diff mbox series

[Openvpn-devel,v3] dco: fix source IP selection when multihome

Message ID 20250227032522.3734947-1-dqfext@gmail.com
State Accepted
Headers show
Series [Openvpn-devel,v3] dco: fix source IP selection when multihome | expand

Commit Message

Qingfang Deng Feb. 27, 2025, 3:25 a.m. UTC 
When multihome option is enabled, OpenVPN passes ipi_addr to DCO, which
is always 0.0.0.0. It should use ipi_spec_dst instead.

Signed-off-by: Qingfang Deng <dqfext@gmail.com>
---
 src/openvpn/dco.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Antonio Quartulli March 13, 2025, 12:41 a.m. UTC | #1 
On 27/02/2025 04:25, Qingfang Deng wrote:
> When multihome option is enabled, OpenVPN passes ipi_addr to DCO, which
> is always 0.0.0.0. It should use ipi_spec_dst instead.
> 
> Signed-off-by: Qingfang Deng <dqfext@gmail.com>
> ---
>   src/openvpn/dco.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/src/openvpn/dco.c b/src/openvpn/dco.c
> index 02fae816..d6e8ec5f 100644
> --- a/src/openvpn/dco.c
> +++ b/src/openvpn/dco.c
> @@ -562,7 +562,7 @@ dco_multi_get_localaddr(struct multi_context *m, struct multi_instance *mi,
>           {
>               struct sockaddr_in *sock_in4 = (struct sockaddr_in *)local;
>   #if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
> -            sock_in4->sin_addr = actual->pi.in4.ipi_addr;
> +            sock_in4->sin_addr = actual->pi.in4.ipi_spec_dst;
>   #elif defined(IP_RECVDSTADDR)
>               sock_in4->sin_addr = actual->pi.in4;
>   #else

Tested and confirmed it does what it says.

Acked-by: Antonio Quartulli <antonio@mandelbit.com>
Gert Doering March 13, 2025, 5:12 p.m. UTC | #2 
At last :-) - thanks, Antonio for testing, thanks Quingfang for your
patience.

I haven't tested it (do I look like I understand DCO stuff? :-) ) but
from looking at other places, "ipi_spec_dst" is what is used elsewhere
as "this is our IP" as well ("dest" might be confusing here, but it's
the "dest of the incoming UDP packet" = "our source for outgoing packets")

Again, I had to link to the sourceforge.net mail archive as the 
mail-archive.org one seems to not have the v3 patch at all.  Highly
annoying.

Your patch has been applied to the master and release/2.6 branch (bugfix).

commit e4beaf7a610793f57984ec8006d26f9a695b0c74 (master)
commit b9ad768ae2daf76f9ee2f20da70ecf8d62b6d4e5 (release/2.6)
Author: Qingfang Deng
Date:   Thu Feb 27 11:25:22 2025 +0800

     dco: fix source IP selection when multihome

     Signed-off-by: Qingfang Deng <dqfext@gmail.com>
     Acked-by: Antonio Quartulli <a@unstable.cc>
     Message-Id: <20250227032522.3734947-1-dqfext@gmail.com>
     URL: https://sourceforge.net/p/openvpn/mailman/message/59154010/
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering
diff mbox series

Patch

diff --git a/src/openvpn/dco.c b/src/openvpn/dco.c
index 02fae816..d6e8ec5f 100644
--- a/src/openvpn/dco.c
+++ b/src/openvpn/dco.c
@@ -562,7 +562,7 @@  dco_multi_get_localaddr(struct multi_context *m, struct multi_instance *mi,
         {
             struct sockaddr_in *sock_in4 = (struct sockaddr_in *)local;
 #if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
-            sock_in4->sin_addr = actual->pi.in4.ipi_addr;
+            sock_in4->sin_addr = actual->pi.in4.ipi_spec_dst;
 #elif defined(IP_RECVDSTADDR)
             sock_in4->sin_addr = actual->pi.in4;
 #else