mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 16:30:49 +02:00
Merge pull request #10142 from kareem-wolfssl/variousFixes2
Various fixes
This commit is contained in:
@@ -25993,6 +25993,10 @@ int SendCertificateStatus(WOLFSSL* ssl)
|
||||
|
||||
if (idx > chain->length)
|
||||
break;
|
||||
if ((i + 1) >= (1 + MAX_CHAIN_DEPTH)) {
|
||||
ret = MAX_CERT_EXTENSIONS_ERR;
|
||||
break;
|
||||
}
|
||||
ret = CreateOcspRequest(ssl, request, cert, der.buffer,
|
||||
der.length, &ctxOwnsRequest);
|
||||
if (ret == 0) {
|
||||
@@ -26021,6 +26025,11 @@ int SendCertificateStatus(WOLFSSL* ssl)
|
||||
else {
|
||||
while (ret == 0 &&
|
||||
NULL != (request = ssl->ctx->chainOcspRequest[i])) {
|
||||
if ((i + 1) >= MAX_CERT_EXTENSIONS) {
|
||||
ret = MAX_CERT_EXTENSIONS_ERR;
|
||||
break;
|
||||
}
|
||||
|
||||
request->ssl = ssl;
|
||||
ret = CheckOcspRequest(SSL_CM(ssl)->ocsp_stapling,
|
||||
request, &responses[++i], ssl->heap);
|
||||
|
||||
+15
-1
@@ -4195,6 +4195,9 @@ static int ProcessClientHello(const byte* input, int* sslBytes,
|
||||
{
|
||||
word16 listLen = 0, offset = 0;
|
||||
|
||||
if (extLen < OPAQUE16_LEN)
|
||||
return BUFFER_ERROR;
|
||||
|
||||
ato16(input + offset, &listLen);
|
||||
offset += OPAQUE16_LEN;
|
||||
|
||||
@@ -4228,7 +4231,13 @@ static int ProcessClientHello(const byte* input, int* sslBytes,
|
||||
#ifdef WOLFSSL_TLS13
|
||||
case EXT_KEY_SHARE:
|
||||
{
|
||||
word16 ksLen = (word16)((input[0] << 8) | input[1]);
|
||||
word16 ksLen = 0;
|
||||
if (extLen < OPAQUE16_LEN) {
|
||||
SetError(BUFFER_ERROR_STR, error, session, FATAL_ERROR_STATE);
|
||||
return BUFFER_ERROR;
|
||||
}
|
||||
|
||||
ksLen = (word16)((input[0] << 8) | input[1]);
|
||||
if (ksLen + OPAQUE16_LEN > extLen) {
|
||||
SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
|
||||
return WOLFSSL_FATAL_ERROR;
|
||||
@@ -4252,6 +4261,11 @@ static int ProcessClientHello(const byte* input, int* sslBytes,
|
||||
word32 ticketAge;
|
||||
const byte *identity, *binders;
|
||||
|
||||
if (extLen < OPAQUE16_LEN) {
|
||||
SetError(BUFFER_ERROR_STR, error, session, FATAL_ERROR_STATE);
|
||||
return BUFFER_ERROR;
|
||||
}
|
||||
|
||||
idsLen = (word16)((input[idx] << 8) | input[idx+1]);
|
||||
if ((word32)idsLen + OPAQUE16_LEN + idx > (word32)extLen) {
|
||||
SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
|
||||
|
||||
@@ -2816,6 +2816,9 @@ int TLSX_SNI_GetFromBuffer(const byte* clientHello, word32 helloSz,
|
||||
} else {
|
||||
word16 listLen;
|
||||
|
||||
if (extLen < OPAQUE16_LEN)
|
||||
return BUFFER_ERROR;
|
||||
|
||||
ato16(clientHello + offset, &listLen);
|
||||
offset += OPAQUE16_LEN;
|
||||
|
||||
@@ -3627,6 +3630,14 @@ int ProcessChainOCSPRequest(WOLFSSL* ssl)
|
||||
|
||||
if (chain && chain->buffer) {
|
||||
while (ret == 0 && pos + OPAQUE24_LEN < chain->length) {
|
||||
if (i >= MAX_CERT_EXTENSIONS) {
|
||||
WOLFSSL_MSG_EX(
|
||||
"OCSP request cert chain exceeds maximum length: "
|
||||
"i=%d, MAX_CERT_EXTENSIONS=%d", i, MAX_CERT_EXTENSIONS);
|
||||
ret = MAX_CERT_EXTENSIONS_ERR;
|
||||
break;
|
||||
}
|
||||
|
||||
c24to32(chain->buffer + pos, &der.length);
|
||||
pos += OPAQUE24_LEN;
|
||||
der.buffer = chain->buffer + pos;
|
||||
|
||||
+9
-3
@@ -9072,7 +9072,7 @@ static word32 NextCert(byte* data, word32 length, word32* idx)
|
||||
* extIdx The index number of certificate status request data
|
||||
* for the certificate.
|
||||
* offset index offset
|
||||
* returns Total number of bytes written.
|
||||
* returns Total number of bytes written on success or negative value on error.
|
||||
*/
|
||||
static int WriteCSRToBuffer(WOLFSSL* ssl, DerBuffer** certExts,
|
||||
word16* extSz, word16 extSz_num)
|
||||
@@ -9087,6 +9087,9 @@ static int WriteCSRToBuffer(WOLFSSL* ssl, DerBuffer** certExts,
|
||||
word32 extIdx;
|
||||
DerBuffer* der;
|
||||
|
||||
if (extSz_num > MAX_CERT_EXTENSIONS)
|
||||
return MAX_CERT_EXTENSIONS_ERR;
|
||||
|
||||
ext = TLSX_Find(ssl->extensions, TLSX_STATUS_REQUEST);
|
||||
csr = ext ? (CertificateStatusRequest*)ext->data : NULL;
|
||||
|
||||
@@ -9338,8 +9341,11 @@ static int SendTls13Certificate(WOLFSSL* ssl)
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
ret = WriteCSRToBuffer(ssl, &ssl->buffers.certExts[0], &extSz[0],
|
||||
1 /* +1 for leaf */ + (word16)ssl->buffers.certChainCnt);
|
||||
if ((1 + ssl->buffers.certChainCnt) > MAX_CERT_EXTENSIONS)
|
||||
ret = MAX_CERT_EXTENSIONS_ERR;
|
||||
if (ret == 0)
|
||||
ret = WriteCSRToBuffer(ssl, &ssl->buffers.certExts[0], &extSz[0],
|
||||
1 /* +1 for leaf */ + (word16)ssl->buffers.certChainCnt);
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
totalextSz += ret;
|
||||
|
||||
Reference in New Issue
Block a user