summaryrefslogtreecommitdiffstats
path: root/package/libs
diff options
context:
space:
mode:
authorjow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73>2012-10-09 16:41:36 +0000
committerjow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73>2012-10-09 16:41:36 +0000
commit2d3881cc2e30025b0702e6c5888d411b0d5d9fc1 (patch)
tree07dc533cba811ac4030bc23d66c2a65ceb0529de /package/libs
parent5d11e4a29aaf23c6f473e6b0f9d60479255059e1 (diff)
[package] cyassl: add a patch to better check legacy SSLv2 client hello records
If junk data is received during SSL_accept(), cyassl will treat it as legacy SSLv2 record without performing further plausibility checks. Change the legacy code path to return UNKNOWN_HANDSHAKE_TYPE if the value of the third byte isn't 0x01 the hello message type. git-svn-id: svn://svn.openwrt.org/openwrt/trunk@33675 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'package/libs')
-rw-r--r--package/libs/cyassl/Makefile4
-rw-r--r--package/libs/cyassl/patches/200-SSL_accept-handle-hello-garbage.patch13
2 files changed, 15 insertions, 2 deletions
diff --git a/package/libs/cyassl/Makefile b/package/libs/cyassl/Makefile
index 442186aac..063e57216 100644
--- a/package/libs/cyassl/Makefile
+++ b/package/libs/cyassl/Makefile
@@ -1,5 +1,5 @@
#
-# Copyright (C) 2006-2010 OpenWrt.org
+# Copyright (C) 2006-2012 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=cyassl
PKG_VERSION:=1.6.5
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).zip
PKG_SOURCE_URL:=http://www.yassl.com/
diff --git a/package/libs/cyassl/patches/200-SSL_accept-handle-hello-garbage.patch b/package/libs/cyassl/patches/200-SSL_accept-handle-hello-garbage.patch
new file mode 100644
index 000000000..4a6b8da67
--- /dev/null
+++ b/package/libs/cyassl/patches/200-SSL_accept-handle-hello-garbage.patch
@@ -0,0 +1,13 @@
+--- a/src/cyassl_int.c
++++ b/src/cyassl_int.c
+@@ -1588,6 +1588,10 @@
+ b1 =
+ ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx++];
+ ssl->curSize = ((b0 & 0x7f) << 8) | b1;
++
++ /* does not appear to a be a SSLv2 client hello */
++ if ( ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx] != 1 )
++ return UNKNOWN_HANDSHAKE_TYPE;
+ }
+ else {
+ ssl->options.processReply = getRecordLayerHeader;