1. openvpn
  2. Commit 40e6c586124e6d7a764b859dad8515998c89c693
Browse code

Del ipv6 addr on close of linux tun interface

When a linux tun interface is closed (e.g. on disconnect)
an optional ipv6 addr that was previously set is deleted now.
Without this patch a later reconnect could fail with
'Linux ip -6 addr add failed: external program exited with error status: 2'
and openvpn would exit.

This is mainly relevant for persistant tun devices (staying around
after openvpn exits) but can also happen at reconnect.

If addresses are *supposed* to stay around on openvpn exit, run
openvpn with --ifconfig-noexec and configure IPv4/IPv6 addresses
manually before openvpn starts (or using an --up script).

Trac #141

Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1435248080-12670-1-git-send-email-Holger.Kummert@Sophos.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/9810

Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit e5f71d674e3b119d6a252d7cef1c17b5c2b36a9a)

Holger Kummert authored on 2015/06/26 01:01:20
Showing 1 changed files
src/openvpn/tun.c
History View file @ 40e6c58
... ... 
@@ -1714,6 +1714,32 @@ close_tun (struct tuntap *tt)
1714 1714 
 	    argv_msg (M_INFO, &argv);
1715 1715 
 	    openvpn_execve_check (&argv, NULL, 0, "Linux ip addr del failed");
1716 1716
1717 
+            if (tt->ipv6 && tt->did_ifconfig_ipv6_setup)
1718 
+              {
1719 
+                const char * ifconfig_ipv6_local = print_in6_addr (tt->local_ipv6, 0, &gc);
1720 
+
1721 
+#ifdef ENABLE_IPROUTE
1722 
+                argv_printf (&argv, "%s -6 addr del %s/%d dev %s",
1723 
+                                    iproute_path,
1724 
+                                    ifconfig_ipv6_local,
1725 
+                                    tt->netbits_ipv6,
1726 
+                                    tt->actual_name
1727 
+                                    );
1728 
+                argv_msg (M_INFO, &argv);
1729 
+                openvpn_execve_check (&argv, NULL, 0, "Linux ip -6 addr del failed");
1730 
+#else
1731 
+                argv_printf (&argv,
1732 
+                            "%s %s del %s/%d",
1733 
+                            IFCONFIG_PATH,
1734 
+                            tt->actual_name,
1735 
+                            ifconfig_ipv6_local,
1736 
+                            tt->netbits_ipv6
1737 
+                            );
1738 
+                argv_msg (M_INFO, &argv);
1739 
+                openvpn_execve_check (&argv, NULL, 0, "Linux ifconfig inet6 del failed");
1740 
+#endif
1741 
+              }
1742 
+
1717 1743 
 	    argv_reset (&argv);
1718 1744 
 	    gc_free (&gc);
1719 1745 
 	  }