summaryrefslogtreecommitdiff
path: root/openssl/ssl
diff options
context:
space:
mode:
authoragl@chromium.org <agl@chromium.org@4ff67af0-8c30-449e-8e8b-ad334ec8d88c>2014-01-07 18:08:41 +0000
committeragl@chromium.org <agl@chromium.org@4ff67af0-8c30-449e-8e8b-ad334ec8d88c>2014-01-07 18:08:41 +0000
commit83c0f1514458cf987e7b971f77cc1a0c0971e66e (patch)
tree38d0e0b27e92f7a40be1be89776facd4772959be /openssl/ssl
parent371ef2c21ab87acff683350f491a47e79b66a44f (diff)
downloadopenssl-83c0f1514458cf987e7b971f77cc1a0c0971e66e.tar.gz
OpenSSL: add support for the TLS padding extension.
This works around a bug in some versions of F5 devices that causes the connection to hang when the ClientHello record is between 256 and 511 bytes long. https://tools.ietf.org/html/draft-agl-tls-padding-02 Based on the upstream patch to do the same thing: 0467ea68624450ecece4cde0d5803499aaff19c2 BUG=none https://codereview.chromium.org/112933006 git-svn-id: http://src.chromium.org/svn/trunk/deps/third_party/openssl@243334 4ff67af0-8c30-449e-8e8b-ad334ec8d88c
Diffstat (limited to 'openssl/ssl')
-rw-r--r--openssl/ssl/s23_clnt.c5
-rw-r--r--openssl/ssl/s3_clnt.c4
-rw-r--r--openssl/ssl/t1_lib.c25
-rw-r--r--openssl/ssl/tls1.h4
4 files changed, 36 insertions, 2 deletions
diff --git a/openssl/ssl/s23_clnt.c b/openssl/ssl/s23_clnt.c
index 2d0f51d..08ee86d 100644
--- a/openssl/ssl/s23_clnt.c
+++ b/openssl/ssl/s23_clnt.c
@@ -466,7 +466,10 @@ static int ssl23_client_hello(SSL *s)
{
/* create Client Hello in SSL 3.0/TLS 1.0 format */
- /* do the record header (5 bytes) and handshake message header (4 bytes) last */
+ /* do the record header (5 bytes) and handshake message
+ * header (4 bytes) last. Note: the code to add the
+ * padding extension in t1_lib.c depends on the size of
+ * this prefix. */
d = p = &(buf[9]);
*(p++) = version_major;
diff --git a/openssl/ssl/s3_clnt.c b/openssl/ssl/s3_clnt.c
index 85ffd67..e47eef1 100644
--- a/openssl/ssl/s3_clnt.c
+++ b/openssl/ssl/s3_clnt.c
@@ -757,7 +757,9 @@ int ssl3_client_hello(SSL *s)
if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
goto err;
- /* Do the message type and length last */
+ /* Do the message type and length last.
+ * Note: the code to add the padding extension in t1_lib.c
+ * depends on the size of this prefix. */
d=p= &(buf[4]);
/* version indicates the negotiated version: for example from
diff --git a/openssl/ssl/t1_lib.c b/openssl/ssl/t1_lib.c
index f447f22..7a507f9 100644
--- a/openssl/ssl/t1_lib.c
+++ b/openssl/ssl/t1_lib.c
@@ -661,6 +661,31 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
}
#endif
+ /* Add padding to workaround bugs in F5 terminators.
+ * See https://tools.ietf.org/html/draft-agl-tls-padding-02 */
+ {
+ int hlen = ret - (unsigned char *)s->init_buf->data;
+ /* The code in s23_clnt.c to build ClientHello messages includes the
+ * 5-byte record header in the buffer, while the code in s3_clnt.c does
+ * not. */
+ if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
+ hlen -= 5;
+ if (hlen > 0xff && hlen < 0x200)
+ {
+ hlen = 0x200 - hlen;
+ if (hlen >= 4)
+ hlen -= 4;
+ else
+ hlen = 0;
+
+ s2n(TLSEXT_TYPE_padding, ret);
+ s2n(hlen, ret);
+ memset(ret, 0, hlen);
+ ret += hlen;
+ }
+ }
+
+
if ((extdatalen = ret-p-2)== 0)
return p;
diff --git a/openssl/ssl/tls1.h b/openssl/ssl/tls1.h
index 0ce0193..6070e13 100644
--- a/openssl/ssl/tls1.h
+++ b/openssl/ssl/tls1.h
@@ -251,6 +251,10 @@ extern "C" {
/* This is not an IANA defined extension number */
#define TLSEXT_TYPE_channel_id 30031
+/* See https://tools.ietf.org/html/draft-agl-tls-padding-02
+ * Number not yet IANA assigned. */
+#define TLSEXT_TYPE_padding 35655
+
/* NameType value from RFC 3546 */
#define TLSEXT_NAMETYPE_host_name 0
/* status request value from RFC 3546 */