Description: move address checks further down to avoid certain failures this tries to avoid certain failures with the LDAP plugin where it doesn't get passed the remoteAddress in certain cases. since we do may not care about this address, we fail only when really necessary. Author: Antoine Beaupré Origin: vendor Bug-Debian: https://bugs.debian.org/692936 Bug: https://github.com/threerings/openvpn-auth-ldap/issues/4 Forwarded: https://github.com/threerings/openvpn-auth-ldap/pull/75 Last-Update: 2019-08-05 Index: openvpn-auth-ldap/src/auth-ldap.m =================================================================== --- openvpn-auth-ldap.orig/src/auth-ldap.m 2019-05-24 14:55:39.951617229 +0000 +++ openvpn-auth-ldap/src/auth-ldap.m 2019-08-05 08:02:46.617247715 +0000 @@ -523,7 +523,10 @@ } if (tableName) - if (!pf_client_connect_disconnect(ctx, tableName, remoteAddress, connecting)) + if (!remoteAddress) { + [TRLog debug: "No remote address supplied to OpenVPN LDAP Plugin (OPENVPN_PLUGIN_CLIENT_CONNECT)."]; + return OPENVPN_PLUGIN_FUNC_ERROR; + } else if (!pf_client_connect_disconnect(ctx, tableName, remoteAddress, connecting)) return OPENVPN_PLUGIN_FUNC_ERROR; #endif /* HAVE_PF */ @@ -582,18 +585,10 @@ break; /* New connection established */ case OPENVPN_PLUGIN_CLIENT_CONNECT: - if (!remoteAddress) { - [TRLog debug: "No remote address supplied to OpenVPN LDAP Plugin (OPENVPN_PLUGIN_CLIENT_CONNECT)."]; - } else { - ret = handle_client_connect_disconnect(ctx, ldap, ldapUser, remoteAddress, YES); - } + ret = handle_client_connect_disconnect(ctx, ldap, ldapUser, remoteAddress, YES); break; case OPENVPN_PLUGIN_CLIENT_DISCONNECT: - if (!remoteAddress) { - [TRLog debug: "No remote address supplied to OpenVPN LDAP Plugin (OPENVPN_PLUGIN_CLIENT_DISCONNECT)."]; - } else { - ret = handle_client_connect_disconnect(ctx, ldap, ldapUser, remoteAddress, NO); - } + ret = handle_client_connect_disconnect(ctx, ldap, ldapUser, remoteAddress, NO); break; default: [TRLog debug: "Unhandled plugin type in OpenVPN LDAP Plugin (type=%d)", type];