From c026101be0c3c1a66b64d21d0e8c1ba39bcfd254 Mon Sep 17 00:00:00 2001 From: erbsland-dev Date: Wed, 21 Aug 2024 18:18:58 +0200 Subject: [PATCH] Correct Alert Handling for Missing Compression Methods MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Fixes #7940: Updated the compression check logic to improve protocol compliance. The code now returns `SSL_AD_DECODE_ERROR` when no compression method is provided in the ClientHello message. It returns `SSL_AD_ILLEGAL_PARAMETER` if the “null” compression method (0x00) is missing. Additionally, refactored the related test code for enhanced readability and maintainability. Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/25255) --- ssl/statem/statem_srvr.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index b0a6bc42eec..db009f3b774 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -1683,7 +1683,6 @@ static int tls_early_post_process_client_hello(SSL_CONNECTION *s) unsigned int j; int i, al = SSL_AD_INTERNAL_ERROR; int protverr; - size_t loop; unsigned long id; #ifndef OPENSSL_NO_COMP SSL_COMP *comp = NULL; @@ -1924,16 +1923,18 @@ static int tls_early_post_process_client_hello(SSL_CONNECTION *s) OSSL_TRACE_END(TLS_CIPHER); } - for (loop = 0; loop < clienthello->compressions_len; loop++) { - if (clienthello->compressions[loop] == 0) - break; - } - - if (loop >= clienthello->compressions_len) { - /* no compress */ + /* At least one compression method must be preset. */ + if (clienthello->compressions_len == 0) { SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_NO_COMPRESSION_SPECIFIED); goto err; } + /* Make sure at least the null compression is supported. */ + if (memchr(clienthello->compressions, 0, + clienthello->compressions_len) == NULL) { + SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, + SSL_R_REQUIRED_COMPRESSION_ALGORITHM_MISSING); + goto err; + } if (s->options & SSL_OP_SAFARI_ECDHE_ECDSA_BUG) ssl_check_for_safari(s, clienthello); -- 2.47.2