diff options
author | Arne Schwabe <arne@rfc2549.org> | 2014-11-05 11:15:17 +0100 |
---|---|---|
committer | Arne Schwabe <arne@rfc2549.org> | 2014-11-05 11:15:17 +0100 |
commit | 77d86701ef8e2c018e627fd2eb6f9abe73026940 (patch) | |
tree | a8f1fdd0279b40e13960060e928b4f8d41fe6d66 /main/openvpn/src | |
parent | d74d7437ca6da9923ddcd83f479dca6445e8e063 (diff) |
Update session id/peer id patch
Diffstat (limited to 'main/openvpn/src')
-rw-r--r-- | main/openvpn/src/openvpn/ssl.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/main/openvpn/src/openvpn/ssl.c b/main/openvpn/src/openvpn/ssl.c index 94b7b6d9..f79f42d9 100644 --- a/main/openvpn/src/openvpn/ssl.c +++ b/main/openvpn/src/openvpn/ssl.c @@ -2826,7 +2826,17 @@ tls_pre_decrypt (struct tls_multi *multi, opt->flags &= multi->opt.crypto_flags_and; opt->flags |= multi->opt.crypto_flags_or; - ASSERT (buf_advance (buf, (op == P_DATA_V2) ? 4 : 1)); + ASSERT (buf_advance (buf, 1)); + if (op == P_DATA_V2) + { + if (buf->len < 4) + { + msg (D_TLS_ERRORS, "Protocol error: received P_DATA_V2 from %s but length is < 4", + print_link_socket_actual (from, &gc)); + goto error; + } + ASSERT (buf_advance (buf, 3)); + } ++ks->n_packets; ks->n_bytes += buf->len; |