diff options
author | Bernhard Schmidt <berni@debian.org> | 2020-09-30 21:10:56 +0200 |
---|---|---|
committer | Bernhard Schmidt <berni@debian.org> | 2020-09-30 21:10:56 +0200 |
commit | c3a748571ed19f9259b2e63cd7ba56abdb1b7747 (patch) | |
tree | ef419b35f5a1632a8b0c3ab6faa773eed9c6788a /src/openvpn/pool.c | |
parent | b97ad09a3b8c0017db0a677667a7215f1a98cccf (diff) | |
parent | 5246174f27866c0e9e22844d998f3c97cac54050 (diff) |
Update upstream source from tag 'upstream/2.5_rc2'
Update to upstream version '2.5~rc2'
with Debian dir 0cd2307abadc06f5064e4d5e7c23689a67b720c5
Diffstat (limited to 'src/openvpn/pool.c')
-rw-r--r-- | src/openvpn/pool.c | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/src/openvpn/pool.c b/src/openvpn/pool.c index 1f74ac5..ece0784 100644 --- a/src/openvpn/pool.c +++ b/src/openvpn/pool.c @@ -224,6 +224,24 @@ ifconfig_pool_init(const bool ipv4_pool, enum pool_type type, in_addr_t start, } pool->ipv6.base = ipv6_base; + + /* if a pool starts at a base address that has all-zero in the + * host part, that first IPv6 address must not be assigned to + * clients because it is not usable (subnet anycast address). + * Start with 1, then. + * + * NOTE: this will also (mis-)fire for something like + * ifconfig-ipv6-pool 2001:db8:0:1:1234::0/64 + * as we only check the rightmost 32 bits of the host part. So be it. + */ + if (base == 0) + { + msg(D_IFCONFIG_POOL, "IFCONFIG POOL IPv6: incrementing pool start " + "to avoid ::0 assignment"); + base++; + pool->ipv6.base.s6_addr[15]++; + } + pool_ipv6_size = ipv6_netbits >= 112 ? (1 << (128 - ipv6_netbits)) - base : IFCONFIG_POOL_MAX; |