On 13-10-16 21:59, David Sommerseth wrote: > If --auth-gen-token has been enabled and a token has been generated, > ensure this token is pushed to the client using the 'auth-token' option. > > Signed-off-by: David Sommerseth <dav...@openvpn.net> > --- > src/openvpn/misc.c | 5 +++++ > src/openvpn/push.c | 9 ++++++++- > src/openvpn/ssl_common.h | 2 ++ > 3 files changed, 15 insertions(+), 1 deletion(-) > > diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c > index 225f0bf..b74ac9d 100644 > --- a/src/openvpn/misc.c > +++ b/src/openvpn/misc.c > @@ -2073,6 +2073,11 @@ sanitize_control_message(const char *src, struct > gc_arena *gc)
Wait, what? We have over 2000 lines of 'misc.c'...? > + else if (!check_debug_level(D_SHOW_KEYS) && (c == 'a' && !strncmp(src, > "auth-token ", 11))) Overly long line. (And not so clear code, but this is in line with the surrounding code, and you already sent an explanation.) > diff --git a/src/openvpn/push.c b/src/openvpn/push.c > index ee2eda4..0fb87ba 100644 > --- a/src/openvpn/push.c > +++ b/src/openvpn/push.c > @@ -309,7 +309,7 @@ prepare_push_reply (struct context *c, struct gc_arena > *gc, > struct push_list *push_list) > { > const char *optstr = NULL; > - const struct tls_multi *tls_multi = c->c2.tls_multi; > + struct tls_multi *tls_multi = c->c2.tls_multi; > const char * const peer_info = tls_multi->peer_info; > struct options *o = &c->options; > > @@ -371,6 +371,13 @@ prepare_push_reply (struct context *c, struct gc_arena > *gc, > push_option_fmt(gc, push_list, M_USAGE, "cipher %s", o->ciphername); > } > } > + > + /* If server uses --auth-gen-token and we have an auth token to send to > client */ > + if (false == tls_multi->auth_token_sent && NULL != tls_multi->auth_token) > + { > + push_option_fmt(gc, push_list, M_USAGE, "auth-token %s", > tls_multi->auth_token); > + tls_multi->auth_token_sent = true; > + } > return true; > } > > diff --git a/src/openvpn/ssl_common.h b/src/openvpn/ssl_common.h > index 1b90c5e..3d802c9 100644 > --- a/src/openvpn/ssl_common.h > +++ b/src/openvpn/ssl_common.h > @@ -526,6 +526,8 @@ struct tls_multi > uint32_t peer_id; > bool use_peer_id; > > + bool auth_token_sent; /**< If server uses --auth-gen-token and > + * token has been sent to client */ > char *auth_token; /** If server sends a generated auth-token, > * this is the token to use for future > * user/pass authentications in this session. > ACK, if you wrap the long lines and update the commit message. -Steffan ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel