feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

add SNI_UNSUPPORTED for better handling SSL 3.0 buffers on CyaSSL_SNI_GetFromBuffer()

Browse Source
This commit is contained in:
Moisés Guimarães
2014-12-08 17:31:37 -03:00
parent 1ada0dfa31
commit 513ea4d38a
3 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
cyassl/error-ssl.h
View File

@ -126,6 +126,7 @@ enum CyaSSL_ErrorCodes {
NO_CHANGE_CIPHER_E = -393, /* Finished before change cipher */ NO_CHANGE_CIPHER_E = -393, /* Finished before change cipher */
SANITY_MSG_E = -394, /* Sanity check on msg order error */ SANITY_MSG_E = -394, /* Sanity check on msg order error */
DUPLICATE_MSG_E = -395, /* Duplicate message error */ DUPLICATE_MSG_E = -395, /* Duplicate message error */
SNI_UNSUPPORTED = -396, /* SSL 3.0 does not support SNI */
/* add strings to SetErrorString !!!!! */ /* add strings to SetErrorString !!!!! */

2
src/tls.c
View File

@ -1108,7 +1108,7 @@ int TLSX_SNI_GetFromBuffer(const byte* clientHello, word32 helloSz,
return BUFFER_ERROR; return BUFFER_ERROR;
if (clientHello[offset++] < TLSv1_MINOR) if (clientHello[offset++] < TLSv1_MINOR)
return BUFFER_ERROR; return SNI_UNSUPPORTED;
ato16(clientHello + offset, &len16); ato16(clientHello + offset, &len16);
offset += OPAQUE16_LEN; offset += OPAQUE16_LEN;

4
tests/api.c
View File

@ -921,8 +921,8 @@ static void test_CyaSSL_SNI_GetFromBuffer(void)
0, result, &length)); 0, result, &length));
buffer[1] = 0x03; buffer[1] = 0x03;
AssertIntEQ(BUFFER_ERROR, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), AssertIntEQ(SNI_UNSUPPORTED, CyaSSL_SNI_GetFromBuffer(buffer,
0, result, &length)); sizeof(buffer), 0, result, &length));
buffer[2] = 0x03; buffer[2] = 0x03;
AssertIntEQ(INCOMPLETE_DATA, CyaSSL_SNI_GetFromBuffer(buffer, AssertIntEQ(INCOMPLETE_DATA, CyaSSL_SNI_GetFromBuffer(buffer,