From patchwork Fri May 29 14:05:58 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Antonio Quartulli X-Patchwork-Id: 1133 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director7.mail.ord1d.rsapps.net ([172.30.191.6]) by backend30.mail.ord1d.rsapps.net with LMTP id WCaxOdmj0V69fAAAIUCqbw for ; Fri, 29 May 2020 20:07:53 -0400 Received: from proxy18.mail.ord1d.rsapps.net ([172.30.191.6]) by director7.mail.ord1d.rsapps.net with LMTP id wDqPOdmj0V5GBwAAovjBpQ ; Fri, 29 May 2020 20:07:53 -0400 Received: from smtp28.gate.ord1c ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy18.mail.ord1d.rsapps.net with LMTP id aNtGOdmj0V5/DgAATCaURg ; Fri, 29 May 2020 20:07:53 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp28.gate.ord1c.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=unstable.cc X-Suspicious-Flag: YES X-Classification-ID: 9b453ff2-a209-11ea-9d2a-a0369f1890f1-1-1 Received: from [216.105.38.7] ([216.105.38.7:43652] helo=lists.sourceforge.net) by smtp28.gate.ord1c.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 59/01-15725-9D3A1DE5; Fri, 29 May 2020 20:07:53 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1jep1u-0001Gg-80; Sat, 30 May 2020 00:07:14 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jep1n-0001FX-Ie for openvpn-devel@lists.sourceforge.net; Sat, 30 May 2020 00:07:07 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=F/5L2DK/dBKCcrSZ2dQ1fX6T4kh6kGr2ci+8JQA65sY=; b=dHuaCDhgOIHLWGsN4gluzNTGfJ OA3Azt+yS3bAFgnFty1z6Fh2H5cB/I5TzHyL2rLftB0ZlW80AcoeJlqv4Lxbrt14IQupddT0a/u7G RLlFlOxaspZriNk4dF571YHfKJMBpWrZLfu71hmFBh/dwA5uhPT4+FAgMGEp7ggZpzUs=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=F/5L2DK/dBKCcrSZ2dQ1fX6T4kh6kGr2ci+8JQA65sY=; b=mAnxdmiUuL0g5Z9MNS3VSMpU+w aFDcWyuNvnvbC6dmEgunuyo8JJ8GxgzHn8UUhuV0VaonW+NeCqW8g3772aGTKnNIcESPB+NQfc4Hp H0p0ORxk/uoRE+VhimNwbAW1krRTFrkFYBEpLAtKphLi9oO1PGc7Jt4r6aEExcPUriq8=; Received: from s2.neomailbox.net ([5.148.176.60]) by sfi-mx-4.v28.lw.sourceforge.com with esmtps (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.2) id 1jep1m-003L44-CH for openvpn-devel@lists.sourceforge.net; Sat, 30 May 2020 00:07:07 +0000 From: Antonio Quartulli To: openvpn-devel@lists.sourceforge.net Date: Sat, 30 May 2020 02:05:58 +0200 Message-Id: <20200530000600.1680-6-a@unstable.cc> In-Reply-To: <20200530000600.1680-1-a@unstable.cc> References: <20200530000600.1680-1-a@unstable.cc> MIME-Version: 1.0 X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: openvpn.net] 0.0 AWL AWL: Adjusted score from AWL reputation of From: address X-Headers-End: 1jep1m-003L44-CH Subject: [Openvpn-devel] [PATCH v4 5/7] route: warn on IPv4 routes installation when no IPv4 is configured X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Antonio Quartulli Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox From: Antonio Quartulli Same as already happens for IPv6, it is useful for the user to throw a warning when an IPv4 route is about to be installed and the tun interface has no IPv4 configured. The twin message for IPv4 is adapted to have the same format. The warning is not fatal, becuase the route might actually be external to the tun interface and therefore it may still work. At the same time, modify the error message used for a route installation failure to explicitly mention "IPv4" since this it is used in the IPv4 code path only. Trac: #208 Signed-off-by: Antonio Quartulli Acked-by: Gert Doering --- Changes from v4: - edit commit message - modify IPv4 warning as well (moved from next patch) Changes from v3: - patchset rebased on top of pre-ipv6-only patchset src/openvpn/route.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/src/openvpn/route.c b/src/openvpn/route.c index 51f76318..9ff36359 100644 --- a/src/openvpn/route.c +++ b/src/openvpn/route.c @@ -987,7 +987,7 @@ redirect_default_route_to_vpn(struct route_list *rl, const struct tuntap *tt, unsigned int flags, const struct env_set *es, openvpn_net_ctx_t *ctx) { - const char err[] = "NOTE: unable to redirect default gateway --"; + const char err[] = "NOTE: unable to redirect IPv4 default gateway --"; if (rl && rl->flags & RG_ENABLE) { @@ -1192,6 +1192,14 @@ add_routes(struct route_list *rl, struct route_ipv6_list *rl6, { struct route_ipv4 *r; + if (rl->routes && !tt->did_ifconfig_setup) + { + msg(M_INFO, "WARNING: OpenVPN was configured to add an IPv4 " + "route. However, no IPv4 has been configured for %s, " + "therefore the route installation may fail or may not work " + "as expected.", tt->actual_name); + } + #ifdef ENABLE_MANAGEMENT if (management && rl->routes) { @@ -1223,9 +1231,9 @@ add_routes(struct route_list *rl, struct route_ipv6_list *rl6, if (!tt->did_ifconfig_ipv6_setup) { msg(M_INFO, "WARNING: OpenVPN was configured to add an IPv6 " - "route over %s. However, no IPv6 has been configured for " - "this interface, therefore the route installation may " - "fail or may not work as expected.", tt->actual_name); + "route. However, no IPv6 has been configured for %s, " + "therefore the route installation may fail or may not work " + "as expected.", tt->actual_name); } for (r = rl6->routes_ipv6; r; r = r->next)