connman HEAD regression

connman HEAD regression

[i.Dark_Templar]

Good day.

I've found a regression in connman commit:

https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=416bfaff988882c553c672e5bfc2d4f648d29e8a

When VPN client is used, connman adds additional default route, bricking 
all networking.

To reproduce, use openvpn client to connect to VPN, or hamachi to 
connect to a network, or some other VPN client. Tested with both openvpn 
client and hamachi.

30-60 seconds after connection, connman adds routes, and with them, one 
additional default route.

Here are routing tables before mentioned commit:

$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use 
Iface
0.0.0.0         0.0.0.0         255.255.255.255 UH    0      0        0 ham0
0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0 eth0
25.0.0.0        0.0.0.0         255.0.0.0       U     0      0        0 ham0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 ham0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.1.1     0.0.0.0         255.255.255.255 UH    0      0        0 eth0

$ ip route
0.0.0.0 dev ham0 scope link
default via 192.168.1.1 dev eth0
25.0.0.0/8 dev ham0 proto kernel scope link src 25.75.105.187
169.254.0.0/16 dev ham0 proto kernel scope link src 169.254.124.73
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.158
192.168.1.1 dev eth0 scope link

Here are routing tables after mentioned commit:

$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use 
Iface
0.0.0.0         0.0.0.0         255.255.255.255 UH    0      0        0 ham0
0.0.0.0         0.0.0.0         0.0.0.0         U     0      0        0 ham0
0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0 eth0
25.0.0.0        0.0.0.0         255.0.0.0       U     0      0        0 ham0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 ham0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.1.1     0.0.0.0         255.255.255.255 UH    0      0        0 eth0

$ ip route
0.0.0.0 dev ham0 scope link
default dev ham0 scope link
default via 192.168.1.1 dev eth0
25.0.0.0/8 dev ham0 proto kernel scope link src 25.75.105.187
169.254.0.0/16 dev ham0 proto kernel scope link src 169.254.55.155
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.158
192.168.1.1 dev eth0 scope link

Same happens with openvpn instead of hamachi. Didn't test it with wireguard.

Distribution: Gentoo Linux amd64

Build options (if relevant):
./configure --prefix=/usr --build=x86_64-pc-linux-gnu 
--host=x86_64-pc-linux-gnu --mandir=/usr/share/man 
--infodir=/usr/share/info --datadir=/usr/share --sysconfdir=/etc 
--localstatedir=/var/lib --disable-dependency-tracking 
--disable-silent-rules --docdir=/usr/share/doc/connman-1.41-r1 
--htmldir=/usr/share/doc/connman-1.41-r1/html --with-sysroot=/ 
--libdir=/usr/lib64 --localstatedir=/var --runstatedir=/run 
--with-systemdunitdir=/lib/systemd/system 
--with-tmpfilesdir=/usr/lib/tmpfiles.d --enable-client 
--enable-datafiles --enable-loopback=builtin --disable-bluetooth 
--disable-debug --enable-ethernet=builtin --disable-test --disable-iwd 
--disable-l2tp --disable-nmcompat --disable-ofono --disable-openconnect 
--disable-openvpn --enable-polkit=builtin --disable-pptp --disable-tools 
--disable-vpnc --enable-wifi=builtin --disable-wireguard --disable-wispr 
--with-firewall=nftables --disable-iospm --disable-hh2serial-gps

Re: connman HEAD regression

[Daniel Wagner]

On Thu, Aug 18, 2022 at 07:29:54PM +0200, i.Dark_Templar wrote:
> I've found a regression in connman commit:
> 
> https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=416bfaff988882c553c672e5bfc2d4f648d29e8a

It looks like the wispr fix unrevealed some other bugs. Could try if
this patch [1] helps?

[1] https://lore.kernel.org/connman/20220828135322.21582-1-wagi@monom.org/

Re: connman HEAD regression

[i.Dark_Templar]

28.08.2022 16:10, Daniel Wagner пишет:
> On Thu, Aug 18, 2022 at 07:29:54PM +0200, i.Dark_Templar wrote:
>> I've found a regression in connman commit:
>>
>> https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=416bfaff988882c553c672e5bfc2d4f648d29e8a
> 
> It looks like the wispr fix unrevealed some other bugs. Could try if
> this patch [1] helps?
> 
> [1] https://lore.kernel.org/connman/20220828135322.21582-1-wagi@monom.org/

Good day.

Unfortunately this patch didn't fix issue for me.

Re: connman HEAD regression

[Daniel Wagner]

On Sun, Aug 28, 2022 at 04:55:35PM +0200, i.Dark_Templar wrote:
> Unfortunately this patch didn't fix issue for me.

Thanks for the quick test. Could you provide me the debug logs from
ConnMan?

Re: connman HEAD regression

[Daniel Wagner]

It looks like the route is added via the IPV4LL path:

connmand[29489]: src/network.c:dhcp_success() lease acquired for ipconfig 0x5575276057a0
connmand[29489]: src/inet.c:connman_inet_set_address() index 10 address 169.254.74.53 prefix_len 16
connmand[29489]: src/inet.c:__connman_inet_modify_address() cmd 0x14 flags 0x104 index 10 family 2 address 169.254.74.53 peer (null) prefixlen 16 broadcast (null) p2p false
connmand[29489]: src/ipconfig.c:__connman_ipconfig_gateway_add()
connmand[29489]: src/ipconfig.c:__connman_ipconfig_gateway_add() type 1 gw (null) peer (null)
connmand[29489]: src/connection.c:__connman_connection_gateway_add() service 0x557527609170 index 10 gateway 0.0.0.0 vpn ip (null) type 1
connmand[29489]: src/service.c:connman_service_ref_debug() 0x557527609170 ref 2 by src/connection.c:416:add_gateway()
connmand[29489]: src/connection.c:find_active_gateway()
connmand[29489]: src/connection.c:__connman_connection_gateway_add() active 0x5575275fd820 index 6 new 0x55752760d8f0
connmand[29489]: src/inet.c:get_interface_addresses() index 10 interface ham0
connmand[29489]: src/inet.c:connman_inet_get_dest_addr() destination 0.0.0.0
connmand[29489]: src/inet.c:connman_inet_add_network_route() index 10 host 0.0.0.0 gateway (null) netmask (null)
connmand[29489]: src/inet.c:connman_inet_add_network_route() ifname ham0

How do you configure ham0's IP address? It is supposed to be set via DHCP?

Re: connman HEAD regression

[Daniel Wagner]

On Sun, Aug 28, 2022 at 07:33:40PM +0200, Daniel Wagner wrote:
> It looks like the route is added via the IPV4LL path:
> 
> connmand[29489]: src/network.c:dhcp_success() lease acquired for ipconfig 0x5575276057a0
> connmand[29489]: src/inet.c:connman_inet_set_address() index 10 address 169.254.74.53 prefix_len 16
> connmand[29489]: src/inet.c:__connman_inet_modify_address() cmd 0x14 flags 0x104 index 10 family 2 address 169.254.74.53 peer (null) prefixlen 16 broadcast (null) p2p false
> connmand[29489]: src/ipconfig.c:__connman_ipconfig_gateway_add()
> connmand[29489]: src/ipconfig.c:__connman_ipconfig_gateway_add() type 1 gw (null) peer (null)
> connmand[29489]: src/connection.c:__connman_connection_gateway_add() service 0x557527609170 index 10 gateway 0.0.0.0 vpn ip (null) type 1
> connmand[29489]: src/service.c:connman_service_ref_debug() 0x557527609170 ref 2 by src/connection.c:416:add_gateway()
> connmand[29489]: src/connection.c:find_active_gateway()
> connmand[29489]: src/connection.c:__connman_connection_gateway_add() active 0x5575275fd820 index 6 new 0x55752760d8f0
> connmand[29489]: src/inet.c:get_interface_addresses() index 10 interface ham0
> connmand[29489]: src/inet.c:connman_inet_get_dest_addr() destination 0.0.0.0
> connmand[29489]: src/inet.c:connman_inet_add_network_route() index 10 host 0.0.0.0 gateway (null) netmask (null)
> connmand[29489]: src/inet.c:connman_inet_add_network_route() ifname ham0
> 
> How do you configure ham0's IP address? It is supposed to be set via DHCP?

Well, we should set a GW for IPV4LL DHCP leases:


diff --git a/src/network.c b/src/network.c
index 2090e7fe944e..68679f5939b3 100644
--- a/src/network.c
+++ b/src/network.c
@@ -444,9 +444,11 @@ static void dhcp_success(struct connman_network *network)
        if (err < 0)
                goto err;
 
-       err = __connman_ipconfig_gateway_add(ipconfig_ipv4);
-       if (err < 0)
-               goto err;
+       if (!__connman_ipconfig_get_local(ipconfig_ipv4)) {
+               err = __connman_ipconfig_gateway_add(ipconfig_ipv4);
+               if (err < 0)
+                       goto err;
+       }
 
        __connman_service_save(service);

Re: connman HEAD regression

[i.Dark_Templar]

28.08.2022 19:33, Daniel Wagner пишет:
> It looks like the route is added via the IPV4LL path:
> 
> connmand[29489]: src/network.c:dhcp_success() lease acquired for ipconfig 0x5575276057a0
> connmand[29489]: src/inet.c:connman_inet_set_address() index 10 address 169.254.74.53 prefix_len 16
> connmand[29489]: src/inet.c:__connman_inet_modify_address() cmd 0x14 flags 0x104 index 10 family 2 address 169.254.74.53 peer (null) prefixlen 16 broadcast (null) p2p false
> connmand[29489]: src/ipconfig.c:__connman_ipconfig_gateway_add()
> connmand[29489]: src/ipconfig.c:__connman_ipconfig_gateway_add() type 1 gw (null) peer (null)
> connmand[29489]: src/connection.c:__connman_connection_gateway_add() service 0x557527609170 index 10 gateway 0.0.0.0 vpn ip (null) type 1
> connmand[29489]: src/service.c:connman_service_ref_debug() 0x557527609170 ref 2 by src/connection.c:416:add_gateway()
> connmand[29489]: src/connection.c:find_active_gateway()
> connmand[29489]: src/connection.c:__connman_connection_gateway_add() active 0x5575275fd820 index 6 new 0x55752760d8f0
> connmand[29489]: src/inet.c:get_interface_addresses() index 10 interface ham0
> connmand[29489]: src/inet.c:connman_inet_get_dest_addr() destination 0.0.0.0
> connmand[29489]: src/inet.c:connman_inet_add_network_route() index 10 host 0.0.0.0 gateway (null) netmask (null)
> connmand[29489]: src/inet.c:connman_inet_add_network_route() ifname ham0
> 
> How do you configure ham0's IP address? It is supposed to be set via DHCP?

I don't do any manual configuration. Hamachi does it on it's own as far 
as I'm aware. I.e. it connects to network and assigns an address to 
network interface on it's own after that depending on network it 
connected to. I guess it might be similar to DHCP.

Re: connman HEAD regression

[Daniel Wagner]

On Sun, Aug 28, 2022 at 07:40:50PM +0200, Daniel Wagner wrote:
> On Sun, Aug 28, 2022 at 07:33:40PM +0200, Daniel Wagner wrote:
> > It looks like the route is added via the IPV4LL path:
> > 
> > connmand[29489]: src/network.c:dhcp_success() lease acquired for ipconfig 0x5575276057a0
> > connmand[29489]: src/inet.c:connman_inet_set_address() index 10 address 169.254.74.53 prefix_len 16
> > connmand[29489]: src/inet.c:__connman_inet_modify_address() cmd 0x14 flags 0x104 index 10 family 2 address 169.254.74.53 peer (null) prefixlen 16 broadcast (null) p2p false
> > connmand[29489]: src/ipconfig.c:__connman_ipconfig_gateway_add()
> > connmand[29489]: src/ipconfig.c:__connman_ipconfig_gateway_add() type 1 gw (null) peer (null)
> > connmand[29489]: src/connection.c:__connman_connection_gateway_add() service 0x557527609170 index 10 gateway 0.0.0.0 vpn ip (null) type 1
> > connmand[29489]: src/service.c:connman_service_ref_debug() 0x557527609170 ref 2 by src/connection.c:416:add_gateway()
> > connmand[29489]: src/connection.c:find_active_gateway()
> > connmand[29489]: src/connection.c:__connman_connection_gateway_add() active 0x5575275fd820 index 6 new 0x55752760d8f0
> > connmand[29489]: src/inet.c:get_interface_addresses() index 10 interface ham0
> > connmand[29489]: src/inet.c:connman_inet_get_dest_addr() destination 0.0.0.0
> > connmand[29489]: src/inet.c:connman_inet_add_network_route() index 10 host 0.0.0.0 gateway (null) netmask (null)
> > connmand[29489]: src/inet.c:connman_inet_add_network_route() ifname ham0
> > 
> > How do you configure ham0's IP address? It is supposed to be set via DHCP?
> 
> Well, we should set a GW for IPV4LL DHCP leases:
                ^^^^
                not

Re: connman HEAD regression

[Daniel Wagner]

On Sun, Aug 28, 2022 at 07:40:50PM +0200, Daniel Wagner wrote:
> Well, we should set a GW for IPV4LL DHCP leases:
> 
> 
> diff --git a/src/network.c b/src/network.c
> index 2090e7fe944e..68679f5939b3 100644
> --- a/src/network.c
> +++ b/src/network.c
> @@ -444,9 +444,11 @@ static void dhcp_success(struct connman_network *network)
>         if (err < 0)
>                 goto err;
>  
> -       err = __connman_ipconfig_gateway_add(ipconfig_ipv4);
> -       if (err < 0)
> -               goto err;
> +       if (!__connman_ipconfig_get_local(ipconfig_ipv4)) {
> +               err = __connman_ipconfig_gateway_add(ipconfig_ipv4);
> +               if (err < 0)
> +                       goto err;
> +       }
>  
>         __connman_service_save(service);

meh, this doesn't work. let me spin another patch

Re: connman HEAD regression

[Daniel Wagner]

On Sun, Aug 28, 2022 at 07:48:01PM +0200, i.Dark_Templar wrote:
> I don't do any manual configuration. Hamachi does it on it's own as far as
> I'm aware. I.e. it connects to network and assigns an address to network
> interface on it's own after that depending on network it connected to. I
> guess it might be similar to DHCP.

Right, so without an manual configuration (static IP) ConnMan starts the
DHCP client and if this fails it assigns the interface a link local
address. And we also try to set the GW for such an address. In my test
setup with OpenVPN I have fixed IPs assigned, hence I don't see this
problem. No idea how Hamachi is working but if it's assign the IP
address itself you might want to disable the auto configure method anyway.

Re: connman HEAD regression

[i.Dark_Templar]

28.08.2022 19:40, Daniel Wagner пишет:
> On Sun, Aug 28, 2022 at 07:33:40PM +0200, Daniel Wagner wrote:
>> It looks like the route is added via the IPV4LL path:
>>
>> connmand[29489]: src/network.c:dhcp_success() lease acquired for ipconfig 0x5575276057a0
>> connmand[29489]: src/inet.c:connman_inet_set_address() index 10 address 169.254.74.53 prefix_len 16
>> connmand[29489]: src/inet.c:__connman_inet_modify_address() cmd 0x14 flags 0x104 index 10 family 2 address 169.254.74.53 peer (null) prefixlen 16 broadcast (null) p2p false
>> connmand[29489]: src/ipconfig.c:__connman_ipconfig_gateway_add()
>> connmand[29489]: src/ipconfig.c:__connman_ipconfig_gateway_add() type 1 gw (null) peer (null)
>> connmand[29489]: src/connection.c:__connman_connection_gateway_add() service 0x557527609170 index 10 gateway 0.0.0.0 vpn ip (null) type 1
>> connmand[29489]: src/service.c:connman_service_ref_debug() 0x557527609170 ref 2 by src/connection.c:416:add_gateway()
>> connmand[29489]: src/connection.c:find_active_gateway()
>> connmand[29489]: src/connection.c:__connman_connection_gateway_add() active 0x5575275fd820 index 6 new 0x55752760d8f0
>> connmand[29489]: src/inet.c:get_interface_addresses() index 10 interface ham0
>> connmand[29489]: src/inet.c:connman_inet_get_dest_addr() destination 0.0.0.0
>> connmand[29489]: src/inet.c:connman_inet_add_network_route() index 10 host 0.0.0.0 gateway (null) netmask (null)
>> connmand[29489]: src/inet.c:connman_inet_add_network_route() ifname ham0
>>
>> How do you configure ham0's IP address? It is supposed to be set via DHCP?
> 
> Well, we should set a GW for IPV4LL DHCP leases:
> 
> 
> diff --git a/src/network.c b/src/network.c
> index 2090e7fe944e..68679f5939b3 100644
> --- a/src/network.c
> +++ b/src/network.c
> @@ -444,9 +444,11 @@ static void dhcp_success(struct connman_network *network)
>          if (err < 0)
>                  goto err;
>   
> -       err = __connman_ipconfig_gateway_add(ipconfig_ipv4);
> -       if (err < 0)
> -               goto err;
> +       if (!__connman_ipconfig_get_local(ipconfig_ipv4)) {
> +               err = __connman_ipconfig_gateway_add(ipconfig_ipv4);
> +               if (err < 0)
> +                       goto err;
> +       }
>   
>          __connman_service_save(service);

With this patch, when I'm restarting connman, my network doesn't work. 
Not enough default routes present.

Here's my routing table without this patch and without VPNs:

$ ip route
default via 192.168.1.1 dev eth0
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.158
192.168.1.1 dev eth0 scope link

Here it is with this patch:

$ ip route
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.158

eth0 is a wired link, and it uses DHCP for address assignment.

Re: connman HEAD regression

[Daniel Wagner]

I suppose we could make __connman_ipconfig_gateway_add() a bit more
restrictive:

diff --git a/src/ipconfig.c b/src/ipconfig.c
index 34b1724a22bb..9f17f4989ea8 100644
--- a/src/ipconfig.c
+++ b/src/ipconfig.c
@@ -1172,7 +1172,7 @@ int __connman_ipconfig_gateway_add(struct connman_ipconfig *ipconfig)
 
 	DBG("");
 
-	if (!ipconfig->address)
+	if (!ipconfig->address || !ipconfig->address->gateway)
 		return -EINVAL;
 
 	service = __connman_service_lookup_from_index(ipconfig->index);

Re: connman HEAD regression

[i.Dark_Templar]

28.08.2022 20:03, Daniel Wagner пишет:
> On Sun, Aug 28, 2022 at 07:48:01PM +0200, i.Dark_Templar wrote:
>> I don't do any manual configuration. Hamachi does it on it's own as far as
>> I'm aware. I.e. it connects to network and assigns an address to network
>> interface on it's own after that depending on network it connected to. I
>> guess it might be similar to DHCP.
> 
> Right, so without an manual configuration (static IP) ConnMan starts the
> DHCP client and if this fails it assigns the interface a link local
> address. And we also try to set the GW for such an address. In my test
> setup with OpenVPN I have fixed IPs assigned, hence I don't see this
> problem. No idea how Hamachi is working but if it's assign the IP
> address itself you might want to disable the auto configure method anyway.

It should be replicapable in OpenVPN with DHCP (i.e. non-static addresses).

Re: connman HEAD regression

[Daniel Wagner]

> With this patch, when I'm restarting connman, my network doesn't work. Not
> enough default routes present.
> 
> Here's my routing table without this patch and without VPNs:
> 
> $ ip route
> default via 192.168.1.1 dev eth0
> 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.158
> 192.168.1.1 dev eth0 scope link
> 
> Here it is with this patch:
> 
> $ ip route
> 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.158
> 
> eth0 is a wired link, and it uses DHCP for address assignment.

Yeah, I assumed that __connman_ipconfig_get_local() is only used with
IPV4LL which was not true. See my other path. This one should filter out
the invalid GW address.

Re: connman HEAD regression

[i.Dark_Templar]

28.08.2022 20:08, Daniel Wagner пишет:
> I suppose we could make __connman_ipconfig_gateway_add() a bit more
> restrictive:
> 
> diff --git a/src/ipconfig.c b/src/ipconfig.c
> index 34b1724a22bb..9f17f4989ea8 100644
> --- a/src/ipconfig.c
> +++ b/src/ipconfig.c
> @@ -1172,7 +1172,7 @@ int __connman_ipconfig_gateway_add(struct connman_ipconfig *ipconfig)
>   
>   	DBG("");
>   
> -	if (!ipconfig->address)
> +	if (!ipconfig->address || !ipconfig->address->gateway)
>   		return -EINVAL;
>   
>   	service = __connman_service_lookup_from_index(ipconfig->index);

This version looks working with Hamachi. Thanks a lot!

I'll check it with OpenVPN a few days later. If it doesn't work I'll 
send another email. But I expect it to work too.

Here's how routing table looks now with Hamachi:

$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use 
Iface
0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0 eth0
25.0.0.0        0.0.0.0         255.0.0.0       U     0      0        0 ham0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.1.1     0.0.0.0         255.255.255.255 UH    0      0        0 eth0

$ ip route
default via 192.168.1.1 dev eth0
25.0.0.0/8 dev ham0 proto kernel scope link src 25.75.105.187
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.158
192.168.1.1 dev eth0 scope link

Re: connman HEAD regression

[Daniel Wagner]

On Sun, Aug 28, 2022 at 08:19:10PM +0200, i.Dark_Templar wrote:
> 28.08.2022 20:08, Daniel Wagner пишет:
> > I suppose we could make __connman_ipconfig_gateway_add() a bit more
> > restrictive:
> > 
> > diff --git a/src/ipconfig.c b/src/ipconfig.c
> > index 34b1724a22bb..9f17f4989ea8 100644
> > --- a/src/ipconfig.c
> > +++ b/src/ipconfig.c
> > @@ -1172,7 +1172,7 @@ int __connman_ipconfig_gateway_add(struct connman_ipconfig *ipconfig)
> >   	DBG("");
> > -	if (!ipconfig->address)
> > +	if (!ipconfig->address || !ipconfig->address->gateway)
> >   		return -EINVAL;
> >   	service = __connman_service_lookup_from_index(ipconfig->index);
> 
> This version looks working with Hamachi. Thanks a lot!
> 
> I'll check it with OpenVPN a few days later. If it doesn't work I'll send
> another email. But I expect it to work too.

Cool thanks for the quick test. I'll go ahead and apply the patch.

Re: connman HEAD regression

[Daniel Wagner]

On Sun, Aug 28, 2022 at 08:08:24PM +0200, i.Dark_Templar wrote:
> 28.08.2022 20:03, Daniel Wagner пишет:
> > On Sun, Aug 28, 2022 at 07:48:01PM +0200, i.Dark_Templar wrote:
> > > I don't do any manual configuration. Hamachi does it on it's own as far as
> > > I'm aware. I.e. it connects to network and assigns an address to network
> > > interface on it's own after that depending on network it connected to. I
> > > guess it might be similar to DHCP.
> > 
> > Right, so without an manual configuration (static IP) ConnMan starts the
> > DHCP client and if this fails it assigns the interface a link local
> > address. And we also try to set the GW for such an address. In my test
> > setup with OpenVPN I have fixed IPs assigned, hence I don't see this
> > problem. No idea how Hamachi is working but if it's assign the IP
> > address itself you might want to disable the auto configure method anyway.
> 
> It should be replicapable in OpenVPN with DHCP (i.e. non-static addresses).

Unfortunately, the fix I provided introduces a regression.

https://lore.kernel.org/connman/66993511-8b3c-bf48-beaf-9ff9e6ee446b@gmail.com/T/#u

After reviewing what we do in the OpenVPN plugin I am pretty sure, we
don't enable DHCP on those links. This plugin is using
connman_provider_set_ipaddress() to set the method to
CONNMAN_IPCONFIG_METHOD_FIXED. Thus we don't enable DHCP on those
network interfaces.

I am not familiar with Hamachi but from a quick glance at the REAMDE I'd
say the real fix to this problem is pretty simple. ConnMan should ignore
the Hamachi interface: 'connmand -I ham0 ...'. ConnMan is trying to take
control over these devices and hence it enables DHCP (with IPv4LL as
fallback).

With this in mind I am going to revert the cb05780d86c3 ("ipconfig:
Don't add invalid gateway routes") commit as suggest by Geoffrey.

Daniel

Re: connman HEAD regression

[Daniel Wagner]

On Sun, Dec 18, 2022 at 08:09:49PM +0100, Daniel Wagner wrote:
> On Sun, Aug 28, 2022 at 08:08:24PM +0200, i.Dark_Templar wrote:
> > 28.08.2022 20:03, Daniel Wagner пишет:
> > > On Sun, Aug 28, 2022 at 07:48:01PM +0200, i.Dark_Templar wrote:
> > > > I don't do any manual configuration. Hamachi does it on it's own as far as
> > > > I'm aware. I.e. it connects to network and assigns an address to network
> > > > interface on it's own after that depending on network it connected to. I
> > > > guess it might be similar to DHCP.
> > > 
> > > Right, so without an manual configuration (static IP) ConnMan starts the
> > > DHCP client and if this fails it assigns the interface a link local
> > > address. And we also try to set the GW for such an address. In my test
> > > setup with OpenVPN I have fixed IPs assigned, hence I don't see this
> > > problem. No idea how Hamachi is working but if it's assign the IP
> > > address itself you might want to disable the auto configure method anyway.
> > 
> > It should be replicapable in OpenVPN with DHCP (i.e. non-static addresses).
> 
> Unfortunately, the fix I provided introduces a regression.
> 
> https://lore.kernel.org/connman/66993511-8b3c-bf48-beaf-9ff9e6ee446b@gmail.com/T/#u
> 
> After reviewing what we do in the OpenVPN plugin I am pretty sure, we
> don't enable DHCP on those links. This plugin is using
> connman_provider_set_ipaddress() to set the method to
> CONNMAN_IPCONFIG_METHOD_FIXED. Thus we don't enable DHCP on those
> network interfaces.
> 
> I am not familiar with Hamachi but from a quick glance at the REAMDE I'd
> say the real fix to this problem is pretty simple. ConnMan should ignore
> the Hamachi interface: 'connmand -I ham0 ...'. ConnMan is trying to take
> control over these devices and hence it enables DHCP (with IPv4LL as
> fallback).
> 
> With this in mind I am going to revert the cb05780d86c3 ("ipconfig:
> Don't add invalid gateway routes") commit as suggest by Geoffrey.

BTW, we could add the 'ham' network interface to the default_blacklist
which would ignore those interfaces per default as a fix for
Dark_Templar's problem.