Update upstream source from tag 'upstream/2.5_beta1'

Update to upstream version '2.5~beta1'
with Debian dir d53f9a482ac24eb491a294b26c24bb1d87afad24

1 files changed, 44 insertions, 1 deletions

diff --git a/src/openvpn/pf.h b/src/openvpn/pf.h
index ff75a00..c64d21b 100644
--- a/src/openvpn/pf.h
+++ b/src/openvpn/pf.h
@@ -31,6 +31,9 @@
 
 #define PF_MAX_LINE_LEN 256
 
+#define PCT_SRC  1
+#define PCT_DEST 2
+
 struct context;
 
 struct ipv4_subnet {
@@ -75,7 +78,7 @@ struct pf_context {
     bool enabled;
     struct pf_set *pfs;
 #ifdef PLUGIN_PF
-    char *filename;
+    const char *filename;
     time_t file_last_mod;
     unsigned int n_check_reload;
     struct event_timeout reload;
@@ -101,4 +104,44 @@ void pf_context_print(const struct pf_context *pfc, const char *prefix, const in
 
 #endif
 
+bool pf_addr_test_dowork(const struct context *src,
+                         const struct mroute_addr *dest, const char *prefix);
+
+static inline bool
+pf_addr_test(const struct pf_context *src_pf, const struct context *src,
+             const struct mroute_addr *dest, const char *prefix)
+{
+    if (src_pf->enabled)
+    {
+        return pf_addr_test_dowork(src, dest, prefix);
+    }
+    else
+    {
+        return true;
+    }
+}
+
+/*
+ * Inline functions
+ */
+
+bool pf_cn_test(struct pf_set *pfs, const struct tls_multi *tm, const int type,
+                const char *prefix);
+
+static inline bool
+pf_c2c_test(const struct pf_context *src_pf, const struct tls_multi *src,
+            const struct pf_context *dest_pf, const struct tls_multi *dest,
+            const char *prefix)
+{
+    return (!src_pf->enabled || pf_cn_test(src_pf->pfs, dest, PCT_DEST, prefix))
+           && (!dest_pf->enabled || pf_cn_test(dest_pf->pfs, src, PCT_SRC,
+                                               prefix));
+}
+
+static inline bool
+pf_kill_test(const struct pf_set *pfs)
+{
+    return pfs->kill;
+}
+
 #endif /* if defined(ENABLE_PF) && !defined(OPENVPN_PF_H) */