projects / tinc / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738)
[tinc] / src / protocol_edge.c
diff --git a/src/protocol_edge.c b/src/protocol_edge.c
index be48e0d..a1cf640 100644 (file)
--- a/src/protocol_edge.c
+++ b/src/protocol_edge.c
@@ -70,7 +70,7 @@ bool add_edge_h(connection_t *c) {
 
        /* Check if names are valid */
 
-       if(!check_id(from_name) || !check_id(to_name)) {
+       if(!check_id(from_name) || !check_id(to_name) || !strcmp(from_name, to_name)) {
                logger(LOG_ERR, "Got bad %s from %s (%s): %s", "ADD_EDGE", c->name,
                       c->hostname, "invalid name");
                return false;
@@ -197,7 +197,7 @@ bool del_edge_h(connection_t *c) {
 
        /* Check if names are valid */
 
-       if(!check_id(from_name) || !check_id(to_name)) {
+       if(!check_id(from_name) || !check_id(to_name) || !strcmp(from_name, to_name)) {
                logger(LOG_ERR, "Got bad %s from %s (%s): %s", "DEL_EDGE", c->name,
                       c->hostname, "invalid name");
                return false;
tinc, the VPN daemon