Hi Gert, On 15/07/18 22:43, Gert Doering wrote:
Comment talks about ff02::1::ff00:8, correct address is ff02::1:ff00:8, and about fe80::1 where fe80::8 is the proper magic number.
thanks for this patch! What the CVE for this ? when do we get an emergency patch? will this change be backported to OpenVPN 2.3? ;) JJK
Signed-off-by: Gert Doering <g...@greenie.muc.de> --- src/txpath.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/txpath.c b/src/txpath.c index 97b9862..5b61177 100644 --- a/src/txpath.c +++ b/src/txpath.c @@ -108,8 +108,8 @@ HandleIPv6NeighborDiscovery( // - it's either a multicast MAC, or the userland destination MAC // but since the TAP driver is point-to-point, all packets are "for us"- // IPv6 target address must be ff02::1::ff00:8 (multicast for- // initial NS) or fe80::1 (unicast for recurrent NUD) + // IPv6 target address must be ff02::1:ff00:8 (multicast for + // initial NS) or fe80::8 (unicast for recurrent NUD) if ( memcmp( ipv6->daddr, IPV6_NS_TARGET_MCAST, sizeof(IPV6ADDR) ) != 0 && memcmp( ipv6->daddr, IPV6_NS_TARGET_UNICAST,
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
