Don't create an invalid CertificateRequest (434af36f) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

ssl/s3_srvr.c

+15 −0

Original line number	Diff line number	Diff line
		@@ -2091,6 +2091,11 @@ int ssl3_send_certificate_request(SSL *s)
		if (SSL_USE_SIGALGS(s)) {
		const unsigned char *psigs;
		nl = tls12_get_psigalgs(s, 1, &psigs);
		if (nl > SSL_MAX_2_BYTE_LEN) {
		SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,
		SSL_R_LENGTH_TOO_LONG);
		goto err;
		}
		s2n(nl, p);
		memcpy(p, psigs, nl);
		p += nl;
		@@ -2107,6 +2112,11 @@ int ssl3_send_certificate_request(SSL *s)
		for (i = 0; i < sk_X509_NAME_num(sk); i++) {
		name = sk_X509_NAME_value(sk, i);
		j = i2d_X509_NAME(name, NULL);
		if (j > SSL_MAX_2_BYTE_LEN) {
		SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,
		SSL_R_LENGTH_TOO_LONG);
		goto err;
		}
		if (!BUF_MEM_grow_clean
		(buf, SSL_HM_HEADER_LENGTH(s) + n + j + 2)) {
		SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,
		@@ -2128,6 +2138,11 @@ int ssl3_send_certificate_request(SSL *s)
		n += j;
		nl += j;
		}
		if (nl > SSL_MAX_2_BYTE_LEN) {
		SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,
		SSL_R_LENGTH_TOO_LONG);
		goto err;
		}
		}
		}
		/* else no CA names */

+1 −0

Original line number	Diff line number	Diff line
		@@ -2954,6 +2954,7 @@ void ERR_load_SSL_strings(void);
		# define SSL_R_KRB5_S_TKT_NYV 294
		# define SSL_R_KRB5_S_TKT_SKEW 295
		# define SSL_R_LENGTH_MISMATCH 159
		# define SSL_R_LENGTH_TOO_LONG 404
		# define SSL_R_LENGTH_TOO_SHORT 160
		# define SSL_R_LIBRARY_BUG 274
		# define SSL_R_LIBRARY_HAS_NO_CIPHERS 161

+2 −0