From 2b3434ce431e0f228508a46bf68f097699b40d5c Mon Sep 17 00:00:00 2001 From: cnbatch Date: Wed, 8 May 2024 02:21:28 +0800 Subject: [PATCH 1/7] support freebsd's fib feature --- src/openvpn/tun.c | 89 +++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 86 insertions(+), 3 deletions(-) diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index d01515db41d..4c564603504 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -55,6 +55,11 @@ #include +#ifdef TARGET_FREEBSD +#include +#include +#endif + #ifdef _WIN32 const static GUID GUID_DEVCLASS_NET = { 0x4d36e972L, 0xe325, 0x11ce, { 0xbf, 0xc1, 0x08, 0x00, 0x2b, 0xe1, 0x03, 0x18 } }; @@ -1169,8 +1174,7 @@ do_ifconfig_ipv6(struct tuntap *tt, const char *ifname, int tun_mtu, openvpn_execve_check(&argv, es, 0, "Solaris ifconfig IPv6 mtu failed"); } #elif defined(TARGET_OPENBSD) || defined(TARGET_NETBSD) \ - || defined(TARGET_DARWIN) || defined(TARGET_FREEBSD) \ - || defined(TARGET_DRAGONFLY) + || defined(TARGET_DARWIN) || defined(TARGET_DRAGONFLY) argv_printf(&argv, "%s %s inet6 %s/%d mtu %d up", IFCONFIG_PATH, ifname, ifconfig_ipv6_local, tt->netbits_ipv6, tun_mtu); argv_msg(M_INFO, &argv); @@ -1178,6 +1182,36 @@ do_ifconfig_ipv6(struct tuntap *tt, const char *ifname, int tun_mtu, openvpn_execve_check(&argv, es, S_FATAL, "generic BSD ifconfig inet6 failed"); +#elif defined(TARGET_FREEBSD) + /* read current fib number, codes are from: */ + /* https://github.com/freebsd/freebsd-src/blob/f9716eee8ab45ad906d9b5c5233ca20c10226ca7/sbin/route/route.c#L269 */ + int numfibs = 0, defaultfib = 0; + size_t len = sizeof(numfibs); + if (sysctlbyname("net.fibs", (void *)&numfibs, &len, NULL, 0) == -1) + numfibs = -1; + + len = sizeof(defaultfib); + if (numfibs != -1 && + sysctlbyname("net.my_fibnum", (void *)&defaultfib, &len, NULL, + 0) == -1) + defaultfib = -1; + + if (defaultfib <= 0) + { + argv_printf(&argv, "%s %s inet6 %s/%d mtu %d up", IFCONFIG_PATH, ifname, + ifconfig_ipv6_local, tt->netbits_ipv6, tun_mtu); + } + else + { + argv_printf(&argv, "%s %s inet6 %s/%d mtu %d up fib %d", IFCONFIG_PATH, ifname, + ifconfig_ipv6_local, tt->netbits_ipv6, tun_mtu, defaultfib); + } + + argv_msg(M_INFO, &argv); + + openvpn_execve_check(&argv, es, S_FATAL, + "FreeBSD ifconfig inet6 failed"); + #if defined(TARGET_FREEBSD) && __FreeBSD_version >= 1200000 \ && __FreeBSD_version < 1300000 /* On FreeBSD 12.0-12.4, there is ipv6_activate_all_interfaces="YES" @@ -1557,7 +1591,7 @@ do_ifconfig_ipv4(struct tuntap *tt, const char *ifname, int tun_mtu, add_route(&r, tt, 0, NULL, es, NULL); } -#elif defined(TARGET_FREEBSD) || defined(TARGET_DRAGONFLY) +#elif defined(TARGET_DRAGONFLY) /* example: ifconfig tun2 10.2.0.2 10.2.0.1 mtu 1450 netmask 255.255.255.255 up */ if (tun) /* point-to-point tun */ @@ -1573,6 +1607,55 @@ do_ifconfig_ipv4(struct tuntap *tt, const char *ifname, int tun_mtu, ifname, ifconfig_local, netbits, tun_mtu ); } + argv_msg(M_INFO, &argv); + openvpn_execve_check(&argv, es, S_FATAL, "DragonflyBSD ifconfig failed"); + +#elif defined(TARGET_FREEBSD) + + /* read current fib number, codes are from: */ + /* https://github.com/freebsd/freebsd-src/blob/f9716eee8ab45ad906d9b5c5233ca20c10226ca7/sbin/route/route.c#L269 */ + int numfibs = 0, defaultfib = 0; + size_t len = sizeof(numfibs); + if (sysctlbyname("net.fibs", (void *)&numfibs, &len, NULL, 0) == -1) + numfibs = -1; + + len = sizeof(defaultfib); + if (numfibs != -1 && + sysctlbyname("net.my_fibnum", (void *)&defaultfib, &len, NULL, + 0) == -1) + defaultfib = -1; + + /* example: ifconfig tun2 10.2.0.2 10.2.0.1 mtu 1450 netmask 255.255.255.255 up */ + if (tun) /* point-to-point tun */ + { + if (defaultfib <= 0) + { + argv_printf(&argv, "%s %s %s %s mtu %d netmask 255.255.255.255 up", + IFCONFIG_PATH, ifname, ifconfig_local, + ifconfig_remote_netmask, tun_mtu); + } + else + { + argv_printf(&argv, "%s %s %s %s mtu %d netmask 255.255.255.255 up fib %d", + IFCONFIG_PATH, ifname, ifconfig_local, + ifconfig_remote_netmask, tun_mtu, defaultfib); + } + } + else /* tun with topology subnet and tap mode (always subnet) */ + { + int netbits = netmask_to_netbits2(tt->remote_netmask); + if (defaultfib <= 0) + { + argv_printf(&argv, "%s %s %s/%d mtu %d up", IFCONFIG_PATH, + ifname, ifconfig_local, netbits, tun_mtu ); + } + else + { + argv_printf(&argv, "%s %s %s/%d mtu %d up fib %d", IFCONFIG_PATH, + ifname, ifconfig_local, netbits, tun_mtu, defaultfib); + } + } + argv_msg(M_INFO, &argv); openvpn_execve_check(&argv, es, S_FATAL, "FreeBSD ifconfig failed"); From c97fb4849922d8c50f6f58856b622a124d5cede9 Mon Sep 17 00:00:00 2001 From: cnbatch Date: Wed, 8 May 2024 21:40:37 +0800 Subject: [PATCH 2/7] Update src/openvpn/tun.c Co-authored-by: Frank Lichtenheld --- src/openvpn/tun.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index 4c564603504..7d1810f8f4f 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -1182,6 +1182,12 @@ do_ifconfig_ipv6(struct tuntap *tt, const char *ifname, int tun_mtu, openvpn_execve_check(&argv, es, S_FATAL, "generic BSD ifconfig inet6 failed"); +#if defined(TARGET_OPENBSD) || defined(TARGET_NETBSD) \ + || defined(TARGET_DARWIN) + /* and, hooray, we explicitly need to add a route... */ + add_route_connected_v6_net(tt, es); +#endif + #elif defined(TARGET_FREEBSD) /* read current fib number, codes are from: */ /* https://github.com/freebsd/freebsd-src/blob/f9716eee8ab45ad906d9b5c5233ca20c10226ca7/sbin/route/route.c#L269 */ From 48c97789d23549da24294b433630d73a595c8255 Mon Sep 17 00:00:00 2001 From: cnbatch Date: Wed, 8 May 2024 21:43:09 +0800 Subject: [PATCH 3/7] indentation fix --- src/openvpn/tun.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index 7d1810f8f4f..8e7c049111e 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -1192,7 +1192,7 @@ do_ifconfig_ipv6(struct tuntap *tt, const char *ifname, int tun_mtu, /* read current fib number, codes are from: */ /* https://github.com/freebsd/freebsd-src/blob/f9716eee8ab45ad906d9b5c5233ca20c10226ca7/sbin/route/route.c#L269 */ int numfibs = 0, defaultfib = 0; - size_t len = sizeof(numfibs); + size_t len = sizeof(numfibs); if (sysctlbyname("net.fibs", (void *)&numfibs, &len, NULL, 0) == -1) numfibs = -1; @@ -1621,7 +1621,7 @@ do_ifconfig_ipv4(struct tuntap *tt, const char *ifname, int tun_mtu, /* read current fib number, codes are from: */ /* https://github.com/freebsd/freebsd-src/blob/f9716eee8ab45ad906d9b5c5233ca20c10226ca7/sbin/route/route.c#L269 */ int numfibs = 0, defaultfib = 0; - size_t len = sizeof(numfibs); + size_t len = sizeof(numfibs); if (sysctlbyname("net.fibs", (void *)&numfibs, &len, NULL, 0) == -1) numfibs = -1; From 12a26ac564ad84e4c2e75a127d665e1908a45bd2 Mon Sep 17 00:00:00 2001 From: cnbatch Date: Wed, 8 May 2024 21:45:08 +0800 Subject: [PATCH 4/7] indentation fix --- src/openvpn/tun.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index 8e7c049111e..24b78f85b72 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -1182,8 +1182,7 @@ do_ifconfig_ipv6(struct tuntap *tt, const char *ifname, int tun_mtu, openvpn_execve_check(&argv, es, S_FATAL, "generic BSD ifconfig inet6 failed"); -#if defined(TARGET_OPENBSD) || defined(TARGET_NETBSD) \ - || defined(TARGET_DARWIN) +#if defined(TARGET_OPENBSD) || defined(TARGET_NETBSD) || defined(TARGET_DARWIN) /* and, hooray, we explicitly need to add a route... */ add_route_connected_v6_net(tt, es); #endif From 4b0bf5dff98b684b77418ad605f2eecca0f11e44 Mon Sep 17 00:00:00 2001 From: cnbatch Date: Wed, 8 May 2024 21:54:07 +0800 Subject: [PATCH 5/7] fixing #ifdef --- src/openvpn/tun.c | 5 ----- 1 file changed, 5 deletions(-) diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index 24b78f85b72..de3c61bd6f0 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -1182,11 +1182,6 @@ do_ifconfig_ipv6(struct tuntap *tt, const char *ifname, int tun_mtu, openvpn_execve_check(&argv, es, S_FATAL, "generic BSD ifconfig inet6 failed"); -#if defined(TARGET_OPENBSD) || defined(TARGET_NETBSD) || defined(TARGET_DARWIN) - /* and, hooray, we explicitly need to add a route... */ - add_route_connected_v6_net(tt, es); -#endif - #elif defined(TARGET_FREEBSD) /* read current fib number, codes are from: */ /* https://github.com/freebsd/freebsd-src/blob/f9716eee8ab45ad906d9b5c5233ca20c10226ca7/sbin/route/route.c#L269 */ From 65dd61765ebd5e4c8c61cf18c17da4114f117fbd Mon Sep 17 00:00:00 2001 From: cnbatch Date: Wed, 8 May 2024 21:56:06 +0800 Subject: [PATCH 6/7] sorry, it was a typo --- src/openvpn/tun.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index de3c61bd6f0..bd673ed457a 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -1182,6 +1182,12 @@ do_ifconfig_ipv6(struct tuntap *tt, const char *ifname, int tun_mtu, openvpn_execve_check(&argv, es, S_FATAL, "generic BSD ifconfig inet6 failed"); +#if defined(TARGET_OPENBSD) || defined(TARGET_NETBSD) \ + || defined(TARGET_DARWIN) + /* and, hooray, we explicitly need to add a route... */ + add_route_connected_v6_net(tt, es); +#endif + #elif defined(TARGET_FREEBSD) /* read current fib number, codes are from: */ /* https://github.com/freebsd/freebsd-src/blob/f9716eee8ab45ad906d9b5c5233ca20c10226ca7/sbin/route/route.c#L269 */ @@ -1236,11 +1242,6 @@ do_ifconfig_ipv6(struct tuntap *tt, const char *ifname, int tun_mtu, "FreeBSD BSD 'ifconfig inet6 -ifdisabled' failed"); #endif -#if defined(TARGET_OPENBSD) || defined(TARGET_NETBSD) \ - || defined(TARGET_DARWIN) - /* and, hooray, we explicitly need to add a route... */ - add_route_connected_v6_net(tt, es); -#endif #elif defined(TARGET_AIX) argv_printf(&argv, "%s %s inet6 %s/%d mtu %d up", IFCONFIG_PATH, ifname, ifconfig_ipv6_local, tt->netbits_ipv6, tun_mtu); From fc485b83e342ea3a12aa84a3158fbffae91c2e04 Mon Sep 17 00:00:00 2001 From: cnbatch Date: Wed, 8 May 2024 22:17:51 +0800 Subject: [PATCH 7/7] another patch for indentation fix --- src/openvpn/tun.c | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index bd673ed457a..c53b3711e74 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -1193,14 +1193,14 @@ do_ifconfig_ipv6(struct tuntap *tt, const char *ifname, int tun_mtu, /* https://github.com/freebsd/freebsd-src/blob/f9716eee8ab45ad906d9b5c5233ca20c10226ca7/sbin/route/route.c#L269 */ int numfibs = 0, defaultfib = 0; size_t len = sizeof(numfibs); - if (sysctlbyname("net.fibs", (void *)&numfibs, &len, NULL, 0) == -1) - numfibs = -1; + if (sysctlbyname("net.fibs", (void *)&numfibs, &len, NULL, 0) == -1) + numfibs = -1; - len = sizeof(defaultfib); - if (numfibs != -1 && - sysctlbyname("net.my_fibnum", (void *)&defaultfib, &len, NULL, - 0) == -1) - defaultfib = -1; + len = sizeof(defaultfib); + if (numfibs != -1 && + sysctlbyname("net.my_fibnum", (void *)&defaultfib, &len, NULL, + 0) == -1) + defaultfib = -1; if (defaultfib <= 0) { @@ -1617,14 +1617,14 @@ do_ifconfig_ipv4(struct tuntap *tt, const char *ifname, int tun_mtu, /* https://github.com/freebsd/freebsd-src/blob/f9716eee8ab45ad906d9b5c5233ca20c10226ca7/sbin/route/route.c#L269 */ int numfibs = 0, defaultfib = 0; size_t len = sizeof(numfibs); - if (sysctlbyname("net.fibs", (void *)&numfibs, &len, NULL, 0) == -1) - numfibs = -1; - - len = sizeof(defaultfib); - if (numfibs != -1 && - sysctlbyname("net.my_fibnum", (void *)&defaultfib, &len, NULL, - 0) == -1) - defaultfib = -1; + if (sysctlbyname("net.fibs", (void *)&numfibs, &len, NULL, 0) == -1) + numfibs = -1; + + len = sizeof(defaultfib); + if (numfibs != -1 && + sysctlbyname("net.my_fibnum", (void *)&defaultfib, &len, NULL, + 0) == -1) + defaultfib = -1; /* example: ifconfig tun2 10.2.0.2 10.2.0.1 mtu 1450 netmask 255.255.255.255 up */ if (tun) /* point-to-point tun */