diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-11-27 11:07:40 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-11-27 12:04:41 +0100 |
commit | e307dbe411c16ab831cb10cb168d5b57c2293a7a (patch) | |
tree | bc299552c348f92e4787724ce47e91fb5846274e | |
parent | 9853dbb8f3e8921500e3d8bed0a1f9aca79258ec (diff) | |
download | gnutls-e307dbe411c16ab831cb10cb168d5b57c2293a7a.tar.gz |
gnutls_prf_rfc5705: apply the context limits only under TLS1.2 or earlier
These limits do not exist under TLS1.3.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-rw-r--r-- | lib/prf.c | 10 |
1 files changed, 5 insertions, 5 deletions
@@ -136,11 +136,6 @@ gnutls_prf_rfc5705(gnutls_session_t session, const version_entry_st *vers = get_version(session); int ret; - if (context != NULL && context_size > 65535) { - gnutls_assert(); - return GNUTLS_E_INVALID_REQUEST; - } - if (vers && vers->tls13_sem) { uint8_t secret[MAX_HASH_SIZE]; uint8_t digest[MAX_HASH_SIZE]; @@ -169,6 +164,11 @@ gnutls_prf_rfc5705(gnutls_session_t session, } else { char *pctx = NULL; + if (context != NULL && context_size > 65535) { + gnutls_assert(); + return GNUTLS_E_INVALID_REQUEST; + } + if (context != NULL) { pctx = gnutls_malloc(context_size+2); if (!pctx) { |