projects / platform / upstream / openvpn.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 55f0baa)
[CVE-2020-15078] Potentially tigger further information leaks 99/292499/1 accepted/tizen_8.0_unified accepted/tizen_unified tizen_8.0 accepted/tizen/8.0/unified/20231005.095307 accepted/tizen/unified/20230528.171015 tizen_8.0_m2_release
authorhyunsube.lee <hyunsube.lee@samsung.com>
Tue, 9 May 2023 05:46:49 +0000 (14:46 +0900)
committerhyunsube.lee <hyunsube.lee@samsung.com>
Tue, 9 May 2023 05:47:14 +0000 (14:47 +0900)
Change-Id: I80fb5485421db74fc736ef8c61a1a96a2aaaca0f

src/openvpn/push.c patch | blob | history

diff --git a/src/openvpn/push.c b/src/openvpn/push.c
index 6a30e47..cb0ae41 100644 (file)
--- a/src/openvpn/push.c
+++ b/src/openvpn/push.c
@@ -634,6 +634,7 @@ int
 process_incoming_push_request(struct context *c)
 {
     int ret = PUSH_MSG_ERROR;
+    struct key_state *ks = &c->c2.tls_multi->session[TM_ACTIVE].key[KS_PRIMARY];
 
 #ifdef ENABLE_ASYNC_PUSH
     c->c2.push_request_received = true;
@@ -644,7 +645,12 @@ process_incoming_push_request(struct context *c)
         send_auth_failed(c, client_reason);
         ret = PUSH_MSG_AUTH_FAILURE;
     }
-    else if (!c->c2.push_reply_deferred && c->c2.context_auth == CAS_SUCCEEDED)
+    else if (!c->c2.push_reply_deferred && c->c2.context_auth == CAS_SUCCEEDED
+             && ks->authenticated
+ #ifdef ENABLE_DEF_AUTH
+             && !ks->auth_deferred
+ #endif
+             )
     {
         time_t now;
 
Domain: Network & Connectivity / Data Network;