From 1d0c47fd557584d4a45a668c3f44b73f63cb13f0 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Fri, 6 Apr 2012 20:16:09 +0000 Subject: [PATCH] Submitted by: Peter Sylvester Localize client hello extension parsing in t1_lib.c (backport from HEAD) --- ssl/s3_srvr.c | 9 ++------- ssl/ssl_locl.h | 2 +- ssl/t1_lib.c | 21 +++++++++++++++++++-- 3 files changed, 22 insertions(+), 10 deletions(-) diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 5b66bb1ee8..5e9639c653 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -1175,16 +1175,11 @@ int ssl3_get_client_hello(SSL *s) /* TLS extensions*/ if (s->version >= SSL3_VERSION) { - if (!ssl_parse_clienthello_tlsext(s,&p,d,n, &al)) + if (!ssl_parse_clienthello_tlsext(s,&p,d,n)) { - /* 'al' set by ssl_parse_clienthello_tlsext */ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_PARSE_TLSEXT); - goto f_err; - } - } - if (ssl_check_clienthello_tlsext(s) <= 0) { - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT); goto err; + } } /* Check if we want to use external pre-shared secret for this diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 8015d4a513..98f1d97548 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -1122,7 +1122,7 @@ int tls1_shared_list(SSL *s, int nmatch); unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit); unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit); -int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n, int *al); +int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n); int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n, int *al); int ssl_prepare_clienthello_tlsext(SSL *s); int ssl_prepare_serverhello_tlsext(SSL *s); diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 786c00667f..88eae523ae 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1175,8 +1175,8 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha return ret; } -int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, int *al) - { +static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, int *al) + { unsigned short type; unsigned short size; unsigned short len; @@ -1669,6 +1669,23 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in return 1; } +int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n) + { + int al = -1; + if (ssl_scan_clienthello_tlsext(s, p, d, n, &al) <= 0) + { + ssl3_send_alert(s,SSL3_AL_FATAL,al); + return 0; + } + + if (ssl_check_clienthello_tlsext(s) <= 0) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT); + return 0; + } + return 1; +} + #ifndef OPENSSL_NO_NEXTPROTONEG /* ssl_next_proto_validate validates a Next Protocol Negotiation block. No * elements of zero length are allowed and the set of elements must exactly fill -- 2.25.1