From: Antonio Quartulli <a@unstable.cc>
Date: Tue, 3 Jan 2023 20:23:29 +0000 (+0100)
Subject: dco: bail out when no peer-specific message is delivered
X-Git-Tag: v2.6_rc2~20
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b0dee39c353ae9479fd19e66ae07cb336d57eef8;p=thirdparty%2Fopenvpn.git

dco: bail out when no peer-specific message is delivered

multi_process_incoming_dco() is currently partly processing
messages that were actually discarded. This results in a bogus
message being printed:

"Received packet for peer-id unknown to OpenVPN: -1, type 0, reason 2"

Change the flow so that we bail out immediately when we know that no
message was truly delivered by DCO.
Currently this can be verified by chacking that the peed_is is greater
than -1.

Signed-off-by: Antonio Quartulli <a@unstable.cc>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20230103202330.1835-2-a@unstable.cc>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg25882.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 388e032019ec3674b8294c856039b96fe35e5f32)
---

diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c
index 99c1f90c8..8aa5872c4 100644
--- a/src/openvpn/multi.c
+++ b/src/openvpn/multi.c
@@ -3270,7 +3270,15 @@ multi_process_incoming_dco(struct multi_context *m)
 
     int peer_id = dco->dco_message_peer_id;
 
-    if ((peer_id >= 0) && (peer_id < m->max_clients) && (m->instances[peer_id]))
+    /* no peer-specific message delivered -> nothing to process.
+     * bail out right away
+     */
+    if (peer_id < 0)
+    {
+        return ret > 0;
+    }
+
+    if ((peer_id < m->max_clients) && (m->instances[peer_id]))
     {
         mi = m->instances[peer_id];
         if (dco->dco_message_type == OVPN_CMD_PACKET)