mirror of
https://github.com/OpenVPN/openvpn3.git
synced 2024-09-20 12:12:15 +02:00
e7badefd70
Due to a typ0 in the validate_tls_crypt() function, ack_skip() is invoked with the not-yet decrypted packet as argument instead of the decrypted one. This leads to buffer exceptions, becuse ack_skip() will read a bogus ACK array length instead of the proper value. This bug may lead to renegotiations issues on clients due to a forced rejection of soft-reset packets in proto.hpp:control_net_recv(). Fix the issue by passing the proper packet buffer to ack_skip(). Signed-off-by: Antonio Quartulli <antonio@openvpn.net> |
||
---|---|---|
.. | ||
datalimit.hpp | ||
is_openvpn_protocol.hpp | ||
kuparse.hpp | ||
mssparms.hpp | ||
nscert.hpp | ||
peerinfo.hpp | ||
proto_context_options.hpp | ||
proto.hpp | ||
protostack.hpp | ||
psid.hpp | ||
sslapi.hpp | ||
sslchoose.hpp | ||
sslconsts.hpp | ||
ssllog.hpp | ||
tls_cert_profile.hpp | ||
tls_remote.hpp | ||
tlsprf.hpp | ||
tlsver.hpp |