Index: net/ocserv/files/patch-tun
===================================================================
--- net/ocserv/files/patch-tun	(nonexistent)
+++ net/ocserv/files/patch-tun	(working copy)
@@ -0,0 +1,52 @@
+--- src/tun.c
++++ src/tun.c
+@@ -895,3 +895,22 @@ ssize_t tun_read(int sockfd, void *buf, size_t len)
+ 	return read(sockfd, buf, len);
+ }
+ #endif
++
++#ifndef __FreeBSD__
++int tun_claim(int sockfd)
++{
++
++	return (0);
++}
++#else
++/*
++ * FreeBSD has a mechanism by which a tunnel has a single controlling process,
++ * and only that one process may close it.  When the controlling process closes
++ * the tunnel, the state is torn down.
++ */
++int tun_claim(int sockfd)
++{
++
++	return (ioctl(sockfd, TUNSIFPID, 0));
++}
++#endif	/* !__FreeBSD__ */
+diff --git a/src/tun.h b/src/tun.h
+index 8acad114..9e05845b 100644
+--- src/tun.h
++++ src/tun.h
+@@ -35,5 +35,6 @@ struct tun_lease_st {
+ 
+ ssize_t tun_write(int sockfd, const void *buf, size_t len);
+ ssize_t tun_read(int sockfd, void *buf, size_t len);
++int tun_claim(int sockfd);
+ 
+ #endif
+diff --git a/src/worker-auth.c b/src/worker-auth.c
+index 7fbdeaf3..d17127fe 100644
+--- src/worker-auth.c
++++ src/worker-auth.c
+@@ -605,7 +605,10 @@ static int recv_cookie_auth_reply(worker_st * ws)
+ 	case AUTH__REP__OK:
+ 		if (socketfd != -1) {
+ 			ws->tun_fd = socketfd;
+-
++			if (tun_claim(ws->tun_fd) != 0) {
++				ret = ERR_AUTH_FAIL;
++				goto cleanup;
++			}
+ 			if (msg->vname == NULL || msg->config == NULL || msg->user_name == NULL || msg->sid.len != sizeof(ws->sid)) {
+ 				ret = ERR_AUTH_FAIL;
+ 				goto cleanup;

Property changes on: net/ocserv/files/patch-tun
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property