From: David Benjamin Date: Sat, 5 Mar 2016 18:14:11 +0000 (-0500) Subject: Fix V2ClientHello handling. X-Git-Tag: OpenSSL_1_1_0-pre6~871 X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=cb21df32296a57150341aaa24131dfc668122df8;hp=c1176ebf298ffa0bad0d368bd81aacbb30572a95 Fix V2ClientHello handling. The V2ClientHello code creates an empty compression list, but the compression list must explicitly contain the null compression (and later code enforces this). RT#4387 Reviewed-by: Stephen Henson Reviewed-by: Matt Caswell --- diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 27f12873f3..a6841c3b4b 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -971,6 +971,7 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt) /* |cookie| will only be initialized for DTLS. */ PACKET session_id, cipher_suites, compression, extensions, cookie; int is_v2_record; + static unsigned char null_compression = 0; is_v2_record = RECORD_LAYER_is_sslv2_record(&s->rlayer); @@ -1096,19 +1097,20 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt) goto f_err; } - /* Load the client random */ + /* Load the client random and compression list. */ challenge_len = challenge_len > SSL3_RANDOM_SIZE ? SSL3_RANDOM_SIZE : challenge_len; memset(s->s3->client_random, 0, SSL3_RANDOM_SIZE); if (!PACKET_copy_bytes(&challenge, s->s3->client_random + SSL3_RANDOM_SIZE - - challenge_len, challenge_len)) { + challenge_len, challenge_len) + /* Advertise only null compression. */ + || !PACKET_buf_init(&compression, &null_compression, 1)) { SSLerr(SSL_F_TLS_PROCESS_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); al = SSL_AD_INTERNAL_ERROR; goto f_err; } - PACKET_null_init(&compression); PACKET_null_init(&extensions); } else { /* Regular ClientHello. */