diff options
| author | Nick Mathewson <nickm@torproject.org> | 2011-10-05 10:44:22 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2011-10-10 23:14:31 -0400 |
| commit | d79ff2ce94ac1e0e4938517403f29c4e9aaf799c (patch) | |
| tree | b60fba79442c40622a257df7a55e4b34d5151bf8 /src/or/command.c | |
| parent | e56d7a3809611e85b48474f27b3feb461e82e109 (diff) | |
| download | tor-d79ff2ce94ac1e0e4938517403f29c4e9aaf799c.tar.gz tor-d79ff2ce94ac1e0e4938517403f29c4e9aaf799c.zip | |
spec conformance: allow only one cert of each type
Diffstat (limited to 'src/or/command.c')
| -rw-r--r-- | src/or/command.c | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/src/or/command.c b/src/or/command.c index c1e2f5e8e9..3bd6dd7fd3 100644 --- a/src/or/command.c +++ b/src/or/command.c @@ -908,14 +908,27 @@ command_process_cert_cell(var_cell_t *cell, or_connection_t *conn) "Received undecodable certificate in CERT cell from %s:%d", safe_str(conn->_base.address), conn->_base.port); } else { - if (cert_type == OR_CERT_TYPE_TLS_LINK && !link_cert) + if (cert_type == OR_CERT_TYPE_TLS_LINK) { + if (link_cert) { + tor_cert_free(cert); + ERR("Too many TLS_LINK certificates"); + } link_cert = cert; - else if (cert_type == OR_CERT_TYPE_ID_1024 && !id_cert) + } else if (cert_type == OR_CERT_TYPE_ID_1024) { + if (id_cert) { + tor_cert_free(cert); + ERR("Too many ID_1024 certificates"); + } id_cert = cert; - else if (cert_type == OR_CERT_TYPE_AUTH_1024 && !auth_cert) + } else if (cert_type == OR_CERT_TYPE_AUTH_1024) { + if (auth_cert) { + tor_cert_free(cert); + ERR("Too many AUTH_1024 certificates"); + } auth_cert = cert; - else + } else { tor_cert_free(cert); + } } } ptr += 3 + cert_len; |