New upstream version 2.4.9upstream/2.4.9

author: Bernhard Schmidt <berni@debian.org> 2020-04-19 15:52:33 +0200
committer: Bernhard Schmidt <berni@debian.org> 2020-04-19 15:52:33 +0200
commit: 620785fe268a1221c1ba7a9cb5a70f3140a4f1ca (patch)
tree: 7b876715822d9620801283022ba73f2fce7387a3 /src/openvpn/push.c
parent: 8a3450ef8682b9085637d7b94afc5c7e6f92e64b (diff)
1 files changed, 9 insertions, 4 deletions
diff --git a/src/openvpn/push.c b/src/openvpn/push.c
index dd5bd41..002be23 100644
--- a/src/openvpn/push.c
+++ b/src/openvpn/push.c
@@ -287,11 +287,16 @@ incoming_push_message(struct context *c, const struct buffer *buffer)
     {
         if (c->options.mode == MODE_SERVER)
         {
+            struct frame *frame_fragment = NULL;
+#ifdef ENABLE_FRAGMENT
+            if (c->options.ce.fragment)
+            {
+                frame_fragment = &c->c2.frame_fragment;
+            }
+#endif
             struct tls_session *session = &c->c2.tls_multi->session[TM_ACTIVE];
-            /* Do not regenerate keys if client send a second push request */
-            if (!session->key[KS_PRIMARY].crypto_options.key_ctx_bi.initialized
-                && !tls_session_update_crypto_params(session, &c->options,
-                                                     &c->c2.frame))
+            if (!tls_session_update_crypto_params(session, &c->options,
+                                                  &c->c2.frame, frame_fragment))
             {
                 msg(D_TLS_ERRORS, "TLS Error: initializing data channel failed");
                 goto error;
author	Bernhard Schmidt <berni@debian.org>	2020-04-19 15:52:33 +0200
committer	Bernhard Schmidt <berni@debian.org>	2020-04-19 15:52:33 +0200
commit	620785fe268a1221c1ba7a9cb5a70f3140a4f1ca (patch)
tree	7b876715822d9620801283022ba73f2fce7387a3 /src/openvpn/push.c
parent	8a3450ef8682b9085637d7b94afc5c7e6f92e64b (diff)