From: Frank Lichtenheld <[email protected]> Due to wrong boolean operator the function did not correctly detect when the authentication failed.
Reported-By: Joshua Rogers <[email protected]> Found-By: ZeroPath (https://zeropath.com) Github: openvpn-private-issues#4 Change-Id: I13b411fb3e8b913ae049c6ca8a1cf5a2edbab0fb Signed-off-by: Frank Lichtenheld <[email protected]> Acked-by: Gert Doering <[email protected]> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1466 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1466 This mail reflects revision 1 of this Change. Acked-by according to Gerrit (reflected above): Gert Doering <[email protected]> diff --git a/src/openvpn/socks.c b/src/openvpn/socks.c index ed2d9e9..1e99c9a 100644 --- a/src/openvpn/socks.c +++ b/src/openvpn/socks.c @@ -143,7 +143,7 @@ } /* VER = 5, SUCCESS = 0 --> auth success */ - if (buf[0] != 5 && buf[1] != 0) + if (buf[0] != 5 || buf[1] != 0) { msg(D_LINK_ERRORS, "socks_username_password_auth: server refused the authentication"); goto cleanup; _______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
