From: Arne Schwabe <arne@rfc2549.org>
Date: Thu, 9 Mar 2023 12:00:31 +0000 (+0100)
Subject: Ensure n = 2 is set in key2 struct in tls_crypt_v2_unwrap_client_key
X-Git-Tag: v2.7_alpha1~527
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=85832307fcb41c229ccb7ba83984726757eb32f7;p=thirdparty%2Fopenvpn.git

Ensure n = 2 is set in key2 struct in tls_crypt_v2_unwrap_client_key

The ASSERT in xor_key2 assumes that all methods that load a key2 struct
correctly set n=2. However, tls_crypt_v2_unwrap_client_key loads a key
without setting n = 2, triggering the assert.

Github: Closes and reported in OpenVPN/openvpn#272

Change-Id: Iaeb163d83b95818e0b26faf9d25e7737dc8ecb23
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Antonio Quartulli <a@unstable.cc>
Message-Id: <20230309120031.3780130-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26363.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
---

diff --git a/src/openvpn/tls_crypt.c b/src/openvpn/tls_crypt.c
index 3b68d186b..88b2d6d7c 100644
--- a/src/openvpn/tls_crypt.c
+++ b/src/openvpn/tls_crypt.c
@@ -532,6 +532,7 @@ tls_crypt_v2_unwrap_client_key(struct key2 *client_key, struct buffer *metadata,
     }
     memcpy(&client_key->keys, BPTR(&plaintext), sizeof(client_key->keys));
     ASSERT(buf_advance(&plaintext, sizeof(client_key->keys)));
+    client_key->n = 2;
 
     if (!buf_copy(metadata, &plaintext))
     {