aboutsummaryrefslogtreecommitdiff
path: root/ssl.c
diff options
context:
space:
mode:
authorJames Yonan <james@openvpn.net>2010-03-06 15:38:23 +0000
committerJames Yonan <james@openvpn.net>2010-03-06 15:38:23 +0000
commit112e6704c963841f65f2bdd958f289fd7e50f007 (patch)
tree50062a463c9d502bef130a4ff39e66d5745a3480 /ssl.c
parentFixed an issue in the Management Interface that could cause (diff)
downloadopenvpn-112e6704c963841f65f2bdd958f289fd7e50f007.tar.xz
Fixed an issue where if reneg-sec was set to 0 on the client,
so that the server-side value would take precedence, the auth_deferred_expire_window function would incorrectly return a window period of 0 seconds. In this case, the correct window period should be the handshake window period. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5464 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to 'ssl.c')
-rw-r--r--ssl.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/ssl.c b/ssl.c
index 82e04a3..102b02e 100644
--- a/ssl.c
+++ b/ssl.c
@@ -3702,9 +3702,12 @@ key_method_2_read (struct buffer *buf, struct tls_multi *multi, struct tls_sessi
static int
auth_deferred_expire_window (const struct tls_options *o)
{
- const int hw = o->handshake_window;
+ int ret = o->handshake_window;
const int r2 = o->renegotiate_seconds / 2;
- return min_int (hw, r2);
+
+ if (o->renegotiate_seconds && r2 < ret)
+ ret = r2;
+ return ret;
}
/*