wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-03 20:54:41 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix defragment of handshake messages in TLS

Browse Source
This commit is contained in:
John Safranek
2015-10-06 20:18:55 -07:00
parent d6a5bfb53d
commit a7ae5155ce
3 changed files with 35 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
src/internal.c
View File

@@ -5267,8 +5267,8 @@ static int DoHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
WOLFSSL_ENTER("DoHandShakeMsg()"); WOLFSSL_ENTER("DoHandShakeMsg()");
/* If there is a pending fragmented handshake message, pending message size /* If there is a pending fragmented handshake message,
* will be non-zero. */ * pending message size will be non-zero. */
if (ssl->arrays->pendingMsgSz == 0) { if (ssl->arrays->pendingMsgSz == 0) {
byte type; byte type;
word32 size; word32 size;
@@ -5276,8 +5276,16 @@ static int DoHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
if (GetHandShakeHeader(ssl,input, inOutIdx, &type, &size, totalSz) != 0) if (GetHandShakeHeader(ssl,input, inOutIdx, &type, &size, totalSz) != 0)
return PARSE_ERROR; return PARSE_ERROR;
/* Cap the maximum size of a handshake message to something reasonable.
* By default is the maximum size of a certificate message assuming
* nine 2048-bit RSA certificates in the chain. */
if (size > MAX_HANDSHAKE_SZ) {
WOLFSSL_MSG("Handshake message too large");
return HANDSHAKE_SIZE_ERROR;
}
/* size is the size of the certificate message payload */ /* size is the size of the certificate message payload */
if (totalSz - HANDSHAKE_HEADER_SZ < size) { if (ssl->curSize < size) {
ssl->arrays->pendingMsgType = type; ssl->arrays->pendingMsgType = type;
ssl->arrays->pendingMsgSz = size + HANDSHAKE_HEADER_SZ; ssl->arrays->pendingMsgSz = size + HANDSHAKE_HEADER_SZ;
ssl->arrays->pendingMsg = (byte*)XMALLOC(size + HANDSHAKE_HEADER_SZ, ssl->arrays->pendingMsg = (byte*)XMALLOC(size + HANDSHAKE_HEADER_SZ,
@@ -5286,25 +5294,25 @@ static int DoHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
if (ssl->arrays->pendingMsg == NULL) if (ssl->arrays->pendingMsg == NULL)
return MEMORY_E; return MEMORY_E;
XMEMCPY(ssl->arrays->pendingMsg, XMEMCPY(ssl->arrays->pendingMsg,
input + *inOutIdx - HANDSHAKE_HEADER_SZ, totalSz); input + *inOutIdx - HANDSHAKE_HEADER_SZ, ssl->curSize);
ssl->arrays->pendingMsgOffset = totalSz; ssl->arrays->pendingMsgOffset = ssl->curSize;
*inOutIdx += totalSz - HANDSHAKE_HEADER_SZ; *inOutIdx += ssl->curSize - HANDSHAKE_HEADER_SZ;
return 0; return 0;
} }
ret = DoHandShakeMsgType(ssl, input, inOutIdx, type, size, totalSz); ret = DoHandShakeMsgType(ssl, input, inOutIdx, type, size, totalSz);
} }
else { else {
if (totalSz + ssl->arrays->pendingMsgOffset if (ssl->curSize + ssl->arrays->pendingMsgOffset
> ssl->arrays->pendingMsgSz) { > ssl->arrays->pendingMsgSz) {
return BUFFER_ERROR; return BUFFER_ERROR;
} }
else { else {
XMEMCPY(ssl->arrays->pendingMsg + ssl->arrays->pendingMsgOffset, XMEMCPY(ssl->arrays->pendingMsg + ssl->arrays->pendingMsgOffset,
input + *inOutIdx, totalSz); input + *inOutIdx, ssl->curSize);
ssl->arrays->pendingMsgOffset += totalSz; ssl->arrays->pendingMsgOffset += ssl->curSize;
*inOutIdx += totalSz; *inOutIdx += ssl->curSize;
} }
if (ssl->arrays->pendingMsgOffset == ssl->arrays->pendingMsgSz) if (ssl->arrays->pendingMsgOffset == ssl->arrays->pendingMsgSz)
@@ -8553,6 +8561,9 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e)
case RSA_SIGN_FAULT: case RSA_SIGN_FAULT:
return "RSA Signature Fault Error"; return "RSA Signature Fault Error";
case HANDSHAKE_SIZE_ERROR:
return "Handshake message too large Error";
default : default :
return "unknown error number"; return "unknown error number";
} }

1
wolfssl/error-ssl.h
View File

@@ -136,6 +136,7 @@ enum wolfSSL_ErrorCodes {
DH_KEY_SIZE_E = -401, /* DH Key too small */ DH_KEY_SIZE_E = -401, /* DH Key too small */
SNI_ABSENT_ERROR = -402, /* No SNI request. */ SNI_ABSENT_ERROR = -402, /* No SNI request. */
RSA_SIGN_FAULT = -403, /* RSA Sign fault */ RSA_SIGN_FAULT = -403, /* RSA Sign fault */
HANDSHAKE_SIZE_ERROR = -404, /* Handshake message too large */
/* add strings to SetErrorString !!!!! */ /* add strings to SetErrorString !!!!! */

13
wolfssl/internal.h
View File

@@ -1016,6 +1016,19 @@ enum Misc {
#define MAX_CHAIN_DEPTH 9 #define MAX_CHAIN_DEPTH 9
#endif #endif
/* max size of a certificate message payload */
/* assumes MAX_CHAIN_DEPTH number of certificates at 2kb per certificate */
#ifndef MAX_CERTIFICATE_SZ
#define MAX_CERTIFICATE_SZ \
CERT_HEADER_SZ + \
(MAX_X509_SIZE + CERT_HEADER_SZ) * MAX_CHAIN_DEPTH
#endif
/* max size of a handshake message, currently set to the certificate */
#ifndef MAX_HANDSHAKE_SZ
#define MAX_HANDSHAKE_SZ MAX_CERTIFICATE_SZ
#endif
#ifndef SESSION_TICKET_LEN #ifndef SESSION_TICKET_LEN
#define SESSION_TICKET_LEN 256 #define SESSION_TICKET_LEN 256
#endif #endif