socket: restore per-connection lport override over global default

OpenVPN 2.7.x introduced a regression where --lport specified
inside a <connection> block did not override a globally defined
local port. As a result, the socket was bound to the global
default port instead of the per-connection value.

Adjust the socket local_port selection logic to honour
local_port_defined when set for the active connection profile.

This change restores the documented and previously working
behaviour from 2.6.x, where connection-level lport takes
precedence over global defaults.

Github: closes OpenVPN/openvpn#995

Change-Id: I7cf5d5ef7e2531f397ad97baf4663e3763072f6b
Signed-off-by: Gianmarco De Gregori <gianmarco@mandelbit.com>
Acked-by: Antonio Quartulli <antonio@mandelbit.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1555
Message-Id: <20260316134841.28362-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg36164.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 7ac5f89023b2c2870a210016a862ec042f709bb7)

diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c
index 1df1001ebf268d94c36b0b47c55151bfacecb69c..44121d7b2cc43a2bbc6166b723f8a96968e152f8 100644 (file)
--- a/src/openvpn/socket.c
+++ b/src/openvpn/socket.c
@@ -1357,6 +1357,13 @@ link_socket_init_phase1(struct context *c, int sock_index, int mode)
         proto = o->ce.proto;
     }
 
+    /* If --lport is specified in a client connection block,
+     * it takes precedence over the global setting. */
+    if (o->mode == MODE_POINT_TO_POINT && o->ce.local_port_defined)
+    {
+        port = o->ce.local_port;
+    }
+
     if (c->mode == CM_CHILD_TCP || c->mode == CM_CHILD_UDP)
     {
         struct link_socket *tmp_sock = NULL;