Attention is currently required from: cron2, flichtenheld, plaisthos.
Hello flichtenheld, plaisthos,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/844?usp=email
to look at the new patch set (#2).
Change subject: Fix float support in P2P topology
......................................................................
Fix float support in P2P topology
Fix the handling of floating operations in P2P topology, where new UDP
endpoints were previously ignored. When floating occurs, this update
processes the new endpoints and updates the address if the `--float`
option is specified or `--remote` is omitted.
Since the same code path is used for clients in MP topology, this change
also enables processing of server floating operations from the client
perspective.
Change-Id: I806757a8c6f9a589665624f176391b5f7b87f581
Signed-off-by: Ralf Lici <r...@mandelbit.com>
---
M src/openvpn/forward.c
1 file changed, 25 insertions(+), 1 deletion(-)
git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/44/844/2
diff --git a/src/openvpn/forward.c b/src/openvpn/forward.c
index 2c72001..0aa5b6a 100644
--- a/src/openvpn/forward.c
+++ b/src/openvpn/forward.c
@@ -1227,10 +1227,34 @@
{
perf_push(PERF_PROC_IN_LINK);
+ bool floated = false;
struct link_socket_info *lsi = &sock->info;
const uint8_t *orig_buf = c->c2.buf.data;
+ const struct link_socket_actual *incoming = &c->c2.from;
+ struct link_socket_actual *remote = c->c2.to_link_addr;
- process_incoming_link_part1(c, lsi, false);
+ if (remote)
+ {
+ floated = !link_socket_actual_match(incoming, remote);
+ }
+
+ process_incoming_link_part1(c, lsi, floated);
+ if (floated && c->c2.buf.len > 0)
+ {
+ struct gc_arena gc = gc_new();
+
+ msg(D_LOW, "peer floated from %s to %s",
+ print_link_socket_actual(remote, &gc),
+ print_link_socket_actual(incoming, &gc));
+
+ link_socket_set_outgoing_addr(lsi, &c->c2.from, NULL, c->c2.es);
+ if (TLS_MODE(c))
+ {
+ tls_update_remote_addr(c->c2.tls_multi, incoming);
+ }
+
+ gc_free(&gc);
+ }
process_incoming_link_part2(c, lsi, orig_buf);
perf_pop();
--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/844?usp=email
To unsubscribe, or for help writing mail filters, visit
http://gerrit.openvpn.net/settings
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: I806757a8c6f9a589665624f176391b5f7b87f581
Gerrit-Change-Number: 844
Gerrit-PatchSet: 2
Gerrit-Owner: ralf_lici <r...@mandelbit.com>
Gerrit-Reviewer: flichtenheld <fr...@lichtenheld.com>
Gerrit-Reviewer: plaisthos <arne-open...@rfc2549.org>
Gerrit-CC: cron2 <g...@greenie.muc.de>
Gerrit-CC: openvpn-devel <openvpn-devel@lists.sourceforge.net>
Gerrit-Attention: plaisthos <arne-open...@rfc2549.org>
Gerrit-Attention: cron2 <g...@greenie.muc.de>
Gerrit-Attention: flichtenheld <fr...@lichtenheld.com>
Gerrit-MessageType: newpatchset
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
