[Openvpn-devel] [PATCH] fix(ssl): init peer_id when init tls_multi

yatta Thu, 19 Oct 2023 10:14:24 -0700

From: pushan <62173185+pusha...@users.noreply.github.com>

When openvpn run in UDP server mode, if ssl connections reach the max clients, 
the next connection would be failed in `multi_create_instance` and the half 
connection will be close in `multi_close_instance`, which may lead array 
`m->instances[0]`  covered unexpectedly and make the first connection  
interrupt, this patch fix this problem by init `peer_id` with `MAX_PEER_ID` in 
`tils_multi_init`.
---
 src/openvpn/ssl.c | 2 ++
 1 file changed, 2 insertions(+)


diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index 5e6205cc..c4420b2e 100644
--- a/src/openvpn/ssl.c
+++ b/src/openvpn/ssl.c
@@ -64,6 +64,7 @@
 #include "dco.h"
 
 #include "memdbg.h"
+#include "openvpn.h"
 
 #ifdef MEASURE_TLS_HANDSHAKE_STATS
 
@@ -1312,6 +1313,7 @@ tls_multi_init(struct tls_options *tls_options)
     /* get command line derived options */
     ret->opt = *tls_options;
     ret->dco_peer_id = -1;
+    ret->peer_id = MAX_PEER_ID;
 
     return ret;
 }
-- 
2.37.1 (Apple Git-137.1)



_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

[Openvpn-devel] [PATCH] fix(ssl): init peer_id when init tls_multi

Reply via email to