From: Selva Nair <selva.n...@gmail.com> In particular, this eliminates the message that says "explicit-exit-notify is ignored by previous <connection> blocks" when the option is pushed.
Note: pull_mode is identified as "allowed & OPT_P_PULL_MODE" matching with the definition in add_options(). Reported by: Eike Lohmann e.lohm...@ic3s.de https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg04052.html v2: move the check to verify_permissions() as suggested by Gert <g...@greenie.muc.de> Signed-off-by: Selva Nair <selva.n...@gmail.com> --- src/openvpn/options.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 3a5bccf..b4613df 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -4824,11 +4824,13 @@ verify_permission(const char *name, #ifndef ENABLE_SMALL /* Check if this options is allowed in connection block, * but we are currently not in a connection block + * unless this is a pushed option. * Parsing a connection block uses a temporary options struct without * connection_list */ - if ((type & OPT_P_CONNECTION) && options->connection_list) + if ((type & OPT_P_CONNECTION) && options->connection_list + && !(allowed & OPT_P_PULL_MODE)) { if (file) { -- 2.6.2 ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
