summaryrefslogtreecommitdiff
path: root/src/openvpn/forward.c
diff options
context:
space:
mode:
authorJörg Frings-Fürst <debian@jff.email>2021-11-29 20:46:00 +0100
committerJörg Frings-Fürst <debian@jff.email>2021-11-29 20:46:00 +0100
commitf2b3dda12a731c2e0971cb7889728edaf23f6cb0 (patch)
treefdf8833416567ca3842f347b2126cdbb13c746bd /src/openvpn/forward.c
parent4ee98f284a93c3b855092d35ac21371d9dcad65b (diff)
New upstream version 2.5.4upstream/2.5.4
Diffstat (limited to 'src/openvpn/forward.c')
-rw-r--r--src/openvpn/forward.c12
1 files changed, 7 insertions, 5 deletions
diff --git a/src/openvpn/forward.c b/src/openvpn/forward.c
index 7ed8d0d..042ba9e 100644
--- a/src/openvpn/forward.c
+++ b/src/openvpn/forward.c
@@ -5,7 +5,7 @@
* packet encryption, packet authentication, and
* packet compression.
*
- * Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
+ * Copyright (C) 2002-2021 OpenVPN Inc <sales@openvpn.net>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2
@@ -526,9 +526,10 @@ encrypt_sign(struct context *c, bool comp_frag)
/*
* Drop non-TLS outgoing packet if client-connect script/plugin
- * has not yet succeeded.
+ * has not yet succeeded. In non-TLS mode tls_multi is not defined
+ * and we always pass packets.
*/
- if (c->c2.context_auth != CAS_SUCCEEDED)
+ if (c->c2.tls_multi && c->c2.tls_multi->multi_state != CAS_SUCCEEDED)
{
c->c2.buf.len = 0;
}
@@ -973,9 +974,10 @@ process_incoming_link_part1(struct context *c, struct link_socket_info *lsi, boo
/*
* Drop non-TLS packet if client-connect script/plugin and cipher selection
- * has not yet succeeded.
+ * has not yet succeeded. In non-TLS mode tls_multi is not defined
+ * and we always pass packets.
*/
- if (c->c2.context_auth != CAS_SUCCEEDED)
+ if (c->c2.tls_multi && c->c2.tls_multi->multi_state != CAS_SUCCEEDED)
{
c->c2.buf.len = 0;
}