From patchwork Sat Jun 23 10:11:12 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Antonio Quartulli X-Patchwork-Id: 388 X-Patchwork-Delegate: gert@greenie.muc.de Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director8.mail.ord1d.rsapps.net ([172.30.191.6]) by backend30.mail.ord1d.rsapps.net (Dovecot) with LMTP id I0jtLMypLlsMPwAAIUCqbw for ; Sat, 23 Jun 2018 16:13:00 -0400 Received: from proxy2.mail.ord1d.rsapps.net ([172.30.191.6]) by director8.mail.ord1d.rsapps.net (Dovecot) with LMTP id u3OxLMypLluSHwAAfY0hYg ; Sat, 23 Jun 2018 16:13:00 -0400 Received: from smtp9.gate.ord1d ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy2.mail.ord1d.rsapps.net with LMTP id qB2kLMypLls2TgAAfawv4w ; Sat, 23 Jun 2018 16:13:00 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp9.gate.ord1d.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=unstable.cc X-Suspicious-Flag: YES X-Classification-ID: d363b1ee-7721-11e8-9e01-525400bd3b1f-1-1 Received: from [216.105.38.7] ([216.105.38.7:57325] helo=lists.sourceforge.net) by smtp9.gate.ord1d.rsapps.net (envelope-from ) (ecelerity 4.2.1.56364 r(Core:4.2.1.14)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 79/FD-03479-CC9AE2B5; Sat, 23 Jun 2018 16:13:00 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1fWotH-0008Bz-9l; Sat, 23 Jun 2018 20:12:11 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1fWotG-0008Bt-Br for openvpn-devel@lists.sourceforge.net; Sat, 23 Jun 2018 20:12:10 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:Cc: To:From:Sender:Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=7OuQaLp97KRGSJpQUzQ2UopuL+/oemtF9VFT2rK4A24=; b=jtdL3rqsJHKhCfMpbLLtHo5Q3P BXg5NHZE803vajc34+aBOxswxq+Gyfj0790qmdSppBUOp1qGgxZusmD4ZgzHro0XcAqzoLifRNnQl GRQBYKea6c2GEPnxCVroUQsB+IbSbuorqxpTnYwQr5OxEgK+S71P7T/rXNVm29EnlqOg=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=7OuQaLp97KRGSJpQUzQ2UopuL+/oemtF9VFT2rK4A24=; b=N60AV15DJNGMWroEck5q7Xp7vW tjr9q9Y7pgLO25cPb7AMsOY1sJnRMDqeiWnKqCFt1ZzyTnXdTrgUxheQJSmk1DHvaNPnVvuzc0NF1 huWPWRrEz6S2H9QtqyHgRxeQQKeKhcflGA6936O048GRqhP9J5rZi6Olsmr66WS9mHgw=; Received: from s2.neomailbox.net ([5.148.176.60]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) id 1fWotE-006tzs-Le for openvpn-devel@lists.sourceforge.net; Sat, 23 Jun 2018 20:12:10 +0000 From: Antonio Quartulli To: openvpn-devel@lists.sourceforge.net Date: Sun, 24 Jun 2018 04:11:12 +0800 Message-Id: <20180623201112.29973-1-a@unstable.cc> In-Reply-To: <20180608052017.6696-6-a@unstable.cc> References: <20180608052017.6696-6-a@unstable.cc> X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [5.148.176.60 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 AWL AWL: Adjusted score from AWL reputation of From: address X-Headers-End: 1fWotE-006tzs-Le Subject: [Openvpn-devel] [PATCH v3 5/8] allow usage of --server-ipv6 even when no --server is specified X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Antonio Quartulli MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox From: Antonio Quartulli Until now OpenVPN has not allowed to specify --server-ipv6 if no --server was also set. This constraint comes from the fact that most of the IPv6 logic (i.e. ifconfig-pool handling) relied on IPv4 components to be activated and configured as well. Now that the IPv6 code path has been made independent from IPv4, it is finally possible to to relax the constraint mentioned above and make it possible for the user to have a configurations with --server-ipv6 only. Trac: #208 Signed-off-by: Antonio Quartulli --- Changes from v2: - patchset rebased on top of pre-ipv6-only patchset - change commit subject/message - move ifconfig-ipv6-pool check change into 4/8 src/openvpn/helper.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/openvpn/helper.c b/src/openvpn/helper.c index ff9df506..42ba5b2c 100644 --- a/src/openvpn/helper.c +++ b/src/openvpn/helper.c @@ -177,10 +177,11 @@ helper_client_server(struct options *o) */ if (o->server_ipv6_defined) { - if (!o->server_defined) + if (o->client) { - msg(M_USAGE, "--server-ipv6 must be used together with --server"); + msg(M_USAGE, "--server and --client cannot be used together"); } + if (o->server_flags & SF_NOPOOL) { msg( M_USAGE, "--server-ipv6 is incompatible with 'nopool' option" ); @@ -190,6 +191,9 @@ helper_client_server(struct options *o) msg( M_USAGE, "--server-ipv6 already defines an ifconfig-ipv6-pool, so you can't also specify --ifconfig-pool explicitly"); } + o->mode = MODE_SERVER; + o->tls_server = true; + /* local ifconfig is "base address + 1" and "+2" */ o->ifconfig_ipv6_local = print_in6_addr( add_in6_addr( o->server_network_ipv6, 1), 0, &o->gc );