]> git.ipfire.org Git - thirdparty/openvpn.git/commit
projects / thirdparty / openvpn.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fcd8f0f) | patch
prevent search domain races with macOS dns-updown
authorHeiko Hund <heiko@ist.eigentlich.net>
Mon, 14 Jul 2025 16:08:21 +0000 (18:08 +0200)
committerGert Doering <gert@greenie.muc.de>
Mon, 14 Jul 2025 16:15:11 +0000 (18:15 +0200)
commit4848df2fb295740a7fb5a5b44f1baaeeb43307cb
treeef5b836176864115f9a96b98acbe1ad598134c56tree
parentfcd8f0f9fccdba02ed643dee5df7422ba36ced12commit | diff
prevent search domain races with macOS dns-updown

When connections go up and down there are situations where search
domains of a split DNS connection are either lost, or survive the
lifetime of the connction. This can happen when there is also a
connection that modifies the global DNS setting. When it backs-up the
global settings before modifying them, or when it restores the backup,
the search domains could contain or miss VPN domains from other
connections, leading to misconfiguration.

The fix is to also update the backed-up search domains when a split DNS
connection comes up or goes down. That way the backup is always up to
date and restoring it will keep the global search domains as expected.

Change-Id: Ide2cddad193c636eb440c9752751176dae0a6897
Signed-off-by: Heiko Hund <heiko@ist.eigentlich.net>
Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Message-Id: <20250714160903.7479-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg32127.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
distro/dns-scripts/macos-dns-updown.sh diff | blob | blame | history
Mirror of https://github.com/OpenVPN/openvpn.git