Am 10.11.19 um 10:55 schrieb David Sommerseth: > On 09/11/2019 16:46, Steffan Karger wrote: >>> static void >>> add_option(struct options *options, >>> @@ -7322,29 +7339,78 @@ add_option(struct options *options, >>> } >>> #endif >>> #if defined(USE_COMP) >>> + else if (streq(p[0], "allow-compression") && p[1] && !p[2]) >>> + { >>> + VERIFY_PERMISSION(OPT_P_GENERAL); >>> + >>> + if (streq(p[1], "no")) >>> + { >>> + options->comp.flags = >>> + COMP_F_ALLOW_STUB_ONLY|COMP_F_ADVERTISE_STUBS_ONLY; >>> + if (comp_non_stub_enabled(&options->comp)) >>> + { >>> + msg(msglevel, "'--allow-compression no' conflicts with " >>> + " enabling compression"); >>> + } >> Should this check not be moved to the postprocess checks? This will now >> only trigger is comp was first set, and allow-compression later in the >> config, not the other way around. > > What about pushed options? It's too long time since I looked at the option > parsing code paths last time, so I don't remember all the quirks here.
For pushed options msglevel will be warning so you get a warning when the server tries to enable compression but it will not error out. The server pushing a compression when the client does not advertise the IV_ for that algorithm is an error in the server config. Arne
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel