From: kemal <kemalinanc8@gmail.com>
To: 9front@9front.org
Subject: [9front] libsec: fix bugs in tls extension handling
Date: Sun, 17 Oct 2021 17:38:13 +0000 [thread overview]
Message-ID: <CABO6shdVnm92-_iRVY3JCib3pCPp1YxCNCsyXVFLahMa8zpPCg@mail.gmail.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 551 bytes --]
hello,
this patch fixes bugs in tls extension handling:
1. if conn->serverName is an empty string, tlsClientExtensions
will generate a SNI with an empty hostname, which is forbidden
according to RFC 6066:
opaque HostName<1..2^16-1>;
check if conn->serverName has at least one char.
2. checkClientExtensions fail with clients that doesn't have
extensions, because it doesn't check if ext is nil. fix that
up.
3. rewrite checkClientExtensions. some parts of the code does
not check the length properly, and it could be simplified
heavily.
-kemal
[-- Attachment #2: patch.txt --]
[-- Type: text/plain, Size: 3928 bytes --]
From: kemal <kemalinanc8@gmail.com>
Date: Sun, 17 Oct 2021 17:30:15 +0000
Subject: [PATCH] libsec: fix bugs in tls extension handling
this patch fixes bugs in tls extension handling:
1. if conn->serverName is an empty string, tlsClientExtensions
will generate a SNI with an empty hostname, which is forbidden
according to RFC 6066:
opaque HostName<1..2^16-1>;
check if conn->serverName has at least one char.
2. checkClientExtensions fail with clients that doesn't have
extensions, because it doesn't check if ext is nil. fix that
up.
3. rewrite checkClientExtensions. some parts of the code does
not check the length properly, and it could be simplified
heavily.
---
diff 72d08816abaa2935e8055d9cdfd73b59df5f9bd3 ae64fa53dc98de6c51c4b2631da1114082641196
--- a/sys/src/libsec/port/tlshand.c Sat Oct 16 18:07:39 2021
+++ b/sys/src/libsec/port/tlshand.c Sun Oct 17 20:30:15 2021
@@ -321,10 +321,6 @@
0x0018, secp384r1,
};
-static uchar pointformats[] = {
- CompressionNull /* support of uncompressed point format is mandatory */
-};
-
static struct {
DigestState* (*fun)(uchar*, ulong, uchar*, DigestState*);
int len;
@@ -496,9 +492,7 @@
p = b = nil;
// RFC6066 - Server Name Identification
- if(conn->serverName != nil){
- n = strlen(conn->serverName);
-
+ if(conn->serverName != nil && (n = strlen(conn->serverName)) > 0){
m = p - b;
b = erealloc(b, m + 2+2+2+1+2+n);
p = b + m;
@@ -514,11 +508,12 @@
// Elliptic Curves (also called Supported Groups)
if(ProtocolVersion >= TLS10Version){
+ n = nelem(namedcurves);
+
m = p - b;
- b = erealloc(b, m + 2+2+2+nelem(namedcurves)*2 + 2+2+1+nelem(pointformats));
+ b = erealloc(b, m + 2+2+2+n*2 + 2+2+1+n);
p = b + m;
- n = nelem(namedcurves);
put16(p, Extec), p += 2; /* Type: elliptic_curves / supported_groups */
put16(p, (n+1)*2), p += 2; /* Length */
put16(p, n*2), p += 2; /* Elliptic Curves Length */
@@ -527,12 +522,10 @@
p += 2;
}
- n = nelem(pointformats);
put16(p, Extecp), p += 2; /* Type: ec_point_formats */
- put16(p, n+1), p += 2; /* Length */
- *p++ = n; /* EC point formats Length */
- for(i=0; i < n; i++) /* EC point formats */
- *p++ = pointformats[i];
+ put16(p, 2), p += 2; /* Length */
+ *p++ = 1; /* EC Point Formats Length */
+ *p++ = 0; /* Point Format: uncompressed */
}
// signature algorithms
@@ -651,37 +644,26 @@
uchar *p, *e;
int i, j, n;
- p = ext->data;
- e = p+ext->len;
- while(p < e){
- if(e-p < 2)
+ if(ext == nil)
+ return 0;
+
+ for(p = ext->data, e = p+ext->len; p < e; p += n){
+ if(e-p < 4)
goto Short;
- switch(get16(p)){
- case Extec:
- p += 2;
- n = get16(p);
- if(e-p < n || n < 2)
+ p += 4;
+ if(e-p < (n = get16(p-2)))
+ goto Short;
+ switch(get16(p-4)){
+ case Extec:
+ if(n < 4 || n % 2 || get16(p) != (n -= 2))
goto Short;
p += 2;
- n = get16(p);
- p += 2;
- if(e-p < n || n & 1 || n == 0)
- goto Short;
for(i = 0; i < nelem(namedcurves) && c->sec->nc == nil; i++)
for(j = 0; j < n; j += 2)
if(namedcurves[i].tlsid == get16(p+j)){
c->sec->nc = &namedcurves[i];
break;
}
- p += n;
- break;
- default:
- p += 2;
- n = get16(p);
- p += 2;
- if(e-p < n)
- goto Short;
- p += n;
break;
}
}
@@ -689,8 +671,8 @@
return 0;
Short:
tlsError(c, EDecodeError, "clienthello extensions has invalid length");
- return -1;
-}
+ return -1;
+}
static TlsConnection *
tlsServer2(int ctl, int hand,
@@ -1587,7 +1569,7 @@
nn = get16(p);
p += 2, n -= 2;
- if((nn & 1) || n < nn || nn < 2)
+ if(nn % 2 || n < nn || nn < 2)
goto Short;
m->u.clientHello.ciphers = newints(nn >> 1);
for(i = 0; i < nn; i += 2)
@@ -1676,7 +1658,7 @@
goto Short;
nn = get16(p);
p += 2, n -= 2;
- if(nn & 1)
+ if(nn % 2)
goto Short;
m->u.certificateRequest.sigalgs = newints(nn>>1);
for(i = 0; i < nn; i += 2)
next reply other threads:[~2021-10-18 9:12 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-17 17:38 kemal [this message]
2021-10-17 23:15 ` cinap_lenrek
2021-10-18 12:36 ` kemal
2021-10-18 16:22 ` cinap_lenrek
2021-10-17 23:36 ` cinap_lenrek
2021-10-17 23:46 ` cinap_lenrek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CABO6shdVnm92-_iRVY3JCib3pCPp1YxCNCsyXVFLahMa8zpPCg@mail.gmail.com \
--to=kemalinanc8@gmail.com \
--cc=9front@9front.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).