mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 22:03:31 +01:00
Merge branch 'link_negotiation_assert_024'
This commit is contained in:
commit
48cdcc9d4a
6
changes/link_negotiation_assert
Normal file
6
changes/link_negotiation_assert
Normal file
@ -0,0 +1,6 @@
|
||||
o Major bugfixs (security):
|
||||
- Fix a group of remotely triggerable assertion failures related to
|
||||
incorrect link protocol negotiation. Found, diagnosed, and fixed
|
||||
by "some guy from France." Fix for CVE-2012-2250; bugfix on
|
||||
0.2.3.6-alpha.
|
||||
|
@ -1229,6 +1229,15 @@ channel_tls_process_versions_cell(var_cell_t *cell, channel_tls_t *chan)
|
||||
"handshake. Closing connection.");
|
||||
connection_or_close_for_error(chan->conn, 0);
|
||||
return;
|
||||
} else if (highest_supported_version != 2 &&
|
||||
chan->conn->base_.state == OR_CONN_STATE_OR_HANDSHAKING_V2) {
|
||||
/* XXXX This should eventually be a log_protocol_warn */
|
||||
log_fn(LOG_WARN, LD_OR,
|
||||
"Negotiated link with non-2 protocol after doing a v2 TLS "
|
||||
"handshake with %s. Closing connection.",
|
||||
fmt_addr(&chan->conn->base_.addr));
|
||||
connection_or_close_for_error(chan->conn, 0);
|
||||
return;
|
||||
}
|
||||
|
||||
chan->conn->link_proto = highest_supported_version;
|
||||
|
Loading…
Reference in New Issue
Block a user