| Message ID | 20171111133649.20192-1-gert@greenie.muc.de |
|---|---|
| State | Superseded |
| Headers | show |
| Series | [Openvpn-devel] Remove warning on pushed tun-ipv6 option. | expand |
Hi, On 11-11-17 14:36, Gert Doering wrote: > tun-ipv6 is a no-op nowadays, and we print a warning to let users know - > which is not helpful for server-pushed tun-ipv6 (which might be the > result of --server-ipv6 automatically pushing this). So, remove the > warning if parsing pushed options. > > Also, remove the VERIFY_PERMISSION() call here which has side effects > on the "which class of options got pushed, do we need to act on them > later on?" flag set. > > Signed-off-by: Gert Doering <gert@greenie.muc.de> > --- > src/openvpn/options.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff --git a/src/openvpn/options.c b/src/openvpn/options.c > index 641a26e2..bbf65613 100644 > --- a/src/openvpn/options.c > +++ b/src/openvpn/options.c > @@ -5233,8 +5233,10 @@ add_option(struct options *options, > } > else if (streq(p[0], "tun-ipv6") && !p[1]) > { > - VERIFY_PERMISSION(OPT_P_UP); > - msg(M_WARN, "Note: option tun-ipv6 is ignored because modern operating systems do not need special IPv6 tun handling anymore."); > + if ( !(permission_mask & OPT_P_PULL_MODE) ) add_option() already has a shorthand for this: const bool pull_mode = BOOL_CAST(permission_mask & OPT_P_PULL_MODE); > + { > + msg(M_WARN, "Note: option tun-ipv6 is ignored because modern operating systems do not need special IPv6 tun handling anymore."); > + } > } > #ifdef ENABLE_IPROUTE > else if (streq(p[0], "iproute") && p[1] && !p[2]) > (I'll leave review of the correctness of the change to someone who actually understands what tun-ipv6 exactly does.) -Steffan ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
Hi, On Sat, Nov 11, 2017 at 03:16:13PM +0100, Steffan Karger wrote: > (I'll leave review of the correctness of the change to someone who > actually understands what tun-ipv6 exactly does.) "exactly and absolutely nothing" :-) (It *used* to be a flag to tell openvpn "switch the tun interface into ipv6-compatible mode", but after Arne's revamping of this it's basically a no-op, which we keep around for compatibility reasons with old config files - and the warning points out that it does not do anything) gert
diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 641a26e2..bbf65613 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -5233,8 +5233,10 @@ add_option(struct options *options, } else if (streq(p[0], "tun-ipv6") && !p[1]) { - VERIFY_PERMISSION(OPT_P_UP); - msg(M_WARN, "Note: option tun-ipv6 is ignored because modern operating systems do not need special IPv6 tun handling anymore."); + if ( !(permission_mask & OPT_P_PULL_MODE) ) + { + msg(M_WARN, "Note: option tun-ipv6 is ignored because modern operating systems do not need special IPv6 tun handling anymore."); + } } #ifdef ENABLE_IPROUTE else if (streq(p[0], "iproute") && p[1] && !p[2])
tun-ipv6 is a no-op nowadays, and we print a warning to let users know - which is not helpful for server-pushed tun-ipv6 (which might be the result of --server-ipv6 automatically pushing this). So, remove the warning if parsing pushed options. Also, remove the VERIFY_PERMISSION() call here which has side effects on the "which class of options got pushed, do we need to act on them later on?" flag set. Signed-off-by: Gert Doering <gert@greenie.muc.de> --- src/openvpn/options.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-)