From patchwork Mon Oct 13 09:20:43 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 4502 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:7d42:b0:72f:f16c:e055 with SMTP id fr2csp1783455mab; Mon, 13 Oct 2025 02:21:14 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCUK/7fyGrtcZ12FJGLLGFR7s4zvafE8CzgU6TMRjaegQnr6Hi3WQ0O6fQKth9vjE5zukG2W0U64pcY=@openvpn.net X-Google-Smtp-Source: AGHT+IERQofTqbzS4OhXUlTdLtJm7LC5/xht5W5aU3jKP9/mlSnrtWGfTnKbsHLoFsKsSCP4hutl X-Received: by 2002:a05:6830:b8e:b0:745:2585:9c84 with SMTP id 46e09a7af769-7c0df77f305mr10087573a34.9.1760347274796; Mon, 13 Oct 2025 02:21:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1760347274; cv=none; d=google.com; s=arc-20240605; b=aWDpkUZ+O5Ek/Cc/mbfow22ueHxm0L9pzyPvRQJZRp7LKeujhphsVF0v1FCES2SVqx 4u/kWyMNc92R/2FLRKhA/770/fDZ8n86QK/0V5Tdd3xd5gnyNtDGZhtaHweagt6cWoO1 TJ26oCm+uogU82j/FJfH20MfpIm9G82CsIT+Zat6XVfAMUx1ClKfXbrwTt8yBB8jum+q 1G35fh8d3/8TbDNnhh33TXULHU1axywCeMsIMA0/tO6VPZi5KU5U9S8uNjdJRqUoimHa M7icxSK/2Blys3QX6CMbEuxRhuihwO/9pJywcA17V3LmzpDaEJIcIxfIm6HfQFhgX0Lp k8xg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=MZgiC8DH5h3UY2gV95eiitBv6FJeL9PIbeCzo1042KY=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=jwB+6oW4WIvTvLlsSWBBYfd732Mqo5b5F4gfSsUkUdnHcAmPE6dbhtOM3E+soMtgFd H0gIGZFlht2uoLkwpbG8KujW+576uJv0dWij7AJ2IVbkFHT3eTHiD7VV3SNU2FYHahSr dNPlT35DgkvnCLs78EFte9u7j0SFDc5GRkMrhGcQ9fC2s4qWvccq0qQU/weX83YTF31i r8VfjjY2MfyLyxivzHhxiH3wNItHl1YtO3atnlR+EHPEzc5vYM7B/rTm/azmGhRunxc0 /dP92rZByU1+cDhUGdgg/mtXNfRRH+JUsNkVh/yy63fFZqs04OBI0OAWGGM2d8scAQ5k 29iw==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=HzC4uvwY; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b="MDE/EYpj"; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=WIn2YrC1; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 46e09a7af769-7c0f8fc282asi2582331a34.63.2025.10.13.02.21.14 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 13 Oct 2025 02:21:14 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=HzC4uvwY; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b="MDE/EYpj"; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=WIn2YrC1; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=MZgiC8DH5h3UY2gV95eiitBv6FJeL9PIbeCzo1042KY=; b=HzC4uvwYDuwD3hYJnlBpSZogH6 av6BvaMv9OoiZ0H9Ls6mJxdVg2rgT9t7GDYWkBJ6BIwVB+CuH8Qxp1nRQ0/wuCLtqdIdvMCeeLY4W o3rzdLn32zDQUpA5fbZhX0XC538c8q9WMfAEhtrHjLG1N1S1Ish+oltu9v7YlyygP1fo=; Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1v8Eju-0004wK-K5; Mon, 13 Oct 2025 09:21:11 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1v8Ejp-0004vo-Jj for openvpn-devel@lists.sourceforge.net; Mon, 13 Oct 2025 09:21:06 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=xY/rEnpSMGbAxcqCCjZN6UzWO7HkrCMCEMO+X6XtEr0=; b=MDE/EYpjthPx96grigUnEMss5+ ub349AxPU8G0DnhxJr6+64CcuErJuazeseW8ExFtt0JVPvkW1dROWbP840dVyXuS1cBobuRekY6Yf voaXA2gglmADgW2FwK+eEFBgy/bGTePKyCKJuJ+1m1S8rTULZ1xoPzbv1+zUD8VLq9rI=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=xY/rEnpSMGbAxcqCCjZN6UzWO7HkrCMCEMO+X6XtEr0=; b=WIn2YrC1my6nfA6xcf/XD1hJTm BIFqDzMGI6Wj+aJKlNPmJMfcKYh2u87BRKgcutfdKulonMmx2wJ8RtpATkjpB3m4TdhPjRnFQ31+E ynL6/Ns9aN99+W1pIvKdWhYHZTg1AyCDUXH5Z6+zd5vkxMWDmI51nNVQeXpTrQn6EYiE=; Received: from [193.149.48.134] (helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1v8Ejl-0004w7-Ry for openvpn-devel@lists.sourceforge.net; Mon, 13 Oct 2025 09:21:06 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.18.1/8.18.1) with ESMTP id 59D9KnZG031794 for ; Mon, 13 Oct 2025 11:20:49 +0200 Received: (from gert@localhost) by blue.greenie.muc.de (8.18.1/8.18.1/Submit) id 59D9KnwD031793 for openvpn-devel@lists.sourceforge.net; Mon, 13 Oct 2025 11:20:49 +0200 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Mon, 13 Oct 2025 11:20:43 +0200 Message-ID: <20251013092048.31770-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.49.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: 1.3 (+) X-Spam-Report: Spam detection software, running on the system "sfi-spamd-2.hosts.colo.sdot.me", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Marco Baffo When sending a PUSH_UPDATE containing an ifconfig(-ipv6) option, we must add the new IP to the multi_context vhash (hash table of the clients indexed by virtual IPs). Now in addition to adding new cli [...] Content analysis details: (1.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS X-Headers-End: 1v8Ejl-0004w7-Ry Subject: [Openvpn-devel] [PATCH v4] PUSH_UPDATE server: remove old IP(s) from vhash after sending a message containing ifconfig(-ipv6) X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1845857904315360005?= X-GMAIL-MSGID: =?utf-8?q?1845857904315360005?= From: Marco Baffo When sending a PUSH_UPDATE containing an ifconfig(-ipv6) option, we must add the new IP to the multi_context vhash (hash table of the clients indexed by virtual IPs). Now in addition to adding new client IPs, old IPs are also removed from vhash, allowing for a more complete update. Change-Id: I07a8ddd9026eef64b6f5abde98702a9801616a5f Signed-off-by: Marco Baffo Acked-by: Gert Doering Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1253 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1253 This mail reflects revision 4 of this Change. Acked-by according to Gerrit (reflected above): Gert Doering diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index 2863ff1..fa17bfe 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -4269,46 +4269,134 @@ close_instance(top); } +/* Searches for the address and deletes it if it is owned by the multi_instance */ +static void +multi_unlearn_addr(struct multi_context *m, struct multi_instance *mi, const struct mroute_addr *addr) +{ + struct hash_element *he; + const uint32_t hv = hash_value(m->vhash, addr); + struct hash_bucket *bucket = hash_bucket(m->vhash, hv); + struct multi_route *r = NULL; + + /* if route currently exists, get the instance which owns it */ + he = hash_lookup_fast(m->vhash, bucket, addr, hv); + if (he) + { + r = (struct multi_route *)he->value; + } + + /* if the route does not exist or exists but is not owned by the current instance, return */ + if (!r || r->instance != mi) + { + return; + } + + struct gc_arena gc = gc_new(); + set_prefix(mi); + msg(D_MULTI_LOW, "MULTI: multi_unlearn_addr(): DEL %s", mroute_addr_print(&r->addr, &gc)); + clear_prefix(); + learn_address_script(m, NULL, "delete", &r->addr); + hash_remove_by_value(m->vhash, r); + multi_route_del(r); + + gc_free(&gc); +} + +/** + * @param m The multi_context + * @param mi The multi_instance of the client we are updating + * @param a The new IPv4 address in host byte order + */ +static void +multi_unlearn_in_addr_t(struct multi_context *m, struct multi_instance *mi, in_addr_t a) +{ + struct mroute_addr addr; + CLEAR(addr); + + addr.type = MR_ADDR_IPV4; + addr.len = 4; + addr.v4.addr = a; + + multi_unlearn_addr(m, mi, &addr); +} + +/** + * @param m The multi_context + * @param mi The multi_instance of the client we are updating + * @param a6 The new IPv6 address in host byte order + */ +static void +multi_unlearn_in6_addr(struct multi_context *m, struct multi_instance *mi, struct in6_addr a6) +{ + struct mroute_addr addr; + CLEAR(addr); + + addr.type = MR_ADDR_IPV6; + addr.len = 16; + addr.v6.addr = a6; + + multi_unlearn_addr(m, mi, &addr); +} + /** * Update the vhash with new IP/IPv6 addresses in the multi_context when a * push-update message containing ifconfig/ifconfig-ipv6 options is sent - * from the server. This function should be called after a push-update - * and old_ip/old_ipv6 are the previous addresses of the client in - * ctx->options.ifconfig_local and ctx->options.ifconfig_ipv6_local. + * from the server. + * + * @param m The multi_context + * @param mi The multi_instance of the client we are updating + * @param new_ip The new IPv4 address or NULL if no change + * @param new_ipv6 The new IPv6 address or NULL if no change */ void -update_vhash(struct multi_context *m, struct multi_instance *mi, const char *old_ip, const char *old_ipv6) +update_vhash(struct multi_context *m, struct multi_instance *mi, const char *new_ip, const char *new_ipv6) { - struct in_addr addr; - struct in6_addr new_ipv6; - - if ((mi->context.options.ifconfig_local && (!old_ip || strcmp(old_ip, mi->context.options.ifconfig_local))) - && inet_pton(AF_INET, mi->context.options.ifconfig_local, &addr) == 1) + if (new_ip) { - in_addr_t new_ip = ntohl(addr.s_addr); + in_addr_t old_addr = 0; + struct in_addr new_addr; + CLEAR(new_addr); + + /* Remove old IP */ + if (mi->context.c2.push_ifconfig_defined) + { + old_addr = ntohl(mi->context.c2.push_ifconfig_local); + multi_unlearn_in_addr_t(m, mi, old_addr); + mi->context.c2.push_ifconfig_defined = false; + mi->context.c2.push_ifconfig_local = 0; + } /* Add new IP */ - multi_learn_in_addr_t(m, mi, new_ip, -1, true); + if (inet_pton(AF_INET, new_ip, &new_addr) == 1 + && multi_learn_in_addr_t(m, mi, ntohl(new_addr.s_addr), -1, true)) + { + mi->context.c2.push_ifconfig_defined = true; + mi->context.c2.push_ifconfig_local = new_addr.s_addr; + } } - /* TO DO: - * else if (old_ip) - * { - * // remove old IP - * } - */ - - if ((mi->context.options.ifconfig_ipv6_local && (!old_ipv6 || strcmp(old_ipv6, mi->context.options.ifconfig_ipv6_local))) - && inet_pton(AF_INET6, mi->context.options.ifconfig_ipv6_local, &new_ipv6) == 1) + if (new_ipv6) { - /* Add new IPv6 */ - multi_learn_in6_addr(m, mi, new_ipv6, -1, true); - } + struct in6_addr new_addr6; + struct in6_addr old_addr6; + CLEAR(new_addr6); + CLEAR(old_addr6); - /* TO DO: - * else if (old_ipv6) - * { - * // remove old IPv6 - * } - */ + /* Remove old IPv6 */ + if (mi->context.c2.push_ifconfig_ipv6_defined) + { + old_addr6 = mi->context.c2.push_ifconfig_ipv6_local; + multi_unlearn_in6_addr(m, mi, old_addr6); + mi->context.c2.push_ifconfig_ipv6_defined = false; + CLEAR(mi->context.c2.push_ifconfig_ipv6_local); + } + + /* Add new IPv6 */ + if (inet_pton(AF_INET6, new_ipv6, &new_addr6) == 1 + && multi_learn_in6_addr(m, mi, new_addr6, -1, true)) + { + mi->context.c2.push_ifconfig_ipv6_defined = true; + mi->context.c2.push_ifconfig_ipv6_local = new_addr6; + } + } } diff --git a/src/openvpn/multi.h b/src/openvpn/multi.h index b2b892b..a9d643f 100644 --- a/src/openvpn/multi.h +++ b/src/openvpn/multi.h @@ -692,6 +692,6 @@ #endif void -update_vhash(struct multi_context *m, struct multi_instance *mi, const char *old_ip, const char *old_ipv6); +update_vhash(struct multi_context *m, struct multi_instance *mi, const char *new_ip, const char *new_ipv6); #endif /* MULTI_H */ diff --git a/src/openvpn/push.c b/src/openvpn/push.c index 0c8eb84..2c717c7 100644 --- a/src/openvpn/push.c +++ b/src/openvpn/push.c @@ -1118,7 +1118,7 @@ " To be able to process PUSH_UPDATE messages, be sure to use the --disable-dco option."); return PUSH_MSG_ERROR; } - return process_incoming_push_update(c, permission_mask, option_types_found, &buf, false); + return process_push_update(c, &c->options, permission_mask, option_types_found, &buf, false); } else { diff --git a/src/openvpn/push.h b/src/openvpn/push.h index 6b3275e..19a029a 100644 --- a/src/openvpn/push.h +++ b/src/openvpn/push.h @@ -61,11 +61,13 @@ * message has not yet been received. * * @param c The context for the operation. + * @param o The options structure to be updated with the received push options. * @param permission_mask The permission mask specifying which options are allowed to be pulled. * @param option_types_found A pointer to a variable that will be filled with the types of options * found in the message. * @param buf A buffer containing the received message. - * @param msg_sender A boolean indicating if function is called by the message sender (server). + * @param msg_sender A boolean indicating if the message is being processed on the client (false) + * or on the server (true). * * @return * - `PUSH_MSG_UPDATE`: The message was processed successfully, and the updates were applied. @@ -74,9 +76,8 @@ * - `PUSH_MSG_ERROR`: An error occurred during message processing, or the message is invalid. */ -int process_incoming_push_update(struct context *c, unsigned int permission_mask, - unsigned int *option_types_found, struct buffer *buf, - bool msg_sender); +int process_push_update(struct context *c, struct options *o, unsigned int permission_mask, + unsigned int *option_types_found, struct buffer *buf, bool msg_sender); int process_incoming_push_msg(struct context *c, const struct buffer *buffer, bool honor_received_options, unsigned int permission_mask, diff --git a/src/openvpn/push_util.c b/src/openvpn/push_util.c index 25c6ebe..1b00b75 100644 --- a/src/openvpn/push_util.c +++ b/src/openvpn/push_util.c @@ -16,18 +16,17 @@ #endif int -process_incoming_push_update(struct context *c, unsigned int permission_mask, - unsigned int *option_types_found, struct buffer *buf, - bool msg_sender) +process_push_update(struct context *c, struct options *o, unsigned int permission_mask, + unsigned int *option_types_found, struct buffer *buf, bool msg_sender) { int ret = PUSH_MSG_ERROR; const uint8_t ch = buf_read_u8(buf); if (ch == ',') { - if (apply_push_options(c, &c->options, buf, permission_mask, option_types_found, c->c2.es, + if (apply_push_options(c, o, buf, permission_mask, option_types_found, c->c2.es, true)) { - switch (c->options.push_continuation) + switch (o->push_continuation) { case 0: case 1: @@ -144,13 +143,18 @@ /* send the message(s) prepared to one single client */ static bool -send_single_push_update(struct context *c, struct buffer *msgs, unsigned int *option_types_found) +send_single_push_update(struct multi_context *m, struct multi_instance *mi, struct buffer *msgs) { if (!msgs[0].data || !*(msgs[0].data)) { return false; } + int i = -1; + unsigned int option_types_found = 0; + struct context *c = &mi->context; + struct options o; + CLEAR(o); while (msgs[++i].data && *(msgs[i].data)) { @@ -159,14 +163,14 @@ return false; } - /* After sending the control message, we update the options - * server-side in the client's context so pushed options like - * ifconfig/ifconfig-ipv6 can actually work. + /* After sending the control message, we parse it, miming the behavior + * of `process_incoming_push_msg()` and we fill an empty `options` struct + * with the new options. If an `ifconfig_local` or `ifconfig_ipv6_local` + * options is found we update the vhash accordingly, so that the pushed + * ifconfig/ifconfig-ipv6 options can actually work. * If we don't do that, packets arriving from the client with the * new address will be rejected and packets for the new address * will not be routed towards the client. - * For the same reason we later update the vhash too in - * `send_push_update()` function. * Using `buf_string_compare_advance()` we mimic the behavior * inside `process_incoming_push_msg()`. However, we don't need * to check the return value here because we just want to `advance`, @@ -176,17 +180,18 @@ */ struct buffer tmp_msg = msgs[i]; buf_string_compare_advance(&tmp_msg, push_update_cmd); - if (process_incoming_push_update(c, pull_permission_mask(c), option_types_found, &tmp_msg, true) == PUSH_MSG_ERROR) + unsigned int permission_mask = pull_permission_mask(c); + if (process_push_update(c, &o, permission_mask, &option_types_found, &tmp_msg, true) == PUSH_MSG_ERROR) { msg(M_WARN, "Failed to process push update message sent to client ID: %u", c->c2.tls_multi->peer_id); - continue; - } - c->options.push_option_types_found |= *option_types_found; - if (!options_postprocess_pull(&c->options, c->c2.es)) - { - msg(M_WARN, "Failed to post-process push update message sent to client ID: %u", c->c2.tls_multi->peer_id); } } + + if (option_types_found & OPT_P_UP) + { + update_vhash(m, mi, o.ifconfig_local, o.ifconfig_ipv6_local); + } + return true; } @@ -229,8 +234,6 @@ int msgs_num = (strlen(msg) / safe_cap) + ((strlen(msg) % safe_cap) != 0); struct buffer *msgs = gc_malloc((msgs_num + 1) * sizeof(struct buffer), true, &gc); - unsigned int option_types_found = 0; - msgs[msgs_num].data = NULL; if (!message_splitter(msg, msgs, &gc, safe_cap)) { @@ -255,15 +258,9 @@ return 0; } - const char *old_ip = mi->context.options.ifconfig_local; - const char *old_ipv6 = mi->context.options.ifconfig_ipv6_local; if (!mi->halt - && send_single_push_update(&mi->context, msgs, &option_types_found)) + && send_single_push_update(m, mi, msgs)) { - if (option_types_found & OPT_P_UP) - { - update_vhash(m, mi, old_ip, old_ipv6); - } gc_free(&gc); return 1; } @@ -289,18 +286,11 @@ } /* Type is UPT_BROADCAST so we update every client */ - option_types_found = 0; - const char *old_ip = curr_mi->context.options.ifconfig_local; - const char *old_ipv6 = curr_mi->context.options.ifconfig_ipv6_local; - if (!send_single_push_update(&curr_mi->context, msgs, &option_types_found)) + if (!send_single_push_update(m, curr_mi, msgs)) { msg(M_CLIENT, "ERROR: Peer ID: %u has not been updated", curr_mi->context.c2.tls_multi->peer_id); continue; } - if (option_types_found & OPT_P_UP) - { - update_vhash(m, curr_mi, old_ip, old_ipv6); - } count++; } diff --git a/tests/unit_tests/openvpn/test_push_update_msg.c b/tests/unit_tests/openvpn/test_push_update_msg.c index 60596ed..d397922 100644 --- a/tests/unit_tests/openvpn/test_push_update_msg.c +++ b/tests/unit_tests/openvpn/test_push_update_msg.c @@ -29,7 +29,7 @@ } void -update_vhash(struct multi_context *m, struct multi_instance *mi, const char *old_ip, const char *old_ipv6) +update_vhash(struct multi_context *m, struct multi_instance *mi, const char *new_ip, const char *new_ipv6) { return; } @@ -95,7 +95,7 @@ } else if (honor_received_options && buf_string_compare_advance(&buf, push_update_cmd)) { - return process_incoming_push_update(c, permission_mask, option_types_found, &buf, false); + return process_push_update(c, &c->options, permission_mask, option_types_found, &buf, false); } else {