Hi,
On 20/08/2022 16:01, Gert Doering wrote:
The existing DCO code had extra logic for "if this is not
MR_WITH_NETBITS, set 32/128 as address length", but only for
iroute addition. For iroute deletion, this was missing, and
subsequently iroute deletion for IPv4 host routes failed on
FreeBSD DCO (commit 3433577a99).
Iroute handling differenciates between "primary" iroutes (coming
from anm IP pool or ccd/ifconfig-push), and "non-primary" iroutes,
coming from --iroute and --iroute-ipv6 statements in per-client config.
"Primary" iroutes always use "-1" for their netbits, but since these
are not installed via DCO, this is of no concern here. Whether these
can and should be changed needs further study on internal route
learning and cleanup.
Refactor options.c and multi.c to ensure that netbits is always set
for non-primary iroutes - and ASSERT() on this in the DCO path, so we can
find out if there might be other code violating this.
Change options.c::option_iroute() to always set netbits=32 for IPv4
host routes (options_iroute_ipv6() never differenciated). Since
netmask_to_netbits() also insists on "-1" for host routes, change
to netmask_to_netbits2().
Remove all the extra MR_WITH_NETBITS logic from dco.c, where it should
have never appeared.
Signed-off-by: Gert Doering <g...@greenie.muc.de>
Thanks for this. It indeed makes sense and helps cleaning up a bit this
netbits madness.
I agree with Kristof that you need to have spaces around boolean
operator. (How come that uncrustify did not complain? we may need to add
another toggle..)
sitnl does the right thing:
2022-08-24 00:50:50 net_route_v4_add: 8.8.8.8/32 via 10.10.0.3 dev tun0
table 0 metric 100
So, other than the space issue:
Acked-by: Antonio Quartulli <a...@unstable.cc>
--
Antonio Quartulli
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
