]> git.ipfire.org Git - thirdparty/openvpn.git/commitdiff
projects / thirdparty / openvpn.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ecad483)
Do not copy auth_token username to itself
authorSelva Nair <selva.nair@gmail.com>
Thu, 27 Oct 2022 16:06:19 +0000 (12:06 -0400)
committerGert Doering <gert@greenie.muc.de>
Thu, 27 Oct 2022 18:52:09 +0000 (20:52 +0200)
- Fixes a potential mis-behaviour (strncpy with
dest == src) introduced by commits ecad4839c (2.6)
and 3d792ae955 (2.5).
Reported by: Gert Doering <gert@greenie.muc.de>

Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20221027160619.11894-1-selva.nair@gmail.com>
URL: https://www.mail-archive.com/search?l=mid&q=20221027160619.11894-1-selva.nair@gmail.com
Signed-off-by: Gert Doering <gert@greenie.muc.de>
src/openvpn/ssl.c patch | blob | blame | history

diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index 3106c738ac8ea0f10bb9fa7ab544b9853d60a5fd..24e8ba6322ff3f6dfa6638c76563f3b8a4a9ecf5 100644 (file)
--- a/src/openvpn/ssl.c
+++ b/src/openvpn/ssl.c
@@ -2180,7 +2180,7 @@ key_method_2_write(struct buffer *buf, struct tls_multi *multi, struct tls_sessi
             goto error;
         }
         /* save username for auth-token which may get pushed later */
-        if (session->opt->pull)
+        if (session->opt->pull && up != &auth_token)
         {
             strncpynt(auth_token.username, up->username, USER_PASS_LEN);
         }
Mirror of https://github.com/OpenVPN/openvpn.git