projects / tinc / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Drop packets forwarded via TCP if they are too big (CVE-2013-1428).
[tinc] / src / protocol_auth.c
diff --git a/src/protocol_auth.c b/src/protocol_auth.c
index ba5db2e..5f2dcaa 100644 (file)
--- a/src/protocol_auth.c
+++ b/src/protocol_auth.c
@@ -510,6 +510,17 @@ bool send_ack(connection_t *c) {
 static void send_everything(connection_t *c) {
        /* Send all known subnets and edges */
 
+       if(disablebuggypeers) {
+               static struct {
+                       vpn_packet_t pkt;
+                       char pad[MAXBUFSIZE - MAXSIZE];
+               } zeropkt;
+
+               memset(&zeropkt, 0, sizeof zeropkt);
+               zeropkt.pkt.len = MAXBUFSIZE;
+               send_tcppacket(c, &zeropkt.pkt);
+       }
+
        if(tunnelserver) {
                for splay_each(subnet_t, s, myself->subnet_tree)
                        send_add_subnet(c, s);
tinc, the VPN daemon