commit d79ff2ce94ac1e0e4938517403f29c4e9aaf799c Author: Nick Mathewson nickm@torproject.org Date: Wed Oct 5 10:44:22 2011 -0400

spec conformance: allow only one cert of each type --- src/or/command.c | 21 +++++++++++++++++---- 1 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/src/or/command.c b/src/or/command.c index c1e2f5e..3bd6dd7 100644 --- a/src/or/command.c +++ b/src/or/command.c @@ -908,14 +908,27 @@ command_process_cert_cell(var_cell_t *cell, or_connection_t *conn) "Received undecodable certificate in CERT cell from %s:%d", safe_str(conn->_base.address), conn->_base.port); } else { - if (cert_type == OR_CERT_TYPE_TLS_LINK && !link_cert) + if (cert_type == OR_CERT_TYPE_TLS_LINK) { + if (link_cert) { + tor_cert_free(cert); + ERR("Too many TLS_LINK certificates"); + } link_cert = cert; - else if (cert_type == OR_CERT_TYPE_ID_1024 && !id_cert) + } else if (cert_type == OR_CERT_TYPE_ID_1024) { + if (id_cert) { + tor_cert_free(cert); + ERR("Too many ID_1024 certificates"); + } id_cert = cert; - else if (cert_type == OR_CERT_TYPE_AUTH_1024 && !auth_cert) + } else if (cert_type == OR_CERT_TYPE_AUTH_1024) { + if (auth_cert) { + tor_cert_free(cert); + ERR("Too many AUTH_1024 certificates"); + } auth_cert = cert; - else + } else { tor_cert_free(cert); + } } } ptr += 3 + cert_len;