www.infradead.org Git - users/dwmw2/openconnect.git/commit

author	Daniel Lenski <dlenski@gmail.com>
	Sun, 24 May 2020 18:47:37 +0000 (11:47 -0700)
committer	Daniel Lenski <dlenski@gmail.com>
	Wed, 4 Nov 2020 22:29:18 +0000 (22:29 +0000)
commit	99ae55aec1408a2905df72394dab99cb6fb41aed
tree	f8261cec958cdf91d13be43792ad371c0463f9df	tree
parent	bb794e2557c23489fa1aafc31fc254dfa53acee2	commit \| diff

GP: Fix the issue of a 0.0.0.0/0 "split"-include route by swapping the "split" route with the default netmask.

GlobalProtect VPNs always or almost always send `<netmask>255.255.255.255</netmask>` (host route). If they
wish to include a true IPv4 default route (`0.0.0.0/0`), they send it a "split"-include route.

This interferes with NetworkManager users’ ability to use the "Use only for
resources on this connection" feature of NM's VPN plugins. (Which basically
tells NM to use only split routes from the connection, and ignore a default route.)

This patch detects the case of a 0.0.0.0/0 IPv4 "split"-include route, and swaps it to become the default
default route.

See: https://gitlab.gnome.org/GNOME/NetworkManager-openconnect/-/merge_requests/12#note_818780

Signed-off-by: Daniel Lenski <dlenski@gmail.com>