summaryrefslogtreecommitdiff
path: root/main/openvpn/src
diff options
context:
space:
mode:
authorArne Schwabe <arne@rfc2549.org>2014-11-05 11:15:17 +0100
committerArne Schwabe <arne@rfc2549.org>2014-11-05 11:15:17 +0100
commit77d86701ef8e2c018e627fd2eb6f9abe73026940 (patch)
treea8f1fdd0279b40e13960060e928b4f8d41fe6d66 /main/openvpn/src
parentd74d7437ca6da9923ddcd83f479dca6445e8e063 (diff)
Update session id/peer id patch
Diffstat (limited to 'main/openvpn/src')
-rw-r--r--main/openvpn/src/openvpn/ssl.c12
1 files changed, 11 insertions, 1 deletions
diff --git a/main/openvpn/src/openvpn/ssl.c b/main/openvpn/src/openvpn/ssl.c
index 94b7b6d9..f79f42d9 100644
--- a/main/openvpn/src/openvpn/ssl.c
+++ b/main/openvpn/src/openvpn/ssl.c
@@ -2826,7 +2826,17 @@ tls_pre_decrypt (struct tls_multi *multi,
opt->flags &= multi->opt.crypto_flags_and;
opt->flags |= multi->opt.crypto_flags_or;
- ASSERT (buf_advance (buf, (op == P_DATA_V2) ? 4 : 1));
+ ASSERT (buf_advance (buf, 1));
+ if (op == P_DATA_V2)
+ {
+ if (buf->len < 4)
+ {
+ msg (D_TLS_ERRORS, "Protocol error: received P_DATA_V2 from %s but length is < 4",
+ print_link_socket_actual (from, &gc));
+ goto error;
+ }
+ ASSERT (buf_advance (buf, 3));
+ }
++ks->n_packets;
ks->n_bytes += buf->len;