From 536809792da2e4f540015f032ab656680021be03 Mon Sep 17 00:00:00 2001 From: Frank Lichtenheld Date: Sun, 9 Mar 2025 17:55:00 +0100 Subject: [PATCH] Remove unused function check_subnet_conflict This has been #if 0 for over a decade. Let's just remove this. Change-Id: If570253e57371e4126b0e8aa4c349e2051cb8b00 Signed-off-by: Frank Lichtenheld Acked-by: Gert Doering Message-Id: <20250309165500.21796-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg31083.html Signed-off-by: Gert Doering --- src/openvpn/route.c | 1 - src/openvpn/tun.c | 47 --------------------------------------------- src/openvpn/tun.h | 4 ---- 3 files changed, 52 deletions(-) diff --git a/src/openvpn/route.c b/src/openvpn/route.c index 245b15b6453..dbdc01dcf62 100644 --- a/src/openvpn/route.c +++ b/src/openvpn/route.c @@ -1218,7 +1218,6 @@ add_routes(struct route_list *rl, struct route_ipv6_list *rl6, for (r = rl->routes; r; r = r->next) { - check_subnet_conflict(r->network, r->netmask, "route"); if (flags & ROUTE_DELETE_FIRST) { delete_route(r, tt, flags, &rl->rgi, es, ctx); diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index 4817f45e569..de54e89163c 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -626,44 +626,6 @@ check_addr_clash(const char *name, gc_free(&gc); } -/* - * Issue a warning if ip/netmask (on the virtual IP network) conflicts with - * the settings on the local LAN. This is designed to flag issues where - * (for example) the OpenVPN server LAN is running on 192.168.1.x, but then - * an OpenVPN client tries to connect from a public location that is also running - * off of a router set to 192.168.1.x. - */ -void -check_subnet_conflict(const in_addr_t ip, - const in_addr_t netmask, - const char *prefix) -{ -#if 0 /* too many false positives */ - struct gc_arena gc = gc_new(); - in_addr_t lan_gw = 0; - in_addr_t lan_netmask = 0; - - if (get_default_gateway(&lan_gw, &lan_netmask) && lan_netmask) - { - const in_addr_t lan_network = lan_gw & lan_netmask; - const in_addr_t network = ip & netmask; - - /* do the two subnets defined by network/netmask and lan_network/lan_netmask intersect? */ - if ((network & lan_netmask) == lan_network - || (lan_network & netmask) == network) - { - msg(M_WARN, "WARNING: potential %s subnet conflict between local LAN [%s/%s] and remote VPN [%s/%s]", - prefix, - print_in_addr_t(lan_network, 0, &gc), - print_in_addr_t(lan_netmask, 0, &gc), - print_in_addr_t(network, 0, &gc), - print_in_addr_t(netmask, 0, &gc)); - } - } - gc_free(&gc); -#endif /* if 0 */ -} - void warn_on_use_of_common_subnets(openvpn_net_ctx_t *ctx) { @@ -922,15 +884,6 @@ init_tun(const char *dev, /* --dev option */ tt->remote_netmask); } } - - if (!tun_p2p) - { - check_subnet_conflict(tt->local, tt->remote_netmask, "TUN/TAP adapter"); - } - else - { - check_subnet_conflict(tt->local, IPV4_NETMASK_HOST, "TUN/TAP adapter"); - } } #ifdef _WIN32 diff --git a/src/openvpn/tun.h b/src/openvpn/tun.h index ccba0bcc0e8..b616f5d8f03 100644 --- a/src/openvpn/tun.h +++ b/src/openvpn/tun.h @@ -355,10 +355,6 @@ const char *ifconfig_options_string(const struct tuntap *tt, bool remote, bool d bool is_tun_p2p(const struct tuntap *tt); -void check_subnet_conflict(const in_addr_t ip, - const in_addr_t netmask, - const char *prefix); - void warn_on_use_of_common_subnets(openvpn_net_ctx_t *ctx); /**