From: Daniel Kubec Date: Wed, 27 Apr 2016 06:00:34 +0000 (+0200) Subject: Fix buffer size parameter for exported keying material. X-Git-Tag: v2.4_alpha1~108 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=13a882ae39efb7144d9a9c5ac61100b1e27b1003;p=thirdparty%2Fopenvpn.git Fix buffer size parameter for exported keying material. Commit 41e4b67a229e774ebc57a882c386e10d80e10e7e broke the exported keying material functionality while addressing lack of variable-length arrays in MSVC compilers - turning an array into a gc_malloc()'ed pointer, but still using "sizeof(ekm)" for buffer size - which is now "4" (unsigned char *), not the actual buffer length... Fixed! Acked-by: Gert Doering Message-Id: <49496.109.81.184.65.1461736834.squirrel@mail.actumg2.cz> URL: http://article.gmane.org/gmane.network.openvpn.devel/11509 Signed-off-by: Gert Doering --- diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c index ca9b67ba7..8909ca3b8 100644 --- a/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c @@ -144,7 +144,7 @@ key_state_export_keying_material(struct key_state_ssl *ssl, struct gc_arena gc = gc_new(); unsigned char* ekm = (unsigned char*) gc_malloc(size, true, &gc); - if (SSL_export_keying_material(ssl->ssl, ekm, sizeof(ekm), + if (SSL_export_keying_material(ssl->ssl, ekm, size, session->opt->ekm_label, session->opt->ekm_label_size, NULL, 0, 0)) { unsigned int len = (size * 2) + 2;