From patchwork Mon Jun  4 23:04:21 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Antonio Quartulli <a@unstable.cc>
X-Patchwork-Id: 350
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Delivered-To: patchwork@openvpn.net
Received: from director8.mail.ord1d.rsapps.net ([172.27.255.59])
	by backend30.mail.ord1d.rsapps.net (Dovecot) with LMTP id
 jLFDA4pSFlsuWgAAIUCqbw
	for <patchwork@openvpn.net>; Tue, 05 Jun 2018 05:06:18 -0400
Received: from proxy17.mail.iad3a.rsapps.net ([172.27.255.59])
	by director8.mail.ord1d.rsapps.net (Dovecot) with LMTP id
 I1x0D4pSFltucgAAfY0hYg
	; Tue, 05 Jun 2018 05:06:18 -0400
Received: from smtp51.gate.iad3a ([172.27.255.59])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	by proxy17.mail.iad3a.rsapps.net with LMTP id qAmRDYpSFlv+LQAAR4KW9A
	; Tue, 05 Jun 2018 05:06:18 -0400
X-Spam-Threshold: 95
X-Spam-Score: 0
X-Spam-Flag: NO
X-Virus-Scanned: OK
X-Orig-To: openvpnslackdevel@openvpn.net
X-Originating-Ip: [216.105.38.7]
Authentication-Results: smtp51.gate.iad3a.rsapps.net;
 iprev=pass policy.iprev="216.105.38.7";
 spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net"
 smtp.helo="lists.sourceforge.net";
 dkim=fail (signature verification failed) header.d=sourceforge.net;
 dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil;
 dis=none) header.from=unstable.cc
X-Suspicious-Flag: YES
X-Classification-ID: b490af14-689f-11e8-9e46-525400aaff7b-1-1
Received: from [216.105.38.7] ([216.105.38.7:8659] helo=lists.sourceforge.net)
	by smtp51.gate.iad3a.rsapps.net (envelope-from
 <openvpn-devel-bounces@lists.sourceforge.net>)
	(ecelerity 4.2.1.56364 r(Core:4.2.1.14)) with ESMTPS
 (cipher=DHE-RSA-AES256-GCM-SHA384)
	id 77/E0-08969-982561B5; Tue, 05 Jun 2018 05:06:18 -0400
Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com)
	by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.90_1)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1fQ7u9-0004AZ-Be; Tue, 05 Jun 2018 09:05:25 +0000
Received: from [172.30.20.202] (helo=mx.sourceforge.net)
 by sfs-ml-2.v29.lw.sourceforge.com with esmtps
 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1)
 (envelope-from <a@unstable.cc>) id 1fQ7tx-0004A0-QB
 for openvpn-devel@lists.sourceforge.net; Tue, 05 Jun 2018 09:05:13 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:Cc:
 To:From:Sender:Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding:
 Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
 Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=j/lJ4QER5g2RETBprKDg0/DK0PcA2Q4x9LDP2JM44WA=; b=gfczkmghRgVFynw9VMb9MEfL7K
 g6CtvozCmFUnba0/fz4l33oarqd+zkO+6Fvo9+T2kwPKPX1RSL7Ti7QXOy93jFyDDoXuhoALykKMQ
 BQpB/fy+7Bt+UI3E4dOeP3rsSMwXo5f5/A8+UpBP28zg32OOs/NiKpfWyzXieRNsKNAA=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To
 :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
 List-Post:List-Owner:List-Archive;
 bh=j/lJ4QER5g2RETBprKDg0/DK0PcA2Q4x9LDP2JM44WA=; b=KSh1kTU27Jmv+WKQ/fFWYo2v4R
 uDWW/5Lm77ki1g3broiiiXZAbQQ1H2tkI7+0NbSehYfTIPvTs9yJkbwlfEc/OuZ4rIzOVoLN1Rp3S
 widevRUjyHPTW+12PDrSj8pZl/uCINbmd2lHSv7v0fEcbZKgN8JVO5mSc4YgSnfD1A6Y=;
Received: from s2.neomailbox.net ([5.148.176.60])
 by sfi-mx-1.v28.lw.sourceforge.com with esmtps
 (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1)
 id 1fQ7tw-006SQd-8W
 for openvpn-devel@lists.sourceforge.net; Tue, 05 Jun 2018 09:05:13 +0000
From: Antonio Quartulli <a@unstable.cc>
To: openvpn-devel@lists.sourceforge.net
Date: Tue,  5 Jun 2018 17:04:21 +0800
Message-Id: <20180605090421.9746-6-a@unstable.cc>
In-Reply-To: <20180605090421.9746-1-a@unstable.cc>
References: <20180605090421.9746-1-a@unstable.cc>
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
 See http://spamassassin.org/tag/ for more details.
 -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at http://www.dnswl.org/, no
 trust [5.148.176.60 listed in list.dnswl.org]
 -0.0 SPF_PASS               SPF: sender matches SPF record
X-Headers-End: 1fQ7tw-006SQd-8W
Subject: [Openvpn-devel] [PATCH 5/5] make server capable of starting with an
 IPv6-only tunnel
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Cc: Antonio Quartulli <antonio@openvpn.net>
MIME-Version: 1.0
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox

From: Antonio Quartulli <antonio@openvpn.net>

Due to the current logic it is not possible for a server
to create an IPv6-only tunnel, because OpenVPN mandates
the existance of an IPv4 configuration (even if fake).

This change relaxes this constraint and allows servers to
bring up tunnels without any IPv4 setting at all.

For the user this means that a server can be configured
with just the "--server-ipv6" directive and no "--server"
at all.

Trac: #208
Cc: Gert Doering <gert@greenie.muc.de>
Signed-off-by: Antonio Quartulli <antonio@openvpn.net>
---
 src/openvpn/helper.c | 8 ++++++--
 src/openvpn/multi.c  | 3 ++-
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/src/openvpn/helper.c b/src/openvpn/helper.c
index ff9df506..42ba5b2c 100644
--- a/src/openvpn/helper.c
+++ b/src/openvpn/helper.c
@@ -177,10 +177,11 @@ helper_client_server(struct options *o)
      */
     if (o->server_ipv6_defined)
     {
-        if (!o->server_defined)
+        if (o->client)
         {
-            msg(M_USAGE, "--server-ipv6 must be used together with --server");
+            msg(M_USAGE, "--server and --client cannot be used together");
         }
+
         if (o->server_flags & SF_NOPOOL)
         {
             msg( M_USAGE, "--server-ipv6 is incompatible with 'nopool' option" );
@@ -190,6 +191,9 @@ helper_client_server(struct options *o)
             msg( M_USAGE, "--server-ipv6 already defines an ifconfig-ipv6-pool, so you can't also specify --ifconfig-pool explicitly");
         }
 
+        o->mode = MODE_SERVER;
+        o->tls_server = true;
+
         /* local ifconfig is "base address + 1" and "+2" */
         o->ifconfig_ipv6_local =
             print_in6_addr( add_in6_addr( o->server_network_ipv6, 1), 0, &o->gc );
diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c
index 39ab6d68..5d10bd18 100644
--- a/src/openvpn/multi.c
+++ b/src/openvpn/multi.c
@@ -388,7 +388,8 @@ multi_init(struct multi_context *m, struct context *t, bool tcp_mode, int thread
      * differently based on whether a tun or tap style
      * tunnel.
      */
-    if (t->options.ifconfig_pool_defined)
+    if (t->options.ifconfig_pool_defined
+        || t->options.ifconfig_ipv6_pool_defined)
     {
         int pool_type = IFCONFIG_POOL_INDIV;