You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
69ac637fbb
Fixed an authentication bypass issue in SSL/TLS. When the TLS authentication mode was set to 'optional', mbedtls_ssl_get_verify_result() would incorrectly return 0 when the peer's X.509 certificate chain had more than MBEDTLS_X509_MAX_INTERMEDIATE_CA intermediates (default: 8), even when it was not trusted. This could be triggered remotely on both the client and server side. (Note, with the authentication mode set by mbedtls_ssl_conf_authmode()to be 'required' (the default), the handshake was correctly aborted). Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk> Tested-by: Magnus Kroken <mkroken@gmail.com> |
7 years ago | |
|---|---|---|
| .. | ||
| base-files | 7 years ago | |
| boot | 7 years ago | |
| devel | 7 years ago | |
| firmware | 7 years ago | |
| kernel | 7 years ago | |
| libs | 7 years ago | |
| network | 7 years ago | |
| system | 7 years ago | |
| utils | 7 years ago | |
| Makefile | 7 years ago | |