F-5628: reject max_fragment_length response that differs from request

TLSX_MFL_Parse only checked that the extension was requested and that
the value was recognized, not that the server echoed the requested
value. Per RFC 6066 Section 4, compare the ServerHello value against the
locally stored request and abort with a fatal illegal_parameter alert on
mismatch.
This commit is contained in:
Juliusz Sosinowicz
2026-06-01 18:31:46 +02:00
parent abb5943466
commit 7a0eca841f
+19 -1
View File
@@ -3251,9 +3251,27 @@ static int TLSX_MFL_Parse(WOLFSSL* ssl, const byte* input, word16 length,
#ifdef WOLFSSL_OLD_UNSUPPORTED_EXTENSION
(void) isRequest;
#else
if (!isRequest)
if (!isRequest) {
TLSX* extension;
if (TLSX_CheckUnsupportedExtension(ssl, TLSX_MAX_FRAGMENT_LENGTH))
return TLSX_HandleUnsupportedExtension(ssl);
/* RFC 6066 Section 4: the server's response value must match the
* value the client requested. The request may have been configured on
* the WOLFSSL object or inherited from the WOLFSSL_CTX. */
extension = TLSX_Find(ssl->extensions, TLSX_MAX_FRAGMENT_LENGTH);
if (extension == NULL) {
extension = TLSX_Find(ssl->ctx->extensions,
TLSX_MAX_FRAGMENT_LENGTH);
}
if (extension == NULL || extension->data == NULL ||
((byte*)extension->data)[0] != *input) {
SendAlert(ssl, alert_fatal, illegal_parameter);
WOLFSSL_ERROR_VERBOSE(UNKNOWN_MAX_FRAG_LEN_E);
return UNKNOWN_MAX_FRAG_LEN_E;
}
}
#endif
switch (*input) {