struct hash_bucket *bucket = hash_bucket (hash, hv);
uint8_t* ptr = BPTR(&m->top.c2.buf);
uint8_t op = ptr[0] >> P_OPCODE_SHIFT;
+ bool v2 = (op == P_DATA_V2) && (m->top.c2.buf.len >= (1 + 3));
+ bool peer_id_disabled = false;
/* make sure buffer has enough length to read opcode (1 byte) and peer-id (3 bytes) */
- if (op == P_DATA_V2 && m->top.c2.buf.len >= (1 + 3))
+ if (v2)
{
uint32_t peer_id = ntohl(*(uint32_t*)ptr) & 0xFFFFFF;
- if ((peer_id < m->max_clients) && (m->instances[peer_id]))
+ peer_id_disabled = (peer_id == MAX_PEER_ID);
+
+ if (!peer_id_disabled && (peer_id < m->max_clients) && (m->instances[peer_id]))
{
mi = m->instances[peer_id];
}
}
}
- else
+ if (!v2 || peer_id_disabled)
{
he = hash_lookup_fast (hash, bucket, &real, hv);
if (he)
hash_add_fast (hash, bucket, &mi->real, hv, mi);
mi->did_real_hash = true;
+ /* max_clients must be less then max peer-id value */
+ ASSERT(m->max_clients < MAX_PEER_ID);
+
for (i = 0; i < m->max_clients; ++i)
{
if (!m->instances[i])
}
#endif
- m->instances[mi->context.c2.tls_multi->peer_id] = NULL;
+ if (mi->context.c2.tls_multi->peer_id != MAX_PEER_ID)
+ m->instances[mi->context.c2.tls_multi->peer_id] = NULL;
schedule_remove_entry (m->schedule, (struct schedule_entry *) mi);
msg (msglevel, "--max-clients must be at least 1");
goto err;
}
+ if (max_clients >= MAX_PEER_ID) /* max peer-id value */
+ {
+ msg (msglevel, "--max-clients must be less than %d", MAX_PEER_ID);
+ goto err;
+ }
options->max_clients = max_clients;
}
else if (streq (p[0], "max-routes-per-client") && p[1] && !p[2])
projects / thirdparty / openvpn.git / commitdiff
