diff options
Diffstat (limited to 'src/openvpn/route.c')
| -rw-r--r-- | src/openvpn/route.c | 103 |
1 files changed, 41 insertions, 62 deletions
diff --git a/src/openvpn/route.c b/src/openvpn/route.c index a1811f4..ea09d71 100644 --- a/src/openvpn/route.c +++ b/src/openvpn/route.c @@ -16,9 +16,10 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + * You should have received a copy of the GNU General Public License + * along with this program (see the file COPYING included with this + * distribution); if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ /* @@ -985,19 +986,11 @@ redirect_default_route_to_vpn(struct route_list *rl, const struct tuntap *tt, un if (rl && rl->flags & RG_ENABLE) { - bool local = rl->flags & RG_LOCAL; - if (!(rl->spec.flags & RTSA_REMOTE_ENDPOINT) && (rl->flags & RG_REROUTE_GW)) { msg(M_WARN, "%s VPN gateway parameter (--route-gateway or --ifconfig) is missing", err); } - /* - * check if a default route is defined, unless: - * - we are connecting to a remote host in our network - * - we are connecting to a non-IPv4 remote host (i.e. we use IPv6) - */ - else if (!(rl->rgi.flags & RGI_ADDR_DEFINED) && !local - && (rl->spec.remote_host != IPV4_INVALID_ADDR)) + else if (!(rl->rgi.flags & RGI_ADDR_DEFINED)) { msg(M_WARN, "%s Cannot read current default gateway from system", err); } @@ -1008,6 +1001,7 @@ redirect_default_route_to_vpn(struct route_list *rl, const struct tuntap *tt, un else { #ifndef TARGET_ANDROID + bool local = BOOL_CAST(rl->flags & RG_LOCAL); if (rl->flags & RG_AUTO_LOCAL) { const int tla = rl->spec.remote_host_local; @@ -1072,13 +1066,14 @@ redirect_default_route_to_vpn(struct route_list *rl, const struct tuntap *tt, un } else { - /* don't try to remove the def route if it does not exist */ - if (rl->rgi.flags & RGI_ADDR_DEFINED) - { - /* delete default route */ - del_route3(0, 0, rl->rgi.gateway.addr, tt, - flags | ROUTE_REF_GW, &rl->rgi, es); - } + /* delete default route */ + del_route3(0, + 0, + rl->rgi.gateway.addr, + tt, + flags | ROUTE_REF_GW, + &rl->rgi, + es); /* add new default route */ add_route3(0, @@ -1150,12 +1145,15 @@ undo_redirect_default_route_to_vpn(struct route_list *rl, const struct tuntap *t flags, &rl->rgi, es); - /* restore original default route if there was any */ - if (rl->rgi.flags & RGI_ADDR_DEFINED) - { - add_route3(0, 0, rl->rgi.gateway.addr, tt, - flags | ROUTE_REF_GW, &rl->rgi, es); - } + + /* restore original default route */ + add_route3(0, + 0, + rl->rgi.gateway.addr, + tt, + flags | ROUTE_REF_GW, + &rl->rgi, + es); } } @@ -1198,15 +1196,6 @@ add_routes(struct route_list *rl, struct route_ipv6_list *rl6, const struct tunt if (rl6 && !(rl6->iflags & RL_ROUTES_ADDED) ) { struct route_ipv6 *r; - - if (!tt->did_ifconfig_ipv6_setup) - { - msg(M_INFO, "WARNING: OpenVPN was configured to add an IPv6 " - "route over %s. However, no IPv6 has been configured for " - "this interface, therefore the route installation may " - "fail or may not work as expected.", tt->actual_name); - } - for (r = rl6->routes_ipv6; r; r = r->next) { if (flags & ROUTE_DELETE_FIRST) @@ -1292,9 +1281,7 @@ print_route_options(const struct route_option_list *rol, (rol->flags & RG_LOCAL) != 0); } for (ro = rol->routes; ro; ro = ro->next) - { print_route_option(ro, level); - } } void @@ -1388,9 +1375,7 @@ print_routes(const struct route_list *rl, int level) { struct route_ipv4 *r; for (r = rl->routes; r; r = r->next) - { print_route(r, level); - } } static void @@ -1419,9 +1404,7 @@ setenv_routes(struct env_set *es, const struct route_list *rl) int i = 1; struct route_ipv4 *r; for (r = rl->routes; r; r = r->next) - { setenv_route(es, r, i++); - } } static void @@ -1450,9 +1433,7 @@ setenv_routes_ipv6(struct env_set *es, const struct route_ipv6_list *rl6) int i = 1; struct route_ipv6 *r6; for (r6 = rl6->routes_ipv6; r6; r6 = r6->next) - { setenv_route_ipv6(es, r6, i++); - } } /* @@ -1689,7 +1670,7 @@ add_route(struct route_ipv4 *r, argv_msg(D_ROUTE, &argv); status = openvpn_execve_check(&argv, es, 0, "ERROR: Solaris route add command failed"); -#elif defined(TARGET_FREEBSD) +#elif defined(TARGET_FREEBSD) || defined(__FreeBSD_kernel__) argv_printf(&argv, "%s add", ROUTE_PATH); @@ -1875,7 +1856,7 @@ add_route_ipv6(struct route_ipv6 *r6, const struct tuntap *tt, unsigned int flag network = print_in6_addr( r6->network, 0, &gc); gateway = print_in6_addr( r6->gateway, 0, &gc); -#if defined(TARGET_DARWIN) \ +#if defined(TARGET_DARWIN) || defined(__FreeBSD_kernel__) \ || defined(TARGET_FREEBSD) || defined(TARGET_DRAGONFLY) \ || defined(TARGET_OPENBSD) || defined(TARGET_NETBSD) @@ -1893,6 +1874,14 @@ add_route_ipv6(struct route_ipv6 *r6, const struct tuntap *tt, unsigned int flag } #endif + if (!tt->did_ifconfig_ipv6_setup) + { + msg( M_INFO, "add_route_ipv6(): not adding %s/%d: " + "no IPv6 address been configured on interface %s", + network, r6->netbits, device); + return; + } + msg( M_INFO, "add_route_ipv6(%s/%d -> %s metric %d) dev %s", network, r6->netbits, gateway, r6->metric, device ); @@ -2043,7 +2032,7 @@ add_route_ipv6(struct route_ipv6 *r6, const struct tuntap *tt, unsigned int flag argv_msg(D_ROUTE, &argv); status = openvpn_execve_check(&argv, es, 0, "ERROR: Solaris route add -inet6 command failed"); -#elif defined(TARGET_FREEBSD) || defined(TARGET_DRAGONFLY) +#elif defined(TARGET_FREEBSD) || defined(TARGET_DRAGONFLY) || defined(__FreeBSD_kernel__) argv_printf(&argv, "%s add -inet6 %s/%d", ROUTE_PATH, @@ -2227,7 +2216,7 @@ delete_route(struct route_ipv4 *r, argv_msg(D_ROUTE, &argv); openvpn_execve_check(&argv, es, 0, "ERROR: Solaris route delete command failed"); -#elif defined(TARGET_FREEBSD) +#elif defined(TARGET_FREEBSD) || defined(__FreeBSD_kernel__) argv_printf(&argv, "%s delete -net %s %s %s", ROUTE_PATH, @@ -2334,7 +2323,7 @@ delete_route_ipv6(const struct route_ipv6 *r6, const struct tuntap *tt, unsigned network = print_in6_addr( r6->network, 0, &gc); gateway = print_in6_addr( r6->gateway, 0, &gc); -#if defined(TARGET_DARWIN) \ +#if defined(TARGET_DARWIN) || defined(__FreeBSD_kernel__) \ || defined(TARGET_FREEBSD) || defined(TARGET_DRAGONFLY) \ || defined(TARGET_OPENBSD) || defined(TARGET_NETBSD) @@ -2469,7 +2458,7 @@ delete_route_ipv6(const struct route_ipv6 *r6, const struct tuntap *tt, unsigned argv_msg(D_ROUTE, &argv); openvpn_execve_check(&argv, es, 0, "ERROR: Solaris route delete -inet6 command failed"); -#elif defined(TARGET_FREEBSD) || defined(TARGET_DRAGONFLY) +#elif defined(TARGET_FREEBSD) || defined(TARGET_DRAGONFLY) || defined(__FreeBSD_kernel__) argv_printf(&argv, "%s delete -inet6 %s/%d", ROUTE_PATH, @@ -2634,9 +2623,7 @@ test_routes(const struct route_list *rl, const struct tuntap *tt) { struct route_ipv4 *r; for (r = rl->routes, len = 0; r; r = r->next, ++len) - { test_route_helper(&ret, &count, &good, &ambig, adapters, r->gateway); - } if ((rl->flags & RG_ENABLE) && (rl->spec.flags & RTSA_REMOTE_ENDPOINT)) { @@ -3060,10 +3047,8 @@ do_route_ipv6_service(const bool add, const struct route_ipv6 *r, const struct t /* In TUN mode we use a special link-local address as the next hop. * The tapdrvr knows about it and will answer neighbor discovery packets. - * (only do this for routes actually using the tun/tap device) */ - if (tt->type == DEV_TYPE_TUN - && msg.iface.index == tt->adapter_index ) + if (tt->type == DEV_TYPE_TUN) { inet_pton(AF_INET6, "fe80::8", &msg.gateway.ipv6); } @@ -3514,7 +3499,8 @@ done: #elif defined(TARGET_DARWIN) || defined(TARGET_SOLARIS) \ || defined(TARGET_FREEBSD) || defined(TARGET_DRAGONFLY) \ - || defined(TARGET_OPENBSD) || defined(TARGET_NETBSD) + || defined(TARGET_OPENBSD) || defined(TARGET_NETBSD) \ + || defined(__FreeBSD_kernel__) #include <sys/types.h> #include <sys/socket.h> @@ -3596,9 +3582,6 @@ get_default_gateway(struct route_gateway_info *rgi) rtm.rtm_flags = RTF_UP | RTF_GATEWAY; rtm.rtm_version = RTM_VERSION; rtm.rtm_seq = ++seq; -#ifdef TARGET_OPENBSD - rtm.rtm_tableid = getrtable(); -#endif rtm.rtm_addrs = rtm_addrs; so_dst.sa_family = AF_INET; @@ -3626,8 +3609,7 @@ get_default_gateway(struct route_gateway_info *rgi) msg(M_WARN, "GDG: problem writing to routing socket"); goto done; } - do - { + do { l = read(sockfd, (char *)&m_rtmsg, sizeof(m_rtmsg)); } while (l > 0 && (rtm.rtm_seq != seq || rtm.rtm_pid != pid)); close(sockfd); @@ -3814,9 +3796,6 @@ get_default_gateway_ipv6(struct route_ipv6_gateway_info *rgi6, rtm.rtm_flags = RTF_UP; rtm.rtm_version = RTM_VERSION; rtm.rtm_seq = ++seq; -#ifdef TARGET_OPENBSD - rtm.rtm_tableid = getrtable(); -#endif so_dst.sin6_family = AF_INET6; so_mask.sin6_family = AF_INET6; |