From 03653f422fa6f9ff48b3f78c420510f12549f6d8 Mon Sep 17 00:00:00 2001
From: james <james@e7ae566f-a301-0410-adde-c780ea21d3b5>
Date: Thu, 3 Nov 2005 01:43:43 +0000
Subject: [PATCH] svn merge -r 760:764 $SO/trunk/openvpn

git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@766 e7ae566f-a301-0410-adde-c780ea21d3b5
---
 ChangeLog |  3 +++
 openvpn.8 | 16 +++++++++++++++-
 route.c   | 14 +++++++++++---
 3 files changed, 29 insertions(+), 4 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 4dda4469d..f7639199d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,6 +5,9 @@ $Id$
 
 2005.11.xx -- Version 2.1-beta7
 
+* Fixed bug in Linux get_default_gateway function
+  introduced in 2.0.4, which would cause redirect-gateway
+  on Linux clients to fail.
 * Moved easy-rsa 2.0 scripts to easy-rsa/2.0 to
   be compatible with 2.0.x distribution.
 
diff --git a/openvpn.8 b/openvpn.8
index 29df0da0d..78c6007ef 100644
--- a/openvpn.8
+++ b/openvpn.8
@@ -2949,7 +2949,21 @@ of OpenVPN's client mode.  This directive is equivalent to:
 This option must be used on a client which is connecting
 to a multi-client server.  It indicates to OpenVPN that it
 should accept options pushed by the server, provided they
-are part of the legal set of pushable options.
+are part of the legal set of pushable options (note that the
+.B --pull
+option is implied by
+.B --client
+).
+
+In particular,
+.B --pull
+allows the server to push routes to the client, so you should
+not use
+.B --pull
+or
+.B --client
+in situations where you don't trust the server to have control
+over the client's routing table.
 .\"*********************************************************
 .TP
 .B --auth-user-pass [up]
diff --git a/route.c b/route.c
index cb21489e9..1db0b36c5 100644
--- a/route.c
+++ b/route.c
@@ -347,6 +347,10 @@ init_route_list (struct route_list *rl,
       setenv_route_addr (es, "net_gateway", rl->spec.net_gateway, -1);
       dmsg (D_ROUTE_DEBUG, "ROUTE DEBUG: default_gateway=%s", print_in_addr_t (rl->spec.net_gateway, 0, &gc));
     }
+  else
+    {
+      dmsg (D_ROUTE_DEBUG, "ROUTE DEBUG: default_gateway=UNDEF");
+    }
 
   if (rl->flags & RG_ENABLE)
     {
@@ -1342,9 +1346,10 @@ show_routes (int msglev)
 #elif defined(TARGET_LINUX)
 
 static bool
-get_default_gateway (in_addr_t *ret)
+get_default_gateway (in_addr_t *gateway)
 {
   struct gc_arena gc = gc_new ();
+  bool ret = false;
   FILE *fp = fopen ("/proc/net/route", "r");
   if (fp)
     {
@@ -1392,7 +1397,10 @@ get_default_gateway (in_addr_t *ret)
       fclose (fp);
 
       if (best_gw)
-	*ret = best_gw;
+	{
+	  *gateway = best_gw;
+	  ret = true;
+	}
 
       dmsg (D_ROUTE_DEBUG, "GDG: best=%s[%d] lm=%u",
 	    print_in_addr_t ((in_addr_t) best_gw, 0, &gc),
@@ -1401,7 +1409,7 @@ get_default_gateway (in_addr_t *ret)
     }
 
   gc_free (&gc);
-  return false;
+  return ret;
 }
 
 #elif defined(TARGET_FREEBSD)
-- 
2.47.3