Package: openvpn
Version: 2.1~rc19-1
Severity: important
Tags: patch
It seems like the introduction of redirect-private broke the redirect-gateway
option. When redirect-gateway is set, the default route is not changed at all.
This is due to the RG_REROUTE_GW flag missing on the internal data structure.
This in turn comes from incorrectly parsing the options.
The attached patch fixes it. Please apply it and forward it upstream.
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.30-midna (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages openvpn depends on:
ii debconf [debconf-2.0] 1.5.26 Debian configuration management sy
ii libc6 2.9-12 GNU C Library: Shared libraries
ii liblzo2-2 2.03-1 data compression library
ii libpam0g 1.0.1-9 Pluggable Authentication Modules l
ii libpkcs11-helper1 1.07-1 library that simplifies the intera
ii libssl0.9.8 0.9.8g-16 SSL shared libraries
ii openssl-blacklist 0.5-2 list of blacklisted OpenSSL RSA ke
ii openvpn-blacklist 0.3 list of blacklisted OpenVPN RSA sh
Versions of packages openvpn recommends:
ii net-tools 1.60-23 The NET-3 networking toolkit
Versions of packages openvpn suggests:
ii openssl 0.9.8g-16 Secure Socket Layer (SSL) binary a
pn resolvconf <none> (no description available)
-- debconf information:
openvpn/vulnerable_prng:
openvpn/create_tun: false
--- options.c 2009-05-30 23:34:12.000000000 +0200
+++ N.options.c 2009-08-14 13:32:41.401202540 +0200
@@ -4398,10 +4398,11 @@
int j;
VERIFY_PERMISSION (OPT_P_ROUTE);
rol_check_alloc (options);
- for (j = 1; j < MAX_PARMS && p[j] != NULL; ++j)
- {
if (streq (p[0], "redirect-gateway"))
options->routes->flags |= RG_REROUTE_GW;
+
+ for (j = 1; j < MAX_PARMS && p[j] != NULL; ++j)
+ {
if (streq (p[j], "local"))
options->routes->flags |= RG_LOCAL;
else if (streq (p[j], "autolocal"))
