From f0ed5f9125fbb8da4f6cd01ab7120ccb6328455c Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 28 Aug 2020 08:54:49 +0200
Subject: [PATCH] tls-peer: Fix parsing of encrypted extensions

---
 src/libtls/tls_peer.c | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/src/libtls/tls_peer.c b/src/libtls/tls_peer.c
index 6bec0219b5..a75a8f037e 100644
--- a/src/libtls/tls_peer.c
+++ b/src/libtls/tls_peer.c
@@ -289,7 +289,6 @@ static status_t process_server_hello(private_tls_peer_t *this,
 static status_t process_encrypted_extensions(private_tls_peer_t *this,
 											 bio_reader_t *reader)
 {
-	uint16_t length;
 	chunk_t ext = chunk_empty;
 	int offset = 0;
 	uint16_t extension_type, extension_length;
@@ -297,9 +296,7 @@ static status_t process_encrypted_extensions(private_tls_peer_t *this,
 	this->crypto->append_handshake(this->crypto,
 								   TLS_ENCRYPTED_EXTENSIONS, reader->peek(reader));
 
-
-	if (!reader->read_uint16(reader, &length) ||
-		(reader->remaining(reader) && !reader->read_data16(reader, &ext)))
+	if (!reader->read_data16(reader, &ext))
 	{
 		DBG1(DBG_TLS, "received invalid EncryptedExtensions");
 		this->alert->add(this->alert, TLS_FATAL, TLS_DECODE_ERROR);
-- 
2.47.2