Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Use key_state instead of multi for tls_send_payload parameter
Currently, this function and other parts of OpenVPN assume that multi->session[TM_ACTIVE].key[KS_PRIMARY] is always the right session to send control message. This assumption was only achieve through complicated session moving and shuffling in our state machine in the past. The old logic basically also always assumed that control messages are always for fully authenticated clients. This assumption was never really true (see AUTH_FAILED message) but has been broken even more by auth-pending. Cleaning up the state machine transitions in 7dcde87 broke this assumption even more. This change now allows to specify the key_state/TLS session that is used to send the control message. Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <20230301135353.2811069-1-arne@rfc2549.org> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26319.html Signed-off-by: Gert Doering <gert@greenie.muc.de> (cherry picked from commit 06af538)
- Loading branch information