commit 08bc6e210211f41af10afea7c8497176e55b26ec parent 8af6d9e478e973e934b6d2266f11df356b8a8d37 Author: Solderpunk <solderpunk@sdf.org> Date: Tue, 12 May 2020 22:23:22 +0200 Don't do client certificates in restricted mode. Diffstat:
| M | av98.py | | | 8 | ++++++++ |
1 file changed, 8 insertions(+), 0 deletions(-)
diff --git a/av98.py b/av98.py @@ -404,6 +404,14 @@ Slow internet connection? Use 'set timeout' to be more patient.""") return # Client cert elif status.startswith("6"): + # Don't do client cert stuff in restricted mode, as in principle + # it could be used to fill up the disk by creating a whole lot of + # certificates + if self.restricted: + print("The server is requesting a client certificate.") + print("These are not supported in restricted mode, sorry.") + return + # Transient certs are a special case if status == "61": print("The server is asking to start a transient client certificate session.")