From patchwork Thu Jun  7 19:20:09 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Antonio Quartulli <a@unstable.cc>
X-Patchwork-Id: 357
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Delivered-To: patchwork@openvpn.net
Received: from director8.mail.ord1d.rsapps.net ([172.28.255.1])
	by backend30.mail.ord1d.rsapps.net (Dovecot) with LMTP id
 VHW9EWUSGlthcQAAIUCqbw
	for <patchwork@openvpn.net>; Fri, 08 Jun 2018 01:21:41 -0400
Received: from director5.mail.ord1c.rsapps.net ([172.28.255.1])
	by director8.mail.ord1d.rsapps.net (Dovecot) with LMTP id
 qQClGWUSGlvrKAAAfY0hYg
	; Fri, 08 Jun 2018 01:21:41 -0400
Received: from smtp4.gate.ord1c ([172.28.255.1])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	by director5.mail.ord1c.rsapps.net with LMTP id iOL2L2USGltLGQAAH8LYwg
	; Fri, 08 Jun 2018 01:21:41 -0400
X-Spam-Threshold: 95
X-Spam-Score: 0
X-Spam-Flag: NO
X-Virus-Scanned: OK
X-Orig-To: openvpnslackdevel@openvpn.net
X-Originating-Ip: [216.105.38.7]
Authentication-Results: smtp4.gate.ord1c.rsapps.net;
 iprev=pass policy.iprev="216.105.38.7";
 spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net"
 smtp.helo="lists.sourceforge.net";
 dkim=fail (signature verification failed) header.d=sourceforge.net;
 dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil;
 dis=none) header.from=unstable.cc
X-Suspicious-Flag: YES
X-Classification-ID: d308c38a-6adb-11e8-9345-0024e87f2f2c-1-1
Received: from [216.105.38.7] ([216.105.38.7:13281]
 helo=lists.sourceforge.net)
	by smtp4.gate.ord1c.rsapps.net (envelope-from
 <openvpn-devel-bounces@lists.sourceforge.net>)
	(ecelerity 4.2.1.56364 r(Core:4.2.1.14)) with ESMTPS
 (cipher=DHE-RSA-AES256-GCM-SHA384)
	id A4/16-17429-5621A1B5; Fri, 08 Jun 2018 01:21:41 -0400
Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com)
	by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.90_1)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1fR9pW-00048N-0U; Fri, 08 Jun 2018 05:20:54 +0000
Received: from [172.30.20.202] (helo=mx.sourceforge.net)
 by sfs-ml-2.v29.lw.sourceforge.com with esmtps
 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1)
 (envelope-from <a@unstable.cc>) id 1fR9pV-00048H-Iq
 for openvpn-devel@lists.sourceforge.net; Fri, 08 Jun 2018 05:20:53 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:
 MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=MED92f61P5Vj0B97h707GZ86TcpzzgQLQ46vaCd3mSk=; b=h8KwpdM0/DdH0JqPrzhwvfdjyr
 1Hfma1fiDI/NMos65TAPKabOohWi/SmHccQa6VCehTXad7UG/cBr7L4xDcDklj8JWRjpsjDLd6Rar
 VsyX6tsXLSGuY0MJte+tN4BC3fS3UNy8n7ESt3E24KxThCVxYvK6AkhFFCZAlnhfHIqo=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:MIME-Version:
 Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:
 Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
 In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
 List-Post:List-Owner:List-Archive;
 bh=MED92f61P5Vj0B97h707GZ86TcpzzgQLQ46vaCd3mSk=; b=Cu0G2EXG1PcKLMQuTCxLnW/M49
 90F8Uo3GzpD2+BI15cGyrboM5iBtD0m5Ytq7qhcixLS+U1PyDIJGv2t+mW2v+P/8kGk+08v7BFozA
 m4DZ4caXOMrf40CnZfPP4Yu/AvJ+e0Ty7Y5PK9wU1wL8UU6QtTlbgY6wstWxR8qh7gU4=;
Received: from s2.neomailbox.net ([5.148.176.60])
 by sfi-mx-2.v28.lw.sourceforge.com with esmtps
 (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1)
 id 1fR9pT-003Iph-E2
 for openvpn-devel@lists.sourceforge.net; Fri, 08 Jun 2018 05:20:53 +0000
From: Antonio Quartulli <a@unstable.cc>
To: openvpn-devel@lists.sourceforge.net
Date: Fri,  8 Jun 2018 13:20:09 +0800
Message-Id: <20180608052017.6696-1-a@unstable.cc>
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
 See http://spamassassin.org/tag/ for more details.
 -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at http://www.dnswl.org/, no
 trust [5.148.176.60 listed in list.dnswl.org]
 -0.0 SPF_PASS               SPF: sender matches SPF record
 -0.0 AWL AWL: Adjusted score from AWL reputation of From: address
X-Headers-End: 1fR9pT-003Iph-E2
Subject: [Openvpn-devel] [PATCH v2 0/5] Allow IPv6-only tunnels
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Cc: Antonio Quartulli <a@unstable.cc>
MIME-Version: 1.0
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox

This patchset allows clients and servers to work with a
tunnel configured with IPv6 only.

Patch 3 is a mere cosmetic change and could be merged
regardless of the rest.

With this change a server can be configured by using only the
'--server-ipv6' directive.
This will result in clients receiving only 'ifconfig-ipv6'
setting in their push-reply (and no IPv4 at all).


Differences from v1:
- more windows logic has been added to ensure client is properly started
  and configured with IPv6 only;
- warning messages added when trying to add IPv4 routes (even when
  redirect-gateway without !ipv4 is specified). Note: the behaviour of
  redirect-gateway has not been touched, therefore the "ipv6" flag is
  still required, even if only IPv6 are configured on the interfaces;
- redirect-gateway is prevented from adding a bypass route if no IPv4
  redirection is taking place;
- added support for --ifconfig-pool-persist when only IPv6 is configured
- added do_ifconfig_ipv4() in do_ifconfig() to make code symmetric wrt
  IPv6;
- I may have forgotten some other little details..


(Note: this code is also available at [1] in the ipv6-only branch)


Cheers,

Trac: #208
[1] https://gitlab.com/ordex986/openvpn


Antonio Quartulli (8):
  tun: ensure interface can be configured with IPv6 only
  windows: properly configure TAP driver when no IPv4 is configured
  pool: convert pool 'type' to enum
  pool: allow to configure an IPv6-only ifconfig-pool
  make server capable of starting with an IPv6-only tunnel
  pool: add support for ifconfig-pool-persist with IPv6 only
  route: warn on IPv4 routes installation when no IPv4 is configured
  options: enable IPv4 redirection logic only if really required

 src/openvpn/forward.c |    4 +-
 src/openvpn/helper.c  |    8 +-
 src/openvpn/multi.c   |   10 +-
 src/openvpn/options.c |   16 +-
 src/openvpn/pool.c    |  259 +++++++---
 src/openvpn/pool.h    |   17 +-
 src/openvpn/route.c   |   14 +-
 src/openvpn/tun.c     | 1142 ++++++++++++++++++-----------------------
 src/openvpn/tun.h     |   12 +-
 9 files changed, 754 insertions(+), 728 deletions(-)