[PATCH] site: Replace remote's caps after verifying MSG3
Ian Jackson
ijackson at chiark.greenend.org.uk
Sat Sep 28 19:48:02 BST 2019
Ian Jackson writes ("Re: [PATCH] site: Replace remote's caps after verifying MSG3"):
> But: I observe that there doesn't seem to be any corresponding code on
> the MSG4 path. Ie the initiator just unconditionally trusts what was
> in MSG2.
Oh, wait, just spotted this in check_msg:
/* MSG3 has complicated rules about capabilities, which are
* handled in process_msg3. */
if (type==LABEL_MSG3 || type==LABEL_MSG3BIS) return True;
if (m->remote_capabilities!=st->remote_capabilities) {
*error="remote capabilities changed";
return False;
}
So, err, great, I think.
Ian.
More information about the sgo-software-discuss
mailing list