diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2019-09-13 12:14:42 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2019-09-13 12:14:42 +0000 |
commit | b9c965ecbcfe873b09cd4c854119c5d6dcb0a462 (patch) | |
tree | ff6d782f1f632d2042f4338ed8cf7f696fff2efe /lib | |
parent | 5b614d21be0287748f1b8418d3ac382d891f34d7 (diff) | |
parent | 5fac5af99b418171c285ae49d3cd8381a852dfd7 (diff) | |
download | gnutls-b9c965ecbcfe873b09cd4c854119c5d6dcb0a462.tar.gz |
Merge branch 'tmp-interop-old-gnutls' into 'master'
Do not forbid excess random padding in TLS1.x CBC ciphersuites
Closes #811
See merge request gnutls/gnutls!1054
Diffstat (limited to 'lib')
-rw-r--r-- | lib/constate.c | 11 | ||||
-rw-r--r-- | lib/record.c | 4 |
2 files changed, 11 insertions, 4 deletions
diff --git a/lib/constate.c b/lib/constate.c index 51a4eca30a..4c6ca0fd0f 100644 --- a/lib/constate.c +++ b/lib/constate.c @@ -707,10 +707,17 @@ int _gnutls_epoch_set_keys(gnutls_session_t session, uint16_t epoch, hs_stage_t return gnutls_assert_val(ret); } - if (ver->tls13_sem) { + /* The TLS1.3 limit of 256 additional bytes is also enforced under CBC + * ciphers to ensure we interoperate with gnutls 2.12.x which could add padding + * data exceeding the maximum. */ + if (ver->tls13_sem || _gnutls_cipher_type(params->cipher) == CIPHER_BLOCK) { session->internals.max_recv_size = 256; } else { - session->internals.max_recv_size = _gnutls_record_overhead(ver, params->cipher, params->mac, 1); + session->internals.max_recv_size = 0; + } + + if (!ver->tls13_sem) { + session->internals.max_recv_size += _gnutls_record_overhead(ver, params->cipher, params->mac, 1); if (session->internals.allow_large_records != 0) session->internals.max_recv_size += EXTRA_COMP_SIZE; } diff --git a/lib/record.c b/lib/record.c index 39d2a16be2..7c7e365611 100644 --- a/lib/record.c +++ b/lib/record.c @@ -1219,8 +1219,8 @@ static int recv_headers(gnutls_session_t session, if (record->length == 0 || record->length > max_record_recv_size(session)) { _gnutls_audit_log - (session, "Received packet with illegal length: %u\n", - (unsigned int) record->length); + (session, "Received packet with illegal length: %u (max: %u)\n", + (unsigned int) record->length, (unsigned)max_record_recv_size(session)); if (record->length == 0) { /* Empty, unencrypted records are always unexpected. */ |