diff options
| author | Matt Caswell <matt@openssl.org> | 2024-08-01 15:55:11 +0200 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2024-08-07 19:34:23 +0200 |
| commit | 293d0a0052166222a4b8a0bdd12e6ceca812f6ab (patch) | |
| tree | 1d1edf50899738e880f9dffdeefd9a88df7691b8 /ssl | |
| parent | Add logging support for early data (diff) | |
| download | openssl-293d0a0052166222a4b8a0bdd12e6ceca812f6ab.tar.xz openssl-293d0a0052166222a4b8a0bdd12e6ceca812f6ab.zip | |
Check that a supported_versions extension is present in an HRR
If an HRR is sent then it MUST contain supported_versions according to the
RFC. We were sanity checking any supported_versions extension that was sent
but failed to verify that it was actually present.
Fixes #25041
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25068)
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/ssl_err.c | 2 | ||||
| -rw-r--r-- | ssl/statem/extensions.c | 16 |
2 files changed, 17 insertions, 1 deletions
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index 50d78b4769..3ef6afd03e 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -274,6 +274,8 @@ static const ERR_STRING_DATA SSL_str_reasons[] = { "can't find SRP server param"}, {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_SUPPORTED_GROUPS_EXTENSION), "missing supported groups extension"}, + {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_SUPPORTED_VERSIONS_EXTENSION), + "missing supported versions extension"}, {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_TMP_DH_KEY), "missing tmp dh key"}, {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_TMP_ECDH_KEY), "missing tmp ecdh key"}, diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c index a52b9096ef..554190221f 100644 --- a/ssl/statem/extensions.c +++ b/ssl/statem/extensions.c @@ -59,6 +59,8 @@ static int final_key_share(SSL_CONNECTION *s, unsigned int context, int sent); static int init_srtp(SSL_CONNECTION *s, unsigned int context); #endif static int final_sig_algs(SSL_CONNECTION *s, unsigned int context, int sent); +static int final_supported_versions(SSL_CONNECTION *s, unsigned int context, + int sent); static int final_early_data(SSL_CONNECTION *s, unsigned int context, int sent); static int final_maxfragmentlen(SSL_CONNECTION *s, unsigned int context, int sent); @@ -344,7 +346,7 @@ static const EXTENSION_DEFINITION ext_defs[] = { /* Processed inline as part of version selection */ NULL, tls_parse_stoc_supported_versions, tls_construct_stoc_supported_versions, - tls_construct_ctos_supported_versions, NULL + tls_construct_ctos_supported_versions, final_supported_versions }, { TLSEXT_TYPE_psk_kex_modes, @@ -1346,6 +1348,18 @@ static int final_sig_algs(SSL_CONNECTION *s, unsigned int context, int sent) return 1; } +static int final_supported_versions(SSL_CONNECTION *s, unsigned int context, + int sent) +{ + if (!sent && context == SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST) { + SSLfatal(s, TLS13_AD_MISSING_EXTENSION, + SSL_R_MISSING_SUPPORTED_VERSIONS_EXTENSION); + return 0; + } + + return 1; +} + static int final_key_share(SSL_CONNECTION *s, unsigned int context, int sent) { #if !defined(OPENSSL_NO_TLS1_3) |