From 6755ba593ce4dbe0735f14e12b9e9c5ccf597de7 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 5 Dec 2024 18:24:45 +0100 Subject: [PATCH] http_negotiate: allow for a one byte larger channel binding buffer The channel binding data dynbuf was not set correctly making it fail with CURLE_TOO_LARGE too easily. Reported-by: galen11 on github Fixes #15685 Closes #15694 --- lib/http_negotiate.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c index 5dda475057..5d76bddf72 100644 --- a/lib/http_negotiate.c +++ b/lib/http_negotiate.c @@ -110,7 +110,7 @@ CURLcode Curl_input_negotiate(struct Curl_easy *data, struct connectdata *conn, /* Check if the connection is using SSL and get the channel binding data */ #if defined(USE_SSL) && defined(HAVE_GSSAPI) if(conn->handler->flags & PROTOPT_SSL) { - Curl_dyn_init(&neg_ctx->channel_binding_data, SSL_CB_MAX_SIZE); + Curl_dyn_init(&neg_ctx->channel_binding_data, SSL_CB_MAX_SIZE + 1); result = Curl_ssl_get_channel_binding( data, FIRSTSOCKET, &neg_ctx->channel_binding_data); if(result) { -- 2.47.3