faraphel/chrony
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

nts: make sure encrypted S2C and C2S keys have equal length

Browse source 
Don't allow a cookie to contain keys with different lengths to not break
the assumption made in decoding, if there will ever be a case where this
could be requested.
This commit is contained in:
Miroslav Lichvar 2022-10-11 12:32:04 +02:00
parent 4baf999cc3
commit ec89739d50
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
nts_ke_server.c
View file

@ -869,7 +869,7 @@ NKS_GenerateCookie(NKE_Context *context, NKE_Cookie *cookie)
} }
if (context->c2s.length < 0 || context->c2s.length > NKE_MAX_KEY_LENGTH || if (context->c2s.length < 0 || context->c2s.length > NKE_MAX_KEY_LENGTH ||
context->s2c.length < 0 || context->s2c.length > NKE_MAX_KEY_LENGTH) { context->s2c.length != context->c2s.length) {
DEBUG_LOG("Invalid key length"); DEBUG_LOG("Invalid key length");
return 0; return 0;
} }