From: Guus Sliepen <guus@tinc-vpn.org>
Date: Sun, 11 Oct 2009 11:51:10 +0000 (+0200)
Subject: Don't disconnect clients in TunnelServer mode who send unauthorised ADD_SUBNETs.
X-Git-Tag: release-1.0.10~10
X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=commitdiff_plain;h=5cddf5e52aeb20e50c887356ad23aec354e04151

Don't disconnect clients in TunnelServer mode who send unauthorised ADD_SUBNETs.

So that we are liberal in what we accept.
---

diff --git a/src/protocol_subnet.c b/src/protocol_subnet.c
index e7ab8b24..f7ce53b9 100644
--- a/src/protocol_subnet.c
+++ b/src/protocol_subnet.c
@@ -112,7 +112,7 @@ bool add_subnet_h(connection_t *c) {
 
 		for(cfg = lookup_config(c->config_tree, "Subnet"); cfg; cfg = lookup_config_next(c->config_tree, cfg)) {
 			if(!get_config_subnet(cfg, &allowed))
-				return false;
+				continue;
 
 			if(!subnet_compare(&s, allowed))
 				break;
@@ -121,9 +121,9 @@ bool add_subnet_h(connection_t *c) {
 		}
 
 		if(!cfg) {
-			logger(LOG_WARNING, "Unauthorized %s from %s (%s) for %s",
-				"ADD_SUBNET", c->name, c->hostname, subnetstr);
-			return false;
+			logger(LOG_WARNING, "Ignoring unauthorized %s from %s (%s): %s",
+					"ADD_SUBNET", c->name, c->hostname, subnetstr);
+			return true;
 		}
 
 		free_subnet(allowed);