From: Jens Wagner <jwagner@hexonet.net>
Date: Tue, 7 Jan 2014 21:07:54 +0000 (+0100)
Subject: Fix spurious ignoring of pushed config options (trac#349).
X-Git-Tag: v2.4_alpha1~489
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1aac9a0b7a4046822a0134cd8693a828f2e16576;p=thirdparty%2Fopenvpn.git

Fix spurious ignoring of pushed config options (trac#349).

The function incoming_push_message(...) in push.c uses a local variable
option_types_found, that gets passed to do_up(...).

If the server push got split into several parts, only the last part
(PUSH_MSG_REPLY) option_types_found is used for do_up (initilized as 0
locally), the previous ones (PUSH_MSG_CONTINUATION) are ignored.

So e.g. a ping config, pushed by the server in the first push, followed
by a lot of "push route" configs, causing a second push message, will
have the do_up() called, but without e.g. the OPT_P_TIMER flag, so those
options will be silently ignored.

The patch resolves that, by introducing "push_option_types_found" in
"c->options" and using that as storage.

Fix trac bug #349.

Acked-by: Gert Doering <gert@greenie.muc.de>
URL: https://community.openvpn.net/openvpn/ticket/349
Signed-off-by: Gert Doering <gert@greenie.muc.de>
---

diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 6165faa06..0803da713 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -2866,6 +2866,7 @@ pre_pull_restore (struct options *o)
     }
 
   o->push_continuation = 0;
+  o->push_option_types_found = 0;
 }
 
 #endif
diff --git a/src/openvpn/options.h b/src/openvpn/options.h
index 95e67dfcd..bf232f481 100644
--- a/src/openvpn/options.h
+++ b/src/openvpn/options.h
@@ -464,6 +464,7 @@ struct options
   bool client;
   bool pull; /* client pull of config options from server */
   int push_continuation;
+  unsigned int push_option_types_found;
   const char *auth_user_pass_file;
   struct options_pre_pull *pre_pull;
 
diff --git a/src/openvpn/push.c b/src/openvpn/push.c
index bd08cff72..e971357d1 100644
--- a/src/openvpn/push.c
+++ b/src/openvpn/push.c
@@ -203,8 +203,10 @@ incoming_push_message (struct context *c, const struct buffer *buffer)
     msg (D_PUSH_ERRORS, "WARNING: Received bad push/pull message: %s", sanitize_control_message(BSTR(buffer), &gc));
   else if (status == PUSH_MSG_REPLY || status == PUSH_MSG_CONTINUATION)
     {
+      c->options.push_option_types_found |= option_types_found;
+
       if (status == PUSH_MSG_REPLY)
-	do_up (c, true, option_types_found); /* delay bringing tun/tap up until --push parms received from remote */
+	do_up (c, true, c->options.push_option_types_found ); /* delay bringing tun/tap up until --push parms received from remote */
       event_timeout_clear (&c->c2.push_request_interval);
     }