f3cb03b52a
The first patch caused a QUIC test to fail, so backport the entire series, which looks reasonable and adds good additional safeguards and checks. Resolves: RHEL-45692 Signed-off-by: Clemens Lang <cllang@redhat.com>
63 lines
2.1 KiB
Diff
63 lines
2.1 KiB
Diff
From 195e15421df113d7283aab2ccff8b8fb06df5465 Mon Sep 17 00:00:00 2001
|
|
From: Matt Caswell <matt@openssl.org>
|
|
Date: Fri, 21 Jun 2024 11:51:54 +0100
|
|
Subject: [PATCH 08/10] Add ALPN validation in the client
|
|
|
|
The ALPN protocol selected by the server must be one that we originally
|
|
advertised. We should verify that it is.
|
|
|
|
Follow on from CVE-2024-5535
|
|
|
|
Reviewed-by: Neil Horman <nhorman@openssl.org>
|
|
Reviewed-by: Tomas Mraz <tomas@openssl.org>
|
|
(Merged from https://github.com/openssl/openssl/pull/24717)
|
|
---
|
|
ssl/statem/extensions_clnt.c | 24 ++++++++++++++++++++++++
|
|
1 file changed, 24 insertions(+)
|
|
|
|
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
|
|
index 1ab3c13d57..ff9c009ee5 100644
|
|
--- a/ssl/statem/extensions_clnt.c
|
|
+++ b/ssl/statem/extensions_clnt.c
|
|
@@ -1590,6 +1590,8 @@ int tls_parse_stoc_alpn(SSL_CONNECTION *s, PACKET *pkt, unsigned int context,
|
|
X509 *x, size_t chainidx)
|
|
{
|
|
size_t len;
|
|
+ PACKET confpkt, protpkt;
|
|
+ int valid = 0;
|
|
|
|
/* We must have requested it. */
|
|
if (!s->s3.alpn_sent) {
|
|
@@ -1608,6 +1610,28 @@ int tls_parse_stoc_alpn(SSL_CONNECTION *s, PACKET *pkt, unsigned int context,
|
|
SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_EXTENSION);
|
|
return 0;
|
|
}
|
|
+
|
|
+ /* It must be a protocol that we sent */
|
|
+ if (!PACKET_buf_init(&confpkt, s->ext.alpn, s->ext.alpn_len)) {
|
|
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
|
+ return 0;
|
|
+ }
|
|
+ while (PACKET_get_length_prefixed_1(&confpkt, &protpkt)) {
|
|
+ if (PACKET_remaining(&protpkt) != len)
|
|
+ continue;
|
|
+ if (memcmp(PACKET_data(pkt), PACKET_data(&protpkt), len) == 0) {
|
|
+ /* Valid protocol found */
|
|
+ valid = 1;
|
|
+ break;
|
|
+ }
|
|
+ }
|
|
+
|
|
+ if (!valid) {
|
|
+ /* The protocol sent from the server does not match one we advertised */
|
|
+ SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_EXTENSION);
|
|
+ return 0;
|
|
+ }
|
|
+
|
|
OPENSSL_free(s->s3.alpn_selected);
|
|
s->s3.alpn_selected = OPENSSL_malloc(len);
|
|
if (s->s3.alpn_selected == NULL) {
|
|
--
|
|
2.46.0
|
|
|