This changes the exit in server mode on renegotiation to an exit that also sends an AUTH_FAILED to the client. Any previously set failed auth reason is passed to the client.
Signed-off-by: Arne Schwabe <a...@rfc2549.org> --- src/openvpn/forward.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/openvpn/forward.c b/src/openvpn/forward.c index 958246c4..67615a6b 100644 --- a/src/openvpn/forward.c +++ b/src/openvpn/forward.c @@ -155,7 +155,14 @@ check_tls(struct context *c) } else if (tmp_status == TLSMP_KILL) { - register_signal(c, SIGTERM, "auth-control-exit"); + if (c->options.mode == MODE_SERVER) + { + send_auth_failed(c, c->c2.tls_multi->client_reason); + } + else + { + register_signal(c, SIGTERM, "auth-control-exit"); + } } interval_future_trigger(&c->c2.tmp_int, wakeup); -- 2.26.2 _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel