aboutsummaryrefslogtreecommitdiffstats
path: root/src/crypto
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2015-11-29 21:40:54 (GMT)
committerJouni Malinen <j@w1.fi>2015-11-29 21:40:54 (GMT)
commit7fff91ae51be4385b3ddce68d533855d6f74d157 (patch)
tree356fb8c68487cac4241b26db5cb806025742332a /src/crypto
parent1adf262144ffae33d85bde6eddcb925f0c84e797 (diff)
downloadhostap-7fff91ae51be4385b3ddce68d533855d6f74d157.zip
hostap-7fff91ae51be4385b3ddce68d533855d6f74d157.tar.gz
hostap-7fff91ae51be4385b3ddce68d533855d6f74d157.tar.bz2
Fix tls_connection_prf() regression with CONFIG_TLS=internal
Commit af851914f810978909dd8598ab88030fe43d0051 ('Make tls_connection_get_keyblock_size() internal to tls_*.c') broke tls_connection_prf() with the internal TLS implementation when using skip_keyblock=1. In practice, this broke EAP-FAST. Fix this by deriving the correct number of PRF bytes before skipping the keyblock. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/crypto')
-rw-r--r--src/crypto/tls_internal.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/crypto/tls_internal.c b/src/crypto/tls_internal.c
index 4cf5c45..dcbb31d 100644
--- a/src/crypto/tls_internal.c
+++ b/src/crypto/tls_internal.c
@@ -403,14 +403,14 @@ int tls_connection_prf(void *tls_ctx, struct tls_connection *conn,
if (conn->client) {
ret = tlsv1_client_prf(conn->client, label,
server_random_first,
- _out, out_len);
+ _out, skip + out_len);
}
#endif /* CONFIG_TLS_INTERNAL_CLIENT */
#ifdef CONFIG_TLS_INTERNAL_SERVER
if (conn->server) {
ret = tlsv1_server_prf(conn->server, label,
server_random_first,
- _out, out_len);
+ _out, skip + out_len);
}
#endif /* CONFIG_TLS_INTERNAL_SERVER */
if (ret == 0 && skip_keyblock)