> Arne Schwabe <a...@rfc2549.org> hat am 05.05.2022 15:03 geschrieben:
>
[...]
> diff --git a/src/openvpn/ssl_pkt.c b/src/openvpn/ssl_pkt.c
> index 810b189e9..dad65e26a 100644
> --- a/src/openvpn/ssl_pkt.c
> +++ b/src/openvpn/ssl_pkt.c
[...]
> @@ -434,8 +443,17 @@ tls_reset_standalone(struct tls_auth_standalone *tas,
>
> ASSERT(buf_write(&buf, &net_pid, sizeof(net_pid)));
>
> + /* Add indication for tls-crypt-v2 to resend the packet with the with
> + * reply */
You didn't fix this comment. In my v3 review I thought the second "with" was
redundant, but now I think you probably meant "with the key with the reply"?
> + if (request_resend_wkc)
> + {
> + buf_write_u16(&buf, TLV_TYPE_EARLY_NEG_FLAGS); /* TYPE: flags */
> + buf_write_u16(&buf, sizeof(uint16_t));
> + buf_write_u16(&buf, EARLY_NEG_FLAG_RESEND_WKC);
> + }
> +
> /* Add tls-auth/tls-crypt wrapping, this might replace buf */
> - tls_wrap_control(&tas->tls_wrap, header, &buf, own_sid);
> + tls_wrap_control(ctx, header, &buf, own_sid);
>
> return buf;
> }
Regards,
--
Frank Lichtenheld
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
