[Openvpn-devel] OpenBSD: repair --show-gateway

Message ID	20240101094054.38869-1-gert@greenie.muc.de
State	Accepted
Headers	show Return-Path: <openvpn-devel-bounces@lists.sourceforge.net> Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; From: Gert Doering <gert@greenie.muc.de> To: openvpn-devel@lists.sourceforge.net Date: Mon, 1 Jan 2024 10:40:54 +0100 Message-ID: <20240101094054.38869-1-gert@greenie.muc.de> MIME-Version: 1.0 preview: OpenBSD route sockets do not want to be passed RTA_IFP on RTM_GET - if we do this, we get back EINVAL. On other platforms, if we do not request RTA_IFP, we will not get back interface information for queried routes - on OpenBSD, RTA_IFP comes back always... Content analysis details: (-0.0 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record -0.0 T_SCC_BODY_TEXT_LINE No description available. Subject: [Openvpn-devel] [PATCH] OpenBSD: repair --show-gateway Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox
Series	[Openvpn-devel] OpenBSD: repair --show-gateway \| expand [Openvpn-devel] OpenBSD: repair --show-gateway

Message ID

20240101094054.38869-1-gert@greenie.muc.de

State

Accepted

Headers

Received-SPF: pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) client-ip=216.105.38.7;
From: Gert Doering <gert@greenie.muc.de>
To: openvpn-devel@lists.sourceforge.net
Date: Mon,  1 Jan 2024 10:40:54 +0100
Message-ID: <20240101094054.38869-1-gert@greenie.muc.de>
MIME-Version: 1.0
Subject: [Openvpn-devel] [PATCH] OpenBSD: repair --show-gateway
Precedence: list
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: openvpn-devel-bounces@lists.sourceforge.net

Series

[Openvpn-devel] OpenBSD: repair --show-gateway | expand

Commit Message

Gert Doering Jan. 1, 2024, 9:40 a.m. UTC

OpenBSD route sockets do not want to be passed RTA_IFP on RTM_GET
- if we do this, we get back EINVAL.

On other platforms, if we do not request RTA_IFP, we will not get
back interface information for queried routes - on OpenBSD, RTA_IFP
comes back always...

So we need to #ifdef this, RTA_IFP on all platforms except OpenBSD.

(Found this fix in OpenBSD's ports tree, in their patches for OpenVPN
2.6.8 - but they just remove RTA_IFP, no #ifdef, so we can't just apply
their patch)

While at it, add M_ERRNO to the "write to routing socket" error message.

Signed-off-by: Gert Doering <gert@greenie.muc.de>
---
 src/openvpn/route.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

Comments

Arne Schwabe Jan. 1, 2024, 1:50 p.m. UTC | #1

Am 01.01.24 um 10:40 schrieb Gert Doering:
> OpenBSD route sockets do not want to be passed RTA_IFP on RTM_GET
> - if we do this, we get back EINVAL.
> 
> On other platforms, if we do not request RTA_IFP, we will not get
> back interface information for queried routes - on OpenBSD, RTA_IFP
> comes back always...
> 
> So we need to #ifdef this, RTA_IFP on all platforms except OpenBSD.
> 
> (Found this fix in OpenBSD's ports tree, in their patches for OpenVPN
> 2.6.8 - but they just remove RTA_IFP, no #ifdef, so we can't just apply
> their patch)
> 
> While at it, add M_ERRNO to the "write to routing socket" error message.

Acked-By: Arne Schwabe <arne@rfc2549.org>

Gert Doering Jan. 1, 2024, 3:21 p.m. UTC | #2

Patch has been applied to the master and release/2.6 branch (bugfix).

commit acf6f33987c72d9151f68eb618bbaf2d10e61877 (master)
commit 77376fc5cf6235493bff78794c9c6589e3f710ad (release/2.6)
Author: Gert Doering
Date:   Mon Jan 1 10:40:54 2024 +0100

     OpenBSD: repair --show-gateway

     Signed-off-by: Gert Doering <gert@greenie.muc.de>
     Acked-by: Arne Schwabe <arne@rfc2549.org>
     Message-Id: <20240101094054.38869-1-gert@greenie.muc.de>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27892.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering

diff --git a/src/openvpn/route.c b/src/openvpn/route.c
index f75199c6..b05729f1 100644
--- a/src/openvpn/route.c
+++ b/src/openvpn/route.c
@@ -3518,7 +3518,11 @@  get_default_gateway(struct route_gateway_info *rgi, openvpn_net_ctx_t *ctx)
     /* setup data to send to routing socket */
     pid = getpid();
     seq = 0;
+#ifdef TARGET_OPENBSD
+    rtm_addrs = RTA_DST | RTA_NETMASK;		/* Kernel refuses RTA_IFP */
+#else
     rtm_addrs = RTA_DST | RTA_NETMASK | RTA_IFP;
+#endif
 
     bzero(&m_rtmsg, sizeof(m_rtmsg));
     bzero(&so_dst, sizeof(so_dst));
@@ -3556,7 +3560,7 @@  get_default_gateway(struct route_gateway_info *rgi, openvpn_net_ctx_t *ctx)
     }
     if (write(sockfd, (char *)&m_rtmsg, l) < 0)
     {
-        msg(M_WARN, "GDG: problem writing to routing socket");
+        msg(M_WARN|M_ERRNO, "GDG: problem writing to routing socket");
         goto done;
     }
     do
@@ -3733,7 +3737,11 @@  get_default_gateway_ipv6(struct route_ipv6_gateway_info *rgi6,
     /* setup data to send to routing socket */
     pid = getpid();
     seq = 0;
+#ifdef TARGET_OPENBSD
+    rtm_addrs = RTA_DST | RTA_NETMASK;		/* Kernel refuses RTA_IFP */
+#else
     rtm_addrs = RTA_DST | RTA_NETMASK | RTA_IFP;
+#endif
 
     bzero(&m_rtmsg, sizeof(m_rtmsg));
     bzero(&so_dst, sizeof(so_dst));