Fix reconnect issues when --push and UDP is used on the server

When the server is configured with UDP and --push statements, reconnecting often fails by the client never receiving PUSH_REPLY. The client sends PUSH_REQUEST and the server logs these requests but does not send them. This bug got introduced in commit ff65da3 which tries to avoid sending duplicated PUSH messages if the client/server connection is slow. This patch keeps this behaviour, but instead of a session wide PUSH_REPLY block it sets an expiry time for the PUSH_REPLY block. The expiry time is set to 30 seconds. Signed-off-by: David Sommerseth <[email protected]> Cc: James Yonan <[email protected]> Acked-by: Gert Doering <[email protected]> Acked-by: James Yonan <[email protected]> Message-Id: [email protected] URL: http://article.gmane.org/gmane.network.openvpn.devel/7044
fxckgfw · Sep 11, 2012 · 5d4f543 · 5d4f543
1 parent cae102a
commit 5d4f543
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 3 deletions.
diff --git a/src/openvpn/openvpn.h b/src/openvpn/openvpn.h
@@ -448,7 +448,7 @@ struct context_2
   /* --ifconfig endpoints to be pushed to client */
   bool push_reply_deferred;
   bool push_ifconfig_defined;
-  bool sent_push_reply;
+  time_t sent_push_reply_expiry;
   in_addr_t push_ifconfig_local;
   in_addr_t push_ifconfig_remote_netmask;
 #ifdef ENABLE_CLIENT_NAT

diff --git a/src/openvpn/push.c b/src/openvpn/push.c
@@ -416,7 +416,10 @@ process_incoming_push_msg (struct context *c,
 	}
       else if (!c->c2.push_reply_deferred && c->c2.context_auth == CAS_SUCCEEDED)
 	{
-	  if (c->c2.sent_push_reply)
+	  time_t now;
+
+	  openvpn_time(&now);
+	  if (c->c2.sent_push_reply_expiry > now)
 	    {
 	      ret = PUSH_MSG_ALREADY_REPLIED;
 	    }
@@ -425,7 +428,7 @@ process_incoming_push_msg (struct context *c,
 	      if (send_push_reply (c))
 		{
 		  ret = PUSH_MSG_REQUEST;
-		  c->c2.sent_push_reply = true;
+		  c->c2.sent_push_reply_expiry = now + 30;
 		}
 	    }
 	}