From: Antonio Quartulli <antonio@mandelbit.com>
Date: Sun, 9 Mar 2025 15:30:17 +0000 (+0100)
Subject: dco: pass remoteaddr only for UDP peers
X-Git-Tag: v2.7_alpha1~66
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=90d7881e32ec371874c020f756bd35d1959e9698;p=thirdparty%2Fopenvpn.git

dco: pass remoteaddr only for UDP peers

TCP connected sockets do not need any remote addr
because the destination is fixed.
For this reason we can avoid sending the remote addr
along the peer-new dco call.

This change is important on Linux because the new 'ovpn'
kernel module is stricter when it comes to accepting
netlink messages and will reject calls with TCP sockets
if a remote address is specified.

Change-Id: I76e2e616c6ffe436a9627fa71aaace74030b2f4a
Signed-off-by: Antonio Quartulli <antonio@mandelbit.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20250309153017.5163-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg31078.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
---

diff --git a/src/openvpn/dco.c b/src/openvpn/dco.c
index 02fae8162..973c848ca 100644
--- a/src/openvpn/dco.c
+++ b/src/openvpn/dco.c
@@ -515,8 +515,9 @@ dco_p2p_add_new_peer(struct context *c)
         c->c2.tls_multi->dco_peer_id = -1;
     }
 #endif
-    int ret = dco_new_peer(&c->c1.tuntap->dco, multi->peer_id,
-                           c->c2.link_sockets[0]->sd, NULL, remoteaddr, NULL, NULL);
+    int ret = dco_new_peer(&c->c1.tuntap->dco, multi->peer_id, sock->sd, NULL,
+                           proto_is_dgram(sock->info.proto) ? remoteaddr : NULL,
+                           NULL, NULL);
     if (ret < 0)
     {
         return ret;