Fix for DTLS DoS issue introduced by fix for CVE-2011-4109.

Thanks to Antonio Martin, Enterprise Secure Access Research and Development, Cisco Systems, Inc. for discovering this bug and preparing a fix. (CVE-2012-0050)

Fix for DTLS DoS issue introduced by fix for CVE-2011-4109.
Thanks to Antonio Martin, Enterprise Secure Access Research and Development, Cisco Systems, Inc. for discovering this bug and preparing a fix. (CVE-2012-0050)
855d2918 · Dr. Stephen Henson · ac07bc86 · 855d2918 · 855d2918 · 855d2918
隐藏空白更改
内联并排

Showing with 24 addition and 11 deletion

CHANGES CHANGES +16 -0

apps/s_client.c apps/s_client.c +1 -1

ssl/d1_pkt.c ssl/d1_pkt.c +7 -10

未找到文件。
--- a/CHANGES
+++ b/CHANGES
@@ -522,6 +522,14 @@
       Add command line options to s_client/s_server.
     [Steve Henson]

+ Changes between 1.0.0f and 1.0.0g [18 Jan 2012]
+
+  *) Fix for DTLS DoS issue introduced by fix for CVE-2011-4109.
+     Thanks to Antonio Martin, Enterprise Secure Access Research and
+     Development, Cisco Systems, Inc. for discovering this bug and
+     preparing a fix. (CVE-2012-0050)
+     [Antonio Martin]
+
 Changes between 1.0.0e and 1.0.0f [4 Jan 2012]

  *) Nadhem Alfardan and Kenny Paterson have discovered an extension
@@ -1485,6 +1493,14 @@

  *) Change 'Configure' script to enable Camellia by default.
     [NTT]
+
+ Changes between 0.9.8s and 0.9.8t [18 Jan 2012]
+
+  *) Fix for DTLS DoS issue introduced by fix for CVE-2011-4109.
+     Thanks to Antonio Martin, Enterprise Secure Access Research and
+     Development, Cisco Systems, Inc. for discovering this bug and
+     preparing a fix. (CVE-2012-0050)
+     [Antonio Martin]
  
 Changes between 0.9.8r and 0.9.8s [4 Jan 2012]


--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -2056,7 +2056,7 @@ static void print_stuff(BIO *bio, SSL *s, int full)
 	}
 #endif

-#ifdef SSL_DEBUG
+#if 1
 	{
 	/* Print out local port of connection: useful for debugging */
 	int sock;

--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -384,6 +384,7 @@ dtls1_process_record(SSL *s)
 	unsigned int mac_size;
 	unsigned char md[EVP_MAX_MD_SIZE];
 	int decryption_failed_or_bad_record_mac = 0;
+	unsigned char *mac = NULL;


 	rr= &(s->s3->rrec);
@@ -455,19 +456,15 @@ printf("\n");
 #endif			
 			}
 		/* check the MAC for rr->input (it's in mac_size bytes at the tail) */
-		if (rr->length < mac_size)
+		if (rr->length >= mac_size)
 			{
-#if 0 /* OK only for stream ciphers */
-			al=SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_LENGTH_TOO_SHORT);
-			goto f_err;
-#else
-			decryption_failed_or_bad_record_mac = 1;
-#endif
+			rr->length -= mac_size;
+			mac = &rr->data[rr->length];
 			}
-		rr->length-=mac_size;
+		else
+			rr->length = 0;
 		i=s->method->ssl3_enc->mac(s,md,0);
-		if (i < 0 || memcmp(md,&(rr->data[rr->length]),mac_size) != 0)
+		if (i < 0 || mac == NULL || memcmp(md, mac, mac_size) != 0)
 			{
 			decryption_failed_or_bad_record_mac = 1;
 			}