dco: pass local option to DCO

If the local option is present, DCO should use it as the source IP, or Linux may pick a different IP as the source IP, breaking the connection. Signed-off-by: Qingfang Deng <[email protected]>
OpenVPN · Jan 14, 2025 · 1563695 · 1563695
1 parent 5e086c0
commit 1563695
Showing 1 changed file with 11 additions and 2 deletions.
diff --git a/src/openvpn/dco.c b/src/openvpn/dco.c
@@ -493,6 +493,7 @@ dco_p2p_add_new_peer(struct context *c)
     ASSERT(sock->info.connection_established);
 
     struct sockaddr *remoteaddr = &sock->info.lsa->actual.dest.addr.sa;
+    struct sockaddr *localaddr = NULL;
     struct tls_multi *multi = c->c2.tls_multi;
 #ifdef TARGET_FREEBSD
     /* In Linux in P2P mode the kernel automatically removes an existing peer
@@ -503,8 +504,11 @@ dco_p2p_add_new_peer(struct context *c)
         c->c2.tls_multi->dco_peer_id = -1;
     }
 #endif
+    if (ls->bind_local && ls->info.lsa->bind_local)
+        localaddr = ls->info.lsa->bind_local->ai_addr;
+
     int ret = dco_new_peer(&c->c1.tuntap->dco, multi->peer_id,
-                           c->c2.link_sockets[0]->sd, NULL, remoteaddr, NULL, NULL);
+                           c->c2.link_sockets[0]->sd, localaddr, remoteaddr, NULL, NULL);
     if (ret < 0)
     {
         return ret;
@@ -616,7 +620,12 @@ dco_multi_add_new_peer(struct multi_context *m, struct multi_instance *mi)
         vpn_addr6 = &c->c2.push_ifconfig_ipv6_local;
     }
 
-    if (dco_multi_get_localaddr(m, mi, &local))
+    struct link_socket *ls = c->c2.link_socket;
+    if (ls->bind_local && ls->info.lsa->bind_local)
+    {
+        localaddr = ls->info.lsa->bind_local->ai_addr;
+    }
+    else if (dco_multi_get_localaddr(m, mi, &local))
     {
         localaddr = (struct sockaddr *)&local;
     }