nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-24 04:13:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

spec conformance: allow only one cert of each type

Browse Source
This commit is contained in:
Nick Mathewson 2011-10-05 10:44:22 -04:00
parent e56d7a3809
commit d79ff2ce94
1 changed files with 17 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/or/command.c
View File

@ -908,14 +908,27 @@ command_process_cert_cell(var_cell_t *cell, or_connection_t *conn)
"Received undecodable certificate in CERT cell from %s:%d",
safe_str(conn->_base.address), conn->_base.port);
} else {
if (cert_type == OR_CERT_TYPE_TLS_LINK && !link_cert)
if (cert_type == OR_CERT_TYPE_TLS_LINK) {
if (link_cert) {
tor_cert_free(cert);
ERR("Too many TLS_LINK certificates");
}
link_cert = cert;
else if (cert_type == OR_CERT_TYPE_ID_1024 && !id_cert)
} else if (cert_type == OR_CERT_TYPE_ID_1024) {
if (id_cert) {
tor_cert_free(cert);
ERR("Too many ID_1024 certificates");
}
id_cert = cert;
else if (cert_type == OR_CERT_TYPE_AUTH_1024 && !auth_cert)
} else if (cert_type == OR_CERT_TYPE_AUTH_1024) {
if (auth_cert) {
tor_cert_free(cert);
ERR("Too many AUTH_1024 certificates");
}
auth_cert = cert;
else
} else {
tor_cert_free(cert);
}
}
}
ptr += 3 + cert_len;