]> git.ipfire.org Git - thirdparty/openvpn.git/commit
projects / thirdparty / openvpn.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 489c45f) | patch
Ensure tls session is authenticated before sending push reply
authorArne Schwabe <arne@rfc2549.org>
Thu, 24 Jun 2021 13:08:40 +0000 (15:08 +0200)
committerGert Doering <gert@greenie.muc.de>
Thu, 24 Jun 2021 14:38:18 +0000 (16:38 +0200)
commit87c8c081d5a1ede46b3cb01e0c25a876441f074b
treeb4569fcb0833560124708406090d5aba838916ebtree
parent489c45fb373adfb22c2f1dd0a524bde17c686876commit | diff
Ensure tls session is authenticated before sending push reply

We ensure here that the tls session is authenticated before sending
a push_reply

This the final part of the fix for CVE-2020-15078 in the master branch.

CVE: 2020-15078
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20210624130840.2583433-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg22587.html

Signed-off-by: Gert Doering <gert@greenie.muc.de>
src/openvpn/push.c diff | blob | blame | history
Mirror of https://github.com/OpenVPN/openvpn.git