Am 19.10.23 um 19:12 schrieb yatta:
From: pushan <62173185+pusha...@users.noreply.github.com>
When openvpn run in UDP server mode, if ssl connections reach the max clients, the
next connection would be failed in `multi_create_instance` and the half connection
will be close in `multi_close_instance`, which may lead array `m->instances[0]`
covered unexpectedly and make the first connection interrupt, this patch fix
this problem by init `peer_id` with `MAX_PEER_ID` in `tils_multi_init`.
A bit more explanaition on this:
When we create an instance in multi_create_instance we call
inherit_context_child(&mi->context, &m->top);
which in turn calls the tls_multi_init that is patched here.
When I encounter an error during the creation in multi_create_instance
we call multi_close_instance in the goto err branch. That
multi_close_instance clears the instance from the dict if the peer_id is
not MAX_PEER_ID.
We probably should refactor this to be a bit cleaner in the future.
Acked-By: Arne Schwabe <a...@rfc2549.org>
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
