From b36ffe2dedec4d6117f4718449035d1c5338df1c Mon Sep 17 00:00:00 2001 From: doug <> Date: Sun, 28 Jun 2015 00:08:27 +0000 Subject: Convert ssl_bytes_to_cipher_list to CBS. Link in the new 'unit' regress and expand the invalid tests to include some that would fail before the CBS conversion. input + ok miod@ jsing@ --- src/lib/libssl/src/ssl/ssl_lib.c | 26 ++++++++++++++++++-------- src/lib/libssl/src/ssl/ssl_locl.h | 4 ++-- src/lib/libssl/ssl_lib.c | 26 ++++++++++++++++++-------- src/lib/libssl/ssl_locl.h | 4 ++-- src/regress/lib/libssl/Makefile | 5 +++-- src/regress/lib/libssl/unit/cipher_list.c | 17 ++++++++++++++++- 6 files changed, 59 insertions(+), 23 deletions(-) diff --git a/src/lib/libssl/src/ssl/ssl_lib.c b/src/lib/libssl/src/ssl/ssl_lib.c index b5ce2ea5ac..1dd518d0b8 100644 --- a/src/lib/libssl/src/ssl/ssl_lib.c +++ b/src/lib/libssl/src/ssl/ssl_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_lib.c,v 1.103 2015/04/15 16:25:43 jsing Exp $ */ +/* $OpenBSD: ssl_lib.c,v 1.104 2015/06/28 00:08:27 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -155,6 +155,8 @@ #include #endif +#include "bytestring.h" + const char *SSL_version_str = OPENSSL_VERSION_TEXT; SSL3_ENC_METHOD ssl3_undef_enc_method = { @@ -1410,19 +1412,21 @@ ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p) } STACK_OF(SSL_CIPHER) * -ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num) +ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p, int num) { + CBS cbs; const SSL_CIPHER *c; STACK_OF(SSL_CIPHER) *sk = NULL; - int i; unsigned long cipher_id; - uint16_t cipher_value; - uint16_t max_version; + uint16_t cipher_value, max_version; if (s->s3) s->s3->send_connection_binding = 0; - if ((num % SSL3_CIPHER_VALUE_SIZE) != 0) { + /* + * RFC 5246 section 7.4.1.2 defines the interval as [2,2^16-2]. + */ + if (num < 2 || num > 0x10000 - 2) { SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); return (NULL); @@ -1433,8 +1437,14 @@ ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num) goto err; } - for (i = 0; i < num; i += SSL3_CIPHER_VALUE_SIZE) { - n2s(p, cipher_value); + CBS_init(&cbs, p, num); + while (CBS_len(&cbs) > 0) { + if (!CBS_get_u16(&cbs, &cipher_value)) { + SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, + SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); + goto err; + } + cipher_id = SSL3_CK_ID | cipher_value; if (s->s3 != NULL && cipher_id == SSL3_CK_SCSV) { diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h index 43c6974268..8116bfddfa 100644 --- a/src/lib/libssl/src/ssl/ssl_locl.h +++ b/src/lib/libssl/src/ssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.93 2015/06/20 16:42:48 doug Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.94 2015/06/28 00:08:27 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -569,7 +569,7 @@ int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b); DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id); int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap, const SSL_CIPHER * const *bp); -STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, +STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p, int num); int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p); diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index b5ce2ea5ac..1dd518d0b8 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_lib.c,v 1.103 2015/04/15 16:25:43 jsing Exp $ */ +/* $OpenBSD: ssl_lib.c,v 1.104 2015/06/28 00:08:27 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -155,6 +155,8 @@ #include #endif +#include "bytestring.h" + const char *SSL_version_str = OPENSSL_VERSION_TEXT; SSL3_ENC_METHOD ssl3_undef_enc_method = { @@ -1410,19 +1412,21 @@ ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p) } STACK_OF(SSL_CIPHER) * -ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num) +ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p, int num) { + CBS cbs; const SSL_CIPHER *c; STACK_OF(SSL_CIPHER) *sk = NULL; - int i; unsigned long cipher_id; - uint16_t cipher_value; - uint16_t max_version; + uint16_t cipher_value, max_version; if (s->s3) s->s3->send_connection_binding = 0; - if ((num % SSL3_CIPHER_VALUE_SIZE) != 0) { + /* + * RFC 5246 section 7.4.1.2 defines the interval as [2,2^16-2]. + */ + if (num < 2 || num > 0x10000 - 2) { SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); return (NULL); @@ -1433,8 +1437,14 @@ ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, int num) goto err; } - for (i = 0; i < num; i += SSL3_CIPHER_VALUE_SIZE) { - n2s(p, cipher_value); + CBS_init(&cbs, p, num); + while (CBS_len(&cbs) > 0) { + if (!CBS_get_u16(&cbs, &cipher_value)) { + SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, + SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); + goto err; + } + cipher_id = SSL3_CK_ID | cipher_value; if (s->s3 != NULL && cipher_id == SSL3_CK_SCSV) { diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index 43c6974268..8116bfddfa 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.93 2015/06/20 16:42:48 doug Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.94 2015/06/28 00:08:27 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -569,7 +569,7 @@ int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b); DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id); int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap, const SSL_CIPHER * const *bp); -STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, +STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p, int num); int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p); diff --git a/src/regress/lib/libssl/Makefile b/src/regress/lib/libssl/Makefile index 4d64dc3966..7c2d92e340 100644 --- a/src/regress/lib/libssl/Makefile +++ b/src/regress/lib/libssl/Makefile @@ -1,10 +1,11 @@ -# $OpenBSD: Makefile,v 1.21 2015/02/06 09:36:16 doug Exp $ +# $OpenBSD: Makefile,v 1.22 2015/06/28 00:08:27 doug Exp $ SUBDIR= \ asn1 \ bytestring \ ciphers \ - ssl + ssl \ + unit install: diff --git a/src/regress/lib/libssl/unit/cipher_list.c b/src/regress/lib/libssl/unit/cipher_list.c index b513007771..1c829f369c 100644 --- a/src/regress/lib/libssl/unit/cipher_list.c +++ b/src/regress/lib/libssl/unit/cipher_list.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cipher_list.c,v 1.1 2015/06/27 23:35:52 doug Exp $ */ +/* $OpenBSD: cipher_list.c,v 1.2 2015/06/28 00:08:27 doug Exp $ */ /* * Copyright (c) 2015 Doug Hogan * Copyright (c) 2015 Joel Sing @@ -146,6 +146,8 @@ err: static int ssl_bytes_to_list_invalid(SSL *s, STACK_OF(SSL_CIPHER) **ciphers) { + uint8_t empty_cipher_bytes[] = { }; + sk_SSL_CIPHER_free(*ciphers); /* Invalid length: CipherSuite is 2 bytes so it must be even */ @@ -153,6 +155,19 @@ ssl_bytes_to_list_invalid(SSL *s, STACK_OF(SSL_CIPHER) **ciphers) sizeof(cipher_bytes) - 1); CHECK(*ciphers == NULL); + /* Invalid length: cipher_suites must be at least 2 */ + *ciphers = ssl_bytes_to_cipher_list(s, empty_cipher_bytes, + sizeof(empty_cipher_bytes)); + CHECK(*ciphers == NULL); + + /* Invalid length: cipher_suites must be at most 2^16-2 */ + *ciphers = ssl_bytes_to_cipher_list(s, cipher_bytes, 0x10000); + CHECK(*ciphers == NULL); + + /* Invalid len: prototype is signed, but it shouldn't accept len < 0 */ + *ciphers = ssl_bytes_to_cipher_list(s, cipher_bytes, -2); + CHECK(*ciphers == NULL); + return 1; } -- cgit v1.2.3-55-g6feb