Merge pull request #9908 from julek-wolfssl/fenrir/205

Set upper bound on post-auth cert reqs
This commit is contained in:
Daniel Pouzzner
2026-03-06 22:27:59 -06:00
committed by GitHub
+7
View File
@@ -14205,6 +14205,13 @@ int wolfSSL_request_certificate(WOLFSSL* ssl)
return NOT_READY_ERROR;
if (!ssl->options.postHandshakeAuth)
return POST_HAND_AUTH_ERROR;
if (ssl->certReqCtx != NULL) {
if (ssl->certReqCtx->len != 1)
return BAD_STATE_E;
/* We support sending up to 255 certificate requests */
if (ssl->certReqCtx->ctx == 255)
return BAD_STATE_E;
}
certReqCtx = (CertReqCtx*)XMALLOC(sizeof(CertReqCtx), ssl->heap,
DYNAMIC_TYPE_TMP_BUFFER);