Stared at the patch, seems to make sense.
Tested on the t_server test rig, and behaves nicely - both alone, and
together with 4/9 (the final patch needed to fix the CVE). Test rig has
p2mp and p2p servers.
Client tests also succeded (unsurprisingly).
As discussed on IRC, added refererences to CVE-2020-15078 to the commit
message. Also added some comments about the CAS_* changes to the
commit message, which were missing.
Your patch has been applied to the master branch.
commit d01277608a248f31df3fde1883eba6dd8d16a1e4
Author: Arne Schwabe
Date: Thu May 20 17:11:42 2021 +0200
Add connection_established as state in tls_multi->context_auth
Signed-off-by: Arne Schwabe <a...@rfc2549.org>
Acked-by: Antonio Quartulli <anto...@openvpn.net>
Message-Id: <20210520151148.2565578-3-a...@rfc2549.org>
URL:
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg22419.html
Signed-off-by: Gert Doering <g...@greenie.muc.de>
--
kind regards,
Gert Doering
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
