habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

eap/tls: trunc data to size we read

Browse Source 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens Langhammer
2025-05-23 21:21:39 +02:00
parent c49274042b
commit 4d944f7444
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
internal/outpost/radius/eap/protocol/tls/inner.go
View File

@ -8,10 +8,14 @@ func (p *Payload) innerHandler(ctx protocol.Context) {
d := make([]byte, 1024) d := make([]byte, 1024)
if !ctx.IsProtocolStart(p.Inner.Type()) { if !ctx.IsProtocolStart(p.Inner.Type()) {
ctx.Log().Debug("TLS: Reading from TLS for inner protocol") ctx.Log().Debug("TLS: Reading from TLS for inner protocol")
_, err := p.st.TLS.Read(d) n, err := p.st.TLS.Read(d)
if err != nil { if err != nil {
ctx.Log().WithError(err).Warning("TLS: Failed to read from TLS connection") ctx.Log().WithError(err).Warning("TLS: Failed to read from TLS connection")
ctx.EndInnerProtocol(protocol.StatusError, nil)
return
} }
// Truncate data to the size we read
d = d[:n]
} }
err := p.Inner.Decode(d) err := p.Inner.Decode(d)
if err != nil { if err != nil {