aboutsummaryrefslogtreecommitdiff
path: root/packet_id.c
diff options
context:
space:
mode:
authorjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2008-06-04 05:16:44 +0000
committerjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2008-06-04 05:16:44 +0000
commit47ae8457f9e9c2bb0f5c1e8f28822e1bbc16c196 (patch)
tree0f47ea714dda8312ee85fe7530ee231c59b91221 /packet_id.c
parentFixed a bug in plugin.c that caused openvpn_plugin_client_destructor_v1 (diff)
downloadopenvpn-47ae8457f9e9c2bb0f5c1e8f28822e1bbc16c196.tar.xz
Incremented version to 2.1_rc7d.
Support asynchronous authentication by plugins by allowing OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY to return OPENVPN_PLUGIN_FUNC_DEFERRED. See comments in openvpn-plugin.h for documentation. Enabled by ENABLE_DEF_AUTH. Added a simple packet filter functionality that can be driven by a plugin. See comments in openvpn-plugin.h for documentation. Enabled by ENABLE_PF. See openvpn/plugin/defer/simple.c for examples of ENABLE_DEF_AUTH and ENABLE_PF. "TLS Error: local/remote TLS keys are out of sync" is no longer a fatal error for TCP-based sessions, since the error can arise normally in the course of deferred authentication. In a related change, allow packet-id sequence to begin at some number n > 0 for TCP sessions, rather than strictly requiring sequence to begin at 1. Added a test to configure.ac for LoadLibrary function on Windows. Modified "make dist" function to include all files from install-win32 so that ./domake-win can be run from a tarball-expanded directory. setenv and setenv-safe directives may now omit a value argument which defaults to "". git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2978 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to 'packet_id.c')
-rw-r--r--packet_id.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/packet_id.c b/packet_id.c
index 08e5974..b1e1caa 100644
--- a/packet_id.c
+++ b/packet_id.c
@@ -209,12 +209,12 @@ packet_id_test (const struct packet_id_rec *p,
{
/*
* In non-backtrack mode, all sequence number series must
- * begin at 1 and must increment linearly without gaps.
+ * begin at some number n > 0 and must increment linearly without gaps.
*
* This mode is used with TCP.
*/
if (pin->time == p->time)
- return pin->id == p->id + 1;
+ return !p->id || pin->id == p->id + 1;
else if (pin->time < p->time) /* if time goes back, reject */
return false;
else /* time moved forward */