Fixed internal TLSv1 server implementation for abbreviated handshake

When the TLS handshake had been completed earlier by the server in case of
abbreviated handshake, the output buffer length was left uninitialized. It
must be initialized to zero in this case. This code is used by EAP-FAST
server and the uninitialized length could have caused it to try to send a
very large frame (though, this would be terminated by the 50 roundtrip EAP
limit). This broke EAP-FAST server code in some cases when PAC was used to
establish the tunnel.

diff --git a/hostapd/ChangeLog b/hostapd/ChangeLog
index f3c01559f7b869996dc67aa5d8a5a1a53deea1ab..2db46b84579da56ac5a1b6b5ad22b46b9b354ab7 100644 (file)
--- a/hostapd/ChangeLog
+++ b/hostapd/ChangeLog
@@ -5,6 +5,8 @@ ChangeLog for hostapd
          internal X.509/TLSv1 implementation
        * fixed EAP-FAST PAC-Opaque padding (0.6.4 broke this for some peer
          identity lengths)
+       * fixed internal TLSv1 implementation for abbreviated handshake (used
+         by EAP-FAST server)
 
 2008-08-10 - v0.6.4
        * added peer identity into EAP-FAST PAC-Opaque and skip Phase 2

diff --git a/src/crypto/tls_internal.c b/src/crypto/tls_internal.c
index dfd0db060b46533fb8191bb6a078b27437576fbc..42120c8a882e0285037a018661a94e544c78f7a6 100644 (file)
--- a/src/crypto/tls_internal.c
+++ b/src/crypto/tls_internal.c
@@ -366,8 +366,10 @@ u8 * tls_connection_server_handshake(void *tls_ctx,
        wpa_printf(MSG_DEBUG, "TLS: %s(in_data=%p in_len=%lu)",
                   __func__, in_data, (unsigned long) in_len);
        out = tlsv1_server_handshake(conn->server, in_data, in_len, out_len);
-       if (out == NULL && tlsv1_server_established(conn->server))
+       if (out == NULL && tlsv1_server_established(conn->server)) {
                out = os_malloc(1);
+               *out_len = 0;
+       }
        return out;
 #else /* CONFIG_TLS_INTERNAL_SERVER */
        return NULL;