mirror of
https://github.com/OpenVPN/openvpn.git
synced 2025-05-09 05:31:05 +08:00
09e46c3ca7
If we connect to a VPN server over IPv6, and the config has a route like this: route remote_host default net_gateway OpenVPN would try to install a route to "255.255.255.255", which is obviously bogus. The bug is twofold: init_route_list() should not set RTSA_REMOTE_HOST for an "IPV4_INVALID_ADDR" remote_host (wrong condition, this is not a pointer but an integer, and "invalid" is "-1" numerically here), and init_route() must not ignore "status = false" returns from get_special_addr(). I have just added the "if (!status)" check, not done refactoring for init_route() to see whether I could make it "more pretty". Trac: #1247 Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Arne Schwabe <arne@rfc2549.org> Message-Id: <20200911085907.26004-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg20958.html Signed-off-by: Gert Doering <gert@greenie.muc.de> (cherry picked from commit aa34684972eb01bfa5c355d1c8a8a9d384bf0175)
OpenVPN -- A Secure tunneling daemon Copyright (C) 2002-2018 OpenVPN Inc. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 2 as published by the Free Software Foundation. ************************************************************************* To get the latest release of OpenVPN, go to: https://openvpn.net/index.php/download/community-downloads.html To Build and Install, tar -zxf openvpn-<version>.tar.gz cd openvpn-<version> ./configure make make install or see the file INSTALL for more info. ************************************************************************* For detailed information on OpenVPN, including examples, see the man page http://openvpn.net/man.html For a sample VPN configuration, see http://openvpn.net/howto.html To report an issue, see https://community.openvpn.net/openvpn/report For a description of OpenVPN's underlying protocol, see the file ssl.h included in the source distribution. ************************************************************************* Other Files & Directories: * configure.ac -- script to rebuild our configure script and makefile. * sample/sample-scripts/verify-cn A sample perl script which can be used with OpenVPN's --tls-verify option to provide a customized authentication test on embedded X509 certificate fields. * sample/sample-keys/ Sample RSA keys and certificates. DON'T USE THESE FILES FOR ANYTHING OTHER THAN TESTING BECAUSE THEY ARE TOTALLY INSECURE. * sample/sample-config-files/ A collection of OpenVPN config files and scripts from the HOWTO at http://openvpn.net/howto.html ************************************************************************* Note that easy-rsa and tap-windows are now maintained in their own subprojects. Their source code is available here: https://github.com/OpenVPN/easy-rsa https://github.com/OpenVPN/tap-windows The old cross-compilation environment (domake-win) and the Python-based buildsystem have been replaced with openvpn-build: https://github.com/OpenVPN/openvpn-build See the INSTALL file for usage information.