From patchwork Mon Sep 23 13:41:23 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "flichtenheld (Code Review)" X-Patchwork-Id: 3856 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:10cd:b0:5b9:581e:f939 with SMTP id j13csp2171979mae; Mon, 23 Sep 2024 06:41:42 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCWaVuk0zPuPzFxN0JqHMN41a4UNbVTSj3KeNYHfCH7aCEnJi/7zUV4UL/dgm7SihCDNVD9IBq2VIdw=@openvpn.net X-Google-Smtp-Source: AGHT+IE2QZliogml4W+RgMt2uPbv3XkPX8TsKldN3SsxC20v3w7H6PSrGnwnvBz+qdadwsX7NpJV X-Received: by 2002:a05:6870:c1d0:b0:261:9fc:b8fb with SMTP id 586e51a60fabf-2803d15ae8dmr5017016fac.46.1727098901947; Mon, 23 Sep 2024 06:41:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1727098901; cv=none; d=google.com; s=arc-20240605; b=Bh4uPJEsO8LobYaqsxWOpfEY8N17Zz/asZcsXRo6Ori2lBHZqWV4hzVuv7f96vFs4N uPEeFsPyA3WerD3NOQ1Fb4ZfeOcsxxm1CNVt4W24ep0lF8boUPG+G3NLde0JP7U7tzMR QXg/r88nwuFJ53ThRw7LJGC5+fqeA3qMBQFm3tZ6sl9GL1Q61gVOdokVjK4V58jcshCu jRLnWF0CPxT/1edhKQHoCQOgEPZEzQpDXhh3DdYmzDnbvwEHrUNUvpmjmxJ6JGiCQoNT k6kt6TaQqfwJdtREPoKkPV2eWn7pxTX+YGsi5M+a9kmyN+B1yIvYxsj+7XIItSWfMKvt T0Og== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:cc:reply-to:list-subscribe:list-help:list-post :list-archive:list-unsubscribe:list-id:precedence:subject:user-agent :mime-version:message-id:references:auto-submitted:to:date:from :dkim-signature:dkim-signature:dkim-signature; bh=6MQ8joy4dBGt+C6M9QWIcdD17rdqiGt9iFJaiMvSjCY=; fh=U7wEyxtwz2o5+UdevFSA47vNeG9knhWH0KV//QhD5a0=; b=B5sAQQKqHwB3FqxzuuITORG1P6FxcOz08NVDnd5ytwS3FsvJKWyl00TjP9fhu0rIuG vcehkth1xeDHQdp8kGCFXm2x4kfRB3ikW4fr4IoAfIrqeaAXWkGnEhYoOGPHne00umEn oulIqWRGlQQy2wkLZknO+CXfm2aBxXl7suRF29lrJHb3LLu8QW02dNjl34hiQrRH0TD6 Ux7hTdJoz1/H1IToCr3D1MxSk/cvLc7DGL5CQyjlqcCTgugBx225FoDyFxFrmWCus6HG JR5h9xgsNq17MQo0vLn1m63vd/xWkoiz3umd6lAP8gUIMNMU7wWv5UVeiPPrx6h54F9T nBvA==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=lqxGXuaq; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=VEatffV1; dkim=neutral (body hash did not verify) header.i=@openvpn.net header.s=google header.b=cxWj+L2G; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net; dara=fail header.i=@openvpn.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 586e51a60fabf-27d0b41d2basi4675885fac.94.2024.09.23.06.41.41 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 23 Sep 2024 06:41:41 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=lqxGXuaq; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=VEatffV1; dkim=neutral (body hash did not verify) header.i=@openvpn.net header.s=google header.b=cxWj+L2G; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net; dara=fail header.i=@openvpn.net Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1ssjJq-0007kG-Mu; Mon, 23 Sep 2024 13:41:39 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1ssjJo-0007k4-E5 for openvpn-devel@lists.sourceforge.net; Mon, 23 Sep 2024 13:41:37 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Type:Content-Transfer-Encoding:MIME-Version :Message-ID:Reply-To:References:Subject:List-Unsubscribe:List-Id:Cc:To:Date: From:Sender:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help: List-Subscribe:List-Post:List-Owner:List-Archive; bh=/HtREsWk5WxOB9rPEHwKu/FhNzDxmLdzbx2czXuS/hs=; b=lqxGXuaqsQU/FKJfSHW3iIdH0H XiXDehpDqcJDqsUbEHBoYzF9TitPUGtuu6a5YXic3diMmbunjZjoOXRoPof0jKrV93irxKkkHdm8o yn0/plaK4qIH0QzJ9y+KrYkDVJCuwa3tFSiOKW8GDZeZnP3fmRtm2yS4d+u4VPu41DyU=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Type:Content-Transfer-Encoding:MIME-Version:Message-ID:Reply-To: References:Subject:List-Unsubscribe:List-Id:Cc:To:Date:From:Sender:Content-ID :Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To: Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help:List-Subscribe:List-Post: List-Owner:List-Archive; bh=/HtREsWk5WxOB9rPEHwKu/FhNzDxmLdzbx2czXuS/hs=; b=V EatffV1p5FyEmZEJVB8U3bCWUIS5xwlfEhtTAa3YtfqiXYfiMhg7QypU9CKz6iwKA4vJX7qJPBj69 ibwCkT8XnN8LGXlWJ5gtLu01yC8bzqRc8hjGZKkYHWupXFNYmq1/fkY06oVHgLGVNm5tF8pkYsvHO 0qy0c7aLINSnfnwA=; Received: from mail-wr1-f49.google.com ([209.85.221.49]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95) id 1ssjJo-0006qc-9N for openvpn-devel@lists.sourceforge.net; Mon, 23 Sep 2024 13:41:37 +0000 Received: by mail-wr1-f49.google.com with SMTP id ffacd0b85a97d-378f600e090so2466746f8f.3 for ; Mon, 23 Sep 2024 06:41:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=openvpn.net; s=google; t=1727098885; x=1727703685; darn=lists.sourceforge.net; h=user-agent:content-disposition:content-transfer-encoding :mime-version:message-id:reply-to:references:subject :list-unsubscribe:list-id:auto-submitted:cc:to:date:from:from:to:cc :subject:date:message-id:reply-to; bh=/HtREsWk5WxOB9rPEHwKu/FhNzDxmLdzbx2czXuS/hs=; b=cxWj+L2GVjJE7FZnCKOOeb0qOt7fRhPWZKuJ8vUVMVnjtb+GgChgCh9y4FFfX+oTcp Z542QPfEG6UcWu+4FgyA1YfKk2gus+PfmtVdgjzqs4bE19cURVNCTkCvqVO0ABRg0F8y 11EB+wrX/m4rCoBTsMoz8i5UtpVltJ8JSCLy8da6BNz/Ht6QXz8MzyBIrkf70CdiU3Ik UeH1dEs2H6kh13v7gGNmTYpZqMxzUEbnIiDtdzbsTH64bsaNMQXs1ohmVm1kAcaSeP8v 8ayYV1RgVJjoN6P1txwByQZx622X+GPNWXSsJxRGTo2dm52Y9ZkcbPQsL9X+H8Zc0jYf ad7Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1727098885; x=1727703685; h=user-agent:content-disposition:content-transfer-encoding :mime-version:message-id:reply-to:references:subject :list-unsubscribe:list-id:auto-submitted:cc:to:date:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=/HtREsWk5WxOB9rPEHwKu/FhNzDxmLdzbx2czXuS/hs=; b=cSKgUUd/Sp4YxNyUes1X+/5OgVxx8pewn9uRD+vEPGeKTFRnQtOoXSNyI3XkiO50o5 G0V9Btyghq1VqYGc6ZLsc2D7vtXKTXoRyuAioqkg2MxlI4coMxylSkYvebgjdBqTu9WE fQTd1pK/dak8/fAZytbYwY07lvWP45CLAUBmhD0mvLlZsZ+sU9MCBANd3WdNhMXDWFkp mj6S5vcxR4+9znuaipQODS/UapvBC9Tfej2d2Ffq2v66GyV7Xd59PKfcszRMo+5Jdcsd OmKyVAIXc327/x5VLlkMiZ4K1fu8oOlBW4zp8CMQDrrHb4JAyJNzPTIq8Nj7jmvlyuFr Ux6w== X-Gm-Message-State: AOJu0Yz20Vr2nITIOJAgCwc16RMHzBHAzYUMGfi5uKBAerI7Re1sAoGL Qxb7HMZ8DEG9zmLs2VTmI3GRMn5qbK6OR41DSlb960BhIZKQTfXbZptTQjOZgC4q8b9qq+7UG42 g X-Received: by 2002:adf:e2ce:0:b0:374:c1cc:2eb7 with SMTP id ffacd0b85a97d-37a4315e487mr7083766f8f.35.1727098884694; Mon, 23 Sep 2024 06:41:24 -0700 (PDT) Received: from gerrit.openvpn.in (ec2-18-159-0-78.eu-central-1.compute.amazonaws.com. [18.159.0.78]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-378e73e84a9sm24589503f8f.44.2024.09.23.06.41.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 23 Sep 2024 06:41:24 -0700 (PDT) From: "its_Giaan (Code Review)" X-Google-Original-From: "its_Giaan (Code Review)" X-Gerrit-PatchSet: 1 Date: Mon, 23 Sep 2024 13:41:23 +0000 To: plaisthos , flichtenheld Auto-Submitted: auto-generated X-Gerrit-MessageType: newchange X-Gerrit-Change-Id: I705fd9bf9298a54560eca12e3797351f4af321a7 X-Gerrit-Change-Number: 761 X-Gerrit-Project: openvpn X-Gerrit-ChangeURL: X-Gerrit-Commit: 8eda56822802e046d5421e4eff77475e39f47170 References: Message-ID: MIME-Version: 1.0 User-Agent: Gerrit/3.8.2 X-Spam-Score: -1.1 (-) X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Attention is currently required from: flichtenheld, ordex, plaisthos. Hello plaisthos, flichtenheld, I'd like you to do a code review. Please visit Content analysis details: (-1.1 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.221.49 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.9 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.221.49 listed in wl.mailspike.net] 0.0 WEIRD_PORT URI: Uses non-standard port number for HTTP 0.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 0.0 T_KAM_HTML_FONT_INVALID Test for Invalidly Named or Formatted Colors in HTML X-Headers-End: 1ssjJo-0006qc-9N Subject: [Openvpn-devel] [S] Change in openvpn[master]: if a local IPv6 address is provided, socket must be v6-only X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: gianmarco@mandelbit.com, arne-openvpn@rfc2549.org, openvpn-devel@lists.sourceforge.net, frank@lichtenheld.com, a@unstable.cc Cc: openvpn-devel Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1810994457870344247?= X-GMAIL-MSGID: =?utf-8?q?1810994457870344247?= X-getmail-filter-classifier: gerrit message type newchange Attention is currently required from: flichtenheld, ordex, plaisthos. Hello plaisthos, flichtenheld, I'd like you to do a code review. Please visit http://gerrit.openvpn.net/c/openvpn/+/761?usp=email to review the following change. Change subject: if a local IPv6 address is provided, socket must be v6-only ...................................................................... if a local IPv6 address is provided, socket must be v6-only Change-Id: I705fd9bf9298a54560eca12e3797351f4af321a7 Signed-off-by: Antonio Quartulli --- M src/openvpn/socket.c 1 file changed, 8 insertions(+), 2 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/61/761/1 diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c index a7835e0..d1b16c5 100644 --- a/src/openvpn/socket.c +++ b/src/openvpn/socket.c @@ -1108,9 +1108,15 @@ } else { + bool v6only = sock->info.bind_ipv6_only; + + /* force binding IPv6-only if an address was specified + * an it is a IPv6 */ + if (sock->local_host && ai_family == AF_INET6) + v6only = true; + socket_bind(sock->sd, sock->info.lsa->bind_local, - ai_family, - "TCP/UDP", sock->info.bind_ipv6_only); + ai_family, "TCP/UDP", v6only); } } }