diff options
Diffstat (limited to 'extra/yassl/src/yassl_imp.cpp')
| -rw-r--r-- | extra/yassl/src/yassl_imp.cpp | 63 |
1 files changed, 43 insertions, 20 deletions
diff --git a/extra/yassl/src/yassl_imp.cpp b/extra/yassl/src/yassl_imp.cpp index 21f2020d6b6..c0ef23a4e94 100644 --- a/extra/yassl/src/yassl_imp.cpp +++ b/extra/yassl/src/yassl_imp.cpp @@ -1,5 +1,5 @@ /* - Copyright (c) 2005, 2010, Oracle and/or its affiliates + Copyright (c) 2005, 2012, Oracle and/or its affiliates This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -11,8 +11,9 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. */ /* yaSSL source implements all SSL.v3 secification structures. @@ -116,7 +117,7 @@ void ClientDiffieHellmanPublic::build(SSL& ssl) if (*dhClient.get_agreedKey() == 0) ssl.set_preMaster(dhClient.get_agreedKey() + 1, keyLength - 1); else - ssl.set_preMaster(dhClient.get_agreedKey(), keyLength); + ssl.set_preMaster(dhClient.get_agreedKey(), keyLength); } @@ -134,8 +135,7 @@ void DH_Server::build(SSL& ssl) mySTL::auto_ptr<Auth> auth; const CertManager& cert = ssl.getCrypto().get_certManager(); - if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo) - { + if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo) { if (cert.get_keyType() != rsa_sa_algo) { ssl.SetError(privateKey_error); return; @@ -924,8 +924,6 @@ Data::Data(uint16 len, opaque* b) void Data::SetData(uint16 len, const opaque* buffer) { - assert(write_buffer_ == 0); - length_ = len; write_buffer_ = buffer; } @@ -991,6 +989,11 @@ void Data::Process(input_buffer& input, SSL& ssl) int dataSz = msgSz - ivExtra - digestSz - pad - padSz; opaque verify[SHA_LEN]; + if (dataSz < 0) { + ssl.SetError(bad_input); + return; + } + const byte* rawData = input.get_buffer() + input.get_current(); // read data @@ -1005,10 +1008,10 @@ void Data::Process(input_buffer& input, SSL& ssl) tmp.get_buffer(), tmp.get_size())); } else { - input_buffer* data; - ssl.addData(data = NEW_YS input_buffer(dataSz)); - input.read(data->get_buffer(), dataSz); - data->add_size(dataSz); + input_buffer* data; + ssl.addData(data = NEW_YS input_buffer(dataSz)); + input.read(data->get_buffer(), dataSz); + data->add_size(dataSz); } if (ssl.isTLS()) @@ -1084,19 +1087,37 @@ void Certificate::Process(input_buffer& input, SSL& ssl) uint32 list_sz; byte tmp[3]; + if (input.get_remaining() < sizeof(tmp)) { + ssl.SetError(YasslError(bad_input)); + return; + } tmp[0] = input[AUTO]; tmp[1] = input[AUTO]; tmp[2] = input[AUTO]; c24to32(tmp, list_sz); + + if (list_sz > (uint)MAX_RECORD_SIZE) { // sanity check + ssl.SetError(YasslError(bad_input)); + return; + } while (list_sz) { // cert size uint32 cert_sz; + + if (input.get_remaining() < sizeof(tmp)) { + ssl.SetError(YasslError(bad_input)); + return; + } tmp[0] = input[AUTO]; tmp[1] = input[AUTO]; tmp[2] = input[AUTO]; c24to32(tmp, cert_sz); + if (cert_sz > (uint)MAX_RECORD_SIZE || input.get_remaining() < cert_sz){ + ssl.SetError(YasslError(bad_input)); + return; + } x509* myCert; cm.AddPeerCert(myCert = NEW_YS x509(cert_sz)); input.read(myCert->use_buffer(), myCert->get_length()); @@ -1293,7 +1314,7 @@ void ServerHello::Process(input_buffer&, SSL& ssl) ssl.set_pending(cipher_suite_[1]); ssl.set_random(random_, server_end); if (id_len_) - ssl.set_sessionID(session_id_); + ssl.set_sessionID(session_id_); else ssl.useSecurity().use_connection().sessionID_Set_ = false; @@ -1421,7 +1442,7 @@ input_buffer& operator>>(input_buffer& input, ClientHello& hello) if (hello.id_len_) input.read(hello.session_id_, ID_LEN); // Suites - byte tmp[2]; + byte tmp[2]; uint16 len; tmp[0] = input[AUTO]; tmp[1] = input[AUTO]; @@ -1429,8 +1450,8 @@ input_buffer& operator>>(input_buffer& input, ClientHello& hello) hello.suite_len_ = min(len, static_cast<uint16>(MAX_SUITE_SZ)); input.read(hello.cipher_suites_, hello.suite_len_); - if (len > hello.suite_len_) // ignore extra suites - input.set_current(input.get_current() + len - hello.suite_len_); + if (len > hello.suite_len_) // ignore extra suites + input.set_current(input.get_current() + len - hello.suite_len_); // Compression hello.comp_len_ = input[AUTO]; @@ -1494,8 +1515,9 @@ void ClientHello::Process(input_buffer&, SSL& ssl) if (ssl.GetMultiProtocol()) { // SSLv23 support if (ssl.isTLS() && client_version_.minor_ < 1) { // downgrade to SSLv3 - ssl.useSecurity().use_connection().TurnOffTLS(); - ProtocolVersion pv = ssl.getSecurity().get_connection().version_; + ssl.useSecurity().use_connection().TurnOffTLS(); + + ProtocolVersion pv = ssl.getSecurity().get_connection().version_; bool removeDH = ssl.getSecurity().get_parms().removeDH_; bool removeRSA = false; bool removeDSA = false; @@ -1509,7 +1531,7 @@ void ClientHello::Process(input_buffer&, SSL& ssl) // reset w/ SSL suites ssl.useSecurity().use_parms().SetSuites(pv, removeDH, removeRSA, removeDSA); - } + } else if (ssl.isTLSv1_1() && client_version_.minor_ == 1) // downgrade to TLSv1, but use same suites ssl.useSecurity().use_connection().TurnOffTLS1_1(); @@ -1540,6 +1562,7 @@ void ClientHello::Process(input_buffer&, SSL& ssl) ssl.set_session(session); ssl.useSecurity().set_resuming(true); ssl.matchSuite(session->GetSuite(), SUITE_LEN); + if (ssl.GetError()) return; ssl.set_pending(ssl.getSecurity().get_parms().suite_[1]); ssl.set_masterSecret(session->GetSecret()); @@ -2036,7 +2059,7 @@ void Finished::Process(input_buffer& input, SSL& ssl) // verify hashes const Finished& verify = ssl.getHashes().get_verify(); uint finishedSz = ssl.isTLS() ? TLS_FINISHED_SZ : FINISHED_SZ; - + input.read(hashes_.md5_, finishedSz); if (memcmp(&hashes_, &verify.hashes_, finishedSz)) { |