When the server is configured with UDP and --push statements, reconnecting
often fails by the client never receiving PUSH_REPLY. The client sends
PUSH_REQUEST and the server logs these requests but does not send them.
This bug got introduced in commit
ff65da3a230b658b2c1d52dc1a48612e80a2eb42
which tries to avoid sending duplicated PUSH messages if the client/server
connection is slow.
This patch keeps this behaviour, but instead of a session wide PUSH_REPLY
block it sets an expiry time for the PUSH_REPLY block. The expiry time
is set to 30 seconds.
Signed-off-by: David Sommerseth <davids@redhat.com>
Cc: James Yonan <james@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Acked-by: James Yonan <james@openvpn.net>
Message-Id:
1347154246-20143-1-git-send-email-dazo@users.sourceforge.net
URL: http://article.gmane.org/gmane.network.openvpn.devel/7044
/* --ifconfig endpoints to be pushed to client */
bool push_reply_deferred;
bool push_ifconfig_defined;
- bool sent_push_reply;
+ time_t sent_push_reply_expiry;
in_addr_t push_ifconfig_local;
in_addr_t push_ifconfig_remote_netmask;
#ifdef ENABLE_CLIENT_NAT
}
else if (!c->c2.push_reply_deferred && c->c2.context_auth == CAS_SUCCEEDED)
{
- if (c->c2.sent_push_reply)
+ time_t now;
+
+ openvpn_time(&now);
+ if (c->c2.sent_push_reply_expiry > now)
{
ret = PUSH_MSG_ALREADY_REPLIED;
}
if (send_push_reply (c))
{
ret = PUSH_MSG_REQUEST;
- c->c2.sent_push_reply = true;
+ c->c2.sent_push_reply_expiry = now + 30;
}
}
}
projects / thirdparty / openvpn.git / commitdiff
