Opened 5 years ago

Closed 5 years ago

#216 closed Bug / Defect (fixed)

tap server broken

Reported by: cron2 Owned by: dazo
Priority: blocker Milestone: beta 2.3
Component: Generic / unclassified Version: OpenVPN git master branch (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:
Cc: cron2

Description

tap server is completely broken as far as "address learning on the server side" goes.

Instead of learning MAC + forwarding packet, all it does is print this error:

RSat Jun 30 19:35:37 2012 us=148584 cron2-gentoo-i386/193.149.48.170:34603 MULTI: bad source address from client [f2:5e:ad:e0:05:d6], packet dropped

(which is the correct MAC source address for this client). This has been observed "in the wild", and reproduced on a fresh gentoo install (cron2) and on freebsd 9.0 (ecrist/phillip).

The same configuration works perfectly well in 2.2 and in what phillip installed from "ports" (2.x-testing-3c19fcc2099d), but fails in "current as of today" (2.3_alpha2).

Change History (3)

comment:1 Changed 5 years ago by cron2

  • Cc dazo added

gert@gentoo $ git bisect bad
4029971240b6274b9b30e76ff74c7f689d7d9750 is the first bad commit
commit 4029971240b6274b9b30e76ff74c7f689d7d9750
Author: Alon Bar-Lev <alon.barlev@…>
Date: Fri Apr 27 15:09:15 2012 +0300

build: use stdbool.h if available

comment:2 Changed 5 years ago by cron2

  • Cc cron2 added; dazo removed
  • Owner set to dazo
  • Status changed from new to assigned

trivial and "obviously correct" fix sent to list...

diff --git a/src/openvpn/mroute.c b/src/openvpn/mroute.c
index aecb702..850e336 100644
--- a/src/openvpn/mroute.c
+++ b/src/openvpn/mroute.c
@@ -52,7 +52,7 @@ mroute_addr_init (struct mroute_addr *addr)

static inline bool
is_mac_mcast_addr (const uint8_t *mac)
{

  • return (bool) mac[0] & 1;

+ return (bool) (mac[0] & 1);

}

static inline bool

... ticket to dazo: yours to ack, commit, push, etc.

comment:3 Changed 5 years ago by dazo

  • Resolution set to fixed
  • Status changed from assigned to closed

Fix applied to master.

commit 8df08de6f84d224c6a79ab6c74ba73c33a47735d
Author: Gert Doering <gert@greenie.muc.de>
Date:   Sat Jun 30 22:50:43 2012 +0200

    Repair "tap server" mode brokenness caused by <stdbool.h> fallout
    
    Operator/Cast precedence wrong: casting mac[0] to (bool) first - giving
    "1" for "any mac address that does not start with 00:" - and only then
    bit-anding with "1" - thus always returning "true".  Which, in turn,
    leads to "reject all incoming packets with 'bad source address'".
    
    OpenVPN bug #216.
    
    Signed-off-by: Gert Doering <gert@greenie.muc.de>
    Acked-by: Fabian Knittel <fabian.knittel@lettink.de>
    Message-Id: 1341089443-2287-1-git-send-email-gert@greenie.muc.de
    URL: http://article.gmane.org/gmane.network.openvpn.devel/6817
    Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
Note: See TracTickets for help on using tickets.