|
@@ -908,14 +908,27 @@ command_process_cert_cell(var_cell_t *cell, or_connection_t *conn)
|
|
|
"Received undecodable certificate in CERT cell from %s:%d",
|
|
|
safe_str(conn->_base.address), conn->_base.port);
|
|
|
} else {
|
|
|
- if (cert_type == OR_CERT_TYPE_TLS_LINK && !link_cert)
|
|
|
+ if (cert_type == OR_CERT_TYPE_TLS_LINK) {
|
|
|
+ if (link_cert) {
|
|
|
+ tor_cert_free(cert);
|
|
|
+ ERR("Too many TLS_LINK certificates");
|
|
|
+ }
|
|
|
link_cert = cert;
|
|
|
- else if (cert_type == OR_CERT_TYPE_ID_1024 && !id_cert)
|
|
|
+ } else if (cert_type == OR_CERT_TYPE_ID_1024) {
|
|
|
+ if (id_cert) {
|
|
|
+ tor_cert_free(cert);
|
|
|
+ ERR("Too many ID_1024 certificates");
|
|
|
+ }
|
|
|
id_cert = cert;
|
|
|
- else if (cert_type == OR_CERT_TYPE_AUTH_1024 && !auth_cert)
|
|
|
+ } else if (cert_type == OR_CERT_TYPE_AUTH_1024) {
|
|
|
+ if (auth_cert) {
|
|
|
+ tor_cert_free(cert);
|
|
|
+ ERR("Too many AUTH_1024 certificates");
|
|
|
+ }
|
|
|
auth_cert = cert;
|
|
|
- else
|
|
|
+ } else {
|
|
|
tor_cert_free(cert);
|
|
|
+ }
|
|
|
}
|
|
|
}
|
|
|
ptr += 3 + cert_len;
|