]> git.ipfire.org Git - thirdparty/openvpn.git/commitdiff
projects / thirdparty / openvpn.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3d792ae)
Do not copy auth_token username to itself
authorSelva Nair <selva.nair@gmail.com>
Thu, 27 Oct 2022 16:06:19 +0000 (12:06 -0400)
committerGert Doering <gert@greenie.muc.de>
Fri, 28 Oct 2022 06:41:14 +0000 (08:41 +0200)
- Fixes a potential mis-behaviour (strncpy with
dest == src) introduced by commits ecad4839c (2.6)
and 3d792ae955 (2.5).
Reported by: Gert Doering <gert@greenie.muc.de>

Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20221027160619.11894-1-selva.nair@gmail.com>
URL: https://www.mail-archive.com/search?l=mid&q=20221027160619.11894-1-selva.nair@gmail.com
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit dbf142ffe597b21aa09a47677ea2061b74a9354e)

src/openvpn/ssl.c patch | blob | blame | history

diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index aa8266d7f7917647a57de9ab96b113fd99f682c2..f95b0014a76046a14b35874014b3f40d3c960a07 100644 (file)
--- a/src/openvpn/ssl.c
+++ b/src/openvpn/ssl.c
@@ -2392,7 +2392,7 @@ key_method_2_write(struct buffer *buf, struct tls_multi *multi,
             goto error;
         }
         /* save username for auth-token which may get pushed later */
-        if (session->opt->pull)
+        if (session->opt->pull && up != &auth_token)
         {
             strncpynt(auth_token.username, up->username, USER_PASS_LEN);
         }
Mirror of https://github.com/OpenVPN/openvpn.git