A remote user could telnet to the tinc daemon and type only this line:
61 6
00000000/
00000000:28f
This would deny any packets to be sent to other tinc networks (except
for to the hosts that run tincd's themselves). Solution is to skip
hosts in lookup_conn() that have not been activated yet.
Fixed potential conn_list table corruption:
If a new connection is accepted but a connection with the same subnet
would already exist in the connection list, the OLD connection is
terminated.
projects / tinc / commitdiff