From e1a51ebb851be156104d3971b85f2572fc7eeb73 Mon Sep 17 00:00:00 2001 From: Stefan Schantl Date: Sun, 12 Jan 2014 15:34:27 +0100 Subject: [PATCH 1/2] openvpnctrl: Pass external IP address to N2N daemons. Fixes #10313. --- src/misc-progs/openvpnctrl.c | 33 ++++++++++++++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) diff --git a/src/misc-progs/openvpnctrl.c b/src/misc-progs/openvpnctrl.c index 2af537272..272db0faa 100644 --- a/src/misc-progs/openvpnctrl.c +++ b/src/misc-progs/openvpnctrl.c @@ -168,6 +168,29 @@ int readPidFile(const char *pidfile) { return pid; } +int readExternalAddress(char* address) { + FILE *fp = fopen("/var/ipfire/red/local-ipaddress", "r"); + if (!fp) + goto ERROR; + + int r = fscanf(fp, "%s", address); + fclose(fp); + + if (r < 0) + goto ERROR; + + /* In case the read IP address is not valid, we empty + * the content of address and return non-zero. */ + if (!VALID_IP(address)) + goto ERROR; + + return 0; + +ERROR: + address = NULL; + return 1; +} + void ovpnInit(void) { // Read OpenVPN configuration kv = initkeyvalues(); @@ -482,10 +505,18 @@ int startNet2Net(char *name) { // Make sure all firewall rules are up to date. setFirewallRules(); + // Get the external IP address. + char address[STRING_SIZE] = ""; + int r = readExternalAddress(address); + if (r) { + fprintf(stderr, "Could not read the external address\n"); + exit(1); + } + char command[STRING_SIZE]; snprintf(command, STRING_SIZE-1, "/sbin/modprobe tun"); executeCommand(command); - snprintf(command, STRING_SIZE-1, "/usr/sbin/openvpn --config %s", configfile); + snprintf(command, STRING_SIZE-1, "/usr/sbin/openvpn --local %s --config %s", address, configfile); executeCommand(command); return 0; From e11f536252fe1f4317c47c121f5026b9a458a311 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Sun, 12 Jan 2014 15:40:50 +0100 Subject: [PATCH 2/2] OpenVPN: Fix daemon stuck in WAIT state. When the client is in the WAIT state, it is usally connected to the server. --- html/cgi-bin/index.cgi | 2 +- html/cgi-bin/ovpnmain.cgi | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/html/cgi-bin/index.cgi b/html/cgi-bin/index.cgi index b3a262994..d6115bdb0 100644 --- a/html/cgi-bin/index.cgi +++ b/html/cgi-bin/index.cgi @@ -404,7 +404,7 @@ END my $display; my $display_colour = $Header::colourred; - if ( $tustate[1] eq 'CONNECTED') { + if (($tustate[1] eq 'CONNECTED') || ($tustate[1] eq 'WAIT')) { $display_colour = $Header::colourgreen; $display = $Lang::tr{'capsopen'}; } else { diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index 75b6c75f1..b075cc54d 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -4941,7 +4941,7 @@ END #EXITING -- A graceful exit is in progress. #### - if ( $tustate[1] eq 'CONNECTED') { + if (($tustate[1] eq 'CONNECTED') || ($tustate[1] eq 'WAIT')) { $col1="bgcolor='${Header::colourgreen}'"; $active = "$Lang::tr{'capsopen'}"; }else {