generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

there is no minimum length for session IDs

Browse Source 
PR: 274

fix race condition
PR: 262
This commit is contained in:
Bodo Möller
2002-09-20 08:37:13 +00:00
parent 12a296edfc
commit f7eb95852c
2 changed files with 13 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
CHANGES
View File

@@ -1675,6 +1675,13 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
Changes between 0.9.6g and 0.9.6h [xx XXX xxxx] Changes between 0.9.6g and 0.9.6h [xx XXX xxxx]
*) Don't impose a 16-byte length minimum on session IDs in ssl/s3_clnt.c
(the SSL 3.0 and TLS 1.0 specifications allow any length up to 32 bytes).
[Bodo Moeller]
*) Fix race condition in SSLv3_client_method().
[Bodo Moeller]
*) Reorder cleanup sequence in SSL_CTX_free(): only remove the ex_data after *) Reorder cleanup sequence in SSL_CTX_free(): only remove the ex_data after
the cached sessions are flushed, as the remove_cb() might use ex_data the cached sessions are flushed, as the remove_cb() might use ex_data
contents. Bug found by Sam Varshavchik <mrsam@courier-mta.com> contents. Bug found by Sam Varshavchik <mrsam@courier-mta.com>

19
ssl/s3_clnt.c
View File

@@ -146,11 +146,11 @@ SSL_METHOD *SSLv3_client_method(void)
if (init) if (init)
{ {
init=0;
memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(), memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(),
sizeof(SSL_METHOD)); sizeof(SSL_METHOD));
SSLv3_client_data.ssl_connect=ssl3_connect; SSLv3_client_data.ssl_connect=ssl3_connect;
SSLv3_client_data.get_ssl_method=ssl3_get_client_method; SSLv3_client_data.get_ssl_method=ssl3_get_client_method;
init=0;
} }
return(&SSLv3_client_data); return(&SSLv3_client_data);
} }
@@ -632,30 +632,19 @@ static int ssl3_get_server_hello(SSL *s)
/* get the session-id */ /* get the session-id */
j= *(p++); j= *(p++);
if(j > sizeof s->session->session_id) if ((j > sizeof s->session->session_id) || (j > SSL3_SESSION_ID_SIZE))
{ {
al=SSL_AD_ILLEGAL_PARAMETER; al=SSL_AD_ILLEGAL_PARAMETER;
SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_LONG);
SSL_R_SSL3_SESSION_ID_TOO_LONG);
goto f_err; goto f_err;
} }
if ((j != 0) && (j != SSL3_SESSION_ID_SIZE))
{
/* SSLref returns 16 :-( */
if (j < SSL2_SSL_SESSION_ID_LENGTH)
{
al=SSL_AD_ILLEGAL_PARAMETER;
SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_SHORT);
goto f_err;
}
}
if (j != 0 && j == s->session->session_id_length if (j != 0 && j == s->session->session_id_length
&& memcmp(p,s->session->session_id,j) == 0) && memcmp(p,s->session->session_id,j) == 0)
{ {
if(s->sid_ctx_length != s->session->sid_ctx_length if(s->sid_ctx_length != s->session->sid_ctx_length
|| memcmp(s->session->sid_ctx,s->sid_ctx,s->sid_ctx_length)) || memcmp(s->session->sid_ctx,s->sid_ctx,s->sid_ctx_length))
{ {
/* actually a client application bug */
al=SSL_AD_ILLEGAL_PARAMETER; al=SSL_AD_ILLEGAL_PARAMETER;
SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT); SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
goto f_err; goto f_err;