fix a bug leading to incorrect split-include netmasks

This bug was my fault. Introduced in 881eb286499baf78afbaeff4dbc5f055d23f1e4f on 15 Oct 2016 ("Correctly handle IPv4 route specified as either 10.1.2.0/255.255.255.0 or 10.1.2.0/24")

Left shift of >=32 bits is undefined on x86 (https://stackoverflow.com/a/7471843/20789), and it was causing split-includes of 0.0.0.0/0 to output inconsistent values to
the vpnc-script variables for split-includes:

	CISCO_SPLIT_INC_12_MASKLEN=0
	CISCO_SPLIT_INC_12_ADDR=0.0.0.0
	CISCO_SPLIT_INC_12_MASK=255.255.255.255   # generated by netmaskbits() in script.c -- WRONG!

Caught due to an assertion failing in vpn-slice: https://github.com/dlenski/vpn-slice/issues/9

Signed-off-by: Daniel Lenski <dlenski@gmail.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>

diff --git a/script.c b/script.c
index 4a78e67d81bf2e37fe187b5c2bfe2d69674b6ee3..5b751ad55c483fedefd06202c8d8f16ec64b6f53 100644 (file)
--- a/script.c
+++ b/script.c
@@ -81,7 +81,10 @@ static int netmasklen(struct in_addr addr)
 
 static uint32_t netmaskbits(int masklen)
 {
-       return htonl((0xffffffff << (32-masklen)));
+       if (masklen)
+               return htonl(0xffffffff << (32-masklen));
+       else /* Shifting by 32 is invalid, so special-case it */
+               return 0;
 }
 
 static int process_split_xxclude(struct openconnect_info *vpninfo,