From patchwork Mon Sep 15 11:05:07 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sebastian Marsching X-Patchwork-Id: 4417 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:6ad9:b0:671:5a2c:6455 with SMTP id v25csp1191017maw; Mon, 15 Sep 2025 04:06:25 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCVvsQTvKHtpvDCdNH2iH73jDZsCrifrilTiooZJtlSkkmoPG3r9+/OXFszpfdYYQ1Nz232uftnDOZ8=@openvpn.net X-Google-Smtp-Source: AGHT+IEim8icXHdVSwhn1SDqNHfzc5+nK6mUqBEt2aGckUguAU57ibKht9HmAxdw5OfPfbrEyBYs X-Received: by 2002:a05:6808:444a:b0:439:b28b:3e62 with SMTP id 5614622812f47-43b8da383ebmr6722316b6e.44.1757934384961; Mon, 15 Sep 2025 04:06:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1757934384; cv=none; d=google.com; s=arc-20240605; b=iY6Cdle0akcoWyzOqJbNfIHpP1id7imkLxznzm2vzqORjRYGMnPcOMMywDiPa9Iykv tcwfmtrhrtb2DQg8eJe347YBKt8j3xEOV4JT+dzTBI6YIwiAjajzJ7gh7dfISXZUXSaS r0jEOlJLccnnF3Y3vpG1wSQSPTF9etWOjBW167YuE9a6to0e+LzQy9ZkjoFaR4jNKVVz dOPOgb/peRLdiefdeiEesk6WE2oqes4TIvup1mbC27xuK5fTeJI9RUYkD2SR5PISXNsB n4IYrv9w05yvhKNCKjRqIbQyph+fockEwoeoQ1d3xyTsqQBT5atwi8zOsiWuN5neVC8V FDFQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:cc:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature:dkim-signature; bh=8nMycsEd+7tkCpMTn83wNB4gmQYkjNf+1EGeIKEiQEs=; fh=LNKYF6/P8BgTNvth5mrJV4Ewv4palgq1devRIjFGMBY=; b=hdreALF9lPbjQPCUzR87Gn3cnyG6Js1vaQt3XaWrF183hHKvJ51Xs8im/3W81svle6 gfS7V2pP4Cai3+U2yfu0R2zBEy/j4tkx5E8XK5n4sVocjw87ASilCBjUsCblO0QjN2j2 y80b8Ji6lwgxWGe+XMwwEdydxtwNVFmkN9yxI5ahPWWO5Fx0HeVXHA8qNFvUBt0175Is 4sFYlpK95CSfSWWvj1bPW88UcnE8daQ+SPZJKRQUfEoVawnb0TtZTtLfDuFx0H/dcxhn 9PMZTXGEVkOI1u01RuTZsGxTn6rp1maxAgFaAVGnwQF5D6DhapJpWvwLqg4AjuKIWmtF cZZA==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=SaGRh70z; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=bAyCL+55; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=YJOzQWqQ; dkim=neutral (body hash did not verify) header.i=@marsching.com header.s=default header.b="XM9B/Xr8"; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=marsching.com Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 5614622812f47-43b8dc3f75bsi2194898b6e.114.2025.09.15.04.06.24 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 15 Sep 2025 04:06:24 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=SaGRh70z; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=bAyCL+55; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=YJOzQWqQ; dkim=neutral (body hash did not verify) header.i=@marsching.com header.s=default header.b="XM9B/Xr8"; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=marsching.com DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type:Cc: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender: Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender :Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=8nMycsEd+7tkCpMTn83wNB4gmQYkjNf+1EGeIKEiQEs=; b=SaGRh70zCDITasbciPW7fK86XM wfG0WCg8dTM+eCMEGO0tB6o9RLSrbplpM4qZd+9FQtK+6ppeATiiyl+ydefkgX1YLBarIyW0Qi5GA DK4BMss/gozum1CNhsQNH9BZzMhMvwXfNecw9u/UQpWirZa7HGYFA+nJf0t9eGRVkiVg=; Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1uy72K-00028A-5d; Mon, 15 Sep 2025 11:06:20 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1uy722-00026U-6J for openvpn-devel@lists.sourceforge.net; Mon, 15 Sep 2025 11:06:03 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=Bi5f6SoE1INSC1tV31q1JT6/RYK4wLiEVskDbI51hPs=; b=bAyCL+559IFY4XFcEF+tgQxAyW RNuxCrMFKYDyp8BoL/ekPj5yZn1tZOJcQ4mM0BICzFVL7+GmvT6OiQ6j+TauGJrIK2cTKqNAjwbRh gPBtj4XDpH5J4cgoXvGyrYZjKcGQXjFCMQqoD8+bT8JBwCXOH9acUzcTVdVeD85+MGSQ=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=Bi5f6SoE1INSC1tV31q1JT6/RYK4wLiEVskDbI51hPs=; b=YJOzQWqQ3UgCgR7De7C9owNtVG qbm4efTsXh6altRfKXC1dRCfI+0Lj6w65VcWhF/cZ/TKoVPwtkPdMFqBgA1t4gPDdPi3dMUZ5tNs8 1mO33MbjBGToNsJKH31Pnk3ErVU8sNkJM61uKT3JW33iyAIrOmlOOJzrhTaeaVI7MUvA=; Received: from mx1.aquenos.com ([49.12.63.22]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1uy71t-00020F-Rl for openvpn-devel@lists.sourceforge.net; Mon, 15 Sep 2025 11:05:54 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=marsching.com; s=default; h=Content-Transfer-Encoding:MIME-Version: References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From:Sender:Reply-To: Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help: List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=Bi5f6SoE1INSC1tV31q1JT6/RYK4wLiEVskDbI51hPs=; b=XM9B/Xr8xjP2ypBtXhm7pTQGWZ 3qcsVUdGgIL2qmYDQOlPVM4G5IPKWMTMGHqjovdm5d4o3pFiEani5fwQ1mqjUjamwkMuZuyHVkHxY PxiamwU6bCu+ak3OFuXTweX1DEpGlbcG4Ap7j7WMWfay6cVl8QLKzGaY7q0l5vx8tZKKjaa9Fi9yx 1Wbn4MY/JJpQXB8w84DG++QnzIwfRptqe5CloJuwuwEiuSil50c5mNzHugqyFpXRZ94mdHT95Huff dL6dDMBwbDVF73bqxT3fZm2j66W2KWLArUe8xUBQenxaoOUJPP+5cgPjCR7Ij9buaHIoFLOZia+2Y h6ICq3Aw==; Received: from mailcow.marsching.com ([2a01:4f8:fff0:b8:ff:310c:3f1b:1]) by mx1.aquenos.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (Exim 4.95) (envelope-from ) id 1uy71h-00Cw0t-NU; Mon, 15 Sep 2025 13:05:41 +0200 Received: from [127.0.0.1] (localhost [127.0.0.1]) by localhost (Mailerdaemon) with ESMTPSA id D82E4A1251; Mon, 15 Sep 2025 13:05:37 +0200 (CEST) From: Sebastian Marsching To: openvpn-devel@lists.sourceforge.net Date: Mon, 15 Sep 2025 13:05:07 +0200 Message-ID: <20250915110507.20557-1-sebastian-git-2016@marsching.com> X-Mailer: git-send-email 2.50.0 In-Reply-To: References: MIME-Version: 1.0 X-Last-TLS-Session-Version: TLSv1.3 X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "sfi-spamd-1.hosts.colo.sdot.me", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: This fixes a problem that was introduced in OpenVPN 2.5. Previously, the ifconfig utility was used for adding the local address to an interface. This utility automatically sets the correct broadcast a [...] Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid X-Headers-End: 1uy71t-00020F-Rl Subject: [Openvpn-devel] [PATCH v3] Bugfix: Set broadcast address on interface. X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: gert@greenie.muc.de, Sebastian Marsching Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1843327805636702808?= X-GMAIL-MSGID: =?utf-8?q?1843327805636702808?= This fixes a problem that was introduced in OpenVPN 2.5. Previously, the ifconfig utility was used for adding the local address to an interface. This utility automatically sets the correct broadcast address based on the given unicast address and netmask. Due to switching to iproute and Netlink, this does not happen automatically any longer, which means that applications that rely on broadcasts do not work correctly. This patch fixes this issue both when using iproute (by telling iproute to set the broadcast address based on the local address and prefix) and when using Netlink (by calculating the correct broadcast address and setting it). Signed-off-by: Sebastian Marsching --- src/openvpn/networking_iproute2.c | 2 +- src/openvpn/networking_sitnl.c | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/src/openvpn/networking_iproute2.c b/src/openvpn/networking_iproute2.c index e9be3a45..773571d6 100644 --- a/src/openvpn/networking_iproute2.c +++ b/src/openvpn/networking_iproute2.c @@ -150,7 +150,7 @@ net_addr_v4_add(openvpn_net_ctx_t *ctx, const char *iface, const in_addr_t *addr const char *addr_str = print_in_addr_t(*addr, 0, &ctx->gc); - argv_printf(&argv, "%s addr add dev %s %s/%d", iproute_path, iface, addr_str, prefixlen); + argv_printf(&argv, "%s addr add dev %s %s/%d broadcast +", iproute_path, iface, addr_str, prefixlen); argv_msg(M_INFO, &argv); openvpn_execve_check(&argv, ctx->es, S_FATAL, "Linux ip addr add failed"); diff --git a/src/openvpn/networking_sitnl.c b/src/openvpn/networking_sitnl.c index 4210e92c..00d61067 100644 --- a/src/openvpn/networking_sitnl.c +++ b/src/openvpn/networking_sitnl.c @@ -31,6 +31,7 @@ #include "misc.h" #include "networking.h" #include "proto.h" +#include "route.h" #include #include @@ -803,6 +804,13 @@ sitnl_addr_set(int cmd, uint32_t flags, int ifindex, sa_family_t af_family, SITNL_ADDATTR(&req.n, sizeof(req), IFA_LOCAL, local, size); } + if (af_family == AF_INET && local && !remote && prefixlen <= 30) + { + inet_address_t broadcast = *local; + broadcast.ipv4 |= htonl(~netbits_to_netmask(prefixlen)); + SITNL_ADDATTR(&req.n, sizeof(req), IFA_BROADCAST, &broadcast, size); + } + ret = sitnl_send(&req.n, 0, 0, NULL, NULL); if (ret == -EEXIST) {