diff options
| author |   jsing <jsing@openbsd.org> | 2017-03-05 16:09:44 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2017-03-05 16:09:44 +0000 |
| commit | 7e852510f1bdeda80b77f179b6f2ab0567f3ba2c (patch) | |
| tree | 8b86fd499743b3fa327a0bacf818f692052aead9 /lib/libssl/ssl_packet.c | |
| parent | 6.2 key for future packages (diff) | |
| download | wireguard-openbsd-7e852510f1bdeda80b77f179b6f2ab0567f3ba2c.tar.xz wireguard-openbsd-7e852510f1bdeda80b77f179b6f2ab0567f3ba2c.zip | |
Correctly convert an SSLv2 challenge into an SSLv3/TLS client random by
truncating or left zero padding.
ok beck@ inoguchi@ sthen@
Diffstat (limited to 'lib/libssl/ssl_packet.c')
| -rw-r--r-- | lib/libssl/ssl_packet.c | 36 |
1 files changed, 27 insertions, 9 deletions
diff --git a/lib/libssl/ssl_packet.c b/lib/libssl/ssl_packet.c index d5d59967351..53c7a86dc2f 100644 --- a/lib/libssl/ssl_packet.c +++ b/lib/libssl/ssl_packet.c @@ -74,11 +74,12 @@ ssl_convert_sslv2_client_hello(SSL *s) CBS cbs, challenge, cipher_specs, session; uint16_t record_length, client_version, cipher_specs_length; uint16_t session_id_length, challenge_length; - unsigned char *client_random, *data = NULL; + unsigned char *client_random = NULL, *data = NULL; + size_t data_len, pad_len, len; uint32_t cipher_spec; uint8_t message_type; - size_t data_len; - int rv = -1; + unsigned char *pad; + int ret = -1; int n; memset(&cbb, 0, sizeof(cbb)); @@ -153,6 +154,25 @@ ssl_convert_sslv2_client_hello(SSL *s) return -1; } + /* + * Convert SSLv2 challenge to SSLv3/TLS client random, by truncating or + * left-padding with zero bytes. + */ + if ((client_random = malloc(SSL3_RANDOM_SIZE)) == NULL) + goto err; + if (!CBB_init_fixed(&cbb, client_random, SSL3_RANDOM_SIZE)) + goto err; + if ((len = CBS_len(&challenge)) > SSL3_RANDOM_SIZE) + len = SSL3_RANDOM_SIZE; + pad_len = SSL3_RANDOM_SIZE - len; + if (!CBB_add_space(&cbb, &pad, pad_len)) + goto err; + memset(pad, 0, pad_len); + if (!CBB_add_bytes(&cbb, CBS_data(&challenge), len)) + goto err; + if (!CBB_finish(&cbb, NULL, NULL)) + goto err; + /* Build SSLv3/TLS record with client hello. */ if (!CBB_init(&cbb, SSL3_RT_MAX_PLAIN_LENGTH)) goto err; @@ -168,10 +188,7 @@ ssl_convert_sslv2_client_hello(SSL *s) goto err; if (!CBB_add_u16(&client_hello, client_version)) goto err; - if (!CBB_add_space(&client_hello, &client_random, SSL3_RANDOM_SIZE)) - goto err; - memset(client_random, 0, SSL3_RANDOM_SIZE); - if (!CBS_write_bytes(&challenge, client_random, SSL3_RANDOM_SIZE, NULL)) + if (!CBB_add_bytes(&client_hello, client_random, SSL3_RANDOM_SIZE)) goto err; if (!CBB_add_u8_length_prefixed(&client_hello, &session_id)) goto err; @@ -198,13 +215,14 @@ ssl_convert_sslv2_client_hello(SSL *s) s->internal->packet = s->s3->rbuf.buf; s->internal->packet_length = data_len; memcpy(s->internal->packet, data, data_len); - rv = 1; + ret = 1; err: CBB_cleanup(&cbb); + free(client_random); free(data); - return (rv); + return (ret); } /* |