Incremented version to 2.1_rc7d.

Support asynchronous authentication by plugins by allowing
OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY to return
OPENVPN_PLUGIN_FUNC_DEFERRED.  See comments in
openvpn-plugin.h for documentation.  Enabled by ENABLE_DEF_AUTH.

Added a simple packet filter functionality that can be driven by
a plugin.  See comments in openvpn-plugin.h for documentation.
Enabled by ENABLE_PF.

See openvpn/plugin/defer/simple.c for examples of ENABLE_DEF_AUTH
and ENABLE_PF.

"TLS Error: local/remote TLS keys are out of sync" is no longer a
fatal error for TCP-based sessions, since the error can arise
normally in the course of deferred authentication.  In a related
change, allow packet-id sequence to begin at some number n > 0 for
TCP sessions, rather than strictly requiring sequence to begin
at 1.

Added a test to configure.ac for LoadLibrary function on Windows.

Modified "make dist" function to include all files from
install-win32 so that ./domake-win can be run from a
tarball-expanded directory.

setenv and setenv-safe directives may now omit a value argument
which defaults to "".


git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2978 e7ae566f-a301-0410-adde-c780ea21d3b5

1 files changed, 9 insertions, 0 deletions

diff --git a/init.c b/init.c
index dd1db5c..9d80d1a 100644
--- a/init.c
+++ b/init.c
@@ -2737,6 +2737,11 @@ init_instance (struct context *c, const struct env_set *env, const unsigned int
     init_port_share (c);
 #endif
 	  
+#ifdef ENABLE_PF
+  if (child)
+    pf_init_context (c);
+#endif
+
   /* Check for signals */
   if (IS_SIG (c))
     goto sig;
@@ -2787,6 +2792,10 @@ close_instance (struct context *c)
 	/* close TUN/TAP device */
 	do_close_tun (c, false);
 
+#ifdef ENABLE_PF
+	pf_destroy_context (&c->c2.pf);
+#endif
+
 #ifdef ENABLE_PLUGIN
 	/* call plugin close functions and unload */
 	do_close_plugins (c);