From patchwork Fri Sep 6 16:25:14 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Frank Lichtenheld X-Patchwork-Id: 3807 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:6bd4:b0:5b9:581e:f939 with SMTP id c20csp248861max; Fri, 6 Sep 2024 09:25:48 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCXNwhv02pNLtm4m4k8+DHOE5xykjzEBhDNoxagwhYZd5g8WjKttXYAmBoaWYzXDxtz+hNpVZQ2QK4I=@openvpn.net X-Google-Smtp-Source: AGHT+IH4oZTAFU25h0vgVY6ddw8yUca+V5C7pxEulgSliU/rOIAHP8VpWm+Xg72vOtprT6yZmZFD X-Received: by 2002:a05:6a00:148a:b0:717:8d52:643 with SMTP id d2e1a72fcca58-718d5e566c6mr4163381b3a.11.1725639948024; Fri, 06 Sep 2024 09:25:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1725639948; cv=none; d=google.com; s=arc-20240605; b=IwTQB06F4R0yprlIaQpE5rtU9PrmKyT7sE3EVCtmxBfwskoDvXvtNUll/jPuElXOOQ 6Swsf8XGPT3iyt8H0PuuK+aBeHYwhsAMUZvKseQeB8AHlItBwD8LglscAQ6Ad93cM4cy GXStxt3gXk2MkE/9jc+UT+kKHLepe952hOe1i9P2nxNN34WhbKV2ADm3dbCrvmwX+CNR ShIU2F/JgrJWAM1fN48ohVkcTG0qLqNsT8Xn47OiUYGiCG28PoGhomP18VMCr2ECIyZl aoDuJlzQuwrmF7AoKzcy4qFIvxwg7Zk2PdTNEeF5ejjhfWipfMueOLVQ8bs4/iC7t3JW 5psw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:cc:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=4jkE0DsvqQjqdjNjIVZ4L8C2xX4sLVXXNHgUwqXYfKw=; fh=CfxSpwd5kfiMJoL3kcov7PTxVKT7pGe/79idnx9XlBs=; b=PfcT0y6ohUtsgMCF94i5RrLyWISdnImiUWsKctRqFcJqxAIKzMz/tlRNrUWdqirSpn E9EZnRHZrrnqf5W36QHHthFIwlHGZPXegpb5FZ7sGV6Op6yfyb7U/ncbf3N8wVTfGZy0 1LElveXTBlgxzxBkf/YptoYovAq0pY43u9F8LMC0nYzXXWrSxPUUBAkb/+c2M8CXd8qZ TeRSX7OKxOemDrTSXP0Dep+s8cvxsY2UVU5BfgTqUpfEb4qxS5BNFILcn2MDgYCpiZIq c3IqzumP674vtPGlHi5Zcke8TOavcIY7Hxu53Cv14jpufRr0j4C8Pm0DPIJcQaX82Ceu jC6g==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=M93PPYOk; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=Ve5APb8s; dkim=neutral (body hash did not verify) header.i=@lichtenheld.com header.s=MBO0001 header.b=QqmBs2Tt; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id d2e1a72fcca58-717977238d7si3092401b3a.283.2024.09.06.09.25.47 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 06 Sep 2024 09:25:47 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=M93PPYOk; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=Ve5APb8s; dkim=neutral (body hash did not verify) header.i=@lichtenheld.com header.s=MBO0001 header.b=QqmBs2Tt; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1smbm4-0000Dv-Px; Fri, 06 Sep 2024 16:25:28 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1smbm3-0000Do-51 for openvpn-devel@lists.sourceforge.net; Fri, 06 Sep 2024 16:25:27 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=WaoErKCfWNkB/LOFINoaqoy5X/yRYkmaNuzc3HCKawY=; b=M93PPYOkmsBb8b1YlohHVYaAkb rS7poVz8Q8R/JajzDDy38ywt6oIRrMehjySvpWRQaUKTByQzvK0qa8oW0txIwzUEYOan2TS3Pbczz xnyC6WL4k6rIgowOWBnH39KvTpj/slRYlOdlQZlmrCmE9OozNbVsPhgCGJIoUxJG0p2o=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=WaoErKCfWNkB/LOFINoaqoy5X/yRYkmaNuzc3HCKawY=; b=Ve5APb8sCu0JdwNgkhhq8VE8hg nWC0oUVwCy7q639b7iQsTLa893pkUIIRCZwRd2Rp+4Ehm91ZBg73hX1LQRdKI30z6D+MSA0vuuOCx hZnsA/Fbh2ILvnLUi4H5tfXwdamfofVIpkrRhefBSi2oba5JbwHMR8AV9o/2SiThIlmM=; Received: from mout-p-102.mailbox.org ([80.241.56.152]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1smbm1-00082l-Bz for openvpn-devel@lists.sourceforge.net; Fri, 06 Sep 2024 16:25:27 +0000 Received: from smtp1.mailbox.org (smtp1.mailbox.org [IPv6:2001:67c:2050:b231:465::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-102.mailbox.org (Postfix) with ESMTPS id 4X0hR06Qtfz9tGX; Fri, 6 Sep 2024 18:25:16 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lichtenheld.com; s=MBO0001; t=1725639916; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=WaoErKCfWNkB/LOFINoaqoy5X/yRYkmaNuzc3HCKawY=; b=QqmBs2TtBK9gBdZ47ejnSBcfC8ayvPv6jUrUQiK2JboOiZMFuO/IeA+IhblPvWfRIemtVd PkN2eQmGU/pJtqwczah3WqrOuVbP09eygvz87t0r8wNkrV7kI+Xy0RGOPsccX9L/0nX7bS retGZLbNJZVEkPcJ5YpMlyC7DbjpOPTxrKugqMjaj7Je5JH/efPVTHhcQ6nl2Tmkl8Ar46 MeocObkuIhtwoJEK1LZxDgutFksJWP9foe8SGTBV+KbX7334KQ40l6rHjTujV6DQuY5RnK RFfCIrmnUvU7WfkaQFQ+CjKKRjzNJK0jg5gDjjhxwsZgUTc1yq5dRFCYfMuwPw== From: Frank Lichtenheld To: openvpn-devel@lists.sourceforge.net Date: Fri, 6 Sep 2024 18:25:14 +0200 Message-Id: <20240906162514.78671-1-frank@lichtenheld.com> In-Reply-To: References: MIME-Version: 1.0 X-Rspamd-Queue-Id: 4X0hR06Qtfz9tGX X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Using "tun" as the variable name for the return of is_tun_p2p is probably a historical accident. But it has actual consequences in that the other code often seems to assume that it does less checks th [...] Content analysis details: (-0.9 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [80.241.56.152 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1smbm1-00082l-Bz Subject: [Openvpn-devel] [PATCH v8] tun: use is_tun_p2p more consistently X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Arne Schwabe Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1783168161790048185?= X-GMAIL-MSGID: =?utf-8?q?1809464634136559321?= Using "tun" as the variable name for the return of is_tun_p2p is probably a historical accident. But it has actual consequences in that the other code often seems to assume that it does less checks than it actually does. Use "tun_p2p" as the variable name and remove checks that are not required. Also use is_tun_p2p in more places. Change-Id: Ice8b95f953c3f7e71657a78ea12b02a08c60aa67 Signed-off-by: Frank Lichtenheld Acked-by: Arne Schwabe --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/380 This mail reflects revision 8 of this Change. Acked-by according to Gerrit (reflected above): Arne Schwabe diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index ce3d882..739e008 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -499,31 +499,31 @@ static const char ifconfig_warn_how_to_silence[] = "(silence this warning with --ifconfig-nowarn)"; /* - * If !tun, make sure ifconfig_remote_netmask looks + * If !tun_p2p, make sure ifconfig_remote_netmask looks * like a netmask. * - * If tun, make sure ifconfig_remote_netmask looks + * If tun_p2p, make sure ifconfig_remote_netmask looks * like an IPv4 address. */ static void -ifconfig_sanity_check(bool tun, in_addr_t addr, int topology) +ifconfig_sanity_check(bool tun_p2p, in_addr_t addr) { struct gc_arena gc = gc_new(); const bool looks_like_netmask = ((addr & 0xFF000000) == 0xFF000000); - if (tun) + if (tun_p2p) { - if (looks_like_netmask && (topology == TOP_NET30 || topology == TOP_P2P)) + if (looks_like_netmask) { msg(M_WARN, "WARNING: Since you are using --dev tun with a point-to-point topology, the second argument to --ifconfig must be an IP address. You are using something (%s) that looks more like a netmask. %s", print_in_addr_t(addr, 0, &gc), ifconfig_warn_how_to_silence); } } - else /* tap */ + else { if (!looks_like_netmask) { - msg(M_WARN, "WARNING: Since you are using --dev tap, the second argument to --ifconfig must be a netmask, for example something like 255.255.255.0. %s", + msg(M_WARN, "WARNING: Since you are using subnet topology, the second argument to --ifconfig must be a netmask, for example something like 255.255.255.0. %s", ifconfig_warn_how_to_silence); } } @@ -667,13 +667,13 @@ struct buffer out = alloc_buf_gc(256, gc); if (tt->did_ifconfig_setup && !disable) { - if (tt->type == DEV_TYPE_TAP || (tt->type == DEV_TYPE_TUN && tt->topology == TOP_SUBNET)) + if (!is_tun_p2p(tt)) { buf_printf(&out, "%s %s", print_in_addr_t(tt->local & tt->remote_netmask, 0, gc), print_in_addr_t(tt->remote_netmask, 0, gc)); } - else if (tt->type == DEV_TYPE_TUN) + else if (tt->type == DEV_TYPE_TUN) /* tun p2p topology */ { const char *l, *r; if (remote) @@ -737,24 +737,24 @@ bool is_tun_p2p(const struct tuntap *tt) { - bool tun = false; + bool tun_p2p = false; if (tt->type == DEV_TYPE_TAP || (tt->type == DEV_TYPE_TUN && tt->topology == TOP_SUBNET) || tt->type == DEV_TYPE_NULL) { - tun = false; + tun_p2p = false; } else if (tt->type == DEV_TYPE_TUN) { - tun = true; + tun_p2p = true; } else { msg(M_FATAL, "Error: problem with tun vs. tap setting"); /* JYFIXME -- needs to be caught earlier, in init_tun? */ } - return tun; + return tun_p2p; } /* @@ -831,12 +831,10 @@ if (ifconfig_local_parm && ifconfig_remote_netmask_parm) { - bool tun = false; - /* * We only handle TUN/TAP devices here, not --dev null devices. */ - tun = is_tun_p2p(tt); + bool tun_p2p = is_tun_p2p(tt); /* * Convert arguments to binary IPv4 addresses. @@ -853,7 +851,7 @@ NULL); tt->remote_netmask = getaddr( - (tun ? GETADDR_RESOLVE : 0) + (tun_p2p ? GETADDR_RESOLVE : 0) | GETADDR_HOST_ORDER | GETADDR_FATAL_ON_SIGNAL | GETADDR_FATAL, @@ -868,7 +866,7 @@ if (strict_warn) { struct addrinfo *curele; - ifconfig_sanity_check(tt->type == DEV_TYPE_TUN, tt->remote_netmask, tt->topology); + ifconfig_sanity_check(tun_p2p, tt->remote_netmask); /* * If local_public or remote_public addresses are defined, @@ -899,11 +897,11 @@ } } - if (tt->type == DEV_TYPE_TAP || (tt->type == DEV_TYPE_TUN && tt->topology == TOP_SUBNET)) + if (!tun_p2p) { check_subnet_conflict(tt->local, tt->remote_netmask, "TUN/TAP adapter"); } - else if (tt->type == DEV_TYPE_TUN) + else { check_subnet_conflict(tt->local, IPV4_NETMASK_HOST, "TUN/TAP adapter"); } @@ -914,7 +912,7 @@ * Make sure that both ifconfig addresses are part of the * same .252 subnet. */ - if (tun) + if (tun_p2p) { verify_255_255_255_252(tt->local, tt->remote_netmask); tt->adapter_netmask = ~3; @@ -1297,7 +1295,7 @@ /* * We only handle TUN/TAP devices here, not --dev null devices. */ - bool tun = is_tun_p2p(tt); + bool tun_p2p = is_tun_p2p(tt); #endif #if !defined(TARGET_LINUX) @@ -1324,7 +1322,7 @@ msg(M_FATAL, "Linux can't bring %s up", ifname); } - if (tun) + if (tun_p2p) { if (net_addr_ptp_v4_add(ctx, ifname, &tt->local, &tt->remote_netmask) < 0) @@ -1343,27 +1341,8 @@ #elif defined(TARGET_ANDROID) char out[64]; - char *top; - switch (tt->topology) - { - case TOP_NET30: - top = "net30"; - break; - - case TOP_P2P: - top = "p2p"; - break; - - case TOP_SUBNET: - top = "subnet"; - break; - - default: - top = "undef"; - } - snprintf(out, sizeof(out), "%s %s %d %s", ifconfig_local, - ifconfig_remote_netmask, tun_mtu, top); + ifconfig_remote_netmask, tun_mtu, print_topology(tt->topology)); management_android_control(management, "IFCONFIG", out); #elif defined(TARGET_SOLARIS) @@ -1372,7 +1351,7 @@ * ifconfig tun2 10.2.0.2 10.2.0.1 mtu 1450 up * ifconfig tun2 netmask 255.255.255.255 */ - if (tun) + if (tun_p2p) { argv_printf(&argv, "%s %s %s %s mtu %d up", IFCONFIG_PATH, ifname, ifconfig_local, ifconfig_remote_netmask, tun_mtu); @@ -1386,13 +1365,13 @@ argv_printf(&argv, "%s %s netmask 255.255.255.255", IFCONFIG_PATH, ifname); } - else if (tt->type == DEV_TYPE_TUN && tt->topology == TOP_SUBNET) + else if (tt->type == DEV_TYPE_TUN) { argv_printf(&argv, "%s %s %s %s netmask %s mtu %d up", IFCONFIG_PATH, ifname, ifconfig_local, ifconfig_local, ifconfig_remote_netmask, tun_mtu); } - else + else /* tap */ { argv_printf(&argv, "%s %s %s netmask %s up", IFCONFIG_PATH, ifname, ifconfig_local, @@ -1405,7 +1384,7 @@ solaris_error_close(tt, es, ifname, false); } - if (!tun && tt->type == DEV_TYPE_TUN && tt->topology == TOP_SUBNET) + if (!tun_p2p && tt->type == DEV_TYPE_TUN) { /* Add a network route for the local tun interface */ struct route_ipv4 r; @@ -1429,14 +1408,14 @@ */ /* example: ifconfig tun2 10.2.0.2 10.2.0.1 mtu 1450 netmask 255.255.255.255 up */ - if (tun) + if (tun_p2p) { argv_printf(&argv, "%s %s %s %s mtu %d netmask 255.255.255.255 up -link0", IFCONFIG_PATH, ifname, ifconfig_local, ifconfig_remote_netmask, tun_mtu); } - else if (tt->type == DEV_TYPE_TUN && tt->topology == TOP_SUBNET) + else if (tt->type == DEV_TYPE_TUN) { remote_end = create_arbitrary_remote( tt ); argv_printf(&argv, "%s %s %s %s mtu %d netmask %s up -link0", @@ -1444,7 +1423,7 @@ print_in_addr_t(remote_end, 0, &gc), tun_mtu, ifconfig_remote_netmask); } - else + else /* tap */ { argv_printf(&argv, "%s %s %s netmask %s mtu %d link0", IFCONFIG_PATH, ifname, ifconfig_local, @@ -1454,7 +1433,7 @@ openvpn_execve_check(&argv, es, S_FATAL, "OpenBSD ifconfig failed"); /* Add a network route for the local tun interface */ - if (!tun && tt->type == DEV_TYPE_TUN && tt->topology == TOP_SUBNET) + if (!tun_p2p && tt->type == DEV_TYPE_TUN) { struct route_ipv4 r; CLEAR(r); @@ -1468,20 +1447,20 @@ #elif defined(TARGET_NETBSD) in_addr_t remote_end = INADDR_ANY; /* for "virtual" subnet topology */ - if (tun) + if (tun_p2p) { argv_printf(&argv, "%s %s %s %s mtu %d netmask 255.255.255.255 up", IFCONFIG_PATH, ifname, ifconfig_local, ifconfig_remote_netmask, tun_mtu); } - else if (tt->type == DEV_TYPE_TUN && tt->topology == TOP_SUBNET) + else if (tt->type == DEV_TYPE_TUN) { remote_end = create_arbitrary_remote(tt); argv_printf(&argv, "%s %s %s %s mtu %d netmask %s up", IFCONFIG_PATH, ifname, ifconfig_local, print_in_addr_t(remote_end, 0, &gc), tun_mtu, ifconfig_remote_netmask); } - else + else /* tap */ { /* * NetBSD has distinct tun and tap devices @@ -1496,7 +1475,7 @@ openvpn_execve_check(&argv, es, S_FATAL, "NetBSD ifconfig failed"); /* Add a network route for the local tun interface */ - if (!tun && tt->type == DEV_TYPE_TUN && tt->topology == TOP_SUBNET) + if (!tun_p2p && tt->type == DEV_TYPE_TUN) { struct route_ipv4 r; CLEAR(r); @@ -1520,33 +1499,30 @@ /* example: ifconfig tun2 10.2.0.2 10.2.0.1 mtu 1450 netmask 255.255.255.255 up */ - if (tun) + if (tun_p2p) { argv_printf(&argv, "%s %s %s %s mtu %d netmask 255.255.255.255 up", IFCONFIG_PATH, ifname, ifconfig_local, ifconfig_remote_netmask, tun_mtu); } - else + else if (tt->type == DEV_TYPE_TUN) { - if (tt->type == DEV_TYPE_TUN && tt->topology == TOP_SUBNET) - { - argv_printf(&argv, "%s %s %s %s netmask %s mtu %d up", - IFCONFIG_PATH, ifname, ifconfig_local, ifconfig_local, - ifconfig_remote_netmask, tun_mtu); - } - else - { - argv_printf(&argv, "%s %s %s netmask %s mtu %d up", IFCONFIG_PATH, - ifname, ifconfig_local, ifconfig_remote_netmask, - tun_mtu); - } + argv_printf(&argv, "%s %s %s %s netmask %s mtu %d up", + IFCONFIG_PATH, ifname, ifconfig_local, ifconfig_local, + ifconfig_remote_netmask, tun_mtu); + } + else /* tap */ + { + argv_printf(&argv, "%s %s %s netmask %s mtu %d up", IFCONFIG_PATH, + ifname, ifconfig_local, ifconfig_remote_netmask, + tun_mtu); } argv_msg(M_INFO, &argv); openvpn_execve_check(&argv, es, S_FATAL, "Mac OS X ifconfig failed"); /* Add a network route for the local tun interface */ - if (!tun && tt->type == DEV_TYPE_TUN && tt->topology == TOP_SUBNET) + if (!tun_p2p && tt->type == DEV_TYPE_TUN) { struct route_ipv4 r; CLEAR(r); @@ -1560,7 +1536,7 @@ #elif defined(TARGET_FREEBSD) || defined(TARGET_DRAGONFLY) /* example: ifconfig tun2 10.2.0.2 10.2.0.1 mtu 1450 netmask 255.255.255.255 up */ - if (tun) /* point-to-point tun */ + if (tun_p2p) /* point-to-point tun */ { argv_printf(&argv, "%s %s %s %s mtu %d netmask 255.255.255.255 up", IFCONFIG_PATH, ifname, ifconfig_local, @@ -1582,7 +1558,7 @@ struct env_set *aix_es = env_set_create(NULL); env_set_add( aix_es, "ODMDIR=/etc/objrepos" ); - if (tun) + if (tt->type == DEV_TYPE_TUN) { msg(M_FATAL, "no tun support on AIX (canthappen)"); }