max-same-clients is used to limit the number of outstanding sessions (cookies). If set to 0, it means an unlimited number of active cookies can be owned by each user. But it doesn't mean that the same cookie can be reused for multiple CSTP connections with different IPs, as the protocol does not normally work this way. --- src/main-auth.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/src/main-auth.c b/src/main-auth.c index 181c100..67a81b2 100644 --- a/src/main-auth.c +++ b/src/main-auth.c @@ -472,9 +472,6 @@ int check_multiple_users(main_server_st *s, struct proc_st* proc) struct proc_st *ctmp = NULL, *cpos; unsigned int entries = 1; /* that one */ - if (s->config->max_same_clients == 0) - return 0; /* ok */ - list_for_each_safe(&s->clist.head, ctmp, cpos, list) { if (ctmp != proc) { if (memcmp(proc->cookie, ctmp->cookie, sizeof(proc->cookie)) == 0) { @@ -492,7 +489,7 @@ unsigned int entries = 1; /* that one */ } } - if (entries > s->config->max_same_clients) + if (s->config->max_same_clients && entries > s->config->max_same_clients) return -1; return 0; -- 1.8.2.1