git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Max Fillinger <maximilian.fillinger@foxcrypto.com>
	Wed, 14 Dec 2022 15:34:14 +0000 (16:34 +0100)
committer	Gert Doering <gert@greenie.muc.de>
	Thu, 15 Dec 2022 07:27:17 +0000 (08:27 +0100)
commit	860bf4bf9248077259690a518925ecc14da4b320
tree	517dd3ce0841d0eb0c812af74bf3a2bff19fef1b	tree
parent	235161cd2bcd5403c807e66432c421114c896b74	commit \| diff

Fix message for too long tls-crypt-v2 metadata

The current code only checks if the base64-encoded metadata is at most
980 characters. However, that can encode up to 735 bytes of data, while
only up to 733 bytes are allowed. When passing 734 or 735 bytes, openvpn
prints a misleading error message saying that the base64 cannot be
decoded.

This patch checks the decoded length to show an accurate error message.

v2: Remove now-unused macro and fix an off-by-one error.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20221214153414.12671-1-maximilian.fillinger@foxcrypto.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg25694.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

src/openvpn/base64.h		diff \| blob \| blame \| history
src/openvpn/tls_crypt.c		diff \| blob \| blame \| history
src/openvpn/tls_crypt.h		diff \| blob \| blame \| history