Opened 7 years ago

Last modified 15 months ago

#755 new Bug / Defect

--ifconfig-push should warn on topology

Reported by: Gert Döring Owned by: Gert Döring
Priority: major Milestone: release 2.7
Component: Generic / unclassified Version: OpenVPN git master branch (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords: topology subnet, ifconfig-push
Cc: David Sommerseth

Description

if people have ccd/ configs containing

--ifconfig-push 10.0.0.8 10.0.0.1

and move to --topology subnet , this will explode as the client needs to see --ifconfig-push 10.0.0.8 255.255.255.0 (or the like) instead.

We currently just pass on the option, and not issue a warning - and then the client dies on ifconfig. We should at least warn...

Change History (5)

comment:1 Changed 7 years ago by Gert Döring

Cc: David Sommerseth added

The wonders of tun.c

We do have "ifconfig_sanity_check()" which (tries to) do exactly this, but for the opposite case - NET30 and P2P, and I'm not sure it does the byte ordering correctly...

/*
 * If !tun, make sure ifconfig_remote_netmask looks
 *  like a netmask.
 *
 * If tun, make sure ifconfig_remote_netmask looks
 *  like an IPv4 address.
 */
static void
ifconfig_sanity_check (bool tun, in_addr_t addr, int topology)
{
...

comment:2 Changed 7 years ago by David Sommerseth

Patches are on the mailing list ... https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13462.html

[updated to point at the proper patches]

Last edited 7 years ago by David Sommerseth (previous) (diff)

comment:3 Changed 4 years ago by Gert Döring

Milestone: alpha 2.4release 2.5

comment:4 Changed 4 years ago by Gert Döring

Milestone: release 2.5release 2.6

That did not go as planned :-( - we have patches, but neglected them to the point of no longer applying.

I am bumping the ticket to release/2.6, as we want to revisit the patches, but it's not something we want strongly enough in 2.5 to delay the release.

comment:5 Changed 15 months ago by Gert Döring

Milestone: release 2.6release 2.7

I am bumping the ticket to release/2.7, as we want to revisit the patches, but it's not something we want(ed) strongly enough in 2.6 to delay the release.

Note: See TracTickets for help on using tickets.