mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 16:55:42 +00:00
Merge remote-tracking branch 'public/pr/2856' into development
* public/pr/2856: Fix issue #2718 (condition always false)
This commit is contained in:
commit
15f30dc7e6
|
@ -17,6 +17,8 @@ Security
|
||||||
Bugfix
|
Bugfix
|
||||||
* Fix compilation failure when both MBEDTLS_SSL_PROTO_DTLS and
|
* Fix compilation failure when both MBEDTLS_SSL_PROTO_DTLS and
|
||||||
MBEDTLS_SSL_HW_RECORD_ACCEL are enabled.
|
MBEDTLS_SSL_HW_RECORD_ACCEL are enabled.
|
||||||
|
* Remove a spurious check in ssl_parse_client_psk_identity that triggered
|
||||||
|
a warning with some compilers. Fix contributed by irwir in #2856.
|
||||||
|
|
||||||
Changes
|
Changes
|
||||||
* Mbed Crypto is no longer a Git submodule. The crypto part of the library
|
* Mbed Crypto is no longer a Git submodule. The crypto part of the library
|
||||||
|
|
|
@ -2344,7 +2344,7 @@ static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl,
|
||||||
unsigned char *end )
|
unsigned char *end )
|
||||||
{
|
{
|
||||||
int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
|
int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
|
||||||
size_t len;
|
uint16_t len;
|
||||||
((void) ssl);
|
((void) ssl);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -2361,7 +2361,7 @@ static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl,
|
||||||
len = (*p)[0] << 8 | (*p)[1];
|
len = (*p)[0] << 8 | (*p)[1];
|
||||||
*p += 2;
|
*p += 2;
|
||||||
|
|
||||||
if( end - (*p) < (int) len )
|
if( end - (*p) < len )
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message "
|
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message "
|
||||||
"(psk_identity_hint length)" ) );
|
"(psk_identity_hint length)" ) );
|
||||||
|
|
|
@ -3812,7 +3812,7 @@ static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned cha
|
||||||
const unsigned char *end )
|
const unsigned char *end )
|
||||||
{
|
{
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
size_t n;
|
uint16_t n;
|
||||||
|
|
||||||
if( ssl_conf_has_psk_or_cb( ssl->conf ) == 0 )
|
if( ssl_conf_has_psk_or_cb( ssl->conf ) == 0 )
|
||||||
{
|
{
|
||||||
|
@ -3832,7 +3832,7 @@ static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned cha
|
||||||
n = ( (*p)[0] << 8 ) | (*p)[1];
|
n = ( (*p)[0] << 8 ) | (*p)[1];
|
||||||
*p += 2;
|
*p += 2;
|
||||||
|
|
||||||
if( n < 1 || n > 65535 || n > (size_t) ( end - *p ) )
|
if( n == 0 || n > end - *p )
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
|
||||||
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
|
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
|
||||||
|
|
Loading…
Reference in a new issue