git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Antonio Quartulli <a@unstable.cc>
	Wed, 6 Dec 2017 15:43:56 +0000 (23:43 +0800)
committer	David Sommerseth <davids@openvpn.net>
	Wed, 6 Dec 2017 21:25:23 +0000 (22:25 +0100)
commit	a19c56db9bd42b7b8c4a8f353f7db92781397cec
tree	489a495a693548de31ac6954a25c3092b86684a1	tree
parent	86b58ceb29cf1cc3acf32e2ff370d9a4af68c051	commit \| diff

Allow learning iroutes with network made up of all 0s (only if netbits < 8)

It is plausible for a user to be willing to add a route for a network
made up of all 0s via a VPN client (i.e. 0.0.0.0/1), therefore such
iroute should be supported.

As of now the option parsing code will accept such iroute, but
the learning routine will (silently) reject it after a sanity check.

Such check prevents routes with network made up of all 0s to be
learnt at all..

Change the sanity check so that it will reject iroutes to network
made up of 0s only when netbits is greater than 7.

The reason for choosing 7 is because anything within 0.0.0.0/8 is not
really routable among networks.

While at it, make the sanity check louder so that it can print the
reason why a route is being rejected.

Trac: #726
Signed-off-by: Antonio Quartulli <a@unstable.cc>
Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <20171206154356.30764-1-a@unstable.cc>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg16044.html
Signed-off-by: David Sommerseth <davids@openvpn.net>

src/openvpn/mroute.c		diff \| blob \| blame \| history
src/openvpn/mroute.h		diff \| blob \| blame \| history
src/openvpn/multi.c		diff \| blob \| blame \| history