From patchwork Mon Nov 22 21:37:58 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Fran=C3=A7ois_Kooman?= <fkooman@tuxed.net>
X-Patchwork-Id: 2082
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Delivered-To: patchwork@openvpn.net
Received: from director11.mail.ord1d.rsapps.net ([172.30.191.6])
	by backend30.mail.ord1d.rsapps.net with LMTP
	id gJ2rDv+snGHLLAAAIUCqbw
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	for <patchwork@openvpn.net>; Tue, 23 Nov 2021 03:57:35 -0500
Received: from proxy1.mail.ord1d.rsapps.net ([172.30.191.6])
	by director11.mail.ord1d.rsapps.net with LMTP
	id 8G6NDv+snGHkTwAAvGGmqA
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	for <patchwork@openvpn.net>; Tue, 23 Nov 2021 03:57:35 -0500
Received: from smtp38.gate.ord1d ([172.30.191.6])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	by proxy1.mail.ord1d.rsapps.net with LMTPS
	id UPkgDv+snGEoFQAAasrz9Q
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	for <patchwork@openvpn.net>; Tue, 23 Nov 2021 03:57:35 -0500
X-Spam-Threshold: 95
X-Spam-Score: 0
X-Spam-Flag: NO
X-Virus-Scanned: OK
X-Orig-To: openvpnslackdevel@openvpn.net
X-Originating-Ip: [216.105.38.7]
Authentication-Results: smtp38.gate.ord1d.rsapps.net;
 iprev=pass policy.iprev="216.105.38.7";
 spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net"
 smtp.helo="lists.sourceforge.net";
 dkim=fail (signature verification failed) header.d=sourceforge.net;
 dkim=fail (signature verification failed) header.d=sf.net;
 dkim=fail (signature verification failed) header.d=tuxed.net;
 dkim=fail (signature verification failed) header.d=messagingengine.com;
 dmarc=none (p=nil; dis=none) header.from=tuxed.net
X-Suspicious-Flag: YES
X-Classification-ID: 60734026-4c3b-11ec-abdf-525400f6a58b-1-1
Received: from [216.105.38.7] ([216.105.38.7:60770]
 helo=lists.sourceforge.net)
	by smtp38.gate.ord1d.rsapps.net (envelope-from
 <openvpn-devel-bounces@lists.sourceforge.net>)
	(ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384)
	id A9/56-06104-5FCAC916; Tue, 23 Nov 2021 03:57:25 -0500
Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com)
	by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.94.2)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1mpRb8-00073Z-4L; Tue, 23 Nov 2021 08:56:18 +0000
Received: from [172.30.20.202] (helo=mx.sourceforge.net)
 by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2)
 (envelope-from <fkooman@tuxed.net>) id 1mpRb2-00073R-UU
 for openvpn-devel@lists.sourceforge.net; Tue, 23 Nov 2021 08:56:13 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=Content-Transfer-Encoding:Content-Type:MIME-Version
 :Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=B85QQZmV0f6lnv65gvVTyoxpmWbHpWw/tmxRwzBQzN4=; b=YAQVzvcpzs9Kz6TpZQui6Xstjg
 k/hS6h3kKtUMfefo0wBqLAFx8MLm2NzssNN86eOruXQ31RDnoA+B1dNekhyq9rJlK4qvwxYkrcJ3K
 /+/vDlZxboIst4bzhJBSF507zhHz0Vv3oq9tOQaXbTBg+oY9MV6beweZugkGpgmQla1M=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=Content-Transfer-Encoding:Content-Type:MIME-Version:Message-Id:Date:
 Subject:Cc:To:From:Sender:Reply-To:Content-ID:Content-Description:Resent-Date
 :Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:
 References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:
 List-Owner:List-Archive; bh=B85QQZmV0f6lnv65gvVTyoxpmWbHpWw/tmxRwzBQzN4=; b=B
 CyuK9RAf6iTALcIHvcXM6LM64IRWqVa0lcocK3W62AYoejb2xmHfULaVfV1Qa0cIXbaMbNFcw/FHF
 nx2h9mQNkmJR8mULITrR5AhLWGTXZJ1GjXdj2Ncw+Y+DvHWIPnzKknwqQRYSMqQ1JhU+TIdGziINY
 vZlVfS8yodI9vm38=;
Received: from wout4-smtp.messagingengine.com ([64.147.123.20])
 by sfi-mx-1.v28.lw.sourceforge.com with esmtps
 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.3)
 id 1mpRb0-005pxd-2f
 for openvpn-devel@lists.sourceforge.net; Tue, 23 Nov 2021 08:56:12 +0000
Received: from compute6.internal (compute6.nyi.internal [10.202.2.46])
 by mailout.west.internal (Postfix) with ESMTP id 8BA4D32009E5;
 Tue, 23 Nov 2021 03:38:19 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162])
 by compute6.internal (MEProxy); Tue, 23 Nov 2021 03:38:19 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tuxed.net; h=
 from:to:cc:subject:date:message-id:mime-version:content-type
 :content-transfer-encoding; s=fm3; bh=B85QQZmV0f6lnv65gvVTyoxpmW
 bHpWw/tmxRwzBQzN4=; b=JTqBxBNkylsZ7FxFn58GuOiu4ukWW1hOJH1SIvLWP2
 1YkFz8OsWLiH0PFwDlID+9gzY9MxoOW23ueoSUeJ7Fbo41hz+g0bEfIIlQt5TLmH
 Qz60/RG/i5lZDVcBGhKFBo7AwXB1pp8wubvo0Nhrx91ooUXbp3x/HUQFlwGepyKz
 q9KlbSDuUKvWS+utOUpEaRBWF8+HFmVNkxUWUFk5XQgDIQDZmBrJsTO6XRjUVDIQ
 ZXvKzy15xiaZmeFZXn0ZFTrS//jWG4p6L72Uoc1X+BC8ZGSXybnPIQMP4+gu5jlx
 9yf1aDW8z65B7lAOIburtdGFb2VXFsmPtdXKCfP0AGAQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:content-transfer-encoding:content-type
 :date:from:message-id:mime-version:subject:to:x-me-proxy
 :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=B85QQZ
 mV0f6lnv65gvVTyoxpmWbHpWw/tmxRwzBQzN4=; b=dK/gpEyjTnPCrrwEHbcKhs
 VQu0R7LyVdn/tYsOvyhCU0BD4uli4BaJDtc+fYVKdAVW5t0/zrp88+Ro7ue69DrL
 RkOOdq74/10qyOu4fxAmcSJb2/VJt3ib0Q7zawcVd3BAUPHYdPvf3ecbqK9OM2fC
 g6JzEn7ks/w42ahI7nE6EP3aQ9D2ardFPKqeZA9hqMB1gnsZ3T7MrZ6ZXQldBTsD
 Zm7YR7VcjUSjisfSxayvWfT+hSItAkRV4QRfI2qlBTTlXM7mfh6juOufhgl3xAtI
 Tb8ndRinJm9yCu8uuEUv5JMeQZLZyxcPQMt1uNXMty3IfMotSdsnJ14etkXQCajg
 ==
X-ME-Sender: <xms:eqicYWRuG08HIge7fvmxLtREj9uNAN0sdTthZYw4mC7AV-ebQH4mMA>
 <xme:eqicYbz0ARgLqhSu8XAyH2J3cIMuKT2VQLHuIacDJQ-Nv9FnbqoziqIFTFldPNqbM
 RW0BC9W5wecgtjEn-M>
X-ME-Received: 
 <xmr:eqicYT10Zpd1-VlIlweYfKiUKuSsKfEo8aOAbW-WXq8NOCYi7aMwKPHgj3cS9z_0R0E8dRYc4niaOQp_XA>
X-ME-Proxy-Cause: 
 gggruggvucftvghtrhhoucdtuddrgedvuddrgeehgdduudeiucetufdoteggodetrfdotf
 fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
 uceurghilhhouhhtmecufedttdenucenucfjughrpefhvffufffkofggtgfgsehtkeertd
 ertdejnecuhfhrohhmpefhrhgrnhopohhishcumfhoohhmrghnuceofhhkohhomhgrnhes
 thhugigvugdrnhgvtheqnecuggftrfgrthhtvghrnhepgfdvkeffkeejkefgheelgfelff
 dtueehudetvdeikefggeevvdefteefiefhudfgnecuvehluhhsthgvrhfuihiivgeptden
 ucfrrghrrghmpehmrghilhhfrhhomhepfhhkohhomhgrnhesthhugigvugdrnhgvth
X-ME-Proxy: <xmx:eqicYSC4LdZz5nNqYTBhQG7BKrmTCGrMoh66XidoHMT4pieBxiD_bw>
 <xmx:eqicYfjpp_7vXzphmiz-k_dXkmLb9dUVDTQXEtMRC1TDApbWRlsQ9A>
 <xmx:eqicYeoKOosTuOo0wUkoOAU-6REMI-ATTOBrGbE3Jcs3BS-ZZFvUOA>
 <xmx:e6icYfL7hP5QZewzphZ8keleomL6mo3NqmIbl9eV98XCT3NoxCCpGg>
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue,
 23 Nov 2021 03:38:18 -0500 (EST)
From: =?utf-8?q?Fran=C3=A7ois_Kooman?= <fkooman@tuxed.net>
To: openvpn-devel@lists.sourceforge.net
Date: Tue, 23 Nov 2021 09:37:58 +0100
Message-Id: <20211123083758.15933-1-fkooman@tuxed.net>
X-Mailer: git-send-email 2.33.1
MIME-Version: 1.0
X-Spam-Report: =?unknown-8bit?q?Spam_detection_software=2C_running_on_the_sy?=
	=?unknown-8bit?q?stem_=22util-spamd-1=2Ev13=2Elw=2Esourceforge=2Ecom=22=2C?=
	=?unknown-8bit?q?_has_NOT_identified_this_incoming_email_as_spam=2E__The_ori?=
	=?unknown-8bit?q?ginal?=
	=?unknown-8bit?q?_message_has_been_attached_to_this_so_you_can_view_it_or_la?=
	=?unknown-8bit?q?bel?=
	=?unknown-8bit?q?_similar_future_email=2E__If_you_have_any_questions=2C_see?=
	=?unknown-8bit?q?_the_administrator_of_that_system_for_details=2E?=
	=?unknown-8bit?q?_?=
	=?unknown-8bit?q?_Content_preview=3A__fix_for_=231161_Signed-off-by=3A_Fran?=
	=?unknown-8bit?q?=C3=A7ois_Kooman_=3Cfkooman=40tuxed=2Enet=3E?=
	=?unknown-8bit?q?_---_src/openvpn/options=2Ec_=7C_2_+-_src/openvpn/route=2Ec?=
	=?unknown-8bit?q?_=7C_67_+++++++++++++++++++++++++++++++++++++++++--?=
	=?unknown-8bit?q?_src/openvpn/route=2Eh_=7C_1_+_3_files_changed=2C_67_=5B=2E?=
	=?unknown-8bit?q?=2E=2E=5D_?=
	=?unknown-8bit?q?_?=
	=?unknown-8bit?q?_Content_analysis_details=3A___=28-0=2E9_points=2C_6=2E0_re?=
	=?unknown-8bit?q?quired=29?=
	=?unknown-8bit?q?_?=
	=?unknown-8bit?q?_pts_rule_name______________description?=
	=?unknown-8bit?q?_----_----------------------_------------------------------?=
	=?unknown-8bit?q?--------------------?=
	=?unknown-8bit?q?_-0=2E7_RCVD=5FIN=5FDNSWL=5FLOW______RBL=3A_Sender_listed_a?=
	=?unknown-8bit?q?t_https=3A//www=2Ednswl=2Eorg/=2C?=
	=?unknown-8bit?q?_low_trust?=
	=?unknown-8bit?q?_=5B64=2E147=2E123=2E20_listed_in_list=2Ednswl=2Eorg=5D?=
	=?unknown-8bit?q?_-0=2E0_RCVD=5FIN=5FMSPIKE=5FH2______RBL=3A_Average_reputat?=
	=?unknown-8bit?q?ion_=28+2=29?=
	=?unknown-8bit?q?_=5B64=2E147=2E123=2E20_listed_in_wl=2Emailspike=2Enet=5D?=
	=?unknown-8bit?q?_-0=2E0_SPF=5FHELO=5FPASS__________SPF=3A_HELO_matches_SPF_?=
	=?unknown-8bit?q?record?=
	=?unknown-8bit?q?_-0=2E0_SPF=5FPASS_______________SPF=3A_sender_matches_SPF_?=
	=?unknown-8bit?q?record?=
	=?unknown-8bit?q?_-0=2E1_DKIM=5FVALID_____________Message_has_at_least_one_v?=
	=?unknown-8bit?q?alid_DKIM_or_DK_signature?=
	=?unknown-8bit?q?_0=2E1_DKIM=5FSIGNED____________Message_has_a_DKIM_or_DK_si?=
	=?unknown-8bit?q?gnature=2C_not_necessarily?=
	=?unknown-8bit?q?_valid?=
	=?unknown-8bit?q?_-0=2E1_DKIM=5FVALID=5FAU__________Message_has_a_valid_DKIM?=
	=?unknown-8bit?q?_or_DK_signature_from?=
	=?unknown-8bit?q?_author=27s_domain?=
	=?unknown-8bit?q?_-0=2E1_DKIM=5FVALID=5FEF__________Message_has_a_valid_DKIM?=
	=?unknown-8bit?q?_or_DK_signature_from?=
	=?unknown-8bit?q?_envelope-from_domain?=
X-Headers-End: 1mpRb0-005pxd-2f
Subject: [Openvpn-devel] [PATCH] implement net_gateway_ipv6 for --route-ipv6
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox

fix for #1161

Signed-off-by: François Kooman <fkooman@tuxed.net>
---
 src/openvpn/options.c |  2 +-
 src/openvpn/route.c   | 67 +++++++++++++++++++++++++++++++++++++++++--
 src/openvpn/route.h   |  1 +
 3 files changed, 67 insertions(+), 3 deletions(-)

diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index cc3d9fa0..3d530d7a 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -6558,7 +6558,7 @@ add_option(struct options *options,
                 msg(msglevel, "route-ipv6 parameter network/IP '%s' must be a valid address", p[1]);
                 goto err;
             }
-            if (p[2] && !ipv6_addr_safe(p[2]))
+            if (p[2] && !ipv6_addr_safe(p[2]) && !ipv6_is_special_addr(p[2]))
             {
                 msg(msglevel, "route-ipv6 parameter gateway '%s' must be a valid address", p[2]);
                 goto err;
diff --git a/src/openvpn/route.c b/src/openvpn/route.c
index fd1125ef..bd62b99a 100644
--- a/src/openvpn/route.c
+++ b/src/openvpn/route.c
@@ -287,6 +287,38 @@ get_special_addr(const struct route_list *rl,
     return false;
 }
 
+static bool
+ipv6_get_special_addr(const struct route_ipv6_list *rl,
+                 const char *string,
+                 struct in6_addr *out,
+                 bool *status)
+{
+    if (status)
+    {
+        *status = true;
+    }
+    if (!strcmp(string, "net_gateway_ipv6"))
+    {
+        if (rl)
+        {
+            if (rl->rgi6.flags & RGI_ADDR_DEFINED)
+            {
+                *out = rl->rgi6.gateway.addr_ipv6;
+            }
+            else
+            {
+                msg(M_INFO, PACKAGE_NAME " ROUTE: net_gateway_ipv6 undefined -- unable to get default gateway from system");
+                if (status)
+                {
+                    *status = false;
+                }
+            }
+        }
+        return true;
+    }
+    return false;
+}
+
 bool
 is_special_addr(const char *addr_str)
 {
@@ -300,6 +332,19 @@ is_special_addr(const char *addr_str)
     }
 }
 
+bool
+ipv6_is_special_addr(const char *addr_str)
+{
+    if (addr_str)
+    {
+        return ipv6_get_special_addr(NULL, addr_str, NULL, NULL);
+    }
+    else
+    {
+        return false;
+    }
+}
+
 static bool
 init_route(struct route_ipv4 *r,
            struct addrinfo **network_list,
@@ -438,6 +483,7 @@ init_route_ipv6(struct route_ipv6 *r6,
                 const struct route_ipv6_option *r6o,
                 const struct route_ipv6_list *rl6 )
 {
+    bool status;
     CLEAR(*r6);
 
     if (!get_ipv6_addr( r6o->prefix, &r6->network, &r6->netbits, M_WARN ))
@@ -448,9 +494,26 @@ init_route_ipv6(struct route_ipv6 *r6,
     /* gateway */
     if (is_route_parm_defined(r6o->gateway))
     {
-        if (inet_pton( AF_INET6, r6o->gateway, &r6->gateway ) != 1)
+        if (ipv6_get_special_addr(rl6, r6o->gateway, &r6->gateway, &status))
         {
-            msg( M_WARN, PACKAGE_NAME "ROUTE6: cannot parse gateway spec '%s'", r6o->gateway );
+            r6->metric = 1;
+#ifdef _WIN32
+            r6->adapter_index = rl6->rgi6.adapter_index;
+#else
+            r6->iface = rl6->rgi6.iface;
+#endif
+            r6->flags = RT_DEFINED | RT_METRIC_DEFINED;
+        }
+        else
+        {
+            if (inet_pton( AF_INET6, r6o->gateway, &r6->gateway ) != 1)
+            {
+                msg( M_WARN, PACKAGE_NAME "ROUTE6: cannot parse gateway spec '%s'", r6o->gateway );
+            }
+        }
+        if (!status)
+        {
+            goto fail;
         }
     }
     else if (rl6->spec_flags & RTSA_REMOTE_ENDPOINT)
diff --git a/src/openvpn/route.h b/src/openvpn/route.h
index dc448c74..bbb8d2f8 100644
--- a/src/openvpn/route.h
+++ b/src/openvpn/route.h
@@ -320,6 +320,7 @@ void setenv_routes(struct env_set *es, const struct route_list *rl);
 void setenv_routes_ipv6(struct env_set *es, const struct route_ipv6_list *rl6);
 
 bool is_special_addr(const char *addr_str);
+bool ipv6_is_special_addr(const char *addr_str);
 
 void get_default_gateway(struct route_gateway_info *rgi,
                          openvpn_net_ctx_t *ctx);