diff options
| author | James Yonan <james@openvpn.net> | 2011-04-02 08:21:28 +0000 |
|---|---|---|
| committer | James Yonan <james@openvpn.net> | 2011-04-02 08:21:28 +0000 |
| commit | ad82a4a668eecb653cfdd1e42e1c932b8a5e67ad (patch) | |
| tree | 8f544d57e9d32e87bcc87a0453dbe97942d2b0a0 /init.c | |
| parent | a902ae8881fc32bec13b4a419fb6e09a846df0e6 (diff) | |
| download | openvpn-ad82a4a668eecb653cfdd1e42e1c932b8a5e67ad.tar.gz openvpn-ad82a4a668eecb653cfdd1e42e1c932b8a5e67ad.tar.xz openvpn-ad82a4a668eecb653cfdd1e42e1c932b8a5e67ad.zip | |
Fixed bug that incorrectly placed stricter TCP packet replay rules on
UDP sessions when the client daemon was running in UDP/TCP adaptive
mode, and transitioned from TCP to UDP.
The bug would cause a single dropped packet in UDP mode to trigger a
barrage of packet replay errors followed by a disconnect and
reconnect.
Version 2.1.3r
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7125 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to 'init.c')
| -rw-r--r-- | init.c | 15 |
1 files changed, 6 insertions, 9 deletions
@@ -102,13 +102,6 @@ update_options_ce_post (struct options *options) options->ping_rec_timeout_action = PING_RESTART; } #endif -#ifdef USE_CRYPTO - /* - * Don't use replay window for TCP mode (i.e. require that packets be strictly in sequence). - */ - if (link_socket_proto_connection_oriented (options->ce.proto)) - options->replay_window = options->replay_time = 0; -#endif } #if HTTP_PROXY_FALLBACK @@ -1832,8 +1825,11 @@ do_init_crypto_static (struct context *c, const unsigned int flags) /* Initialize packet ID tracking */ if (options->replay) { - packet_id_init (&c->c2.packet_id, options->replay_window, - options->replay_time, "STATIC", 0); + packet_id_init (&c->c2.packet_id, + link_socket_proto_connection_oriented (options->ce.proto), + options->replay_window, + options->replay_time, + "STATIC", 0); c->c2.crypto_options.packet_id = &c->c2.packet_id; c->c2.crypto_options.pid_persist = &c->c1.pid_persist; c->c2.crypto_options.flags |= CO_PACKET_ID_LONG_FORM; @@ -2034,6 +2030,7 @@ do_init_crypto_tls (struct context *c, const unsigned int flags) to.replay = options->replay; to.replay_window = options->replay_window; to.replay_time = options->replay_time; + to.tcp_mode = link_socket_proto_connection_oriented (options->ce.proto); to.transition_window = options->transition_window; to.handshake_window = options->handshake_window; to.packet_timeout = options->tls_timeout; |