From: Adrien Bustany <[email protected]>
DAF_INITIAL_AUTH will only be set if a password was needed for client
authentication. This means that for password-less certificate
authentication, no DISCONNECT/ADDRESS messages would be sent.
---
src/openvpn/manage.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/openvpn/manage.c b/src/openvpn/manage.c
index 1dddd41..4148f7c 100644
--- a/src/openvpn/manage.c
+++ b/src/openvpn/manage.c
@@ -2474,7 +2474,7 @@ management_notify_client_close (struct management
*management,
struct man_def_auth_context *mdac,
const struct env_set *es)
{
- if ((mdac->flags & DAF_INITIAL_AUTH) && !(mdac->flags &
DAF_CONNECTION_CLOSED))
+ if (!(mdac->flags & DAF_CONNECTION_CLOSED))
{
msg (M_CLIENT, ">CLIENT:DISCONNECT,%lu", mdac->cid);
man_output_env (es, true, management->connection.env_filter_level,
"CLIENT");
@@ -2489,7 +2489,7 @@ management_learn_addr (struct management *management,
const bool primary)
{
struct gc_arena gc = gc_new ();
- if ((mdac->flags & DAF_INITIAL_AUTH) && !(mdac->flags &
DAF_CONNECTION_CLOSED))
+ if (!(mdac->flags & DAF_CONNECTION_CLOSED))
{
msg (M_CLIENT, ">CLIENT:ADDRESS,%lu,%s,%d",
mdac->cid,
--
1.7.8.1
