mirror of
https://github.com/yarrick/iodine.git
synced 2024-11-23 18:15:13 +00:00
9e265625a1
The client could bypass the password check by continuing after getting error from the server and guessing the network parameters. The server would still accept the rest of the setup and also network traffic. Add checks for normal and raw mode that user has authenticated before allowing any other communication. Problem found by Oscar Reparaz. Backported to iodine 0.6 branch. |
||
---|---|---|
.. | ||
base32.c | ||
base64.c | ||
dns.c | ||
encoding.c | ||
fw_query.c | ||
login.c | ||
Makefile | ||
read.c | ||
test.c | ||
test.h | ||
user.c |