root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Limit the number of KeyUpdate messages we can process 

Too many KeyUpdate message could be inicative of a problem (e.g. an
infinite KeyUpdate loop if the peer always responds to a KeyUpdate message
with an "update_requested" KeyUpdate response), or (conceivably) an attack.
Either way we limit the number of KeyUpdate messages we are prepared to
handle.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2609)
This commit is contained in:
Matt Caswell 2017-02-13 11:55:38 +00:00
parent 57389a3261
commit 82f992cbe0
4 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
include/openssl/ssl.h
View File

@ -2622,6 +2622,7 @@ int ERR_load_SSL_strings(void);
# define SSL_R_TLS_HEARTBEAT_PENDING 366 # define SSL_R_TLS_HEARTBEAT_PENDING 366
# define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367 # define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367
# define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157 # define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
# define SSL_R_TOO_MANY_KEY_UPDATES 132
# define SSL_R_TOO_MANY_WARN_ALERTS 409 # define SSL_R_TOO_MANY_WARN_ALERTS 409
# define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS 314 # define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS 314
# define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239 # define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239

1
ssl/ssl_err.c
View File

@ -764,6 +764,7 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
"tls illegal exporter label"}, "tls illegal exporter label"},
{ERR_REASON(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST), {ERR_REASON(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST),
"tls invalid ecpointformat list"}, "tls invalid ecpointformat list"},
{ERR_REASON(SSL_R_TOO_MANY_KEY_UPDATES), "too many key updates"},
{ERR_REASON(SSL_R_TOO_MANY_WARN_ALERTS), "too many warn alerts"}, {ERR_REASON(SSL_R_TOO_MANY_WARN_ALERTS), "too many warn alerts"},
{ERR_REASON(SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS), {ERR_REASON(SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS),
"unable to find ecdh parameters"}, "unable to find ecdh parameters"},

4
ssl/ssl_locl.h
View File

@ -996,6 +996,10 @@ struct ssl_st {
EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */ EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
unsigned char write_iv[EVP_MAX_IV_LENGTH]; /* TLSv1.3 static write IV */ unsigned char write_iv[EVP_MAX_IV_LENGTH]; /* TLSv1.3 static write IV */
EVP_MD_CTX *write_hash; /* used for mac generation */ EVP_MD_CTX *write_hash; /* used for mac generation */
/* Count of how many KeyUpdate messages we have received */
unsigned int key_update_count;
/* session info */ /* session info */
/* client cert? */ /* client cert? */
/* This is used to hold the server certificate used */ /* This is used to hold the server certificate used */

8
ssl/statem/statem_lib.c
View File

@ -510,12 +510,20 @@ int tls_construct_key_update(SSL *s, WPACKET *pkt)
return 0; return 0;
} }
#define MAX_KEY_UPDATE_MESSAGES 32
MSG_PROCESS_RETURN tls_process_key_update(SSL *s, PACKET *pkt) MSG_PROCESS_RETURN tls_process_key_update(SSL *s, PACKET *pkt)
{ {
int al; int al;
unsigned int updatetype; unsigned int updatetype;
s->key_update_count++;
if (s->key_update_count > MAX_KEY_UPDATE_MESSAGES) {
al = SSL_AD_ILLEGAL_PARAMETER;
SSLerr(SSL_F_TLS_PROCESS_KEY_UPDATE, SSL_R_TOO_MANY_KEY_UPDATES);
goto err;
}
if (!PACKET_get_1(pkt, &updatetype) if (!PACKET_get_1(pkt, &updatetype)
|| PACKET_remaining(pkt) != 0 || PACKET_remaining(pkt) != 0
|| (updatetype != SSL_KEY_UPDATE_NOT_REQUESTED || (updatetype != SSL_KEY_UPDATE_NOT_REQUESTED