Browse code
Force 'def1' method when --redirect-gateway is done through service
The service deletes all added routes when the client process (openvpn)
exits, causing the re-instated default route to disappear.
Fix by rewriting "--redirect-gateway" to "--redirect-gateway def1" when
routes are set using interactive service.
Only the behaviour on Windows with intereactive service is affected.
Trac: #778
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1480466372-2396-1-git-send-email-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13307.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair authored on 2016/11/30 09:39:32Showing 2 changed files
| ... | ... |
@@ -79,6 +79,12 @@ New interactive Windows service |
| 79 | 79 |
files under %USERPROFILE%\\OpenVPN\\config for use with the |
| 80 | 80 |
interactive service. |
| 81 | 81 |
|
| 82 |
+redirect-gateway |
|
| 83 |
+ if no flags are given, and the interactive service is used, "def1" |
|
| 84 |
+ is implicitly set (because "delete and later reinstall the existing |
|
| 85 |
+ default route" does not work well here). If not using the service, |
|
| 86 |
+ the old behaviour is kept. |
|
| 87 |
+ |
|
| 82 | 88 |
redirect-gateway ipv6 |
| 83 | 89 |
OpenVPN has now feature parity between IPv4 and IPv6 for redirect |
| 84 | 90 |
gateway including the handling of overlapping IPv6 routes with |
| ... | ... |
@@ -2526,6 +2526,22 @@ options_postprocess_mutate_ce (struct options *o, struct connection_entry *ce) |
| 2526 | 2526 |
|
| 2527 | 2527 |
} |
| 2528 | 2528 |
|
| 2529 |
+#ifdef _WIN32 |
|
| 2530 |
+/* If iservice is in use, we need def1 method for redirect-gateway */ |
|
| 2531 |
+static void |
|
| 2532 |
+remap_redirect_gateway_flags (struct options *opt) |
|
| 2533 |
+{
|
|
| 2534 |
+ if (opt->routes |
|
| 2535 |
+ && opt->route_method == ROUTE_METHOD_SERVICE |
|
| 2536 |
+ && opt->routes->flags & RG_REROUTE_GW |
|
| 2537 |
+ && !(opt->routes->flags & RG_DEF1)) |
|
| 2538 |
+ {
|
|
| 2539 |
+ msg (M_INFO, "Flag 'def1' added to --redirect-gateway (iservice is in use)"); |
|
| 2540 |
+ opt->routes->flags |= RG_DEF1; |
|
| 2541 |
+ } |
|
| 2542 |
+} |
|
| 2543 |
+#endif |
|
| 2544 |
+ |
|
| 2529 | 2545 |
static void |
| 2530 | 2546 |
options_postprocess_mutate_invariant (struct options *options) |
| 2531 | 2547 |
{
|
| ... | ... |
@@ -2555,6 +2571,8 @@ options_postprocess_mutate_invariant (struct options *options) |
| 2555 | 2555 |
options->tuntap_options.ip_win32_type = IPW32_SET_MANUAL; |
| 2556 | 2556 |
options->ifconfig_noexec = false; |
| 2557 | 2557 |
} |
| 2558 |
+ |
|
| 2559 |
+ remap_redirect_gateway_flags (options); |
|
| 2558 | 2560 |
#endif |
| 2559 | 2561 |
|
| 2560 | 2562 |
#if P2MP_SERVER |
| ... | ... |
@@ -5707,6 +5725,10 @@ add_option (struct options *options, |
| 5707 | 5707 |
goto err; |
| 5708 | 5708 |
} |
| 5709 | 5709 |
} |
| 5710 |
+#ifdef _WIN32 |
|
| 5711 |
+ /* we need this here to handle pushed --redirect-gateway */ |
|
| 5712 |
+ remap_redirect_gateway_flags (options); |
|
| 5713 |
+#endif |
|
| 5710 | 5714 |
options->routes->flags |= RG_ENABLE; |
| 5711 | 5715 |
} |
| 5712 | 5716 |
else if (streq (p[0], "remote-random-hostname") && !p[1]) |