feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

verify cipher suite is valid on import

Browse Source
This commit is contained in:
Jacob Barthelmeh
2016-05-11 11:18:08 -06:00
parent 8c45cb1938
commit f9ce2f2677
1 changed files with 14 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/internal.c
View File

@ -787,7 +787,7 @@ int wolfSSL_dtls_import_internal(byte* buf, word32 sz, WOLFSSL* ssl)
word32 idx = 0; word32 idx = 0;
word16 length = 0; word16 length = 0;
int version; int version;
int ret; int ret, i;
WOLFSSL_ENTER("wolfSSL_dtls_import_internal"); WOLFSSL_ENTER("wolfSSL_dtls_import_internal");
/* check at least enough room for protocol and length */ /* check at least enough room for protocol and length */
@ -885,6 +885,19 @@ int wolfSSL_dtls_import_internal(byte* buf, word32 sz, WOLFSSL* ssl)
ssl->hmac = TLS_hmac; ssl->hmac = TLS_hmac;
} }
/* make sure is a valid suite used */
ret = SUITES_ERROR;
for (i = 0; i < ssl->suites->suiteSz; i += 2) {
if (ssl->suites->suites[i] == ssl->options.cipherSuite0 &&
ssl->suites->suites[i+1] == ssl->options.cipherSuite) {
ret = 0;
break;
}
}
if (ret != 0) {
return ret;
}
return idx; return idx;
} }
#endif /* WOLFSSL_DTLS */ #endif /* WOLFSSL_DTLS */