> From: Adrien Bustany <adrien.bust...@nokia.com>
>
> DAF_INITIAL_AUTH will only be set if a password was needed for client
> authentication. This means that for password-less certificate
> authentication, no DISCONNECT/ADDRESS messages would be sent.
> ---
> src/openvpn/manage.c | 4 ++--
> 1 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/src/openvpn/manage.c b/src/openvpn/manage.c
> index 1dddd41..4148f7c 100644
> --- a/src/openvpn/manage.c
> +++ b/src/openvpn/manage.c
> @@ -2474,7 +2474,7 @@ management_notify_client_close (struct management
> *management,
> struct man_def_auth_context *mdac,
> const struct env_set *es)
> {
> - if ((mdac->flags & DAF_INITIAL_AUTH) && !(mdac->flags &
> DAF_CONNECTION_CLOSED))
> + if (!(mdac->flags & DAF_CONNECTION_CLOSED))
> {
> msg (M_CLIENT, ">CLIENT:DISCONNECT,%lu", mdac->cid);
> man_output_env (es, true, management->connection.env_filter_level,
> "CLIENT");
> @@ -2489,7 +2489,7 @@ management_learn_addr (struct management *management,
> const bool primary)
> {
> struct gc_arena gc = gc_new ();
> - if ((mdac->flags & DAF_INITIAL_AUTH) && !(mdac->flags &
> DAF_CONNECTION_CLOSED))
> + if (!(mdac->flags & DAF_CONNECTION_CLOSED))
> {
> msg (M_CLIENT, ">CLIENT:ADDRESS,%lu,%s,%d",
> mdac->cid,
Hi Adrien,
We discussed this patch in our IRC meeting yesterday, and couple of
questions popped up... First, what is the benefit of this patch? Is it
just to see if the clients connect even if they're not using password
authentication? Second, what's the impact on existing management
interface clients, i.e. can this patch break compatibility?
Best regards,
--
Samuli Seppänen
Community Manager
OpenVPN Technologies, Inc
irc freenode net: mattock
