Don't disconnect clients in TunnelServer mode who send unauthorised ADD_SUBNETs.
authorGuus Sliepen <guus@tinc-vpn.org>
Sun, 11 Oct 2009 11:51:10 +0000 (13:51 +0200)
committerGuus Sliepen <guus@tinc-vpn.org>
Sun, 11 Oct 2009 11:51:10 +0000 (13:51 +0200)
So that we are liberal in what we accept.

src/protocol_subnet.c

index e7ab8b2..f7ce53b 100644 (file)
@@ -112,7 +112,7 @@ bool add_subnet_h(connection_t *c) {
 
                for(cfg = lookup_config(c->config_tree, "Subnet"); cfg; cfg = lookup_config_next(c->config_tree, cfg)) {
                        if(!get_config_subnet(cfg, &allowed))
-                               return false;
+                               continue;
 
                        if(!subnet_compare(&s, allowed))
                                break;
@@ -121,9 +121,9 @@ bool add_subnet_h(connection_t *c) {
                }
 
                if(!cfg) {
-                       logger(LOG_WARNING, "Unauthorized %s from %s (%s) for %s",
-                               "ADD_SUBNET", c->name, c->hostname, subnetstr);
-                       return false;
+                       logger(LOG_WARNING, "Ignoring unauthorized %s from %s (%s): %s",
+                                       "ADD_SUBNET", c->name, c->hostname, subnetstr);
+                       return true;
                }
 
                free_subnet(allowed);