aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2019-02-09 16:05:45 (GMT)
committerJouni Malinen <j@w1.fi>2019-02-09 23:43:50 (GMT)
commit19dd7a736ed9928505f1b9886e002210d0adf44b (patch)
tree129166a74b43141cebd97b67cd88bfd5df84da4a /src/tls
parentf08ab18bf970b9ed2df3cb01536970284d40fb77 (diff)
downloadhostap-19dd7a736ed9928505f1b9886e002210d0adf44b.zip
hostap-19dd7a736ed9928505f1b9886e002210d0adf44b.tar.gz
hostap-19dd7a736ed9928505f1b9886e002210d0adf44b.tar.bz2
TLS server: Local failure information on verify_data mismatch
Mark connection state FAILED in this case even though TLS Alert is not sent. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/tls')
-rw-r--r--src/tls/tlsv1_server_read.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/src/tls/tlsv1_server_read.c b/src/tls/tlsv1_server_read.c
index 5ff9f89..e957678 100644
--- a/src/tls/tlsv1_server_read.c
+++ b/src/tls/tlsv1_server_read.c
@@ -1245,6 +1245,7 @@ static int tls_process_client_finished(struct tlsv1_server *conn, u8 ct,
if (os_memcmp_const(pos, verify_data, TLS_VERIFY_DATA_LEN) != 0) {
tlsv1_server_log(conn, "Mismatch in verify_data");
+ conn->state = FAILED;
return -1;
}