diff options
| author | Matthias Schiffer <mschiffer@universe-factory.net> | 2013-10-20 02:55:38 +0200 |
|---|---|---|
| committer | Matthias Schiffer <mschiffer@universe-factory.net> | 2013-10-20 02:55:38 +0200 |
| commit | 90eeceb9ed6ffbab457b2d5caae74b92750fc0c3 (patch) | |
| tree | d9ef4f467e1308a94c1f63fe5bfbfc21f59bcf02 /src/handshake.c | |
| parent | 8cbd59792e7f03de927593994fb85466b7432d39 (diff) | |
| download | fastd-90eeceb9ed6ffbab457b2d5caae74b92750fc0c3.tar fastd-90eeceb9ed6ffbab457b2d5caae74b92750fc0c3.zip | |
Always check for mode and protocol mismatches
This was accidentially disabled in the previous commit for initial handshake
requests.
Diffstat (limited to 'src/handshake.c')
| -rw-r--r-- | src/handshake.c | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/src/handshake.c b/src/handshake.c index 46a1357..b021e2a 100644 --- a/src/handshake.c +++ b/src/handshake.c @@ -268,21 +268,21 @@ static inline void print_error_reply(fastd_context_t *ctx, const fastd_peer_addr } static inline bool check_records(fastd_context_t *ctx, fastd_socket_t *sock, const fastd_peer_address_t *local_addr, const fastd_peer_address_t *remote_addr, fastd_peer_t *peer, const fastd_handshake_t *handshake) { - if (!ctx->conf->secure_handshakes || handshake->type > 1) { - if (handshake->records[RECORD_PROTOCOL_NAME].data) { - if (!record_equal(ctx->conf->protocol->name, &handshake->records[RECORD_PROTOCOL_NAME])) { - send_error(ctx, sock, local_addr, remote_addr, peer, handshake, REPLY_UNACCEPTABLE_VALUE, RECORD_PROTOCOL_NAME); - return false; - } + if (handshake->records[RECORD_PROTOCOL_NAME].data) { + if (!record_equal(ctx->conf->protocol->name, &handshake->records[RECORD_PROTOCOL_NAME])) { + send_error(ctx, sock, local_addr, remote_addr, peer, handshake, REPLY_UNACCEPTABLE_VALUE, RECORD_PROTOCOL_NAME); + return false; } + } - if (handshake->records[RECORD_MODE].data) { - if (handshake->records[RECORD_MODE].length != 1 || AS_UINT8(handshake->records[RECORD_MODE]) != ctx->conf->mode) { - send_error(ctx, sock, local_addr, remote_addr, peer, handshake, REPLY_UNACCEPTABLE_VALUE, RECORD_MODE); - return false; - } + if (handshake->records[RECORD_MODE].data) { + if (handshake->records[RECORD_MODE].length != 1 || AS_UINT8(handshake->records[RECORD_MODE]) != ctx->conf->mode) { + send_error(ctx, sock, local_addr, remote_addr, peer, handshake, REPLY_UNACCEPTABLE_VALUE, RECORD_MODE); + return false; } + } + if (!ctx->conf->secure_handshakes || handshake->type > 1) { if (handshake->records[RECORD_MTU].length == 2) { if (AS_UINT16(handshake->records[RECORD_MTU]) != ctx->conf->mtu) { pr_warn(ctx, "MTU configuration differs with peer %I: local MTU is %u, remote MTU is %u", |