Message ID | 20221219140405.1221341-1-selva.nair@gmail.com |
---|---|
State | Accepted |
Headers | show |
Series | [Openvpn-devel,v2] Do not include auth-token in pulled option digest | expand |
Acked-by: Gert Doering <gert@greenie.muc.de> (v2 is sufficiently different from v1 that I'm not taking Arne's ACK but adding my own) Only very lightly client-side tested, not doing actual SIGUSR1 restarts with --persist-tun - but I'm fairly sure that this does what it attempts to do, as it just extends the existing exception. Your patch has been applied to the master, release/2.6 and release/2.5 branch (bugfix, same code, auth-token + auth-token-user both exist in 2.5). commit f778f4f88e56851c0a68205e95110c021f3032b3 commit f922298ca5784577a1309334dafeb16f738ae46a (release/2.6) commit 1d81df042eae416a4e83e6a433ae2b937c5a10a4 (release/2.5) Author: Selva Nair Date: Mon Dec 19 09:04:05 2022 -0500 Do not include auth-token in pulled option digest Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <20221219140405.1221341-1-selva.nair@gmail.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg25768.html Signed-off-by: Gert Doering <gert@greenie.muc.de> -- kind regards, Gert Doering
diff --git a/src/openvpn/push.c b/src/openvpn/push.c index ad2f3c65..e765d2a9 100644 --- a/src/openvpn/push.c +++ b/src/openvpn/push.c @@ -989,8 +989,10 @@ push_update_digest(md_ctx_t *ctx, struct buffer *buf, const struct options *opt) char line[OPTION_PARM_SIZE]; while (buf_parse(buf, ',', line, sizeof(line))) { - /* peer-id might change on restart and this should not trigger reopening tun */ - if (strprefix(line, "peer-id ")) + /* peer-id and auth-token might change on restart and this should not trigger reopening tun */ + if (strprefix(line, "peer-id ") + || strprefix(line, "auth-token ") + || strprefix(line, "auth-token-user ")) { continue; }