From patchwork Wed Jan 24 06:31:45 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Selva Nair X-Patchwork-Id: 211 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director3.mail.ord1d.rsapps.net ([172.30.191.6]) by backend31.mail.ord1d.rsapps.net (Dovecot) with LMTP id PVK3BD7DaFpwFQAAgoeIoA for ; Wed, 24 Jan 2018 12:32:46 -0500 Received: from proxy19.mail.ord1d.rsapps.net ([172.30.191.6]) by director3.mail.ord1d.rsapps.net (Dovecot) with LMTP id R8LkBT7DaFqDRAAAkXNnRw ; Wed, 24 Jan 2018 12:32:46 -0500 Received: from smtp29.gate.ord1c ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy19.mail.ord1d.rsapps.net (Dovecot) with LMTP id HP6BDT7DaFppIgAAyH2SIw ; Wed, 24 Jan 2018 12:32:46 -0500 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.34.181.88] Authentication-Results: smtp29.gate.ord1c.rsapps.net; iprev=pass policy.iprev="216.34.181.88"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=gmail.com; dmarc=fail (p=none; dis=none) header.from=gmail.com X-Classification-ID: 96e24ff2-012c-11e8-9af9-842b2b1a2b4d-1-1 Received: from [216.34.181.88] ([216.34.181.88:57144] helo=lists.sourceforge.net) by smtp29.gate.ord1c.rsapps.net (envelope-from ) (ecelerity 4.2.1.56364 r(Core:4.2.1.14)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 07/36-26808-D33C86A5; Wed, 24 Jan 2018 12:32:45 -0500 Received: from localhost ([127.0.0.1] helo=sfs-ml-3.v29.ch3.sourceforge.com) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.89) (envelope-from ) id 1eeOtz-0007Dm-KU; Wed, 24 Jan 2018 17:31:59 +0000 Received: from sfi-mx-4.v28.ch3.sourceforge.com ([172.29.28.194] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89) (envelope-from ) id 1eeOty-0007Dg-0C for openvpn-devel@lists.sourceforge.net; Wed, 24 Jan 2018 17:31:58 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:Cc: To:From:Sender:Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=/1YHdBth7Vwbpdjrea4NEPQrhOQKWhrMe8cFfZcvgg8=; b=Ox3IySvoB+QxjVXz9rwR52+yEL DxtGD5xa6Hhx/z7HOJUNRYA1+G3GcbZmnm0ICiEObDWDygHr34XaTRi6pOfj0aLzbqoOuheIithX0 N3r/yBhopeC2Ly3C0Gdh/kAYhIqsurAh2yHAsBx1tiRt4Qr3qgBxm/UsOwEGK8olxG4o=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=/1YHdBth7Vwbpdjrea4NEPQrhOQKWhrMe8cFfZcvgg8=; b=VPCF23BYl7EsPg+iFkcIBNWlox MJ8tDNtVtFsz3ScUKJk0V+ZVA4rfNErh1LqlAuhDyOIR367i+TOV65VqxGz15LUlEyt73ek+b3apB xJQeztPW/i6o3sTY/qipiiVDVDBD/EIwfoU/sgzgjFOUqXB8thh+vaUsJ5OxWP2vKodA=; Received: from mail-io0-f194.google.com ([209.85.223.194]) by sfi-mx-4.v28.ch3.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.89) id 1eeOtw-0002Mm-TW for openvpn-devel@lists.sourceforge.net; Wed, 24 Jan 2018 17:31:57 +0000 Received: by mail-io0-f194.google.com with SMTP id d13so5654105iog.5 for ; Wed, 24 Jan 2018 09:31:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=/1YHdBth7Vwbpdjrea4NEPQrhOQKWhrMe8cFfZcvgg8=; b=qv+V5e5huI4EODvjev9rXDe8o5bjf9q4ubIoDLbTKG8fRoszXNnRAZ9Bjx2p636yv8 wSzv3xFxNkw/+NAzz4cZ21N+HTn0dr+y48U5ZDuqoXB50Apm2PoV7s6HuGBXs9wJgEzf kWhJIFLan/QUovey3LCa/JY0rLNN6P1ptbSJoWmXeMcMbgltjlOxRBpr9ZqVmgW3nrvE WnlyheeLsd0i3WjRQkNUBMOxCDkc8naWXaMXWvi09W9a/9yaniPkIbz7B/pSDAhpoSAf WIN+AztjG1G6GV24Jv5rm3u6WYz+Pprmh7amEtNjyYLUpMlcZCH/x68Kg7m0/EGWVlHt 0LxQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=/1YHdBth7Vwbpdjrea4NEPQrhOQKWhrMe8cFfZcvgg8=; b=QYxsVbem2McS5Dh3Yrdo20cIPFFJRdGu7CDrOUNXUniXXswHLLa6wK7qvEM316bQWf /A+RbXt4/VuLhvwTYxbSwZow0oPLeRSJXaAHl+VzoSNc8ZXzf/3W4KntJsfhryPM2hnU PebpE52Uhu1QweL/6N9Sx/W6OhK9gnN3P+IYUL9cesDhbON66gULWpGzkxmua8gDERFu TUZT+diq6jilaSJqnCp66hwbHBieuEKgXln1a7iDgQMZnCqBlIiyL7im3GwexQYNMX/0 YwhnHzrIAnGUE+Eg1cZjUUTrAvDcCwnNwGJ38Own94lYwMeBNvzu2zez3LiQL9niAmzb bfpg== X-Gm-Message-State: AKwxytdyf3EB+EKL7lkYtWESoKpUQc/B0hCtwN6NztvPPrbRMsqAftUT 2s7fbW+idBqLcNfuP3HxFsnr2zAO X-Google-Smtp-Source: AH8x226cs8BSZyjl2syPcFL8aql+c6p8ihDBNTTOHyn3fZN0vyX/JMEBYkCsY24Uv+T2ZsG5kvXVjg== X-Received: by 10.107.30.8 with SMTP id e8mr9296575ioe.184.1516815111284; Wed, 24 Jan 2018 09:31:51 -0800 (PST) Received: from saturn.home.sansel.ca (CPE40167ea0e1c2-CM788df74daaa0.cpe.net.cable.rogers.com. [99.228.215.92]) by smtp.gmail.com with ESMTPSA id k75sm454396iod.27.2018.01.24.09.31.49 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 24 Jan 2018 09:31:50 -0800 (PST) From: selva.nair@gmail.com To: openvpn-devel@lists.sourceforge.net Date: Wed, 24 Jan 2018 12:31:45 -0500 Message-Id: <1516815105-17882-1-git-send-email-selva.nair@gmail.com> X-Mailer: git-send-email 2.1.4 In-Reply-To: <1509930876-30728-1-git-send-email-selva.nair@gmail.com> References: <1509930876-30728-1-git-send-email-selva.nair@gmail.com> X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (selva.nair[at]gmail.com) -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [209.85.223.194 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1eeOtw-0002Mm-TW Subject: [Openvpn-devel] [PATCH v3] Use lowest metric interface when multiple interfaces match a route X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox From: Selva Nair Currently a route addition using IPAPI or service is skipped if the route gateway is reachable by multiple interfaces. This changes that to use the interface with lowest metric. Implemented by (i) Do not over-write the return value with TUN_ADAPTER_INDEX_INVALID in windows_route_find_if_index() if multiple interfaces match a route. (ii) Select the interface with lowest metric in adapter_index_of_ip() instead of the first one found when multiple interfaces match. Reported by Jan Just Keijser Signed-off-by: Selva Nair Tested-by: Jan Just Keijser Acked-by: Gert Doering --- NOTE: depends on https://patchwork.openvpn.net/patch/136/ v3: Simpliyfy the patch using get_interface_metric from block_dns.c Simpler is also easier to review :) (requires patch 136 https://patchwork.openvpn.net/patch/136/) v2: - Revert an unintented edit of route.c (a_index = ...) - Improve the commit message src/openvpn/route.c | 1 - src/openvpn/tun.c | 17 +++++++++++++++-- 2 files changed, 15 insertions(+), 3 deletions(-) diff --git a/src/openvpn/route.c b/src/openvpn/route.c index f121d3f..218ca96 100644 --- a/src/openvpn/route.c +++ b/src/openvpn/route.c @@ -2785,7 +2785,6 @@ windows_route_find_if_index(const struct route_ipv4 *r, const struct tuntap *tt) msg(M_WARN, "Warning: route gateway is ambiguous: %s (%d matches)", print_in_addr_t(r->gateway, 0, &gc), count); - ret = TUN_ADAPTER_INDEX_INVALID; } dmsg(D_ROUTE_DEBUG, "DEBUG: route find if: on_tun=%d count=%d index=%d", diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index 2644d99..f424f82 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -45,6 +45,7 @@ #include "manage.h" #include "route.h" #include "win32.h" +#include "block_dns.h" #include "memdbg.h" @@ -4480,6 +4481,7 @@ adapter_index_of_ip(const IP_ADAPTER_INFO *list, struct gc_arena gc = gc_new(); DWORD ret = TUN_ADAPTER_INDEX_INVALID; in_addr_t highest_netmask = 0; + int lowest_metric = INT_MAX; bool first = true; if (count) @@ -4493,9 +4495,14 @@ adapter_index_of_ip(const IP_ADAPTER_INFO *list, if (is_ip_in_adapter_subnet(list, ip, &hn)) { + int metric = get_interface_metric(list->Index, AF_INET, NULL); if (first || hn > highest_netmask) { highest_netmask = hn; + if (metric >= 0) + { + lowest_metric = metric; + } if (count) { *count = 1; @@ -4509,16 +4516,22 @@ adapter_index_of_ip(const IP_ADAPTER_INFO *list, { ++*count; } + if (metric >= 0 && metric < lowest_metric) + { + ret = list->Index; + lowest_metric = metric; + } } } list = list->Next; } - dmsg(D_ROUTE_DEBUG, "DEBUG: IP Locate: ip=%s nm=%s index=%d count=%d", + dmsg(D_ROUTE_DEBUG, "DEBUG: IP Locate: ip=%s nm=%s index=%d count=%d metric=%d", print_in_addr_t(ip, 0, &gc), print_in_addr_t(highest_netmask, 0, &gc), (int)ret, - count ? *count : -1); + count ? *count : -1, + lowest_metric); if (ret == TUN_ADAPTER_INDEX_INVALID && count) {