trilogy 2.1.0 → 2.1.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 79779c19d22b6a05581eba7135cf2fd588a64ee33b59c8caf82a4dc51277bf5f
4
- data.tar.gz: 48c88ac7fe38563810abc4f21858758f9b54f102b4abb63c81d0a41f4bd0a687
3
+ metadata.gz: dfc4650b825c98729088e61bc236c2eff05aa0f3d535266452c24102af549c76
4
+ data.tar.gz: 630c3fbf67cf7c1b0dc70e680bd7bce7983217034706bff5abe9e71eb0de5f42
5
5
  SHA512:
6
- metadata.gz: ab915961914de4e0ed847b93aae3357fe328186cd0fdf602f322c379bdd15a3d1aa935535783bfce892cb5013b41c841581c83c42ea248cc6ff0efd7abd2d6eb
7
- data.tar.gz: 6865a1c5b9c96ff4d4eefda88cc771aff23b3ff6db8534767edbdba4a929eec1f42184ae845fe02664c1e6b8c64c72aa52f5948233d8ca35f57c510c60ef42a9
6
+ metadata.gz: 67596acf1ce6f0ac50008cce49cecff33cf7f33053a2e24a3ed70cc702beb71d9a5c92a8d72b6ff25d1c4d588ab84fcfccbba9d155d52739044ce1eb302f18ad
7
+ data.tar.gz: d00a2e65e8fb73fa0bfb7a82054007a619075fbd5863602958119047df08e0881425b3612b947542449ee988cc2b21557925b29b26992958d5aa6d48ccf7f150
@@ -275,8 +275,10 @@ int trilogy_parse_handshake_packet(const uint8_t *buff, size_t len, trilogy_hand
275
275
  if (out_packet->capabilities & TRILOGY_CAPABILITIES_SECURE_CONNECTION && auth_data_len > 8) {
276
276
  uint8_t remaining_auth_data_len = auth_data_len - 8;
277
277
 
278
- if (remaining_auth_data_len > 13) {
279
- remaining_auth_data_len = 13;
278
+ // The auth plugins we support all provide exactly 21 bytes of
279
+ // auth_data. Reject any other values for auth_data_len.
280
+ if (SCRAMBLE_LEN + 1 != auth_data_len) {
281
+ return TRILOGY_PROTOCOL_VIOLATION;
280
282
  }
281
283
 
282
284
  CHECKED(trilogy_reader_copy_buffer(&reader, remaining_auth_data_len, out_packet->scramble + 8));
@@ -1,3 +1,3 @@
1
1
  class Trilogy
2
- VERSION = "2.1.0"
2
+ VERSION = "2.1.1"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: trilogy
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.0
4
+ version: 2.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - GitHub Engineering
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-03-11 00:00:00.000000000 Z
11
+ date: 2022-05-31 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rake-compiler