Amazing-Mirror/fragattacks
1
0
Fork 0
mirror of https://github.com/vanhoefm/fragattacks.git synced 2024-11-25 08:48:31 -05:00
Code Issues Projects Releases Wiki Activity

TLS client: Send decrypt_error on verify_data validation error

Browse Source 
Previously, this was silently dropped which left the connection waiting
for timeout. decrypt_error alert can be used here to avoid that.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2014-03-09 18:19:32 +02:00
parent 129b9b991a
commit f3ef7a2640
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/tls/tlsv1_client_read.c
View File

@ -931,6 +931,8 @@ static int tls_process_server_finished(struct tlsv1_client *conn, u8 ct,
if (os_memcmp(pos, verify_data, TLS_VERIFY_DATA_LEN) != 0) {
wpa_printf(MSG_INFO, "TLSv1: Mismatch in verify_data");
tls_alert(conn, TLS_ALERT_LEVEL_FATAL,
TLS_ALERT_DECRYPT_ERROR);
return -1;
}