diff options
author | Arne Schwabe <arne@rfc2549.org> | 2013-11-25 13:31:14 +0100 |
---|---|---|
committer | Gert Doering <gert@greenie.muc.de> | 2013-11-26 16:31:08 +0100 |
commit | bb9026a60a8ebdf20fdf9a99e16c0d8afc658747 (patch) | |
tree | 72718e894864c05521a379d9094d31d4643fbfd9 /src/openvpn/init.c | |
parent | 34136dd8533510f68a012ba9e6bcd8cf5d1ce80e (diff) | |
download | openvpn-bb9026a60a8ebdf20fdf9a99e16c0d8afc658747.tar.gz openvpn-bb9026a60a8ebdf20fdf9a99e16c0d8afc658747.tar.xz openvpn-bb9026a60a8ebdf20fdf9a99e16c0d8afc658747.zip |
Remove the ip-remote-hint option.
The ip-remote-hint option overrides the remote hostname of every
remote/connection entry unless management-query-remote is also defined and
the management interfaces overrides the option with remote MOD.
The remote name is even overridden when when management interface issues
remote ACCEPT after being presented with the non overridden remote.
Overriding all remote options can also be done by management-query-remote
and issuing remote MOD or by changing alll remote statements in the
configuration.
Also: remove unused variable newcycle
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1385382680-5912-3-git-send-email-arne@rfc2549.org>
URL: http://article.gmane.org/gmane.network.openvpn.devel/8057
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Diffstat (limited to 'src/openvpn/init.c')
-rw-r--r-- | src/openvpn/init.c | 17 |
1 files changed, 2 insertions, 15 deletions
diff --git a/src/openvpn/init.c b/src/openvpn/init.c index 676a7fe..2076aad 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -245,7 +245,7 @@ management_callback_remote_cmd (void *arg, const char **p) } static bool -ce_management_query_remote (struct context *c, const char *remote_ip_hint) +ce_management_query_remote (struct context *c) { struct gc_arena gc = gc_new (); volatile struct connection_entry *ce = &c->options.ce; @@ -270,8 +270,6 @@ ce_management_query_remote (struct context *c, const char *remote_ip_hint) } { const int flags = ((ce->flags>>CE_MAN_QUERY_REMOTE_SHIFT) & CE_MAN_QUERY_REMOTE_MASK); - if (flags == CE_MAN_QUERY_REMOTE_ACCEPT && remote_ip_hint) - ce->remote = remote_ip_hint; ret = (flags != CE_MAN_QUERY_REMOTE_SKIP); } gc_free (&gc); @@ -321,9 +319,6 @@ next_connection_entry (struct context *c) int n_cycles = 0; do { - const char *remote_ip_hint = NULL; - bool newcycle = false; - ce_defined = true; if (l->no_advance && l->current >= 0) { @@ -338,16 +333,10 @@ next_connection_entry (struct context *c) if (++n_cycles >= 2) msg (M_FATAL, "No usable connection profiles are present"); } - - if (l->current == 0) - newcycle = true; } ce = l->array[l->current]; - if (c->options.remote_ip_hint && !l->n_cycles) - remote_ip_hint = c->options.remote_ip_hint; - if (ce->flags & CE_DISABLED) ce_defined = false; @@ -356,14 +345,12 @@ next_connection_entry (struct context *c) if (ce_defined && management && management_query_remote_enabled(management)) { /* allow management interface to override connection entry details */ - ce_defined = ce_management_query_remote(c, remote_ip_hint); + ce_defined = ce_management_query_remote(c); if (IS_SIG (c)) break; } else #endif - if (remote_ip_hint) - c->options.ce.remote = remote_ip_hint; #ifdef ENABLE_MANAGEMENT if (ce_defined && management && management_query_proxy_enabled (management)) |