Always push basic set of peer info values to server.

On the client, allow certain peer info fields to be pushed even if
push-peer-info isn't specified in the config.

This is needed to allow the compression handshake to work correctly
(i.e. where the client indicates its support for LZO and/or Snappy).

Fields that have privacy implications such as Mac Address and UV_*
environment variables will not be pushed to the server as before unless
push-peer-info is specified by client config.

v1: equivalent to OpenVPN SVN r8225 (2.1.21c)

v2: distinguish 3 levels of peer-info detail

  --push-peer-info specified --> send all we have
  --pull           specified --> send basic set, as per r8225
  default                    --> send nothing (do not leak from server)

v3: undo extra whitespace changes in v1 and v2

Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <1369044801-7594-1-git-send-email-gert@greenie.muc.de>
URL: http://article.gmane.org/gmane.network.openvpn.devel/7604

1 files changed, 6 insertions, 1 deletions

diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index e700cd6..2a0ba85 100644
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -2213,7 +2213,12 @@ do_init_crypto_tls (struct context *c, const unsigned int flags)
   to.renegotiate_seconds = options->renegotiate_seconds;
   to.single_session = options->single_session;
 #ifdef ENABLE_PUSH_PEER_INFO
-  to.push_peer_info = options->push_peer_info;
+  if (options->push_peer_info)		/* all there is */
+    to.push_peer_info_detail = 2;
+  else if (options->pull)		/* pull clients send some details */
+    to.push_peer_info_detail = 1;
+  else					/* default: no peer-info at all */
+    to.push_peer_info_detail = 0;
 #endif
 
   /* should we not xmit any packets until we get an initial