[En-Nut-Discussion] Problem with new TLS
ole.reinhardt at embedded-it.de
Fri Jul 11 16:08:57 CEST 2014
Am 11.07.2014 15:21, schrieb Harald Kipp:
> the following part of tls1.c:add_cert() looks weird:
:-) I will have a look on it ASAP, as I'm using the library in the
current project any way...
> while (ssl_ctx->certs[i].buf && i < TLS_SSL_MAX_CERTS)
> if (i == TLS_SSL_MAX_CERTS) /* too many certs */
> It first accesses certs[TLS_SSL_MAX_CERTS], which doesn't exist and then
> checks, whether this access may have been illegal. Not really the code
> quality I'd expect from security sensitive routines. :-(
Indeed. I found another issue, which I fixed recently. The code itself
is from the axtls project, as you know.
> Btw. I'd consider TLS being a protocol and I'm wondering, why it hasn't
> been stored in nut/pro/tls.
My thought was, that is is much more than a protocol. It contains
several code to check and handle certificates, etc...
The second thought was to not blow up the nutpro library for all people
that do not want to use TLS.
But if you think it should be better located there, we can move it...
kernel concepts GmbH Tel: +49-271-771091-14
Sieghuetter Hauptweg 48 Mob: +49-177-7420433
More information about the En-Nut-Discussion