tolerate extra data at end of client hello for SSL 3.0

PR: 659

tolerate extra data at end of client hello for SSL 3.0
PR: 659
ddc38679 · Bodo Möller · 02e05594 · ddc38679 · ddc38679
隐藏空白更改
内联并排

Showing with 21 addition and 0 deletion

CHANGES CHANGES +17 -0

ssl/s3_srvr.c ssl/s3_srvr.c +4 -0

未找到文件。
--- a/CHANGES
+++ b/CHANGES
@@ -537,6 +537,15 @@

 Changes between 0.9.7b and 0.9.7c  [xx XXX 2003]

+  *) In ssl3_get_client_hello() (ssl/s3_srvr.c), tolerate additional
+     extra data after the compression methods not only for TLS 1.0
+     but also for SSL 3.0 (as required by the specification).
+     [Bodo Moeller; problem pointed out by Matthias Loepfe]
+
+  *) Change X509_certificate_type() to mark the key as exported/exportable
+     when it's 512 *bits* long, not 512 bytes.
+     [Richard Levitte]
+
  *) Change AES_cbc_encrypt() so it outputs exact multiple of
     blocks during encryption.
     [Richard Levitte]
@@ -671,6 +680,9 @@ yet to be integrated into this CVS branch:

 Changes between 0.9.6h and 0.9.7  [31 Dec 2002]

+  [NB: OpenSSL 0.9.6i and later 0.9.6 patch levels were released after
+  OpenSSL 0.9.7.]
+
  *) Fix session ID handling in SSLv2 client code: the SERVER FINISHED
     code (06) was taken as the first octet of the session ID and the last
     octet was ignored consequently. As a result SSLv2 client side session
@@ -2491,6 +2503,11 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k

 Changes between 0.9.6j and 0.9.6k  [xx XXX 2003]

+  *) In ssl3_get_client_hello() (ssl/s3_srvr.c), tolerate additional
+     extra data after the compression methods not only for TLS 1.0
+     but also for SSL 3.0 (as required by the specification).
+     [Bodo Moeller; problem pointed out by Matthias Loepfe]
+
  *) Change X509_certificate_type() to mark the key as exported/exportable
     when it's 512 *bits* long, not 512 bytes.
     [Richard Levitte]

--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -883,6 +883,9 @@ static int ssl3_get_client_hello(SSL *s)
 		}

 	/* TLS does not mind if there is extra stuff */
+#if 0   /* SSL 3.0 does not mind either, so we should disable this test
+         * (was enabled in 0.9.6d through 0.9.6j and 0.9.7 through 0.9.7b,
+         * in earlier SSLeay/OpenSSL releases this test existed but was buggy) */
 	if (s->version == SSL3_VERSION)
 		{
 		if (p < (d+n))
@@ -894,6 +897,7 @@ static int ssl3_get_client_hello(SSL *s)
 			goto f_err;
 			}
 		}
+#endif

 	/* Given s->session->ciphers and SSL_get_ciphers, we must
 	 * pick a cipher */