git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Arne Schwabe <arne@rfc2549.org>
	Fri, 4 Jun 2021 14:39:38 +0000 (16:39 +0200)
committer	Gert Doering <gert@greenie.muc.de>
	Thu, 24 Jun 2021 13:38:40 +0000 (15:38 +0200)
commit	489c45fb373adfb22c2f1dd0a524bde17c686876
tree	311290099fd6e37e32c102b8151bc3f6f17ecf60	tree
parent	d01277608a248f31df3fde1883eba6dd8d16a1e4	commit \| diff

Make waiting on auth an explicit state in the context state machine

Previously we relied on checking tls_authentication_status to check
wether to determine if the context auth state is actually valid or not.
This patch eliminates that check by introducing waiting on the
authentication as extra state in the context auth, state machine.

The simplification and reorganization of the state machine in this
and the previous patches also eliminates a number of corner cases,
including the specific one that lead to CVE-2020-15078.

Patch v3: Fix ccd config from management being ignored
Patch v4: Fix race condition, we need to accept the config from
management if we are in CAS_WAITING_AUTH or earlier states
and not just in CAS_WAITING_AUTH state

CVE: 2020-15078

Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Antonio Quartulli <antonio@openvpn.net>
Message-Id: <20210604143938.779193-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg22491.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

src/openvpn/multi.c		diff \| blob \| blame \| history
src/openvpn/ssl.c		diff \| blob \| blame \| history
src/openvpn/ssl_common.h		diff \| blob \| blame \| history