From patchwork Thu Jun  7 19:20:14 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Antonio Quartulli <a@unstable.cc>
X-Patchwork-Id: 356
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Delivered-To: patchwork@openvpn.net
Received: from director10.mail.ord1d.rsapps.net ([172.30.191.6])
	by backend30.mail.ord1d.rsapps.net (Dovecot) with LMTP id
 Q1vcLWISGlvHYwAAIUCqbw
	for <patchwork@openvpn.net>; Fri, 08 Jun 2018 01:21:38 -0400
Received: from proxy9.mail.ord1d.rsapps.net ([172.30.191.6])
	by director10.mail.ord1d.rsapps.net (Dovecot) with LMTP id
 s5xYLWISGluiGAAApN4f7A
	; Fri, 08 Jun 2018 01:21:38 -0400
Received: from smtp33.gate.ord1c ([172.30.191.6])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	by proxy9.mail.ord1d.rsapps.net with LMTP id SEaFLWISGlulHgAA7h+8OQ
	; Fri, 08 Jun 2018 01:21:38 -0400
X-Spam-Threshold: 95
X-Spam-Score: 0
X-Spam-Flag: NO
X-Virus-Scanned: OK
X-Orig-To: openvpnslackdevel@openvpn.net
X-Originating-Ip: [216.105.38.7]
Authentication-Results: smtp33.gate.ord1c.rsapps.net;
 iprev=pass policy.iprev="216.105.38.7";
 spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net"
 smtp.helo="lists.sourceforge.net";
 dkim=fail (signature verification failed) header.d=sourceforge.net;
 dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil;
 dis=none) header.from=unstable.cc
X-Suspicious-Flag: YES
X-Classification-ID: d1578a4e-6adb-11e8-9460-54520067fec4-1-1
Received: from [216.105.38.7] ([216.105.38.7:34280]
 helo=lists.sourceforge.net)
	by smtp33.gate.ord1c.rsapps.net (envelope-from
 <openvpn-devel-bounces@lists.sourceforge.net>)
	(ecelerity 4.2.1.56364 r(Core:4.2.1.14)) with ESMTPS
 (cipher=DHE-RSA-AES256-GCM-SHA384)
	id 27/A0-04369-2621A1B5; Fri, 08 Jun 2018 01:21:38 -0400
Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com)
	by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.90_1)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1fR9pg-00049g-4T; Fri, 08 Jun 2018 05:21:04 +0000
Received: from [172.30.20.202] (helo=mx.sourceforge.net)
 by sfs-ml-2.v29.lw.sourceforge.com with esmtps
 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1)
 (envelope-from <a@unstable.cc>) id 1fR9pe-00049T-Jm
 for openvpn-devel@lists.sourceforge.net; Fri, 08 Jun 2018 05:21:02 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:Cc:
 To:From:Sender:Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding:
 Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
 Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=KNXBUU+YF+rb33i8Hqc2X2Icq4cpEIbidhlsxDvOWqQ=; b=BMD/UxenOU4Rs/wdZIF1KXBA+1
 MjfviuCZfwxppA7GL6iJUvNONeoFHZlvTYVzs93L14IXLkJm59i0F94a70ace+njmHxLtv41gFFKg
 i9x9vGUxFBj1iqF6M/dMUfhC/Rt2fRVfGvw/3X7Ne8Dg74UtzncuLb9IO4bpyb4KhsUg=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To
 :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
 List-Post:List-Owner:List-Archive;
 bh=KNXBUU+YF+rb33i8Hqc2X2Icq4cpEIbidhlsxDvOWqQ=; b=XHEOzWX2BD5ZnsdkWIipa3xklt
 2HpDbJ+njoyAS2EMAobcu+EiNaTJ96m1jDqL/2EjteadHW4wOUOIrgKDxHjNx7/gLbM2nD3/b6UJ+
 ccuKgrpyUP09rIXVF5OquAHeIISMmPkRVzaVmSaOFi4/pVMUMscZ5rE8xN8P+O4v36Ls=;
Received: from s2.neomailbox.net ([5.148.176.60])
 by sfi-mx-3.v28.lw.sourceforge.com with esmtps
 (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1)
 id 1fR9pd-00Gs34-7B
 for openvpn-devel@lists.sourceforge.net; Fri, 08 Jun 2018 05:21:02 +0000
From: Antonio Quartulli <a@unstable.cc>
To: openvpn-devel@lists.sourceforge.net
Date: Fri,  8 Jun 2018 13:20:14 +0800
Message-Id: <20180608052017.6696-6-a@unstable.cc>
In-Reply-To: <20180608052017.6696-1-a@unstable.cc>
References: <20180608052017.6696-1-a@unstable.cc>
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
 See http://spamassassin.org/tag/ for more details.
 -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at http://www.dnswl.org/, no
 trust [5.148.176.60 listed in list.dnswl.org]
 -0.0 SPF_PASS               SPF: sender matches SPF record
 -0.0 AWL AWL: Adjusted score from AWL reputation of From: address
X-Headers-End: 1fR9pd-00Gs34-7B
Subject: [Openvpn-devel] [PATCH v2 5/8] make server capable of starting with
 an IPv6-only tunnel
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Cc: Gert Doering <gert@greenie.muc.de>,
 Antonio Quartulli <antonio@openvpn.net>
MIME-Version: 1.0
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox

From: Antonio Quartulli <antonio@openvpn.net>

Due to the current logic it is not possible for a server
to create an IPv6-only tunnel, because OpenVPN mandates
the existance of an IPv4 configuration (even if fake).

This change relaxes this constraint and allows servers to
bring up tunnels without any IPv4 setting at all.

For the user this means that a server can be configured
with just the "--server-ipv6" directive and no "--server"
at all.

Trac: #208
Cc: Gert Doering <gert@greenie.muc.de>
Signed-off-by: Antonio Quartulli <antonio@openvpn.net>
---
 src/openvpn/helper.c | 8 ++++++--
 src/openvpn/multi.c  | 3 ++-
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/src/openvpn/helper.c b/src/openvpn/helper.c
index ff9df506..42ba5b2c 100644
--- a/src/openvpn/helper.c
+++ b/src/openvpn/helper.c
@@ -177,10 +177,11 @@ helper_client_server(struct options *o)
      */
     if (o->server_ipv6_defined)
     {
-        if (!o->server_defined)
+        if (o->client)
         {
-            msg(M_USAGE, "--server-ipv6 must be used together with --server");
+            msg(M_USAGE, "--server and --client cannot be used together");
         }
+
         if (o->server_flags & SF_NOPOOL)
         {
             msg( M_USAGE, "--server-ipv6 is incompatible with 'nopool' option" );
@@ -190,6 +191,9 @@ helper_client_server(struct options *o)
             msg( M_USAGE, "--server-ipv6 already defines an ifconfig-ipv6-pool, so you can't also specify --ifconfig-pool explicitly");
         }
 
+        o->mode = MODE_SERVER;
+        o->tls_server = true;
+
         /* local ifconfig is "base address + 1" and "+2" */
         o->ifconfig_ipv6_local =
             print_in6_addr( add_in6_addr( o->server_network_ipv6, 1), 0, &o->gc );
diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c
index 20f8611b..dbc8f370 100644
--- a/src/openvpn/multi.c
+++ b/src/openvpn/multi.c
@@ -388,7 +388,8 @@ multi_init(struct multi_context *m, struct context *t, bool tcp_mode, int thread
      * differently based on whether a tun or tap style
      * tunnel.
      */
-    if (t->options.ifconfig_pool_defined)
+    if (t->options.ifconfig_pool_defined
+        || t->options.ifconfig_ipv6_pool_defined)
     {
         int pool_type = IFCONFIG_POOL_INDIV;