subject:"\[Openvpn\-devel\] \[PATCH v2\] Exclude peer\-id from pulled options digest"

Re: [Openvpn-devel] [PATCH v2] Exclude peer-id from pulled options digest

2016-10-05 Thread Steffan Karger

On 04-10-16 22:20, Lev Stipakov wrote:
> v2:
>  - Move digest update to separate method
> 
> Peer-id might change on restart and this should not trigger reopening
> tun.
> 
> Trac #649
> ---
>  src/openvpn/push.c | 45 ++---
>  1 file changed, 30 insertions(+), 15 deletions(-)
> 
> diff --git a/src/openvpn/push.c b/src/openvpn/push.c
> index a1b999e..c0c78a0 100644
> --- a/src/openvpn/push.c
> +++ b/src/openvpn/push.c
> @@ -597,6 +597,20 @@ process_incoming_push_request (struct context *c)
>  }
>  #endif
>  
> +static void
> +push_update_digest(md_ctx_t *ctx, struct buffer *buf)
> +{
> +  char line[OPTION_PARM_SIZE];
> +  while (buf_parse (buf, ',', line, sizeof (line)))
> +{
> +  /* peer-id might change on restart and this should not trigger 
> reopening tun */
> +  if (strstr (line, "peer-id ") != line)
> + {
> +   md_ctx_update (ctx, (const uint8_t *) line, strlen(line));
> + }
> +}
> +}
> +
>  int
>  process_incoming_push_msg (struct context *c,
>  const struct buffer *buffer,
> @@ -636,21 +650,22 @@ process_incoming_push_msg (struct context *c,
> permission_mask,
> option_types_found,
> c->c2.es))
> - switch (c->options.push_continuation)
> -   {
> -   case 0:
> -   case 1:
> - md_ctx_update (>c2.pulled_options_state, BPTR(_orig), 
> BLEN(_orig));
> - md_ctx_final (>c2.pulled_options_state, 
> c->c2.pulled_options_digest.digest);
> - md_ctx_cleanup (>c2.pulled_options_state);
> - c->c2.pulled_options_md5_init_done = false;
> - ret = PUSH_MSG_REPLY;
> - break;
> -   case 2:
> - md_ctx_update (>c2.pulled_options_state, BPTR(_orig), 
> BLEN(_orig));
> - ret = PUSH_MSG_CONTINUATION;
> - break;
> -   }
> + {
> +   push_update_digest (>c2.pulled_options_state, _orig);
> +   switch (c->options.push_continuation)
> + {
> +   case 0:
> +   case 1:
> + md_ctx_final (>c2.pulled_options_state, 
> c->c2.pulled_options_digest.digest);
> + md_ctx_cleanup (>c2.pulled_options_state);
> + c->c2.pulled_options_md5_init_done = false;
> + ret = PUSH_MSG_REPLY;
> + break;
> +   case 2:
> + ret = PUSH_MSG_CONTINUATION;
> + break;
> + }
> + }
>   }
>else if (ch == '\0')
>   {
> 

ACK

-Steffan

--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

[Openvpn-devel] [PATCH v2] Exclude peer-id from pulled options digest

2016-10-04 Thread Lev Stipakov

v2:
 - Move digest update to separate method

Peer-id might change on restart and this should not trigger reopening
tun.

Trac #649
---
 src/openvpn/push.c | 45 ++---
 1 file changed, 30 insertions(+), 15 deletions(-)

diff --git a/src/openvpn/push.c b/src/openvpn/push.c
index a1b999e..c0c78a0 100644
--- a/src/openvpn/push.c
+++ b/src/openvpn/push.c
@@ -597,6 +597,20 @@ process_incoming_push_request (struct context *c)
 }
 #endif
 
+static void
+push_update_digest(md_ctx_t *ctx, struct buffer *buf)
+{
+  char line[OPTION_PARM_SIZE];
+  while (buf_parse (buf, ',', line, sizeof (line)))
+{
+  /* peer-id might change on restart and this should not trigger reopening 
tun */
+  if (strstr (line, "peer-id ") != line)
+   {
+ md_ctx_update (ctx, (const uint8_t *) line, strlen(line));
+   }
+}
+}
+
 int
 process_incoming_push_msg (struct context *c,
   const struct buffer *buffer,
@@ -636,21 +650,22 @@ process_incoming_push_msg (struct context *c,
  permission_mask,
  option_types_found,
  c->c2.es))
-   switch (c->options.push_continuation)
- {
- case 0:
- case 1:
-   md_ctx_update (>c2.pulled_options_state, BPTR(_orig), 
BLEN(_orig));
-   md_ctx_final (>c2.pulled_options_state, 
c->c2.pulled_options_digest.digest);
-   md_ctx_cleanup (>c2.pulled_options_state);
-   c->c2.pulled_options_md5_init_done = false;
-   ret = PUSH_MSG_REPLY;
-   break;
- case 2:
-   md_ctx_update (>c2.pulled_options_state, BPTR(_orig), 
BLEN(_orig));
-   ret = PUSH_MSG_CONTINUATION;
-   break;
- }
+   {
+ push_update_digest (>c2.pulled_options_state, _orig);
+ switch (c->options.push_continuation)
+   {
+ case 0:
+ case 1:
+   md_ctx_final (>c2.pulled_options_state, 
c->c2.pulled_options_digest.digest);
+   md_ctx_cleanup (>c2.pulled_options_state);
+   c->c2.pulled_options_md5_init_done = false;
+   ret = PUSH_MSG_REPLY;
+   break;
+ case 2:
+   ret = PUSH_MSG_CONTINUATION;
+   break;
+   }
+   }
}
   else if (ch == '\0')
{
-- 
1.9.1


--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] [PATCH v2] Exclude peer-id from pulled options digest

[Openvpn-devel] [PATCH v2] Exclude peer-id from pulled options digest

2 matches

Site Navigation

Mail list logo

Footer information