Hi, On Mon, Jun 26, 2017 at 11:15:40PM +0200, Steffan Karger wrote: > Because of the way we re-use the options parser for both config files and > pushed options, we always update the local options state when we accept an > option. This resulted in a pushed cipher being rejected the first time it > was pushed, but being accepted the second time. > > This patch is a minimal way to resolve this issue in the master and > release/2.4 branches. I'll send a more invasive patch for master, to > reset the entire options state on reconnects, later.
Uh. While I find the patch totally logical, and have already finished
the ACK-and-merged mail, my compiler disagrees with me...
gcc -DHAVE_CONFIG_H -I. -I../../../openvpn/src/openvpn -I../.. -I../../include
-I../../../openvpn/include -I../../../openvpn/src/compat
-DPLUGIN_LIBDIR=\"/usr/local/lib/openvpn/plugins\" -g -O2 -std=c99 -MT ssl.o
-MD -MP -MF .deps/ssl.Tpo -c -o ssl.o ../../../openvpn/src/openvpn/ssl.c
../../../openvpn/src/openvpn/ssl.c: In function
'tls_session_update_crypto_params':
../../../openvpn/src/openvpn/ssl.c:1971:29: error: assignment of member
'ciphername' in read-only object
options->ciphername = session->opt->config_ciphername;
^
... wut?
(this is 2.4, but I assume master will look similar enough)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: +49-89-35655025 [email protected]
signature.asc
Description: PGP signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
