52 	const u8 *pos, *end, *c;
67 	pos = in_data;
74 	if (*pos != TLS_HANDSHAKE_TYPE_CLIENT_HELLO) {
76 				 *pos);
82 	pos++;
84 	len = WPA_GET_BE24(pos);
85 	pos += 3;
93 	wpa_hexdump(MSG_MSGDUMP, "TLSv1: ClientHello", pos, len);
94 	end = pos + len;
97 	if (end - pos < 2)
99 	conn->client_version = WPA_GET_BE16(pos);
111 	pos += 2;
127 	if (end - pos < TLS_RANDOM_LEN)
130 	os_memcpy(conn->client_random, pos, TLS_RANDOM_LEN);
131 	pos += TLS_RANDOM_LEN;
136 	if (end - pos < 1)
138 	if (end - pos < 1 + *pos || *pos > TLS_SESSION_ID_MAX_LEN)
140 	wpa_hexdump(MSG_MSGDUMP, "TLSv1: client session_id", pos + 1, *pos);
141 	pos += 1 + *pos;
145 	if (end - pos < 2)
147 	num_suites = WPA_GET_BE16(pos);
148 	pos += 2;
149 	if (end - pos < num_suites)
152 		    pos, num_suites);
161 		c = pos;
171 	pos += num_suites * 2;
190 	if (end - pos < 1)
192 	num_suites = *pos++;
193 	if (end - pos < num_suites)
196 		    pos, num_suites);
199 		if (*pos++ == TLS_COMPRESSION_NULL)
209 	if (end - pos == 1) {
211 				 *pos);
215 	if (end - pos >= 2) {
217 		ext_len = WPA_GET_BE16(pos);
218 		pos += 2;
222 		if (end - pos != ext_len) {
224 					 ext_len, (unsigned int) (end - pos));
235 		while (pos < end) {
236 			if (end - pos < 2) {
241 			ext_type = WPA_GET_BE16(pos);
242 			pos += 2;
244 			if (end - pos < 2) {
249 			ext_len = WPA_GET_BE16(pos);
250 			pos += 2;
252 			if (end - pos < ext_len) {
260 				    "Extension data", pos, ext_len);
266 					os_memcpy(conn->session_ticket, pos,
272 			pos += ext_len;
294 	const u8 *pos, *end;
308 	pos = in_data;
319 	type = *pos++;
320 	len = WPA_GET_BE24(pos);
321 	pos += 3;
362 	end = pos + len;
364 	if (end - pos < 3) {
372 	list_len = WPA_GET_BE24(pos);
373 	pos += 3;
375 	if ((size_t) (end - pos) != list_len) {
378 				 (unsigned long) (end - pos));
385 	while (pos < end) {
386 		if (end - pos < 3) {
394 		cert_len = WPA_GET_BE24(pos);
395 		pos += 3;
397 		if ((size_t) (end - pos) < cert_len) {
400 					 (unsigned long) (end - pos));
412 			if (tls_parse_cert(pos, cert_len,
422 		cert = x509_certificate_parse(pos, cert_len);
438 		pos += cert_len;
485 	struct tlsv1_server *conn, const u8 *pos, const u8 *end)
493 	if (end - pos < 2) {
499 	encr_len = WPA_GET_BE16(pos);
500 	pos += 2;
501 	if (pos + encr_len > end) {
503 				 encr_len, (unsigned int) (end - pos));
509 	outbuflen = outlen = end - pos;
537 						 pos, encr_len,
588 	struct tlsv1_server *conn, const u8 *pos, const u8 *end)
609 		    pos, end - pos);
611 	if (end == pos) {
619 	if (end - pos < 3) {
626 	dh_yc_len = WPA_GET_BE16(pos);
627 	dh_yc = pos + 2;
696 	const u8 *pos, *end;
710 	pos = in_data;
721 	type = *pos++;
722 	len = WPA_GET_BE24(pos);
723 	pos += 3;
734 	end = pos + len;
746 	wpa_hexdump(MSG_DEBUG, "TLSv1: ClientKeyExchange", pos, len);
755 	    tls_process_client_key_exchange_dh(conn, pos, end) < 0)
759 	    tls_process_client_key_exchange_rsa(conn, pos, end) < 0)
773 	const u8 *pos, *end;
800 	pos = in_data;
811 	type = *pos++;
812 	len = WPA_GET_BE24(pos);
813 	pos += 3;
824 	end = pos + len;
856 		if (end - pos < 2) {
861 		if (pos[0] != TLS_HASH_ALG_SHA256 ||
862 		    pos[1] != TLS_SIGN_ALG_RSA) {
865 				   pos[0], pos[1]);
870 		pos += 2;
917 				 hash, hlen, pos, end - pos, &alert) < 0) {
935 	const u8 *pos;
946 	pos = in_data;
956 	if (*pos != TLS_CHANGE_CIPHER_SPEC) {
958 				 *pos);
973 	*in_len = pos + 1 - in_data;
984 	const u8 *pos, *end;
1036 	pos = in_data;
1047 	if (pos[0] != TLS_HANDSHAKE_TYPE_FINISHED) {
1049 			   "type 0x%x", pos[0]);
1055 	len = WPA_GET_BE24(pos + 1);
1057 	pos += 4;
1067 	end = pos + len;
1076 		    pos, TLS_VERIFY_DATA_LEN);
1132 	if (os_memcmp_const(pos, verify_data, TLS_VERIFY_DATA_LEN) != 0) {

Indexes created Sun Aug 18 21:54:11 MDT 2024