From 70d1626b33d5966aec21eb193d928a4df6e83e8b Mon Sep 17 00:00:00 2001
From: James Yonan <james@openvpn.net>
Date: Tue, 25 Sep 2012 01:05:41 +0200
Subject: [PATCH 4/4] Always push basic set of peer info values to server.
On the client, allow certain peer info fields to be pushed even if
push-peer-info isn't specified in the config.
This is needed to allow the compression handshake to work correctly
(i.e. where the client indicates its support for LZO and/or Snappy).
Fields that have privacy implications such as Mac Address and UV_*
environment variables will not be pushed to the server as before unless
push-peer-info is specified by client config.
OpenVPN SVN r8225 (2.1.21c)
Signed-off-by: Gert Doering <gert@greenie.muc.de>
---
src/openvpn/ssl.c | 82 ++++++++++++++++++++++++++++---------------------------
1 file changed, 42 insertions(+), 40 deletions(-)
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index cf36191..4843065 100644
a
|
b
|
push_peer_info(struct buffer *buf, struct tls_session *session) |
1775 | 1775 | bool ret = false; |
1776 | 1776 | |
1777 | 1777 | #ifdef ENABLE_PUSH_PEER_INFO |
1778 | | if (session->opt->push_peer_info) /* write peer info */ |
1779 | | { |
1780 | | struct env_set *es = session->opt->es; |
1781 | | struct env_item *e; |
1782 | | struct buffer out = alloc_buf_gc (512*3, &gc); |
| 1778 | { |
| 1779 | struct env_set *es = session->opt->es; |
| 1780 | struct env_item *e; |
| 1781 | struct buffer out = alloc_buf_gc (512*3, &gc); |
1783 | 1782 | |
1784 | | /* push version */ |
1785 | | buf_printf (&out, "IV_VER=%s\n", PACKAGE_VERSION); |
| 1783 | /* push version */ |
| 1784 | buf_printf (&out, "IV_VER=%s\n", PACKAGE_VERSION); |
1786 | 1785 | |
1787 | | /* push platform */ |
| 1786 | /* push platform */ |
1788 | 1787 | #if defined(TARGET_LINUX) |
1789 | | buf_printf (&out, "IV_PLAT=linux\n"); |
| 1788 | buf_printf (&out, "IV_PLAT=linux\n"); |
1790 | 1789 | #elif defined(TARGET_SOLARIS) |
1791 | | buf_printf (&out, "IV_PLAT=solaris\n"); |
| 1790 | buf_printf (&out, "IV_PLAT=solaris\n"); |
1792 | 1791 | #elif defined(TARGET_OPENBSD) |
1793 | | buf_printf (&out, "IV_PLAT=openbsd\n"); |
| 1792 | buf_printf (&out, "IV_PLAT=openbsd\n"); |
1794 | 1793 | #elif defined(TARGET_DARWIN) |
1795 | | buf_printf (&out, "IV_PLAT=mac\n"); |
| 1794 | buf_printf (&out, "IV_PLAT=mac\n"); |
1796 | 1795 | #elif defined(TARGET_NETBSD) |
1797 | | buf_printf (&out, "IV_PLAT=netbsd\n"); |
| 1796 | buf_printf (&out, "IV_PLAT=netbsd\n"); |
1798 | 1797 | #elif defined(TARGET_FREEBSD) |
1799 | | buf_printf (&out, "IV_PLAT=freebsd\n"); |
| 1798 | buf_printf (&out, "IV_PLAT=freebsd\n"); |
1800 | 1799 | #elif defined(WIN32) |
1801 | | buf_printf (&out, "IV_PLAT=win\n"); |
| 1800 | buf_printf (&out, "IV_PLAT=win\n"); |
1802 | 1801 | #endif |
1803 | 1802 | |
1804 | | /* push mac addr */ |
1805 | | { |
1806 | | struct route_gateway_info rgi; |
1807 | | get_default_gateway (&rgi); |
1808 | | if (rgi.flags & RGI_HWADDR_DEFINED) |
1809 | | buf_printf (&out, "IV_HWADDR=%s\n", format_hex_ex (rgi.hwaddr, 6, 0, 1, ":", &gc)); |
1810 | | } |
1811 | | |
1812 | | /* push compression status */ |
| 1803 | /* push compression status */ |
1813 | 1804 | #ifdef USE_COMP |
1814 | | comp_generate_peer_info_string(&session->opt->comp_options, &out); |
| 1805 | comp_generate_peer_info_string(&session->opt->comp_options, &out); |
1815 | 1806 | #endif |
1816 | 1807 | |
1817 | | /* push env vars that begin with UV_ */ |
1818 | | for (e=es->list; e != NULL; e=e->next) |
| 1808 | if (session->opt->push_peer_info) |
| 1809 | { |
| 1810 | /* push mac addr */ |
1819 | 1811 | { |
1820 | | if (e->string) |
1821 | | { |
1822 | | if (!strncmp(e->string, "UV_", 3) && buf_safe(&out, strlen(e->string)+1)) |
1823 | | buf_printf (&out, "%s\n", e->string); |
1824 | | } |
| 1812 | struct route_gateway_info rgi; |
| 1813 | get_default_gateway (&rgi); |
| 1814 | if (rgi.flags & RGI_HWADDR_DEFINED) |
| 1815 | buf_printf (&out, "IV_HWADDR=%s\n", format_hex_ex (rgi.hwaddr, 6, 0, 1, ":", &gc)); |
1825 | 1816 | } |
1826 | 1817 | |
1827 | | if (!write_string(buf, BSTR(&out), -1)) |
1828 | | goto error; |
1829 | | } |
1830 | | else |
| 1818 | /* push env vars that begin with UV_ */ |
| 1819 | for (e=es->list; e != NULL; e=e->next) |
| 1820 | { |
| 1821 | if (e->string) |
| 1822 | { |
| 1823 | if (!strncmp(e->string, "UV_", 3) && buf_safe(&out, strlen(e->string)+1)) |
| 1824 | buf_printf (&out, "%s\n", e->string); |
| 1825 | } |
| 1826 | } |
| 1827 | } |
| 1828 | |
| 1829 | if (!write_string(buf, BSTR(&out), -1)) |
| 1830 | goto error; |
| 1831 | } |
| 1832 | #else |
| 1833 | { |
| 1834 | if (!write_empty_string (buf)) /* no peer info */ |
| 1835 | goto error; |
| 1836 | } |
1831 | 1837 | #endif |
1832 | | { |
1833 | | if (!write_empty_string (buf)) /* no peer info */ |
1834 | | goto error; |
1835 | | } |
1836 | 1838 | ret = true; |
1837 | 1839 | |
1838 | 1840 | error: |