diff options
author | Simon Cornish <7t9jna402@sneakemail.com> | 2020-02-14 14:16:09 -0800 |
---|---|---|
committer | Tomas Mraz <tmraz@fedoraproject.org> | 2020-02-19 09:22:09 +0100 |
commit | dfbaef60fe2ff95a1bc4362f2c5a39d0cf6f2513 (patch) | |
tree | b2316e9ee80531de00021f4e1d40d88a5ef1dfcf /ssl | |
parent | 218e740f850f77c9f2720d56886eab166d1a6727 (diff) |
Handle max_fragment_length overflow for DTLS
Allow for encryption overhead in early DTLS size check
and send overflow if validated record is too long
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11096)
(cherry picked from commit cc0663f697b05ed121a728241f0502250429802d)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/record/ssl3_record.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index 8b43805e81..c4c482e35d 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -1610,6 +1610,7 @@ int dtls1_process_record(SSL *s, DTLS1_BITMAP *bitmap) int imac_size; size_t mac_size; unsigned char md[EVP_MAX_MD_SIZE]; + size_t max_plain_length = SSL3_RT_MAX_PLAIN_LENGTH; rr = RECORD_LAYER_get_rrec(&s->rlayer); sess = s->session; @@ -1782,7 +1783,12 @@ int dtls1_process_record(SSL *s, DTLS1_BITMAP *bitmap) } } - if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH) { + /* use current Max Fragment Length setting if applicable */ + if (s->session != NULL && USE_MAX_FRAGMENT_LENGTH_EXT(s->session)) + max_plain_length = GET_MAX_FRAGMENT_LENGTH(s->session); + + /* send overflow if the plaintext is too long now it has passed MAC */ + if (rr->length > max_plain_length) { SSLfatal(s, SSL_AD_RECORD_OVERFLOW, SSL_F_DTLS1_PROCESS_RECORD, SSL_R_DATA_LENGTH_TOO_LONG); return 0; @@ -1926,7 +1932,7 @@ int dtls1_get_record(SSL *s) /* If received packet overflows own-client Max Fragment Length setting */ if (s->session != NULL && USE_MAX_FRAGMENT_LENGTH_EXT(s->session) - && rr->length > GET_MAX_FRAGMENT_LENGTH(s->session)) { + && rr->length > GET_MAX_FRAGMENT_LENGTH(s->session) + SSL3_RT_MAX_ENCRYPTED_OVERHEAD) { /* record too long, silently discard it */ rr->length = 0; rr->read = 1; |