Stop complaining about IPv6 routes without gateway address.

The IPv6 routing code inherited assumptions and the message

   "OpenVPN ROUTE6: OpenVPN needs a gateway parameter for a --route-ipv6
    option and no default was specified by either --route-ipv6-gateway or
    --ifconfig-ipv6 options"

from the IPv4 routing code.

This was never really correct, as no gateway is needed for "into tun
device" IPv6 routes, and the "--route-ipv6-gateway" option it refers
to also never existed.  (Routes on tap interfaces *do* need a gateway
due to neighbour discovery being involved.  As do routes on Windows,
but there we fake the gateway in tun mode anyway).

While commit d24e1b179b95 introduces support for "--route-ipv6-gateway",
the message is still falsely triggered for IPv6 routes in tun mode.

Change the code to generally accept IPv6 routes with no gateway
specification (so "--block-ipv6 --redirect-gateway ipv6" can work
without additional config).  When installing IPv6 routes, check
if a gateway is needed (tap mode) but missing, and if yes, print
correct message.

Trac: #1143

Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Antonio Quartulli <antonio@openvpn.net>
Message-Id: <20181205214037.70783-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg17990.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/src/openvpn/route.c b/src/openvpn/route.c
index 346f08e20d0f9c8c090cab3ae97cf3de915b6bb7..2836d532561eb01fd17b125f3bea09e458c04114 100644 (file)
--- a/src/openvpn/route.c
+++ b/src/openvpn/route.c
@@ -448,11 +448,6 @@ init_route_ipv6(struct route_ipv6 *r6,
     {
         r6->gateway = rl6->remote_endpoint_ipv6;
     }
-    else
-    {
-        msg(M_WARN, PACKAGE_NAME " ROUTE6: " PACKAGE_NAME " needs a gateway parameter for a --route-ipv6 option and no default was specified by either --route-ipv6-gateway or --ifconfig-ipv6 options");
-        goto fail;
-    }
 
     /* metric */
 
@@ -1917,6 +1912,16 @@ add_route_ipv6(struct route_ipv6 *r6, const struct tuntap *tt, unsigned int flag
         gateway_needed = true;
     }
 
+    if (gateway_needed && IN6_IS_ADDR_UNSPECIFIED(&r6->gateway))
+    {
+        msg(M_WARN, "ROUTE6 WARNING: " PACKAGE_NAME " needs a gateway "
+            "parameter for a --route-ipv6 option and no default was set via "
+            "--ifconfig-ipv6 or --route-ipv6-gateway option.  Not installing "
+            "IPv6 route to %s/%d.", network, r6->netbits);
+        status = false;
+        goto done;
+    }
+
 #if defined(TARGET_LINUX)
 #ifdef ENABLE_IPROUTE
     argv_printf(&argv, "%s -6 route add %s/%d dev %s",
@@ -2114,6 +2119,7 @@ add_route_ipv6(struct route_ipv6 *r6, const struct tuntap *tt, unsigned int flag
     msg(M_FATAL, "Sorry, but I don't know how to do 'route ipv6' commands on this operating system.  Try putting your routes in a --route-up script");
 #endif /* if defined(TARGET_LINUX) */
 
+done:
     if (status)
     {
         r6->flags |= RT_ADDED;