git.ipfire.org Git - thirdparty/openvpn.git/commit

author	David Sommerseth <davids@openvpn.net>
	Tue, 15 Mar 2022 15:53:43 +0000 (16:53 +0100)
committer	Gert Doering <gert@greenie.muc.de>
	Tue, 15 Mar 2022 17:28:49 +0000 (18:28 +0100)
commit	58ec3bb4aac77131118dbbc39a65181e7847adee
tree	80bf03fec651e6225f7b51325d6738371571cc8d	tree \| snapshot
parent	4d63d15ef9e1eb34ffdc4028a96f506decced99c	commit \| diff

plug-ins: Disallow multiple deferred authentication plug-ins

The plug-in API in OpenVPN 2.x is not designed for running multiple
deferred authentication processes in parallel. The authentication
results of such configurations are not to be trusted. For now we bail
out when this discovered with an error in the log.

This is a backport of commit 282ddbac54f8d4923844f699 (master), taking
the different man-page format into account. The code change is the same.

CVE: 2022-0547
Signed-off-by: David Sommerseth <davids@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20220315155344.37787-3-openvpn@sf.lists.topphemmelig.net>
URL: https://www.mail-archive.com/search?l=mid&q=20220315155344.37787-3-openvpn@sf.lists.topphemmelig.net
Signed-off-by: Gert Doering <gert@greenie.muc.de>

doc/openvpn.8		diff \| blob \| blame \| history
src/openvpn/plugin.c		diff \| blob \| blame \| history