diff options
Diffstat (limited to 'src/lib/libssl/t1_lib.c')
| -rw-r--r-- | src/lib/libssl/t1_lib.c | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index 0baa70663a..85371c87b8 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c | |||
| @@ -1013,9 +1013,9 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in | |||
| 1013 | 1013 | ||
| 1014 | int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, int *al) | 1014 | int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, int *al) |
| 1015 | { | 1015 | { |
| 1016 | unsigned short length; | ||
| 1016 | unsigned short type; | 1017 | unsigned short type; |
| 1017 | unsigned short size; | 1018 | unsigned short size; |
| 1018 | unsigned short len; | ||
| 1019 | unsigned char *data = *p; | 1019 | unsigned char *data = *p; |
| 1020 | int tlsext_servername = 0; | 1020 | int tlsext_servername = 0; |
| 1021 | int renegotiate_seen = 0; | 1021 | int renegotiate_seen = 0; |
| @@ -1023,7 +1023,12 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in | |||
| 1023 | if (data >= (d+n-2)) | 1023 | if (data >= (d+n-2)) |
| 1024 | goto ri_check; | 1024 | goto ri_check; |
| 1025 | 1025 | ||
| 1026 | n2s(data,len); | 1026 | n2s(data,length); |
| 1027 | if (data+length != d+n) | ||
| 1028 | { | ||
| 1029 | *al = SSL_AD_DECODE_ERROR; | ||
| 1030 | return 0; | ||
| 1031 | } | ||
| 1027 | 1032 | ||
| 1028 | while(data <= (d+n-4)) | 1033 | while(data <= (d+n-4)) |
| 1029 | { | 1034 | { |
| @@ -1453,23 +1458,20 @@ int ssl_check_serverhello_tlsext(SSL *s) | |||
| 1453 | int al = SSL_AD_UNRECOGNIZED_NAME; | 1458 | int al = SSL_AD_UNRECOGNIZED_NAME; |
| 1454 | 1459 | ||
| 1455 | #ifndef OPENSSL_NO_EC | 1460 | #ifndef OPENSSL_NO_EC |
| 1456 | /* If we are client and using an elliptic curve cryptography cipher suite, then server | 1461 | /* If we are client and using an elliptic curve cryptography cipher |
| 1457 | * must return a an EC point formats lists containing uncompressed. | 1462 | * suite, then if server returns an EC point formats lists extension |
| 1463 | * it must contain uncompressed. | ||
| 1458 | */ | 1464 | */ |
| 1459 | unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey; | 1465 | unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey; |
| 1460 | unsigned long alg_a = s->s3->tmp.new_cipher->algorithm_auth; | 1466 | unsigned long alg_a = s->s3->tmp.new_cipher->algorithm_auth; |
| 1461 | if ((s->tlsext_ecpointformatlist != NULL) && (s->tlsext_ecpointformatlist_length > 0) && | 1467 | if ((s->tlsext_ecpointformatlist != NULL) && (s->tlsext_ecpointformatlist_length > 0) && |
| 1468 | (s->session->tlsext_ecpointformatlist != NULL) && (s->session->tlsext_ecpointformatlist_length > 0) && | ||
| 1462 | ((alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe)) || (alg_a & SSL_aECDSA))) | 1469 | ((alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe)) || (alg_a & SSL_aECDSA))) |
| 1463 | { | 1470 | { |
| 1464 | /* we are using an ECC cipher */ | 1471 | /* we are using an ECC cipher */ |
| 1465 | size_t i; | 1472 | size_t i; |
| 1466 | unsigned char *list; | 1473 | unsigned char *list; |
| 1467 | int found_uncompressed = 0; | 1474 | int found_uncompressed = 0; |
| 1468 | if ((s->session->tlsext_ecpointformatlist == NULL) || (s->session->tlsext_ecpointformatlist_length == 0)) | ||
| 1469 | { | ||
| 1470 | SSLerr(SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT,SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST); | ||
| 1471 | return -1; | ||
| 1472 | } | ||
| 1473 | list = s->session->tlsext_ecpointformatlist; | 1475 | list = s->session->tlsext_ecpointformatlist; |
| 1474 | for (i = 0; i < s->session->tlsext_ecpointformatlist_length; i++) | 1476 | for (i = 0; i < s->session->tlsext_ecpointformatlist_length; i++) |
| 1475 | { | 1477 | { |