From: Antonio Quartulli <a@unstable.cc>
Date: Sat, 30 May 2020 00:05:54 +0000 (+0200)
Subject: pool: prevent IPv6 pools to be larger than 2^16 addresses
X-Git-Tag: v2.5_beta1~135
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=81d66a1f14d4be3282dd648ecc2049658e3a65ed;p=thirdparty%2Fopenvpn.git

pool: prevent IPv6 pools to be larger than 2^16 addresses

Signed-off-by: Antonio Quartulli <a@unstable.cc>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20200530000600.1680-2-a@unstable.cc>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg19945.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
---

diff --git a/src/openvpn/pool.c b/src/openvpn/pool.c
index 5d503a330..6dd72bb9d 100644
--- a/src/openvpn/pool.c
+++ b/src/openvpn/pool.c
@@ -183,7 +183,7 @@ ifconfig_pool_init(enum pool_type type, in_addr_t start, in_addr_t end,
     if (pool->ipv6.enabled)
     {
         pool->ipv6.base = ipv6_base;
-        pool->ipv6.size = ipv6_netbits > 96 ? (1 << (128 - ipv6_netbits))
+        pool->ipv6.size = ipv6_netbits > 112 ? (1 << (128 - ipv6_netbits))
                           : IFCONFIG_POOL_MAX;
 
         msg( D_IFCONFIG_POOL, "IFCONFIG POOL IPv6: (IPv4) size=%d, size_ipv6=%d, netbits=%d, base_ipv6=%s",