Check whether in pull_mode before warning about previous connection blocks
In particular, this eliminates the message that says "explicit-exit-notify
is ignored by previous <connection> blocks" when the option is pushed.
Note: pull_mode is identified as "allowed & OPT_P_PULL_MODE" matching
with the definition in add_options().
Reported by: Eike Lohmann e.lohmann@ic3s.de
https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg04052.h
tml
v2: move the check to verify_permissions() as suggested by
Gert <gert@greenie.muc.de>
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Antonio Quartulli <antonio@openvpn.net>
Message-Id: <1505501175-9016-1-git-send-email-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15452.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair authored on 2017/09/16 03:46:15Showing 1 changed files
| ... | ... |
@@ -4824,11 +4824,13 @@ verify_permission(const char *name, |
| 4824 | 4824 |
#ifndef ENABLE_SMALL |
| 4825 | 4825 |
/* Check if this options is allowed in connection block, |
| 4826 | 4826 |
* but we are currently not in a connection block |
| 4827 |
+ * unless this is a pushed option. |
|
| 4827 | 4828 |
* Parsing a connection block uses a temporary options struct without |
| 4828 | 4829 |
* connection_list |
| 4829 | 4830 |
*/ |
| 4830 | 4831 |
|
| 4831 |
- if ((type & OPT_P_CONNECTION) && options->connection_list) |
|
| 4832 |
+ if ((type & OPT_P_CONNECTION) && options->connection_list |
|
| 4833 |
+ && !(allowed & OPT_P_PULL_MODE)) |
|
| 4832 | 4834 |
{
|
| 4833 | 4835 |
if (file) |
| 4834 | 4836 |
{
|