Your patch has been applied to the master and release/2.4 branch (bugfix).

I have read the semi-ACK from Arne, discussed with Lev, and we decided to 
go for "we'll merge this simple change now, so that the bug is fixed, and 
then we can have a longer discussion on how to make this code nicer"
(refactoring).  Did some review on my own, code looks good, explanation
makes sense, so "this is the right fix".

Done some minimal testing on Linux (t_client), just to see we didn't
break something big.  I do not have an async-cc server testbed today,
but it seems I need to add one (note to self!)...

As a side note: the patch does two things, one is "add generation of
data channel keys when async push is triggered", and also a bit of
refactoring, moving the (numerous) "only do channel keys if they have 
not been done already" checks into tls_session_update_crypto_params()
(added a note to that extent to the commit message).

Trac reference to 1259 added to commit message.

commit 3b06b57d9f1d972ec16f0893d06697439c1bb1fe (master)
commit 9bb285e3e63fb6d716923e0353436bb8d8e89313 (release/2.4)
Author: Lev Stipakov
Date:   Fri Mar 13 18:59:13 2020 +0200

     Fix broken async push with NCP is used

     Signed-off-by: Lev Stipakov <>
     Acked-by: Gert Doering <>
     Message-Id: <>
     Signed-off-by: Gert Doering <>

kind regards,

Gert Doering

Openvpn-devel mailing list

Reply via email to