diff options
| author | markus <> | 2002-09-23 21:32:28 +0000 |
|---|---|---|
| committer | markus <> | 2002-09-23 21:32:28 +0000 |
| commit | f31910c44fa57c65521a215e1404058a14bb8fd2 (patch) | |
| tree | ec82598741316cec7701f58e4e153564b97f215b | |
| parent | b8476376aa93d01a90c88ac2718a3516cf9a7222 (diff) | |
| download | openbsd-f31910c44fa57c65521a215e1404058a14bb8fd2.tar.gz openbsd-f31910c44fa57c65521a215e1404058a14bb8fd2.tar.bz2 openbsd-f31910c44fa57c65521a215e1404058a14bb8fd2.zip | |
pull in fix from openssl-0.9.7-stable-SNAP-20020921:
*) Don't impose a 16-byte length minimum on session IDs in ssl/s3_clnt.c
(the SSL 3.0 and TLS 1.0 specifications allow any length up to 32 bytes).
[Bodo Moeller]
| -rw-r--r-- | src/lib/libssl/s3_clnt.c | 21 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/s3_clnt.c | 21 |
2 files changed, 10 insertions, 32 deletions
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index 9ce5373b51..7da9363ef5 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c | |||
| @@ -631,23 +631,11 @@ static int ssl3_get_server_hello(SSL *s) | |||
| 631 | /* get the session-id */ | 631 | /* get the session-id */ |
| 632 | j= *(p++); | 632 | j= *(p++); |
| 633 | 633 | ||
| 634 | if(j > sizeof s->session->session_id) | 634 | if ((j > sizeof s->session->session_id) || (j > SSL3_SESSION_ID_SIZE)) |
| 635 | { | ||
| 636 | al=SSL_AD_ILLEGAL_PARAMETER; | ||
| 637 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, | ||
| 638 | SSL_R_SSL3_SESSION_ID_TOO_LONG); | ||
| 639 | goto f_err; | ||
| 640 | } | ||
| 641 | |||
| 642 | if ((j != 0) && (j != SSL3_SESSION_ID_SIZE)) | ||
| 643 | { | 635 | { |
| 644 | /* SSLref returns 16 :-( */ | 636 | al=SSL_AD_ILLEGAL_PARAMETER; |
| 645 | if (j < SSL2_SSL_SESSION_ID_LENGTH) | 637 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_LONG); |
| 646 | { | 638 | goto f_err; |
| 647 | al=SSL_AD_ILLEGAL_PARAMETER; | ||
| 648 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_SHORT); | ||
| 649 | goto f_err; | ||
| 650 | } | ||
| 651 | } | 639 | } |
| 652 | if (j != 0 && j == s->session->session_id_length | 640 | if (j != 0 && j == s->session->session_id_length |
| 653 | && memcmp(p,s->session->session_id,j) == 0) | 641 | && memcmp(p,s->session->session_id,j) == 0) |
| @@ -655,6 +643,7 @@ static int ssl3_get_server_hello(SSL *s) | |||
| 655 | if(s->sid_ctx_length != s->session->sid_ctx_length | 643 | if(s->sid_ctx_length != s->session->sid_ctx_length |
| 656 | || memcmp(s->session->sid_ctx,s->sid_ctx,s->sid_ctx_length)) | 644 | || memcmp(s->session->sid_ctx,s->sid_ctx,s->sid_ctx_length)) |
| 657 | { | 645 | { |
| 646 | /* actually a client application bug */ | ||
| 658 | al=SSL_AD_ILLEGAL_PARAMETER; | 647 | al=SSL_AD_ILLEGAL_PARAMETER; |
| 659 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT); | 648 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT); |
| 660 | goto f_err; | 649 | goto f_err; |
diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c index 9ce5373b51..7da9363ef5 100644 --- a/src/lib/libssl/src/ssl/s3_clnt.c +++ b/src/lib/libssl/src/ssl/s3_clnt.c | |||
| @@ -631,23 +631,11 @@ static int ssl3_get_server_hello(SSL *s) | |||
| 631 | /* get the session-id */ | 631 | /* get the session-id */ |
| 632 | j= *(p++); | 632 | j= *(p++); |
| 633 | 633 | ||
| 634 | if(j > sizeof s->session->session_id) | 634 | if ((j > sizeof s->session->session_id) || (j > SSL3_SESSION_ID_SIZE)) |
| 635 | { | ||
| 636 | al=SSL_AD_ILLEGAL_PARAMETER; | ||
| 637 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, | ||
| 638 | SSL_R_SSL3_SESSION_ID_TOO_LONG); | ||
| 639 | goto f_err; | ||
| 640 | } | ||
| 641 | |||
| 642 | if ((j != 0) && (j != SSL3_SESSION_ID_SIZE)) | ||
| 643 | { | 635 | { |
| 644 | /* SSLref returns 16 :-( */ | 636 | al=SSL_AD_ILLEGAL_PARAMETER; |
| 645 | if (j < SSL2_SSL_SESSION_ID_LENGTH) | 637 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_LONG); |
| 646 | { | 638 | goto f_err; |
| 647 | al=SSL_AD_ILLEGAL_PARAMETER; | ||
| 648 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_SHORT); | ||
| 649 | goto f_err; | ||
| 650 | } | ||
| 651 | } | 639 | } |
| 652 | if (j != 0 && j == s->session->session_id_length | 640 | if (j != 0 && j == s->session->session_id_length |
| 653 | && memcmp(p,s->session->session_id,j) == 0) | 641 | && memcmp(p,s->session->session_id,j) == 0) |
| @@ -655,6 +643,7 @@ static int ssl3_get_server_hello(SSL *s) | |||
| 655 | if(s->sid_ctx_length != s->session->sid_ctx_length | 643 | if(s->sid_ctx_length != s->session->sid_ctx_length |
| 656 | || memcmp(s->session->sid_ctx,s->sid_ctx,s->sid_ctx_length)) | 644 | || memcmp(s->session->sid_ctx,s->sid_ctx,s->sid_ctx_length)) |
| 657 | { | 645 | { |
| 646 | /* actually a client application bug */ | ||
| 658 | al=SSL_AD_ILLEGAL_PARAMETER; | 647 | al=SSL_AD_ILLEGAL_PARAMETER; |
| 659 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT); | 648 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT); |
| 660 | goto f_err; | 649 | goto f_err; |