From patchwork Mon Nov 8 14:59:27 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lev Stipakov X-Patchwork-Id: 2069 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director13.mail.ord1d.rsapps.net ([172.30.191.6]) by backend30.mail.ord1d.rsapps.net with LMTP id UI3xA0bljGEORQAAIUCqbw (envelope-from ) for ; Thu, 11 Nov 2021 04:41:26 -0500 Received: from proxy19.mail.ord1d.rsapps.net ([172.30.191.6]) by director13.mail.ord1d.rsapps.net with LMTP id 0K/MA0bljGGvVgAA91zNiA (envelope-from ) for ; Thu, 11 Nov 2021 04:41:26 -0500 Received: from smtp35.gate.ord1d ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy19.mail.ord1d.rsapps.net with LMTPS id MHSAA0bljGHIfgAAyH2SIw (envelope-from ) for ; Thu, 11 Nov 2021 04:41:26 -0500 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp35.gate.ord1d.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=gmail.com; dmarc=fail (p=none; dis=none) header.from=gmail.com X-Suspicious-Flag: YES X-Classification-ID: 8967c482-42d3-11ec-a9be-525400a7b7b4-1-1 Received: from [216.105.38.7] ([216.105.38.7:40920] helo=lists.sourceforge.net) by smtp35.gate.ord1d.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id AB/30-19503-545EC816; Thu, 11 Nov 2021 04:41:25 -0500 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.94.2) (envelope-from ) id 1ml6ZJ-00052Y-CM; Thu, 11 Nov 2021 09:40:30 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1ml6ZH-00052B-Of for openvpn-devel@lists.sourceforge.net; Thu, 11 Nov 2021 09:40:28 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:Cc: To:From:Sender:Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=g5rj347qzNg23usqEFeiyucCKGhjdoODlx1eqguTfMQ=; b=diRkDxsBdqUw/yxdzIFWvlKj6A fWkKPa1MSCPMxOCvjGRCJPHxPqf7iJcQzE+TQZlXz+s9leLiHss85zqF3QgTuID+PZL2K7cRMycfR dfkzppfmZzhdJQ2bE4yMEHuVnfilsSXKX1UWVHPKwxdQajLsb4skqR3Li/lvPqxcYWkw=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=g5rj347qzNg23usqEFeiyucCKGhjdoODlx1eqguTfMQ=; b=g706Y7X4rRLQ76cm/jZ8+PlJn6 v8HmCjOpSeVBizCfeUs0L0mv6byXfIDFVmAj9dO+qzKZuZFSLsS2a17wvXjrkt+gAswYpxk51p1fI /gDFGLtSAThCLXjcxAjTgehcRY2hAAmzzbBudE1ssjnbrq7UohWkvkrwjnTiUOTNjhoQ=; Received: from mail-wm1-f46.google.com ([209.85.128.46]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.92.3) id 1ml6ZH-00070O-6I for openvpn-devel@lists.sourceforge.net; Thu, 11 Nov 2021 09:40:28 +0000 Received: by mail-wm1-f46.google.com with SMTP id f7-20020a1c1f07000000b0032ee11917ceso4006233wmf.0 for ; Thu, 11 Nov 2021 01:40:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=g5rj347qzNg23usqEFeiyucCKGhjdoODlx1eqguTfMQ=; b=jXe2RRlOS1i3TvHfYTNsIz8xLcCzrDx6cnmmStzxixcUimcV8t4EFowG6Q7zPF8O/d O5E41qqanwbV/01LCb9w5O5NgmucYRDVUyO1/1O7SaxPtiwkTo/j7ZmBCYmMpfrWUzSh H0Unedew+KPLxkYF7lvzO6KabHetQpqh8QRUNm0UE8uMPkj+g306pcIkhpIkZBPfMOzo rh0PzcQ1YFP3dQfxCN4r34Gk1qWR7Kv9zgnrTfcQh9tjYGBKtfTQlNK4FvmG2tMLIs/l eCHhzT8H++Xuf8y/j/plTIQYKdQyAlatRzwW6ngx0Mhw3QsbpIuFWwRyypxAh/B9Zd7O WGjA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=g5rj347qzNg23usqEFeiyucCKGhjdoODlx1eqguTfMQ=; b=Goa1t9bbGAIExbscKU0Xeaiz5wxZzX4alTbFNnO85mDlCqfPBdhWMmRh30XjDkfT5Y qWer5xCLRRpE3eMPz9spaFVeqvhTbtHYm02RIl7CYEsDqzp1WFSfcv9OD3VqNdMzSHYG jjPJCEQfGHO7Hr2MiuRErY8ES+v8utBLXuAIXTYnTqzg7QXKFYtYj0mc9U04qAT5K6o9 brL6/RYgJpgK8q10EadSk7F1aUkTgE3s+/fUR+p0RUQQ5tAeTysVSHQexkg+BCVqX+d+ pBiA1adZXsmGhw+wQeF/b73pKYkXZm5G/JA+MwOWNYwi3tbD4wspLaUnkt7myKQnVcV4 CgnA== X-Gm-Message-State: AOAM5337Ree1RFEyK9Dal6ivXmijCR99M0+MyjuH4j+ZhWBn65EJ3ybd RE5ndBoLOxSXP/+O2PmKJVAEtPmPSU4= X-Google-Smtp-Source: ABdhPJyPXlkLZj/d6Ac1+csN/Fok1v3I9xjRWj12w45ztMkxKpAVy0zisJUDS2RYyS+ggMTIpid3oA== X-Received: by 2002:a1c:208b:: with SMTP id g133mr6872791wmg.128.1636623620525; Thu, 11 Nov 2021 01:40:20 -0800 (PST) Received: from LAPTOP-4L3N7KFS.localdomain (nat1.panoulu.net. [185.38.2.1]) by smtp.gmail.com with ESMTPSA id h27sm9211205wmc.43.2021.11.11.01.40.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 11 Nov 2021 01:40:19 -0800 (PST) From: Lev Stipakov To: openvpn-devel@lists.sourceforge.net Date: Tue, 9 Nov 2021 03:59:27 +0200 Message-Id: <20211109015927.311-1-lstipakov@gmail.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: References: X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Lev Stipakov This is the rebase of original Selva Nair's patch which hasn't been merged: https://sourceforge.net/p/openvpn/mailman/message/34674818/ Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.128.46 listed in list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [lstipakov[at]gmail.com] -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.128.46 listed in wl.mailspike.net] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-Headers-End: 1ml6ZH-00070O-6I Subject: [Openvpn-devel] [PATCH] Use network address for emulated DHCP server as a default X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Lev Stipakov MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox From: Lev Stipakov This is the rebase of original Selva Nair's patch which hasn't been merged: https://sourceforge.net/p/openvpn/mailman/message/34674818/ and documentation change to reflect code changes, which is basically a revert of another Selva's patch (which got merged): https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13387.html For subnet topology use "offset 0" as default for calculating DHCP server address, which makes it equal to the network address. There is no know reason why non-zero default offset is needed. Besides, offset -1 breaks subnet /30 case, which in some cases is pushed by OpenVPN Cloud product. Signed-off-by: Lev Stipakov Signed-off-by: Lev Stipakov <lev@openvpn.net>
Acked-by: Gert Doering --- doc/man-sections/windows-options.rst | 2 +- src/openvpn/helper.c | 4 ++-- src/openvpn/tun.c | 9 +-------- 3 files changed, 4 insertions(+), 11 deletions(-) diff --git a/doc/man-sections/windows-options.rst b/doc/man-sections/windows-options.rst index eacb9af8..c389fbc4 100644 --- a/doc/man-sections/windows-options.rst +++ b/doc/man-sections/windows-options.rst @@ -93,7 +93,7 @@ Windows-Specific Options server to masquerade as if it were coming from the remote endpoint. The optional offset parameter is an integer which is > :code:`-256` - and < :code:`256` and which defaults to -1. If offset is positive, + and < :code:`256` and which defaults to 0. If offset is positive, the DHCP server will masquerade as the IP address at network address + offset. If offset is negative, the DHCP server will masquerade as the IP address at broadcast address + offset. diff --git a/src/openvpn/helper.c b/src/openvpn/helper.c index 032a71e8..4ac1cf8e 100644 --- a/src/openvpn/helper.c +++ b/src/openvpn/helper.c @@ -237,7 +237,7 @@ helper_client_server(struct options *o) * if tap OR (tun AND topology == subnet): * ifconfig 10.8.0.1 255.255.255.0 * if !nopool: - * ifconfig-pool 10.8.0.2 10.8.0.253 255.255.255.0 + * ifconfig-pool 10.8.0.2 10.8.0.254 255.255.255.0 * push "route-gateway 10.8.0.1" * if route-gateway unset: * route-gateway 10.8.0.2 @@ -340,7 +340,7 @@ helper_client_server(struct options *o) { o->ifconfig_pool_defined = true; o->ifconfig_pool_start = o->server_network + 2; - o->ifconfig_pool_end = (o->server_network | ~o->server_netmask) - 2; + o->ifconfig_pool_end = (o->server_network | ~o->server_netmask) - 1; ifconfig_pool_verify_range(M_USAGE, o->ifconfig_pool_start, o->ifconfig_pool_end); } o->ifconfig_pool_netmask = o->server_netmask; diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index 28f803ec..75d5eaf7 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -6357,14 +6357,7 @@ tuntap_dhcp_mask(const struct tuntap *tt, const char *device_guid) { if (tt->topology == TOP_SUBNET) { - if (tt->options.dhcp_masq_custom_offset) - { - ep[2] = dhcp_masq_addr(tt->local, tt->remote_netmask, tt->options.dhcp_masq_offset); - } - else - { - ep[2] = dhcp_masq_addr(tt->local, tt->remote_netmask, -1); - } + ep[2] = dhcp_masq_addr(tt->local, tt->remote_netmask, tt->options.dhcp_masq_custom_offset ? tt->options.dhcp_masq_offset : 0); } else {