Revision aa3b4b4d deps/openssl/openssl/ssl/s23_srvr.c

View differences:

deps/openssl/openssl/ssl/s23_srvr.c
348 348 
			 * Client Hello message, this would be difficult, and we'd have
349 349 
			 * to read more records to find out.
350 350 
			 * No known SSL 3.0 client fragments ClientHello like this,
351 
			 * so we simply assume TLS 1.0 to avoid protocol version downgrade
352 
			 * attacks. */
351 
			 * so we simply reject such connections to avoid
352 
			 * protocol version downgrade attacks. */
353 353 
			if (p[3] == 0 && p[4] < 6)
354 354 
				{
355 
#if 0
356 355 
				SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_SMALL);
357 356 
				goto err;
358 
#else
359 
				v[1] = TLS1_VERSION_MINOR;
360 
#endif
361 357 
				}
362 358 
			/* if major version number > 3 set minor to a value
363 359 
			 * which will use the highest version 3 we support.
364 360 
			 * If TLS 2.0 ever appears we will need to revise
365 361 
			 * this....
366 362 
			 */
367 
			else if (p[9] > SSL3_VERSION_MAJOR)
363 
			if (p[9] > SSL3_VERSION_MAJOR)
368 364 
				v[1]=0xff;
369 365 
			else
370 366 
				v[1]=p[10]; /* minor version according to client_version */
......
444 440 
		v[0] = p[3]; /* == SSL3_VERSION_MAJOR */
445 441 
		v[1] = p[4];
446 442 

  		




  
  443
  
    
		/* An SSLv3/TLSv1 backwards-compatible CLIENT-HELLO in an SSLv2


  		




  
  444
  
    
		 * header is sent directly on the wire, not wrapped as a TLS


  		




  
  445
  
    
		 * record. It's format is:


  		




  
  446
  
    
		 * Byte  Content


  		




  
  447
  
    
		 * 0-1   msg_length


  		




  
  448
  
    
		 * 2     msg_type


  		




  
  449
  
    
		 * 3-4   version


  		




  
  450
  
    
		 * 5-6   cipher_spec_length


  		




  
  451
  
    
		 * 7-8   session_id_length


  		




  
  452
  
    
		 * 9-10  challenge_length


  		




  
  453
  
    
		 * ...   ...


  		




  
  454
  
    
		 */


  		




  447
  455
  
    
		n=((p[0]&0x7f)<<8)|p[1];


  		




  448
  456
  
    
		if (n > (1024*4))


  		




  449
  457
  
    
			{


  		




  450
  458
  
    
			SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE);


  		




  451
  459
  
    
			goto err;


  		




  452
  460
  
    
			}


  		




  
  461
  
    
		if (n < 9)


  		




  
  462
  
    
			{


  		




  
  463
  
    
			SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_LENGTH_MISMATCH);


  		




  
  464
  
    
			goto err;


  		




  
  465
  
    
			}


  		




  453
  466
  
    

  		




  454
  467
  
    
		j=ssl23_read_bytes(s,n+2);


  		




  
  468
  
    
		/* We previously read 11 bytes, so if j > 0, we must have


  		




  
  469
  
    
		 * j == n+2 == s->packet_length. We have at least 11 valid


  		




  
  470
  
    
		 * packet bytes. */


  		




  455
  471
  
    
		if (j <= 0) return(j);


  		




  456
  472
  
    

  		




  457
  473
  
    
		ssl3_finish_mac(s, s->packet+2, s->packet_length-2);


  		












Also available in:  Unified diff