From: Guus Sliepen <guus@tinc-vpn.org>
Date: Sat, 27 May 2000 19:04:12 +0000 (+0000)
Subject: Fix for a DoS attack:
X-Git-Tag: release-1.0pre2~23
X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=commitdiff_plain;h=e4ff969a9868ecc25a85daab620f97227de8d493;hp=e4ff969a9868ecc25a85daab620f97227de8d493

Fix for a DoS attack:
 A remote user could telnet to the tinc daemon and type only this line:
 61 6 00000000/00000000:28f
 This would deny any packets to be sent to other tinc networks (except
 for to the hosts that run tincd's themselves). Solution is to skip
 hosts in lookup_conn() that have not been activated yet.
Fixed potential conn_list table corruption:
 If a new connection is accepted but a connection with the same subnet
 would already exist in the connection list, the OLD connection is
 terminated.
---