1 files changed, 17 insertions, 3 deletions
diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c
index 6649baf291..90734457e5 100644
--- a/src/lib/libssl/ssl_tlsext.c
+++ b/src/lib/libssl/ssl_tlsext.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_tlsext.c,v 1.146 2024/03/28 00:22:35 beck Exp $ */
+/* $OpenBSD: ssl_tlsext.c,v 1.147 2024/04/02 22:50:54 sthen Exp $ */
 /*
 * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org>
 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -324,8 +324,22 @@ static int
 tlsext_supportedgroups_client_process(SSL *s, uint16_t msg_type, CBS *cbs,
    int *alert)
 {
-        /* Servers should not send this extension per the RFC. */
+        /*
-        return 0;
+         * Servers should not send this extension per the RFC.
+         *
+         * However, certain F5 BIG-IP systems incorrectly send it. This bug is
+         * from at least 2014 but as of 2017, there are still large sites with
+         * this unpatched in production. As a result, we need to currently skip
+         * over the extension and ignore its content:
+         *
+         *  https://support.f5.com/csp/article/K37345003
+         */
+        if (!CBS_skip(cbs, CBS_len(cbs))) {
+                *alert = SSL_AD_INTERNAL_ERROR;
+                return 0;
+        }
+        return 1;
 }
 /*

diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c index 6649baf291..90734457e5 100644 --- a/src/lib/libssl/ssl_tlsext.c +++ b/src/lib/libssl/ssl_tlsext.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_tlsext.c,v 1.146 2024/03/28 00:22:35 beck Exp $ */	1	/* $OpenBSD: ssl_tlsext.c,v 1.147 2024/04/02 22:50:54 sthen Exp $ */
2	/*	2	/*
3	* Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org>
4	* Copyright (c) 2017 Doug Hogan <doug@openbsd.org>	4	* Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -324,8 +324,22 @@ static int
324	tlsext_supportedgroups_client_process(SSL s, uint16_t msg_type, CBS cbs,	324	tlsext_supportedgroups_client_process(SSL s, uint16_t msg_type, CBS cbs,
325	int *alert)	325	int *alert)
326	{	326	{
327	/* Servers should not send this extension per the RFC. */	327	/*
328	return 0;	328	* Servers should not send this extension per the RFC.
		329	*
		330	* However, certain F5 BIG-IP systems incorrectly send it. This bug is
		331	* from at least 2014 but as of 2017, there are still large sites with
		332	* this unpatched in production. As a result, we need to currently skip
		333	* over the extension and ignore its content:
		334	*
		335	* https://support.f5.com/csp/article/K37345003
		336	*/
		337	if (!CBS_skip(cbs, CBS_len(cbs))) {
		338	*alert = SSL_AD_INTERNAL_ERROR;
		339	return 0;
		340	}
		341
		342	return 1;
329	}	343	}
330		344
331	/*	345	/*