diff options
author | Bernhard Schmidt <berni@debian.org> | 2020-09-01 16:53:26 +0200 |
---|---|---|
committer | Bernhard Schmidt <berni@debian.org> | 2020-09-01 16:53:26 +0200 |
commit | 57f0b7b331088e489e93ae89ee0aed98381d8806 (patch) | |
tree | b86439ebb9e98eb6b81bda4c47f67cd3959d182f /src/openvpn/tun.c | |
parent | 1079962e4c06f88a54e50d997c1b7e84303d30b4 (diff) |
New upstream version 2.5~beta3upstream/2.5_beta3
Diffstat (limited to 'src/openvpn/tun.c')
-rw-r--r-- | src/openvpn/tun.c | 53 |
1 files changed, 48 insertions, 5 deletions
diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index 3045445..923131a 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -1038,6 +1038,29 @@ do_ifconfig_ipv6(struct tuntap *tt, const char *ifname, int tun_mtu, openvpn_execve_check(&argv, es, S_FATAL, "generic BSD ifconfig inet6 failed"); +#if defined(TARGET_FREEBSD) && __FreeBSD_version >= 1200000 + /* On FreeBSD 12 and up, there is ipv6_activate_all_interfaces="YES" + * in rc.conf, which is not set by default. If it is *not* set, + * "all new interfaces that are not already up" are configured by + * devd + /etc/pccard_ether as "inet6 ifdisabled". + * + * The "is this interface already up?" test is a non-zero time window + * which we manage to hit with our ifconfig often enough to cause + * frequent fails in the openvpn test environment. + * + * Thus: assume that the system might interfere, wait for things to + * settle (it's a very short time window), and remove -ifdisable again. + * + * See: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=248172 + */ + sleep(1); + argv_printf(&argv, "%s %s inet6 -ifdisabled", IFCONFIG_PATH, ifname); + argv_msg(M_INFO, &argv); + + openvpn_execve_check(&argv, es, S_FATAL, + "FreeBSD BSD 'ifconfig inet6 -ifdisabled' failed"); +#endif + #if defined(TARGET_OPENBSD) || defined(TARGET_NETBSD) \ || defined(TARGET_DARWIN) /* and, hooray, we explicitly need to add a route... */ @@ -6158,12 +6181,32 @@ wintun_register_ring_buffer(struct tuntap *tt, const char *device_guid) } else { - msg(M_FATAL, "ERROR: Wintun requires SYSTEM privileges and therefore " - "should be used with interactive service. If you want to " - "use openvpn from command line, you need to do SYSTEM " - "elevation yourself (for example with psexec)."); - } + if (!register_ring_buffers(tt->hand, + tt->wintun_send_ring, + tt->wintun_receive_ring, + tt->rw_handle.read, + tt->rw_handle.write)) + { + switch (GetLastError()) + { + case ERROR_ACCESS_DENIED: + msg(M_FATAL, "ERROR: Wintun requires SYSTEM privileges and therefore " + "should be used with interactive service. If you want to " + "use openvpn from command line, you need to do SYSTEM " + "elevation yourself (for example with psexec)."); + break; + + case ERROR_ALREADY_INITIALIZED: + msg(M_NONFATAL, "Adapter %s is already in use", device_guid); + break; + + default: + msg(M_NONFATAL | M_ERRNO, "Failed to register ring buffers"); + } + ret = false; + } + } return ret; } |