I have tested this with lots of well-behaved peers - namely, client against
2.3/2.4/2.5 servers, and (master) server against 2.2-master clients.  All
works :-) (I did not test with a malicious endpoint).

Also, it has unit tests ;-)

Your patch has been applied to the master, release/2.6 and release/2.5 branch.

The 2.6 pullup pulls in "other unit tests" that have been master-only 
so far.  Which is a bit of an annoyance, but having the UTs is good,
they *pass* on 2.6, and it's easier on me than trying to only bring in
this new test.

On the 2.5 pullup I have left out the unit tests, and had to amend the
code lightly to remove the EXIT and AUTH_PENDING message handling.

release/2.4 is considered end of maintenance.

commit 414f428fa29694090ec4c46b10a8aba419c85659 (master)
commit 90e7a858e5594d9a019ad2b4ac6154124986291a (release/2.6)
commit d4921ba22f5ae4537d808986743a228617c86328 (release/2.5)
Author: Arne Schwabe
Date:   Mon May 27 15:02:41 2024 +0200

     Properly handle null bytes and invalid characters in control messages

     Signed-off-by: Arne Schwabe <a...@rfc2549.org>
     Acked-by: Antonio Quartulli <a...@unstable.cc>
     Message-Id: <20240619103004.56460-1-g...@greenie.muc.de>
     URL: 
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg28791.html
     Signed-off-by: Gert Doering <g...@greenie.muc.de>


--
kind regards,

Gert Doering



_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Reply via email to