generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

PR: 2704

Browse Source 
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>

Fix srp extension.
This commit is contained in:
Dr. Stephen Henson 2012-02-10 20:08:36 +00:00
parent 3770b988c0
commit 1df80b6561
2 changed files with 35 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ssl/s3_lib.c
View File

@ -3609,7 +3609,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
ctx->srp_ctx.login = NULL; ctx->srp_ctx.login = NULL;
if (parg == NULL) if (parg == NULL)
break; break;
if (strlen((char *)parg) > 254) if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1)
{ {
SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME); SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
return 0; return 0;

42
ssl/t1_lib.c
View File

@ -432,25 +432,29 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
} }
#ifndef OPENSSL_NO_SRP #ifndef OPENSSL_NO_SRP
#define MIN(x,y) (((x)<(y))?(x):(y)) /* Add SRP username if there is one */
/* we add SRP username the first time only if we have one! */
if (s->srp_ctx.login != NULL) if (s->srp_ctx.login != NULL)
{/* Add TLS extension SRP username to the Client Hello message */ { /* Add TLS extension SRP username to the Client Hello message */
int login_len = MIN(strlen(s->srp_ctx.login) + 1, 255);
long lenmax;
if ((lenmax = limit - ret - 5) < 0) return NULL; int login_len = strlen(s->srp_ctx.login);
if (login_len > lenmax) return NULL; if (login_len > 255 || login_len == 0)
if (login_len > 255)
{ {
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
return NULL; return NULL;
} }
/* check for enough space.
4 for the srp type type and entension length
1 for the srp user identity
+ srp user identity length
*/
if ((limit - ret - 5 - login_len) < 0) return NULL;
/* fill in the extension */
s2n(TLSEXT_TYPE_srp,ret); s2n(TLSEXT_TYPE_srp,ret);
s2n(login_len+1,ret); s2n(login_len+1,ret);
(*ret++) = (unsigned char) login_len;
(*ret++) = (unsigned char) MIN(strlen(s->srp_ctx.login), 254); memcpy(ret, s->srp_ctx.login, login_len);
memcpy(ret, s->srp_ctx.login, MIN(strlen(s->srp_ctx.login), 254));
ret+=login_len; ret+=login_len;
} }
#endif #endif
@ -1007,13 +1011,25 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
#ifndef OPENSSL_NO_SRP #ifndef OPENSSL_NO_SRP
else if (type == TLSEXT_TYPE_srp) else if (type == TLSEXT_TYPE_srp)
{ {
if (size > 0) if (size <= 0 || ((len = data[0])) != (size -1))
{ {
len = data[0]; *al = SSL_AD_DECODE_ERROR;
return 0;
}
if (s->srp_ctx.login != NULL)
{
*al = SSL_AD_DECODE_ERROR;
return 0;
}
if ((s->srp_ctx.login = OPENSSL_malloc(len+1)) == NULL) if ((s->srp_ctx.login = OPENSSL_malloc(len+1)) == NULL)
return -1; return -1;
memcpy(s->srp_ctx.login, &data[1], len); memcpy(s->srp_ctx.login, &data[1], len);
s->srp_ctx.login[len]='\0'; s->srp_ctx.login[len]='\0';
if (strlen(s->srp_ctx.login) != len)
{
*al = SSL_AD_DECODE_ERROR;
return 0;
} }
} }
#endif #endif