diff options
author | Kristof Provost | 2022-07-13 10:34:04 +0200 |
---|---|---|
committer | Gert Doering | 2022-07-13 14:02:06 +0200 |
commit | ac14d90e7e5a80c57d064b1d3a5deb1db63b0911 (patch) | |
tree | a68c573575c72a0e0132dadcd6728c11a371d5f7 /src/openvpn/mudp.c | |
parent | ad085464b15d63324846d0a5151141f58ccb5a34 (diff) | |
download | openvpn-ac14d90e7e5a80c57d064b1d3a5deb1db63b0911.zip openvpn-ac14d90e7e5a80c57d064b1d3a5deb1db63b0911.tar.gz |
Handle exceeding 'max-clients'
If 'max-clients' is set multi_create_instance() can return NULL (for any
client that would take us over the client limit).
If mi is NULL we don't add it to the hash map, but we do potentially
dereference it to increment the session count.
Do not attempt to do so if 'mi == NULL'.
Signed-off-by: Kristof Provost <kprovost@netgate.com>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20220713083404.13227-2-kprovost@netgate.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg24678.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Diffstat (limited to 'src/openvpn/mudp.c')
-rw-r--r-- | src/openvpn/mudp.c | 19 |
1 files changed, 10 insertions, 9 deletions
diff --git a/src/openvpn/mudp.c b/src/openvpn/mudp.c index 0810fad..0cbca1a 100644 --- a/src/openvpn/mudp.c +++ b/src/openvpn/mudp.c @@ -241,15 +241,16 @@ multi_get_create_instance_udp(struct multi_context *m, bool *floated) hash_add_fast(hash, bucket, &mi->real, hv, mi); mi->did_real_hash = true; multi_assign_peer_id(m, mi); - } - /* If we have a session id already, ensure that the - * state is using the same */ - if (session_id_defined(&state.server_session_id) - && session_id_defined((&state.peer_session_id))) - { - mi->context.c2.tls_multi->n_sessions++; - struct tls_session *session = &mi->context.c2.tls_multi->session[TM_ACTIVE]; - session_skip_to_pre_start(session, &state, &m->top.c2.from); + + /* If we have a session id already, ensure that the + * state is using the same */ + if (session_id_defined(&state.server_session_id) + && session_id_defined((&state.peer_session_id))) + { + mi->context.c2.tls_multi->n_sessions++; + struct tls_session *session = &mi->context.c2.tls_multi->session[TM_ACTIVE]; + session_skip_to_pre_start(session, &state, &m->top.c2.from); + } } } else |