File openvpn-CVE-2020-15078.patch of Package openvpn.23378

Index: src/openvpn/push.c
===================================================================
--- src/openvpn/push.c	(revision a7263a125199c6d11710ecf50f9a07424369fdbc)
+++ src/openvpn/push.c	(revision 0e5516a9d656ce86f7fb370c824344ea1760c255)
@@ -653,4 +653,5 @@
 {
     int ret = PUSH_MSG_ERROR;
+    struct key_state *ks = &c->c2.tls_multi->session[TM_ACTIVE].key[KS_PRIMARY];
 
 #ifdef ENABLE_ASYNC_PUSH
@@ -663,5 +664,10 @@
         ret = PUSH_MSG_AUTH_FAILURE;
     }
-    else if (!c->c2.push_reply_deferred && c->c2.context_auth == CAS_SUCCEEDED)
+    else if (!c->c2.push_reply_deferred && c->c2.context_auth == CAS_SUCCEEDED
+             && ks->authenticated
+ #ifdef ENABLE_DEF_AUTH
+             && !ks->auth_deferred
+ #endif
+             )
     {
         time_t now;

Places

File openvpn-CVE-2020-15078.patch of Package openvpn.23378

Places