]> git.meshlink.io Git - meshlink/commitdiff
Forbid protocol version rollback.
authorGuus Sliepen <guus@tinc-vpn.org>
Sat, 20 Jul 2013 22:13:38 +0000 (00:13 +0200)
committerGuus Sliepen <guus@tinc-vpn.org>
Sat, 20 Jul 2013 22:13:38 +0000 (00:13 +0200)
When we know a node's ECDSA key, we only allow communication via the SPTPS
protocol.

src/protocol_auth.c

index 05724d6faa88059d1ece5bcfca0e6c0cb714f675..f8a3cc3b3d2d3e5464263567189aab2b3beb8768 100644 (file)
@@ -324,7 +324,7 @@ bool id_h(connection_t *c, const char *request) {
 
        if(c->protocol_major != myself->connection->protocol_major) {
                logger(DEBUG_ALWAYS, LOG_ERR, "Peer %s (%s) uses incompatible version %d.%d",
-                          c->name, c->hostname, c->protocol_major, c->protocol_minor);
+                       c->name, c->hostname, c->protocol_major, c->protocol_minor);
                return false;
        }
 
@@ -346,15 +346,21 @@ bool id_h(connection_t *c, const char *request) {
                        return false;
                }
 
-               if(experimental && c->protocol_minor >= 2) {
-                       if(!read_ecdsa_public_key(c))
-                               return false;
-               }
+               if(experimental)
+                       read_ecdsa_public_key(c);
        } else {
                if(c->protocol_minor && !ecdsa_active(c->ecdsa))
                        c->protocol_minor = 1;
        }
 
+       /* Forbid version rollback for nodes whose ECDSA key we know */
+
+       if(ecdsa_active(c->ecdsa) && c->protocol_minor < 2) {
+               logger(DEBUG_ALWAYS, LOG_ERR, "Peer %s (%s) tries to roll back protocol version to %d.%d",
+                       c->name, c->hostname, c->protocol_major, c->protocol_minor);
+               return false;
+       }
+
        c->allow_request = METAKEY;
 
        if(c->protocol_minor >= 2) {