Home | History | Annotate | Download | only in patches.chromium
      1 diff --git android-openssl.orig/ssl/d1_clnt.c android-openssl/ssl/d1_clnt.c
      2 index 7e8077e..735e544 100644
      3 --- android-openssl.orig/ssl/d1_clnt.c
      4 +++ android-openssl/ssl/d1_clnt.c
      5 @@ -874,7 +874,7 @@ int dtls1_client_hello(SSL *s)
      6  		*(p++)=0; /* Add the NULL method */
      7  
      8  #ifndef OPENSSL_NO_TLSEXT
      9 -		if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
     10 +		if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH, 0)) == NULL)
     11  			{
     12  			SSLerr(SSL_F_DTLS1_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
     13  			goto err;
     14 diff --git android-openssl.orig/ssl/s23_clnt.c android-openssl/ssl/s23_clnt.c
     15 index 08ee86d..750d208 100644
     16 --- android-openssl.orig/ssl/s23_clnt.c
     17 +++ android-openssl/ssl/s23_clnt.c
     18 @@ -467,9 +467,9 @@ static int ssl23_client_hello(SSL *s)
     19  			/* create Client Hello in SSL 3.0/TLS 1.0 format */
     20  
     21  			/* do the record header (5 bytes) and handshake message
     22 -			 * header (4 bytes) last. Note: the code to add the
     23 -			 * padding extension in t1_lib.c depends on the size of
     24 -			 * this prefix. */
     25 +			 * header (4 bytes) last. Note: the final argument to
     26 +			 * ssl_add_clienthello_tlsext below depends on the size
     27 +			 * of this prefix. */
     28  			d = p = &(buf[9]);
     29  			
     30  			*(p++) = version_major;
     31 @@ -526,7 +526,10 @@ static int ssl23_client_hello(SSL *s)
     32  				SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT);
     33  				return -1;
     34  				}
     35 -			if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
     36 +			/* The buffer includes the 5 byte record header, so
     37 +			 * subtract it to compute hlen for
     38 +			 * ssl_add_clienthello_tlsext. */
     39 +			if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH, p-buf-5)) == NULL)
     40  				{
     41  				SSLerr(SSL_F_SSL23_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
     42  				return -1;
     43 diff --git android-openssl.orig/ssl/s3_clnt.c android-openssl/ssl/s3_clnt.c
     44 index d1b3224..640df80 100644
     45 --- android-openssl.orig/ssl/s3_clnt.c
     46 +++ android-openssl/ssl/s3_clnt.c
     47 @@ -759,7 +759,7 @@ int ssl3_client_hello(SSL *s)
     48  			goto err;
     49  
     50  		/* Do the message type and length last.
     51 -		 * Note: the code to add the padding extension in t1_lib.c
     52 +		 * Note: the final argument to ssl_add_clienthello_tlsext below
     53  		 * depends on the size of this prefix. */
     54  		d=p= &(buf[4]);
     55  
     56 @@ -867,7 +867,7 @@ int ssl3_client_hello(SSL *s)
     57  			SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT);
     58  			goto err;
     59  			}
     60 -		if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
     61 +		if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH, p-buf)) == NULL)
     62  			{
     63  			SSLerr(SSL_F_SSL3_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
     64  			goto err;
     65 diff --git android-openssl.orig/ssl/ssl_locl.h android-openssl/ssl/ssl_locl.h
     66 index 4e27d9e..531a291 100644
     67 --- android-openssl.orig/ssl/ssl_locl.h
     68 +++ android-openssl/ssl/ssl_locl.h
     69 @@ -1127,7 +1127,7 @@ int tls1_ec_nid2curve_id(int nid);
     70  #endif /* OPENSSL_NO_EC */
     71  
     72  #ifndef OPENSSL_NO_TLSEXT
     73 -unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit); 
     74 +unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit, size_t header_len);
     75  unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit); 
     76  int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n, int *al);
     77  int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n, int *al);
     78 diff --git android-openssl.orig/ssl/t1_lib.c android-openssl/ssl/t1_lib.c
     79 index a53d56b..3fe6612 100644
     80 --- android-openssl.orig/ssl/t1_lib.c
     81 +++ android-openssl/ssl/t1_lib.c
     82 @@ -341,7 +341,10 @@ int tls12_get_req_sig_algs(SSL *s, unsigned char *p)
     83  	return (int)slen;
     84  	}
     85  
     86 -unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit)
     87 +/* header_len is the length of the ClientHello header written so far, used to
     88 + * compute padding. It does not include the record header. Pass 0 if no padding
     89 + * is to be done. */
     90 +unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit, size_t header_len)
     91  	{
     92  	int extdatalen=0;
     93  	unsigned char *orig = buf;
     94 @@ -664,27 +667,25 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, unsigned c
     95  
     96  	/* Add padding to workaround bugs in F5 terminators.
     97  	 * See https://tools.ietf.org/html/draft-agl-tls-padding-02 */
     98 -	{
     99 -	int hlen = ret - (unsigned char *)s->init_buf->data;
    100 -	/* The code in s23_clnt.c to build ClientHello messages includes the
    101 -	 * 5-byte record header in the buffer, while the code in s3_clnt.c does
    102 -	 * not. */
    103 -	if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
    104 -		hlen -= 5;
    105 -	if (hlen > 0xff && hlen < 0x200)
    106 +	if (header_len > 0)
    107  		{
    108 -		hlen = 0x200 - hlen;
    109 -		if (hlen >= 4)
    110 -			hlen -= 4;
    111 -		else
    112 -			hlen = 0;
    113 +		header_len += ret - orig;
    114 +		if (header_len > 0xff && header_len < 0x200)
    115 +			{
    116 +			size_t padding_len = 0x200 - header_len;
    117 +			if (padding_len >= 4)
    118 +				padding_len -= 4;
    119 +			else
    120 +				padding_len = 0;
    121 +			if (limit - ret - 4 - (long)padding_len < 0)
    122 +				return NULL;
    123  
    124 -		s2n(TLSEXT_TYPE_padding, ret);
    125 -		s2n(hlen, ret);
    126 -		memset(ret, 0, hlen);
    127 -		ret += hlen;
    128 +			s2n(TLSEXT_TYPE_padding, ret);
    129 +			s2n(padding_len, ret);
    130 +			memset(ret, 0, padding_len);
    131 +			ret += padding_len;
    132 +			}
    133  		}
    134 -	}
    135  
    136  
    137  	if ((extdatalen = ret-orig-2)== 0) 
    138