From patchwork Thu Aug 15 02:10:53 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 809 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director11.mail.ord1d.rsapps.net ([172.31.255.6]) by backend30.mail.ord1d.rsapps.net with LMTP id 4LILORNMVV0xNgAAIUCqbw for ; Thu, 15 Aug 2019 08:12:03 -0400 Received: from proxy15.mail.iad3b.rsapps.net ([172.31.255.6]) by director11.mail.ord1d.rsapps.net with LMTP id EN+7NhNMVV2TNwAAvGGmqA ; Thu, 15 Aug 2019 08:12:03 -0400 Received: from smtp12.gate.iad3b ([172.31.255.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy15.mail.iad3b.rsapps.net with LMTP id cPsrMRNMVV3qewAAhyf7VQ ; Thu, 15 Aug 2019 08:12:03 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp12.gate.iad3b.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: e3607226-bf55-11e9-9c77-525400ae1f9d-1-1 Received: from [216.105.38.7] ([216.105.38.7:43868] helo=lists.sourceforge.net) by smtp12.gate.iad3b.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 84/99-01973-21C455D5; Thu, 15 Aug 2019 08:12:02 -0400 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1hyEau-0005kd-Hn; Thu, 15 Aug 2019 12:11:04 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1hyEas-0005kO-PA for openvpn-devel@lists.sourceforge.net; Thu, 15 Aug 2019 12:11:02 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:To: From:Sender:Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=NeaHwjqhamiobgg6A8/iqdfUPoO0hbz7c5mmvVk30zQ=; b=P4com7EAwnBj7xfGg1S+U3XHwp wLDceCPKsjiEQFnaqMnVj4R/2hhtTsrw93/z5PRQAnutHZBXn1L2s0wpZDyYyM3btehTAfqao2k2E mMrL1SPBKHl9XP+41OKQvRMfUhRX//9jUiPo878J1IHUWF8j64/fNkjFupFi4PVatVrQ=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=NeaHwjqhamiobgg6A8/iqdfUPoO0hbz7c5mmvVk30zQ=; b=FQqP/loKid3cQqTfYsf9++5PBG 8BDXgQwmBYU/4PEDP8nGNBPydrmump2F7byrDxGHeb1hxUTVcK3fLtbLW0SMDz1e08ciRO5pv3g8m KTi3gW+W+dKYYa7/8LOxdkA92NH48CR3z7hQ+8IiKW8a1+trTUspxMcDUHQ19k8nwuI8=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-3.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) id 1hyEar-004tHV-Fj for openvpn-devel@lists.sourceforge.net; Thu, 15 Aug 2019 12:11:02 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.92.1 (FreeBSD)) (envelope-from ) id 1hyEaj-000K3g-7m for openvpn-devel@lists.sourceforge.net; Thu, 15 Aug 2019 14:10:53 +0200 Received: (nullmailer pid 18483 invoked by uid 10006); Thu, 15 Aug 2019 12:10:53 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Thu, 15 Aug 2019 14:10:53 +0200 Message-Id: <20190815121053.18433-2-arne@rfc2549.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190815121053.18433-1-arne@rfc2549.org> References: <20190812134513.20758-1-arne@rfc2549.org> <20190815121053.18433-1-arne@rfc2549.org> X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: rfc2549.org] 0.2 AWL AWL: Adjusted score from AWL reputation of From: address X-Headers-End: 1hyEar-004tHV-Fj Subject: [Openvpn-devel] [PATCH v2 2/2] Adjust Android code after sitnl patch merge X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox It turns out that the only part of Android that still shares routing code with Linux is the get_default_ipv6 method. Instead of fixing a method that makes little sense on Android anyway, have a method that returns a fake ipv6 gateway like for ipv4. Patch V2: Instead adding ANDROID to a long list of ifdefs, change this to a non LINUX ifdef Signed-off-by: Arne Schwabe Acked-by: Gert Doering --- src/openvpn/route.c | 63 ++++++++++++++++++++++++++++++--------------- src/openvpn/tun.c | 22 ++++------------ 2 files changed, 47 insertions(+), 38 deletions(-) diff --git a/src/openvpn/route.c b/src/openvpn/route.c index 1b5eacea..165fce92 100644 --- a/src/openvpn/route.c +++ b/src/openvpn/route.c @@ -3170,7 +3170,48 @@ show_routes(int msglev) gc_free(&gc); } -#elif defined(TARGET_LINUX) || defined(TARGET_ANDROID) +#elif defined(TARGET_ANDROID) + +void +get_default_gateway(struct route_gateway_info *rgi, openvpn_net_ctx_t *ctx) +{ + /* Android, set some pseudo GW, addr is in host byte order, + * Determining the default GW on Android 5.0+ is non trivial + * and serves almost no purpose since OpenVPN only uses the + * default GW address to add routes for networks that should + * NOT be routed over the VPN. Using a well known address + * (127.'d'.'g'.'w') for the default GW make detecting + * these routes easier from the controlling app. + */ + CLEAR(*rgi); + + rgi->gateway.addr = 127 << 24 | 'd' << 16 | 'g' << 8 | 'w'; + rgi->flags = RGI_ADDR_DEFINED | RGI_IFACE_DEFINED; + strcpy(rgi->iface, "android-gw"); + + /* Skip scanning/fetching interface from loopback interface we do + * normally on Linux. + * It always fails and "ioctl(SIOCGIFCONF) failed" confuses users + */ + +} + +void +get_default_gateway_ipv6(struct route_ipv6_gateway_info *rgi6, + const struct in6_addr *dest, openvpn_net_ctx_t *ctx) +{ + /* Same for ipv6 */ + + CLEAR(*rgi6); + + /* Use a fake link-local address */ + ASSERT(inet_pton(AF_INET6, "fe80::ad", &rgi6->addrs->addr_ipv6) == 1); + rgi6->addrs->netbits_ipv6 = 64; + rgi6->flags = RGI_ADDR_DEFINED | RGI_IFACE_DEFINED; + strcpy(rgi6->iface, "android-gw"); +} + +#elif defined(TARGET_LINUX) void get_default_gateway(struct route_gateway_info *rgi, openvpn_net_ctx_t *ctx) @@ -3182,7 +3223,6 @@ get_default_gateway(struct route_gateway_info *rgi, openvpn_net_ctx_t *ctx) CLEAR(*rgi); CLEAR(best_name); -#ifndef TARGET_ANDROID /* get default gateway IP addr */ if (net_route_v4_best_gw(ctx, NULL, &rgi->gateway.addr, best_name) == 0) { @@ -3192,25 +3232,6 @@ get_default_gateway(struct route_gateway_info *rgi, openvpn_net_ctx_t *ctx) rgi->flags |= RGI_ON_LINK; } } -#else /* ifndef TARGET_ANDROID */ - /* Android, set some pseudo GW, addr is in host byte order, - * Determining the default GW on Android 5.0+ is non trivial - * and serves almost no purpose since OpenVPN only uses the - * default GW address to add routes for networks that should - * NOT be routed over the VPN. Using a well known address - * (127.'d'.'g'.'w') for the default GW make detecting - * these routes easier from the controlling app. - */ - rgi->gateway.addr = 127 << 24 | 'd' << 16 | 'g' << 8 | 'w'; - rgi->flags |= RGI_ADDR_DEFINED; - strcpy(best_name, "android-gw"); - - /* - * Skip scanning/fetching interface from loopback interface - * It always fails and "ioctl(SIOCGIFCONF) failed" confuses users - */ - goto done; -#endif /* ifndef TARGET_ANDROID */ /* scan adapter list */ if (rgi->flags & RGI_ADDR_DEFINED) diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index 8f8f7c6c..d4735640 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -878,10 +878,7 @@ static void do_ifconfig_ipv6(struct tuntap *tt, const char *ifname, int tun_mtu, const struct env_set *es, openvpn_net_ctx_t *ctx) { -#if defined(TARGET_OPENBSD) || defined(TARGET_NETBSD) \ - || defined(TARGET_DARWIN) || defined(TARGET_FREEBSD) \ - || defined(TARGET_DRAGONFLY) || defined(TARGET_AIX) \ - || defined(TARGET_SOLARIS) || defined(_WIN32) +#if !defined(TARGET_LINUX) struct argv argv = argv_new(); struct gc_arena gc = gc_new(); const char *ifconfig_ipv6_local = print_in6_addr(tt->local_ipv6, 0, &gc); @@ -907,7 +904,7 @@ do_ifconfig_ipv6(struct tuntap *tt, const char *ifname, int tun_mtu, char out6[64]; openvpn_snprintf(out6, sizeof(out6), "%s/%d %d", - ifconfig_ipv6_local,tt->netbits_ipv6, tun_mtu); + ifconfig_ipv6_local, tt->netbits_ipv6, tun_mtu); management_android_control(management, "IFCONFIG6", out6); #elif defined(TARGET_SOLARIS) argv_printf(&argv, "%s %s inet6 unplumb", IFCONFIG_PATH, ifname); @@ -1015,10 +1012,7 @@ do_ifconfig_ipv6(struct tuntap *tt, const char *ifname, int tun_mtu, msg(M_FATAL, "Sorry, but I don't know how to do IPv6 'ifconfig' commands on this operating system. You should ifconfig your TUN/TAP device manually or use an --up script."); #endif /* outer "if defined(TARGET_xxx)" conditional */ -#if defined(TARGET_OPENBSD) || defined(TARGET_NETBSD) \ - || defined(TARGET_DARWIN) || defined(TARGET_FREEBSD) \ - || defined(TARGET_DRAGONFLY) || defined(TARGET_AIX) \ - || defined(TARGET_SOLARIS) || defined(_WIN32) +#if !defined(TARGET_LINUX) gc_free(&gc); argv_reset(&argv); #endif @@ -1042,10 +1036,7 @@ do_ifconfig_ipv4(struct tuntap *tt, const char *ifname, int tun_mtu, */ bool tun = is_tun_p2p(tt); -#if defined(TARGET_OPENBSD) || defined(TARGET_NETBSD) \ - || defined(TARGET_DARWIN) || defined(TARGET_FREEBSD) \ - || defined(TARGET_DRAGONFLY) || defined(TARGET_AIX) \ - || defined(TARGET_SOLARIS) || defined(_WIN32) +#if !defined(TARGET_LINUX) const char *ifconfig_local = NULL; const char *ifconfig_remote_netmask = NULL; const char *ifconfig_broadcast = NULL; @@ -1396,10 +1387,7 @@ do_ifconfig_ipv4(struct tuntap *tt, const char *ifname, int tun_mtu, msg(M_FATAL, "Sorry, but I don't know how to do 'ifconfig' commands on this operating system. You should ifconfig your TUN/TAP device manually or use an --up script."); #endif /* if defined(TARGET_LINUX) */ -#if defined(TARGET_OPENBSD) || defined(TARGET_NETBSD) \ - || defined(TARGET_DARWIN) || defined(TARGET_FREEBSD) \ - || defined(TARGET_DRAGONFLY) || defined(TARGET_AIX) \ - || defined(TARGET_SOLARIS) || defined(_WIN32) +#if !defined(TARGET_LINUX) gc_free(&gc); argv_reset(&argv); #endif