tls-peer: Fix parsing of encrypted extensions

author Tobias Brunner <tobias@strongswan.org>

Fri, 28 Aug 2020 06:54:49 +0000 (08:54 +0200)

committer Tobias Brunner <tobias@strongswan.org>

Fri, 12 Feb 2021 10:45:44 +0000 (11:45 +0100)
author Tobias Brunner <tobias@strongswan.org>
Fri, 28 Aug 2020 06:54:49 +0000 (08:54 +0200)
committer Tobias Brunner <tobias@strongswan.org>
Fri, 12 Feb 2021 10:45:44 +0000 (11:45 +0100)
diff --git a/src/libtls/tls_peer.c b/src/libtls/tls_peer.c

index 6bec0219b5d77ac0a9699a3a88c39d5bc41e45a5..a75a8f037e8db263024558f3d7366b8fbf817c9f 100644 (file)
--- a/src/libtls/tls_peer.c
+++ b/src/libtls/tls_peer.c
@@ -289,7 +289,6 @@ static status_t process_server_hello(private_tls_peer_t *this,
  static status_t process_encrypted_extensions(private_tls_peer_t *this,
                                                                                          bio_reader_t *reader)
  {
-       uint16_t length;
         chunk_t ext = chunk_empty;
         int offset = 0;
         uint16_t extension_type, extension_length;
@@ -297,9 +296,7 @@ static status_t process_encrypted_extensions(private_tls_peer_t *this,
         this->crypto->append_handshake(this->crypto,
                                                                    TLS_ENCRYPTED_EXTENSIONS, reader->peek(reader));
  
-
-       if (!reader->read_uint16(reader, &length) ||
-               (reader->remaining(reader) && !reader->read_data16(reader, &ext)))
+       if (!reader->read_data16(reader, &ext))
         {
                 DBG1(DBG_TLS, "received invalid EncryptedExtensions");
                 this->alert->add(this->alert, TLS_FATAL, TLS_DECODE_ERROR);
author	Tobias Brunner <tobias@strongswan.org>
	Fri, 28 Aug 2020 06:54:49 +0000 (08:54 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Fri, 12 Feb 2021 10:45:44 +0000 (11:45 +0100)