aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorChristian Lamparter <chunkeey@googlemail.com>2011-02-21 16:25:34 (GMT)
committerJouni Malinen <j@w1.fi>2011-02-21 16:25:34 (GMT)
commit6fc34d9fe51ee6a060562aaceb166c8fed0fd8a5 (patch)
treeada7a9b63746cae261bea129526bff269db59d4b /src
parentf39b07d7ed777a422af5403f68aeb5f1e180e4e8 (diff)
downloadhostap-6fc34d9fe51ee6a060562aaceb166c8fed0fd8a5.zip
hostap-6fc34d9fe51ee6a060562aaceb166c8fed0fd8a5.tar.gz
hostap-6fc34d9fe51ee6a060562aaceb166c8fed0fd8a5.tar.bz2
Increase internal TLSs client key exchange buffer
This patch fixes a problem I had when I tried to connect an embedded system [wpa_supplicant, CONFIG_TLS=internal] to my TLS secured network. TLSv1: Send CertificateVerify TLSv1: CertificateVerify hash - hexdump(len=36): ha .. ha PKCS #1: pkcs1_generate_encryption_block - Invalid buffer lengths \ (modlen=512 outlen=454 inlen=36) It turned out that a fixed 1000 byte message buffer was just a little bit too small for the 4096 bit RSA certificates I'm using. Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
Diffstat (limited to 'src')
-rw-r--r--src/tls/tlsv1_client_write.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/tls/tlsv1_client_write.c b/src/tls/tlsv1_client_write.c
index 9ecec46..0898df9 100644
--- a/src/tls/tlsv1_client_write.c
+++ b/src/tls/tlsv1_client_write.c
@@ -669,7 +669,7 @@ static u8 * tls_send_client_key_exchange(struct tlsv1_client *conn,
*out_len = 0;
- msglen = 1000;
+ msglen = 2000;
if (conn->certificate_requested)
msglen += tls_client_cert_chain_der_len(conn);