mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 22:03:31 +01:00
spec conformance: allow only one cert of each type
This commit is contained in:
parent
e56d7a3809
commit
d79ff2ce94
@ -908,14 +908,27 @@ command_process_cert_cell(var_cell_t *cell, or_connection_t *conn)
|
|||||||
"Received undecodable certificate in CERT cell from %s:%d",
|
"Received undecodable certificate in CERT cell from %s:%d",
|
||||||
safe_str(conn->_base.address), conn->_base.port);
|
safe_str(conn->_base.address), conn->_base.port);
|
||||||
} else {
|
} else {
|
||||||
if (cert_type == OR_CERT_TYPE_TLS_LINK && !link_cert)
|
if (cert_type == OR_CERT_TYPE_TLS_LINK) {
|
||||||
|
if (link_cert) {
|
||||||
|
tor_cert_free(cert);
|
||||||
|
ERR("Too many TLS_LINK certificates");
|
||||||
|
}
|
||||||
link_cert = cert;
|
link_cert = cert;
|
||||||
else if (cert_type == OR_CERT_TYPE_ID_1024 && !id_cert)
|
} else if (cert_type == OR_CERT_TYPE_ID_1024) {
|
||||||
|
if (id_cert) {
|
||||||
|
tor_cert_free(cert);
|
||||||
|
ERR("Too many ID_1024 certificates");
|
||||||
|
}
|
||||||
id_cert = cert;
|
id_cert = cert;
|
||||||
else if (cert_type == OR_CERT_TYPE_AUTH_1024 && !auth_cert)
|
} else if (cert_type == OR_CERT_TYPE_AUTH_1024) {
|
||||||
|
if (auth_cert) {
|
||||||
|
tor_cert_free(cert);
|
||||||
|
ERR("Too many AUTH_1024 certificates");
|
||||||
|
}
|
||||||
auth_cert = cert;
|
auth_cert = cert;
|
||||||
else
|
} else {
|
||||||
tor_cert_free(cert);
|
tor_cert_free(cert);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
ptr += 3 + cert_len;
|
ptr += 3 + cert_len;
|
||||||
|
Loading…
Reference in New Issue
Block a user