From 223b2c513b3470bd97f868a4acab62b1f471e495 Mon Sep 17 00:00:00 2001
From: james <james@e7ae566f-a301-0410-adde-c780ea21d3b5>
Date: Mon, 3 Nov 2008 13:07:33 +0000
Subject: Fixed some ifconfig-pool issues that precluded it from being combined
 with --server directive.

Now, for example, we can configure thusly:

  server 10.8.0.0 255.255.255.0 nopool
  ifconfig-pool 10.8.0.2 10.8.0.99 255.255.255.0

to have ifconfig-pool manage only a subset
of the VPN subnet.


git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3471 e7ae566f-a301-0410-adde-c780ea21d3b5
---
 helper.c | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

(limited to 'helper.c')

diff --git a/helper.c b/helper.c
index 7195e21..2abb417 100644
--- a/helper.c
+++ b/helper.c
@@ -158,7 +158,6 @@ helper_client_server (struct options *o)
    *
    * if tap OR (tun AND topology == subnet):
    *   ifconfig 10.8.0.1 255.255.255.0
-   *   ifconfig-pool-constraint 10.8.0.0 255.255.255.0
    *   if !nopool: 
    *     ifconfig-pool 10.8.0.2 10.8.0.254 255.255.255.0
    *   push "route-gateway 10.8.0.1"
@@ -184,7 +183,7 @@ helper_client_server (struct options *o)
       if (o->shared_secret_file)
 	msg (M_USAGE, "--server and --secret cannot be used together (you must use SSL/TLS keys)");
 
-      if (o->ifconfig_pool_defined)
+      if (!(o->server_flags & SF_NOPOOL) && o->ifconfig_pool_defined)
 	msg (M_USAGE, "--server already defines an ifconfig-pool, so you can't also specify --ifconfig-pool explicitly");
 
       if (!(dev == DEV_TYPE_TAP || dev == DEV_TYPE_TUN))
@@ -245,9 +244,9 @@ helper_client_server (struct options *o)
 		  o->ifconfig_pool_start = o->server_network + 2;
 		  o->ifconfig_pool_end = (o->server_network | ~o->server_netmask) - 2;
 		  ifconfig_pool_verify_range (M_USAGE, o->ifconfig_pool_start, o->ifconfig_pool_end);
-		  o->ifconfig_pool_netmask = o->server_netmask;
 		}
-
+	      o->ifconfig_pool_netmask = o->server_netmask;
+		  
 	      push_option (o, print_opt_route_gateway (o->server_network + 1, &o->gc), M_USAGE);
 	    }
 	  else
@@ -272,8 +271,8 @@ helper_client_server (struct options *o)
 	      o->ifconfig_pool_start = o->server_network + 2;
 	      o->ifconfig_pool_end = (o->server_network | ~o->server_netmask) - 1;
 	      ifconfig_pool_verify_range (M_USAGE, o->ifconfig_pool_start, o->ifconfig_pool_end);
-	      o->ifconfig_pool_netmask = o->server_netmask;
 	    }
+	  o->ifconfig_pool_netmask = o->server_netmask;
 
 	  push_option (o, print_opt_route_gateway (o->server_network + 1, &o->gc), M_USAGE);
 	}
@@ -320,7 +319,7 @@ helper_client_server (struct options *o)
       if (o->client)
 	msg (M_USAGE, "--server-bridge and --client cannot be used together");
 
-      if (o->ifconfig_pool_defined)
+      if (!(o->server_flags & SF_NOPOOL) && o->ifconfig_pool_defined)
 	msg (M_USAGE, "--server-bridge already defines an ifconfig-pool, so you can't also specify --ifconfig-pool explicitly");
 
       if (o->shared_secret_file)
-- 
cgit