Added a workaround for handling TLS compression

Even though we try to disable TLS compression, it is possible that this
cannot be done with all TLS libraries. For example, OpenSSL 0.9.8 does not
seem to have a configuration item for disabling all compression (0.9.9 has
such an option). If compression is used, Phase 2 decryption may end up
producing more data than the input buffer due to compressed data. This
shows up especially with EAP-TNC that uses very compressible data format.

As a workaround, increase the decryption buffer length to (orig_len+500)*3.
This is a hack, but at least it handles most cases. TLS compression should
really be disabled for EAP use of TLS, but since this can show up with
common setups, it is better to handle this case.

diff --git a/src/eap_peer/eap_tls_common.c b/src/eap_peer/eap_tls_common.c
index 7b8c84d390cdf363cb5adf9a4a83ef1c91d9b12c..d2a494bbf2b4d65237a7c0cfaab813ad6542d5c7 100644 (file)
--- a/src/eap_peer/eap_tls_common.c
+++ b/src/eap_peer/eap_tls_common.c
@@ -827,6 +827,14 @@ int eap_peer_tls_decrypt(struct eap_sm *sm, struct eap_ssl_data *data,
        buf_len = wpabuf_len(in_data);
        if (data->tls_in_total > buf_len)
                buf_len = data->tls_in_total;
+       /*
+        * Even though we try to disable TLS compression, it is possible that
+        * this cannot be done with all TLS libraries. Add extra buffer space
+        * to handle the possibility of the decrypted data being longer than
+        * input data.
+        */
+       buf_len += 500;
+       buf_len *= 3;
        *in_decrypted = wpabuf_alloc(buf_len ? buf_len : 1);
        if (*in_decrypted == NULL) {
                eap_peer_tls_reset_input(data);

diff --git a/src/eap_server/eap_fast.c b/src/eap_server/eap_fast.c
index fb4306bac3f4f647613dc0808e609fa0c7da5fa2..c50ffd2c09fe72f4aa731781c9bae48d6808eefd 100644 (file)
--- a/src/eap_server/eap_fast.c
+++ b/src/eap_server/eap_fast.c
@@ -1334,6 +1334,14 @@ static void eap_fast_process_phase2(struct eap_sm *sm,
        buf_len = in_len;
        if (data->ssl.tls_in_total > buf_len)
                buf_len = data->ssl.tls_in_total;
+       /*
+        * Even though we try to disable TLS compression, it is possible that
+        * this cannot be done with all TLS libraries. Add extra buffer space
+        * to handle the possibility of the decrypted data being longer than
+        * input data.
+        */
+       buf_len += 500;
+       buf_len *= 3;
        in_decrypted = os_malloc(buf_len);
        if (in_decrypted == NULL) {
                os_free(data->ssl.tls_in);

diff --git a/src/eap_server/eap_peap.c b/src/eap_server/eap_peap.c
index 20e1953c5baa5dead4249629da4a4bd94072a3cb..77c254ade81fddba11c47bf4bca2829d7ef91863 100644 (file)
--- a/src/eap_server/eap_peap.c
+++ b/src/eap_server/eap_peap.c
@@ -1161,6 +1161,14 @@ static void eap_peap_process_phase2(struct eap_sm *sm,
        buf_len = in_len;
        if (data->ssl.tls_in_total > buf_len)
                buf_len = data->ssl.tls_in_total;
+       /*
+        * Even though we try to disable TLS compression, it is possible that
+        * this cannot be done with all TLS libraries. Add extra buffer space
+        * to handle the possibility of the decrypted data being longer than
+        * input data.
+        */
+       buf_len += 500;
+       buf_len *= 3;
        in_decrypted = wpabuf_alloc(buf_len);
        if (in_decrypted == NULL) {
                os_free(data->ssl.tls_in);

diff --git a/src/eap_server/eap_ttls.c b/src/eap_server/eap_ttls.c
index 545958dfae0a2e3396d19f366165386a79429d1d..4c71b5fa2cec7c06f9d629d421dd0d641971c6d0 100644 (file)
--- a/src/eap_server/eap_ttls.c
+++ b/src/eap_server/eap_ttls.c
@@ -1177,6 +1177,14 @@ static void eap_ttls_process_phase2(struct eap_sm *sm,
        buf_len = in_len;
        if (data->ssl.tls_in_total > buf_len)
                buf_len = data->ssl.tls_in_total;
+       /*
+        * Even though we try to disable TLS compression, it is possible that
+        * this cannot be done with all TLS libraries. Add extra buffer space
+        * to handle the possibility of the decrypted data being longer than
+        * input data.
+        */
+       buf_len += 500;
+       buf_len *= 3;
        in_decrypted = os_malloc(buf_len);
        if (in_decrypted == NULL) {
                os_free(data->ssl.tls_in);