| Message ID | 20200530000600.1680-2-a@unstable.cc |
|---|---|
| State | Accepted |
| Headers |
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net> Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director12.mail.ord1d.rsapps.net ([172.27.255.8]) by backend30.mail.ord1d.rsapps.net with LMTP id AJ3PKeej0V5lEwAAIUCqbw for <patchwork@openvpn.net>; Fri, 29 May 2020 20:08:07 -0400 Received: from proxy17.mail.iad3a.rsapps.net ([172.27.255.8]) by director12.mail.ord1d.rsapps.net with LMTP id KBnoJuej0V4GXwAAIasKDg ; Fri, 29 May 2020 20:08:07 -0400 Received: from smtp31.gate.iad3a ([172.27.255.8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy17.mail.iad3a.rsapps.net with LMTP id EG8oIeej0V7iKgAAR4KW9A ; Fri, 29 May 2020 20:08:07 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp31.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=unstable.cc X-Suspicious-Flag: YES X-Classification-ID: a35d0166-a209-11ea-af60-5254003d9392-1-1 Received: from [216.105.38.7] ([216.105.38.7:35842] helo=lists.sourceforge.net) by smtp31.gate.iad3a.rsapps.net (envelope-from <openvpn-devel-bounces@lists.sourceforge.net>) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 41/28-10615-7E3A1DE5; Fri, 29 May 2020 20:08:07 -0400 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from <openvpn-devel-bounces@lists.sourceforge.net>) id 1jep1y-0003jQ-1p; Sat, 30 May 2020 00:07:18 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from <a@unstable.cc>) id 1jep1n-0003if-0L for openvpn-devel@lists.sourceforge.net; Sat, 30 May 2020 00:07:07 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=oyJ6X+AbiU0ITdhGvnXIWqEY1tb4c4NDYXWXaxvdnUw=; b=IsBR8s85YZgbau0VmOmbhd7uO3 m04gaxHRxrJL0RBiV15TaBGgjTE5o2JQPWxkGDI8lCDvbVXxkHiYsJioM/1dviGbCn6cE3FkD9eaj HXI9EPfKwIjKmwB5VZ7LoVeFAXILMVpr/Nk5yjQzYAILiChI8Yovhvb9OzQtbqdzNDaU=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=oyJ6X+AbiU0ITdhGvnXIWqEY1tb4c4NDYXWXaxvdnUw=; b=VvHUoYICOnux3VXAcXWLPKyqzr MJ3XKms3u7cArwB77nouHej7OYC3Z8XvZZ3Eb687W23Rc+nGXSV/YLGkMXZ1/0706NeP7/U8qOata Kci1aibrr3tSnXXoK7cYCbvAXxjpQOWqsXLaefYnWbKF3ZhP9BNHzyA4mF8FUIsN/bDk=; Received: from s2.neomailbox.net ([5.148.176.60]) by sfi-mx-4.v28.lw.sourceforge.com with esmtps (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.2) id 1jep1l-003L3s-Sd for openvpn-devel@lists.sourceforge.net; Sat, 30 May 2020 00:07:06 +0000 From: Antonio Quartulli <a@unstable.cc> To: openvpn-devel@lists.sourceforge.net Date: Sat, 30 May 2020 02:05:54 +0200 Message-Id: <20200530000600.1680-2-a@unstable.cc> In-Reply-To: <20200530000600.1680-1-a@unstable.cc> References: <20200530000600.1680-1-a@unstable.cc> MIME-Version: 1.0 X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: unstable.cc] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record 0.0 AWL AWL: Adjusted score from AWL reputation of From: address X-Headers-End: 1jep1l-003L3s-Sd Subject: [Openvpn-devel] [PATCH v4 1/7] pool: prevent IPv6 pools to be larger than 2^16 addresses X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: <openvpn-devel.lists.sourceforge.net> List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>, <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe> List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel> List-Post: <mailto:openvpn-devel@lists.sourceforge.net> List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help> List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>, <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe> Cc: Antonio Quartulli <a@unstable.cc> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox |
| Series |
Allow IPv6-only tunnels
|
|
Commit Message
Antonio Quartulli
May 29, 2020, 2:05 p.m. UTC
Signed-off-by: Antonio Quartulli <a@unstable.cc>
---
src/openvpn/pool.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Comments
Acked-by: Gert Doering <gert@greenie.muc.de> This was an oversight by me, when initially implementing this - the intention was always "cap the IPv6 pool size at 2^16", not "let it grow until 2^31 and then cap to 2^16 thereafter". It did no harm, as the IPv6 pool was always limited by IPv4 pool size (which is capped to 2^16) - but with the "there can can be an IPv6-only pool now" work, this could lead to interesting malloc() explosions. Your patch has been applied to the master and release/2.4 branch (bugfix). commit 81d66a1f14d4be3282dd648ecc2049658e3a65ed (master) commit fc0297143494e0a0f08564d90dbb210669d0abf5 (release/2.4) Author: Antonio Quartulli Date: Sat May 30 02:05:54 2020 +0200 pool: prevent IPv6 pools to be larger than 2^16 addresses Signed-off-by: Antonio Quartulli <a@unstable.cc> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <20200530000600.1680-2-a@unstable.cc> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg19945.html Signed-off-by: Gert Doering <gert@greenie.muc.de> -- kind regards, Gert Doering
diff --git a/src/openvpn/pool.c b/src/openvpn/pool.c index 5d503a33..6dd72bb9 100644 --- a/src/openvpn/pool.c +++ b/src/openvpn/pool.c @@ -183,7 +183,7 @@ ifconfig_pool_init(enum pool_type type, in_addr_t start, in_addr_t end, if (pool->ipv6.enabled) { pool->ipv6.base = ipv6_base; - pool->ipv6.size = ipv6_netbits > 96 ? (1 << (128 - ipv6_netbits)) + pool->ipv6.size = ipv6_netbits > 112 ? (1 << (128 - ipv6_netbits)) : IFCONFIG_POOL_MAX; msg( D_IFCONFIG_POOL, "IFCONFIG POOL IPv6: (IPv4) size=%d, size_ipv6=%d, netbits=%d, base_ipv6=%s",