openssl: Fix invalid keyid length check

author ambiso <ambiso@invalid>

Tue, 23 Oct 2018 21:20:17 +0000 (23:20 +0200)

committer Tobias Brunner <tobias@strongswan.org>

Wed, 24 Oct 2018 07:48:56 +0000 (09:48 +0200)
author ambiso <ambiso@invalid>
Tue, 23 Oct 2018 21:20:17 +0000 (23:20 +0200)
committer Tobias Brunner <tobias@strongswan.org>
Wed, 24 Oct 2018 07:48:56 +0000 (09:48 +0200)
diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c

index 8b0a7c5c7444c93173c028bf7071371434f1cb72..c9196804e7cc4a2c9874cd51c9e2f7ec43609b9e 100644 (file)
--- a/src/libstrongswan/plugins/openssl/openssl_plugin.c
+++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c
@@ -405,7 +405,7 @@ static private_key_t *openssl_private_key_connect(key_type_t type,
         {
                 snprintf(keyname, sizeof(keyname), "%d:", slot);
         }
-       if (sizeof(keyname) - strlen(keyname) <= keyid.len * 4 / 3 + 1)
+       if (sizeof(keyname) - strlen(keyname) <= keyid.len * 2 + 1)
         {
                 return NULL;
         }
author	ambiso <ambiso@invalid>
	Tue, 23 Oct 2018 21:20:17 +0000 (23:20 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Wed, 24 Oct 2018 07:48:56 +0000 (09:48 +0200)