diff options
| author | Zoltan Fridrich <zfridric@redhat.com> | 2022-12-08 11:49:16 +0100 |
|---|---|---|
| committer | Zoltan Fridrich <zfridric@redhat.com> | 2023-01-03 09:04:55 +0100 |
| commit | 17c952ec94948a12fb96f6990b726b1484ae1f0c (patch) | |
| tree | 0a65ebaa0af80c7ee9cd7f8ef95e7a0143c04a69 /lib | |
| parent | c734753b58318ebe7d81b01dab20fd4ad62ea8f4 (diff) | |
| download | gnutls-17c952ec94948a12fb96f6990b726b1484ae1f0c.tar.gz | |
Fail when received cert is compressed with disabled method
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/ext/compress_certificate.c | 24 | ||||
| -rw-r--r-- | lib/ext/compress_certificate.h | 4 | ||||
| -rw-r--r-- | lib/tls13/certificate.c | 9 |
3 files changed, 34 insertions, 3 deletions
diff --git a/lib/ext/compress_certificate.c b/lib/ext/compress_certificate.c index 67e3c5d1f5..2d0baa6262 100644 --- a/lib/ext/compress_certificate.c +++ b/lib/ext/compress_certificate.c @@ -83,6 +83,30 @@ _gnutls_compress_certificate_method2num(gnutls_compression_method_t method) } } +/* Returns 1 if the method is set as supported compression method for the session, + * returns 0 otherwise + */ +bool +_gnutls_compress_certificate_is_method_enabled(gnutls_session_t session, + gnutls_compression_method_t method) +{ + int ret; + unsigned i; + compress_certificate_ext_st *priv; + gnutls_ext_priv_data_t epriv; + + ret = _gnutls_hello_ext_get_priv(session, GNUTLS_EXTENSION_COMPRESS_CERTIFICATE, &epriv); + if (ret < 0) + return false; + priv = epriv; + + for (i = 0; i < priv->methods_len; ++i) + if (priv->methods[i] == method) + return true; + + return false; +} + /** * gnutls_compress_certificate_get_selected_method: * @session: is a #gnutls_session_t type. diff --git a/lib/ext/compress_certificate.h b/lib/ext/compress_certificate.h index 6834b10935..e0f445f620 100644 --- a/lib/ext/compress_certificate.h +++ b/lib/ext/compress_certificate.h @@ -41,6 +41,10 @@ _gnutls_compress_certificate_num2method(uint16_t num); int _gnutls_compress_certificate_method2num(gnutls_compression_method_t method); +bool +_gnutls_compress_certificate_is_method_enabled(gnutls_session_t session, + gnutls_compression_method_t method); + int _gnutls_compress_certificate_recv_params(gnutls_session_t session, const uint8_t * data, diff --git a/lib/tls13/certificate.c b/lib/tls13/certificate.c index 979262930e..065bb9a62a 100644 --- a/lib/tls13/certificate.c +++ b/lib/tls13/certificate.c @@ -35,7 +35,7 @@ static int parse_cert_extension(void *ctx, unsigned tls_id, const uint8_t *data, static int parse_cert_list(gnutls_session_t session, uint8_t * data, size_t data_size); static int compress_certificate(gnutls_buffer_st * buf, unsigned cert_pos_mark, gnutls_compression_method_t comp_method); -static int decompress_certificate(gnutls_buffer_st * buf); +static int decompress_certificate(gnutls_session_t session, gnutls_buffer_st * buf); int _gnutls13_recv_certificate(gnutls_session_t session) { @@ -79,7 +79,7 @@ int _gnutls13_recv_certificate(gnutls_session_t session) } if (decompress_cert) { - ret = decompress_certificate(&buf); + ret = decompress_certificate(session, &buf); if (ret < 0) { gnutls_assert(); gnutls_alert_send(session, GNUTLS_AL_FATAL, GNUTLS_A_BAD_CERTIFICATE); @@ -613,7 +613,7 @@ cleanup: } static int -decompress_certificate(gnutls_buffer_st * buf) +decompress_certificate(gnutls_session_t session, gnutls_buffer_st * buf) { int ret; size_t method_num, plain_exp_len; @@ -625,6 +625,9 @@ decompress_certificate(gnutls_buffer_st * buf) return gnutls_assert_val(ret); comp_method = _gnutls_compress_certificate_num2method(method_num); + if (!_gnutls_compress_certificate_is_method_enabled(session, comp_method)) + return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); + ret = _gnutls_buffer_pop_prefix24(buf, &plain_exp_len, 0); if (ret < 0) return gnutls_assert_val(ret); |