From: yatta <ytzhang01@foxmail.com>
Date: Thu, 19 Oct 2023 17:12:13 +0000 (+0800)
Subject: fix(ssl): init peer_id when init tls_multi
X-Git-Tag: v2.6.9~25
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=6dffbf6a2a0fdacb3509410f665a69dfa3b28cbc;p=thirdparty%2Fopenvpn.git

fix(ssl): init peer_id when init tls_multi

When openvpn run in UDP server mode, if ssl connections reach the
max clients, the next connection would be failed in `multi_create_instance`
and the half connection will be close in `multi_close_instance`, which
may lead array `m->instances[0]` covered unexpectedly and make the
first connection interrupt, this patch fix this problem by init `peer_id`
with `MAX_PEER_ID` in `tils_multi_init`.

Signed-off-by: yatta <ytzhang01@foxmail.com
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <tencent_C49D67EAA5678D180C293706A9469EFE8307@qq.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27260.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 3e30504d86f0fe5556acc0cb8e6975c5b2277661)
---

diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index 698c40038..76b16f307 100644
--- a/src/openvpn/ssl.c
+++ b/src/openvpn/ssl.c
@@ -64,6 +64,7 @@
 #include "dco.h"
 
 #include "memdbg.h"
+#include "openvpn.h"
 
 #ifdef MEASURE_TLS_HANDSHAKE_STATS
 
@@ -1315,6 +1316,7 @@ tls_multi_init(struct tls_options *tls_options)
     /* get command line derived options */
     ret->opt = *tls_options;
     ret->dco_peer_id = -1;
+    ret->peer_id = MAX_PEER_ID;
 
     return ret;
 }