feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Added debug message when signature/algorithm list is truncated.

Browse Source
This commit is contained in:
David Garske
2017-11-14 10:31:48 -08:00
parent b08a99057c
commit 20f5c61675
2 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/internal.c
View File

@ -22774,8 +22774,11 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
return BUFFER_ERROR;
clSuites.hashSigAlgoSz = hashSigAlgoSz;
if (clSuites.hashSigAlgoSz > WOLFSSL_MAX_SIGALGO)
if (clSuites.hashSigAlgoSz > WOLFSSL_MAX_SIGALGO) {
WOLFSSL_MSG("ClientHello SigAlgo list exceeds max, "
"truncating");
clSuites.hashSigAlgoSz = WOLFSSL_MAX_SIGALGO;
}
XMEMCPY(clSuites.hashSigAlgo, &input[i],
clSuites.hashSigAlgoSz);

6
src/tls.c
View File

@ -3771,7 +3771,7 @@ static int TLSX_SessionTicket_Parse(WOLFSSL* ssl, byte* input, word16 length,
if (!isRequest) {
if (TLSX_CheckUnsupportedExtension(ssl, TLSX_SESSION_TICKET))
return TLSX_HandleUnsupportedExtension(ssl);
if (length != 0)
return BUFFER_ERROR;
@ -4908,8 +4908,10 @@ static int TLSX_SignatureAlgorithms_Parse(WOLFSSL *ssl, byte* input,
/* truncate hashSigAlgo list if too long */
suites->hashSigAlgoSz = len;
if (suites->hashSigAlgoSz > WOLFSSL_MAX_SIGALGO)
if (suites->hashSigAlgoSz > WOLFSSL_MAX_SIGALGO) {
WOLFSSL_MSG("TLSX SigAlgo list exceeds max, truncating");
suites->hashSigAlgoSz = WOLFSSL_MAX_SIGALGO;
}
XMEMCPY(suites->hashSigAlgo, input, suites->hashSigAlgoSz);
return TLSX_SignatureAlgorithms_MapPss(ssl, input, len);