From: Holger Kummert <Holger.Kummert@Sophos.com>
Date: Thu, 25 Jun 2015 16:01:20 +0000 (+0200)
Subject: Del ipv6 addr on close of linux tun interface
X-Git-Tag: v2.3.8~10
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=40e6c586124e6d7a764b859dad8515998c89c693;p=thirdparty%2Fopenvpn.git

Del ipv6 addr on close of linux tun interface

When a linux tun interface is closed (e.g. on disconnect)
an optional ipv6 addr that was previously set is deleted now.
Without this patch a later reconnect could fail with
'Linux ip -6 addr add failed: external program exited with error status: 2'
and openvpn would exit.

This is mainly relevant for persistant tun devices (staying around
after openvpn exits) but can also happen at reconnect.

If addresses are *supposed* to stay around on openvpn exit, run
openvpn with --ifconfig-noexec and configure IPv4/IPv6 addresses
manually before openvpn starts (or using an --up script).

Trac #141

Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1435248080-12670-1-git-send-email-Holger.Kummert@Sophos.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/9810

Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit e5f71d674e3b119d6a252d7cef1c17b5c2b36a9a)
---

diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c
index 285e7746a..3e2021591 100644
--- a/src/openvpn/tun.c
+++ b/src/openvpn/tun.c
@@ -1714,6 +1714,32 @@ close_tun (struct tuntap *tt)
 	    argv_msg (M_INFO, &argv);
 	    openvpn_execve_check (&argv, NULL, 0, "Linux ip addr del failed");
 
+            if (tt->ipv6 && tt->did_ifconfig_ipv6_setup)
+              {
+                const char * ifconfig_ipv6_local = print_in6_addr (tt->local_ipv6, 0, &gc);
+
+#ifdef ENABLE_IPROUTE
+                argv_printf (&argv, "%s -6 addr del %s/%d dev %s",
+                                    iproute_path,
+                                    ifconfig_ipv6_local,
+                                    tt->netbits_ipv6,
+                                    tt->actual_name
+                                    );
+                argv_msg (M_INFO, &argv);
+                openvpn_execve_check (&argv, NULL, 0, "Linux ip -6 addr del failed");
+#else
+                argv_printf (&argv,
+                            "%s %s del %s/%d",
+                            IFCONFIG_PATH,
+                            tt->actual_name,
+                            ifconfig_ipv6_local,
+                            tt->netbits_ipv6
+                            );
+                argv_msg (M_INFO, &argv);
+                openvpn_execve_check (&argv, NULL, 0, "Linux ifconfig inet6 del failed");
+#endif
+              }
+
 	    argv_reset (&argv);
 	    gc_free (&gc);
 	  }