jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

TLS server: Local failure information on verify_data mismatch

Browse source 
Mark connection state FAILED in this case even though TLS Alert is not
sent.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2019-02-09 18:05:45 +02:00
parent f08ab18bf9
commit 19dd7a736e
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
src/tls/tlsv1_server_read.c
View file

@ -1245,6 +1245,7 @@ static int tls_process_client_finished(struct tlsv1_server *conn, u8 ct,
if (os_memcmp_const(pos, verify_data, TLS_VERIFY_DATA_LEN) != 0) { if (os_memcmp_const(pos, verify_data, TLS_VERIFY_DATA_LEN) != 0) {
tlsv1_server_log(conn, "Mismatch in verify_data"); tlsv1_server_log(conn, "Mismatch in verify_data");
conn->state = FAILED;
return -1; return -1;
} }