From a98ac9043ea9445537936a88808d3d1939102e39 Mon Sep 17 00:00:00 2001
From: Heiko Hund <heiko.hund@sophos.com>
Date: Fri, 24 Jun 2016 18:01:41 +0200
Subject: [PATCH] Windows: do_ifconfig() after open_tun()
When you had multiple TAP adapters and IPv6 configured you got an error
message about "you must also specify --dev-node" and openvpn exited.
Very inconvenient especially since this is only due to the fact that
Windows tries to set the adapter address before it is opened; for no
good reason.
This patch changes the order to IFCONFIG_AFTER_TUN_OPEN, moves some
initialization code to init_tun, where it belongs, and removes duplicate
code that is now no longer needed.
v2: do not use "%lu" in argv_printf(), crashes non-iservice usage
Signed-off-by: Heiko Hund <heiko.hund@sophos.com>
Signed-off-by: Gert Doering <gert@greenie.muc.de>
---
src/openvpn/tun.c | 54 ++++++++++++++++++------------------------------------
src/openvpn/tun.h | 2 +-
2 files changed, 19 insertions(+), 37 deletions(-)
diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c
index b7a29f7..1250547 100644
a
|
b
|
init_tun (const char *dev, /* --dev option */ |
611 | 611 | tt->broadcast = generate_ifconfig_broadcast_addr (tt->local, tt->remote_netmask); |
612 | 612 | } |
613 | 613 | |
| 614 | #ifdef WIN32 |
| 615 | /* |
| 616 | * Make sure that both ifconfig addresses are part of the |
| 617 | * same .252 subnet. |
| 618 | */ |
| 619 | if (tun) |
| 620 | { |
| 621 | verify_255_255_255_252 (tt->local, tt->remote_netmask); |
| 622 | tt->adapter_netmask = ~3; |
| 623 | } |
| 624 | else |
| 625 | { |
| 626 | tt->adapter_netmask = tt->remote_netmask; |
| 627 | } |
| 628 | #endif |
614 | 629 | |
615 | 630 | tt->did_ifconfig_setup = true; |
616 | 631 | } |
… |
… |
do_ifconfig (struct tuntap *tt, |
1327 | 1342 | } |
1328 | 1343 | #elif defined (WIN32) |
1329 | 1344 | { |
1330 | | /* |
1331 | | * Make sure that both ifconfig addresses are part of the |
1332 | | * same .252 subnet. |
1333 | | */ |
1334 | | if (tun) |
1335 | | { |
1336 | | verify_255_255_255_252 (tt->local, tt->remote_netmask); |
1337 | | tt->adapter_netmask = ~3; |
1338 | | } |
1339 | | else |
1340 | | { |
1341 | | tt->adapter_netmask = tt->remote_netmask; |
1342 | | } |
| 1345 | ASSERT (actual != NULL); |
1343 | 1346 | |
1344 | 1347 | switch (tt->options.ip_win32_type) |
1345 | 1348 | { |
… |
… |
do_ifconfig (struct tuntap *tt, |
1350 | 1353 | print_in_addr_t (tt->adapter_netmask, 0, &gc)); |
1351 | 1354 | break; |
1352 | 1355 | case IPW32_SET_NETSH: |
1353 | | if (!strcmp (actual, "NULL")) |
1354 | | msg (M_FATAL, "Error: When using --ip-win32 netsh, if you have more than one TAP-Windows adapter, you must also specify --dev-node"); |
1355 | | |
1356 | 1356 | netsh_ifconfig (&tt->options, |
1357 | 1357 | actual, |
1358 | 1358 | tt->local, |
… |
… |
do_ifconfig (struct tuntap *tt, |
1366 | 1366 | |
1367 | 1367 | if ( do_ipv6 ) |
1368 | 1368 | { |
1369 | | char * saved_actual; |
1370 | | char iface[64]; |
1371 | | DWORD idx; |
1372 | | |
1373 | | if (!strcmp (actual, "NULL")) |
1374 | | msg (M_FATAL, "Error: When using --tun-ipv6, if you have more than one TAP-Windows adapter, you must also specify --dev-node"); |
1375 | | |
1376 | | idx = get_adapter_index_flexible(actual); |
1377 | | openvpn_snprintf(iface, sizeof(iface), "interface=%lu", idx); |
1378 | | |
1379 | | /* on windows, OpenVPN does ifconfig first, open_tun later, so |
1380 | | * tt->actual_name might not yet be initialized, but routing code |
1381 | | * needs to know interface name - point to "actual", restore later |
1382 | | */ |
1383 | | saved_actual = tt->actual_name; |
1384 | | tt->actual_name = (char*) actual; |
1385 | | /* we use adapter_index in add_route_ipv6 */ |
1386 | | tt->adapter_index = idx; |
1387 | | |
1388 | 1369 | if (tt->options.msg_channel) |
1389 | 1370 | { |
1390 | 1371 | do_address_service (true, AF_INET6, tt); |
… |
… |
do_ifconfig (struct tuntap *tt, |
1392 | 1373 | else |
1393 | 1374 | { |
1394 | 1375 | /* example: netsh interface ipv6 set address interface=42 2001:608:8003::d store=active */ |
| 1376 | char iface[64]; |
| 1377 | openvpn_snprintf(iface, sizeof(iface), "interface=%lu", tt->adapter_index ); |
1395 | 1378 | argv_printf (&argv, |
1396 | 1379 | "%s%sc interface ipv6 set address %s %s store=active", |
1397 | 1380 | get_win_sys_path(), |
… |
… |
do_ifconfig (struct tuntap *tt, |
1403 | 1386 | |
1404 | 1387 | /* explicit route needed */ |
1405 | 1388 | add_route_connected_v6_net(tt, es); |
1406 | | tt->actual_name = saved_actual; |
1407 | 1389 | } |
1408 | 1390 | #else |
1409 | 1391 | msg (M_FATAL, "Sorry, but I don't know how to do 'ifconfig' commands on this operating system. You should ifconfig your TUN/TAP device manually or use an --up script."); |
diff --git a/src/openvpn/tun.h b/src/openvpn/tun.h
index 4e93a3f..1ccf378 100644
a
|
b
|
ifconfig_order(void) |
301 | 301 | #elif defined(TARGET_NETBSD) |
302 | 302 | return IFCONFIG_AFTER_TUN_OPEN; |
303 | 303 | #elif defined(WIN32) |
304 | | return IFCONFIG_BEFORE_TUN_OPEN; |
| 304 | return IFCONFIG_AFTER_TUN_OPEN; |
305 | 305 | #elif defined(TARGET_ANDROID) |
306 | 306 | return IFCONFIG_BEFORE_TUN_OPEN; |
307 | 307 | #else |