From: Arne Schwabe <arne@rfc2549.org>
Date: Thu, 26 Mar 2020 17:23:31 +0000 (+0100)
Subject: Fix session id in env missing first byte
X-Git-Tag: v2.5_beta1~142
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=42fe3e8175822a4cf2c85cc4ce3fdffd41d74455;p=thirdparty%2Fopenvpn.git

Fix session id in env missing first byte

sizeof for a constant string return the size including the null byte.
For copying the session id this meant that we do not copy the first
byte. This made the session id reported to the external authenticator
one byte shorter than it was intended to be.

Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20200326172332.2356-2-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg19622.html

Signed-off-by: Gert Doering <gert@greenie.muc.de>
---

diff --git a/src/openvpn/auth_token.c b/src/openvpn/auth_token.c
index d9212ee76..cc70c06c3 100644
--- a/src/openvpn/auth_token.c
+++ b/src/openvpn/auth_token.c
@@ -121,7 +121,7 @@ add_session_token_env(struct tls_session *session, struct tls_multi *multi,
      */
 
     char session_id[AUTH_TOKEN_SESSION_ID_LEN*2] = {0};
-    memcpy(session_id, session_id_source + sizeof(SESSION_ID_PREFIX),
+    memcpy(session_id, session_id_source + strlen(SESSION_ID_PREFIX),
            AUTH_TOKEN_SESSION_ID_LEN*8/6);
 
     setenv_str(session->opt->es, "session_id", session_id);