a server if it sent multiple push requests due to the server being
slow to respond. This could cause the client to process pushed
options twice, leading to duplicate pushed routes, among other issues.
The fix, implemented server-side, is to reply only once to a push
request even if multiple requests are received.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7060
e7ae566f-a301-0410-adde-
c780ea21d3b5
/* --ifconfig endpoints to be pushed to client */
bool push_reply_deferred;
bool push_ifconfig_defined;
+ bool sent_push_reply;
in_addr_t push_ifconfig_local;
in_addr_t push_ifconfig_remote_netmask;
#ifdef ENABLE_CLIENT_NAT
}
else if (!c->c2.push_reply_deferred && c->c2.context_auth == CAS_SUCCEEDED)
{
- if (send_push_reply (c))
- ret = PUSH_MSG_REQUEST;
+ if (c->c2.sent_push_reply)
+ {
+ ret = PUSH_MSG_ALREADY_REPLIED;
+ }
+ else
+ {
+ if (send_push_reply (c))
+ {
+ ret = PUSH_MSG_REQUEST;
+ c->c2.sent_push_reply = true;
+ }
+ }
}
else
{
#define PUSH_MSG_REQUEST_DEFERRED 3
#define PUSH_MSG_AUTH_FAILURE 4
#define PUSH_MSG_CONTINUATION 5
+#define PUSH_MSG_ALREADY_REPLIED 6
void incoming_push_message (struct context *c,
const struct buffer *buffer);
projects / thirdparty / openvpn.git / commitdiff
