Hi, On Wed, Nov 17, 2021 at 06:54:24PM +0100, Max Fillinger wrote: > When running with --ifconfig-noexec on Linux, OpenVPN may still delete > the ip address from the tun interface on exit, because it tries to undo > the ifconfig that did not actually happen. > > This commit reintroduces the did_ifconfig member to struct tuntap so > that we can check if ifconfig was actually done before trying to undo > it. It's behind an #ifdef because it's only used on Linux, and that was > the reason why it was removed before. > > Signed-off-by: Max Fillinger <maximilian.fillin...@foxcrypto.com>
I'm sure that this will work, but I wonder why we need to do this in such a complicated way - the code here is close_tun(struct tuntap *tt, openvpn_net_ctx_t *ctx) ... if (tt->did_ifconfig_setup) { undo_ifconfig_ipv4(tt, ctx); } if (tt->did_ifconfig_ipv6_setup) { undo_ifconfig_ipv6(tt, ctx); } ... so why is "did_ifconfig_setup" true, if ifconfig wasn't done? Or, phrased differently, what is did_ifconfig_setup used for, across the code, and can we just "not set it to true" if ifconfig-noexec is in effect? Or does it have nasty side effects? gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel