- Removed handling for SSLv2 Client Hello (as per RFC 5246 recommendation)

2024-11-22 12:15:38 +01:00 · 2012-09-09 19:17:02 +00:00 · 2012-09-09 19:17:02 +00:00 · ec636f3bdd
commit ec636f3bdd
parent 68b6d88f5e
2 changed files with 155 additions and 282 deletions
--- a/1
+++ b/1
@ -35,6 +35,7 @@ Changes
     to not match CN if subjectAltName extension is present (Closes ticket #56)
   * Cipher layer cipher_mode_t POLARSSL_MODE_CFB128 is renamed to
     POLARSSL_MODE_CFB, to also handle different block size CFB modes.
+   * Removed handling for SSLv2 Client Hello (as per RFC 5246 recommendation)

 Bugfix
   * Fixed handling error in mpi_cmp_mpi() on longer B values (found by
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@ -44,7 +44,7 @@ static int ssl_parse_client_hello( ssl_context *ssl )
    unsigned int i, j;
    size_t n;
    unsigned int ciph_len, sess_len;
-    unsigned int chal_len, comp_len;
+    unsigned int comp_len;
    unsigned char *buf, *p;

    SSL_DEBUG_MSG( 2, ( "=> parse client hello" ) );
@ -57,133 +57,6 @@ static int ssl_parse_client_hello( ssl_context *ssl )

    buf = ssl->in_hdr;

-    if( ( buf[0] & 0x80 ) != 0 )
-    {
-        SSL_DEBUG_BUF( 4, "record header", buf, 5 );
-
-        SSL_DEBUG_MSG( 3, ( "client hello v2, message type: %d",
-                       buf[2] ) );
-        SSL_DEBUG_MSG( 3, ( "client hello v2, message len.: %d",
-                       ( ( buf[0] & 0x7F ) << 8 ) | buf[1] ) );
-        SSL_DEBUG_MSG( 3, ( "client hello v2, max. version: [%d:%d]",
-                       buf[3], buf[4] ) );
-
-        /*
-         * SSLv2 Client Hello
-         *
-         * Record layer:
-         *     0  .   1   message length
-         *
-         * SSL layer:
-         *     2  .   2   message type
-         *     3  .   4   protocol version
-         */
-        if( buf[2] != SSL_HS_CLIENT_HELLO ||
-            buf[3] != SSL_MAJOR_VERSION_3 )
-        {
-            SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-            return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO );
-        }
-
-        n = ( ( buf[0] << 8 ) | buf[1] ) & 0x7FFF;
-
-        if( n < 17 || n > 512 )
-        {
-            SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-            return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO );
-        }
-
-        ssl->max_major_ver = buf[3];
-        ssl->max_minor_ver = buf[4];
-
-        ssl->major_ver = SSL_MAJOR_VERSION_3;
-        ssl->minor_ver = ( buf[4] <= SSL_MINOR_VERSION_3 )
-                         ? buf[4]  : SSL_MINOR_VERSION_3;
-
-        if( ( ret = ssl_fetch_input( ssl, 2 + n ) ) != 0 )
-        {
-            SSL_DEBUG_RET( 1, "ssl_fetch_input", ret );
-            return( ret );
-        }
-
-        ssl->update_checksum( ssl, buf + 2, n );
-
-        buf = ssl->in_msg;
-        n = ssl->in_left - 5;
-
-        /*
-         *    0  .   1   ciphersuitelist length
-         *    2  .   3   session id length
-         *    4  .   5   challenge length
-         *    6  .  ..   ciphersuitelist
-         *   ..  .  ..   session id
-         *   ..  .  ..   challenge
-         */
-        SSL_DEBUG_BUF( 4, "record contents", buf, n );
-
-        ciph_len = ( buf[0] << 8 ) | buf[1];
-        sess_len = ( buf[2] << 8 ) | buf[3];
-        chal_len = ( buf[4] << 8 ) | buf[5];
-
-        SSL_DEBUG_MSG( 3, ( "ciph_len: %d, sess_len: %d, chal_len: %d",
-                       ciph_len, sess_len, chal_len ) );
-
-        /*
-         * Make sure each parameter length is valid
-         */
-        if( ciph_len < 3 || ( ciph_len % 3 ) != 0 )
-        {
-            SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-            return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO );
-        }
-
-        if( sess_len > 32 )
-        {
-            SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-            return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO );
-        }
-
-        if( chal_len < 8 || chal_len > 32 )
-        {
-            SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-            return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO );
-        }
-
-        if( n != 6 + ciph_len + sess_len + chal_len )
-        {
-            SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-            return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO );
-        }
-
-        SSL_DEBUG_BUF( 3, "client hello, ciphersuitelist",
-                       buf + 6,  ciph_len );
-        SSL_DEBUG_BUF( 3, "client hello, session id",
-                       buf + 6 + ciph_len,  sess_len );
-        SSL_DEBUG_BUF( 3, "client hello, challenge",
-                       buf + 6 + ciph_len + sess_len,  chal_len );
-
-        p = buf + 6 + ciph_len;
-        ssl->session->length = sess_len;
-        memset( ssl->session->id, 0, sizeof( ssl->session->id ) );
-        memcpy( ssl->session->id, p, ssl->session->length );
-
-        p += sess_len;
-        memset( ssl->randbytes, 0, 64 );
-        memcpy( ssl->randbytes + 32 - chal_len, p, chal_len );
-
-        for( i = 0; ssl->ciphersuites[i] != 0; i++ )
-        {
-            for( j = 0, p = buf + 6; j < ciph_len; j += 3, p += 3 )
-            {
-                if( p[0] == 0 &&
-                    p[1] == 0 &&
-                    p[2] == ssl->ciphersuites[i] )
-                    goto have_ciphersuite;
-            }
-        }
-    }
-    else
-    {
    SSL_DEBUG_BUF( 4, "record header", buf, 5 );

    SSL_DEBUG_MSG( 3, ( "client hello v3, message type: %d",
@ -349,7 +222,6 @@ static int ssl_parse_client_hello( ssl_context *ssl )
                goto have_ciphersuite;
        }
    }
-    }

    SSL_DEBUG_MSG( 1, ( "got no ciphersuites in common" ) );