From patchwork Sat Sep 13 14:25:25 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sebastian Marsching X-Patchwork-Id: 4412 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:6ad9:b0:671:5a2c:6455 with SMTP id v25csp301516maw; Sat, 13 Sep 2025 07:26:00 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCXlIAsYJoaDuoTeHvQshz3BtZ80JUuAUxs15BA4jBH5+lfsG2vR6eiiRW3xesw+jaiFG4aRRxE54bE=@openvpn.net X-Google-Smtp-Source: AGHT+IFEV8cvSJjbk0Rhu1n/SHxTlbYhupIOCxe+64NzzI7MJzEGki4ht+Q6pd1a87Zpi4gFv36i X-Received: by 2002:a05:6808:21a4:b0:439:726b:a097 with SMTP id 5614622812f47-43b8da4d218mr3319372b6e.41.1757773560578; Sat, 13 Sep 2025 07:26:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1757773560; cv=none; d=google.com; s=arc-20240605; b=SgqKvpcGl29cYPabm7MiIfRdYt41PyrATFW6LEFRgrHLDz9YFe9sLq7VprSKx+Th1d 2g92vX1fi5h/Y2LqtGHRc2gCTu0WrUa81Q/ugFA3eA6IvHdasqnBTJdF1KYHDGvmX0AP rBraGRn+bqTXnDTVQzJuQ0oMl8yn8+plPuK5qDu8ws3ZfRTn+zEIAjOZ+/tYT+ateAll 5XnIxkjzFKs7UWehpMCl64+PNdPxcPu3qjDtAxgWc8datNYIqFuUoRCvLzvZFSKxOPzV 6EseplG4lhMssgjk7a+nXmv6dxalU0uIMyuaGqSopgGs7Ijc/G044onP5YHi8unHYaA+ 15yA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:to:date:message-id :mime-version:from:dkim-signature:dkim-signature:dkim-signature :dkim-signature; bh=yK1mkGXcLEQpY4Bk+mg5goMi5e0nthdrXYtMJk8zRMQ=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=hzcjlFfZt6l8F5p2D5nA8KWOZTHa4Ekmh0/3iD99uas/NpRVGX95SYRO95zCiexiUI wCWx16fT5eMlf+xBKbFP35/lTmzBLARR5nf+8aVszdFZ3JSWmnvf5nUSWImYVYDplj4N 3TDttadNdK8nhq+HYDBK8OGKqTVSzWL+9LNRivfiM8UysjH3+OzbUDk8dYtWLDemwUbt wlpae8IavbPeV1ApPcEm5L6jLHmpHvPFOIahvQ3KdkNi+CdNvn/QUHJbTlWMFwzIsSxl Sku+DJoqh9wExWID0zNSSXavT/n67sA2bPJK/6l3E2pt3FQI5RulG2p9o3YQxg0VC0Xu gG4A==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=WWwQaceU; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=CdNHqIOQ; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=VBoZF0f5; dkim=neutral (body hash did not verify) header.i=@marsching.com header.s=default header.b=bsGnSitJ; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=marsching.com Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 5614622812f47-43b8dc3f19esi1183511b6e.107.2025.09.13.07.25.59 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sat, 13 Sep 2025 07:26:00 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=WWwQaceU; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=CdNHqIOQ; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=VBoZF0f5; dkim=neutral (body hash did not verify) header.i=@marsching.com header.s=default header.b=bsGnSitJ; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=marsching.com DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Type:List-Subscribe:List-Help: List-Post:List-Archive:List-Unsubscribe:List-Id:Subject:To:Date:Message-Id: Mime-Version:From:Sender:Reply-To:Cc:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Owner; bh=yK1mkGXcLEQpY4Bk+mg5goMi5e0nthdrXYtMJk8zRMQ=; b=WWwQaceUrQSuMzmtY+UxBDipRw MuDKNX4BIORAB1hYPVUGNaHSmLnwtC/kfzsCloxvCup98CBz3XgITFA4Uzr/dhUESstFj8E2/J224 680OeSTqMZbMyIzirsspCetL4xDhP9twCL70+RYU+sLIKkw+wsKazol3aNTHOa89N+iM=; Received: from [127.0.0.1] (helo=sfs-ml-3.v29.lw.sourceforge.com) by sfs-ml-3.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1uxRCL-0001rF-9A; Sat, 13 Sep 2025 14:25:53 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-3.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1uxRCJ-0001r6-6K for openvpn-devel@lists.sourceforge.net; Sat, 13 Sep 2025 14:25:51 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=To:Date:Message-Id:Subject:Mime-Version: Content-Transfer-Encoding:Content-Type:From:Sender:Reply-To:Cc:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=VM19oo1O8HIvh9L2Q0ggxuiQoG9VaomNKNQjFsDd3fI=; b=CdNHqIOQ9+3I6Eunjz4PKbzo18 eG35YFBmcA2FBef7VG9c3GMtBhT58L1K18Ew39/pDs/yQ5UmogGdh+8mFXFF2TUZq2u+xGxZ2dh4I RQ/DX35sosFabZkQnI6ujgHjiSZ2ZdzlDk0zTlRmnqfyVGSYPVekxTxmKgVrsGxmE4Po=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=To:Date:Message-Id:Subject:Mime-Version:Content-Transfer-Encoding: Content-Type:From:Sender:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=VM19oo1O8HIvh9L2Q0ggxuiQoG9VaomNKNQjFsDd3fI=; b=VBoZF0f5lhr1+AyuPX6fx8LcBd Mjtw4VEhVa0/mPS7NvAPS2JmAidSOJu9YIVpVeayP826mSGLnVRb/EMNdY98jUKb4E5JVUMs/HAJv K69XpZbPVWBQIuNoqjovwjmShl8mUyDRSYxzkMgxtjJOPxBdplX8GxSojl1MU9nxgAoc=; Received: from mx1.aquenos.com ([49.12.63.22]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1uxRCI-0006Qf-2k for openvpn-devel@lists.sourceforge.net; Sat, 13 Sep 2025 14:25:51 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=marsching.com; s=default; h=To:Date:Message-Id:Subject:Mime-Version: Content-Transfer-Encoding:Content-Type:From:Sender:Reply-To:Cc:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=VM19oo1O8HIvh9L2Q0ggxuiQoG9VaomNKNQjFsDd3fI=; b=bsGnSitJJiH5qpnRxywZIH5wg1 6f9XSlFCLxvtsYpVCwnfNCUUrX4Ondej82Pc1Gu2HSYmYa+g2hVGpmPg075D7fYzGV2MHqNsFP50c 3I8AZcGQt8AtwlbUt7hv4xL9WbcfPzKO2B6bGPcsxeS+gv5857/8eMUK+vF1QkEQfZThz54y6YEoN qBH+ozNfleqXx+Qi/FOr7dyk6vQ8eG0fgDRNyNxmQLhkffoe5LSjA4f0gTZORDqbsRN4LUVUSkjSy wjz1+gIBDf8XsKmtZB2hJP5pLw+p9CbTttp+3TOfnFLpFJdQTEGk4giqBqBU3XlqrtjCKyhbAy7Mq HwMLNnng==; Received: from mailcow.marsching.com ([49.12.63.27]) by mx1.aquenos.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (Exim 4.95) (envelope-from ) id 1uxRC6-00C8c3-Kg for openvpn-devel@lists.sourceforge.net; Sat, 13 Sep 2025 16:25:38 +0200 Received: from [127.0.0.1] (localhost [127.0.0.1]) by localhost (Mailerdaemon) with ESMTPSA id 617C0A11FC for ; Sat, 13 Sep 2025 16:25:36 +0200 (CEST) From: Sebastian Marsching Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3826.700.81\)) Message-Id: <65233605-9738-4B2C-8401-37AA5C43D797@marsching.com> Date: Sat, 13 Sep 2025 16:25:25 +0200 To: openvpn-devel@lists.sourceforge.net X-Mailer: Apple Mail (2.3826.700.81) X-Last-TLS-Session-Version: TLSv1.2 X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "sfi-spamd-2.hosts.colo.sdot.me", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From 5e9ec24cefe452c002828104d62d43ae206337e3 Mon Sep 17 00:00:00 2001 From: Sebastian Marsching Date: Fri, 12 Sep 2025 22:34:43 +0200 Subject: [PATCH] Bugfix: Set b [...] Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-Headers-End: 1uxRCI-0006Qf-2k Subject: [Openvpn-devel] [PATCH] Bugfix: Set broadcast address on interface X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1843159168937282392?= X-GMAIL-MSGID: =?utf-8?q?1843159168937282392?= From 5e9ec24cefe452c002828104d62d43ae206337e3 Mon Sep 17 00:00:00 2001 From: Sebastian Marsching Date: Fri, 12 Sep 2025 22:34:43 +0200 Subject: [PATCH] Bugfix: Set broadcast address on interface. This fixes a problem that was introduced in OpenVPN 2.5. Previously, the ifconfig utility was used for adding the local address to an interface. This utility automatically sets the correct broadcast address based on the given unicast address and netmask. Due to switching to iproute and Netlink, this does not happen automatically any longer, which means that applications that rely on broadcasts do not work correctly. This patch fixes this issue both when using iproute (by telling iproute to set the broadcast address based on the local address and prefix) and when using Netlink (by calculating the correct broadcast address and setting it). Signed-off-by: Sebastian Marsching --- src/openvpn/networking_iproute2.c | 2 +- src/openvpn/networking_sitnl.c | 13 ++++++++++++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/src/openvpn/networking_iproute2.c b/src/openvpn/networking_iproute2.c index e9be3a45..773571d6 100644 --- a/src/openvpn/networking_iproute2.c +++ b/src/openvpn/networking_iproute2.c @@ -150,7 +150,7 @@ net_addr_v4_add(openvpn_net_ctx_t *ctx, const char *iface, const in_addr_t *addr const char *addr_str = print_in_addr_t(*addr, 0, &ctx->gc); - argv_printf(&argv, "%s addr add dev %s %s/%d", iproute_path, iface, addr_str, prefixlen); + argv_printf(&argv, "%s addr add dev %s %s/%d broadcast +", iproute_path, iface, addr_str, prefixlen); argv_msg(M_INFO, &argv); openvpn_execve_check(&argv, ctx->es, S_FATAL, "Linux ip addr add failed"); diff --git a/src/openvpn/networking_sitnl.c b/src/openvpn/networking_sitnl.c index 4210e92c..4294a7a5 100644 --- a/src/openvpn/networking_sitnl.c +++ b/src/openvpn/networking_sitnl.c @@ -760,7 +760,8 @@ sitnl_addr_set(int cmd, uint32_t flags, int ifindex, sa_family_t af_family, { struct sitnl_addr_req req; uint32_t size; - int ret = -EINVAL; + inet_address_t broadcast; + int ret = -EINVAL, i; CLEAR(req); @@ -803,6 +804,16 @@ sitnl_addr_set(int cmd, uint32_t flags, int ifindex, sa_family_t af_family, SITNL_ADDATTR(&req.n, sizeof(req), IFA_LOCAL, local, size); } + if (af_family == AF_INET && local && !remote && prefixlen <= 30) + { + broadcast = *local; + for (i = 31; i >= prefixlen; i--) + { + broadcast.ipv4 |= htonl(1<<(31-i)); + } + SITNL_ADDATTR(&req.n, sizeof(req), IFA_BROADCAST, &broadcast, size); + } + ret = sitnl_send(&req.n, 0, 0, NULL, NULL); if (ret == -EEXIST) {