diff options
author | Jo-Philipp Wich <jow@openwrt.org> | 2012-10-09 16:41:36 +0000 |
---|---|---|
committer | Jo-Philipp Wich <jow@openwrt.org> | 2012-10-09 16:41:36 +0000 |
commit | 6945d722e682c0a1e5986f8844ad4428c7f97aea (patch) | |
tree | 357c2fe58daafb8d36dfd4d98d1c921eba4ad60c /package | |
parent | ff1b1635401fab42d6b1df1992f95bcb779c8bfb (diff) | |
download | mtk-20170518-6945d722e682c0a1e5986f8844ad4428c7f97aea.zip mtk-20170518-6945d722e682c0a1e5986f8844ad4428c7f97aea.tar.gz mtk-20170518-6945d722e682c0a1e5986f8844ad4428c7f97aea.tar.bz2 |
cyassl: add a patch to better check legacy SSLv2 client hello records
If junk data is received during SSL_accept(), cyassl will treat it as legacy SSLv2
record without performing further plausibility checks. Change the legacy code path
to return UNKNOWN_HANDSHAKE_TYPE if the value of the third byte isn't 0x01 the
hello message type.
SVN-Revision: 33675
Diffstat (limited to 'package')
-rw-r--r-- | package/libs/cyassl/Makefile | 4 | ||||
-rw-r--r-- | package/libs/cyassl/patches/200-SSL_accept-handle-hello-garbage.patch | 13 |
2 files changed, 15 insertions, 2 deletions
diff --git a/package/libs/cyassl/Makefile b/package/libs/cyassl/Makefile index 442186a..063e572 100644 --- a/package/libs/cyassl/Makefile +++ b/package/libs/cyassl/Makefile @@ -1,5 +1,5 @@ # -# Copyright (C) 2006-2010 OpenWrt.org +# Copyright (C) 2006-2012 OpenWrt.org # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=cyassl PKG_VERSION:=1.6.5 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).zip PKG_SOURCE_URL:=http://www.yassl.com/ diff --git a/package/libs/cyassl/patches/200-SSL_accept-handle-hello-garbage.patch b/package/libs/cyassl/patches/200-SSL_accept-handle-hello-garbage.patch new file mode 100644 index 0000000..4a6b8da --- /dev/null +++ b/package/libs/cyassl/patches/200-SSL_accept-handle-hello-garbage.patch @@ -0,0 +1,13 @@ +--- a/src/cyassl_int.c ++++ b/src/cyassl_int.c +@@ -1588,6 +1588,10 @@ + b1 = + ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx++]; + ssl->curSize = ((b0 & 0x7f) << 8) | b1; ++ ++ /* does not appear to a be a SSLv2 client hello */ ++ if ( ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx] != 1 ) ++ return UNKNOWN_HANDSHAKE_TYPE; + } + else { + ssl->options.processReply = getRecordLayerHeader; |