summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavid Sommerseth <davids@redhat.com>2012-09-09 03:30:46 +0200
committerDavid Sommerseth <davids@redhat.com>2012-09-11 19:01:14 +0200
commit5d4f5435a421299ed047485d8d99bdf9a0d22fd1 (patch)
treec7983645bab738d72ff6b903ed038fc6f4b16892
parentcae102ae0c2ff934c456cd584cbf87a33cd95206 (diff)
downloadopenvpn-5d4f5435a421299ed047485d8d99bdf9a0d22fd1.tar.gz
openvpn-5d4f5435a421299ed047485d8d99bdf9a0d22fd1.tar.xz
openvpn-5d4f5435a421299ed047485d8d99bdf9a0d22fd1.zip
Fix reconnect issues when --push and UDP is used on the server
When the server is configured with UDP and --push statements, reconnecting often fails by the client never receiving PUSH_REPLY. The client sends PUSH_REQUEST and the server logs these requests but does not send them. This bug got introduced in commit ff65da3a230b658b2c1d52dc1a48612e80a2eb42 which tries to avoid sending duplicated PUSH messages if the client/server connection is slow. This patch keeps this behaviour, but instead of a session wide PUSH_REPLY block it sets an expiry time for the PUSH_REPLY block. The expiry time is set to 30 seconds. Signed-off-by: David Sommerseth <davids@redhat.com> Cc: James Yonan <james@openvpn.net> Acked-by: Gert Doering <gert@greenie.muc.de> Acked-by: James Yonan <james@openvpn.net> Message-Id: 1347154246-20143-1-git-send-email-dazo@users.sourceforge.net URL: http://article.gmane.org/gmane.network.openvpn.devel/7044
-rw-r--r--src/openvpn/openvpn.h2
-rw-r--r--src/openvpn/push.c7
2 files changed, 6 insertions, 3 deletions
diff --git a/src/openvpn/openvpn.h b/src/openvpn/openvpn.h
index 0732d0f..7abfb08 100644
--- a/src/openvpn/openvpn.h
+++ b/src/openvpn/openvpn.h
@@ -448,7 +448,7 @@ struct context_2
/* --ifconfig endpoints to be pushed to client */
bool push_reply_deferred;
bool push_ifconfig_defined;
- bool sent_push_reply;
+ time_t sent_push_reply_expiry;
in_addr_t push_ifconfig_local;
in_addr_t push_ifconfig_remote_netmask;
#ifdef ENABLE_CLIENT_NAT
diff --git a/src/openvpn/push.c b/src/openvpn/push.c
index 8d7d23a..05a38e0 100644
--- a/src/openvpn/push.c
+++ b/src/openvpn/push.c
@@ -416,7 +416,10 @@ process_incoming_push_msg (struct context *c,
}
else if (!c->c2.push_reply_deferred && c->c2.context_auth == CAS_SUCCEEDED)
{
- if (c->c2.sent_push_reply)
+ time_t now;
+
+ openvpn_time(&now);
+ if (c->c2.sent_push_reply_expiry > now)
{
ret = PUSH_MSG_ALREADY_REPLIED;
}
@@ -425,7 +428,7 @@ process_incoming_push_msg (struct context *c,
if (send_push_reply (c))
{
ret = PUSH_MSG_REQUEST;
- c->c2.sent_push_reply = true;
+ c->c2.sent_push_reply_expiry = now + 30;
}
}
}