diff options
author | David Sommerseth <davids@redhat.com> | 2012-09-09 03:30:46 +0200 |
---|---|---|
committer | David Sommerseth <davids@redhat.com> | 2012-09-11 19:01:14 +0200 |
commit | 5d4f5435a421299ed047485d8d99bdf9a0d22fd1 (patch) | |
tree | c7983645bab738d72ff6b903ed038fc6f4b16892 | |
parent | cae102ae0c2ff934c456cd584cbf87a33cd95206 (diff) | |
download | openvpn-5d4f5435a421299ed047485d8d99bdf9a0d22fd1.tar.gz openvpn-5d4f5435a421299ed047485d8d99bdf9a0d22fd1.tar.xz openvpn-5d4f5435a421299ed047485d8d99bdf9a0d22fd1.zip |
Fix reconnect issues when --push and UDP is used on the server
When the server is configured with UDP and --push statements, reconnecting
often fails by the client never receiving PUSH_REPLY. The client sends
PUSH_REQUEST and the server logs these requests but does not send them.
This bug got introduced in commit ff65da3a230b658b2c1d52dc1a48612e80a2eb42
which tries to avoid sending duplicated PUSH messages if the client/server
connection is slow.
This patch keeps this behaviour, but instead of a session wide PUSH_REPLY
block it sets an expiry time for the PUSH_REPLY block. The expiry time
is set to 30 seconds.
Signed-off-by: David Sommerseth <davids@redhat.com>
Cc: James Yonan <james@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Acked-by: James Yonan <james@openvpn.net>
Message-Id: 1347154246-20143-1-git-send-email-dazo@users.sourceforge.net
URL: http://article.gmane.org/gmane.network.openvpn.devel/7044
-rw-r--r-- | src/openvpn/openvpn.h | 2 | ||||
-rw-r--r-- | src/openvpn/push.c | 7 |
2 files changed, 6 insertions, 3 deletions
diff --git a/src/openvpn/openvpn.h b/src/openvpn/openvpn.h index 0732d0f..7abfb08 100644 --- a/src/openvpn/openvpn.h +++ b/src/openvpn/openvpn.h @@ -448,7 +448,7 @@ struct context_2 /* --ifconfig endpoints to be pushed to client */ bool push_reply_deferred; bool push_ifconfig_defined; - bool sent_push_reply; + time_t sent_push_reply_expiry; in_addr_t push_ifconfig_local; in_addr_t push_ifconfig_remote_netmask; #ifdef ENABLE_CLIENT_NAT diff --git a/src/openvpn/push.c b/src/openvpn/push.c index 8d7d23a..05a38e0 100644 --- a/src/openvpn/push.c +++ b/src/openvpn/push.c @@ -416,7 +416,10 @@ process_incoming_push_msg (struct context *c, } else if (!c->c2.push_reply_deferred && c->c2.context_auth == CAS_SUCCEEDED) { - if (c->c2.sent_push_reply) + time_t now; + + openvpn_time(&now); + if (c->c2.sent_push_reply_expiry > now) { ret = PUSH_MSG_ALREADY_REPLIED; } @@ -425,7 +428,7 @@ process_incoming_push_msg (struct context *c, if (send_push_reply (c)) { ret = PUSH_MSG_REQUEST; - c->c2.sent_push_reply = true; + c->c2.sent_push_reply_expiry = now + 30; } } } |