diff options
author | Matt Caswell <matt@openssl.org> | 2017-02-03 11:21:07 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-02-16 09:35:56 +0000 |
commit | cc22cd546bd0b0e1b55c1835403ab564d5f30581 (patch) | |
tree | 3cf928045ffeb0b8b5638286a6f414681d54ccce /test/handshake_helper.c | |
parent | 7b3a4d610731929d4fde15411f9be9b883974980 (diff) |
Provide a test for the Encrypt-Then-Mac renegotiation crash
In 1.1.0 changing the ciphersuite during a renegotiation can result in
a crash leading to a DoS attack. In master this does not occur with TLS
(instead you get an internal error, which is still wrong but not a security
issue) - but the problem still exists in the DTLS code.
This commit provides a test for the issue.
CVE-2017-3733
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'test/handshake_helper.c')
-rw-r--r-- | test/handshake_helper.c | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/test/handshake_helper.c b/test/handshake_helper.c index a7898991e0..2b869a4247 100644 --- a/test/handshake_helper.c +++ b/test/handshake_helper.c @@ -607,10 +607,20 @@ static void do_reneg_setup_step(const SSL_TEST_CTX *test_ctx, PEER *peer) * session. The server may or may not resume dependant on the * setting of SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION */ - if (SSL_is_server(peer->ssl)) + if (SSL_is_server(peer->ssl)) { ret = SSL_renegotiate(peer->ssl); - else - ret = SSL_renegotiate_abbreviated(peer->ssl); + } else { + if (test_ctx->extra.client.reneg_ciphers != NULL) { + if (!SSL_set_cipher_list(peer->ssl, + test_ctx->extra.client.reneg_ciphers)) { + peer->status = PEER_ERROR; + return; + } + ret = SSL_renegotiate(peer->ssl); + } else { + ret = SSL_renegotiate_abbreviated(peer->ssl); + } + } if (!ret) { peer->status = PEER_ERROR; return; |