diff options
Diffstat (limited to 'src/lib/libssl/s23_srvr.c')
| -rw-r--r-- | src/lib/libssl/s23_srvr.c | 32 |
1 files changed, 20 insertions, 12 deletions
diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c index 6a3bbb10b9..050618235f 100644 --- a/src/lib/libssl/s23_srvr.c +++ b/src/lib/libssl/s23_srvr.c | |||
| @@ -297,7 +297,7 @@ int ssl23_get_client_hello(SSL *s) | |||
| 297 | if (n <= 0) return(n); | 297 | if (n <= 0) return(n); |
| 298 | p=s->packet; | 298 | p=s->packet; |
| 299 | 299 | ||
| 300 | if ((buf=Malloc(n)) == NULL) | 300 | if ((buf=OPENSSL_malloc(n)) == NULL) |
| 301 | { | 301 | { |
| 302 | SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE); | 302 | SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE); |
| 303 | goto err; | 303 | goto err; |
| @@ -348,16 +348,21 @@ int ssl23_get_client_hello(SSL *s) | |||
| 348 | * SSLv3 or tls1 header | 348 | * SSLv3 or tls1 header |
| 349 | */ | 349 | */ |
| 350 | 350 | ||
| 351 | v[0]=p[1]; /* major version */ | 351 | v[0]=p[1]; /* major version (= SSL3_VERSION_MAJOR) */ |
| 352 | /* We must look at client_version inside the Client Hello message | 352 | /* We must look at client_version inside the Client Hello message |
| 353 | * to get the correct minor version: */ | 353 | * to get the correct minor version. |
| 354 | v[1]=p[10]; | 354 | * However if we have only a pathologically small fragment of the |
| 355 | /* However if we have only a pathologically small fragment of the | 355 | * Client Hello message, this would be difficult, we'd have |
| 356 | * Client Hello message, we simply use the version from the | 356 | * to read at least one additional record to find out. |
| 357 | * record header -- this is incorrect but unlikely to fail in | 357 | * This doesn't usually happen in real life, so we just complain |
| 358 | * practice */ | 358 | * for now. |
| 359 | */ | ||
| 359 | if (p[3] == 0 && p[4] < 6) | 360 | if (p[3] == 0 && p[4] < 6) |
| 360 | v[1]=p[2]; | 361 | { |
| 362 | SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_SMALL); | ||
| 363 | goto err; | ||
| 364 | } | ||
| 365 | v[1]=p[10]; /* minor version according to client_version */ | ||
| 361 | if (v[1] >= TLS1_VERSION_MINOR) | 366 | if (v[1] >= TLS1_VERSION_MINOR) |
| 362 | { | 367 | { |
| 363 | if (!(s->options & SSL_OP_NO_TLSv1)) | 368 | if (!(s->options & SSL_OP_NO_TLSv1)) |
| @@ -495,9 +500,12 @@ int ssl23_get_client_hello(SSL *s) | |||
| 495 | 500 | ||
| 496 | s->state=SSL2_ST_GET_CLIENT_HELLO_A; | 501 | s->state=SSL2_ST_GET_CLIENT_HELLO_A; |
| 497 | if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) || | 502 | if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) || |
| 498 | use_sslv2_strong) | 503 | use_sslv2_strong || |
| 504 | (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)) | ||
| 499 | s->s2->ssl2_rollback=0; | 505 | s->s2->ssl2_rollback=0; |
| 500 | else | 506 | else |
| 507 | /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0 | ||
| 508 | * (SSL 3.0 draft/RFC 2246, App. E.2) */ | ||
| 501 | s->s2->ssl2_rollback=1; | 509 | s->s2->ssl2_rollback=1; |
| 502 | 510 | ||
| 503 | /* setup the n bytes we have read so we get them from | 511 | /* setup the n bytes we have read so we get them from |
| @@ -559,10 +567,10 @@ int ssl23_get_client_hello(SSL *s) | |||
| 559 | } | 567 | } |
| 560 | s->init_num=0; | 568 | s->init_num=0; |
| 561 | 569 | ||
| 562 | if (buf != buf_space) Free(buf); | 570 | if (buf != buf_space) OPENSSL_free(buf); |
| 563 | s->first_packet=1; | 571 | s->first_packet=1; |
| 564 | return(SSL_accept(s)); | 572 | return(SSL_accept(s)); |
| 565 | err: | 573 | err: |
| 566 | if (buf != buf_space) Free(buf); | 574 | if (buf != buf_space) OPENSSL_free(buf); |
| 567 | return(-1); | 575 | return(-1); |
| 568 | } | 576 | } |