Use network address for emulated DHCP server as a default

This is the rebase of original Selva Nair's patch
which hasn't been merged:

  https://sourceforge.net/p/openvpn/mailman/message/34674818/

and documentation change to reflect code changes, which
is basically a revert of another Selva's patch (which got merged):

https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13387.h
tml

For subnet topology use "offset 0" as default for
calculating DHCP server address, which makes it equal
to the network address.

There is no know reason why non-zero default offset
is needed. Besides, offset -1 breaks subnet /30 case,
which in some cases is pushed by OpenVPN Cloud product.

Signed-off-by: Lev Stipakov <lev@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20211109015927.311-1-lstipakov@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23156.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/doc/man-sections/windows-options.rst b/doc/man-sections/windows-options.rst
index eacb9af80dadeb140230fc7e2737c95c8a99738f..c389fbc4ba6d3539c81971570b3f05f35f7a1d96 100644 (file)
--- a/doc/man-sections/windows-options.rst
+++ b/doc/man-sections/windows-options.rst
@@ -93,7 +93,7 @@ Windows-Specific Options
         server to masquerade as if it were coming from the remote endpoint.
 
         The optional offset parameter is an integer which is > :code:`-256`
-        and < :code:`256` and which defaults to -1. If offset is positive,
+        and < :code:`256` and which defaults to 0. If offset is positive,
         the DHCP server will masquerade as the IP address at network
         address + offset. If offset is negative, the DHCP server will
         masquerade as the IP address at broadcast address + offset.

diff --git a/src/openvpn/helper.c b/src/openvpn/helper.c
index 032a71e8c49f0982be20ff07084dfb921348d950..4ac1cf8eb4a832327a6b1d0b96d4681b80ddb9f3 100644 (file)
--- a/src/openvpn/helper.c
+++ b/src/openvpn/helper.c
@@ -237,7 +237,7 @@ helper_client_server(struct options *o)
      * if tap OR (tun AND topology == subnet):
      *   ifconfig 10.8.0.1 255.255.255.0
      *   if !nopool:
-     *     ifconfig-pool 10.8.0.2 10.8.0.253 255.255.255.0
+     *     ifconfig-pool 10.8.0.2 10.8.0.254 255.255.255.0
      *   push "route-gateway 10.8.0.1"
      *   if route-gateway unset:
      *     route-gateway 10.8.0.2
@@ -340,7 +340,7 @@ helper_client_server(struct options *o)
                 {
                     o->ifconfig_pool_defined = true;
                     o->ifconfig_pool_start = o->server_network + 2;
-                    o->ifconfig_pool_end = (o->server_network | ~o->server_netmask) - 2;
+                    o->ifconfig_pool_end = (o->server_network | ~o->server_netmask) - 1;
                     ifconfig_pool_verify_range(M_USAGE, o->ifconfig_pool_start, o->ifconfig_pool_end);
                 }
                 o->ifconfig_pool_netmask = o->server_netmask;

diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c
index 28f803ec40b633d4a285ea2eb883fb42ed3b1d67..75d5eaf7b27d008ba2121cd779c1e9297c0c6494 100644 (file)
--- a/src/openvpn/tun.c
+++ b/src/openvpn/tun.c
@@ -6357,14 +6357,7 @@ tuntap_dhcp_mask(const struct tuntap *tt, const char *device_guid)
     {
         if (tt->topology == TOP_SUBNET)
         {
-            if (tt->options.dhcp_masq_custom_offset)
-            {
-                ep[2] = dhcp_masq_addr(tt->local, tt->remote_netmask, tt->options.dhcp_masq_offset);
-            }
-            else
-            {
-                ep[2] = dhcp_masq_addr(tt->local, tt->remote_netmask, -1);
-            }
+            ep[2] = dhcp_masq_addr(tt->local, tt->remote_netmask, tt->options.dhcp_masq_custom_offset ? tt->options.dhcp_masq_offset : 0);
         }
         else
         {