mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-29 10:48:22 -05:00
Use larger buffer for TLS encryption to avoid issues with GnuTLS
It looks like GnuTLS (at least newer versions) is using random padding on the application data and the previously used 100 byte extra buffer for tls_connection_encrypt() calls was not enough to handle all cases. This resulted in semi-random authentication failures with EAP-PEAP and EAP-TTLS during Phase 2. Increase the extra space for encryption from 100 to 300 bytes and add an error message into tls_gnutls.c to make it easier to notice this issue should it ever show up again even with the larger buffer.
This commit is contained in:
parent
363a9e2434
commit
edd757e8a3
@ -1060,6 +1060,14 @@ int tls_connection_encrypt(void *ssl_ctx, struct tls_connection *conn,
|
|||||||
return -1;
|
return -1;
|
||||||
if (conn->push_buf_len < out_len)
|
if (conn->push_buf_len < out_len)
|
||||||
out_len = conn->push_buf_len;
|
out_len = conn->push_buf_len;
|
||||||
|
else if (conn->push_buf_len > out_len) {
|
||||||
|
wpa_printf(MSG_INFO, "GnuTLS: Not enough buffer space for "
|
||||||
|
"encrypted message (in_len=%lu push_buf_len=%lu "
|
||||||
|
"out_len=%lu",
|
||||||
|
(unsigned long) in_len,
|
||||||
|
(unsigned long) conn->push_buf_len,
|
||||||
|
(unsigned long) out_len);
|
||||||
|
}
|
||||||
os_memcpy(out_data, conn->push_buf, out_len);
|
os_memcpy(out_data, conn->push_buf, out_len);
|
||||||
os_free(conn->push_buf);
|
os_free(conn->push_buf);
|
||||||
conn->push_buf = NULL;
|
conn->push_buf = NULL;
|
||||||
|
@ -904,7 +904,7 @@ int eap_peer_tls_encrypt(struct eap_sm *sm, struct eap_ssl_data *data,
|
|||||||
|
|
||||||
if (in_data) {
|
if (in_data) {
|
||||||
eap_peer_tls_reset_output(data);
|
eap_peer_tls_reset_output(data);
|
||||||
len = wpabuf_len(in_data) + 100;
|
len = wpabuf_len(in_data) + 300;
|
||||||
data->tls_out = os_malloc(len);
|
data->tls_out = os_malloc(len);
|
||||||
if (data->tls_out == NULL)
|
if (data->tls_out == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
|
Loading…
Reference in New Issue
Block a user