[Openvpn-devel,2/3] Use buffer to prepare protocol-flags push-reply

Message ID 20220909195902.2011798-2-arne@rfc2549.org
State New
Headers show
Series [Openvpn-devel,1/3] Allows renegotiation only to start if session is fully established | expand

Commit Message

Arne Schwabe Sept. 9, 2022, 7:59 p.m. UTC
The current approach of checking a string buffer is a bit clunky and
also not very extensible. Refactor this by collecting the flags in
a buffer.

Signed-off-by: Arne Schwabe <arne@rfc2549.org>
---
 src/openvpn/push.c | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

Patch

diff --git a/src/openvpn/push.c b/src/openvpn/push.c
index 0a66902a8..989316130 100644
--- a/src/openvpn/push.c
+++ b/src/openvpn/push.c
@@ -647,14 +647,18 @@  prepare_push_reply(struct context *c, struct gc_arena *gc,
         }
     }
 
+    struct buffer proto_flags = alloc_buf_gc(128, gc);
+
     if (o->imported_protocol_flags & CO_USE_CC_EXIT_NOTIFY)
     {
-        const char *ekm = "";
+        buf_printf(&proto_flags, " cc-exit");
+
+        /* if the cc exit flag is supported, pushing tls-ekm via protocol-flags
+         * is also supported */
         if (o->imported_protocol_flags & CO_USE_TLS_KEY_MATERIAL_EXPORT)
         {
-            ekm = " tls-ekm";
+            buf_printf(&proto_flags, " tls-ekm");
         }
-        push_option_fmt(gc, push_list, M_USAGE, "protocol-flags cc-exit%s", ekm);
     }
     else if (o->imported_protocol_flags & CO_USE_TLS_KEY_MATERIAL_EXPORT)
     {
@@ -662,6 +666,10 @@  prepare_push_reply(struct context *c, struct gc_arena *gc,
     }
 
 
+    if (buf_len(&proto_flags) > 0)
+    {
+        push_option_fmt(gc, push_list, M_USAGE, "protocol-flags%s", buf_str(&proto_flags));
+    }
 
     return true;
 }