Fix possible crash when DH parameters are not provided

[solanum.git] / ssld / ssld.c

diff --git a/ssld/ssld.c b/ssld/ssld.c
index e8fb5adfc35f8a087ab832d6a89e109b2df41906..9349100405723d4b576698bd251dc6439b04f076 100644 (file)
--- a/ssld/ssld.c
+++ b/ssld/ssld.c
@@ -686,17 +686,18 @@ ssl_send_cipher(conn_t *conn)
 static void
 ssl_send_certfp(conn_t *conn)
 {
-       uint8_t buf[9 + RB_SSL_CERTFP_LEN];
+       uint8_t buf[13 + RB_SSL_CERTFP_LEN];
 
-       int len = rb_get_ssl_certfp(conn->mod_fd, &buf[9], certfp_method);
+       int len = rb_get_ssl_certfp(conn->mod_fd, &buf[13], certfp_method);
        if (!len)
                return;
 
        lrb_assert(len <= RB_SSL_CERTFP_LEN);
        buf[0] = 'F';
        uint32_to_buf(&buf[1], conn->id);
-       uint32_to_buf(&buf[5], len);
-       mod_cmd_write_queue(conn->ctl, buf, 9 + len);
+       uint32_to_buf(&buf[5], certfp_method);
+       uint32_to_buf(&buf[9], len);
+       mod_cmd_write_queue(conn->ctl, buf, 13 + len);
 }
 
 static void
@@ -907,10 +908,10 @@ ssl_new_keys(mod_ctl_t * ctl, mod_ctl_buf_t * ctl_buf)
        key = buf;
        buf += strlen(key) + 1;
        dhparam = buf;
-       if(strlen(dhparam) == 0)
-               dhparam = NULL;
        buf += strlen(dhparam) + 1;
        cipher_list = buf;
+       if(strlen(dhparam) == 0)
+               dhparam = NULL;
        if(strlen(cipher_list) == 0)
                cipher_list = NULL;