From 8d42eef4813a62fe0da8095168237e06c798bcd1 Mon Sep 17 00:00:00 2001 From: doug <> Date: Wed, 23 Aug 2017 15:39:38 +0000 Subject: Work around bug in F5's handling of the supported elliptic curves extension. RFC 4492 only defines elliptic_curves for ClientHello. However, F5 is sending it in ServerHello. We need to skip over it since our TLS extension parsing code is now more strict. Thanks to Armin Wolfermann and WJ Liu for reporting the issue. input + ok jsing@ --- src/lib/libssl/ssl_tlsext.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) (limited to 'src/lib') diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c index 646c59e5d6..60daff6f8d 100644 --- a/src/lib/libssl/ssl_tlsext.c +++ b/src/lib/libssl/ssl_tlsext.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_tlsext.c,v 1.9 2017/08/12 23:38:12 beck Exp $ */ +/* $OpenBSD: ssl_tlsext.c,v 1.10 2017/08/23 15:39:38 doug Exp $ */ /* * Copyright (c) 2016, 2017 Joel Sing * Copyright (c) 2017 Doug Hogan @@ -130,7 +130,21 @@ tlsext_ec_serverhello_build(SSL *s, CBB *cbb) int tlsext_ec_serverhello_parse(SSL *s, CBS *cbs, int *alert) { - return 0; + /* + * Servers should not send this extension per the RFC. + * + * However, F5 sends it by mistake (case ID 492780) so we need to skip + * over it. This bug is from at least 2014 but as of 2017, there + * are still large sites with this bug in production. + * + * https://devcentral.f5.com/questions/disable-supported-elliptic-curves-extension-from-server + */ + if (!CBS_skip(cbs, CBS_len(cbs))) { + *alert = TLS1_AD_INTERNAL_ERROR; + return 0; + } + + return 1; } /* -- cgit v1.2.3-55-g6feb