From patchwork Fri Jul 24 01:26:31 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lev Stipakov X-Patchwork-Id: 1329 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director12.mail.ord1d.rsapps.net ([172.31.255.6]) by backend30.mail.ord1d.rsapps.net with LMTP id GKSuCK/FGl/0awAAIUCqbw for ; Fri, 24 Jul 2020 07:27:43 -0400 Received: from proxy8.mail.iad3b.rsapps.net ([172.31.255.6]) by director12.mail.ord1d.rsapps.net with LMTP id kP54B6/FGl/VKQAAIasKDg (envelope-from ) for ; Fri, 24 Jul 2020 07:27:43 -0400 Received: from smtp18.gate.iad3b ([172.31.255.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy8.mail.iad3b.rsapps.net with LMTP id GKiEAa/FGl/8PwAAoCsc3g ; Fri, 24 Jul 2020 07:27:43 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp18.gate.iad3b.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=gmail.com; dmarc=fail (p=none; dis=none) header.from=gmail.com X-Suspicious-Flag: YES X-Classification-ID: b016fac0-cda0-11ea-8798-5254009ad1d4-1-1 Received: from [216.105.38.7] ([216.105.38.7:56776] helo=lists.sourceforge.net) by smtp18.gate.iad3b.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 12/F9-11804-EA5CA1F5; Fri, 24 Jul 2020 07:27:42 -0400 Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1jyvqq-0000oO-Hf; Fri, 24 Jul 2020 11:26:56 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jyvqo-0000oH-Pg for openvpn-devel@lists.sourceforge.net; Fri, 24 Jul 2020 11:26:54 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To: MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=2jvAjtrJZuFQNpC6lwvI0wnUp25n1RKJRBBRSWsFEZE=; b=lzlCbacvokFJWEeTfphAgKBoJT Zdb8MYfHxxdFxNAGze1Fz9QtW3rVTJ2RvL06PgaTBWnQI2/+Sw1yOtsvbAweRVavIq820IPn6QhkY oGlD7oOHLFZGbzAsfGGZrIaKlaX835OGzYtA7qWVrJFFaLHmls8PLmc/zH/phzPTCAFA=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:MIME-Version: Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=2jvAjtrJZuFQNpC6lwvI0wnUp25n1RKJRBBRSWsFEZE=; b=H0jFdxc9X8CArqno52LnCWupQJ gkL2z7lq0eCrRjBOeRrJxrfX2XyGIUCG6P234V13OfoxTF58Yo3QLlqbsj13p02gjXNmPkniq1gbs dYLdhH9GJmPTOWIoL9tbFT0Y/1Q8u6+/tQiTgBP0mWnzWejRCGeROntytxhZ9vjSDSoQ=; Received: from mail-wr1-f66.google.com ([209.85.221.66]) by sfi-mx-3.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.92.2) id 1jyvqn-00Ftbb-Jx for openvpn-devel@lists.sourceforge.net; Fri, 24 Jul 2020 11:26:54 +0000 Received: by mail-wr1-f66.google.com with SMTP id r2so2895117wrs.8 for ; Fri, 24 Jul 2020 04:26:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=2jvAjtrJZuFQNpC6lwvI0wnUp25n1RKJRBBRSWsFEZE=; b=SM0bm3bTcsWc7fnTZbZ0DA94gjVxk5bAtLqftcXFhuYf7k/mliyVyUfw9ZOwRjbKNU kBrZpjK5BH/mt9S50idcOSC1acGeaA2hiE0xv0lCvKyqtlKhjoUFeXEz6qS4LCx3VMKG rsyPwa8tRvgExs9t4mXamecmB92/KIaM9iwi5jwYkgfMtXSXdjtdwJHQiSDNUMUJeFPA 0fHICUPApayQ2+pR2mxMBMXNHl44CyKQdbMH9auNE/tsQji/D8hhBAjNKXi7PtRFXB1X LxVt77E5v0QUJDOUL6CmLAjoJPNUb/I9wslQYlQnKcIh5Qn7Fq3ADYr6t/3weS16Wv3l l9Iw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=2jvAjtrJZuFQNpC6lwvI0wnUp25n1RKJRBBRSWsFEZE=; b=UfgNdTcupI0GVKgbTtvx5lT135m54CIEnVj4y0zl9nhsiLCigArDr6HNTmRAjvPSg8 +zRRXRCLuwhi5/vzzbU9t1BdBfgSvNtR9n0f7tpyRhuZTud5PCPcio2cH8vZWI70JC39 i5reHdBiYHdKz/oWO5nLBx+U4rCwdSiWCYYZvRDSV6j5d8z7FZinBcuIakSdGywDkAEl NWqgqM5Qe66F+RfIDX5mztubYIyZ6oDvZWf7YNppPBMpWelXwlTMROgKcY266d6dQ+O+ tDYn3rjeNdwU6v8pRfldPoprdG21Atn+vuYf1VVhckzs9C/eQ8Oo+zFQy2/rI73A+5b6 GMHA== X-Gm-Message-State: AOAM5333mQgps3wmBq0LUixMA/cUea+k0a7WMU99upe1WI5U9RCl9WiV UDnQboR4SAFAm9L/Q3yZg7biUMVB X-Google-Smtp-Source: ABdhPJzRLc/h9nyJj6vYJWDchPfVph2volZomTz1Mw26ZWTs4WExAv/Y1a/FaM36IkhMRDIWbgh7+Q== X-Received: by 2002:a5d:5643:: with SMTP id j3mr7848327wrw.278.1595590006844; Fri, 24 Jul 2020 04:26:46 -0700 (PDT) Received: from LAPTOP-4L3N7KFS.localdomain (nat4.panoulu.net. [185.38.2.4]) by smtp.gmail.com with ESMTPSA id c136sm6990323wmd.10.2020.07.24.04.26.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 24 Jul 2020 04:26:46 -0700 (PDT) From: Lev Stipakov To: openvpn-devel@lists.sourceforge.net Date: Fri, 24 Jul 2020 14:26:31 +0300 Message-Id: <20200724112631.195-1-lstipakov@gmail.com> X-Mailer: git-send-email 2.17.1 X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (lstipakov[at]gmail.com) 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: openvpn.net] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.221.66 listed in wl.mailspike.net] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.221.66 listed in list.dnswl.org] X-Headers-End: 1jyvqn-00Ftbb-Jx Subject: [Openvpn-devel] [PATCH] Remove unused no-op function X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Lev Stipakov MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox From: Lev Stipakov Body of check_subnet_conflict() was commented out (#if 0) back in 2011, so it is safe now to completely elimitate this function, including all calls to it. As a bonus, remove unused local variable in do_set_mtu_service(). Signed-off-by: Lev Stipakov --- src/openvpn/route.c | 1 - src/openvpn/tun.c | 48 --------------------------------------------- src/openvpn/tun.h | 4 ---- 3 files changed, 53 deletions(-) diff --git a/src/openvpn/route.c b/src/openvpn/route.c index b57da5dd..966f6297 100644 --- a/src/openvpn/route.c +++ b/src/openvpn/route.c @@ -1215,7 +1215,6 @@ add_routes(struct route_list *rl, struct route_ipv6_list *rl6, for (r = rl->routes; r; r = r->next) { - check_subnet_conflict(r->network, r->netmask, "route"); if (flags & ROUTE_DELETE_FIRST) { delete_route(r, tt, flags, &rl->rgi, es, ctx); diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index 82d96927..8a132b4d 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -221,7 +221,6 @@ out: static bool do_set_mtu_service(const struct tuntap *tt, const short family, const int mtu) { - DWORD len; bool ret = false; ack_message_t ack; struct gc_arena gc = gc_new(); @@ -466,44 +465,6 @@ check_addr_clash(const char *name, gc_free(&gc); } -/* - * Issue a warning if ip/netmask (on the virtual IP network) conflicts with - * the settings on the local LAN. This is designed to flag issues where - * (for example) the OpenVPN server LAN is running on 192.168.1.x, but then - * an OpenVPN client tries to connect from a public location that is also running - * off of a router set to 192.168.1.x. - */ -void -check_subnet_conflict(const in_addr_t ip, - const in_addr_t netmask, - const char *prefix) -{ -#if 0 /* too many false positives */ - struct gc_arena gc = gc_new(); - in_addr_t lan_gw = 0; - in_addr_t lan_netmask = 0; - - if (get_default_gateway(&lan_gw, &lan_netmask) && lan_netmask) - { - const in_addr_t lan_network = lan_gw & lan_netmask; - const in_addr_t network = ip & netmask; - - /* do the two subnets defined by network/netmask and lan_network/lan_netmask intersect? */ - if ((network & lan_netmask) == lan_network - || (lan_network & netmask) == network) - { - msg(M_WARN, "WARNING: potential %s subnet conflict between local LAN [%s/%s] and remote VPN [%s/%s]", - prefix, - print_in_addr_t(lan_network, 0, &gc), - print_in_addr_t(lan_netmask, 0, &gc), - print_in_addr_t(network, 0, &gc), - print_in_addr_t(netmask, 0, &gc)); - } - } - gc_free(&gc); -#endif /* if 0 */ -} - void warn_on_use_of_common_subnets(openvpn_net_ctx_t *ctx) { @@ -763,15 +724,6 @@ init_tun(const char *dev, /* --dev option */ tt->remote_netmask); } } - - if (tt->type == DEV_TYPE_TAP || (tt->type == DEV_TYPE_TUN && tt->topology == TOP_SUBNET)) - { - check_subnet_conflict(tt->local, tt->remote_netmask, "TUN/TAP adapter"); - } - else if (tt->type == DEV_TYPE_TUN) - { - check_subnet_conflict(tt->local, IPV4_NETMASK_HOST, "TUN/TAP adapter"); - } } #ifdef _WIN32 diff --git a/src/openvpn/tun.h b/src/openvpn/tun.h index 99826cf7..e73be206 100644 --- a/src/openvpn/tun.h +++ b/src/openvpn/tun.h @@ -309,10 +309,6 @@ const char *ifconfig_options_string(const struct tuntap *tt, bool remote, bool d bool is_tun_p2p(const struct tuntap *tt); -void check_subnet_conflict(const in_addr_t ip, - const in_addr_t netmask, - const char *prefix); - void warn_on_use_of_common_subnets(openvpn_net_ctx_t *ctx); /*