mirror of
https://github.com/OpenVPN/openvpn.git
synced 2024-09-19 19:42:30 +02:00
Fix CR_RESPONSE mangaement message using wrong key_id
the management interface expects the management key id instead of the openvpn key id. In the past they often were the same for low ids which hid the bug quite well. Also do not pick uninitialised keystates (management key_id is not valid in these). Patch v2: do not add logging Change-Id: If9fa1165a0e886b570b3738546ed810a32367cbe Signed-off-by: Arne Schwabe <arne@rfc2549.org> Tested-By: Jemmy Wang Github: fixes OpenVPN/openvpn#359 Acked-by: Selva Nair <selva.nair@gmail.com> Message-Id: <20230522101138.2842378-2-arne@rfc2549.org> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26719.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
This commit is contained in:
parent
d559affd31
commit
223baa9c9b
@ -265,9 +265,9 @@ receive_cr_response(struct context *c, const struct buffer *buffer)
|
||||
struct tls_session *session = &c->c2.tls_multi->session[TM_ACTIVE];
|
||||
struct man_def_auth_context *mda = session->opt->mda_context;
|
||||
struct env_set *es = session->opt->es;
|
||||
int key_id = get_primary_key(c->c2.tls_multi)->key_id;
|
||||
unsigned int mda_key_id = get_primary_key(c->c2.tls_multi)->mda_key_id;
|
||||
|
||||
management_notify_client_cr_response(key_id, mda, es, m);
|
||||
management_notify_client_cr_response(mda_key_id, mda, es, m);
|
||||
#endif
|
||||
#if ENABLE_PLUGIN
|
||||
verify_crresponse_plugin(c->c2.tls_multi, m);
|
||||
|
Loading…
Reference in New Issue
Block a user