yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-27 02:04:21 +01:00
Code Issues Packages Projects Releases Wiki Activity

Revert "Fix verion-major intolerance"

Browse Source 
This reverts commit 6d841c2c5c.

This commit introduced a security-critical bug in the way the client version
is validated. Let's first revert it to fix the security issue, and then fix
the version-major intolerance issue another way.
This commit is contained in:
Manuel Pégourié-Gonnard 2015-04-10 13:57:43 +02:00
parent 9fdc58fd9e
commit 9b4c5d9f21
1 changed files with 11 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
library/ssl_srv.c
View File

@ -438,20 +438,15 @@ static int ssl_parse_client_hello( ssl_context *ssl )
buf[1], buf[2] ) );
/*
* SSLv3/TLS Client Hello
* SSLv3 Client Hello
*
* Record layer:
* 0 . 0 message type
* 1 . 2 protocol version
* 3 . 4 message length
*/
/* According to RFC 5246 Appendix E.1, the version here is typically
* "{03,00}, the lowest version number supported by the client, [or] the
* value of ClientHello.client_version", so the only meaningful check here
* is the major version shouldn't be less than 3 */
if( buf[0] != SSL_MSG_HANDSHAKE ||
buf[1] < SSL_MAJOR_VERSION_3 )
buf[1] != SSL_MAJOR_VERSION_3 )
{
SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO );
@ -507,24 +502,21 @@ static int ssl_parse_client_hello( ssl_context *ssl )
/*
* Check the handshake type and protocol version
*/
if( buf[0] != SSL_HS_CLIENT_HELLO )
if( buf[0] != SSL_HS_CLIENT_HELLO ||
buf[4] != SSL_MAJOR_VERSION_3 )
{
SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO );
}
ssl->major_ver = buf[4];
ssl->minor_ver = buf[5];
ssl->major_ver = SSL_MAJOR_VERSION_3;
ssl->minor_ver = ( buf[5] <= SSL_MINOR_VERSION_3 )
? buf[5] : SSL_MINOR_VERSION_3;
ssl->max_major_ver = ssl->major_ver;
ssl->max_minor_ver = ssl->minor_ver;
if( ssl->major_ver < ssl->min_major_ver ||
ssl->minor_ver < ssl->min_minor_ver )
if( ssl->minor_ver < ssl->min_minor_ver )
{
SSL_DEBUG_MSG( 1, ( "client only supports ssl smaller than minimum"
" [%d:%d] < [%d:%d]",
ssl->major_ver, ssl->minor_ver,
" [%d:%d] < [%d:%d]", ssl->major_ver, ssl->minor_ver,
ssl->min_major_ver, ssl->min_minor_ver ) );
ssl_send_alert_message( ssl, SSL_ALERT_LEVEL_FATAL,
@ -533,13 +525,8 @@ static int ssl_parse_client_hello( ssl_context *ssl )
return( POLARSSL_ERR_SSL_BAD_HS_PROTOCOL_VERSION );
}
if( ssl->major_ver > ssl->max_major_ver )
{
ssl->major_ver = ssl->max_major_ver;
ssl->minor_ver = ssl->max_minor_ver;
}
else if( ssl->minor_ver > ssl->max_minor_ver )
ssl->minor_ver = ssl->max_minor_ver;
ssl->max_major_ver = buf[4];
ssl->max_minor_ver = buf[5];
memcpy( ssl->handshake->randbytes, buf + 6, 32 );