Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

GnuTLS: Check for any unknown verification failure

After having checked all known GNUTLS_CERT_* error cases that we care
about, check that no other errors have been indicated by
gnutls_certificate_verify_peers2() as a reason to reject negotiation.

Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen 10 years ago
parent
e0d431a515
commit
4bc13bf709
1 changed files with 7 additions and 0 deletions
Split View Show Diff Stats
  1. 7 0
      src/crypto/tls_gnutls.c

+ 7 - 0
src/crypto/tls_gnutls.c
View File 

@@ -713,6 +713,13 @@ static int tls_connection_verify_peer(gnutls_session_t session)
 
 		goto out;
 
 	}
 
 
+	if (status != 0) {
 
+		wpa_printf(MSG_INFO, "TLS: Unknown verification status: %d",
 
+			   status);
 
+		err = GNUTLS_A_INTERNAL_ERROR;
 
+		goto out;
 
+	}
 
+
 
 	os_get_time(&now);
 
 
 	certs = gnutls_certificate_get_peers(session, &num_certs);