From patchwork Thu Oct 27 05:06:19 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Selva Nair <selva.nair@gmail.com>
X-Patchwork-Id: 2833
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Delivered-To: patchwork@openvpn.net
Received: from director9.mail.ord1d.rsapps.net ([172.31.255.6])
	by backend30.mail.ord1d.rsapps.net with LMTP
	id iMpnCaOsWmM1HQAAIUCqbw
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	for <patchwork@openvpn.net>; Thu, 27 Oct 2022 12:06:59 -0400
Received: from proxy18.mail.iad3b.rsapps.net ([172.31.255.6])
	by director9.mail.ord1d.rsapps.net with LMTP
	id yH5kCaOsWmOQEgAAalYnBA
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	for <patchwork@openvpn.net>; Thu, 27 Oct 2022 12:06:59 -0400
Received: from smtp6.gate.iad3b ([172.31.255.6])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	by proxy18.mail.iad3b.rsapps.net with LMTPS
	id oJeQAKOsWmMSUAAA3NpJmQ
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	for <patchwork@openvpn.net>; Thu, 27 Oct 2022 12:06:59 -0400
X-Spam-Threshold: 95
X-Spam-Score: 0
X-Spam-Flag: NO
X-Virus-Scanned: OK
X-Orig-To: openvpnslackdevel@openvpn.net
X-Originating-Ip: [216.105.38.7]
Authentication-Results: smtp6.gate.iad3b.rsapps.net;
 iprev=pass policy.iprev="216.105.38.7";
 spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net"
 smtp.helo="lists.sourceforge.net";
 dkim=fail (signature verification failed) header.d=sourceforge.net;
 dkim=fail (signature verification failed) header.d=sf.net;
 dkim=fail (signature verification failed) header.d=gmail.com;
 dmarc=fail (p=none; dis=none) header.from=gmail.com
X-Suspicious-Flag: YES
X-Classification-ID: 6217e8ce-5611-11ed-b9e5-5254000d607e-1-1
Received: from [216.105.38.7] ([216.105.38.7:56236]
 helo=lists.sourceforge.net)
	by smtp6.gate.iad3b.rsapps.net (envelope-from
 <openvpn-devel-bounces@lists.sourceforge.net>)
	(ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384)
	id A5/3D-03454-2ACAA536; Thu, 27 Oct 2022 12:06:58 -0400
Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com)
	by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1oo5Op-00028y-PG;
	Thu, 27 Oct 2022 16:06:31 +0000
Received: from [172.30.20.202] (helo=mx.sourceforge.net)
 by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
 (envelope-from <selva.nair@gmail.com>) id 1oo5Oo-00028s-CI
 for openvpn-devel@lists.sourceforge.net;
 Thu, 27 Oct 2022 16:06:30 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id:
 Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=Q9bmvz2F/8fKzpW2b3ytXbYBqHS2NE98hF2eJvCukE0=; b=Ufndj89HdAShvo16tmzErj0Mhj
 iwddQwcgfX2HkQZcuawCKuvo6kXl71fG9oJGVhL2V+/2J1AH3tES3RBFJfucQ/gMHE+1gJVggGzuw
 CIkJVIVuOrJ74K4I2wlW6D0RjFthzkydeDfO/phP/DfAuMAV9qDwtaH9RGOD6Q3EHobs=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:Cc:To:From
 :Sender:Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:
 Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:
 References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:
 List-Owner:List-Archive; bh=Q9bmvz2F/8fKzpW2b3ytXbYBqHS2NE98hF2eJvCukE0=; b=a
 TBR5uElbtdOMUkgKir+AFPDjO1llVIwVPHi65KrTQtlW4yzdA2OU1xEw069Kdn8IJoPSZzn/Gtzsu
 m0yjIpMYW+5Cdsyxi0lVLBgE3OUEixq//4/DST3DoUXpqbiiUUn7ji/adDtKPtZcSKVZHj6lLIkAO
 FebJqAEHw/awfEjY=;
Received: from mail-il1-f178.google.com ([209.85.166.178])
 by sfi-mx-1.v28.lw.sourceforge.com with esmtps
 (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95)
 id 1oo5Om-0025yV-Hc for openvpn-devel@lists.sourceforge.net;
 Thu, 27 Oct 2022 16:06:30 +0000
Received: by mail-il1-f178.google.com with SMTP id s9so1290309ilu.1
 for <openvpn-devel@lists.sourceforge.net>;
 Thu, 27 Oct 2022 09:06:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112;
 h=content-transfer-encoding:mime-version:message-id:date:subject:cc
 :to:from:from:to:cc:subject:date:message-id:reply-to;
 bh=Q9bmvz2F/8fKzpW2b3ytXbYBqHS2NE98hF2eJvCukE0=;
 b=BHTr7T3YznFUueNrGqHI0PtSVmrkVQrdiWm+CWW2MV6DFuGazb4lDQGjivlZm2eBgv
 PGtMfP9+q1uLPqKavVx6DgXOGNGYyyJokuuovmaUREIX+7SqxI0KPc8mKXN91sgQH6TJ
 7crL9/nx40FPPNATl0UM0WIbpO3KoLIlKeZ6GQ4MmrAtiCTll/3uFB86uCazv2iHjAPh
 dTcRCMBiMu+5ESMJWvpEoekcWcXJi4s8ZUck6uFEvbbu8iJrs7C5mqTaHmcVxiDADBVE
 NkPbg8V0yeecQ9taDBRlnEeDObdhiO/ICszvrzgnBCgV3Cgof5Gh94vU+FfzyNfrLc14
 +J3w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=content-transfer-encoding:mime-version:message-id:date:subject:cc
 :to:from:x-gm-message-state:from:to:cc:subject:date:message-id
 :reply-to;
 bh=Q9bmvz2F/8fKzpW2b3ytXbYBqHS2NE98hF2eJvCukE0=;
 b=R6Trozw3i1m1KZgm7FBw9DTmRLb1r0ErrzggUE6qraoN5giAIK4M5J2Dxpq3YjrkJx
 dGlQMTPZGkhZOPfLyPYoj8N2KdtcA6KxMzbgHbWeYDYDsBcDR04Y35IjXqXcvj3I3M8G
 aXUj42sa1fnDJIcnAiRl5uxssKUgA8jxQxgYagr6ax1fNz3EJ1s6Cm3b29J6171JWv41
 1kDISrsjmanIh6+mao6YQ56kzhXrH4DUu0sPHkcM/wKYdIOzMNV8rnDuICeR7yRnTTox
 x4zwk3sGUXAhP8kq4LhNvk6XAkdNG3RG+FD082hRnhO5QFauTZgJBHSTGappesHnd6s+
 jZpw==
X-Gm-Message-State: ACrzQf2V5Exwr6bOKfaBUOisvlYJR65kULNOrhtRgxxOkaQllg/tUOV+
 GXN9Wue3j4FY931vHY7UE9YgJUoFl7Vx2g==
X-Google-Smtp-Source: 
 AMsMyM7R0m/X6pujjzuGBu0ImZ7xDJsTxy1Uvz6vW/hAFE5wcb/5hu9xOw3byWUTQKRJPPkEvLpfbg==
X-Received: by 2002:a05:6e02:1a86:b0:2ff:c550:a2ac with SMTP id
 k6-20020a056e021a8600b002ffc550a2acmr14372655ilv.86.1666886782706;
 Thu, 27 Oct 2022 09:06:22 -0700 (PDT)
Received: from uranus.home.sansel.ca
 (bras-vprn-tnhlon4053w-lp130-01-70-51-222-89.dsl.bell.ca. [70.51.222.89])
 by smtp.gmail.com with ESMTPSA id
 u13-20020a056638304d00b00363a30a154asm699543jak.94.2022.10.27.09.06.21
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 27 Oct 2022 09:06:21 -0700 (PDT)
From: selva.nair@gmail.com
To: openvpn-devel@lists.sourceforge.net
Date: Thu, 27 Oct 2022 12:06:19 -0400
Message-Id: <20221027160619.11894-1-selva.nair@gmail.com>
X-Mailer: git-send-email 2.30.2
MIME-Version: 1.0
X-Spam-Report: Spam detection software,
 running on the system "util-spamd-2.v13.lw.sourceforge.com",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview: From: Selva Nair - Fixes a potential mis-behaviour (strncpy
 with dest == src) introduced by commits ecad4839c (2.6) and 3d792ae955 (2.5).
 Reported by: Gert Doering Signed-off-by: Selva Nair --- src/openvpn/ssl.c
 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
 Content analysis details:   (-0.2 points, 6.0 required)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 -0.0 SPF_PASS               SPF: sender matches SPF record
 0.0 FREEMAIL_FROM          Sender email is commonly abused enduser mail
 provider [selva.nair[at]gmail.com]
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 -0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from
 author's domain
 -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
 -0.1 DKIM_VALID_EF          Message has a valid DKIM or DK signature from
 envelope-from domain
 0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
 not necessarily
 valid -0.0 RCVD_IN_MSPIKE_H2      RBL: Average reputation (+2)
 [209.85.166.178 listed in wl.mailspike.net]
 -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at https://www.dnswl.org/,
 no trust [209.85.166.178 listed in list.dnswl.org]
X-Headers-End: 1oo5Om-0025yV-Hc
Subject: [Openvpn-devel] [PATCH] Do not copy auth_token username to itself
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox

From: Selva Nair <selva.nair@gmail.com>

- Fixes a potential mis-behaviour (strncpy with
dest == src) introduced by commits ecad4839c (2.6)
and 3d792ae955 (2.5).
Reported by: Gert Doering <gert@greenie.muc.de>

Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
---
 src/openvpn/ssl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index 3106c738..24e8ba63 100644
--- a/src/openvpn/ssl.c
+++ b/src/openvpn/ssl.c
@@ -2180,7 +2180,7 @@ key_method_2_write(struct buffer *buf, struct tls_multi *multi, struct tls_sessi
             goto error;
         }
         /* save username for auth-token which may get pushed later */
-        if (session->opt->pull)
+        if (session->opt->pull && up != &auth_token)
         {
             strncpynt(auth_token.username, up->username, USER_PASS_LEN);
         }