From: Kristof Provost <k...@freebsd.org>
If 'max-clients' is set multi_create_instance() can return NULL (for any
client that would take us over the client limit).
If mi is NULL we don't add it to the hash map, but we do potentially
dereference it to increment the session count.
Do not attempt to do so if 'mi == NULL'.
Signed-off-by: Kristof Provost <kprov...@netgate.com>
---
src/openvpn/mudp.c | 19 ++++++++++---------
1 file changed, 10 insertions(+), 9 deletions(-)
diff --git a/src/openvpn/mudp.c b/src/openvpn/mudp.c
index 0810fada..0cbca1a9 100644
--- a/src/openvpn/mudp.c
+++ b/src/openvpn/mudp.c
@@ -241,15 +241,16 @@ multi_get_create_instance_udp(struct multi_context *m,
bool *floated)
hash_add_fast(hash, bucket, &mi->real, hv, mi);
mi->did_real_hash = true;
multi_assign_peer_id(m, mi);
- }
- /* If we have a session id already, ensure that the
- * state is using the same */
- if (session_id_defined(&state.server_session_id)
- && session_id_defined((&state.peer_session_id)))
- {
- mi->context.c2.tls_multi->n_sessions++;
- struct tls_session *session =
&mi->context.c2.tls_multi->session[TM_ACTIVE];
- session_skip_to_pre_start(session, &state,
&m->top.c2.from);
+
+ /* If we have a session id already, ensure that the
+ * state is using the same */
+ if (session_id_defined(&state.server_session_id)
+ && session_id_defined((&state.peer_session_id)))
+ {
+ mi->context.c2.tls_multi->n_sessions++;
+ struct tls_session *session =
&mi->context.c2.tls_multi->session[TM_ACTIVE];
+ session_skip_to_pre_start(session, &state,
&m->top.c2.from);
+ }
}
}
else
--
2.37.0
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
