mirror of
https://github.com/OpenVPN/openvpn3.git
synced 2024-09-20 12:12:15 +02:00
e7badefd70
Due to a typ0 in the validate_tls_crypt() function, ack_skip() is invoked with the not-yet decrypted packet as argument instead of the decrypted one. This leads to buffer exceptions, becuse ack_skip() will read a bogus ACK array length instead of the proper value. This bug may lead to renegotiations issues on clients due to a forced rejection of soft-reset packets in proto.hpp:control_net_recv(). Fix the issue by passing the proper packet buffer to ack_skip(). Signed-off-by: Antonio Quartulli <antonio@openvpn.net> |
||
|---|---|---|
| .. | ||
| datalimit.hpp | ||
| is_openvpn_protocol.hpp | ||
| kuparse.hpp | ||
| mssparms.hpp | ||
| nscert.hpp | ||
| peerinfo.hpp | ||
| proto_context_options.hpp | ||
| proto.hpp | ||
| protostack.hpp | ||
| psid.hpp | ||
| sslapi.hpp | ||
| sslchoose.hpp | ||
| sslconsts.hpp | ||
| ssllog.hpp | ||
| tls_cert_profile.hpp | ||
| tls_remote.hpp | ||
| tlsprf.hpp | ||
| tlsver.hpp | ||