aboutsummaryrefslogtreecommitdiffstats
path: root/main
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2012-03-22 10:59:59 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2012-03-22 10:59:59 +0000
commit3cc0c95853fcb021a12c63581c971c65718cc685 (patch)
tree0c35ac6c657d2ed747d541f93d3fb75e32f2384c /main
parentab70e0bf119a65bcc337e60fe874c4695ba2960f (diff)
downloadaports-3cc0c95853fcb021a12c63581c971c65718cc685.tar.bz2
aports-3cc0c95853fcb021a12c63581c971c65718cc685.tar.xz
main/openvpn: upgrade to 2.2.2
rebase the ipv6 patch
Diffstat (limited to 'main')
-rw-r--r--main/openvpn/APKBUILD10
-rw-r--r--main/openvpn/openvpn-2.2.2-ipv6.patch (renamed from main/openvpn/openvpn-2.2.0-ipv6-20110522-1.patch)986
2 files changed, 167 insertions, 829 deletions
diff --git a/main/openvpn/APKBUILD b/main/openvpn/APKBUILD
index 7f96559a13..929cd73db5 100644
--- a/main/openvpn/APKBUILD
+++ b/main/openvpn/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=openvpn
-pkgver=2.2.0
-pkgrel=2
+pkgver=2.2.2
+pkgrel=0
pkgdesc="A robust, and highly configurable VPN (Virtual Private Network)"
url="http://openvpn.sourceforge.net/"
arch="all"
@@ -15,7 +15,7 @@ source="http://swupdate.openvpn.net/community/releases/$pkgname-$pkgver.tar.gz
openvpn.confd
openvpn.up
openvpn.down
- openvpn-2.2.0-ipv6-20110522-1.patch
+ openvpn-2.2.2-ipv6.patch
"
_builddir="$srcdir"/$pkgname-$pkgver
@@ -88,9 +88,9 @@ doc() {
default_doc
}
-md5sums="4f440603eac45fec7be218b87d570834 openvpn-2.2.0.tar.gz
+md5sums="c5181e27b7945fa6276d21873329c5c7 openvpn-2.2.2.tar.gz
ec99092827faa7226e9f548c2cd1d20c openvpn.initd
9eca88cac6294027ec1bb7be74185c3a openvpn.confd
dc72fecd1a1bcef937603057cd6574b1 openvpn.up
dc3ff0bae442b9aedd947b8ffda1687a openvpn.down
-25172fa251672edc3f7a277b5d7f3f72 openvpn-2.2.0-ipv6-20110522-1.patch"
+51b1ddade743505b84d27db9ebfd6c0a openvpn-2.2.2-ipv6.patch"
diff --git a/main/openvpn/openvpn-2.2.0-ipv6-20110522-1.patch b/main/openvpn/openvpn-2.2.2-ipv6.patch
index 85819de42f..f8b8015ea6 100644
--- a/main/openvpn/openvpn-2.2.0-ipv6-20110522-1.patch
+++ b/main/openvpn/openvpn-2.2.2-ipv6.patch
@@ -1,626 +1,7 @@
-diff --git openvpn-2.2.0/ChangeLog.IPv6 openvpn-2.2-ipv6-20110522-1/ChangeLog.IPv6
-new file mode 100644
-index 0000000..283fe6e
---- /dev/null
-+++ openvpn-2.2-ipv6-20110522-1/ChangeLog.IPv6
-@@ -0,0 +1,440 @@
-+Do 31. Dez 15:32:40 CET 2009 Gert Doering
-+
-+ * Basic IPv6 p2mp functionality implemented
-+
-+ * new options:
-+ - server-ipv6
-+ - ifconfig-ipv6
-+ - ifconfig-ipv6-pool
-+ - route-ipv6
-+ - iroute-ipv6
-+
-+ * modules touched:
-+ - init.c: init & setup IPv6 route list & add/delete IPv6 routes
-+ - tun.c: add "ifconfig" and "route" handling for IPv6
-+ - multi.c: IPv6 ifconfig-pool assignments
-+ put to route-hash table
-+ push to client
-+ - pool.c: extend pools to handle IPv4+IPv6, and also return IPv6 address
-+ IPv6 address saved to file if ifconfig-pool-persist is set
-+ (but ignored on read due to the way pools work)
-+ - mroute.c: handle reading src/dst addresses from IPv6 packets
-+ (so multi.c can check against route-hash table)
-+ handle printing of IPv6 mroute_addr structure
-+ - helper.c: implement "server-ipv6" macro (->ifconfig-ipv6, pool, ...)
-+ - options.c: implement all the new options
-+ add helper functions for IPv6 address handling
-+ - forward.c: tell do_route() about IPv6 routes
-+ - route.c: handle IPv6 route lists + route option lists
-+ extend add_routes() to do IPv4 + IPv6 route lists
-+ extend delete_routes() to do IPv4 + IPv6 route lists
-+ implement add_route_ipv6(), delete_route_ipv6() to call
-+ system-dependend external program to do the work
-+ - push.c: handle pushing of "ifconfig-ipv6" option
-+ - socket.c: helper function to check & print IPv6 address strings
-+
-+ * known issues:
-+ - operating system support on all but Linux (ifconfig, route)
-+ - route-ipv6 gateway handling
-+ - iroute-ipv6 not implemented
-+ - TAP support: ifconfig, routing (route needs gateway!)
-+
-+ * release as patch 20091231-1
-+
-+Thu Dec 31 17:02:08 CET 2009
-+
-+ * NetBSD port (NetBSD 3.1 on Sparc64)
-+
-+ * mroute.c, socket.c: make byte/word access to in6_addr more portable
-+
-+ * tun.c: fix IPv6 ifconfig arguments on NetBSD
-+
-+ still doesn't work on NetBSD 3.1, "ifconfig tun0 inet6..." errors with
-+
-+ ifconfig: SIOCAIFADDR: Address family not supported by protocol family
-+
-+ (sys/net/if_tun.c, needs to be revision 1.80 or later, NetBSD PR 32944,
-+ included in NetBSD 4.0 and up)
-+
-+
-+Fri Jan 1 14:07:15 CET 2010
-+
-+ * FreeBSD port (FreeBSD 6.3-p12 on i386)
-+
-+ * tun.c: implement IPv6 ifconfig setting for FreeBSD
-+
-+ * route.c: fix %s/%s argument to IPv6 route add/delete command for *BSD
-+
-+ * TEST SUCCESS: FreeBSD 6.3-p12, server-ipv6, route-ipv6, ccd/iroute-ipv6
-+
-+ * multi.c: implement setting and deleting of iroute-ipv6
-+ (multi_add_iroutes(), multi_del_iroutes())
-+ * mroute.c: add mroute_helper_add_iroute6(), mroute_helper_del_iroute6()
-+ * mroute.h: add prototypes, increase MR_HELPER_NET_LEN to 129 (/0.../128)
-+ * multi.c: zeroize host part of IPv6 iroutes in multi_learn_in6_addr()
-+ * mroute.c: implement mroute_addr_mask_host_bits() for IPv6
-+
-+ * TEST SUCCESS: Linux 2.6.30 (Gentoo)/iproute2, server-ipv6, ccd/iroute-ipv6
-+
-+ * TEST SUCCESS: Linux 2.6.30 (Gentoo)/ifconfig, client-ipv6
-+
-+ * TEST FAIL: NetBSD 5.0, IPv6 client
-+ - "ifconfig tun0 .../64" does not create a "connected" route
-+ - adding routes fails
-+
-+ --> more work to do here.
-+
-+ * release as patch 20100101-1
-+
-+ * TEST FAIL:
-+ FreeBSD 6.3-p12 server "--topology subnet"
-+ Linux/ifconfig client
-+ - BSD sends ICMP6 neighbor solicitations, which are ignored by Linux
-+ - server tun interface is not in p2p mode, client tun interface *is*
-+
-+ * TEST SUCCESS: non-ipv6 enabled client -> "--server-ipv6" server
-+ (warnings in the log file, but no malfunctions)
-+
-+
-+Sat Jan 2 19:48:35 CET 2010
-+
-+ * tun.c: change "ipv6_support()", do not turn off tt->ipv6 unconditionally
-+ if we don't know about OS IPv6 support - just log warning
-+
-+ * tun.c: implement "ifconfig inet6" setting for MacOS X / Darwin
-+
-+ * route.c: split *BSD system dependent part of add/delete_route_ipv6()
-+ into FreeBSD/Dragonfly and NetBSD/Darwin/OpenBSD variants
-+ ("2001:db8::/64" vs. "2001:db8:: --prefixlen 64").
-+
-+ * tun.c: on MacOS X, NetBSD and OpenBSD, explicitely set on-link route
-+
-+ * TEST SUCCESS: MacOS X, client-ipv6 with route-ipv6
-+
-+
-+Sun Jan 3 10:55:31 CET 2010
-+
-+ * route.c: NetBSD fails with "-iface tun0", needs gateway address
-+ (assume that the same syntax is needed for OpenBSD)
-+
-+ * route.h: introduce "remote_endpoint_ipv6" into "struct route_ipv6_list"
-+
-+ * init.c: pass "ifconfig_ipv6_remote" as gateway to init_route_ipv6_list()
-+
-+ * route.c:
-+ - init_route_ipv6(): use "remote_endpoint_ipv6" as IPv6 gateway address
-+ if no gateway was specified explicitely
-+
-+ - init_route_ipv6_list(): fill in "remote_endpoint_ipv6", if parseable
-+
-+ - get rid of "GATEWAY-LESS ROUTE6" warning
-+
-+ * route.c, add_route_ipv6()
-+ - explicitely clear host bits of base address, to be able to more
-+ easily set up "connected" /64 routes on NetBSD+Darwin
-+
-+ - split system-dependent part between Darwin and NetBSD/OpenBSD
-+ (Darwin can use "-iface tun0", NetBSD/OpenBSD get gateway address)
-+
-+ - change Solaris comments from "known-broken" to "unknown"
-+
-+ * tun.c: rework NetBSD tunnel initialization and tun_read() / tun_write()
-+ to work the same way OpenBSD and NetBSD do - tunnel is put into
-+ "multi-af" mode, and all packet read/write activity is prepended by
-+ a 32 bit value specifying the address family.
-+
-+ * TEST SUCCESS: NetBSD 5.0/Sparc64: client-ipv6 with route-ipv6
-+
-+ * TEST SUCCESS: MacOS X 10.5: client-ipv6 with route-ipv6
-+
-+ * (RE-)TEST SUCCESS: Linux/iproute2: server-ipv6
-+ Linux/ifconfig: client-ipv6
-+ FreeBSD 6.3: server-ipv6
-+
-+ * release as patch 20100103-1
-+
-+ * options.c: document all new options in "--help"
-+
-+ * tun.c: fix typo in Solaris-specific section
-+
-+ * socket.h, socket.c: change u_int32_t to uint32_t
-+ (Solaris - and all the rest of the code uses "uintNN" anyway)
-+
-+Mon Jan 4 17:46:58 CET 2010
-+
-+ * socket.c: rework add_in6_addr() to use 32-bit access to struct in6_addr
-+ (Solaris has no 16-bit values in union, but this is more elegant as well)
-+
-+ * tun.c: fix "ifconfig inet6" command for Solaris
-+
-+ * tun.c: make sure "tun0 inet6" is unplumbed first, cleanup leftovers
-+
-+ * route.c: add routes with "metric 0" on solaris, otherwise they just
-+ don't work (someone who understands Solaris might want to fix this).
-+
-+ * Solaris "sort of" works now - ifconfig works, route add does not give
-+ errors, "netstat -rn" looks right, but packets are discarded unless
-+ the routes are installed with "metric 0". So we just use "metric 0"...
-+
-+ * CAVEAT: Solaris "ifconfig ... preferred" interferes with source address
-+ selection. So if there are any active IPv6 interfaces configured with
-+ "preferred", packets leaving out the tunnel will use the wrong source
-+ IPv6 address. Not fixable from within OpenVPN.
-+
-+ * CAVEAT2: Solaris insists on doing DHCPv6 on tun0 interfaces by default,
-+ so DHCPv6 solicitation packets will be seen. Since the server end has
-+ no idea what to do with them, they are a harmless nuisance. Fixable
-+ on the Solaris side via "ndpd.conf" (see ``man ifconfig'').
-+
-+ * release as patch 20100104-1
-+
-+Fri Jan 8 10:00:50 CET 2010
-+
-+ * import into git repository
-+
-+ * options.c: add sanity checks for most typical error cases
-+ (--ifconfig-ipv6-pool configured with no --ifconfig-ipv6, etc)
-+
-+ * options.c: modify get_ipv6_addr() to be more flexible about netbits
-+ (optional now, default to /64) and to return the address-without-netbits
-+ string now (-> for options that want the IPv6 address in printable
-+ form, but without /nn)
-+
-+ * options.c: modify --ifconfig-ipv6 to optionally accept /netbits,
-+ you can do now "ifconfig-ipv6 2001:df8::1/64 2001:df8::2" or just
-+ "ifconfig-ipv6 2001:df8::5 2001:df8::7", defaulting to /64
-+
-+ * options.h: add necessary structure elements for --ifconfig-ipv6-push
-+
-+ * options.c: implement "parse options" side of --ifconfig-ipv6-push
-+
-+Tue Jan 12 22:42:09 CET 2010
-+
-+ * tun.c: in TARGET_NETBSD #ifdef, distinguish between "old" code
-+ (IPv4 only, but unmodified read/write) and "new" code (multi-af,
-+ extra 32 bit AF on read/write of the tun interface) - pre-4.0
-+ NetBSD systems don't have TUNSIFHEAD, no way to have common code.
-+
-+ * TEST SUCCESS: NetBSD 5.0/Sparc64: client-ipv6 with route-ipv6 (v4+v6)
-+
-+ * TEST SUCCESS: NetBSD 3.1/Sparc64: client-ipv6 with route-ipv6 (v4-only)
-+
-+Thu Jan 14 15:41:50 CET 2010
-+
-+ * multi.c: if "--ifconfig-push" is used together with "--ifconfig-ipv6-pool"
-+ and no "--ifconfig-ipv6-push" is seen, issue warning - the current
-+ implementation of pools has IPv6 tied to IPv4, so if v4 does not use
-+ the pool, it breaks for IPv6. Not a *big* problem (since there is
-+ enough v6, just give those users a static v6 address as well), but needs
-+ to be pointed out clearly.
-+
-+ * release as patch 20100114-1
-+
-+Tue Feb 16 14:43:28 CET 2010
-+
-+ * options.c: print "IPv6 payload patch" release date in "--version"
-+
-+ * tun.c: undo change to init_tun() (moving "bool tun" and call to
-+ "is_tun_p2p()" further up) - it wasn't needed and breaks "make check"
-+
-+ * git stuff: rebase on David Sommerseth's openvpn-testing git tree
-+
-+ * release as patch 20100216-1
-+
-+Fri Feb 26 19:59:01 CET 2010
-+
-+ * init.c: initialize tuntap->ipv6 in do_init_tun() (to make sure it's
-+ always initialized early-enough, independent of the sequence of
-+ do_ifconfig()/open_tun() [see ifconfig_order() in tun.h])
-+
-+ * tun.c, init.c: remove "bool ipv6" argument to tuncfg(), open_tun()
-+ and open_tun_generic() - obsoleted by previous change
-+
-+ * tun.c: remove ipv6_support() - original purpose was unclear, and all
-+ current platforms (except linux-very-old) fully support IPv6 now :-)
-+
-+ * tun.c: initial implementation of "netsh" IPv6-ifconfig for Win32
-+
-+ * RE-TEST SUCCESS: Linux/i386/ifconfig, client-tun/net30, v4+v6
-+
-+Sun Feb 28 17:05:57 CET 2010
-+
-+ * tun.c: NetBSD dependent part: correct destroying/re-creation of tun dev
-+
-+ * tun.c: move adding of "connected" IPv6 prefix to new helper function,
-+ add_route_connected_v6_net()
-+
-+ * RE-TEST SUCCESS: NetBSD 5.0/Sparc64, client-tun/net30, v4+v6
-+
-+ * RE-TEST SUCCESS: NetBSD 3.1/Sparc64: client-tun/net30, v4-only
-+
-+ * RE-TEST SUCCESS: Linux/i386/iproute2: server-tun/net30, v4+v6
-+
-+ * tun.c: add #ifdef TARGET_DARWIN block for *_tun() functions, to
-+ be able to modify close_tun() for unconfiguring IPv6
-+
-+ * tun.c: on close_tun() on MacOS X, need to de-configure "lo0" route for
-+ configured IPv6 address
-+
-+ * RE-TEST SUCCESS: MacOS X (10.5)/i386: client-tun/net30, v4+v6
-+
-+ * route.c: implement ipv6 route adding / deletion via "netsh" for WIN32
-+
-+ * TEST FAIL: Windows XP fails, because the tun/tap driver does not
-+ forward IPv6 frames kernel->userland if in "tun" mode
-+
-+ * options.c: set IPv6 version to 20100228-1
-+
-+ * release as patch 20100228-1
-+
-+Sun Mar 7 19:17:33 CET 2010
-+
-+ * options.c: set IPv6 version to 20100307-1
-+
-+ * TODO.IPv6: add note about OpenBSD TODO (#16)
-+
-+ * route.c: set (and remove) "magic next hop" fe80::8 for IPv6 routes on
-+ Win32
-+
-+ * install-win32/settings.in: bump TAP driver version from 9.6 to 9.7
-+ and TAP_RELDATE to "07/03/2010"
-+
-+ * tap-win32/proto.h: add data types and definitions needed for IPv6
-+
-+ * tap-win32/types.h: add m_UserToTap_IPv6 ethernet header for IPv6 packets
-+
-+ * tap-win32/tapdrvr.c: implement support for IPv6 in TUN mode:
-+ - IPv6 packets User->OS need correct ether type
-+ - IPv6 packets OS->User get correctly forwarded
-+ - IPv6 neighbour discovery packets for "fe80::8" (magic address
-+ installed as route-nexthop by OpenVPN.exe) get answered locally
-+
-+ * TEST SUCCESS: WindowsXP/32bit: client-tun/net30, v4+v6
-+
-+ * tun.c: if IPv6 requested in TUN mode, and TUN/TAP driver version
-+ is older than 9.7, log warning and disable IPv6 (won't work anyway).
-+
-+ * release as patch 20100307-1
-+
-+Sat Jul 10 14:37:52 CEST 2010
-+
-+ * TEST SUCCESS: point-to-point tun mode with --ifconfig-ipv6 between
-+ Solaris10/sparc and Linux (Michal Ludvig)
-+ (using the whiteboard tun driver on Solaris, otherwise "no IPv6")
-+
-+Sun Aug 8 12:30:44 CEST 2010
-+
-+ * route.c: split NetBSD and OpenBSD parts of add_route_ipv6() and
-+ delete_route_ipv6(), implement OpenBSD variant
-+ (needs "-prefixlen nn" while NetBSD uses "/nn")
-+
-+ * tun.c: implement IPv6 ifconfig for OpenBSD
-+
-+ * tun.c: destroy tunX interface at tun_close() on OpenBSD (cleanup)
-+
-+ * TEST SUCCESS: OpenBSD 4.7: client-tun/net30, v4+v6
-+
-+Thu Sep 2 21:18:32 CEST 2010
-+
-+ * tun.c: the TAP binary in 2.2-beta3 has the IPv6 related changes, but
-+ the version number is 9.8 now -> check for 9.8, not 9.7
-+
-+Wed Sep 22 22:20:37 CEST 2010
-+
-+ * tun.c: bugfix for Linux/iproute2/"topology subnet". Works :-)
-+
-+ * TEST SUCCESS: Linux/ifconfig: client-tun/net30+subnet, v4+v6
-+
-+ * TEST SUCCESS: Linux/iproute2: client-tun/net30+subnet, v4+v6
-+
-+ * options.c: tag as 20100922-1 so "allmerged" users can see IPv6 change
-+
-+Fri Sep 24 17:57:41 CEST 2010
-+
-+ * TEST SUCCESS: Linux/<both>: client-tap, v4+v6, ping6 on connected addr
-+
-+ * TEST FAIL: Linux/<both>: client-tap, v6, route6 (gateway missing)
-+
-+Do 21. Okt 19:36:49 CEST 2010
-+
-+ * t_client.sh.in: cherrypick commit f25fe91a40aa3f and 6f1e61b41be52
-+ (proper exit codes to signal "SKIP" if we do not want to run)
-+
-+So 16. Jan 17:25:23 CET 2011
-+
-+ * tun.c, route.c: cherrypick 121755c2cb4891f and f0eac1a5979096c67
-+ (TAP driver and "topology subnet" support for Solaris)
-+
-+ * tun.c: add IPv6 configuration for TAP interfaces (<device>:1 inet6)
-+
-+ * tun.c: on close_tun on Solaris, unplumb IPv6 TUN or TAP interfaces
-+
-+ * TEST SUCCESS: OpenSolaris: client-tun, v4+v6
-+ TEST SUCCESS: OpenSolaris: client-tap, v4+v6, ping6 on connected addr
-+ TEST FAIL: OpenSolaris: client-tap, v6, route6 (gateway missing)
-+
-+So 24. Apr 16:51:45 CEST 2011
-+
-+ * rebase to "beta2.2" branch (at 2.2RC2 tag)
-+
-+ * mroute.c: remove mroute_helper_lock/_unlock() calls for IPv6
-+ * socket.c: remove locking with L_INET_NTOA mutex
-+ (all the threading stuff got removed by David Sommerseth for 2.2)
-+
-+ * mroute.c: remove duplicate mroute_helper_add_iroute6() and
-+ mroute_helper_del_iroute6() - "git rebase" artefact
-+
-+ * ChangeLog.IPv6 and TODO.IPv6: add to commit
-+
-+ * options.c: tag as 20110424-2 (2.2RC2)
-+
-+ * TEST SUCCESS: Linux/ifconfig: client-tun/net30+subnet, v4+v6
-+
-+ * TEST SUCCESS: Linux/iproute2: client-tun/net30+subnet, v4+v6
-+
-+Thu Apr 28 19:10:01 CEST 2011
-+
-+ * rebase to "origin/release/2.2" branch (at v2.2.0 tag)
-+
-+Thu May 19 20:51:12 CEST 2011
-+
-+ * include Windows "netsh add" -> "netsh set ... store=active" patch from
-+ Seth Mos, to fix restart problems on Windows due to persistant addresses
-+
-+ * TEST SUCCESS: Windows XP SP3: client-tun/net30, v4+v6
-+
-+Sat May 21 17:03:20 CEST 2011
-+
-+ * tun.c: Solaris cleanup (use CLEAR() to zero-out "ifr")
-+
-+ * tun.c: Windows cleanup: remove route and IPv6 address on disconnect
-+
-+ * route.c, route.h: remove "static" from delete_route_ipv6(), needed
-+ for ipv6-route cleanup on disconnect
-+
-+ * TEST SUCCESS: Windows XP SP3: client-tun/net30, v4+v6
-+
-+ * TEST SUCCESS: Windows 7 Home Premium: client-tun/net30, v4+v6
-+
-+So 22. Mai 14:46:12 CEST 2011
-+
-+ * Tony Lim: removing routes fails on windows if certain bits are set
-+ in the "host part" (others are silently ignored) -->
-+
-+ * route.c: create print_in6_addr_netbits_only() helper, call from
-+ add_route_ipv6() and delete_route_ipv6() to get only network part
-+ of route-to-be-modified
-+
-+ * route.c: set 'store=active' on adding routes on WIN32 as well (Tony Lim)
-+
-+ * options.c: bump IPv6 release to 20110522-1
-+
-+ * TEST SUCCESS: Linux/iproute2: client-tun/net30+subnet, v4+v6
-+
-+ * TEST SUCCESS: Windows XP SP3: client-tun/net30, v4+v6
-+
-+ * TEST SUCCESS: Windows 7 Home Premium: client-tun/net30, v4+v6
-+
-+ * TEST SUCCESS: OpenBSD 4.7: client-tun/net30, v4+v6
-+ TEST FAIL: OpenBSD 4.7: client-tun/subnet, v4
-+ (seems to be due to "topology subnet has just not been implemented yet")
-diff --git openvpn-2.2.0/README.IPv6 openvpn-2.2-ipv6-20110522-1/README.IPv6
-new file mode 100644
-index 0000000..ca578f2
---- /dev/null
-+++ openvpn-2.2-ipv6-20110522-1/README.IPv6
-@@ -0,0 +1,8 @@
-+This is an experimentally patched version of OpenVPN 2.1 with IPv6
-+payload support.
-+
-+Go here for release notes and documentation:
-+
-+ http://www.greenie.net/ipv6/openvpn.html
-+
-+Gert Doering, 31.12.2009
-diff --git openvpn-2.2.0/TODO.IPv6 openvpn-2.2-ipv6-20110522-1/TODO.IPv6
-new file mode 100644
-index 0000000..167ca51
---- /dev/null
-+++ openvpn-2.2-ipv6-20110522-1/TODO.IPv6
-@@ -0,0 +1,153 @@
-+known issues for IPv6 payload support in OpenVPN
-+-----------------------------------------------
-+
-+1.) "--topology subnet" doesn't work together with IPv6 payload on FreeBSD
-+ (verified for FreeBSD server, Linux/ifconfig client, problems
-+ with ICMP6 neighbor solicitations from BSD not being answered by Linux)
-+
-+2.) NetBSD IPv6 support doesn't work
-+ ("connected" route is not auto-created, "route-ipv6" adding fails)
-+
-+ * fixed, 3.1.10 *
-+
-+3.) route deletion for IPv6 routes is not yet done
-+
-+ * fixed for configured routes, 3.1.10 *
-+ * missing for manual-ifconfig-connected (NetBSD, Darwin, Win32)
-+ * fixed for Win32, 22.5.2011
-+
-+4.) do "ifconfig tun0 inet6 unplumb" or "ifconfig tun0 destroy" for
-+ Solaris, *BSD, ... at program termination time, to clean up leftovers
-+ (unless tunnel persistance is desired).
-+
-+ For Solaris, only the "ipv6 tun0" is affected, for the *BSDs all tun0
-+ stay around.
-+
-+4a.) deconfigure IPv6 on tun interface on session termination, otherwise
-+ one could end up with something like this (on NetBSD):
-+
-+tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
-+ inet 10.9.0.18 -> 10.9.0.17 netmask 0xffffffff
-+ inet6 fe80::a00:20ff:fece:d299%tun0 -> prefixlen 64 scopeid 0x3
-+ inet6 2001:608:4:eff::2000:3 -> prefixlen 64
-+ inet6 2001:608:4:eff::1:3 -> prefixlen 64
-+
-+ (pool was changed, previous address still active on tun0, breakage)
-+
-+ * semi-fixed for NetBSD, 28.2.10, always do tun0 destroy / tun0 create
-+ before actual ifconfig -- tunnel still lingers after OpenVPN quits
-+
-+4b.) verify this - on FreeBSD, tun0 is auto-destroyed if created by
-+ opening /dev/tun (and lingers if created by "ifconfig tun0 create")
-+
-+ -> use for persistant tunnels on not-linux?
-+
-+5.) add new option "ifconfig-ipv6-push"
-+ (per-client static IPv6 assignment, -> radiusplugin, etc)
-+
-+ * implemented, 14.1.10 *
-+
-+6.) add new option "route-ipv6-gateway"
-+
-+7.) add "full" gateway handling for IPv6 in route.c
-+ (right now, the routes are just sent down the tun interface, if the
-+ operating system in questions supports that, without care for the
-+ gateway address - which does not work for gateways that are supposed
-+ to point elsewhere. Also, it doesn't work for TAP interfaces.
-+
-+8.) full IPv6 support for TAP interfaces
-+ (main issue should be routes+gateway - and testing :-) )
-+
-+ test 2010/09/24: TAP itself works on linux/ifconfig+iproute2, but
-+ route-via-tap doesn't work at all (route points to "tap0" which fails)
-+
-+17:51:14.075412 fe:ab:6e:c5:53:71 > 33:33:ff:00:00:01, ethertype IPv6 (0x86dd), length 86: 2001:608:4:a053::1:0 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2001:608:4:a001::1, length 32
-+
-+ how is iroute-via-tap supposed to work??
-+
-+9.) verify that iroute-ipv6 and route-ipv6 interact in the same way as
-+ documented for iroute/route:
-+
-+ A's subnet, OpenVPN must push this route to all clients
-+ EXCEPT for A, since the subnet is already owned by A.
-+ OpenVPN accomplishes this by not
-+ not pushing a route to a client
-+ if it matches one of the client's iroutes.
-+
-+10.) extend "ifconfig-ipv6" to handle specification of /netbits, pushing
-+ of /netbits, and correctly ifconfig'ing this
-+ (default, if not specified: /64)
-+
-+11.) do not add ipv6-routes if tun-ipv6 is not set - complain instead
-+
-+ * done * 12.1.10
-+
-+12.) handle incoming [::] and [fe80:...] packets in tun-p2mp MULTI mode
-+ (most likely those are DAD packets)
-+ silently ignore DAD?
-+ Or accept-and-forward iff (multicast && client2client)?
-+ handle NS/NA
-+
-+13.) from Martin List-Petersen:
-+
-+ One thing, and I guess this requires modifications in
-+ network-manager-openvpn: It also works, BUT ignores "push
-+ route-ipv6-gateway" and "push route-ipv6 ...." (obviously routes pushed
-+ from the server) entirely.
-+
-+14.) from ##openvpn-discussion:
-+
-+ new features should be #ifdef'ed
-+
-+ (check whether this is feasible at all)
-+
-+15.) IPv6 related environment variables
-+
-+ - document all of them in openvpn.8
-+ - make sure that all existing IPv4 stuff has IPv6 counterparts
-+
-+16.) OpenBSD
-+ - implement ifconfig/route for IPv6
-+ - revert ifconfig/open_tun order to "normal" (separate commit!!!)
-+ (openvpn-devel, Subject: OpenBSD)
-+ - test
-+
-+17.) client-option (Elwood)
-+ - ignore-v6-push-options yes/no
-+ - ignore-v6-route-push ("as for IPv4 routes")
-+
-+18.) fail-save? "what if 'ip -6 addr add' fails" -> fail, or fallback to v4?
-+ (-> recomment setting "ignore-v6-push-options yes")
-+
-+19.) safety check: if connecting over IPv6 (v6 transport) and the pushed
-+ route-ipv6 network encompasses the server IPv6 address, make sure
-+ we at least log a warning (until we can fiddle with external routing
-+ to make this work correctly).
-+
-+20.) show "route add" / "route delete" commands for IPv6 in log file
-+ (we show the "ifconfig" commands, so why not the routes?)
-+
-+ 2010-08-07: this is a null-feature - it's already there, but with
-+ different debug level (M_INFO vs. D_ROUTE) so user
-+ didn't notice
-+
-+21.) enable ipv6-only server operations
-+ - decouple ipv6 pool handling from ipv4 pool
-+ - make sure Rest of OpenVPN doesn't assume "there will always be IPv4"
-+
-+22.) implement --learn-address for IPv6
-+
-+23.) FreeBSD 8 seems to require explicit setting of the "ifconfig" IPv6
-+ route, while FreeBSD 6+7 don't --> more testing, and code fix
-+
-+ workaround for the time being: just add
-+
-+ server-ipv6 2001:608:4:a051::/64
-+ route-ipv6 2001:608:4:a051::/64
-+
-+ to the config
-+
-+ (problem + workaround applies both to tun and tap style devices)
-+
-+24.) implement link-local IPv6 addresses
-+ (OSPFv3 over TUN/multipoint does not work right now)
-diff --git openvpn-2.2.0/forward.c openvpn-2.2-ipv6-20110522-1/forward.c
+diff --git a/forward.c b/forward.c
index 87d05cc..1f3d435 100644
---- openvpn-2.2.0/forward.c
-+++ openvpn-2.2-ipv6-20110522-1/forward.c
+--- a/forward.c
++++ b/forward.c
@@ -262,7 +262,8 @@ send_control_channel_string (struct context *c, const char *str, int msglevel)
static void
check_add_routes_action (struct context *c, const bool errors)
@@ -631,10 +12,10 @@ index 87d05cc..1f3d435 100644
update_time ();
event_timeout_clear (&c->c2.route_wakeup);
event_timeout_clear (&c->c2.route_wakeup_expire);
-diff --git openvpn-2.2.0/helper.c openvpn-2.2-ipv6-20110522-1/helper.c
+diff --git a/helper.c b/helper.c
index a9d7fd9..266b246 100644
---- openvpn-2.2.0/helper.c
-+++ openvpn-2.2-ipv6-20110522-1/helper.c
+--- a/helper.c
++++ b/helper.c
@@ -142,6 +142,55 @@ helper_client_server (struct options *o)
#if P2MP
@@ -691,10 +72,10 @@ index a9d7fd9..266b246 100644
/*
*
* HELPER DIRECTIVE:
-diff --git openvpn-2.2.0/init.c openvpn-2.2-ipv6-20110522-1/init.c
+diff --git a/init.c b/init.c
index d47a4ef..7fc8eb7 100644
---- openvpn-2.2.0/init.c
-+++ openvpn-2.2-ipv6-20110522-1/init.c
+--- a/init.c
++++ b/init.c
@@ -843,7 +843,7 @@ do_persist_tuntap (const struct options *options)
msg (M_FATAL|M_OPTERR,
"options --mktun or --rmtun should only be used together with --dev");
@@ -832,10 +213,10 @@ index d47a4ef..7fc8eb7 100644
/* actually close tun/tap device based on --down-pre flag */
if (!c->options.down_pre)
-diff --git openvpn-2.2.0/init.h openvpn-2.2-ipv6-20110522-1/init.h
+diff --git a/init.h b/init.h
index cf5ca8a..5a1d1dc 100644
---- openvpn-2.2.0/init.h
-+++ openvpn-2.2-ipv6-20110522-1/init.h
+--- a/init.h
++++ b/init.h
@@ -63,6 +63,7 @@ void init_instance (struct context *c, const struct env_set *env, const unsigned
void do_route (const struct options *options,
@@ -844,10 +225,10 @@ index cf5ca8a..5a1d1dc 100644
const struct tuntap *tt,
const struct plugin_list *plugins,
struct env_set *es);
-diff --git openvpn-2.2.0/misc.c openvpn-2.2-ipv6-20110522-1/misc.c
+diff --git a/misc.c b/misc.c
index 4067d85..9d351f4 100644
---- openvpn-2.2.0/misc.c
-+++ openvpn-2.2-ipv6-20110522-1/misc.c
+--- a/misc.c
++++ b/misc.c
@@ -1001,7 +1001,9 @@ setenv_str_ex (struct env_set *es,
{
const char *str = construct_name_value (name_tmp, val_tmp, &gc);
@@ -859,10 +240,10 @@ index 4067d85..9d351f4 100644
}
else
env_set_del (es, name_tmp);
-diff --git openvpn-2.2.0/mroute.c openvpn-2.2-ipv6-20110522-1/mroute.c
-index 3debd80..3182f65 100644
---- openvpn-2.2.0/mroute.c
-+++ openvpn-2.2-ipv6-20110522-1/mroute.c
+diff --git a/mroute.c b/mroute.c
+index 1b3488f..6cfec27 100644
+--- a/mroute.c
++++ b/mroute.c
@@ -88,12 +88,33 @@ mroute_get_in_addr_t (struct mroute_addr *ma, const in_addr_t src, unsigned int
}
}
@@ -897,41 +278,44 @@ index 3debd80..3182f65 100644
#ifdef ENABLE_PF
static unsigned int
-@@ -155,10 +176,29 @@ mroute_extract_addr_ipv4 (struct mroute_addr *src,
+@@ -157,13 +178,29 @@ mroute_extract_addr_ipv4 (struct mroute_addr *src,
}
break;
case 6:
- {
-- msg (M_WARN, "Need IPv6 code in mroute_extract_addr_from_packet");
+- if( !ipv6warned ) {
+- msg (M_WARN, "IPv6 in tun mode is not supported in OpenVPN 2.2");
+- ipv6warned = true;
+- }
- break;
- }
-+ if (BLEN (buf) >= (int) sizeof (struct openvpn_ipv6hdr))
-+ {
-+ const struct openvpn_ipv6hdr *ipv6 = (const struct openvpn_ipv6hdr *) BPTR (buf);
-+#if 0 /* very basic debug */
-+ struct gc_arena gc = gc_new ();
-+ msg( M_INFO, "IPv6 packet! src=%s, dst=%s",
-+ print_in6_addr( ipv6->saddr, 0, &gc ),
-+ print_in6_addr( ipv6->daddr, 0, &gc ));
-+ gc_free (&gc);
++ if (BLEN (buf) >= (int) sizeof (struct openvpn_ipv6hdr))
++ {
++ const struct openvpn_ipv6hdr *ipv6 = (const struct openvpn_ipv6hdr *) BPTR (buf);
++#if 0 /* very basic debug */
++ struct gc_arena gc = gc_new ();
++ msg( M_INFO, "IPv6 packet! src=%s, dst=%s",
++ print_in6_addr( ipv6->saddr, 0, &gc ),
++ print_in6_addr( ipv6->daddr, 0, &gc ));
++ gc_free (&gc);
+#endif
+
-+ mroute_get_in6_addr (src, ipv6->saddr, 0);
-+ mroute_get_in6_addr (dest, ipv6->daddr, 0);
++ mroute_get_in6_addr (src, ipv6->saddr, 0);
++ mroute_get_in6_addr (dest, ipv6->daddr, 0);
+
-+ if (mroute_is_mcast_ipv6 (ipv6->daddr))
-+ ret |= MROUTE_EXTRACT_MCAST;
++ if (mroute_is_mcast_ipv6 (ipv6->daddr))
++ ret |= MROUTE_EXTRACT_MCAST;
+
-+ ret |= MROUTE_EXTRACT_SUCCEEDED;
-+ }
-+ break;
-+ default:
-+ msg (M_WARN, "IP packet with unknown IP version=%d seen",
-+ OPENVPN_IPH_GET_VER (*BPTR(buf)));
++ ret |= MROUTE_EXTRACT_SUCCEEDED;
++ }
++ break;
++ default:
++ msg (M_WARN, "IP packet with unknown IP version=%d seen",
++ OPENVPN_IPH_GET_VER (*BPTR(buf)));
}
}
return ret;
-@@ -252,14 +292,36 @@ bool mroute_extract_openvpn_sockaddr (struct mroute_addr *addr,
+@@ -257,14 +294,36 @@ bool mroute_extract_openvpn_sockaddr (struct mroute_addr *addr,
* Zero off the host bits in an address, leaving
* only the network bits, using the netbits member of
* struct mroute_addr as the controlling parameter.
@@ -971,7 +355,7 @@ index 3debd80..3182f65 100644
}
/*
-@@ -337,17 +399,24 @@ mroute_addr_print_ex (const struct mroute_addr *ma,
+@@ -342,17 +401,24 @@ mroute_addr_print_ex (const struct mroute_addr *ma,
}
break;
case MR_ADDR_IPV6:
@@ -1007,7 +391,7 @@ index 3debd80..3182f65 100644
/*
* mroute_helper's main job is keeping track of
-@@ -418,6 +487,40 @@ mroute_helper_del_iroute (struct mroute_helper *mh, const struct iroute *ir)
+@@ -423,6 +489,40 @@ mroute_helper_del_iroute (struct mroute_helper *mh, const struct iroute *ir)
}
}
@@ -1048,10 +432,10 @@ index 3debd80..3182f65 100644
void
mroute_helper_free (struct mroute_helper *mh)
{
-diff --git openvpn-2.2.0/mroute.h openvpn-2.2-ipv6-20110522-1/mroute.h
+diff --git a/mroute.h b/mroute.h
index 7265001..b72b5ff 100644
---- openvpn-2.2.0/mroute.h
-+++ openvpn-2.2-ipv6-20110522-1/mroute.h
+--- a/mroute.h
++++ b/mroute.h
@@ -85,7 +85,7 @@ struct mroute_addr {
/*
* Number of bits in an address. Should be raised for IPv6.
@@ -1070,10 +454,10 @@ index 7265001..b72b5ff 100644
/*
* Given a raw packet in buf, return the src and dest
-diff --git openvpn-2.2.0/multi.c openvpn-2.2-ipv6-20110522-1/multi.c
+diff --git a/multi.c b/multi.c
index 22c0a3f..f703b8d 100644
---- openvpn-2.2.0/multi.c
-+++ openvpn-2.2-ipv6-20110522-1/multi.c
+--- a/multi.c
++++ b/multi.c
@@ -316,25 +316,18 @@ multi_init (struct multi_context *m, struct context *t, bool tcp_mode, int threa
*/
if (t->options.ifconfig_pool_defined)
@@ -1310,11 +694,11 @@ index 22c0a3f..f703b8d 100644
/* add routes locally, pointing to new client, if
--iroute options have been specified */
multi_add_iroutes (m, mi);
-diff --git openvpn-2.2.0/openvpn.8 openvpn-2.2-ipv6-20110522-1/openvpn.8
-index 7d213f9..11fd5ad 100644
---- openvpn-2.2.0/openvpn.8
-+++ openvpn-2.2-ipv6-20110522-1/openvpn.8
-@@ -789,6 +789,8 @@ or
+diff --git a/openvpn.8 b/openvpn.8
+index 67a9779..5322618 100644
+--- a/openvpn.8
++++ b/openvpn.8
+@@ -794,6 +794,8 @@ or
.B \-\-dev tunX.
A warning will be displayed
if no specific IPv6 TUN support for your OS has been compiled into OpenVPN.
@@ -1323,7 +707,7 @@ index 7d213f9..11fd5ad 100644
.\"*********************************************************
.TP
.B \-\-dev-node node
-@@ -4936,6 +4938,57 @@ if certificates are stored as private objects.
+@@ -4949,6 +4951,57 @@ if certificates are stored as private objects.
.B \-\-verb
option can be used BEFORE this option to produce debugging information.
.\"*********************************************************
@@ -1381,10 +765,10 @@ index 7d213f9..11fd5ad 100644
.SH SCRIPTING AND ENVIRONMENTAL VARIABLES
OpenVPN exports a series
of environmental variables for use by user-defined scripts.
-diff --git openvpn-2.2.0/openvpn.h openvpn-2.2-ipv6-20110522-1/openvpn.h
+diff --git a/openvpn.h b/openvpn.h
index 641bf93..e5e6e58 100644
---- openvpn-2.2.0/openvpn.h
-+++ openvpn-2.2-ipv6-20110522-1/openvpn.h
+--- a/openvpn.h
++++ b/openvpn.h
@@ -165,6 +165,9 @@ struct context_1
/* list of --route directives */
struct route_list *route_list;
@@ -1407,10 +791,10 @@ index 641bf93..e5e6e58 100644
/* client authentication state, CAS_SUCCEEDED must be 0 */
# define CAS_SUCCEEDED 0
# define CAS_PENDING 1
-diff --git openvpn-2.2.0/options.c openvpn-2.2-ipv6-20110522-1/options.c
-index 7708995..bf59e00 100644
---- openvpn-2.2.0/options.c
-+++ openvpn-2.2-ipv6-20110522-1/options.c
+diff --git a/options.c b/options.c
+index 7a5e35d..8fdd8a5 100644
+--- a/options.c
++++ b/options.c
@@ -79,6 +79,7 @@ const char title_string[] =
#ifdef ENABLE_EUREPHIA
" [eurephia]"
@@ -1419,7 +803,7 @@ index 7708995..bf59e00 100644
" built on " __DATE__
;
-@@ -171,6 +172,8 @@ static const char usage_message[] =
+@@ -172,6 +173,8 @@ static const char usage_message[] =
" addresses outside of the subnets used by either peer.\n"
" TAP: configure device to use IP address l as a local\n"
" endpoint and rn as a subnet mask.\n"
@@ -1428,7 +812,7 @@ index 7708995..bf59e00 100644
"--ifconfig-noexec : Don't actually execute ifconfig/netsh command, instead\n"
" pass --ifconfig parms by environment to scripts.\n"
"--ifconfig-nowarn : Don't warn if the --ifconfig option on this side of the\n"
-@@ -181,6 +184,10 @@ static const char usage_message[] =
+@@ -182,6 +185,10 @@ static const char usage_message[] =
" netmask default: 255.255.255.255\n"
" gateway default: taken from --route-gateway or --ifconfig\n"
" Specify default by leaving blank or setting to \"nil\".\n"
@@ -1439,7 +823,7 @@ index 7708995..bf59e00 100644
"--max-routes n : Specify the maximum number of routes that may be defined\n"
" or pulled from a server.\n"
"--route-gateway gw|'dhcp' : Specify a default gateway for use with --route.\n"
-@@ -369,6 +376,7 @@ static const char usage_message[] =
+@@ -370,6 +377,7 @@ static const char usage_message[] =
"\n"
"Multi-Client Server options (when --mode server is used):\n"
"--server network netmask : Helper option to easily configure server mode.\n"
@@ -1447,7 +831,7 @@ index 7708995..bf59e00 100644
"--server-bridge [IP netmask pool-start-IP pool-end-IP] : Helper option to\n"
" easily configure ethernet bridging server mode.\n"
"--push \"option\" : Push a config file option back to the peer for remote\n"
-@@ -382,10 +390,16 @@ static const char usage_message[] =
+@@ -383,10 +391,16 @@ static const char usage_message[] =
"--ifconfig-pool-persist file [seconds] : Persist/unpersist ifconfig-pool\n"
" data to file, at seconds intervals (default=600).\n"
" If seconds=0, file will be treated as read-only.\n"
@@ -1464,7 +848,7 @@ index 7708995..bf59e00 100644
" Sets up internal routes only.\n"
" Only valid in a client-specific config file.\n"
"--disable : Client is disabled.\n"
-@@ -870,6 +884,78 @@ get_ip_addr (const char *ip_string, int msglevel, bool *error)
+@@ -871,6 +885,78 @@ get_ip_addr (const char *ip_string, int msglevel, bool *error)
return ret;
}
@@ -1543,7 +927,7 @@ index 7708995..bf59e00 100644
static char *
string_substitute (const char *src, int from, int to, struct gc_arena *gc)
{
-@@ -988,6 +1074,8 @@ show_p2mp_parms (const struct options *o)
+@@ -989,6 +1075,8 @@ show_p2mp_parms (const struct options *o)
#if P2MP_SERVER
msg (D_SHOW_PARMS, " server_network = %s", print_in_addr_t (o->server_network, 0, &gc));
msg (D_SHOW_PARMS, " server_netmask = %s", print_in_addr_t (o->server_netmask, 0, &gc));
@@ -1552,7 +936,7 @@ index 7708995..bf59e00 100644
msg (D_SHOW_PARMS, " server_bridge_ip = %s", print_in_addr_t (o->server_bridge_ip, 0, &gc));
msg (D_SHOW_PARMS, " server_bridge_netmask = %s", print_in_addr_t (o->server_bridge_netmask, 0, &gc));
msg (D_SHOW_PARMS, " server_bridge_pool_start = %s", print_in_addr_t (o->server_bridge_pool_start, 0, &gc));
-@@ -1008,6 +1096,9 @@ show_p2mp_parms (const struct options *o)
+@@ -1009,6 +1097,9 @@ show_p2mp_parms (const struct options *o)
msg (D_SHOW_PARMS, " ifconfig_pool_netmask = %s", print_in_addr_t (o->ifconfig_pool_netmask, 0, &gc));
SHOW_STR (ifconfig_pool_persist_filename);
SHOW_INT (ifconfig_pool_persist_refresh_freq);
@@ -1562,7 +946,7 @@ index 7708995..bf59e00 100644
SHOW_INT (n_bcast_buf);
SHOW_INT (tcp_queue_limit);
SHOW_INT (real_hash_size);
-@@ -1021,6 +1112,9 @@ show_p2mp_parms (const struct options *o)
+@@ -1022,6 +1113,9 @@ show_p2mp_parms (const struct options *o)
SHOW_BOOL (push_ifconfig_defined);
msg (D_SHOW_PARMS, " push_ifconfig_local = %s", print_in_addr_t (o->push_ifconfig_local, 0, &gc));
msg (D_SHOW_PARMS, " push_ifconfig_remote_netmask = %s", print_in_addr_t (o->push_ifconfig_remote_netmask, 0, &gc));
@@ -1572,7 +956,7 @@ index 7708995..bf59e00 100644
SHOW_BOOL (enable_c2c);
SHOW_BOOL (duplicate_cn);
SHOW_INT (cf_max);
-@@ -1075,6 +1169,25 @@ option_iroute (struct options *o,
+@@ -1076,6 +1170,25 @@ option_iroute (struct options *o,
o->iroutes = ir;
}
@@ -1598,7 +982,7 @@ index 7708995..bf59e00 100644
#endif /* P2MP_SERVER */
#endif /* P2MP */
-@@ -1112,6 +1225,13 @@ rol_check_alloc (struct options *options)
+@@ -1113,6 +1226,13 @@ rol_check_alloc (struct options *options)
options->routes = new_route_option_list (options->max_routes, &options->gc);
}
@@ -1612,7 +996,7 @@ index 7708995..bf59e00 100644
#ifdef ENABLE_DEBUG
static void
show_connection_entry (const struct connection_entry *o)
-@@ -1202,6 +1322,9 @@ show_settings (const struct options *o)
+@@ -1203,6 +1323,9 @@ show_settings (const struct options *o)
SHOW_STR (ifconfig_remote_netmask);
SHOW_BOOL (ifconfig_noexec);
SHOW_BOOL (ifconfig_nowarn);
@@ -1622,7 +1006,7 @@ index 7708995..bf59e00 100644
#ifdef HAVE_GETTIMEOFDAY
SHOW_INT (shaper);
-@@ -1862,8 +1985,10 @@ options_postprocess_verify_ce (const struct options *options, const struct conne
+@@ -1863,8 +1986,10 @@ options_postprocess_verify_ce (const struct options *options, const struct conne
if (options->connection_list)
msg (M_USAGE, "<connection> cannot be used with --mode server");
#endif
@@ -1633,7 +1017,7 @@ index 7708995..bf59e00 100644
if (options->shaper)
msg (M_USAGE, "--shaper cannot be used with --mode server");
if (options->inetd)
-@@ -1888,6 +2013,11 @@ options_postprocess_verify_ce (const struct options *options, const struct conne
+@@ -1889,6 +2014,11 @@ options_postprocess_verify_ce (const struct options *options, const struct conne
msg (M_USAGE, "--up-delay cannot be used with --mode server");
if (!options->ifconfig_pool_defined && options->ifconfig_pool_persist_filename)
msg (M_USAGE, "--ifconfig-pool-persist must be used with --ifconfig-pool");
@@ -1645,7 +1029,7 @@ index 7708995..bf59e00 100644
if (options->auth_user_pass_file)
msg (M_USAGE, "--auth-user-pass cannot be used with --mode server (it should be used on the client side only)");
if (options->ccd_exclusive && !options->client_config_dir)
-@@ -1919,6 +2049,8 @@ options_postprocess_verify_ce (const struct options *options, const struct conne
+@@ -1920,6 +2050,8 @@ options_postprocess_verify_ce (const struct options *options, const struct conne
*/
if (options->ifconfig_pool_defined || options->ifconfig_pool_persist_filename)
msg (M_USAGE, "--ifconfig-pool/--ifconfig-pool-persist requires --mode server");
@@ -1654,7 +1038,7 @@ index 7708995..bf59e00 100644
if (options->real_hash_size != defaults.real_hash_size
|| options->virtual_hash_size != defaults.virtual_hash_size)
msg (M_USAGE, "--hash-size requires --mode server");
-@@ -2460,6 +2592,8 @@ options_string (const struct options *o,
+@@ -2461,6 +2593,8 @@ options_string (const struct options *o,
o->topology,
o->ifconfig_local,
o->ifconfig_remote_netmask,
@@ -1663,7 +1047,7 @@ index 7708995..bf59e00 100644
(in_addr_t)0,
(in_addr_t)0,
false,
-@@ -3785,6 +3919,30 @@ add_option (struct options *options,
+@@ -3786,6 +3920,30 @@ add_option (struct options *options,
goto err;
}
}
@@ -1694,7 +1078,7 @@ index 7708995..bf59e00 100644
else if (streq (p[0], "ifconfig-noexec"))
{
VERIFY_PERMISSION (OPT_P_UP);
-@@ -4585,6 +4743,26 @@ add_option (struct options *options,
+@@ -4586,6 +4744,26 @@ add_option (struct options *options,
}
add_route_to_option_list (options->routes, p[1], p[2], p[3], p[4]);
}
@@ -1721,7 +1105,7 @@ index 7708995..bf59e00 100644
else if (streq (p[0], "max-routes") && p[1])
{
int max_routes;
-@@ -4796,6 +4974,33 @@ add_option (struct options *options,
+@@ -4797,6 +4975,33 @@ add_option (struct options *options,
}
}
}
@@ -1755,7 +1139,7 @@ index 7708995..bf59e00 100644
else if (streq (p[0], "server-bridge") && p[1] && p[2] && p[3] && p[4])
{
const int lev = M_WARN;
-@@ -4880,6 +5085,28 @@ add_option (struct options *options,
+@@ -4881,6 +5086,28 @@ add_option (struct options *options,
VERIFY_PERMISSION (OPT_P_GENERAL);
options->topology = TOP_P2P;
}
@@ -1784,7 +1168,7 @@ index 7708995..bf59e00 100644
else if (streq (p[0], "hash-size") && p[1] && p[2])
{
int real, virtual;
-@@ -5075,6 +5302,11 @@ add_option (struct options *options,
+@@ -5076,6 +5303,11 @@ add_option (struct options *options,
}
option_iroute (options, p[1], netmask, msglevel);
}
@@ -1796,7 +1180,7 @@ index 7708995..bf59e00 100644
else if (streq (p[0], "ifconfig-push") && p[1] && p[2])
{
in_addr_t local, remote_netmask;
-@@ -5113,6 +5345,43 @@ add_option (struct options *options,
+@@ -5114,6 +5346,43 @@ add_option (struct options *options,
goto err;
}
}
@@ -1840,10 +1224,10 @@ index 7708995..bf59e00 100644
else if (streq (p[0], "disable"))
{
VERIFY_PERMISSION (OPT_P_INSTANCE);
-diff --git openvpn-2.2.0/options.h openvpn-2.2-ipv6-20110522-1/options.h
-index 7f4c0cd..dd04ee8 100644
---- openvpn-2.2.0/options.h
-+++ openvpn-2.2-ipv6-20110522-1/options.h
+diff --git a/options.h b/options.h
+index dd49355..3b01597 100644
+--- a/options.h
++++ b/options.h
@@ -205,6 +205,9 @@ struct options
int topology; /* one of the TOP_x values from proto.h */
const char *ifconfig_local;
@@ -1862,15 +1246,7 @@ index 7f4c0cd..dd04ee8 100644
bool route_nopull;
bool route_gateway_via_dhcp;
bool allow_pull_fqdn; /* as a client, allow server to push a FQDN for certain parameters */
-@@ -355,12 +359,17 @@ struct options
- struct plugin_option_list *plugin_list;
- #endif
-
-+ const char *tmp_dir;
-+
- #if P2MP
-
- #if P2MP_SERVER
+@@ -363,6 +367,9 @@ struct options
bool server_defined;
in_addr_t server_network;
in_addr_t server_netmask;
@@ -1880,42 +1256,37 @@ index 7f4c0cd..dd04ee8 100644
# define SF_NOPOOL (1<<0)
# define SF_TCP_NODELAY_HELPER (1<<1)
-@@ -382,24 +391,33 @@ struct options
+@@ -384,6 +391,11 @@ struct options
in_addr_t ifconfig_pool_netmask;
const char *ifconfig_pool_persist_filename;
int ifconfig_pool_persist_refresh_freq;
+
-+ bool ifconfig_ipv6_pool_defined; /* IPv6 */
-+ struct in6_addr ifconfig_ipv6_pool_base; /* IPv6 */
-+ int ifconfig_ipv6_pool_netbits; /* IPv6 */
++ bool ifconfig_ipv6_pool_defined; /* IPv6 */
++ struct in6_addr ifconfig_ipv6_pool_base; /* IPv6 */
++ int ifconfig_ipv6_pool_netbits; /* IPv6 */
+
int real_hash_size;
int virtual_hash_size;
const char *client_connect_script;
- const char *client_disconnect_script;
- const char *learn_address_script;
-- const char *tmp_dir;
- const char *client_config_dir;
- bool ccd_exclusive;
- bool disable;
+@@ -395,12 +407,17 @@ struct options
int n_bcast_buf;
int tcp_queue_limit;
struct iroute *iroutes;
-+ struct iroute_ipv6 *iroutes_ipv6; /* IPv6 */
++ struct iroute_ipv6 *iroutes_ipv6; /* IPv6 */
bool push_ifconfig_defined;
in_addr_t push_ifconfig_local;
in_addr_t push_ifconfig_remote_netmask;
bool push_ifconfig_constraint_defined;
in_addr_t push_ifconfig_constraint_network;
in_addr_t push_ifconfig_constraint_netmask;
-+ bool push_ifconfig_ipv6_defined; /* IPv6 */
-+ struct in6_addr push_ifconfig_ipv6_local; /* IPv6 */
-+ int push_ifconfig_ipv6_netbits; /* IPv6 */
-+ struct in6_addr push_ifconfig_ipv6_remote; /* IPv6 */
++ bool push_ifconfig_ipv6_defined; /* IPv6 */
++ struct in6_addr push_ifconfig_ipv6_local; /* IPv6 */
++ int push_ifconfig_ipv6_netbits; /* IPv6 */
++ struct in6_addr push_ifconfig_ipv6_remote; /* IPv6 */
bool enable_c2c;
bool duplicate_cn;
int cf_max;
-@@ -722,6 +740,10 @@ void options_string_import (struct options *options,
+@@ -723,6 +740,10 @@ void options_string_import (struct options *options,
unsigned int *option_types_found,
struct env_set *es);
@@ -1926,10 +1297,10 @@ index 7f4c0cd..dd04ee8 100644
/*
* inline functions
*/
-diff --git openvpn-2.2.0/pool.c openvpn-2.2-ipv6-20110522-1/pool.c
+diff --git a/pool.c b/pool.c
index 84333df..60dc520 100644
---- openvpn-2.2.0/pool.c
-+++ openvpn-2.2-ipv6-20110522-1/pool.c
+--- a/pool.c
++++ b/pool.c
@@ -132,7 +132,10 @@ ifconfig_pool_verify_range (const int msglevel, const in_addr_t start, const in_
}
@@ -2078,10 +1449,10 @@ index 84333df..60dc520 100644
if (h < 0)
break;
msg (M_INFO | M_NOPREFIX, "IFCONFIG_POOL TEST pass 3: l=%s r=%s cn=%s",
-diff --git openvpn-2.2.0/pool.h openvpn-2.2-ipv6-20110522-1/pool.h
+diff --git a/pool.h b/pool.h
index 81264a9..fc9d6ab 100644
---- openvpn-2.2.0/pool.h
-+++ openvpn-2.2-ipv6-20110522-1/pool.h
+--- a/pool.h
++++ b/pool.h
@@ -52,6 +52,9 @@ struct ifconfig_pool
int size;
int type;
@@ -2108,10 +1479,10 @@ index 81264a9..fc9d6ab 100644
bool ifconfig_pool_release (struct ifconfig_pool* pool, ifconfig_pool_handle hand, const bool hard);
-diff --git openvpn-2.2.0/proto.h openvpn-2.2-ipv6-20110522-1/proto.h
+diff --git a/proto.h b/proto.h
index 55f0832..b8e8997 100644
---- openvpn-2.2.0/proto.h
-+++ openvpn-2.2-ipv6-20110522-1/proto.h
+--- a/proto.h
++++ b/proto.h
@@ -108,6 +108,21 @@ struct openvpn_iphdr {
};
@@ -2134,10 +1505,10 @@ index 55f0832..b8e8997 100644
* UDP header
*/
struct openvpn_udphdr {
-diff --git openvpn-2.2.0/push.c openvpn-2.2-ipv6-20110522-1/push.c
+diff --git a/push.c b/push.c
index 08c7f99..1fd8bea 100644
---- openvpn-2.2.0/push.c
-+++ openvpn-2.2-ipv6-20110522-1/push.c
+--- a/push.c
++++ b/push.c
@@ -189,8 +189,26 @@ send_push_reply (struct context *c)
const int safe_cap = BCAP (&buf) - extra;
bool push_sent = false;
@@ -2165,10 +1536,10 @@ index 08c7f99..1fd8bea 100644
while (e)
{
if (e->enable)
-diff --git openvpn-2.2.0/route.c openvpn-2.2-ipv6-20110522-1/route.c
+diff --git a/route.c b/route.c
index b5092fe..7c81f75 100644
---- openvpn-2.2.0/route.c
-+++ openvpn-2.2-ipv6-20110522-1/route.c
+--- a/route.c
++++ b/route.c
@@ -35,6 +35,7 @@
#include "socket.h"
#include "manage.h"
@@ -2835,10 +2206,10 @@ index b5092fe..7c81f75 100644
/*
* The --redirect-gateway option requires OS-specific code below
* to get the current default gateway.
-diff --git openvpn-2.2.0/route.h openvpn-2.2-ipv6-20110522-1/route.h
+diff --git a/route.h b/route.h
index c5cbb7c..6a7704f 100644
---- openvpn-2.2.0/route.h
-+++ openvpn-2.2-ipv6-20110522-1/route.h
+--- a/route.h
++++ b/route.h
@@ -92,6 +92,19 @@ struct route_option_list {
struct route_option routes[EMPTY_ARRAY_SIZE];
};
@@ -2960,10 +2331,10 @@ index c5cbb7c..6a7704f 100644
bool is_special_addr (const char *addr_str);
-diff --git openvpn-2.2.0/socket.c openvpn-2.2-ipv6-20110522-1/socket.c
+diff --git a/socket.c b/socket.c
index 4720398..c04edc9 100644
---- openvpn-2.2.0/socket.c
-+++ openvpn-2.2-ipv6-20110522-1/socket.c
+--- a/socket.c
++++ b/socket.c
@@ -342,6 +342,24 @@ ip_addr_dotted_quad_safe (const char *dotted_quad)
}
}
@@ -3104,10 +2475,10 @@ index 4720398..c04edc9 100644
int
socket_recv_queue (struct link_socket *sock, int maxsize)
{
-diff --git openvpn-2.2.0/socket.h openvpn-2.2-ipv6-20110522-1/socket.h
+diff --git a/socket.h b/socket.h
index eef98d1..17943e7 100644
---- openvpn-2.2.0/socket.h
-+++ openvpn-2.2-ipv6-20110522-1/socket.h
+--- a/socket.h
++++ b/socket.h
@@ -351,6 +351,8 @@ const char *print_link_socket_actual (const struct link_socket_actual *act,
#define IA_EMPTY_IF_UNDEF (1<<0)
#define IA_NET_ORDER (1<<1)
@@ -3125,10 +2496,10 @@ index eef98d1..17943e7 100644
socket_descriptor_t create_socket_tcp (void);
-diff --git openvpn-2.2.0/syshead.h openvpn-2.2-ipv6-20110522-1/syshead.h
-index 63b82ba..a01c2c4 100644
---- openvpn-2.2.0/syshead.h
-+++ openvpn-2.2-ipv6-20110522-1/syshead.h
+diff --git a/syshead.h b/syshead.h
+index b81ce59..fe4af3f 100644
+--- a/syshead.h
++++ b/syshead.h
@@ -28,6 +28,10 @@
/*
* Only include if not during configure
@@ -3150,10 +2521,10 @@ index 63b82ba..a01c2c4 100644
#endif
#ifdef HAVE_SYS_MMAN_H
-diff --git openvpn-2.2.0/tun.c openvpn-2.2-ipv6-20110522-1/tun.c
-index 59e87dc..cea1784 100644
---- openvpn-2.2.0/tun.c
-+++ openvpn-2.2-ipv6-20110522-1/tun.c
+diff --git a/tun.c b/tun.c
+index d03e8c7..4be71de 100644
+--- a/tun.c
++++ b/tun.c
@@ -56,13 +56,14 @@ static void netsh_ifconfig (const struct tuntap_options *to,
const in_addr_t ip,
const in_addr_t netmask,
@@ -3618,23 +2989,7 @@ index 59e87dc..cea1784 100644
/*
* We handle --dev null specially, we do not open /dev/null for this.
-@@ -1215,13 +1457,13 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6
- close (tt->fd);
- tt->fd = -1;
- }
-- open_tun_generic (dev, dev_type, dev_node, ipv6, false, true, tt);
-+ open_tun_generic (dev, dev_type, dev_node, false, true, tt);
- }
-
- #else
-
- void
--open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6, struct tuntap *tt)
-+open_tun (const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt)
- {
- ASSERT (0);
- }
-@@ -1231,9 +1473,9 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6
+@@ -1222,9 +1464,9 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6
#else
void
@@ -3646,7 +3001,7 @@ index 59e87dc..cea1784 100644
}
#endif /* HAVE_LINUX_IF_TUN_H */
-@@ -1253,7 +1495,7 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6
+@@ -1244,7 +1486,7 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6
#endif
void
@@ -3655,7 +3010,7 @@ index 59e87dc..cea1784 100644
{
struct tuntap *tt;
-@@ -1261,7 +1503,7 @@ tuncfg (const char *dev, const char *dev_type, const char *dev_node, bool ipv6,
+@@ -1252,7 +1494,7 @@ tuncfg (const char *dev, const char *dev_type, const char *dev_node, bool ipv6,
clear_tuntap (tt);
tt->type = dev_type_enum (dev, dev_type);
tt->options = *options;
@@ -3664,7 +3019,7 @@ index 59e87dc..cea1784 100644
if (ioctl (tt->fd, TUNSETPERSIST, persist_mode) < 0)
msg (M_ERR, "Cannot ioctl TUNSETPERSIST(%d) %s", persist_mode, dev);
if (username != NULL)
-@@ -1404,7 +1646,7 @@ read_tun (struct tuntap* tt, uint8_t *buf, int len)
+@@ -1395,7 +1637,7 @@ read_tun (struct tuntap* tt, uint8_t *buf, int len)
#endif
void
@@ -3673,7 +3028,7 @@ index 59e87dc..cea1784 100644
{
int if_fd, ip_muxid, arp_muxid, arp_fd, ppa = -1;
struct lifreq ifr;
-@@ -1415,8 +1657,11 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6
+@@ -1406,8 +1648,11 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6
bool is_tun;
struct strioctl strioc_if, strioc_ppa;
@@ -3687,7 +3042,7 @@ index 59e87dc..cea1784 100644
if (tt->type == DEV_TYPE_NULL)
{
-@@ -1570,6 +1815,18 @@ solaris_close_tun (struct tuntap *tt)
+@@ -1561,6 +1806,18 @@ solaris_close_tun (struct tuntap *tt)
{
if (tt)
{
@@ -3706,7 +3061,7 @@ index 59e87dc..cea1784 100644
if (tt->ip_fd >= 0)
{
struct lifreq ifr;
-@@ -1622,11 +1879,20 @@ close_tun (struct tuntap *tt)
+@@ -1613,11 +1870,20 @@ close_tun (struct tuntap *tt)
}
static void
@@ -3728,7 +3083,7 @@ index 59e87dc..cea1784 100644
argv_printf (&argv,
"%s %s unplumb",
IFCONFIG_PATH,
-@@ -1683,9 +1949,9 @@ read_tun (struct tuntap* tt, uint8_t *buf, int len)
+@@ -1674,9 +1940,9 @@ read_tun (struct tuntap* tt, uint8_t *buf, int len)
*/
void
@@ -3740,7 +3095,7 @@ index 59e87dc..cea1784 100644
/* Enable multicast on the interface */
if (tt->fd >= 0)
-@@ -1706,12 +1972,31 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6
+@@ -1697,12 +1963,31 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6
}
}
@@ -3772,7 +3127,7 @@ index 59e87dc..cea1784 100644
free (tt);
}
}
-@@ -1774,33 +2059,51 @@ read_tun (struct tuntap* tt, uint8_t *buf, int len)
+@@ -1765,33 +2050,51 @@ read_tun (struct tuntap* tt, uint8_t *buf, int len)
#elif defined(TARGET_NETBSD)
/*
@@ -3835,7 +3190,7 @@ index 59e87dc..cea1784 100644
if (tt)
{
close_tun_generic (tt);
-@@ -1808,6 +2111,65 @@ close_tun (struct tuntap *tt)
+@@ -1799,6 +2102,65 @@ close_tun (struct tuntap *tt)
}
}
@@ -3901,7 +3256,7 @@ index 59e87dc..cea1784 100644
int
write_tun (struct tuntap* tt, uint8_t *buf, int len)
{
-@@ -1819,6 +2181,7 @@ read_tun (struct tuntap* tt, uint8_t *buf, int len)
+@@ -1810,6 +2172,7 @@ read_tun (struct tuntap* tt, uint8_t *buf, int len)
{
return read (tt->fd, buf, len);
}
@@ -3909,7 +3264,7 @@ index 59e87dc..cea1784 100644
#elif defined(TARGET_FREEBSD)
-@@ -1832,9 +2195,9 @@ freebsd_modify_read_write_return (int len)
+@@ -1823,9 +2186,9 @@ freebsd_modify_read_write_return (int len)
}
void
@@ -3921,7 +3276,7 @@ index 59e87dc..cea1784 100644
if (tt->fd >= 0 && tt->type == DEV_TYPE_TUN)
{
-@@ -1920,9 +2283,9 @@ dragonfly_modify_read_write_return (int len)
+@@ -1911,9 +2274,9 @@ dragonfly_modify_read_write_return (int len)
}
void
@@ -3933,7 +3288,7 @@ index 59e87dc..cea1784 100644
if (tt->fd >= 0)
{
-@@ -1991,6 +2354,61 @@ read_tun (struct tuntap* tt, uint8_t *buf, int len)
+@@ -1982,6 +2345,61 @@ read_tun (struct tuntap* tt, uint8_t *buf, int len)
return read (tt->fd, buf, len);
}
@@ -3995,7 +3350,7 @@ index 59e87dc..cea1784 100644
#elif defined(WIN32)
int
-@@ -3976,7 +4394,7 @@ fork_register_dns_action (struct tuntap *tt)
+@@ -3967,7 +4385,7 @@ fork_register_dns_action (struct tuntap *tt)
}
void
@@ -4004,7 +3359,7 @@ index 59e87dc..cea1784 100644
{
struct gc_arena gc = gc_new ();
char device_path[256];
-@@ -3987,7 +4405,7 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6
+@@ -3978,7 +4396,7 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6
/*netcmd_semaphore_lock ();*/
@@ -4013,24 +3368,7 @@ index 59e87dc..cea1784 100644
if (tt->type == DEV_TYPE_NULL)
{
-@@ -4109,6 +4527,16 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6
- msg (M_FATAL, "ERROR: This version of " PACKAGE_NAME " requires a TAP-Win32 driver that is at least version %d.%d -- If you recently upgraded your " PACKAGE_NAME " distribution, a reboot is probably required at this point to get Windows to see the new driver.",
- TAP_WIN32_MIN_MAJOR,
- TAP_WIN32_MIN_MINOR);
-+
-+ /* usage of numeric constants is ugly, but this is really tied to
-+ * *this* version of the driver
-+ */
-+ if ( tt->ipv6 && tt->type == DEV_TYPE_TUN &&
-+ info[0] == 9 && info[1] < 8)
-+ {
-+ msg( M_INFO, "WARNING: Tap-Win32 driver version %d.%d does not support IPv6 in TUN mode. IPv6 will be disabled. Upgrade to Tap-Win32 9.8 (2.2-beta3 release or later) or use TAP mode to get IPv6", (int) info[0], (int) info[1] );
-+ tt->ipv6 = false;
-+ }
- }
-
- /* get driver MTU */
-@@ -4433,6 +4861,26 @@ close_tun (struct tuntap *tt)
+@@ -4432,6 +4850,26 @@ close_tun (struct tuntap *tt)
if (tt)
{
@@ -4057,7 +3395,7 @@ index 59e87dc..cea1784 100644
#if 1
if (tt->ipapi_context_defined)
{
-@@ -4536,9 +4984,9 @@ ipset2ascii_all (struct gc_arena *gc)
+@@ -4535,9 +4973,9 @@ ipset2ascii_all (struct gc_arena *gc)
#else /* generic */
void
@@ -4069,10 +3407,10 @@ index 59e87dc..cea1784 100644
}
void
-diff --git openvpn-2.2.0/tun.h openvpn-2.2-ipv6-20110522-1/tun.h
+diff --git a/tun.h b/tun.h
index 011ab54..f28b8d8 100644
---- openvpn-2.2.0/tun.h
-+++ openvpn-2.2-ipv6-20110522-1/tun.h
+--- a/tun.h
++++ b/tun.h
@@ -130,6 +130,7 @@ struct tuntap
int topology; /* one of the TOP_x values */
@@ -4119,10 +3457,10 @@ index 011ab54..f28b8d8 100644
in_addr_t local_public,
in_addr_t remote_public,
const bool strict_warn,
-diff --git openvpn-2.2.0/win32.c openvpn-2.2-ipv6-20110522-1/win32.c
+diff --git a/win32.c b/win32.c
index 2b7bf7b..cf6cc2d 100644
---- openvpn-2.2.0/win32.c
-+++ openvpn-2.2-ipv6-20110522-1/win32.c
+--- a/win32.c
++++ b/win32.c
@@ -874,16 +874,21 @@ win_safe_filename (const char *fn)
static char *
env_block (const struct env_set *es)
@@ -4164,10 +3502,10 @@ index 2b7bf7b..cf6cc2d 100644
*p = '\0';
return ret;
}
-diff --git openvpn-2.2.0/win32.h openvpn-2.2-ipv6-20110522-1/win32.h
+diff --git a/win32.h b/win32.h
index b6a162e..829933f 100644
---- openvpn-2.2.0/win32.h
-+++ openvpn-2.2-ipv6-20110522-1/win32.h
+--- a/win32.h
++++ b/win32.h
@@ -269,6 +269,8 @@ char *get_win_sys_path (void);
/* call self in a subprocess */