mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-11 05:33:47 +01:00
Merge branch 'bug4343'
This commit is contained in:
commit
4dd8d811d6
5
changes/bug4343
Normal file
5
changes/bug4343
Normal file
@ -0,0 +1,5 @@
|
||||
o Major bugfixes:
|
||||
- Fix a double-free bug that would occur when we received an invalid
|
||||
certificate in a CERT cell in the new v3 handshake. Fixes bug 4343;
|
||||
bugfix on 0.2.3.6-alpha.
|
||||
|
@ -694,7 +694,7 @@ tor_cert_free(tor_cert_t *cert)
|
||||
if (cert->cert)
|
||||
X509_free(cert->cert);
|
||||
tor_free(cert->encoded);
|
||||
memset(cert, 0x03, sizeof(cert));
|
||||
memset(cert, 0x03, sizeof(*cert));
|
||||
tor_free(cert);
|
||||
}
|
||||
|
||||
|
@ -1026,8 +1026,6 @@ command_process_cert_cell(var_cell_t *cell, or_connection_t *conn)
|
||||
ERR("The certs we wanted were missing");
|
||||
|
||||
/* Remember these certificates so we can check an AUTHENTICATE cell */
|
||||
conn->handshake_state->id_cert = id_cert;
|
||||
conn->handshake_state->auth_cert = auth_cert;
|
||||
if (! tor_tls_cert_is_valid(auth_cert, id_cert, 1))
|
||||
ERR("The authentication certificate was not valid");
|
||||
if (! tor_tls_cert_is_valid(id_cert, id_cert, 1))
|
||||
@ -1038,6 +1036,8 @@ command_process_cert_cell(var_cell_t *cell, or_connection_t *conn)
|
||||
safe_str(conn->_base.address), conn->_base.port);
|
||||
/* XXXX check more stuff? */
|
||||
|
||||
conn->handshake_state->id_cert = id_cert;
|
||||
conn->handshake_state->auth_cert = auth_cert;
|
||||
id_cert = auth_cert = NULL;
|
||||
}
|
||||
|
||||
@ -1141,7 +1141,7 @@ command_process_authenticate_cell(var_cell_t *cell, or_connection_t *conn)
|
||||
#define ERR(s) \
|
||||
do { \
|
||||
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, \
|
||||
"Received a bad AUTHETNICATE cell from %s:%d: %s", \
|
||||
"Received a bad AUTHENTICATE cell from %s:%d: %s", \
|
||||
safe_str(conn->_base.address), conn->_base.port, (s)); \
|
||||
connection_mark_for_close(TO_CONN(conn)); \
|
||||
return; \
|
||||
|
Loading…
Reference in New Issue
Block a user