mirror of
https://github.com/OpenVPN/openvpn3.git
synced 2024-09-20 04:02:15 +02:00
6bc9c0bd59
The NTLM protocol implementation does not validate the length of the proxy server’s response. If the response is shorter than expected, the code will access the response buffer out of bounds, which will raise an exception. This change checks and explicitly raises an exception with an informative message if the response is too short. This was never a security issue as such but might result in a client terminating early and without a nice diagnostic. Signed-off-by: Charlie Vigue <charlie.vigue@openvpn.com> |
||
|---|---|---|
| .. | ||
| httpdigest.hpp | ||
| listener.hpp | ||
| ntlm.hpp | ||
| proxyauth.hpp | ||