aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog3
-rw-r--r--openvpn.816
-rw-r--r--route.c14
3 files changed, 29 insertions, 4 deletions
diff --git a/ChangeLog b/ChangeLog
index 4dda446..f763919 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,6 +5,9 @@ $Id$
2005.11.xx -- Version 2.1-beta7
+* Fixed bug in Linux get_default_gateway function
+ introduced in 2.0.4, which would cause redirect-gateway
+ on Linux clients to fail.
* Moved easy-rsa 2.0 scripts to easy-rsa/2.0 to
be compatible with 2.0.x distribution.
diff --git a/openvpn.8 b/openvpn.8
index 29df0da..78c6007 100644
--- a/openvpn.8
+++ b/openvpn.8
@@ -2949,7 +2949,21 @@ of OpenVPN's client mode. This directive is equivalent to:
This option must be used on a client which is connecting
to a multi-client server. It indicates to OpenVPN that it
should accept options pushed by the server, provided they
-are part of the legal set of pushable options.
+are part of the legal set of pushable options (note that the
+.B --pull
+option is implied by
+.B --client
+).
+
+In particular,
+.B --pull
+allows the server to push routes to the client, so you should
+not use
+.B --pull
+or
+.B --client
+in situations where you don't trust the server to have control
+over the client's routing table.
.\"*********************************************************
.TP
.B --auth-user-pass [up]
diff --git a/route.c b/route.c
index cb21489..1db0b36 100644
--- a/route.c
+++ b/route.c
@@ -347,6 +347,10 @@ init_route_list (struct route_list *rl,
setenv_route_addr (es, "net_gateway", rl->spec.net_gateway, -1);
dmsg (D_ROUTE_DEBUG, "ROUTE DEBUG: default_gateway=%s", print_in_addr_t (rl->spec.net_gateway, 0, &gc));
}
+ else
+ {
+ dmsg (D_ROUTE_DEBUG, "ROUTE DEBUG: default_gateway=UNDEF");
+ }
if (rl->flags & RG_ENABLE)
{
@@ -1342,9 +1346,10 @@ show_routes (int msglev)
#elif defined(TARGET_LINUX)
static bool
-get_default_gateway (in_addr_t *ret)
+get_default_gateway (in_addr_t *gateway)
{
struct gc_arena gc = gc_new ();
+ bool ret = false;
FILE *fp = fopen ("/proc/net/route", "r");
if (fp)
{
@@ -1392,7 +1397,10 @@ get_default_gateway (in_addr_t *ret)
fclose (fp);
if (best_gw)
- *ret = best_gw;
+ {
+ *gateway = best_gw;
+ ret = true;
+ }
dmsg (D_ROUTE_DEBUG, "GDG: best=%s[%d] lm=%u",
print_in_addr_t ((in_addr_t) best_gw, 0, &gc),
@@ -1401,7 +1409,7 @@ get_default_gateway (in_addr_t *ret)
}
gc_free (&gc);
- return false;
+ return ret;
}
#elif defined(TARGET_FREEBSD)