From 7a0eca841f4cf77bd4f76ff05d31d8ac958f66e1 Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Mon, 1 Jun 2026 18:31:46 +0200 Subject: [PATCH] F-5628: reject max_fragment_length response that differs from request TLSX_MFL_Parse only checked that the extension was requested and that the value was recognized, not that the server echoed the requested value. Per RFC 6066 Section 4, compare the ServerHello value against the locally stored request and abort with a fatal illegal_parameter alert on mismatch. --- src/tls.c | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/src/tls.c b/src/tls.c index 62118d0678..bf58e2ee2d 100644 --- a/src/tls.c +++ b/src/tls.c @@ -3251,9 +3251,27 @@ static int TLSX_MFL_Parse(WOLFSSL* ssl, const byte* input, word16 length, #ifdef WOLFSSL_OLD_UNSUPPORTED_EXTENSION (void) isRequest; #else - if (!isRequest) + if (!isRequest) { + TLSX* extension; + if (TLSX_CheckUnsupportedExtension(ssl, TLSX_MAX_FRAGMENT_LENGTH)) return TLSX_HandleUnsupportedExtension(ssl); + + /* RFC 6066 Section 4: the server's response value must match the + * value the client requested. The request may have been configured on + * the WOLFSSL object or inherited from the WOLFSSL_CTX. */ + extension = TLSX_Find(ssl->extensions, TLSX_MAX_FRAGMENT_LENGTH); + if (extension == NULL) { + extension = TLSX_Find(ssl->ctx->extensions, + TLSX_MAX_FRAGMENT_LENGTH); + } + if (extension == NULL || extension->data == NULL || + ((byte*)extension->data)[0] != *input) { + SendAlert(ssl, alert_fatal, illegal_parameter); + WOLFSSL_ERROR_VERBOSE(UNKNOWN_MAX_FRAG_LEN_E); + return UNKNOWN_MAX_FRAG_LEN_E; + } + } #endif switch (*input) {