From: Arne Schwabe Date: Sat, 24 Dec 2022 19:42:49 +0000 (+0100) Subject: Also drop incoming dco packet content when dropping the packet X-Git-Tag: v2.7_alpha1~622 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7433618cb4bea017ae7c360da42093f49cf014b4;p=thirdparty%2Fopenvpn.git Also drop incoming dco packet content when dropping the packet If we get a message from a mismatched packet we need to clear the incoming message buffer to ensure we can receive another packet. Signed-off-by: Arne Schwabe Acked-by: Gert Doering Message-Id: <20221224194253.3202231-6-arne@rfc2549.org> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg25797.html Signed-off-by: Gert Doering --- diff --git a/src/openvpn/forward.c b/src/openvpn/forward.c index 64c8ee6a0..af4ed05da 100644 --- a/src/openvpn/forward.c +++ b/src/openvpn/forward.c @@ -1194,6 +1194,8 @@ process_incoming_dco(struct context *c) msg(D_DCO_DEBUG, "%s: received message for mismatching peer-id %d, " "expected %d", __func__, dco->dco_message_peer_id, c->c2.tls_multi->dco_peer_id); + /* ensure we also drop a message if there is one in the buffer */ + buf_init(&dco->dco_packet_in, 0); return; } diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index fcb308151..9a20112e2 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -3276,6 +3276,8 @@ multi_process_incoming_dco(struct multi_context *m) else { msg(D_DCO, "Received packet for peer-id unknown to OpenVPN: %d", peer_id); + /* Also clear the buffer if this was incoming packet for a dropped peer */ + buf_init(&dco->dco_packet_in, 0); } dco->dco_message_type = 0;