From 6c2bd6be4f8ac4f0b25aa05e2d5eb9bf6b736cd1 Mon Sep 17 00:00:00 2001 From: Ralf Lici Date: Wed, 25 Jun 2025 18:26:31 +0200 Subject: [PATCH] dco linux: avoid sending local port to ovpn When sending an OVPN_CMD_NEW_PEER netlink message to ovpn, we currently attempt to include the local port along with the local address. However, `dco_multi_get_localaddr()` does not record the port, so we end up sending a zero value. This zero is rejected by ovpn's netlink policy, leading to an error and aborted connection. Since openvpn does not actually need to send the local port because the module retrieves it directly from the socket, this commit ensures that only the local address is sent. Change-Id: I5d9535d46e5a5488f4a2b637a6fcb99aad668fee Signed-off-by: Ralf Lici Acked-by: Antonio Quartulli Message-Id: <20250625162638.7769-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg31971.html Signed-off-by: Gert Doering --- src/openvpn/dco_linux.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/openvpn/dco_linux.c b/src/openvpn/dco_linux.c index 03454132..22a445a8 100644 --- a/src/openvpn/dco_linux.c +++ b/src/openvpn/dco_linux.c @@ -265,13 +265,11 @@ dco_new_peer(dco_context_t *dco, unsigned int peerid, int sd, { NLA_PUT(nl_msg, OVPN_A_PEER_LOCAL_IPV4, sizeof(struct in_addr), &((struct sockaddr_in *)localaddr)->sin_addr); - NLA_PUT_U16(nl_msg, OVPN_A_PEER_LOCAL_PORT, ((struct sockaddr_in *)localaddr)->sin_port); } else if (localaddr->sa_family == AF_INET6) { NLA_PUT(nl_msg, OVPN_A_PEER_LOCAL_IPV6, sizeof(struct in6_addr), &((struct sockaddr_in6 *)localaddr)->sin6_addr); - NLA_PUT_U16(nl_msg, OVPN_A_PEER_LOCAL_PORT, ((struct sockaddr_in6 *)localaddr)->sin6_port); } }