Message ID | 20240221111814.942965-1-frank@lichtenheld.com |
---|---|
State | Accepted |
Headers | show |
Series | [Openvpn-devel,v2] Route: remove incorrect routes on exit | expand |
This is a good find, and a somewhat stupid oversight - even if not easy to trigger. What you need so this has an effect is a pre-existing host route to the VPN server and then a "route add" fail (easy to trigger on the BSDs, EEXIST because "only 1 route can exist") - and because we do not remember, we try "route delete" later on and delete the *other* route, messing up our routing table. Which is something t_client even checks for ("is 'route print' the same as before?") but you need a host route to begin with - added t_client tests, breaks without the patch, works with the patch. Thanks :-) I've changed the commit message slightly ("Trac: #1457" is the standard format). Your patch has been applied to the master and release/2.6 branch (bugfix). commit 14d2db6cd41fb6414992869caf109972d7a8275e (master) commit 4ad3aa5a2b6838650ca98fd92994eab7108c1e8b (release/2.6) Author: Gianmarco De Gregori Date: Wed Feb 21 12:18:14 2024 +0100 Route: remove incorrect routes on exit Signed-off-by: Gianmarco De Gregori <gianmarco@mandelbit.com> Acked-by: Frank Lichtenheld <frank@lichtenheld.com> Message-Id: <20240221111814.942965-1-frank@lichtenheld.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg28290.html Signed-off-by: Gert Doering <gert@greenie.muc.de> -- kind regards, Gert Doering
diff --git a/src/openvpn/route.c b/src/openvpn/route.c index 6c027d9..6ab4392 100644 --- a/src/openvpn/route.c +++ b/src/openvpn/route.c @@ -1055,7 +1055,10 @@ ret = add_route3(rl->spec.remote_host, IPV4_NETMASK_HOST, rl->rgi.gateway.addr, tt, flags | ROUTE_REF_GW, &rl->rgi, es, ctx); - rl->iflags |= RL_DID_LOCAL; + if (ret) + { + rl->iflags |= RL_DID_LOCAL; + } } else {