projects / platform / upstream / openvpn.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: af43356) | patch
plug-ins: Disallow multiple deferred authentication plug-ins 79/286979/1 accepted/tizen_6.0_unified tizen_6.0 accepted/tizen/6.0/unified/20230125.103632 submit/tizen_6.0/20230120.050345
authorSeonah Moon <seonah1.moon@samsung.com>
Wed, 18 Jan 2023 03:10:24 +0000 (12:10 +0900)
committerSeonah Moon <seonah1.moon@samsung.com>
Wed, 18 Jan 2023 03:10:26 +0000 (12:10 +0900)
commit8ce60e774744d01a483a178fb8ca19777e8b8183
treee80c33c6260a57b73fe425c51e1c3ef90fffa65atree | snapshot
parentaf433564b4d75e86f9bd706986aee220eb07bcbacommit | diff
plug-ins: Disallow multiple deferred authentication plug-ins

The plug-in API in OpenVPN 2.x is not designed for running multiple
deferred authentication processes in parallel. The authentication
results of such configurations are not to be trusted.  For now we bail
out when this is discovered with an error in the log.

CVE: 2022-0547
Signed-off-by: David Sommerseth <davids@openvpn.net>
Acked-by: Antonio Quartulli <antonio@openvpn.net>
Message-Id: <20220313193154.9350-3-openvpn@sf.lists.topphemmelig.net>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23931.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Change-Id: Ie5d1496e1e00b0f1e5be741785b8022161073867
src/openvpn/plugin.c diff | blob | history
Domain: Network & Connectivity / Data Network;