git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Vladislav Grishenko <themiron@yandex-team.ru>
	Tue, 8 Sep 2020 12:36:25 +0000 (17:36 +0500)
committer	Gert Doering <gert@greenie.muc.de>
	Thu, 10 Sep 2020 09:15:01 +0000 (11:15 +0200)
commit	505d5ad8fadcdc56bae07f4b95c05acd93a47c24
tree	38b26248461fc262db9badeaeca4869f59d6f0ea	tree
parent	a4e0ac0604460ea2431acb7481d6ffb7a3fc6298	commit \| diff

Fix best gateway selection over netlink

Netlink route request with NLM_F_DUMP flag set means to return
all entries matching criteria passed in message content -
matching supplied family & dst address in our case.
So, gateway from the first ipv4 route was always used.

On kernels earlier than 2.6.38 default routes are the last ones,
so arbitrary host/net route w/o gateway is likely be returned as
first, causing gateway to be invalid or empty.
After refactoring in 2.6.38 kernel default routes are on top, so
the problem with older kernels was hidden.

Fix this behavior by selecting first 0.0.0.0/0 if dst was not set
or empty. For IPv6, no behavior is changed - request ::/128 route,
so just clarify the sizes via netlink route api.

Tested on 5.4.0, 4.1.51, 2.6.36 and 2.6.22 kernels.

Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
Acked-by: Antonio Quartulli <a@unstable.cc>
Message-Id: <20200908123625.23179-1-themiron@yandex-team.ru>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg20900.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

doc/man-sections/advanced-options.rst		diff \| blob \| blame \| history
src/openvpn/networking_sitnl.c		diff \| blob \| blame \| history