empire/empserver
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

(nat_ca, cou_ca, ef_init_srv, xdvisible): Plug major information leak:

Browse source 
nat_ca[] was designed for visibility to the owner only, while cou_ca[]
was designed for the public.  xdvisible() implemented that for xdump.
But selectors don't care for that!  Since nat_ca[] applies to
EF_NATION, it must be for public visibility.  Broken in 4.2.21.  Fix
by exchanging contents of nat_ca[] and and cou_ca[].  This breaks
clients relying on xdump.
This commit is contained in:
Markus Armbruster 2006-05-22 20:59:11 +00:00
parent 548bc5bbdc
commit 93b6a54356
3 changed files with 11 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

10
src/lib/subs/fileinit.c
View file

@ -71,16 +71,16 @@ ef_init_srv(void)
empfile[fileinit[i].ef_type].prewrite = fileinit[i].prewrite;
}
for (i = 0; nat_ca[i].ca_name; i++) {
cou_ca[i] = nat_ca[i];
flags = cou_ca[i].ca_flags | NSC_CONST;
for (i = 0; cou_ca[i].ca_name; i++) {
nat_ca[i] = cou_ca[i];
flags = nat_ca[i].ca_flags | NSC_CONST;
if (flags & NSC_EXTRA)
flags &= ~NSC_EXTRA;
else if (i != 0)
flags |= NSC_DEITY;
cou_ca[i].ca_flags = flags;
nat_ca[i].ca_flags = flags;
}
cou_ca[i] = nat_ca[i];
nat_ca[i] = cou_ca[i];
ef_open_srv();
if (ef_verify() < 0)