$OpenBSD: patch-src_openvpn_route_c,v 1.15 2021/03/02 10:39:38 jca Exp $

- #1: add support for on-link routes

- #2, #3: don't advertise an RTA_IFP that is not actually included

Index: src/openvpn/route.c
--- src/openvpn/route.c.orig
+++ src/openvpn/route.c
@@ -1808,12 +1808,17 @@ add_route(struct route_ipv4 *r,
     }
 #endif
 
-    argv_printf_cat(&argv, "-net %s %s -netmask %s",
+    argv_printf_cat (&argv, "-net %s -netmask %s",
                     network,
-                    gateway,
                     netmask);
 
-    /* FIXME -- add on-link support for OpenBSD/NetBSD */
+    /* FIXME -- add on-link support for NetBSD */
+#ifdef TARGET_OPENBSD
+    if (is_on_link (is_local_route, flags, rgi))
+        argv_printf_cat (&argv, "-link -iface %s", rgi->iface);
+    else
+#endif
+        argv_printf_cat (&argv, "%s", gateway);
 
     argv_msg(D_ROUTE, &argv);
     status = openvpn_execve_check(&argv, es, 0, "ERROR: OpenBSD/NetBSD route add command failed");
@@ -3480,7 +3485,7 @@ get_default_gateway(struct route_gateway_info *rgi, op
     /* setup data to send to routing socket */
     pid = getpid();
     seq = 0;
-    rtm_addrs = RTA_DST | RTA_NETMASK | RTA_IFP;
+    rtm_addrs = RTA_DST | RTA_NETMASK;
 
     bzero(&m_rtmsg, sizeof(m_rtmsg));
     bzero(&so_dst, sizeof(so_dst));
@@ -3698,7 +3703,7 @@ get_default_gateway_ipv6(struct route_ipv6_gateway_inf
     /* setup data to send to routing socket */
     pid = getpid();
     seq = 0;
-    rtm_addrs = RTA_DST | RTA_NETMASK | RTA_IFP;
+    rtm_addrs = RTA_DST | RTA_NETMASK;
 
     bzero(&m_rtmsg, sizeof(m_rtmsg));
     bzero(&so_dst, sizeof(so_dst));
