From e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Fri, 14 Dec 2018 07:28:30 +0000 Subject: [PATCH] Go into the error state if a fatal alert is sent or received If an application calls SSL_shutdown after a fatal alert has occured and then behaves different based on error codes from that function then the application may be vulnerable to a padding oracle. CVE-2019-1559 Reviewed-by: Richard Levitte --- ssl/d1_pkt.c | 1 + ssl/s3_pkt.c | 10 +++++++--- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c index 23aa9db..c7fe977 100644 --- a/ssl/d1_pkt.c +++ b/ssl/d1_pkt.c @@ -1309,6 +1309,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) ERR_add_error_data(2, "SSL alert number ", tmp); s->shutdown |= SSL_RECEIVED_SHUTDOWN; SSL_CTX_remove_session(s->session_ctx, s->session); + s->state = SSL_ST_ERR; return (0); } else { al = SSL_AD_ILLEGAL_PARAMETER; diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index 6527df8..830b723 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -1500,6 +1500,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) ERR_add_error_data(2, "SSL alert number ", tmp); s->shutdown |= SSL_RECEIVED_SHUTDOWN; SSL_CTX_remove_session(s->session_ctx, s->session); + s->state = SSL_ST_ERR; return (0); } else { al = SSL_AD_ILLEGAL_PARAMETER; @@ -1719,9 +1720,12 @@ int ssl3_send_alert(SSL *s, int level, int desc) * protocol_version alerts */ if (desc < 0) return -1; - /* If a fatal one, remove from cache */ - if ((level == 2) && (s->session != NULL)) - SSL_CTX_remove_session(s->session_ctx, s->session); + /* If a fatal one, remove from cache and go into the error state */ + if (level == SSL3_AL_FATAL) { + if (s->session != NULL) + SSL_CTX_remove_session(s->session_ctx, s->session); + s->state = SSL_ST_ERR; + } s->s3->alert_dispatch = 1; s->s3->send_alert[0] = level; -- 2.7.4 rsion 3 of the License, or (at ;;; your option) any later version. ;;; ;;; GNU Guix is distributed in the hope that it will be useful, but ;;; WITHOUT ANY WARRANTY; without even the implied warranty of ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ;;; GNU General Public License for more details. ;;; ;;; You should have received a copy of the GNU General Public License ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. (define-module (gnu system images rock64) #:use-module (gnu bootloader) #:use-module (gnu bootloader u-boot) #:use-module (gnu image) #:use-module (gnu packages linux) #:use-module (guix platforms arm) #:use-module (gnu services) #:use-module (gnu services base) #:use-module (gnu services networking) #:use-module (gnu system) #:use-module (gnu system file-systems) #:use-module (gnu system image) #:use-module (srfi srfi-26) #:export (rock64-barebones-os rock64-image-type rock64-barebones-raw-image)) (define rock64-barebones-os (operating-system (host-name "jiehkkevarri") (timezone "Europe/Oslo") (locale "en_US.utf8") (bootloader (bootloader-configuration (bootloader u-boot-rock64-rk3328-bootloader) (targets '("/dev/sda")))) (initrd-modules '()) (kernel linux-libre-arm64-generic) (file-systems (cons (file-system (device (file-system-label "my-root")) (mount-point "/") (type "ext4")) %base-file-systems)) (services (append (list (service dhcp-client-service-type)) %base-services)))) (define rock64-image-type (image-type (name 'rock64-raw) (constructor (lambda (os) (image (inherit (raw-with-offset-disk-image (expt 2 24))) (operating-system os) (platform aarch64-linux)))))) (define rock64-barebones-raw-image (image (inherit (os+platform->image rock64-barebones-os aarch64-linux #:type rock64-image-type)) (name 'rock64-barebones-raw-image))) rock64-barebones-raw-image
generated by cgit