mirror of
https://github.com/OpenVPN/openvpn.git
synced 2024-09-20 12:02:28 +02:00
Disallow usage of --server-poll-timeout in --secret key mode.
The internal machinery wants TLS for this to work, so just add this to the (long) list of options not allowed unless either --tls-client or --tls-server is active. For added sanity, add an ASSERT() call to the place where this combination caused a NULL ptr reference, and document the restriction. Fix trac #373 Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Steffan Karger <steffan.karger@fox-it.com> Message-Id: <1432472554-24666-1-git-send-email-gert@greenie.muc.de> URL: http://article.gmane.org/gmane.network.openvpn.devel/9736
This commit is contained in:
parent
f4684ff2b5
commit
6478c1f359
@ -3783,6 +3783,10 @@ when polling possible remote servers to connect to
|
||||
in a round-robin fashion, spend no more than
|
||||
.B n
|
||||
seconds waiting for a response before trying the next server.
|
||||
As this only makes sense in client-to-server setups, it cannot
|
||||
be used in point-to-point setups using
|
||||
.B \-\-secret
|
||||
symmetrical key mode.
|
||||
.\"*********************************************************
|
||||
.TP
|
||||
.B \-\-explicit\-exit\-notify [n]
|
||||
|
@ -328,6 +328,7 @@ void
|
||||
check_server_poll_timeout_dowork (struct context *c)
|
||||
{
|
||||
event_timeout_reset (&c->c2.server_poll_interval);
|
||||
ASSERT(c->c2.tls_multi);
|
||||
if (!tls_initial_packet_received (c->c2.tls_multi))
|
||||
{
|
||||
msg (M_INFO, "Server poll timeout, restarting");
|
||||
|
@ -2310,6 +2310,9 @@ options_postprocess_verify_ce (const struct options *options, const struct conne
|
||||
MUST_BE_UNDEF (pkcs11_id);
|
||||
MUST_BE_UNDEF (pkcs11_id_management);
|
||||
#endif
|
||||
#if P2MP
|
||||
MUST_BE_UNDEF (server_poll_timeout);
|
||||
#endif
|
||||
|
||||
if (pull)
|
||||
msg (M_USAGE, err, "--pull");
|
||||
|
Loading…
Reference in New Issue
Block a user