Added OPENVPN_PLUGIN_TLS_FINAL plugin callback.

git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@862 e7ae566f-a301-0410-adde-c780ea21d3b5
author: james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> 2005-12-28 06:58:19 +0000
committer: james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> 2005-12-28 06:58:19 +0000
commit: d92819fa1adc5d2ee8f1c2bbd0d32829635eacf1 (patch)
tree: 63e57ec0746a84cd2cca41b95b8377cbddbb7732 /ssl.c
parent: Minor ChangeLog edit. (diff)
download: openvpn-d92819fa1adc5d2ee8f1c2bbd0d32829635eacf1.tar.xz
1 files changed, 11 insertions, 1 deletions
diff --git a/ssl.c b/ssl.c
index 7be2394..5f8b5d1 100644
--- a/ssl.c
+++ b/ssl.c
@@ -3087,7 +3087,17 @@ key_method_2_read (struct buffer *buf, struct tls_multi *multi, struct tls_sessi
   buf_clear (buf);
 
   /*
-   * generate tunnel keys if client
+   * Call OPENVPN_PLUGIN_TLS_FINAL plugin if defined, for final
+   * veto opportunity over authentication decision.
+   */
+  if (ks->authenticated && plugin_defined (session->opt->plugins, OPENVPN_PLUGIN_TLS_FINAL))
+    {
+      if (plugin_call (session->opt->plugins, OPENVPN_PLUGIN_TLS_FINAL, NULL, NULL, session->opt->es))
+	ks->authenticated = false;
+    }
+
+  /*
+   * Generate tunnel keys if client
    */
   if (!session->opt->server)
     {
author	james <james@e7ae566f-a301-0410-adde-c780ea21d3b5>	2005-12-28 06:58:19 +0000
committer	james <james@e7ae566f-a301-0410-adde-c780ea21d3b5>	2005-12-28 06:58:19 +0000
commit	d92819fa1adc5d2ee8f1c2bbd0d32829635eacf1 (patch)
tree	63e57ec0746a84cd2cca41b95b8377cbddbb7732 /ssl.c
parent	Minor ChangeLog edit. (diff)
download	openvpn-d92819fa1adc5d2ee8f1c2bbd0d32829635eacf1.tar.xz