Do not use compression with DTLS

This commit is contained in:
Manuel Pégourié-Gonnard 2014-07-14 17:38:41 +02:00 committed by Paul Bakker
parent 5d53cbef3a
commit a0e1632b79
3 changed files with 67 additions and 14 deletions

View File

@ -1070,6 +1070,8 @@
* CRIME attack. Before enabling this option, you should examine with care if
* CRIME or similar exploits may be a applicable to your use case.
*
* \note Currently compression can't bu used with DTLS.
*
* Used in: library/ssl_tls.c
* library/ssl_cli.c
* library/ssl_srv.c

View File

@ -450,6 +450,7 @@ static int ssl_write_client_hello( ssl_context *ssl )
size_t i, n, olen, ext_len = 0;
unsigned char *buf;
unsigned char *p, *q;
unsigned char offer_compress;
#if defined(POLARSSL_HAVE_TIME)
time_t t;
#endif
@ -636,8 +637,25 @@ static int ssl_write_client_hello( ssl_context *ssl )
SSL_DEBUG_MSG( 3, ( "client hello, got %d ciphersuites", n ) );
#if defined(POLARSSL_ZLIB_SUPPORT)
offer_compress = 1;
#else
offer_compress = 0;
#endif
/*
* We don't support compression with DTLS right now: is many records come
* in the same datagram, uncompressing one could overwrite the next one.
* We don't want to add complexity for handling that case unless there is
* an actual need for it.
*/
#if defined(POLARSSL_SSL_PROTO_DTLS)
if( ssl->transport == SSL_TRANSPORT_DATAGRAM )
offer_compress = 0;
#endif
if( offer_compress )
{
SSL_DEBUG_MSG( 3, ( "client hello, compress len.: %d", 2 ) );
SSL_DEBUG_MSG( 3, ( "client hello, compress alg.: %d %d",
SSL_COMPRESS_DEFLATE, SSL_COMPRESS_NULL ) );
@ -645,13 +663,16 @@ static int ssl_write_client_hello( ssl_context *ssl )
*p++ = 2;
*p++ = SSL_COMPRESS_DEFLATE;
*p++ = SSL_COMPRESS_NULL;
#else
}
else
{
SSL_DEBUG_MSG( 3, ( "client hello, compress len.: %d", 1 ) );
SSL_DEBUG_MSG( 3, ( "client hello, compress alg.: %d", SSL_COMPRESS_NULL ) );
SSL_DEBUG_MSG( 3, ( "client hello, compress alg.: %d",
SSL_COMPRESS_NULL ) );
*p++ = 1;
*p++ = SSL_COMPRESS_NULL;
#endif /* POLARSSL_ZLIB_SUPPORT */
}
// First write extensions, then the total length
//
@ -967,10 +988,11 @@ static int ssl_parse_hello_verify_request( ssl_context *ssl )
static int ssl_parse_server_hello( ssl_context *ssl )
{
int ret, i, comp;
int ret, i;
size_t n;
size_t ext_len;
unsigned char *buf, *ext;
unsigned char comp, accept_comp;
int renegotiation_info_seen = 0;
int handshake_failure = 0;
#if defined(POLARSSL_DEBUG_C)
@ -1113,9 +1135,33 @@ static int ssl_parse_server_hello( ssl_context *ssl )
return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO );
}
/* ciphersuite (used later) */
i = ( buf[39 + n] << 8 ) | buf[40 + n];
/*
* Read and check compression
*/
comp = buf[41 + n];
#if defined(POLARSSL_ZLIB_SUPPORT)
accept_comp = 1;
#else
accept_comp = 0;
#endif
/* See comments in ssl_write_client_hello() */
#if defined(POLARSSL_SSL_PROTO_DTLS)
if( ssl->transport == SSL_TRANSPORT_DATAGRAM )
accept_comp = 0;
#endif
if( ( accept_comp == 0 && comp != SSL_COMPRESS_NULL ) ||
( comp != SSL_COMPRESS_NULL && comp != SSL_COMPRESS_DEFLATE ) )
{
SSL_DEBUG_MSG( 1, ( "server hello, bad compression: %d", comp ) );
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
}
/*
* Initialize update checksum functions
*/

View File

@ -1444,6 +1444,11 @@ static int ssl_parse_client_hello( ssl_context *ssl )
}
#endif
/* See comments in ssl_write_client_hello() */
#if defined(POLARSSL_SSL_PROTO_DTLS)
if( ssl->transport == SSL_TRANSPORT_DATAGRAM )
ssl->session_negotiate->compression = SSL_COMPRESS_NULL;
#endif
/*
* Check the extension length
*/