wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 19:54:40 +02:00
Code Issues Packages Projects Releases Wiki Activity

Added debug message when signature/algorithm list is truncated.

Browse Source
This commit is contained in:
David Garske
2017-11-14 10:31:48 -08:00
parent b08a99057c
commit 20f5c61675
2 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/internal.c
View File

@@ -22774,8 +22774,11 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
return BUFFER_ERROR; return BUFFER_ERROR;
clSuites.hashSigAlgoSz = hashSigAlgoSz; clSuites.hashSigAlgoSz = hashSigAlgoSz;
if (clSuites.hashSigAlgoSz > WOLFSSL_MAX_SIGALGO) if (clSuites.hashSigAlgoSz > WOLFSSL_MAX_SIGALGO) {
WOLFSSL_MSG("ClientHello SigAlgo list exceeds max, "
"truncating");
clSuites.hashSigAlgoSz = WOLFSSL_MAX_SIGALGO; clSuites.hashSigAlgoSz = WOLFSSL_MAX_SIGALGO;
}
XMEMCPY(clSuites.hashSigAlgo, &input[i], XMEMCPY(clSuites.hashSigAlgo, &input[i],
clSuites.hashSigAlgoSz); clSuites.hashSigAlgoSz);

4
src/tls.c
View File

@@ -4908,8 +4908,10 @@ static int TLSX_SignatureAlgorithms_Parse(WOLFSSL *ssl, byte* input,
/* truncate hashSigAlgo list if too long */ /* truncate hashSigAlgo list if too long */
suites->hashSigAlgoSz = len; suites->hashSigAlgoSz = len;
if (suites->hashSigAlgoSz > WOLFSSL_MAX_SIGALGO) if (suites->hashSigAlgoSz > WOLFSSL_MAX_SIGALGO) {
WOLFSSL_MSG("TLSX SigAlgo list exceeds max, truncating");
suites->hashSigAlgoSz = WOLFSSL_MAX_SIGALGO; suites->hashSigAlgoSz = WOLFSSL_MAX_SIGALGO;
}
XMEMCPY(suites->hashSigAlgo, input, suites->hashSigAlgoSz); XMEMCPY(suites->hashSigAlgo, input, suites->hashSigAlgoSz);
return TLSX_SignatureAlgorithms_MapPss(ssl, input, len); return TLSX_SignatureAlgorithms_MapPss(ssl, input, len);