summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjsing <>2016-11-03 16:27:16 +0000
committerjsing <>2016-11-03 16:27:16 +0000
commit23f78c10894bdcafda0fd7ff6a4d5a2088838193 (patch)
tree63ff4dadd612cc6945d080a20f24d7d6398883d5
parent3ab0f473d1abc41af4d1115f8a6d292f39cd3e80 (diff)
downloadopenbsd-23f78c10894bdcafda0fd7ff6a4d5a2088838193.tar.gz
openbsd-23f78c10894bdcafda0fd7ff6a4d5a2088838193.tar.bz2
openbsd-23f78c10894bdcafda0fd7ff6a4d5a2088838193.zip
MFC: In ssl3_read_bytes(), do not process more than three consecutive TLSlibressl-v2.3.9
records, otherwise a peer can potentially cause us to loop indefinately. Return with an SSL_ERROR_WANT_READ instead, so that the caller can choose when they want to handle further processing for this connection. ok beck@ miod@
Diffstat
-rw-r--r--src/lib/libssl/src/ssl/s3_pkt.c28
1 files changed, 24 insertions, 4 deletions
diff --git a/src/lib/libssl/src/ssl/s3_pkt.c b/src/lib/libssl/src/ssl/s3_pkt.c
index bb36a1a11f..e8da4abcf4 100644
--- a/src/lib/libssl/src/ssl/s3_pkt.c
+++ b/src/lib/libssl/src/ssl/s3_pkt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_pkt.c,v 1.57.2.2 2016/05/04 01:10:57 tedu Exp $ */ 1/* $OpenBSD: s3_pkt.c,v 1.57.2.3 2016/11/03 16:27:16 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -839,10 +839,11 @@ ssl3_write_pending(SSL *s, int type, const unsigned char *buf, unsigned int len)
839int 839int
840ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) 840ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
841{ 841{
842 int al, i, j, ret; 842 void (*cb)(const SSL *ssl, int type2, int val) = NULL;
843 int al, i, j, ret, rrcount = 0;
843 unsigned int n; 844 unsigned int n;
844 SSL3_RECORD *rr; 845 SSL3_RECORD *rr;
845 void (*cb)(const SSL *ssl, int type2, int val) = NULL; 846 BIO *bio;
846 847
847 if (s->s3->rbuf.buf == NULL) /* Not initialized yet */ 848 if (s->s3->rbuf.buf == NULL) /* Not initialized yet */
848 if (!ssl3_setup_read_buffer(s)) 849 if (!ssl3_setup_read_buffer(s))
@@ -896,7 +897,27 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
896 return (-1); 897 return (-1);
897 } 898 }
898 } 899 }
900
899start: 901start:
902 /*
903 * Do not process more than three consecutive records, otherwise the
904 * peer can cause us to loop indefinitely. Instead, return with an
905 * SSL_ERROR_WANT_READ so the caller can choose when to handle further
906 * processing. In the future, the total number of non-handshake and
907 * non-application data records per connection should probably also be
908 * limited...
909 */
910 if (rrcount++ >= 3) {
911 if ((bio = SSL_get_rbio(s)) == NULL) {
912 SSLerr(SSL_F_SSL3_READ_BYTES, ERR_R_INTERNAL_ERROR);
913 return -1;
914 }
915 BIO_clear_retry_flags(bio);
916 BIO_set_retry_read(bio);
917 s->rwstate = SSL_READING;
918 return -1;
919 }
920
900 s->rwstate = SSL_NOTHING; 921 s->rwstate = SSL_NOTHING;
901 922
902 /* 923 /*
@@ -1049,7 +1070,6 @@ start:
1049 if (!(s->mode & SSL_MODE_AUTO_RETRY)) { 1070 if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
1050 if (s->s3->rbuf.left == 0) { 1071 if (s->s3->rbuf.left == 0) {
1051 /* no read-ahead left? */ 1072 /* no read-ahead left? */
1052 BIO *bio;
1053 /* In the case where we try to read application data, 1073 /* In the case where we try to read application data,
1054 * but we trigger an SSL handshake, we return -1 with 1074 * but we trigger an SSL handshake, we return -1 with
1055 * the retry option set. Otherwise renegotiation may 1075 * the retry option set. Otherwise renegotiation may
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-14 09:49:20 +0000