diff options
author | Filip Tehlar <ftehlar@cisco.com> | 2020-03-25 02:46:28 +0000 |
---|---|---|
committer | Dave Barach <openvpp@barachs.net> | 2020-03-26 12:32:59 +0000 |
commit | 336eac84eb7902eae212f05711ce06967b4d202c (patch) | |
tree | 35923841fb10b0c3dd8d88858bfcfcbb25a35747 /src/plugins/quic/certs.h | |
parent | c415d0a8e34a30aeb7efe2360937426b724206c2 (diff) |
ikev2: fix wrong usage of BN_bn2bin()
This patch fixes 2 different crashes:
1) BN_bn2bin() returns bytes written, not actual key length. Use
BN_bn2binpad() instead which adds padding.
2) Initiator may receive multiple sa-init responses for the same ispi
which may result in crash. Remember first response and ignore any
subsequent ones.
Type: fix
Change-Id: Ia1eac9167e3100a6894c0563ee70bab04f6a5f4f
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Diffstat (limited to 'src/plugins/quic/certs.h')
0 files changed, 0 insertions, 0 deletions