AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2024-11-22 17:39:53 +03:00
Code Releases Activity

Added the "OpenVPNPushDummyIPv4AddressOnL2Mode" option for the OpenVPN L2 mode.

Browse Source 
To fix the bug of OpenVPN 2.4.6 and particular version of kernel mode TAP driver on Linux, the TAP device must be up after the OpenVPN client is connected. However there is no direct push instruction to do so to OpenVPN client. Therefore we push the dummy IPv4 address (RFC7600) to the OpenVPN client to enforce the TAP driver UP state.
This commit is contained in:
Daiyuu Nobori 2018-12-01 16:20:30 +09:00
parent 08465e3f39
commit 58e2f74f7f
4 changed files with 28 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Cedar/Cedar.c
View File

@ -1554,6 +1554,8 @@ CEDAR *NewCedar(X *server_x, K *server_k)
StrCpy(c->OpenVPNDefaultClientOption, sizeof(c->OpenVPNDefaultClientOption), OVPN_DEF_CLIENT_OPTION_STRING); StrCpy(c->OpenVPNDefaultClientOption, sizeof(c->OpenVPNDefaultClientOption), OVPN_DEF_CLIENT_OPTION_STRING);
c->OpenVPNPushDummyIPv4AddressOnL2Mode = true; // Default true. Override by the config file.
#ifdef BETA_NUMBER #ifdef BETA_NUMBER
c->Beta = BETA_NUMBER; c->Beta = BETA_NUMBER;
#endif // BETA_NUMBER #endif // BETA_NUMBER

1
src/Cedar/Cedar.h
View File

@ -1083,6 +1083,7 @@ typedef struct CEDAR
char OpenVPNDefaultClientOption[MAX_SIZE]; // OpenVPN: Default Client Option String char OpenVPNDefaultClientOption[MAX_SIZE]; // OpenVPN: Default Client Option String
bool OpenVPNObfuscation; // OpenVPN: Obfuscation mode bool OpenVPNObfuscation; // OpenVPN: Obfuscation mode
char OpenVPNObfuscationMask[MAX_SIZE]; // OpenVPN: String (mask) for XOR obfuscation char OpenVPNObfuscationMask[MAX_SIZE]; // OpenVPN: String (mask) for XOR obfuscation
bool OpenVPNPushDummyIPv4AddressOnL2Mode; // OpenVPN: Push a dummy IPv4 address on L2 mode
} CEDAR; } CEDAR;
// Type of CEDAR // Type of CEDAR

12
src/Cedar/Proto_OpenVPN.c
View File

@ -2351,6 +2351,18 @@ void OvsRecvPacket(OPENVPN_SERVER *s, LIST *recv_packet_list, UINT protocol)
OvsLog(s, se, c, "LP_SET_IPV4_PARAM", OvsLog(s, se, c, "LP_SET_IPV4_PARAM",
ip_client, ip_subnet_mask, ip_defgw, ip_dns1, ip_dns2, ip_wins1, ip_wins2); ip_client, ip_subnet_mask, ip_defgw, ip_dns1, ip_dns2, ip_wins1, ip_wins2);
} }
else
{
// OpenVPN L2 mode. To fix the bug of OpenVPN 2.4.6 and particular version of kernel mode TAP driver
// on Linux, the TAP device must be up after the OpenVPN client is connected.
// However there is no direct push instruction to do so to OpenVPN client.
// Therefore we push the dummy IPv4 address (RFC7600) to the OpenVPN client.
if (s->Cedar->OpenVPNPushDummyIPv4AddressOnL2Mode)
{
StrCat(option_str, sizeof(option_str), ",ifconfig 192.0.0.8 255.255.255.240");
}
}
WriteFifo(c->SslPipe->SslInOut->SendFifo, option_str, StrSize(option_str)); WriteFifo(c->SslPipe->SslInOut->SendFifo, option_str, StrSize(option_str));

13
src/Cedar/Server.c
View File

@ -5872,6 +5872,17 @@ void SiLoadServerCfg(SERVER *s, FOLDER *f)
} }
} }
// OpenVPN Push a dummy IPv4 address on L2 mode
if (CfgIsItem(f, "OpenVPNPushDummyIPv4AddressOnL2Mode") == false)
{
// Default enable
c->OpenVPNPushDummyIPv4AddressOnL2Mode = true;
}
else
{
c->OpenVPNPushDummyIPv4AddressOnL2Mode = CfgGetBool(f, "OpenVPNPushDummyIPv4AddressOnL2Mode");
}
// Disable the NAT-traversal feature // Disable the NAT-traversal feature
s->DisableNatTraversal = CfgGetBool(f, "DisableNatTraversal"); s->DisableNatTraversal = CfgGetBool(f, "DisableNatTraversal");
@ -6289,6 +6300,8 @@ void SiWriteServerCfg(FOLDER *f, SERVER *s)
CfgAddStr(f, "OpenVPNDefaultClientOption", c->OpenVPNDefaultClientOption); CfgAddStr(f, "OpenVPNDefaultClientOption", c->OpenVPNDefaultClientOption);
CfgAddBool(f, "OpenVPNPushDummyIPv4AddressOnL2Mode", c->OpenVPNPushDummyIPv4AddressOnL2Mode);
if (c->Bridge == false) if (c->Bridge == false)
{ {
OPENVPN_SSTP_CONFIG config; OPENVPN_SSTP_CONFIG config;