shill: Fix PPP routes when remote IP points to the public gateway IP
Prior to the introduction of per-device routing tables,
Connection::FixGatewayReachability() used to fix the following scenario:
PPP Local IP = private (VPN) IP -> local address on ppp0
PPP Remote IP = public VPN gateway IP -> p2p address on ppp0
PPP Gateway IP = public VPN gateway IP -> route next hop
It was believed that this fix was unnecessary when per-device routing
tables were used, because they have an explicit RTN_THROW entry for
the public VPN gateway IP. However, it turns out that the kernel
automatically generates a route in RT_TABLE_MAIN for a point-to-point
address if it is specified (|peer| in RTNLHandler::AddressRequest()).
This inadvertently creates a routing loop on certain L2TP/IPsec VPN
setups.
Since the peer address and gateway are unnecessary for PPP connections
that use per-device routing tables, just zero them out.
BUG=chromium:813199
TEST=manually connect to ipvanish VPN (which shows the problem)
TEST=manually connect to a locally-administered strongSwan setup
(which doesn't)
TEST=unit tests
TEST=autotests
Change-Id: Idcbfb0310fff3ed6828cc3c04f160d48d3db1029
Reviewed-on: https://chromium-review.googlesource.com/924471
Commit-Ready: Kevin Cernekee <cernekee@chromium.org>
Tested-by: Kevin Cernekee <cernekee@chromium.org>
Reviewed-by: Kirtika Ruchandani <kirtika@chromium.org>
(cherry picked from commit 6e37823dc2c4debb84cbb37dd97bfa358f2d0682)
1 file changed