aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls/tlsv1_client.c
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2015-11-29 15:30:37 (GMT)
committerJouni Malinen <j@w1.fi>2015-11-29 16:21:07 (GMT)
commit0aed9156efc99fa16fb01a3fa31a16c119408929 (patch)
tree6108e8027fdf5500610b9525d8f44fd443a74563 /src/tls/tlsv1_client.c
parent9e8809a717f98d8c6cd14448d221c3b38492f775 (diff)
downloadhostap-0aed9156efc99fa16fb01a3fa31a16c119408929.zip
hostap-0aed9156efc99fa16fb01a3fa31a16c119408929.tar.gz
hostap-0aed9156efc99fa16fb01a3fa31a16c119408929.tar.bz2
TLS client: Add signature_algorithms extension into ClientHello
Since we support only SHA256 (and not the default SHA1) with TLS v1.2, the signature_algorithms extensions needs to be added into ClientHello. This fixes interop issues with the current version of OpenSSL that uses the default SHA1 hash if ClientHello does not specify allowed signature algorithms. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/tls/tlsv1_client.c')
-rw-r--r--src/tls/tlsv1_client.c6
1 files changed, 2 insertions, 4 deletions
diff --git a/src/tls/tlsv1_client.c b/src/tls/tlsv1_client.c
index a6f0587..2fa43ad 100644
--- a/src/tls/tlsv1_client.c
+++ b/src/tls/tlsv1_client.c
@@ -691,18 +691,16 @@ int tlsv1_client_hello_ext(struct tlsv1_client *conn, int ext_type,
if (data == NULL || data_len == 0)
return 0;
- pos = conn->client_hello_ext = os_malloc(6 + data_len);
+ pos = conn->client_hello_ext = os_malloc(4 + data_len);
if (pos == NULL)
return -1;
- WPA_PUT_BE16(pos, 4 + data_len);
- pos += 2;
WPA_PUT_BE16(pos, ext_type);
pos += 2;
WPA_PUT_BE16(pos, data_len);
pos += 2;
os_memcpy(pos, data, data_len);
- conn->client_hello_ext_len = 6 + data_len;
+ conn->client_hello_ext_len = 4 + data_len;
if (ext_type == TLS_EXT_PAC_OPAQUE) {
conn->session_ticket_included = 1;