Don't allow untrusted users to set info.ultimate
Note that a trusted signature was still required in this case so it was not a huge deal.
This commit is contained in:
parent
6f245bf24a
commit
1a8e15053a
1 changed files with 2 additions and 0 deletions
|
@ -621,6 +621,8 @@ static void performOp(ref<LocalStore> store, bool trusted, unsigned int clientVe
|
|||
from >> info.ca >> repair >> dontCheckSigs;
|
||||
if (!trusted && dontCheckSigs)
|
||||
dontCheckSigs = false;
|
||||
if (!trusted)
|
||||
info.ultimate = false;
|
||||
|
||||
TeeSink tee(from);
|
||||
parseDump(tee, tee.source);
|
||||
|
|
Loading…
Reference in a new issue