Opened 9 years ago
Closed 8 years ago
#649 closed Bug / Defect (fixed)
Changing peer-id due to restart should not trigger ip commands
Reported by: | nwf | Owned by: | stipa |
---|---|---|---|
Priority: | major | Milestone: | release 2.3.13 |
Component: | Generic / unclassified | Version: | OpenVPN 2.3.8 (Community Ed) |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | |
Cc: | stipa |
Description
When running 2.3.8 against a git HEAD server, a client restart (caused by, e.g., ping-restart or SIGUSR1) will often get a different peer-id in its post-restart PUSH_REPLY message than it did at initial bringup. This triggers the "Pulled options changed on restart, will need to close and reopen TUN/TAP device." behavior; if privileges have been dropped, the interface configuration commands will fail, causing the OpenVPN process to exit.
Change History (10)
comment:1 Changed 9 years ago by
Cc: | stipa added |
---|---|
Milestone: | → release 2.3.11 |
comment:3 follow-up: 9 Changed 9 years ago by
We probably have more pushable options that should not trigger a interface reset. keepalive and compression settings come to mind.
comment:4 Changed 9 years ago by
Owner: | set to stipa |
---|---|
Status: | new → assigned |
comment:5 Changed 9 years ago by
Milestone: | release 2.3.11 → release 2.3.12 |
---|
comment:6 Changed 8 years ago by
Milestone: | release 2.3.12 → release 2.3.13 |
---|
comment:7 Changed 8 years ago by
comment:8 Changed 8 years ago by
merged!
commit 84022030dc2af8606e6a11c3dca1780419e7a534 (release/2.3)
commit 3cf51f613c4d0ac0982826cd2e27e1f34bcd1a83 (master)
Author: Lev Stipakov <lstipakov@…>
Date: Tue Oct 4 23:20:03 2016 +0300
Exclude peer-id from pulled options digest
comment:9 Changed 8 years ago by
Replying to plaisthos:
We probably have more pushable options that should not trigger a interface reset. keepalive and compression settings come to mind.
The way Lev has implemented this, it's now fairly easy to add further options to the no-restart-tun list.
comment:10 Changed 8 years ago by
Resolution: | → fixed |
---|---|
Status: | assigned → closed |
I think *this* ticket is done. If we want other options excluded, they should go to their own ticket.
Like, --ciper in 2.4, which is in #761 :-)
Closing, thanks Lev.
Indeed. If nothing else has changed, it should ignore that change as well...
Lev, care to look into this (client-side)?