upstream/openvpn
1
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn.git synced 2026-05-28 04:03:29 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Fix one more 'existing route may get deleted' case

Browse source 
- Ensure net_route_v4/v6_add/del() functions using iproute2 return
  error when route addition fails. Return value follows the same logic
  as corresponding functions using netlink though all failure reasons
  get the same error code of -1.

TODO: Preserve any preexisting direct route to VPN and optionally the
IPv6 connected net route.

v2: Following review, removed the poorly coded RL_DID_LOCAL-related chunks.
That part needs a better fix.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230121194226.2081637-1-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26067.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This commit is contained in:
Selva Nair 2023-01-21 14:42:26 -05:00 committed by Gert Doering
parent a45c201e2e
commit 00fac39c58
1 changed files with 24 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
src/openvpn/networking_iproute2.c
View file

@ -267,6 +267,7 @@ net_route_v4_add(openvpn_net_ctx_t *ctx, const in_addr_t *dst, int prefixlen,
{
struct argv argv = argv_new();
const char *dst_str = print_in_addr_t(*dst, 0, &ctx->gc);
int ret = 0;
argv_printf(&argv, "%s route add %s/%d", iproute_path, dst_str, prefixlen);
@ -288,11 +289,14 @@ net_route_v4_add(openvpn_net_ctx_t *ctx, const in_addr_t *dst, int prefixlen,
}
argv_msg(D_ROUTE, &argv);
openvpn_execve_check(&argv, ctx->es, 0, "ERROR: Linux route add command failed");
if (!openvpn_execve_check(&argv, ctx->es, 0, "ERROR: Linux route add command failed"))
{
ret = -1;
}
argv_free(&argv);
return 0;
return ret;
}
int
@ -302,6 +306,7 @@ net_route_v6_add(openvpn_net_ctx_t *ctx, const struct in6_addr *dst,
{
struct argv argv = argv_new();
char *dst_str = (char *)print_in6_addr(*dst, 0, &ctx->gc);
int ret = 0;
argv_printf(&argv, "%s -6 route add %s/%d dev %s", iproute_path, dst_str,
prefixlen, iface);
@ -319,11 +324,14 @@ net_route_v6_add(openvpn_net_ctx_t *ctx, const struct in6_addr *dst,
}
argv_msg(D_ROUTE, &argv);
openvpn_execve_check(&argv, ctx->es, 0, "ERROR: Linux route -6 add command failed");
if (!openvpn_execve_check(&argv, ctx->es, 0, "ERROR: Linux route -6 add command failed"))
{
ret = -1;
}
argv_free(&argv);
return 0;
return ret;
}
int
@ -333,6 +341,7 @@ net_route_v4_del(openvpn_net_ctx_t *ctx, const in_addr_t *dst, int prefixlen,
{
struct argv argv = argv_new();
const char *dst_str = print_in_addr_t(*dst, 0, &ctx->gc);
int ret = 0;
argv_printf(&argv, "%s route del %s/%d", iproute_path, dst_str, prefixlen);
@ -342,11 +351,14 @@ net_route_v4_del(openvpn_net_ctx_t *ctx, const in_addr_t *dst, int prefixlen,
}
argv_msg(D_ROUTE, &argv);
openvpn_execve_check(&argv, ctx->es, 0, "ERROR: Linux route delete command failed");
if (!openvpn_execve_check(&argv, ctx->es, 0, "ERROR: Linux route delete command failed"))
{
ret = -1;
}
argv_free(&argv);
return 0;
return ret;
}
int
@ -356,6 +368,7 @@ net_route_v6_del(openvpn_net_ctx_t *ctx, const struct in6_addr *dst,
{
struct argv argv = argv_new();
char *dst_str = (char *)print_in6_addr(*dst, 0, &ctx->gc);
int ret = 0;
argv_printf(&argv, "%s -6 route del %s/%d dev %s", iproute_path, dst_str,
prefixlen, iface);
@ -373,11 +386,14 @@ net_route_v6_del(openvpn_net_ctx_t *ctx, const struct in6_addr *dst,
}
argv_msg(D_ROUTE, &argv);
openvpn_execve_check(&argv, ctx->es, 0, "ERROR: Linux route -6 del command failed");
if (!openvpn_execve_check(&argv, ctx->es, 0, "ERROR: Linux route -6 del command failed"))
{
ret = -1;
}
argv_free(&argv);
return 0;
return ret;
}
int