diff options
author | Selva Nair | 2022-12-19 09:04:05 -0500 |
---|---|---|
committer | Gert Doering | 2022-12-19 18:47:00 +0100 |
commit | 1d81df042eae416a4e83e6a433ae2b937c5a10a4 (patch) | |
tree | f096a926a64edfab2f72d3ac0afd89b2d8bd32d4 | |
parent | 4a165e1ea58eb395865a9975cefcfbfe7b41c356 (diff) | |
download | openvpn-1d81df042eae416a4e83e6a433ae2b937c5a10a4.zip openvpn-1d81df042eae416a4e83e6a433ae2b937c5a10a4.tar.gz |
Do not include auth-token in pulled option digest
As change in auth-token is common on restart and does not
require tun-reopen, exclude it from the "pulled options digest"
calculation. Without this tun is always re-opened on SIGUSR1
if auth-token is in use which breaks persist-tun.
Github: Fixes OpenVPN/openvpn#200
v2: explcitly filter auth-token and auth-token-user
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20221219140405.1221341-1-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg25768.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit f778f4f88e56851c0a68205e95110c021f3032b3)
-rw-r--r-- | src/openvpn/push.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/openvpn/push.c b/src/openvpn/push.c index 46ec2a1..43db191 100644 --- a/src/openvpn/push.c +++ b/src/openvpn/push.c @@ -779,8 +779,10 @@ push_update_digest(md_ctx_t *ctx, struct buffer *buf, const struct options *opt) char line[OPTION_PARM_SIZE]; while (buf_parse(buf, ',', line, sizeof(line))) { - /* peer-id might change on restart and this should not trigger reopening tun */ - if (strprefix(line, "peer-id ")) + /* peer-id and auth-token might change on restart and this should not trigger reopening tun */ + if (strprefix(line, "peer-id ") + || strprefix(line, "auth-token ") + || strprefix(line, "auth-token-user ")) { continue; } |