path: root/hostapd/ChangeLog
diff options
authorJouni Malinen <j@w1.fi>2008-08-24 10:08:15 (GMT)
committerJouni Malinen <j@w1.fi>2008-08-24 10:08:15 (GMT)
commit4d4233eaf4217106e7fc09d6bc95183d6ac7e7c2 (patch)
tree6c643a7e048131b8414d684f0079d2f6147793ce /hostapd/ChangeLog
parent1f21bc4cc37c99af7014a4d2dd1d9e8ac5f472ac (diff)
Fixed internal TLSv1 server implementation for abbreviated handshake
When the TLS handshake had been completed earlier by the server in case of abbreviated handshake, the output buffer length was left uninitialized. It must be initialized to zero in this case. This code is used by EAP-FAST server and the uninitialized length could have caused it to try to send a very large frame (though, this would be terminated by the 50 roundtrip EAP limit). This broke EAP-FAST server code in some cases when PAC was used to establish the tunnel.
Diffstat (limited to 'hostapd/ChangeLog')
1 files changed, 2 insertions, 0 deletions
diff --git a/hostapd/ChangeLog b/hostapd/ChangeLog
index f3c0155..2db46b8 100644
--- a/hostapd/ChangeLog
+++ b/hostapd/ChangeLog
@@ -5,6 +5,8 @@ ChangeLog for hostapd
internal X.509/TLSv1 implementation
* fixed EAP-FAST PAC-Opaque padding (0.6.4 broke this for some peer
identity lengths)
+ * fixed internal TLSv1 implementation for abbreviated handshake (used
+ by EAP-FAST server)
2008-08-10 - v0.6.4
* added peer identity into EAP-FAST PAC-Opaque and skip Phase 2