sommerseth <davids@redhat.com> Message-Id: 1339342891-28443-5-git-send-email-gert@greenie.muc.de URL: http://article.gmane.org/gmane.network.openvpn.devel/6712 Signed-off-by: David Sommerseth <davids@redhat.com>
* cleanup and redefine metric handling for IPv6 routesGert Doering2012-06-131-5/+4
| | | | | | | | | | | | "no metric set" is now stored as "-1" "metric 0" means "on-link route" (what the BSDs do) properly initialize metric value to "0" for on-link IPv6 net on BSDs Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: David Sommerseth <davids@redhat.com> Message-Id: 1339342891-28443-2-git-send-email-gert@greenie.muc.de URL: http://article.gmane.org/gmane.network.openvpn.devel/6710 Signed-off-by: David Sommerseth <davids@redhat.com>
* cleanup: avoid using ~0 - windowsAlon Bar-Lev2012-04-021-13/+17
| | | | | | | | | | | | Use the following constants: - METRIC_NOT_USED - TUN_ADAPTER_INDEX_INVALID Modified: Use MAXDWORD for route loop. Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de> Signed-off-by: David Sommerseth <davids@redhat.com>
* cleanup: avoid using ~0 - netmaskAlon Bar-Lev2012-04-021-6/+6
| | | | | | | | Use IPV4_NETMASK_HOST constant. Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de> Signed-off-by: David Sommerseth <davids@redhat.com>
* cleanup: avoid using ~0 - ipv6Alon Bar-Lev2012-04-021-1/+1
| | | | | | Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de> Signed-off-by: David Sommerseth <davids@redhat.com>
* cleanup: avoid using ~0 - genericAlon Bar-Lev2012-04-021-1/+1
| | | | | | | | Use limits.h for maximum value. Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de> Signed-off-by: David Sommerseth <davids@redhat.com>
* build: move out config.h include from sysheadAlon Bar-Lev2012-03-221-0/+6
| | | | | | | | | | | Yet another step in reducing the syshead.h content. Conditional compilation of sources needs to be based on a minimum program prefix (config.h only). Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
* build: standard directory layoutAlon Bar-Lev2012-03-221-0/+3237
Suitable for mature project. root - administrative stuff doc - documents src - sources tests - tests distro - distro specific files sample - samples SIDE EFFECT: many changes to rpm spec. Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com> Acked-by: Adriaan de Jong <dejong@fox-it.com> Signed-off-by: David Sommerseth <davids@redhat.com>
generated by cgit (git 2.34.1) at 2024-04-18 10:29:07 +0000