mirror of
https://github.com/OpenVPN/openvpn.git
synced 2024-09-19 19:42:30 +02:00
414f428fa2
This makes OpenVPN more picky in accepting control message in two aspects: - Characters are checked in the whole buffer and not until the first NUL byte - if the message contains invalid characters, we no longer continue evaluating a fixed up version of the message but rather stop processing it completely. Previously it was possible to get invalid characters to end up in log files or on a terminal. This also prepares the logic a bit in the direction of having a proper framing of control messages separated by null bytes instead of relying on the TLS framing for that. All OpenVPN implementations write the 0 bytes between control commands. This patch also include several improvement suggestion from Reynir (thanks!). CVE: 2024-5594 Reported-By: Reynir Björnsson <reynir@reynir.dk> Change-Id: I0d926f910637dabc89bf5fa919dc6beef1eb46d9 Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Antonio Quartulli <a@unstable.cc> Message-Id: <20240619103004.56460-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg28791.html Signed-off-by: Gert Doering <gert@greenie.muc.de> |
||
|---|---|---|
| .. | ||
| unit_tests | ||
| Makefile.am | ||
| ntlm_support.c | ||
| null_client_up.sh | ||
| t_client.rc-sample | ||
| t_client.sh.in | ||
| t_cltsrv-down.sh | ||
| t_cltsrv.sh | ||
| t_lpback.sh | ||
| t_net.sh | ||
| t_server_null_client.sh | ||
| t_server_null_default.rc | ||
| t_server_null_server.sh | ||
| t_server_null_stress.sh | ||
| t_server_null.rc-sample | ||
| t_server_null.sh | ||
| update_t_client_ips.sh | ||