[gnutls-devel] GnuTLS | support non-NULL-terminated PSKs (!917)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Wed Mar 18 11:25:47 CET 2020
Nikos Mavrogiannopoulos commented on a discussion on lib/handshake-checks.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/917#note_306942523
> return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
>
> if (session->internals.saved_username_set) {
> - if (strcmp(session->internals.saved_username, username) != 0) {
> + if (username_length == strlen(session->internals.saved_username) &&
> + strncmp(session->internals.saved_username, username, username_length) != 0) {
> _gnutls_debug_log("Session's PSK username changed during rehandshake; aborting!\n");
> return gnutls_assert_val(GNUTLS_E_SESSION_USER_ID_CHANGED);
> }
> } else {
> - size_t len = strlen(username);
> -
> - memcpy(session->internals.saved_username, username, len);
> - session->internals.saved_username[len] = 0;
> + memcpy(session->internals.saved_username, username, username_length);
I added a proposed fix in the branch. @juaristi could you check it and confirm you're ok with that?
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/917#note_306942523
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200318/43216c61/attachment.html>
More information about the Gnutls-devel
mailing list