DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions
hostapd/src/tls
History
Glenn Strauss 12f16c27ba TLS: Fix unsigned int underflow in internal TLS 1.0/1.1 implementation 
Taking sizeof(ptr) is incorrect to determine size of passed in hash and
results in hlen getting set to a very large value since MD5_MAC_LEN >
sizeof(ptr). Provide the actual size of the hash buffer from the caller
to fix this.

tls_key_x_server_params_hash() callers src/tls/tlsv1_client_read.c and
src/tls/tlsv1_server_write.c both pass in a large enough hash (hash[64]
or hash[100]) that this does not appear to have an impact, though it is
still wrong.

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-11-20 19:11:01 +02:00
..
asn1.c ASN.1: Reject invalid definite long form length values in DER encoding 2021-03-14 11:37:58 +02:00
asn1.h ASN.1: Add helper functions for recognizing tag values 2021-03-14 11:37:58 +02:00
bignum.c bignum: Fix documentation for bignum_cmp_d() 2019-03-05 16:10:33 +02:00
bignum.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
libtommath.c libtommath: Make sure fast_s_mp_mul_digs initializes the W[] array 2019-06-22 18:56:44 +03:00
Makefile build: Make more library things common 2020-10-12 20:20:35 +03:00
pkcs1.c PKCS: Use ASN.1 helper functions 2021-03-14 11:37:58 +02:00
pkcs1.h PKCS 1: Add function for checking v1.5 RSA signature 2014-05-20 19:52:18 +03:00
pkcs5.c PKCS: Use ASN.1 helper functions 2021-03-14 11:37:58 +02:00
pkcs5.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
pkcs8.c PKCS: Use ASN.1 helper functions 2021-03-14 11:37:58 +02:00
pkcs8.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
rsa.c RSA: Use ASN.1 helper functions 2021-03-14 11:37:58 +02:00
rsa.h Add function for building RSA public key from n and e parameters 2014-05-19 23:27:30 +03:00
tlsv1_client.c TLS: Fix highest TLS version disabling with internal TLS client 2021-03-14 13:08:04 +02:00
tlsv1_client.h TLS: Add support for RFC 5705 TLS exporter context with internal TLS 2019-03-16 18:52:09 +02:00
tlsv1_client_i.h TLS: Fix highest TLS version disabling with internal TLS client 2021-03-14 13:08:04 +02:00
tlsv1_client_ocsp.c TLS: Use ASN.1 helper functions 2021-03-14 13:08:04 +02:00
tlsv1_client_read.c TLS: Fix unsigned int underflow in internal TLS 1.0/1.1 implementation 2022-11-20 19:11:01 +02:00
tlsv1_client_write.c TLS: Fix highest TLS version disabling with internal TLS client 2021-03-14 13:08:04 +02:00
tlsv1_common.c TLS: Fix unsigned int underflow in internal TLS 1.0/1.1 implementation 2022-11-20 19:11:01 +02:00
tlsv1_common.h TLS: Fix unsigned int underflow in internal TLS 1.0/1.1 implementation 2022-11-20 19:11:01 +02:00
tlsv1_cred.c TLS: Use ASN.1 helper functions 2021-03-14 13:08:04 +02:00
tlsv1_cred.h TLS server: OCSP stapling with ocsp_multi option (RFC 6961) 2015-12-22 20:44:52 +02:00
tlsv1_record.c TLS: Use os_memcmp_const() for hash/password comparisons 2014-07-02 12:38:47 +03:00
tlsv1_record.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
tlsv1_server.c TLS: Add support for RFC 5705 TLS exporter context with internal TLS 2019-03-16 18:52:09 +02:00
tlsv1_server.h TLS: Add support for RFC 5705 TLS exporter context with internal TLS 2019-03-16 18:52:09 +02:00
tlsv1_server_i.h TLS server: Add internal callbacks get_failed, get_*_alerts 2019-02-10 01:43:50 +02:00
tlsv1_server_read.c TLS server: Local failure information on verify_data mismatch 2019-02-10 01:43:50 +02:00
tlsv1_server_write.c TLS: Fix unsigned int underflow in internal TLS 1.0/1.1 implementation 2022-11-20 19:11:01 +02:00
x509v3.c X509: Use ASN.1 helper functions 2021-03-14 12:23:41 +02:00
x509v3.h TLS: TOD-STRICT and TOD-TOFU certificate policies 2020-01-26 16:44:49 +02:00