int
process_incoming_push_request(struct context *c)
{
int ret = PUSH_MSG_ERROR;
#ifdef ENABLE_ASYNC_PUSH
c->c2.push_request_received = true;
#endif
if (tls_authentication_status(c->c2.tls_multi, 0) == TLS_AUTHENTICATION_FAILED || c->c2.context_auth == CAS_FAILED)
{
const char *client_reason = tls_client_reason(c->c2.tls_multi);
send_auth_failed(c, client_reason);
ret = PUSH_MSG_AUTH_FAILURE;
}
else if (!c->c2.push_reply_deferred && c->c2.context_auth == CAS_SUCCEEDED)
{
time_t now;
openvpn_time(&now);
if (c->c2.sent_push_reply_expiry > now)
{
ret = PUSH_MSG_ALREADY_REPLIED;
}
else
{
/* per-client push options - peer-id, cipher, ifconfig, ipv6-ifconfig */
struct push_list push_list;
struct gc_arena gc = gc_new();
CLEAR(push_list);
if (prepare_push_reply(c, &gc, &push_list)
&& send_push_reply(c, &push_list))
{
ret = PUSH_MSG_REQUEST;
c->c2.sent_push_reply_expiry = now + 30;
}
gc_free(&gc);
}
}
else
{
ret = PUSH_MSG_REQUEST_DEFERRED;
}
return ret;
}
int
process_incoming_push_request (struct context *c)
{
int ret = PUSH_MSG_ERROR;
#ifdef ENABLE_ASYNC_PUSH
c->c2.push_request_received = true;
#endif
if (tls_authentication_status (c->c2.tls_multi, 0) == TLS_AUTHENTICATION_FAILED || c->c2.context_auth == CAS_FAILED)
{
const char *client_reason = tls_client_reason (c->c2.tls_multi);
send_auth_failed (c, client_reason);
ret = PUSH_MSG_AUTH_FAILURE;
}
else if (!c->c2.push_reply_deferred && c->c2.context_auth == CAS_SUCCEEDED)
{
time_t now;
openvpn_time (&now);
if (c->c2.sent_push_reply_expiry > now)
{
ret = PUSH_MSG_ALREADY_REPLIED;
}
else
{
if (prepare_push_reply(&c->options, c->c2.tls_multi) &&
send_push_reply (c))
{
ret = PUSH_MSG_REQUEST;
c->c2.sent_push_reply_expiry = now + 30;
}
}
}
else
{
ret = PUSH_MSG_REQUEST_DEFERRED;
}
return ret;
}
