openvpn -- denial of service: undecryptable packet from authorized client can disconnect unrelated clients

2005-07-27T00:00:00
ID D1C39C8E-05AB-4739-870F-765490FA2052
Type freebsd
Reporter FreeBSD
Modified 2005-07-27T00:00:00

Description

James Yonan reports:

If the client sends a packet which fails to decrypt on the server, the OpenSSL error queue is not properly flushed, which can result in another unrelated client instance on the server seeing the error and responding to it, resulting in disconnection of the unrelated client.