From patchwork Fri May 29 14:05:56 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Antonio Quartulli X-Patchwork-Id: 1135 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director11.mail.ord1d.rsapps.net ([172.28.255.1]) by backend30.mail.ord1d.rsapps.net with LMTP id GNgJKeCj0V5mEwAAIUCqbw for ; Fri, 29 May 2020 20:08:00 -0400 Received: from proxy1.mail.ord1c.rsapps.net ([172.28.255.1]) by director11.mail.ord1d.rsapps.net with LMTP id GOXyKOCj0V7SHAAAvGGmqA ; Fri, 29 May 2020 20:08:00 -0400 Received: from smtp5.gate.ord1c ([172.28.255.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy1.mail.ord1c.rsapps.net with LMTP id ILvjJ+Cj0V5JEwAA2VeTtA ; Fri, 29 May 2020 20:08:00 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp5.gate.ord1c.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=unstable.cc X-Suspicious-Flag: YES X-Classification-ID: 9f1d7a0e-a209-11ea-bbb6-a4badb0b200d-1-1 Received: from [216.105.38.7] ([216.105.38.7:43794] helo=lists.sourceforge.net) by smtp5.gate.ord1c.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 93/EA-23764-0E3A1DE5; Fri, 29 May 2020 20:08:00 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1jep1u-0001GS-4p; Sat, 30 May 2020 00:07:14 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jep1m-0001FO-Qv for openvpn-devel@lists.sourceforge.net; Sat, 30 May 2020 00:07:06 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=LXYf8y1Gjn/RxsgJle4EKWyFbtQneqSN0rmsY1G+yhY=; b=aHLBDkehCbmziGQS1k8QmK8Ox4 MKo+AQR8ezfKxBGcVMuOoTij3gwj3g25uNxOqQ7ydPlmLXnwfBoW7/Cr75Xt8ddsw4aKcUUVQl48I CPp12x9B8Bauqxk3tjAicaGsox+KUQQyTsWUBTo+WBPu2QeVIv8+jAPiaYQd43pIqDrw=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=LXYf8y1Gjn/RxsgJle4EKWyFbtQneqSN0rmsY1G+yhY=; b=LJfTNEmCK4O5C/y0o2gK60SKt+ KX00QDhwlwv/hk8/+B1XJJicRdcYtFiQB8TU8b6xqAFwJhVrcOwFUQM6sm5iFsvkvzo4XwbDlbcC/ cwm6LGoC56lLVv2UcWWLlK3w9yzYDyQqQaJT8f4Xgl1EyyK2mHvOlO9sCyuGuxrpnvjM=; Received: from s2.neomailbox.net ([5.148.176.60]) by sfi-mx-4.v28.lw.sourceforge.com with esmtps (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.2) id 1jep1l-003L40-JS for openvpn-devel@lists.sourceforge.net; Sat, 30 May 2020 00:07:06 +0000 From: Antonio Quartulli To: openvpn-devel@lists.sourceforge.net Date: Sat, 30 May 2020 02:05:56 +0200 Message-Id: <20200530000600.1680-4-a@unstable.cc> In-Reply-To: <20200530000600.1680-1-a@unstable.cc> References: <20200530000600.1680-1-a@unstable.cc> MIME-Version: 1.0 X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: openvpn.net] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record 0.0 AWL AWL: Adjusted score from AWL reputation of From: address X-Headers-End: 1jep1l-003L40-JS Subject: [Openvpn-devel] [PATCH v4 3/7] allow usage of --server-ipv6 even when no --server is specified X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Antonio Quartulli Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox From: Antonio Quartulli Until now OpenVPN has not allowed to specify --server-ipv6 if no --server was also set. This constraint comes from the fact that most of the IPv6 logic (i.e. ifconfig-pool handling) relied on IPv4 components to be activated and configured as well. Now that the IPv6 code path has been made independent from IPv4, it is finally possible to to relax the constraint mentioned above and make it possible for the user to have a configurations with --server-ipv6 only. Trac: #208 Signed-off-by: Antonio Quartulli Acked-by: Gert Doering --- Changes from v4: - fix typ0 in message Changes from v3: - patchset rebased on top of pre-ipv6-only patchset Changes from v4: - change commit subject/message - move ifconfig-ipv6-pool check change into 4/8 src/openvpn/helper.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/openvpn/helper.c b/src/openvpn/helper.c index 34cfa6bd..277e6972 100644 --- a/src/openvpn/helper.c +++ b/src/openvpn/helper.c @@ -174,10 +174,11 @@ helper_client_server(struct options *o) */ if (o->server_ipv6_defined) { - if (!o->server_defined) + if (o->client) { - msg(M_USAGE, "--server-ipv6 must be used together with --server"); + msg(M_USAGE, "--server-ipv6 and --client cannot be used together"); } + if (o->server_flags & SF_NOPOOL) { msg( M_USAGE, "--server-ipv6 is incompatible with 'nopool' option" ); @@ -187,6 +188,9 @@ helper_client_server(struct options *o) msg( M_USAGE, "--server-ipv6 already defines an ifconfig-ipv6-pool, so you can't also specify --ifconfig-pool explicitly"); } + o->mode = MODE_SERVER; + o->tls_server = true; + /* local ifconfig is "base address + 1" and "+2" */ o->ifconfig_ipv6_local = print_in6_addr( add_in6_addr( o->server_network_ipv6, 1), 0, &o->gc );