Opened 12 years ago
Closed 12 years ago
#216 closed Bug / Defect (fixed)
tap server broken
| Reported by: | Gert Döring | Owned by: | David Sommerseth |
|---|---|---|---|
| Priority: | blocker | Milestone: | beta 2.3 |
| Component: | Generic / unclassified | Version: | OpenVPN git master branch (Community Ed) |
| Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | |
| Cc: | Gert Döring |
Description
tap server is completely broken as far as "address learning on the server side" goes.
Instead of learning MAC + forwarding packet, all it does is print this error:
RSat Jun 30 19:35:37 2012 us=148584 cron2-gentoo-i386/193.149.48.170:34603 MULTI: bad source address from client [f2:5e:ad:e0:05:d6], packet dropped
(which is the correct MAC source address for this client). This has been observed "in the wild", and reproduced on a fresh gentoo install (cron2) and on freebsd 9.0 (ecrist/phillip).
The same configuration works perfectly well in 2.2 and in what phillip installed from "ports" (2.x-testing-3c19fcc2099d), but fails in "current as of today" (2.3_alpha2).
Change History (3)
comment:1 Changed 12 years ago by
| Cc: | David Sommerseth added |
|---|
comment:2 Changed 12 years ago by
| Cc: | Gert Döring added; David Sommerseth removed |
|---|---|
| Owner: | set to David Sommerseth |
| Status: | new → assigned |
trivial and "obviously correct" fix sent to list...
diff --git a/src/openvpn/mroute.c b/src/openvpn/mroute.c
index aecb702..850e336 100644
--- a/src/openvpn/mroute.c
+++ b/src/openvpn/mroute.c
@@ -52,7 +52,7 @@ mroute_addr_init (struct mroute_addr *addr)
static inline bool
is_mac_mcast_addr (const uint8_t *mac)
{
- return (bool) mac[0] & 1;
+ return (bool) (mac[0] & 1);
}
static inline bool
... ticket to dazo: yours to ack, commit, push, etc.
comment:3 Changed 12 years ago by
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Fix applied to master.
commit 8df08de6f84d224c6a79ab6c74ba73c33a47735d
Author: Gert Doering <gert@greenie.muc.de>
Date: Sat Jun 30 22:50:43 2012 +0200
Repair "tap server" mode brokenness caused by <stdbool.h> fallout
Operator/Cast precedence wrong: casting mac[0] to (bool) first - giving
"1" for "any mac address that does not start with 00:" - and only then
bit-anding with "1" - thus always returning "true". Which, in turn,
leads to "reject all incoming packets with 'bad source address'".
OpenVPN bug #216.
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Fabian Knittel <fabian.knittel@lettink.de>
Message-Id: 1341089443-2287-1-git-send-email-gert@greenie.muc.de
URL: http://article.gmane.org/gmane.network.openvpn.devel/6817
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
gert@gentoo $ git bisect bad
4029971240b6274b9b30e76ff74c7f689d7d9750 is the first bad commit
commit 4029971240b6274b9b30e76ff74c7f689d7d9750
Author: Alon Bar-Lev <alon.barlev@…>
Date: Fri Apr 27 15:09:15 2012 +0300